Showing posts with label vsphere4. Show all posts
Showing posts with label vsphere4. Show all posts

Friday, September 25, 2009

Not so sorted...

I reported recently I'd fixed my vSphere4 problems. Well I thought I had, but I hadn't. In general it seems OK, but there are some issues around Update Manager not wanting to continue running, hmmm.
I was putting together some notes and lessons (as it were), and will do so soon, but the sleep deprivation has been a tad severe recently, and I cannot face it right now!!

Friday, September 18, 2009

Sorted!!!!!!

After stealing all my spare time and more, I have a working (again) vSphere4 VC with VUM and Convertor working. It's been a nightmare of testing and experimentation (and my original updated VI3-4 VC is still hosed), but I have a working system WITH the database from the VI3 days.

Too late to go through things now, but more tomorrow.

'night all :)

Monday, September 14, 2009

Well, after leaving the vCentre4 to boil, and reduce down

For the last few hours. All the services are running, but it is horrendously slow. And Update Manager is still not available to the VI Client. I get an error, and then the Update Manager plug in is disabled, and I cannot re-enable it in the client.

So the separate SQL 2005 server experiment continues - although sadly (due to client work - the stuff that lets me eat :)) means there'll only be a few evening hours in the next few days.
More news as it comes!

Update 1 - SQL Server left to install and patch, and taking it's *&^%^% time.  Hopefully finish off tomorrow and report back then

more vSphere pain... (and education!)

Coming soon - an investigation into vCentre 4 (upgraded from 3.5) misbehaviour. vCentre and Update Manager services will not start after a reboot...


Update 1 - up until 2am this morning trying to get vCentre4 to work properly. it's a "fill your boots" install with Guided Consolidation, Update Manager, Convertor; and all on a local SQL Express (or MSDE as I still incorrectly think of it :-)). Anyway, last week the upgrade to VI4 went well, and over the weekend I upgraded the ESX hosts to 4 and patched them.


Then I rebooted the entire infrastructure - a kind of defence mechanism for me after changes of this nature to make sure it all works. And it didn't. ESX4 hosts were fine, but I could no longer access the vCentre4 box.

Thursday, September 10, 2009

A good day

1. I took my vSphere4 VCP exam, and in a triumph of exam technique over a few areas of ignorance, pass

2. Much better though, Alan Turing's (at the time quite acceptable) rotten treatment by society and government agencies is seen as something to apologise for. How on earth did GCHQ types think it good to chuck out the best mathematical and computing brain of the century - surely. Despite all the 'risks' he represented, they could have found a compromise...
I am proud to have signed the petition.

Monday, September 07, 2009

vSphere4 Update

Even simple passwords failed. I reduced them to be shorter than 32 characters (a problem I've seen elsewhere), but nope. Install of Guided Consolidation and Convertor failed still.
So, on a hunch, I removed the spaces from the password (actually it's more a passphrase), and increased it beyond 32 characters (just for the hell of it).
It worked. I truly cannot believe this.
So if you want these enterprise tools on your network - create a domain account with a simple ASCII name, and a password that is as long as you like, but only contains digits, upper case letters and lower case letters. Just that - no special characters and definitely no spaces.
Humbug.

Yup, vSphere4 has the VI3 bug (well it's probably categorised as a known issue)

I've just proven the case by creating a new domain account that has a horribly simple password. The Guided Consolidation install worked perfectly with a simple password on the domain account. Now to experiment and find which occurrence (the credentials have to be entered in two different locations - one for accessing the domain, and one for updating the local computer).

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003096 refers here, but only references VI3.4 and below - even thought the KB was last updated only a few weeks ago.

Actually judging by the article, both credentials (local machine use, and domain use) have to be simple. However I reckon... ...that just the domain "access user machines" account is all that's needed here, so trying that right now. Left the local machine upgrade to be a properly secure passworded account. Nope got that wrong, the local machine extension process needs a simple password too.

This does really stink though. Essentially what VMware want you to do is create domain credentials that will enable the service to connect to machines on your network with Domain Admin rights (or more properly speaking - local admin rights on the network computers being consolidated). And it's got a simple (well, not properly complex) password.

Will this stop me recommending VMware - of course not.
Does it annoy me? Yup.
Does it lower my respect for VMware's regard for security, yes - quite a bit. If it was an known issue in VI3, then it really should have been fixed in 4, or a clear reason not posted on the KB article.

Peter

PS if you experience this issue and then rollback the install as Guided Consolidator insists - it does NOT rollback the vCentre Collector Service install. When you come to install again, the ports 8081 (VMware vCentre Collector Service Port) and 8082 (VMware vCentre Collector Provider Service Port) are already registered, so it requests you to select 2 new ports. Recommendation - uninstall the Collector service and then all shall be well.

vSphere 4 upgrade/fresh install

Beginning to look like VMware has still not learned its lesson on the complex password requirements of the real world.

Back on VI3, if you added some infrastructure components the authentication credentials you gave the installer had to have a simple (no special characters) password. Naturally for any half decent data centres this is rubbish, and caused all sorts of administration problems as you set up a special account that circumvents password policy just to get the software installed.

Well, I'm in the midst of vSphere upgrades and it seems like this is still the case. Guided Consolidator and Convertor have not yet installed with good, secure passwords on the credentials. Experimenting with fixes (Google's not yet found an exact match to the errors).

I'll report back later, but if this is the case, then shame on you VMware.

Tuesday, August 25, 2009

vSphere 4

2 days into the beta of the new vSphere 4 Fast Track course and I'm shattered. I did the equivalent course (the first in EMEA) 2 1/2 years ago (or so), and that was tough enough.

This afternoon was not helped by the failed install of VMware tools in a guest OS that caused cloning to intermittently fail. Still - good diagnostics testing.

Book 1 is finished, and a couple more 10 1/2 hour days to go, and I'll be done. Thank goodness it's bank holiday this weekend!!