VMware vCenter 6/6.5: Creating Host Profiles

This post describes how to perform the basic task of creating a host profile.
Description of Hos Profiles:

VMware Host Profiles are available through VMware vCenter Server and enable you to establish standard configurations for VMware ESXi hosts and to automate compliance to these configurations, simplifying operational management of large-scale environments and reducing errors caused by mis-configurations.

Prerequisites:

  1. You need to have a vSphere installation
  2. You need to have admin rights
  3. You need a configured ESXi host that acts as the reference model

Steps:

  1. In vCenter Navigate to the Host profiles view
  2. Click the Extract profile from a host icon
  3. Select the host that will act as the reference model host and click Next
  4. Enter the name and  a description for the new profile and click Next
  5. Review the summary information for the new profile and click Finish
  6. The new profile will appear in the profile list

Video:

Done!

PowerShell: Unlock Active Directory Users Account

Use:

 

  • Listing account lockouts in Active Directory
  • Unlocking locked out accounts

# Open PowerShell or PowerShell ISE with an account with rights to unlock accounts
# Import the Actice Directory Module to PowerShell
#
Import-Module ActiveDirectory
#
# Run the Search-ADAccount command to search for accounts that are locked out
# Accounts locked out will be displayed
#
Search-ADAccount -LockedOut
#
#
# To unlock multiple {All} accounts the following command can be used
Search-ADAccount -LockedOut | Unlock-ADAccount
#

This could be useful if you wanted to somehow send an email to a ticket system so that you log and create IT tickets of account lockouts. A good way for your IT staff to track those types of activities that they do spend time on.

 

VMware / vCenter: Terms, Acronyms, Glossary {Tag your IT}

Recently I have taken, failed later taken and passed my VMware 2V0–620 – vSphere 6 Foundations Exam and passed. I am now in the process of practicing and studying for proctored exam(s) for the VMware Certified Professional 6 – Data Center Virtualization Certificate.

With that there are many terms, acronyms, and Glossary items I will need to remember.
I am adding a list of terms and will expand on them as I come across new ones.

 

VM: Virtual Machine – a software computer that, like a physical computer, runs an operating system and applications. https://pubs.vmware.com/vsphere-50/topic/com.vmware.vsphere.vm_admin.doc_50/GUID-CEFF6D89-8C19-4143-8C26-4B6D6734D2CB.html

ESXi: The vSphere Hypervisor from VMware (formerly ESX) is an enterprise-class, type-1 hypervisor.

VMFS: Virtual Machine File System for ESXi hosts, a clustered file system for running VMs

DCUI: Direct Console User Interface

iSCSI: Ethernet-based shared storage protocol.

SAS: Drive type for local disks (also SATA).

FCoE: Fibre Channel over Ethernet, a networking and storage technology.

HBA: Host Bus Adapter for Fibre Channel storage networks.

LUN: Logical unit number, identifies shared storage (Fibre Channel/iSCSI).

IOPs: Input/Outputs per second, detailed measurement of a drive’s performance.

pRDM: Physical mode raw device mapping, presents a LUN directly to a VM.

vRDM: Virtual mode raw device mapping, encapsulates a path to a LUN specifically for one VM in a VMDK.

SAN: Storage area network, a shared storage technique for block protocols (Fibre Channel/iSCSI).

NAS: Network attached storage, a shared storage technique for file protocols (NFS).

NFS: Network file system, a file-based storage protocol.

DAS: Direct attached storage, disk devices in a host directly.

VAAI: vStorage APIs for Array Integration, the ability to offload I/O commands to the disk array.

SSD: Solid state disk, a non-rotational drive that is faster than rotating drives.

VM Snapshot: A point-in-time representation of a VM.

ALUA: Asymmetrical logical unit access, a storage array feature. Duncan Epping explains it well.

VMX: VM configuration file.

VMEM: The page file of the guest VM.

NVRAM: A VM file storing the state of the VM BIOS.

VMDK: The virtual machine disk format, containing the operating system of the VM. VMware’s virtual disk format.

VMSN: Snapshot state file of the running VM.

VMSD: VM file for storing information and metadata about snapshots.

