Credit to PACKT publishing

After a fair few months of work and with support from the team at PACKT my new book (Microsoft Application Virtualization Cookbook) is out on sale.

With over 60 recipes for the practical application of Microsoft Application Virtualization (Version 5) from every angle including…

  • Setting up your first App-V infrastructure
  • Deploying the software clients and prerequisites
  • Sequencing applications into packages
  • Publishing applications and connection groups to your clients
  • Integrating with XenDesktop, Microsoft Remote Desktop Services and System Centre Configuration Manager
  • and lots more!
 The book is available in both Print and eBook form and can be ordered from PACKT publishing at this link – https://www.packtpub.com/virtualization-and-cloud/microsoft-application-virtualization-cookbook.

RDP or SSHEver wanted to jump right into a SSH session from an item that you’ve seen in the PRTG Enterprise Console? By setting up a Device Tool its all too easy to do by just clicking on the device and pressing a function key on your keyboard.

Note that the Device Tool feature of the Enterprise Console can be used for a lot more than just setting up SSH sessions; for example I have modified the out of the box RDP connection to have a set height and width of the window or you could configure another new Device Tool to start a remote PowerShell session from a key press.

Either way here’s how to set it up for SSH…

A blank csr.txt fileA interesting quirk of an issue with this one; when generating a CSR to secure the iDRAC (version 8) interface on a Dell T430 server it appears that you can’t use an apostrophe in any of the fields else you are presented with a empty/blank csr.txt file (see right).

The work around is simple if a little annoying (especially when CSRs generated with other tools allow apostrophes) in that you remove the apostrophe from all of fields in the request. I’d imagine this is the same for other special characters as well.

In this post I’ll be going through the installation of Hyper-V Server on our Dell T430 hosts. Remember you can download and use Hyper-V Server 2012 R2 for free (link) however you must still license the guest Operating Systems.

I’ll be configuring a 80GB partition for the OS with the remainder of the storage set aside for the virtual machines – remember this is a UEFI based system so you can have single partitions over 2TB in size (in this case we will have a 2.7TB data partition) on the same disk as the boot partition.

In this post I will be covering the basic configuration of iDRAC as well as getting ready for the installation of Windows Hyper-V Server 2012 R2.

In this server configuration I have plugged a network cable into port 1 of the on-board NIC which will (initially) be used to host iDRAC, the management connection for the OS as well as shared with the first virtual switch. At the time of writing there was a limited number of free network ports on the server room switch – a later post will show a fully configured setup.

First up booting into iDRAC…

Next is configuring the iDRAC interface and setting a password to limit access; not that with iDRAC Express the port used by iDRAC can also be shared with the Operating System; with DRAC Enterprise you get a dedicated management card which has its own NIC.

Finally iDRAC is particularly useful with a quick and easy setup of your RAID array as well as streamlining the installation of Windows Server by presenting the installer with a complete set of drivers at install time (saving a significant amount of time later on by removing the need to hunt down and install the drivers yourself!).

In the next post I’ll be going through the steps to install Windows Hyper-V Server 2012 R2.

Dell T430s

Time for a new series of posts! In this series I will be looking at the end to end deployment of a pair of Microsoft Hyper-V Server 2012 R2 hosts along with supporting services including networking and backup. This kind of deployment is an excellent option for anyone who is looking to run Virtualisation but without the cost of VMWare or a SAN (Storage Area Network). In this first post I’ll outline the goals of this project along with the hardware I’ll be using.

Goals

  • To configure iDRAC 8 Express for out of band management
  • To install Microsoft Hyper-V Server 2012 R2
  • To configure network settings and enable remote management
  • To configure backup of the hosts and virtual machines
  • To setup Live Migration and Hyper-V Replica between the two servers
  • To migrate Virtual Machines from Windows Server 2008 R2 to the Hyper-V Server 2012 R2 hosts

A few points to note…

  • Microsoft Hyper-V Server 2012 R2 is completely free! (allowing you to access the latest Hyper-V technology regardless of your licencing level)
  • You must still have a valid licence for any guest operating systems (in this case I am using two Server 2008 R2 Datacentre licences as there will be no VMs using anything higher than Server 2008 R2)
  • Datacentre licencing allows you to run an unlimited number of VMs on that host at that OS level or lower (subject to extra licencing concerns over additional CPU sockets)
  • Hyper-V Server is effectively a super cut down version of Windows Server Core – there are no different drivers and the management tools are just the same
  • You can find out more about Hyper-V Server on TechNet here – https://technet.microsoft.com/en-us/library/hh833684.aspx

Hardware

Dell T430 Hosts

Purchased specifically for this project these two hosts have been configured identically with the aim of N+1 redundancy in the environment.

