Powershell script to create a VLAN'd portgroup on vswitch0 for each ESX host in the appropriate cluster.
Connect-VIServer vcentreServer
$DublinSite1ProdHosts = get-vmhost | where-object {($_.parent -like "DublinCluster01")}
$DublinSite1ProdHosts | ForEach-Object {( get-vmhost $_.name ) | Get-VirtualSwitch -name "vswitch0" | New-VirtualPortGroup -Name Site1IsolatedObsoleteServers -VLanId 181 }
Connect-VIServer vcentreServer2
$DublinSite2ProdHosts = get-vmhost | where-object {($_.parent -like "DublinCluster02")}
$DublinSite2ProdHosts | ForEach-Object {( get-vmhost $_.name ) | Get-VirtualSwitch -name "vswitch0" | New-VirtualPortGroup -Name Site2IsolatedObsoleteServers -VLanId 182 }
Thursday, June 20, 2013
Tuesday, June 4, 2013
PowerShell script to apply a specific GPO and disable another Specific GPO .
$ohewes = Get-ADOrganizationalUnit -LDAPFilter '(name=*)' -searchbase 'ou=users,ou=users,ou=users,dc=ie,dc=companyname,dc=companyname,dc=com' -searchscope Onelevel | Where-object {$_.name -notlike "IT" -and $_.name -notlike "Unassigned*"}
$ohewes | ForEach-Object {
New-GPLink -name "EncryptionCheck - UserPolicy" -target $_.DistinguishedName -linkEnabled Yes
}
$ohewes | ForEach-Object { set-GPLink -name "OldEncryptionCheck - User Policy" -target $_.DistinguishedName -linkEnabled no -whatif }
$ohewes = Get-ADOrganizationalUnit -LDAPFilter '(name=*)' -searchbase 'ou=users,ou=users,ou=users,dc=ie,dc=companyname,dc=companyname,dc=com' -searchscope Onelevel | Where-object {$_.name -notlike "IT" -and $_.name -notlike "Unassigned*"}
$ohewes | ForEach-Object {
New-GPLink -name "EncryptionCheck - UserPolicy" -target $_.DistinguishedName -linkEnabled Yes
}
$ohewes | ForEach-Object { set-GPLink -name "OldEncryptionCheck - User Policy" -target $_.DistinguishedName -linkEnabled no -whatif }
Wednesday, May 22, 2013
PowerShell script to refresh training environment to most recent snapshot
#Refreshes the training system to the latest snapshot
connect-viserver viserver
$PSEmailserver = "SMTP.companyname.com"
$CurrentTrainingSnap = (get-snapshot Appserver** | sort-object -Property Created -Descending | select-object -ExpandProperty Name -First 1)
Set-VM Appserver** -Snapshot $CurrentTrainingSnap -Confirm:$false
Send-MailMessage -From "emailaddress" -To "emailaddress" -cc "emailaddress" -Subject "Appserver** has been refreshed"
#Refreshes the training system to the latest snapshot
connect-viserver viserver
$PSEmailserver = "SMTP.companyname.com"
$CurrentTrainingSnap = (get-snapshot Appserver** | sort-object -Property Created -Descending | select-object -ExpandProperty Name -First 1)
Set-VM Appserver** -Snapshot $CurrentTrainingSnap -Confirm:$false
Send-MailMessage -From "emailaddress" -To "emailaddress" -cc "emailaddress" -Subject "Appserver** has been refreshed"
PowerShell script to check for unencrypted computers and send email alert
Computers log any decryption event to a log file , if the log file is older than a day
then the process is assumed to have failed , in this case an email is sent to our helpdesk system which automatically logs a call for the helpdesk staff to contact the end user and manually remediate the device
$PSEmailserver = "SMTP.emailserver.com"
$DateToCompare = (Get-date).addDays(-1)
$PathToCheck = "\\fileserver\emcryptionuninstall$\DecryptLimbo\"
$LimboComputers = get-childitem $PathToCheck | Where-object {$_.lastwritetime -lt $DatetoCompare}
$limbocomputers | ForEach-Object { Send-MailMessage -From "Security@company.ie" -To "me@company.ie" -cc "others@company.ie" -Subject "The following computer has not completed the encryption Process" -Body (get-content $_.fullname)}
Computers log any decryption event to a log file , if the log file is older than a day
then the process is assumed to have failed , in this case an email is sent to our helpdesk system which automatically logs a call for the helpdesk staff to contact the end user and manually remediate the device
$PSEmailserver = "SMTP.emailserver.com"
$DateToCompare = (Get-date).addDays(-1)
$PathToCheck = "\\fileserver\emcryptionuninstall$\DecryptLimbo\"
$LimboComputers = get-childitem $PathToCheck | Where-object {$_.lastwritetime -lt $DatetoCompare}
$limbocomputers | ForEach-Object { Send-MailMessage -From "Security@company.ie" -To "me@company.ie" -cc "others@company.ie" -Subject "The following computer has not completed the encryption Process" -Body (get-content $_.fullname)}
Thursday, November 22, 2012
Unable to power off a VM , Hangs at 95%
I had a problem with a Dev Machine that had become completely unresponsive , we were unable to ping it , and unable to control it using vsphere.
