Sunday, December 26, 2010

Dell Kace Secure Browser

All I wanted for Christmas was a Secure way to browse the web.

Wait, I already have one... and better, it's Freeware!

I've been using it for a little while, and have been very satisfied with the operation of Kace's Secure Browser (it's essentially a Sandboxed Firefox 3.6 Browser with Adobe Reader and Flash plug-ins). It keeps your computer from getting sick when the occasional teenager decides to hop on your computer and the next thing you hear is "All I did was check my FaceBook Page!"

You can pick it up from Kace's Website Here.


------
Dustin Shaw
VCP

Monday, December 13, 2010

Exchange 2010 AD Prep

When you go to install Microsoft Exchange 2010, you need to prepare your AD first. MS has a good article on how to prepare the schema here.

The essence is that you need to run the following commands. If you want, you can skip 1. and 2. as they will run when you run 3. The advantage of running separately is tracking the changes and replication to your AD.

1. setup /PrepareLegacyExchangePermissions or setup /pl

2. setup /PrepareSchema or setup /ps

3. setup /PrepareAD or setup /p

4. setup /PrepareDomain or setup /pd
You only need to run this on any child domains under the domain you ran 3. on.

Addendum:

Another thing to note is that you MUST have a 64bit box on the domain that you run these commands from.

I ran into a client that didn't have an x64 machine on his parent domain, and was wanting to deploy Exchange 2010 to the separate client domains, but couldn't without loading up a x64 server on his parent domain.

------
Dustin Shaw
VCP

Exchange 2010 Prereq Script

I was looking for an easy way to install all the Prerequisites on a new Exchange 2010 install this last week, and ran across a good script that does it all for you.

The script was written by Dejan Foro over at ExchangeMaster.net. You can find it here.

He has several variations of the script: one that lets you choose what server roles you are installing, or one that installs all prerequisites needed if you are loading down a box with all Exchange Roles.

It's also got variations for whether you are running Server 2008 SP2 or Server 2008 R2.

It's available in either ISO or ZIP format.

------
Dustin Shaw
VCP

Thursday, November 18, 2010

Speed, Speed, Speed

Who would've ever thought you'd see network performance like this on an Windows box:

This is the networking graph I got off of a physical box running the inital push for Quest vConverter's Continuous Protection option. The blip in the middle was it switching from the C: volume to the D: volume. It just about knocked my socks off - I've never seen anything eat up the entire NIC on Windows.

I found out some really cool stuff with vConverter. With the Continuous Protection option, you can keep a full-image copy of your physical server on an NTFS Share, ESX(i) Server, or Hyper-V server. After the first push, it just copies block (or file level) changes (whichever option you want) to the target store. This way, if you ever lose your physical box, you can either immediately pop it online in your ESX/Hyper-V box, or do a V2P back to your original hardware once it's back up and running. Very cool stuff.

Even cooler - let's say you're looking at Offsite DR. You already have Virtual Servers (VMware or Microsoft) in a hardened data center, and are currently replicating your VMs at your main office offsite to there. Good for you! Now how do you push your physical boxes out there?

With vConverter, you can do your initial copy locally (say to an NTFS Share on a NAS device), then you can take it to your Datacenter, and upload it to your SAN that your ESX or Hyper-V boxes use. Then go into vConverter, do a "change target" and select your ESX or Hyper-V box, tell it where the data is, and your good to go. Now all you have to worry about getting across the WAN is your block changes. Now you really do have an Offsite DR solution.

------
Dustin Shaw
VCP

Wednesday, November 17, 2010

Exchange Memory Utilization

Recently I had someone ask me what the recommend maximum settings were in Exchange 2010 before getting a performance hit. After I pulled up the appropriate TechNet Articles for him, I decided I'd go ahead and post them here.

Here's the Article for Exchange 2010.

Memory configurations for Exchange 2010 servers based on installed server roles

Exchange 2010 server role Minimum supported Recommended maximum
Edge Transport4 GB1 GB per core (4 GB minimum)
Hub Transport4 GB1 GB per core (4 GB minimum)
Client Access4 GB2 GB per core (8 GB minimum)
Unified Messaging4 GB2 GB per core (4 GB minimum)
Mailbox4 GB4 GB plus 3-30 MB additional memory per mailbox:
The total required memory is based on the user profile and database cache size. For more information about how to determine the total required memory, see Understanding the Mailbox Database Cache.
Client Access/Hub Transport combined role (Client Access and Hub Transport server roles running on the same physical server)4 GB2 GB per core (8 GB minimum)
Multiple roles (combinations of Hub Transport, Client Access, and Mailbox server roles)8 GB4 GB plus 3-30 MB additional memory per mailbox:
The total required memory is based on the user profile and database cache size. For more information about how to determine the total required memory, see Understanding the Mailbox Database Cache.