  • 1x Intel Xeon E5-2620 v3 2.4Ghz 6 core CPU
  • 6x8GB DDR3 2133mhz RAM (48GB total)
  • Dell PERC H730 RAID Controller 1GB Cache
  • 6x600GB 10K SAS Drives
  • Dual Hot Plug Power Supplies
  • 3 Dual Port 1Gbit NICs
  • iDRAC8 Express

These Dell servers really have a lot going for them – as well as being UEFI enabled they come with iDRAC (for out of band management and simple OS installs) as well as plenty of RAM slots, pull out tags on the front with the service tag number, USB 3.0 and hot plug power supplies. Finally I’m really quite impressed with how quiet they run – although they will be housed in a dedicated air conditioned server room I could certainly see one of these as being ok in a well ventilated cupboard somewhere in a branch office like environment.

Continue reading

A bit of an interesting one today; while provisioning a pair of shiny new Dell T430s I had obtained and uploaded a valid 3rd party signed SSL certificate to the iDRAC interface with a view to ensuring that whenever an administrator accessed the interface they didn’t get a invalid certificate warning.

However after uploading the certificate and restarting iDRAC I was presented with an error message in Internet Explorer starting that ‘The security certificate provided by this website is not secure’. In researching this it appeared that the site was either running a very old version of SSL or that the certificate had become ‘mangled’ in the server somehow. Either way Internet Explorer, Google Chrome and Firefox did not allow me to bypass this error message.

On way to resolve this issue was by accessing the server via SSH and running some commands (see screen shot sequence below for the details)…

Always remember to save your config!As part of my new job I’ve taken on the management of a Palo Alto PA-3020, on my list of things to do…update the software/firmware on it. The update process its self is pretty simple in that you identify the version you are going to update to, download it, install it and then reboot the firewall at a time that will cause the least distribution to your users.

It will also be worth taking a save of your current running configuration – this can be done by going Device > Setup > Operations and Saving a named configuration snapshot and then exporting it.

At first glance there does not seem to be a way to schedule the reboot (for say 3am – something I particularly liked on my Smoothwall firewall) so for the time being I’ll have to deal with late night reboots.

Anyway the good bit! To upgrade from 6.0.6 to 6.1.0 took 4 minutes to then upgrade from 6.1.0 to 6.1.5 took 5 minutes 30 seconds.

For more information on the upgrade process from Palo Alto themselves visit this link – https://live.paloaltonetworks.com/docs/DOC-2092.

RPC Server

An interesting quirk of running Virtual Machines for this post… the background is my ‘main work PC’ is currently running Windows 7; in order to remotely manage a Hyper-V Server 2012 R2 machine I had installed Oracle VirtualBox onto my main PC and inside that had setup a Windows 8.1 VM to remotely manage the Hyper-V Server instance.

However after setting up remote management I found that I could connect to all of the remote management tools on my Hyper-V machine with the exception of Disk Management and Hyper-V Manager with the following error message generated in Hyper-V Manager.

RPC Server unavailable. Unable to establish connection between <Hyper-V Host> and <Client PC>.

After much investigation into this issue (and after following a number of dead ends relating to firewall settings, the hosts file and COM security) it transpires that the issue was related to the way that I had setup the network adapter within VirtualBox.

In particular the adapter had been set to NAT mode, now given the properties of NAT it seems plausible that some vital information might have been mangled in the process – if anyone feels like doing some Wireshark on this to discover the cause then please do!

The resolution was simple – setting the adapter to bridged mode instead which allowed the traffic to pass through the virtual adapter just fine.

About

my world of IT is a blog about both the business and consumer world of IT as seen by a common garden SysAdmin. For more information click here!