Category: Computers & Technology

ESX 6.0 – The operation is not allowed in the current connection state of the host.

UPDATE:

The things in the posting did NOT work. According to IBM’s website, the fix is by removing a package:

esxcli software vib remove -n intel-cdmv2-provider

I got this message when trying to power on a vm, trying to deploy a template, and something else.

So I read this
https://communities.vmware.com/thread/331857?start=0&tstart=0
and then I go to the host and try restarting hostd (/etc/init.d/hostd restart) and it will no longer restart.

Looking into /var/log/hostd.log, it appears that /tmp is full:

2016-02-09T06:01:01.648Z info hostd[79EC2B70] [Originator@6876 sub=Vimsvc.ha-eventmgr] Event 620 : The ramdisk ‘tmp’ is full.
As a result, the file /tmp/auto-backup.6942719/local.tgz could not be written.

So I look into the /tmp directory and find a file that’s 256MB – cimple_log_err_messages

cat cimple_log_err_messages
2016/02/09 23:28:57:LOG FILE ERROR: log.cpp(610) : No CIMPLE_HOME env var defined. Looking for CIMPLE_HOME
2016/02/09 23:28:57:LOG FILE ERROR: log.cpp(610) : No CIMPLE_HOME env var defined. Looking for CIMPLE_HOME

The first thing I do is to clear up the file – just run:
> cimple_log_err_messages

Then I’m able to start hostd, but how do I stop the file from filling up again?

I find this kb: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2094441

Not that it helps! It’s for 5.x. I go to the IBM url and it just leaves me more confused.

I look into disabling CIM. I find instructions here: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1025757

ummm it’s for 5.x again. 🙁
Run the instructions and the sfcb watchdog just restarts by itself!

Finally, I poke around in the vSphere client and notice in the profile that there is some CIM stuff there. For the heck of it, I try disallowing communication with IBMIMM.

Screen Shot 2016-02-10 at 11.45.09 AM

I believe the log messages continued after disabling it, so I continued to disable CIM as well. After disabling CIM, the log messages stopped.

Screen Shot 2016-02-29 at 12.14.11 PM

 

Linux self-service firewall with Apache, Perl, IPtables, and UFW

I was recently in a situation where I was offering DNS service to some people. There just happened to be some records that were different from their ISPs DNS servers so I set up the server on my public IP address. I did not want to offer DNS to the world because last time I tried that, I got queries from all kinds of places for all kinds of records. I was initially opening up IP tables when people asked for the service and give me their IP address. After getting about 10 texts, I quickly got tired of collecting the IP addresses, so I made a webpage and with the perl script to write them to a list. With that, I would have a cron jobs go through the list and use UFW to update the IPTables to allow them access.

Here are the files inside of the directory where I’m creating the list.
dnsauth.tar

There’s a simple index.html file in the directory. It’s basically a form that asks for:
Name – who the person is. duh!
IP address – I want them to enter the IP address they want to authorize just in case they’re submitting someone else’s IP address.
Password – I don’t want just anyone to come in and get access to my DNS server.

The addip.cgi basically just writes all of those inputs and the IP address they’re coming in from into /tmp/iplist.txt in CSV format. I record the IP address they’re coming in from $ENV{‘REMOTE_ADDR’} just in case I get abuse or something.

The root user then has a cron job that runs through the iplist.txt file every 10 minutes. Here’s my file:

#!/bin/sh
if [ -f /tmp/iplist.txt ]; then
DATE=$(date +%Y%m%d)
cp /tmp/iplist.txt /home/alton/dnsservice/iplist.txt.$DATE
for i in `grep rice /tmp/iplist.txt | cut -f1 -d','`; do /usr/sbin/ufw insert 1 allow proto udp from $i to any port 53; done
grep rice /tmp/iplist.txt >> /home/alton/dnsservice/authorized_dns_ips.txt
grep -v rice /tmp/iplist.txt >> /home/alton/dnsservice/cheaters.txt
rm -rf /tmp/iplist.txt
sync
fi

Obviously, rice was my password. I just looped through the file and authorized anyone that used the right password. I also logged anyone that used the wrong password in /home/alton/dnsservice/cheaters.txt.

Hope this was useful! I welcome any comments. Obviously, this was quick and dirty. I’m sure there is a more secure way of doing this, but this is what came easy to me. Would love to hear your thoughts!

Getting VMware PowerCLI 6 to work on Windows 10

UPDATE: PowerCLI 6.3R1 has been released and fully supports  Windows 10, so there’s no need to do the hack anymore!

