Archive

Archive for February, 2011

Script of the Day – Scripted start of Virtual Center (and supporting servers) when hosted as a VM

February 25th, 2011 No comments

There are many threads on the VM communities, debating whether it is better to run a VC on a physical host, or a VMWare host.

My answer is always that running it as a VM is better, but the arguement always comes back that if I have catastrophic faiilure and don’t know where my VC last lived . . I will be in trouble.

Of course, plan a is to simply set the restart policy on the VM to start with the host, but people tell me they have had mixed results with this approach.

The alternative is a quick PowerCli script that quickly connects to each ESX host in the cluster, checks if it owns the VM, then starts the VM.


$vCenters = "ESXHost1", "ESXhost2", "ESXHost3"
$VCServer = "VCServer"
$userName = "username"
$passwd = Read-Host ("Password for " + $userName) -AsSecureString:$true
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $userName,$passwd

One catch to be aware of though is that if you are using AD for DNS and all AD servers are VMs, you will be unable to resolve the ESX host names for the script to work, so you’ll need to specify IP addresses to the ESX hosts.

You do not however need to specify the DNS server IP for the VM, as the script look s as VM Names and

You could extend the above script then to start a series of VMs with a set wait time between VMs (e.g. start the DC for DNS etc, then start the SQL server, then start the VC, wait 60 seconds between each start)

Disconnect-VIServer * -Confirm:$false
$vCenters = "10.1.1.1", "10.1.1.2", "10.1.1.3"
$vms = "DNSServer", "SQLServer", "VCServerName"
$userName = "root"
$passwd = Read-Host ("Password for " + $userName) -AsSecureString:$true
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $userName,$passwd
# time to wait before starting next VM
$waittime = 60

Foreach ($vm in $vms){
 ForEach ($vCenter in $vCenters) {
 connect-VIServer -Server $vCenter -Credential $cred
 If (get-vm $VCServer -ea 0)
 {
 Start-VM $vm
 Write-Host "VM $VM Starting on $vCenter" -ForegroundColor Green
 Write-Host "Sleeping for $waittime to allow $vm to start up"
 sleep $waittime
 }
 disconnect-VIserver -confirm:$false
 }
}

And if you are feeling really flash, you could get each VM start, then monitor that VM for a particular services on that VM to run, before starting the next VM (if you have relevant access rights etc)

Prime example here is where I need a VM running my AD/DNS to start, before I can start the SQL server. Then, I want te SQL server to start and the service running, before I can start the Virtual Center.

# remove any VI connections that you may create in your PS Profile
Disconnect-VIServer * -Confirm:$false
# List of ESX hosts (by IP here as we are assuming DNS lives on a VM)
$ESXHosts = "10.1.1.1", "10.1.1.2", "10.1.1.3"
# 2 dimensional array, each row reflecting the VM to start and the service that I need to monitor
$vms = ("ADDNSServerName", "DNS"), ("SQLServerName","MSSQLSERVER"),("VCServerName","vpxd")
$userName = "root"
$passwd = Read-Host ("Password for " + $userName) -AsSecureString:$true
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $userName,$passwd

# Connect to all ESX hosts in array $ESXHosts
ForEach ($ESXHost in $ESXHosts) {connect-VIServer -Server $ESXHost -Credential $cred}
Foreach ($vm in $vms){
 Write-Host "Searching for $vm[0]" -ForegroundColor Blue
 ForEach ($ESXHost in $ESXHosts) {
 If (get-vm -Name $vm[0] -server $ESXHost -ea 0)
 {
 Start-VM -VM $vm[0] -Server $ESXHost
 Write-Host "VM $VM Starting on $ESXHost" -ForegroundColor Green
 $i = 0
 $running = "no"
 do {$running = Get-Service -ComputerName $vm[0] -Name $vm[1] -ea 0 | % {$_.status}; sleep 1; $i++; Write-Host "Waiting for $vm[1] service to start on $vm[0]- $i seconds elapsed" -ForegroundColor Yellow}
 while ($running -ne "Running")
 Write-Host "$vm[1] service started on $vm[0]" -ForegroundColor Green
 }
 }
}
Write-Host "VC should now be up and running" -ForegroundColor Red

so all you now need to do is keep a copy of the above script and make sure the few fields in the first few rows remain up to date with your ESX hostnames and the Servers / Services that you require to run your VC.

