Wednesday, October 29, 2014

How to configure Vsphere Replication 5.8

How to Configure Vsphere Replication 5.8

How to start:

Architect your environment. To keep it simple, I created two sites. One called DC and one called Miami.

DC Site:
1 esxi host at 10.1.1.1
1 vcenter appliance with an ip of 10.1.1.10
1 replication appliance with an ip of 10.1.1.11

Miami Site:
1 esxi host at 10.1.1.2
1 vcenter appliance at 10.1.1.20
1 replication appliance with an ip of 10.1.1.21

1. Install and configure your esxi host in your protected site

2. Install and configure your vcenter server in your protected site. Configure your Datacenter and add the esxi host to it.

3. Connect to your vcenter server with the web client and deploy your replication appliance via ovf










4. Log out of the web client and log in again. In the home page, you should see the replication icon.


5. If you want, connect to the ip address of the vsphere replication appliance using port 5480





6. Install and configure your esxi host in your recovery site

7. Install and configure your vcenter server in your recovery site

8. Deploy your replication appliance via ovf using the web client

9. Log out the web client and log in again. You should see the replication icon in place

10. In your protected site, pair up your local replication appliance to the remote



11. Right click on the vm to replicate and select Configure Replication









12. On the recovery site, open up the datastore that contains the shadow vm and verify that your have a new directory with the vmdk and -flat.vmdk files.

Vsphere Replication Recovery.

1. In the Production Site, stop the vm to recover

2. Using the web client on the Recovery Site, click on home and then click on the Replication icon


3. Click on the Monitor tab


4. Select Incoming Replications



5. Right click on the vm to recover and select Recovery



6. Follow the wizard



Wednesday, October 22, 2014

How to configure syslog with esxcli

Configuring Local and Remote Logging using the esxcli command

Local and Remote syslog functionality can be configured for a host using the esxcli command line utility, which can be used at the console of an ESXi host, in the vCLI, or in the vMA.

Open a ESXi Shell console session where the esxcli command is available, such as the vCLI or on the ESXi host directly.

If you want to display the current options for syslog, type the following.

# esxcli system syslog config get


Default Network Retry Timeout: 180
   Local Log Output: /scratch/log
   Local Log Output Is Configured: false
   Local Log Output Is Persistent: true
   Local Logging Default Rotation Size: 1024
   Local Logging Default Rotations: 8
   Log To Unique Subdirectory: false

   Remote Host: <none>

If you want to send the logs to a particular host, type the following.

# esxcli system syslog config set --loghost='tcp://10.1.1.1:514' (or udp)

If you want to specify a particular directory, type the following.

# esxcli system syslog config set --logdir=/directory1

To reload the configuration, type the following.

# esxcli system syslog reload

Log Files:

# tail -f /var/log/.vmsyslogd.err

How to Change Esxi Password Complexity

Change Default Password Complexity for the pam_passwdqc.so Plug-In in /etc/pam.d/passwd

How to edit the /etc/pam.d/passwd file

1 Log in to the ESXi Shell and acquire root privileges.

2 Open the passwd file with the vi editor.

# vi /etc/pam.d/passwd

3 Edit the following line.

password requisite /lib/security/$ISA/pam_passwdqc.so retry=N min=N0,N1,N2,N3,N4

4 Save the file.

Example: Editing /etc/pam.d/passwd

password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=8,8,8,7,6

With this setting in effect, the password requirements are:

n retry=3: A user is allowed 3 attempts to enter a valid password.

N0=8: Passwords containing characters from one character class must be at least 8 characters long.
For example, all lowercase letters

N1=9: Passwords containing characters from two character classes must be at least 8 characters long.
For example, all lowercase or uppercase letters

N2=8: Passphrases must contain words that are each at least 8 characters long.
For example, lowercase, uppercase and numbers

N3=7: Passwords containing characters from three character classes must be at least 7 characters long.

N4=6: Passwords containing characters from all four character classes must be at least 6 characters long

Wednesday, October 8, 2014

Manipulating Users from the VMA

Adding users to an esxi host can be performed with one command from the VMA. The following command adds a user.

vi-admin@vma:~[esxi02.vclass.local]> vicfg-user -e user -o add -l user1 -p vmware1!
Created user user1 successfully.

That information can be viewed and verified from the esxi host by looking for the line containing user information in two files.

# grep user1 /etc/passwd
user1:x:1003:1003:ESXi User:/:/bin/sh

# grep user1 /etc/shadow
user1:$6$OS4AKKev$zW4osKuZW6YEBwJt03lEPIxaYaN4d5.Ai2gz79ToYNiEIZsdkmO7qW1aTjKCzhlNvgRTwb31dGwyS/RW.4Zh.:16351:0:99999:7:::

The users can be viewed from the VMA with the following command:

vi-admin@vma:~[esxi02.vclass.local]> vicfg-user -e user -o list
USERS
-----------------
Principal -: root
Full Name -: Administrator
UID -: 0
Shell Access -:1

-----------------
Principal -: dcui
Full Name -: DCUI User
UID -: 100
Shell Access -:0

-----------------
--- the rest of the output was removed ---

The following command associates a user to a particular role (read-only in this case).

vi-admin@vma:~[esxi02.vclass.local]> vicfg-user -e user -o modify -l user1 --role read-only
Updated user user1 successfully.
Assigned the role read-only

The user can be deleted if necessary with one command.

vi-admin@vma:~[esxi02.vclass.local]> vicfg-user -e user -o delete -l user1
Removed the user user1 successfully.

