Page
Adapting Business Processes for Virtual Infrastrcuture (and vice-versa)
Archive for Apr 2009
04-30-2009 / 07:55
VMware Converter Standalone
VMware converter is used for migrating Physical servers to Virtual Machines, Virtual Machines to Virtual Machines.
Directions for conducting a V2V or P2V for Windows Servers
1. Update or Open a tracking ticket to track progress
2. Ensure system is documented and monitored on portal
3. Notify stakeholders via DL – setup DL if needed
4. Login to the Machine to be converted
5. Run defrag and diskcheck if possible
6. Run Microsoft Update
7. Do a reboot test to ensure machine stability
8. Download VMware Converter Standalone version 4 – VMware-converter-4.0.0-146302.exe
9. Download Sysprep tools – unzip but do not run
10. Download NewSID – unzip but do not run
11. Download and run BGinfo – apply
12. Download and run treesize free and clean up unneeded files
13. Install VMware Converter
14. Copy Sysprep files to correct location – c:\documents and settings\all users
15. Launch VMware Converter
16. Import Machine
17. Select the device type; Physical Computer, Virtual Computer from ESX or VMware Workstation.
18. Enter in the remote IP address of the target:
19. Do not select Automatically uninstall the files when the import is successful
20. Select all the drives you wish to migrate to the new Virtual Machine
21. Select ESX or Virtual Center
22. Enter the Virtual Center and user credentials
23. Select the Virtual Machine name
24. Select the ESX host
25. Select the appropriate DataStore
26. Select the appropriate network
27. Check the box install vmware tools
28. If you desire to customize the settings, check the box.
29. Select Finish
30. When completed test new machine and configure.
31. Run newsid if new host names is needed… Keep in mind you cannot have two machines with same name or IP on same network.
32. Run BGinfo and apply again.
33. Verify reboot test and monitoring is functioning.
34. Verify system time.
35. Adjust services as needed.
36. Remove old hardware’s software.
37. Notify stakeholders when old machine is off and new machine is on.
See also: http://communities.vmware.com/thread/129871
04-29-2009 / 16:08
http://technet.microsoft.com/en-us/library/cc784390.aspx
I ran into this issue when using SysPrep and Virtual Center tempaltes. The username for the Service Account was longer that 20 character and no matter how hard I tried vCenter would not add the newly created machine to the domain. When I tried with just the first 20 characters of the user name account it worked like a charm!
The maximum length of a domain name is 15 characters, and the maximum length of a user name is 20 characters. Adding a character for the backslash (“\”), the field should allow a total of 36 characters.
Active Directory Object Names
http://technet.microsoft.com/en-us/library/cc776019.aspx
NET USER command
http://support.microsoft.com/kb/251394
http://www.ecst.csuchico.edu/~sim/546/notes/w2003NOTE4.htm
/ 15:17
This issue is coming up more as we convert Physical machines to Virtual. It can also happen when you want to change from the old “Flexible” to the newer “Enhanced vmxnet” network adapters.
Flexible shows up in Windows Device Manager as an “VMware Accelerated AMD PCNet Adapter” and Enhanced vmxnet show up as “VMware PCI Ethernet Adapter”. You may also see “Broadcom NetXtreme 57xx Gigabit Controller” from a Dell or other desktop.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1001805
Flexible — The Flexible network adapter identifies itself as a Vlance adapter when a virtual machine boots, but initializes itself and functions as either a Vlance or a vmxnet adapter, depending which driver initializes it. VMware Tools versions recent enough to know about the Flexible network adapter include the vmxnet driver but identify it as an updated Vlance driver, so the guest operating system uses that driver. When using the Flexible network adapter, you can have vmxnet performance when sufficiently recent VMware tools are installed. When an older version of VMware Tools is installed, the Flexible adapter uses the Vlance adapter (with Vlance performance) rather than giving no network capability at all when it can’t find the vmxnet adapter.
