Pages

Total Pageviews

Thursday, January 31, 2013

Local Admin account for ESXi

Previous version of ESXi hyper visors had a limitations of using single root user id for administration . With ESXi 5.1 vmware has introduced a new security feature which will allow administrators to create Named user ID and provide admin ( root equivalent ) access. 

Points to Note :

  1. You cannot create using vsphere web client
  2. User ID can be created using sphere windows client 
  3. User Id can also be created using the host profile( Enterprise Plus Edition )

Procedure : 
  1. Launch vsphere client  and connect to the ESXi host using root credentials 
  2. Browse to Local User and groups.
  3. rt click => Add new user.
  4. Provide the login ID , User Name and UID (User Name and UID are optional). Enter the password. 
  5. Specify whether user has the Shell access or no.
  6. In the permission tab , add the relevant permission to the named user.
You can even integrate the ESX host authentication with active Directory . It can be done by

  1. Connect to the ESX host via vsphere client using the root credentials 
  2. In the configuration tab , click on authentication services .  Enable active directory services in the directory service type.

Monday, January 28, 2013

vSphere Licensing

There are multiple products involved when we say vsphere .

  1. vmware vsphere Editions :The package includes different products depending on the price ranging .
    Standard Edition : its the starting package available and is  suitable for small environments. Features include - 8 vCPU per VM , Hyper visor ,Vcenter operations,  HA , DRS , vMotion . Vshield endpoint, vsphere replication . hot add, vshield zones , FT, Storage Vmotion .

    Standard Plus
    : Features include - Standard Edition +vCenter operation management Suite , Vcenter protect standard .

    Enterprise Edition
    : Stand Plus + 32 vcpu per VM +virtual serial console port +storage API for array management + DRS scheduler +  Distributed Power management .

    Enterprise Plus
    : Enterprise + DSwitch +IO control network and Storage +Host profile+ auto deploy +Storage DRS + Policy driven storage
  2. vSphere Hypervisior : Its a free product that provides simple and easy way to get started with the virtualization . You can connect to it remotely using the vsphere client but you cant add it to Vcenter to manage . And there is a physical RAM limitation of 32 Gig .
  3. Vmware vSphere Desktop : Is designed to license the VDI deployment . Provides all the functionality of vSphere Enterprise Plus but it can be used for only VDI deployments and the third part connectors .It is based on the total number of Powered on virtual desktops. it can be purchased as part of a package or as a stand alone in pack of 100 VMs
  4. vSphere Kits :
    Essential Kit: Meant for small office deployment . It can be used for offices with 3 hosts and 2 CPU's each . Available in Enterprise and Enterprise Plus editions .It must be purchased along with a one-year subscription to software patches and updates. Support is optional and available on a per incident basis. Special edition is designed for branch office implementation . Starting order is available for 10 branch offices.

    Acceleration Kits : Each kit consists of six licenses for VMware vSphere, along with a license for one instance of a VMware vCenter Server Standard and a license for one instance of vSphere Storage Appliance . Unlike the Essentials Kits and VMware vSphere 4.x Acceleration Kits that function as single entity, VMware vSphere 5 Acceleration Kits decompose into their individual kit components after purchase. This allows customers to upgrade and renew SnS for each individual component on its own schedule.



  5. Vcenter Licence : This is one of the major component required for management of virtual platform
    vcenter server for Essential kits :integrated management of essential kit .
    vcenter server foundation : centralized management upto 3 vsphere hosts
    vcenter server standard : highly scalable mgmt for rapid provisioning . 



Tuesday, January 22, 2013

Free ESXi limitations

There are quite no. of limitations of Free ESXi image.Its all ways better to go for Licensed edition . 


  1. Physical RAM limitation is 32 Gig . If the physical host exceeds more than 32 Gig the ESX host will not boot . Either the Memory slots need to disabled or removed.
  2. Power shell or any other APIs cannot be used to pull the report or manage
  3. Technical support is not available for free edition 
  4. No limitation on physical Processor (Like Licensed version)
  5. VMs can have max of 8 vCpus 
  6. No Alaram no SNMP support 
  7. No VM cloning 


Difference Between 4.x and 5.X

There are quite number of differences between 4.x and 5.x architecture.