It is kind of a vApp in a script . .
have a great weekend

Manually assigning Mac Addresses to VMs

February 24th, 2011 No comments

So let’s say we have a VM and it has a VMWare assigned Mac Address – but we want to specify a different MAC for the VM (either a previously assigned automatic VM one, or a 3rd Party one)

You have a few options.

1)    VMware provide this: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=507 – but I have had mixed results and sometimes needed to use MAC addresses that are not VM specific

2)    3rd party tools for changing the MAC in the OS (Windows in this case) http://download.cnet.com/SMAC-MAC-Address-Changer/3000-2085_4-10536535.html

3)    Edit the Mac Address on the NIC itself in TCPIP properties for the NIC (though often software can get around this .

4)    Have a hack around the VMX files:

Read more…

Categories: VMWare Tags:

Script of the day – Powercli one liner to get ESX host versions

February 24th, 2011 No comments

So I was looking at an ESX estate that is managed by someone else and was hoping to do a few ‘Get-EsxCli’ queries.
Of course Get-EsxCli only works properly from 4u2, so I needed to find a host that was patched up to date.

The easy way? PowerCli of course.

get-view -ViewType HostSystem -Property Name,Config.Product | select Name,@{N="Build";E={$_.Config.Product.FullName}} | sort build,name

Script of the day – testing if 2 IP addresses are on the same subnet

February 21st, 2011 No comments

Ever needed to script around IP addressing issues on hosts and needed to determine whether 2 hosts are in fact on the same subnet or not?

Try the following Function


Function Compare-Subnets {
param (
[parameter(Mandatory=$true)]
[Net.IPAddress]
$ip1,

[parameter(Mandatory=$true)]
[Net.IPAddress]
$ip2,

[parameter()]
[alias("SubnetMask")]
[Net.IPAddress]
$mask ="255.255.255.0"
)

if (($ip1.address -band $mask.address) -eq ($ip2.address -band $mask.address)) {$true}
else {$false}

}

The code simply does a binary comparison of the 2 IP addresses.

– much like you used to do when you first did TCPIP subnetting (some of you may remember this)

To use it, the syntax is simply as follows

Compare-Subnets -IP1 $IP1 -IP2 $IP2 -mask $SubnetMask

and the return is simply a boolean True or False. – Simple

e.g.PS:115 >Compare-Subnets -ip1 10.2.208.151 -ip2 10.2.208.251 -mask 255.255.255.240
False

Script of the Day – new(ish) Powercli cmdlets Get-ESXTop – part 1

February 18th, 2011 No comments

Ignore this post – found it written up far better than I could ever manage:

http://www.lucd.info/2010/12/03/hitchhikers-guide-to-get-esxtop-part-1/#more-2790

When I have some time, I’ll write a wrapper for get-ESXTOP and get-esxcli to make these easier to use. In the mean time, head over to LucD.info for a decent guide!

Yes I know, some of you noticed these a while ago, but I have not been paying attention.

Back in December, the PowerCli guys released a new version of the Cli for us : http://communities.vmware.com/community/vmtn/vsphere/automationtools/powercli?view=overview Of course, I installed straight away, but did not go through the release notes.

Anyway, long story short, I noticed 2 particularly useful little cmdlets have appeared:

Get-Esxtop (no more SSH access required) – http://www.vmware.com/support/developer/PowerCLI/PowerCLI41U1/html/Get-EsxTop.html

and Get-ESXCli -http://www.vmware.com/support/developer/PowerCLI/PowerCLI41U1/html/Get-EsxCli.html

Of course, this is very exciting news. As a rule, I try user PowerCli as my first port of call for everything – SSH / Console access is a distant second as far as I am concerned (call me lazy)

Anyway, generally, when I need to view counters for a VM, I go to http://communities.vmware.com/docs/DOC-5240 and use those values as a guide as to what I should be tracking.

