StarWind and Cirrus Tech Partner to Deliver Cutting Edge Technologies to the Cloud Computing Market

August 12th, 2012 by jason No comments »

Press Release

StarWind Solutions Become Available Through a Leading Canadian Web Hosting Company

Burlington, MA – 6 August 2012StarWind Software Inc., an innovative provider of storage virtualization software and VM backup technology, announced today a new partnership agreement with Cirrus Tech Ltd., a Canadian web hosting company specializing in VPS, VM and cloud hosting services. Companies collaborate to deliver best-in-breed Cloud services that help customers accelerate their businesses.

According to the agreement, Cirrus Tech extends its portfolio with StarWind storage virtualization software and will offer it to their customers as a dedicated storage platform that delivers a highly available and high performance scalable storage infrastructure that is capable of supporting heterogeneous server environments; as Cloud storage for private clouds as well as a robust solution for building Disaster Recovery (DR) plans.

StarWind SAN solutions deliver a wide variety of enterprise-class features, such as High Availability (HA), Synchronous Data Mirroring, Remote Asynchronous Replication, CDP/Snapshots, Thin Provisioning, Global Deduplication, etc., that make the stored data highly available, simplify storage management, and ensure business continuity and disaster recovery.

“Companies are increasingly turning to cloud services to gain efficiencies and respond faster to today’s changing business requirements.” said Artem Berman, Chief Executive Officer of StarWind Software, Inc. “We are pleased to combine our forces with Cirrus Tech in order to deliver our customers a wide range of innovative cloud services that will help their transition to a flexible and efficient shared IT infrastructure.”

“Every business needs to consider what would happen in the event of a disaster,” shares Cirrus CEO Ehsan Mirdamadi. “By bringing StarWind’s SAN solution to our customers, we are helping them to ease the burden of disaster recovery planning by offering powerful and affordable storage options. You never want to think of the worst, but when it comes to your sensitive data and business critical web operations, it’s always better to be safe than sorry. Being safe just got that much easier for Cirrus customers.”

To find out more about Cirrus’ web hosting services visit http://www.cirrushosting.com or call 1.877.624.7787.
For more information about StarWind, visit www.starwindsoftware.com

About Cirrus Hosting
Cirrus Tech Ltd. has been a leader in providing affordable, dependable VHS and VPS hosting services in Canada since 1999. They have hosted and supported hundreds of thousands of websites and applications for Canadian businesses and clients around the world. As a BBB member with an A+ rating, Cirrus Tech is a top-notch Canadian web hosting company with professional support, rigorous reliability and easily upgradable VPS solutions that grow right alongside your business. Their Canadian data center is at 151 Front Street in Toronto.

About StarWind Software Inc.
StarWind Software is a global leader in storage management and SAN software for small and midsize companies. StarWind’s flagship product is SAN software that turns any industry-standard Windows Server into a fault-tolerant, fail-safe iSCSI SAN. StarWind iSCSI SAN is qualified for use with VMware, Hyper-V, XenServer and Linux and Unix environments. StarWind Software focuses on providing small and midsize companies with affordable, highly availability storage technology which previously was only available in high-end storage hardware. Advanced enterprise-class features in StarWind include Automated HA Storage Node Failover and Failback (High Availability), Replication across a WAN, CDP and Snapshots, Thin Provisioning and Virtual Tape management.

Since 2003, StarWind has pioneered the iSCSI SAN software industry and is the solution of choice for over 30,000 customers worldwide in more than 100 countries and from small and midsize companies to governments and Fortune 1000 companies.

For more information on StarWind Software Inc., visit: www.starwindsoftware.com

View 5.1 Upgrade Experience. Composer, Permissions, and SSL – Oh My!

August 8th, 2012 by jason No comments »

The other night I upgraded the VMware View 5.0.1 environment in the lab to 5.1 which was released on May 16th.  Normally when I upgrade the View environment, I don’t actually perform an inline upgrade of the Connection Server or database.  The environment is small enough that I can flatten it and rebuild fresh from scratch (including brand new VMs for the infrastructure components such as the Connection Server) for each new version VMware releases.  Due to VMware’s aggressive release schedule, I also embed the production version in the infrastructure server name which helps me keep track of where things are at in the lab.  Thus, with each new release, I’m building new infrastructure VMs with updated names, rather than recycling the previous infrastructure VMs, renaming them, remove/re-add to the domain, and even then I’m left with a VM name which doesn’t match the name on the datastore folder.  Pushing the reset button and starting fresh obliterates any bad DNA or cooties the previous environment might have had and it gives me a little extra peace of mind when I sleep at night.

I was running a little short on time so for this round I decided to perform an inline upgrade to 5.1 rather than going through the normal rebuild routine.  After all, most production environments don’t have the luxury of starting over so now was as good a time as ever to test the upgrade process of View in the lab.  Again – a fairly simple setup: a Connection Server, View Composer 2.7 installed on the vCenter Server which for the first time in many releases will be upgraded to 3.0, back end databases on an external SQL server, and 3 small pools.

The View Connection Server upgrade went as planned. No issues to speak of there (yet).  However, I did struggle with the View Composer upgrade.  The first run through uninstalled View Composer and failed with an error which I wasn’t quick enough to capture.  I re-ran through the Composer installation and it failed again with the same error:

The wizard was interrupted before VMware View Composer could be completely installed.

While I was perfrming some troubleshooting, a couple of gracious folks on Twitter by the name of Diego Quintana and Tim Washburn (@daquintana and @mittim12 respectively) pointed out VMware KB article 2017773 Installing or upgrading View Composer fails with error: The wizard was interrupted before VMware View Composer could be completely installed which resolved my issue.  The previous View Composer installation had placed one or more keys in the directory C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ which my user account no longer had NTFS permissions to.  The resolution was to simply relax the NTFS permissions both on the MachineKeys folder as well as the files inside of the folder for good measure.

I thought I was out of the woods, but not quite yet.  SSL certificate issues followed.

Snagit Capture

VMware made some new changes with regards to SSL in View 5.1 which are documented at <View installation drive letter>:\Program Files\VMware\VMware View\Server\README.rtf

Copied and pasted verbatim, the release notes are:

Read These Notes!  Your View 5.1 Setup Will Be Easier!

You can read these notes in your language:
Français    Deutsch     简体中文     日本語     한국어

We made changes in View 5.1 that require you to configure View components a little differently than in the past.  These notes will help you to avoid potential pitfalls when you install or upgrade to View 5.1.

1)  You cannot downgrade View 5.1 Connection Server to previous versions.

In View 5.1, the View LDAP configuration is encrypted and cannot be used by earlier versions of View.

  • After you upgrade a View Connection Server instance to View 5.1, you cannot downgrade that instance to an earlier version.
  • After you upgrade all View Connection Server instances in a replicated group, you cannot add another instance that runs an earlier version of View.

Note: Downgrading was never supported, but in past releases it worked.  Now it won’t work.

2)  vCenter Server and View Composer hosts need valid SSL certificates.

  • Best choice: Ensure your vCenter Server and View Composer have Certificate Authority (CA)-provided certificates:

o  Install an SSL certificate, signed by a CA, on the Windows Server on which vCenter Server is installed.

o  Do the same for View Composer. If you install View Composer and vCenter Server on the same host, they can use the same certificate, but you must configure the certificate separately for each component.

* If you install the certificate before you install View Composer, you can select your certificate during the View Composer installation.

* If you replace the default certificate later, run the SviConfig ReplaceCertificate command to bind the new certificate to the port used by View Composer.

o  Make sure the CA for the new certificates, and any parent CAs, are trusted by each Windows server on which a View Connection Server instance is installed.

  • Alternative: After you add vCenter Server and View Composer to View, accept the thumbprint of the default certificate for View Composer by clicking Verify in View Administrator.  Do the same for vCenter Server.

More information: See “Configuring SSL Certificates for View Servers” in the View Installation guide.

3)  Security server and View Connection Server hosts need valid SSL certificates.

  • Best choice: After you install a View Connection Server instance or security server on a Windows Server host, open the Windows Server certificate store and take these steps:

o  Import an SSL certificate that is signed by a CA and that your clients can validate.

o  Make sure that the entire certificate chain, including intermediate certificates and root certificate, are installed.

o  Make sure the certificate has a private key, and mark the key as exportable.

o  Configure the certificate Friendly Name as vdm.

