afokkema VMware

vShield Host preparation: Host not reachable


Just a quick tip when you’re using vShield and want to prepare a new ESXi host. When you click on the vShield tab inside the vSphere client you might see the message “Host not reachable”.

image

So I started with some basic troubleshooting like ping from the vShield Manager to the ESXi host and from the ESXi host to the vShield Manager. This worked. The next step was the debug connection command from the vShield Manager appliance. This command completed successfully:

image

So what was the issue?? Well it’s simple the ESXi host was in Maintenance mode while trying to perform the Host preparation. This is not supported. The host needs to be in normal operation mode to be able to connect to vShield. Now I was able to prepare the ESX host:

image

Advertisement
afokkema VMware

Syslog gone mad after vSphere upgrade to vSphere 5.1 update 1


After upgrading a vSphere 5.0 update 2 host to vSphere 5.1 update 1 we noticed an issue with the lsassd daemon. Right after update manager finished with the upgrade the lsassd starts to write a lot of messages. Within the last 5 minutes the syslog server received 170K log messages from the upgraded host alone.

See the screenshot below:

image

The following message keeps popping up in the logs:

esxihost.domain.loc lsassd[9297]: 0x6eb11b90:Terminating on fatal IPC exception

To work around this issue you need to leave the Windows domain. Select the host – Configuration – Authentication Services – Properties. Click on Leave Domain… The excessive logging hast stopped immediately.

image

After that you can rejoin to the Windows domain again.

afokkema VMware

PowerCLI: enable SSH and configure ESXi Firewall


It’s a long time ago when I posted a new article on my blog so it’s time to write some new content. I want to start with a post about configuring SSH to start automatically, hide the Shell warning message and configure the ESXi firewall to allow the connection from a certain IP address. Of course all this is done by running a PowerCLI script.

But first I want to show you where you can change the ESXi firewall settings. Go to the configuration tab and select the Security Profile. Select the rule you want to change and click on firewall.. Select the option “Only allow connections from the following networks” and add the IP address or IP range you want to allow.

image

But like I mentioned before this is not a job do by hand when you have a large vSphere environment so I want to share the PowerCLI script below to perform this task for you. The only things you need to change are the $cluster and $ip variables. Then copy the script to your PowerCLI session and run it.

$cluster = "<clusterName>"
$ip = "192.168.1.1"

foreach($vmHost in (Get-Cluster $cluster | Get-VMHost | Sort Name)){
    write-host "Configuring SSH on host: $($vmHost.Name)" -fore Yellow
    if((Get-VMHostService -VMHost $vmHost | where {$_.Key -eq "TSM-SSH"}).Policy -ne "on"){
        Write-Host "Setting SSH service policy to automatic on $($vmHost.Name)"
        Get-VMHostService -VMHost $vmHost | where { $_.key -eq "TSM-SSH" } | Set-VMHostService -Policy "On" -Confirm:$false -ea 1 | Out-null
    }

    if((Get-VMHostService -VMHost $vmHost | where {$_.Key -eq "TSM-SSH"}).Running -ne $true){
        Write-Host "Starting SSH service on $($vmHost.Name)"
        Start-VMHostService -HostService (Get-VMHost $vmHost | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"}) | Out-null
    }    
    
    $esxcli = Get-EsxCli -VMHost $vmHost
    if($esxcli -ne $null){
        if(($esxcli.network.firewall.ruleset.allowedip.list("sshServer") | select AllowedIPAddresses).AllowedIPAddresses -eq "All"){
            Write-Host "Changing the sshServer firewall configuration"        
            $esxcli.network.firewall.ruleset.set($false, $true, "sshServer")
            $esxcli.network.firewall.ruleset.allowedip.add("$ip", "sshServer")
            $esxcli.network.firewall.refresh()
        }    
    }
    
    if(($vmHost | Get-AdvancedSetting | Where {$_.Name -eq "UserVars.SuppressShellWarning"}).Value -ne "1"){
        Write-Host "Suppress the SSH warning message"
        $vmHost | Get-AdvancedSetting | Where {$_.Name -eq "UserVars.SuppressShellWarning"} | Set-AdvancedSetting -Value "1" -Confirm:$false | Out-null
    }    
}

The script checks if the SSH Service is running or not and will change the setting is necessary. This is also the case with the Firewall configuration and the part to suppress the Shell warning message.

afokkema Random, VMware

Upgrade ESX3i to ESX4i with the vSphere Host Update Utility


 

In this post I will introduce a new VMware tool called VMware vSphere Host Update tool. With this tool you’re able to update an ESX host without VUM, just like the VMware Infrastructure Update utility. See my previous post here. An other interesting feature of the vSphere Host Update tool is the option to upgrade an existing ESX(i) Host to vSphere.  In this post I will guide you through the upgrade process of an ESXi host which runs from a memory stick.

Start the vSphere Host Update Utility from  Start – Programs – VMware – VMware vSphere Host Update Utility.  When you already accessed your ESXi host with the VI Client, The host are already added to the Host List. If this is not the case, you can add your host via the Add Host… link at the right corner.  So now we’re ready to upgrade. Select the host and press the upgrade button.

image

The ESXi 4.0 Upgrade Wizard starts. You’ll have to add the upgrade zip file which you can download from VMware.com if you’re a Beta user.

 image

Enter the credentials for your host. In the screenshot below, you’ll see an error: The host must be in maintenance mode to perform an upgrade. So when the host is in maintenance mode, we can continue the upgrade process.

image

After the Host Compatibility check, the host will be upgraded to vShere.

image

After a couple of minutes the host is ready and is running ESXi 4.

image

afokkema VMware

VMware ESX/ESXi: no sound through RDP


image

Martin over at http://www.emware.nl/ has posted an article about getting sound through a RDP connection:

Working on vmware is great, but it gets even better when you have some sounds.
A straight out the box install gives you a error on the sound card.

  • The audio Service is not running
  • No audio Devices are installed

It took me some to figure out this problem, but at the end … it was really simple.

Let’s make it work !

Read the rest of the article here: http://www.emware.nl/articles/no-sound-in-esx-esxi-through-rdp.html

afokkema Hyper-V, Virtualization, VMware

VMware: Hyper-V on Server Core vs ESXi


VMware heeft een vergelijking gemaakt tussen Hyper-V op Server Core vs ESXi. Hieronder zie je de uitkomst van deze test. Verder vind je twee videos met meer informatie over de installatie van beide Hypervisors en een video over het configureren van iSCSI op beide Hypervisors.

picture_3

Video 1: http://www.vmware.com/technology/whyvmware/resources/esxi-hyper-v-installation.html

This first video shows every step required to install Hyper-V and ESXi on a fresh machine.  We kept count of the elapsed time, reboots, mouse clicks and keystrokes each product needed and it clearly shows the huge advantage the truly thin and OS-free ESXi architecture has in installation speed and simplicity.  ESXi goes from bare-metal to fully installed in one-third the time, half the mouse clicks, hundreds fewer keystrokes and just one reboot vs. seven compared to Hyper-V.  The simplicity of the ESXi wizard-driven installation is striking compared to the arduous process needed to first get the Server Core OS installed and then configure Hyper-V in a command line environment.

Video 2: http://www.vmware.com/technology/whyvmware/resources/hyper-v-side-by-side-esxi.html

Our second video starts where the first left off and takes Hyper-V and ESXi through the steps needed to configure two iSCSI datastores for VM use.  iSCSI setup is a standard task for any virtualization user that wants to take advantage of shared storage for VM migration and high availability.  ESXi’s Windows-based Virtual Infrastructure client makes the iSCSI setup quick and easy.  For Hyper-V, the "Windows you know" is nowhere to be seen.  Instead, working with Server Core requires you to key in a long sequence of obscure commands to configure iSCSI initiators and targets, partitions and file systems.  We generously showed the Hyper-V setup executed with no delays, although it took us hours of digging through Microsoft documents and knowledgebase articles to find the right commands to use when configuring iSCSI in Server Core.

Bron: http://blogs.vmware.com/virtualreality/2008/09/esxi-vs-hyper-v.html