admin

18
Nov
2018

Using Tape Drive under ESX6

Ultimately, using PCI passthru will always work better if available, but…

esxcli storage nmp device list
naa.500110a00152f5ba
   Device Display Name: HP Serial Attached SCSI Tape (naa.500110a00152f5ba)
   Storage Array Type: VMW_SATP_ALUA
   Storage Array Type Device Config: {implicit_support=on; explicit_support=off; explicit_allow=on; alua_followover=on; action_OnRetryErrors=on; {TPG_id=0,TPG_state=AO}}
   Path Selection Policy: VMW_PSP_MRU
   Path Selection Policy Device Config: Current Path=vmhba3:C2:T0:L0
   Path Selection Policy Device Custom Config:
   Working Paths: vmhba3:C2:T0:L0
   Is USB: false

esxcli storage nmp satp list

esxcli storage nmp satp rule add -s VMW_SATP_LOCAL -V "HP" -M "Ultrium 5-SCSI"

esxcli storage core claiming unclaim -t location -A vmhba3 -C 2 -T 0 -L 0       <<< Must match your HBA

esxcfg-rescan vmhba3                         <<< Must match HBA

esxcli storage nmp device list
naa.600508b1001cac88dec8ea77b73b7083
   Device Display Name: Local HP Disk (naa.600508b1001cac88dec8ea77b73b7083)
   Storage Array Type: VMW_SATP_LOCAL
   Storage Array Type Device Config: SATP VMW_SATP_LOCAL does not support device configuration.
   Path Selection Policy: VMW_PSP_FIXED
   Path Selection Policy Device Config: {preferred=vmhba4:C0:T0:L6;current=vmhba4:C0:T0:L6}
   Path Selection Policy Device Custom Config:
   Working Paths: vmhba4:C0:T0:L6
   Is USB: false

Reboot ESX
References:

ESXi 5, HP P212 and LTO 5 tape drive goes offline

https://kb.vmware.com/s/article/1026157

Posted by admin in Computing Blogs, VMware
01
Aug
2018

Opsview/Nagios MySQL DB corruption

Seems the runtime.nagios_servicechecks InnoDB table is prone to corruption if the server crashes.

Often /var/log/opsview/opsviewd.log has errors such as:
[2018/11/12 19:21:24] [import_ndologsd] [WARN] Failed to import 1542029786.120211
[2018/11/12 19:21:24] [import_ndologsd] [FATAL] Error for 1542029791.083171: Can't call method "execute" on an undefined value at /usr/local/nagios/bin/../lib/Opsview/Utils/NDOLogsImporter.pm line 1163.

 

Other InnoDB tables are also prone – to find out which, run:

mysqlcheck -u <user> -p runtime

Which will display all the “good” tables up to the bad one.  To find the bad one, in the MySQL CLI, run:

MySQL> use runtime;

mysql> show tables;
+----------------------------------------+
| Tables_in_runtime |
+----------------------------------------+
| nagios_acknowledgements |
| nagios_commands |
| nagios_commenthistory |
| nagios_comments |
| nagios_configfiles |
| nagios_configfilevariables |
| nagios_conninfo |
| nagios_contact_addresses |
| nagios_contact_notificationcommands |
| nagios_contactgroup_members |
| nagios_contactgroups |
| nagios_contactnotificationmethods |
| nagios_contactnotifications |
| nagios_contacts |
| nagios_contactstatus |
| nagios_customvariables |
| nagios_customvariablestatus |
| nagios_database_version |
| nagios_dbversion |
| nagios_downtimehistory |
| nagios_eventhandlers |
| nagios_externalcommands |
| nagios_flappinghistory |
| nagios_host_contactgroups |
| nagios_host_contacts |
| nagios_host_parenthosts |
| nagios_hostchecks |
| nagios_hostdependencies |
| nagios_hostescalation_contactgroups |
| nagios_hostescalation_contacts |
| nagios_hostescalations |
| nagios_hostgroup_members |
| nagios_hostgroups |
| nagios_hosts |
| nagios_hoststatus |
| nagios_instances |
| nagios_logentries |
| nagios_notifications |
| nagios_objects |
| nagios_processevents |
| nagios_programstatus |
| nagios_runtimevariables |
| nagios_scheduleddowntime |
| nagios_schema_version |
| nagios_service_contactgroups |
| nagios_service_contacts |
| nagios_servicechecks |
| nagios_servicedependencies |
| nagios_serviceescalation_contactgroups |
| nagios_serviceescalation_contacts |
| nagios_serviceescalations |
| nagios_servicegroup_members |
| nagios_servicegroups |
| nagios_services |
| nagios_servicestatus |
| nagios_statehistory |
| nagios_systemcommands |
| nagios_timedeventqueue |
| nagios_timedevents |
| nagios_timeperiod_timeranges |
| nagios_timeperiods |
| opsview_contact_hosts |
| opsview_contact_objects |
| opsview_contact_services |
| opsview_contacts |
| opsview_database_version |
| opsview_host_objects |
| opsview_host_services |
| opsview_hostgroup_hosts |
| opsview_hostgroups |
| opsview_hosts |
| opsview_hosts_matpaths |
| opsview_monitoringclusternodes |
| opsview_monitoringservers |
| opsview_performance_metrics |
| opsview_servicechecks |
| opsview_servicegroups |
| opsview_topology_map |
| opsview_viewports |
| schema_version |
| snmptrapdebug |
| snmptrapexceptions |
| snmptrapruledebug |
+----------------------------------------+
83 rows in set (0.00 sec)

