Just a quick note.
While upgrading 32 Nutanix nodes for a customer, I wanted to make sure that every node is part of the metadata store.
This can be achieved by entering the command:
nodetool -h localhost ring Output will look like: nutanix@NTNX-14SX31290007-C-CVM:10.83.9.152:~$ nodetool -h localhost ring Address Status State Load Owns Token w7iesrvWOTsU53XPvNTlWCVgub36H9PIJcE3nYDS2rHb4N7XzJEUpGp lSYYc 10.83.9.153 Up Normal 1.99 MB 7.18% 0ZbVFDk5VFoTcX78ofInvdnKw0uwRcxGqQsWrwEqmAFERi9ylGNkW86 9cgAe 10.83.9.169 Up Normal 3.32 MB 11.31% 7aP5UmSTUO2pKO0I6AoPOit7jPzFGXlrDPYvimtqqT3qYI5el9ZXHUx EdZZf 10.83.9.165 Up Normal 3.42 MB 6.38% BXeWgqIKH85IUcIITh1fjgcoYcv1EzVO15vjlxqPKFCUbHEqRhXMLCw h9xy7 10.83.9.156 Up Normal 3.16 MB 7.14% FxyoAoJjF94Yd548AgmY8sXaoLtw5YRyF6dpDTbnXLzOCThcxzM9JrG md2wa 10.83.9.161 Up Normal 2.51 MB 5.83% JaB5mJO5Q7DtPoHbPJd7QFRop57CY3dw3V0LwuJk58EnRPDxmRBr6FM HLN3R 10.83.9.173 Up Normal 1.52 MB 6.40% NYI0KclyR6E8A6Yuok88lWE0yyzBil7vYe6dNrJfaB9iYem7X1D0sHJ p2oyZ 10.83.9.176 Up Normal 1.36 MB 6.28% RRnlFLPALjpn3sCsA7qaMq7Msf8BEEpds0uSokeYLtlYYrb9gBr3mUw LVcBS 10.83.9.152 Up Normal 1.56 MB 6.81% VfPTSjlJyU6ZFogXfaHlFKBwScidSEs61CLtW51mMb2SCOcTZauL7lc xXrzE 10.83.9.181 Up Normal 1.32 MB 3.85% Y3SsPwG3mIRdzZVeED7hKZoCkH32NbDuPqBSH9moN6vtwvD8OGrFR3o vNXyi 10.83.9.164 Up Normal 2.31 MB 7.43% cewHQfBTGVNdNy1BSABrh3DrI7XmbBLtF1EcvZ248cNygdiyAeYv0rk SapAL 10.83.9.177 Up Normal 2.82 MB 6.36% gbLIMnJplxOXX4Jbk4jNxXnMo8njhxcrj6RFsMtZ5hQ7ha6hjT2wsi5 7lsrn 10.83.9.168 Up Normal 3.16 MB 6.06% kMR8DmhH2i1YuRgL746IOOXlsv5hitFUHjLO78K1dAlnPBcLdeXKjjX h2EVF 10.83.9.172 Up Normal 2.74 MB 6.24% oEEJaKrjE1ukEkzB6n6fOVUyNK3P8qLkoFyHqrTzXItNBtNS1fxYBv8 DvmjW 10.83.9.180 Up Normal 1.71 MB 6.70% sNu0haLD0Zmb3JjtUFkk0Iffuqf0EwspDDbfVD4bDtiHCCarjVF18nY 1zBea 10.83.9.160 Up Normal 1.8 MB 6.03% w7iesrvWOTsU53XPvNTlWCVgub36H9PIJcE3nYDS2rHb4N7XzJEUpGp lSYYc
All the controller VMs of a Nutanix cluster have to have the same version of NOS installed. If you upgrade a cluster. All the CVMs are upgraded one-by-one.If you want to add a new node to the cluster, that node has to have to same version of NOS.
So what if you bought new Nutanix servers and they have a previous version of NOS installed. You cannot add this node to cluster because the NOS version is not the same.
There is a command that you can issue from a CVM that’s part of the cluster to upgrade a single Nutanix node.
- Login to a CVM that’s part of the cluster.
- Issue: /home/nutanix/cluster/bin/cluster -u [IP of the node that will be upgraded] upgrade_node
Note that this only upgrades the node and doesn’t downgrade it.
This year I’m lucky to have a Bloggers pass for VMworld in Europe. For me this is the 6th time that I will attend VMworld. And as every year I’m really looking forward to go. Not only for the technical sessions, but also for all the good friends I made over the last few years and the interaction with VMware staff/employees and partners.
