Filter

Quick: vCMA (vCenter Mobile Access Server)

VMware vSphere client for the iPad

If you’ve not seen it yet, VMware have have flung out a product called vCMA – it allows you to manage your VMware estate from a mobile device, and although only in first release and officially a “power toy”, it’s pretty neat.

What’s even more neater* is that you also use the free iPad application to connect and then administer remotely with a shiny interface (no, you can’t do it on the iPhone I’m afraid).

Anyway, the point of this was to note the default options, after downloading the OVF file and installing it,

  1. the default URL is https://ip-address/vim
  2. the management URL is https://ip-address:5480
  3. the management username/password by default is root/vmware

*yeah, why not?

Quick Notes Shortlink

Quick: Why not to buy the iomega ix4-200r for veeam backups

In previous blog posts (Using veeam to backup the new virtual infrastructure to Iomega NAS boxes and Backup Strategies with Virtual Machines in VMware using Veeam) I mention my purchases of the iomega ix4-200r, generally I haven’t been impressed with them because they’ve been a little unreliable.

Looking at use around the net I decided that the best way to have a target for my veeam backups would be the iSCSI initiator from Windows straight onto the device, so I should provision a LUN, add it to Windows and write to it.

I tried and failed, after about a week of to’ing and fro’ing with veeam, vmware and iomega support I got to the bottom of the issue: these nas boxes are software locked to provide LUNs that are <= 2TB in size* – bearing in mind my 8 file servers each serve up anywhere between 500GB and 1TB worth of data this means that my first backup file from veeam is always going be over 2TB, making the device pretty much worthless in my environment.

*I’ve been assured that a LUN that’s exactly 2TB will work, although I can’t actually get that working in my test lab having tried it on two separate devices.

Project Work, Quick Notes Shortlink

Remote Access Options in Server 2008R2

Server 2008R2 has many different methods that allow connections to your business network from outside for whatever purposes you see fit (most often though, home working). What’s better still is that once you’ve bought your Server 2008R2 installations these specific features don’t require any extra licensing or purchase cost, all it takes is your time and willing!

The roles that I’ll mention today are:

  • Routing and Remote Access (RRAS)
  • Remote Desktop Gateway
  • Remote Desktop Web Access
  • Remote Applications (RemoteApp)

The different versions of Server 2008R2 have different levels of functionality for the roles that we’re interested in: Network Policy and Access Services and Remote Desktop Services, so you should check using this hugely cropped table that I’ve made from lifting the information found on the Microsoft website about comparing server editions by role.
Continue Reading →

Project Work Shortlink
fmip-icon-20101116
Enlarge 2 Comment

Find my iPhone can work on iPhone 3 and 3GS too

I know, it’s probably not something that we should talk about too loudly lest Apple get upset, but it’s true, you can use the “Find my iPhone” feature that apple recently made free for the iPhone 4 with your iPhone 3 and 3GS, but there’s a trick to it: you’ll need a willing friend who does have an iPhone 4 for you to borrow.

Enabling Find my iPhone on the iPhone 3 or 3GS

Continue Reading →

Project Work Shortlink

snapshot February 2011

To advertise the success of the IT Service Desk in the last year we have producted a newsletter for internal circulation, it’s a high level overview of all of projects that we’ve successfully completed and I’ve been the owner and runner of almost all of them!

Click the thumbnails below for the two-page .pdf (~700kb).

Page 1 imagePage 2 screenshot

Snapshot Shortlink

Using the Dell EQL MEM Module to simplify my backups (also, thanks again, veeam!)

Many posts cover the installation and performance benefits that come from using the Dell Multipathing Extension Module (MEM) on EqualLogic arrays (check the spoonapedia.com one), but the big difference for me was a bit of a pleasant side-effect in terms of handling backups! I’ve covered off this strategy from a high level in my previous blog post, Backup Strategies with Virtual Machines in VMware using Veeam, but I wanted to explain in a little bit of detail how I actually got there: it was down to the MEM!

