Thursday, February 18, 2010
Advanced Disk Based Option of Symantec BackupExec - a waste
Monday, February 8, 2010
Move your BackupExec Database files location
Prometric testing - support is a joke
Friday, February 5, 2010
Dell EqualLogic SAN HeadQuarters 2.0
One of the knocks in my previous article about our new PS6500 SAN's centered around performance monitoring. Lucky for me a user commented on my post about SAN Headquarters 2.0 which is something I had not heard of before. I quickly downloaded it and took it for a spin - this was EXACTLY what I was looking for but could not find via the web interface to the SAN itself. Great performance data and easy access to all of your SAN's across your enterprise.
I will be messing with this tool over the next few days but you can safely strike that complaint from my list. I just wish my sales rep would have told me about this tool to begin with!
Dell Equallogic PS6500 SAN's - impressions
I am going to start with my complaints with the product because overall I am very happy with our purchase. However, with any product there is always room for improvement.
My biggest gripe is the performance monitoring aspect of the SAN itself. This is obviously a big deal to data administrators and probably more so in the iSCSI world where bandwidth is everything. The performance monitoring is basically watered down to the point of being too simplistic. I would like to see more raw data and less Java induced graphs. I realize that the target market for these SAN's are businesses who do not have SAN experience on staff but there should be some better tools to go deeper into looking at performance.
I have spoken about the firmware update process in the past, but I still feel this needs attention. I am not sure why the SAN itself cannot go out and grab the new firmware - then alert the administrator that new firmware is available if you want to update. It feels cumbersome to go through the manual steps of getting the firmware updated for the box.
The Auto Snapshot Manager software which is part of Dell's Host Integration Toolkit is a nice idea but the software feels a bit flaky to me. There are two editions that I have used - one is for Windows Applications and one is for VMWare. The Windows edition will make "application aware" snapshots of SQL Server/Exchange databases so you could actually restore from that snapshot without the worry of data corruption. The software works as expected but after a reboot sometimes the manager will not know how to find the vss-control volume (the volume that the software uses to induce the volume shadow copy aware snapshot) so you have to go back into the iSCSI initiator and and connect to the volume before it will work. The VMWare piece is for some reason a web-based piece of software that looks like an afterthought in appearance but does actually work. I don't like the ability to not be able to send email alerts for failed snapshots with the VMWare package but I hope that is something that will be fixed soon.
I have not tried the replication piece yet as I am waiting for the 100 megabit point to point Cogent circuit to be installed to my second data center but I am anxious to see how it works in the real world.
Overall, I am very happy with the SAN's and still recommend them but there is some room for some minor improvement along the way.
VMware KB: USB devices not supported in ESX host virtual machines
I am going through a virtual server migration at one of my data centers. The idea of moving away from older, non-standard hardware and going to a virtual platform is exciting for any IT nerd but there are some pitfalls along the way that you must keep into account. One of these pitfalls is around USB devices that your servers may use today. One of the applications that we use has an old USB Key that is used for license verification. Unfortunately, ESX/ESXi does not support adding USB devices to individual virtual machines. Apparently this support is in the works but you have to buy a USB over IP device in order to make it work properly. Who knew?
It goes to show that when you plan on doing a large scale conversion, you need to think about everything that the server does and to make sure it is supported on a virtual platform before you dig in. Support is probably a bad word since there are still many vendors out there that will not officially support their software on a virtual machine (Hello Landmark!). Of course their software will run just fine on a VM but when you call them, do not under any circumstances tell them it is running under a VM or they will stop talking to you immediately.
Monday, January 25, 2010
VMware ESX/ESXi 4.0 not working with Intel Dual/Quad PCIe NICS
Even after installing update 1 for ESX/ESXi 4.0, the OS still will not see these NIC's as being available to your system. Apparently after talking to VMWare support, there is an updated IGB driver available that you can download although it is a bit hidden on VMWare's website.
You will want to SCP this over to your server and then follow the instructions for an offline installation. The only problem is that you will have to take your ESX server into maintenance mode to do the update. Once it is done and you reboot, you can then see the NIC's and use them as part of your VM configuration.
Tuesday, January 19, 2010
Configure port forwarding on Juniper routers and ScreenOS
There is no easy way to say this but if you are used to dealing with Cisco devices over the years and are suddenly thrust in front of a Juniper device - you will think that Juniper is very weird. I am sure there are folks who absolutely love Juniper but for me I personally don't like dealing with them. In any event, if a client has a Juniper device and you need to configure it, you dive right in and make the best of it.
One of the things that I find odd is the way that port forwarding works on the device. Once you see it you will think it makes perfect sense but unfortunately the documentation on the subject is lacking.
For example, lets assume your firewall has an external interface on 1.1.1.1 and you have 4 usable IP addresses. You want to host an internal WWW server on 192.168.1.10 that is connected to the internal LAN. Here is the syntax to make this work:
set arp NAT-DST
set address untrust server-www-public 1.1.1.1/32
set policy from untrust to untrust any server-www-public http nat dst ip 192.168.1.10 port 80 permit
The weird part for me was the untrust to untrust which didn't make a whole lot of sense. In any event, that will work.
