fbpx

Author: harlan

Posted on

VMware iSCSI Configs

To install the Equallogic Multi Pathing Module

SCP the zipped vib to a location accessible by your vHost.

dell-eql-mem-esx5-1.2.0.365964.zip to vHost01

Then SSH to the vHost and run the following command, editing for your location

~ # esxcli software vib install –depot /vmfs/volumes/*****/dell-eql-mem-esx5-1.2.0.365964.zip

You’ll see the result similar to below (from an older version installed)

Installation Result
Message: Operation finished successfully.
Reboot Required: false
VIBs Installed: Dell_bootbank_dell-eql-host-connection-mgr_1.1.1-268843, Dell_bootbank_dell-eql-hostprofile_1.1.0-212190, Dell_bootbank_dell-eql-routed-psp_1.1.1-262227

Once you’re running equallogic storage multi pathing module run

esxcli equallogic param list

————— —– —– — ———————————————
TotalSessions 512 1024 64 Max number of sessions per host.
VolumeSessions 12 12 1 Max number of sessions per volume.
MemberSessions 4 4 1 Max number of sessions per member per volume.
MinAdapterSpeed 1000 10000 10 Minimum adapter speed for iSCSI multipathing.
~ # esxcli equallogic param set -n=VolumeSessions -v=12
~ # esxcli equallogic param set -n=MemberSessions -v=4

run those two esxcli statements on ssh.

your member sessions are probably 2 and the volume sessions are probably 4 or 6

then rescan the paths on ths iscsi software adapter, you should triple the paths

MPM

After updating the mpm config on my vhosts

vhost01-iscsi-network

Posted on

Shadow a VMware View Desktop Session

In VMware View there is no central way shadow a desktop session such as for example in Citrix XenApp. It would be nice if in the future it is possible to shadow a desktop from for example the VMware View Connection server. This is a frequently asked question by customers where VMware View is implemented.

The following steps must be taken to shadow a PCoIP session from the vSphere Console by using a GPO:

Use VMware vSphere 5 and VMware View 5 or greater (in vSphere 4 there is a registry hack available)
For Windows 7 be sure to use Hardware Version 8. For Windows XP or Vista you can use any hardware version
Create a new Group Policy Object (GPO)
Add the “pcoip.adm” file to the Computer Configuration. The ADM file can be found on the VMware View Connection server in the “C:\Program Files\VMware\VMware View\Server\extras\GroupPolicyFiles” folder
Enable the “Enable access to PCoIP session from a vSphere console” in the Computer Configuration settings.
pcoip1

Link the GPO to the OU were the VMware View Windows 7 desktop resides
Sync Domain Controllers
Restart the VMware View desktop
After configuring this, it is possible to shadow a PCoIP session from the vSphere Console. The user doesn’t need to approve the shadow session so this could be security and privacy issue. The keyboard and mouse movements are displayed on the two screens synchronously, although, there is a bit of a delay.

Posted on

Locked Out of WordPress due to Google Authenticator

Locked OuI got locked out of my WordPress Site recently due to messing about with Google Authenticator and I needed to disable the plugin.
To do this, open an FTP session to your WordPress and locate the folder below

/wp-content/plugins/google-authenticator

If you rename the ‘google-authenticator’ folder to ‘_google-authenticator’ this will disable the plugin.

Login to your WordPress as normal then open the plugins.

Now from the FTP rename the ‘_google-authenticator’ back to ‘google-authenticator’ and in your web-browser click the plugins tab again the google-authenticator plugin will now be de-activated, you can re-activate it and go into your user account to re-configure.

If you watch this video from beginning to end on Google Authenticator it does step you through setting-up another admin account while you test everything in case this happens so you do not lock yourself out. You then delete the second (non Google Authenticator active) admin account once you have everything verified working okay.

See the video guide here :- http://www.mocialsedia.com/installation-essentials-for-wordpress/ it is the last one on the page video 3 on Google Authenticator.

Posted on

Disable OTP Sophos UTM 9.2 via Shell

Dang it! I also locked myself out of the webadmin on Sophos UTM 9.2 while trying out their OTP function with Google Authenticator.