  • Alternative: Let the View server installer create a default certificate in the Windows Server certificate store. The certificate is self-signed and will be shown as invalid in View Administrator.
  • Upgrading to View 5.1: If your original View servers already have SSL certificates signed by a CA, you don’t have to do anything.  During the upgrade, View imports your certificates into the Windows Server certificate store.

If your original View servers have default certificates, upgrade your View servers and follow the Best choice steps shown above.

More information: See “Configuring SSL Certificates for View Servers” in the View Installation guide.

4)  Certificates for vCenter Server, View Composer, and View servers must include certificate revocation lists (CRLs).

View will not validate a certificate without a CRL.

  • Best Choice: lf needed, take these steps:

o  Add a CRL to your certificate.

o  Import the updated certificate into the Windows certificate store on the vCenter Server, View Composer, and View server host.

  • Alternative: Change the registry settings that control CRL checking.

More information: “Configuring Certificate Revocation Checking on Server Certificates” in the View Installation guide.

5)  Windows Firewall with Advanced Security must be enabled on Security Server and View Connection Server hosts. 

By default, IPsec rules govern connections between the View security server and View Connection Server and require Windows Firewall with Advanced Security to be enabled.

  • Best choice: Set Windows Firewall with Advanced Security to on before you install the View servers. Make sure it’s on for any active profiles; better still, set it to on for all profiles.
  • Alternative: Before you install security servers, open View Administrator and disable the Global Setting, Use IPsec for Security Server Connections, by setting it to no. (This is not recommended.)

6)  Back-end firewalls must be set up to support IPsec.

If you have a back-end firewall between security servers and View Connection Server instances, you must configure firewall rules to allow the connections to work.

More information: See “Configuring a Back-End Firewall to Support IPsec ” in the View Installation guide.

7)  View Clients must use HTTPS to connect to View.

View Connection Server instances and security servers use SSL for client connections.

  • If View clients connect via an SSL off-loading intermediate device, you must install the intermediate device’s SSL certificate on View Connection Server or security server.
  • The connection must be HTTPS whether or not a View client connects via an intermediate device such as a load balancer. If you use an intermediate device, and you want the connection between the intermediate device and View server to be over HTTP (SSL off-loading), configure the locked.properties file on the View server.
  • Older View clients that can choose not to use HTTPS will get an error if users select HTTP. Previously they were silently redirected to HTTPS. Clients that cannot make SSL connections will be unable to connect to View.

More information: See “Off-loading SSL Connections to Intermediate Servers” in the View Administration guide.

8)  Encrypted and cleansed View backups require new restore steps.

By default, View 5.1 backups are encrypted. You can also cleanse View backups (exclude passwords and other sensitive information from the backup data) or back up in plain text (not recommended).

  • To restore an encrypted backup, you must decrypt the data first. You must use the data recovery password that you provided when you installed View Connection Server.
  • Do not restore cleansed backups. Data such as passwords will be missing from your View LDAP configuration. View components will not function properly without this data. To restore normal functionality, you will have to use View Administrator to manually reset all passwords and other missing data items.

More information: See “Backing Up and Restoring View Configuration Data” in the View Administration guide.

9)  Before you can upgrade or reinstall a View 5.1 security server, you must remove the relevant IPsec rules from the paired View Connection Server instance so that fresh rules can be established.

  • In View Administrator, select the security server and click More Commands > Prepare for Upgrade or Reinstallation.

Note: You don’t need to remove a security server from View before you upgrade or reinstall the server.

More information: See “Prepare to Upgrade or Reinstall a Security Server” in the View Installation guide.

Ok, so basically VMware is pushing for the use of SSL certificates from a trusted CA whether that be externally (VeriSign, etc.) or internally (Microsoft Certificate Services) generated.  For the time being, I have ditched my internal Microsoft CA and wish to continue using the self signed certificates shipped and installed by View.  To do so, as explained in the README above, one must visit the System Health in the View Administrator Dashboard and verify the certificates for the vCenter Server as well as the View Composer Server (each will be seen in a red status in the dashboard).  The Connection Server certificate cannot be verified and will remain in a red status however from this point forward both the View Connection Server and View Composer will function normally.

Upgrading the View Agents and recomposing the pools was a non-issue and the upgrade was completed successfully.  After all is said and done, the environment is working and the upgrade was successful.  View 5.0.1 Clients have no problem connecting to the new 5.1 environment; I’ll get the clients upgraded in the near future and I’ll consider resurrecting the lab CA to generate trusted SSL certificates.

VCDXs To Recieve New Storage Book

July 25th, 2012 by jason No comments »

Snagit Capture

Last fall at the VMworld book store in Las Vegas, I picked up sample chapter 6 ALUA from Mostafa Khalil‘s (@MostafaVMW) upcoming book “Storage Design and Implementation in vSphere 5.0“.  The level of detail looked fantastic and I could hardly wait for the rest of the book to be released.

Fast forward to a month ago, nearing completion I joked with Mostafa that perhaps VCDXs could receive a copy of his new book. Mostafa gracefully accepted the challenge and delivered the good news tonight that he has arranged with VMware Press for all current VCDXs to receive a free copy of his book via e-copy or print.

What Mostafa has done is extremely generous and I’m really looking forward to receiving a copy of his new storage book once it is released (which should be very soon) so that I can read the rest.

The Newest Mayor of VCAP5-DCD & VCDX5

July 19th, 2012 by jason No comments »

Last February at VMware Partner Exchange (PEX), I sat the VCAP5-DCD BETA exam.  I detailed that experience here.  The exam consisted of 130 questions to be answered in 225 minutes.  I squandered a lot of time in deep thought on some questions and also spent time providing feedback on many of the questions.  I was fairly comfortable with the content but based on the time I spent on each question, I came up 30 or 40 questions short of being answered.  Pass/Fail results came in late April with a detailed exam report in July.  I didn’t pass the BETA exam but I was surprised how close I came to passing despite the large number of questions I didn’t get to.  Oh well, the beta exam cost was marked down 50% and worth a shot.

This afternoon I exercised the free retake voucher (thank you VMware certification department, and I do sincerely mean that despite the sharp criticism I’ve had no moral issues in sharing.)  I’ll be honest, not passing the beta exam initially only bothered me in that I’d have to wait for it to GA and sit through it again.  But as the weeks and months passed, coupled with the VCA4-DT failure by a close margin last winter, I was starting to question my abilities in a market I’ve dedicated my career to.

For me, the key to passing the VCAP5-DCD exam was simply better time management.  I recognize over the past few years I’ve slipped into the habit of being more methodical and spending too much time on each exam question.  While being careful and meticulous in the real world can be considered a positive attribute, there’s just no room for it on the VMware VCAP exams. The publicly available VCAP5-DCD exam consists of 100 questions and 225 minutes.  That averages out to be 2m 15s allowed to answer each question.  But that’s not the reality.  At the beginning of the exam, a general exam tip is given that a number of the questions in the exam are the design tool type and that 1h 15m should be allotted to answer these questions.

My new exam approach:

I need to create time in the exam room.  There are a few ways I’m going to accomplish this:

  1. For answers that I’m quite confident in, mark the correct answers and move on immediately, especially on the valuable short reading questions which can be knocked out in 30 seconds.  There is absolutely no sense in wasting valuable time debating what I already know to be the best answer.
  2. For obscure questions which frankly I have no real clue what the correct answer is (and there definitely were a few of these types), quickly choose what looks to be the best answer and move on immediately.  There is absolutely no sense in wasting valuable time debating an answer which will never come to me in this exam’s lifetime.  There were some bizarre questions on today’s exam which were not worth fighting over.  Cut your losses and move on in the interest of time.
  3. When a design tool question pops, immediately flag it for review and move on to the next question.  I want to get through the lion’s share of the questions and save the “time sync” questions for the end, whether I have enough time left get through them all or not.  This approach actually works well – I think using the design tool in end-to-end consecutive questions yields more design tool use efficiency rather than dealing with the design tool in sparse frequency.  Once I got through the first design question with the tool, I found myself able to use it very swiftly for the remaining questions.
  4. Find the buried questions faster.  There’s really not enough time to read each question from beginning to end.  There is so much to digest with a lot of the questions, only to find that the question could have been appropriately answered by reading the last few sentences of the question first or by reading the question in reverse order from bottom to top hunting for the facts, while already having a preview of the possible answers and what details the question is really focusing on.  There’s plenty of fluff in many of the questions.  Basically don’t waste time reading, memorizing, or getting wound around the fluff axle.

