Category: virtualization

Categories
blog howto linux network server virtualization

Virtual Private Server on SSD storage

 Update: After reviewing the offerings, I’m no longer running my VPS at digitalocean. Instead I’m using Linode at the moment.
www.linode.com

Easily deploy an SSD cloud server on @DigitalOcean in 55 seconds.

Recently I read about the virtual private servers you can create on www.DigitalOcean.com. They call them Droplets, and they get created in less then a minute if you don’t enable back-ups, or just a couple of minutes with back-up service enabled. You can choose between different geographically located data centers. You can choose between New York, San Francisco, London, Amsterdam and Singapore. You get one public ip address (or ipv6 if you prefer, but who does anyway).

You can choose out of some pre selected minimal OS installations such as Ubuntu, CentOS, Debian, Fedora and CoreOS. Or you could even deploy your VPS complete with a LAMP (Linux, Apache, MySQL and PHP) or even with WordPress of Drupal setup. If I looked at the price (10$/month or 12$ with back-up) for a VPS, with 1 CPU, 1GB RAM, 30GB DISK and 2TB data transfer, and compared that to what I was currently paying for 2 shared hosting plans, the math was clear. For a bit less than what I was paying I get my very own Virtual Private Server where I can configure everything I want and have full rights on everything.

For me, as an enthusiastic system engineer, with experience on multiple Linux flavors, this was a very nice project. Starting from a minimal CentOS 7 installed Droplet, I quickly installed and configured Apache, Nginx, MySQL and PHP and started serving web pages. My first tests were a success. I configured different management tools and secured the system with a software firewall. Because your VPS has a public ip address you must think good about security. It took some time getting used to the new firewall software system in CentOS 7 called firewalld. After some cursing I had it set up as I wanted.

The next step was to migrate the first of my existing websites over to the new VPS. I chose to configure virtual hosts in an organized manner so that I could always expand to more websites if needed. After transferring the databases and website data, I set course for a new goal. Making my sites more secure by using HTTPS encryption on the login pages. By using the free 1 year class 1 certificates from www.startssl.com I did not have to make any extra costs. Update: Using Let’s Ecrypt now and HTTPS on all pages! After some hours of configuring and testing I had everything running smoothly. I migrated all the DNS records to my new VPS and shortly after my 1st website was running live on the new VPS.

My next goal was to set up mailboxes for every virtual host and using IMAP to connect to them. I choose POSTFIX as the SMTP server and DOVECOT as the IMAP server. POSTFIX was configured for using virtual mailboxes that don’t require a Linux user. DOVECOT was configured for SSL/TLS encrypted connections so password are never sent in clear text. To finish it off I installed ROUNDCUBE as a web mail solution.

After my successful first website migration the second one followed quickly and went smoothly as well. This time I also needed a FTP setup and I chose VSFTPD and again made it possible to use SSL encryption.

The VPS is now running all of my websites, except this blog.

PS: If you are wondering why I don’t migrate this blog, running on my home server, that’s because it’s a challenge to keep a website running on a homeserver with minimal hardware costs and dynamic internet ip address. It also has some other uses for me besides serving this blog.

Categories
blog howto server virtualization

HP VAAI plugin missing from Vmware ESXi 5.1 U1 HP Customized edition sep 2013

Also read the updated EDIT section at the end.

Summary:
HP has left out the VAAI plugin in the September 2013 ISO’s for ESXi 5.1 and 5.5. People adding a hosts to a SAN (like a P2000G3) will have troubles without this plugin.
New VMFS-5 datastores that are created on a host that has the VAAI plugin will use ATS-Only locking mechanism for the datastore. Adding another host without this VAAI plugin will keep that host for correctly seeing the datastores.

Situation:
Server HP Proliant DL380 G6 freshly installed with VmWare ESXi 5.1 U1, using the “HP customized sep 2013 ISO”.
A couple of months ago I already had installed 2 other servers with VmWare ESXi 5.1 U1 using the “HP customized apr 2013 ISO”.
These 2 previosly installed hosts had been connected via ISCSI to an HP P2000G3 SAN with 2 LUN’s and 2 datastores were created without problems. Both hosts saw these datastores.