Here's the Article for Exchange 2007.

Memory configurations for Exchange 2007 servers based on installed server roles


Exchange 2007 server role Minimum per server Recommended Maximum per server
Edge Transport2 GB1 GB per core (2 GB minimum)16 GB
Hub Transport2 GB1 GB per core (2 GB minimum)16 GB
Client Access2 GB2 GB per core (2 GB minimum)16 GB
Unified Messaging2 GB1 GB per core
(2 GB minimum)
4 GB
Mailbox2 GB; also depends on number of storage groups (For information, see later in this topic.)2 GB plus from 2 megabytes (MB) to 5 MB per mailbox. This is variable based on user profile. For more details, see "Mailbox Server Role" later in this topic.32 GB
Multiple roles (combinations of Hub Transport, Client Access, Unified Messaging, and Mailbox server roles)4 GB; also depends on number of storage groups (For information, see later in this topic.)8 GB plus from 2 MB to 5 MB per mailbox. This is variable based on user profile. For more details, see "Mailbox Server Role" later in this topic.32 GB


------
Dustin Shaw
VCP

Tuesday, November 16, 2010

vFoglight 6.5 is out

Quest vFoglight 6.5 was released today and is available for download from Quest's site.

For those who aren't familiar, vFoglight is Performance Management software for Virtual Environments (both VMware and Hyper-V).

Here's a breakdown of the new features available in vFoglight 6.5, as highlighed by Ben Scheerer:

Release Highlights
With Version 6.5, Quest vFoglight is focused on addressing specific virtual management needs by:
  • Reducing time and effort required to manage and fix problems in the virtual infrastructure through built-in automation, workflow based alert remediation and in-context administration
  • Easily presented user centric views “perspectives” that provides a single view giving a complete understanding of the infrastructure status 
  • Leveraging additional hypervisor technologies to more seamlessly fit into existing virtualized environments
vFoglight v6.5 includes new and improved capabilities across performance monitoring, administration, remediation, capacity planning, chargeback, and service management in a single, downloadable solution.
  • Only to offer a unique visual paradigm using color coding and movement to direct administrators to problem areas
  • Reduces time and effort required to manage the virtual infrastructure through built-in automation, workflow based alert remediation and in context administration
  • Capacity planning capabilities quickly identifies bottlenecks, predict capacity failures, provide scenario models and identifies candidates for optimization
  • Understand how the infrastructure is supporting key applications and business services including the ability to associate costs for the use of infrastructure
  • Supports heterogeneous hypervisor platforms including VMware and Hyper-V
  • New support for Exchange Server 2010 (Foglight for Exchange)


------
Dustin Shaw
VCP

Thursday, November 11, 2010

vsd-mount [!!] Error

Ran into this on one of our ESX hosts recently after shutting it down for some maintenance:

* vsd-mount ...  [!!]

You have entered the recovery shell. The situation you are in may be recoverable. If you are able to fix this situation the boot process will continue normally after you exit this terminal
/bin/sh: can't access tty; job control turned off
/ #

I was unable to get in troubleshooting mode on the ESX box, so I couldn't run any commands of consequence. I perused around and determined pretty quickly that reloading was my quickest and easiest option. After all, we've got a Distributed Switch setup, and the rest are just basics (IP, etc), so it wasn't a very hard decision.

------
Dustin Shaw
VCP

Monday, November 1, 2010

Office for Mac 2011 Release

Office for Mac 2011 is slowly becoming available as of Today (11-1-10).

It's out on Technet and MSDN for download as of today, and the rest of the universe will be close behind.

One thing of note is that Oulook for Mac 2011 (included in it) allows you to connect to Exchange. Yes, Outlook is back for the Mac.

The one caveat people may want to pay attention to is that Outlook 2011 requires Exchange 2007 or Exchange 2010. So if you are still running Exchange 2003 (or earlier...) you'll need to plan for a forklift of your Exchange server to stop the screams from your Mac people.

You can read all about it here.

------
Dustin Shaw
VCP

ThinkPoint Virus

Seen a new virus running around in the last week. It's called the ThinkPoint; it's a rogue antivirus software, much like the traditional "Antivirus 2010" viruses.

Here's a good site on how to kill it.

------
Dustin Shaw
VCP

Monday, October 18, 2010

Entourage 2008 connection issues to SBS 2008

Most things with Small Business Server 2008 work out of the box. Some do not.

Here's one that doesn't - Entourage 2008 connection from outside the network. Outlook uses RPC over HTTPS and works great. Entourage uses WebDAV and it doesn't. It usually works fine with most Exchange 2007 setups (as long as they are configured properly), but it doesn't with the custom config known as SBS 2008.

