Monthly Archives: July 2014

Extending VMware VMDKs with System Partitions

Posted on July 11, 2014 | 2 comments

hard-disk-drive
I have had to deal with extending System Partition VMDKs within our environment, but this can get tricky especially with 2003 Server and below.  Hope this helps…Note that Data drives can be extended without issue on 2012 and below.

2008 and above
1.  Open your VIC and edit the settings of the VM that you would like to modify.
Webeditsettings
2.  Change the system disk to the new size (Usually Hard disk 1).
Disk Change
3.   Log into your VM using the console or RDP.
4.  There are two ways to do the extend.  If it is 2008 R2 and above I usually do option 1.  2008 Standard and below I use option 2.

Option 1:
a.  Open Server Manager.
ServerManager
b.  Click Disk Management.
c.  Usually you will have to do a rescan to see the unallocated space.  Right click Disk Management and click Rescan Disks.
Rescandisks
d.  Right click the drive that you wish to expand (should show unallocated space) and click Extend Volume.
ExtendVolume
e.  Click OK on the Extend Volume Wizard and then again click OK on the Select Disks screen.  Now click Finish to complete the wizard.
f.  You should now see the drive is larger.

Option 2:
a.  Click Start –> Run and then type cmd.  Right click on the command prompt application and choose Run as Administrator.
runadmincmd
b.  Type diskpart.
diskpartsmall
c.  Type list volume.
diskpartlistvolume
d.  Select the system partition by typing select volume #.
diskpartselectvolume
e.  You should see an asterisk by the selected volume.  Type extend.
diskpartextend
f.  The drive should now be extended.  Type exit.

2003 Server and Below
1.   Have a 2008 R2 Helper machine that you will use to expand the drive.
2.  Power down the 2003 Server VM.
3.  Edit the settings and add space to the system partition.
Disk Change
4.  Power on the 2003 Server VM.
5.  Click Start –>All Programs –> Administrative Tools –> Computer Management.
ServerManager03
6.  Click Disk Management.  You should see the unallocated space, but if you do not then right click Disk Management and click Rescan Disks.   Just verify…don’t do anything with the space yet.
Rescandisks
7.  Shutdown the 2003 Server VM.
8.  Edit the 2003 Server VM within the VIC and note the location of the disk on the datastore.  Click remove on the drive that you would like extended by clicking on the X next to the hard disk.  DO NOT CHOOSE DELETE FILES FROM DATASTORE or REMOVE FROM VIRTUAL MACHINE AND DELETE FILES FROM DISK.  This is different wording depending on the Full VIC or the Web VIC.  Click OK.
RemoveDisk
diskremoved
9.  Now find your 2008 R2 helper VM within the VIC and then edit the settings.
10.  Where it says “New Device” choose Existing Hard Disk from the menu.  Click Add.
Addexistingdisk
11.  Using the information that you noted before, find the location of the 2003 Server disk that you removed before, select the disk, click OK.
choosevmdk
12.  Cick OK and this will mount the 2003 Server disk on your 2008 R2 helper VM.
13.  Log into the 2008 R2 helper VM with the console or RDP.
14. Click Start –> Run and then type cmd.  Right click on the command prompt application and choose Run as Administrator.
runadmincmd
15.  Type diskpart.
diskpartsmall
16.  Type list volume.
diskpartlistvolume
17.  Select the system partition by typing select volume #.
diskpartselectvolume
18.  You should see an asterisk by the selected volume.  Type extend.
diskpartextend
19.  The drive should now be extended.  Type exit.
20.  Go back into the VIC and edit the 2008 R2 helper VM.
21.  Click the X next to the Hard disk that you added earlier to this machine.  Again, DO NOT CHOOSE DELETE FILES FROM DATASTORE or REMOVE FROM VIRTUAL MACHINE AND DELETE FILES FROM DISK. 
RemoveDisk
diskremoved

22.  Edit the 2003 Server and then from the “New device” menu click Existing Hard Disk and then click Add.
Addexistingdisk
23.  Find the vmdk that you just extended then click OK.  Click again on the settings screen.
choosevmdk
24.  Power on the 2003 Server and you should see the additional space.  You might get a message indicating that a reboot is needed.  If requested, do the reboot.

Random Issues I Have Run Across
I did have an issue the other day with one our our 2008 Standard Servers.  When I went to extend the drive it gave me a weird error.  The parameter is incorrect.
DiskGrowParameterIncorrect

I give thanks to the Lord every day for the googles.  I found a great post by Jonathan Medd that gave the simple fix for this.  When you are in diskpart, select the volume # that you are extending and then use the command extend filesystem.

2 Comments

Posted in Configuration Changes, VMware Vcenter Server, VMware Vsphere 5, Windows Server

Tagged , , ,

SRM Testing…What do I do with my Domain Controllers? Part 2

Posted on July 9, 2014 | 2 comments

Now that you have successfully prepared for the script…here it is. This script will power down the previous clone if there is one, delete the old clone, create a new clone, change the network, and then power on the clone.  Please make sure you test this in first in a test environment before deploying to production.

RedNotice

 

########################################################################
# Clone DC VM and set network to Test Bubble (clonedc.ps1)
#
# This script is used to clone a DC and then set the network port group # to the #Test Bubble group.
# The purpose of this script is to have a replica of our primary DC for # use #when testing an SRM failover. This will remove the previous clone # before #creating a new one.
#
# Created By: Matt Jones, 2014
#
# Variables: $newVMName – Name of the new clone made from the original VM
# $sourceVMName – Name of the target DC VM that will be cloned
# $VM — Name of VM that was cloned earlier
# $DestGroup — This is the port group that the network will be changed to.
#
# Usage: ./clonedc.ps1
#
#######################################################

add-pssnapin VMware.VimAutomation.Core
Connect-viserver (Your vCenter Server)

#Clone Script#
$newVMName = “DCClone”
$sourceVMName = “SourceDC”

Get-VM $newVMName | Stop-VM -Confirm:$false
Start-Sleep -s 5
Get-VM -Name $newVMName | Remove-VM -DeletePermanently -Confirm:$false
Start-Sleep -s 10
New-VM -Name $newVMName -VM $sourceVMName -Location Foldernamecreatedearlier -vmhost hostname
Start-Sleep -s 120

#Set Test Network#
$VM = get-vm “DCClone”
$DestGroup = “Test Bubble”
$VM | get-networkadapter | set-networkadapter -NetworkName $DestGroup -confirm:$false
Start-Sleep -s 30
$VM | Start-VM

taskkill /F /IM powershell.exe

#######################################################

Once you have created the clonedc.ps1 script we need to get it set up as a scheduled task on the physical machine. Log in using the script AD account that you created earlier, then go to Control Panel –> System and Security –> Administrative Tools –> Task Scheduler.  Click Create Task.

TaskScheduler

TaskCreate

Under the General Tab Name your new task, change this to Run whether user is logged on or not, and check the box Run with highest privileges.  Click the Triggers tab

TaskGeneral

Click New and then choose the frequency that you would like this to run.  Make sure to check the Stop task if it runs longer than box and then set it for 30 minutes.  This makes sure that the script stops and doesn’t continually run.  Make sure you check the Enabled box or the script won’t run automatically!  Click the Actions Tab.

TaskTrigger

Click New and then from the drop down menu choose Start a program.  In the Program/Script box type C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe and in the Add arguments (optional) box type -psc “C:\Program Files (x86)\VMware\Infrastructure\vSphere PowerCLI\vim.psc1” -noe -c “. \”C:\scripts\clonedc.ps1\””.  Click the Settings Tab.

TaskAction

If you want to allow this to run on demand then check the Allow task to be run on demand box.  Check the Stop the task if it runs longer than box and choose 1 hour from the drop down.  Check the box If the running task does not end when requested, force it to stop.  Click OK.  You will be prompted to enter the credentials for the account running the task and then click OK.

TaskSettings

RunTaskAccount

 

You might have to do a refresh for your new task to appear.  I am guessing this might be a bug.  Manually run your task and monitor the VIC to make sure it is working properly.

Refresh

That should be it.  Now you can run an SRM test fail over and have a DC available.  Make sure that you have removed all of your DCs from SRM if you had them in there.

Yes

2 Comments

Posted in Uncategorized

SRM Testing…What do I do with my Domain Controllers? Part 1

Posted on July 8, 2014 | Leave a comment

For the most part I love SRM for providing a relatively simple way to back up and recover our  VMware environment.  The problem that I have with SRM is that when it comes to testing failover, what do you do with your domain controllers?  According to VMware’s documentation found here, you should never use SRM to backup your domain controllers because you should already be using Active Directory replication to handle recovery situations.