Problem:
The new vmware host would briefly show one or both datastores after a RESCAN HBA, but they disappeared after 2 seconds. Also the capacity values shown during those 2 seconds were wrong.

Troubleshooting:
I switched the ISCSI from the Intel NIC to the Broadcom NIC, but the problem remained the same.
I updated all the firmware on the server using the Servicepack for Proliant CD.
After that I further updated using the “VMware vSphere 5 Supplement for HP Service Pack for ProLiant” and the included HP SUM.
I checked the vmkernellog file on /tmp/scratch and saw these errors:
2013-11-28T13:53:58.536Z cpu11:9191)WARNING: FSAts: 1304: Denying reservation access on an ATS-only vol 'P2000LUN12'
2013-11-28T13:53:58.536Z cpu11:9191)WARNING: HBX: 1955: ATS-Only VMFS volume 'P2000LUN12' not mounted. Host does not support ATS or ATS initialization has failed.
2013-11-28T13:53:58.536Z cpu11:9191)WARNING: HBX: 1968: Failed to initialize VMFS distributed locking on volume 51f29f9b-26f5059a-39c6-00237deeceda: Not supported
2013-11-28T13:53:58.536Z cpu11:9191)Vol3: 2359: Failed to get object 28 type 1 uuid 51f29f9b-26f5059a-39c6-00237deeceda FD 0 gen 0 :Not supported
2013-11-28T13:53:58.536Z cpu11:9191)WARNING: Fil3: 2492: Failed to reserve volume f530 28 1 51f29f9b 26f5059a 230039c6 daceee7d 0 0 0 0 0 0 0
2013-11-28T13:53:58.536Z cpu11:9191)Vol3: 2359: Failed to get object 28 type 2 uuid 51f29f9b-26f5059a-39c6-00237deeceda FD 4 gen 1 :Not supported
2013-11-28T13:53:58.581Z cpu11:9191)HBX: 707: Setting pulse [HB state abcdef02 offset 3440640 gen 1 stampUS 5568056524 uuid 529735be-0b3c273d-6396-18a90550fb2c jrnl drv 14.58] on vol 'P2000LUN12' failed: Not supported

So after researching on the internet I read up on VAAI what is responsible for the ATS locking of the ISCSI volumes. You could turn it off, but you have to do it on all the hosts and power all the VM’s down. This was not desirable and the other hosts worked fine. So I wanted to fix this one new host.
I logged in using SSH on the hosts and check the VAAI status with this command:
esxcfg-scsidevs -l | egrep "Display Name:|VAAI Status:"
On the working hosts it showed my ISCSI disks and next to VAAI status showed: supported.
On the troublesome host it showed the ISCSI disks and the VAAI status showed: unknown.

Solution:
VmWare support were no help, just asking me for a collection of all the logfiles and not reading my log excerpt containing the errors shown above. I gave them the logs, but 5 hours later they still hadn’t responded. That’s not what I call good support.
I read up on more of the VAAI stuff, and apparently it’s HP plugin in VmWare. So I looked around to find a download for it, to force it to update.
To my surprise I find it on this page: http://h18004.www1.hp.com/products/servers/software/vmware-esxi/driver_version.html
It’s listed as a component for the April 2013 version of the HP customized ISO, but they have now left it out in the September 2013 version.
So I download the HP VAAI plugin from here: http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalState=idx=|swItem=MTX_30e09de4fc7e4498bfd9102a99

Download the zip file, extract it. Inside you’ll find another ZIP file with the word bundle in the filename. Upload this zip to your ESXi server’s /tmp/scratch directory (to do this: enable SSH using the client and use WinSCP or FastSCP).
Login to the SSH shell (using Putty) and execute:
esxcli software vib install -d /tmp/scratch/hp_vaaip_p2000_offline-bundle-210.zip
Reboot the host, and the problem is gone. You’re datastores now appear under storage tab for this host.

Notes:
Just a heads up, it seems HP has also left this HP VAAI plugin out of the ESXi 5.5 ISO’s.
No idea if they just forgot, or are intentionally doing it.

I have asked to close the VmWare support case stating I have found the solution myself some 9 hours ago, but they haven’t even looked at it, it remains open.

