Computer Networks: 2009

الأحد، 29 نوفمبر 2009

Data Center Co-location

Data Center Co-location

Complete control over your web hosting provision!

Each data center has full power backup in case of an outage. Generators, in combination with UPS systems, guarantee maximum availability. Industry-leading Service Level Agreements (SLA) define the level of guaranteed availability, ranging from 99.9% to 99.999%. The configuration of the electrical connection for a client’s equipment depends on his specific requirements.

Data centre collocation industry offers comprehensive approach to information technology, enables businesses to focus on increasing revenue and profit, not managing technology. One can benefit from this experience and gain direct access to the most reliable, widely deployed networks in the world.

A client’s server will be in good hands with collocation services. Take benefit of such services from our years of experience and quality non stop support. Gain direct access to the most reliable, widely deployed networks in the world. Such data centre eliminates the need for expensive equipment such as generators and UPS's as these are all included in the standard service charge. For the highest availability colocation services you can compare online and choose the right place. Data centre team of professionals offers you fully managed support services including OS installation and configuration to something as simple as a server reboot. With a round the clock on site staff of highly trained engineers and support staff, client’s servers will be backed by the best in server collocation professional services.

Colocation services are available via some web hosts through the use of their private cages, or you can pay a data centre directly to have your server located in a cage which is run by the data centre itself. Other equipment such as networking equipment and storage equipment can also be colocated within server racks. Colocation hosting has many advantages above ordinary dedicated server hosting, such as the fact that most data centres provide a ‘remote hands’ service if your server needs a task doing such as an OS reinstall which can only be done from the console; also, the connectivity that your equipment receives will probably be better than that you would receive on a dedicated server, the reason being that your equipment is surrounded by your own equipment meaning that you don’t have any other customers around you that could be a burden on your connection speed.

Data Colocation network is wired in a redundant, meshed configuration for maximum uptime. In the event of a failure in any one device the redundant hot-spare takes over automatically within seconds. Not that our equipment is liable to failure in the first place, with redundant PSU's, processing engines and blades.

In practice, this means your own server is installed in a rack in one of the data collocation centre, taking advantage of our bandwidth and network resilience to connect to the Internet.

Data Backup and Recovery Solution

Data Backup and Recovery Solution

Secure your imperative information. Always have a data back up and recovery to your system. Reach out to Data Back up and Recovery Solution online. Trust the right source and make your start.

How vital is the data on your system?
How important is your data. This importance determines whether or not it needs to be backed up. As well as when and how it should be backed up. Have redundant backup sets that extend back for several backup periods, if your data is critical. For other less important data, you don’t need elaborate back up plan. By having your data backed up regularly, you can retrive it back at later point of time.

What’s the frequency of your change in data?
How often does your data need a back up. This determines the frequency of the back up. For instance, data that changes daily should be backed up daily.

What kind of information does the data comprise of?
Data that doesn't seem important to you may be very important to someone else. Thus, the type of information the data contains can help you determine if you need to back up the data—as well as when and how the data should be backed up.

How quickly should your data be recovered?
Get back your critical online data swiftly. Alter your back up plan based on the importance of your data. Time is an important factor in creating a backup plan. Strengthen your data recovery with the help of data back up and recovery solutions.

Do you need to store backups off-site?
In case of a natural calamity, storing copies of backup tapes off-site is imperative in order to recover your systems. Also, do not forget to include copies of the software, in your off-site storage location, as you may need to install to re-establish operational systems.

Do you have any equipment to perform backups?
You need to have back up hardware to perform all back ups. You may need several backup devices and several sets of backup media in order to perform timely back up. Backup hardware includes tape drives, optical drives, and removable disk drives. Generally, tape drives are less expensive but slower than other types of drives. Seek help from data back up and recovery solutions.

Which is your best time to schedule backups?
If you want to speed up your back up process, fix up your back up schedules when your system use is as low as possible. At times it becomes inevitable, and you would want to store your data during peak hours too. So have to plan your back up carefully in case of a key system data.

Data Backup and Recovery Solution can perform all your back up and timely recovery of your data in times of crisis. Bank on the best and reliable source.

Data protection

Data protection

S2s Ltd is a UK provider of network consulting and implementation services
that needed data protection to ensure business continuity, even in the event of a server breakdown.
s2s was previously using disk-to-tape to back up all the various systems the business was running on.
Backing up and recovering data was not only a very complicated and time-consuming process, it was also very unreliable. When retrieving data
from the tapes, once they had been delivered back to s2s, a lot of the data from the tapes was irretrievable.
SecurStore’s online solution automatically transfers data offsite in real-time, eliminating the risk of having backups located onsite in case of a disaster or loss of data during transportation to an offsite location. Data is transmitted and stored offsite in a state of the art data centre on a reliable disk subsystem, which is in turn duplicated and backed up onto a second disk sub-system located apart from the primary disk sub-system.
Due to the nature of the business, s2s runs on a variety of operating systems. Most of its servers are Linux-based and some of them are Mac-based,
because many s2s employees use Apple Macintosh machines. It also has the obligatory Windows applications and operates with a SAN architecture. SecurStore also needed to take into account the fact that most of the s2s servers are virtualised and that s2s already had a NAS (network-attached storage) system in place.
The backup service uses many defense mechanisms, such as strong
authentication, data encryption, password protection and client and
system side log legitimate users at s2s to perform a data recovery
when needed.
SecurStore backs up the critical data of s2s (120GB) online on a continual basis, so that from the moment a server goes down, all the data can
be quickly retrieved online. The remaining less critical 80GB of data is either backed up to SecurStore’s Backup Lifecycle Management (BLM) offline service, or backed up by the outsourced provider.

SecurStore is suitable for businesses that need to protect data from a few gigabytes to terabytes. The service ensures that any data held on PCs, Macintosh computers, file servers and application/database servers is securely backed up. SecurStore supports many platforms including Windows
NT/2000/2003/XP along with AS-400 iSeries, Unix and Linux. SecurStore can also protect a wide range of databases including Oracle, SQL, Exchange, Lotus Notes and DB2.

Data Disaster Recovery

Data Disaster Recovery

Data can be restored immediately to either the original server or an alternate server. Restores can also be redirected to an alternate physical location if the original office is no longer available. The server disaster recovery solution lies in having devices and technologies available which allow us to restart the vital information systems in a shorter time period than the estimated critical. These mechanisms, and all the associated plans of actions, are known as data disaster recovery.

Why should I have a data back up and recovery system!
By not having a data center disaster recovery plan, you are quite simply, putting your business at risk; don’t take chance with your vital data. Would you leave any other aspect of your business to chance? Not really. Always be prepared for a natural calamity or any disaster, don’t leave any if’s and but’s, leave no stone unturned when it comes to backing up your important data.

Care should be taken while selecting a data disaster recovery services. The reason being your computer backup systems are the core piece of every data center disaster recovery plan. That is why your computer backup system must posses the ability to accommodate online computer backups for the most efficient protection.

Have a back up of your important programs, files, and applications as your priority. For the best protection it is imperative that your computer is backed up. Back up your data to an online server. What will your software systems do to automatically and quickly get your users back online? Data disaster recovery plays its vital role here.

How do I find the best data recovery services?
You can begin the work of finding the best data recovery expert by asking people around. Check with your colleagues to find who their data recovery services provider is. If you have already short-listed some experts, the next step is to check their experience in the field. Prefer to choose a service provider who has a minimum five years experience in the line. Also, find out his record of accomplishment for performance.

Always identify the risks to critical business information that may not be addressed by current disaster recovery plans; Optimize the value of the current backup and recovery infrastructure. New or improved processes to enhance overall disaster recovery capability are advisable. Resort to a reliable online Data Disaster Recovery. Bank on cost-effective remote backup and data disaster recovery solutions.

Data Disaster Recovery

الاثنين، 16 نوفمبر 2009

Data Protection And Hard Disk Recovery Go Hand In Hand

Data Protection And Hard Disk Recovery Go Hand In Hand

When it comes to hard disk recovery, the best method is to insure that you will never need it. Besides making frequent backups, the following measures will keep your system running smoothly.

Antivirus Protection

New viruses are invented every day, and system security is a concern for every business. Malicious software can damage your system to the point where it will not even boot up. The latest versions of Windows are the favorite targets of malicious programs such as spyware and viruses, and it is helpful to use 2 or more antivirus/anti-spyware programs to prevent destruction or theft of your data.