VMSS: VM file for storing suspended state.

VMTM: VM file containing team data.

VMXF: Supplemental configuration file for when VMs are used in a team.

Quiesce: The act of quieting (pausing running processes) a VM, usually through VMware Tools.

NUMA: Non-uniform memory access, when multiple processors are involved their memory access is relative to their location.

Virtual NUMA: Virtualizes NUMA with VMware hardware version 8 VMs.

VSAN: Virtual SAN, a new VMware announcement for making DAS deliver SAN features in a virtualized manner.

vSwitch: A virtual switch, places VMs on a physical network.

vDS: vNetwork Distributed Switch, an enhanced version of the virtual switch.

ISO: Image file, taken from ISO 9660file system for optical drives.

vSphere Client: Administrative interface of vCenter Server.

vSphere Web Client: Web-based administrative interface of vCenter Server.

Host Profiles: Feature to deploy a pre-determined configuration to an ESXi host.

Auto Deploy: Technique to automatically install ESXi to a host.

VUM: vSphere Update Manager, a way to update hosts and VMs with latest patches, VMware Tools and product updates.

vCLI: vSphere Command Line Interface, allows tasks to be run against hosts and vCenter Server.

vSphere HA: High Availability, will restart a VM on another host if it fails.

vCenter Server Heartbeat: Will keep the vCenter Server available in the event a host fails which is running vCenter.

Virtual Appliance: A pre-packed VM with an application on it.

vCenter Server: Server application that runs vSphere.

vCSA: Virtual appliance edition of vCenter Server.

vCloud Director: Application to pool vCenter environments and enable self-deployment of VMs.

vCloud Automation Center: IT service delivery through policy and portals, get familiar with vCAC.

VADP: vSphere APIs for Data Protection, a way to leverage the infrastructure for backups.

MOB: Managed Object Reference, a technique vCenter uses to classify every item.

DNS: Domain Name Service, a name resolution protocol. Not related to VMware, but it is imperative you set DNS up correctly to virtualize with vSphere.

vSphere: Collection of VMs, ESXi hosts, and vCenter Server.

vCenter Linked Mode: A way of pooling vCenter Servers, typically across geographies.

vMotion: A VM migration technique.

Storage vMotion: A VM storage migration technique from one datastore to another.

vSphere DRS: Distributed Resource Scheduler, service that manages performance of VMs.

vSphere SDRS: Storage DRS, manages free space and datastore latency for VMs in pools.

Storage DRS Cluster: A collection SDRS objects (volumes, VMs, configuration).

Shares: Numerical value representing the relative priority of a VM.

Datastore: A disk resource where VMs can run.

vSphere Fault Tolerance: An availability technique to run the networking, memory and CPU of a VM on two hosts to accommodate one host failure.

DPM: Distributed Power Management, a way to shut down ESXi hosts when they are not being used and turn them back on when needed.

vShield Zones: A firewall for vSphere VMs.

vCenter Orchestrator: An automation technique for vCloud environments.

OVF: Standards based format for delivering virtual appliances.

OVA: Packaging of OVF, usually as a URL to download the actual OVF from a source Internet site. Read more here.

VMware Tools: A set of drivers for VMs to work correctly on synthetic hardware devices. Read more on VMware Tools.

vSphere Licensing: Different features are available as the licensing level increases, from free ESXi to Enterprise Plus.

vCloud Suite: The collection of technologies to deliver the VMware Software Defined Data Center.

VMware Compatibility Matrix: List of supported storage, servers, and more for VMware technologies. Bookmark this page!

vSphere role: A permissions construct assigned to users or groups.

Configuration Maximums: Guidelines of how big a VM can be; see the newest for vSphere 5.5.

Transparent page sharing: A memory management technique; eliminates duplicate blocks in host memory.

Memory compression: A memory management technique; applies a compressor to active memory blocks on the host.

Balloon driver: A memory management technique; reclaims guest VM memory via VMware Tools.

Hypervisor swap: A memory management technique; puts guest VM memory to disk on the host.

Hot-add: A feature to add a device to a VM while it is running, such as a VMDK.

Dynamic grow: A feature to increase the size of VMDK while the VM is running.

