[Nutanix] WinSCP connect CVM use SFTP protocol

自 AOS 5.5 開始預設 SFTP Port 2222 是關閉。

step01. @CVM$ allssh modify_firewall -f -o open -i eth0 -p 2222 -a // 開啟防火牆

step02. use WinSCP > SFTP > IP ,Port 2222 // 帳/密 admin / prism-password

(補充)
* Linux / Mac *
$ sftp -P 2222 admin@cluster-vip:/container-name 連線
$ put test.vmdk

[Nutanix] AHV decrease CVM memory

有時在用Nutanix CE版本資源總是很缺乏,一個節點用大家常用 16GB (16384 MB) 時,CVM就佔用 12GB 將近就75%記憶體資源都它在用..Orz

因此,當你這環境還想在每一台都建一台VM,那就只有新增AHV memory 或降低 CVM memory.我是沒什麼資源只能選後者。

Resolution:

step01. @cvm$ cluster stop

step02. @cvm$ sudo shutdown -P now
Or
@ahv# virsh shutdown cvm-name

step03. @ahv# virsh list –all | grep -i cvm

step04. @ahv# virsh dumpxml {cvm-name} | egrep -i “cpu|memory" // 10G ,10485760 KiB

step05. @ahv# virsh setmaxmem {cvm-name} –config –size 10GiB
@avh# virsh setmem {cvm-name} –config –size 10GiB

step06. @ahv# virsh dumpxml {cvm-name} | egrep -i “cpu|memory" // 再確認一次是否更改 10G OK.

step07. @ahv# virsh start {cvm-name}

step08. @cvm$ cluster status

step09. @cvm$ cluster start

Reference:
1. AHV 5.0 – Changing CVM Memory Configuration (AHV)

[VMware] vRealize Operations Manager 6.0 ~ 7.0 change IP

更改IP不單單只是變更一組IP重啟服務即可。

Resolution :

step01. Guest shutdown vRealize Operations Manager machine

step02. Edit Settings > Options > vApp Options > Properties > 輸入新 IP / 新的Gateway

step03. Power-on vRealize Operations Manager machine

step04. /opt/vmware/share/vami/vami_config_net // 輸入新IP

step05. Guest Restart Realize Operations Manager machine

step06. service vmware-casa stop

step07. /storage/db/casa/webapp/hsqldb/casa.db.script

step08. service vmware-casa start

step09. cd /usr/lib/vmware-vcopssuite/utilities/sliceConfiguration/bin

step10. $VMWARE_PYTHON_BIN ./vcopsConfigureRoles.py –adminCS=新的IP

step11. 更改以下三個位置有舊IP都置換成新IP
/usr/lib/vmware-vcopssuite/utilities/sliceConfiguration/data/roleState.properties

/usr/lib/vmware-vcops/user/conf/gemfire.properties

/usr/lib/vmware-vcops/user/conf/persistence/persistence.properties

/usr/lib/vmware-vcops/user/conf/gemfire.locator.properties

/usr/lib/vmware-vcops/user/conf/gemfire.native.properties

step12. service vmware-casa stop

step13. cp /usr/lib/vmware-vcops/user/conf/cis.properties /usr/lib/vmware-vcops/user/conf/cis.properties.bak

step14. vi /usr/lib/vmware-vcops/user/conf/cis.properties 置換成新IP

step15. vi /etc/hosts 置換成新IP

step16. service vmware-casa start

step17. Log in to vRealize Operations Manager admin UI as the local admin user

step18. Click Bring Online under Cluster Status

** vROM 6.1 and up **
vi /usr/lib/vmware-vcops/user/conf/cassandra/cassandra.yaml 置換成新IP

** vROM 6.7 and up **
vi /etc/apache2/listen.conf 置換成新IP

Reference :
1. VMware KB – Change the IP Address of a vRealize Operations Manager 6.x or later Single Node Deployment (2108696)