Spyware Scanner

The clues that spyware is on a computer include a barrage of pop-up ads, a hijacked browser,a sudden or even repeated change of your computer’s Internet home page, the appearance of a new toolbar or new screen icons, malfunctioning keys, random error messages, and most of all, sluggish computer performance. Any sytem with access to the internet is prone to this problem, but there is software to block spyware installation. In addition, make sure all employees using the office network do not download from unknown sites, and set your internet browser security at "Medium" or higher. Install individual firewalls to prevent uninvited users from accessing your network. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out. Purchase an anti-spyware program from a vendor you know and trust. Set it to read on a regular basis, at least weekly and if possible each time you run your computer. Delete any programs the anti-spyware program detects on your computer.

Computer Maintenance

The best way to avoid having to use file recovery software is to be sure that no corrupt data is stored on your computer. Companies like Norton sell disk optimization programs keep your network running at top speed, correct problem files and maximize the available space on your hard disk. Run disk optimization and anti-virus programs at least once a week.

Hard Disk Recovery

There are disk recovery applications specifically geared to recovering files of a certain format, like graphics files as opposed to word document files, and there are general-purpose programs to hunt for any type of misplaced file regardless of the format. There is no program on the market that can guarantee recovery of every lost file, but you are able to increase your chances for recovery by selecting the appropriate program for the file you are trying to save.

Do-it-yourself programs are a lot less expensive than hiring a data retrieval company that specializes in information recovery, and to save money you should at least attempt to utilize of this type of program before calling a professional.

In addition to recovering deleted files, there exists information recovery programs that can restore files after you have formatted the drive, after a power failure, natural disaster, or even files damaged by a computer virus.

RAID

RAID is short for Redundant Array of Independent (or Inexpensive) Disks, a category of disk drives that employ 2 or even several drives in combination to improve data storage fault tolerance and performance. RAID disk drives are frequently installed on servers but can also run on individual computers. Because of the duplication of data, it is possible to recover files from one or another disk when the need arises.

As you might expect, RAID disk repair is quite a complicated process. However it is one of the most foolproof methods of data storage because the RAID architecture strategically distributes information randomly across the array. However, this sort of architecture demands the services of a recovery professional.

Data Protection And Hard Disk Recovery Go Hand In Hand

Data Recovery Services: What To Do When Your Hard Drive Fails

Data Recovery Services: What To Do When Your Hard Drive Fails

According to most people, there are two types of hard drives: those that have failed and those that will fail. But for folks who use Data Recovery Services, there is a third type of hard drive: one that does not fail.

A hard drive is the most vulnerable part of a computer; it has moving gears and is hence prone to wear and tear. So when you need hard disk data recovery, you must deeply consider the service and practice of the various repair companies in your area. A company that has been around the block more than a few times is ideal.

But more importantly, experts that ask questions and appreciate your situation are a necessity; companies that approach your needs in an impersonal way simply cannot diagnose your computer problems properly. For example, an expert who is on hand to ask specific questions about your hard disk will know whether or not to go about repair with mere software or through more professional means.

There are a variety of problems that lead to hard drive failure. If the hard drive is part of a mirror set, mirrored stripe set, or stripe set with uniformity, then all you will need to do is replace the drive – any lost data will mechanically regenerate.

A local service company can handle all your concerns though. Fixing a hard drive yourself is a tedious process, requiring lots of time and even research. Your next-door neighbor might be a computer geek, but that doesn’t mean his or her advice is remotely accurate. After all, a computer can fail for many different reasons and they are not always easy to pinpoint.

The ideal solution is usually to replace a failed drive and re-establish your backup. This does not always work though, as many people find the necessary backup is outdated or sometimes, non-existent.

If a hard drive is beyond repair, data recovery is obviously not an option. So prepare for unexpected charges; you might have to buy a whole new drive. In this case, just be careful when replacing it, as you don’t want to lose your data.

الجمعة، 2 أكتوبر 2009

How to Configure your server to permit Server Side Includes SSI

Configuring your server to permit Server Side Includes SSI

To permit SSI on your server, you must have the following directive either in your httpd.conf file, or in a .htaccess file:

code HTML:

Options +Includes

This tells Apache that you want to permit files to be parsed for SSI directives. Note that most configurations contain multiple Options directives that can override each other. You will probably need to apply the Options to the specific directory where you want SSI enabled in order to assure that it gets evaluated last.
Not just any file is parsed for SSI directives. You have to tell Apache which files should be parsed. There are two ways to do this. You can tell Apache to parse any file with a particular file extension, such as .shtml, with the following directives:

code HTML:

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

One disadvantage to this approach is that if you wanted to add SSI directives to an existing page, you would have to change the name of that page, and all links to that page, in order to give it a .shtml extension, so that those directives would be executed.
The other method is to use the XBitHack directive:
XBitHack on
XBitHack tells Apache to parse files for SSI directives if they have the execute bit set. So, to add SSI directives to an existing page, rather than having to change the file name, you would just need to make the file executable using chmod.

code HTML:

chmod +x pagename.html

A brief comment about what not to do. You'll occasionally see people recommending that you just tell Apache to parse all .html files for SSI, so that you don't have to mess with .shtml file names. These folks have perhaps not heard about XBitHack. The thing to keep in mind is that, by doing this, you're requiring that Apache read through every single file that it sends out to clients, even if they don't contain any SSI directives. This can slow things down quite a bit, and is not a good idea.
Of course, on Windows, there is no such thing as an execute bit to set, so that limits your options a little.
In its default configuration, Apache does not send the last modified date or content length HTTP headers on SSI pages, because these values are difficult to calculate for dynamic content. This can prevent your document from being cached, and result in slower perceived client performance. There are two ways to solve this:

Use the XBitHack Full configuration. This tells Apache to determine the last modified date by looking only at the date of the originally requested file, ignoring the modification date of any included files.
Use the directives provided by mod_expires to set an explicit expiration time on your files, thereby letting browsers and proxies know that it is acceptable to cache them.

Basic SSI directives

SSI directives have the following syntax:

code HTML:

It is formatted like an HTML comment, so if you don't have SSI correctly enabled, the browser will ignore it, but it will still be visible in the HTML source. If you have SSI correctly configured, the directive will be replaced with its results.
The element can be one of a number of things, and we'll talk some more about most of these in the next installment of this series. For now, here are some examples of what you can do with SSI
Today's date

code HTML:

The echo element just spits out the value of a variable. There are a number of standard variables, which include the whole set of environment variables that are available to CGI programs. Also, you can define your own variables with the set element.
If you don't like the format in which the date gets printed, you can use the config element, with a timefmt attribute, to modify that formatting.

code HTML:


Today is

Modification date of the file

code HTML:

This document last modified

This element is also subject to timefmt format configurations.
Including the results of a CGI program

This is one of the more common uses of SSI - to output the results of a CGI program, such as everybody's favorite, a ``hit counter.''

code HTML:

What else can I config?

In addition to being able to config the time format, you can also config two other things.
Usually, when something goes wrong with your SSI directive, you get the message
[an error occurred while processing this directive]
If you want to change that message to something else, you can do so with the errmsg attribute to the config element:

code HTML:

Hopefully, end users will never see this message, because you will have resolved all the problems with your SSI directives before your site goes live. (Right?)
And you can config the format in which file sizes are returned with the sizefmt attribute. You can specify bytes for a full count in bytes, or abbrev for an abbreviated number in Kb or Mb, as appropriate.

Introduction to Server Side Includes

Introduction to Server Side Includes

Introduction

This article deals with Server Side Includes, usually called simply SSI. In this article, I'll talk about configuring your server to permit SSI, and introduce some basic SSI techniques for adding dynamic content to your existing HTML pages.
In the latter part of the article, we'll talk about some of the somewhat more advanced things that can be done with SSI, such as conditional statements in your SSI directives.

What are SSI?

SSI (Server Side Includes) are directives that are placed in HTML pages, and evaluated on the server while the pages are being served. They let you add dynamically generated content to an existing HTML page, without having to serve the entire page via a CGI program, or other dynamic technology.
The decision of when to use SSI, and when to have your page entirely generated by some program, is usually a matter of how much of the page is static, and how much needs to be recalculated every time the page is served. SSI is a great way to add small pieces of information, such as the current time. But if a majority of your page is being generated at the time that it is served, you need to look for some other solution.

How to configure the Apache HTTP server

How to configure the Apache HTTP server

Main Configuration Files

Apache is configured by placing directives in plain text configuration files. The main configuration file is usually called httpd.conf. The location of this file is set at compile-time, but may be overridden with the -f command line flag. In addition, other configuration files may be added using the Include directive, and wildcards can be used to include many configuration files. Any directive may be placed in any of these configuration files. Changes to the main configuration files are only recognized by Apache when it is started or restarted.
The server also reads a file containing mime document types; the filename is set by the TypesConfig directive, and is mime.types by default.

