Tuesday, March 23, 2021
Well it's been a really long time.
Just a quick update. Still working at the same place doing more or less the same IT stuff. Lots more exposure to new tech and processes. It's like everything I'd done through the years was in preparation for COVID-19. We left our office on March 13th 2020 and began working from home Monday March 16th 9am without any issues. VPN's, cloud services, users taking home desktops and laptops all to be up and running the very next work week. One year in and the company that I work for is still going strong. The resiliency is remarkable.
Tuesday, May 14, 2013
Clash of Clan's addict
This iOS game from Super Cell is amazing. Arguably one of the best games of all times. Instant action, a quick fix, making people cry, PvP sort of you got it here in a mobile form. Join our clan called Ninja Looters.
Tuesday, March 23, 2010
Vendors......
The worse thing a vendor can do is harass a potential client. By vendors I mean anyone trying to sell a service to a prospective buyer. Sales people who try to sell software or hardware or some service. These people the bad ones will hound you for you to buy a product or service.
I believe this is very bad practice. I've been going through this very thing time and time again. I'm also going through it right now. I demo a piece of software the vendor calls I get quotes. The vendor tells me it's the end of their quarter (like I care) and they can give good discounts. If we can get an order placed by the end of the quarter which is the end of the month we can get this discounted. Well it's not the end of the month and we are still discussing and dealing with other day-to-day issues.
This is just one example. It's like I'm the only client these guys have or will ever have. It really makes me want to look elsewhere. The persistence of these guys is sickening to point where all calls go to voice mail.
Vendor don't call us we'll call you.
I believe this is very bad practice. I've been going through this very thing time and time again. I'm also going through it right now. I demo a piece of software the vendor calls I get quotes. The vendor tells me it's the end of their quarter (like I care) and they can give good discounts. If we can get an order placed by the end of the quarter which is the end of the month we can get this discounted. Well it's not the end of the month and we are still discussing and dealing with other day-to-day issues.
This is just one example. It's like I'm the only client these guys have or will ever have. It really makes me want to look elsewhere. The persistence of these guys is sickening to point where all calls go to voice mail.
Vendor don't call us we'll call you.
Monday, October 26, 2009
It's been a while...
I'm still here. I just got back from London. Some restructuring is going on in that office and a few folks migrated over to a new company. Most of the IT guys went so I had to go over there and have a look. It was a nice trip first time in that office and in London. The goal is to bring that office more in line with the New York HQ on all levels.
What else have I been up to since April? Well LOTS! So much that I can't even remember. Our Hong Kong office office moved to a bigger space in the same building and we had to move our MPLS line that I talked about in April. The line was finally brought up last week. It takes months to move international circuits. If you ever have to do anything like that make sure you plan around that. Don't expect the line to be moved over night from the time you request it.
I've had some SAN issues after my April post. One drive showed up as dead which was fine normal. They shipped us a new drive no problem. The drive comes and I swap it and the SAN still thinks no drive is in the bay. WHAT! I call Dell/emc support they send a new drive same deal. WOW! WTF! Then they want me to pull SP collects. Done they nothing. Now they want to webex in to run a tool and dig deeper. problems found. Another disk is bad but not showing up in Navi and I had to replace that disk as well. That two bad disk at the same time. I forgot exactly what we did but the process was long and took days b/c we had to put in a new disk into the slot where the ghosted bad disk was (the disk that was bad on the back end) and wait for it to transition. That's a day gone. The next day after the transition we had to go back to the original bad disk and swap that out and wait for transition, another day down. On the third day which was actually the forth day not included was the first day the original call was placed. On the Thursday the transitioning was done and all was well again. Four days to address drive problems. But I got to tell you this, NO user complained and there was NO down time. Gotta love EMC!
Internet slowness. Out users are just consuming bandwidth at an alarming rate here. Even with Websense to block sites and protocols there still isn't enough. Then again we do only have 3mb to the internet at the NY HQ. But I did get a 12mb DS3 installed at the 42nd st office we are supposed to be moving to that we have not moved to yet. So in the mean time I will be routing internet traffic for the users over that 12mb line and keeping my servers and public IP's here at the main office. This is b/c all of our public IP's are tied to our circuits here in the HQ and we can't afford the downtime to move the block of IP's to the other office. Even though Verizon says it take 5 minutes. Yeah right! Something will break and everyone will be on my a$$ b/c there is down time and something isn't working, like emails.
We've also installed and rolled out Microsoft's Office Communication Server (OCS). Now all our users have IM. Microsoft has a really nice product. There plan is to make OCS and Exchange into a VoIP solution. I saw a demo and it looked promising. So of course I came back to the office and upgraded to R2 and attempted to connect the OCS server to our Cisco call manager. I was fine right up until I was supposed to active the truck line and decided not to. The last thing I want is to bring down our phone system. So I put that project on hold until someone with more experience is available. I've contacted some of our vendors and they don't even know how to do it.
There are more stuff but I leave it at this for now.
Tuesday, April 14, 2009
Setting up our Hong Kong office network from NY
I'm in the process of setting up our Hong Kong (HK) office. We've installed an MPLS line there over 6 months ago. Our plan was to send someone over from NY to install everything and set them up. Then the economy tanked and personnel got laid off. As a result the HK office has been using our Juniper SSL VPN exclusively. They are able to grab files, access email, intranet and work like any remote office. But the MPLS line is just sitting there costing us per month.
I've finally been able to think about them and wanted to get that ball rolling in getting them setup to work exactly like our Shanghai office is. Meaning getting connected to the MPLS. My counterpart in London and another Admin didn't like the idea I presented of remotely setting them up. They'd rather send someone over and train them how to do things differently. My take is that we've been waiting on someone going over for over 6 months and we are paying of a line we are not using. In that time we could have had them setup remotely using local resources when needed. I've met with my boss and fleshed out a plan to get our local consultants involved. It's not a difficult thing to do at all. We've already had a server ordered and delivered sitting there as well for over 6 months that wasn't being used (reasons explained later).
I've drafted my plan and sent it to my boss and we got on a conference call with the HK folks one night EST. We all agreed to attempt to get this to happen. The HK folks wanted direct connection to our NY office and I wanted to give it to them. I've sent my plan over to the local consultants. My plan was to get them to install VMware on the server setup it up according to my instruction I sent over with IP addresses etc, connect the ESX server to a switch that connects to the MPLS router and I'll take it from there. At first they didn't know how to install VMware. So I sent them this youtube VMWare ESX 3 Training CBT - Installing ESX and a link to site How to Install VMware ESX Server. I also stated in an email to them that if they know how to install any *NIX distro they should be able to install ESX with no problem. Once they got that email with links they said yeah they know how to do it.
So now the server is installed and connected to the MPLS. I got an email from the office manager saying that it was done one morning followed by an email from the person in charge there (above office manager) and you would not believe this. The person in charge said the server was too loud and decided to turn it off. Granted the HK office is one room in a business center and the server is in the corner. So I've asked if they could leave the server on when they leave and turn it off in the morning. There night is our day and vise-versa. So they did that for me the next day. I was able to access the server via infrastructure client and SSL. I sent over our windows image, took about 30 mins. Once that was done I installed the first VM and that is a Windows DC for that office. The second VM installed was a file server. There were some pain points with the installation. I remote desktop to our Virtual center server which has all my VMware tools then I vnc into the VM's once they were up and that was a bit slow since I didn't get VMware tool installed yet. Once the tools were installed I was good to go. That took pretty much my entire day.
I come in the next day and the server is off. Yes off they couldn't even turn it back on when they left the office. Either they forgot or don't care. So that's where that project is right now. They can't stand the noise and even if I did put the finishing touches on it they would have turning it off anyway. Now imagine if we sent someone over like everyone wanted to do. That would have been thousand of $ in travel expenses and once they left the machine would be turned off O_o!
I've finally been able to think about them and wanted to get that ball rolling in getting them setup to work exactly like our Shanghai office is. Meaning getting connected to the MPLS. My counterpart in London and another Admin didn't like the idea I presented of remotely setting them up. They'd rather send someone over and train them how to do things differently. My take is that we've been waiting on someone going over for over 6 months and we are paying of a line we are not using. In that time we could have had them setup remotely using local resources when needed. I've met with my boss and fleshed out a plan to get our local consultants involved. It's not a difficult thing to do at all. We've already had a server ordered and delivered sitting there as well for over 6 months that wasn't being used (reasons explained later).