CPU Ready: The percentage of time that the VM is ready to get a CPU cycle (higher number is bad).

Nested hypervisor: The ability to run ESXi as a VM either on ESXi, VMware Workstation, or VMware Fusion.

Virtual hardware version: A revision of a VM that aligns to its compatibility. vSphere 5.5 is hardware version 10, for example.

Maintenance mode: An administration technique where a host evacuates it’s running and powered off VMs safely before changes are made.

vApp: An organizational construct combining one or more VMs.

Cluster: A collection of hosts in a vSphere data center.

Resource pool: A performance management technique, has DRS rules applied to it and contains one or more VMs, vApps, etc.

vSphere folder: An organizational construct, a great way to administer permissions and roles on VMs.

Datacenter: Parent object of the vSphere Cluster.

vCloud Networking and Security: Part of the vCloud Suite; provides basic networking and security functionality.

vCenter Site Recovery Manager: An automated solution to prepare for a site failover event for the entire vSphere environment.

NSX: New technology virtualizing the network layer for VMware environments. Read more here.

VDI: Virtual desktop infrastructure, also called DaaS (Desktop as a Service) from Horizon View; run as ESXi VMs and with vSphere.

VXLAN: VMs with a logical network across different networks.

vCenter Configuration Manager: Part of vCloud Suite that automates configuration and compliance for multiple platforms.

vCenter Single Sign on: Authentication construct between components of the vCloud Suite.

VM-VM affinity: Sets rules so two VMs should run on the same ESXi host or stay separated.

Storage I/O Control: I/O prioritization for VMs.

NIOC: vSphere Network I/O Control – Enabled by default network I/O control is enabled, distributed switch traffic is divided into the following predefined network resource pools: Fault Tolerance traffic, iSCSI traffic, vMotion traffic, management traffic, vSphere Replication (VR) traffic, NFS traffic, and virtual machine traffic.

 

 

 

PowerCLI: HowTo Remove Floppy Drive From {All} Powered Off VM`s

The following simple script will iterate though your vCenter environment and remove the floppy disk from VMware guest machines that are in a powered off state.

Script text: I used Windows PowerShell ISE

Set-ExecutionPolicy RemoteSigned #may require running as administrator
Import-Module VMware.VimAutomation.Core
Connect-VIServer -Server ‘your.server.here’

$off = Get-VM | where {$_.powerstate -eq “PoweredOff”}
$floppy = Get-FloppyDrive -VM $off
Remove-FloppyDrive -Floppy $floppy -Confirm:$false

Purpose:

The purpose of removing the floppy is to remove potential attack channels to the guest VM itself. It has also been noted that removing such devices will save kernel resources.

Ref: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-600D24C8-0F77-4D96-B273-A30F256B29D4.html

 

Introducing Power BI Report Server for on-premises Power BI report publishing | SQL Server Reporting Services Team Blog

https://blogs.msdn.microsoft.com/sqlrsteamblog/2017/05/03/introducing-power-bi-report-server-for-on-premises-power-bi-report-publishing/

Maintaining Professionalism At Work

Summary: Few qualities are as key as professionalism. The consummate business professional combines the right attitude, competence, and awareness of image and etiquette. Moreover, professionalism does not stop when you leave the office. Professionals lead by example whether they are at a meeting or a business social event. Upholding business professionalism is fundamental to making others feel comfortable doing business with you.

 

Tips To Maintaining Business Professionalism:

1. Portray A Professional Image – The majority of companies in the U.S. enforce a mandatory dress code; therefore, it is your responsibility to adhere to these requirements, even if it is not discussed during orientation. Although dress codes will vary from organization to organization, most corporate dress codes prohibit shorts or excessively tight clothing.

Always be aware of what is appropriate for the industry and situation. For example, a construction supervisor might meet with a client while wearing jeans and a flannel shirt; however, an entry-level office worker who wears the same clothing would not be considered appropriate. To get an idea of what is acceptable, observe the leaders at your company and follow their example.