We run (we have to connect direct to an ESX host to use these tools – so connect using the normalsyntax first)

 connect-viserver <hostname>

Well first things first, using get-esxtop we may not know what exactly we’d like to query, so to return the set of cuonters available to us,


PS:6 >get-esxtop -Counter
Name                 Fields
----                 ------
Server               {MinFetchIntervalInUsec:U64, IsVMVisor:B, TimeStampInUsec:U64, Time:S64}
COS                  {UserTimeInUsec:U32, NiceTimeInUsec:U32, SysTimeInUsec:U32, IdleTimeInUsec:U3...
PCPU                 {NumOfLCPUs:U32, NumOfCores:U32, NumOfPackages:U32}
LCPU                 {LCPUID:U32, CPUHz:U64, UsedTimeInUsec:U64, HaltTimeInUsec:U64...}
PMem                 {PhysicalMemInKB:U32, COSMemInKB:U32, KernelManagedInKB:U32, NonkernelUsedInK...
NUMANode             {NodeID:U32, TotalInPages:U32, FreeInPages:U32}
Sched                {HostCPUInPct1Min:U32, HostCPUInPct5Min:U32, HostCPUInPct15Min:U32, NumOfSche...
SchedGroup           {GroupID:U32, GroupName:STR, IsValid:B, IsVM:B...}
CPUClient            {CPUClientID:U32, IsValid:B, NumOfVCPUs:U32}
HiddenWorld          {HiddenWorldID:U32, HiddenWorldName:STR}
VCPU                 {VCPUID:U32, WorldName:STR, IsValid:B, Affinity:U64...}
VMem                 {MemClientID:U32, IsValid:B, CurrentSwapInKB:U32, ToBeSwappedInKB:U32...}
VMNUMANodeMem        {NodeID:U32, IsValid:B, GuestMemInKB:U32, OverheadMemInKB:U32}
SCSI                 {NumOfReservations:U64, DurationInUsec:U64, NumOfConflicts:U64, ConfigNumOfOu...
Adapter              {AdapterName:STR, IsValid:B, QueueDepth:U32, NumOfChannels:U32}
Channel              {ChannelID:U32, IsValid:B, NumOfTargets:U32}
Target               {TargetID:U32, IsValid:B, NumOfLuns:U32}
Lun                  {LunID:U32, IsValid:B}
Path                 {PathName:STR, DeviceName:STR, IsValid:B, NumOfCommands:U64...}
WorldPerDev          {WorldID:U32, IsValid:B, NumOfActiveCmds:U32, NumOfQueuedCmds:U32...}
Partition            {PartitionID:U32, IsValid:B, NumOfCommands:U64, NumOfBlocksRead:U64...}
SCSIDevice           {DeviceName:STR, IsValid:B, QueueDepth:U32, BlockSizeInBytes:U32...}
Nfs                  {NumOfNfsClients:U32}
NfsClient            {MountName:STR, NumOfReads:U64, ReadByte:U64, ReadTimeInUsec:U64...}
Net                  {NumOfPortsets:U32, NumOfPNICs:U32}
NetPortset           {PortsetName:STR, IsValid:B, NumOfPorts:U32}
NetPort              {PortID:U32, IsValid:B, IsUplink:B, ClientName:STR...}
PNIC                 {PNICName:STR, UplinkPort:U32, IsValid:B, IsLinkUp:B...}
Interrupt            {NumOfInterruptVectors:U32}
InterruptVector      {VectorID:S64, Devices:STR, NumOfCPUs:U32}
InterruptPerCPU      {CPUID:U32, Count:U64, SysTimeInUsec:S64}
Power                {NumOfLCPUs:U32}
CStateInfo           {StateID:S32}
PStateInfo           {StateID:S32}
TStateInfo           {StateID:S32}
LCPUPower            {LCPUID:U32, NumOfCStates:U32, NumOfPStates:U32, NumOfTStates:U32}
CState               {StateID:S32, ResidentTimeInUsec:S64}
PState               {StateID:S32, ResidentTimeInUsec:S64}
TState               {StateID:S32, ResidentTimeInUsec:S64}

hmm, seems to provide a long list (more than 200 once you go into each of the branches) – but most importantly, they are nicely distributed by what they monitor.

to get a slightly easier to read output of this, we can run

$out = @()
foreach($counter in (Get-EsxTop -Counter)){
 foreach($field in $counter.Fields){
 $row = "" | Select Counter,Field,Type
 $row.Counter = $counter.Name
 $row.Field = $field.Name
 $row.Type = $field.Type
 $out += $row
 }
}
$out | Export-Csv "C:\counters.csv" -NoTypeInformation -UseCulture

OK, so now we have a list of counters – and looking at ESXTOp these seem to align directly with the normal column headers. We know what we have, we have a list of counters in the doc above from VMware, to help us know what to view . . so how do we view these counters?