I've drafted my plan and sent it to my boss and we got on a conference call with the HK folks one night EST. We all agreed to attempt to get this to happen. The HK folks wanted direct connection to our NY office and I wanted to give it to them. I've sent my plan over to the local consultants. My plan was to get them to install VMware on the server setup it up according to my instruction I sent over with IP addresses etc, connect the ESX server to a switch that connects to the MPLS router and I'll take it from there. At first they didn't know how to install VMware. So I sent them this youtube VMWare ESX 3 Training CBT - Installing ESX and a link to site How to Install VMware ESX Server. I also stated in an email to them that if they know how to install any *NIX distro they should be able to install ESX with no problem. Once they got that email with links they said yeah they know how to do it.
So now the server is installed and connected to the MPLS. I got an email from the office manager saying that it was done one morning followed by an email from the person in charge there (above office manager) and you would not believe this. The person in charge said the server was too loud and decided to turn it off. Granted the HK office is one room in a business center and the server is in the corner. So I've asked if they could leave the server on when they leave and turn it off in the morning. There night is our day and vise-versa. So they did that for me the next day. I was able to access the server via infrastructure client and SSL. I sent over our windows image, took about 30 mins. Once that was done I installed the first VM and that is a Windows DC for that office. The second VM installed was a file server. There were some pain points with the installation. I remote desktop to our Virtual center server which has all my VMware tools then I vnc into the VM's once they were up and that was a bit slow since I didn't get VMware tool installed yet. Once the tools were installed I was good to go. That took pretty much my entire day.
I come in the next day and the server is off. Yes off they couldn't even turn it back on when they left the office. Either they forgot or don't care. So that's where that project is right now. They can't stand the noise and even if I did put the finishing touches on it they would have turning it off anyway. Now imagine if we sent someone over like everyone wanted to do. That would have been thousand of $ in travel expenses and once they left the machine would be turned off O_o!
Monday, February 09, 2009
Vmotion with RDM problem solved!
I've finally figured it out and in doing so I've discovered some other potential problems. First the solution to not being able to move a VM from ESX host to ESX host even though the LUN's are shared to both host within Navisphere. It turns out that I needed to have both of my hosts in the same storage group on the Navi side. I had them in their own groups. Once I moved all the VM over to one host the and made sure the all LUN's were visible to the second host and added the ESX host with no VM to the storage group on the other host. Then I renamed the storage group in Navi to something that represents whats going on.
The reason for this is b/c although VMotion was working with all the other LUN's RDM's are a bit different. When adding a LUN to a an ESX server they read the same LUN ID this isn't the case with RDM's. RDM's get a LUN ID of whatever is the next number within ESX. For VMotion to work the everything has to match up on both ESX hosts. In my case with RDM's the LUN ID's on the ESX host were never the same. Now with the change on the Navi side all my LUN's have the same ID within ESX.
Now I can move all my VM's back and forth instead on the just the ones that were VMDK's.
The other potential problem that I found was that four of my initiator names were pointing to the wrong server host name within Navi under connectivity status. All of my servers should have four initiators and one had eight. The initiators are the WWN names that come from the HBA's in the servers. One of my ESX host wasn't showing up properly. There was no real problem but I caught that before it became one.
The reason for this is b/c although VMotion was working with all the other LUN's RDM's are a bit different. When adding a LUN to a an ESX server they read the same LUN ID this isn't the case with RDM's. RDM's get a LUN ID of whatever is the next number within ESX. For VMotion to work the everything has to match up on both ESX hosts. In my case with RDM's the LUN ID's on the ESX host were never the same. Now with the change on the Navi side all my LUN's have the same ID within ESX.
Now I can move all my VM's back and forth instead on the just the ones that were VMDK's.
The other potential problem that I found was that four of my initiator names were pointing to the wrong server host name within Navi under connectivity status. All of my servers should have four initiators and one had eight. The initiators are the WWN names that come from the HBA's in the servers. One of my ESX host wasn't showing up properly. There was no real problem but I caught that before it became one.
Wednesday, February 04, 2009
My first day back from vaction and problems...
After my vaction was over I was well rested and stress free. I get to work Monday morning Jan 5th and that's when it starts. My exchange cluster starts to freak out for a bit. I investigate what going on and powerpath is telling that a connection to the SAn is lost. WTF!!!! Now I frantic b/c I just got back and I'm grilling everyone to see if anything went on while I was away (I stayed here BTW www.rayonhotels.com). Everything was quiet I was told and I already knew that b/c I was checking in via SSL VPN. I went in Navi and I saw errors and the email home was going off. I checked the error and it was and SFP error. Now this could be real simple and real bad. Then guess what the errors go away and I check the SFP's and they are fine nice and snug in there.
I come in Tuesday morning and it's happening all over again. This time the transmittance is more frequent dropping Outlook connections to the server all day long. I put a call into Dell right away and to my surprise they didn't have my service tag updated on file so they couldn't find my SAN in their system. WHAT are you F***ing serious? WTF is going on? So I call my account rep and ask him that the deal is. He said we'd see whats going on. At this time my rebooting my exchange cluster to reestablis connection and trying to make sense of this thing.
After 2 hours they finally got their act together and updated their system. Sign of the times over at Dell huh? Anyhow they are dispatching parts and they should come by 11am and a tech should call me shortly after. I get the parts at 11am but no call from tech. There are two boxes. Now from my knowledge an SFP is the size of a thumb. I did get a small box and I also got a much larger box. Now I'm think WTF and open it. it's a storage processor. Why the ef would I need this? And this is what I mean this could be real simple or real bad. I send emails to these people working on this case. I get replies saying I should hear from someone soon. I get a call from the Technical account manager saying the tech should be here by 1pm EST. 1 pm EST rolls by and no call or no one. I send more emails and they keep send me ETA that can't keep. It's now going on 3 pm and still no one. I get a call from my reps and we are on a conference call. Since this is saying it's an SFP I know I can change that myself and ask if this is a good idea. They say if I feel comfortable do so. Great som much for gold support right? I end up changing the DAMN thing and immediately the errors in Navi are gone and everything is back to normal.
After all that, after all of that I get a call from a tech saying he's at another site and can come over and that he just got the call. Hmmmmm..... what happened to all those ETS's? I told him don't bother and changed the SFP myself. Now what if that wasn't the problem and what if the port itself was bad. I wasn't going to try to change a storage processor myself. I mean if push came to shove they could walk me through it but WTF is up with my gold support?
I come in Tuesday morning and it's happening all over again. This time the transmittance is more frequent dropping Outlook connections to the server all day long. I put a call into Dell right away and to my surprise they didn't have my service tag updated on file so they couldn't find my SAN in their system. WHAT are you F***ing serious? WTF is going on? So I call my account rep and ask him that the deal is. He said we'd see whats going on. At this time my rebooting my exchange cluster to reestablis connection and trying to make sense of this thing.
After 2 hours they finally got their act together and updated their system. Sign of the times over at Dell huh? Anyhow they are dispatching parts and they should come by 11am and a tech should call me shortly after. I get the parts at 11am but no call from tech. There are two boxes. Now from my knowledge an SFP is the size of a thumb. I did get a small box and I also got a much larger box. Now I'm think WTF and open it. it's a storage processor. Why the ef would I need this? And this is what I mean this could be real simple or real bad. I send emails to these people working on this case. I get replies saying I should hear from someone soon. I get a call from the Technical account manager saying the tech should be here by 1pm EST. 1 pm EST rolls by and no call or no one. I send more emails and they keep send me ETA that can't keep. It's now going on 3 pm and still no one. I get a call from my reps and we are on a conference call. Since this is saying it's an SFP I know I can change that myself and ask if this is a good idea. They say if I feel comfortable do so. Great som much for gold support right? I end up changing the DAMN thing and immediately the errors in Navi are gone and everything is back to normal.
After all that, after all of that I get a call from a tech saying he's at another site and can come over and that he just got the call. Hmmmmm..... what happened to all those ETS's? I told him don't bother and changed the SFP myself. Now what if that wasn't the problem and what if the port itself was bad. I wasn't going to try to change a storage processor myself. I mean if push came to shove they could walk me through it but WTF is up with my gold support?
