Friday, June 17, 2011

My Home View 4.6

Here is a diagram of my home lab which I have done up. All machines are VMs other than the main ESX server is a physical.

I will put up my specification used for my ESXi server at home in another post.

This took me a few months as I was busy with work, exams and lots of other testing to have this working. I must admit I do not have a good network backup ground which was also one of the big reason I have a problem with Vyatta router setup.

I have 3 LUNs on my ESXi server namely a 1 x 160GB, 2x 500GB. All 3 are sata hdd.

Here we will not go through the setup for the vSphere environment which I believe if you are reading this you would know how to do it. We will start with View 4.6 setup straight away.

A few guides that got me to successfully implement my View environment are as below:

View Connection Server
A view connection manager was installed with the view manager binaries. You can get the evaluation copy here.

Create a database in your SQL server. I recommend to use the same as vCenter since this is a whole view setup. This database is used for view composer and event logging. You will need a System DSN like vCenter for your View Composer. You can use the same for event logging since it only create tables. I placed both in the same database.

Security Server
Installing of security server is very straight forward. In fact the binaries used are the same as the Connection servers. The only thing is you have to go into your Connection Server web interface and set a passcode which you will need to pair them together during installation.

You can jolly well accept the default for the External URL and IP for the time being and change them later.

Transfer Server
Setting up this need to take care that the vdisk should be LSI Logic Parallel as it will create another 4 more controller later for faster access for Transfer Server. A added disk or shared disk is required to specify where to place the local mode check VM. Do make sure you have enough space for this. I have only enough for one as this is only for my testing. Yes this also uses the binaries for the View Manager.

Let me explain my problem that hits me hard and real hard that I have to troubleshoot this.

I have my Vyatta router on 3 interfaces. Subnet 10 is my internet access, Subnet 172 is my server LAN, subnet 192 is my DMZ.

I did a port forward for all the ports base on VMware KB from outside to Security server and enable the ports between Security server and Connection server.

I left my External IP and URL same in my 192 subnet. This is the killing point. Everytime authentication go through, it never get to my desktop and a blackscreen for 10 seconds would occur.

My ISP change my IP occasionally so I use some dynamic IP service to update on my linksys router.
I came across this blog and realize I have to put the public address and URL on my security server.
However in this blog it also mention connection server. This is no necessary. You would just need to update your security server with the external information.

What's next? When my ISP changed my IP, my connection from outside would end. How can I get it updated at a regular interval manually?
I came across, he has a good powershell script. There are a couple who uses his script and amend it. I will post mine here as the scripts contain errors. Even whatmyip return a wrong IP.  So I have to find an alternative.

  • Installed the windows powershell feature on my Connection server which is a windows 2008 R2.
  • Install VMware Powershell.
  • Place the script below and save as a .ps1 file to a location.
  • Run the file from VMware Powershell CLI command to test the script. You will receive errors on RemoteSigned on the Add-PSSnapin as it is loaded the first time in CLI.
  • Create a windows scheduled task and run this every hour and point the Program to run: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    Add argument: c:\logging\ChangeSecurityServerIP-v01.ps1

#Run Set-ExecutionPolicy when running VMware Powershell for the first time
#Set-ExecutionPolicy remotesigned
Add-PSSnapin VMware.VimAutomation.Core
Add-PSSnapin VMware.View.Broker

# Name of the Security Server
$SecurityServer = "hostname or ip of your security server"

# For logging creating a timestamp
$TimeStamp = Get-Date -format yyyy-MM-dd-H-mm

# Filling $CheckedIP with the external IP address, using service
# returns incorrect ip
$wc = New-Object net.WebClient
$CheckedIP = $wc.downloadstring("")

# Now check the current ExternalPCoIPURL entry
#[0] is connection server [1] is security server
$CurrentSettings = Get-ConnectionBroker
$CurrentIP = $CurrentSettings[1].externalPCoIPURL

# Check if $CurrentIP starts with the IP address from $CheckedIP
# Used StartsWith because $CurrentIP has port address at the end
$Result = $CurrentIP.StartsWith($CheckedIP)

# Are IP address the same?
If ($Result)
# Yes, both IP addresses are the same, do nothing, only write a log entry
$row = $TimeStamp + "," + $CheckedIP + "," + $CurrentIP + ",nochange"
# External IP is not equal to IP set in externalPCoIPURL
# Changing the externalPCoIPURL
Update-ConnectionBroker -broker_id $SecurityServer -externalPCoIPURL $CheckedIP

# Check if it was succesful
$NewSettings = Get-ConnectionBroker
$row = $TimeStamp + "," + $CheckedIP + "," + $CurrentIP + "," + $NewSettings.externalPCoIPURL
$row | Out-File -FilePath "c:\check-ip.log" -Append
# any path you want to place this log file to.

vSphere Assessment Tool (vSAT)

If you are not aware, there is a new tool announced during VMworld US 2019. That is the vSphere Assessment Tool (vSAT). To access the sit...