Enhanced vmxnet — The enhanced vmxnet adapter is based on the vmxnet adapter but provides some high-performance features commonly used on modern networks, such as jumbo frames. This virtual network adapter is the current state-of-the-art device in virtual network adapter performance, but it is available only for some guest operating systems on ESX Server 3.5. This network adapter will become available for additional guest operating systems in the future.
Networking Error, IP Address Already Assigned to Another Adapter
KB Article 1179
Updated Jan. 07, 2009
Products
VMware Converter
VMware ESX
VMware GSX Server
VMware P2V Assistant
VMware Workstation
Details
Why do I see an error message that “The IP address XXX.XXX.XXX.XXX…” is already assigned to another adapter?
Solution
Under certain conditions, you may see the following error message from a Windows guest operating system:
The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to another adapter Name of adapter. Name of adapter is hidden from the network and Dial-up Connections folder because it is not physically in the computer or is a legacy adapter that is not working. If the same address is assigned to both adapters and they become active, only one of them will use this address. This may result in incorrect system configuration. Do you want to enter a different IP address for this adapter in the list of IP addresses in the advanced dialog box?
In this message, XXX.XXX.XXX.XXX is an IP address that you are trying to set and Name of adapter is the name of a network adapter that is present in the registry but hidden in Device Manager.
This can occur when you change a network connection’s TCP/IP configuration from DHCP to a static IP address if:
* You have upgraded VMware virtual network adapters (for example when you migrate a virtual machine from an older to a new version of VMware software.)
* You have added and removed network adapters multiple times.
The cause of the error is that a network adapter with the same IP address is in the Windows registry but is hidden in the Device Manager (My Computer > Properties > Hardware > Device Manager). This hidden adapter is called a ghosted network adapter.
Using the Show hidden devices option in the Device Manager (View > Show hidden devices) does not always show the old virtual NIC (ghosted adapter) to which that IP Address is assigned
Microsoft addresses this issue in their Knowledge Base article 269155, which is available at the time of this writing at http://support.microsoft.com/?kbid=269155.
To resolve this problem, follow these steps to make the ghosted network adapter visible in the Device Manager and uninstall the ghosted network adapter from the registry:
- Select Start > Run.
- Enter cmd.exe and press Enter. This opens a command prompt. Do not close this command prompt window. In the steps below you will set an environment variable that will only exist in this command prompt window.
- At the command prompt, run this command:
set devmgr_show_nonpresent_devices=1
- In the same command prompt run this command:
Start DEVMGMT.MSC (press Enter to start Device Manager.)
- Select View > Show Hidden Devices.
- Expand the Network Adapters tree (select the plus sign next to the Network adapters entry).
- Right-click the dimmed network adapter, and then select Uninstall.
- Close Device Manager.
- Close the Command Prompt
Another method of resolving this problem is to use the DevCon utility. This is a command-line utility that acts as an alternative to Device Manager. When you use DevCon, you can enable, utility disable, restart, update, remove, and query individual devices or groups of devices.
To use DevCon:
1. Download the DevCon tool from Microsoft Knowledge Base: 311272 (http://support.microsoft.com/kb/311272/en-us).
2. Unpack the 32bit or 64bit DevCon tool binary to a local folder.
3.
Click Start > Run.
4.
Type cmd and press Enter.
5. Type CD:\path_to_binaries to navigate to the devcon.exe is located.
6. Use the following syntax to find installed network adapters:
devcon findall *net* or
devcon listclass net
Note: In the output of the previous commands, there is a line for the ghosted network adapter that is similar to, PCI\.
7.
Run the following command to remove the adapter:
devcon remove @device\name
For example, devcon remove “@PCI\VEN_14E4&DEV_1600&SUBSYS_01C21028&REV_02\4&378EDFA4&0&00E2″ .
Note: IDs that include an ampersand character (&) must be enclosed in quotation marks as seen in the example.
8.
Reboot the system and you no longer see the ghost network adapters.
Product Versions
VMware Converter 3.0.x
VMware ESX 1.5.x
VMware ESX 1.x
VMware ESX 2.0.x
VMware ESX 2.1.x
VMware ESX 3.0.x
VMware GSX Server 2.0.x (Linux hosts)
VMware GSX Server 2.0.x (Windows hosts)
VMware GSX Server 2.5.x (Linux hosts)
VMware GSX Server 2.5.x (Windows hosts)
VMware GSX Server 3.x (Linux hosts)
VMware GSX Server 3.x (Windows hosts)
VMware P2V Assistant 1.x
VMware P2V Assistant 2.0.x
VMware P2V Assistant 2.1.x
VMware Workstation 3.x (Linux Hosts)
VMware Workstation 3.x (Windows Hosts)
VMware Workstation 4.x (Linux hosts)
VMware Workstation 4.x (Windows hosts)
Keywords
urlz; migration; upgrade; 1179; ghost; hidden; NIC
This Article Replaces
converter NIC issue (1000212)
Not able to remove ghost network adapter per the instructions in KB Article: 1179 (1003003)
Subject: VMware: Solution for “The IP address XXX.XXX.XXX.XXX…” is already assigned to another adapter” error
Go here:
http://kb.vmware.com/selfservice/viewContent.do?externalId=1179
04-28-2009 / 10:37
This is a short list of Tools and Documents concerning security in a Virtual Infrastructure.
Tools – page 1
Documents – page 2
Tools
Configuresoft
- Configuresoft’s Center for Policy and Compliance (CP&C) has led the industry in forming opinion and bringing together published security and compliance information to build a rich library of compliance toolkits that are available for download by Configuresoft customers from www.configuresoft.com. These CP&C Compliance Toolkits include:
- VMware Infrastructure 3 Security Hardening Guidelines and VMware Virtual Center Best Practices
- FISMA Compliance Toolkit for Virtual Computing
- GLBA Compliance Toolkit for Virtual Computing
- HIPAA Compliance Toolkit for Virtual Computing
- Sarbanes-Oxley (404) Compliance Toolkit for Virtual Computing
- DISA STIG Compliance Toolkit for Virtual Computing
- http://vmblog.com/archive/2008/04/08/configuresoft-expands-security-and-compliance-coverage-to-include-cis-vmware-esx-3-x-server-benchmark.aspx
HyTrust
HyTrust Appliance – http://www.hytrust.com/product/overview
- The HyTrust™ Appliance offers IT managers and administrators of virtual
infrastructure a centralized, single point of control and visibility for:
- configuration management
- compliance auditing
- access management
- best practices
- process workflow
- security controls
TripWire
http://www.tripwire.com/solutions/virtualization/
- ConfigCheck rapidly assesses the security of ESX 3.0 and 3.5 hypervisors compared to the Virtual Infrastructure 3 Security Hardening Guidelines.
- ConfigCheck assesses nearly 100 configurations of the ESX server, and most VI professionals who run the test find significant vulnerabilities. ConfigCheck’s remediation report provides detailed, step-by-step guidance to bring your virtual environment into a state that is secure. ConfigCheck helps you:
- Ensure recommended ESX configurations
- Discover possible vulnerabilities
- Deploy virtualization safely and securely
- Increase security posture of the entire enterprise
- Reduce configuration drift
- http://www.vwire.com/free-tools/configcheck/
VMinformer
- VMinformer is a security tool designed to check the security posture of your VMware environment. The tool comes with pre-defined policies that can be customized to suit your specific requirements and are based on industry best practices such as ‘VMware’s Security best practice hardening guide’ and the ‘DISA ESX STIG’ hardening guide. The policies also contain rules that have been based on extensive research and industry experience.
- Features:
- Connects to your ESX hosts or Virtual Center (v3.0, 3.5 and VC 2.5)
- Pre-defined policies based on industry best practices (VMware security hardening guide)
- Policies can be customized for your environment
- Provides full visibility and monitoring of your ESX hosts and Virtual machines
- Dashboard – Provides a graphical overview of VM’s and Security Posture
- Reporting
- Remediation guidance
04-19-2009 / 19:12
InfoSec Survival Guide: Cracking Cisco Passwords with John
http://infosecsurvivalguide.blogspot.com/2008/11/cracking-cisco-passwords-with-john.html
http://www.openwall.com/john/pro/macosx/
http://www.macshadows.com/forums/index.php?showtopic=8506
John the Ripper 1.7.3.1
http://mac.softpedia.com/get/Security/John-the-Ripper.shtml
John the Ripper 1.7.2 for G4 PowerPC, G5 PowerPC and Intel Macs (Universal Binary) (released 11/30/07)
http://www.macunix.net/JTR/john-1.7.2-macosx-universal.zip
Download the pre-patched (for OS X salted SHA1 hashes too) pre-compiled version of John the Ripper here:
http://www.macunix.net/JTR/
Unzip the archive.
Open Terminal.
Drag the file “john” from the folder “run” from within the unzipped “john-1.7.2-macosx-universal” folder to the Terminal window and let go.
Type a space.
Drag the text file containing your hash ( student:078D486A55E9922772C7F6F46113038E4800D6EDF4D31720 ) to the Terminal window and let go.
Click back in the Terminal window and press the return key.
QUOTE
Loaded 1 password hash (Salt SHA1 [salt-sha1])
barlow (student)
/ 16:37
Since we’ve been setting up a lot of virtual desktops, terminal servers, and windows machines accessed remotely with RDP/MSTSC it’s easy to get confused about what desktop you’re looking at.
- Download the free BGINFO tool from Microsoft’s Sysinternals web site and run this command in a batch file or other login script to set a nice back ground wall paper that tells you the IP address, host name, DHCP Server, MAC address, etc.
BgInfo v4.15 – By Bryce Cogswell – Published: March 30, 2009
http://download.sysinternals.com/Files/BgInfo.zip
bginfo.bgi
:: Create a shortcut or put this line into a file named bgset.cmd and then run that during login or system configuration:
%windir%\bginfo %windir%\bginfo.bgi /silent/nolicprompt /accepteula /timer:0
04-16-2009 / 14:46
#customize esxXX by IR Date YYYYMMDD
# ESX host configuration script for company.com
# configure as needed for esxXX by changing IP addresses below…
# configure 4 nics for nfs storage
# nic 1 and 3 – cos1, vms, vmotion
# nic 2 and 4 – vmkernel for nfs storage
#
#configure SYSLOG
echo “*.* @syslog.site.company.com” >> /etc/syslog.conf
service syslog restart
# List current config
/usr/sbin/esxcfg-nics -l
/usr/sbin/esxcfg-vswitch -l
#creating virtual switches
/usr/sbin/esxcfg-vswitch -a vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic1 vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic3 vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic2 vSwitch0
#enable CDP advertise and listen mode
/usr/sbin/esxcfg-vswitch -b vSwitch0
/usr/sbin/esxcfg-vswitch -b vSwitch1
/usr/sbin/esxcfg-vswitch -B both vSwitch0
/usr/sbin/esxcfg-vswitch -B both vSwitch1
/usr/sbin/esxcfg-vswitch -b vSwitch0
/usr/sbin/esxcfg-vswitch -b vSwitch1
#creating portgroups
/usr/sbin/esxcfg-vswitch -A “ITG-VLAN2″ vSwitch0
/usr/sbin/esxcfg-vswitch -A “PUBLIC-VLAN4″ vSwitch0
/usr/sbin/esxcfg-vswitch -A “VMkVMotion-VLAN209″ vSwitch0
/usr/sbin/esxcfg-vswitch -A “VMkStorage-VLAN207″ vSwitch1
#/usr/sbin/esxcfg-vswitch -A “Service Console” vSwitch0
/usr/sbin/esxcfg-vswitch -A “Service Console 2″ vSwitch0
/usr/sbin/esxcfg-vswif -a -i 10.102.8.111 -n 255.255.255.0 -p “Service Console 2″ vswif1
/usr/sbin/esxcfg-vswitch -A “ESX-VLAN208″ vSwitch0
/usr/sbin/esxcfg-vmknic -a -i 10.102.7.211 -n 255.255.255.0 VMkStorage-VLAN207
/usr/sbin/esxcfg-vmknic -a -i 10.102.9.211 -n 255.255.255.0 VMkVMotion-VLAN209
/usr/sbin/esxcfg-route -a 0.0.0.0/0 10.102.7.1
/usr/sbin/esxcfg-vswif -l
/usr/sbin/esxcfg-vmknic -l
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –nicteaming-policy=loadbalance_ip vSwitch0
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –nicteaming-policy=loadbalance_ip vSwitch1
vmware-vim-cmd /hostsvc/net/vswitch_setpolicy –failurecriteria-check-beacon 0 vSwitch0
vmware-vim-cmd /hostsvc/net/vswitch_setpolicy –failurecriteria-check-beacon 0 vSwitch1
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-promisc=false vSwitch0
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-macchange=false vSwitch0
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-forgedxmit=false vSwitch0
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-promisc=false vSwitch1
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-macchange=false vSwitch1
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-forgedxmit=false vSwitch1
#configuring vlans
/usr/sbin/esxcfg-vswitch -l
/usr/sbin/esxcfg-vswitch -v 2 -p “ITG-VLAN2″ vSwitch0
/usr/sbin/esxcfg-vswitch -v 4 -p “PUBLIC-VLAN4″ vSwitch0
/usr/sbin/esxcfg-vswitch -v 207 -p “VMkStorage-VLAN207″ vSwitch1
/usr/sbin/esxcfg-vswitch -v 209 -p “VMkVMotion-VLAN209″ vSwitch0
/usr/sbin/esxcfg-vswitch -v 208 -p “Service Console” vSwitch0
/usr/sbin/esxcfg-vswitch -v 208 -p “Service Console 2″ vSwitch0
/usr/sbin/esxcfg-vswitch -v 208 -p “ESX-VLAN208″ vSwitch0
/usr/sbin/esxcfg-vswitch -l
#delete vmnic1 from vSwitch0 (run these if necessary)
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “ITG-VLAN2″ vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “PUBLIC-VLAN4″ vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “VMkStorage-VLAN207″ vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “VMkVMotion-VLAN209″ vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “Service Console” vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “Service Console 2″ vSwitch0
#/usr/sbin/esxcfg-vswitch -N vmnic1 -p “ESX-VLAN208″ vSwitch0
#add vmnics to each port group
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “ITG-VLAN2″ vSwitch0
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “PUBLIC-VLAN4″ vSwitch0
/usr/sbin/esxcfg-vswitch -M vmnic1 -p “VMkStorage-VLAN207″ vSwitch1
/usr/sbin/esxcfg-vswitch -M vmnic3 -p “VMkStorage-VLAN207″ vSwitch1
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “VMkVMotion-VLAN209″ vSwitch0
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “Service Console” vSwitch0
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “Service Console 2″ vSwitch0
/usr/sbin/esxcfg-vswitch -M vmnic2 -p “ESX-VLAN208″ vSwitch0
/usr/sbin/esxcfg-vswitch -l
sleep 10
#setup vmotion on the first vmk network
#vmware-vim-cmd “hostsvc/vmotion/netconfig_get” (check config)
vmware-vim-cmd hostsvc/vmotion/vnic_set vmk1
#/usr/sbin/esxcfg-vswitch -l
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-active=vmnic0 vSwitch0 “Service Console”
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-standby=vmnic2 vSwitch0 “Service Console”
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-active=vmnic0 vSwitch0 “Service Console 2″
