Last week I was working with snapshots in my lab. I came up with this one liner to create a bunch of snapshots on the same virtual machine:
for ($i=1; $i -le 5; $i++) {get-vm "snaptest" |new-snapshot -name "snapshot00$i" -Description (get-date -format "'Created: 'yyyy-MM-dd HH:mm") -memory:$true}
As you can see I’m using the virtual machine snaptest and the snapshots will be named snapshot001-snapshot005 and have a description containing the date/time the snapshot was created.
I have a couple of lab type vSphere setups that use Openfiler virtual machines for shared storage. For several months these have been running with out of date VMware tools. Several weeks ago I was able to upgrade these tools and wanted to share the required steps.
The first required task was to install a C Compiler — specifically gcc. While at it I updated all other components and shutdown the virtual machine:
conary updateall conary update gcc shutdown -h now
After the machine was powered down I added a virtual CD-ROM drive. This drive will be used to mount the VM tools ISO. After adding a CD-ROM drive the virtual machine can be powered back on. Select install/upgrade tools from the menu.
mkdir /mnt/cdrom mount /dev/cdrom /mnt/cdrom cp VMwareTools* /mnt tar zxvf /tmp/VMwareTools* cd vmware-tools-distrib ./vmware-install.pl
I accepted the defaults on the vmware-install.pl configuration script.
Special thanks to this communities article for a head start: http://communities.vmware.com/docs/DOC-9332;jsessionid=A7F5565895191AE1D161E4749AF86B12
In a recent service request with VMware, Tech Support enabled ssh on one of my ESXi hosts. Unfortunately, the outage that prompted my support request impacted multiple hosts in different clusters, so we were looking at many things in the entire environment. I didn’t write down the name of the host where we enabled SSH, or even the cluster it was in. The following script helped me identify which one I was looking for – I’m sure there are better ways to check this, but I was looking for something quick which prompted this combination of existing scripts:
$VMH = Get-VMHost | Sort Name
#If the port is closed/filtered PowerShell will return a warning. This will suppress:
$ErrorActionPreference="SilentlyContinue"
#The port I want to check for SSHD
$portnum =22
#The loop to check all hosts in a vCenter
$VMH | %{
#port check sample from http://halr9000.com/article/418
$socket = new-object Net.Sockets.TcpClient
$socket.Connect($_.name, $portnum)
if ($socket.Connected) {
$status = "Open"
$socket.Close()
}
else {
$status = "Closed / Filtered"
}
$socket = $null
write-output "$_`t$portnum`t$status"
}
This pointed out which of my hosts (it was only 1) that had SSH running.
Documentation exists from VMware on the topic http://www.vmware.com/files/pdf/Virtualizing_Windows_Active_Directory.pdf. Several of these steps are also reinforced by Microsoft in the document titled “Considerations when hosting Active Directory domain controller in virtual hosting environments” available here: http://support.microsoft.com/kb/888794
Microsoft and VMware have a relationship through the Server Virtualization Validation Program (SVVP) which basically states that either vendor will work with the other to address issues. As part of the troubleshooting efforts either vendor may request that the issue be created on physical hardware.
“Support policy for Microsoft software running in non-Microsoft hardware virtualization software” available here: http://support.microsoft.com/kb/897615/
“Customer Support Options for Microsoft Products Running within VMware Virtual Machines” available here: http://www.vmware.com/support/policies/ms_support_statement.html
I’ve had to create a bunch of SSL certificates for ESX/ESXi hosts. Its always a pain because there are a bunch of steps and I can’t remember what my company always uses for the Organization name/Organizational unit name. I created some documentation on the process and have to look at it every time I create a certificate. It works okay, but who wants to read documentation when you can lean on a simple batch file…like this one? You just need to specify the name of the batch file and the host name of your ESX/ESXi host from a command prompt:
@echo off
REM ======================================================================
REM == Script to generate SSL Certificate for ESX/ESXi host ==
REM == Usage: esx_ssl.bat esxhostname.domain.name ==
REM == Note: On Windows 7 this script must be ran from an ==
REM == elevated/administrator command prompt. ==
REM ======================================================================
set pathToOpenSSLbin=C:\OpenSSL\bin
set pathTovCLIbin=C:\Program Files\VMware\VMware vSphere CLI\bin
echo The specified ESX/ESXi host: %1
REM Generate the SSL
"%pathToOpenSSLbin%\openssl.exe" genrsa 1024 > "%pathToOpenSSLbin%\%1.key"
"%pathToOpenSSLbin%\openssl.exe" req -new -key "%pathToOpenSSLbin%\%1.key" -subj "/CN=%1/OU=Department Name/O=Company Name/L=CityName/ST=State/C=US/emailAddress=user@domain.name" > "%pathToOpenSSLbin%\rui.csr"
REM Open the Certificate Signing Request in wordpad
"%ProgramFiles%\Windows NT\Accessories\wordpad.exe" "%pathToOpenSSLbin%\rui.csr"
REM The CSR contents must be manually copied to the internal cert server
echo
echo ======================================================================
echo The following steps must be manually completed
echo 1.) Select the contents of rui.csr and copy them to the clipboard
echo 2.) Open the certificate server site (https://internal-ca.domain.name/certsrv)
echo 3.) Select "Request a certificate"
echo 4.) Select "Advanced certificate Request"
echo 5.) Paste the contents of rui.csr into the saved request box
echo 6.) Select "Web Server" in the certificate template drop down
echo 7.) Save the Base 64 version of the certificate in the following path:
echo %pathToOpenSSLbin%\certnew.csr
echo ======================================================================
pause
"%pathToOpenSSLbin%\openssl.exe" x509 –in certnew.cer –out %1.cer
set /p hostpass=Please enter the root password for %1 :
"%pathTovCLIbin%\vifs.pl" --server %1 --put "%pathToOpenSSLbin%\%1.key" /host/ssl_key --username root --password %hostpass%
"%pathTovCLIbin%\vifs.pl" --server %1 --put "%pathToOpenSSLbin%\%1.cer" /host/ssl_cert --username root --password %hostpass%
REM Create a backup copy in case you need this SSL certificate again:
copy "%pathToOpenSSLbin%\%1.key" "\\vcenter\SSL_Certificates$\%1.key" /y
copy "%pathToOpenSSLbin%\%1.cer" "\\vcenter\SSL_Certificates$\%1.cer" /y
echo Please reboot the host %1 and verify the SSL certificate.
pause