Archives For VMware

Within my lab environment I largely used a wildcard certificate for all my external services. This certificate was originally created on my Exchange server within my environment. Using this certificate on other Windows servers is generally an easy task of exporting the certificate with the private key and applying to the new server. However using this certificate with Horizon Workspace was a little different.

Firstly the certificate needs to be configured on the Horizon Configurator appliance through the following URL >> https://horizonconfigname/cfg

You then select SSL Certificate from the left hand menu.

image

I re-downloaded the certificate from my certificate provider, opened it in notepad and was able to import this into the SSL box. Ensure that you also copy the intermediary certificates into this box immediately after your certificate. This was supplied by Go Daddy in a gd_bundle.cert file.

image

The exporting the private key from the Exchange server was a little more complex. First I exported the certificate as follows.

From an MMC console add the Certificate snap in, ensure you select Computer Account, Local Computer.

image

Browse to your wildcard certificate, right click and select export

image

The certificate export wizard will appear

image

Ensure you choose yes, export the private key.

image

Choose to export the certificate as Personal Information Exchange Format.

image

Finally you will need to input a password and choose where to save the certificate too.

Next we need to extract the private key from the certificate, the way that I achieved this was with an application called OpenSSL.

Download the installer from here http://www.openssl.org/related/binaries.html 

I chose the Win32 OpenSSL v1.0.1e Light variant, once downloaded I ran a simple Next, Next, Next installation. This installed the application to C:\OpenSSL-Win32

From a command prompt you will now need to run the following commands from the command line. 

openssl pkcs12 –in [location to *.pfx file] –nocerts –out key.pem

image

You will be prompted to enter the password and to create a password, you will then be asked to enter a phrase for the PEM file that is too be created.

Once this is done we are left with an encrypted private key file, the next step is to remove the passphrase encryption.

image

We now have a file that we are able to open in notepad and paste its contents into the Horizon Configurator.

image 

Once we have pasted the key into the Private Key box we are able to select save.

image

We will now need to repeat this process on the Horizon Connector.

image

You should now be in a position to test Horizon in a browser to ensure the certificate is valid.

image

If you receive the following error ensure that you have pasted your intermediary certificates after your certificate in the SSL Certificate boxes shown above.

Request failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

image

The most complex thing about Horizon Workspace is remembering all the administration URLs. I hope in future version we will see a bit more of a combined admin interface between components. In the mean time here is a list with all the admin URLs taken from the user guide.

https://HorizonWorkspaceFQDN/admin

Administrator Web interface (Active Directory user)

Manage the Catalog, users and groups, entitlements, reports, etc. (Login as Active Directory user with administrator role.)

https://HorizonWorkspaceFQDN/SAAS/login/0

Administrator Web interface (non-Active Directory user)

Use this URL if you cannot login as the Active Directory user with the administrator role. (Log in as an administrator using the username admin and the password you set during configuration.)

https://HorizonWorkspaceFQDN/web

Web Client (end user)

Manage files, launch applications, or launch View pools. (Login as an Active Directory user or virtual user.)

https://ConnectorHostname/hc/admin/

Connector Web interface

Configure additional ThinApp settings, View pool settings, check directory sync status, or alerts. (Log in as an administrator using the password you set during configuration.)

https://ConfiguratorHostname/cfg

Configurator Web interface

See system information, check modules, set license key, or set admin password. (Log in as an administrator using the password you set during configuration.)

 

I have recently been given the opportunity to take a deeper look at the Dell DR4000 Backup Appliance, as this now fully supports Veeam it was of particular interest to me. The DR4000 is a server appliance based upon the de-duplication technology Dell acquired from Ocarina. 

Out of the box to running was very quick and easy, with a text based wizard guiding me through the initial steps then moving onto the web based user interface. It took no more than 10-15mins of my time for the initial configuration and access to the user interface. 

IMG 3260

Once the initial configuration was completed I logged into the user interface, the default username is administrator and password is St0r@ge!. Once you are logged in, you get a dashboard view of the appliance, the screenshot below is taken after a number of backups with Veeam. As you can see I have managed to get a total de-duplication saving of 63% across my Veeam backup jobs that I wrote to the appliance. I only had the opportunity to write a small amount of backups but presumably the more backups wrote there would be potential for larger savings. To break it down Veeam backed up 1.9TB of VMs to a 391GB file, the appliance below shows this backups, a reverse incremental for this backup at 46GB and a further 7GB backup file, after de-duplication and compression on the DR4000 these files were down to 168GB. 

Home

One thing to note was in my haste I only plugged in one PSU and one NIC rather than the full 4 available and they show as errors in the hardware health page. 

Health

The box comes configured out the box with a backup container ready for you to write your Veeam, Commvault, AppAssure etc backups too. You are also able to run through a very simple wizard to create other containers. 

New Container

You are also able to configure the compression level across the appliance to be able to favour maximum compression but there could be a performance hit or fast to get a happy medium. 

Compression

One of the elements that I really like about the DR4000 is the ability to use it to offsite your backups, you are able to quickly and easily configure one box to be a target and one to be a source. You are able to allow one DR4000 to be a target for up 5 source boxes. 

Source

Target

Once you have your backups writing to the appliance there are a good range of stats and usage statistics to tell you what is going. 

Stats

Usage

The only configuration needed from a Veeam perspective was to set the jobs deduce-friendly option and add a new repository pointing at the CIFs share. 

 

Capture

For me simplicity and effectiveness are key when it comes to backups they are one of the most important elements of IT to your business but they aren’t something you want to have sleepless nights worrying about, this is one of the reasons I like Veeam so much. For me the DR4000 adds to these elements offering further compression and the ability to simply and effectively move your backups offsite. 

I have a video demo available of this whole setup if anyone is interested please let me know. 

Veeam 6.5 Released

October 26, 2012 — Leave a comment

During VMworld Barcelona Veeam announced the latest iteration of their Backup and Recovery product. For the first time we are seeing Veeam break from a major release each year to be be a dot release with the latest version being 6.5. Although with the work to ensure the product is amongst the first backup products to not only support vSphere 5.1 but also Windows Server 2012 & Hyper-V 3.0 you can see why. 

But threat not Veeam have still managed to jam pack new features into this release. For a full and extensive list check out the whats new document on Veeam website here >>

Amongst the stand out features for me were

  • Exchange E-Discovery >> Allowing you to instantly browse, search and selectively restore, emails, notes, contacts etc from any Veeam backup or Exchange EDB file. Since the beta that I wrote about here >> https://virtualisedreality.com/2012/07/26/veeam-exchange-explorer-beta/ they have now included the option to restore to original location which I think rounds of the feature nicely. 
  • Chain Execution of jobs >> This feature has always been possible but you had to run a post script from each backup, with the new feature you can use the new scheduler to start a job automatically once the job it depends upon finishes. 
  • Configuration Backup >> Veeam is now automatically and periodically able to backup its configuration to a specified backup repository. Particularly useful if you have a physical Veeam server and want to backup your configuration.
  • Veeam Explorer for SAN Snapshots >> Utilise Veeam to recover any item from a HP Lefthand based SAN Snapshot with all the usual Veeam based features. I can’t wait for this functionality to support other SAN manufactures. 
  • Global Data DeDuplication with Windows Server 2012 >> You can utilise the power of Windows Server 2012 DeDuplication to reduce your repository size, you are also able to do file level recovery from a deduplicated volume inside a VM as long as you are running Veeam on a Windows Server 2012 sever. 

These are just a handful of the new features but it is great to see Veeam keeping ahead of the curve as usual and if this is just a dot release I can’t want to see what Veeam Backup and Recovery 7 will have in-store whenever that will be released. 6.5 was released yesterday and can now be downloaded from Veeam’s site  >> http://vee.am/65isGA

VMware have now released a patch for vSphere 5.1 that makes it compatible with View 5.1. I have been running the two in my lab for a little while whilst avoiding to use the storage accelerator where the problem previously existed but with this update we will now finally be able to start offering our customers upgrades to vSphere 5.1.

Note you will either need to download and install a patch to your vSphere hosts or download the new vSphere ISO

Full details are here

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2035268

VMware have just released an update to vCenter 5.1, this update 5.1.0a is just a bug fix release full details of the corrected bugs can be found here

http://blogs.vmware.com/vsphere/2012/10/update-to-vsphere-vcenter-server-version-5-1-0a-released.html

The one that I was happiest to see as I spent a hours trying to rectify recently was as below.

Installing vCenter Single Sign On fails with the error: Unable to create database users: Password validation failed
When you attempt to install vCenter Single Sign On using an existing database or the bundled SQL Express database, the installation fails with the following error:

Error 29114. Cannot connect to DB

This issue is resolved in this release.

I was glad to read this was a bug as I was pulling my hair out for a while whilst trying to instal sso for an internal upgrade I was doing. If anyone does have problems I also found the resource below very useful

http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&externalId=2035831&sliceId=1&docTypeID=DT_KB_1_1&dialogID=466484664&stateId=1%200%20466500843

VMworld EMEA Day 2

October 12, 2012 — Leave a comment

The second day at VMworld EMEA started with the Steve Herrod’s keynote speech this time focusing on end user computing a great passion of mine.

