Search This Blog

Sunday, November 28, 2010

How to turn your old servers into shared iSCSI Storage for VMWare

Overview

On many occasions after server consolidation into Virtualized environment, there are left over pieces of "iron" servers laying around that are useless and leaves the IT engineering staff with ideas of what can we do with these servers. Many times these servers have nice CPU configurations (dual Quad core) and/or lot's of storage with decent performance 15K SAS drives.

One option is to turn one or more of these servers into a Shared storage device that can be used within a VMWare infrastructure as shared storage for backups, utility VM servers or a test environment for test/dev servers. CPU and memory requirements are minimal (2+ Ghz Single or Dual cores and 2-4 GB Ram) and the setup is very easy. There are a couple of open source Linux utilities that even support Bonded interfaces with Jumbo frames to enhance the overall performance.

There is an Open Source Linux utility called OpenFiler. This utility supports many interfaces and is ideal for iSCSI shared storage. I recently had a couple of ESX servers (DL380G7's) that had approximately 1.2TB extra storage each (ordered way to much local storage for ESX servers). I used OpenFiler to create shared lun's for Veeam backups and a VDI test environment, by building OpenFiler VM's and created (4) 256G Luns on each VM on the ESX servers. Now I had 2TB shared storage to use for backups and Test/Dev environments.

Anyway, below are the (2) links you can use as reference to build your environments. Works great!! Just follow the steps.

OpenFiler Information:
http://www.openfiler.com/learn/how-to/graphical-installation

VMware Configuration Instructions:
http://www.techhead.co.uk/how-to-configure-openfiler-v23-iscsi-storage-for-use-with-vmware-esx

Saturday, November 20, 2010

vSphere 4.1 Performance reporting fails after upgrade from ESX 3.5 or ESX 4.0

Overview

Again, This blog is used as (1) a central reference point to obtain specific information on issues, etc..that I will refer to posted on other sites, (2) Discovery information I generate from Virtualiztion activities, and (3) Architecture and related information around virtualization technologies:

With that said, below is another issue I found after upgrading from vSphere 3.5 to vSphere 4.1. As I have stated before, it would have been easier to just create a new "fresh" install and database.

NOTE: After this is done, you must start and stop the VMWare vCenter Server service, or restart the vCenter server completely for the update change to synchronize with the database updates.

Updating rollup jobs after the error: Performance data is currently not available for this entity

Details


VirtualCenter 2.5 and vCenter Server 4.0 use SQL Server Agent to run the following SQL Agent jobs to manage historical data:
  • Past Day stats rollup
  • Past Week stats rollup
  • Past Month stats rollup
You may need to setup or recreate SQL agent jobs to manage historical data manually under the following circumstances:
  • An upgrade to VirtualCenter 2.5 or vCenter Server 4.0 fails to add these jobs.
  • The database is upgraded from SQL Express to SQL Standard or Enterprise.
  • The database is moved to another SQL server.
  • VirtualCenter 2.5 or vCenter Server 4.0 is reinstalled and database restored from backup.
  • You try to access performance data for a period other than the last 24 hours and you are presented the message:

    Performance data is currently not available for this entity
     
  • Windows Event Viewer on vCenter server shows an entry similar to:
    EventTypeId: com.vmware.vc.stats.StatsInsertErrorEvent
    FullFormattedMessage: Stats insertion failed for entity esxhost.domain.com due to ODBC error.

Solution


Note: This is a two part solution, read and understand all of the steps before proceeding. After the jobs are created and enabled properly, they may take a significant amount of time to run. This article does not apply to installations using Microsoft SQL Server 2005 Express. SQL Server Agent is not available in Microsoft SQL Server 2005 Express. Historic data is managed by the VirtualCenter Server service in this case. 

Verifying the existence of jobs and removing them

For the scripts to install correctly, you must remove any existing Past _____ stats rollup jobs. This section verifies the existence of jobs and removes them if present. 
To verify the existence of jobs and remove them:
  1. Open SQL Management Studio using a Sysadmin account (typically SA or Administrator).
  2. Expand the Server and SQL Server Agent.
  3. Click the Jobs folder. You see a list of all jobs available on your server.

    The following jobs are related to VirtualCenter 2.5 and vCenter Server 4.0:
    • Past Day Stats Rollup
    • Past Week Stats Rollup
    • Past Month Stats Rollup
       
  4. Right-click on any of those jobs if they exist and select Delete.
  5. Click OK to confirm the deletion.
  6. Close SQL Management Studio when those jobs are removed.

Adding the SQL Server Agent Jobs

To add a SQL Server Agent Job:
  1. Open SQL Management Studio using the database login used by VirtualCenter to connect to the database (typically not SA or Administrator). See Administrative Credentials are required for Oracle and SQL Server databases when installing or upgrading Virtual Center (1003052) to ensure you have the correct permissions.
  2. Click File > Open > File.
  3. Navigate to the location of the jobs:

    Note: The driver letters may change depending on where you install VirtualCenter.
    • For VirtualCenter 2.5, go to C:\Program Files\VMware\Infrastructure\VirtualCenter Server\dbupgrade\Upgrade-v3-to-v4\T-SQL\
    • For VirtualCenter 2.5 Update 4, go to C:\Program Files\VMware\Infrastructure\VirtualCenter Server\dbupgrade\Upgrade-v4-to-v5\T-SQL\
    • For vCenter Server 4.0, go to C:\Program Files\VMware\Infrastructure\VirtualCenter Server\
       
  4. Open job_schedule1_mssql.sql.
  5. Ensure that the VirtualCenter Database is selected and that Master is not selected.
  6. Click Execute Query.
  7. Follow Steps 1 to 6 for job_schedule2_mssql.sql and job_schedule3_mssql.sql.
  8. After all three jobs are created, navigate to SQL Server Agent > Jobs in the Object Explorer.
  9. Right-click Past Day stats rollup, then click Properties. Ensure that the owner of the job is the same user as the owner of the database.
  10. Right-click Past Month stats rollup, then click Properties. Ensure that the owner of the job is the same user as the owner of the database.
  11. Right-click Past Week stats rollup, then click Properties. Ensure that the owner of the job is the same user as the owner of the database.  

