Reminder: temporary change to enable a proxy for system updates

For systems not internet accessible such as SAN's on isolated switches, enable a proxy to do system updates whilst temporarily connecting switch to standard network.

Rpath example:

export http_proxy="http://10.141.12.254:80"

To remove the proxy for when system is going into production:

unset http_proxy

Vote for Code at the Big Chip Awards

Please vote for Code Computerlove at the Big Chip Awards '09 for the 'Tasty website' award!

We are up for 2 sites but we'd love you to vote for Original Source.

Just text SOURCE to 84433, it's just the cost of a normal text.

Thanks!

Update: Hurrah! We won the 'Tasty website' award for Original Source, thanks to everyone who voted! We also won Best On-line Brand Development for Crown Paint.

Useful reminder of disk alignment boundaries

Remember alignment at the 64k boundary, without proper partition alignment performance degradation occurs especially noticeable on high I/O disks.

Summary:

• Select a disk in DISKPART
• create partition primary align=64
• Check with msinfo32/System info
  
• Note: If your using 2003 enterprise or datacenter edition there is a bug where you receive an error when trying to format, the work around is to assign a drive letter in disk part and then format
  

http://planetlotus.org/4ba99f

A billion year ultra-dense nanotechnology memory chip

Long term read/write archival storage without degradation of media unlike traditional storage, but able to be used with standard computer systems.

They reckon this'll be on the market within the next couple of years, the storage density is thousands of times higher than current technology.

http://www.nanowerk.com/news/newsid=10999.php

Disaster-proof storage device?

US based company offering fireproof and waterproof drives, both internal and external. Perfect for disaster recovery situations for ultimate piece of mind!

They even do NAS storage devices that can withstand an hours fire and 30 days in water!

http://iosafe.com/

HP warranty and care pack checking tools

Handy tools from HP to make sure your equipment is covered by warranty or that the care packs you've registered are applied properly.

http://www.itrc.hp.com/service/ewarranty/warrantyInput.do

http://www.hp.com/uk/carepack/

Little reminder as well, UK066E is 3 year 24/7 4 hour support for BL460's and UH311E is for the C3000 enclosures with the same cover.

What are the best practices when it comes to VMWare ESX Server 3.5 and Open-E?

Whitepaper on best way to setup iSCSI targets from within ESX using Open-E, but still applies to any iSCSI SAN.

http://kb.open-e.com/entry/4/

VMware ESXi problem with NIC teaming and CARP with virtual firewall/router

Very tricky one to track down why a failover firewall configuration would never promote it's CARP IP's to MASTER status.

Turns out you must only have a single NIC on a vSwitch with a guest VM being used as a MASTER for CARP, otherwise will always show as BACKUP.

Can't even have a NIC in the standby list, 2nd NIC has to be completely removed.

There may well be a setting in the advanced options somewhere that might get this to work, if anyone has done this please let us know!

Setting up a High Availability NAS/SAN using Openfiler

Setting up a High Availability NAS/SAN using Openfiler

Run through on configuring DRDB to run a high availabilty cluster using Openfiler

http://www.the-mesh.org/tiki-index.php?page=OpenFilerHaSetup

Getting higher iSCSI throughput on VMware

As we are using iSCSI SANS at our datacentres, this is a very interesting article on getting higher iSCSI throughput under VMWare.

http://virtualgeek.typepad.com/virtual_geek/2009/01/a-multivendor-post-to-help-our-mutual-iscsi-customers-using-vmware.html

rPath appliance setup

If like us you don't have a DHCP server running at your datacentres, then an rPath appliance can be tricky to setup.

Easiest thing to do is edit these files at the console to get a static IP assigned.

vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=xxxxx
GATEWAY=1.2.3.4

vi /etc/resolv.conf
nameserver 1.2.3.4
nameserver 4.3.2.1

vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
BROADCAST=1.2.3.255
IPADDR=1.2.3.4
NETMASK=255.255.255.0
NETWORK=1.2.3.0
ONBOOT=yes
TYPE=Ethernet

Restart networking and then you can get to the appliance config screen with your static IP.

Also the admin is usually out of date so as root you'll need to do a conary updateall and a restart to get all the latest updates.

Low cost HP ESXi server for lab testing

If you need a cheap as chips server for lab testing but still want to use an official HP server that is on the ESX/ESXi HCL then look no further than the ML350 G5.

It can be picked up for £571.76 from imldirect.com.

This is a low spec dual core Xeon but it does have the HP Smart Array E200i and will support 6 SAS/SATA drives, only comes with 1GB RAM but RAM is cheap.

