Thursday, September 20, 2012

Can’t create a VMware Standard Switch vSS with vSphere web (next gen) client

I thought perhaps we had removed this functionality in vSphere 5.1, but it is still there, just very buried.  You have to go into the properties of the Host, Actions/All vCenter Actions/ Add Networking.. (see below)

image

Here is the published document on how to do it.

Wednesday, September 19, 2012

Deploying a VMware vCloud Director (vCD) 5.1 virtual appliance with MS SQL backend

This is a guide for deploying vCloud in a LAB environment, these settings are not the most secure or performant, but this should get you up and running with vCloud 5.1 so you can test and learn it. The easiest way is with the appliance, you don’t need to use a MS SQL DB, but occasionally I need to crack open the DB and I am the most comfortable with that technology.

  1. My Assumptions about what you already have:
    1. One ESXi Host with the following VM’s on it.
      1. Windows with MS SQL DB (I’m using MS SQL 2008 R2)
      2. vShield Manager 5.1 with an IP set (also known as vCloud Networking and Security 5.1)
      3. vSphere 5.1 vCenter (can be the appliance)
      4. Available resources to Deploy vCloud Director Appliance
    2. VCP or equivalent level of knowledge
  2. Prepare your Database (same steps as with non-appliance) 
    1. Again, I am assuming you have MS SQL 2008R2 installed, without a local firewall, or ports opened.
    2. This is a great article, follow it, I will paste the highlights from it below, you can copy/paste these commands into SQL Query analyzer!!

    1)    Configure the database server.
    A database server configured with 16GB of memory, 100GB storage, and 4 CPUs should be adequate for most vCloud Director clusters. (this is for production level quality)
    2)    Specify Mixed Mode authentication during SQL Server setup.
    Windows Authentication is not supported when using SQL Server with vCloud Director.
    3)    Create the database instance.
    The following script creates the database and log files, specifying the proper collation sequence.

    USE [master]
    GO
    CREATE DATABASE [vcloud] ON PRIMARY
    (NAME = N'vcloud', FILENAME = N'C:\vcloud.mdf', SIZE = 100MB, FILEGROWTH = 10% )
    LOG ON
    (NAME = N'vcdb_log', FILENAME = N'C:\vcloud.ldf', SIZE = 1MB, FILEGROWTH = 10%)
    COLLATE Latin1_General_CS_AS
    GO

    The values shown for SIZE are suggestions. You might need to use larger values.
    4)    Set the transaction isolation level.
    The following script sets the database isolation level to READ_COMMITTED_SNAPSHOT.

    USE [vcloud]
    GO
    ALTER DATABASE [vcloud] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;
    ALTER DATABASE [vcloud] SET ALLOW_SNAPSHOT_ISOLATION ON;
    ALTER DATABASE [vcloud] SET READ_COMMITTED_SNAPSHOT ON WITH NO_WAIT;
    ALTER DATABASE [vcloud] SET MULTI_USER;
    GO

    For more about transaction isolation, see http://msdn.microsoft.com/en-us/library/ms173763.aspx.

    5)    Create the vCloud Director database user account.
    The following script creates database user name vcloud with password vcloudpass.

    USE [vcloud]
    GO
    CREATE LOGIN [vcloud] WITH PASSWORD = 'vcloudpass', DEFAULT_DATABASE =[vcloud],
       DEFAULT_LANGUAGE =[us_english], CHECK_POLICY=OFF
    GO
    CREATE USER [vcloud] for LOGIN [vcloud]
    GO

    6)    Assign permissions to the vCloud Director database user account.
    The following script assigns the db_owner role to the database user created in Step 5.