I just finished building my schedule and wanted to share my highlights with you. The sessesion who I really looking forward to are:
- STO2496 – vSphere Storage Best Practices: Next-Gen Storage Technologies
- STO2197 – Storage DRS: Deep Dive and Best Practise
- NET2745 – vSphere Distributed Switch: Technical Deep Dive
- EUC2039 – Horizon 6 Storage Architecture Concepts: Designing for success in 2014
I’m planning to write a short blog post about these session. Maybey not in that week but very soon after.
The first few years I booked my agenda full with session. After 2 years I discovered that talking with vendors on the solution exchange can also be mind blowing. Of course there trying to interest you in there products, but after the sales talk you can ask question and talk to technical people how you see there product and how you can use it in your environment.
Some vendor that I en-course you to look at are:
- PernixData The have a great product for accelerate your storage with local flash or SSD
- Login VSI The have a nice product for load testing your VDI environment
- Nutanix Nice solution for a converged infrastructure solution
- Simplivity Also a nice converged infrastructure solution
- F5 Nice load-balancer for you Horizon View enviroment.
Go and talk to them, you will be surprised!
After a upgrading 32 Nutanix servers (8 boxes of 4 servers) I got a error from Putty while trying to connect to a CVM with SSH: “Disconnected: No supported authentication methods available (server sent: publickey)”
Before upgrading I haven’t any problems using Putty to SSH to a CVM.
The error indicates that the server only accepts public key authentication.
After a (better) read of the post actions of the upgrade manual I checked the “Cluster Lockdown ” option in Prism. This option was enabled, thus login using SSH with username and password was disabled.
After placing a mark before “Enable Remote Login with Password” I was able to login again using SSH with a username and password.
Of course using SSH with a username and password isn’t that secure as with public key authentication but sometime it’s needed. If you would like to user Public key authentication with Putty, check this link.
In the past we had our vCenter server on his own physical machine. Later we moved vCenter to a virtual machine on the same cluster were all other virtual machine live.
As we get more, bigger and more VMware techniques in our VMware environments, the need for a separate vSphere cluster for VMware services is growing so we can guarantee that the base for our VMware environment isn’t affected by resource consumption of other (production) virtual machines and of course the same applies the other way around.
A separate VMware management cluster has the following benefits:
- Separate management resource from production resources.
- The management services don’t run on the same hardware as your production environment.
- In case of a complete power-down situation, you first start you management cluster with all VMware services. If all VMware services are up and running you can start the VMware clusters for your production environment making sure that everything you need for a controlled power-up of you production services is in order.
There are several VMware vSphere and vCenter services who can run in a management cluster:
- Single-Sing-On (SSO)
- Inventory Services
- Web client
- VMware Update Manager (VUM)
- Cisco Nexus
- vCenter Operation Manager (VCOPS)
- Third-party software for exmple anti-virus
- Active Directory for authentication
Before we start, we have to ask our self some questions:
- Do I want a High Available (HA) setup?
- Do I want to use self singed SSL certificates or do I want to use a PKI environment (public or private)?
- Witch database do I want to use?
- Witch type of load balancer do I want to use?
So let us assume that we want to setup a management cluster with the following:
- 2 SSO servers in HA mode on separate virtual machines
- 2 vCenter servers load balanced on separate virtual machines (is this scenario we have to separate vSphere clusters)
- 2 Web clients load balanced on separate virtual machines
- 2 MS SQL database servers in HA mode on separate virtual machines
Some rules that we have to stick to:
- Each vCenter server has his own Inventory Service
- SSO can only be in active/passive mode
- Each vCenter server has his own VUM server.
When we apply these rules we get the following design.
So what do you see here.
We have two virtual machines running the Web client. These Web clients are behind a load balancer. The load balancer divides the connections equally across the 2 Web client servers. If one Web Client goes down, the other one is still available to manage your VMware environment.
In this example we have 2 vCenter servers. 1 for a VMware cluster running servers (Exchange, SQL, Etc) and 1 for Horizon View. Nice part is, that both vCenters show up in the same Web Client without linked-mode.
We have 2 Microsoft SQL database servers who are in HA mode with log shipping. This guaranties that if 1 database server goes down, vCenter and other VMware servives (Update Manager) for example still continue to work.
VMware Update Manager
Every vCenter Server needs his own Update Manager. This is a one-on-one connection. To prevent that every VUM server has is own patch repository you can share the repository form one VUM server to the other.