The solution is to allow the "Authenticated Users" Group to have "Read and Execute", "List Folder Contents", and "Read" access to the following folders:

C:\Program Files\Microsoft\Exchange Server\ClientAccess
C:\Program Files\Microsoft\Exchange Server\ClientAccess\Exchweb
C:\Program Files\Microsoft\Exchange Server\ClientAccess\OWA

And then you need to make sure you are connecting to the exchange server using the following format:

remote.domain.com/exchange/username@domain.com

And then you should be good to go.

That is of course if you are up to date on your Exchange 2007 SP2 or higher. If not, then it will probably break the RPC over HTTPS so that it continually prompts for username and password and never connects. The solution for this is either update to Exchange 2007 SP2 or do the following:

Go to IIS (7)
Go to Sites -> SBS Web Applications
In the following Virtual Directories, change the SSL settings to Accept Client Certificates:
OAB
RPC
RPCWithCert

I've seen some people that also recommend you should do the Autodiscover Virtual Directory, but I've not seen this needed.

------
Dustin Shaw
VCP

Sunday, October 10, 2010

ESX boot issue

Ran into this on one of our ESX 4.1 boxes. After it was shutdown, it failed to come up. When I looked at the console, it showed: vsd-mount failed.

There's a good VMware knowledge base article on this.

The only caveat that I found for the knowledge base article base was that you need to follow the instructions verbatim.

Also, you need to pay attention to step 10. When you edit the kernel line, you need to understand how it's presenting the line. It's scrolled sideways. If you really want to see the beginning of the line, move your cursor to the left. Where you want to insert the text is at the end of the line, though.

For your convenience, here's the resolution from the KB article:


Resolution

If the ESX host has detected the VMFS volume containing the esxconsole.vmdk file as a snapshot LUN, the ESX host drops into Troubleshooting (busy box) mode during boot. 
To allow your ESX host to boot successfully:
  1. Provide the necessary credentials to access the busy box.
  2. Run this command to enable resignaturing on the VMware ESX machine:

    esxcfg-advcfg -s 1 /LVM/EnableResignature

    You must get an output similar to:
    Value of EnableResignature is 1.

    Note: If the root is mounted as read only, run the command  mount -o remount / to remount the volumes so that they are in a writable state.
     
  3. Run this command to unload the VMFS drivers:

    vmkload_mod -u vmfs3 
  4. Run this command to load the VMFS drivers:

    vmkload_mod vmfs3
     
  5. Run this command to detect new VMFS volumes and resignature the volume:

    vmkfstools -V
  6. Run this command to identify the full path of the esxconsole.vmdk file:

    find /vmfs/volumes/ -name esxconsole.vmdk

    The output appears similar to:

    /vmfs/volumes/4a14d968-88bf7161-700f-00145ef48f76/esxconsole-4a14d906-2f96-7956-7284-00145ef48f74/esxconsole.vmdk
     
    Note: Make a note of this full path.
  7. Restart the VMware ESX machine. You see a menu provided by the grub boot loader. 
  8. Press e to edit the grub entries manually.
  9. Scroll down to the line that starts with kernel /vmlinuz (it is indented under the VMware ESX 4.0 heading).
  10. Go to the end of the line and include the following entry after a space:

    /boot/cosvmdk=<path>/esxconsole.vmdk

    Where <path> is the full path identified in step 6.
     
  11. Press Enter to accept the changes.
  12. Press b to boot using the modified settings. The ESX host successfully boots.

    Note: The changes made to the boot options are not saved. They only apply to the current boot process. The changes need to be made to the boot configuration files as described in the following steps.
     
  13. Log into the console as root.
  14. Edit the /etc/vmware/esx.conf file with a text editor and modify the following lines:

    /adv/Misc/CosCorefile = "/vmfs/volumes/<path>/core-dumps/cos-core"
    /boot/cosvmdk = "/vmfs/volumes/<path>/esxconsole.vmdk" 

    Where <path> is the full path identified in step 6.
     
  15. Run this command to update the boot configuration files:

    esxcfg-boot -b



------
Dustin Shaw
VCP

View 4.5

Just did a basic View 4.5 implementation at a client. One thing the client requested was basic instructions for setting up a new Pool. I realized that there is probably not much out on the internet for those basics, so as soon as I finish typing it up for him I'll post it here.

------
Dustin Shaw
VCP

Saturday, October 2, 2010

All About the Design

It seems to me that you can always tell if an IT guy is worth his water by the way that he architects/designs solutions.

We picked up a small shop recently that their previous guy built them a heavy-built Dell T710 with Microsoft Hyper-V. They've got 5 VMs running on it, so nothing wrong with the basic idea behind it, but the execution is where I have an issue.

The machine was originally built (from factory) with the onboard SAS 6/iR RAID card with a set of four 450GB drives in a RAID 5 config. No hot spares. Issue number one.