Syntax of the Configuration Files
Apache configuration files contain one directive per line. The back-slash "\" may be used as the last character on a line to indicate that the directive continues onto the next line. There must be no other characters or white space between the back-slash and the end of the line.
Directives in the configuration files are case-insensitive, but arguments to directives are often case sensitive. Lines that begin with the hash character "#" are considered comments, and are ignored. Comments may not be included on a line after a configuration directive. Blank lines and white space occurring before a directive are ignored, so you may indent directives for clarity.
You can check your configuration files for syntax errors without starting the server by using apachectl configtest or the -t command line option.

Modules
Apache is a modular server. This implies that only the most basic functionality is included in the core server. Extended features are available through modules which can be loaded into Apache. By default, a base set of modules is included in the server at compile-time. If the server is compiled to use dynamically loaded modules, then modules can be compiled separately and added at any time using the LoadModule directive. Otherwise, Apache must be recompiled to add or remove modules. Configuration directives may be included conditional on a presence of a particular module by enclosing them in an block.
To see which modules are currently compiled into the server, you can use the -l command line option.

Scope of Directives
Directives placed in the main configuration files apply to the entire server. If you wish to change the configuration for only a part of the server, you can scope your directives by placing them in , , , , , and sections. These sections limit the application of the directives which they enclose to particular filesystem locations or URLs. They can also be nested, allowing for very fine grained configuration.
Apache has the capability to serve many different websites simultaneously. This is called Virtual Hosting. Directives can also be scoped by placing them inside sections, so that they will only apply to requests for a particular website.
Although most directives can be placed in any of these sections, some directives do not make sense in some contexts. For example, directives controlling process creation can only be placed in the main server context. To find which directives can be placed in which sections, check the Context of the directive. For further information, we provide details on How Directory, Location and Files sections work.

.htaccess Files
Apache allows for decentralized management of configuration via special files placed inside the web tree. The special files are usually called .htaccess, but any name can be specified in the AccessFileName directive. Directives placed in .htaccess files apply to the directory where you place the file, and all sub-directories. The .htaccess files follow the same syntax as the main configuration files. Since .htaccess files are read on every request, changes made in these files take immediate effect.
To find which directives can be placed in .htaccess files, check the Context of the directive. The server administrator further controls what directives may be placed in .htaccess files by configuring the AllowOverride directive in the main configuration files.
For more information on .htaccess files, see the .htaccess tutorial.

الثلاثاء، 2 يونيو 2009

Installing Perl Modules on W2K3 Server x64 without Internet access

Installing Perl Modules on W2K3 Server x64 without Internet access

ActiveState have a 64-bit build of perl - so I would think the first thing for you to do is to download and install it (if you haven't already) - http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.8.822-MSWin32-x64-280952.zip. (Just run the 'Installer.bat' that's part of that download - or there's also an MSI version you can grab, if you prefer.) Then install (from Microsoft) "Microsoft Platform SDK for Windows Server 2003 R2". That should hopefully give you the compiler and nmake to work with that 64-bit build of perl. (It all works fine for me on my AMD64 box with Vista Business 64). To set up the environment to use that compiler just run C:\your_path_to\Platform_SDK\SetEnv.cmd /XP64 /RETAIL You should then be able to build most modules from CPAN source in the usual way.

Windows Live™: Keep your life in sync. Check it out!

السبت، 23 مايو 2009

VMware ESX Server 3 VirtualCenter Server & Update Manager

VirtualCenter Server & Update Manager

vpxd
This is the process name of the Windows service that is the core service running on the VirtualCenter management server.

If there are problems with the VirtualCenter service starting and then stopping almost immediately or a few seconds later, then check your ODBC database string and then the health of the the database server. We have seen this when the database runs out of disk space; check if the log space is full on the DB server, many clients forget about regular backup of this database. When troubleshooting the VirtualCenter service you can try VirtualCenter in stand-alone mode. This is done by invoking the following command at the Windows command line

vpxd -s

You will get interactive logging of the start-up activity helping you to pinpoint where the problem is.

If all else fails, you can always re-initialize the VirtualCenter database, however we would not recommend this. By re-initializing the VirtualCenter database you are wiping out all VC data!! If you do want this, then use the -b command switch to vpxd.

vpxd.cfg
This is the VirtualCenter management server configuration file. (Ok, so we are extending this command line guide to cover the VirtualCenter server now as well as the ESX host!)

There are a number of configuration changes to VirtualCenter we can make in this file, but as of VC 2.5, one such change you may wish to make is the disabling of "Guided Consolidation". This feature, shown just as a consolidation button in the VI client, is intended to help small customers select which physical Windows hosts are suitable for consolidation and then guide them to perform the physical to virtual migration.

If you have already been through the consolidation process, then you don't need this feature. It makes sense to disable the feature if you are not using it as this should improve VC performance. To disable Guided Consolidation, simply edit the vpxd.cfg file on the VC management server and make the following change:

config.vcp2v.dontStartConsolidation = true

vum-proxyAuthCfg.exe
The Update Manager component of Virtual Infrastructure is new to version 2.5. This component allows the patch management of Windows & Linux guests as well as ESX hosts. When installing the Update Manager component, the Windows installer package prompts the operator if they wish to use a proxy server to connect to the Internet, the only options are proxy IP address and port. If your proxy server requires authentication, then this tool must be run to supply the proxy server credentials.

vci-integrity.xml
This is the primary configuration file for the Update Manager.

One of the main reasons you may want to edit this file is if you wish to change the directory that patches are downloaded into, i.e. the patchstore.

vmware-umds.exe
This is the VMware Update Manager Download Service. If you don't want the server where Update Manager is installed on to actually connect to the Internet and do the patch downloading, then UMDS is for you. Maybe you don't want the load of update downloads on the UM server or maybe the UM server is on a subnet that can't reach the Internet. Anyway, the UMDS installs on a Windows server (that is not the same server as UM) and doesn't create a start menu program group.

To start a download, simply enter the command

vmware-umds --download

Once the updates are downloaded, we can export them. This means we copy the patches from the download directory to another path. The intended purpose of exporting is to copy all or a subset of the downloaded patches to a location that will then be made available to the Update Manager server.

vmware-umds -E e:\exportedupdates

At this time UMDS does not support NFS/CIFS shares for the export operation. This is related to a permissions issue

vmware-updateDownloadCli.exe
This tool is run on the Update Manager server to import the patches made available from the UMDS export. So if you had a DVD burned which had all the updates that was inserted to the UM server and available as drive Z:

Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! Try it!

الجمعة، 22 مايو 2009

VMware ESX Server 3 VMware HA

VMware HA

AAM
AAM is the Automated Availability Manager that runs in the service console when you create a VMware High Availability (VMware HA) cluster. The VMware HA feature was previously known as DAS (Distributed Availability Services) but we don't mention that anymore.

This software maintains an in-memory database on active nodes in the cluster and uses heartbeats to co-ordinate the active and passive nodes. It is suggested that you configure service console with 2 Ethernet interfaces to remove any single point of failure.

This is a piece of licensed Legato software which itself has been renamed to EMC AutoStart.

This component has a very high dependency upon fully functional host name resolution. So before you enable VMware HA, check the following files

/etc/hosts
/etc/FT_HOSTS
/etc/resolv.conf
/etc/vmware/esx.conf

to ensure accuracy. One thing you can do to check the name resolution functionality before enabling HA is run

hostname -s

to return the short name of the service console. If this fails, then the HA configuration WILL fail.

The log file for VMware HA in ESX 3.0.x can be found in the service console in the directory

/opt/LGTOaam512/

and for ESX 3.5 can be found in

/opt/VMware/

To avoid split brain scenarios, an ESX server can determine if it has become isolated from other servers and we can configure that servers' isolation response. If the AAM component loses contact with the other nodes in the HA cluster, it attempts to contact the configured default gateway for service console using ICMP echo request (PING). If this fails, then the ESX host is isolated. If your default gateway suppresses ICMP echo requests, then we can configure an alternate IP address called the das.isolationaddress. From ESX 3.5, you can configure multiple isolation addresses so that you can configure a host with more that one address to attempt contact with before declaring itself isolated.

/opt/LGTOaam512/bin/ftcli

This utility allows you to view the active nodes in an HA cluster and the managed IP addresses. This utility will help you determine whether the HA agent is in a running state and which IP addresses are visible between those managed hosts.

/etc/FT_HOSTS

This file is created when HA is enabled and is a copy of /etc/hosts. If you have problems with name resolution and configuring HA, you can safely delete this file and reconfigure that cluster node for HA again. FT_HOSTS will be re-created.

See all the ways you can stay connected to friends and family

VMware ESX Server 3 Linux Utilities

Linux Utilities

/etc/ssh/sshd_config

The configuration of SSH client is stored in the text file /etc/ssh/ssh_config

The configuration of the SSH server daemon is stored in the text file /etc/ssh/sshd_config. An important setting in this file is PermitRootLogin=No. This is the default setting in ESX 3.x and it is recommended that you keep the setting at "No". This way you have an audit trail and see exactly who is logging in, rather than just "root". You can quickly what the setting is by using a grep operation on the file as shown:

# grep Permit /etc/ssh/sshd_config

If you do edit the file to change this setting to Yes, then make sure you restart the daemon for the changes to take effect using the command:

# service sshd restart

This command is the switch user utility.

When it used without parameters, we are specifying to switch to the user root. However, we can use the su command to switch shell to any user account. In the first example, we are logged in as the user kevin and we are switching to user ali.

[kevin@esx1host kevin]$ su ali
Password:
[ali@esx1host kevin]

In this second example, we are switching from being logged on as a user called sara to being logged on as root. Notice to switch to root, we don't need to specify a username.

[sara@esx1host sara]$ su -
Password:
[root@esx1host root]#

If we restrict the built-in user account root from logging in over the SSH protocol, then we are forcing remote users to authenticate as themselves and then su to run privileged commands if need be, thus leaving a decent audit trail. The downside being that those users would still know the root account password.

If you would like to restrict the use of the su command, then we can limit it to the members of a specific group called wheel. This group is defined in the /etc/group file by default and it's membership can be modified by root. In order to limit su to the wheel group members we need to modify a configuration file called /etc/pam.d/su

There is a single line in this file that needs to be uncommented to limit the use of su. The line is shown below as it appears it that file, all that is required is the removal of the # symbol at the start of the line.

#auth required /lib/security/$ISA/pam_wheel.so user_uid

who

We can't talk about the command line without talking about vi. This is the simple but powerful text editor in Linux and UNIX. People tend to love it or hate it. Either way, it's nearly always there in any *nix implementation and just by memorising a few commands you can be up and running with it. If you can use Windows Notepad, you can use vi!

vi filename

The first thing that throws you is that to enter text into your file, you need to press "i" for Insert mode. You can then enter your text just as any other text editor. When you are done with text entering, just press the Escape (Esc) key to come out of insert mode. If you are happy with your file, then we need to Write & Quit (wq). To enter commands in this command line editor, rather than having menus, we have a command prompt in the application. To reach the vi command prompt, simply enter ":" - the colon character which will automatically place your cursor at the bottom of the session. Here you can enter the "wq" command to write and quit the editor. That's it!

Here is a summary of the vi commands

i                  Changes to insert mode where you can edit the text
:wq               Write the file and quit the editor
:q!               Quit the editor without saving changes

SHIFT ZZ       Quit the editor and save any changes made - just a fast way of doing ":wq"
Esc key          Exits the current mode, e.g. out of insert mode back to view mode.

These commands are just extra if you have the inclination to learn!

/                     search - if you entered /failed then the cursor would move to the first instance of "failed in the text
$                     jumps to the end of the opened file
yy                   copy - it's y for yank!
dd                   delete a line (cut) if you precede this with a number e.g. 8dd, then it would delete 8 lines
p                     paste
%s/old/new/g    substitute any occurrences of the world "old" with the world "new"

nano

Another text editor, more friendly but you should use –w to avoid word wrap.

date

If we are checking the time and date of our ESX Service Console, then the date command is very useful. Just entering the "date" command returns what the service console thinks the current date is.

If the date is incorrect and you wish to reset it you would enter the command with the -s switch and specify date in mm/dd/yyyy format.

# date -s "12/29/2007 23:48"

Once you have set the date, you will want to ensure that the hardware clock matches your newly entered date. We can do this with the hwclock command described below.

hwclock

We can use this command to synchronise the server hardware clock with the date we set in the service console. If you enter the command with no parameters then the value of the hardware clock is displayed.

# hwclock

If we want to synchronise the hardware clock with the service console date and time, we use the following:

# hwclock -systohc

cal

Display calendar for current month or set of months. The following command displays 3 months, current month and the month before and after.

# cal -3
    March 2006            April 2006             May 2006
Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa
          1 2 3 4                     1      1 2 3 4 5 6
5 6 7 8 9 10 11   2 3 4 5 6 7 8   7 8 9 10 11 12 13
12 13 14 15 16 17 18   9 10 11 12 13 14 15 14 15 16 17 18 19 20
19 20 21 22 23 24 25 16 17 18 19 20 21 22 21 22 23 24 25 26 27
26 27 28 29 30 31     23 24 25 26 27 28 29 28 29 30 31
                      30

Surprisingly useful!

passwd

Used to change the password of the currently logged on user (use the command with no parameters) or for changing the password of a named user account (supply the user name as a parameter).

passwd <user>

Remember that passwords are not stored in the /etc/passwd file, but in the file /etc/shadow

If you are ever needing to reset an unknown root account password, then it is this utility you would run after booting into Linux single user mode.

ethtool

This command can be used to view and configure the ethernet interfaces in your host. We didn't use this tool much until ESX 3.5, when we started to work with Distributed Power Management (DPM); an experimental feature of DRS clusters.

The output of this tool provides a load of information about the network cards, but of particular interest now is the support for Wake-on-LAN (WoL). DPM makes use of this NIC feature and so we need to check that our NICs both support the function AND have the function enabled. The ethtool allows us to view and set this functionality.

# ethtool vmnic1
Settings for vmnic1

If we noted that our NIC supported WoL but it was not currently enabled, then we could use this tool to effect the change.

# ethtool -s vmnic1 wol g

check out the rest of the Windows Live™. More than mail–Windows Live™ goes way beyond your inbox. More than messages

VMware ESX Server 3 RPM Utilities

RPM Utilities

rpm
As ESX service console is based on modified Red Hat Enterprise Linux 3, we can use the RPM package installation method to add applications to it. However, we should also point out that it's maybe not the best idea to add software to the service console. It is best to treat the service console as a dedicated console and not add applications to it.

If you are unfamiliar with RPMs in Linux, think of them like MSI packages in Windows.

The rpm command can be used to list and to install RPM-based applications. In the following example, we are using the command switch (-qa) to list the rpms installed in the service console.

# rpm -qa
libgcc-3.2.3-53
setup-2.5.27-1
basesystem-8.0-2
tzdata-2005m-1.EL3
glibc-2.3.2-95.37
bzip2-libs-1.0.2-11.EL3.4
etc!.....

If we are only interested in the VMware rpms, then we can just pipe the output of rpm -qa command into the grep search tool.

rpm -qa |grep VMware

which should yield an output something like

VMware-webCenter-esx-2.0.1-32041
VMware-esx-apps-3.0.1-32039
VMware-esx-iscsi-3.0.1-32039
VMware-esx-uwlibs-3.0.1-32039
VMware-esx-vmkernel-3.0.1-32039
VMware-esx-drivers-block-DAC960-2.4.11-32039
VMware-esx-drivers-net-bcm5700-7.3.5-32039
VMware-esx-drivers-net-e100-2.3.40-32039
VMware-esx-drivers-net-pcnet32-1.30c-32039
VMware-esx-drivers-net-tg3-3.43b.1vmw-32039
VMware-esx-drivers-scsi-adp94xx-0.0.5-32039
VMware-esx-drivers-scsi-aic7xxx-6.3.9-32039
VMware-esx-drivers-scsi-lpfcdd-v732-7.3.2.1vmw-32039
VMware-esx-drivers-scsi-megaraid_sas-0.0.2-32039
VMware-esx-drivers-scsi-qla2200-v7.07-7.7.4.1vmw-32039
VMware-esx-drivers-scsi-qla4010-3.24-32039
VMware-esx-drivers-scsi-vmkiscsi-3.4.2-32039
VMware-hostd-esx-3.0.1-32039
VMware-esx-lnxcfg-3.0.1-32039
VMware-esx-perftools-3.0.1-32039
VMware-esx-docs-3.0.1-32039
VMware-esx-tools-3.0.1-32039
VMware-esx-vmkctl-3.0.1-32039
VMware-esx-drivers-block-cciss-2.4.54-32039
VMware-esx-drivers-net-3c90x-1.0.2-32039
VMware-esx-drivers-net-bnx2-1.3.22-32039
VMware-esx-drivers-net-e1000-7.0.33.2vmw-32039
VMware-esx-drivers-net-s2io-1.7.6-32039
VMware-esx-drivers-scsi-aacraid_esx30-1.1.5.1vmw-32039
VMware-esx-drivers-scsi-aic79xx-6.3.9-32039
VMware-esx-drivers-scsi-ips-7.10.17.1vmw-32039
VMware-esx-drivers-scsi-megaraid2-2.10.7-32039
VMware-esx-drivers-scsi-mptscsi_2xx-2.6.34.1vmw-32039
VMware-esx-drivers-scsi-qla2300-v7.07-7.7.4.1vmw-32039
VMware-esx-drivers-scsi-qla4022-3.24-32039
VMware-esx-vmx-3.0.1-32039
VMware-esx-srvrmgmt-3.0.1-32039
VMware-esx-backuptools-3.0.1-32039
VMware-esx-scripts-3.0.1-32039
VMware-esx-3.0.1-32039
VMware-cim-esx-3.0.1-32039
VMware-vpxa-2.0.1-32042

