Archive for September, 2011

The 9/11 Post

September 10th, 2011

Snagit CaptureMy memory isn’t what it used to be but there are a few experiences in the past which remain clear in my mind.  The first time I met the person who would eventually become my wife. The birth of my daughter. The first time I saw VMware ESXi at a Minneapolis VMUG meeting.  September 10th, 2001 and of course what followed the next morning.  A lot of people have a 9/11 story.  I have mine.  Tomorrow being the 10 year anniversary, I’ll share it here as requested.

In 2001 I worked as a Systems Engineer for a large bank based out of Minneapolis, MN.  One of our datacenters was located in Columbia, MD which is situated between Baltimore, MD and Washington D.C.  We were re-IP’ing the datacenter the weekend before 9/11 so I had spent the prior week on site making the final preparations for the long weekend ahead which I would also be involved in.

As I recall, it was a pretty long weekend working around the clock.  Par for the course when we had to deal with the finicky attitude of Microsoft SQL Server clusters.  We got through it and Monday morning arrived.  I would usually stick around through mid day Monday for this type of activity to make sure we were out of the woods, then fly out in the afternoon or early evening.  There were no issues to speak of but I hung out with my Maryland co-workers until the last possible minute I had to leave for the airport.  This was my normal routine.  At this point in time there was no reason to arrive at the airport two hours early.  There weren’t security checkpoints & the associated lines to deal with.  However, I had cut it way too close this time and was going to miss my flight.  I didn’t know it at the time but arriving late and missing my flight would allow me a brush with fame opportunity.

Snagit CaptureAt this time it’s probably 5:30pm EDT.  I worked with the ticketing agent to find a later flight out.  Fortunately there was a later flight, I believe it was the last out of BWI.  I checked my bag and made my way to the gate for the long wait.  The portion of the airport where my gate existed was fairly empty.  I was doing the long walk thing to one of the last gates.  As I’m walking, a young guy who had gotten off a plane is walking towards me from the opposite direction.  From a distance he’s tall and has a baseball cap on.  As we passed each other, I got a closer look.  One thought immediately entered my mind as he was walking away “He looks like Travis Pastrana (a pro motocross Suzuki rider).”  The DUH moment followed “Travis and his parents live in Maryland.”  When you eat, sleep, and breathe motocross, you follow motocross and pro riders closely. You know these things.  I spun around and called out his first name “Travis!” from 20 feet away.  We talked for about a minute.  He was a nice guy and autographed a full spread poster of him performing a lazy boy contained in a motocross magazine I happened to be carrying in my laptop bag.  Then we went on our respective ways.  I called my wife (girlfriend at the time) and told her she’d never guess who I just met.  I spent the rest of the evening smiling.  I would always remember that particular day (but not necessarily the date September 10th itself), as one of the best days in my life.  The following day would be one of the worst.

Tuesday morning I woke up and drove to work in downtown Minneapolis.  As I waited at the intersection of 11 Street to turn right onto Hennepin Avenue, the frantic reports started coming in over the radio.  For me, that’s where I was when 9/11 happened – at that intersection making a right turn, trying not to believe what I’m hearing on the radio.  The details of that event are known by all and don’t need repeating here.  I had a difficult time grasping what had happened, how they could have happened.  I thought about how close I had been to one of the sites the night before.

The following weekend I loaded up the truck to race at Mazeppa.  There was such a poor turnout due to the week’s events that the races were cancelled and for those that stuck around, we just practiced the entire day.  A small and inconsequential example of how the events 9/11 would impact the future.  By the grace of God, I didn’t lose any of my own loved ones, friends, or co-workers but when I see the faces of the innocent people who lost their lives, I can’t help but feel a connection to each of them.  I’ve watched interviews of so many who suffered the loss of family members and I absolutely cannot comprehend how they dealt with it.  I pray that those who passed on and their family members who remain receive love and comfort from God.  It will be an emotional morning at church tomorrow as we join together in a special service of remembrance.

My daughter started kindergarten last week.  I also have a three year old boy.  In time they will learn about 9/11 and will inevitably talk about it and/or ask my wife and I questions about it.  I hope that it is the type of event they will only have to learn about through history books.  Tomorrow I’ll pray for peace and hope that my children and my children’s children can grow up in a better world.

On a creepy side note, for the first part of my tenure at the bank, each time I traveled to the Columbia site, a national level tragedy occurred:

  • Columbine High School tragedy – 4/20/99
  • 9/11 tragedy – 9/11/01
  • Space Shuttle Columbia tragedy – 2/1/03

I no longer work for the bank and as such, no longer travel to this site.

Add some color to your ESXi shell

September 7th, 2011

A few days ago I wrote a piece about Tech Support Mode in ESXi 5.0 for those who prefer to use it.  I’m going to compliment it a bit with a small trick which may appeal to your visual senses.  Since the dawn of ESX and ESXi, we’ve been working inside a Service Console and ESXi Shell respectively which defaults to an off-white foreground character set on a black background.  This can be changed in the following file using vi as the editor:

/etc/profile

By adding the line shown below, the default shell prompt can be modified.  For the purposes of this writing, the goal is not to change the prompt itself (although this is where you’d do it), but rather to change the color of the prompt.  Normally, only the color of the prompt would change and all text that followed would default back to the stock foreground color.  The trick is to modify the prompt so that the color-set sequence is modified, and is not closed – rather it is left open so that that the foreground color of the prompt bleeds into all of the text the follows it.  The mechanics behind it as well as common color codes are described here.  I like the color Cyan.