He realized that he must have under built, so he then went off the deep end. He went out to NewEgg and bought four 2TB SATA drives, bought the caddies off EBay, and bought a PERC 6/i RAID controller directly from Dell (must've not found it cheaper somewhere else). This means the factory warranty from Dell (3 year NBD onsite) won't extend to anything except the RAID card. What's the most likely thing to die on a server again?

He then went in and reconfigured the machine to run off the PERC with a second RAID 5 set with the 2TB drives (again no hot spare), and directly attached one of the VMs to it for their main data storage. This is all fine and dandy, except for the fact that there is 800GB free on the first RAID set, and they are only (at this point) using 40GB on the second RAID set (leaving roughly ALL of it free).

And here comes the second part of the issue - much bigger than the previous config issues.

The PERC 6/i controller has issues running on drives 1.5TB and up. The latest firmware revision runs better than the previous one, but the controller is regularly (it's happened 3 times in a month, hence why the old guy went bye-bye) dropping a drive offline. Part of the issue is that when it drops the drive, it drops the RAID set offline at the same time.

When I got called in, the RAID set had dropped two drives offline (meaning bad, bad things could've happened to their data). I reseated the "bad" drive, imported the foreign config, and let the RAID set rebuild itself. I then proceeded to move their data off of that RAID set and remove the config from the environment.

They still have 800GB to grow into before we even need to consider doing anything. My first plan of order is to tell them that they need to get another 450GB drive and put it in as a hot spare. As I mentioned, this is a small shop, and the server sits on the floor in a closet. They only open the door when there is a problem, so they could easily loose a drive and not know it until someone asks "What's that red light for? It's been doing that for a month." Hence the driving need for a hot spare.

------
Dustin Shaw
VCP

vConverter 5.1 is out!

Yesterday Quest released vConverter 5.1 onto their website for download. You can check out the product here.

For those of you familiar with their product, you'll know that vConverter 4.2 was the previous version that was out. They recently released vConverter 5.0 as an "early release preview" (AKA - Beta), but it had numerous issues. One tech that I spoke with said that the marketing team put version 5 online for download and issued a press release before they consulted with tech or engineering - sounds like many marketing guys that I know.

If you were one of the lucky ones that installed the "early release preview," then you'll have to uninstall it before you install vConverter 5.1.

The new features to look for in version 5.1 are:

P2V for Linux Servers: this was a big absent in the previous releases. I know many penguin fans who are excited about this one. It's a Cold Convert, so you have to be down when doing the conversion and have physical access to the box so that you can boot off a CD or PXE server (unless of course you have ILO or DRAC or other console access). This is unfortunate since VMware's vCenter Converter 4.x supports several Linux builds doing Hot Convert, but there are a number of other features that vConvert does buy you.

ESXi Support: This is a good thing since VMware is pushing everyone hard away from ESX onto ESXi. They are doing this by using a Virtual Appliance.

Hidden Partitions Support: This has recently become an issue with Windows 7 and Server 2008r2, keeping most converter programs from being able to work. I'm glad to see this added, as if you've been reading my blog you know that I recently ran into an issue caused from someone doing a conversion of a 2008r2 box using Acronis.

vConverter 5.1 download comes with a 30 day trial license that allows you to use Continuous Protection on up to 5 source machines, and limits you to 5 conversions (not including the Continuous Protection conversions).

------
Dustin Shaw
VCP

Monday, September 27, 2010

vRanger Error

Ran across this error on a client running vRanger:

Message: Failure creating VM datastore lock Host: ESXHostNameha-host VM: MVName


After investigating, the root of the issue was that the ESX host had run out of memory - there were too many VMs running on this host. This was keeping the VMs from quiescing long enough to get a good snapshot. When they would try, the memory would spike and balloon all over the board. After thinning out some memory, the problem disappeared.

This particular client is growing faster than they were paying attention to, hence the increase in memory utilization across the board.The client is ordering more memory for all the hosts in their cluster and looking at ordering another host or two so that they can get back to N+1 (where they actually started at).

------
Dustin Shaw
VCP
------
Here's some books that should help out:
VMware vSphere 4 Administration Instant Reference
VMware Fusion 3
VMware Cookbook: A Real-World Guide to Effective VMware Use

Sunday, September 26, 2010

View Pool Options: Reset, Recompose, Rebalance, Refresh

Thought I'd give a quick note on the different options that you have in a View pool, and a breakdown to what they do:

Reset:
Reset the VM that you are on.

Recompose:
Allows you to change the snapshot either within the same base VM or select another base VM and snapshot. This new replica image will be pushed out to all the linked clones in the pool.

Rebalance:
Rebalances all the linked clones to use the available space on the LUNs efficiently

Refresh:
Take the linked clone back to the same image as the original image. If there is a persistent data disk, that will be kept, but everything on the "C:" disk will go back to where it was.