If we then want to find out more information on an individual RPM package, we can use the rpm -qi option to query a package which reports the file version, vendor, license and description.

# rpm -qi VMware-hostd-esx-3.0.1-32039

Name        : VMware-hostd-esx             Relocations: (not relocatable)
Version     : 3.0.1                             Vendor: VMware, Inc.
Release     : 32039                         Build Date: Tue 26 Sep 2006 01:30:42 AM PDT
Install Date: Tue 06 Nov 2007 03:07:02 PM PST      Build Host: pa-build43.eng.vmware.com
Group       : Applications/Emulators        Source RPM: VMware-hostd-esx-3.0.1-32039.src.rpm
Size        : 269864433                        License: commercial
Signature   : (none)
Summary     : VMware Host Agent package.
Description :

If we then want to know what files are included in the rpm package, we can use query with the list option to see the files inside. For example, to see the files

# rpm -ql VMware-hostd-esx-3.0.1-32039

/etc/vmware/hostd/config.xml
/etc/vmware/hostd/env/0.xml
/etc/vmware/hostd/env/1.xml
/etc/vmware/hostd/env/vmconfigoption-esx-2.5.0.xml
/etc/vmware/hostd/env/vmconfigoption-esx-3.0.0.xml
/etc/vmware/hostd/environments.xml
/etc/vmware/hostd/esxinfo.vha
.....

rpm2cpio
If you are wanting to extract a single file from a RPM package but you don't want to install the RPM, then this is the tool for you. Probably best if you copy the RPM to a temp directory so when you extract the RPM you can then navigate the directory structure created in that temp directory to find the file or files you need.

Once you have copied out the file you were after, you can safely delete the contents of that temp directory. In other words, we have used rpm2cpio to extract the RPM archive.

Here is an example using the RPM we've used in the previous examples.

# rpm2cpio VMware-hostd-esx-3.0.1-32039 | cpio -idmv

i = Restore archive
d = Create landing directories
m = Create previous file modification times
v = verbose

Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! Try it!

VMware ESX Server 3 Command Line Tools

VMware Command Line Tools

vmkfstools
Used to manipulate virtual disks at the service console command line. It is used most often for import and export operations, where a virtual disk is converted from monolithic format to sparse format (previously called COW format).

There is a great switch with the command -X which can be used to extend the size of your virtual disk; e.g. if you had a 10GB virtual disk and wanted to expand it to 20GB, you could use this command. The VM would need to be powered off for this to work.

vmkfstools -X 20GB /vmfs/volumes/storage1/vm.vmdk

Note that the -X switch specifies the NEW SIZE of the virtual disk and NOT how much you are extending it by.

If you have used the -X switch before in an older version of ESX server (earlier than 3.0) it was possible to specify a small disk size; thereby making the virtual disk smaller. This was dangerous but useful if your partition within the disk did not consume 100% of the disk size. However, this is not possible with vmkfstools command found in ESX Server version 3.x.

From ESX 3.5, the size of a virtual disk can now be increased in the VI Client! VMware are implementing more and more in the user interface, less time needed in the service console command line...

Previously, the main use of vmkfstools command was to import or export virtual disks. This would be required if you were deploying templates by hand instead of using VirtualCenter. It was also the primary method for moving VMs between the ESX server product and the hosted VMware products such as VMware Workstation or Server. The reason we say "previously" is that moving VMs between servers or between VMware products has become much simpler and cleaner by using the VMware Converter utility. This tool is task oriented and treats the VM as a whole object, not just the virtual disk files as vmkfstools.

If you do want to import virtual hard disks in 2GB sparse format into monolithic format by hand, then we can use vmkfstools command with the -i switch.

vmkfstools -i /importfiles/vm.vmdk /vmfs/volumes/storage1/vm/vm.vmdk

Notice that the import option requires two parameters, source and destination. This would not create a VM, but would create the monolithic virtual disk for a VM. You could then create a custom VM in the VI Client and select the option to "use an existing disk".

If you want to export a virtual disk you no longer use the -d switch, but just use -i and specify the virtual disk type at the destination of the import. So if you were exporting a virtual disk from VMFS to

vmkfstools -i /vmfs/volumes/storage1/vm/vm.vmdk -d 2gbsparse /exportvm/vm.vmdk

vmware-cmd

This command has been in ESX for a number of versions and it's functionality has been extended with each major release.

esxupdate

This utility is what we use to patch our ESX hosts with updates from VMware. You can use this tool interactively to install individual patches, or use it to scan your ESX host to see which patches are required as well as to do a "what-if" install of a host patch to identify if there will be any problems.

The power of the esxupdate command is realised when you use it with a patch repository. A patch repository can be exposed to a host via HTTP, FTP or NFS.

esxupdate -d [url]ftp://taupopatchserver/esx35/0710-03[/url] scan

- Bundle Name -      AppFlags             --- Summary ---              iFlags ESX350-200710049-BG  -------v Bugs fixed in some vmkernel.             rm-   ESX350-200710050-SG  i------v Security bugs fixed in vmkernel module.. rm-   ESX350-200710052-BG  i------v Several bugs fixed in vmx module...      -m-   ESX350-200710053-BG  -------- Provided new PBM for SUSE 11 U2.         ---   ESX350-200710054-BG  -------v COS fix for Ooops.                       rm-   ESX350-200710055-BG  -------- More fixes in scsi drivers.              r--   ESX350-200710058-RG  -------v This is a roll-up bundle.                rm-   ESX350-200710059-RG  -------v This is a roll-up security bundle.       rm-

If you choose to use the new VirtualCenter Server 2.5 feature called Update Manager, then when you perform host scans and remediation, you are in fact just remotely invoking this utility, it's just you don't see it!

You can use the --explain switch when scanning to provide a greater level of detail to your host patch scan operation. If for example, the AppFlags for a patch indicated "c" for conflict, you would probably want to know what exactly the patch was in conflict with.

contents.xml

Every ESX patch contains a file called contents.xml. This file describes the directory structure of the patch bundle contents.

contents.xml.sig

This is a detached PGP signature of the contents.xml file in a ESX patch.

vimsh

This is a superb utility that we use on occasion, particularly when we are creating scripted builds for ESX. The industry-recognised experts in the functions of this tool are the folks over at [url]www.xtravirt.com[/url]. Where we have found this tool of unique use is in the enabling of a VMkernel port for VMotion.

If you are using ESX versions prior to 3.5 then use

vimsh -n -e "hostsvc/vmotion/vnic_set portgroupname

However, if you are using ESX version 3.5 then we need to use a slightly different syntax for specifying the portgroup to enable. We now need to specify using a vmkx notation. Trouble is, we don't know which portgroup corresponds to which vmkx number. So to first identify the mapping of portgroup name to vmk number, we enter the command

vimsh

and then enter hostsvc/vmotion/netconfig_get and we'll get a whole pile of output, but buried in there will be the device names in vmkx format that we can then use to enable VMotion on that portgroup with the following:

vimsh -n -e "hostsvc/vmotion/vnic_set vmk0

Using the vimsh command for enabling VMotion is just 1% of the functionality of this tool. It's not for the faint hearted and there really is no better source of information about it than the PDF documents that the xtravirt guys have written. Thanks also to Mike Laverick of RTFM Education for documenting the changes in vimsh in version 3.5.