 

(Sometimes you might have to add innodb_force_recovery = 4 to the [mysqld] section of my.cnf and restart MySQL. Note - THIS IS DANGEROUS! Stop Opvsiew first. Remember to remove this line, and restart MySQL before restarting Opsview)

 

 

Resolution is to get as much data out to a duplicate table, drop table, and then duplicate back…

 

Stop Opsview:

/etc/init.d/opsview stop
/etc/init.d/opsview-agent stop
/etc/init.d/opsview-web stop

 

mysql -u root -p

use runtime;
create table nagios_servicechecksnew like nagios_servicechecks;
insert nagios_servicechecksnew select * from nagios_servicechecks where servicecheck_id not in (select servicecheck_id from nagios_servicechecksnew);

This will error after a while with a SQL Server crash. Run same command below, but starting limit high, and slowly reducing to 1.

insert nagios_servicechecksnew select * from nagios_servicechecks where servicecheck_id not in (select servicecheck_id from nagios_servicechecksnew) limit 1;

Delete table, and then duplicate info back

drop table nagios_servicechecks;
create table nagios_servicechecks like nagios_servicechecksnew;
insert nagios_servicechecks select * from nagios_servicechecksnew where servicecheck_id not in (select servicecheck_id from nagios_servicechecks);
drop table nagios_servicechecksnew;

 

Start Opsview

/etc/init.d/opsview start
/etc/init.d/opsview-agent start
/etc/init.d/opsview-web start

Posted by admin in Computing Blogs
29
Oct
2017

Installing VMware Enhanced Client Integration Plugin in Windows 10

Browse to your vcenter, and select Flash option. At login page, download the client using link at bottom, and save to disk.

Run this file from an Administrative user.

For IE:

Add the base vcenter FQDN (or IP, if using just that) to Local Intranet zone.

Download the Trusted certs from link in bottom right of https://<vcenter fqdn>/

Extract download.zip

Import the 2 certs (MMC > Add Snapin > Certificates > Local Computer, right click trusted roots, select import, and point at one of the extracted certs. Repeat import for other)

Run IE as Administrator (ie, use the “Run As Administrator” option, not just run as a user with Admin rights), and browse to vcenter FQDN, select Flash link, then on the popup, uncheck the box to ask every time, and select Allow.

All should work now

(If you use web proxies, ensure that https://vmware-plugin:8094 is in the proxy bypass list)

 

For Firefox

Browse to https://vmware-plugin:8094 (this is added to hosts file during client install) and accept the Exception for duff cert.

Browse to vcenter, and accept any Exceptions for duff certs.

All show work now

 

For Chrome

You’re a moron. Use a browser with some element of security.

Although its trivial to get the client to work, the fact is you should NEVER use Chrome on Windows, until Google go back to the drawing board and rewrite from scratch thinking about security from the start.

Posted by admin in VMware
14
Sep
2017

Finding which VM has a MAC in a VMware environment

All the info I was finding was a grepping of the VMX files (always locked/busy on my ESX6.5 environment) or needed a Windows vCenter to run a Powershell command, not available on the current VCSA.

I found this little gem at https://github.com/lamw/vghetto-scripts/blob/master/shell/vswitchInfo.sh and duplicated here (Sept 2017) in case the original goes missing…

 

# Author: William Lam
# Website: www.virtuallyghetto.com
# Product: VMware ESXi
# Description: Query MACs on internal vSwitch
# Reference: http://www.virtuallyghetto.com/2011/05/how-to-query-for-macs-on-internal.html

if [[ $# -ne 1 ]] && [[ $# -ne 4 ]]; then
echo -e “Usage: $0 -l -v [vSWITCH] -p [PORT]\n”
echo ” -l List all ports of vSwitch(s)”
echo ” -v vSwitch to query”
echo ” -p Port to query on vSwitch”
echo -e “\n\t$0 -l”
echo -e “\t$0 -v vSwitch0 -p 1234\n”
exit 0
fi

if [ ! -e /sbin/vsish ]; then
echo “Script is only supported running on an ESXi host as vsish is not available by default on ESX”
exit 1
fi