[DIY] Huananzhi X79-8D Burn / Monitor tools

買了洋垃圾總還是得確認它的極限,雖短期看不出穩定性至少要幾個工具測試整體搭配是否安心。

燒機工具

  • Memtest86+Memtest86 : 第一個我先測試購買來的記憶體搭在華南金牌 X79-8D 双路主機板是否OK..基本上我最少測48小時以上沒問題。
  • Prime95 : 這套可以把CPU及Memory溫度真的可以燒到CPU 70度,而Memory達95~100度 (在無機殻狀況下,但CPU是有搭載 Cooler Master 410R)
  • OCCT : 因購買双路主板基本上購買了 500W且要有 80+認證及必要有4PN+4PIN CPU供電線,電源供應器,用這個測一下承載力是否OK。
  • BurnInTest : 試用版即大概可以測試一下全盤跑過一遍。

監控工具

  • Core Temp : 這個看來是大家公認較準CPU溫度監測,且還可以設定就啟動之。
  • HWMonitor :師出同門CPU-Z的產品,我比較它監看和Core Temp溫度差不多,且溫度監看部份有很多。e.g. CPU , VGA , Memory ,System board …

驗證產品工具

  • CPU-Z : 除了開機BIOS查看也會用這工具來驗證一下及跑分.
  • HWiNFO:用它來細看所以元件Part Number 及生產年月及序號.

最後,洋垃圾就是要賭一下人品。Good Luck ….

Reference :
1. Intel 適用于 Intel® NUC 的診斷與效能工具
2. OCCT騙人?電表不準?看POEWR測試必讀!不看懂保證後悔!!! | 滄者極限
3.簡單生活 – OCCT – 專屬超頻玩家監控電源供電穩定測試軟體下載/使用教學@免安裝中文版
4. Mobile01 版主 nichic – Prime95 CPU穩定度燒機測試軟體分享教學 CPU+RAM

[VMware] Windows 1903/1909 run VMware Workstation / Workstation Pro error "VMware Workstation and Device/Credential Guard are not compatible. VMware Workstation can be run after disabling Device/Credential Guard"

近日當在用Windows 10 1903/1909 在跑VM時會跳出錯誤訊息"VMware Workstation and Device/Credential Guard are not compatible. VMware Workstation can be run after disabling Device/Credential Guard"。

那工法稍稍多了點….Orz
不是單單什麼開啟 Windows boot menu Hyper-V auto 或 Hyper-V off之類就可以解決。

<Resolution>

step01. Win + R

step02. cmd.exe

step03. gpedit.msc

step04.
Computer Configuration > Administrative Templates > System > Device Guard > Turn on Virtualization Based Security (Disabled)
電腦設定 > 系統管理範本 > 系統 > Device Guard > 開啟虛擬化安全性 (已停用)

step05.
cmd.exe

step06.
mountvol X: /s

copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y

bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d “DebugTool" /application osloader

bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path “\EFI\Microsoft\Boot\SecConfig.efi"

bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215}

bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS

bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X:

mountvol X: /d

step06.
bcdedit /set hypervisorlaunchtype off

(註)bcdedit /set hypervisorlaunchtype auto // 日後要用 Hyper-V 執行重開即可。


step07. 重開機記得要緊盯螢幕錯過以下動作還是無法啟動VMware Workstation 唷!!要按下WinKey或F3 才是真的達到關閉。
Virtualization Based Security Opt-out Tool
Do you want to disable Virtualization based security ?
Disabling this functionality changes the security configuration of Windows.
For the correct action in your oragization, contact your administrator before disabling.

** Press the Windows key or F3 to disabled protection . ESC to Skip this step. **


Reference :
0. “VMware Workstation and Device/Credential Guard are not compatible" error in VMware Workstation on Windows 10 host (2146361)
“Error 1402. Could not open key: UNKNOWN" while installing vCenter Server on Windows (1029282)
1. Dixin’s Blog – Run Hyper-V and VMware virtual machines on Windows 10
2. Leo Yeh’s Blog – 解決問題 Windows 10 (2)
3. 程式前沿 – 解決VM 與 Device/Credential Guard 不相容。在禁用 Device/Credential Guard 後,可以執行 VM 的方法
4. 小歐ou | 菜鳥自救會 – 設定開機選項選擇使用 VMWare 或 Hyper-V
5. ITREAD01 – VMware Workstation and Hyper-V are not compatible. 解決方案
6. 每日頭條 – VM與Device/Credential Guard解決方案

[VMware] Huananzhi X79-8D ESXi use RDM (Raw Device Mapping) mount local SATA NTFS file type

在用華南金牌 X79-8D 用 ESXi 有時會想拿舊硬碟資料存取,總是想到要用RDM,卻發現無法使用 RDM 方式。但仔細檢查明明在BIOS (boot time press Del )有啟用 Intel VT-d 卻還是不行?

找尋到有另一個方式也是可以達到RDM效果。

2019-12-20補充 : 根據原廠KB 1017530 描述到本地控制器大多不符合RDM硬體需求因此預設是禁用。所以和Intel VT-d 不相干。

Workaround :
step01. ssh ESXi

step02. # ls /dev/disksesxcfg-mpath -l ls -al /vmfs/devices/disks
找尋到像 " t10.ATA_____HD1000320AS_________________________________________XXXXXXXX " 字串 device-name

step03.建立一個RDM link
command : vmkfstools -r <source> (space) <destination>
e.g.
vmkfstools -r /vmfs/devices/disks/ t10.ATA_____HD1000320AS_________________________________________XXXXXXXX / vmfs/volumes/目標VM目錄 /RDM-disk.vmdk

vmkfstools -z /vmfs/devices/disks/ t10.ATA_____HD1000320AS_________________________________________XXXXXXXX “/vmfs/volumes/目標VM目錄/RDM-disk.vmdk" (因為要接近實體我推薦用 -z )

(註)
-r –createrdm /vmfs/devices/disks/…
-z –createrdmpassthru /vmfs/devices/disks/…

step03.編輯欲使用Local SATA VM,右鍵 “Edit Settings" > Add > HDD > Existing hard disk 找到剛建立連結 RDM-disk.vmdk

step04.打開VM console , then check disk manager , online disk .

Done.

Reference :
1. osiutino’s Blog – 在 ESXi 利用 RDM 直接掛載實體硬碟到 VM ( HP MicroServer N36L 適用)
2. www.vmwarearena – 2 Simple ways to Create Virtual Compatibility RDM Disks
3. 暉獲無度的步烙閣 – 在 ESXi 6.0 新增 USB 外接硬碟當 Datastore
4. homecomputerlab – VMware SATA disk Raw Device Mapping (RDM)
5. GitHub , Hengjie – How to passthrough SATA drives directly on VMWare EXSI 6.5 as RDMs
6. VMware KB – Raw Device Mapping for local storage (1017530)
7. vClouds – How to build a 64Gb Low Power and Fast ESXi Home Lab

[VMware] Huananzhi X79-8D install ESXi 6.7 U3 fail ?

即然有了洋垃圾伺服器裝個ESXi也不為過,興奮之際直接下載ESXi 6.7 U3 installer 使用了 Rufus create esxi usb boot 安裝發現載入一半會出現如下畫面

Error message :
Shutting down firmware services…
Page allocation error: Out of resources
Failed to shutdown the boot services.
unrecoverable error

Workaround:

雖然看來似乎 UEFI mode 造成,但試過改為 Legacy Mode似乎也一樣,
有論壇討論到幾個方式 > 更新 bios / 關閉 UEFI / legacy Only boot / disable VT-d (mandatory) ;但不符合我環境都無效。
那換個方式先裝舊版再升級總可以吧。X-)


Step01. use ESXi 6.7 U2 install (PS:華南金牌 X79 內建網卡是 Realtek 8168記得手動自製 image 唷 !)