What can you do with the new Windows Live? Find out

VMware ESX Server 3 Configuration Files

VMware ESX Server 3
Configuration Files

/etc/vmware/esx.conf
An all new configuration file for ESX Server 3.x. This file replaces the functionality of the following configuration files found in earlier versions of ESX.

/etc/vmware/hwconfig
/etc/vmware/devnames.conf
/etc/vmware/vmkmodule.conf
/etc/vmware/netmap.conf
/etc/vmware/vmkconfig

/etc/nsswitch.conf

This is the name service switch configuration file. If you need to modify the order of how names in the service console are resolved, this is the place to make the change. You can view and edit this conf file as usual.

There will be a number of lines to this file, but the one you are likely to be interested in will start "hosts:" as shown:

hosts: files dns

In the above example, the name service will use the /etc/hosts file, and then the DNS name server specified in the /etc/resolv.conf file.

/usr/bin/vmware-watchdog

This process watches over the hostd process and restarts it if it crashes.

hostd

This is the daemon that replaces vmware-serverd that was found in the ESX 2.x products. This is the host management agent and is responsible for a number of key management functions on an ESX host. If you are having any "host not responding" type problems, before you even think of an ESX host restart, consider just a restart of the management agent; it's amazing how often a quick restart of hostd gets things going again.

We can restart the host management agent with the command

service mgmt-vmware restart

/etc/vmware/firewall/services.xml

This file contains the definitions for the TCP ports and service names used by the service console firewall. When we use the esxcfg-firewall command to open ports based on friendly service names such as sshServer, that name is a definition in this XML file. A typical service definition in this file looks like

  <service id='0000'>     <id>sshServer</id>     <rule>       <direction>inbound</direction>       <protocol>tcp</protocol>       <port type='dst'>22</port>       <flags>-m state --state NEW</flags>     </rule>   </service>

You could modify this XML file to include your own definitions. We have not tested if such a change would persist patching/upgrades.

vpxa

This is the name of the VirtualCenter server agent that runs in the service console of ESX 3.x servers (which was called vmware-ccagent in ESX 2.x). This can be stopped, started or restarted with the service command

service vmware-vpxa restart

/etc/vmware/vpxa.cfg

This is the XML configuration file for the VirtualCenter Server Agent in the service console. Here is a typical vpxa.cfg file.

[root@esx1host vmware]# cat vpxa.cfg
<config>
<log>
    <outputToConsole>false</outputToConsole>
</log>
<nfc>
   <loglevel>error</loglevel>
</nfc>
<vmacore>
   <ssl>
     <doVersionCheck>false</doVersionCheck>
   </ssl>
   <threadpool>
     <TaskMax>10</TaskMax>
   </threadpool>
   </vmacore>
   <vpxa>
     <datastorePrincipal>root</datastorePrincipal>
     <hostIp>100.100.100.11</hostIp>
     <memoryCheckerTimeInSecs>30</memoryCheckerTimeInSecs>
     <serverIp>100.100.100.172</serverIp>
     <serverPort>902</serverPort>
   </vpxa>
   <workingDir>/var/log/vmware/vpx</workingDir>

Notice the <loglevel> tag. If you are trying to troubleshoot an issue, then increasing the logging level is a good idea. We have used the level "verbose", there could be a higher debug level of logging, but we've not tested that.

Windows Live™: Keep your life in sync. Check it out!

VMware ESX Server 3 Commands Guide 4

VMware ESX Server 3 Commands Guide 4
The esxcfg- Commands

esxcfg-linuxnet
There is not normally a command that a virtual infrastructure administrator should need. The tool is automatically used when you start an ESX server in troubleshooting mode; i.e. when you start only the service console Linux kernel and don't start the VMkernel.

When you are working in the service console while the VMkernel is loaded, the service console's network interface is not called eth0, but is called vswif0 instead. This is because the service console network interface is provided via a service console portgroup on a virtual Ethernet switch. If you restart your ESX server without the VMkernel, then standard Linux drivers and network card management is used. Therefore the network interface used in troubleshooting mode is called eth0 - just like any other regular Linux box. This tool is called by starting troubleshooting mode to replicate the IP parameters assigned to vswif0 to eth0.

Should you want to investigate this command, the options are:

esxcfg-linuxnet --setup
--remove
-h --help

The --setup option cannot be combined with the --remove option.

esxcfg-nics

This tool can be used to view and configure the speed and duplex settings of the physical network cards in the ESX Server. This tool can replace the mii-tool and modules.conf for network card management.

In the following example, we run the list option to view all physical NICs and their properties.

[root@esx1host etc]# esxcfg-nics -l

Name   PCI      Driver Link Speed    Duplex Description
vmnic2 01:01.00 tg3     Up   1000Mbps Full Broadcom Corporation NetXtreme BCM5703 Gigabit Ethernet
vmnic0 01:02.00 tg3     Up   100Mbps Full Broadcom Corporation NC7781 Gigabit Server Adapter (PCI-X, 10,100,1000-T)
vmnic1 04:02.00 tg3     Up   1000Mbps Full Broadcom Corporation NC7781 Gigabit Server Adapter (PCI-X, 10,100,1000-T)

This command has the following optional parameters:

esxcfg-nics <options> [nic]
-s|--speed <speed> Set the speed of this NIC to one of 10/100/1000/10000. Requires a NIC parameter.
-d|--duplex <duplex> Set the duplex of this NIC to one of 'full' or 'half'. Requires a NIC parameter.
-a|--auto Set speed and duplexity automatically. Requires a NIC parameter.
-l|--list Print the list of NICs and their settings.
-r|--restore Restore the nics configured speed/duplex settings (INTERNAL ONLY)
-h|--help Display this message.

esxcfg-swiscsi

ESX server 3 supports both hardware and software initiated iSCSI. For hardware iSCSI, we can use host bus adapters which perform the TCP offload and so the vmkernel can just pass SCSI commands to them as normal. The iSCSI hba can then wrap the SCSI command in IP transport and forward them to the iSCSI target.

In VI-3, one of the supported iSCSI hardware HBAs is the QLogic 4052. More information about this particular family of adapters can be found at [url]http://support.qlogic.com/support/product_resources.asp?id=964[/url]

In software iSCSI, the wrapping of SCSI commands in IP is performed by the VMkernel and a regular physical network card is used to communicate with the iSCSI target. The software iSCSI configuration is exposed in the VI Client as a host bus adapter called vmhba40.

We can user the tool esxcfg-swiscsi to configure it. The software iSCSI initiator in the VMkernel has a dependency upon the service console, therefore both the service console and VMkernel must have an IP route to the iSCSI target.

1. Add a VMkernel port to a vSwitch that has an uplink and route to iSCSI target
2. Ensure service console IP interface has a route to the same iSCSI target
3. Using either the VI Client security profile or the esxcfg-firewall, open a port in the service console firewall for iSCSI (TCP:3260)
4. In the command line, enable iSCSI with esxcfg-swiscsi -e command
5. In the command line, run
6. At the service console command line, run esxcfg-swiscsi -s
7. In the VI Client your iSCSI target should become visible.

The command line options for this command are:

-e, --enable Enable sw iscsi
-d, --disable Disable sw iscsi
-q, --query Check if sw iscsi is on/off
-s, --scan Scan for disk available through sw iscsi interface
-k, --kill Try to forcibly remove iscsi sw stack
-r, --restore Restore sw iscsi configuration from file (FOR INTERNAL USE ONLY)
-h, --help Show this message

esxcfg-vswif

This tool can manage the Ethernet interfaces of the service console. In a big change from previous versions of ESX, the Ethernet interface of the service console is named with the "vswif" prefix and not "eth" prefix as you may be used to in Linux.

During installation of ESX server, your service console Ethernet connection should have been created. However, maybe a mistake was made, or we want to add another service console port for redundancy.

In VI Client we can view the network configuration of our ESX host.

What can you do with the new Windows Live? Find out

VMware ESX Server 3 Commands Guide 3

The esxcfg- Commands

esxcfg-init
Should not be run manually!

esxcfg-nas
The esxcfg-nas command is used to list, mount and dismount NFS exports for the VMkernel. In the first example we list the NFS datastores which the VMkernel has mounted.

[root@esx1host root]# esxcfg-nas -l
NFS01 is /NFS from 100.100.100.253 mounted

In the next example, we add a new VMkernel mount to a remote NFS server. This time we are connecting to the NFS server at IP address 100.100.100.253 and the name of the exported directory is "/Test". We are labelled this NFS mount "NFS02".