VSISH_VSWITCH_PATH=/net/portsets

if [ $# -eq 1 ]; then
for vSwitch in $(vsish -e ls ${VSISH_VSWITCH_PATH});
do
VSWITCH=$(echo ${vSwitch} | sed ‘s/\///g’)
for port in $(vsish -e ls ${VSISH_VSWITCH_PATH}/${vSwitch}ports);
do
PORT=$(echo ${port} | sed ‘s/\///g’)
PORTINFO=$(vsish -e get ${VSISH_VSWITCH_PATH}/${vSwitch}ports/${port}status | sed ‘s/^[ \t]*//;s/[ \t]*$//’);
CLIENT=$(echo ${PORTINFO} | sed ‘s/ /\n/g’ | grep “clientName:” | awk -F “:” ‘{print $2}’)
MACADDRESS=$(echo ${PORTINFO} | sed ‘s/ /\n/g’ | grep “unicastAddr:” | uniq | sed ‘s/unicastAddr://;s/\(.*\)./\1/’)
echo -e “${VSWITCH}\t${PORT}\t${MACADDRESS%%::*}\t${CLIENT}”
done
done
fi

if [ $# -eq 4 ]; then
QUERY_PATH=”${VSISH_VSWITCH_PATH}/${2}/ports/${4}/status”
echo “Querying port path: ${QUERY_PATH}”
PNICS=$(vsish -e ls /net/portsets/${2}/uplinks/ | sed ‘$!N;s/\n/ /;s/\///g’)
echo -e “pNICS for vSwitch: ${PNICS}\n”
vsish -e get “${QUERY_PATH}”
fi

Posted by admin in VMware
20
Aug
2017

Finally got around to rejigging the bit of the network where this blog sits, so now it has connectivity again!

Looking forward to putting more of my random thoughts, rants and experiences up.

Sadly, for various reasons, some of the blogs have (probably for the best) been lost forever.

Posted by admin
20
Aug
2017

OK, I have not common configuration here. Always struggled with IPSEC tunnels with my previous and current Drayteks, that UK support were unable to resolve, blaming on Openreach modems etc.

With crApple withdrawing support for PPTP VPNs from iOS, I had to get my backside into gear to find a solution. Having got it working at one of bro’s sites, I starting investigating differences…

Turns out, with simultaneous routed IP and NAT’d vLANs, many things stop working, including IPSEC VPNs.  With the current range allowing more that the pathetically limited 8 IP WAN Aliases of 2920 and others from that era, there is little reason not to be using NAT even for those with up to a /27 public range (my 2860ac supports up to 32 WAN Aliases)

Posted by admin in Networking
20
Aug
2017

Netgear GS724 Ports going dead

Having a few Netgear GS724T v3 switches across multiple sites, I’ve suffered constantly with ports going to sleep and occasionally not waking up when something is plugged in (or a PC in sleep coming back on).

Through much trial and error, I have a solution that appears to be working for me, and no more issues since I made the changes in Spring 2017….

 

…disable Auto Power Down in the green Ethernet settings!

I’m sure the tree hugging hippies will be up in arms over that, but tough.

Posted by admin in Networking
20
Aug
2017

Various VMware related snips

Using Tape drive as SCSI passthru, rather than whole controller.

Often causes glitches such as tape drive going offline after backup etc.

Possible solution, from https://communities.vmware.com/thread/334987 is:

Verify if the tape drive is using VMW_SATP_AULA (which is bad)

SSH into esxi 5 console

esxcli storage nmp device list

naa.500110a0014b774a

Device Display Name: HP Serial Attached SCSI Tape (naa.500110a0014b774a)

Storage Array Type: VMW_SATP_ALUA

Storage Array Type Device Config: {implicit_support=on;explicit_support=off; explicit_allow=on;alua_followover=on;{TPG_id=0,TPG_state=AO}}

Path Selection Policy: VMW_PSP_MRU

Path Selection Policy Device Config: Current Path=vmhba2:C0:T0:L0

Path Selection Policy Device Custom Config:

Working Paths: vmhba2:C0:T0:L0

Note: View the Storage Array Type

To change this to VMW_SATP_LOCAL

esxcli storage nmp satp rule add --satp=VMW_SATP_LOCAL --vendor="HP" --model="Ultrium 5-SCSI"

Next you need to remove any claims to that device

esxcli storage core claiming unclaim -t location -A vmhba1 -C 2 -T 0 -L 0

(your vmbha must match!)

esxcfg-rescan vmhba1
esxcli storage nmp device list

 

Reboot esxi host

Then add your Tape via SCSI device in the VM settings

Posted by admin in VMware
08
Mar
2015

RJ-45 Cables

This articles explains how to make a wire up RJ45 patch cables.​
Straight Cables
As the name suggests, a straight cable is wired pin 1 to 1, 2 to 2, 3 to 3 etc. These are the most common cables, used between computers and hubs.  cat5-straight
Crossover Cables
This cable is similar to a straight cable, but with pins 1 and 3 crossed, and pins 2 and 6 crossed. This cable can be used to link 2 computers without a hub.  cat5-xover
Posted by admin in Information and Guides