2. Embody Professional Qualities ¬- Much like a dress code, standards of business professionalism can vary by industry and company. Nevertheless, the core values of professionalism exist in every industry. Companies are always in search of employees that embody the following qualities: integrity, credibility, pride, promptness, accountability, and competence. Additionally, lauded professionals are excellent communicators who are eager to learn and elevate the work of others.

3. Remember: You Are Always “On” ¬- Never forget that when
you interact with others in and out of the office, you are always on “camera”. Your reactions to challenges, pressure, and stressful situations are always being judged. Regardless of the setting, always consider the consequences of your actions. Remain aware of your behavior even in casual venues, such as holiday parties (especially those involving alcohol) and networking events.

4. The Three Aspects of Professionalism – Numerous variables come together to define “professionalism.” We have distilled the many facets of professionalism into three key areas that you and your team should always reflect on.

Interpersonal Skills – Your interaction with contacts, coworkers, clients, vendors, supervisors, and subordinates sets the tone. Treating these people with respect and consideration is crucial.
Attitude – Always maintain a positive and forward-thinking attitude. Be friendly to others and avoid getting too low when things don’t work out how you expected. Remember, your body language reveals a lot and should radiate confidence and openness, without hostility or aggression.
Leadership – A strong leader is one that unites a team and creates synergy between staff. Leaders that instill value, quality and integrity in their employees are responsible for setting the bar on what is considered professional. Additionally, you want to help your team bring solutions to the table; not complaints. Take the initiative by being a leader.

*Credit* – Dale Carnegie

Restore of Checkpoint Fails with “The following hotfixes seem to be missing”

Ran into a slight snag when attempting to restore a production backup into a VM(*VMware*) image of Checkpoint R77.30. I was using the Gaia WebUI to restore image returns a message: “The following hotfixes seem to be missing”.

The message points me to a log file located under /tmp/ which indicates missing updates to the firewall I am restoring to. To get around this the following steps were taken.

 

  1. Log into the Checkpoint firewall via SSH to access the console (You could also console in  (i’m using a vm so the terminal would work also).
  2. Enter ‘Expert’ mode (password required.)
  3. The the command: dbset backup:override_hfs t’ from  the expert mode.
  4. Go back into Gain WebUI and attempt the restore of the backup.

Wait … Wait… The system will reboot and the configuration will be restored.

All done.

Cause of this issue was the backup file was taken from a system which had a version different from the system I was restoring into. In some cases, this message can be safely ignored and the restore can be performed without incident.

Please take time to review your configuration after you restore.

Rest in Eternal Peace, Dad – Robert Michael Troiano, 73

Eternal rest, grant unto him O Lord and let perpetual light shine upon him.

Robert Michael Troiano, 73, of Jersey City, Middletown New Jersey and in this final years in life Danville Virginia, died Thursday, March 9, 2017.

A Retired United States Air Force Veteran and Newark, New Jersey High School Teacher.
Robert leaves his loving wife and best friend Pamela, four children (Robyn, Michael, Jermal, Cornell), 10 grandchildren, 2 great grandchildren.

Final Resting Place – Virginia Veterans Cemetery at Amelia
10300 Pridesville Road
Amelia, VA 23002

I shall forever be grateful for the opportunities in life you allowed for me to have. It is truly evident that without you, I may have not become the man I am today. For this I will forever be in your gratitude. Although I was not of your blood, you accepted me as your son. I humbly thank you.

Your work ethic and passions for learning has been a driving force in my life always. You taught me how men should be men and step up and in when called upon. Most importantly how to love through actions and not just words.

I’m not one for goodbyes – Its why you often if not always hear me say see / talk to you later.
I truly believe that one day GOD will bring us back to one another in time.

Today I see my ‘step-father’ and the man whom has been my father/dad for the majority of my life on this earth. I have leaned many things, both positive and negative from this man which has made me a strong willed man over the years.

I never truly had the chance to thank him for all he’s done, but I know in my heart, he knows. Bob (Robert) / Dad, I love you and will forever miss you. Rest in peace, the pain you once felt is no more, and you are on your way to the kingdom we all shall enter at some point. – Love, Your Son – Jermal

You will be remembered always.

