Configuration issue on host after vSphere updates applied in vsn 6.0

Ben Conner
Ben Conner used Ask the Experts™
on
Good morning,

I applied the most recent set of patches to one of my vSphere hosts last night (SuperMicro SYS-5028D-TN4T) and in the vSphere client this morning I'm seeing a Configuration Issues popup:

XXX esx.problem.hyperthreading.unmitigated.formatOnHost not found XXX

Tried searching a log bundle through the vSphere Web client and couldn't locate this in the bundle for that host.  

Any ideas what this is about?  I'm seeing Hyperthreading Active on this host.

vSphere 6.0 Essentials on this box(VMware ESXi, 6.0.0, 9313334)

Thanks!

--Ben
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
VMware and Virtualization Consultant
Fellow 2018
Expert of the Year 2017
Commented:
Have you read through ALL the notes about the latest patched for Intel CPU code issues ?

There are two attack vectors for this Security Flaw...

Sequential and Concurrent.

You need to patch vCenter Server FIRST (for Sequential), and then ESXi Hosts (for Concurrent) , and then you need to configure ESXi hosts!


But to complete you also need to apply ESXi Side-Channel-Aware Schedule, and that's what vCenter Server is stating -  

VMkernel.Boot.hyperthreadingMitigation

Well you best follow the workflow.....now you've started by patching vCenter, and ESXi host.

BUT check CAPACITY before you continue...

did you run - HTA Mitigation Tool  ?

or have you just jumped in and patched vCenter Server and ESXi ?

You really should understand, what you are enabling, before doing it, as performance could be worse. Hence why VMware has produced a tool -  HTA Mitigation Tool

e.g. Capacity can be affected after APPLYING patches, resulting in maybe purchasing a new HOST!

At present we have held off, applying patches, just to waiting for " Pengins to jump off iceberg"

I also Answered a Question here...

https://www.experts-exchange.com/questions/29114650/Intel-Vulnerability-Foreshadow-L1-Terminal-Fault.html
Ben ConnerCTO, SAS developer

Author

Commented:
Wow.  Wasn't aware of any of this;  didn't realize I'd have to vet critical patches.  Incredible.  

Thanks, Andrew!

--Ben
Andrew Hancock (VMware vExpert / EE Fellow)VMware and Virtualization Consultant
Fellow 2018
Expert of the Year 2017

Commented:
Recently, these Intel CPU fixes, have been quite time consuming to get fixed, and can cause performance issues after applying..

best to regularly check VMware site for info, or EE!

Have a good day, glad to help you.
Ben ConnerCTO, SAS developer

Author

Commented:
Fortunately our cpu load is pretty low, but I may need to increase memory on this host.  Checking in to that now.

Thanks again, Andrew!

--Ben

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial