Adsense Code

Wednesday, 18 March 2015

Upgrade VDP 5.8 to 6.0 - and do you actually need to upgrade from vSphere 5.5 to 6.0 to take advantage?

I did just follow the documentation on the Vmware website here
 http://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vmware-data-protection-administration-guide-60.pdf

Importantly, I upgraded a VDP on 5.8 upto 6.0 still within a vSphere 5.5 environment as I wanted to take advantage of a VDP in 6.0 (free - or included with your licensing) having the larger capacity compared to the VDP in 5.8.  The capacity that was previously only on Advanced is now standard in 6.0 - 8TB of deduping storage for backups!

Do this when you are not going to run backups and you have plenty of time before backups start running.

The summary of the upgrade was as follows:-


  1. Download ISO.
  2. Shutdown the VDP appliance (nicely - use vmware tools, guest os shutdown)
  3. Edit settings - got to each virtual disk except for disk 1, and make them all dependent disks and snapshottable.
  4. Snapshot the VDP appliance.
  5. Power up the VM.
  6. Wait for the blue instruction screen (web management advice)
  7. Attach the ISO
  8. Wait (apparently according to the instructions the appliance can take a while - I happened to received a phone call at this point so I don't know)
  9. Go to https://<IP ADDRESS OF VDP APPLIANCE:8543/vdp-configure/
  10. On the config tab, make sure all services are running
  11. Go to the upgrade tab
  12. Upgrade - this can take a while - I mean, an hour or so.
  13. After it finishes, it will power down the VDP appliance.
  14. Edit settings, make all the disks independent (except disk 1) and not susceptible to snapshots
  15. Power on.
  16. This bit can take sometime too - you have just performed a large upgrade you know!


That's it!

The backups continued working and we have been able to restore data.

Java - Tomcat SSL certificates and Vmware View 5

This is to go through the process of making a website SSL compliant on Tomcat.  Which is just very VERY particular.  On the server that needs the certificate, I suggest creating a directory on the root of the C drive as a temporary working area.  Something like c:\newkeys  In this example, I will be using the server, cm-testserver
You need to add a java tool to your environment path first, go to Properties of My Computer, Click the Advanced Tab, Click Environment Variables.
In the System Variables group, select path and click Edit.
Type the path the JRE directory in the Variable Value Text box, on cm-testserver this is
D:\Program Files\VMware\VMware View\Server\jre\bin
Note: use a semi colon to separate the path variables.
On the server in question (cm-testserver), open a cmd prompt and navigate to c:\newkeys.  Type in
keytool -genkey -keyalg "RSA" -keystore keys.p12 -storetype pkcs12 -validity 360 -keysize 2048
This is telling the server to create a keystore (genkey).  A keystore is analogous to a safe.  This safe is used to hold your certificates and use the RSA algorithm (RSA).  The safe is to be called keys.p12  The keystore will be created in the pkscs12 format, it's valid for 360 days and the safe will be generated with 2048-bit encryption.
When keytool prompts you for the first and last name, type the FQDN (Fully Qualified Domain Name) of the server.  So this example would be cm-testserver.<yourdomain>.co.uk
Enter all the rest of the information, remembering that the country code is GB for ISO compliance.
Now you need to type in the following to generate a certificate request.  You will then send out the request, they send back a certificate and you store it inside the keystore.
keytool -certreq -keyalg "RSA" -file certificate.csr -keystore keys.p12 -storetype pkcs12 -storepass ATopSecretPassword
At the time of writing, we are using Janet, which in turn uses Comodo to authorise certificates.  Janet / Comodo only send back *.cer certificates, and not PKCS7 standard certificates.  The ZIP file that contains all of the certificates needs to be extracted to a new empty temporary directory.  Highlight one of the extracted certificates, right mouse click, and click select Open on the menu.
A new window pops open.  Click the details tab at the top, and then click the Copy To File button on the lower right.  Click Next on the wizard.  We are now exporting your new certificate out into PKCS#7 format.  Select the third option down "Cryptographic Message Syntax Standard - PKCS #7 Certificates (.P7B) and ENSURE that the tick box "Include all certificates in the certification path if possible" IS ticked.  Unlike in other configurations where you might install the root certificates one by one, here you bundle them all together.
Export it out to a file name, your choice, but I called mine testserver.p7b, and remember where you save it.
Now go back to the server where you were creating the keystores and copy the file that you've created with the merged certificates into your c:\newkeys
Go back to your DOS prompt, making sure that you are at the path c:\newkeys type in the following command
keytool -import -keystore keys.p12 -storetype pkcs12 -storepass ATopSecretPassword -keyalg "RSA" -trustcacerts -file testserver.p7b
With the above command, you are telling the keytool to import into your keys.p12 file (the keystore) the merged certificates that are held in your testserver.p7b file.
Yay!  You now have a certificated keystore file!  Now we have to make your Tomcat environment work with it
You need to copy that keys.p12 file to d:\program files\vmware\vmware view\server\sslgateway\conf\
Within that same directory, you need to edit a file called locked.properties
If the file does not exist, you need to create it.
In that file, you need two lines.
keyfile=keys.p12
keypass=ATopSecretPassword
The password is the same one that you typed in earlier (remember?!!)