Before – accessing data from within the OS

Because the file servers I’ve been working on access a lot of data (8TB worth), the original setup involved using the EqualLogic Host Integration Tools (HIT kit) from within the file server OS to access LUNs on the EQL array – this provided valuable multipath access and proved to be a very successful way of handling access to the data. The problem was that is complicated backups quite significantly, I could use veeam to backup the OSs (and I did), but I had no way of backing up the actual file data.

With various bad experiences from using market-leading backup software such as BackupExec in the past I wasn’t in a rush to go out and spend money on a software solution to handle all this file data, so I resorted to a very low-tech solution: I bought a nas box and did a nightly robocopy.

This was simple, but it was awful: the backups didn’t finish in time (they’re being taken over a 100mbit LES), they never caught up with themselves. It was a waste of time and it basically meant no backups were worth having.

After – install the MEM and let ESXi deal with it

But then the MEM came out, and essentially claimed to offer the same (if not better) performance via ESXi – no messing around with the HIT kit any more, and more importantly, a chance to re-evaluate my first decision about not using .vmdks… I changed my mind.

The first time round I did thick LUN straight into Windows, formatted as NTFS, simple. This time I re-evaluated and did a thick LUN on the EQL and then allocated thin disks in ESXi and mounted them to the file servers… This gives me greater flexibility if a disk gets close to its limits but it also now means that the extra .vmdks are picked up by veeam allowing me to replicate my previously successful backup strategy.

In summary…

Veeam now handles the file data as incremental .vmdks which means it only transfers the changes in the .vmdk files – the entire series of backups finishes over the 100mb LES in about 12 hours (which, bearing in mind I run it once a week at the weekend is ideal); the previous robocopy never finished in that amount of time: the size of the data transferred is obviously the same, but because robocopy iterated through every single file and folder for a comparison it took much longer whereas now veeam just… does it, and it was a product that I already had so didn’t require any extra spend (not to mention the money that could now be saved on not upgrading the LES to 1GB purely for the purposes of backup).

Next?

Now being quite satisfied with this setup I’m going to investigate the series of advice from ErikZandboer on optimising his ix2-200 backup speeds, specifically the post that looks at jumbo frames to target storage.

Project Work Shortlink

Apple iPhones and MDaemon E-Mail Server: Enterprise Rollout with SyncML?

MDaemon is an email server which for a while has been actively competing with Microsoft Exchange, where Exchange has a slight advantage in my opinion is with its widespread adoption into the rapidly expanding and feature-rich “smartphones in the enterprise” arena.

As blogged back in 2008 here: http://www.everything-mdaemon.com/category/mdaemon/syncml-mdaemon there are indeed some ways around this, and things are even a little better than they were then. Previously if you wanted to use your iPhone with your MDaemon server then you would have to:

  • Cope without any real enterprise-level management
  • Not have any mobile security options such as tracking or remote wiping
  • Not have any calendar or contacts information, e-mail only via IMAP (unless you tried to use the badly reviewed funambol or the better, but previously painful-to-use, Sythensis ToDo+Cal apps

Now, for the best part Apple have done an excellent job of making things better, for a start, with the introduction of iOS4 they’ve introduced multitasking, which made everything so much better because it meant that you could leave your third party calendar app open in the background so that reminders came up, bonus! (Previously this required a complicated export-to-.ics-and-read-back-into-the-iPhones-calendar-just-to-make-reminders-work game).

Apple have now additionally allowed access to the calendar on the iPhone in its entirity, which means you can do away with the third party calendar apps all together and just worry about syncronisation – so far only one app appears to have risen to this charming development: Synthesis SyncML Pro this app, and the still-available Synthesis ToDo+Cal app are now developed by http://www.plan44.ch).

Of course Apple also now let us use the “iPhone Configuration Tool” which is quite handy, it allows you to pre-configure as many profiles as you like (I configure each phone with a baseline of “corporate” settings and then an individual one with e-mail account details etc, so two in total) for each phone you plug in, it’s really good but it is currently missing some helpful features such as the inability to add and lock a mobile me account for corporate seek-and-rescue requirements.

iPhone Configuration Tool

On which note, now that Find My iPhone has been made free for iOS4 devices there’s now a way to track and remote wipe handsets, although this is a cumbersome one-at-a-time process when initially setting up.