We'll be using in our lab with the HP USB embedded ESXi for testing etc.

HP product code is 470064-100.

Convert old VMWare server disk directly to ESX/ESXi format

Rather than use Converter which isn't altogether reliable especially with converting multi-disk servers, convert the disk directly and upload straight to the datastore.

Here's how to make the transition easy, assuming all your disks use LSILogic or BusLogic drives:

On your vmware server host, use "vmware-vdiskmanager -r (source disk path) -t 2 (destination disk path)" to convert your disk to "monolithicFlat"
Open "disk.vmdk" it is just a text file
Change "monolithicFlat" to "vmfs" and change "FLAT" (note the case!) below that to "vmfs".

Just add the disk to the ESX/ESXi VM and boot!

Reference: IIS6 Metabase properties

Force WSUS update

Force WSUS client update

here is what you would put in a script to force immediate WSUS checkup by client:
--------
net stop wuauserv

REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f

REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f

Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f

net start wuauserv
-----------
A more lightweight command:
wuauclt /detectnow

Moving VM's in VMware ESXi via SSH

VMware ESXi is a great product but it present's a number of challenges because of its highly streamlined feature set. Lets say for example you need to move a VM from one VMware server to another and don't have an NFS server or iSCSI target. And of course you don't have any of the licensed features like Backup or Vmotion either. Lets add another challenge that you only have SSH access to the system. Sounds like a fun challenge already.

Both machines need SSH enabling, then in the directory where the disk files are stored you can use SCP to copy to the other machines datastore.

scp * root@hostname:/vmfs/volumes/datastorename/vm-dir

Interesting binary diff tool, would help enormously for our daily backup's to SAN

Need to investigate tools such as these to save space on offsite daily backups especially databases.

Do a monthly full on first of each month then daily backups are diffed against the original. At any point a previous day backup can be regenerated from the 2 files.

I'll have to do some testing on the many terrabytes of storage to see just how much we could save! In theory savings of at least 50% size could be possible, especially with large mainly static databases and site files.

UPDATE:

Tried this and found that especially databases are never exactly the same data in the same place so it doesn't quite work out, also takes a very long time and so not really usable for daily backups.

This is not really as critical as SQL Server 2005 now has differential backup and site files are backed up with a full monthly and then incremental daily changes. This is keeping our backup sizes down small enough to not run out of space on our backup NAS drives.

Event log error fix for RS errors after SQL 2005 installed

If you get errors in the event log saying this not long after a new install of SQL Server 2005 standard or enterprise:

.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: Microsoft.ReportingServices.QueryDesigners, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002

To Fix, drag
C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.ReportingServices.Design.dll
to
C:\WINDOWS\assembly

To install the offending library to the GAC.
Double check all is fine:

C:\WINDOWS\microsoft.net\Framework\v2.0.50727\ngen executeQueueditems

Most annoying...

New switch upgrade? Need fibre GBICs

HP ProCurve Switch 2824 - Switch - 24 ports - EN, Fast EN, Gigabit EN - 10Base-T, 100Base-TX, 1000Base-T + 4 x mini-GBIC (empty)

The HP 24-port ProCurve Switch 2824 with 20 10/100/1000 ports has 4 dual-personality ports for 10/100/1000 or mini-GBIC connectivity.

Ideal for medium to large networks, the Switch 2824 cost-effectively offer the maximum in bandwidth performance with 10 times the speed of 100 Mbit switches. Migrating to Gigabit switches will allow you to take full advantage of your existing high-performance, Gigabit-enabled PCs, laptops, and servers - and see noticeably improved application response and file transfer times. By implementing the Switch 2824, you will seamlessly protect your existing network investment while preparing for future growth.

Product : HP ProCurve Switch 2824 - Switch - 24 ports - EN, Fast EN, Gigabit EN - 10Base-T, 100Base-TX, 1000Base-T + 4 x mini-GBIC (empty)

Buy Price: £845.00

Mfr Code : J4903A

Alternatively 2810, still stackable and layer 2 as well, code is J9021A, cheaper at about £559

Or 2510 gigabit version, identical specifications as the 2810 but about £360, code is J9279A, not stackable though, but used as dual connectivity with MPIO iSCSI SAN it wouldn't matter!

Switching 64bit server to run 32bit IIS exclusively

To switch a 64 bit 2003 server to run IIS in 32 bit mode and .Net framework 2.0 in 32 bit you need to run:

cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 true

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -ir -enable

Nice runthrough of how to get Openfiler SAN working correctly with ESXi

http://communities.vmware.com/thread/168021

Will report back on how this goes once we have our new SANs setup. Critically need to make sure NIC teaming is working fully.