Same as with VUM, every vCenter server needs his own Inventory server.
So why not place the Inventory Service on the same host a the vCenter server? This way you separate the resources. Inventory is primarily for the Web Client. So to make sure that the Inventory Service doesn’t consume resource from the vCenter server we place them on is own hosts.
So why not place them with the Web Clients? What if you get a third vCenter server. Then you have a problem, because this vCenter server also needs a Inventory Service and you only can run 1 Inventory Service per host.
Single Sign-on (SSO) came with vSphere 5 and is your central user authentication mechanism. Single Sign-on can have his own user database or makes a connection to (multiple) other authentications services like Microsoft Active Directory. There for we don’t want only 1 SSO server. If this one fails, nobody can authenticate to vCenter including VUM or other VMware servers as VMware vShield.
SSO can be configured in HA mode, but you have to have a load balancer.
Most VMware services can be load balanced but they can’t do it by them self. You have to make use of a third-party solution. This can either be a software or a hardware load balancer. Make sure you are aware of the functionality you need. Then pick your load balancer.
Whats missing in this picture?
In this picture we don’t see Microsoft Active Directory services for AD authentication or any other third-party software solutions for example anti-virus. If your going to implement a VMware management cluster it’s very likely that those services also run in the VMware management cluster.
A virtual machine (VM) is a software implementation of a machine (a computer) that executes programs like a physical machine. vSphere has clusters of virtual machines that are all interconnected. Virtualization changes everything. Virtual machines have far more functionality than physical servers and are capable of incredible things. Virtual machines should not be treated and administered exactly like physical servers. It is imperative that the administrators know how to correctly create and administer virtual machines.
I’ve been playing around with VMware View in my lab environment testing different scenarios with the View Composer. Today I noticed that a deployment with linked clones failed with the following error:
View Composer agent initialization state error (16): Failed to activate the software license (waited 0 seconds)
When I looked into the log files I noticed that during the linked clone deployment the View Composer tried to activate the Windows 7 software. This lab environment doesn’t have a internet connection so Windows was unable to activate. Normally you would setup a KMS server for Linked Clones but this is a little bit overkill for my lab.
Searching the internet I found the following kb article form VMware saying that they have a workaround for the issue, but you have to contact VMware technical support to get the solution. Searching a little bit further I found the solution. You have to adjust to registry keys telling the View Composer not to activate Windows during a deployment.
You can find the key’s at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmware-viewcomposer-ga
There you find to key’s
Default both set to 0. Adjust the value to 1 and your done.
Note: This isn’t supported by VMware or Microsoft and only should be used in a lab environment.
I’m honored to announce that this year for the 4th time I’m awarded with the vExpert 2014 title.
vExpert is title who you can ear for a year if you have demonstrated significant contribution to the community and a willingness to share their expertise with others.
I’ve got mine for my grey VMware courses that I’ve developed and of course this blog
The complete list of all vExpert 2014 can be found here.
If you want to expand you Nutanix cluster with a new node you have the option to do this from the GUI. But sometime you want to do it from the command line using the CLI.
Before you start check a couple of things:
Is IPV6 working between the Nutanix hosts?
- Get the IPV6 address of the node you want to add by entering the command:
ifconfig etho | grep inet6
You will get a output something like:
inet6 addr: fe80::20c::29ff:feb7:a9c7/64 Scope:Link
- Try to ping the node you want to add from a cluster node by entering the command:
ping6 -I eth0 fe80::20c::29ff:feb7:a9c7
You should get a reply
If IPV6 is working you can add the new node to the cluster.
- Enter the NCLI interface by entering ncli
- Check if the node you want to add is discovered by entering:
You should get a output something like:
ncli> cluster discover-nodes
Cluster Id :
Hypervisor Address : xx.xx.x.xx
Ip : fe80::20c:29ff:feb7:a9c7%eth0
Ipmi Address : xx.xx.x.xx
Node Position : A
Node Serial : ZMxxxxxxxxxx
Node Uuid : d1b9d9c3-7f6f-4cb8-bf16-f379fd73e342
Rackable Unit Model : NX-3051
Rackable Unit Serial : 13SMxxxxxxxx
Service Vm Address : xx.xx.xx.xx
Svm Id :
Notice the Node Uuid
- Add the node to the cluster by entering the command:
cluster add-node node-uuid=[node uuid from step 4]
After this the node will be add to your cluster
On the CVM controller issue the command: