Sunday, May 24, 2015

Enable or disable CBT

Implementing a new client solution recently based on vSphere 6, there was a request from our backup team to enable CBT on the VMs that were to be backed up. This basically meant around about 160 VMs from the overall solution.

Per the VMware KB article, this would entail shutting down the VM, adding the ctkEnabled parameter and then set its value to true and then Add Row, add scsi0:0.ctkEnabled, and set its value to true. Finally, power the VM back on.

To disable, again, power down the VMs.

This is a bit tedious obviously for 160 VMs, not to mention the downtime incurred for the client solution. However, in the KB article is some PowerCLI script to achieve the same end result, but without powering down the VM.

So, for ease, I took this and just put it into a simple loop to read in the list of VMs from a .txt file (1 VM per line) and make the change. It’s easy enough to have another script to disable the change and do it enmasse. Even better given the (now apparently resolved via latest patch) issue described here.

Also, there’s a one line to list out whether CBT is enabled on all the VMs in the environment.

EnableCBT.ps1

# Enable CBT on number of VMs based on .txt file
# 1 VM per line - name as per vSphere client
# Based on the code from http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1031873

$vmlist = Read-Host "Enter the name of the file with the list of VMs"

$vmname = get-content $vmlist

ForEach ($vm in (Get-VM $vmname))
{

    $vmtest = Get-vm $vm| get-view
    $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec

    # enable ctk
    $vmConfigSpec.changeTrackingEnabled = $true
    $vmtest.reconfigVM($vmConfigSpec)
    $snap=New-Snapshot $vm -Name "Enable CBT"
    $snap | Remove-Snapshot -confirm:$false

}

DisableCBT.ps1

# Disable CBT on number of VMs based on .txt file
# 1 VM per line - name as per vSphere client
# Based on the code from http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1031873

$vmlist = Read-Host "Enter the name of the file with the list of VMs"

$vmname = get-content $vmlist

ForEach ($vm in (Get-VM $vmname))
{

    $vmtest = Get-vm $vm| get-view
    $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec

    #disable ctk
    $vmConfigSpec.changeTrackingEnabled = $false
    $vmtest.reconfigVM($vmConfigSpec)
    $snap=New-Snapshot $vm -Name "Disable CBT"
    $snap | Remove-Snapshot -confirm:$false

}

CheckCBT.ps1

# Check CBT status on all VMs
get-vm  | Get-View | Sort Name| Select Name, @{N="CBT State";E={$_.Config.ChangeTrackingEnabled}} | ft -AutoSize

Mass creation of vDS portgroups using PowerCLI

There’s a potential project going on to migrate off of the Nexus 1000v distributed switch. One of the things that will be needed, is to create portgroups for all the existing Nexus port profiles.

Following is a simple PowerCLI script put together to help with this. It simply creates the port groups from entries in a .csv file. Nothing else is done with respect to the migration.

It’s a practical, functional script. It’s not fully featured or doing anything clever. In essence, it’s what I tend to use Powershell and PowerCLI for, getting tedious things done quickly. It’s missing the “correct” way to do things, but took 10 minutes to put together - which shows.

The core of the script is basically a couple of lines. Fleshed out with some comments, and an initial check on whether a connection has been made to the vCenter before running the script. Typically in my everyday work, I have PowerCLI connections made to the VC’s, so don’t like scripts to nag me to connect. But I’ve added a rudimentary check for this. If already connected, you’ll carry on as normal, if not connected, you’ll be prompted for the VC and the script will disconnect you at the end.

The other assumption here is that all the portgroups are going to be of type VLAN - ie, we’ve got trunked NICs, so each portgroup will need a VLAN ID set.

The script uses a .csv file that you will need to generate - this is my typical approach on these things, as I just find it easy to work with. The layout of the .csv file (ie the column name that you will need) is :

vDS - name of vDS that we want to create the portgroup on
pgName - name of the portgroup to create
NumPorts - number of ports for the portgroup
vlanID - vlanID.

Once it’s created the portgroups, it will just print out the name, number of ports, port binding and vlan configuration for every portgroup on the dVS for confirmation.

Populate-vDS-portgroup.ps1

# Check if already connected to VC or not. If not, prompt to.
if ($global:DefaultVIServer.name -eq $null) {
	$vc = Read-Host "Enter the VC to connect to"
	Connect-VIServer $vc

	Write-Host "Now connected to " -ForegroundColor Magenta
	$global:DefaultVIServer.name	

	# $wasConnected set to no - this will be used at the end to prompt 
	# whether to disconnect the session.
	$wasConnected = "no"
}
else {
	# There was already a session connected - display it and continue.
	Write-Host "Currently connected to " -ForegroundColor Magenta
	$global:DefaultVIServer.name
}

Write-Host
 
# Read in the .csv file with all the details that we'll need
# Layout (ie, column names) of the .csv is  :
# vDS - name of vDS that we want to create the portgroup on
# pgName - name of the portgroup to create
# NumPorts - number of ports for the portgroup
# vlanID - vlanID - assumption here is we've got a trunk, and each portgroup needs 
# it's own vlan ID to identify the tag
$srcFile = Read-Host "Enter the name of the .csv file to work with"
$vdsPortgroup = Import-Csv $srcFile
 
Write-Host
 
foreach ($portgroup in $vdsPortgroup){
	Get-VDSwitch $portgroup.vDS | New-VDPortgroup -name $portgroup.pgName -NumPorts $portgroup.numports -VlanId $portgroup.vlanID
}

Write-Host "`nPortgroups created. Now confirming settings" -ForegroundColor Cyan

Get-VDSwitch $portgroup.vDS | Get-VDPortgroup | select name, numports, portbinding, vlanconfiguration
 
 
# If a connection was needed to the VC at the start of the script, then prompt
# to confirm whether to disconnect the session.
if ($wasConnected -eq "no")
{
	Disconnect-VIServer $vc -confirm:$true
}

Sample output :

.Populate-vDS-Portgroups.ps1
Currently connected to
xxx.xxx.xxx.xxx

Enter the name of the .csv file to work with: dvs-test.csv

Name NumPorts PortBinding
—- ——– ———–
scriptpg1 100 Static
scriptpg2 150 Static
scriptpg3 100 Static
scriptpg4 200 Static
scriptpg5 125 Static

Portgroups created. Now confirming settings

Name : scriptpg1
NumPorts : 100
PortBinding : Static
VlanConfiguration : VLAN 500

Name : scriptpg5
NumPorts : 125
PortBinding : Static
VlanConfiguration : VLAN 504

Name : scriptpg2
NumPorts : 150
PortBinding : Static
VlanConfiguration : VLAN 501

Name : scriptpg4
NumPorts : 200
PortBinding : Static
VlanConfiguration : VLAN 503

Name : scriptpg3
NumPorts : 100
PortBinding : Static
VlanConfiguration : VLAN 502

Name : dvPortGroup
NumPorts : 128
PortBinding : Static
VlanConfiguration :

Name : CloudMgmt-vDS-DVUplinks-888
NumPorts : 2
PortBinding : Static
VlanConfiguration : VLAN Trunk [0-4094]

Saturday, January 10, 2015

VCPVCD510 exam passed - VMware Infrastructure as a Service (VCP Cloud)

Today I managed to pass the VMware Certified Professional Cloud exam - Infrastructure as a Service VCPVCD510 . So, the obligatory post follows …

Exam was tough in my opinion. It’s a “standard” VCP exam as the blueprint points out - 85 questions, 90 minutes, multiple choice. It was tough for me for a few reasons. One is that it had some of the question types that I dislike, and to be honest, I ended up guessing for in some cases. I don’t like these because in the real world, I don’t memorise certain things, I just do it - which is why the VCAP was in a sense better. But also, because in the real world, if I’m wrong the system will tell me. The kind of thing I mean is :

On a Windows server, how would you find the IP address
A) ipconfig -all
B) ifconfig -all
C) ipconfig /all
D) ifconfig /all

Obviously that isn’t a question from the exam, but it illustrates the type of thing I mean (especially if the question relates to “which menu option” type of question). In reality, I “just know”, and if I did get it wrong (perhaps had just been working on a Linux box instead) then the system will effectively tell me and I’ll “d’oh of course” and fix it. So I struggle to motivate myself to learn this kind of thing or way for exams, and that can make them harder.

The other reason I found it tough is in a sense due to the reason I took the exam. I worked on a POC vCloud Director setup in work a bit last year, but that was basically canned as the focus is on a different Cloud management platform. This was a bit annoying, but hey, not my call so unfortunately not much I can do about that. But I didn’t want to waste the time I’d put in, so I made the choice to try and carry on working at home on it, and schedule the exam.

But, the VCAP was more important to me, and so took the majority of my time. Therefore I scheduled this exam only after passing the VCAP (if I’d failed, I wouldn’t have done this, I would have focused on studying to resit the VCAP instead). So I left myself with about 4-6 weeks preparation time at home and well, I soon realised how much I’d forgotten since the work POC was canned, and also how hard I find the network aspect of VCD. And in a home setup, my network configuration is extremely limited, so can’t practice as much as I’d like (plus no chargeback or connector setup at home). So the preparation wasn’t ideal and this is more a case of trying to pass the exam because it would be nice, as opposed to working with it everyday and using the exam to validate that. Is that a valid reason for doing an exam - dunno, I tend to get mixed feelings about it.

So, as mentioned, this meant I guessed a few answers (obviously I don’t know if I did this correctly), albeit trying to narrow it down and rule out what I think were obvious wrong answers. The time on the exam meant there was time for this, as some questions did seem “easy” - as in, as soon as you read it, you know what (you think) the answer is, and if you see that answer, select and move on. But again, should I really be guessing - the way I was taught in school was to always have a go (you won’t get any marks if you don’t try etc), but guessing just feels a wrong if you are trying to validate what you (believe) you know. But that’s probably as much to do with my mixed views on IT certification, and would probably be the subject for a separate post.

Preparation and materials used:

Blueprint - same for any VMware exam. The blueprint is your friend, and you pay heed to it.

Documentation - blueprint points to the documentation, so you should read it. Some of it’s dry, and makes little sense to me without actually doing it.

Lab - built a small nested lab again at home. As mentioned, there’s no bells and whistles - no Chargeback or vCloud Connector, and the networking is limited. It’s more for trying to get familiar/remember some of the processes etc (and learn the interface, but hey, that just doesn’t work for me!)

VMware Private Cloud Computing with vCloud Director by Simon Gallagher et al - bought a Kindle copy of this (afraid I never buy physical tech books these days, all on kindle/iPad) and have a copy on my “bookshelf” on my Safari subscription.

VCP-Cloud official book - again via my Safari subscription.

A few of the Packt vCloud Director books on the Safari subscription, but those were more cursory glances, and there’s not a specific one that I would recommend.

Hopefully this clears the deck a little for me now just in case VMware release anything new in the next few months to focus on …