These are not new techniques.  I’ve been sitting certification exams since the mid ’90’s (mostly Microsoft) and I quickly learned the above tactics in test taking but over the years I’ve had a gradual departure, employing quality and thought provoking debate in each exam question I encountered.  That’s a big mistake because these exams just don’t provide the time for it.

What a difference it made:

Looking back the last few years, a common exam room theme had clearly developed for me: Either I ran out of time on the exam leaving questions unanswered or I came very very close to running out of time.  Today I reached the end of the exam with well beyond the recommended 1h 15m required to go back and address the design tool questions.  I completed the design tool questions at a pace faster than what VMware recommends by applying the basic methodology of not getting wound around the axle.  That’s not to say my designs were perfectly accurate but I felt pretty comfortable with half of them.

After getting through the design tool questions, I still had plenty of exam time left to three times go through a handful of other questions I had marked to review.

Final thoughts before pressing “End Exam”:

Although I rocked the time component, there were some new elements this time which I let get the best of me to some degree.

It was a late afternoon exam. I only sit morning exams. I never sit exams in the afternoon, especially 4 hour exams staring at a computer after lunch.  To avoid any post-lunch sleepies that might show up, I opted to take a quick nap in lieu of lunch.  This helped immensely, no drowsiness whatsoever during the exam.

Prior to sitting down, I was not looking forward to the 4 hour exam.  The experience at PEX was dreadful.  I wasn’t 100% invested into it and there were a lot of distractions which just made the exam feel like it took forever.  I was caught in a stressful catch-22 where I just wanted the hell out of that cold and noisy room yet the reality was I had burned through so much time I would have needed an additional 2 hours to complete the exam with all questions answered.  After sitting the beta, I was under the hopeful impression the GA version would be trimmed to something like 50 questions and 2 hours.  When I found the GA version was still 100 questions in under 4 hours, I was anticipating the likelihood of a repeat experience if I wasn’t able to step up my time management game.  And the other thing – 4 hour exams are too long and not what I’ve been used to prior to VCAP exams being invented.  In reflection, today’s exam duration wasn’t too bad, in fact, time flew.  Maybe because I was managing my time better. Maybe because of the power nap.  I don’t know but today was ok.  Ask me again tomorrow and I’ll tell you 4 hour exams are way too damned long.  There should be a better way to measure design skill.  Halve the number of questions and the time commitment.

While I was quite comfortable with the beta exam content to the point that I’m sure I could have passed the exam based on content mastery alone, today’s experience was actually quite a bit different.  I was expecting to see the same familiar content.  The truth is there were up to 40 questions I hadn’t even seen during the beta.  While some of the content was familiar, there were quite a few new questions I wasn’t so confident in plus there were many familiar questions I was counting on being on today’s exam that were absent (low hanging fruit if you will).

While you might think there’s nothing more frustrating than facing a question for which you are completely unprepared for, even worse are questions with ambiguous dialogue either in the question itself and/or the answer(s).  I came across several exam questions which I felt were left to the author’s interpretation.  It’s really frustrating to know the right answers but a question is worded in such a way that it can be interpreted in different ways and there’s a correct answer below for each of the interpretations.

CONGRATULATIONS!

There was nothing left to do now but push that “End Exam” button.  I gave this thing my best 3 hours and 45 minutes.  Fortunately for me, the joyful message above was displayed on the screen.  For sure it’s what I had hoped would be there, but I wasn’t 100% confident like I was with the beta exam.

Key takeaways:

Good time management clearly made a difference.  The content alone on these exams is difficult enough, there’s no sense in creating additional obstacles to contend with.  Having the time available on questions where I really needed it was king.  And of course, completing the exam with no questions left unanswered also helps.

Someone tweeted me tonight asking me to divulge what to study.  As I’ve said in the past, I find there’s not a whole lot to study for when it comes to the design exams.  I mostly draw on my experience and brush up on a few things I’m weak on (such as PVLANs which I crashed yesterday and it paid off big time). Note the blueprint: Microsoft clustering also rears its head.  While I was at one time a MSCS master from a Microsoft perspective, I struggle to keep all of the details straight with regards to vSphere.  Frankly it has been a mess to track from day 1 and I wish MSCS would either be supported end to end or I wish it would just go away.

