Posts

vSAN: The cascade scenario that vSAN stretch cluster has issues with...

Image
Summary: Basically while testing stretch cluster, we ran into strange failover behavior.  The fact that it was not simply occuring.  During this testing, we found a dirty little secret about stretch cluster failovers.  One that makes me rethink if stretch clusters really is worth doing. Documented Failure Scenarios Details: All documented scenarios effectively deal w/ a 'single' type of failure.  The problem is disasters/failures can be multi-faceted and cascading in some instances.  Taking the Secondary Site Failure or Partitioned scenario and adding the 'cascading failure' to it and you end up in a whole world of trouble depending on the next 'failure'. Below effectively depicts the failure of the interconnect between the two sites.  The problem this fails to take into account is that there are typically 3 things involved to this.   The networking between the two sites The preferred site routers The secondary site routers So here is a slightly more involved d

NSX-T: Deleting route advertisement filters via API

Image
  Summary: When creating a DHCP server in NSX-T, a route advertisement filter is automatically created for you.  This is so that the DHCP server is prevented from advertising DHCP addresses outside of your fabric.  This is fine for the most part, but there are occasions where the DHCP subnet you allocated may overlap a DNS forwarder IP that you may have setup before. Honestly, this feels like a logic bug to where it shouldn't allow this, but oh well.   Detailed Steps Anyway, all you have to do is delete the DHCP server in question, but in some cases, the route filter may not be deleted along with it. In that case, you can delete the route filter itself via the Manager UI: Select Manager > Networking > Tier-1 Logical Routers > T1 in question > Routing > Route Advertisement > Select DHCPServerRouteFilter > Delete. In the case where the delete option is greyed out, you can use the below curl code to clear it out.  This is the last ditch effort, so only do it if yo

NSX-T: Create CSR's with SAN entries, self sign, and apply them

Image
Summary: This utilizes an experimental API endpoint in NSX-T, but I've found it to work without issues.  Be warned though, the endpoint may not function the same in newer releases.  This has worked in 3.1.2. Details: The variables at the beginning of this shell script must be defined for your environment. Your DNS names should resolve to your appliances. This does work w/ 3.1.2, but may not in future revisions. Example Code:

MacOS: Remove password requirement policies originally applied by MDM's

Image
Summary: Occasionally, a system no longer managed by an MDM will leave garbage behind.  One of those 'things' is password policies.  You can use a tool in terminal to get rid of the password policy.   Solution: sudo pwpolicy -clearaccountpolicies Note: * If you use above on a still managed system, the above solution will only be temporary.  I recommend following your MDM providers policies as they are in place to protect you and your company.  Regardless of how annoying they might be be. Reference: If you want to keep just some things related to the policy, you create your own using the referenced script below:

Powershell: Unable to install modules due to missing nuget package provider, cannot install nuget

Summary: Had this issue in Windows 2016 on a system that I know has internet.  Basically came down to enabling tls12 in order to enable powershell to download and install nuget package provider and modules from powershell gallery. Example Errors: WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409 WARNING: Unable to download the list of available providers. Check your internet connection. PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider 'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags. At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7405 char:21 + ...     $null = PackageManagement\Install-PackageProvider -Name $script:N ... +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + CategoryInfo          : Inva

Misc: Installed some new tail lights from Hansshow on my Tesla Model 3

Image
Summary: As a little treat for myself, I bought some real cool aftermarket tail lights from Hansshow as you can see from the video above.  Use coupon code "SARHANSSHOW" for 15% off.  I don't get a cut of any kind, but I like sharing.  Anyway, here is a wiring diagram I drew up to show how everything logically needs to be wired.   If you want to support me and posts like this, you can order Tesla products via my referral link .  Honestly, their referral program these days is kinda lame in my opinion, but hey, you get something and I get something out of it. Notes: For euro spec may be slightly different and 2021 models would use a 4-pin Adapter instead of a 3-pin adapter which is US specific and applies for 2020 models and older.  Basically, if you have a red turn signal, chances are that you have a 3-pin setup. The only downside to these lights in older models is that the turn signal indicators light up in addition to a separate red brake light on these (Amber and Red). 

NSX-T: Finding Tagless NSX-T VMs with Powershell Core

Image
Summary: Someone asked how you can find NSX-T 'tagless' VM's .  Seemed pretty straight forward and something I could answer w/o the shadow of LucD bot picking and answering while I'm still noodling on it. Anyway here is how it can be done and via Powershell Core (does not work as written in Powershell classic).  No PowerCLI module needed: