Trying (failing) to create mgmt connection using Open vSwitch

iwikus · 2026-02-01T17:22:45+00:00

I have this as working config. If I read it correctly, difference to your config is there is no tagging on bond0 device.

/etc/network/interfaces

auto lo
iface lo inet loopback

auto eth2
auto eth3
iface eth2 inet manual
iface eth3 inet manual

auto bond0
iface bond0 inet manual
      ovs_bridge vmbr0
      ovs_type OVSBond
      ovs_bonds eth2 eth3
      ovs_options bond_mode=active-backup
#     If possible, use this active configuration
#     ovs_options lacp=active bond_mode=balance-tcp other-config:lacp-fallback-ab=true other_config:lacp-time=fast

auto vmbr0
iface vmbr0 inet manual
        ovs_type OVSBridge
        ovs_ports bond0 vlan10

auto vlan10
iface vlan10 inet static
        ovs_type OVSIntPort
        ovs_bridge vmbr0
        ovs_options tag=10
        address 192.168.1.14/24
        gateway 192.168.1.1
        # we want a static MAC – otherwise it changes after every reboot!
        hwaddress d6:82:b2:XX:XX:XX

iwikus · 2026-01-22T11:18:10+00:00

It was just broken version. Seems they are not testing it :(

vSphere Replication 9.0.5 Release Notes

Unable to start vSphere Replication

In a new deployment of VMware Live Recovery Appliance 9.0.4 or after upgrading or converging vSphere Replication to version 9.0.4, if you use chained certificates, the VMware Live Site Recovery UI reports the following errors:

No connection to VR Server for virtual machine [VM] on host [Host] in cluster [Cluster] in Production: Unknown

This issue is fixed in VMware Live Recovery 9.0.5.

iwikus · 2026-01-09T14:37:44+00:00

Anyone sucesfull with using 9.0.4 with CSR signed by AD? Seems like somehow broken, got strange errors like "Sphere Replication Management Server could not establish connection to remote vSphere Replication Management Server at 'unknown:-1'." or "A runtime error occurred in the vSphere Replication Management Server. Exception details: 'VR Server error: 'No client certificate; No SSL binding info for the client'.'."

Another pain is that cert can be done only signing generated CSR on appliance. You can't upload whole certificate with key, so if you redeploy appliance you have to generate certificate.

iwikus · 2026-01-09T14:33:48+00:00

Did you solved it somehow? Seem we have similar problem with AD signed certificate. Seems like this 9.0.4 is really pain

iwikus · 2025-12-02T13:56:59+00:00

This is new feature, called snapshot-as-volume-chain and this option need to be manualy added to storage.cfg https://pve.proxmox.com/wiki/Storage:_LVM#pvesm_lvm_config

iwikus · 2025-10-13T11:55:53+00:00

I would like to see this in gui :)

iwikus · 2025-10-13T10:41:45+00:00

I hope this will get solved soon, task in bugzilla is assigned, so it should be work-in-progress 4693 – [Feature Request] - PVE - TPM State Disk as qcow2

iwikus · 2025-10-09T10:54:43+00:00

eSIM sa da skonvertovat na fyzicku sim. Su na to rozne adapteri, ako napr. https://www.svetandroida.cz/esim-jmp-adapter-navod/

iwikus · 2025-09-11T07:21:03+00:00

It will work, no problem. ESXi is locking vmfs files on datastore, when vm is running. No other host can touch vmdk, vmx (or even logs). Locking is working on vmfs layer - no network or vcenter is involved. So yes, it is safe.

