Virtualization Adapted Adapting Business Processes for Virtual Infrastrcuture (and vice-versa)

2009/06/26

VMware ESX High Availability – Tips and Tricks

Filed under: virtualization — Tags: , , , , , , , , , — iben @ 22:15

VMware HA doesn’t work.

  1. Verify that host name is lowercase: hostname; hostname -s
  2. Verify that host name in /etc/hosts is lowercase
  3. Verify that search domain in /etc/resolv.conf is in lowercase
  4. Verify that host name in /etc/sysconfig/network is fqdn, all lowercase
  5. Verify that the host name in esx.conf is fqdn, all lowercase
  6. Verify that host name in DNS is lowercase: nslookup; <short hostname> (should properly resolve fqdn of host, all lowercase)
  7. Verify that all primary service consoles have the same name.
  8. Verify that all primary service consoles are in the same IP subnet.
  9. If VMotion vmkernel port is on same vSwitch as primary service console, use das.allowVmotionNetworks=1
  10. If host has multiple service consoles, use KB 1006541 and the das.allowNetwork0 HA option to ensure that only the primary service console is allowed.
  11. Verify that customer has appropriate licensing for HA, and has available licenses:  In LM Tools, perform a status inquiry, verify that cu is licensed for VC_DAS
  12. Once you have met all of the above criteria, enable HA.
  13. If, after you have verified all the above, and HA still won’t configure:
  1. On the host, stop vpxa: service vmware-vpxa stop
  2. The host will show not responding in VC after a while
  3. Disconnect the host from VC
  4. Re-connect the host to VC
  5. This will force the VPXA package to re-deploy, as well as the HA packages to re-deploy.
  6. Re-configure the hosts for HA.

Many thanks to: Kevin Riley [mailto:kriley@vmware.com]

See also:
http://vmwaretips.com/wp/2008/10/20/advanced-settings-for-vmware-ha/

http://blog.spudz.org/?p=388

http://kb.vmware.com/kb/1006541
As of VirtualCenter 2.5 Update 2 configuration of VMware High Availability fails.
An error similar to the following appears in the Tasks and Events detail:

HA agent on <esxhostname> in cluster <clustername> in <datacenter> has an error Incompatible HA Networks:

Cluster has network(s) missing on host: x.x.x.x

Consider using the Advanced Cluster Settings das.allowNetwork to control network usage.
das.allowVmotionNetworks
– Allows for a NIC that is used for VMotion networks to be considered
for VMware HA usage. This parameter enables a host that has only one
NIC configured for management and VMotion combined to be used in VMware
High Availability communication. By default, any VMotion network is
ignored.
das.allowNetwork[…] – Allows the use of port group names
to control the networks used for VMware HA. The value is set as the
name of the portgroup, for example, Service Console or Management
Network . When configured, the VMware HA cluster only uses the
specified networks for VMware HA communication.

To configure VMware HA to use the new settings:
Log in to VirtualCenter with the VI Client as an administrator.
Edit the settings of the cluster and deselect Enable VMware HA.
Click OK, and wait for the servers to unconfigure for VMware HA.
Click
ESX Server > Configuration > Networking on each of the ESX hosts
in the cluster and note the portgroups that are common between the
servers.
Edit the settings of the cluster, and select Enable VMware HA.
Click VMware HA.
Click Advanced Options.
Add the das.allowNetworkX option with a value of the portgroup name, where X is a number between 1 and 10,

IR: Wednesday, June 24, 2009

2009/06/21

Saturday Barbecue Recipes

Filed under: home — Tags: , , , , , , — iben @ 08:51

I was having a few people over for a barbecue yesterday and they asked about some of the recipes I followed. There are some basic staple foods we seem to have on hand all the time and spend some time each week to keep the fridge stocked up with jars of Beans and Salsa. We make the Rice and Salad fresh for each day. Sometimes the kids like Pasta or Potatoes too instead of the Rice.

4 cups rice, 4 garlic cloves, 4 serrano peppers, 4 teaspoons hot oil for 4 minutes, then 2 x 4 cups water and 4 spoons of seasoning, simmer for 20 minutes.

Prepping red tomatoes, green tomatillos, garlic, and serrano peppers for grilling on barbecue.

Green salsa is on the grill

Cucumbers, limes, red wine vinegar, salt, pepper = yummy salad

2009/06/20

virtualized active directory domain services

Filed under: virtualization — Tags: , , , , — iben @ 00:21

There are many customers we’re setup with virtualized active directory domain controllers. Windows 2003 at first and now Windows 2008 both work fine as Virtualized Domain Controllers.

Here are some of the links and notes that help as references…

–> http://www.vmware.com/files/pdf/Virtualizing_Windows_Active_Directory.pdf

An anti-affinity DRS rule is used when you want to keep 2 virtual machines on separate hosts when they provide a redundant service and locating them on the same host would eliminate that redundancy.

–>http://vmprofessional.com/2009/06/drs-and-anti-affinity-rules.html

The Virtual Machine on 64-Bit Windows Server

If using the x64 version of Windows Server 2003 or 2003 R2, one of the primary goals will be to contain the entire Active Directory database within the virtual machine’s RAM cache. On 64-bit Windows, employing 16 GB of RAM cache will accommodate a database of approximately 2.5 million users.
Caching the Active Directory database in 64-bit Windows will avoid performance hits related to certain disk operations. For a virtual machine that is a domain controller, adding, modifying, searching, deleting and update operations generally benefit significantly from caching. Write operations will always incur a slight penalty, regardless of whether a domain controller is running on a physical or virtual machine.
There is limited benefit for filling cache on 32-bit Windows for customers with large directories; in fact, in some cases this actually can exhaust kernel resources.

–> http:/viops.vmware.com/home/docs/DOC-1223

–> http:/xtravirt.com/xd10095
First Published: 17 June 2009
Windows 2008 Server and Windows 2008 Server R2 further refine the functionality with the service being renamed Active Directory Domain Services.

–> http://support.microsoft.com/kb/875495/
This article describes a condition that occurs when a domain controller that is running Microsoft Windows 2000 or Microsoft Windows Server 2003 starts from an Active Directory database that has been incorrectly restored or copied into place. This condition is known as an update sequence number rollback, or USN rollback. When a USN rollback occurs, modifications to objects and attributes that occur on one domain controller do not replicate to other domain controllers in the forest. Because replication partners believe that they have an up-to-date copy of the Active Directory database, monitoring and troubleshooting tools such as Repadmin.exe do not report any replication errors.

–> http://download3.vmware.com/vmworld/2006/tac9710.pdf
Here is a link to a VMworld 2006 Presentation titled TAC 9710 –
Virtualizing a Windows Active Directory Domain Infrastructure:
* Clock synchronization
* Network performance
* Multi-master replication model
* Security
* Potential single point of failure
* Disaster recovery

–> http://technet.microsoft.com/en-us/library/dd348449.aspx?ppud=4

# To help prevent a potential update sequence number (USN) rollback situation, see Appendix A: Virtualized Domain Controllers and Replication Issues.

–> http://technet.microsoft.com/en-us/library/dd348479(WS.10).aspx

— I b e n
iben.rodriguez – gmail
Follow me on http://twitter.com/iben

2009/06/15

Installing ESX or ESXi on older hardware

Filed under: virtualization — Tags: , , , — iben @ 16:13

I recently had opportunity to install VMware ESX on some old Dell hardware. These notes helped me move through the process.

VM-Help database of links: http://www.vm-help.com/esx/esx3.5/Whiteboxes_SATA_Controllers_for_ESX_3.5_3i.htm

How to enter nocheckCPUIDLimit on ESX with screen shots – http://communities.vmware.com/message/1136449#1136449
This is a two step process. Once for initial install from cd-rom and once for rebooting off hard drive. I did have to tweak it as it did not work 100% as advertised (see BrennanB post on April 27th).

Please let me know what other links worked for you and your old hardware.  Be sure to update vm-help with any feedback too!

I b e n

2009/06/06

VMware Storage VMotion

Filed under: virtualization — Tags: , , — iben @ 21:10

How Does VMware Storage VMotion Work?

VMware Storage VMotion allows virtual machine storage disks to be relocated to different datastore locations with no downtime, while being completely transparent to the virtual machine or the end user.

Before moving a virtual machines disk file, Storage VMotion moves the “home directory” of the virtual machine to the new location. The home directory contains meta data about the virtual machine (configuration, swap and log files). After relocating the home directory, Storage VMotion copies the contents of the entire virtual machine storage disk file to the destination storage host, leveraging “changed block tracking” to maintain data integrity during the migration process. Next, the software queries the changed block tracking module to determine what regions of the disk were written to during the first iteration, and then performs a second iteration of copy, where those regions that were changed during the first iteration copy (there can be several more iterations).

Once the process is complete, the virtual machine is quickly suspended and resumed so that it can begin using the virtual machine home directory and disk file on the destination datastore location. Before VMware ESX allows the virtual machine to start running again, the final changed regions of the source disk are copied over to the destination and the source home and disks are removed.

This approach guarantees complete transactional integrity and is fast enough to be unnoticeable to the end user.

VMware White Paper on Storage vMotion – http://www.vmware.com/files/pdf/storage_vmotion_datasheet.pdf

Dell video showing how VMware Storage vMotion works – http://www.youtube.com/watch?v=7EfGJaYnQjM


VMware Storage vMotionVI Client Plugin by Andrew Kutzhttp://code.google.com/p/akutz/downloads/detail?name=SVMotionClientSetup-0.4.4.msi


Guide on how to use Storage vMotion – http://www.virtualizationadmin.com/articles-tutorials/vmware-esx-articles/vmotion-drs-high-availability/storage-vmotion-svmotion-vi-plugin.html

Here is another GUI for VMware Storage vMotion – http://communities.vmware.com/thread/122847

VMware Storage vMotion GUI

VMware Storage vMotion GUI


2009/05/28

Server Room Infrastructure Information

Filed under: virtualization — Tags: , , , , , , , — iben @ 15:03

Take an average office turned into a server room.  Many companies throw a 3 or 5 ton split air conditioner on a wall call the electrician and start loading the racks up with servers. Now a days the new server hardware can use all the power (and cooling) you have in probably one rack (think three loaded blade chassis with 16 servers each = 90 amps of 208v).  The question is how much cooling can you afford?

For customers deploying 10 or more servers it is recommended to use the most efficient power delivery and structured wiring options.

Calculate you power and cooling needs with this spreadsheet. https://spreadsheets.google.com/ccc?key=tsfSMUDYsB-Ef2umhyORqvA

Using 3 phase power reduces the number of PDUs and “whips” required to power up large quantity of machines.  The actual cables from the server to the PDU are the same and the power supplies still receive 1 phase 208v power.  This is just a different and more efficient method of delivering the power to the servers.

You get higher densities with fewer wires to the electrical service panel with 3 phase power over single phase power. ServerTech has a great white paper on this topic here:

http://www.servertech.com/uploads/documents/0000/0236/3-Phase_Power_in_the_Data_Center.pdf

A 3 phase 30 amp 208V circuit can deliver 8.6 kw versus a 1 phase 30 amp 208V circuit which only delivers 4.99 kv.

Here is one of the more popular units…

http://www.servertech.com/products/smart-pdus/smart-pdu-cs-84vdd-vdy-3ph

Go with the 4 wire “Delta” configuration instead of the 5 wire “WYE” config. Wye power can distribute both 208 V and 120 V power from the same cabinet power distribution unit but requires an extra wire per PDU and is not needed in most datacenters. You will also be limiting the number of 208 volt power outlets with a WYE config PDU.

CS-24VD-L1530 – List $860.
CS-48VDD-L1530 – List $985.
CS-84VDD-L1530 – List $1,290.

You need to hire an electrician at $100 per hour x 4 hours plus parts.