Vmotion with RDM problem
So I've run into a bit of a snag with Vmotion. So to do Vmotion it's best to have a VMDK partition shared amongst both ESX host. In the perfect world this would be the case but we're not in a perfect work and some of us can't convert/migrate to a VMDK partition. What I mean by this and this is based on my situation. I can convert servers without much problems into a VMDK partition but what about the data the server serves up. Remember my 3.14 TB migration that is no a 8TB partition that took 2 months. How long would VMware converter take to convert that data and move to a VMDK partition of equal size if I had one? Or if I try to convert the data partition from the ESX host by adding storage it would format my 8TB and that would be BAD.
So with all that in mind there is another option with a BUT that allows me to add the existing partition as an RDM (raw device mapping). I make sure to share the LUN with both ESX host. I add it to my VM through the edit option and it shows up no problem. Remember that BUT? Well you can't Vmotion the RDM b/c it thinks it's not shared with the other host, even though it is.
So I have a call in with HP/Vmware to help resolve this issue. I'll post back with my findings.
So with all that in mind there is another option with a BUT that allows me to add the existing partition as an RDM (raw device mapping). I make sure to share the LUN with both ESX host. I add it to my VM through the edit option and it shows up no problem. Remember that BUT? Well you can't Vmotion the RDM b/c it thinks it's not shared with the other host, even though it is.
So I have a call in with HP/Vmware to help resolve this issue. I'll post back with my findings.
More VMware, Virtual Center Server and Vmotion
After the LUN migration fiasco I finally have the space to move forward with VMware and continuing to convert more servers. It's even more important now b/c we are supposed to be moving our data center and the lest I have to transport the better. Also for high availability, flexibility and efficiency. A lot of buzz words right!
I've created a 1TB LUN for all my VMDK files. Mostly the guest OS's. This should be more then enough for what I need currently. I have plenty of rooms for SWAP space and backups. I've then shared this massive LUN to both ESX host inside of Navishpere (select the LUN and add to storage group - in the case you add the LUN to both ESX storage groups). That's the basics.
I'm going to take a step back and discuss the overall picture. The gist of the matter is to be able to have my servers up all the time or as little downtime as possible. VMware already allows you to reboot servers in about 1 1/2 minutes time so that already faster then a physical box rebooting. But in the cases where you can't afford to have any dropped connections what-so-ever Vmotion is the way to go. This is what's meant by high availability. To accomplish this you'll need two ESX servers and one Virtual Center server with the appropriate license to unlock Vmotion.
So I've went and installed Virtual Center server on a windows 2003 server and pointed it to my two ESX hosts. You'll need to have a central lic server that manages all the lic's on the ESX hosts and the virtual center server. This is no biggie. Go to your account page on Vmware site and convert your lic's to central file or something like that. I pretty much edited one of my lic's and added the rest to the last line. Then installed the lic manger of the Virtual center server and updated the ESX hosts to look there. I was good to go. Then you'll need to update your infrastructure client by pointing it to the Vitrual center server so that you can see both hosts. Create a new cluster and add you hosts. All your existing VM's will appear on both host if you have them.
The final set will be to create a Vmotion network which is actually called a VMkernel Vmotion. You mush have a few NIC's in both host that you can allowcate to network redundancy and Vmotion. You assign a NIC for the Vmotion network and give it a private IP address x.x.x.1 and on the other host do the same thing with x.x.x.2 At this point you must physically get a crossover cable and connect those NIC you just assigned. You'll have to go to the back of the host and start plugging until you find the NIC's LOL. Or you can just VLAN those NIC's and you should be set. I those the first method this time around.
Sounds confusing but it really isn't. Once you get started the info just flows to your brain from out of nowhere....LOL!
Once all that was out the way I created a test VM on the shared LUN I created above. I put it on the network and opened the console or VNC to it. I then started a continuous ping from inside the VM to our DNS server (since that always on) and proceeded to do a manual Vmotion. Drag and drop the VM from it's ESX host to the other ESX host and you get a window pop-up and a few questions. It's a done deal. You can see exactly when the VM moves buy watching the ping hic-up but you don't lose a single connection.
Amazing ain't it!
I've created a 1TB LUN for all my VMDK files. Mostly the guest OS's. This should be more then enough for what I need currently. I have plenty of rooms for SWAP space and backups. I've then shared this massive LUN to both ESX host inside of Navishpere (select the LUN and add to storage group - in the case you add the LUN to both ESX storage groups). That's the basics.
I'm going to take a step back and discuss the overall picture. The gist of the matter is to be able to have my servers up all the time or as little downtime as possible. VMware already allows you to reboot servers in about 1 1/2 minutes time so that already faster then a physical box rebooting. But in the cases where you can't afford to have any dropped connections what-so-ever Vmotion is the way to go. This is what's meant by high availability. To accomplish this you'll need two ESX servers and one Virtual Center server with the appropriate license to unlock Vmotion.
So I've went and installed Virtual Center server on a windows 2003 server and pointed it to my two ESX hosts. You'll need to have a central lic server that manages all the lic's on the ESX hosts and the virtual center server. This is no biggie. Go to your account page on Vmware site and convert your lic's to central file or something like that. I pretty much edited one of my lic's and added the rest to the last line. Then installed the lic manger of the Virtual center server and updated the ESX hosts to look there. I was good to go. Then you'll need to update your infrastructure client by pointing it to the Vitrual center server so that you can see both hosts. Create a new cluster and add you hosts. All your existing VM's will appear on both host if you have them.
The final set will be to create a Vmotion network which is actually called a VMkernel Vmotion. You mush have a few NIC's in both host that you can allowcate to network redundancy and Vmotion. You assign a NIC for the Vmotion network and give it a private IP address x.x.x.1 and on the other host do the same thing with x.x.x.2 At this point you must physically get a crossover cable and connect those NIC you just assigned. You'll have to go to the back of the host and start plugging until you find the NIC's LOL. Or you can just VLAN those NIC's and you should be set. I those the first method this time around.
Sounds confusing but it really isn't. Once you get started the info just flows to your brain from out of nowhere....LOL!
Once all that was out the way I created a test VM on the shared LUN I created above. I put it on the network and opened the console or VNC to it. I then started a continuous ping from inside the VM to our DNS server (since that always on) and proceeded to do a manual Vmotion. Drag and drop the VM from it's ESX host to the other ESX host and you get a window pop-up and a few questions. It's a done deal. You can see exactly when the VM moves buy watching the ping hic-up but you don't lose a single connection.
Amazing ain't it!
Happy New Year......yeah I'm late but here is an update
The last time I posted I started my LUN migration to our new space. I thought it would take about a week two tops to migrate 3.14TB to a standard LUN twice the size. Well it took 2 MONTHs. I started mid Nov and it end mid Jan.
For those who have experienced this before will say it depends on what my priority rate was and would probably bet my priority was on the lowest setting. NOPE! I had it on ASAP for a bit and it freaked the user base out. They all complained about slow connectivity to the file server. So I dropped it down to medium and that's were it sat for the better part of 2 months. I went on vacation and everything (had a blast by the way at www.rayonhotels.com).
So after that was done I expanded the partition in windows 2003 by using diskpart and whalah instant space.
For those who have experienced this before will say it depends on what my priority rate was and would probably bet my priority was on the lowest setting. NOPE! I had it on ASAP for a bit and it freaked the user base out. They all complained about slow connectivity to the file server. So I dropped it down to medium and that's were it sat for the better part of 2 months. I went on vacation and everything (had a blast by the way at www.rayonhotels.com).
So after that was done I expanded the partition in windows 2003 by using diskpart and whalah instant space.
Tuesday, December 02, 2008
Back to VMWare finally
Now that I have space to play with on the CX3-20 I can return to moving forward with VMWare. My plan is to use all of our FC drive for VMWare and databases. Currently I'm using most of our FC disk for a file server. I've set a LUN migration job to migrate the meta-LUN we created on the FC disk over to a 8TB LUN I created on our new SATAII drives.
The LUN migration processes if very easy and straight forward within Navisphere. It's going to take a couple of days to migrate the 3.5TB LUN over. I've started this yesterday and set the priority to ASAP. BTW this LUN is in production and our user base isn't being affected at all.
So I've connected out second ESX server to our FC network and zoned it to the CX3-20. I've installed VMWare Virtual Center on a windows 2003 server to manage both of our hosts. Just getting that done was a huge learning curve. Thanks to the forums and searching I was able to figure it out. Maybe I'll make a post about the steps to setting up Virtual Center and two hosts on a SAN.
Now I'm going to test VMotion to see how that works for myself.