Now, what if you wanted to host something via NAT that came through the external IP of the firewall interface?
In this case, we need to change the admin port of the firewall to something different if we want to host WWW traffic and then do the NAT'ing:
set admin port 8080
set service "HTTP-8080" protocol tcp src-port 1024-65535 dst-port 8080-8080
set interface ethernet0/0 vip untrust-ip 80 "HTTP-8080" 192.168.1.10
set policy id 1 from untrust to trust any vip(ethernet0/0) HTTP permit
A bit odd but gets the job done. Good luck.
Configuring Volume Shadow Copy on Windows Server 2008 - Techotopia
Just a quick heads up for anyone configuring shadow copies on Windows Server 2008 - you no longer can right click on the volume under My Computer to enable shadow copies. You have to go into disk management and enable on each volume there first. I am not sure why they made this change but if you start scratching your head and wondering where it went - this is how you will find it.
Monday, January 18, 2010
DisableMSI and Windows Server 2008 R2
When I install Server 2008 R2 I have came across a weird problem that will prevent me from running any MSI installation program even though I am an administrator on the box.
The system administrator has set policies to prevent this installation
Of course, I haven't set any policies to prevent this but I found the following registry key which will override this setting. Apparently by default the policy with R2 is to disable all installs of MSI's - fairly draconian but better than the default I guess:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
REG_DWORD
DisableMSI set to 0
Windows Server 2008 R2 - adprep
Windows Server 2008 R2 has added some additional Active Directory objects that need to be imported into your domain and forests before it can become a domain controller. The tool that you will need to use to get your forest/domain ready for this new OS is called "adprep" and it can be found in your Windows Server 2008 R2 CD. Unlike previous versions of adprep, R2 includes a 32-bit (adprep32.exe) and a 64-bit (adprep.exe) copy for you to use. You have to run this tool on an existing domain controller so know your architecture before you start copying around the folder to your servers. You will need to do the following:
adprep /forestprep
adprep /domainprep
adprep /rodcprep
The first command will add the necessary objects into your forest, then add the necessary objects into your domain and finally it will prep your domain for the new concept that is read-only domain controllers. Once you have ran these commands and AD has replicated throughout your network, you can safely run dcpromo.exe from your Windows 2008 R2 server and make it a domain controller.
Tuesday, January 12, 2010
PS6500E installation and configuration
After unpacking all 48 hard drives and inserting them into the chassis which definitely took quite a bit of time, plugging in three power cables and inserting an ethernet cable - it took right off. I was pretty impressed with the fact that none of the drives that shipped with the unit was bad - you would usually expect at least one to be bad out of 48 but not in this case. I inserted the Dell Configuration assistant CD into one of my servers and was able to run the remote configuration assistant where I got to set up the networking information and set the initial passwords and group membership. Since this was my first SAN, I set it up in its own group and assigned it a static IP address. I created a single storage pool of RAID5 in order to begin my testing and then the unit was up and functional.
I was able to log in to the web interface to the unit and do some more configuration and take a look at all of the settings. One thing I noticed was that the firmware was out of date on the unit but you cannot download directly from the SAN - you must first set up an Equallogic support account and then download the firmware separately. This was a bit of a pain and hopefully something that can be a bit more automated in the future.
Right now I have two volumes configured with IP address access going to a VMWare ESX server and a Windows 2003 Server for testing purposes. The Microsoft iSCSI initiator installation is very straight forward and setting up my targets were very simple.
I enabled SNMP monitoring through Solarwinds Orion and so far everything looks good.
Modifying the All Users profile in Vista or Windows Server 2008
Another strange thing about Windows Server 2008 is the new location of the all users profile:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
This is another oddity and I am not really sure why it was changed but in any event if you run BGInfo like I do, you will want to place your shortcut here for it to run on every user login.
Installing VMware vCenter on Windows Server 2008 R2
Windows Server 2008 R2 is now officially supported as a VMWare VCenter server since 4.0 update 1 has been released. However, you may run into some difficulty getting it installed as things are a bit different in the Windows 2008 world.
One of the most common mistakes is how to add a 32bit DSN to your system since Windows 2008 is 64-bit. If you launch the ODBC Administrator from the start menu, this gives you the 64bit drivers which is not supported with VCenter at this time. You need to launch the DSN configuration from the command line in order to get the 32bit drivers:
c:\windows\syswow64\odbcad32.exe
This will allow you to create a 32bit DSN assuming you have installed the 32bit SQL Server client drivers on your box.
Once this is set up, the rest is pretty easy and will work without trouble.
VMware Site Recovery Manager Service installation logs
Today I ran into a problem installing Site Recovery Manager 4.0 update 1 where it would attempt to start the service and fail. The error message told me to check the server logs but I could not find any documentation on where these would be. Luckily I ran across this blog entry which details the location of the installation logs:
C:\Documents and Settings\All Users\Application Data\VMware\VMware Site Recovery Manager\Logs
I have no idea why VMWare would choose to put these logs in this odd location but once you are there you can quickly determine why the service is not starting. My problem was with SQL Server authentication which I was quickly able to correct and get the service to start properly.