Analyzing Memory Dump

Steps to analyze the memory dump :


  1. Install .Net Framework 4.5 
  2. Install the Debugger from following Microsoft Link :
    http://msdn.microsoft.com/en-us/windows/hardware/gg463009.aspx
  3. From Command Prompt navigate to following path
    "C:\Program Files\Debugging Tools for Windows (x64)\windbg.exe"
  4. Type following :
    kd –z C:\Windows\memory.dmp
  5. .logopen c:\debuglog.txt
  6. .sympath srv*c:\symbols*http://msdl.microsoft.com/download/symbols
  7. .reload;!analyze -v;r;kv;lmnt;.logclose;q
  8. Review the c:\debuglog.txt

Thursday, January 17, 2013

User Management - vSphere 5.1

In vsphere 5.1 every thing is handled using the SSO DataBase . 

Following Steps allow you to add three Groups 

  1. Vcenter Administrators 
  2. Read Only Access 
  3. Limited access

  1. Login to vsphere5.1 Web client .

    Note : Use the ID which was created during installation of SSO Module.





  2. Login to the vCenter Server and create following Local Groups

    => vcenter_Admin
    => vcenter_readonly
    => vcenter_NOC
  3. Add Vcenter_Admin to local Administrator Group
  4. Login to vSphere Client using admin access. Browse to Permission tab under vcenter.
     => Click on Add permission .
    =>  Select Appropriate role under ASSIGNED ROLE.  For Example - Select Read Only Role.
    => Under User and Groups Tab , click on ADD.
    => Under Domain select System -> select the Group vcenter_readonly->add
  5. Add the users to the respective local groups according to the User privilege.


    IMP Note : Don't forget to remove domain admins from Local Administrators groups in Vcenter server. 

Tuesday, January 15, 2013

Windows Administration

Get the list of Local Admin on Remote computers 

$Result = @()

foreach($server in (gc .\servers.txt)){


$computer = [ADSI]("WinNT://" + $server + ",computer")

$Group = $computer.psbase.children.find("Administrators")

function getAdmins

{$members = ($Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Adspath", ‘GetProperty’, $null, $_, $null)}) -replace ('WinNT://DOMAIN/' + $server + '/'), '' -replace ('WinNT://DOMAIN/', 'DOMAIN\') -replace ('WinNT://', '')
$members}

$Result += Write-Output "SERVER: $server"

$Result += Write-Output ' '
$Result += ( getAdmins )
$Result += Write-Output '____________________________'
$Result += Write-Output ' '
}
$Result > c:\results.txt

Invoke-Item c:\results.txt




Get the User and the export properties to CSV



Get-ADUser -Identity username -Properties * | Select-Object LastName, FirstName, SamAccountName, whenCreated, AccountIsDisabled, Account IsExpired, ParentContainer, @{n='memberOf';e={$_.MemberOf -join ';'}} | Sort-Object LastName | Export-Csv c:\temp\1.csv -NoTypeInformation -Force

 Enable disk cleanup in windows 2008 without restarting the server


Search cleanmgr.exe and cleanmgr.exe.mui Under windows\winsxs and copy the files in place in following folder

Cleanmgr.exe should go in %systemroot%\System32.

Cleanmgr.exe.mui should go in %systemroot%\System32\en-US.

You can now launch the Disk cleanup tool by running Cleanmgr.exe from the command prompt.

Logoff the disconneted dessions 

Following batch file can be used to logoff all the disconnected sessions in wink28


@echo off
:Top
for /f "tokens=1-7 delims=,: " %%a in ('query user ^| find /i "disc"') do if %%d GTR 32 (logoff %%b) else %%e GTR 32 (logoff %%b)
choice /T 120 /C 1 /D 1 /N
goto top




Persistent and Non - Persistent

Persistent: 

By default all the virtual disks are persistent - I.e Changes are written directly on the disk . And these disks are included in the snapshots . 

When you edit a virtual machine settings you will see an option called Independent  Mode. This means the disks are independent of the Snapshots . 

There are two options available
1. Persistent 
2. Non Persistent 

Persistent Disks - The disks are excluded from the snapshot and all the write options are permanent.

Non - Persistent - All the write options are temp. Changes are discarded when the virtual machine is re-set or powered off . If you restart the system , the data will still be available on the disk.Changes will be discarded only when the system is RESET or POWERED OFF.

VMware Documentation Link : 
http://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc_50%2FGUID-8B6174E6-36A8-42DA-ACF7-0DA4D8C5B084.html

Script for VMware Administration




Useful scripts :


Common script lines :

===========================================================================
Connect-VIServer vCenterServer -User vcenterUsername -Password Pwd
Disconnect-VIServer vCenterServer -Confirm:$false
===========================================================================
Rename the datastore
===========================================================================

Get-Datastore -Name "Source*" | Set-Datastore -Name "DESTINATION"

    =====================================================================


    Add disk to the Virtual Machine 


    ===========================================================================
    $vm=Get-VM "testingserver"
    $vm|New-HardDisk -CapacityGB 10 -Persistence persistent
    ===========================================================================

    Get Inventory of virtual platform in XLS format

    ============================================================================

    $Excel = New-Object -Com Excel.Application
    $Excel.visible = $True
    $Excel = $Excel.Workbooks.Add()
    $Addsheet = $Excel.sheets.Add()
    $Sheet = $Excel.WorkSheets.Item(1)
    $Sheet.Name = "VMDetails"
    $Sheet.Cells.Item(1,1) = "Name"
    $Sheet.Cells.Item(1,2) = "Power State"
    $Sheet.Cells.Item(1,3) = "Memory (MB)"
    $Sheet.Cells.Item(1,4) = "Number of CPUs"
    $Sheet.Cells.Item(1,5) = "Guest Operating system"
    $Sheet.Cells.Item(1,6) = "Total Storage"
    $Sheet.Cells.Item(1,7) = "DataStore Path"
    $Sheet.Cells.Item(1,8) = " Description"

    $WorkBook = $Sheet.UsedRange
    $WorkBook.Font.Bold = $True

    $intRow = 2
    $colItems = Get-VM | Select-Object -property "Name","PowerState" ,"MemoryMB","NumCPU" ,"OSName", "ProvisionedSpaceGB","VmxDatastoreFullPath","Description"

    foreach ($objItem in $colItems) 
    {
        $Sheet.Cells.Item($intRow,1) = $objItem.Name
        $powerstate = $objItem.PowerState
        If ($PowerState -eq 1) {$power = "Powerd On"}
        Else {$power = "Powerd Off"}
        $Sheet.Cells.Item($intRow,2) = $power
        $Sheet.Cells.Item($intRow,3) = $objItem.MemoryMB
        $Sheet.Cells.Item($intRow,4) = $objItem.NumCPU
        $Sheet.Cells.Item($intRow,5) = $objItem.OSName
    $Sheet.Cells.Item($intRow,6) = [math]::Round(($objItem.ProvisionedSpaceGB),2)
    $Sheet.Cells.Item($intRow,7) = $objItem.VmxDatastoreFullPath
        $Sheet.Cells.Item($intRow,8) = $objItem.Description
    $intRow = $intRow + 1

    }

    $WorkBook.EntireColumn.AutoFit()

    $Sheet = $Excel.WorkSheets.Item(2)
    $Sheet.Name = "DataStoreDetails"
    $Sheet.Cells.Item(1,1) = "Name"
    $Sheet.Cells.Item(1,2) = "Free Space"
    $Sheet.Cells.Item(1,3) = "Capacity"

    $WorkBook = $Sheet.UsedRange
    $WorkBook.Font.Bold = $True

    $intRow = 2
    $colItems = Get-Datastore "hit*" | Select-Object -property "Name","FreeSpaceMB","CapacityMB"

    foreach ($objItem in $colItems) 
    {
        $Sheet.Cells.Item($intRow,1) = $objItem.Name
        $Sheet.Cells.Item($intRow,2) = [math]::Round(($objItem.FreeSpaceMB/1024), 2 )
        $Sheet.Cells.Item($intRow,3) = $objItem.CapacityMB /1024
        
        $intRow = $intRow + 1

    }

    $WorkBook.EntireColumn.AutoFit()
    $Sheet = $Excel.WorkSheets.Item(3)
    $Sheet.Name = "HostDetails"

    $Sheet.Cells.Item(1,1) = "Name"
    $Sheet.Cells.Item(1,2) = "State"
    $Sheet.Cells.Item(1,3) = "Physical Memory"
    $Sheet.Cells.Item(1,4) = "# of VM"
    $Sheet.Cells.Item(1,5) = "Used vCPU"
    $Sheet.Cells.Item(1,6)= "ProcessorType"
    $Sheet.Cells.Item(1,7) = "version"
    $Sheet.Cells.Item(1,8) = "Build"
    $Sheet.Cells.Item(1,9) = "Manufacturer "
    $Sheet.Cells.Item(1,10) = "Model"
    $Sheet.Cells.Item(1,11) = "CpuTotalMhz"
    $Sheet.Cells.Item(1,12) = "CpuUsageMhz"
    $WorkBook = $Sheet.UsedRange
    $WorkBook.Font.Bold = $True