[root@esx1host etc]# esxcfg-nas -a -o 100.100.100.253 -s /Test NFS02
Connecting to NAS volume: NFS02
NFS02 created and connected.

Remember that to create a connection to an NFS datastore, the VMkernel needs to have an IP address, as it is the NFS client. We give the VMkernel an IP address by creating a VMkernel port on a virtual Ethernet switch. We can do this at the command line using the command esxcfg-vmknic

The command line options for esx are:

esxcfg-nas <options> [<label>]
-a|--add               Add a new NAS filesystem to /vmfs volumes. Requires --host and --share options.
-o|--host <host>       Set the host name or ip address for a NAS mount.
-s|--share <share>     Set the name of the NAS share on the remote system.
-d|--delete            Unmount and delete a filesystem.
-l|--list              List the currently mounted NAS file systems.
-r|--restore           Restore all NAS mounts from the configuration file. (FOR INTERNAL USE ONLY).
-h|--help              Show this message.

esxcfg-route

If we add an IP address to the VMkernel by adding a VMkernel port, then we can fully configure that IP stack by also assigning a default gateway. We can view (no parameters) and set (1st parameter) the VMkernel IP default gateway with the esxcfg-route command as shown here.

[root@esx1host etc]# esxcfg-route
VMkernel default gateway is 100.100.100.254

[root@esx1host etc]# esxcfg-route 100.100.100.1
VMkernel default gateway set to 100.100.100.1

esxcfg-vmknic

Used to view and set configure the VMkernel ports on virtual Ethernet switches. A VMkernel port is a special type of port group on a virtual Ethernet switch which is used to assign an IP address to the VMkernel. The VMkernel only needs an IP address for VMotion, software-initiated iSCSI or NFS access.

If you need to create a VMkernel port at the command line, then you need to create a port group first and then enable it as a VMkernel port. This tool does not allow you to enable the VMkernel port for VMotion, you must either use vimsh or the VI client for that.

[root@esx1host root]# esxcfg-vswitch -A VMotion vSwitch0
[root@esx1host root]# esxcfg-vmknic -a -i 100.100.100.121 -n 255.255.255.0 VMotion

The above commands would result in an additional connection to the virtual Ethernet switch, specifically a VMkernel port. The esxcfg-vmknic command has assigned the VMkernel an IP address & the portgroup called VMotion is now explicitly VMkernel port.

In the following example, we list the VMkernel ports, then use esxcfg-vmknic to delete one of them and then list them again.

[root@esx1host etc]# esxcfg-vmknic -l

Port Group          IP Address      Netmask         Broadcast       MAC Address       MTU     Enabled
NFS access          100.100.100.21 255.255.255.0   100.100.100.255 00:50:56:62:ca:f6 1514    true
VMotion             100.100.100.121 255.255.255.0   100.100.100.255 00:50:56:6d:7c:7d 1514    true

[root@esx1host etc]# esxcfg-vmknic -d VMotion
[root@esx1host etc]# esxcfg-vmknic -l

Port Group IP Address Netmask Broadcast MAC Address MTU Enabled
NFS access 100.100.100.21 255.255.255.0 100.100.100.255 00:50:56:62:ca:f6 1514 true

The command line options are:

esxcfg-vmknic <options> [[<portgroup>]]
-a|--add                  Add a VMkernel NIC to the system, requires IP parameters and portgroup name.
-d|--del                  Delete VMkernel NIC on given portgroup.
-e|--enable               Enable the given NIC if disabled.
-D|--disable              Disable the given NIC if enabled.
-l|--list                 List VMkernel NICs.
-i|--ip <X.X.X.X>         The IP address for this VMkernel NIC. Setting an IP address requires that the
                          --netmask option be given in same command.
-n|--netmask <X.X.X.X>    The IP netmask for this VMkernel NIC. Setting the IP netmask requires that the --ip
                          option be given in the same command.
-r|--restore              Restore VMkernel TCP/IP interfaces from Configuration file (FOR INTERNAL USE ONLY).
-h|--help Show this message.

esxcfg-dumppart

Used to configure the VMkernel crash dump partition. The old ESX 2.x utility for this function (vmkdump) is still present on an ESX 3 server, but appears just to be for extracting dump files.
So far, we have only used this utility to interrogate ESX hosts to determine where the dump partition has been created. Here is an example of viewing the dump partition.
# esxcfg-dumppart -l VM Kernel Name Console Name Is Active Is Configured vmhba0:0:0:7 /dev/cciss/c0d0p7 yes yes

Remember that the dump partition does not show up when you run the vdf utility. However it is visible if you run fdisk. In the following example, we are running fdisk to view the partitions. We can see the dump partition as c0d0p7, i.e. partition #7. Notice the Id of that partition is "fc", the custom partition type for VMkernel dump partitions.

# fdisk /dev/cciss/c0d0

Disk /dev/cciss/c0d0: 36.3 GB, 36385505280 bytes
64 heads, 32 sectors/track, 34699 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Device Boot Start End Blocks Id System /dev/cciss/c0d0p1 * 1 100 102384 83 Linux /dev/cciss/c0d0p2 101 5100 5120000 83 Linux /dev/cciss/c0d0p3 5101 7100 2048000 83 Linux /dev/cciss/c0d0p4 7101 34699 28261376 f Win95 Ext'd (LBA) /dev/cciss/c0d0p5 7101 7644 557040 82 Linux swap /dev/cciss/c0d0p6 7645 34599 27601904 fb Unknown /dev/cciss/c0d0p7 34600 34699 102384 fc Unknown
The command line options are:
esxcfg-dumppart <options> [<partition>]
-l|--list            List the partitions available for Dump Partitions. WARNING: This will scan all LUNs on the system.
-t|--get-active      Get the active Dump Partition for this system, returns the internal name of the partition
                     vmhbaX:X:X:X) or 'none'.
-c|--get-config      Get the configured Dump Partition for this system, returns the internal name of the partition
                     vmhbaX:X:X:X) or 'none'.
-s|--set             Set the Dump Partition for this system and activate it, either vmhbaX:X:X:X or 'none' to
                     deactivate the active dump partition.
-f|--find            Find usable Dump partitions and list in order of preference.
-S|--smart-activate Activate the configured dump partition or find the first appropriate partition and use it(same
                     order as -f).
-a|--activate        Activate the configured dump partition.
-d|--deactivate      Deactivate the active dump partition.
-h|--help            Show this message.

check out the rest of the Windows Live™. More than mail–Windows Live™ goes way beyond your inbox. More than messages

VMware ESX Server 3 Commands Guide 2

The esxcfg- Commands

esxcfg-upgrade

esxcfg-upgrade -h --help
-g --convert-grub
-f --convert-fstab
-r --upgrade-pre-vmkernel
-o --upgrade-post-vmkernel

The -g option may only be used with the -r option.

esxcfg-vswitch
This command allows you to list, add, modify or delete virtual Ethernet switches on an ESX host. The simplest option with this command is the -l option to list the virtual switches defined on the host.

[root@esx1host root]# esxcfg-vswitch -l

If you are having problems with your ESX server after an in-place upgrade, this tool is invaluable in resolving the problems with service console networking.

The output of this command is initially a little intimidating. It is best to keep in mind the network topology:

Service Console IP Interface (vswif0) ---- connected to ----> Service Console Port on vSwitch ----- up-linked to ----> vmnic

Where a vmnic is a physical Ethernet adapter.

In following screenshot taken from the VI Client, we can see this ESX host has 2 connections to vSwitch0, the service console connection a VMkernel port connection.

If we wish to view the same information at the service console command line, we would use the esxcfg-vswitch command with the "-l" switch to list the defined virtual switches.

[root@esx1host root]# esxcfg-vswitch -l

Switch Name Num Ports Used Ports Configured Ports Uplinks
vSwitch0 32 4 32 vmnic0

PortGroup Name      Internal ID    VLAN ID Used Ports Uplinks
Service Console     portgroup0     0        1           vmnic0
  NFS access          portgroup1    0        1           vmnic0

If we wanted to add another virtual Ethernet switch, we would use esxcfg-vswitch command with the "-a" switch. Note that the -a is specified in lowercase. Take care to ensure you have specified lowercase because uppercase A performs a different function with this command. So, lets add a new virtual switch to our ESX host called vSwitch1 and then list the switches to check our command has worked ok.