Maximum single LUN size to ESXi and MS initiator (XP 32bit) is 2097120 MB

Handy list of MS KB articles to refer to

Network Load Balancing Connection to a Virtual IP Address Not Made Across a Switch
http://support.microsoft.com/default.aspx?scid=kb;EN-US;247297

Objectdock stack

If you're a user of Objectdock on the PC, if like me you're in Windows 99% of the time but miss the interface of OS X there is a handy stack docklet that lets you have folder stacks like Leopard.

http://matias.securityconsultant.com.ar/StackDocklet-preview.zip

ESXi backup to remote datastore by snapshots

This looks interesting as a free backup solution, once I get some time I shall be investigating this instead of our current backup of backing up the VM directly.

UPDATE:

This idea has been progressed further and looks like a better method is here:

http://communities.vmware.com/docs/DOC-8760

Backing up ESXi at image level

This looks interesting as they are working on a ESXi version of their backup software. Also reasonably priced as well...

esXpress v3.1 The ONLY scalable and completely fault tolerant backup, restoration and disaster recovery solution for Virtual Infrastructure 3.x. Whether you have 1TB of data or 50TB, esXpress makes a 100% complete backup of your entire virtual farm every night.

Country blocking lists in various formats

Very useful to block the spammers even includes bogon ranges. Updated every 24 hours.

Country IP Blocks now offers Network Data in 7 Separate Formats: CIDR, Netask, .htaccess deny, .htaccess allow, IP Range, Decimal/CIDR* and Hexadecimal/CIDR. You decide who can access your websites and servers.

Block a country, allow a country. Now you can take complete control of your website and network traffic. IP Blocks are a simple and effective way to improve security by limiting spammers, hackers, bandwidth wasters or malicious traffic.

Handy app for blocking IP address ranges in IIS

One to investigate, especially to stop form spammers from China etc.

MS article for registry settings for WSUS 3

As servers in the datacentres are categorised for applying patches to help automate the process all servers have registry keys assigned to pick up updates centrally. This Technet article shows what each of the registry entries does.

How to patch ESX3i using command line

3 various approaches on how to patch your running ESX3i to the latest version.

How to get XPx64 to change a site's .Net level

Easy one this, just get the site ID from IIS, no need for MetaEdit.

Run from the appropriate .Net folder under c:\windows\microsoft .net\framework\....

aspnet_regiis -sn W3SVC/99999/ROOT/

VMWare appliance to run a Cacti station

Using this in production, a few slight problems but on the whole pretty damn good!

Need to watch out if an unclean shutdown that /usr/opt/apache/logs/httpd.pid is removed for the apache daemon to run on reboot, can always check to see if httpd process is running and restart if necessary.

Also need to watch disk space, logs etc. can eat them up, check with df -h that capacity isn't all used up.

Easy one to release space is the cacti.log file, just remove from /usr/opt/apache/htdocs/cacti/log

PRTG monitoring

The freeware only monitors 10 devices but it's enough for setting up for a single client.

Found this a bit fiddly and prefer Opmanager, there is an older version that allows you to monitor 20 devices, not available for download anymore but keeping on my FTP server.

ftp://ftp.mechanised.com/software/ManageEngine_OpManager_6_windows2.exe

Handy HP Part numbers for ordering

437502-B21
HP BLc3000 Single-Phase Enclosure w/2 Power Supplies and 4 Fans w/8 Insight Control Environment Trial Licenses - Rack-mountable - power supply £1,902.96

UH311E
Electronic HP Care Pack 4-Hour 24x7 Same Day Hardware Support - Extended service agreement - parts and labour - 3 years - on-site - 24 hours a day / 7 days a week - 4 h £483.84

410917-B21
HP GbE2c Ethernet Blade Switch - Switch - 16 ports - EN, Fast EN, Gigabit EN - 10Base-T, 100Base-TX, 1000Base-T 5x10/100/1000Base-T(uplink) - plug-in module £685.00

406740-B21
HP 1Gb Ethernet Pass-Thru Module - Expansion module - Gigabit EN - 1000Base-TX - 16 ports £399.00

437572-B21
HP - Power supply - redundant - 1.2 kW £128.00

412140-B21
HP Active Cool Fan - Fan unit £69.00


AK502A
HP ProLiant BL460c - Blade - 2-way - 1 x Quad-Core Xeon E5440 / 2.83 GHz - RAM 4 GB - hot-swap 2.5" - no HDD - Gigabit Ethernet - Monitor : none £1,006.49

