Installing the VMware Support Assistant
So VMware's Support Assistant is pretty awesome and it's free! I thought I'd do a quick run through of the installation and set up for anyone who was interested, it's fairly straightforward and if you raise a lot of calls or have multiple calls on the go it's a time saver!
VMware's official page for the Support Assistant is here - https://www.vmware.com/products/datacenter-virtualization/vcenter-support-assistant/overview.html
Passed the VCP510 exam – VCP5-DV Qualified!
I'm very pleased to say that as of 21st December, I passed my VCP510 exam and am now VCP5 qualified! It's something that I've wanted to do for a long time (since VCP3) but have never been able to get funding for the required course. My current employer sent me on the vSphere 5 Fast Track course earlier this year, so I was all set to take the exam.
My exam experience was somewhat marred by a very poor first attempt which I narrowly failed. The exam I sat had dozens of spelling and grammatical mistakes, inaccuracies and other problems and I spent far too long commenting on those than concentrating on the questions. Fortunately I was eventually able to speak with VMware Education and they issued me with an exam voucher (they will also be releasing a new version of the exam soon, which I'm assured will resolve these problems). My second attempt was a lot better and I smashed the 300 point pass mark by 128 points, which went some way to restoring confidence in my own knowledge of the subject!
I'm now looking forward to studying for the VCAP-DCA and DCD exams with a view to completing them in 2013...
A good year with VMware and better things to come!
This year for me personally has been extremely busy and eventful coupled with a great deal of learning.
Without wishing to bore the pants off of any would be reader I shall summarize my ruminations as someone whom is still quite new to the VMware world.
The first thing that comes to mind is a a couple of recent meetings I have had with VMware. Learning that they are now very keen to engage with 'the rest of us' and by that I mean those of us working in SME's as we represent well over 50% of their business revenue. For me personally this was excellent news as we have already invested heavily into the VMware product range and plan to carry on doing so in the future. The recent release of VMware suites was a good step forward but I still feel they need to do a lot better in communicating to SME's about their vast (and ever increasing) product range as there are many gems that can often go unoticed. Our discovery of vCops earlier this year was a good example of this.
vCenter 5.1 Single Sign On Multi-Site error: User credentials are incorrect or empty
While adding an additional vCenter Server to our Multi-Site Single Sign On instance I encountered a problem as I entered the details of the existing SSO.
The error thrown was:
User credentials are incorrect or empty. Provide correct credentials.
After a couple of hours online with VMware support I took a guess at the problem. On the existing Single Sign On Configuration I have added the Active Directory domain DefinIT and in order to enable integrated authentication from the vSphere Client I moved it to the top of the list - this meant that System-Domain is no longer the default authentication domain. The SSO admin account (admin@System-Domain) is a part of that domain and so my guess is that the installer tries to authenticate using admin@definit.local rather than System-Domain, which of course failed.
Moving System-Domain back to the top of the list allowed me to install correctly, and once finished I could drop it back down to allow integrated authentication again.
VCP5 – vSphere 5 Configuration Maximums Quiz in PowerShell
I've been learning my vSphere 5 config maximums before my upcoming VCP5 exam, so in a supreme effort of procrastination I thought I'd write a PowerShell quiz script: here it is!
Save the QuizMe.ps1 file into a folder and then place one or more text file in the same folder containing a comma delimited set of questions and answers. Then run QuizMe.ps1!
Powershell – Generate Microsoft CA signed SSL certificates with vSphere 5.1
The process of requesting certificates for vSphere 5.1 is a fairly grim, manual process. It's repetitive and easy to make a mistake on any step of the way. Since I've got to do this for quite a few VirtualCenter Servers, I thought I'd script the certificate generation if nothing else. I am following the excellent documentation provided in Implementing CA signed SSL certificates with vSphere 5.1 and more specifically in Creating certificate requests and certificates for vCenter Server 5.1 components.
The script assumes that:
- You have a working Certificate Authority
- You are in an Active Directory domain environment
- You have the relevant permissions to modify Certificate Templates, Request and Issue certificates.
- You have installed OpenSSL v1.0.1c or later.
You will need to modify the configuration section to suit your environment and the $WorkingDir folder should exist before you run the script.
Installing VMware vSphere Single Sign On (SSO) in Multi-site Mode
VMware vSphere Single Sign On (SSO) can be installed in Multi-site mode to support local sign-on to vCenters that you want to be part of the same single sign on domain - for example, if you want to install Linked-Mode and have the advantage of a single pane of glass view, but can't risk using a single SSO instance across the WAN. In other words, from VMware's blog post:
Multisite deployments are where a local replica is maintained at remote sites of the primary vCenter Single Sign-On instance. vCenter Servers are reconfigured to use the local vCenter Single Sign-On service and reduce authentication requests across the WAN. Multisite deployments do drop the support of single pane of glass views unless Linked Mode is utilized and multisite deployments are actually required to maintain Linked Mode configurations where roles, permissions and licenses are replicated between linked vCenter servers. Linked mode will re-enable single pane of glass views across multisite instances.