Well pretty simple really – let’s say we want to read all VCPU related counters, it is as simple as

Get-EsxTop -CounterName  VCPU | select * | ft -AutoSize

Right, this is about where I started scratching my head – no number of select statements or cleverness seems toreturn info for just the one VM, so what do we do?

well….with a little help from our other new cmdlet we’ll soon be churning out pretty live stats. …. Watch this space….I’ll post the rest of the solution early next week.

Categories: Powershell, VMWare Tags: ,

Using Vyatta as firewall in ESX/ESXi for Private network simulation, routing, firewalls, DHCP and identifying port requirements

February 18th, 2011 No comments

VMware is an amazing tool for emulating physical Firewalls, Routers, DHCP servers. It is especially useful for helping identify port requirements of various applications and tools.
Quite often, as a consultant, people ask you to implement some new product and expect you to provide all port requirements for the product, so that relevant firewall rules etc can be created – but they won’t allow you to drop anything like Wireshark on their live network.

My normal solution is to create my own ‘Private’ network on an ESX host (which could be your mobile lab)
This allows me to isolate traffic behind an ‘appliance’ firewall / router and if I like, drop a VM on that private network, to do port capture etc.

Of course, this is also a great tool for simulating routing / firewalls in your home lab, providing DHCP and so on.

In the following example, I’ll use Vyatta to build a Private network and then do some port monitoring.
Read more…

Categories: Toolbox, VMWare Tags: ,

SCCM OSD Port requirements for private networks

February 18th, 2011 No comments

We’ve been considering building servers using SCCM in remote offices (Brussels, New York etc)
For now, it will be a limited number of servers, so we do not want to duplicate the SCCM infrastructure, but this will mean that we need to open some ports for this to run. Read more…

Categories: SCCM / SMS Tags:

vFiler Non disruptive array migrations

February 17th, 2011 No comments

Fletch over at vadmin.info has posted a great article on Non dispruptive Array migrations, using NetApp 3040s.

Using vFilers, they managed to migrate 15 Dayatsore, totalling about 25TB in a week – without any disruption.

Have a look at : http://www.vmadmin.info/2011/02/vfiler-non-disruptive-migration.html for a walk through the process.

Categories: VMWare Tags:

Script of the Day – quick and easy VMware Powershell scripts

February 16th, 2011 No comments

Today’s script of the day is more a collection of scripts (or rather an easy way of generating a bunch of scripts)

Over at the VMware labs (http://labs.vmware.com/) they have released an awesome tool (in Alpha at the moment) that interecepts instructions sent to your Virtual Center and in the background generates PowerCli (or javascript or C# or Soap) code for you. Read more…

Sizing your ESX LUNs

February 15th, 2011 No comments

I regularly get asked how LUNs should be sized for VMware..

Firstly, this is one of those ‘how long is a piece of string’ type questions.

It of course depends on the number of VMDKs you’ll be running, the storage available, the type of storage, the i/o of the storage, type of VMs etc etc etc,

Things to consider for example are, do you have storage that does de-duplication and is cost of storage a major factor (and so on)
Of course . . pretty much always, a cost savings equals a performance hit.

Anyway, as a very loose rule of thumb, I (in most cases) find that I size LUNs somewhere between 400GB and 750GB and seldom (if ever) have more than 30 vmdks per LUN.

Pretty much always, I redirect the request to the following resources:

first of all, the configuration Maximums:
http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf

http://www.gabesvirtualworld.com/?p=68
http://searchvmware.techtarget.com/tip/0,289483,sid179_gci1350469,00.html
http://communities.vmware.com/thread/104211
http://communities.vmware.com/thread/238199
http://www.yellow-bricks.com/2009/06/23/vmfslun-size/

and of course the composite created by Andrethegiant on the VMware communities

http://communities.vmware.com/docs/DOC-10990

Categories: VMWare Tags: