https://docs.google.com/document/pub?id=1XS1ToHcdZAPmMZQKzPVAZDgo5juXHzukKtsLm6Jt_p4
Archive for the ‘Scripting’ Category
Using MDT to Deploy Optimized Windows 7 for View 4.5 VDI Implementation
Posted by sysxperts on September 14, 2010
Posted in Blogroll, Scripting, Virtualization, Windows | Tagged: 4.5, Diskpart, MDT, View, VMware, Windows 7 | Leave a Comment »
Report of HBA info in csv format using Powershell
Posted by sysxperts on August 24, 2010
A user on the VMTN wanted to extend LucD’s ESX Fibre – SAN identifier script by adding device, model, and status info to the report. I provided changes to LucD’s script as highlighted below to accomodate the request.
See the maroon text for my changes.
$report = @()
foreach ($esx in get-cluster | get-vmhost | get-view | sort-object name){
foreach($hba in $esx.Config.StorageDevice.HostBusAdapter){
if($hba.GetType().Name -eq “HostFibreChannelHba”){
$row = “” | select Name,WWN,device,model,status
$row.Name = $esx.name
$wwn = $hba.PortWorldWideName
$wwnhex = “{0:x}” -f $wwn
$row.WWN = $wwnhex
$row.device = $hba.device
$row.model = $hba.model
$row.status = $hba.status
$report += $row
}
}
}
$report | export-csv c:\Temp\hbainf-to-host.csv -NoTypeInformation
Posted in Blogroll, Scripting, Virtualization | Tagged: HBA, Powershell, vCenter, VMware | Leave a Comment »
VMworld 2010 Schedule
Posted by sysxperts on August 9, 2010
Monday | ||
9:00 AM-10:00 AM | MA7140 | vCloud Architecture Design Strategies and Design Considerations |
10:30 AM-11:30 AM | TA6720 | Troubleshooting using ESXTOP for Advanced Users |
12:00 PM-1:00 PM | EA7061 | Creating an Internal Oracle Database Cloud Using vSphere |
1:30 PM-2:30 PM | ALT2004 | Building the VMworld Lab Cloud Infrastructure |
3:00 PM-4:00 PM | TA7994 | vStorage Update for vSphere 4.1 |
Tuesday | ||
11:00 AM-12:00 PM | EA7860 | Java Apps on vSphere: Technical Best Practices and Why Now Is Better Than Ever |
12:30 PM-1:30 PM | GD10 | HIgh Availability with Banjot Chanana |
2:00 PM-3:00 PM | BC8432 | SRM Futures: Host Based Replication |
3:30 PM-4:30 PM | ALT3004 | VMware vSphere™ Troubleshooting |
5:00 PM-6:00 PM | ALT3003 | VMware vSphere™ Performance & Tuning |
Wednesday | ||
9:00 AM-10:00 AM | MA6580 | Bridge the ESX/ESXi Management Gap Using the vSphere Management Assistant (vMA) – Tips & Tricks Included |
10:30 AM-11:30 AM | GD19 | Site Recovery Manager with Arturo Fagundo |
12:00 PM-1:00 PM | BC7773 | VMware Site Recovery Manager: Misconceptions and Misconfigurations |
1:30 PM-2:30 PM | ALT3001 | VMware vCenter™ Site Recovery Manager – Extended Config & Troubleshooting |
3:00 PM-4:00 PM | EA7726 | Virtual Machines Outperforming Physical Machines – Crossing the Performance Barrier |
4:30 PM-5:30 PM | TA8102 | Tuning Linux for Virtual Machines |
Thursday | ||
10:30 AM-11:30 AM | TA6944 | PowerCLI Is For Administrators! |
12:00 PM-1:00 PM | TA7750 | Understanding Virtualization Memory Management Concepts |
1:30 PM-2:30 PM | TA8133 | Best Practices to Increase Availability and Throughput for VMware |
3:00 PM-4:00 PM | TA8233 | Prioritizing Storage Resource Allocation in ESX Based Virtual Environments Using Storage I/O Control |
Posted in Blogroll, Linux, Scripting, Virtualization | Tagged: vCenter, VMware, VMworld | Leave a Comment »
Finding unused IP addresses and invalid DNS entries
Posted by sysxperts on July 7, 2010
The method used in the example below will not help eliminate all invalid DNS entries or find IPs that are live yet unused, however, it will provide a fairly efficient means of finding unused IPs that are not pingable at the moment and provide a list of potentially invalid reverse lookup entries which in turn would also give you clues you need to start looking for invalid A records, etc.