EDIT:
It seems HP removed the VAAI plugin on purpose, because of a bug with some RAID controllers. Read the advisory here at this LINK.
Since I don’t have these RAID controllers, I don’t have any problem enabling the plugin.
You can read more in this forum topic:
VAAI support with ESX 5.1U1 on P2000 G3 MSA

Categories
blog howto server virtualization

MONITOR PANIC: Unable to decompress PPN from swap slot for VM

VMWARE ESXi 5.1U1

My VM would power off without apparent reason.
Looking in to the logs this error appears.

MONITOR PANIC: Unable to decompress PPN from swap slot for VM

I believe the underlying storage (a single SATA disk in my case) to be at fault, or almost dying I guess.
I storage vmotion’ed the VM to another disk.

Categories
blog howto server virtualization

VMware ESXi 5.1 on USB stick won’t boot Proliant DL380 G5

Installation using the cdrom was succesful but after restarting the server won’t boot from the USB stick.
Make sure you set the correct BIOS options to allow to boot from USB.
bios_boot_order

bios_usb_enable

ESXIi formatwithmbr runweasel

If still doesn’t boot than it probably has to do with GPT/MBR formatting of the USB stick done by VMWARE.
You need to boot from the ESXi install CD again and right after you press enter to choose “ESXi5.1 installer ISO …” you see in the lower righthand corner the text “Shift + o” press this key combination (shift and the letter o). Now you see the text “runweasel” remove any chars after this, type a space and then “formatwithmbr”.

Now install as normal but now VMware should format your USB stick as MBR instead of GPT and you should be able to boot from it after the install finishes.

sources:
http://vmtoday.com/2012/09/esxi-5-wont-boot-from-usb/
http://communities.vmware.com/thread/430852?start=0&tstart=0
http://communities.vmware.com/message/1824957#1824957
http://community.spiceworks.com/topic/247715-sandisk-cruzer-fit-esxi-5

Categories
blog howto network virtualization windows

Delete or show hidden no longer active or present network adapters Device Manager

Open a command prompt. Start: RUN -> CMD (OK)
At the prompt type:
set devmgr_show_nonpresent_devices=1
At the prompt type:
start devmgmt.msc
In the menu view, click on “Show hidden devices”.
Now go to network adapters and uninstall the ones that you were looking to uninstall, it will be greyed out.

Categories
blog server virtualization

Install HP offline bundle on VMWARE ESXi v5

EDIT: You can always just download HP’s ready made install ISO for Vpshere 5.

When using the VMWARE iso image on HP Proliant you should install the HP offline bundle for hardware status and event log viewing in the Vsphere client.
Download the files. Check if there are newer versions.
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=4091412&swItem=MTX-dd492ace50c6427389678df8be&prodNameId=4091432&swEnvOID=4115&swLang=8&taskId=135&mode=4&idx=1
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=4091412&prodNameId=4091432&swEnvOID=4115&swLang=8&mode=2&taskId=135&swItem=MTX-48fa6d3608514c60979531d921

Place host in maintenance mode via the Vsphere Client.
Upload the files to the root folder of the datastore.
My datastore is called DAS600GBRAID10, look up your name and change the path in the commands accordingly.

Run these commands from the Vsphere CLI v5.
esxcli.exe -s 192.168.101.60 -u root software vib install -d /vmfs/volumes/DAS600GBRAID10/hp-esxi5.0uX-bundle-1.0-20.zip
esxcli.exe -s 192.168.101.60 -u root software vib install -d /vmfs/volumes/DAS600GBRAID10/hp-nmi-esxi5.0-bundle-2.0-11.zip
Change the IP, path and username according to your situation. Password will be prompted for.

If you want to run the command without vCLI then run them on the host in Local Shell or SSH like this:
esxcli software vib install -d /vmfs/volumes/DAS600GBRAID10/hp-esxi5.0uX-bundle-1.0-20.zip
esxcli software vib install -d /vmfs/volumes/DAS600GBRAID10/hp-nmi-esxi5.0-bundle-2.0-11.zip
Change path according to your situation.

Categories
server virtualization

Enable software iSCSI adaptor on ESXi v5

Through SSH or on local console:
esxcli iscsi software set --enabled=true

Categories
blog server virtualization

HP ESXi 5.0 image license problem

The vmware.lic file is read only with a free ESXi key inside.