Step02. // update patch ‘ ESXi670-201911001.zip / Build 15018017 / MD5 checksum 8d3ef79c9275bc97f9ce081b70e901c6 ‘
PS: 這問題在這更新檔才能得已解決, Please reference this

> esxcli network firewall ruleset set -e true -r httpClient

> esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-6.7.0-2019

> esxcli software profile update -p ESXi-6.7.0-20191104001-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot -index.xml

Step03. 更新後重開檢查版本是否為ESXi 6.7 U3 + 最新 Patch 
ESXi 6.7.0 , Build 13006603

Reference :
1. virtusolve.home.blog – ESXi Host cannot boot after upgrading to 6.7 U3- Page allocation error:Out of resources
2. GitHub – “Multiboot buffer is too small." after upgrade to ESXi-6.7.0-20181002001-standard (Build 10302608) #1

[VMware]Huananzhi X79-8D onboard NIC (Realtek 8168) custom ESXi 6.7x image

Pre-ready
Step01.
PS > Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

Step02.
PS> Install-Module -Name VMware.PowerCLI

Step03.
Download " ESXi-Customizer-PS-v2.6.0.ps1 " , download link (至今是最新作者說是最後一版)

Step04.
Download Realtek 8168 for ESXi driver , download link
Reference : https://vibsdepot.v-front.de/wiki/index.php/Net55-r8168#Direct_Download_links

Step05.
Download VMware vSphere Hypervisor (ESXi) Offline Bundle (PS: not .ISO installer boot cd !)
e.g. I want to install ESXi 6.7 Update 2 , filename : update-from-esxi6.7-6.7_update02.zip

Step06.
PS> Set-ExecutionPolicy Unrestricted

Step07.
PS> .\ESXi-Customizer-PS-v2.6.0.ps1
(If you don’t care warning message ,if yes , please type as below command-lin >
PS> Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $true

Step08.
PS> ./ESXi-Customizer-PS-v2.6.0.ps1 -izip update-from-esxi6.7-6.7_update03.zip -dpt net55-r8168-8.045a-napi-offline_bundle.zip -load net55-r8168

-------------------------------執行過程---------------------------------
PS D:\temp> ./ESXi-Customizer-PS-v2.6.0.ps1 -izip update-from-esxi6.7-6.7_update03.zip -dpt net55-r8168-8.045a-napi-offline_bundle.zip -load net55-r8168

安全性警告
只執行您信任的指令碼。來自網際網路的指令碼雖然可能很有用,但是這個指令碼有可能會傷害您的電腦。若信任此指令碼,請使用
Unblock-File Cmdlet 來允許執行指令碼,而不顯示此警告訊息。您要執行 D:\temp\ESXi-Customizer-PS-v2.6.0.ps1 嗎?
[D] 不要執行(D)  [R] 執行一次(R)  [S] 暫停(S)  [?] 說明 (預設值為 "D"): R

This is ESXi-Customizer-PS Version 2.6.0 (visit https://ESXi-Customizer-PS.v-front.de for more information!)
(Call with -help for instructions)

Logging to C:\Users\duke\AppData\Local\Temp\ESXi-Customizer-PS-3020.log ...

Running with PowerShell version 5.1 and VMware PowerCLI version 11.5.0.14899560

Adding base Offline bundle update-from-esxi6.7-6.7_update03.zip ... [OK]

Connecting additional depot net55-r8168-8.045a-napi-offline_bundle.zip ... [OK]

Getting Imageprofiles, please wait ... [OK]

Using Imageprofile ESXi-6.7.0-20190802001-standard ...
(dated 08/08/2019 09:57:28, AcceptanceLevel: PartnerSupported,
Updates ESXi 6.7 Image Profile-ESXi-6.7.0-20190802001-standard)

Load additional VIBs from Online depots ...
   Add VIB net55-r8168 8.045a-napi [New AcceptanceLevel: CommunitySupported] [OK, added]

Exporting the Imageprofile to 'D:\temp\ESXi-6.7.0-20190802001-standard-customized.iso'. Please be patient ...


All done.
-------------------------------   END  ---------------------------------

Reference:
1. networkguy – Installing Realtek Driver on ESXi 6.7
2. 流水上面的一塊葉 – Vmware ESXi 6.7 make your unsupported NIC work – 在不支援的Network card 上面可以進行安裝
3. S小魚仔S 使用 ESXi-Customizer-PS 封裝 Esxi 6.5 Realtek、ACHI 驅動程式
4. 可丁丹尼 @ 一路往前走2.0 – ESXi 新增Realtek網路驅動
5. VMware Front Experience – ESXi-Customizer-PS