For this example I am going to assume we want to find unused IP addresses and potentially invalid DNS entries for the network range 192.168.1.1-100
From the prompt of your linux host with nmap installed run:
nmap -v -sP 192.168.1.1-100|grep down |for i in `awk ‘{print $2}’`;do host $i;done
- nmap -v -sP 192.168.1.1-100 performs ping scan and returns status for specified range
- grep down – filters the list to only return non-pingable hosts
- for i in `awk ‘{print $2}’` – filters the list further to only return the IP addresses in a loop to do the host [ip address] lookup for each IP returned
One could easily substitute host with nslookup or dig but I chose host to streamline the output for readability.
Bottom line is that if you see output similar to the following:
Host 5.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
Then you can probably safely use 192.168.1.5 for a new device and DNS entry although it would be safer to scan the DNS table by IP for forward lookup entries first.
On the other hand, if you see output similar to:
5.1.168.192.in-addr.arpa domain name pointer name.domain.com
Then you most likely have a system that is shutdown at the moment which uses that address or an invalid/outdated DNS entry to clean up.
One could easily schedule this command to run with cron and send output to an email or ticketing system for regularly scheduled DNS maintenance
Posted in Linux, Scripting | Tagged: automation, DNS, IP, Linux | Leave a Comment »
XSUDO for secure elevated perms over X session
Posted by sysxperts on June 21, 2010
add the following to /etc/profile
# Setup sudo X authentication if token is available
XAUTH=/usr/bin/xauth
if [[ ! -z “$DISPAUTH” ]]; then
echo “sudo X authentication detected, seeting up display”
$XAUTH add $DISPAUTH
fi
#!/bin/bash
USER=$1
if [[ -z “$USER” ]]; then
echo “Usage: xsudo <username>”
echo “Invokes a shell as specified user and transfers X authentiation to new session”
exit 1
fi
if [[ -z “$DISPLAY” ]]; then
echo “You have no DISPLAY set, make sure X is”
echo “running or X forwarding is enabled and working.”
exit 1
fi
DISPAUTH=`xauth list \`sed -e ‘s/^[^:]*//’ <<<$DISPLAY\“
sudo -u $USER DISPAUTH=”$DISPAUTH” –i
%group ALL=(xsudogroup) NOPASSWD: ALL
Use putty to connect to server from client
Posted in Blogroll, Linux, Scripting, Security | Leave a Comment »
Prepare a shared cifs mount for JBoss deploy
Posted by sysxperts on June 1, 2010
PROBLEM: An application is failing to deploy files to a cifs share mounted on linux because users have files open which the deployment process is trying to overwrite.
SOLUTION: Needed to kill all processes for user accounts with open files in the /data cifs mount other than my deployment and root user accounts.
for i in `fuser -u -v /data 2>&1 |grep -v root|grep -v deploy|awk ‘$2 !~ /[a-z]/’`; do kill -9 $i; done
The “fuser -u -v /data 2>&1 |grep -v root|grep -v deploy” portion of command finds all processes with open files on /data for all users other than root and deploy. Note that the “2>&1” was used because fuser was generating some output to stderr and other to stdout so I combined them by sending stderr to stdout to allow grep to work as desired in this case.
The “awk ‘$2 !~ /[a-z]/'” portion simply removes the PID and any alpha character lines from output and prints all the resulting numeric PID’s each on it’s own line from the fuser command.
Finally “do kill -9 $i” kills all the PID’s returned from command above without prejudice, so beware, goodbye – gone – finito to them all!
I would not want to do this against files which I would want to keep! This should only be done for files that will be deleted or replaced anyway since the integrity of the files after running this command cannot be guaranteed in any way. At a minimum a full backup and verification should be performed prior testing.
An even safer version of the command above would target specific files or subdirectories to prevent killing processes unrelated to the deploy. For example, instead of /data as above you might run multiple commands with each specific file passed to fuser such as /data/file1 for the first iteration and so on through /data/filex.