OK so I've done it a manual VMotion move from host to host and it worked like a charm.
Now time to clean up mu LUNs and create a huge LUN for all my guest OS and share that between both hosts.
The LUN migration processes if very easy and straight forward within Navisphere. It's going to take a couple of days to migrate the 3.5TB LUN over. I've started this yesterday and set the priority to ASAP. BTW this LUN is in production and our user base isn't being affected at all.
So I've connected out second ESX server to our FC network and zoned it to the CX3-20. I've installed VMWare Virtual Center on a windows 2003 server to manage both of our hosts. Just getting that done was a huge learning curve. Thanks to the forums and searching I was able to figure it out. Maybe I'll make a post about the steps to setting up Virtual Center and two hosts on a SAN.
Now I'm going to test VMotion to see how that works for myself.
OK so I've done it a manual VMotion move from host to host and it worked like a charm.
Now time to clean up mu LUNs and create a huge LUN for all my guest OS and share that between both hosts.
emc CX300 to CX3-20 conversion done
The conversion is finally done. The hardware has been sitting behind my desk for months and this weekend it finally happened. It went off without a hitch and it took about 7 hours as expected. The Dell guy knew exactly what he was doing and as he should have. Prior to the conversion I prepped the rack by moving the DAE's up 1U to make space at the bottom for the new storage processor 1U unit. If I hadn't done that it would have taken an extra hours to move all that stuff up.
We've also added our 5th DAE with 1TB SATAII drives for a total of 15TB. After the hot spare and the LUN overhead I've got ~12.5TB to play with.
We've also added our 5th DAE with 1TB SATAII drives for a total of 15TB. After the hot spare and the LUN overhead I've got ~12.5TB to play with.
Tuesday, November 11, 2008
Data center move
Oh yes I have to move my data center down to our new office. Our new room is finally of professional grade. We have rows of racks for server and another row just for network gear. We have real dedicated AC units three of them in an N+1 redundancy configuration. We have a real central UPS. No more of those rack based bottom crap. God I hate those. Dedicated power and cooling for my room. I even have a big red button to shut down the entire room :D
Before the move I've got a few things that I'm trying to get done.
1. upgrade my SAN
2. move 5TB of data to the new DAE
3. consolidate as many servers as I can with VMware. I should be able to shave off 14 physical servers and make them VM's
4. install new PRI lines for our VoIP system (ordered)
5. install 10mb to the internet (ordered)
6. get with our data integrators and be the quarterback.
My plan for that weekend will be to have the movers pack up everything that we are taking and move them to the new office. Once there I'll get on the phone (cell) with Verizon to transfer our DID's over to the new PRI's. Then get the phone system up and tested. Move our IP's to the new routers so our DNS entries should not change (I'll have to confirm this). Get our SAN online and exchange cluster up and running. Then our file servers and VMware cluster. Should be easy right? :D
So when am I going to do all of this? I was planning on getting it done before Dec 22 but since I'm going on vacation I don't want anyone calling me while I'm in Jamaica. Plus I doubt that the 5TB of data will be copied by then. So I'm shooting for some time in January. I should we well rested.
Before the move I've got a few things that I'm trying to get done.
1. upgrade my SAN
2. move 5TB of data to the new DAE
3. consolidate as many servers as I can with VMware. I should be able to shave off 14 physical servers and make them VM's
4. install new PRI lines for our VoIP system (ordered)
5. install 10mb to the internet (ordered)
6. get with our data integrators and be the quarterback.
My plan for that weekend will be to have the movers pack up everything that we are taking and move them to the new office. Once there I'll get on the phone (cell) with Verizon to transfer our DID's over to the new PRI's. Then get the phone system up and tested. Move our IP's to the new routers so our DNS entries should not change (I'll have to confirm this). Get our SAN online and exchange cluster up and running. Then our file servers and VMware cluster. Should be easy right? :D
So when am I going to do all of this? I was planning on getting it done before Dec 22 but since I'm going on vacation I don't want anyone calling me while I'm in Jamaica. Plus I doubt that the 5TB of data will be copied by then. So I'm shooting for some time in January. I should we well rested.
SAN upgrade
We are smack in the middle of upgrading our emc CX-300 to a CX3-20. We went from flare code 19 to 26 last week and another guy will come out and convert it to a CX3-20. They said it will take 7 hours. This should be fun....NOT! I may have to come in the Sunday right after Thanksgiving. Such is life.
During that conversion we will also be adding a new DAE (disk array enclosure) that is about 14TB. We are getting 1TB disk each. Yeah we need all that space. We burn through disks here at an alarming rate. It seems like every few years I have to move our entire production data over to new disk and quite frankly I am tired of it :/ But the job job must get done.
During that conversion we will also be adding a new DAE (disk array enclosure) that is about 14TB. We are getting 1TB disk each. Yeah we need all that space. We burn through disks here at an alarming rate. It seems like every few years I have to move our entire production data over to new disk and quite frankly I am tired of it :/ But the job job must get done.
So it's been a while....Move update Phase I
So back in June I mentioned that my office is moving (Phase I), well that is complete. It's wasn't easy but it wasn't hard either. A lot of coordinating with vendors to get services delivered. I was dealing mostly with Verizon. I want to thank Donna Moriarity at Verizon for keeping me up to date throughout that entire project. She wasn't even our project manager go figure.
Anyhow we are at two site now about 15 city blocks apart in NYC. We are connected via a 1 gig direct connection. So that new office seems like they are working at the main office still.
A crash course in single mode and multi mode connection. When the curcuit was installed it was a single mode fiber hand off. Now I was very new to single mode and multi mode jargin. It didn't take me long to get my head around it though. I was pressed for time. I got my Cisco 3560's stacked and configured and all I needed was the line connected and away we go. Boy was I wrong. I had about 2 weeks to get that going and wireless with local and guest VLANs working.
I quickly learned that Cisco switches are multi mode and most of the fible cables on the market were multi mode. All the cables we had were in fact multi mode. So I had to act fast and order single mode cables but this was before I realized that the Cisco gear didn't take a direct multi mode connection. So when the cables arrived (one for both ends) the connection still didn't work. Then I figured that there must be a piece of this equation that I was missed. I then found that my gear on both sides need a single mode to multi mode converter transceiver and Gbic. The order was placed and once I got them we were in business. My link was lit and data was flowing like a river. Everything worked perfectly. Phones across the link, data, emails, printing perfect. My VLAN's were all configured without issues ;)
So now I burned though a week with all the back and forth ordering so I'm left with less than a week before the move and the wireless was installed yet. We mounted the AP's and installed the WLAN controller. We got a guy in to do it for us but we were just as involved in it as he was and actually telling him how certain things should be done. None-the-less we got it going the day of the move which was on Friday Sept 19th. Everything went smooth. My workstation guys and mover did a midnight move and I came in in the morning just to check to make sure all the login were ok.
Another project under my belt signed sealed and delivered.
Anyhow we are at two site now about 15 city blocks apart in NYC. We are connected via a 1 gig direct connection. So that new office seems like they are working at the main office still.
A crash course in single mode and multi mode connection. When the curcuit was installed it was a single mode fiber hand off. Now I was very new to single mode and multi mode jargin. It didn't take me long to get my head around it though. I was pressed for time. I got my Cisco 3560's stacked and configured and all I needed was the line connected and away we go. Boy was I wrong. I had about 2 weeks to get that going and wireless with local and guest VLANs working.
I quickly learned that Cisco switches are multi mode and most of the fible cables on the market were multi mode. All the cables we had were in fact multi mode. So I had to act fast and order single mode cables but this was before I realized that the Cisco gear didn't take a direct multi mode connection. So when the cables arrived (one for both ends) the connection still didn't work. Then I figured that there must be a piece of this equation that I was missed. I then found that my gear on both sides need a single mode to multi mode converter transceiver and Gbic. The order was placed and once I got them we were in business. My link was lit and data was flowing like a river. Everything worked perfectly. Phones across the link, data, emails, printing perfect. My VLAN's were all configured without issues ;)
So now I burned though a week with all the back and forth ordering so I'm left with less than a week before the move and the wireless was installed yet. We mounted the AP's and installed the WLAN controller. We got a guy in to do it for us but we were just as involved in it as he was and actually telling him how certain things should be done. None-the-less we got it going the day of the move which was on Friday Sept 19th. Everything went smooth. My workstation guys and mover did a midnight move and I came in in the morning just to check to make sure all the login were ok.