So in short if you have MDaemon and you want to roll out iPhones I would suggest:

  1. Use the enterprise iPhone Configuration Tool from Apple to make two profiles: one containing company policies like password requirements; one containing individual settings like e-mail accounts
  2. Use Synthesis SyncML Pro for Calendar and Contact synchronisation from MDaemon
  3. Setup Apple’s Find My iPhone for each iPhone you deploy (assuming iPhone 4+)

Each phone will need a bit of manual configuration such as changing the IMAP Sent Items / Deleted Items folders; throwing in the usernames and passwords for MDaemon for Synthesis to work; and manually adding the MobileMe account information for Find My iPhone, but ultimately you’ll have a tidy enough working solution that certainly beats having to force iPhone users to load up a web page and visit webmail (WorldClient) when they want to check their calendar.

Project Work Shortlink

Quick: Using DISKPART in Server Core 2008R2 to setup a new disk

Yes, I could use the MMC from another machine, but I was pretty convinced that I could do it all much more quickly using the DISKPART command… I’ve provisioned the LUN on my EqualLogic box, added it via VMware as a new .vmdk on that LUN and, as predicted, it shows up as offline and readonly, I therefore need a combination of the following to make it work:


DISKPART> list disk
DISKPART> select disk 1
DISKPART> attributes disk clear readonly
DISKPART> online disk
DISKPART> create partition primary
DISKPART> list volume
DISKPART> select volume 4
DISKPART> assign letter=e:
DISKPART> EXIT
C:\Users\Administrator> format E: /v:Label /Q

You might not need to list and select the volumes as when you create the partition is usually does, but nice to see that little asterisk to indicate the disk/volume you’re working on.

Quick Notes Shortlink

Quick: VLAN on Cisco PIX (6.3) – Public Wifi access?

There is a shelf in the store room that’s full of old and unused Cisco PIXs – they used to be essential when site-to-site VPNs were handled internally, but now they’re only used to protect the network internet intruders via the ADSL line we use as an internet breakout.

In a couple of offices it would be really helpful to offer public wifi to guests, but the problem is there’s no secure default gateway that the guests can use – which means unless you buy a separate ADSL line for guest access (probably a waste of money), you’re stuck.

That is, until I remembered that some of the PIXs we have support VLANning… A quick “show ver” will tell if you can:

...
Maximum Physical Interfaces: 2
Maximum Interfaces: 4
...

Ah ha, only two NICs but the ability to have four interfaces – sounds like we can VLAN here, here’s the code:


interface ethernet0 auto
interface ethernet1 auto
interface ethernet1 vlan1 physical
interface ethernet1 vlan3 logical
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif vlan3 wifi security4
...

And then, for added ease, why not use dhcp on that interface?

dhcpd address 192.168.15.100-192.168.15.200 wifi
dhcpd dns 194.72.0.114 62.6.40.178
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd enable wifi
ip address wifi 192.168.15.1 255.255.255.0

Simples. Switch just needs to be set to recognise VLAN tagging on the port that ethernet 1 will use and Robert is your father’s brother.

Quick Notes Shortlink

Backup Strategies with Virtual Machines in VMware using Veeam

A recent tweet from @win2ksrv and then retweeted by @veeam reminded me that I was going to write about the most recent backup strategy that I’d put in place using Dell EqualLogic SANs, VMware and of course, veeam, it went like this:

What is everyone’s Veeam backup strategy? What do you backup to & how do you get it offsite? Where do you place Veeam itself?

The basic setup looks like this:

The Production site has a Dell EqualLogic array and a local NAS box (that’s the black thing), the backup site which is connected via a 25mbps internet-based VPN simply has a larger NAS box (it deals with multiple sites). VMware has been used to create all the file server disks (they are .vmdks) and veeam is installed in another virtual machine using appliance mode to access the SAN.

There are essentially two main risks that we want to mitigate against here:

  1. Accidental deletion / corruption of files
  2. Complete site wipeout (i.e. full blown disaster)

Continue Reading →

Project Work Shortlink