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-standby=vmnic2 vSwitch0 “Service Console 2″
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-active=vmnic0 vSwitch0 “VMkVMotion-VLAN209″
vmware-vim-cmd /hostsvc/net/portgroup_set –nicorderpolicy-standby=vmnic2 vSwitch0 “VMkVMotion-VLAN209″
#adding Network Attached data store
/usr/sbin/esxcfg-nas -l
/usr/sbin/esxcfg-nas -a -o NAS1-ip -s /vol/vmw_datastore1 vmw_datastore1
/usr/sbin/esxcfg-nas -a -o NAS2-ip -s /vol/vmw_datastore2 vmw_datastore2
#/usr/sbin/esxcfg-nas -a -o NAS3-ip -s /vol/vol3_vmware_test nfs_vol_netapp
/usr/sbin/esxcfg-nas -l
#configure resolv.conf
/bin/cat /dev/null > /etc/resolv.conf
echo “nameserver ns1-ip” >> /etc/resolv.conf
echo “nameserver ns2.ip” >> /etc/resolv.conf
echo “search site.company.com” >> /etc/resolv.conf
cat /etc/resolv.conf
#configure hostname
vmware-vim-cmd hostsvc/net/dns_set –dns-hostname=esxXX
vmware-vim-cmd hostsvc/net/dns_set –dns-domainname=site.company.com
#configure NTP
/usr/sbin/esxcfg-firewall -e ntpClient
/usr/sbin/ntpdate -u ntp1.site.company.com
chkconfig –list ntpd
chkconfig –level 35 ntpd on
chkconfig –list ntpd
echo “restrict ntp1-ip mask 255.255.255.255 nomodify notrap noquery” >> /etc/ntp.conf
echo “server ntp1.site.company.com” >> /etc/ntp.conf
echo “restrict ntp2-ip mask 255.255.255.255 nomodify notrap noquery” >> /etc/ntp.conf
echo “server ntp2.site.company.com” >> /etc/ntp.conf
echo “restrict ntp3-ip mask 255.255.255.255 nomodify notrap noquery” >> /etc/ntp.conf
echo “server ntp3.site.company.com” >> /etc/ntp.conf
echo “driftfile /var/lib/ntp/drift” >> /etc/ntp.conf
echo “ntp1-ip” > /etc/ntp/step-tickers
echo “ntp2-ip” >> /etc/ntp/step-tickers
echo “ntp3-ip” >> /etc/ntp/step-tickers
service ntpd restart
hwclock –systohc
#configure SUDO
esxcfg-boot -g
esxcfg-boot -b
esxcfg-advcfg -s 32 /NFS/MaxVolumes
# make sure that NFS locks are not disabled
esxcfg-advcfg -s 0 /NFS/LockDisable
# this should already be set correctly, but just to make sure
esxcfg-advcfg -s 12 /NFS/HeartbeatFrequency
# this should also be set correctly already
esxcfg-advcfg -s 10 /NFS/HeartbeatMaxFailures
# increase the heap size. Default is 9.
esxcfg-advcfg -s 30 /Net/TcpIpHeapSize
# increase heap max. Default is 30.
esxcfg-advcfg -s 120 /Net/TcpIpHeapMax
#configure AD
/usr/sbin/esxcfg-auth –enablead –addomain=site.company.com –addc=DC-NAME.site.company.com
useradd IT1
useradd IT2
#useradd Administrator
#configure SNMP
/bin/cat /dev/null > /etc/snmp/snmpd.conf
echo “syscontact IT-TEAM-DL@company.com” >> /etc/snmp/snmpd.conf
echo “syslocation Company-Location” >> /etc/snmp/snmpd.conf
echo “rocommunity RO-String” >> /etc/snmp/snmpd.conf
echo “trapcommunity RO-String” >> /etc/snmp/snmpd.conf
echo “trapsink DELL-IT-Assistant-Server.site.company.com RO-String” >> /etc/snmp/snmpd.conf
echo “dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so” >> /etc/snmp/snmpd.conf
echo “smuxpeer .1.3.6.1.4.1.674.10892.1″ >> /etc/snmp/snmpd.conf
#install Dell OpenManage Agent
esxcfg-firewall -o 80,tcp,out,http
/usr/bin/lwp-download http://DELL-IT-Assistant-Server.site.company.com/OM_5.5.0_ManNode_A00.targz
tar -xvf OM_5.5.0_ManNode_A00.tar.gz
cd linux/supportscripts/
./srvadmin-install.sh -b -w -r -s
srvadmin-services.sh start
esxcfg-firewall -o 1311,tcp,in,OpenManageRequest
#test by going to https://esxXX.site.company.com:1311
# service mgmt-vmware restart # if needed
#end of script
/ 14:21
procedure to find port by ip arp mac
Assumptions:
You have an IP address and want to find out what switch port it is on.