431958-B21 & 432320-001
HP Single Port - Hard drive - 146 GB - hot-swap - 2.5" - SAS - 10000 rpm £130.00

397413-B21
HP - Memory - 4 GB ( 2 x 2 GB ) - FB-DIMM 240-pin - DDR2 - 667 MHz / PC2-5300 - Fully Buffered - ECC

UK066E
Electronic HP Care Pack 4-Hour 24x7 Same Day Hardware Support - Extended service agreement - parts and labour - 3 years - on-site - 24 hours a day / 7 days a week - 4 h £245.25

445978-B21
HP NC360m Dual Port 1GbE BL-c Adapter - Network adapter - PCI Express x4 - EN, Fast EN, Gigabit EN - 2 ports £165.00

406771-B21
HP NC326m PCI Express Dual Port 1Gb Server Adapter - Network adapter - PCI Express x4 - EN, Fast EN, Gigabit EN - 10Base-T, 100Base-TX, 1000Base-T - 2 ports £105.00

378343-002
HP/Compaq SFF Small Form Factor 2.5inch SATA / SAS drive Tray / Caddy

BL460c
http://h18004.www1.hp.com/products/quickspecs/12518_div/12518_div.html

HP SAS Enterprise and SAS Midline Hard Drives
http://h18004.www1.hp.com/products/quickspecs/12244_div/12244_div.html

Seagate Cheetah 15K.5 146.8GB 15,000rpm 16MB SAS 3Gb/s Hard Disk Drive

Overview

Technical Description: Seagate HD Cheetah 15k.5/147GB SAS 15Krpm 16MB - ST3146855SS (Components Internal Hard Drives)

The fifth-generation Cheetah 15K.5 enterprise hard drive features innovative perpendicular recording technology, setting new standards for 15K-RPM drive capacity, performance and reliability. The Seagate Cheetah 15K.5 hard drive is the first to break the 100-MB/s sustained transfer rate barrier. These drives lead the industry in reliability, performance and value by delivering higher throughput with fewer drives than conventional 10K-RPM solutions . The Cheetah 15K.5 enterprise hard drive sets a new standard for storage cost effectiveness with an unprecedented blend of storage performance, capacity and reliability.

Warranty: 1 Year Warranty

Features

# 16-MB cache
# Perpendicular recording technology for maximum capacity
# Up to 125-MB/s sustained transfer rate
# 30 percent more IOPS than 10K 3.5-inch drives
# Reduced RAID rebuild times
# Highest reliability rating in the industry
# Lower total cost of ownership (TCO)
# 5-year warranty
# Number of pins on the I/O connector - 5

Specification
Disk Size: 3.5 Inches
Disk Capacity: 146.8GB
Disk Speed: 15000RPM
Data Buffer: 16384KB
Interface: SAS 3Gb/s SAS
Data Transfer Rates: 300MB/s
Heads: 4
Performance
Average Latency: 2.0ms
Mean Time Between Failure (MTBF): 1.4 Million Hours
Environmental
Acoustics (Idle Mode): 3.2dB
Operating Temperature: 5 to 55°C
Relative Humidity: 5 to 95%
Vibration (Operating): 0.5 Gs
Shock (Operating): 60Gs for 2ms

Electrical
Power Requirement Idle (Ready): 11.2Watts

Physical
Enclosure type: Internal
Dimensions: 10.185cm (W) x 14.699cm (D) x 2.611cm (H) - Weight 0.839kg

N2 Open Source ASP.NET CMS

Remove DRM from Sky etc.

Get full control over your ESXi Server

How to get command line access and SSH running, just need a nice OS tool to manage all these ESXi instances!

Also here are the commands to get SNMP enabled via RCLI.

C:\Program Files (x86)\VMware\VMware VI Remote CLI\bin>perl vicfg-snmp.pl --server yourserverip -c public -p 5567 -t trapserverip@162/public
Enter username: root
Enter password:
Changing udp port to 5567...
Complete.
Changing community list to: public...
Complete.
Changing notification(trap) targets list to: trapserverip@162/public...
Complete.

C:\Program Files (x86)\VMware\VMware VI Remote CLI\bin>perl vicfg-snmp.pl --server yourserverip -E
Enter username: root
Enter password:
Enabling agent...
Complete.