Cheap fast switch with life time warranty:

24 ports NetGear GigE Unmanaged Switch – $260
http://www.netgear.com/Products/Switches/UnmanagedSwitches/JGS524.aspx

SuperGoose temp and humidity – $500
http://www.itwatchdogs.com/products_mon.shtml#wxg-2

Trendpoint power monitoring – direct $3085

http://www.trendpoint.com/TrendPointOne.html

48 port tie lines from each server rack to a central control rack cost about $2000 per rack

Sample power calculations (need to be adjusted) 24 amps x 208 volts = 5000 watts * 3 racks = 15000 watts = 51,113.088 with BTU/hour = 4.25 tons cooling (worst case)

3 Homaco M6 Square Hole 4 post Racks – $360.19 each
19-84-SSDA2732
http://www.homaco.com/equipfloorracks/adjustdual/m6serverrack.htm
OR-19-84-SSDA2732. 84″- M6 SERVER RACK. 84″- M6 SERVER RACK.

And you can get all the various power cables needed for 208vac
operation from quail.
http://www.quail.com/seriesPage.cfm?seriesID=9

2009/05/26

PC Setup Checklist

Filed under: virtualization — Tags: , , , , — iben @ 23:43

PC Setup Checklist

configure printers
map Q: drive to nas
remove any trial versions of antivirus or other security software
run windows updates reboot repeat
install bginfo – http://technet.microsoft.com/en-us/sysinternals/bb897557.aspx
install newsid – http://technet.microsoft.com/en-us/sysinternals/bb897557.aspx
install avg free – http://www.avg.com/filedir/inst/avg_free_stf_en_85_339a1525.exe
Install Yahoo ToolBar with Anti-Spy
install winrar – http://www.rarlab.com/rar/wrar39b2.exe
install firefox
install treesize free – http://www.jam-software.com/treesize_free/TreeSizeSetup.exe
install outlook 2007 – http://support.themessagecenter.com/support/index.php?_m=downloads&_a=viewdownload&downloaditemid=18
edit local %windir%system32driversetchosts file if needed
Configure outook profile using mail control panel
install bittorrent
install skype
install openoffice
install blackberry desktop software
install blackberry handheld software
install apple itunes and quicktime
install adobe acrobat reader
install google earth
setup network time server – us.pool.ntp.org
setup and test vpn client to work headquarters
Turn off “I want to make windows better” check box
Install and test free pdf 995 creation print driver

Connect to exchange server and download cached copy of mail box
Change display options to windows classic and turn off options to enhance performance
turn off system restore
turn off drive indexing
label hard drive for user_c

Equipment List

k62132-3141Kensington Guardian Premium 6 Outlet Surge
6-outlet surge protector, 210 Joules
MFG#: 62132
Price:  $11.99
They are unique in that they have no power switch to accidentally turn off the equipment AND they also have a power indicator LED and a $2500 connected equipment guarantee.

Lifetime guaranteed replacement if unit takes a surge and stops working.
http://us.kensington.com/html/13265.html

2009/05/23

Saturday Morning Waffle Recipe

Filed under: virtualization — Tags: , , , — iben @ 13:04
Although this topic doesn’t necessarily relate directly to adapting virtualization technology to our business processes (or vice versa) we all need to eat and this is an example of a procedure that I learned and am continually improving according to ITIL 3 Framework.  Anything we do in life can be documented and thus improved. This allows others to repeat the process in the way we want (establish standards) and then we can apply Kaizen principles to improve gradually as needed.
I got this recipe for Everyday chocolate chip waffles out of an old cook book we purchased from the store  Half to Have IT in Half Moon Bay during one of our weekend getaways to the coast.  I always ask the kids what they want for breakfast on Saturday mornings and they always give me a funny look like “What do you mean, waffles, of course!”.
 
We like to prepare side dishes for each person to customize their waffles after they’re cooked: Blueberries, Yogurt, Maple Syrup mixed with melted butter, Chocolate Chips, Bananas are some of our favorites.  If we have guests we’ll make a double batch per measurements listed below. If it’s “only” a few of us at home on a Saturday morning we cut this recipe in half.
 