Another project under my belt signed sealed and delivered.
Thursday, June 19, 2008
Extracting email address from Exchange....
I've got a call from Messaglabs to update our email address that are allowed to send emails through their system. They are trying to decrease the possibility of a dictionary attack which will scan an entire domain with made up words and send emails to any and every address in that domain. So to help keep the company secure I've had to stop what I was doing to attend to this matter ASAP.
So how does one get all the valid emails out of Exchange 2003? Well you'd think it was as simple and right click and export right? WRONG! Exchange 2003 does not allow you to export all of your email address in the manner that you think. There may be some 3rd party tool but who wants to go through all of that.
Here is a simple solution that I found that works great. You'll need Windows support tools for ADSIEdit installed on your DC's (the one you'll run this command on)
First go to a global catalog server and run ADSIEdit (if that does not work you don't have the support tools and you'll need to download them - they are apart of 2003 SP1)
1.run ADSIEdit
2.expand the doamin to see the OU's
3.right click on the OU you are trying to get the addresses from (we are talking about the OU that has all or most of the users and groups with email addresses)
4a.go to properties
4b.on the left field you are looking for the distinguishedName
5.click edit and copy the entry
6.paste this to notepad - it should read OU=YourOUname,DC=yourDomainName,DC=com
example
UO = abc
domain = xyz
OU=abc,DC=xyz,DC=com
7. go to the command prompt on the same server and type
csvde -f c:\addresseslist.csv -d "OU=abc,DC=xyz,DC=com" -r (mailnickname=*) -l mailnickname,proxyaddresses -p subtree
edit whats in bold to accommodate your environment.
8. no go to the C:\ drive and import the .cvs file into excel.
All done. You'll need to make sure the excel import wizard runs so you can set the perameters so that it's easy to extract the email address.
So how does one get all the valid emails out of Exchange 2003? Well you'd think it was as simple and right click and export right? WRONG! Exchange 2003 does not allow you to export all of your email address in the manner that you think. There may be some 3rd party tool but who wants to go through all of that.
Here is a simple solution that I found that works great. You'll need Windows support tools for ADSIEdit installed on your DC's (the one you'll run this command on)
First go to a global catalog server and run ADSIEdit (if that does not work you don't have the support tools and you'll need to download them - they are apart of 2003 SP1)
1.run ADSIEdit
2.expand the doamin to see the OU's
3.right click on the OU you are trying to get the addresses from (we are talking about the OU that has all or most of the users and groups with email addresses)
4a.go to properties
4b.on the left field you are looking for the distinguishedName
5.click edit and copy the entry
6.paste this to notepad - it should read OU=YourOUname,DC=yourDomainName,DC=com
example
UO = abc
domain = xyz
OU=abc,DC=xyz,DC=com
7. go to the command prompt on the same server and type
csvde -f c:\addresseslist.csv -d "OU=abc,DC=xyz,DC=com" -r (mailnickname=*) -l mailnickname,proxyaddresses -p subtree
edit whats in bold to accommodate your environment.
8. no go to the C:\ drive and import the .cvs file into excel.
All done. You'll need to make sure the excel import wizard runs so you can set the perameters so that it's easy to extract the email address.
Checking in......
I've been quite busy since I last posted here is what I've been up to;
My office is moving in phase so I've been attending weekly meetings to make sure everything from the IT standpoint goes according to plan.
The phase one move will be about half the office moving to a new space fifteen blocks away. All the IT recourses will stay here until phase two. In the meantime I am connecting both offices via Verizon Metro-fiber (1 gig).
We are also rolling out a firm wide MPLS WAN solution to connect offices in New York, London, Shanghai, Hong Kong and Singapore. I've been doing a lot of coordinating with Verizon via phone, email and meeting to make sure this is a solid solution. We originally contracted Savvis for this project so they could set us up with their MPLS solution but they could not deliver and we were forced to cancel and go with Verizon.
I'm also in the process of upgrading our EMC CX300 to a CX3-20. The CX3-20 will allow us to utilize 120 disks vs the CX300 maxing out at 60 disks. Plus all the other bells a whistles that the CX3-20 has to offer.
We are also upgrading our Cisco call manger and unity VoIP system to 6.1 (I think) it's the linux version.
I think thats it for now. I'm sure I've missed some things. My brain is rattled these days with so much going on both at work and home. I need a vacation BADLY!
My office is moving in phase so I've been attending weekly meetings to make sure everything from the IT standpoint goes according to plan.
The phase one move will be about half the office moving to a new space fifteen blocks away. All the IT recourses will stay here until phase two. In the meantime I am connecting both offices via Verizon Metro-fiber (1 gig).
We are also rolling out a firm wide MPLS WAN solution to connect offices in New York, London, Shanghai, Hong Kong and Singapore. I've been doing a lot of coordinating with Verizon via phone, email and meeting to make sure this is a solid solution. We originally contracted Savvis for this project so they could set us up with their MPLS solution but they could not deliver and we were forced to cancel and go with Verizon.
I'm also in the process of upgrading our EMC CX300 to a CX3-20. The CX3-20 will allow us to utilize 120 disks vs the CX300 maxing out at 60 disks. Plus all the other bells a whistles that the CX3-20 has to offer.
We are also upgrading our Cisco call manger and unity VoIP system to 6.1 (I think) it's the linux version.
I think thats it for now. I'm sure I've missed some things. My brain is rattled these days with so much going on both at work and home. I need a vacation BADLY!
Wednesday, January 02, 2008
Old VM's to New ESX server
So for all of us small/medium size guys who are facing problems with old VMs on older servers or moving VM from test into production who don't have Vmotion or any of the cool stuff how do they do it?
I know of two ways. One way is command line and the other is gui. The command line way it more fun LOL but it's long and prone to error. The gui way like everything gui related to short and to the point. I'll go over the command line way first b/c it's good to know these things.
Moving VM's from ESX host to ESX host (method 1)
First you'll have to unregister you VM from the target host. To do this you have to use an ssh tool to console in like putty. SSH into the host where the VM that you want to move is located. Run the command to list your VM's
vmware-cmd -l = lists your VM's
You will notice that VM's show up with long character names followed by the shortcut name which is what you named your datastore within the Infrastructure client.
Now you'll need to unregister your VM that you want to move. To do so you'll use the command
vmware-cmd -s unregister /path/to/datastore (this path should look something like this /vmfs/volumes/datastore name
Now using FastSCP b/c this allows you to SCP into the server with root access (great tool), connect to the target ESX host and destination ESX host. You should see both host on the left side pane.
On the destination host create a folder where your volumes are and call it the datastore name. On the target browse to into the VM folder that you want to move to the new host. You will see about a dozen or so files. Copy all the files ACCEPT the .vmdk files over to the folder you just created in the new host.
Once that copy is done on the destination host create a temp folder where ever you have available space (must be enough to hold the size of the .vmdk files). Now copy the .vmdk files from the target server to this location. This copy takes a while depending on the size of the .vmdk files, 40GB is about 2 hours.
Once the files are copied run the vmkfstools command.
vmkfstools -i /path/of copied vmdk/name.vmdk /path/of where all the other files are/name.vmdk
So you will run this tool against the .vmdk files you just copied to allow the tool to reincorporate the .vmdk files over to the first set of files you copied earlier. So you must have both paths correct of it will fail.
This process takes a little while b/c it has to put everything back together and I think it defrags at the same time.
Moving VM's from ESX host to ESX host (method 2)
Use VMware Converter. LOL thats it. I found out the hard way that this was the easiest way to move VM from host to host. My last post explains how to do it.
I know of two ways. One way is command line and the other is gui. The command line way it more fun LOL but it's long and prone to error. The gui way like everything gui related to short and to the point. I'll go over the command line way first b/c it's good to know these things.
Moving VM's from ESX host to ESX host (method 1)
First you'll have to unregister you VM from the target host. To do this you have to use an ssh tool to console in like putty. SSH into the host where the VM that you want to move is located. Run the command to list your VM's
vmware-cmd -l = lists your VM's
You will notice that VM's show up with long character names followed by the shortcut name which is what you named your datastore within the Infrastructure client.
Now you'll need to unregister your VM that you want to move. To do so you'll use the command
vmware-cmd -s unregister /path/to/datastore (this path should look something like this /vmfs/volumes/datastore name
Now using FastSCP b/c this allows you to SCP into the server with root access (great tool), connect to the target ESX host and destination ESX host. You should see both host on the left side pane.