DataStore conflicts with an existing DataStore in the DataCenter – Manually disabling Storage I/O Control
I ran into this issue yesterday while reconnecting hosts in our vCenter Server following a complete reinstall - the reasons for which are a long story, but suffice to say that there were new certificates and the host passwords were encrypted with the old ones.
The LUNs had been unpresented at the hardware level by the storage team, but had not been unmounted or removed from vCenter. This is *not* the way to remove storage - let me re-iterate: remove storage properly. Unfortunately in this case the storage was removed badly - doing this can lead to a condition called "All Paths Down" or APD which is best explained by Cormac Hogan (@vmwarestorage) in the article Handling the All Paths Down (APD) condition.
Host disk write latency errors – troubleshooting
So recently we upgraded our cluster monitoring suite to it's latest iteration (Veeam ONE), it was not long before I began to receive emails from the monitor informing me of Host disk write latency "errors" (Datastore write latency had exceeded the defined threshold in the monitor) on several of the Datastores on our SAN.
Naturally I began the process of cross referencing backup routines and any heavy I/O routines that may have been running at the time the warning messages were generated. My conclusion was that even under average load these alerts were being generated, which was far from ideal even if we had not noticed any performance problems with any of the busy VMs.
After consulting the web/reference material and a few very knowledgable friends it was clear the first port of call was the Host Datastore Multipath policy. Upon quick inspection, all of the offending Datastores were configured with the Path Selection "Most Recently Used (vmware)". I had the option to set the Path Selection to "Round Robin (vmware)" but before doing so I double checked our MSA2312i SAN could support such a policy, which in this case it did.
vCenter 5.1 – Configuring vCenter Linked Mode
One thing we have been meaning to do for a while but haven't got round to is getting our Virtual Center Servers into "Linked" mode - essentially to provide a single pane of glass view of our entire virtual estate. One vCenter resides on the other side of our DMZ and manages hosts isolated for security purposes. I've created an IPSec server-to-server connection and allowed that through the firewall to secure traffic between the DMZ VC and LAN VC.
For the purposes of this, let's call them DefinIT-VC01.definit.co.uk and DefinIT-VC02.definit.test.
Recent Comments
- Why secure your vSphere environment with valid SSL certificates? « DefinIT on Using the VMware SSL Certificate Automation Tool with a Microsoft Certificate Authority
- John Wiersma on PowerCLI Script to set RDM LUNs to Perennially Reserved – Fixes Slow Boot of ESXi 5.1 with MSCS RDMs
- Sam McGeown on PowerCLI Script to set RDM LUNs to Perennially Reserved – Fixes Slow Boot of ESXi 5.1 with MSCS RDMs
- John Wiersma on PowerCLI Script to set RDM LUNs to Perennially Reserved – Fixes Slow Boot of ESXi 5.1 with MSCS RDMs
- Sam McGeown on PowerCLI Script to set RDM LUNs to Perennially Reserved – Fixes Slow Boot of ESXi 5.1 with MSCS RDMs
Top Posts & Pages
- Installing and Configuring OTRS 3.0.9 on Windows Server 2008 R2
- Upgrading to ESXi 5.0 Update 1 using VMware Update Manager
- PowerShell: Recursively taking ownership of files and folders and adding permissions without removing existing permissions
- Configuring a Guest wireless network with restricted access to Production VLANs
- Unable to access admin shares (c$, d$, ADMIN$, IPC$) on Windows Server 2008 in a Workgroup
Categories
Qualifications
_1084_1085_thumb.jpg "MCITP Logo")
Archives
- May 2013 (2)
- April 2013 (2)
- March 2013 (2)
- February 2013 (4)
- January 2013 (1)
- December 2012 (2)
- November 2012 (3)
- October 2012 (4)
- September 2012 (1)
- August 2012 (4)
- July 2012 (1)
- June 2012 (1)
- May 2012 (1)
- February 2012 (1)
- January 2012 (4)
- October 2011 (2)
- August 2011 (1)
- July 2011 (1)
- June 2011 (2)
- April 2011 (1)
- March 2011 (7)
- February 2011 (4)
- January 2011 (1)
- December 2010 (1)
- November 2010 (3)
- October 2010 (1)
- September 2010 (5)
- August 2010 (3)
- July 2010 (5)
- June 2010 (4)
- May 2010 (2)
- April 2010 (3)
- March 2010 (6)
- February 2010 (5)
- January 2010 (1)
- December 2009 (2)
- November 2009 (1)
- October 2009 (3)
- September 2009 (3)
- July 2009 (3)
- May 2009 (1)
- April 2009 (2)
- February 2009 (2)
- January 2009 (4)
- December 2008 (2)
- November 2008 (1)
- October 2008 (3)
- September 2008 (5)
- August 2008 (1)
- July 2008 (6)
- May 2008 (8)
- April 2008 (2)
- March 2008 (1)
- February 2008 (1)
- January 2008 (1)
- November 2007 (1)
- October 2007 (1)
- July 2007 (1)
- June 2007 (6)
- May 2007 (2)