Back to that tweet, there’s a nightmare of a reality here:  if you lack the experience or know-how to tackle at least, I’d say, 75% of the blueprint, there’s too much ground to cover in terms of “what do I need to study – point me to the white papers”.  VCAP-DCD covers a very broad range of design topics but it also gets into the weeds on technical content you might expect to know for the VCAP-DCA exam.  I don’t say this to intimidate anyone or to flex my ego.  Today was a reality check and reminder for myself that the content on these exams shouldn’t be taken for granted even for someone like myself who spends his life immersed in the technology as much as possible.  That said, I’m going to have to up my game for the upcoming VCAP5-DCA exam as I consider that one more difficult than the DCD.  I’m not sure how much exam fuel I have left in me.  A part of me wants to retire from the certification treadmill (the VMware cert treadmill is by far the most aggressive) but I definitely don’t want to let the VCDX lapse.  I used to be able to knock out exams without too much trouble.  Don’t get me wrong, I put forth all of the due diligence required by reading thick books and spending a lot of time with hands on in the lab.  In the past, that formula always lead to a passing grade in the exam room.  But it’s getting harder.  At least it feels like it.  Maybe it’s my old age catching up.

If you plan on sitting the VCAP5-DCD exam soon, I wish you the best of luck.  Let me know how your experience was.

XCOPY VAAI Primitive Not Working with Storage vMotion

July 6th, 2012 by jason No comments »

Quick VAAI tip as we head into the weekend.  This showed up unexpectedly in lab testing – If you’ve built a new ESXi 5.0 host or cluster of hosts and the VAAI copy offload (XCOPY) primitive isn’t working as expected with Storage vMotion, among other things, verify the Hostname in the DNS Configuration via the DCUI that you’ve named the hosts properly as opposed to leaving the field at the default of localhost.

Snagit Capture

Adding an IP Alias to the vCloud Director Cell Server

July 5th, 2012 by jason No comments »

Hola! Yo Soy Dora!  I hope you are having a great week and for those in the US, I hope your 4th of July holiday was fun and relaxing.

Here’s another “how to” for those not real familiar with Linux when standing up a vCloud Director infrastructure.  If you’re following the documentation, you’ll notice on page 13 of the vCloud Director Installation and Configuration Guide that two NICs or an IP alias are required to support two separate SSL connections on each vCloud Director cell server.  One IP is used for the vCloud Director HTTP service and the other is used for the console proxy service.  I’ve deployed both methods, multiple NICs and IP aliasing, for the VCD cell server.  Neither method has a distinct advantage over the other in terms of performance or other important metrics.  Where both the http and console proxy addresses are on the same subnet, I prefer to use the IP Alias method to keep things a little cleaner but using two NICs is better at full disclosure in terms of how the VCD Cell Server is built and configured from a network standpoint.

To wrap some visualization around the two options, if you’re not familiar with Linux IP Aliasing, you’d probably deploy each VCD cell server in a multihomed configured with a minimum of two NICs and two IP addresses required for VCD, one IP established for each of the required SSL connections.

Snagit Capture

The IP Alias method involves just a single NIC with two IP addresses on the same subnet sharing a common mask and default gateway for the two required SSL connections.  Don’t forget that with either method, without routed NFS on the network, each VCD cell server would likely have one additional NIC dedicated to an NFS network for vCloud Director Transfer Storage assuming the clustered cell configuration recommended for production and highly available cloud infrastructures.

Snagit Capture

I think everyone knows how to install and configure a multihomed server, so this writing will focus on adding an IP alias to a NIC in RHEL 5 Update 7, or at least it will focus on how I learned to do it via the command line.  I’ll also show a second method to accomplish adding an IP alias through the GUI (X is enabled by default in RHEL 5.7).

Assuming RHEL 5 Update 7 is already installed with a NIC having an IP address 192.168.0.10, adding an additional IP address via an alias takes just a few steps via CLI.