Oracle

To ensure that the scripts are upgraded properly:
  1. Open SQL Plus.
  2. Click File > Open > File.
  3. Navigate to the location of the jobs and copy the contents of job_schedule1_oracle.sql:
    • For VirtualCenter 2.5, go to C:\Program Files\VMware\Infrastructure\VirtualCenter Server\dbupgrade\Upgrade-v3-to-v4\PL-SQL\
    • For vCenter Server 4.0, go to C:\Program Files\VMware\Infrastructure\VirtualCenter Server\
       
  4. Open an sqlplus session with a user account that has access to the Oracle tables, jobs, and schedules related to the vCenter Server.
  5. Execute the job_schedule1_oracle.sql script.

    Note: Contact your Oracle database administrator or see Oracle support documentation for information on how to execute Oracle scripts.

     
  6. Repeat steps 1-6 for job_schedule2_oracle.sql and job_schedule3_oracle.sql.
  7. After all three jobs are created, ensure that the global Oracle setting JOB_QUEUE_PROCESSES is not set to 0 as this disables all job processing. 
Additional Information
If you encounter issues after upgrading to vCenter Server 4.0, see Past Week stats rollupvc40 SQL Server job fails to complete after upgrading to vCenter 4.0 (1014209).

View 4.5 Windows 7 Licenses Activation Failure: "View Composer agent initialization state error (16): Failed to activate the software license (waited 1755 seconds)"

Overview


To speed up the provisioning of Windows 7 desktops through VMWare View composer in View 4.5, I suggest to bypass the Windows 7 Activation all together. If you are using MAK or KMS, let the windows OS handle the activation. I previously posted the alternative method if you are using  MAK, but have found a large delay in provisioning after the Windows 7 VM's are added and ready to go. The licensing part of the Quickprep will work about 50% of the time. My solution is to disable the windows activation all together. Below are the details.

Also, as part of prepping the Windows 7 desktop I would also refer to post:

http://dharmgolf.blogspot.com/2010/11/vmware-view-45-fix-for-windows-7.html


Bypassing KMS license activation performed by View Composer on Windows 7 and Windows Vista operating systems.

Details

By default, the View Composer QuickPrep process uses Microsoft Key Management Service (KMS) to activate Windows 7 and Windows Vista guest operating systems. To make sure that View Composer properly activates the operating systems on linked-clone desktops, you must use KMS license activation on the parent virtual machine.

QuickPrep does not use other volume activation methods such as Multiple Activation Key (MAK) licensing.

CAUTION: View Composer does not support MAK license activation. Use MAK license activation at your own risk. For example, each recompose operation can increase the MAK license count, which can result in the unexpected depletion of MAK licenses.

Solution

To bypass license activation altogether:

1. In the guest operating system on the parent virtual machine, start the Windows Registry Editor and navigate to the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmware-viewcomposer-ga

2. Navigate to the SkipLicenseActivation registry value. The default value is 0.

3. Set the value to 1.

Thursday, November 18, 2010

vSphere Client Failure: Error (503) Service Unavailable

Ran into this today.

There is a potential race condition between ESX hosts and DNS servers after reboots, where the Web Service fails to start after ESX reboot in vSphere 4.x environments. This seems to be isolated to ESX not ESXi.

Basically, you will need to set the web accesss service to always retry upon failures by executing the following  "chkconfig" command on the ESX service console (as root). All good after this:)


[root@viewesx01]# chkconfig --level 3 vmware-webAccess on

VMWare View 4.5 Fix for Windows 7 provisioing error: "View Composer agent initialization state error (18): Failed to join the domain"

The same thing happened for Windows XP, but that fix is different and I already posted that solution previously.:)

 

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1024419

View Composer linked clones fail to finish customizing when they are created from a Windows 7 parent virtual machine and the Active Directory is configured on Windows Server 2008.

Details

Most linked clones that have this problem cannot join the domain. View Administrator displays the following error message: "View Composer agent initialization state error (18): Failed to join the domain (waited nnn seconds)."

This issue does not occur when the View deployment uses an Active Directory instance that runs on Windows Server 2003.

Solution

1. Take the following actions in the Windows 7 operating system on the parent virtual machine:
*  Set the default DHCP gateway. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, select "Obtain an IP address automatically," click Advanced, click ADD under the Default Gateways list, and type the default DHCP gateway.
* Disable Internet Protocol version 6 (IPv6).
* Follow the instructions in the Microsoft Support Knowledge Base article, Unable to Join Windows Server 2008 R2 or Windows 7 Computer to Active Directory Domain.
See http://support.microsoft.com/kb/2008652.

In particular, add the following Windows registry key to the parent virtual machine:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters
Value Name: NeutralizeNT4Emulator
Value Type: REG_DWORD
Value Data: 0x1

* In the DNS tab of the Advanced TCP/IP Settings dialog box, remove extraneous DNS servers from the list of DNS server addresses.
2. Take a snapshot of the parent virtual machine and create the linked-clone desktop pool again.