------
Dustin Shaw
VCP
------
Here's some books that should help out:
Mastering VMware vSphere 4 (Computer/Tech)
VMware Cookbook: A Real-World Guide to Effective VMware Use

Thursday, September 23, 2010

Office 2010 ThinApp

So I've been struggling in my spare time to get Office 2010 ThinApped on Windows 7, and here's what I found:

You can't do it yet.

Found a forum here talking about it. You can get it on XP (I don't care about XP right now in my test View environment), but not Win 7.

The issue is that you run into a licensing error when you deploy, because of the way that MS has changed licensing for Office 2010.

So as of right now there are two solutions for my View environment - require everyone to be on 2010 (include it in the base image) or make 2 base images, and move people over as possible.

Either way a pain, but whatever works.

------
Dustin Shaw
VCP
------
Here's some books that should help out:
VMware vSphere 4 Administration Instant Reference
VCP VMware Certified Professional on vSphere 4 Study Guide: Exam VCP-410

Tuesday, September 21, 2010

vRanger Error

Here's a random vRanger Error:





Message: An internal error occurred during execution, please contact Vizioncore support if the error persists.  Error Message: VM's host could not be identified

Got this on one of my client's install's today. vRanger 4.x.

The solution? Go refresh the inventory. Go edit your backup job and keep all the same settings.

Easy fix.

-Update-

I ran into the error again on vRanger 5.3.x, and posted an update here.

------
Dustin Shaw
VCP

Monday, September 20, 2010

ThinApp "Error: GetFileAttributes"

I was ThinApping Office 2010, and ran into the following error:

"Error: GetFileAttributes for file <filename> failed?

I poked around, but didn't find much on the internet for it, so I thought I'd post the solution.

The problem is that the path is too long. I believe the limit for the path and filename are 256 characters. In this case it was 263 characters:
\\server-name.domain.local\ThinApp\Microsoft Office Professional Plus 2010\%SystemRoot%\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll

ThinApp Office 2010

Found a good post for how to ThinApp Office 2010:
http://blogs.vmware.com/thinapp/2009/12/microsoft-office-2010-beta-recipes.html

Make sure you download the office2010-1.vbs script and put it in the root of your ThinApp project for everything to work right.

UPDATE 3/24/11:

I was reviewing my traffic, and noticed that this page still gets a lot of traffic.

For everyone that stumbles across it, I thought I'd point out that as of today, Office 2010 still shouldn't be ThinApped in a production environment. From my experience and testing, it looks like it will run for around 30 days, then it will time out looking for activation.

------
Dustin Shaw
VCP
------

Saturday, September 18, 2010

View 4.5 is Alive!

So I finally had to make time to put in View 4.5 on my 2 test Datacenters (one is a Demo environment, the other for play).

Went in like a breeze on both. Run the installer for View Manager, update the View Composer, and boom. I'm up to 4.5.

The only real issue I ran into was with my existing XP Linked Clone pool on my test Datacenter (the Demo datacenter was fine...). I went in and removed and re-added the View Agent and updated my Snap and pointed the Pool to it. No joy. I got a blank screen.

Did some research, and saw some notes about ESX 4.0u2 with View 4.0 causing this issue, so I thought I'd start there.
Here's two links I found:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1016753
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1022830

Besides, I felt like updating the datacenters to ESX 4.1 anyway, since I had held off because View 4.0 doesn't like ESX 4.1.

So I went through and upgraded vCenter, vCenter Update Manger, then used Update Manager to update my hosts. If you've not used Update Manager for it, you should - it's cool to watch. Apply your baseline with 4.1, tell it to remediate, and sit back and enjoy. That is, assuming of course, that all of your vms can migrate on their own (aka, you don't have them attached to CD drives, etc).

So once I had them updated, I once again updated my vmTools on the XP image, removed and readded the View Agent for good measure, then updated my Snap and Linked Clones. Still no joy.

So I though, ok, maybe something is wrong with my pool.

I created a new desktop pool (based off the same Snap) and it worked!

Since these were just Demo/Test datacenters, I just blew away my old pools and created new ones. If this was a live environment, then I'd have to worry about keeping the persistent disks and reattaching them.

After XP was successful, I built myself a Win 7 image, created a pool off of it, and awesome! It works great.

I love the dual monitors! I have two different resolution monitors at home, and two different aspect ratio monitors at work, so I can now take full advantage of them with View 4.5.

Now I'm going to proceed with testing out the ThinApp stuff integrated into View 4.5, and some performance testing, but so far it all looks awesome!

------
Dustin Shaw
VCP
------
Here's some books that should help out:

Thursday, September 16, 2010

Really?

Really?

The View 4.5 Client for local mode can't even install on a computer that is running another VMware product (like VMware Workstation).

I understand all the reasons behind, but Really?