On the destination host create a folder where your volumes are and call it the datastore name. On the target browse to into the VM folder that you want to move to the new host. You will see about a dozen or so files. Copy all the files ACCEPT the .vmdk files over to the folder you just created in the new host.
Once that copy is done on the destination host create a temp folder where ever you have available space (must be enough to hold the size of the .vmdk files). Now copy the .vmdk files from the target server to this location. This copy takes a while depending on the size of the .vmdk files, 40GB is about 2 hours.
Once the files are copied run the vmkfstools command.
vmkfstools -i /path/of copied vmdk/name.vmdk /path/of where all the other files are/name.vmdk
So you will run this tool against the .vmdk files you just copied to allow the tool to reincorporate the .vmdk files over to the first set of files you copied earlier. So you must have both paths correct of it will fail.
This process takes a little while b/c it has to put everything back together and I think it defrags at the same time.
Moving VM's from ESX host to ESX host (method 2)
Use VMware Converter. LOL thats it. I found out the hard way that this was the easiest way to move VM from host to host. My last post explains how to do it.
VMware is sweeeeeet!
So I've moved forward with VMware full swing. We purchased a new server for our production VM environment. The server specs are as follow;
HP DL580 G5
4 Quad core 3GHz Xeon cpus'
48GB memory
2 72BG 10K rpm HD
2 Qlogic HBA's
connected to our emc SAN
This server is a beast. If you didn't realize that is 16 cores in this one. I can host about 5 VM's per core for a total of 80 VM's give or take depending on resource allocation.
This server could replace pretty much all the servers on my network. And in essence I could have one rack with just this box and my SAN.......but I'm not doing that. I'm just going to consolidate our file servers and our single function servers. No need for those 1U guys anymore that just run IIS.
So why is VMware so sweet. Well b/c it's owned by emc. Really b/c the integration into your environment is almost transparent to the end users. You can literally convert a physical server that dying into a VM in a matter of hours providing you are ideally setup with a SAN and your ESX host is up and running.
Using VMware Converter (free) you can install it on the physical machine you want to convert or if that machine is out of space like most old servers are you can install it on any other server and point to converter to the server you'd like to convert. Once the VMware Converter is installed you run the app and a wizard opens up pretty much asking you what server you want to convery, what volumes (c:, d: and any others), where you'd like to house these volumes (this is best in a SAN environment where you have already carved out a LUN for this server), name change, network config and thats it. Once you hit start the physical server is still online with users connected and it takes a snapshot of the entire server files and all and turns it into a VM. Not only does it do that but it also send the VM over to the ESX host and powers it on (power on is an option if you want no downtime).
The amount of time it takes depends on how much data you will be converting. Remember the converter will be taking that physical server with everything on it that you picked into a VM. So if it's a server with a 40BG database all that has to come over. Thats takes about 2 hours. The converter has an ETA as well.
It's great. I am amazed that emc and VMware have automated this entire process.
HP DL580 G5
4 Quad core 3GHz Xeon cpus'
48GB memory
2 72BG 10K rpm HD
2 Qlogic HBA's
connected to our emc SAN
This server is a beast. If you didn't realize that is 16 cores in this one. I can host about 5 VM's per core for a total of 80 VM's give or take depending on resource allocation.
This server could replace pretty much all the servers on my network. And in essence I could have one rack with just this box and my SAN.......but I'm not doing that. I'm just going to consolidate our file servers and our single function servers. No need for those 1U guys anymore that just run IIS.
So why is VMware so sweet. Well b/c it's owned by emc. Really b/c the integration into your environment is almost transparent to the end users. You can literally convert a physical server that dying into a VM in a matter of hours providing you are ideally setup with a SAN and your ESX host is up and running.
Using VMware Converter (free) you can install it on the physical machine you want to convert or if that machine is out of space like most old servers are you can install it on any other server and point to converter to the server you'd like to convert. Once the VMware Converter is installed you run the app and a wizard opens up pretty much asking you what server you want to convery, what volumes (c:, d: and any others), where you'd like to house these volumes (this is best in a SAN environment where you have already carved out a LUN for this server), name change, network config and thats it. Once you hit start the physical server is still online with users connected and it takes a snapshot of the entire server files and all and turns it into a VM. Not only does it do that but it also send the VM over to the ESX host and powers it on (power on is an option if you want no downtime).
The amount of time it takes depends on how much data you will be converting. Remember the converter will be taking that physical server with everything on it that you picked into a VM. So if it's a server with a 40BG database all that has to come over. Thats takes about 2 hours. The converter has an ETA as well.
It's great. I am amazed that emc and VMware have automated this entire process.
Tuesday, November 13, 2007
Exchange Store Defrag
I defragged two of the four information store in my exchange server on Friday night. I started at 10pm and I went to bed at 4:30am Saturday morning.
My four mailbox stores are over 100BG. It's was already over the 100GB partition that I had them on. So months ago I had to more one to the same partition that our public store is on. The plan was to defrag all the stores getting back all the white space and moving the store on the public store partition back with the rest of the mailbox stores. Well that didn't happen.
All the stores are about 25GB and their streaming databases are about 6BG each. So you can see how that is well over 100GB. I did them one at a time. I first did a database move to our recovery storage partition since it's apart of our clusters mount points. This move took 45mins for both the .edb and the .stm databases. Once
moved I ran the
eseutil /d :drive\location\"database name b/c I have spaces"
This took some 3 hours. About 9GB her hours is about right according to MS. When done I mounted the store from the defrag location and did a database move back to the original location. This took another 45mins to copy back. I started the second store at about 3:30am. After that one copied to the defrag location (45min copy) and ran the eseutil and WENT TO BED. I woke up at 6:30ish am and found it was done. I copied it back and that was then of that.
The scheduled downtime was from 10pm Friday night to 10am Saturday morning. So attempting to do the last two stores would have gone well over the time I allotted for maintenance.
What was i doing why I waited for the copy and defrag to finish? While the wife and baby was asleep I took the time to play some WOW ;)
My four mailbox stores are over 100BG. It's was already over the 100GB partition that I had them on. So months ago I had to more one to the same partition that our public store is on. The plan was to defrag all the stores getting back all the white space and moving the store on the public store partition back with the rest of the mailbox stores. Well that didn't happen.
All the stores are about 25GB and their streaming databases are about 6BG each. So you can see how that is well over 100GB. I did them one at a time. I first did a database move to our recovery storage partition since it's apart of our clusters mount points. This move took 45mins for both the .edb and the .stm databases. Once
moved I ran the
eseutil /d :drive\location\"database name b/c I have spaces"
This took some 3 hours. About 9GB her hours is about right according to MS. When done I mounted the store from the defrag location and did a database move back to the original location. This took another 45mins to copy back. I started the second store at about 3:30am. After that one copied to the defrag location (45min copy) and ran the eseutil and WENT TO BED. I woke up at 6:30ish am and found it was done. I copied it back and that was then of that.
The scheduled downtime was from 10pm Friday night to 10am Saturday morning. So attempting to do the last two stores would have gone well over the time I allotted for maintenance.
What was i doing why I waited for the copy and defrag to finish? While the wife and baby was asleep I took the time to play some WOW ;)
Tuesday, October 30, 2007
Job is relocating
My job is moving a couple a blocks. From an old historic building to another old build in NYC. At least this new old building is a lot better.
My responsibility as the MIS is move or build a new IT infrastructure. I think we are going to do a little bit of both. The problem is is that we are not all moving in at once. We are moving at about 100 a time over a 2 year period. So that means I can't just pull up the infrastructure in one location and move it over a weekend. There can't be any downtime (you think this was a financial firm). So I tasked with setting up two networks that will talk to each other so when people move from the old office to the new office everything works exactly the same. Here is what is involved on the IT side of things to get this to work.
- A solid WAN connection
- WAN accelerators Riverbed devices
- Cisco IPT phone system
- SAN and VMware
- Switches for new space
- lots of cabling
- security
- A/V
- Wireless
- new workstations
- metro card
This is pretty much the basics. We have all of this stuff now but we may need to get a second of everything. The bottom line is that there can be ZERO downtime. I think this will be a piece of cake. My boss the Director of IT seems to be stressing a bit. Hey you can only play the cards you are dealt.