    $intRow = 2
    $colItems = Get-VMhost | Select-Object -property "Name","State" ,"MemoryTotalGB" , "NumberOfPoweredOnVMs" ,"NumPoweredOnvCPUs","ProcessorType" ,"version","build" ,"Manufacturer" ,"Model" , "CpuTotalMhz", "CpuUsageMhz"

    foreach ($objItem in $colItems) 
    {
        $Sheet.Cells.Item($intRow,1) = $objItem.Name
        $state = $objItem.State
        If ($state -eq 0) {$status = "Connected"}
        Else {$status = "Disconnected"}
        $Sheet.Cells.Item($intRow,2) = $status
    $Sheet.Cells.Item($intRow,3) = $objItem.MemoryTotalGB
    $Sheet.Cells.Item($intRow,4) = $objItem.NumberOfPoweredOnVMs
    $Sheet.Cells.Item($intRow,5) = $objItem.NumPoweredOnvCPUs
        $Sheet.Cells.Item($intRow,6) = $objItem.ProcessorType
    $Sheet.Cells.Item($intRow,7) = $objItem.Version
    $Sheet.Cells.Item($intRow,8) = $objItem.Build
    $Sheet.Cells.Item($intRow,9) = $objItem.Manufacturer
    $Sheet.Cells.Item($intRow,10) = $objItem.Model
    $Sheet.Cells.Item($intRow,11) = $objItem.CpuTotalMhz
    $Sheet.Cells.Item($intRow,12) = $objItem.CpuUsageMhz 
        $intRow = $intRow + 1

    }
    $WorkBook.EntireColumn.AutoFit()

    ##Netowork Card details


    ##Save the Report 
    $date=Get-Date
    $Folder = "c:\shashi\repo"
    $FileName ="$Folder\Inventory-{0}-{1:d2}-{2:d2}.xlsx" -f $date.Year,$date.Month,$date.Day
    $Excel.SaveAs($Filename)
    $Excel.Close()


    ============================================================================


    Script to disconnect the sessions with the Idle time - 30 min ============================================================================

    Function Get-ViSession { 
        <# 
            .SYNOPSIS 
                Lists vCenter Sessions.

            .DESCRIPTION 
                Lists all connected vCenter Sessions.

            .EXAMPLE 
                PS C:\> Get-VISession

            .EXAMPLE 
                PS C:\> Get-VISession | Where { $_.IdleMinutes -gt 5 } 
        #> 
        $SessionMgr = Get-View $DefaultViserver.ExtensionData.Client.ServiceContent.SessionManager 
        $AllSessions = @() 
        $SessionMgr.SessionList | Foreach {    
            $Session = New-Object -TypeName PSObject -Property @{ 
                Key = $_.Key 
                UserName = $_.UserName 
                FullName = $_.FullName 
                LoginTime = ($_.LoginTime).ToLocalTime() 
                LastActiveTime = ($_.LastActiveTime).ToLocalTime() 
                
            } 
                If ($_.Key -eq $SessionMgr.CurrentSession.Key) { 
                    $Session | Add-Member -MemberType NoteProperty -Name Status -Value "Current Session" 
                } Else { 
                    $Session | Add-Member -MemberType NoteProperty -Name Status -Value "Idle" 
                } 
                $Session | Add-Member -MemberType NoteProperty -Name IdleMinutes -Value ([Math]::Round(((Get-Date) – ($_.LastActiveTime).ToLocalTime()).TotalMinutes)) 
        $AllSessions += $Session 
        } 
        $AllSessions 
    }
    Function Disconnect-ViSession { 
        <# 
            .SYNOPSIS 
                Disconnects a connected vCenter Session.

            .DESCRIPTION 
                Disconnects a open connected vCenter Session.

            .PARAMETER  SessionList 
                A session or a list of sessions to disconnect.