    USE [vcloud]
    GO
    sp_addrolemember [db_owner], [vcloud]
    GO

     

  3. Deploy and configure vCloud virtual appliance
    1. Login to vCenter with vSphere client
    2. Click on File/Deploy OVF template, choose vCloud-Director-VA-T2-5.1.0.0-817173_OVF10.ova
    3. After you choose the obvious options, you should get a properties page to fill out like below
    4. image
    5. image
    6. Fill in the options
    7. Scroll Down, Fill in Database Name, vcloud if you used my info above
    8. Fill out Networking Properties (or leave blank for DHCP)
    9. After the standard deploy progress bar, you will see a long delay(5-10 minutes) during VM boot up while it sets up the DB, it’s not hung, just give it time.  It will occasionally ask questions, don’t answer them, just let it go..go get coffee..
    10. Eventually you should see a screen like this indicating that installation is finally complete:
    11. image
    12. Login to https://ipaddress:5480 admin/vmware if you need to configure the VM any further
    13. Login to https://ipaddress/cloud/ to begin configuring vCloud, but that will be my next blog post.(link soon)

Good Links:

vCloud Director 5.1 Release Notes

VMware vCloud Director 5.1 Documentation Center

VMware vCloud Directory Documentation

Tuesday, September 18, 2012

Deploy a VMware vCloud Director (vCD) 5.1 using RHEL 6.2

This is a down and dirty guide for deploying vCloud in a LAB environment, these settings are not the most secure or performant, but this should get you up and running with vCloud 5.1 so you can test and learn it. The easiest way is with the appliance, but if your like me and want to roll your own, this is the guide.
I am using RHEL 6.2 (Red Hat Enterprise Linux 6 64 bit, Update 2)  because it is the latest version supported by vCloud 5.1, and it already includes java 1.6, which is needed for the certificate generation later (assuming your using self-signed, again this is only for LAB use)