------
Dustin Shaw
VCP
------
Here's some books that should help out:
VCP VMware Certified Professional on vSphere 4 Study Guide: Exam VCP-410
VCP VMware Certified Professional vSphere 4 Study Guide (Exam VCP410) with CD-ROM (Certification Press)
VCP4 Exam Cram: VMware Certified Professional (2nd Edition)

Wednesday, September 15, 2010

VM Shuts Off When Taking Snapshot

Here's a really cool one :-)

Have a client that just did a P2V - they took all of their 5 servers and did a P2V of them into a new vSphere implementation. Naturally, they also purchased vRanger so that they could get the best bang for their buck.

They had been continuing to backup using their good old Symantec method after the P2V project, and just now got around to the point of switching over to vRanger. They're a small shop, so they can take a while to move from Point A to Point B.

Well, vRanger ran for the first time last night, and kicked out the following errors on two VMs:

Message: An internal error occurred during execution, please contact Vizioncore support if the error persists.  Error Message: API Call failed with message: Error encountered while restarting virtual machine after taking snapshot.  The virtual machine will be powered off.

Took a quick glance, and remembered that these two boxes were the ones that were already running 2008r2 before the P2V. Because of this, we couldn't use the standard VMware Standalone Converter that we typically use for small shops - it doesn't support 2008r2. Instead we used Acronis to do the P2V using their True Image Echo software. 

Not my first choice, and not my decision either. I didn't even get to play on this project... One of my other techs kept saying "Can I do one? Can I do one? You get to have all the fun! Can I do it?" Obviously I got tired, and said sure; plus I wanted a weekend off to spend with the family. I found out after words what happened, but they were up and running and happy, so I didn't bother following up.

Think it's a coincidence? Not so, according to Quest's tech support - the second call my guys made to get the VMs back up (the first was to me: "HELP!" "I'm at a VMware View Presentation in front of 10 prospective companies. Call Quest or VMware; they have support on both." "Right!")

Apparently, when the Acronis P2V was done, it split up the vmdk files into 2GB chunks, rather than one big one. Not sure if this was an option they picked or if it was default - if the guy who did it was still working for us I would ask... He's gone for different performance reasons.

When the vmdk file is like this on vSphere, snapshotting doesn't work right, and kicks the box off line.

So the fix is to run vmkfstools to convert the multiple vmdk files down to one, then you're good to go. Alternatively, you can just Clone the VM to let it consolidate them for you, then remove the old one.


Ain't life fun!

Next time I'm going to verify the work done a little closer...

------
Dustin Shaw
VCP
------
Here's some books that should help out:
Maximum vSphere: Tips, How-Tos, and Best Practices for Working with VMware vSphere 4
VCP VMware Certified Professional on vSphere 4 Study Guide: Exam VCP-410
VMware vSphere 4 Implementation

View 4.5 Features

Here's a quick breakdown on what's new in VMware 4.5 - these are the features that didn't exist in View 4.0:


  1. Offline Desktop - This is a biggy. It allows you to use a laptop that's not always on the network. This means "Yes, you are a candidate for VDI, Mr. CEO."
  2. Windows 7 - Another biggy. Fully supports Win 7. You can now get rid of your legacy XP boxes :-)
  3. Support for vSphere and vCenter 4.1 - Like this required any thought. vSphere 4.1 came out, and didn't support View Composer - obviously because they knew they were about to release View 4.5.
  4. More View Clients - they extended this to Mac OS X
  5. Easy ThinApp Delivery - It's all integrated, so you don't have to worry.
  6. Administration Based on Roles - You can define who can administer what; something View 4.0 was missing. Big deal for Enterprises.
  7. Support added for Tiered Storage - You can now take advantage of more storage options for your VDI clients to improve performance and control costs.
  8. A bunch of other stuff

Needless to say, there's some cool new stuff. If you want to see the full list, check out the release notes:
http://www.vmware.com/support/view45/doc/view45_releasenotes.html

We're getting ready to install / play with View 4.5 in our lab so that we can figure out the caveats. I'll post back about those when we figure them out.

------
Dustin Shaw
VCP
------
Here's some books that should help out:
VMware vSphere 4 Implementation
VMware vSphere 4 Administration Instant Reference
Mastering VMware vSphere 4 (Computer/Tech)
VMware Cookbook: A Real-World Guide to Effective VMware Use

Tuesday, September 14, 2010

View 4.5 is out!

For anyone who wasn't paying attention yesterday, VMware View 4.5 hit the market.

There are a lot of cool new features - especially the offline desktop one. I'll post them later; until then you can check it out here:
http://www.vmware.com/products/view/overview.html

------
Dustin Shaw
VCP
------
Here's some books that should help out:
VMware Cookbook: A Real-World Guide to Effective VMware Use
Mastering VMware vSphere 4 (Computer/Tech)

Monday, September 13, 2010

ESX File Systems Error on boot

Ran into this recently, though it might help someone else:

We have a Demo vSphere environment that gets banged around a lot, including getting shut down dirty often ("Look! I can yank the plug and it keeps running!"). One of our ESX hosts in the cluster came up with this fun error:

fsck.ext3: Unable to resolve 'UUID=####'
An error ocurred during the file system check. Dropping you to a shell; the system will reboot when you leave the shell.

