Posts

Showing posts from 2016

Powershell: Docker PowerCLI Core and Microsoft/Powershell - (docker -it switch)

Image
Assumptions:
Docker running on MacOS.  (Likely runs the same on any other OS, minor differences)

Summary:
While I appreciate William Lam's posts on Docker and PowerCLICore; I'm kind of dumb and need explanations on the simpler aspects of docker.  So for those who would like to know what the options in docker mean (to explore at least) and why it can looks strange even looking at 'help', here is how I understand it.  This can also be applied to Microsoft/Powershell container image as well.

Details:
docker run --rm -it -v /Users/cnakagaki/Downloads/:/tmp/scripts vmware/powerclicore

The above line will pull the powerclicore container from docker hub (if not already 'pulled'), run it in interactive mode (w/ pseudo TTY, needed), and mount my local Downloads directory to /tmp/scripts within the docker container.

The part that mainly threw me off was the syntax combination of '-it' which essentially translates to -i (interactive) and -t (pseudo TTY).

Graphic belo…

GeekTool: Geekweather2 auto-geolocation updated w/ city name

Image
Continued from:http://tech.zsoldier.com/2014/11/geektool-geekweather2-w-auto-geo.html


I briefly looked through the corelocation framework.  Looks like the CLGeocoder Class could return friendly names, but I've been playing w/ Python lately so took that route for now.

Be that as it may, wrote a little python script to take the latitude and longitude results from locateme to have it return city name from Google mapping API's.  I also updated the geekweather2.sh script to accept "Names" that have underscores and/or spaces.  The python script needs work as I'm kind of guessing w/ the return I get from geopy.

I'll look into it more just out of curiosity, but if you have a chance, would love for someone to update my gist to determine city more accurately.

PreReqs:

Install geopy module for pythonpip install geopy
Below is my fork of geekweather2.sh:
https://github.com/Zsoldier/GeekWeather2/blob/master/geekWeather2.sh

Below is what the new shell geeklet would look like …

vSphere/PowerCLI: Convert to Virtual Machine is Greyed Out

Summary:
Assuming permissions are correct, this occurred in my environment, but unsure as to why.  Regardless, this is a script you can use to re-register multiple templates to your vCenter's inventory.

It will simply get a list of templates, their folder location, host, etc, remove it from inventory and re-add it back exactly where it was.  This is in relation to KB2037005

vSphere: Beta Program

Image
VMware is opening applications to participate in their vSphere Beta Program to anyone who has 5.5 and/or 6.0 deployed in their environments.  Even if partially.
There are quite a number of expectations so be prepared to really engage w/ VMware:
Online acceptance of the Master Software Beta Test Agreement will be required prior to visiting the Private Beta CommunityInstall beta software within 3 days of receiving access to the beta productProvide feedback within the first 4 weeks of the beta programSubmit Support Requests for bugs, issues and feature requestsComplete surveys and beta test assignmentsParticipate in the private beta discussion forum and conference callsThe obvious and not so obvious benefits are as follows:
Receive early access to the vSphere Beta productsInteract with the vSphere Beta team consisting of Product Managers, Engineers, Technical Support, and Technical WritersProvide direct input on product functionality, configurability, usability, and performanceProvide feedb…

vSAN: Configure an all-flash vSAN using PowerCLI

Script that I'm putting together to configure new all-flash vSAN clusters.  Still a work in progress, I plan on making it into a function once I've worked out the kinks.  Hosting it on gist.github.com so feel free to make suggestions.


vSAN: Rebuilding an ESXi host that has vSAN claimed disks...

Image
Summary:
While configuring my hosts, I ran into various issues.  One host simply decided to stop talking and the hostd service became unstable.  This meant vCenter could not access the ESXi host to manage it.  One issue I had was that my hosts were missing PTR entries, but even w/ that resolved, I was still stuck w/ one host having issues.

Quick Fix (Assumes no data on vSAN disks, use info at your own risk):
Assuming you have vSAN claimed disks, this is how you can clear them up.
Gather your list of disk on the host using this command:ls /vmfs/devices/disksOnes appended w/ a :1 or 2 are typically your vSAN disks, you can double check using this command:partedUtil getptbl /vmfs/devices/disks/naa.#################Return looks like this: Once you've determined which ones have those partitions, delete them:partedUtil delete /vmfs/devices/disks/naa.################# 1partedUtil delete /vmfs/devices/disks/naa.################# 2Once all have been deleted, restart services:services.sh resta…

Nutanix: Role Mapping Quirk

Image
Summary:
Basically was trying to map a set of AD groups to the Cluster Admin role in Nutanix/Prism.  It appears the role mapping config is very literal.  Meaning, putting in a group like this:

GroupA, GroupB

GroupA will work, but members of GroupB will not have access.  This is because of a 'space' after the comma.  Valid input would be:

GroupA,GroupB


vSphere: VUM (Update Manager) had an unknown error.

Summary:
There is a KB article about this, basically happens when the metadata zip file is missing.  In my case, it happened when I moved vCenter from one OS version to another.  By way of old VM to new VM.

Essentially, I needed to move all my metadata files from my old vCenter that happened to house VUM as well to the new one.

