Security:  a necessity for all the right reasons.  But it can play hell with the installation of those much-needed applications.  Recently, during the implementation for a customer, a number of Cisco Nexus series switches have been deployed into fresh new environments, ready to allow for connectivity into new virtualized environments.  During the Fabric Manager install, we ran into a number of challenges during the install and I thought it would be helpful to capture the steps that we took.  These steps should work in just about any environment.

The Windows 2008 x64 image being used for the basis of the install for the application servers (vCenter, Fabric Manager and Netapp utilities server, etc) is very security focused, and as such, can be a real pain for application installs.  In this case, for Fabric Manager (version 5.0.4b), we did the following:

1)      Unzip Fabric Manager, and double click your way into the software folder

2)      Install Java from jre-1_5_0_11-windows-i586-p.exe by right clicking and choosing Run as Administrator.  One thing of note:  this was a fresh install and did not have an existing install of Java.  As I’m sure we all know how fussy Java can be, I would recommend this being installed in a location that does not require any additional Java-oriented applications

3)      Once installed, I had to put the java bin folder into the PATH for the server, else I could not get the Fabric Manager installer to run correctly.  (this is the path: C:\Program Files (x86)\Java\jre1.5.0_11\bin)

4)      Next, head into the postres folder (located in the software folder, same as the java installer), then the Windows folder and run postgresql-8.2.msi. This will install the Postgres database that will be used for Fabric Manager.  During the install, we accepted the default components, then set the password for the service that it would run as (you can choose the name, the default is postgres).  This will also create the account for you as part of this process:

5)      Next you will be able to give the superuser account for Postgres a password, and remain the account should you want to.  You should also set the locale (English, United States in our case):

6)      The procedural languages selection is fairly straightforward, as only PL/pgsql is available as a choice.

7)      For the enable contrib modules, I leave the default selected (Adminpack.)

8)      The install should continue and complete.  When it is done, we need to now create the database that will be used for Fabric Manager

9)      Launch pgAdmin III from the start menu:

10)   On initial launch, you will see it the admin gui is disconnected from the default postgres instance.  Right click and choose Connect, then enter your password you created during install:

11)   To create a database for Fabric Manager, right click on the default instance and select New Database:

12)   You can name the database whatever you prefer, but make sure to set the Owner to the user postgres:

13)   Now it’s time to launch the fabric manager installer (finally, right?).  You can do so from the start.html .  Don’t worry if you get an unsupported environment pop up, just hit okay and choose a Custom install

14)   We went with the Standalone install, and when the Database Options appears, make sure to select Use Existing DB, set the DB superuser account (postgres by default) and the password that you set during the install for Postgressql, and set the DB URL to have the name of the database you created in place of “dcmdb”

15)   Set the local fabric manager user (defaults to admin, we used fmadmin) and set the password:

16)   For the Authentication Options, since these are standalone installs, the mode we are using is Local

17)   And for Configuration Options, we check both the “Use FC Alias as fabric default” and “Require SNMPv3 and disable SNMPv2c for increased security”.

At this point, you should get the Fabric Manager and Device Manager icons on your desktop, and you should be all ready to go.  Hopefully this will help should you try the Express install and run afoul of the many issues of security that can come up during application installs.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

I’ve been working with a client lately on a datacenter move and they have selected IBM x3690 servers. The 3690′s will be the ESXi hosts for the new site and are running ESXi embedded. I have not had the opportunity to work with many different clients that choose the embedded route, so it was cool to see how IBM setup the servers.

The servers came with ESXi 4.0 installed on a USB stick from the factory and installed in one of the two internal USB ports that the server offers. Upon turning on the servers some of them booted right to VMware and some did not. After some further looking into the boot order in the BIOS I noticed that the Embedded Hypervisor option was not added to the boot order on a couple of the servers. A quick add and they were running just like the rest, guess someone at the factory missed that one.

The servers took a very long time to post and boot up, part of this was due to the 128 GB of RAM installed. We turned off some of the non-essentials and modified the boot order to go right to ESXi and cut the post time down some. You can see from the image below it’s just another x-series server.

I snapped the image below with the cover over showing off all the sticks of memory installed.

The last image below is a close up to the two USB ports that are internal to the server. The lower one as the USB stick from the factory with ESXi embedded on it.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

I noticed some new videos recently released to a Cisco Channel on Youtube. These videos are explaining some of the features of UCS service profiles. This set of videos is showing off some of the cool things that can be done with Service Profiles and what the console looks like.

I will be creating some posts myself over time about these same features.

This next video is walking you through the creation of the Service Profile and explains the ability to create an Updating Service Profile that will update child templates created from it. This would help you keep those profiles all in compliance with your changes.

The next video talks about creating your UCS service profiles and pre-provisioning servers before the blade servers arrive. This method allows for you to do the work up front then when the blades arrive just install them and your work is done already.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

I was recently introduced to Cisco UCS and have been really enjoying working with the product. After working with HP, Dell and IBM products for almost 20 years it has been a refreshing change. Sure I was keeping an eye on what Cisco was doing with UCS and reading what others have been writing. But after working with the UCS and sitting for the UCS class I am a firm believer in what they have created now.

So I figured that it would be good just to write down a few of the little things that have impressed me so far. I will be writing a lot more about UCS in the coming weeks. But these are just some UCS features that I thought were cool.

This is no surprise but does the back of your server rack look this clean? Unless you have a UCS blade chassis I doubt it does. Sure other vendors have been creating Blade Chassis for years and they have done many things to cut down on cable clutter. But nothing comes close to making things this simple and clean.

The next one is maybe not so much a technology innovation but it’s just something so simple that I can’t believe no one has done this before. On each UCS blade server that is a little paper card that flips out. This can be used to write server names, put asset tags or other labeling details. No more are the days were you are forced to paste labels on the front of servers reducing the air flow by partially covering up some of the vents. This seems so dang easy but I’ve not seen any other vendor do this yet.

This will probably have people split on if its good or bad. Every UCS blade and C series rack mount server has the console port on the front and you can use the dongle in the picture below to access. The UCS dongle provides you with a video port, 2 USB ports and a 9 pin serial connection. This gives you the ability to connect monitor, keyboard and mouse to any blade or server. You could also use it for a console connection to a nearby switch if your laptop like many does not have a serial port. Sure others will probably say why would you want this when I just cable up my chassis to a KVM and forget about it. But after years of working with remote data centers and having a wide variety of skilled and non-skilled works there to be your hands in a crisis. This makes things dead simple just connect this dongle to server 1 and what do you see on the screen. No more try to remotely talk someone through how to use a KVM and never really being sure if they are looking at the right screen.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

With all the talk about converged infrastructure and stacks these days especially in the virtualization space I was really glad that I got to do this interview. There has been a lot written about its competitors but the HP BladeSystem Matrix was still kind of a mystery to anyone that had not had HP in to talk about it. I was lucky enough to spend some time talking with a couple of members from the HP BladeSystem Matrix team. These guys were very helpful in explaining what Matrix is and answered all of my crazy questions.

What I hope everyone gets from this is a better understanding of what BladeSystem Matrix has to offer if you’re looking at these types of converged offerings. Also highlight some of the features that are unique to the HP stack. In interest of being totally open I am also an employee of HP but my current work responsibilities have nothing to do with BladeSystem Matrix. Now that all that is out of the way let’s get started with the good stuff.

VT: Can you give me your elevator pitch?
HP: Matrix is the foundation for a private cloud solution managing both physical and virtual infrastructure. Matrix allows you to rapidly provision infrastructure via a self service portal. In addition, it offers the ongoing life-cycle management including capacity planning and disaster recovery. You can buy Matrix with a single SKU that includes hardware, software and services. The solution is all tested and certified by HP to work together.

VT: Who benefits from this solution?
HP: Customers who need to be able to address fast change and achieve a competitive advantage through time to market. Typical customers for Matrix are large Enterprises and Service Providers who have invested already in virtualization and shared infrastructure and want to take the next step to cloud computing. I think that these target customers are common to all converged infrastructure offerings.

VT: What hardware makes up a BladeSystem Matrix?
HP: BladeSystem Matrix all begins with something called a starter kit. This kit includes the following items, Central Management Server on a ProLiant DL360, HP C7000 Blade Chassis w/Virtual Connect networking and Insight Management software for managing Matrix. For the storage you have multiple options – you can use your existing Fiber Channel SAN storage if it’s supported or you can use HP storage, e.g. 3PAR or HP EVA 4400 array. iSCSI storage is supported as well for VM data stores. There is also something called an Expansion kit which is a C7000 Blade chassis, Insight Management software licenses and HP Services needed to integrate the expansion kit into your existing Matrix environment. It should be noted that Matrix supports both ProLiant and Integrity blades.

VT: What are HP Cloud Maps and how do they relate to BladeSystem Matrix?
HP: These Cloud Maps help customers to get started quickly with Matrix – they jump start the creation of a customized self-service portal.  Cloud Maps include white papers and templates for hardware or software configurations that can be imported into BladeSystem Matrix that can save days or weeks of design time. A Cloud Map can also provide workflows and scripts designed to expedite the installation.

VT: What does the CMS or Central Management Server do?
HP: The CMS server is a physical server that is running the management software that controls, automates and monitors your BladeSystem Matrix. If you have a DR site with a Matrix you would need a CMS server there to control the environment. It’s also possible to setup the CMS in a HA or Highly Available configuration to prevent a single failure point for Matrix management. Lastly for large environments that exceed the maximums of a single CMS you can now stand up secondary CMS servers that will still allow you to manage everything from one admin console.

VT: Can I use existing HP gear with a Matrix install?
HP: If you purchase a new HP BladeSystem Matrix you can use it to also manage any qualifying HP hardware that you already own. HP has created something called the Matrix Conversion Services to assist with integrating your existing HP infrastructure with BladeSystem Matrix. This program is new and will evolve to allow customers to accomplish these integrations.

VT: Can I use arrays from other vendors?
HP: You can use Storage Arrays from other vendors as long as they are able to meet a list of criteria – for example the storage vendor needs to be certified with Virtual Connect.  More details can be found in the Matrix compatibility chart.

VT: What software is used for Matrix?
HP: The software for Matrix is called the Matrix Operating Environment, which includes the whole Insight Management stack including Insight Foundation and Insight Control. With Insight Foundation you get the controls to install, configure, and monitor physical servers. With Insight Control you get all the essential server management including server deployment and power management. The real magic happens with the additional Matrix Operating Environment software (aka Insight Dynamics). It provides a service design tool, infrastructure provisioning with a self-service portal, capacity planning, and recovery management

VT: Does it come configured and who does the setup work?
HP: Some factory configuration is done then remaining work is done onsite by HP Services. The install and configure period can take from a few days to 2 weeks depending on the level of complexity.

VT: Explain how it is managed?
HP: There are two separate consoles that control a BladeSystem Matrix. The first would be the admin console used by your support team to configure and control the environment. The second would be the Self Service portal site. This allows for IT consumers to request and provision resources from the Matrix environment.

VT: What types of automation and provisioning can Matrix do?
HP: One example would be in the creation of templates. You can create templates in the Matrix software or use ones already created, for example on your VMware vCenter server. If you use an existing template that might be created with only one OS partition you can use the Matrix template process to provision the VM and add on additional disks and features not present in the base template.

VT: How is support handled for Matrix customers?
HP: There is a dedicated team to contact for Matrix support issues. Matrix is treated as a single solution, with all calls coming in through a central team. This team is cross trained in the various aspects that make up Matrix and they will escalate to product specific engineers if needed.

VT: Can you explain fail over P2V and then back to V2P for DR?
HP: This feature allows for a physical server to be recovered at the DR site on a physical or virtual machine. To make this HP spoke about creating what is known as a “portable image” What this meant was that the logical server was created in a way that it would be able to be deployed on either another physical blade, or as a VM within a virtual machine host. . I asked about if there was any type of conversion process that takes place and there is not. The engineer talked about the creation of the portable image which to me meant that you need to include both OS drivers for the physical hardware and the virtual hardware. This way when the imaged was moved to the other platform the physical OS or the hypervisor-based OS would find all of the devices. The last piece would be the network settings and these are preserved with an application called PINT so that when new network cards are installed your settings will remain.

VT: How does it integrate with VMware?
HP: The HP tool set for BladeSystem Matrix offers many integration points with VMware vSphere. A short list of the functions would include provisioning VM’s, change in power state, activate/deactivate, add servers to group, and add disks to a VM or group of VM’s. Along with those features Matrix monitors status and performance, capacity & workload analysis and Disaster Recovery integration.