Wednesday, November 17, 2010

Cisco and VMware to Deliver Integrated Virtual Desktop Solution

Works great as well. I have a couple of deployments using this infrastructure. Very nice:$)
Cisco and VMware to Deliver Integrated Virtual Desktop Solution - Yahoo! Finance
http://finance.yahoo.com/news/Cisco-and-VMware-to-Deliver-iw-600412201.html?x=0

Monday, November 15, 2010

View Composer agent initialization state error (18): Failed to join the domain

Overview

I found an issue during View 4.5 installation with Windows XP SP3 linked clones. I was receiving the error message"View Composer agent initialization state error (18): Failed to join the domain". I found the following Link that needs to be applied to the base image, then new snapshot and recompose. All works great after that.

http://www.microsoft.com/downloads/en/details.aspx?FamilyId=7C1CB63F-7447-4DB3-AA3A-4C9DC9547B40&displaylang=en

vSphere 4.1: Network redundancy message when configuring VMware High Availability in vCenter Server

Overview

Yet another annoying issue with vSphere 4.1 upgrades. This seems to happen when there are only 2 servers in the cluster with HA configured. As always, this site is here to provide a central repository of information for VMWare vSphere and related products. I am working on vCloud 1.0 as well, so stay tuned for further details regarding Chargeback, etc.. View 4.5 is rocking!!!!  7 vSphere upgrades so far this month from ESX 3.5 using VMWare Update Manager...Works great!!!

 

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004700


 

Network redundancy message when configuring VMware High Availability in vCenter Server

Symptoms

When configuring the VMware High Availability (HA) in a vCenter Server, you see the message:
Host <xxx> currently has no management network redundancy.

Resolution

This message appears if the Service Console does not have network redundancy configured properly and can be safely ignored.
To prevent this message from appearing and to comply with proper network redundancy, VMware recommends that you add a second service console on a different vSwitch and subnet. Alternatively, you can add a second vmnic to the service console vSwitch.

To suppress this message on ESX hosts in the VMware High Availability (HA) cluster or if the warning appears for a host already configured in a cluster, set the VMware HA advanced option das.ignoreRedundantNetWarning to true and reconfigure VMware HA on that host.  This advanced option is available in VMware Virtual Center 2.5 Update 3 and later.

Note: If the warning continues to appear, disable and re-enable VMware High Availability in the cluster.

To set das.ignoreRedundantNetWarning to true:
  1. From VMware Infrastructure Client, right-click on the cluster and click Edit Settings.
  2. Select VMware HA and click Advanced Options.
  3. In the Options column, enter das.ignoreRedundantNetWarning.
  4. In the Value column, enter true.

    Note
    : Steps 3 and 4 create a new option.
  5. Click OK.
  6. Reconfigure HA.

Additional Information

For more information on Service Console redundancy, see Service Console Redundancy for VMware High Availability (1002641).

Installing VMware Update Manager 4.1 fails with the error: Error 25085

Overview

I ran into this during an upgrade today. If the ESX 3.5 vCenter database was upgraded instead of rebuilt (which it is easy to just rebuild the environment through vCenter anyway), you may run into this issue. Basically, the install goes al the way through, but at the end when the VUM tries to register the service the error 25085 occurs. I bascially had to create the CN=com.vmware.vcIntegrity entry and everything worked.

Below is the details of the link from KB at vmware.


http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1024795


Installing VMware Update Manager 4.1 fails with the error: Error 25085

Symptoms

  • When attempting to install or upgrade VMware Update Manager 4.1 the install nearly finishes but then fails
  • You see the error:
Error 25085.Setup failed to register VMware vCenter Update Manager extension to VMware vCenter Server: vcenter.hostname.com
  • The vpxd.log (located at C:\Documents and Settings\All Users\Application Data\VMware\VirtualCenter\logs) contains entries similar to:
    [2010-07-20 11:30:01.527 02556 error 'App' opID=b9f6590f] [LDAP Client] Failed to add LDAP entry CN=com.vmware.vcIntegrity,CN=047E1FE0-0B70-4FF6-AE55-3DC
    6F9BC7EC5,OU=ComponentSpecs,OU=Health,dc=virtualcenter,dc=vmware,dc=int: 0x44 (The object already exists.)

    [2010-08-07 12:45:45.667 02432 error 'App' opID=6673de34] [LDAP Client] [LDAP Client] Failed to delete LDAP entryCN=com.vmware.vcIntegrity,CN=24FE3541-40A2-427C-85CA-0069575BA81F,OU=ComponentSpecs,OU=Health,dc=virtualcenter,dc=vmware,dc=int: 0x20 (Object does not exist.)
  • The install log vminst.log (located at C:\Users\<username>\AppData\Local\Temp\2 for Windows 2008 or C:\Documents and Settings\<username>\Local Settings\Temp for legacy versions of Windows) contains errors similar to:

    VMware Update Manager-build-256596: 07/20/10 11:29:58 --- CA exec: VMRegisterExtension
    VMware Update Manager-build-256596: 07/20/10 11:29:58 INFO: Reg/UnReg extn command: ["-v 10.0.0.1 -p 80 -U "user" -P *** -S "C:\Program Files (x86)\VMware\Infrastructure\Update Manager\extension.xml" -C "C:\Program Files (x86)\VMware\Infrastructure\Update Manager\\" -L "C:\Users\user\AppData\Local\Temp\\" -O extupdate"]
    VMware Update Manager-build-256596: 07/20/10 11:29:58 AppendPath::done Path: C:\Program Files (x86)\VMware\Infrastructure\Update Manager\vciInstallUtils.exe
    VMware Update Manager-build-256596: 07/20/10 11:29:58 Found "C:\Program Files (x86)\VMware\Infrastructure\Update Manager\vciInstallUtils.exe"
    VMware Update Manager-build-256596: 07/20/10 11:30:01 Process returned 199
    VMware Update Manager-build-256596: 07/20/10 11:30:01 Error:: Unknown VC error
    VMware Update Manager-build-256596: 07/20/10 11:30:01 ERROR: VUM registeration with VC failed

Resolution

This issue occurs if there are incorrect values in the ADAM database. To resolve this issue, modify the ADAM database on the vCenter Server with the correct values.
 
