VMware vSphere

So...

I have vShield deployed.  vshield has a vApp VM which resides on each host.  When i put a host into maintenance mode, that vapp will automatically power down (it's the last one to shut off), and when that host comes out of maint mode, that VM automatically powers back on.  Works great.  never gets DRS'ed off the host, doesn't move on maintenance mode (get registered with another host)..

There are NO DRS affinity rules defined for this vapp, or any other type of affinity setting i can see.  this works regardless of DRS settings on the cluster.

next, Trend deep security (or any other AV which uses endpoint), also has an agent VM which must be deployed to each host. 

I have setup affinity rules to keep the apps on their individual host (which is annoying, as you have to create a group for each host, and a group for each app, then link the two together)..

this accomplishes the keeping the VM on the host.. however, when you enter maintenance mode, you have to manually power down this VM before the host can successfully enter maint mode.

I would love to have the Trend VM behave in the same manner as the vShield VM, but not sure how the vShield vm accomplishes the automation which it does.

Anyone have any ideas?

Thanks

Hi Sherrit,

Not sure if you tried the below option,

To enable the Virtual Machine Startup / Shutdown option:

1. Log in to the host directly using the vSphere Client.
2. Click the Configuration tab.
3. Click Virtual Machine Startup / Shutdown.
4. Click the Properties link.
5. Change the setting to Enabled.

Here is the KB

Thanks

@virtualdive

yes have added the VMs to the auto on/off groups, but that doesn't actually do anything in this case.  as the host is going to maint mode vs shutdown, it doesn't trigger a shutdown for the VM.

What I did, in that situation for a colleague was create an alarm, after a host went into maintenance mode. The trigger for that alarm was to run a script which shut down the individual (also Trend) VM still residing on that host.

Which version of vShield are you using? It's interesting behaviour to see that the vShield app doesn't need this kind of workaround.

@tomtom901

Vshield version is 5.5.0

it was an issue with the vShield appliance prior as well.. but after the upgrade, they started working in this mannor (which i love)..  Now if only i could figure out how they do it!.. lol

Dont suppose you could share the script you have tied into that alarm?  Sure i could figure it out, but i'm lazy  :smileyhappy:

hi

please have the vm startup and shutdown along with host and then set up anti-affinity rule to keep two VMs.

Yyou must edit the DRS cluster. To edit the DRS cluster:

1. Click Rules > Add.
2. Click the DRS Groups Manager tab.
   1. Click Add under Host DRS Groups to create a new Host DRS Group containing half of the ESX/ESXi hosts in the cluster. Create a second Host DRS Group containing the remaining hosts.
   2. Click Add under Virtual Machine DRS Groups to create a Virtual Machine DRS Group for each anti-affinity virtual machine.
   3. Click the Rule tab, from the Type drop-down menu, click Virtual Machines to Hosts.
   4. Select the first virtual machine from Cluster Vm Group > Must run on hosts in group.
   5. Select a host from the Cluster Host Group.
   6. Click Must run hosts in group.
   7. Select the second virtual machine from Cluster VM Group.
   8. Select the second host from the Cluster Host Group and click OK.

@kashifkarar01

HI, I've already created DRS affinity specifically between each agent and each host.  Host1 affinity to Agent1, Host2 affinity to Agent2, etc.

this prevents DRS vmotion from  migrating the VM from the host on 'enter maint', however, it dones't accomplish a power down of the host.  It simply puts the 'enter maint' command into a pause state until all VM's are powered off  (in other words, go manually shut down agent, then the host will continue the task and enter Maint mode)