C:\Program Files (x86)\VMware\VMware VI Remote CLI\bin>perl vicfg-snmp.pl --server yourserverip -s
Enter username: root
Enter password:
Current SNMP agent settings:
Enabled : 1
UDP port : 5567

Communities :
public

Notification targets :
trapserverip@41472/public

C:\Program Files (x86)\VMware\VMware VI Remote CLI\bin>perl vicfg-snmp.pl --server yourserverip -T
Enter username: root
Enter password:
Sending test nofication(trap) to all configured targets...
Complete. Check with each target to see if trap was received.

ESXi 3.5 does ship with the ability to run SSH, but this is disabled by default (and is not supported). If you just need to access the console of ESXi, then you only need to perform steps 1 - 3.

1) At the console of the ESXi host, press ALT-F1 to access the console window.
2) Enter unsupported in the console and then press Enter. You will not see the text you type in.
3) If you typed in unsupported correctly, you will see the Tech Support Mode warning and a password prompt. Enter the password for the root login.
4) You should then see the prompt of ~ #. Edit the file inetd.conf (enter the command vi /etc/inetd.conf).
5) Find the line that begins with #ssh and remove the #. Then save the file. If you're new to using vi, then move the cursor down to #ssh line and then press the x key. Type in :wq to save the file and exit vi. If you make a mistake, you can press the ESC key and then type :q! to quit vi without saving the file.
6) Run ps | grep inetd to determine the process ID for the inetd process. The output of the command will be something like 1299 1299 busybox inetd, and the process ID is 1299. Then run kill -HUP (kill -HUP 1299 in this example) and you'll then be able to access the host via SSH.

SNMP configuration for ESXi

Silverstripe CMS

Homepage: www.SilverStripe.com/
Latest Version: 2.0.2b
View Demo: http://demo.silverstripe.com/

---

History

SilverStripe is a free software / open source content management system (CMS) for creating and managing websites through a simple web interface. It has many advanced features. These features include an MVC framework, XHTML compliance, multiple ways of organising navigation through folksonomy, a flexible data object model, multiple templates per page, a separate "draft site" and "published site through staging content, asset management , image resizing, versioning and rollback, SEF URLs with meta-data. SilverStripe is designed for UTF-8 support including internationalisation of character sets. It also deploys content through RSS and full text search, including searching of PDF's and Word documents.

SilverStripe 2.x coding began in late 2005, as an overhaul to take advantage of object orientation and other features of PHP5, and to allow Firefox/Macintosh compatibility, which had been difficult as SilverStripe 1.x predated Firefox.

SilverStripe is released under the terms of the BSD Licence.

http://acogitosis.krop.pl/2008-07-03-en-installing-silverstripe-on-iis-server/

How to Create Your Own Bootable ESXi USB Stick

HOW TO Create your own bootable ESX 3i usb stick

Requirements:

• 1 GB USB flash drive
• WinImage
• 7Zip

Of course you can use your favourite tools and larger USB flash drives, but 1 GB is enough space for the boot image.
Perform the following steps to create a bootable ESX Server 3i USB flash drive:

1. Download ESX Server 3i Installable ISO
2. Extract INSTALL.TGZ from the root directory of the ISO image using an 7Zip
3. Extract /usr/lib/vmware/installer/VMware-VMvisor-big-3.5.0-xxxxx.i386.dd.bz2 from INSTALL.TGZ using 7Zip
4. Extract VMware-VMvisor-big-3.5.0-xxxxx.i386.dd from VMware-VMvisor-big-3.5.0-xxxxx.i386.dd.bz2 using 7Zip
5. Attach the USB flash drive and make sure you no longer need the data on it
6. Use WinImage to transfer VMware-VMvisor-big-3.5.0-xxxxx.i386.dd to the USB flash drive
   1. Disk->Restore Virtual Hard Disk image on physical drive…
   2. Select the USB flash drive (Warning: If you select the wrong disk you will lose data!)
   3. Select the image file VMware-VMvisor-big-3.5.0-xxxxx.i386.dd
   4. Confirm the warning message
   5. Wait for the transfer to complete
7. Unplug the USB flash drive (Warning: If you forget to unplug the flash drive from the PC you might lose the data on your hard drives the next time you boot!)
8. Attach the USB flash drive to the machine you want to boot (Warning: If ESX Server 3i recognizes local drives, you might lose the data on it, so make sure you don´t need it anymore or unplug all hard drives!)
9. Turn the machine on and make sure the USB flash drive is selected as boot device
10. Watch ESX Server 3i boot
11. Configure
12. Enjoy!

Platespin, handy for VMWare, PowerRecon Inventory edition, could be useful

http://www.platespin.com/powerstore/

Unfortunately it doesn't install on a test Server 2003 standard machine. Server just created a virtual folder under the default website and the client just throws a continual stream of 401 results. :(