Cisco delivers new hardware for UCS soon!

Cisco
Aug 092011

As a more and more Server-, Storage- and virtualization engineer I’m more then exited to see that Cisco is evolving there Cisco UCS platform with 3 more new products which I received in a marketing e-mail from Cisco.

New Fabric Interconnect (Cisco UCS 6248UP) that doubles the switching capacity of the data center fabric to improve workload density (from 520Gbps to 1Tbps), reduces end-to-end latency by 40 percent to improve application performance  and provides flexible unified ports to improve infrastructure agility and transition to a fully converged fabric.

New Chassis I/O Module (Cisco UCS 2208XP) that doubles the bandwidth to the chassis (from 40Gb to 80Gb) to improve application performance and handle workload bursts (from 80Gb to 320Gb to the blade).

New Virtual Interface Card (Cisco UCS VIC 1280) that quadruples the bandwidth to the server to improve application performance (from dual 10Gb to dual 40Gb) and doubles the number of virtual interfaces to improve Virtual Machine workload density (from 128 interfaces to 256 interfaces). It also offers a choice of Hypervisor to customers by expanding VM-FEX technology to Linux based hypervisors (KVM based on RHEL 6.1).

Besides all this new hardware, Cisco will also reveal Cisco UCS 2.0 which will contain some cool features including iSCSI Boot Support in UCS Service Profile

It was already being announced in July 12, 2011 at Cisco Live, Las Vegas. Sadly enough I couldn’t attend to this event since I don’t even live close. However M. Sean McGee apparently did.  Smile I can really recommend you read his blog since, IMHO it’s really cool.

Tagged with: , ,

DnsShell for Windows PowerShell

Scripting
Aug 082011

A while ago I created a simple script to create some DNS records using dnscmd.exe. This because there where no DNS cmdlets for PowerShell available. Although it worked fine for me, I can imagine people would rather using PowerShell cmdlets.

Nowadays they are available for download yet pretty hard to find. I haven’t used them myself yet, but check it out yourself :)

http://dnsshell.codeplex.com/

As per version 0.4.4 the following cmdlets are available:

DNS Resolver

  • Get-Dns

WMI Wrappers

  • Clear-DnsCache
  • Get-DnsRecord
  • Get-DnsServer
  • Get-DnsZone
  • New-DnsRecord
  • New-DnsZone
  • Remove-DnsObject
  • Reset-DnsZoneType (no Get-Help)
  • Resume-DnsZone
  • Set-DnsRecord (no Get-Help)
  • Set-DnsServer (to be completed)
  • Set-DnsZone (to be completed)
  • Set-DnsZoneTransfer (no Get-Help)
  • Start-DnsScavenging
  • Start-DnsService
  • Stop-DnsService
  • Suspend-DnsZone
  • Update-DnsZone
  • Update-DnsZoneFile

Active Directory

  • Get-ADDnsPartition
  • Get-ADDnsRecord
  • Get-ADDnsZone
  • New-ADDnsRecord (to be completed)
  • New-ADDnsZone (to be completed)
  • Remove-ADDnsRecord (to be completed)
  • Remove-ADDnsZone (to be completed)
  • Set-ADDnsRecord (to be completed)
  • Set-ADDnsZone (to be completed)
Tagged with: ,

My journey to the private cloud

VMware
May 132011

Well, it’s been a while since I wrote a new blogpost mostly due to the lack of time. If I look back at the last 6 months or so there where some heavily private issues, but also a lot of studying into new products. So what happened lately besides my personal problems….?

Starting from the beginning, last year I’ve studied and became certified for Cisco UCS implementation, which is a new compute hardware platform. Since my company has a certain preference for Cisco and with my background for Microsoft/compute technology I was asked to join this new “adventure”. I’ve to admit, while I manage some HP blades in our lab environment, UCS Is pretty cool. I love those service profiles and with just a few mouse clicks I can switch a profile and boot up a whole other OS from my SAN environment. Since we using UCS just recently in our lab for such I think this could greatly benefit us, in fact I truly believe many of our customers can benefit from such stateless computing systems. If a blade server fails, just replace it, set the profile and let it boot again. Or when you have a spare blade, UCS will automatically switch the service profile from the failed system to the spare system. For your end users there will be a small disruption, but it won’t take ages before it’s repaired.

I’m not going into to much details about UCS but I can surely recommend it to you. Else check out the great and continually improving simulator Cisco is offering free of charge.