I tried to power it down but the progress halted at 95% ,
I putty'd in to the host and tried to power it down using
vim-cmd vmsvc/getallvms and getting the vmid
then
vim-cmd vmsvc/power.off XX i then checked the power state
vim-cmd vmsvc/power.getsate XX and found that the machine was still up
I then tried to pull the rug from under the VM by running
esxcli vm process list - obtained the worldID of the misbehaving VM
esxcli vm process kill --type=soft --world-id=XXXX
Checked powerstate with
vim-cmd vmsvc/power.getsate XX - failed tried a hard kill
esxcli vm process kill --type=hard --world-id=XXXX-Failed again , so last chance saloon
esxcli vm process kill --type=force --world-id=XXXX
I had a problem with a Dev Machine that had become completely unresponsive , we were unable to ping it , and unable to control it using vsphere.
I tried to power it down but the progress halted at 95% ,
I putty'd in to the host and tried to power it down using
vim-cmd vmsvc/getallvms and getting the vmid
then
vim-cmd vmsvc/power.off XX i then checked the power state
vim-cmd vmsvc/power.getsate XX and found that the machine was still up
I then tried to pull the rug from under the VM by running
esxcli vm process list - obtained the worldID of the misbehaving VM
esxcli vm process kill --type=soft --world-id=XXXX
Checked powerstate with
vim-cmd vmsvc/power.getsate XX - failed tried a hard kill
esxcli vm process kill --type=hard --world-id=XXXX-Failed again , so last chance saloon
esxcli vm process kill --type=force --world-id=XXXX
Thursday, September 20, 2012
Netapp Powershell command to find all snapshots older than 28 days
1 Download dataontap PS module and extract to c:\windows\system32\windowspowershell\1.0\modules
2 Import the netapp powershell module
Import-Module dataontap
3 define $28days as being todays date - 28 days
$28days = (get-date).adddays(-28)
4 connect to the controller
connect-nacontroller "controllername"
5 view the list of snapshots that are older than 28 days
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days }
6 See what snapshots will be deleted
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days } | remove-nasnapshot -whatif
7 Delete the snapshots
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days } | remove-nasnapsho
2 Import the netapp powershell module
Import-Module dataontap
3 define $28days as being todays date - 28 days
$28days = (get-date).adddays(-28)
4 connect to the controller
connect-nacontroller "controllername"
5 view the list of snapshots that are older than 28 days
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days }
6 See what snapshots will be deleted
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days } | remove-nasnapshot -whatif
7 Delete the snapshots
Get-Navol | Get-NaSnapshot | where-object { $_.name -like "smvi_*" -and $_.created -lt $28days } | remove-nasnapsho
Tuesday, August 7, 2012
VMware Site Recovery Manager 5 & Netapp SRA 2.0 Failure
(Unable to export the NAS device Ensure that the correct export rules are specified in the ontap_config.txt file )
VMware Site Recovery Manager and SRA installed and
configured , Sites and Resource mappings configured correctly , Netapp Protected
site volumes Were mirroring correctly , SRA 2.0 array manager installed and
configured correctly , Protection groups defined and configured correctly.
When i attempted to run a recovery plan for any of our sites
, i would receive an error on the “recovery steps” tab which stated “Error - Failed to recover datastore 'Vol1'.
Failed to create snapshots of replica devices. Failed to create snapshot of
replica device /vol/Vol1m. SRA command 'testFailoverStart' failed for device
'/vol/Vol1m'. Unable to export the NAS device Ensure that the correct export
rules are specified in the ontap_config.txt file
I Checked the content ontap_config.txt file , this file is
used to define the R/W and Root hosts for accessing the cloned export of the mirrored
production volume , i confirmed that the VMkernel IP’s for the NFS VMkernel
were listed.
I reset and reran the SRM test and examined the
VMware-DR-XXX.log file
Here i could see that the cloned export of the paging volume came online
Here i could see that the cloned export of the paging volume came online
“--> 07-08-2012T10:34:35 Export /vol/testfailoverClone_nss_v10745371_volpagem
has root & r/w IP=10.10.10.1”
But the production volumes failed
--> 07-08-2012T10:34:35 Checking existence of storage device /vol/Vol1m
--> 07-08-2012T10:34:35 Storage device /vol/Vol1m is a NFS export
--> 07-08-2012T10:34:35 Creating test Clone volume testfailoverClone_nss_v10745371_Vol1m
--> 07-08-2012T10:34:59 Mapping Export /vol/testfailoverClone_nss_v10745371_Vol1m
--> 07-08-2012T10:34:59 Modify the exportfs for path /vol/testfailoverClone_nss_v10745371_volm2
--> 07-08-2012T10:34:59 Modify failed with error: No such file or directory
In there i could see that volpagem had the correct VMkernel IP’s listed as R/W and Root hosts but for the other two production volumes , the default “All hosts” was listed for both R/W and Root hosts , after much searching i found this post :
http://communities.vmware.com/message/2051567
The key point being
“This error is caused by a flaw in the NetApp SRA 2.0. If you have an "-actual" statement in the /etc/exports file on the snapmirror destination filer the SRA will fail to create the flexvol-sharename. So if you are carefull and only use sharenames that equals volumenames for all shares (!) then you avoid the "-actual" statement and the SRA seems to work.
NetApp has confirmed this to be a bug in the SRA.
I read this to mean that if the production export contains –actual it will cause it to fail , i confirmed that none of the production exports were actual path exports , I thought i hit a brick wall until a colleague noticed that one of the unrelated exports contained an “-actual statement” i confirmed the export was not in use and removed it.
I reran the test and it succeeded.
Subscribe to:
Posts (Atom)