Monthly Archives: March 2016

  • 0

VSAN in the Home Lab – Part 2 (Benchmarks)


The OCD in me couldn’t go through this blog post with an ‘old’ version of VSAN.  VMware just released VSAN 2.0 with vSphere 6 update 2.  My vCenter and the ESXI hosts have now been updated.   For a nice blog on what’s new, you can read this – (


In Part 1 of this series I went through Enabling and Configuring VSAN.  Now that we have an operational Datastore, we need to figure out if it’s actually usable.  Don’t get me wrong, I’m sure it’s functional and operational, but don’t we want to see how this bad boy performs?  Just to refresh your memory we are running 1x HDD and 1xSSD on each host in a 3x host configuration.  Obviously if performance is your main goal, you should make the disk group 100% SSD based.

The past couple years I’ve used a few 3rd party tools to diagnose/benchmark performance.  For this blog post I’ll be taking a look at Iometer, VSAN Performance stats (integrated with VSAN), and CrystalDiskMark.  I’m all ears if anyone has any suggestions on additional programs (free) or specific tweaks with the current tools for better real world scenarios.  I do understand that we could tweak and try different tests for the next year.  So hopefully these couple of tests provide us a simple ‘overview’.

One thing to note: The performance numbers in my lab may be different than the performance numbers in your lab/environment.  This is due to differences in hardware, disk type, storage, etc…  So, what I’m trying to say is, don’t shoot the messenger.

Test Scenario:

  • Windows 8.1 Virtual Machine
    • patched
  • 2vCPU
  • 8GB Memory
  • C:\ on VSAN Datastore
  • E:\ on VSAN Datastore
  • F:\ on FreeNAS Datastore

I’ve decided to run my tests side by side my FreeNAS box.  This is my primary storage in my HomeLab.

FreeNAS Host:

  • HP Proliant DL160 G6
  • 24GB Memory
  • 16vCPU w/ Hyperthreading
  • 1Gbps Network
  • 4x Western Digital black 3.5 7200 RPM 1TB Sata Drives (Raid 10)
  • FreeNAS is my current storage location that houses around 20 running Virtual Machines.  I don’t have any excessive performance VMs/Jobs running at the moment.

Let’s start with Iometer. A proven diagnosing/benchmarking tool since early 2000’s.  For the past couple year’s I’ve been using the Atlantis article ( to configure Iometer parameters that mirror data reads/writes to a VDI/Xenapp environment.

Iometer Results: 


CrystalDiskMark Results:

  • Seq – long, sequential operations. For SQL Server, this is somewhat akin to doing backups or doing table scans of perfectly defragmented data, like a data warehouse.
  • 512K – random large operations one at a time.  This doesn’t really match up to how SQL Server works.
  • 4K – random tiny operations one at a time.  This is somewhat akin to a lightly loaded OLTP server.
  • 4K QD32T1 – (Queue Depth 32 and 1 thread) random tiny operations, but many done at a time.  This is somewhat akin to an active OLTP server.



VSAN Storage Performance Test (Stress Test – 5 Min Duration – Default VM Storage Policy):

VSAN-Integrated Performance-StressTest

VSAN Storage Performance Test (Low Stress Test – 5 Min Duration – Default VM Storage Policy):

VSAN-Integrated Performance-LowStressTest


VSAN 6.2 is a great product.  It’s getting better and more feature rich by the release.  This release alone added so much more health/performance/diagnostic information than ever before.  Also, Deduplication and Compression, which were disabled in my tests, shipped as well.  I’m looking forward to the progression of this software and have no doubt VMware will continue improving it.  As for my opinion on using VSAN as my preferred HomeLab storage solution? I think I’ll wait a bit longer, but something I’ll keep my eye on.


  • 0

VSAN in the Home Lab – Part 1

Storage is one of the building blocks for having a solid foundation.   Even in a Home Lab you need something you can depend on.  Without a solid performing storage solution the experience will suffer and no matter how great the application is written, it won’t function.

In this blog post i’ll walk through the process of enabling, configuring, and health checking VMware VSAN.   In Part 2 of this series I’ll give a bit more insight into the performance with IOPs/Throughput/Latency metrics.

A lot of times the hardware is just as important as the software running it.  Unfortunately I don’t have the luxury for best in class hosts, but they should suffice.

  • Host 1:
    • HP Proliant DL160 G6
      • 64GB of Memory
      • 16vCPU including HT
      • 1Gbps Network
      • Kingston SSD 240GB
      • Seagate 150GB 7200RPM
  • Host 2
    • HP Proliant DL160 G6
      • 48GB Memory
      • 16vCPU including HT
      • 1Gbps Network
      • Kingston SSD 240GB
      • Western Digital 600GB 10k SAS
  • Host 3
    • HP Proliant SE316M1 (Basically a G6 with 2.5 bays instead of 3.5)
      • 24GB Memory
      • 16vCPU including HT
      • 1Gbps Network
      • Samsung 850 SSD – 250GB
      • Western Digital 600GB 10k SAS

Well let’s get started shall we.