Sleep well dad until we once again are re-untied

 

 

Going Vegan for 30 Days – Part 1

 

Hey friends,

Here I am, making my very own attempt choice to try do new things while learn something about myself and others via what we all love… Food! This is not some new short lived diet that I am attempting. Its a peek into a lifestyle that many others, and a few friends live.

Today it technical the 2nd day for me… Not bad as I have been preparing myself for over a year now. This is now my commitment for the next 30 days.

With that I will leave myself the following note.

Jermal: Things you can’t eat –

  • Butter or cream
  • Eggs
  • Cheese from cows or goats
  • Milk from cows or goats
  • Meat, poultry, lamb, or beef
  • Fish, shellfish, shrimp, or lobster
  • Gelatin
  • Honey (this one is going to be hard; I love honey in my tea)
  • Anything that poops

Jermal: Things you can and should eat –

  • All fruits
  • All vegetables
  • All herbs and spices
  • Beans
  • Soy-based protein like tofu and tempeh
  • Grains
  • Pasta (that’s not made from eggs)
  • Olive oil

Admittedly I will need help from some of you in the community, so please comment and help me with some tips / advice. I have already singed up for PETA’s vegan starter kit! Time to pull in the other resources I’ve booked marked over the year

More to come.

News: Amazon AWS S3 Outage

Ouch for our friends over at Amazon. It would seem S3 services are down which has a massive ripple effect across the landscape of many companies that are relying on the storage system.

As you may know Amazon S3 (Simple Storage Service) is a web service offered by Amazon Web Services. Amazon S3 provides storage through web services interfaces (REST, SOAP, and BitTorrent).

Amazon released a statement:  

“We’ve identified the issue as high error rates with S3 in US-EAST-1,” which “is also impacting applications and services dependent on S3. We are actively working on remediating the issue.”

Checking the status page: https://status.aws.amazon.com/  there is notice of Increased Error Rates in the system.

And as a bit of irony, I attempted to use a one of my favorite sites Down Detector (http://www.isitdownrightnow.com) to see the status of other sites and “wow, its down also”

This now historic issue has affecting many services.  Services such as:

Adobe’s services, Amazon’s Twitch, Atlassian’s Bitbucket and HipChat, Buffer, Business Insider, Carto, Chef, Citrix, Codecademy, Coindesk, Convo, Coursera, Cracked, Docker, Expedia, Expensify, FanDuel, FiftyThree, Flipboard, Giphy, GitLab, Greenhouse, Heroku, Home Chef, iFixit, IFTTT, Imgur, Ionic, isitdownrightnow.com, Jamf, JSTOR, Lonely Planet, Mailchimp, Medium, MuckRock, New Relic, News Corp, Pantheon, Quora, Razer, Signal, Slack, Sprout Social, StatusPage (which Atlassian recently acquired), Travis CI, Trello, Twilio, Unbounce, the U.S. Securities and Exchange Commission (SEC), VSCO, and Zendesk,

Notably other services are affected but seem to be working.  Snapchat services. Pluralsight‏, Airbnb, Down Detector, Freshdesk, Pinterest, SendGrid, and Time Inc.

Apple is acknowledging issues with its App Stores, Apple Music, FaceTime, iCloud services, iTunes, Photos, and other services on its status page: https://www.apple.com/support/systemstatus/

 

And.. Status updates from the AWS Teams:

[RESOLVED] Increased Error Rates for Amazon S3

Update at 2:08 PM PST: As of 1:49 PM PST, we are fully recovered for operations for adding new objects in S3, which was our last operation showing a high error rate. The Amazon S3 service is operating normally.

Update at 1:12 PM PST: S3 object retrieval, listing and deletion are fully recovered now. We are still working to recover normal operations for adding new objects to S3.

Update at 12:52 PM PST: We are seeing recovery for S3 object retrievals, listing and deletions. We continue to work on recovery for adding new objects to S3 and expect to start seeing improved error rates within the hour.

Update at 11:35 AM PST: We have now repaired the ability to update the service health dashboard. The service updates are below. We continue to experience high error rates with S3 in US-EAST-1, which is impacting various AWS services. We are working hard at repairing S3, believe we understand root cause, and are working on implementing what we believe will remediate the issue.