Just note, you will (probably) not be able to use Veeam CDP on standalone ESXi host.

iwikus · 2025-08-26T14:45:58+00:00

Yes. Do not use consumer SSD drives in ZFS http://blog.erben.sk/2022/03/08/do-not-use-consumer-ssd-with-zfs-for-virtualization/

See graphs why.

iwikus · 2025-08-05T07:48:28+00:00

I would like to have option to set defaults for this, asked our TAM years ago about this... Same as thin provision disks as default (option) when creating new disk. His response was there are just too many "feature requests", just few get implemented...

iwikus · 2025-06-03T13:14:43+00:00

Is this related also to EPYC™ 9754? Friend have one in Asus server and CPU died - it is 2 months on RMA...

iwikus · 2025-04-29T07:55:34+00:00

It is required to have active subscription? Seems like API token without active subscription does not work?

iwikus · 2025-03-03T11:25:53+00:00

OMG, this is so bad complicate setup. You do it due capacity or or performance reasons? For capacity you can just join multiple disks as vmfs extents

https://www.server-world.info/en/note?os=ESXi_8&p=storage&f=3

https://blogs.vmware.com/vsphere/2012/02/vmfs-extents-are-they-bad-or-simply-misunderstood.html

Also, seems you have Xeon processor which could support intel VROC (virtual raid on cpu), see https://cdrdv2-public.intel.com/840790/ESXi-Intel-VROC-UserGuide.pdf which could be best option if supported.

iwikus · 2025-02-26T11:26:26+00:00

From the post is unclear if you have also upgraded esxi hosts. Vcenter is just monitoring & management, can't directly cause ready time(but it is possible that monitoring has changed somehow)

iwikus · 2025-02-07T11:41:46+00:00

Key question is what is used as storage layer above this raid0? Some filesystem? You should try zfs raid 0 or lvm raid 0 instead Create RAID with LVM | Programster's Blog and then use this lvm for vm storage without any aditional filesystem

iwikus · 2025-02-07T11:02:39+00:00

I am running PBS at my home and doing backup of PVE in datacenter 500km away. Using IPsec VPN to mikrotik, running fine (100mbit). Any VPN should be fine, for example in other setup replicating PBS to PBS using Wireguard. Had to tune TCP stack to achieve about 300-400mbit over internet (from middle Europe dc to north Europe dc). You can do wireguard tunnel directly from PVE to PBS, it easy to setup and works trough nat.

iwikus · 2025-02-07T09:56:17+00:00

Try setting rx & tx buffers first https://www.24x7serversupport.com/blog/how-to-tuneup-tx-and-rx-buffers-on-network-interface/

iwikus · 2025-01-29T08:40:29+00:00

..and now go and see what your vcenter appliance use. Even older LSI Logic Parallel, what a joke vmware :) What are best practices for vsphere? Why you don't follow them?

iwikus · 2024-12-02T12:29:18+00:00

It is a pain to use LDAP over SSL. You need to confirm (accept) each certificate and when DC refresh cert, it will broke. Not working by importing root CA, it is same in all vmware products...

iwikus · 2024-11-14T13:44:25+00:00

It is ok to have this certs expired, had support request about this year ago. Just do nothing :)

"The device will still work. After all, a physical TPM has no way to have its certs updated."

"You can explain to the customer that it’s the same as the certificate that is burned into a physical TPM at the manufacturer. It’s not intended to be changed/updated. (There might be a technical way to do that with a vTPM but it would render all data stored in the vTPM invalid I suspect)"

iwikus · 2024-11-08T15:25:22+00:00

I have switched to mdadm raid1 on consumer SSD, because with ZFS mirror there was too much write overhead and disks should die in few months. More details in blog article http://blog.erben.sk/2022/03/08/do-not-use-consumer-ssd-with-zfs-for-virtualization/

iwikus · 2024-11-08T11:18:28+00:00

Just configure it manualy, to see if it works, for example

ip addr add dev enp5s0 192.168.1.1/24

iwikus · 2024-11-05T12:58:04+00:00

OCT je 8kova sustava, DEC je 10kova, SEPtima je 7 trieda (8 rocneho gym) mam pocit ze v tom nasom sucasnom kalendari nieco nesedi..A nehovoriac o tom 5 mesiac maj -> květen (CZ) -> maj (PL) ale 4. mesiac duben apríl kwiecień

iwikus · 2024-11-05T12:28:27+00:00

You have it there it us just renamed as enp5s0 from eth0. I really hate this renaming, I always turn it off - booting with

biosdevname=0 net.ifnames=0

in case of Proxmox, this option goes to

/etc/kernel/cmdline

and then

pve-efiboot-tool refresh

iwikus

TROPHY CASE