  1. Let’s Enable VSAN on the cluster
    1. ENABLE-vsan
    2. I chose the manual approach as I don’t want all disks added.
  2. Enable VSAN on the VMkernel adapters
    1. ENABLE-vsan-vmkernel
  3. If you are using disks that are re-purposed then they might have partitions on them already.  If so, delete the partitions.
    1. ENABLE-vsan-erase
  4. Claim your disks, which is composed of a HDD/SSD tier or an all SSD tier.
    1. ENABLE-vsan-capacity
    2. This automatically added each Host/Disk to one Grouping called ‘Group 1’,

I’d like to say everything worked fine and dandy off the bat, but that wasn’t the case.  I kept getting the error below.  Tried disabling/enabling VSAN, re-configuring VM Storage policy, adjusting fault domains, checking VSAN health, etc…  In the end I had to remove the disk group from each host.  I then recreated the disk group (#4).  After performing this I noticed a new number for my overall storage space increased from 700GB to 2.49TB.  Even better!  Everything seems to be functional now and the health checks are barking at me anymore.



You should now have a working Datastore that you can add VMs and data into.  You should know that there is a default VM Storage Policy applied to the VSAN datastore.  Should you find the need to tweak settings, you can go here (screenshot).  Visit this site for more information on the values (

From an overall perspective you can dive into the health of the VSAN components.  Simply go to the ENABLE-vsan-healthCluster/Monitor/VSAN.  Here you can see they have a few different tabs that paint an overall health picture.  From here you get a glimpse of how healthy your environment looks, as well as running a few performance tests to assess what kind of iops/latency you can expect.



In Part 2 of this blog post series I’ll run some additional performance tools to get a better understanding of how VSAN performs with this hardware.

Stay tuned!


  • 7



Many companies wish to customize portions or add their little quirks/branding to sections of the Netscaler Gateway/Unified Gateway logon page.  With the introduction of 11.x, customizing the logon page has became increasingly easy.


Netscaler-Disclaimer-EULAThis blog post will cover adding a disclaimer/footer to the logon page.  This can be done via the ‘EULA’ section of the NG.  This approach adds a ‘checkbox’ that you must check before you can continue.  However, you don’t actually need to read any part of the EULA/Disclaimer.   You can simply just check the box and continue on your way.  This might not be suitable for some companies as the user doesn’t need to actually read the text to continue.

You can use ‘Rewrite’ Policies to add a disclaimer/EULA/Footer to the logon page that is 100% shown all the time.  This Rewrite policy can be bound to any Netscaler Gateway vServer.  I’ll give you the commands to create the Rewrite policies.  This method is probably the easiest as the GUI is not intuitive enough to perform this without in-depth knowledge.  Not to mention the information/code seems to change for each version (10/10.1/10.5/11).  It would be great if Citrix documented this more thoroughly, or provided us a simple web gui that denotes each section of the logon page that corresponds to the Rewrite policy pattern.  As a bonus I added a URL to the bottom as well. (You’ll notice that I insert “+” every so often.  This is to get around the 255 character limit.)

Here are the 2 commands that you run:

add rewrite action rw_act_insert_loginfooter insert_before_all “HTTP.RES.BODY(120000).SET_TEXT_MODE(IGNORECASE)” q{ “var login_footer=$(\”<div style=’text-align:center;font-size:15px;color:white;’><br>US Government Notice and Consent. AUTHORIZED USE ONLY. <br><br>You are accessing a COMPANY system which provides access to a U.S. Government information system, which “+” includes: (1) this computer, (2) this computer network, (3) all computers connected to this network, and (4) all devices and storage media attached to this network or to a computer on this network. This information system is provided for U.S. “+” Government-authorized use only. Unauthorized or improper use of this system may result in disciplinary action, as well as civil and criminal penalties.<br><br>”+”By using this information system, you understand and consent to the following: You have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system. At any time, and for any lawful “+” Government purpose, the Government may monitor, intercept, and search and seize any communication or data transiting or stored on this information system. “+” Any communication or data transiting or stored on this information system may be disclosed or used for any lawful Government “+” purpose.<br><br><a style=’color:yellow;font-size:15px’ href=’’>Forgot Password</a></div>\”).appendTo(logonbox_container);”} -pattern “box_view.prepare_view();”

add rewrite policy rw_pol_insert_loginfooter “HTTP.REQ.URL.CONTAINS(\”gateway_login_view.js\”)” rw_act_insert_loginfooter

Next, you’ll go to the NG vServer in the GUI and add a binding for the Rewrite policy. Netscaler-Rewrite-Bind

Tip:  When testing to confirm everything worked, you’ll need to clear your browsers’ internet cache to see the changes right away.



That’s it.  You now have a working disclaimer.

For those doing two factor authentication, I haven’t found a way to change the 2nd password field using a Rewrite policy on 11.x.  For now you are better off creating a custom theme.