The keynote discussed the importance of flexibility and allowing the end users choice in devices to ensure they were able to be more productive.

image

Steve Herrod recapped the improvements in the View 5.1 release, going over functionality such as the storage accelerator and enhancements in PCoIP.

He went on to introduce the Horizon Suite, a collection of solutions we have previously seen or been aware of, but now coming together into a comprehensive suite of end user computing focused solutions.

image

For the first time we saw Project Octopus renamed as Horizon Data, we will also see tight integration with Horizon Application manager and this will offer the first opportunity for for us to see the HTML5 remoting technology AppBlast in action for tablet users connecting into their View desktop via the Horizon Suite. No dates were announced for the availability of the Horizon Suite but it is currently in Alpha.

The next subject of the keynote was VMware Mirage which has come from the Wanova acquisition, as we have come to expect Vittorio Viarengo, Vice President Marketing for End User Computing came on stage to show us how Mirage works from an end users perspective. The demo entailed a laptop being upgraded from Windows XP to Windows 7 whilst the user was still using it, a simple reboot and the laptop booted into Windows 7 with the applications and data still in place, the desktop was then moved into a view desktop when then laptop was damaged and finally from View to VMware Fusion.

image

I really enjoyed hearing about the announcements surrounding end user computing, it proves VMware are no longer a one trick pony in the end user computing space and that this is a serious direction for VMware.

Finally we saw a new addition to the CTOs keynote with the diamond sponsors being invited to stage for a quick fire demo, the audience were then given a chance to complete polls and vote for their favourite demo, with the winner getting a $10,000 to a nominated charity. Dell, Cisco, HP, EMC and NetApp all took part and EMC won with a VVol demo on the EMC vplex by storage god Chad Sakac. EMC will be donating the money to a down syndrome foundation in Madrid. However VMware announced they would also donate to all the other charities.

image

Following the keynote I spent a lot of my time in the Solutions Exchange talking to various vendors, I had a long chat with Devin Hamilton of Nimble and it was really great to see how far they have come in the last year, their team has grown substantially, they have recently announced the ability to add disk shelves to their SANs to allow not only grid based expansion but now frame based to allow you to have the flexibility to grow the environment to your needs. They have also worked with a number of partners including Cisco to have their SANs included in many of the VMware Rapid Deployment Program solutions for View. I’m looking forward to doing some blog posts on the Nimble SAN shortly.

image

I also spent some time with the guys from Fusion IO, they seem to be doing very well at the moment with their cards being featured in a number of solutions and reference architectures for VDI, one example of this is how it is being utilised in the Nutanix solutions. I will hopefully be working with Fusion IO to do a blog post on using their product in a View solution shortly.

image

I was also given the opportunity to speak with David Angwin marketing director of Dell Wyse and Rafeal Colorado Cloud Client Computer Marketing Director to discuss end user computing with Dell. Dell had a very large end user computing presence at VMworld EMEA in my personal opinion this was at the loss of the storage division who had little to no presence at the show which was a big shame especially with all the competitors being heavily represented in that space.

image

Dell were announcing 2 major new products at VMworld EMEA the first was its new Desktop as a Service solution now available within Europe from its Slough based datacenter, the solution is built around VMware View and pricing starts at £29 per month. I’m going to be interested to see how this works and how partners will be able to integrate with it to build complete cloud solutions for their customers, watch this space.

The second as mentioned yesterday was the announcement of the new Tera 2 thin client, the new P25 and the unfortunately named for the UK market P45 are now available, with the P25 being dual screen and the P45 being quad screen. They have also expanded support for their T50 ARM SoC thin client to include PCoIP support.

image

I was only able to fit one lab in today and that was the delivering optimal performance with VMware vSphere 5.1, there was some good content in this lab but I think it spent a bit too long covering the Java application that we were using to cause the problems that we were then fixing. But overall I felt I recovered ground that I had previously looked at but equally it was good to refresh these skills and there were a number of elements that I was able to take away.

image

The focus on the evening was a number of parties, the first being a small Xsigo champagne reception where it was good to catch up with a number of friendly faces on a balcony room near the conference centre. The second being the VMworld party making place in a transformed hall 8 at the Gran Fira venue, the party had an 8 bit computer game theme, there was pedal kart racing, costumes, retro games, pool tables and more. There was also a live band ‘black rock’ who in my opinion weren’t that good, more screaming than singing and didn’t fit well with the theme of the party, I think a good DJ would have gone down better if there wasn’t going to be a big name band. All together I did enjoy the party their was good food, a memorable theme and it was good to catch up with other VMworld attendees.

image

image

image

image