Snagit Capture

In the example above, I’ve added the following new line to /etc/profile:

PS1=’\[\e[1;96m\][\u@\h \W]\$\[\e[1;96m\] ‘

Bold High Intensity Cyan comes from the string 1;96m which you’ll see defined in two spots in the line which I added.  After saving /etc/profile and re-establishing the ESXi shell connection, the change takes effect:

Snagit Capture

I’m a little happier at the command line now and sometimes it is the little things that help get me through the day.

New View Client for iPad Sneak Peak at VMworld 2011

September 3rd, 2011

Wednesday night I bumped into VMware Product Manager Tedd Fox at the Palazzo pool side party. You may remember Tedd as the man behind the VMware View Client for iPad. He invited me to stop by the VMware EUC booth for a look at “something”.  The following day I met up with him at the booth.  He grabbed his second generation iPad, I rolled camera, and he showed me some never before seen footage of the next release of the VMware View Client for iPad expected to be released within the next few weeks to both iPad generations.

This particular release sports security minded features as well as enhancements to improve ease of use.  Following are some notes on what Ted talked about during the demo of his production environment:

  • Blurred thumbnails of previously opened desktop connections
  • Certificate checking
  • Three native levels of security: High, Medium, and Low
  • Embedded RSA Soft Token
  • The above keyboard toolbar has been modified to display most of the commonly used function and arrow keys above the keyboard instead of on a separate “floater” which consumed valuable display real estate
  • Plugging in the video out dongle converts the iPad into a Macbook pro sized trackpad and keyboard
  • Release expected within the next few weeks in the App Store
  • Will be compatible with Apple IOS 5
  • An Android version (minus presentation mode) will be made available at the same time, in addition to Cisco Cius

Following is a video capture of the demo and below that a static image of presentation mode trackpad and keyboard:

Tedd didn’t have video dongle at the time of the interview but he did follow up with an email showing what presentation mode trackpad and keyboard looks like on the iPad:

SnagIt Capture

I’d like to thank Tedd and VMware for their time and the exclusive demo.  As a gen 1 iPad owner who already has gotten a lot of mileage out of the View Client for iPad + View 4.6 and now 5.0 beta, I’m pretty excited about this release and future developments.  The iPad and other comparable tablets are convenient for conferences such as VMworld because of apps like the one Tedd develops.  Just Enough Device to access email, access my calendar and schedule, access my home lab remotely while in a VMworld session.

Tech Support Mode Warnings Revisited In vSphere 5

September 2nd, 2011

A few months ago I authored a blog post titled Tech Support mode Warnings.  It dealt with the yellow balloon warnings attached to a host object in vCenter when Local Tech Support Mode was enabled (as well as Remote Tech Support via SSH).

Without surprise, the warnings are back in vSphere 5, albeit with the warning messages slightly changed.

Configuration Issues

ESXi Shell for the host has been enabled

SSH for the host has been enabled

Snagit Capture

In the previous blog post, I referenced VMware’s KB article which stated there was no way to hide the messages while the offending configuration was in place.  That may have been the official stance but it certainly wasn’t the case from a technical standpoint as there are a few workarounds to suppress the messages.

VMware has shown us a little love in vSphere 5.  Both messages can be suppressed with a modification of an Advanced Setting on each host.  Even better, there is no reboot of the host or recycle of a service required.  In my testing, Maintenance Mode was also not required and could be performed with running VMs on the host.  Although if you’re wondering if this is going to be safe to perform in a running production environment, be sure to take a step back and consider not only the immediate impact of the task, but also the longer term impact of the change because by this point you’ve already enabled or you’re thinking of enabling the Local ESXi Shell and/or remote SSH via the network.  Reference your security plan or hardening guidelines before proceeding.

Following is the tweak to suppress the warnings which I found in VMware KB 2003637:

Snagit Capture

Again, this is performed for each host during the time that it is built or after it is deployed.  In the figure above, the change is made via the vSphere Client, but it can also be scripted via command line with esxcfg-advcfg.

Somewhat related, in the same yellow balloon area you may also see a host warning message which states “This host currently has no management network redundancy” as shown below:

Snagit Capture

In production environment, you’ll want to resolve the issue by adding network redundancy for the Management Network.  However, in a lab or test environment, a single Management Network uplink may be acceptable but nonetheless you want the warning messages to disappear.  This warning is squelched by configuring an HA Advanced Option:  das.ignoreRedundantNetWarning with a value of true as shown below.  After that step is completed, Reconfigure for vSphere HA on the host and the warning will disappear.  Reconfigure for HA step will need to be applied separately for each host with a non-redundant Management Network configuration.

Snagit Capture

Update 9/5/11: Duncan Epping also has also written on this subject back in July. Be sure to bookmark his blog, subscribe to his RSS feed, and follow him on Twitter.  He is a nice guy and very approachable.

Update 10/15/12: Added section for “No Management Network Redundancy” which I should have included to begin with.