To modify the ADAM database:
  1. Connect to the ADAM database.
    • For Windows 2003 :
      1. Go to Start > Programs > ADAM > ADAM ADSI Edit to open the ADAM editor.
      2. Right-click ADAM ADSI Edit and click Connect to....
      3. Choose Distinguished name (DN) or naming context and type dc=virtualcenter,dc=vmware,dc=int
    • For Windows 2008:
      1. Go to Start > Administrative Tools > ADSI Edit to open the ADAM editor.
      2. Right-click ADSI Edit at the root level and select Connect to... The Connection Settings window appears.
      3. For Connection Point, choose Select or type a Distinguished Name or Naming Context and type dc=virtualcenter,dc=vmware,dc=int
      4. Under Computer, click Select or type a domain or server... then select localhost or type localhost:389 from the dropdown.
      5. Click OK.
  2. Expand the dc=virtualcenter,dc=vmware,dc=int folder in the left pane.
  3. Next expand OU=Health, and then OU=ComponentSpecs. 
  4. Finally expand CN=<RANDOM STRING> (for example, from the above vpxd.log error CN=047E1FE0-0B70-4FF6-AE55-3DC6F9BC7EC5).
  5. Right-click CN=com.vmware.vcIntegrity and rename it (for example, CN=com.vmware.vcIntegrityold).

    This issue can be caused by a non-existent value. If the value is not there, simply create a new value that reads CN=com.vmware.vcIntegrity.
  6. Close ADSI Edit.

Additional Information

In addition to modifying the ADAM database, the vCenter database may need to be corrected as well.
 
To correct the vCenter database:
  1. Go to Start > Run, type services.msc, and click OK.
  2. Click VirtualCenter Server Service, then click Stop.
  3. Launch SQL Server Management Studio.
  4. Click the vCenter Server database, and execute these commands:
    delete from VPX_EXT_TYPE_IDS where EXT_ID = 'com.vmware.vcIntegrity'delete from VPX_EXT_PRIVS where EXT_ID = 'com.vmware.vcIntegrity'delete from VPX_EXT_CLIENT where EXT_ID = 'com.vmware.vcIntegrity'delete from VPX_EXT_SERVER_EMAIL where exists(select 1 from VPX_EXT_SERVER where VPX_EXT_SERVER.EXT_SERVER_ID = VPX_EXT_SERVER_EMAIL.EXT_SERVER_ID
    AND VPX_EXT_SERVER.EXT_ID = 'com.vmware.vcIntegrity')
    delete from VPX_EXT_SERVER where EXT_ID = 'com.vmware.vcIntegrity'delete from VPX_EXT where EXT_ID = 'com.vmware.vcIntegrity'
  5. Start the vCenter Server services.
This failure can occur if the vCenter Management Web Service not running:
 
[LDAP Client] Failed to add LDAP entry CN=com.vmware.vcIntegrity,CN=08127EEE-A6FA-43D8-8314-2B9F188D4D38,OU=ComponentSpecs,OU=Health,dc=virtualcenter,dc=vmware,dc=int: 0x20 ( Object does not exist.)
 
Verify that the vCenter Management Web Services is started and functioning properly and run the VMware Update Manager installation.
 
 
This error may also be observed with Converter. Instead of renaming CN=com.vmware.vcIntegrity the value is CN=com.vmware.converter.
 
In addition, you may also encounter this error if you have a port conflict on your vCenter Server. Ensure that all required ports are open. For more information on what network ports are required, see vCenter Server 4.1 network port requirements (1022256).

Tuesday, November 9, 2010

VMware vSphere Data Recovery: Overview and Deployment

Overview

One of the new features in vSphere is the Data Back and Recovery feature. It is provisioned as a virtual machine within your vSphere environment and integrates with the vCenter server to give you fully centralized management of your backups.

VMware Data Recovery Offerings

There is a great site that I am going to refer to that descibes how to set this up and deply within your VMWare Environment. I am also in the process of evaluating Veeam v5 ( http://www.veeam.com/vmware-esx-backup.html )> I have been very satisfied with the results of previous Veeam installations, but this is not free:)

VMWare vSphere Data Recovery Links
http://www.petri.co.il/vmware-vsphere-data-recovery.htm
http://www.petri.co.il/vmware-data-recovery-backup-and-restore.htm

This is a great site for many areas in Virtualization!!

Resolution for vSphere 4.1 Deploying .ovf and .ova template failures

No, your virtual appliance is not corrupt, so don't re-download 4 times and expect it to magically work in vSphere 4.1. I have seen a couple of issues around deploying .ovf and .ova templates in vSphere 4.1. There are a couple of options you can use.You can download and use the VMWare converter (or VM Workstation export/import) and import directly into the ESX host instead of vCenter, since this looks like a vCenter 4.1 issue or make sure SSL is enabled.

I had this problem with a VMWare appliance with vCenter 4.1 for an IP Tracking .ova file and had to do the following: (defaults may have changed in 4.1)

Enabling SSL:
To do so on vSphere4:  (Turned on by default in vSphere 4.1)
Go to the VI client
Administration->vCenter Server Settings -> SSL settings
mark the checkbox "vCenter requires verified host SSL certificates". You might be needing to reconnect your host(s) to the VC and provide user and password to the host(s) afterwards.

Wednesday, November 3, 2010

VMWare View 4.5 - ThinApp Configuration Workaround for Stuck ThinApp

I just ran into this issue. When using "Full" installation of ThinApps to Desktops, if you blow away the ThinApp or try to re-build, you may see the error "Unable to delete ThinApp due to associated with a desktop". The following kb article I found works well to clear out this issue.. They need to fix this:)

http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&externalId=1027898

ThinApps in View Administrator show an assignment but the Assignments tab is empty

Symptoms


  • In the View Administrator, under the ThinApps section, you have a ThinApp listed with Assignments listed in the Full Assignments column. However, if you double-click that ThinApp, and go to the Assignments tab, no assignments are listed.
  • You are unable to delete a ThinApp from the View Administrator.
  • If you try to delete a ThinApp from the View Administrator, you see the error:

    The application is currently assigned and can not be removed.
  • A pool or desktop has been deleted without first removing any assigned ThinApps from it.