  1. Use nano -w /etc/sysconfig/network-scripts/ifcfg-eth0 to edit the network configuration for eth0.  If it exists, remove the line GATEWAY=192.168.0.1 or comment it out by placing a hash (#) character at the beginning of the line like so: # GATEWAY=192.168.0.1  Save and exit nano with CTRL+X.
  2. Make a copy of ifcfg-eth0 to use for the IP alias.  Do this with the command cp /etc/sysconfig/network-scripts/ifcfg-eth0/etc/sysconfig/network-scripts/ifcfg-eth0:0
  3. Use nano -w /etc/sysconfig/network-scripts/ifcfg-eth0:0 to edit the network configuration for eth0:0.  Change DEVICE=eth0 to read DEVICE=eth0:0.  Change IPADDR=192.168.0.10 to read IPADDR=192.168.0.11  Change ONBOOT=yes to read ONPARENT=yes  Save and exit nano with CTRL+X.
  4. Use nano -w /etc/sysconfig/network to add a commonly shared default gateway for eth0 and eth0:0.  Add the line GATEWAY=192.168.0.1  Save and exit nano with CTRL+X.
  5. Restart networking with service network restart

At this point, the Linux platform has a single NIC with two IP addresses and the installation of vCloud Director on this cell can begin.

A second method to accomplish the above would be through the GUI by running the Networking application in RHEL 5 Update 7.

Seen here, eth0 is already configured.  Click the New button to add an IP alias:

Snagit Capture

Select Ethernet connection, choose the existing NIC for eth0, assign the IP address, Subnet Mask, and Default Gateway for the alias, and then lastly click on the Activate button with eth0:1 highlighted.

Snagit Capture

Once again, at this point, the Linux platform has a single NIC with two IP addresses and the installation of vCloud Director on this cell can begin.  Highlighted in yellow below is the IP alias or second IP address bound to eth0:

Snagit Capture

I’ve found that the GUI approach obsoletes steps 1 and 4 from the CLI approach above.  Basically it strips out the steps where the Default Gateway configuration is moved from the individual ifcfg-eth0 network startup scripts to the centralized /etc/sysconfig/network location.  It further affirms the GATEWAY= entry may remain in each of the individual ifcfg-eth0 network startup scripts.  In the end, both methods work for a vCloud Director cell server however I imagine adding an additional NIC hard wired to an access port not on the 192.168.0.0 subnet will have issues with a GATEWAY=192.168.0.1 in /etc/sysconfig/network.

Creating vCloud Director Transfer Server Storage on NFS

July 3rd, 2012 by jason No comments »

Six months ago I wrote an article about Expanding vCloud Director Transfer Storage on a local block storage device.  Today I take a step back and document the process of instantiating vCloud Director Transfer Storage on an NFS export which is where all scalable VCD implementations in production should reside.  The process is not extremely difficult but it can be difficult to remember the fine details if Linux is not your native OS.  Basically run through the following steps on each VCD cell server in the server group before installing vCloud Director.  I’ll be performing these steps on a RHEL 5 Update 7 distribution.

First create the directory structure which the NFS export will be mounted to (the -p argument creates the entire path of directories as necessary):

mkdir -p /opt/vmware/vcloud-director/data/transfer

Update 5/27/18: I happened to notice with RHEL 7.5 (could impact earlier builds as well) that mounting NFS exports now requires nfs-utils. Install this from the local DVD repository for YUM using the command yum install nfs-utils.

As a verification that NFS and networking is configured properly, use the showmount -e command to list mounts from the NFS server:

[root@vcdcell1 transfer]# showmount -e tsfiles.techsol.local
Export list for tsfiles.techsol.local:
/isos (everyone)
/oracle (everyone)
/unix (everyone)
/vcdtransfer (everyone)
/vcdtransfer2 (everyone)
[root@vcdcell1 transfer]#

Next, mount the NFS export manually:

mount nfshost.fqdn.orip:/nfs_export_name /opt/vmware/vcloud-director/data/transfer

Finally, let’s make sure the NFS export auto mounts each time the cell is rebooted.  This is done by editing /etc/fstab

nano -w /etc/fstab

Add the following line to /etc/fstab:

nfshost.fqdn.orip:/nfs_export_name      /opt/vmware/vcloud-director/data/transfer       nfs     rw      0 0

Exit nano using CTRL + X. Save /etc/fstab when prompted.

Proceed with the vCloud Director cell installation.  If using the mount path in the example above, it is safe and convenient to press Enter through the default prompt relating to the Transfer Server Storage installation path.

I’ll close by pointing out that although the Transfer Server Storage is used as a temporary holding tank for vApp and catalog media imports and exports, critical cell data is also stored in this repository.  If the Transfer Server Storage area is unavailable (ie. issues with NFS or the network), the VCD cell will not function properly, yielding a range of symptoms such as not being able to authenticate at the provider or organization portals.