Here’s how I fixed this problem:

Login to the Firewall Console Interface as root
at the / type
cc
then auth and press enter,
it will list out:
ad_sso
auto_add_to_facility@
auto_add_users$
block
cache_lifetime$
edir_sso
otp
servers@

Type otp and press enter,
it will list out:
auto_create_token$
default_timestep$
facilities@
require_all_users$
required_users@
status$

Type facilities@ and press enter,
finally listing:
0 webadmin
1 portal
2 ipsec
3 openvpn

Type -0 and press enter, where it will redisplay (in this case)
0 portal
1 ipsec
3 openvpn

Login as admin to your firewall via the webadmin!!!

Posted on

How to Change Port RDP Listens On

To change the port that Remote Desktop listens on, follow these steps.
1. Start Registry Editor.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3. On the Edit menu, click Modify, and then click Decimal.
4. Type the new port number, and then click OK.
5. Quit Registry Editor.
6. Restart the computer.

Note When you try to connect to this computer by using the Remote Desktop connection, you must type the new port. Maybe you have to set the firewall to allow the new port number before you connect to this computer by using the Remote Desktop connection.

Posted on

Bootable USB Sticks, the Easy Way.

I can’t stand remembering how to do certain tasks, I mean to say, I want things to work right, automatically… can’t stand it when you have to fuss about clicking here, there, etc.
That’s when I found Rufus. Rufus is an awesome utility found here:
http://rufus.akeo.ie/

You can download that utility, and use it to transform your USB Memory stick to do something useful other than just host files. Give it a shot!

Posted on

Multiple-NIC vMotion in vSphere 5

To set up Multi-NIC vMotion in vSphere 5.x on a Standard vSwitch:
  1. Log into the vSphere Client and select the host from the inventory panel.
  2. Click the Configuration tab and select Networking.
  3. Click Add Networking and choose VMkernel as the Connection Type.
  4. Click Next.
  5. Add two or more NICs to the required standard switch. You can create a new vSphere standard switch or use an existing vSwitch.Note: Ensure that all adapters are on the same network when connected to a physical Ethernet environment. If the adapters are split across switches, then all adapters must be able to communicate across those switches.
  6. Name the VMkernel portgroup (for example, vMotion-01), and assign a VLAN ID as required.
  7. Click Use this port group for vMotion, then click Next vMotion NICs
  8. Configure the IP address and subnet mask, then click Next..
  9. Click the Properties tab of the vSwitch, select the vMotion-01 portgroup, and click Edit.
  10. Click the NIC Teaming tab.
  11. Under Failover Order, select Override switch failover order.
  12. Configure the first adapter (for example, vmnic1) as active and move the second adapter (for example, vmnic3) to Unused Adapters.
  13. Click OK.
  14. Under the vSwitch Properties, click Add to create a second VMkernel portgroup.
  15. Name the VMkernel portgroup (for example, vMotion-02), and assign a VLAN ID as required.Note: Ensure that both VMkernel interfaces participating in the vMotion have the IP address from the same IP subnet.
  16. Click Use this port group for vMotion, then click Next.
  17. Configure the IP address and subnet mask, then click Next.
  18. Click the Properties tab of the vSwitch, select the vMotion-02 portgroup, and click Edit.
  19. Click the NIC Teaming tab.
  20. Under Failover Order, select Override switch failover order.
  21. Configure the second adapter (for example, vmnic3) as active and move the first adapter (for example, vmnic1) to Unused Adapters.
  22. On the Properties tab of the vSwitch, select each vMotion portgroup in turn and confirm that the active and standby adapters are the reverse of each other.
  23. I repeated the tasks above two more times because I have four nics for iSCSI traffic. Each nic went to its own physical network card, which was further bound to the Software iSCSI HBA.

In the below picture, you can see an inbound migration at the beginning of the graph, and later after the configuration you can see the same machines migrated outbound post configuration on both vHosts.

Posted on

Frickin vRanger

I’ve updated our system to 7.0.0.37394 of vRanger Backup and Replication and found a really confounding bug – or problem with it.
We were rolling along just fine with 6.1.0.35402 backups worked, Everyone was happy. Then disaster happened: we lost a drive in the SAN and the database that held our logs was gone. I’m the kind of guy that likes to make things better, so with a chance to upgrade our software, since our backup logs were lost, I thought what better time to do so than now. YAY. Well when you go to make a new repository in vRanger, you’ve got to pay attention to the CaPiTaLiZaTiOn of your path, such that \\backupdevice\dir\backupfolder is not by chance \\backupdevice\dir\BackupFolder as was my case using either NFS or CIFS. Backups were failing with the message: “Backup failed: Error: 2258 – FATAL cifs_cant_mkdir CIFS can’t create the directory cifs:localhost;admin@backupdevice/public/backup/* (No such file or directory) [at cifs_mkdir:615″ where I should have had “backupdevice/public/Backup”
Oh the maddness ensues because when I went back through the installation, vRanger validates the path as correct!!! This happens on the vRanger Virtual Appliance (vRanger-VA). SO, if you get that message on a fresh install, check your path statement. – OR just use all lower case letters.

Posted on

Soft lockup messages from Linux kernel running in an SMP-enabled virtual machine

Soft lockup messages from Linux kernel running in an SMP-enabled virtual machine

Details:

When running a Linux kernel in a symmetric multiprocessing (SMP) enabled virtual machine, messages similar to BUG: soft lockup detected on CPU#1! are written to the message log file. The exact format of these messages vary from kernel to kernel, and might be accompanied by a kernel stack backtrace.
Many Linux kernels have a soft lockup watchdog thread, and report soft lockup messages if that watchdog thread does not get scheduled for more than 10 seconds. On a physical host, a soft lockup message generally indicates a kernel bug or hardware bug. When running in a virtual machine, this might instead indicate high levels of overcommitment (especially memory overcommitment) or other virtualization overheads.

Solution:

The soft lockup messages are not kernel panics, and can be safely ignored.Some kernels allow you to adjust the soft lockup threshold by running the command:echo time > /proc/sys/kernel/softlockup_thresh

Where time is the number of seconds after which a soft lockup is reported. The default is generally 10 seconds.

What the Error Looks Like:

abrt_version:   2.0.8

cgroup:

cmdline:        /usr/bin/ksh ./update_archive.ksh RMUAT

executable:     /bin/ksh93

kernel:         2.6.39-400.212.1.el6uek.x86_64

last_occurrence: 1403155682

pid:            25607

pwd:            /oracle/scripts/update_archive

time:           Thu 19 Jun 2014 12:28:02 AM CDT

uid:            502

username:       oracle

 

sosreport.tar.xz: Binary file, 3959288 bytes

 

environ:

:SHELL=/bin/sh

:OLDPWD=/home/oracle

:USER=oracle

:LD_LIBRARY_PATH=/lib:/usr/lib:/oracle/product/11.2.0/dbhome_1/lib

:PATH=/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin

:PWD=/oracle/scripts/update_archive

:JAVA_HOME=/usr/java

:LANG=en_US.UTF-8

:HOME=/home/oracle

:SHLVL=2

:LOGNAME=oracle

:’NLS_DATE_FORMAT=MM-DD-YYYY HH24:MI:SS’

:_=./update_archive.ksh

 

limits:

:Limit                     Soft Limit           Hard Limit           Units

:Max cpu time              unlimited            unlimited            seconds

:Max file size             unlimited            unlimited            bytes

:Max data size             unlimited            unlimited            bytes

:Max stack size            10485760             33554432             bytes

:Max core file size        0                    unlimited            bytes

:Max resident set          unlimited            unlimited            bytes

:Max processes             16384                16384                processes

:Max open files            1024                 65536                files

:Max locked memory         65536                65536                bytes

:Max address space         unlimited            unlimited            bytes

:Max file locks            unlimited            unlimited            locks

:Max pending signals       387052               387052               signals

:Max msgqueue size         819200               819200               bytes

:Max nice priority         0                    0

:Max realtime priority     0                    0

:Max realtime timeout      unlimited            unlimited            us

 

maps:

:00400000-0055b000 r-xp 00000000 fc:00 261718                             /bin/ksh93

:0075a000-0076d000 rw-p 0015a000 fc:00 261718                             /bin/ksh93

:0076d000-00773000 rw-p 00000000 00:00 0

:0096c000-0096e000 rw-p 0016c000 fc:00 261718                             /bin/ksh93