The rest of the details in the message will tell you exactly which volume you've got issue with.

Usually, this is an easy enough fix; just force fsck.ext3 to clean your problem volume. I actually like to use it as an opportunity to check all my volumes. Here's what I do:

df     ---  get a list of all your volumes, they will as /dev/sdxx where xx is a hex number
fsck.ext3 -f /dev/sdxx          ---- run this command on each volume on the df list

You'll have the problem volume prompt you about "Do you want to fix this?" "Do you want to fix that?" Just answer yes (after reviewing what you're about to do, of course), and you'll be good to go.

Reboot your host, and you should be up and running.

------
Dustin Shaw
VCP
------
Here's some books that should help out:
Computer File Systems: Computer File, File Archiver, Fsck, 8.3 Filename, Root Directory, Working Directory, Comparison of File Systems
VMware vSphere 4 Administration Instant Reference
Mastering VMware vSphere 4 (Computer/Tech)

Saturday, September 11, 2010

We'll miss you ESX!

For those of you who haven't been paying attention in VMware, with the advent of vSphere (over a year ago), the official recommendation is to no longer use ESX, but now to use ESXi.

Why would I do something silly like that?

I'm glad you asked :-)

ESXi is lighter - not so heavy on the host box
No security console - aka, less security risk and things to patch
Less configuration options - easier to setup a new host

What are the downsides?


Oh, those... Well, if you believe VMware, none! If you listen to third party vendors, then you will hear a long list of agents that they've had to scramble to figure out new methods of doing. Some (like Quest's vRanger Pro) are switching to a VA (Virtual Appliance) format. Others are just pulling from the remote API calls. And others (like HP Systems Insight Manager or Dell OpenManage) are switching their management tools to use SNMP and CIM based calls for managing the hardware.

Why can't I just keep using ESX?

Oh, that's because ESX is going to disappear in "future major releases," so why wait until you are forced into the situation. Try to be a little forward looking; after all, isn't that why you're Virtualized in the first place? :-)

If you want to read more from VMware, you can go here:
http://www.vmware.com/products/vsphere/esxi-and-esx/overview.html
http://www.vmware.com/products/vsphere/esxi-and-esx/faqs.html

------

UPDATE 3/29/11

VMware made it official that as of vSphere 5 (coming out July-August 2011), ESX will no longer be included. ESXi will be the only way to go. Better start migrating!

Read more about it here.

------
Dustin Shaw
VCP

Wednesday, September 8, 2010

vRanger Recommended Settings

I had the pleasure of sitting through one of Quest's (formerly Vizioncore) webinars today, and had a chance to review all of the best practices that they have with vRanger 4.5.

One thing that always stands out is the settings in vSphere 4.x for the Service Console. You should set 1500Mhz CPU reservation and 800Mb memory reservation. This will give you optimal performance on your hosts for the best/quickest backups. Then you also need to make sure you adjust your settings inside vRanger to match what your equipment can handle (how many jobs one host can handle, how much throughput your data store can take), so that you can do what vRanger does best and push data as fast and hard as you can to your backup store. That is, unless you are a 24 hour shop; then you might want to throttle it, depending on how cheap your equipment is :-)

This obviously only applies to ESX. ESXi doesn't allow vRanger to get in and work the same way, so they have some other fancy tricks for ESXi using the vStorage API. You can read about it here:
http://vcommunity.vizioncore.com/dataprotection/vrangerpro/b/backup20/archive/2010/09/02/scalable-and-high-performance-data-protection-on-esxi-backup-replication-and-recovery.aspx

Cool stuff. And it all works awesome. I ran across a comparison chart the other day in Quest's blogs that show that vRanger outperforms competitors by 3-4x on LAN-based backups, and by 1.75x on LAN-free backups. Check it out:
http://vcommunity.vizioncore.com/dataprotection/vrangerpro/b/backup20/archive/2010/07/28/more-performance-data-for-vranger-pro-4-5-unrivaled-backup-speed-in-real-world-tests.aspx

And in the interest of full disclosure, I don't work for Quest. I'm actually an agnostic when it comes to this (as I am with most software; I like what works, don't like what doesn't), and have implemented and managed multiple different VM backup software - including Acronis and Symantec. They all have their good sides and their bads (some more than others) but if I have a client that prefers a particular product due to loyalty, existing service contract, or the classic "I am already familiar with their console," I'm happy to help them go with whatever they want. Ultimately, it's their job, not mine, that's on the line if the product doesn't work as advertised by the manufacturer - and I always list the caveats so that they are aware going in.