Resolution


This problem occurs when the ThinApp does not get deleted from the View ADAM database correctly.
To resolve this issue problem, manually delete the ThinApp from the database.
To manually delete the ThinApp from the database:
  1. Log into a View Connection server as an administrative user.
  2. Back up the View LDAP database. For information, see Export Configuration Data from View Connection Server in the VMware View 4.5 Administrator's Guide.
  3. Load the ADSI Edit tool by clicking Start > All Programs > ADAM > ADSI Edit.
  4. Right-click ADAM ADSI Edit and choose Connect to.
  5. Under Connection name:, enter VMware View.
  6. Under Server name:, enter localhost.
  7. Select the radio button labeled Distinguished name (DN) or naming context.
  8. In the text entry field, enter DC=vdi,DC=vmware,DC=int
  9. Leave all other settings at their defaults and click OK.
  10. Expand the tree as follows: VMware View> DC=vdi,DC=vmware,DC=int
  11. Click OU=Applications.
  12. In the right-hand pane, look for listings with a Class of pae-ThinAppApplication. Open each of these entries by double-clicking on them, and look for the pae-DisplayName attribute. Find the entry that matches the ThinApp that is causing a problem. Right-click the entry and select Delete.
  13. In the View Administrator, navigate to the ThinApps section, and refresh the list if necessary. The ThinApp is now gone

VMWare View 4.5 Thinapp Configuration made easy


Now, this assumes you already have a workstation process setup for thinapp configuration. I am using a Windows 7 Pro 32bit VM. I snapshot the VM and revert back to clean everything off the image after I validated the installation. The only software installed on this image is VMWare Tools and a AV program.

There are 2 modes you can assign apps, Full installation or Streaming. I prefer Full mode with the .msi file since this is much quicker and is updated as needed. The streaming application can be a little slow, but works well also. The ThinApp can be assigned to a Pool or individual desktop.

Since VMware View 4.5 is available it is possible to integrate the usage and deployment of VMware ThinApp virtual applications into VMware View. Configuration can easily be done from VMware View Administrator management console by following three basic steps.
Before adding ThinApps to VMware View it is necessary to build an MSI file from your ThinApp Setup Capture files.

Step1 – Under View Configuration, go to ThinApp Configuration and choose “Add Repository…”. Add the network share where the ThinApp MSI files are located.

View4.5_ThinApp Configuration
Step2 – Under Inventory, go to ThinApps and choose “Scan New ThinApps…”. From here you can add all ThinApp virtual applications that you want to deliver to an end user.

View4.5_ThinApps
Step3 – Click “Add Assignment” and select the desktop pool to publish the ThinApp virtual applications to. In addition it is also possible to select the desired installation type:
Streaming or Full.

View4.5_ThinApp Assignment

From now basic configuration is done!
After logon to your virtual desktop the ThinApp virtual applications will be available! It will even install while the user is logged in as well.

Also, if you would like streaming apps, you will need to set MSIStreaming=1 in your package.ini before you build. You can always rebuild if you miss this.

I will be working on a list of applications I was able to ThinApp as well.

Enjoy!!!

Tuesday, November 2, 2010

Creating a Windows 2008 R2 VM As a Template

Creating a Windows 2008 R2 Server VM As a template

The main objective is to build a deployable windows 2008 R2 template that is predictable and easy to manage. As you may know, I do not claim to be a Microsoft Server guy, but sometimes you just have to take the bull by the horns. The following procedure is what I have found to be the best for my environments. I am really pleased with the overall 2008 server performance for VMWare environments, especially with VMWare View 4.5 deployments.

Create VM, use VMXNET3 as NIC(s), 40GB “thin” disk, using 2008 R2 Wizard

I use ISO images and encourage their use. The size of the OS volume will end-up being somewhere around 8GB of actual space-on-disk after this step, making 40GB sound like overkill. However, the OS volume will bloat-up to 18-20GB pretty quick after updates, roles and feature additions. Adding application(s) will quickly chew-up the rest.
  • Edit Settings… ->
    • Options -> Advanced -> General -> Uncheck “Enable logging” * This is very important since the ISO will not be seen of checked - default is enabled *
    • Hardware -> CD/DVD Drive 1 ->
      • Click “Datastore ISO File”
        • Browse to Windows 2008 R2 ISO image
      • Check “Connect at power on”
    • Options -> Advanced -> Boot Options -> Force BIOS Setup
      • Check “The next time the virtual machine boots, force entry into the BIOS setup screen”
  • Power on VM
  • Install Windows Server 2008 R2

 

Setting Time Synchronization in VMWare Tools:

It is very important to have a solid mapping for the overall timing of the ESX environments from hosts to guests. The default for VMWare tools is not to time sync with ESX servers. As long as the same clock source is used for VM's and ESX hosts, all should be good.

To enable time sync with ESX Hosts
Open VMWare Tools:
  Options-> check the box "Time Synchronization between the virtual machine and ESX Server"

I prefer to enable this option since when I build these VM's I always make sure the ESX timing is engineered correctly.

Complete Initial Configuration Tasks:

Once the initial installation is complete, we need to complete the 2008 R2 basic configuration. If you are working in an AD environment, this is not the time to join the template to the domain as GPO conflicts may hinder manual template defaults. We’ve chosen a minimal package installation based on our typical deployment profile. Some features/roles may differ in your organization’s template (mix to taste).
  • Set time zone -> Date and Time ->
    • Internet Time -> Change Settings… -> Set to local time source
    • Date and Time -> Change time zone… -> Set to local time zone
  • Provide computer name and domain -> Computer name ->
    • Enterprise Edition: W2K8R2ENT-TMPL
    • Standard Edition: W2K8R2STD-TMPL
    • Foundation Edition: W2K8R2FND-TMPL
    • Note: Don’t join to a domain just yet…
  • Restart Later
  • Configure Networking
    • Disable QoS Packet Scheduler
  • Enable automatic updating and feedback
    • Manually configure settings
      • Windows automatic updating -> Change Setting… ->
        • Important updates -> “check for updates but let me choose whether to download and install them”
        • Recommended updates -> Check “Give me recommended updates the same way I receive important updates”
        • Who can install updates -> Uncheck “Allow all users to install updates on this computer”
      • Windows Error Reporting -> Change Setting… ->
        • Select “I don’t want to participate, and don’t ask me again”
      • Customer Experience Improvement Program -> Change Setting… ->
        • Select “No, I don’t want to participate”
  • Download and install updates
    • Bring to current (may require several reboots)
  • Add features (to taste)
    • .NET Framwork 3.5.1 Feautures
      • Check WCF Activation, Non-HTTP Activation
        • Pop-up: Click “Add Required Features”
    • SNMP Services
    • Telnet Client
    • TFTP Client
    • Windows PowerShell Integrated Scripting Environment (ISE)
  • Check for updates after new features
    • Install available updates
  • Enable Remote Desktop
    • System Properties -> Remote
      • Windows 2003 AD
        • Select “Allow connections from computers running any version of Remote Desktop”
      • Windows 2008 AD (optional)
        • Select “Allow connections only from computers running Remote Desktop with Network Level Authentication”
  • Windows Firewall
    • Turn Windows Firewall on of off
      • Home or work location settings
        • Turn off Windows Firewall
      • Public network location settings
        • Turn off Windows Firewall
  • Complete Initial Configuration Tasks
    • Check “Do not show this window at logon” and close

Modify and Silence Server Manager

(Optional) Parts of this step may violate your local security policies, however, it’s more than likely that a GPO will ultimately override this configuration. We find it useful to have this disabled for “general purpose” templates – especially in a testing/lab environment where the security measures will be defeated as a matter of practice.
  • Security Information -> Configure IE ESC
    • Select Administrators Off
    • Select Users Off
  • Select “Do not show me this console at logon” and close

Modify Taskbar Properties

Making the taskbar usable for your organization is another matter of taste. We like smaller icons and maximizing desktop utility. We also hate being nagged by the notification area…
  • Right-click Taskbar -> Taskbar and Start Menu Properties ->
    • Taskbar -> Check “Use small icons”
    • Taskbar -> Customize… ->
      • Set all icons to “Only show notifications”
      • Click “Turn system icons on or off”
        • Turn off “Volume”
    • Start Menu -> Customize…
      • Uncheck “Use large icons”

Modify default settings in Control Panel

Some Control Panel changes will help “optimize” the performance of the VM by disabling unnecessary features like screen saver and power management. We like to see our corporate logo on server desktops (regardless of performance implications) so now’s the time to make that change as well.
  • Control Panel -> Power Options -> High Performance
    • Change plan settings -> Turn off the display -> Never
  • Control Panel -> Sound ->
    • Pop-up: “Would you like to enable the Windows Audio Service?” – No
    • Sound -> Sounds -> Sound Scheme: No Sounds
    • Uncheck “Play Windows Startup sound”
  • Control Panel -> VMware Tools -> Uncheck “Show VMware Tools in the taskbar”
  • Control Panel -> Display -> Change screen saver -> Screen Saver -> Blank, Wait 10 minutes
  • Change default desktop image (optional)
    • Copy your desktop logo background to a public folder (i.e. “c:\Users\Public\Public Pictures”)
    • Control Panel -> Display -> Change desktop background -> Browse…
    • Find picture in browser, Picture position stretch

Disable Swap File

Disabling swap will allow the defragment step to be more efficient and will disable VMware’s advanced memory management functions. This is only temporary and we’ll be enabling swap right before committing the VM to template.
  • Computer Properties -> Visual Effects -> Adjust for best performance
  • Computer Properties -> Advanced System Settings ->
    • System Properties -> Advanced -> Performance -> Settings… ->
    • Performance Options -> Advanced -> Change…
      • Uncheck “Automatically manage paging file size for all drives”
      • Select “No paging file”
      • Click “Set” to disable swap file

Disable indexing on C:

Indexing the OS disk can suck performance and increase disk I/O unnecessarily. Chances are, this template (when cloned) will be heavily cached on your disk array so indexing in the OS will not likely benefit the template. We prefer to disable this feature as a matter of practice.
  • C: -> Properties -> General ->
    • Uncheck “Allow files on this drive to have contents indexed in addition to file properties”
    • Apply -> Apply changes to C:\ only (or files and folders, to taste)

Housekeeping

Time to clean-up and prepare for a streamlined template. The first step is intended to aid the copying of “administrator defaults” to “user defaults.” If this does not apply, just defragment.
Remove “Default” user settings:
  • C:\Users -> Folder Options -> View -> Show hidden files…
  • C:\Users\Default -> Delete “NTUser.*” Delete “Music, Pictures, Saved Games, Videos”
Defragment
  • C: -> Properties -> Tools -> Defragment Now…
    • Select “(C:)”
    • Click “Defragment disk”