To perform as a regular user you can update sudo by adding something like the following to /etc/sudoers:
%deploy ALL = NOPASSWD: /sbin/fuser -u -v /data
Then update the above command as follows to run as your deploy(regular) user:
for i in `sudo /sbin/fuser -u -v /data 2>&1 |grep -v root|grep -v deploy|awk ‘$2 !~ /[a-z]/ {print $2}’`; do kill -9 $i; done
Posted in Blogroll, Linux, Scripting | Leave a Comment »
Update to exclude mounts from vCheck5
Posted by sysxperts on June 1, 2010
To exclude a mount point from disk space checks in vCheck5 script
Posted in Blogroll, Scripting, Virtualization | Leave a Comment »
Extract values within quotes from command output on Linux using perl
Posted by sysxperts on May 21, 2010
For example:
To obtain all values within quotes from the output of a jstack command you could
./jstack [pid] |perl -lne ‘print $1 if (/”(.*)”/)’
or for just worker threads
./jstack [pid] |perl -lne ‘print $1 if (/”(Worker.*)”/)’
and if you wanted a count of how many quoted values there are
./jstack [pid] |perl -lne ‘print $1 if (/”(.*)”/)’ |wc -l
Posted in Blogroll, Linux, Scripting | Tagged: Linux, perl, shell | Leave a Comment »
Oracle on Linux RMAN from Netbackup to Avamar Client
Posted by sysxperts on May 6, 2010
I recently migrated some Oracle 10g and 11g RHEL 5 VM’s and Physical boxes from Netbackup based clients to Avamar clients with the RMAN plugin. I will create a separate post regarding automation of the AvamarClient setup and focus on the RMAN configuration for event/client driven backup here.
First thing I did before automating any of the processes was to download the required docs and binaries from the Avamar web interface. There is a Documents and Downloads link at the bottom of the page of the following sample url:
Then I downloaded the Avamar Oracle Client User Guide and the appropriate binaries for the platform from the right hand column, for example:
AvamarClient-linux-rhel4-x86_64-5.0.101-32.rpm
AvamarRMAN-linux-rhel4-x86_64-5.0.101-32.rpm
Also, ask your friendly EMC Avamar installer to provide a copy of AvOracleRMAN.pdf and AvOracleDatabasePrep.pdf which provide a lot more detail than the Client User Guide.
Installation and registration of the Avamar Client
1. As root cd to location of downloaded rpms
2. Type rpm -ivh AvamarClient-linux-rhel4-x86_64-5.0.101-32.rpm
3. Type /usr/local/avamar/bin/avregister
4. Enter the fqdn of the Administrator server when prompted [avamarserver.domain.com]
5. Enter the Avamar server domain [clients] when prompted
6. The Avamar Client installation is now complete
Installation of the AvamarRMAN Plugin
1. As root cd to location of downloaded rpms
2. Type rpm -ivh AvamarRMAN-linux-rhel4-x86_64-5.0.101-32.rpm
3. Update iptables with following rules to allow secure backups and also update any firewalls to allow backup through these ports:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 28002 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 27000 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 29000 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8672 -j ACCEPT4. Create a new user account that will have access to backup/restore jobs on the domain containing the Oracle backup jobs using the Avamar Administrator Console.
5. Create a my-avtar-flags.txt file for linux in /usr/local/avamar/bin containing:
–pidname=Oracle
–pidnum=1002
–logfile=/usr/local/avamar/var/avtar.log
–vardir=/usr/local/avamar/var
–id=[userid from prior step]
–ap=[password from prior step]
–path=[/domain/oracleservername]
–expires=[number in days]
–server=server.fqdn.nameNote that the user created above required Administrator privileges, and I’m still investigating how to lock this down further, for now I’ve isolated the oracle backups to their own respective domains of control to reduce risk.