Then restart the View Connection Server service.  Job done!

Monday, 9 March 2015

Upgrade your VCP to 6 with 65% off!

http://blogs.vmware.com/education/2015/03/vcp-recertification-deadline-extended.html

The web link above has the info that if you upgraded your VCP to 5.5 by the March 9yh deadline, then as a reward, you will be able to upgrade to VCP6 with 65% off your exam fees!

Worth a look when they come out!

Tuesday, 3 March 2015

Convert your vCenter environment to the standalone VCSA appliance

A great bit of info from www.virtually ghetto.com about a more straightforward way to convert your current setup to the standalone appliance.

Take a look!

http://www.virtuallyghetto.com/2015/03/long-awaited-fling-windows-vcenter-server-to-vcsa-converter-appliance-is-finally-here.html

Monday, 2 March 2015

vCenter Appliance - you really have run out of disk space - what can you do?



Okay, so we have actually run out of space.  And to recoup space, we need to add space so that the processes can run through the database and delete old data.

I could just reset the database but we've got SRM and backup products hooked into this so I can't just rip out all those settings.  It would be so much better if we could do this just like we often do on the Windows servers and just extend the disk.  So I did the following.

As vCenter was off-line, I went to host where the appliance would be.  We use DRS rules to ensure it will only ever be on one of two hosts - which makes it easier to find in this type of circumstance.

Use a direct console window on the vCenter appliance and login.  Presuming you have not done any tinkering around with your vCenter disk configuration, your database data will be held under 

/storage/db 

and you will have a disk mounted under /storage/db

To check, type in

du -h /storage/db

You should see a result of a good few amount of gigabytes of under /storage/db/vpostgres

If so, type 

mount

This will then tell you which device /dev/<something> on /storage/db  As I have already altered my configuration in the past, mine was /dev/sdc1

So now that we know the device, type in 

cfdisk /dev/sdc1

This brings up a little utility called cfdisk and it will be telling you the size in MB allocated to the disk that you want to extend.


So on the screen grab above you can see that cfdisk utility is showing us that /dev/sdc1 is over 300MB in size (this screen grab is post disk extension sorry!).  I do all this disk checking because I am a Windows person and not a Unix person and I need to double check!

Select Quit and then shutdown the appliance (web browser on port 5480 to your vcenter box and login and select shutdown).

Use the downloaded qparted ISO utility, present this as a CD to your VM.  And whilst you are there extend the disk you want to extend (you identified it by the size before remember...)   And now snapshot it.  You need to do it that way as you cannot extend a disk that has been snapshotted.

Then start the VM ensuring that you boot off the CD.  Boot it up, select your country, tell you want it to boot, use StartX and eventually you get a GUI.  On the top right of the window, you choose your device you want to extend, so I select sdc1, and it kind of looks like a Windows Disk Manager.  It tells me that the disk is that size and I can extend it be this amount of size.  So I take it to the max - I don't want to be here again any time soon!

Then go!



Give it a bit of time - it took a bit longer than I expected (again, my own experiences are normally Windows) but it got there in the end.  You can see the image above where it was processing it.  You can click details to have a look.


And some more details after it finishes.


I just clicked close, exited, and then shutdown the box.  Ensuring that I removed the tick so that the CD doesn't boot!  :-)

I then just started the Server up and ta-da!  Logging in on port 5480, the extra space was there.  Backup the now working server and then delete the snapshot.

Job done!





vCenter service has gone down - vCenter not accessible on the appliance - What could have gone wrong?


We had a problem where the vCenter environment had gone down.  All the hosts were okay and we weren't getting any scary reports about VMs going down left right and centre so it sounded like just vCenter had gone awry.

Our vCenter is running on the appliance so we connected via a web client on port 5480.  And as you can see, on the screen grab below, the database was running at 100%.  Now, we have about 220 VMs and 7 hosts but we had allocated 100GB to the database volume on the appliance which according to VMware sizing was more than enough.


So what is causing the problem?  Well - I don't know how the setting crept in as the default is to keep tasks and event information for 180 days but the task cleanup and event cleanup boxes were unticked.  This suggests that the tasks and events would build indefinitely!

So on the web client, properties of your vcenter and you can find the tick boxes below.



And like wise, if still using the Windows client, just go to the vCenter properties and alter the Database Retention Policy on there