Copy Administrator settings to “Default” user

The “formal” way of handling this step requires a third-party utility. We’re giving credit to Jason Samuel for consolidating other bloggers methods because he was the first to point out the importance of the “unattend.xml” file and it really saved us some time. His blog post also includes a link to an example “unattend.xml” file that can be modified for your specific use, as we have.
  • Jason Samuel points out a way to “easily” copy Administrator settings to defaults, by activating the CopyProfile node in an “unattend.xml” file used by sysprep.
  • Copy your “unattend.xml” file to C:\windows\system32\sysprep
  • Edit unattend.xml for environment and R2 version
    • Update offline image pointer to correspond to your virtual CD
      • E.g. wim:d:… -> wim:f:…
    • Update OS offline image source pointer, valid sources are:
      • Windows Server 2008 R2 SERVERDATACENTER
      • Windows Server 2008 R2 SERVERDATACENTERCORE
      • Windows Server 2008 R2 SERVERENTERPRISE
      • Windows Server 2008 R2 SERVERENTERPRISECORE
      • Windows Server 2008 R2 SERVERSTANDARD
      • Windows Server 2008 R2 SERVERSTANDARDCORE
      • Windows Server 2008 R2 SERVERWEB
      • Windows Server 2008 R2 SERVERWEBCORE
      • Windows Server 2008 R2 SERVERWINFOUNDATION
    • Any additional changes necessary
  • NOTE: now would be a good time to snapshot/backup the VM
  • cmd: cd \windows\system32\sysprep
  • cmd: sysprep /generalize /oobe /reboot /unattend:unattend.xml
    • Check “Generalize”
    • Shutdown Options -> Reboot
  • Login
  • Skip Activation
  • Administrator defaults are now system defaults
  • Reset Template Name
    • Computer Properties -> Advanced System Settings -> Computer name -> Change…
      • Enterprise Edition: W2K8R2ENT-TMPL
      • Standard Edition: W2K8R2STD-TMPL
      • Foundation Edition: W2K8R2FND-TMPL
    • If this will be an AD member clone, join template to the domain now
    • Restart
  • Enable Swap files
    • Computer Properties -> Advanced System Settings ->
      • System Properties -> Advanced -> Performance -> Settings… ->
      • Performance Options -> Advanced -> Change…
        • Check “Automatically manage paging file size for all drives”
  • Release IP
    • cmd: ipconfig /release
  • Shutdown
  • Convert VM to template

Convert VM Template to Clone

Shut doiwn the VM and "Right-Click" Clone to template. I also like to use the Export utility to create a .OVF template on a file share as well.


Note: Procedures copied from the following "In The Lab" Blog. This is a very good information site, so please refer to link below. :I made a couple of modifications to fit my environment, but overll (90%) is from this guy.

http://solori.wordpress.com/2010/09/30/in-the-lab-windows-server-2008-r2-template-for-vmware/

Friday, October 29, 2010

VIrtual Desktop Upcoming Blogs

  1. Thin Client comparisons and performance (Wyse P20, Wyse R50L, Samsung NC190 and HP 5745) using Teradici'sPC-over-IP protocol from VMWare View 4.5 deployments
  2. User persona management best practice's (Appsense, LiquidWare Profile Unity, ScriptLogic, Windows 2008 Roaming Profile Management)
  3. Printer Controls through Golden Image deployments
  4. ThinApp configuration and performance results in View 4.5

VMWare vCenter 4.1 Upgrade Notes - Ran into this one the other day as well

URL For furtner information:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1026688

VMware VirtualCenter Server service fails after upgrading to vCenter Server 4.1

Symptoms

  • The VirtualCenter Server service fails after upgrading to vCenter Server 4.1.
  • You see this error in the vpxd logs:

    Panic: Win32 exception: Access Violation (0xc0000005)
       Read (0) at address 0000000000000098
       rip: 000000014071edcc rsp: 000000000419c700 rbp: 000000000419e160
       rax: 000000000419c7a8 rbx: 0000000000000018 rcx: 0000000000000020
       rdx: 000000000419c798 rdi: 0000000000000000 rsi: 000000000e8667b0
       r8:  000000000419c7a8 r9:  000000000cab1eea r10: 0000000002d27fd0
       r11: 000000000419c750 r12: 0000000007279700 r13: 0000000007279740
       r14: 00000000032edeb0 r15: 0000000000000004

    Note: For more information about the vpxd logs, see vpxd log directory path when vCenter Server 4.0 is installed on Windows Server 2008 (1011938).
  • In vCenter Server 4.0, operations such as Inventory > Search fails. The vws.log file truncates with a Chunked stream ended unexpected error
  • In vCenter Server 4.1, vCenter 4.1 fails immediately after it is started and the vpxd-*.log shows an ASSERT fails at one of the following:
    • ASSERT d:/build/ob/bora-258902/bora/vpx/vpxd/util/vpxdDbLoad.cpp:1059
    • ASSERT d:/build/ob/bora-258902/bora/vpx/vpxd/util/vpxdDbLoad.cpp:1066

Resolution

This issue is caused by corrupt entries for the virtual machine in the vCenter database.

Caution: This article deals with SQL database operations. Before proceeding, ensure that you are familiar with database concepts and that you have adequate backups.
 
To avoid encountering this issue:
  1. Download the appropriate script for your environment. The scripts are attached to this article (located in the Attachments section at the bottom of this article).
  2. Unzip the scripts.
  3. Run the scripts on vCenter Server 4.0 database.

    Note: The SQL query must be run with fully qualified database table names. If you have multiple database instances, there may be a need to qualify the tables with the db-instance name and the db-owner name. For example, VPX_VM_CONFIG_INFO in the query should be changed to <DB_NAME>.<DB_OWNER>.VPX_VM_CONFIG_INFO.
  4. If no result are returned, you can continue with the upgrade

    If any virtual machines are reported with inconsistent data, remove and re-register the affected virtual machines.
    1. Power off the virtual machine.
    2. Right-click the virtual machine and choose Remove from inventory.
    3. Click Yes to remove the virtual machine.
    4. Browse to the datastore where the virtual machine is stored.
    5. Right-click the .vmx file for the virtual machine, choose Add to inventory, and follow the on-screen wizard.
  5. Continue with the upgrade.
If you have upgraded to vCenter Server 4.1 and the server keeps failing:
  1. Roll back to vCenter Server 4.0. Connect vCenter Server 4.0 to the backup database.
  2. Run the downloaded scripts on the vCenter Server 4.0 database.

