Configuration issue on host after vSphere updates applied in vsn 6.0

Good morning,

I applied the most recent set of patches to one of my vSphere hosts last night (SuperMicro SYS-5028D-TN4T) and in the vSphere client this morning I'm seeing a Configuration Issues popup:

XXX esx.problem.hyperthreading.unmitigated.formatOnHost not found XXX

Tried searching a log bundle through the vSphere Web client and couldn't locate this in the bundle for that host.  

Any ideas what this is about?  I'm seeing Hyperthreading Active on this host.

vSphere 6.0 Essentials on this box(VMware ESXi, 6.0.0, 9313334)

Thanks!

--Ben
Ben ConnerCTO, SAS developerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Have you read through ALL the notes about the latest patched for Intel CPU code issues ?

There are two attack vectors for this Security Flaw...

Sequential and Concurrent.

You need to patch vCenter Server FIRST (for Sequential), and then ESXi Hosts (for Concurrent) , and then you need to configure ESXi hosts!


But to complete you also need to apply ESXi Side-Channel-Aware Schedule, and that's what vCenter Server is stating -  

VMkernel.Boot.hyperthreadingMitigation

Well you best follow the workflow.....now you've started by patching vCenter, and ESXi host.

BUT check CAPACITY before you continue...

did you run - HTA Mitigation Tool  ?

or have you just jumped in and patched vCenter Server and ESXi ?

You really should understand, what you are enabling, before doing it, as performance could be worse. Hence why VMware has produced a tool -  HTA Mitigation Tool

e.g. Capacity can be affected after APPLYING patches, resulting in maybe purchasing a new HOST!

At present we have held off, applying patches, just to waiting for " Pengins to jump off iceberg"

I also Answered a Question here...

https://www.experts-exchange.com/questions/29114650/Intel-Vulnerability-Foreshadow-L1-Terminal-Fault.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ben ConnerCTO, SAS developerAuthor Commented:
Wow.  Wasn't aware of any of this;  didn't realize I'd have to vet critical patches.  Incredible.  

Thanks, Andrew!

--Ben
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Recently, these Intel CPU fixes, have been quite time consuming to get fixed, and can cause performance issues after applying..

best to regularly check VMware site for info, or EE!

Have a good day, glad to help you.
0
Ben ConnerCTO, SAS developerAuthor Commented:
Fortunately our cpu load is pretty low, but I may need to increase memory on this host.  Checking in to that now.

Thanks again, Andrew!

--Ben
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.