------
Dustin Shaw
VCP
------
Here's some books that should help out:
Mastering VMware vSphere 4 (Computer/Tech)
VMware vSphere 4 Administration Instant Reference
VMware vSphere 4 Implementation

Tuesday, September 7, 2010

Disabling IPv6 on Server 2008/2008r2

As an outsource IT professional, there is one thing that I've run into over and over again in SMBs - IPv6 doesn't play well unless FULLY integrated. That means if you try to simply "uncheck" the box for IPv6 to disable it, you've just hosed yourself. Similarly, if you just left it checked because you don't know what your doing, you've just hosed yourself.

There are a number of issues that I've seen because of the idiocracy above:

- Slow XP performance on every task when joined to a domain with a 2008 server with IPv6

- Broken SBS 2008 server when you uncheck the box (things that break are "Applying Computer Settings" for a long time, Exchange won't start, Network Icon shows offline in error)

- Exchange 2010 won't install when IPv6 is unchecked (but not disabled)

- Exchange 2007 and Exchange 2010 won't start when unchecked (but not disabled)

- Other "random" issues that can't be pinned down

So basically you have two solutions:

  1. Implement IPv6 on EVERYTHING - aka get a new switch, router, firewall, etc. that supports IPv6, configure it and everything else with IPv6 (that includes any legacy XP or 2003 boxes in the network), and get it all working. Then you just translate to the IPv4 world for the rest of your internet until everyone jumps on that bandwagon. Oh, and by the way, you'll probably need to replace all your gear before it gets to that point.
  2. Go the cheap route and completely disable IPv6. I say cheap because it's not only cheaper in hardware (you don't have to replace all your infrastructure just because of IPv6 compatibility - granted, it can give you a good bullet point to show the boss if you want to anyway...), but it's cheaper in labor because you don't have to teach all your geeks (umm, I mean IT professionals...) how to read and understand the new subnets.

Since I'm betting that most people like to go the way of "cheap," I'll detail that one for you :-) If you'd rather go balls-to-the-walls, go for it. Just make sure you understand the animal first.

--

On your new, shiney Server 2008 / 2008r2, first you want to Uncheck the box that says "IPv6" (DUHH!)

Once that's done, go to Regedit***. You'll want to navigate here:

HKEY_Local_Machine\System\CurrentControlSet\Services\Tcpip6\Parameters

Create a DWord (32-bit) value named "DisabledComponents" and Click OK. Note: There is no space in the DWord name - and no quotes either ;-)

Double Click you're new "DisabledComponents" DWord and put in the following value to completely disable ALL of IPv6 (except IPv6 loopback interface):
ffffffff --- Hex
or
4294967295 --- Dec

Click OK.

There are also other options to do with this DWord, as detailed perfectly by MS here:
http://support.microsoft.com/kb/929852

Once done, restart your server to make sure that everything takes full effect. I've seen it take effect without restart, but restart is always best practice when playing with the registry.

If you have additional servers running 2008 or 2008r2: rinse, lather, repeat.

Now you should have smooth sailing with just IPv4 on the network. And if it's not smooth, at least you know that IPv6 wasn't your problem :-)


------
Dustin Shaw
VCP

~~~~***~~~~
Danger! Danger!

Don't go playing with the registry unless you actually know what you're doing.
If you don't know what you're doing in the registry, bad bad things ensue.
If you insist on playing in the registry anyway, you should also go update your resume and notify your boss that they will soon need a replacement that can rebuild a server.

Danger! Danger!
~~~~***~~~~


Here's some books that should help out:
IPv6 Essentials
Understanding IPv6, Second Edition

Monday, September 6, 2010

Virtualization Notes

Here's my take on Virtualizing servers:

Prove to me that your server isn't a good fit for virtualizing, and then I'll believe you. There are always the normal exceptions that have an outdated PCI card (phone systems are the prime example here), but for the most part, I fail to see why you wouldn't virtualize EVERYTHING else.

Take the following scenario:
You have a server sitting on Hardware. That hardware tanks (bad MB, bad Proc, etc) as will happen in 100% of servers before they are canned. You now have to wait for parts, rebuild, or worse, start over from scratch.

Had you though ahead and had your server sitting on Virtual Hardware, when that hardware tanked, worse case scenario (aka, your too cheap for a real solution), you load up another piece of hardware with ESX, crank it up, and copy over your VMDK files, and WOOHOO! You're up and running withing a few hours instead of a few days. Best case, you had Fault Tolerance turned on, and no one even knew it happened in the first place.

- Now you're the hero -

Just my viewpoint, but what do I know. It's not like I'm certified or anything... Oh wait, I am :-)

------
Dustin Shaw
VCP
------
Here's a book that should help out:
VCP VMware Certified Professional on vSphere 4 Study Guide: Exam VCP-410