My responsibility as the MIS is move or build a new IT infrastructure. I think we are going to do a little bit of both. The problem is is that we are not all moving in at once. We are moving at about 100 a time over a 2 year period. So that means I can't just pull up the infrastructure in one location and move it over a weekend. There can't be any downtime (you think this was a financial firm). So I tasked with setting up two networks that will talk to each other so when people move from the old office to the new office everything works exactly the same. Here is what is involved on the IT side of things to get this to work.
- A solid WAN connection
- WAN accelerators Riverbed devices
- Cisco IPT phone system
- SAN and VMware
- Switches for new space
- lots of cabling
- security
- A/V
- Wireless
- new workstations
- metro card
This is pretty much the basics. We have all of this stuff now but we may need to get a second of everything. The bottom line is that there can be ZERO downtime. I think this will be a piece of cake. My boss the Director of IT seems to be stressing a bit. Hey you can only play the cards you are dealt.
It's been a while..
Didn't I already use this title?
Anyway. I've done a lot since my last post. Lets see;
- I got married in June. 7/7/07 :D <--this will NEVER be any form of password LOL!
- Went on a 2 week honeymoon. Can't beat a Carribean Cruise
- Started playing WOW again
- Did a crazy setup in my house 5 boxing WOW
- Planning a physical relocation at my job for the IT infrastructure.
- Also consolidating Windows 2003 domains into a single domain.
That wasn't too much was it?
Oh and I got an iPhone too. How could I forget that. THEE BEST PHONE EVER! I can't believe I left it at home today too F%$@!
Anyway. I've done a lot since my last post. Lets see;
- I got married in June. 7/7/07 :D <--this will NEVER be any form of password LOL!
- Went on a 2 week honeymoon. Can't beat a Carribean Cruise
- Started playing WOW again
- Did a crazy setup in my house 5 boxing WOW
- Planning a physical relocation at my job for the IT infrastructure.
- Also consolidating Windows 2003 domains into a single domain.
That wasn't too much was it?
Oh and I got an iPhone too. How could I forget that. THEE BEST PHONE EVER! I can't believe I left it at home today too F%$@!
Wednesday, May 16, 2007
VMware and EMC news
I was back to focusing on some VMware last week and found that the VM's that I created were not showing up anymore. Hmm wonder why that is all of a sudden. I checked the zoning and it was all right, I checked the fiber cables they were lit. I even went as far as swapping the connection on the HBA's that didn't work as my paths the the storage under storage adapter in the VMware Infrastructure Client vanished. So I out it back. I then went into Navisphere to see if the host was showing up and it wasn't. Not even the IP was coming up. WTH! I then start browsing around the VMware forums and did a search for Clarion and ESX. I didn't find anything concrete. I'm not a member of the forum yet either so I didn't bother asking a question. I figured that this was basic and was probably asking to some degree in the past.
Anyway the problem was that this server was originally a windows 2003 server with all the emc software (SAN surfer and powerpath) installed so when the server was on it registered with CX300 automatically. So under the host tab in Navishpere the server would be right there and you can assign LUNs and away you go. Since the ESX server I didn't have the software installed it wasn't showing up in navi. I was rattling my brain trying to get this working again b/c it worked before. The VMware forums lead me to a post where a guy mentioned just adding the WWN of the server to navi and thats it. But it didn't mention exactly how. So this is where I figured out what was going on. was right clicking on everything in navi trying to find where to add a host or WWN name. I finally came across connectivity Status window. Here is where all the host and WWN names are associated. I noticed that the names (it was renamed two times) of what this server was as a windows 2003 box was still in there and associating itself with the WWN's of the HBA's. Being that the new ESX host did not have the updating software the CX300 didn't know about this server even while zoning was still in place and the hardware was the same. So I had to deregister the WWN name from all the old host names and register the WWN name to the new host which is the ESX server and new IP. Then everything started to work.
That took about a day to figure out but it felt good figuring it out none-the-less. So if anyone runs into this sort of thing who is not a VMware/EMC expert check the Connectivity Status from right clicking the Storage System in Navishpere to make sure your connection are all up to date and old connection aren't lingering around.
Anyway the problem was that this server was originally a windows 2003 server with all the emc software (SAN surfer and powerpath) installed so when the server was on it registered with CX300 automatically. So under the host tab in Navishpere the server would be right there and you can assign LUNs and away you go. Since the ESX server I didn't have the software installed it wasn't showing up in navi. I was rattling my brain trying to get this working again b/c it worked before. The VMware forums lead me to a post where a guy mentioned just adding the WWN of the server to navi and thats it. But it didn't mention exactly how. So this is where I figured out what was going on. was right clicking on everything in navi trying to find where to add a host or WWN name. I finally came across connectivity Status window. Here is where all the host and WWN names are associated. I noticed that the names (it was renamed two times) of what this server was as a windows 2003 box was still in there and associating itself with the WWN's of the HBA's. Being that the new ESX host did not have the updating software the CX300 didn't know about this server even while zoning was still in place and the hardware was the same. So I had to deregister the WWN name from all the old host names and register the WWN name to the new host which is the ESX server and new IP. Then everything started to work.
That took about a day to figure out but it felt good figuring it out none-the-less. So if anyone runs into this sort of thing who is not a VMware/EMC expert check the Connectivity Status from right clicking the Storage System in Navishpere to make sure your connection are all up to date and old connection aren't lingering around.
Friday, May 11, 2007
Exchange Cluster issue
About two weeks ago I was pretty much alone running the NY side of things. My boss the Director was out in our other office in London then Shanghai and my Admin was on vacation. So I was left to handle the back-end and make decisions on my own, AGAIN!
It was a dark and stormy Tuesday night...(it was just dark) the phone rang right as my wife tells me that my baby girl has a fever of 100+ degree's yikes! It's my boss on the phone and he says he can't connect to the exchange server from Shanghai. We are on an MPLS so everything should work. So I dig up my laptop and have a million things running through my head as I am most worried about why my daughter has such a high fever. I boot up and VPN into the office to check things out. At first glance everything looks fine. I am in my Outlook and I can OWA in as well. So what is he talking about. I VNC ALLLLLLLLLLLLLLLL the way to the shanghai server and see if I can do anything from there and I can. So what is the deal here. He tell me he keeps getting an error when trying to open outlook and OWA. So I try to login from there and I can OWA fine. I try to use his credentials from the same box and I get the error. I use his credentials on my box in the NY office (remote desktop + VPN is great) and I get the error too. So what the hell I say.
I start snooping around the exchange server manager to see if I can see anything abnormal nothing. Nothing b/c the damn thing gives no errors and the app does not refresh so I didn't know there was a problem until later. I start checking the event log, mind you it is going on 11pm and I am getting sleepy and worried about my daughter and this damn problem here at the same time. The event log was saying that the mailbox store was having problems wiring the the disk and was stopping I think it said. But that didn't register b/c I wasn't focused on this problem my daughter was boiling up and I was scared to shit. I'm still on the phone with my boss and he tells me he has to go to a meeting over there and will call me back.
I'm off the phone worried about two things. My work and my daughter. Well my daughter has went to bed and fever came down and my work was really starting to get to me. It was about 12am now I am just realizing what is happening. I at first thought my transaction logs filled up so I checked the space and it was fine then I reread the event error and was like hmm. Then is dawned on me the store can't write b/c the drive is FULL. I check and sure enough the 100% full. Then I really lost it b/c all what was going on had me not thinking logical. At that point I thought new information was over writing existing information (why? like I said I was worried about my daughter all night and not thinking straight) So I look back in the exchange system manger and refresh the mailbox stores and mailbox store #4 was down. I nearly had a heart attack. In that second I though my bosses mailbox and others were completely gone and I got up from the dinning room table walked into the living room and collapsed on the floor. It felt like all the blood drained from my head and extremities and pooled up in my stomach. Did I have an anxiety attack or pannick attack or both? After a few minutes on the floor I got up and regaining my composure. I was able to analyze what had happened and came up with a game plan to resolve the issue. I needed to move one of the mailbox stores to another partition to free up space in this one so that all store can come back online. I went to bed and got up at 3am drove into work and moved the mailbox store. it took about 15 minutes to move to 16GB store. But that did the trick.
What I need to do next (still) is shrink the database with the esutil tool to reclaim the white space. In all I should get back about 25GB. What caused all of this all of a sudden was when we moved to the cluster. The limits in the stores were not put back allowing the users to fill up their mailboxes in a matter of a month. We are back on track now and all is good again. For now!