Sift dry ingredients together in 10 cup mixing bowl.
  • This bowl will be used to dispense the batter to the waffle maker.
  • 118 ml, 3.5 cups flour
  • 30 ml , 6 tsp baking powder
  • 5 ml, 1 tsp salt
Separate 4 eggs – whites go into mixing bowl to be beaten for a couple minutes, yolks go into mixing bowl with other wet ingredients below.
  • 4 stiffly beaten egg whites
Combine yolks, milk, and oil in an 8 cup mixing bowl.
  • 118 ml, 3.5 cups milk
  • 237 ml, 1 cup oil
  • 4 egg yolks
  • 237 ml, 1/2 cup chocolate chips (optional – these can be added during cooking or after cooking too)
 

Stir wet ingredients into dry bowl.

 

Fold whites leaving a few fluffs. Mix first third in fully, then fold second third, then last third.

 
Fold in chocolate chips.
 
Bake 3/4 cup at a time.
 
Makes 8 6″ round belgian style waffles.
 

 

2009/05/20

Free AntiVirus Tools for Windows

Filed under: virtualization — Tags: , , — iben @ 13:36

There are some good free AntiVirus tools you can use to scan and protect your Microsoft Windows based computers.

Are there others you use? Let me know your feedback on these.


Spelling – VMware or VMWare or VMWARE or vmware

Filed under: cloud,Education,it,security,virtualization — Tags: , , , , , , — iben @ 11:20

[NMAP has been corrected! see email replies from Fydor and IEEE at end]

Here are a couple emails I sent off today requesting (suggesting) that the OUI information be corrected for VMware’s MAC addresses.  I first noticed the issue when my friend ran the latest NMAP on his MacBook against our internal work net. So I was all set to submit a bug to the NMAP developers when I realized they just get their information on this from the I triple E standards body and they just get their info from whomever happened to be on duty that day and made the request.

It’s the OCD part of me that can’t stand to see VMware spelled wrong (VMWare).

I’m sure other companies like McAfee and McDonald’s have entire teams dedicated to protecting this sort of brand identity.

All lower case would have been fine (vmware) like Unix style.

So would have all UPPERCASE  (VMWARE) as it adds emphasis or might be a convention for a proper noun in certain types of databases or programming languages.

But if you are going to make the effort to use the shift key for just part of the word the least you could do is learn which letters are supposed to be upper case and which ones are not.

To: ieee-registration-authority@ieee.org

Subject: typo in spelling of company name…

Dear Registration Team,

I noticed a minor typo in the list here: https://standards-oui.ieee.org/oui/oui.txt

The word “VMware” is spelled wrong when reporting the company for an OUI. The “w” should be lower case – not upper case.

Also, the company has moved and is no longer located on Porter Drive but around the corner now on Hillview Ave.

Please see the corporate web site for the accurate information and correct the list output.

http://www.vmware.com/company/contact.html

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304 USA

For example: Here is the current output…

00-05-69   (hex)        VMWARE, Inc.
000569     (base 16)        VMWARE, Inc.
3145 Porter Dr., Bldg. F
Palo Alto CA 94304
UNITED STATES

00-0C-29   (hex)        VMware, Inc.
000C29     (base 16)        VMware, Inc.
3145 Porter Dr.
Palo Alto CA 94304
UNITED STATES

00-1C-14   (hex)        VMware, Inc
001C14     (base 16)        VMware, Inc
3145 Porter Drive
Palo Alto CA 94304
UNITED STATES

00-50-56   (hex)        VMWare, Inc.
005056     (base 16)        VMWare, Inc.
44 ENCINA AVENUE
PALO ALTO CA 94301
UNITED STATES

Reference Info:

http://communities.vmware.com/thread/108426

To: nmap-dev@insecure.org

Subject: spelling of company name “VMware” for a given mac address

Dear NMAP Developer Team,

I noticed a minor typo in the OS Detection Output.

The word “VMware” is spelled wrong when reporting the company for an OUI. The “w” should be lower case – not upper case.