  1. I am assuming you already have:
    1. One ESXi Host with the following VM’s on it.
      1. Windows with MS SQL DB (I’m using MS SQL 2008 R2)
      2. vShield manager
      3. Enough Room to create a vCloud VM
      4. Enough Room to create a vCenter VM (required later, not in this article)
    2. A management machine with SSH (putty) and SCP (WinSCP)
    3. VCP or equivalent level of knowledge
  2. Create a vCD VM, It requires 1GB memory, I like to give it 2GB if possible. 
    1. add two nics (one for http, one for consoleproxy)
    2. Thin provision the default 16GB hard drive
  3. Install RHEL 6.2
    1. Choose standard install options
  4. Post Installation
    1. Create a location to drop files
      1. mkdir /install
    2. Make sure SSH is enabled for ease of management (this is on by default)
    3. Install VMware Tools
      1. Use the KB article
      2. If that doesn’t work (it didn’t for me)
        1. To create a mount point, run:
          1. mkdir /mnt/cdrom
        2. To mount the CDROM, run:
          1. mount /dev/cdrom /mnt/cdrom
        3. go into install directory:
          1. cd /install
          2. find out the VMwareTools Filename ls /mnt/cdrom/VMwareTools* (or just use tab to autocomplete in next step)
        4. Unpack the Tools Tar
          1. tar -xzvf /mnt/cdrom/VMwareTools-9.0.0-782409.tar.gz
          2. after it expands, go into the directory it created cd /vmware-tools-distrib
          3. install tools by taking defaults ./vmware-install.pl
          4. unmount CDrom
            1. umount /mnt/cdrom
          5. Reboot
    4. Setup your IP’s (static IP’s are your friend for this install)
      1. Run “setup” and put them in, sometimes after you configure the IP’s the nics won’t auto start, if so Edit /etc/sysconfig/network-scripts/ifcfg-eth0 and make sure it says
        the line: ONBOOT=yes
      2. Turn off local firewall (again in setup)
      3. Install libXdmcp (doesn’t come with standard install, but is necessary for vCD)
        1. libXdmcp-1.0.3-1.el6.x86_64.rpm
        2. once downloaded, WinSCP it to your vCD VM into /install
        3. On that VM,
          1. cd /install
          2. chmod 555 libXdmcp-1.0.3-1.el6.x86_64.rpm
          3. rpm –i libXdmcp-1.0.3-1.el6.x86_64.rpm
          4. It should now be installed
        4. Download vmware-vcloud-director-5.1.0-810718.bin from VMware’s site, WinSCP it to your vCD VM, put it into /install
        5. on your vCD VM chmod 555 vmware-vcloud-director-5.1.0-810718.bin
        6. Check your Java version
          1. java –version
          2. It should respond with 1.6.0_22 or higher, if it doesn’t, I’ll make a blog post on how to upgrade it (comingsoon)
          3. You need version 1.6 if you are making your own self signed certs on the vCD VM
  5. Prepare your Certificates
    1. Good Article here
    2. keytool -keystore /install/certificates.ks -storetype JCEKS -storepass password -validity 9999 -genkey -keyalg RSA -alias http
    3. Magic Decoder Ring:
      1. keytool –keystore is the command your running, if its not there vCD will install the keytool command into /opt/vmware/vcloud-director/jre/bin/keytool after you run the executable (later in section 7)
      2. /install/certificates.ks is where we are putting the certificates file and what we are naming it
      3. -storepass is the password for the store, you’ll need this at install/configure time
      4. validity is 9999 days, if you don’t specify this, your vCloud certs will only be valid 120 days.
      5. alias is either http or consoleproxy, this specifies which IP / Portbind you are tying the Cert to.
  6. Prepare your Database
    1. Again, I am assuming you have MS SQL 2008R2 installed, without a local firewall, or ports opened.
    2. Login to Microsoft SQL Management Studio
    3. This is a great article, follow it, I will paste the highlights from it below, you can copy/paste these commands into SQL Query analyzer!!
    1)    Configure the database server.
    A database server configured with 16GB of memory, 100GB storage, and 4 CPUs should be adequate for most vCloud Director clusters.
    2)    Specify Mixed Mode authentication during SQL Server setup.
    Windows Authentication is not supported when using SQL Server with vCloud Director.
    3)    Create the database instance.
    The following script creates the database and log files, specifying the proper collation sequence.
    USE [master]
    GO
    CREATE DATABASE [vcloud] ON PRIMARY
    (NAME = N'vcloud', FILENAME = N'C:\vcloud.mdf', SIZE = 100MB, FILEGROWTH = 10% )
    LOG ON
    (NAME = N'vcdb_log', FILENAME = N'C:\vcloud.ldf', SIZE = 1MB, FILEGROWTH = 10%)
    COLLATE Latin1_General_CS_AS
    GO
    The values shown for SIZE are suggestions. You might need to use larger values.
    4)    Set the transaction isolation level.
    The following script sets the database isolation level to READ_COMMITTED_SNAPSHOT.
    USE [vcloud]
    GO
    ALTER DATABASE [vcloud] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;
    ALTER DATABASE [vcloud] SET ALLOW_SNAPSHOT_ISOLATION ON;
    ALTER DATABASE [vcloud] SET READ_COMMITTED_SNAPSHOT ON WITH NO_WAIT;
    ALTER DATABASE [vcloud] SET MULTI_USER;
    GO
    For more about transaction isolation, see http://msdn.microsoft.com/en-us/library/ms173763.aspx.
    5)    Create the vCloud Director database user account.
    The following script creates database user name vcloud with password vcloudpass.
    USE [vcloud]
    GO
    CREATE LOGIN [vcloud] WITH PASSWORD = 'vcloudpass', DEFAULT_DATABASE =[vcloud],
       DEFAULT_LANGUAGE =[us_english], CHECK_POLICY=OFF
    GO
    CREATE USER [vcloud] for LOGIN [vcloud]
    GO
    6)    Assign permissions to the vCloud Director database user account.
    The following script assigns the db_owner role to the database user created in Step 5.
    USE [vcloud]
    GO
    sp_addrolemember [db_owner], [vcloud]
    GO
  7. Install vCD software on the vCD VM
    1. Run the executable
      1. ./install/vmware-vcloud-director-5.1.0-810718.bin
      2. It will ask you about which IP you want for http & for consoleproxy, http will be your web front end.
      3. It will ask you about the location of your certificates file(s)
        1. /install/certificates.ks
        2. and the password you specified when creating the certs back in Section 5
      4. It will ask you what your vShield Manager IP & Login info is (default is admin/default)
      5. It will ask your what type of DB your using, choose (2) MS SQL
      6. Fill in the IP address of your MS SQL server
      7. Default port is 1433 unless you changed it
      8. database name is vcloud
      9. database instance should also be default (unless using a shared DB server)
      10. Enter the DB user & password we specified back in section 6.
      11. It should finish the install and ask if you want to start the service, you do.
      12. Service can take a few minutes to start, be patient, then go to http://ipaddressofhttp/ and fill out the starting information.
      13. Default login will be administrator/yourpassword
I believe this is my longest blog post to date, so I will post this as-is, feel free to comment, I will clean it up over time as I continue to do more installs.
This post will become a series with how to configure vCD and a few other helpful setup items.