 

PowerCLI 6 is not supported on Windows 10 yet, but I just thought I would give it a try anyway. Upon installation of PowerCLI 6 on Windows 10, I was greeted with this unwelcome screen:

powercli6

Luckily and very quickly, I found this link: https://communities.vmware.com/thread/504866?start=0&tstart=0

Just an environment variable. Need to add PSModulePath with “C:\Program Files (x86)\VMware\Infrastructure\vSphere PowerCLI\Modules” as the value and reboot.

Screen Shot 2016-02-18 at 12.31.24 PM

Lenovo T400 blank screen issue on Windows 10

Someone who owns a very well SEO company came to me with a freshly installed Windows 10 OS on a Lenovo T400 and showed me that he would get a black screen at start up. He would suspend the machine (close the lid), and it would come back to normal. He would reboot, and the same problem would reproduce again.

This didn’t happen when he first installed the OS. Only happened after the OS was installed and Windows update was run. I was suspicious that it might be a driver issue, but Lenovo’s website didn’t show much.

Then looked into the device manager and saw this:

2016-02-01

What’s interesting here is that the laptop actually has 2 video cards. I think it’s for power savings. I took a gamble and disabled the Intel video card. The problem went away!

Update: Booted into the BIOS and under video settings, found that the Lenovo could install a Switchable graphics driver along with their power management software so that it could save power. So, my hunch was correct. So, no need to disable the Intel card. Just boot into the BIOS and set it to discrete or the other one, whatever it is. I just set mine to discrete.

How to find and online all of your SteelFusion Core LUNs on a NetApp filer

Recently, I offlined a bunch of LUNs that had belonged to a SteelFusion Core in the lab that I had forgotten about. Needless to say, I had some unhappy users. The good news though is that I was able to get the LUNs back up and connected to the Core within minutes. This is how I did it.

The first thing I needed to do was find out which LUNs the Core was using. I did this by logging into the Core via SSH and running the following commands:

enable
conf t
terminal length 0
show storage luns iscsi

I output this to a file /tmp/core30luns.txt. An entry looks like this:

Total LUNs: 9
Locally Assigned Serial: P3PdB/-GFigd
Configuration status : Ready
Alias : avamar_restore
LUN Size : 150.00 GB
LUN Type : iscsi
Online : yes
IOPs acceleration : Enabled
Failover Enabled : yes
Prefetch : Enabled
Edge mapping : pod3-3100b
Target mapping : iqn.2003-10.com.riverbed:oh1mt0017065c.000
Origin portal : 10.33.192.174, 10.33.192.175
Origin target : iqn.1992-08.com.netapp:sn.135037602
Backend session status : Connected
Use iSCSI Reservation : Yes
LUN Edge data session : Connected
Client type : other
Original LUN vendor : NetApp
Original LUN serial : P3PdB/-GFigd
Pinned : no
Prepop : Disabled
Smart prepop : Enabled
Prepop status : N/A
MPIO policy : roundrobin
iSCSI Reservation status : LUN reserved

Prepop schedules:
Mapped igroups:
all

Mapped initiators:

The next thing was to find out what LUNs are on the NetApp to do some matching. You can do that by running this command:

lun show -v

I output this to a file /tmp/netapp_luns.txt. An entry looks like this:

/vol/NewYork_rvbd_d_e7cc5c29_f400_4c52_b1d4_f87da1b62652_1451278801/lun_RDM 10g (10737418240) (r/w, offline)
Serial#: P3PdB/9ytT31
Share: none
Space Reservation: disabled
Multiprotocol Type: vmware

Now with the 2 files, I could do some matching. I first want to extract the serial numbers from the LUNs. I do this by running:

grep serial /tmp/core30luns.txt | cut -f2 -d: > /tmp/core30lunlist.txt

From that, I would just get a list of serial numbers like this:

P3PdB/-GFigd

Next, I will loop through my list of LUNs to find the volumes I will need to put back online. I do this by running:

for i in `cat /tmp/core30lunlist.txt`; do grep -2 $i /tmp/netapp_luns.txt >> /tmp/netappvolumes.txt; done

This would give me a list like this:

/vol/NewYork_rvbd_d_8f3a7b69_05f7_4be8_b3a6_14a689c2b3b0_1452834001/lunC11 60.0g (64445480960) (r/w, offline)
Comment: “Cdrive”
Serial#: P3PdB/-KWreM
Share: none
Space Reservation: disabled

With that list, I can cut the volumes out with the following command:

grep -v : /tmp/netappvolumes.txt | cut -f1 -d' ' > /tmp/volumes.txt

This would give me a list like this:

/vol/NewYork_rvbd_d_8f3a7b69_05f7_4be8_b3a6_14a689c2b3b0_1452834001/lunC11

Now that I have a list of volume names from the NetApp, I can just put them all online with a loop:

for i in `cat /tmp/volumes.txt`; do echo "lun online" $i >> /tmp/online_vols.txt ; done

You can just take the /tmp/online_vols.txt file now and just paste it into your NetApp SSH session and you’ll have all of your LUNs online again.

 

How to expand a LUN with SteelFusion

 Why would you want to do this?

No matter how well you plan, resources are almost never in abundance. There could be a few reasons why you want to expand a LUN. Perhaps you want to add more vmdks to the same VMFS volume. Another reason could be that you might want to increase the size of the partition of the guest VM. In either case, you might want some of the workarounds listed at the end of the article before continuing. If you’re convinced that expanding the LUN is what you’re going to do, here is how to do it.

Check feasibility. First check at the maximum size and expandability of the partitions involved.

  • Check the guest OS partition. If NTFS, the maximum partition size for NTFS is 256TiB according to http://en.wikipedia.org/wiki/NTFS. You probably don’t need to go beyond that.
  • Check the partition size of VMFS. Consult VMware documentation http://www.vmware.com/support/pubs/ to ensure that you do not exceed maximum size for your partition. For example, if your partition is VMFS-3 and formatted with a 1MB block size, your maximum is 2TB-512bytes. If you’re already at the maximum, see workarounds further in this document.

These are the steps in a nutshell:

  • Resize/expand the LUN on the backend array.
  • If the SteelFusion Core is a virtual machine and LUN is connected via fiber, run a Rescan/Refresh on the HBA on the ESXi server where the Core is hosted.
  • On SteelFusion Core, perform a LUN rescan
  • Following VMware documentation, resize the VMFS volume http://kb.vmware.com/kb/1752
  • Resize or map the device in Windows

Resizing the LUN on the backend array.

Consult your array’s documentation for resizing the LUN. Here’s an illustration on how it’s done with a Netapp array.

1) Locate the LUN you want to expand, right click and select Edit.

01locate_lun

2) In the Edit LUN window, assign the new LUN size, and click save and close.

02editlun

Seeing the new size on the SteelFusion Core

The SteelFusion Core may automatically detect the change in LUN size depending on how busy the LUN is. If there are read/write operations from the backup with a “LUN configuration changed” status, the Core will be forced to rescan and retry and it will automatically change. There’s also a periodic rescan every 5 minutes that would cover change it. If you need the change immediately, you can do a manual rescan and force the change. The size will highlight in orange when it changes.

03addlun

Once the Core sees the change, the new size will be propagated to the Edge. If the LUN was pinned, the Edge will approve or deny the size increase based on Blockstore capacity.

Extending the VMFS volume size

Reference this http://kb.vmware.com/kb/1752 VMware KB article for extending your VMFS volume. Here’s how it’s done with the vSphere Web Client if you’re using vCenter:

 

Find the Datastore, right click and select Increase Datastore Capacity.

04increasedscap

Select Use Free space to expand the Datastore.

05usefree

If you’re using the deprecated Windows client, you can effectively do the same in the Datastore view here:

07increase

Select the Datastore you are expanding, go to the Configuration tab and select the Properties of the Datastore. In the Properties box, Select Increase.

08epxand

Follow the wizard and it will expand the volume.

Expanding the size of the virtual disk on the VMFS volume

If the UI doesn’t allow you perform the following steps, refer to this VMware KB:

http://kb.vmware.com/kb/1004047

Find the VM settings and change the size of the VMDK.

09find

In the Windows client, it’s in the same area.

10find

Expanding the partition in Windows

Lastly, go into the Windows guest and expand the volume size.

First, go to the Disk Management in the Computer Management application, right click and select Rescan Disks.

11rescan

Upon rescanning, you should see the newly added space as unallocated.

12unallocated

Right click on the primary partition of the disk and select Extend Volume.

13extend

At completion, you now should have your expanded disk.

Consideration

Consider inflating the VMDK file after doing the extension during non-peak hours. Because the added capacity that you just added to the VMDK file is sparse, you may want to fill it up with zeroes. The reasoning behind this is so that you are not struck with first write or double-write penalty (in all copy-on-write disks) when your guest writes to the disk. You can read a little about the penalty here: https://blogs.vmware.com/vsphere/2014/05/thick-vs-thin-disks-flash-arrays.html

http://blogs.vmware.com/vsphere/2012/03/thin-provisioning-whats-the-scoop.html

You can do this in the Datastore browser. Just find the VMDK file of your VM, right click and select Inflate.