            .EXAMPLE 
                PS C:\> Get-VISession | Where { $_.IdleMinutes -gt 30 } | Disconnect-ViSession

            .EXAMPLE 
                PS C:\> Get-VISession | Where { $_.Username -eq "User19" } | Disconnect-ViSession 
        #> 
        [CmdletBinding()] 
        Param ( 
            [Parameter(ValueFromPipeline=$true)] 
            $SessionList 
        ) 
        Process { 
            $SessionMgr = Get-View $DefaultViserver.ExtensionData.Client.ServiceContent.SessionManager 
            $SessionList | Foreach { 
                Write "Disconnecting Session for $($_.Username) which has been active since $($_.LoginTime)" 
                $SessionMgr.TerminateSession($_.Key) 
            } 
        } 
    }
    Get-VISession | Where { $_.IdleMinutes -gt 30 } | Disconnect-ViSession

    ============================================================================

    I have created a separate dedicated blog of Power CLI   .


    http://vmware-powercli.blogspot.com

    Thursday, January 10, 2013

    ESXi 5.1 Installtion



    ESXi 5.1.0 - this is the latest Host Operating system available for vmware virtulization. 

    You can always do a fresh installation of ESXi 5.1 in case you don't have any customization or complex configuration which is not identical across the hosts. 

    The best way to upgrade from ESX 3.5 to 5.1 is first upgrade the host to ESX 4 and then upgrade it to ESXi 5.1 

    You can use upgrade manager or ISO file to upgrade your hosts. 

    Host profiles are used to maintain the consistent configuration across all the hosts. And remember this option is available only for Enterprise Plus Licenses. An alternative would be use evaluation license (60 days) and use host profile feature to maintain the consistency during the esx up-gradation process.

    Things to remember before up gradation:
    1. Download the ISO file from vmware website . If you have HP hosts use HP customized ISO which have HP hardware monitoring agents embedded in the ISO file. It can be downloaded from HP web site .
    2. Make note on the iscsi targets ( this is important because if you have security configured on you MSA Box , ISCSI name is required , untill unless you dont want to re-configure you MSA box so that the ESX host can access your ISCSI disks)
    3. Make note of the Management IP address 
    4. Decide on the root password 
    5. Note down the vmotion IP address and the vlan info 


    Fresh Installation  : 
    Its is more or less its a straight forward Process . The GUI will guide you 
    1. Bring the host to Maintenance Mode
    2. Mount the ISO via ILO
    3. Reboot the ESX host  and boot it from the ILO
    4. DVD Boots, Press Enter to continue at the Welcome Screen
    5. Accept the End User License agreement
    6. After the files are loaded, the installer will find VMFS partition. Press Enter to continue.
      Note : Make sure you have selected the Local Disk . You would see even the Datastore attached to the host .
    7. You will be presented with 3 options. Choose, Install ESXi, preserver VMFS datastore”. Press Enter and F11 to confirm.
      >> upgrade ESXi , Preserve VMFS data store
      >> Install ESXi , Preserve VMFS data store
      >> Install ESXi , over write VMFS data store 
    8. Select the Key Board Layout
    9. Enter the required root Password
    10. Press F11 to begin the installation
    11.  When finished, you will get a confirmation message. Press Enter to reboot.
    Initial Configuration :
    More or less it’s a straight forward Process. The GUI will guide you 
    1. Press F2 on ESX host console
    2. Authenticate using root password , After authentication you would see customization wizard
    3. Hit configure management Network 
    4. Provide the required management vlan 
    5. provide management Ip address , subnet mask , gateway and the vlan info
    6. Enter primary and secondary DNS IP address 
    7. Commit the changes which will intern restart the management agent.  
    8. Reconnect the host in the vcenter 
    9. Create the switches ( only for first host in the cluster) 
    10. Configure the switches.
    Create Host Profiles 
    Host profile wizard will guide you to create a new host profile 
    1. Create a new Profile or import an existing host profile
    2. Specify the reference host 
    3. Give the relevant Name 
    4. Apply the host profile 
    Apply Host Profile 
    1. Bring the host to Maintenance 
    2. Select the host to which the host profile need to applied 
    3. Right click and Hit  Manage profile 
    4. Select the host profile which needs to be applied.
    5. Right Click on the Host Icon, and then apply the profile.
    6. Host profile would ask the IP address of Vmotion and iscsi vm kernel ports.
    7. Change the Iscsi name ( used for security in the iscsi box and its unique)



    Health Check 
    1. Check if up links are fine
    2. NIC connectivity  to Physical switch
    3. Check the Vmotion and Iscsi  IP address
    4. DNS entries
    5. Perform a test Vmotion and check connectivity 



    Useful video tutorial

    There are times when you want to refresh some of the concepts . As you will not do configurations on day to day basis . 

    This post consists of  Link you youtube videos which I found useful ...



    1. configuring iscsi port binding : http://www.youtube.com/watch?v=JHkWxO1ogUI