There is a core switch with edge switches and Cisco CDP is running.
Example: IP address is 10.1.1.69
- find the MAC address of this IP
open ssh console to core switch and run “sh arp”
coreswitch#sh arp | inc 10.1.1.69
Internet 10.1.7.69 0 0007.1234.cd43 ARPA Vlan5
- find port from MAC address
coreswitch#sh mac-address-table dynamic | inc 0007.1234.cd43
* 5 0007.1234.cd43 dynamic Yes 5 Gi7/12
- find edge switch for port
coreswitch#sh cdp nei gi7/12
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
edgeswitch.company.net
Gig 7/12 176 S I WS-C3560G-Gig 0/49
- open ssh console to edge switch and run “sh arp” repeat process
04-13-2009 / 22:49
How to use NMAP to count the number of hosts on a given subnet.
#!/bin/bash
echo 4192 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
nmap -sP -PI $1 -n –max_rtt_timeout 5000 –initial_rtt_timeout 5000 | tail -1 | cut -f 2 -d “(” | cut -f 1 -d ” ” 2> /dev/null
(Thanks to Gabriel for this one!)
04-08-2009 / 21:06
I just wanted to share with you all. We are using a small NetApp with NFS for hosting ESX 3.5 Update 4 and ESX 4 RC Virtual Machines.
MODEL: FAS2020-R5
SW VERSION: 7.2.4L1
We have about 9 Windows VMs each one using about 20 GB disk space. There are Active Directory Domain Controllers, Exchange 2003 and 2007 servers, Windows Administration and Application servers and workstations and even Solaris 10 and Windows 2008 64 bit machines.
# du -h vmnfs/
21G vmnfs/vhq/dc1
21G vmnfs/vhq/dc2
21G vmnfs/vhq/vc
21G vmnfs/vhq/wadmin
8.6G vmnfs/vhq/w2008
91G vmnfs/vhq
31G vmnfs/eng/solaris10
31G vmnfs/eng
21G vmnfs/W2K3template
21G vmnfs/SW-Node01
21G vmnfs/SW-Node02
If we include the snapshots there is 1.6TB of data available and being served up with only 21GB of disk space being used!
> df -h /vol/vmnfs
Filesystem total used avail capacity Mounted on
/vol/vmnfs/ 400GB 21GB 378GB 5% /vol/vmnfs/
> df -sh /vol/vmnfs
Filesystem used saved %saved
/vol/vmnfs/ 21GB 160GB 88%
> man nfs
The disk space savings generated by the shared space is
shown in the saved column. The space used plus the space
saved would be the total disk space usage, if no space was
shared. The %saved is calculated as [saved / (used + saved)].
Below is a list of the maximum volume size for each storage system:
| Storage system (with nearstor_option enabled) |
Max. A-SIS deduplication volume size |
| FAS6070, FAS6080, N7800 |
16TB |
| FAS6030, FAS6040, N7600 |
10TB |
| FAS3070, N5600 |
6TB |
| NearStore R200 |
4TB |
| FAS3040, N5300 |
3TB |
| FAS3050, N5500 |
2TB |
| FAS3020, N5200 |
1TB |
| FAS2050 |
1TB |
| FAS2020 |
0.5TB |
You can use MRTG to graph the disk space saved by A-SIS deduplication by volume name.
http://www.usenet-forums.com/mrtg/392860-mrtg-mrtg-ntap-probe-release-0-5-0-sis-disk-space-savingsreport-added.html
What has your experience been with using A-SIS from NetApp with ESX hosts over NFS?