Also note that permissions on the /var/avamar directory must be set so that the user launching the rman scripts has write access6. Create RMAN scripts (avorabackup and avorarestore) that can be launched with cron or scheduler of your choosing, examples below:
launch this example backup script from a file named avorabackup as follows:
rman target / nocatalog @avorabackup
Note that configure device type sbt clear; does not need to run every time but it is a good idea to leave in for migration process because otherwise any netbackup based backups will continue to be attempted and never go to avamar.
run {
configure device type sbt clear;
allocate channel c1 type ‘SBT_TAPE’ PARMS=”SBT_LIBRARY=/usr/local/avamar/lib/libobk_avamar64.so, ENV=(PATH=/bin:/usr/bin:/usr/local/avamar/bin)” format ‘%d_%U’;
send ‘”–flagfile=/usr/local/avamar/bin/my-avtar-flags.txt” ‘;
send ‘”–sysdir=/usr/local/avamar/etc” “–bindir=/usr/local/avamar/bin” “–vardir=/usr/local/avamar/var”‘;
configure retention policy to recovery window of 10 days;
configure retention policy to redundancy 2;
backup database plus archivelog;
delete noprompt obsolete;
crosscheck backupset;
release channel c1;
}
Another Example with no archive log backup:
launch this example restore script from a file named avorarestore as follows:
rman target / nocatalog @avorarestore
run {
allocate channel c1 type ‘SBT_TAPE’ PARMS=”SBT_LIBRARY=/usr/local/avamar/lib/libobk_avamar64.so, ENV=(PATH=/bin:/usr/bin:/usr/local/avamar/bin)” format ‘%d_%U’;
send channel=’c1′ ‘”–flagfile=/usr/local/avamar/bin/my-avtar-flags.txt” ‘;
send ‘”–sysdir=/usr/local/avamar/etc” “–bindir=/usr/local/avamar/bin” “–vardir=/usr/local/avamar/var”‘;
restore database;
recover database;
release channel c1;
}
Posted in Blogroll, Linux, Scripting | Tagged: Avamar, Client, EMC, Linux, Migration, Oracle, RMAN | 3 Comments »
PowerCLI Notes
Posted by sysxperts on March 27, 2010
Stolen from Tim Oudin who stole it from blogosphere – needed a one liner to add VLAN to existing vSwitch for each host in Cluster
foreach ($ESXhost in get-cluster “ClusterName”| get-vmhost) { get-virtualswitch -vmhost $ESXhost -name vSwitch0| new-virtualportgroup -name “Description” -VLanId XXX }
Substitutions:
ClusterName i.e. Dev Cluster 1
vSwitch0 – use appropriate vSwitch name here
Description i.e. Control-Dev-VLANID
XXX i.e. 920
Similar one liners for PGs
PG with VLAN Id:
foreach ($ESXhost in get-cluster “Test”| get-vmhost) { get-virtualswitch -vmhost $ESXhost -name vSwitch0| new-virtualportgroup -name “Control” -VLanId 854 }
PG without VLAN Id:
foreach ($ESXhost in get-cluster “Dev”| get-vmhost) { get-virtualswitch -vmhost $ESXhost -name vSwitch0| new-virtualportgroup -name “Control” }
Set VLAN Id on existing PG:
foreach ($ESXhost in get-cluster “Dev”| get-vmhost) { Get-VMHost $ESXhost | Get-VirtualSwitch -Name “vSwitch0” | Get-VirtualPortGroup -Name “Control” | Set-VirtualPortGroup -VLanId 852 }
Delete PG:
foreach ($ESXhost in get-cluster “Dev”| get-vmhost) { Get-VMHost $ESXhost | Get-VirtualSwitch -Name “vSwitch0” | Get-VirtualPortGroup -Name “Control” | remove-VirtualPortGroup -confirm:$false }
And from http://www.virtu-al.net/2009/06/11/storage-vmotion-the-powercli-way/
Get-VM “MyVM“ |Move-VM -datastore Get-datastore “MyDatastore“
The Move-VM Cmdlet covers a multiple of sins, lets check some out, you want VMotion:
Get-VM -Name “MyVM“ |Move-VM -Destination Get-VMHost MyHost
And also what you would expect, moving a VM to a new folder:
Move-VM -VM Get-VM -Name MyVM -Destination Get-Folder -Name Production
And moving a VM to a new resource pool, what a multifunctional cmdlet this is !
Move-VM -VM Get-VM -Name MyVM -Destination Get-ResourcePool -Name “Important“
Posted in Blogroll, Scripting, Virtualization | Tagged: ESX, PowerCLI, PS | 2 Comments »