14inflate

Functionality also is available in the Windows client.

15inflate

Workarounds

Here are some workarounds to consider LUN expansion is not feasible:

  • Consider moving swap files to another VMFS volume, preferably on a Local LUN. You can do this in the Options tab of a VM’s settings. This will require your VM to be shutdown, but the benefit of having this on a Local LUN is that it does not need to be replicated.
  • Consider moving guest page file, swap files, and print spools to another drive. Like workaround #1, these things do not need to be replicated, so moving them to a Local LUN can help with your WAN traffic.

Not-recommended workaround

A workaround that may sound logical, but is not recommended is to Storage vMotion the disk to another LUN. This should be your last resort. This may be something that vSphere administrators do commonly, but because the Blockstore on the Edge is a cache and not ordinary storage, this will result in a lot of WAN traffic and can be potentially dangerous.

Converting a VMware Fusion VM to ESXi

One of the easiest ways to get a VMware Fusion VM up to ESXi is to use the Upload to server option
Screen Shot 2015-12-14 at 12.17.08 PM

If your VM was installed in more seamless mode though, after getting your VM up and running in ESXi, your local folders will be missing.
Screen Shot 2015-12-14 at 12.21.19 PM

I love running my desktop in more seamless mode in Fusion, but obviously, this won’t work in ESXi. To fix this, go into the VM and make the following changes.

Navigate to these two locations:

– HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
– HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Make sure that you see these values (among others).  Update these entries, if they have a different data value.


  1. Navigate to these two locations:

    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

  2. Make sure that you see these values (among others). Update these entries, if they have a different data value:

    Windows XP / Server 2003 

    Name Data value
    Desktop %USERPROFILE%\Desktop
    My Music %USERPROFILE%\My Documents\My Music
    My Pictures %USERPROFILE%\My Documents\My Pictures
    Personal %USERPROFILE%\My Documents



    Windows Vista / 7 / Server 2008 / 8 / 10

    Name Data value
    Desktop %USERPROFILE%\Desktop
    My Music %USERPROFILE%\Music
    My Pictures %USERPROFILE%\Pictures
    Personal %USERPROFILE%\Documents

Microsoft PowerShell takes forever to open!

If you’re in a situation where it appears to take forever to open a PowerShell prompt, Internet access might be the problem.

The easiest resolution at this point appears to allow Internet access to the machine. If that is not possible, you can disable the check for the publisher’s certificate revocation. You can do this from Internet Explorer (or Control Panel, Internet Options) by clicking on Tools, Internet Options. Under the Security section of the Advanced tab, uncheck “Check for publisher’s certificate revocation”.

internetoptions

NOTE: These type of security features are in place for a reason. Take caution when considering disabling these.

How to install ESXi on an Intel NUC (video)

Running a home lab with ESXi doesn’t require a big heavy server that consumes a lot of power. I wanted to build a lab machine that could be portable so I could take it along with me if I’m traveling. Fortunately, this machine also is tiny and consumes with very little power.

Here are the details for the NUC:
The Intel NUC is an awesome little PC with a tiny form factor and small power footprint. You can use this for a great media player, desktop, or even a server! I will be using it as an ESXi server.

Here’s the list of components that I bought to build it:
D54250WYKH (Core i5 with 2.5″ slot) – $ 350
Crucial 16GB Kit (2x 8GB) DDR3 1600 Mhz – $ 160
Samsung 250GB mSATA SSD – $ 150 – Fast storage for quick deployment, swap space, temp files, etc.
Seagate 1TB Hybrid SSD – $ 100 – Slower storage to store other VMs that will have a lot of data at rest. Since it’s a Hybrid disk, chances are, the active data will be on the SSD portion of the disk.

So, I did a little bit of research when trying to figure out whether or not ESXi ran on the NUC. I read through a number of blog posts and the one that helped me was this one:

ESXi 5.x Installation on Intel NUC fails with “No Network Adapters”


Here’s a shameless copy/paste of the resources required:
– ESXi 5.x U1 ISO image (from VMware downloads)
– ESXi-Customizer (ESXi-Customizer-v2.7.1.exe)
– Intel Driver (net-e1001e-1.0.0.x86_64.vib) (3rd Gen NUC)
– Intel Driver (net-e1000e-2.3.2.x86_64.vib) (4th Gen NUC)
– SATA Controller (sata-xahci-1.10-1.x86_64.vib) (4th Gen NUC) from v-front.de

Enjoy the video and please post comments!