For example: Here is the current output…

MAC Address: 00:50:56:01:11:00 (VMWare)

And this is the corrected version…

MAC Address: 00:50:56:01:11:00 (VMware)

Reference Info:

http://communities.vmware.com/thread/108426

http://standards.ieee.org/regauth/oui/oui.txt

00-05-69   (hex)                VMWARE, Inc.
000569     (base 16)            VMWARE, Inc.
3145 Porter Dr., Bldg. F
Palo Alto CA 94304
UNITED STATES

00-0C-29   (hex)                VMware, Inc.
000C29     (base 16)            VMware, Inc.
3145 Porter Dr.
Palo Alto CA 94304
UNITED STATES

00-1C-14   (hex)                VMware, Inc
001C14     (base 16)            VMware, Inc
3145 Porter Drive
Palo Alto CA 94304
UNITED STATES

00-50-56   (hex)                VMWare, Inc.
005056     (base 16)            VMWare, Inc.
44 ENCINA AVENUE
PALO ALTO CA 94301
UNITED STATES

On May 20, 2009, at 5:52 PM, Fyodor wrote:

Hi Iben.  Unfortunately, that is wrong in the official document at
http://standards.ieee.org/regauth/oui/oui.txt.  VMware should really
contact the IEEE and canonicalize their name and addresses in that
file.  As you show in your email, it is even all caps in one case.

So while there is little I can do about the varying VMware
capitalization until they fix it upstream, I took the opportunity to
update the data to correspond with the latest version of
http://standards.ieee.org/regauth/oui/oui.txt.  Looking at the changes
in r13359, it is clear that companies often get minor capitalization
changes put through, so VMware just needs to do that as well.
Instructions are at http://standards.ieee.org/regauth/oui/index.shtml.

Cheers,
-F

From: ieee-registration-authority@ieee.org

Sent: Thursday, May 21, 2009 11:24 AM
To: Iben Rodriguez
Subject: Re: typo in spelling of company name…

Mr. Rodriguez,

The changes have been completed and will reflect on our website within 24 hours.
Please let me know if you have additional questions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
IEEE Registration Authority
IEEE Standards Department
445 Hoes Lane
Piscataway, NJ 08854 USA
Phone:  +1 732-465-6481
Fax:  +1 732-562-1571
E-mail:  ieee-registration-authority@ieee.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://standards.ieee.org/regauth/index.html

IEEE.  Fostering technological innovation and excellence for the benefit of humanity.

Celebrating 125 Years of Engineering the Future.  www.ieee125.org

—end of email–

Success!

5/25/2009 shows corrected updates.  Still waiting to find out if NMAP will dynamically reflect these changes or if a code rev is needed.

Here are the results of your search through the public section of the IEEE Standards OUI database report for vmware:

00-05-69   (hex)		VMware, Inc.
000569     (base 16)		VMware, Inc.
				3401 Hillview Avenue
				Palo Alto CA 94304
				UNITED STATES
00-0C-29   (hex)		VMware, Inc.
000C29     (base 16)		VMware, Inc.
				3401 Hillview Avenue
				Palo Alto CA 94304
				UNITED STATES
00-1C-14   (hex)		VMware, Inc
001C14     (base 16)		VMware, Inc
				3401 Hillview Avenue
				Palo Alto CA 94304
				UNITED STATES
00-50-56   (hex)		VMware, Inc.
005056     (base 16)		VMware, Inc.
				3401 Hillview Avenue
				PALO ALTO CA 94304
				UNITED STATES

Now – need to fix NMAP

Nmap 4.85BETA9

MAC Address: 00:0C:29:11:00:11 (VMware) <– virtual machine guest – correct

MAC Address: 00:50:56:00:11:00 (VMWare) <– ESX host – wrong

As you can see a scan with the latest version of NMAP still shows the wrong spelling.  Now that the OUI is corrected on the public IEEE web site we’ll need to wait for NMAP to get updated.

I’ve emailed Fydor and hopefully he can fix it next week…?

I b e n

Nmap Changelog – fixed

# Nmap Changelog ($Id: CHANGELOG 13432 2009-05-28 

o Updated nmap-mac-prefixes with the latest MAC address prefix data
  from http://standards.ieee.org/regauth/oui/oui.txt as of
  5/20/09. [Fyodor]
Reference: http://nmap.org/changelog.html
« Newer PostsOlder Posts »

Powered by WordPress