VCAP Storage Related Commands

When preppring for the VCAP-DCA, the command line is a must. Certain tasks can only be performed using either the VCLI or internal commands.

Here are some of the Objectives for the VCAP and the commands needed.

Disable automatic host registration

esxcli system settings advanced set -i=0 -o “/Disk/EnableNaviReg”

esxcfg-advcfg -g /Disk/EnableNaviReg


Increase Max NFS volumes

esxcli system settings advanced set -i=32 -o “/NFS/MaxVolumes”

esxcfg-advcfg -g /NFS/MaxVolumes


Increase the TCP Heap Size

esxcli system settings advanced set -i=16 -o “/Net/TcpipHeapSize”

esxcfg-advcfg -g /Net/TcpipHeapSize


Adding a LUN with an Existing VMFS Volume

esxcli storage vmfs snapshot list

esxcli storage vmfs snapshot mount -l ‘replicated_lun’

esxcli storage vmfs snapshot resignature -l ‘replicated_lun’


Understand and apply LUN masking using PSA-related commands

esxcfg-scsidevs -m

esxcfg-mpath -L | grep naa.5000144fd4b74168

esxcli storage core claimrule add -r 500 -t location -A vmhba35 -C 0 -T 1 -L 0 -P MASK_PATH

esxcli storage core claimrule load

esxcli storage core claiming reclaim -d naa.5000144fd4b74168


Unmask a LUN

esxcli storage core claimrule remove -r 500

esxcli storage core claimrule load

esxcli storage core claiming unclaim -t location -A vmhba35 -C 0 -T 1 -L 0

esxcli storage core adapter rescan -A vmhba35


Identify and tag SSD devices

esxcli storage core device list

esxcli storage nmp device list

esxcli storage nmp satp rule add -s VMW_SATP_DEFAULT_AA -d naa.5000144f60f4627a -o enable_ssd

esxcli storage core claiming unclaim -t device -d naa.5000144f60f4627a

esxcli storage core claimrule load

esxcli storage core claimrule run


Display Hardware Acceleration Plug-Ins and Filter

esxcli storage core plugin list -N VAAI — displays plugins for VAAI

esxcli storage core plugin list -N Filter – displays VAAI filter


Displaying whether the device supports VAAI and any attached filters

esxcli storage core device list -d naa.6006016014422a00683427125a61e011


Display VAAI status of each primitive on a device

esxcli storage core device vaai status get -d naa.6006016014422a00683427125a61e011


Display the current claim rules for filters and for VAAI

Filter — esxcli storage core claimrule list –c Filter

VAAI – esxcli storage core claimrule list –c VAAI

esxcli storage core claimrule add -c Filter -P VAAI_FILTER -t vendor -V vlabs -u

esxcli storage core claimrule add -c VAAI -P VMW_VAAI_VLABS -t vendor -V vlabs -u -f

esxcli storage core claimrule load -c Filter

esxcli storage core claimrule load -c VAAI

esxcli storage core claimrule run -c Filter


Unmount a Datastore

esxcli storage filesystem unmount -l vmfs_vcap_masking


Mount a Datastore

esxcli storage filesystem mount -l vmfs_vcap_masking


Upgrade VMFS3 to VMFS5

esxcli storage vmfs upgrade -l vmfs3_upgrade


Check to see if a new plug-in is registered

esxcli storage core plugin registration list


Register a plugin

esxcli storage core plugin registration add -m vcap_satp_va -N SATP -P VCAP_SATP_VA


Set a new default PSP for a SATP

esxcli storage nmp satp list

esxcli storage nmp satp set -s VMW_SATP_CX -P VMW_PSP_RR

esxcli storage nmp satp rule add -s VMW_SATP_CX -d naa.5000144f60f4627a

esxcli storage nmp satp rule list -s VMW_SATP_CX


Changing the PSP on a particular device

esxcli storage nmp device list -d naa.5000144fd4b74168

esxcli storage nmp device set -d naa.5000144fd4b74168 -P VMW_PSP_FIXED


View the device configurations for devices assigned the RR and Fixed PSPs and the generic

esxcli storage nmp psp fixed deviceconfig get -d naa.5000144ff548121b

esxcli storage nmp psp generic deviceconfig get -d naa.5000144fd4b74168

esxcli storage nmp psp roundrobin deviceconfig get -d naa.5000144fd4b74168


Set the preferred path on a device using VMW_PSP_FIXED and customize different parameters for a device using VMW_PSP_RR

esxcli storage nmp psp fixed deviceconfig set -d naa.5000144ff548121b -p vmhba35:C1:T0:L0

esxcli storage nmp psp fixed deviceconfig get -d naa.5000144ff548121b

esxcli storage nmp psp roundrobin deviceconfig set -d naa.5000144fd4b74168 -I 2500 -t iops

esxcli storage nmp psp roundrobin deviceconfig get -d naa.5000144fd4b74168


Set the device back to the VMW_PSP_RR default

esxcli storage nmp psp roundrobin deviceconfig set -d naa.5000144fd4b74168 -t default


Changing a device that is using the VMW_PSP_RR plug-in

esxcli storage nmp psp generic deviceconfig get -d naa.5000144fd4b74168

esxcli storage nmp psp generic deviceconfig set -d naa.5000144fd4b74168 -c ‘iops=5000′


iSCSI port binding

esxcli iscsi networkportal add -A vmhba35 -n vmk1

esxcli iscsi networkportal list






Source: vbyron.com