VT: What separates Matrix from other converged stacks?
HP: A big selling point is that HP BladeSystem Matrix is integrated and engineered holistically by one company, while still allowing for heterogeneous components in areas such as networking and storage. Also at this time BladeSystem Matrix is the only solution that is capable of managing both physical and virtual servers with the same tools and allow movement between physical and virtual resources. Something that Matrix offers that others do not is integrated automated Disaster Recovery. Lastly Matrix supports both VMware and Microsoft Hyper-V, as well as Integrity Blades, for virtualization.

VT: What SAN protocols are supported today?
HP: As of today BladeSystem Matrix supports Fiber Channel as the preferred method of connecting to storage. In addition, Matrix does support FCOE and iSCSI for VM data stores.

VT: What is storage provisioning manager?
HP: This was explained as enhanced volume provisioning management, allowing more proactive maintenance of the pools of storage available for provisioning of an environment. Where this seem to tie for me was using it to publish or tag which volumes are available for provisioning. For example you could label a volume as boot disk and others as data disks. Then when creating your templates for provisioning the system will know which volumes are available for boot, as well as which volumes are available as data volumes during OS install, so that you provide better management of the storage you’ll utilize during provisioning.

VT: How many customers or units sold so far?
HP: I had to try but was only told that HP does not release any numbers or revenues for products. BladeSystem Matrix is made up of components that have been offered for many years by HP, and includes multi-million unit sales of components such as BladeSystem servers and Virtual Connect.

VT: How will software and firmware updates be handled?
HP: There are update bundles that are created for BladeSystem Matrix. At this time these updates must be performed by an HP Services person. These updates can be done in person or remotely.

VT: How does the SAN fabric interact with BladeSystem Matrix?
HP: In the current version of Matrix you will need to pre-create volumes and your server zoning ahead of any provisioning.

VT: What is Insight Virtualization Manager?
HP: Also known as VSE Virtualization Manager that is part of Insight Dynamics. With VSE you can move a logical server from the existing blade it’s running on to another blade. The VSE application will move the server profile to the new blade and restart the server once the move is complete and your operating system will start up. The VSE interface will offer recommendations for target blades that match your requirements. There are a few reasons for such a move that would include upgrades and maintenance. Video demo of moving a blade server to another blade. Video Link

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)

Recently I was pulled into an issue involving an HP MSA 2312fc array. The device had a failed Controller B and for some reason it was also affecting the A Controller. This was causing the OS on the servers receiving storage from the device to loose connection to the vdisks. The way things are suppose to work with the MSA as in any array is for the other controller to take ownership and continue to provide connections to the vdisks. For some reason this did not happen.

When looking at the management console on the MSA 2312 you could clearly see that controller B was failed and that A had taken ownership over of any vdisks. But something with the fail over did not fully complete or corrupted something because it did not work as expected. Even with removing the failed controller from the device the vdisks were still not usable by the servers.

Once the failed part was replaced the configuration was copied to the replaced controller and service was restored. Then it was time to make sure the firmware levels matched on both controllers and update accordingly.

In the past I had been warned to proceed with caution about updating firmware levels on MSA arrays. I had read several horror stories about them getting stuck in loops during the update process. We did encounter this when the controllers tried to sync them selves to match the firmware levels. I was told by an HP Support Engineer that it’s best to disable this auto sync feature when it comes to updating firmware to prevent these loops. It can then be enabled after the updates are done on both controllers.

Below are a few steps to prevent the automatic firmware update from the partner controller. The first image below shows you how to access the Firmware options from the Advanced Settings area of the Configuration menu.

The next image is showing the option to turn on or off the Partner Firmware Update option. This determines if the firmware on a new controller is auto updated when it is inserted. The HP support engineer recommended that we disable this option prior to installing the new controller. If you did not follow this you can always come back and change and they wait for the current update to fail. This is what we had to do that ended up stopping the continuous loop that was happening.

The last image just shows what you will see if you log into the management controller that is being updated.

About Brian

Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and helps lead the Chicago VMUG group. Specializing in VDI and Cloud project designs. Awarded VMware vExpert status for 2012 & 2011. VCP3, VCP5, VCA-DT, VCP5-DT, Cisco UCS Design

• Mail
|
• Web
|
• Twitter
|
• LinkedIn
|
• More Posts (189)