[root@esx1host root]# esxcfg-vswitch -a vSwitch1
[root@esx1host root]# esxcfg-vswitch -l

Switch Name Num Ports Used Ports Configured Ports Uplinks
vSwitch0 32 4 32 vmnic0

PortGroup Name      Internal ID    VLAN ID Used Ports Uplinks
Service Console     portgroup0     0        1           vmnic0
  NFS access          portgroup1    0        1           vmnic0

Switch Name Num Ports Used Ports Configured Ports Uplinks
vSwitch1 64 0 64

PortGroup Name Internal ID VLAN ID Used Ports Uplinks

Notice that the number of ports on the virtual switch is 64 on the newly created switch. The original virtual switch has only 32. This difference arises between creating the switch in the VI Client or the command line. Anyway, if you are like me and you can never remember which case of the letter "a" to use when adding a virtual switch, then use the esxcfg-vswitch command with the --add switch when creating a new switch like this:

esxcfg-vswitch --add vSwitch2

which I think is a little clearer to understand.

Now if we want to add a portgroup to the new virtual switch we have created, we can use the esxcfg-vswitch -A command. It does not matter whether you are creating a service console port, a VM port group or a VMkernel port when creating a port group; the way we create the connection to the virtual switch always starts out the same in the command line. Only after creating the port group do we then specify if it is to be anything other than a VM port group. In the following commands, we add a new portgroup called "Production" on the virtual switch vSwitch1.

[root@esx1host root]# esxcfg-vswitch -A "Production" vSwitch1
[root@esx1host root]# esxcfg-vswitch -l

Switch Name Num Ports Used Ports Configured Ports Uplinks
vSwitch0 32 4 32 vmnic0

PortGroup Name      Internal ID    VLAN ID Used Ports Uplinks
Service Console     portgroup0     0        1           vmnic0
  NFS access          portgroup1    0        1           vmnic0

Switch Name Num Ports Used Ports Configured Ports Uplinks
vSwitch1 64 0 64

PortGroup Name Internal ID VLAN ID Used Ports Uplinks
Production portgroup2 0 0

Alternatively you could use the following command to add a port group to a virtual switch.

[root@esx1host root]# esxcfg-vswitch --add-pg="Production" vSwitch1

This alternative switch of using --ad-pg I think is clearer for understanding what the command is doing. The --add-pg option can clearly be seen to add a portgroup to a virtual switch, and again is simpler to understand than just "-A". The portgroup name in our example is called "Production", but it can be what you want. We recommend adoption of a standard across all your virtual infrastructure. I have seen somnts align their portgroup names with the IP subnets, so you could have a portgroup called something like "192.168.1.0 subnet".

Although we have now created a new virtual switch and have created a VM port group on it, the virtual switch itself does not have any uplinks. Remember that when we bind a physical network adapter to a virtual switch we are uplinking a vmnic to the switch and the switch then "owns" that adapter, i.e. it is not available to be used by any other virtual switches. We perform the uplink by using the esxcfg-vswitch command with the -L switch for link.

[root@esx1host root]# esxcfg-vswitch -L vmnic1 vSwitch1

So in one simple command we have linked the physical network adapter vmnic1 to our new virtual ethernet switch vSwitch1. If we then realised we had used the wrong physical adapter, we can just as easily unlink with -U. In the next example, we swap the uplinked vmnic1 for an alternative adapter vmnic2

[root@esx1host root]# esxcfg-vswitch -U vmnic1 vSwitch1
[root@esx1host root]# esxcfg-vswitch -L vmnic2 vSwitch1

This changing of vmnic bound to a virtual switch is often required post-installation, as we may select the wrong physical adapter to use for the service console during the install and need to correct our configuration before we can connect to our host with VI client!

esxcfg-auth

Configures the service console authentication options including NIS, LDAP, Kerberos and Active Directory.

esxcfg-info

Produces an enormous amount of information about the ESX host. You really need to pipe this to a file for closer examination!

[root@esx1host root]# esxcfg-info >esxinfo.txt

esxcfg-mpath

Manages storage multi-pathing just as the vmkmultipath utility did in previous versions of ESX Server. In the example below we are using the -l switch to list the storage and paths.

[root@esx1host tools-isoimages]# esxcfg-mpath -l

Disk vmhba0:0:0 /dev/cciss/c0d0 (69459MB) has 1 paths and policy of Fixed
Local 2:1.0 vmhba0:0:0 On active preferred

Disk vmhba1:0:0 (0MB) has 1 paths and policy of Most Recently Used
FC 10:1.0 210000e08b846a72<->5006016930221397 vmhba1:0:0 On active preferred

Disk vmhba1:0:6 /dev/sda (9216MB) has 1 paths and policy of Most Recently Used
FC 10:1.0 210000e08b846a72<->5006016930221397 vmhba1:0:6 On active preferred

Disk vmhba1:0:21 /dev/sdb (10240MB) has 1 paths and policy of Most Recently Used
FC 10:1.0 210000e08b846a72<->5006016930221397 vmhba1:0:21 On active preferred

esxcfg-resgrp

Used to manage the new ESX feature called resource groups. This command can add, remove or modify existing resource groups.

esxcfg-hbadevs

The esxcfg-vmhbadevs command is used to list the equivalent Linux device names for the visible disk devices that the VMkernel references using vmhba notation.

[root@esx1host root]# esxcfg-vmhbadevs
vmhba0:0:0    /dev/sda
vmhba0:0:1    /dev/sdb
vmhba0:0:2    /dev/sdc
vmhba0:0:3    /dev/sdd
vmhba2:0:0    /dev/sde
vmhba2:1:0    /dev/sdf

If we use this command with the –m switch, then we only list the LUNs which contain VMFS partitions. Alongside the Linux device name, a long unique hexadecimal value is listed. This is the VMFS volume signature assigned by the new logical volume manager (LVM).

[root@esx1host root]# esxcfg-vmhbadevs -m
vmhba0:0:0:1 /dev/sda1 45407607-fbc43ced-94cb-00145e231ce3
vmhba0:0:2:1 /dev/sdc1 455b08a8-8af7fee3-daa9-00145e231e35
vmhba2:0:0:3 /dev/sde3 4559c75f-831d8f3e-bc81-00145e231e35

You can view these volumes in the directory /vmfs/volumes/

esxcfg-boot

Used to configure the GRUB options presented at boot time. One thing to note is that the new esxcfg commands will not run if you boot just into Linux. If you just want to query the boot settings, you can use the -q switch but this must be qualified with the keyword boot or vmkmod.

[root@esx1host root]# esxcfg-boot -q boot
272 2:;7:;10:; UUID=847199e4-d3c7-11da-8ef8-930e3d734c03 /vmlinuz-2.4.21-37.0.2.ELvmnix /initrd-2.4.21-37.0.2.ELvmnix.img

[root@esx1host root]# esxcfg-boot -q vmkmod
vmkapimod vmkapimod
vmklinux linux
cciss.o scsi
tg3.o nic
qla2300_7xx.o fc

This is also used if you making modifications to VMkernel device drivers defaults. For example, if you were modifying the queue depth for a fibre HBA, you would likely be using esxcfg-module. Then to rebuild the boot image you would enter

[root@esx1host root]# esxcfg-boot -m

After which, you would do a reboot to test the update to the boot image had worked.

See all the ways you can stay connected to friends and family

Computer Networks

الأحد، 29 نوفمبر 2009

Data Center Co-location

Data Backup and Recovery Solution

Data protection

Data Disaster Recovery

Data Disaster Recovery

الاثنين، 16 نوفمبر 2009

Data Protection And Hard Disk Recovery Go Hand In Hand

Data Protection And Hard Disk Recovery Go Hand In Hand

Data Recovery Services: What To Do When Your Hard Drive Fails

الجمعة، 2 أكتوبر 2009

How to Configure your server to permit Server Side Includes SSI

Introduction to Server Side Includes

How to configure the Apache HTTP server

الثلاثاء، 2 يونيو 2009

Installing Perl Modules on W2K3 Server x64 without Internet access

السبت، 23 مايو 2009

VMware ESX Server 3 VirtualCenter Server & Update Manager

الجمعة، 22 مايو 2009

VMware ESX Server 3 VMware HA

VMware ESX Server 3 Linux Utilities

VMware ESX Server 3 RPM Utilities

VMware ESX Server 3 Command Line Tools

VMware ESX Server 3 Configuration Files

VMware ESX Server 3 Commands Guide 4

VMware ESX Server 3 Commands Guide 3

VMware ESX Server 3 Commands Guide 2

المساهمون

أرشيف المدونة الإلكترونية