    Note: The SQL query must be run with fully qualified database table names. If you have multiple database instances, there may be a need to qualify the tables with the db-instance name and the db-owner name. For example, VPX_VM_CONFIG_INFO in the query should be changed to <DB_NAME>.<DB_OWNER>.VPX_VM_CONFIG_INFO.
  3. Find out if virtual machines are reported with inconsistent data.
  4. Install vCenter Server 4.0 against the database backup.
  5. Through the vSphere Client, remove and re-register the virtual machine.
    1. Power off the virtual machine.
    2. Right-click the virtual machine and choose Remove from inventory.
    3. Click Yes to remove the virtual machine.
    4. Browse to the datastore where the virtual machine is stored.
    5. Right-click the .vmx file for the virtual machine, choose Add to inventory, and follow the on-screen wizard.
  6. Re-try the upgrade.
Note: If you experience the issue even though the script returned no virtual machines, this may be a new issue that has not been reported to VMware. Please contact VMware Support, with vCenter support information and a backup of the database for further review by VMware.

Additional Information

Attachments

Tuesday, October 26, 2010

VMWare View 4.5 Information - Debug for Networking Server 2008 Firewall

When installing VMWare View manager on Windows 2008 STD, you will need to disable firewall or make sure all the neworking ports are open related to View. ALthough View tries to open the ports, 4001 and 8009 are still blocked. Below is some information regarding testing out the ports from the Base Windows 7 image and the VIew Manager on WIndows 2008.

 

Connecting to the virtual desktop from the VMware View Client fails with the error: Virtual Desktop in not available

Symptoms

  • Connecting to the virtual desktop from the VMware View Client fails
  • You see the error:

    Virtual Desktop is not available
  • When viewing the virtual desktop in the View Admin console in Desktop Sources View, the virtual machine status shows as:

    Waiting for Agent

Resolution

This issue may occur if:
  • The Agent is not installed or if the version is not the same as the Connection Server.
  • The virtual desktop cannot communicate with the Connection Server over port 4001.
To resolve this issue, ensure that the Agent is installed and that the version is the same as the Connection Server.
 
If installing the correct version of the Agent does not resolve this issue, verify that the Virtual Desktop can communicate to the Connection Server over port 4001.
 
Ports required from Client to Agent without Security Server are:
  • 3389 - RDP  
  • 50002 - PCoIP 
  • 4001 -JMS
Port required from Client to Agent with Security Server is: 
  • 80 - HTTP & 443 to Security Server
 To verify that the virtual desktop can communicate to the Connection Server over port 4001:
  1. Click Start > Run, type cmd, and click OK.
  2. Run this command to perform a netstat on the Virtual Desktop:
    netstat -an
    If there is a connection between the local address and the Connection Server, the output looks similar to:
    Proto Local Address                    Foreign Address                   State
    TCP   "IPOfVirtualMachine:random Port" "IP of the Connection Server:4001 ESTABLISHED
    -------------------------------------------------------------------------------
    Note: Connectivity can be also tested by performing a netstat on the Connection Server. In this case, the output looks similar to:
    Proto Local Address                     Foreign Address                  State
    TCP   "IP of the Connection Server:4001 "IPOfVirtualMachine:random Port" ESTABLISHED
    -------------------------------------------------------------------------------
  3. Run this command to test if the port is open and accessible from the virtual desktop:

    telnet <ipaddress> 4001

    If you receive a connection error, check for a firewall enabled on the virtual desktop, Connection Server, or in the network infrastructure between the two points.

VMWare View Networking Ports and Related information

To allow external client devices to connect to a security server within the DMZ, the front end firewall must allow inbound traffic on TCP ports 80 and 443. To allow the security server to communicate with each standard or replica server that resides within the internal network, the back-end firewall must allow inbound traffic on TCP port 8009 for AJP13-forwarded Web traffic, TCP port 4001 for Java Message Service (JMS) traffic, and TCP port 3389 for RDP traffic

Behind the back‐end firewall, internal firewalls must be similarly configured in order to allow the View Manager desktops and View Connection Server instances to communicate with each other. Port 3389 (RDP) is used for traffic originating from a standard or replica server that is directed at a guest system. Port 4001 is used for JMS traffic originating from either the View Agent component installed on each View Manager desktop or from a security server in the DMZ, and is directed at standard or replica View Connection Server instances.


902
TCP
View Client/View Client with Offline Desktop
ESX Host
(Optional) View Client with Offline Desktop data is downloaded and uploaded through this port.
View 4.x
3268
TCP
View/VDM Connection Server/View Manager
Active Directory Server
Global Catalog Server
View 4.x
3269
TCP
View/VDM Connection Server/View Manager
Active Directory Server
Global Catalog Server
View 4.x
3389
TCP
Thin Client
ESX host
RDP Protocol
View 4.x
9427
TCP
View Client/View Client with Offline Desktop
View Agent (Virtual Desktop)
(Optional) Multimedia Redirection (MMR). MMR is support by View Client and View Client with Offline Desktop on certain operating systems.
View 4.x
18443
TCP
View Connection Server/View Manager
vCenter Server
View Composer
View 4.0.x
50002
TCP/UDP
View Agent (Virtual Desktop)
View Client
PCoIP (AES 128-bit encryption) Port 50002
View 4.0.x
50002
TCP/UDP
View Client
View Agent (Virtual Desktop)
PCoIP (AES 128-bit encryption) Port 50002
View 4.5.x
80/443
TCP
View Client
View Transfer Server
http(s) access by View Client with Local Mode
View 4.5.x
902
TCP
View Connection Server
ESX Host
View Client with Local Mode data is downloaded and uploaded through port 902. If you intend to use View Client with Local Mode, port 902 must be accessible to your ESX host
View 4.5.x
902
TCP
View Transfer Server
ESX Host
Publishing View Composer packages for Local Mode
View 4.5.x
4001
TCP
View Connection Server
View Transfer Server
Required by JMS for Local Mode
View 4.5.x
4172
TCP/UDP
View Agent (Virtual Desktop)
View Client
PCoIP (AES 128-bit encryption)
View 4.5.x
4172
TCP/UDP
View Client
View Agent (Virtual Desktop)
PCoIP (AES 128-bit encryption)