When testing in the past I have added the DCs to my test recovery plan.  The problem was that most of the time the cloned DCs (in a test bubble) took forever to come up, and because of this, testing would take way longer than it should.  What is the solution?

The solution I have developed is to use scheduled powercli task that will clone my primary DC on a daily basis, change the network port group to a test bubble, and then power it on.  Doing this gives me a domain controller in my test bubble that should be ready to use whenever I want to test SRM.  I am still deciding whether or not I need to power down the primary DC first before cloning.  For now, I am cloning live.  I have a feeling I will hear from you guys on this one…:)

Preparation:

1.  The first thing I have is an old physical desktop to run my scripts.  You could run your scripts through a VM, however, I will be running my UPS Emergency shutdown script through this machine as well.

2.  I created a service account in AD that has very specific rights within vCenter.  Give this AD account admin rights on the physical machine that you will run your scripts from.

3.  Install PowerCLI on the machine using the AD account you created earlier.  Some good installation instructions can be found here.  Make sure that your set the execution policy to remotesigned.  While you still have PowerCLI open, add the credentials of the AD account to the PowerCLI credential store.  Information on this can be found here.  In our example in PowerCLI you would type New-VICredentialStoreItem -Host <vcenter server name/ip> -User <AD Script Account> -Password <Password for the script account>.  This will store the credentials within the user profile directory and it is encrypted!  This way there is no username and password in clear text going over the wire.  Note that if you try to test the script right now it will not work because there are no rights for the account in vCenter.

4.  I am going to be good and use the Web VIC to configure the permissions, sometimes I feel like this though…FullVIC

Now that I have gotten that out of my system, log into the Web VIC as an administrator and click Administration –> Roles.  Click GreenPlus to create a new role.  Name this role something like “clone” or cloneandchangenetwork”.  Check the following boxes:

Datastore –> Allocate Space
Network –> Assign Network
Network –> Configure
Resource –> Assign Virtual Machine to Resource Pool
Virtual Machine –> Configuration –> Add New Disk
Virtual Machine –> Configuration –> Add or Remove Device
Virtual Machine –> Configuration –> Modify Device Settings
Virtual Machine –> Interaction –> Power On
Virtual Machine –> Interaction –> Power Off
Virtual Machine –> Inventory –> Create from existing
Virtual Machine –> Inventory –> Create New
Virtual Machine –> Inventory –> Register
Virtual Machine –> Inventory –> Remove
Virtual Machine –> Provisioning –> Clone Virtual Machine

Now that our role was created, we need to assign it to the locations that we want this role to have rights.  To keep this simple, but not very secure, you could assign the role to the vCenter Server level.  The rights will propagate down the entire tree across any datacenters that you might set up.  Most people don’t want this because it would allow the cloning of any server, so we are going to assign rights exactly where they need to go.  But first we need to create a new folder where our cloned VM will eventually live.

Folder Rights
Click Home –> VMs and Templates.  Using the arrows, expand the list on the left pane.  Right click Discovered virtual machine –> New Folder and then name your new folder something like DCClone.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.

Cluster Rights
Click Home –>  Hosts and Clusters.  Then click on the Cluster where the DC resides that you will be cloning.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.  This keeps the script account from having rights down the tree.
Propigate

DC Rights
Click Home –>  Hosts and Clusters.  Then click on the DC that needs to be cloned.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

Datastore Rights
Now we need to set the role for the host that will house the cloned VM.  Click Home –> Storage, and then on the left hand side click the datastore that the will be home to the clone.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

Host Rights
Now we need to set the role for the host that we are going to clone to.  Click the Home –>  Hosts and Clusters, and then on the left hand pane click the host  that the will be home to the clone.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.  This keeps the script account from having rights down the host.
Propigate

Network Rights
Finally, we are going to set the role for the network.  Click Home –> Networking.  On the left pane select the test network that  you have in your environment.  Mine is called Test Bubble.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

By the time you are done, your script service account should have rights in vCenter for the Cluster (no propagate), host where the clone will live (no propagate), the Datastore, Network, Folder, and DC that will be cloned.
Rights

WAY TO GO!!  Are you ready for part 2?rejoicing

 

Leave a comment

Posted in SRM, VMware SRM, VMware Vsphere 5

Tagged , , ,