Anyhow, besides of this I was also asked to do my VMware certification. This basically has to do with UC or Cisco Unified Communications product line (just like UCS by the way). Although I’m not a voice guy and not planning to become as such, Cisco did make it possible to virtualize the UC environment on VMware. So to support my colleagues I’ve followed the VMware training for VCP4 examination, which I passed a couple of months later. I’ve to admit, this was probably one of my toughest exams ever and as such I’m pleased I can call myself a VCP. Like I said we are currently setting up a UCS lab/demo environment with UCS, and of course VMware is one of the products we just set up. Besides this we also installed and configured Hyper-V but this was truly a pain in the ass to configure. Well at least for me it was a pain in the ass as an VMware engineer :) Simple tasks like adding a shared LUN, takes different tools and and places to locations to complete the job. Maybe it’s because I haven’t a lot of experience in it yet, so right now I was actually reading a book about it.
In near future we also wanna to implement XenServer so we have multiple Virtualization products running on our storage, all on our 4 blades from UCS.
VDI will also be configured for all those platforms since our customers are asking for it.

If you think I’m done, well you might think again. Besides reading and studying (as such I still do) all the products above I’ve also done training for NetApp. IMHO if you know just VMware, you should also know how storage works, in the past I always thought it was just a bunch of disks with a form of connectivity like FC or Ethernet and I didn’t saw any fun into it. I didn’t care less about a bunch of disks, also I basically hate hardware especially when issues arrive. Hardware should just work, nothing more nothing less.
But after my recent NetApp certification path I actually can say I enjoyed it very much.
There is a lot of thoughts going through my head when I think about future possible implementations or configurations. What will I do to for a configuration with VMware. NFS or LUN?
Why choosing for FC is there’s no historical investment present for FC. In fact, with UCS 2.0 you can even boot from ISCSI whereby FC isn’t needed anymore for completely stateless computing. All this and many more are what I’ve thought about n the last months.. And every time I feel a little smile when I think about it. Where I previously enjoyed security I foresee that I gonna switch my love. Certainly I won’t give up my interests into security but virtualization from A to Z is IMHO the thing I want to do.

Since a couple of weeks from now, where working to win some important customers for our private cloud ideology. This might become a great start where I might blog more on it.

For now, I’m loving it :)

Tagged with: , , , , , , ,

Don’t forget the RFC’s!

Networking
Dec 142010

As one of the long term moderators at the Petri website I often see questions which could be easily found or answered. A lot of these questions are regarding protocols such as FTP, HTTP or DHCP.

I know for sure that the vast majority of IT professionals are already aware of this and I’m sure the most of the IT professionals just look the questions up on google for example. And maybe the more experienced IT professionals will read the Request for Comments, or also called the RFCs.

But for the less experienced people is where I’m currently targeting on. This is more because I think that RFCs are a very important part when you work with protocols.

But what is actually an Request For Comment?
Wikipedia will tell you; In computer network engineering, a Request for Comments (RFC) is a memorandum published by the Internet Engineering Task Force (IETF) describing methods, behaviors, research, or innovations applicable to the working of the Internet and Internet-connected systems.

So with other words, it’s a documents which desribes standards for our important part of the job, for example protocols like DHCP, HTTP and FTP.

Ok, lets take DHCP as an example. Often I see questions if it is possible to force a client to use a certain DHCP server. Well the answer is no, since DHCP uses a broadcast mechanism to find a DHCP server. The first one who responds will serve the IP address.

So lets take a look at the RFC 2131 which describes the Dynamic Host Configuration Protocol or DHCP.
As you can see it’s a document about 45 pages. I’m not going to tell you how to read it but I’ll show you where you can find the answer to the question above.

If you skip to page 13 section 3.1 you’ll find the following text: The client broadcasts a DHCPDISCOVER message[...]
Errr? But what does it do? Well if you scroll a bit futher you’ll find a small definition about the the DHCPDISCOVER namely: DHCPDISCOVER – Client broadcast to locate available servers.
So actually they are telling that it sends out a certain packet to find DHCP Servers. This means that there is no option available to select a certain server. Of course you can force it by temporarly disable the other DHCP serves but that is not the point of this post. The point is that a lot of such questions is doucmented very very well.

A nice sheme how the DHCP process works can be found at page 14. If you scroll a bit further you also find the explanation of the process.

The same of course applies to HTTP/1.1 which is the current standard since about 1997.The RFC for DHCP is RFC 2616. This RFC consists of 176 pages. That’s quite a lot but knowing them is very useful, especially when you need to do advanced troubleshooting.

I don’t say you need to remember each of them, however you need to know where to find them. Just remember the website http://www.ietf.org (which is the acronym of the Internet Engineering Task Force) where all those documents can be found, or use google to find them :)

However this is not the only publisher or standards. Another one is the IEEE or the Institute of Electrical and Electronics Engineers. This one is a more commercial website, however also extremly important.

For example, I hope you have heard of VLAN tagging. if not, please read this wikipedia link.
Anyhow the VLAN Tagging is defined in a IEEE 802.1Q standards. For all the 802.1 standard you can follow this link. Those documents basically provides the same kind of information as the IETF.

Both IETF and IEEE are extremly important in the current networks. I really suggest to read some of them to get an impression what it is and what it does. I think it will give you a great inside of the protocols and other network standards.

In fact, just a few days ago I actually used the RFC 959 which described the FTP protocol. So if you’re an advanced or a novice IT Professional, it really doesn’t matter. We all using them and if no we all should using them.
So since I got the feeling the RFCs doesn’t get the attention it should have I had the feeling to bring it back under the attenton again.

Tagged with: ,

Migrating FSMO Roles Within ISA or Forefront TMG

ISA, TMG
Dec 032010

Like Microsoft ISA server, the Configuration Storage Server (CSS) from TMG also uses ADAM to store the configuration. When creating a replica of the CSS, ADAM is also used to replicate the data.

But what if the primary fails and you have to reinstall the server? Well, in that case you can still use the replica CSS to connect the firewall to. However when installing a new replica of the secondary CSS you will receive issues with ADAM. One of the issues you might get is something like this:

Event ID: 2091

Ownership of the following FSMO role (Operations Master role) is assigned to a server which is deleted or does not exist.

Operations which require contacting a FSMO role owner will fail until this condition is corrected.

So because of this error the roles needs to be transferred to an other CSS server. There are 2 possible ways to do this. 1) Transferring the role or 2) Seizing the role. Actually it’s just like Active Directory. Seizing is something you only do when the previous FSMO holder isn’t available anymore. If it is still available but you want to replace that server you should use the transfer method.

But how do you do this in a Forefront environment?

Let’s say we have two ISA servers and we want to add an additional CSS on a different computer. Let’s say the computer names are as follows: CSS01, ISA01 and ISA02. The CSS01 will become the primary CSS and we want to decommission the current primary CSS running on ISA01.

First of all, let’s tackle the easy part. In the ISA or TMG client right click the array and simply change the primary configured CSS to the secondary or replica CSS. So instead of ISA01.domain.com as your primary CSS, change it to CSS01.domain.com After this is done you need to change the FSMO roles to CSS01.

Okay, first of all you need to start the ADAM Tools Command Prompt. If you click the start button, go to All Programs >> ADAM and there you can find the ADAM Tools Command Prompt. Basically it opens a new command prompt with a starting point in C:\Windows\adam folder. Those tools are installed when you install a CSS on either computer.

Once you are in the command prompt you need to follow the following procedure:

  1. Open an ADAM tools command prompt on ISA1 or ISA2.
  2. At the command prompt, type: dsmgmt.exe
  3. At the dsmgmt: command prompt, type: roles
  4. At the fsmo maintenance: command prompt, type: connections
  5. At the server connections: command prompt, type: connect to server CSS01.domain.local:2171

The ADAM port used by ISA or TMG is 2171 so keep notice of this. Otherwise it will try to connect to port 389 which is the default port number for ADAM or AD.

Once connected you also need to transfer the roles if possible. To transfer the roles follow the procedure below.

  1. At the server connections: command prompt, type: quit
  2. At the fsmo maintenance: command prompt, type: transfer naming master
  3. At the fsmo maintenance: command prompt, type: transfer schema master

And you’re done! If all went well the roles are transferred. If not you will get error messages in your command line window. Ok this is one part, but what if ISA01 had issues with its CSS? For example, if objects are tombstoned or any way corrupted. Or maybe ISA01 is crashed and cannot be recovered anymore. Or what if you tried to transfer the role and received a warning like this:

Event ID: 1837

An attempt to transfer the operations master role represented by the following object failed.

In that case you can seize the FSMO roles instead of transferring. To do this follow the procedure below:

  1. At the server connections: command prompt, type: quit
  2. At the fsmo maintenance: command prompt, type: seize naming master
  3. At the fsmo maintenance: command prompt, type: seize schema master

If you want to add the ISA01 again as CSS simply install the Configuration Storage Server again as a replica and you’re done.

Tagged with: , , , ,
Older Entries
© 2010 Marcels Blog Suffusion theme by Sayontan Sinha