Typically if default install, this location is here:
C:\VMware\VMware Update Manager\Data

The folder in particular is hostupdate and contains the metadata_###### file that the logs refer to.  So if you still have the old server, you can simply copy it back over.

Otherwise, your only recourse is to reinstall and clear the VUM database.

vSphere: Big Data Extensions (Also how to increase heap size in vSphere 6)

Image
Summary: Installing BDE from VMware is pretty easy, but there are some requirements that you need to meet prior to deployment. Forward and Reverse DNS lookup records for you BDE appliance.Make sure your ESXi hosts, and vCenters are NTP synced. Anyway, regarding the above error: Certificate does not have a valid chain and is invalid.
Assuming both preReqs and any others listed in BDE documentation are met, the only way I've been able to work around this problem is by increasing the vSphere Web Client's max heap size from 2GB to 4GB.
This took some work detective work from my TAM, but he found me a way to increase specific services heap size in 6.0.  Here is the line you will need to increase the web client's heap to a size appropriate for your environment that the dynamic sizing may not understand.

This is for the vCenter Appliance, but same applies for Windows server.
cloudvm-ram-size -C 4096 vsphere-client service vsphere-client restart
Here is the doc, where this nugget i…

PSA: DO NOT UPGRADE from 5.0/5.1 straight to 5.5 U3b

Image
Here is the KB: https://kb.vmware.com/kb/2143943
[UPDATE: Patch released that should fix this issue: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2144357]
Basically, you'll end up w/ some 5.0 hosts that will be overloaded w/ VM's, assuming you used UM to do your updates.  In my case, I had 13 hosts on 5.5 w/ 2 hosts overloaded on 5.0.

So here is my workaround to keep VM's up and running w/o rebooting them:

Fresh Install ESXi 5.5 U2 on some hosts that were already upgraded to 5.5 U3bIn my case, most of my 5.5U3b hosts were empty.Once 5.5 U2 is installed, you should be able to successfully migrate from 5.0 to 5.5U2.Follow that up by migrating from 5.5U2 to your remaining 5.5 U3b hosts.
This worked for me and saved my arse.  Hope you don't run into this and I'm sorry for all those previous to me that actually followed that stupid KB.

On the flip side, a PERFECT case as to why you might want to implement stateles…

Nutanix: Deploying the Dell XC series

Image
Adventures in deploying the new Dell XC (Nutanix) series systems.  Initial install of a Nutanix based system.

PreRequisites (per XC630 1U system):
2x 10Gb Ports <-- Trunk Ports1x iDrac Port <-- This is for your out of band management.We get these DHCP enabled by default so we can access them the minute their connected.IPv6 Link-Local Enabled on switch (Recommended/Preferred)Typically enabled by default on modern switchesThis enables the Nutanix Controller VM's discover each other immediately.You'll need to attach a device physically to that switchOr a VM to that switch to start configuration.This will allow you to setup via a snazzy web interface. If IPv6 Link-Local is unavailable on the switches, then the setup involves logging into each CVM to perform manual cluster creation.This can be done by logging into each ESXi hosts' shell to ssh into each CVM's local network connection attached to the vSwitchNutanix Interface. This can be done because Nutanix has vmk interf…

Misc: Starbucks teams with Spotify

Image
A very interesting new feature. The obvious feature of finding out what is playing in your local Starbucks is useful, but the fact that they could use your Spotify data to influence the playlist store's playlist is pretty cool.

NetApp VSC 4.2.2 HTTP Error 500 VSphereAuthenticationFilter only support jetty requests

Image
NetApp KB ID 2026327 only states error 503, but the fix listed in the article will also fix this error 500 problem too.

It seems to only affect vCenters running 5.5 U3b or higher.  Anyway, probably far and few between dealing w/ this, but hopefully this helps someone looking for a solution.  Long story short, the KB details certain conf files that need to be modified.

Perform the following steps to resolve the issue: Open %Programfiles%\Netapp\Virtual Storage Console\smvi\server\etc\wrapper.confLocate the wrapper.java.additional.X lines (should be 4)Add the following line:
wrapper.java.additional.5=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2Open %Programfiles%\Netapp\Virtual Storage Console\wrapper\wrapper.confLocate the wrapper.java.additional.X lines (should be 7)Add the following additional line:
wrapper.java.additional.8=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2Restart both VSC services, or reboot.

vSphere: Security Vulnerability w/ "Shared Folders" Feature

Image
Since this appears to be making the rounds, I figured I'd post a little Powershell code on how to figure out if a guest's VMware tools is affected.  It only appears to affect Window's so this little bit of code can help you determine whether the "Shared Folders" feature is installed.  I posted this to communities too.

$VM = Get-VM NameofVM $Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $vm.extensiondata.summary.guest.hostname) $RegKey= $Reg.OpenSubKey("System\CurrentControlSet\Control\NetworkProvider\Order") $RegKeyValue = $RegKey.GetValue("ProviderOrder") If($RegKeyValue -match "hgfs|hgs"){Write-Host ("$($VM.Name) might be affected by VMSA-2016-0001." + " String Values hgfs, vmhgs, and/or vmhgfs need to be removed and VM rebooted. ESXi Host should be patched prior. RegistryPath: $($RegKey.Name), ProviderOrderKeyStringValue: $($RegKeyValue)") -ForegroundColor:Red} Else(Write-H…