Execute on the command line of the particular ESX host:
esxcli software vib remove -n hp-esx-license --no-live-install
Connect with the VI client directly as root to the host and select by right-click to “shutdown” the host.

Categories
blog howto virtualization

Upgrade ESXi (free) 4.0 to 4.1.0 U1 (Update 1)

Are you upgrading from 4.0 to 4.1U1 ? Then read on or you will end up like me browsing trough the ZIP file and the XML files inside to find out the correct bulletin name. It’s not pleasant to do this when you just entered maintenance mode in a small time frame to stop production vm’s.

Procedure from the Upgrade guide:

Procedure
1 Download the following upgrade ZIP bundle from the VMware Web site to a location that is accessible
to the vSphere CLI machine.
upgrade-from-ESXi4.0-to-4.1.0-0.0.build#-release.zip
The upgrade ZIP bundle contains and esxupdate bulletin and an upgrade bulletin.
2 Power off any virtual machines that are running on the host and place the host into maintenance mode.
3 Install the esxupdate bulletin by running the following command on the vSphere CLI machine.
vihostupdate –server host name or IP address -i -b location of the ESXi upgrade ZIP bundle –
B ESXi410-GA-esxupdate
4 Install the upgrade bulletin by running the following command on the vSphere CLI machine.
vihostupdate –server host name or IP address -i -b location of the ESXi upgrade ZIP bundle -B ESXi410-GA
5 Verify that the bulletins are installed on the ESXi host by running the following command.
vihostupdate.pl –server host name or IP address –query
6 Reboot the host.

What they fail to mention is that the bulletin name in step 4 has changed. So in step 4 the command should now read:

vihostupdate –server host name or IP address -i -b location of the ESXi upgrade ZIP bundle -B ESXi40-TO-ESXi41UPDATE01

PS: After the upgrade I had some problems connecting to the management IP. I did a restart management but no effect. I then changed the mgmt IP and I could connect. However I had to update my client before I could login.

Categories
linux server virtualization

GhettoVCB ESX(i) VM’s backup: E-mail logfile

UPDATE: GhettoVCB now has it’s own function to send a report mail. It only works on ESXi > 4.1.

I’m using an excellent script to backup my virtual machines called GhettoVCB. This script works perfect. I wanted to get the daily logfile in my e-mal inbox. I have ESXi (4.0) and i don’t know whether it can e-mail by itself, i think not. But i used a linux VM i am running, to pull the logfile and mail it to me. The linux VM is set up with sendmail and outgoing mailhost is configured. I you don’t have a linux VM, a windows VM or PC can work too. You can use wget for windows to pull the file (syntax would maybe change a little bit) and then blat to mail the file. I won’t go in detail about this.

I have altered the GhettoVCB script to make the backups & logiles use this date syntax “date +%F”. I find it easier to read for humans. You have to adjust this in the Cronjob that calls the ghettoVCB script, the logfile is given as a paramter.
In the script below, please adjust the youruser and yourpass to valid login credentials for browsing the datastore trough https. Usually the user you login with directly on the ESXi. Also adjust the you@domain.tld, place your e-mail address. Pretty simple & basic but it works excellent. Last point, adjust the 192.168.x.y to your ESXi’s IP address.

#grab esxi backup log file and mail it v0.1
#Note the WGET part should be 1 line, no line breaks
#Adjust the youruser & yourpass to valid credentials for logging in to ESXi (browse the datastore)
#Adjust the IP address (192.168.x.y) to your ESXi ip addresss
#In the wget line below, my logs were located in a folder called backup on a datastore called 750GBdisk2
#You could check the syntax of the link by browsing to your datastore and locate the backup log files then look at the addressbar
cd /tmp
wget "https://192.168.x.y/folder/backup/ghettoVCB-backup-$(date +\%F).log?dcPath=ha-datacenter&dsName=750GBdisk2" --user youruser --password yourpass --no-check-certificate
cat /tmp/ghettoVCB* | mail -s "Backup log ESXi4" you@domain.tld
rm -rf /tmp/ghettoVCB*