While playing around in my lab, I wanted to enable VMware Fault Tolerance (FT) for a VM. In the absence of physical HW I use a nested enviroment, which is running on a HP ProLiant DL160 G6 (2x Intel Xeon E5520, 32G RAM, a RAID 0 with 4 SATA drives). FT isn’t available in nested enviroments, because HW virtualization features are required. This screenshot was taken from the web client.
During a vSphere 5.0 > 5.5 upgrade I got this message:
The SSL certificate for this product is expired. See Knowledge Base article kb.vmware.com/kb/1009092
The customer hasn’t installed CA-signed certificats, so the expired certificates are the out-of-the-box self-signed certificates. The certificates are valid for two (VirtualCenter 2.5) respectively 10 years (since vCenter 4.x), depending on the Version. The only way to continue the installation is to renew the certificates. After renewing the certificates, you can simply continue the setup due the fact, that the vCenter service is stopped at this point of the setup and it loads the new certificates during startup. It’s the setup which checks the validity of the certificates. KB1009092 describes in great detail what to do, so I will not repeat what is already written there. You should note, that you can’t use the ESXi busybox to renew the certificates. The necessary OpenSSL binary isn’t included. The KB articles recommends OpenSSL for Windows. I simply used my Linux root server. But you can also use a small Linux VM. After renewing the certificates for vCenter, Inventory server and Web Client I simply continued the setup and it ran without problems by. The deployment of CA-signed certifcates is planned.
Scott Lowes “Reducing the Friction” posts inspired me to write a bit about a part of my job.
A significant part of my work is the on-site installation of newly purchased equipment. That’s one thing my customers really like. I’m not only the pre-sales guy that is doing designs and workshops, but I am also the guy who installed the things which he has thought up. This prevents finger pointing if something isn’t working as expected. I usually come into play after the rack installation and cabling. At this point I’ve done a lot of work. After the order confirmation one of my first activities is a meeting with the customer to plan the installation. This meeting is the formal project kickoff and a result of this meeting is a project plan, milestones, goals etc. You should note that project management is a important part, but It’s not done by a dedicated project manager. A dedicated project manager is only involved in bigger projects, but not for the usual “4-hosts-1-storage-dual-fc-fabric-1-vsphere-cluster” projects. At this point I start to structure the project. I create work packages, define activites, goals and configuration details with the customer. I use mind maps for it. In the end I have a big mind map with all work packages, activites, milestones etc. The process of thinking through the project is the hardest part. You need a certain amount of project experience. You should define as much as you can with the customer. Hostnames, IPs, VLANs, volume names, pros & cons of certain configurations, define a default password with the customer etc. - the more you define with the customer, the less you have to discuss and ask during the installation phase. You shouldn’t discuss the design with the customer at this point. If you have to discuss the design during the kickoff, either the requirements have changed or you sold something that don’t satisfy customer requirement. Now the task is to implement the design. After the kickoff you should have all you need, to go through the installation. I try to use digital media during those kickoffs. Either I use my iPad for notes and sketches, or I write it directly into a mind map. I use UPAD with a Bamboo Stylus Duo on my iPad and Mindjet MindManager on Windows.
In November 2013 I published a PowerShell script on blazilla.de that creates a backup of your SANsymphony-V config by using the DataCore SANsymphony-V PowerShell cmdlets. I would like to thank Marcel, Michael and Frank for their feedback and comments to improve the script. The password is stored in the securestring.txt that needs to be stored in the same directory as the script. Kudos to Marcel, who has the part of the script contributed, that stores the password in an encrypted file.
Over the last months I wrote different PowerCLI One-liners who I want to share. Nothing fancy and one or two are ugly. But they worked for me. :)
Changing the multipathing policy for all hosts and datastores in a cluster
Get-Cluster PROD | Get-VMhost | Get-scsiLun -CanonicalName “naa.60030*”| Set-ScsiLun -MultipathPolicy "roundrobin"
Get a list of all VMs in a cluster and the datastore in which the VMs resides
Get-Cluster | Get-VM | select name, @{N="Datastore";E={Get-Datastore -VM $_}} | sort name
… about virtualization, storage, networking and IT infrastructure in general. Is that really necessary? Yes! To be honest, this is my second attempt. I’m blogging for nearly seven years on blazilla.de. It’s a well-frequented german blog with a strong focus on HP, Storage, DataCore, VMware and other technical topics. Blogging about technology you’re working with is a good way to share, recap and internalize knowledge. Sharing knowledge is a main driver of the scientific and IT community. If you’re writing about something and you share it, you can give something back to the community. So why the hell do I start a second blog? Because I can. ;) blazilla.de is a blog that is mainly focused on the german IT community. This blog is my attempt to get more visible to the international community and give something back to it. I’m not a native English speaker. But I will try my best. I hope you enjoy this blog. :)