It was a dark and stormy Tuesday night...(it was just dark) the phone rang right as my wife tells me that my baby girl has a fever of 100+ degree's yikes! It's my boss on the phone and he says he can't connect to the exchange server from Shanghai. We are on an MPLS so everything should work. So I dig up my laptop and have a million things running through my head as I am most worried about why my daughter has such a high fever. I boot up and VPN into the office to check things out. At first glance everything looks fine. I am in my Outlook and I can OWA in as well. So what is he talking about. I VNC ALLLLLLLLLLLLLLLL the way to the shanghai server and see if I can do anything from there and I can. So what is the deal here. He tell me he keeps getting an error when trying to open outlook and OWA. So I try to login from there and I can OWA fine. I try to use his credentials from the same box and I get the error. I use his credentials on my box in the NY office (remote desktop + VPN is great) and I get the error too. So what the hell I say.
I start snooping around the exchange server manager to see if I can see anything abnormal nothing. Nothing b/c the damn thing gives no errors and the app does not refresh so I didn't know there was a problem until later. I start checking the event log, mind you it is going on 11pm and I am getting sleepy and worried about my daughter and this damn problem here at the same time. The event log was saying that the mailbox store was having problems wiring the the disk and was stopping I think it said. But that didn't register b/c I wasn't focused on this problem my daughter was boiling up and I was scared to shit. I'm still on the phone with my boss and he tells me he has to go to a meeting over there and will call me back.
I'm off the phone worried about two things. My work and my daughter. Well my daughter has went to bed and fever came down and my work was really starting to get to me. It was about 12am now I am just realizing what is happening. I at first thought my transaction logs filled up so I checked the space and it was fine then I reread the event error and was like hmm. Then is dawned on me the store can't write b/c the drive is FULL. I check and sure enough the 100% full. Then I really lost it b/c all what was going on had me not thinking logical. At that point I thought new information was over writing existing information (why? like I said I was worried about my daughter all night and not thinking straight) So I look back in the exchange system manger and refresh the mailbox stores and mailbox store #4 was down. I nearly had a heart attack. In that second I though my bosses mailbox and others were completely gone and I got up from the dinning room table walked into the living room and collapsed on the floor. It felt like all the blood drained from my head and extremities and pooled up in my stomach. Did I have an anxiety attack or pannick attack or both? After a few minutes on the floor I got up and regaining my composure. I was able to analyze what had happened and came up with a game plan to resolve the issue. I needed to move one of the mailbox stores to another partition to free up space in this one so that all store can come back online. I went to bed and got up at 3am drove into work and moved the mailbox store. it took about 15 minutes to move to 16GB store. But that did the trick.
What I need to do next (still) is shrink the database with the esutil tool to reclaim the white space. In all I should get back about 25GB. What caused all of this all of a sudden was when we moved to the cluster. The limits in the stores were not put back allowing the users to fill up their mailboxes in a matter of a month. We are back on track now and all is good again. For now!
Management duties
My management duties have consumed most of my time since my last post. I also have an exchange information store shutdown. NOT a crash a shutdown. I'll make a new post about that soon. I've been dealing with meeting, talking with vendors and making sure a lot of things get done. BORING stuff. Still a lot of thinking required. The most frustrating is the unorganization of the office environment, from a business standpoint I am speaking of. Yeah I new a few things about how a business should run enough to hold a conversation ;)
Wednesday, April 18, 2007
Multi-tasking at it's finest
Multi-tasking baby. I'm talking about me here not computers. I've been swamped today trying to get VMware ESX 3 going configuring the Juniper SSL VPN box and making sure our over seas users have the proper access to their resources. Basically I am locking them down and forcing them to use the Juniper SSL VPN as their entry point. Yes I'm doing this all at the same time.
VMware ESX 3 has it's own learning curve. I've been rattling my brain just trying to install my first guest OS. I've got the VM's installed that's the easy part. For some reason the VM's won't boot from the CD-ROM. I've tried the ESX host machine and I've tried my workstation. Nadda! I've been beating the boards all morning. I ended up creating an ISO of my Windows 2003 server CD using the dd command on the ESX host.
dd if=/dev/cdrom of=/vmimages/myISO.iso bs=32k
What it does exactly I have no clue just yet. I'm joking, it's copying the files from the CD to the location it's the bs=32k that's got me. But this is the learning process anyway. I will be reinstalling once I get a handle on what exactly is happening. Also b/c I am using my only 100GB of my SAN to install all these VM's. Each VM I am giving 10GB. Eventually I will figure out best practice on the installation and how to manage LUNs off the SAN. I did a typical install :p call me a noob I don't care, two VM's with guest OS's installed more to go ;)
And as for the Juniper you can say I had a crash course in configuring that too. Under pressure it's amazing what you can do. Thats if you know what you doing.
All in all the Juniper device is great. So great in fact I ordered it today.
VMware ESX 3 has it's own learning curve. I've been rattling my brain just trying to install my first guest OS. I've got the VM's installed that's the easy part. For some reason the VM's won't boot from the CD-ROM. I've tried the ESX host machine and I've tried my workstation. Nadda! I've been beating the boards all morning. I ended up creating an ISO of my Windows 2003 server CD using the dd command on the ESX host.
dd if=/dev/cdrom of=/vmimages/myISO.iso bs=32k
What it does exactly I have no clue just yet. I'm joking, it's copying the files from the CD to the location it's the bs=32k that's got me. But this is the learning process anyway. I will be reinstalling once I get a handle on what exactly is happening. Also b/c I am using my only 100GB of my SAN to install all these VM's. Each VM I am giving 10GB. Eventually I will figure out best practice on the installation and how to manage LUNs off the SAN. I did a typical install :p call me a noob I don't care, two VM's with guest OS's installed more to go ;)
And as for the Juniper you can say I had a crash course in configuring that too. Under pressure it's amazing what you can do. Thats if you know what you doing.
All in all the Juniper device is great. So great in fact I ordered it today.
Tuesday, April 17, 2007
VMware ESX 3
Finally I can get around to installing this thing and trying it out. I'll update more once it's setup.
Wednesday, April 04, 2007
Juniper SSL VPN appliance
We are testing a Juniper SSL VPN SA-2000 appliance for 30 days. It was installed on Monday and I am impressed with what it can do. We are looking for a better VPN solution than our current. Right now we use Checkpoints secure client and we have to install that on all our remote users laptops. This limits who can VPN into the office to only those with company laptops. With the SA-2000 we can have anyone VPN into the office.
Based on the flexibility of the device we can setup policies to allow different levels of access. I can set the device to do a hardware check, user check or any combinations of checks. Example, I have hardware check on that scans the registry for company name machines based on our naming convention. If that checks out fine network connect will install. Network connect is pretty much a VPN java applet that create an SSL tunnel over http giving you an IP from a pool allowing you to have full network access. Now if the hardware check scans the registry and see that you are not a company machine you will not get network connect and will only get browser access to resources. All authentication is done via Active Directory which is nice.
If you are a certain user that is not on a company machine you have more resources published to the SSL VPN home page. Example, if I log in I will get my intranet, terminal service, all mapped drives, meeting (like webEx) and whatever other internal links that I want to add. If a regular user logs in I can have them only get Outlook Web Access and/or whatever resource they are working on internally.
I really like this solution as it pretty much the one stop shot for remote access. And the level of flexibility is great. It runs a hardened verion of LINUX not sure which distro but I can get into that some other time.
Based on the flexibility of the device we can setup policies to allow different levels of access. I can set the device to do a hardware check, user check or any combinations of checks. Example, I have hardware check on that scans the registry for company name machines based on our naming convention. If that checks out fine network connect will install. Network connect is pretty much a VPN java applet that create an SSL tunnel over http giving you an IP from a pool allowing you to have full network access. Now if the hardware check scans the registry and see that you are not a company machine you will not get network connect and will only get browser access to resources. All authentication is done via Active Directory which is nice.
If you are a certain user that is not on a company machine you have more resources published to the SSL VPN home page. Example, if I log in I will get my intranet, terminal service, all mapped drives, meeting (like webEx) and whatever other internal links that I want to add. If a regular user logs in I can have them only get Outlook Web Access and/or whatever resource they are working on internally.
I really like this solution as it pretty much the one stop shot for remote access. And the level of flexibility is great. It runs a hardened verion of LINUX not sure which distro but I can get into that some other time.
Subscribe to:
Posts (Atom)