:3e8dc00000-3e8dc20000 r-xp 00000000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de1f000-3e8de20000 r–p 0001f000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de20000-3e8de21000 rw-p 00020000 fc:00 1177356                        /lib64/ld-2.12.so

:3e8de21000-3e8de22000 rw-p 00000000 00:00 0

:3e8e000000-3e8e002000 r-xp 00000000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e002000-3e8e202000 —p 00002000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e202000-3e8e203000 r–p 00002000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e203000-3e8e204000 rw-p 00003000 fc:00 1177390                        /lib64/libdl-2.12.so

:3e8e400000-3e8e58b000 r-xp 00000000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e58b000-3e8e78a000 —p 0018b000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78a000-3e8e78e000 r–p 0018a000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78e000-3e8e78f000 rw-p 0018e000 fc:00 1177360                        /lib64/libc-2.12.so

:3e8e78f000-3e8e794000 rw-p 00000000 00:00 0

:3e8f000000-3e8f083000 r-xp 00000000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f083000-3e8f282000 —p 00083000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f282000-3e8f283000 r–p 00082000 fc:00 1177398                        /lib64/libm-2.12.so

:3e8f283000-3e8f284000 rw-p 00083000 fc:00 1177398                        /lib64/libm-2.12.so

:3e98400000-3e98402000 r-xp 00000000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98402000-3e98601000 —p 00002000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98601000-3e98602000 r–p 00001000 fc:00 1177423                        /lib64/libutil-2.12.so

:3e98602000-3e98603000 rw-p 00002000 fc:00 1177423                        /lib64/libutil-2.12.so

:7fea21b5d000-7fea21bcd000 rw-p 00000000 00:00 0

:7fea21bcd000-7fea27a5e000 r–p 00000000 fc:00 1441433                    /usr/lib/locale/locale-archive

:7fea27a5e000-7fea27aaa000 rw-p 00000000 00:00 0

:7fea27ab8000-7fea27ab9000 rw-p 00000000 00:00 0

:7fffdfc56000-7fffdfc77000 rw-p 00000000 00:00 0                          [stack]

:7fffdfde7000-7fffdfde8000 r-xp 00000000 00:00 0                          [vdso]

:ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

 

open_fds:

:0:pipe:[122311558]

:pos: 0

:flags:     00

:1:/oracle/log/RMUAT_update_archive_140619002801.log

:pos: 199

:flags:     0100001

:2:/oracle/log/RMUAT_update_archive_140619002801.log

:pos: 199

:flags:     0100001

Posted on

Magnuson – Moss Warranty Act – Ever Heard of it?

Consumer purchasers of automotive filters are sometimes told by an automobile dealer’s service writer or mechanic that a brand of replacement filter cannot be used in the consumer’s vehicle during the warranty period. The claim is made that use of the brand will “void the warranty,” with the statement or implication that only the original equipment brand of filters may be used. This, of course, tends to cast doubt on the quality of the replacement filter.

That claim is simply not true. If the consumer asks for the statement in writing, he will not receive it. Nevertheless, the consumer may feel uneasy about using replacement filters that are not original equipment. With the large number of do-it-yourselfers who prefer to install their own filters, this misleading claim should be corrected.

Under the Magnuson – Moss Warranty Act, 15U.S.C. SS 2301-2312 (1982) and general principles of the Federal Trade Commission Act, a manufacturer may not require the use of any brand of filter (or any other article) unless the manufacturer provides the item free of charge under the terms of the warranty.

So, if the consumer is told that only the original equipment filter will not void the warranty, he should request that the OE filter be supplied free of charge. If he is charged for the filter, the manufacturer will be violating the Magnuson – Moss Warranty Act and other applicable law.

By providing this information to consumers, the Filter Manufacturers Council can help to combat the erroneous claim that a brand of replacement filter other than the original equipment will “void the warranty.”

It should be noted that the Magnuson – Moss Warranty Act is a federal law that applies to consumer products. The Federal Trade Commission has authority to enforce the Magnuson – Moss Warranty Act, including obtaining injunctions and orders containing affirmative relief. In addition, a consumer can bring suit under the Magnuson – Moss Warranty Act.