A few Helpful Links
Installing vCloud Director 5.1 best practices
VMware vCloud Director Installation and Upgrade Guide

vCloud Director 5.1 Release Notes

Tuesday, September 11, 2012

Disable Fibre Channel HBA so I can connect to another Fabric

We are doing a forklift upgrade of our servers, in order to do so, I would like to connect my esx hosts to both fabrics for a while so I can transfer the VM's over that network and not the front end ethernet network.  Because I don't want to make changes to the legacy Fibre, and I don't want to connect the fabrics more than I must, I will disconnect the redundant fibre cable from each ESX host and connect it to the new fibre.  Here are my steps.
First go into vcenter, identify the correct HBA WWN, I just use the last octet, so I want to re-use "86", so that is the HBA I am going to disconnect from the existing Fibre.










Then Go into the Properties of each Datastore and click "Manage Paths", change the path selection policy to "Fixed" (so we can control what path the Host is using to access the current storage), Click "Change", click the status of the current path you wish to keep (not using 86), and click Preferred.  After that, click the paths that 86 is using, and choose Disable.  It should then look something like below, you can see the Adapter listed after the Path is chosen.

























Click Close and repeat for all datastores.  You also can verify/do this work from the Configuration/Storage Adapter page, which will look something like below, Note that we are looking at HBA2 (86), Under "Paths" and you can see status is Disabled.


























After disabling all of the paths under each datastore, you may still have some paths left, those are just the connections to the array, but not actually a connection to a LUN.  You can disable those if you choose, I do because I try to never leave anything to chance.  At this point this HBA is no longer in use and is ready to be re-used to connect to the new Fibre.

In my case, I am using an HP server with HBA's installed into PCIe slots.  My question is, which HBA is mapped to which PCIe Slot (I don't want to disconnect the wrong one since I just removed redundancy).  I am using ESXi 5.x, so I have enabled SSH for troubleshooting.  I tried logging into iLo, however it did not have PCIe slot card information, so I decided to go right twards the horses mouth so to speak and have SSH'd into my server and ran the following command:
esxcli hardware pci list
but that gave me alot of information I couldn't use, so then I tried:
lspci
which gave me:
000:067:00.0 Serial bus controller: QLogic Corp ISP2432-based 4Gb Fibre Channel to PCI Express HBA [vmhba1]
000:070:00.0 Serial bus controller: QLogic Corp ISP2432-based 4Gb Fibre Channel to PCI Express HBA [vmhba2]
This is perfect information, because the HP Quickspecs for the DL385G2 has the following info:
ss4
You can see Expansion Slot #1 is Bus Number 70, which from lspci above is vmhba2, and Expansion Slot #2 is Bus Number 67, which is vmhba1