Author Archives: Wu

About Wu

VCP, MCSE, CCNA

How To Migrate Parent Disk on Hyper-V 2012

If you are using Microsoft Hyper-V 2012 and “Differencing Disk” you may get trouble when you want to move whole VMs to another location due to “Parent Disk” migration is not so easy. Following is the steps to move parent disk on Hyper-V server.

Preparation

I assume you want to move bunch of virtual machines. First of all you need to get disk list of virtual machines. Following is a script to grab all parent and differencing disks on a Hyper-V server.

$VMs = Get-VM 
Foreach ($VM in $VMs)
{
  $VHDs = Get-VHD -Path $VM.harddrives.path
  foreach ($VHD in $VHDs)
  {
     [pscustomobject]@{
         Name = $VM.name
         VHDType = $VHD.VhdType
         VHD = $VHD.Path
         ParentVHD = $VHD.ParentPath
     }
  }
}

Save it to “Get-vhdParent.ps1”. Launch PowerShell by administrator right. Run following command to get parent disk table.

.\Get-vhdParent.ps1 | format-table -autosize

Now you have disk list in hand.

Move parent disks to new location

Parent disk moving is simple. Just copy the parent disk to new location. I suggest make multiple copies if you have large number of virtual machines linked to a parent disk. The reason is if the parent disk failed, at lease it’s not impact to all linked virtual machines. You can also distribute the duplicated parent disks to multiple location to avoid single location failure.

Re-configure parent disks for virtual machine

To be safe, I suggest grab parent disk information again by following command:

Get-VHD -Path VHDPath

Replace “VHDPath” with real differencing disk path of the virtual machine.

The output shows what’s the linked parent disk. Then run the command below to reconfigure parent disk to new location.

Set-VHD -Path VHDPath -ParentPath ParentVHDPath

You should get nothing return if it’s successfully.

If you manage Hyper-V virtual machines by System Center Virtual Machine Manager. The new parent disk is reflected after you right click the virtual machine and do a “Refresh” in System Center Virtual Machine Manager console.

 

 

 

Advertisements

Cannot Complete File Creation Operation When Storage vMotion

Just quick notes. I saw following error  when do storage vMotion.

Cannot Complete File Creation Operation.

When check /var/log/hostd.log. I saw following errors:

2017-11-28T02:51:04.476Z info hostd[76A80B70] [Originator@6876 sub=Vimsvc.TaskManager opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Task Created : haTask--vim.host.OperationCleanup
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] CopyFromEntry: Hostlog_Dump: Hostlog /vmfs/volumes/598700ee-ec
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] UUID: 28dbb1b5-a9d8-e311-1061-03300000002d
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] MigID: 1511837464286041
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] HLState: none
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] ToFrom: none
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] MigType: invalid
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] OpType: nfc
2017-11-28T02:51:04.476Z info hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] WorldID: 0
2017-11-28T02:51:04.478Z warning hostd[772C2B70] [Originator@6876 sub=Libs opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Hostlog_Flush: Failed to open hostlog /vmfs/volumes/598700e
2017-11-28T02:51:04.478Z warning hostd[772C2B70] [Originator@6876 sub=Vcsvc.OCM opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] PersistToDisk: failed to persist entry /vmfs/volumes/5
2017-11-28T02:51:04.478Z info hostd[772C2B70] [Originator@6876 sub=Default opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] AdapterServer caught exception: vim.fault.CannotCreateFile
2017-11-28T02:51:04.478Z info hostd[772C2B70] [Originator@6876 sub=Vimsvc.TaskManager opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Task Completed : haTask--vim.host.OperationClean
2017-11-28T02:51:04.478Z info hostd[772C2B70] [Originator@6876 sub=Solo.Vmomi opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Activation [N5Vmomi10ActivationE:0x75395c80] : Invoke do
2017-11-28T02:51:04.478Z verbose hostd[772C2B70] [Originator@6876 sub=Solo.Vmomi opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Arg entry:
--> (vim.host.OperationCleanupManager.OperationEntry) {
--> hlogFile = "/vmfs/volumes/598700ee-ec0f9918-5b56-000000000000/XXX-VM-01/XXX-VM-01-375f29ae.hlog",
--> opId = 1511837464286041,
--> opState = "running",
--> opActivity = "nfc",
--> curHostUuid = "28dbb1b5-a9d8-e311-1061-03300000002d",
--> }
2017-11-28T02:51:04.478Z info hostd[772C2B70] [Originator@6876 sub=Solo.Vmomi opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Throw vim.fault.CannotCreateFile
2017-11-28T02:51:04.478Z info hostd[772C2B70] [Originator@6876 sub=Solo.Vmomi opID=459515D4-000040D6-2d-cf-d4-7817 user=vpxuser:contoso\testuser] Result:
--> (vim.fault.CannotCreateFile) {
--> faultCause = (vmodl.MethodFault) null,
--> file = "/vmfs/volumes/598700ee-ec0f9918-5b56-000000000000/XXX-VM-01/XXX-VM-01-375f29ae.hlog",
--> msg = ""
--> }

It indicates there is a file cannot be created during migration. Further check on VM configuration file (.vmx) I noticed following parameter existing but the file doesn’t existing.

migrate.hostlog = "XXX-VM-01-375f29ae.hlog"

You cannot create the file directly. Workaround is create a .hlog file with other name then rename it to the same name.

BTW, there is a bug on ESXi 6.0 U1 for similar issue, but I saw this problem  on  U2. Just for your reference below.

Storage migration of a virtual machine with a name beginning with core fails with the error: Relocate virtual machine coreXX Cannot complete the operation because the file or folder coreXX-XXXXX.hlog already exists

Virtual Machine Cloning Is Failed At 33%

I got two exactly same hardware, installed same ESXi version. Somehow cloning from  other ESXi to one server was working, but another one always failed at 33%.

It only impacts to existing VM cloning but not impact to new created virtual  machines. I spent lot time on the troubleshooting. We replaced cables, switch ports, reinstalled ESXi.

There was no  abnormal logs except following:

2017-11-15T05:47:36.023Z [FFF001A0 verbose 'NfcManager' opID=F39DF7E6-00002211-da-c-bf] [NfcClient] Closing NFC connection to server

2017-11-15T05:47:36.023Z [FFF001A0 warning 'Libs' opID=F39DF7E6-00002211-da-c-bf] SSL: Unknown SSL Error

2017-11-15T05:47:36.023Z [FFF001A0 info 'Libs' opID=F39DF7E6-00002211-da-c-bf] SSL Error: error:1409E10F:SSL routines:SSL3_WRITE_BYTES:bad length

VMware support eventually provided me following KB to workaround the problem. Looks like it’s a bug on ESXi 5.5 2068190.

Disabling SSL for NFC data traffic in vCenter Server

Cloning or deploying from a template takes longer time after upgrading to VMware vSphere 5.1 Update 2 and 5.5

How To Get Used Space By PowerShell

I searched internet but hard to find an easy way to get used space on Windows Server.

Following is two lines PowerShell command to get used space on  Windows 2012 R2 Server.

Get-WmiObject win32_logicaldisk | select deviceid,@{n="Size";e={[math]::Round(($_.size/1GB),2)}},@{n="Used Space";e={[math]::Round((($_.Size-$_.FreeSpace)/1GB),2)}}

Could Not Complete Network Copy For File During VM Cloning

This error may only appears on legacy ESXi hosts. The cloning of virtual machine throws error at 33% of the task.

 Clone virtual machine
Could not complete network copy for file 
/vmfs/volumes/5xxxxxxe-4fb01111-3911-0ccxxxxxac38/TEST/TEST.vmdk
Copying Virtual Machine files

You may see following logs on vpxa.log of source ESXi host.

2017-11-02T02:51:20.238Z [FFF43B70 info 'Libs' opID=812BF517-00000667-f0-34-64] SSL: syscall error 32: Broken pipe
2017-11-02T02:51:20.238Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] [NFC ERROR] NfcNetTcpWrite: bWritten: -1
2017-11-02T02:51:20.238Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] [NFC ERROR] NfcFile_SendMessage: data send failed:
2017-11-02T02:51:20.238Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] [NFC ERROR] NFC_NETWORK_ERROR
2017-11-02T02:51:20.239Z [FFF43B70 error 'NfcManager' opID=812BF517-00000667-f0-34-64] [NfcClient] File transfer [/vmfs/volumes/5xxxxxxe-4fb01111-3911-0ccxxxxxac38/TEST/TEST.vmdk -> /vmfs/volumes/5xxxxxxe-4fb01111-3911-0ccxxxxxac38/TEST1/TEST1.vmdk] failed: The operation experienced a network error
2017-11-02T02:51:20.239Z [FFF43B70 verbose 'NfcManager' opID=812BF517-00000667-f0-34-64] [NfcClient] Closing NFC connection to server
2017-11-02T02:51:20.239Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] SSL: Unknown SSL Error
2017-11-02T02:51:20.239Z [FFF43B70 info 'Libs' opID=812BF517-00000667-f0-34-64] SSL Error: error:1409E10F:SSL routines:SSL3_WRITE_BYTES:bad length
2017-11-02T02:51:20.239Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] [NFC ERROR] NfcNetTcpWrite: bWritten: -1
2017-11-02T02:51:20.239Z [FFF43B70 warning 'Libs' opID=812BF517-00000667-f0-34-64] [NFC ERROR] NfcSendMessage: send failed: NFC_NETWORK_ERROR
2017-11-02T02:51:20.239Z [FFF43B70 error 'NfcManager' opID=812BF517-00000667-f0-34-64] [NfcWorker] Error encountered while processing copy spec for file [ds:///vmfs/volumes/5xxxxxxe-4fb01111-3911-0ccxxxxxac38/TEST/TEST.vmdk -> ds:///vmfs/volumes/5xxxxxxe-4fb01111-3911-0ccxxxxxac38/TEST1/TEST1.vmdk]:
--> vim.fault.NetworkCopyFault
2017-11-02T02:51:20.239Z [FFF43B70 error 'NfcManager' opID=812BF517-00000667-f0-34-64] [NfcManagerImpl] Copy operation failed with error: vim.fault.NetworkCopyFault

You may see following logs in vpxa.log of destination ESXi host.

2017-11-02T02:51:18.289Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] SSL: Unknown SSL Error
2017-11-02T02:51:18.289Z [304EEB70 info 'Libs' opID=task-internal-2164-739c5f01] SSL Error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
2017-11-02T02:51:18.289Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcNetTcpRead: bRead: -1
2017-11-02T02:51:18.289Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcNet_Recv: requested 262144, recevied only 16384 bytes
2017-11-02T02:51:18.289Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcFile_RecvMessage: data recv failed. retval = 3, expected 262144
2017-11-02T02:51:18.289Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcFile_ContinueReceive: failed to Recv message
2017-11-02T02:51:18.446Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcProcessStreamMsg: failed to receive file data
2017-11-02T02:51:18.446Z [304EEB70 warning 'Libs' opID=task-internal-2164-739c5f01] [NFC ERROR] NfcServerLoop: NfcServer_HandleRead returned an error : NFC_NETWORK_ERROR
2017-11-02T02:51:18.446Z [304EEB70 error 'provisioningvpxNfcServer' opID=task-internal-2164-739c5f01] [VPXNFCSERVER] Nfc server failed with return value : NFC_NETWORK_ERROR
2017-11-02T02:51:18.446Z [304EEB70 verbose 'provisioningvpxNfcServer' opID=task-internal-2164-739c5f01] [VPXNFCSERVER] Closing NFC session

It indicates the VM may be created on an older ESXi host or VMware Workstation. Somehow it imported to current ESXi host. Solution is create a new VM on the ESXi host and attach only virtual disks of the problematic VM.

Disable PXE Boot for Individual vNIC on Virtual Machine

To achieve Auto Deploy I’d like to control PXE boot process. I want the vNICs of management network can do PXE boot only. That’s because DHCP server may learns incorrect MAC address of management network if ESXi host boots up by non-management network NICs.

The psychical servers are easy to disable PXE boot feature of individual network adapters in BIOS or server profile. Virtual machines is tricky. Following is how to do it. It’s useful for home lab.

  1. Make sure your ESXi VM uses E1000E vNIC. You can only disable PXE boot for all vNICs in one time if type is vmxnet3. And nested ESXi doesn’t support E1000 vNICs.
  2. Go to the VM folder and edit vmx file.
  3. You should see similar entries below. The vNIC name starts from  ethernet0 to ethernetn. It matches vmnic0 to vmnicx on ESXi.

    ethernet1.virtualDev = “e1000e”

  4. I have 4 vNICs. I want to keep PXE boot for ethernet0 and ethernet1. So I only disable it on rest of vNICs. Add following lines to vmx file.

    ethernet2.opromsize = “0”
    ethernet3.opromsize = “0”

  5. Save the vmx file and quit.
  6. Power on the VM.

Please make sure you power on the virtual machines by vSphere Client or vSphere Web Client. As you may know VM console may opened by VMware Workstation if workstation and vSphere Client both existing on your computer. Looks like sometimes the parameter doesn’t work if you power on the  VM by VMware Workstation.

VMware KB Disabling Network boot option from appearing in a virtual machine’s BIOS (1014906) talks about same thing but the value of parameters looks like incorrect for ESXi 6.5.

How To Find Non-tagged ESXi Hosts

There are plenty of scripts to find tagged ESXi hosts. But what if you want to find out all ESXi hosts not be tagged? Following is a simple script:

Compare-Object ((Get-VMHost | Get-TagAssignment).Entity | select -uniq) (Get-VMHost)

The output is similar like following:

InputObject      SideIndicator
-----------      -------------
esx1         =>  
esx2         =>  
esx3         =>

The => indicates ESXi hosts in InputObject are not tagged.

If return is nothing, it means all ESXi hosts are tagged.

Please refer to “Using the Compare-Object Cmdlet” for detail.

Unable to Upgrade to Windows Server 2012 R2

I searched internet but there is no more information about this specific error message.

When you upgrade to Windows Server 2012 R2 or 2016. You may see following error message:

Windows won’t install unless each of these things is taken care of. Close Windows Setup, take care of each one, and then restart Windows Setup to continue.

Upgrades to this build have been disabled.

The reason is there is a hidden parameter in the image disabled uprading. You can only re-install by the image but cannot do upgrading. You have to ask vendor provide you a right copy, or buy Microsoft official image to do upgrading. I cannot publish the parameter due to legal reason.

Most of hardware vendors sale Windows copy along with new hardware. This kind of Windows calls OEM version. There are several different versions of Windows:

OEM SLP – This key comes pre-installed in Windows, when it comes from the Factory. This key is geared to work with the OEM Bios Flag found only on that Manufacturer’s computer hardware. So when Windows was installed using the OEM SLP key (at the factory) Windows looks at the motherboard and sees the proper OEM Bios Flag (for that Manufacturer and that version of Windows) and Self-Activates. (that’s why you did not need to Activate your computer after you brought it home)

OEM COA SLP – This is the Product key that you see on the sticker on the side (or bottom) of your computer. It is a valid product key, but should only be used in limited situations. The key must be activated by Phone. Usually you don’t have to input key during Windows installation since it check your hardware to get key.

OEM COA NSLP – Similar to OEM COA SLP license. Only different is you need to input the key during Windows installation. You must follow EULA to stay the copy on same computer forever.

Retail – Product keys are what the customer gets when he buys a Full Packaged Product (FPP), commonly known as a “boxed copy”, of Windows from a retail merchant or purchases Windows online from the Microsoft Store.

KMS Client and Volume MAK – They are issued by organizations for use on client computers associated in some way with the organization. Volume license keys may not be transferred with the computer if the computer changes ownership. Consult your organization or the Volume Licensing Service Center for help with volume license keys.

Hardware vendors may don’t allow you upgrade Windows in certain licensing mode. So they may provide you a newer Windows image to request you  do re-install on the computers but not upgrading.

Please refer following links for license key details.

What is the difference between SLP and NSLP versions of Windows 7?

Windows License Types Explained

HPE OEM Microsoft Windows Server FAQ Series- Part 1: Licensing Overview

HPE OEM Microsoft Windows Server FAQ Series- Part 2: OEM Licensing Basics

HPE OEM Microsoft Windows Server FAQ Series- Part 3: Microsoft Certificate of Authenticity (COA)

HPE OEM Microsoft Windows Server FAQ Series- Part 4: Windows Server 2016 Basics

HPE OEM Microsoft Windows Server FAQ Series- Part 5: Core-Based Licensing

HPE OEM Microsoft Windows Server FAQ Series- Part 6: Reseller Option Kit

HPE OEM Microsoft Windows Server FAQ Series- Part 7: Client Access Licenses (CALs)

HPE OEM Microsoft Windows Server FAQ Series- Part 8: OEM License Support

Network Problems of Auto Deployed ESXi Host in LAB

I built a simple Auto Deploy environment by vSphere 6.5 on nested environment. I created virtual ESXi hosts on a physical ESXi host to do the testing. The whole configuration was smoothly, I’m impressed Auto Deploy can be implemented in few hours. One thing bothered me was networking.

New ESXi hosts cannot get IP addresses properly somehow. It’s not a single problem. The symptoms are ESXi hosts cannot get IP address, or the Configure Management Network was grayed out on console, or ESXi hosts can get IP address but no responding to ping. Just quick post my solutions here.

To fix all these problems you need to do following:

  1. Enable Promiscuous Mode on the vSwtich which is attached to nested ESXi hosts on physical ESXi hosts.
  2. (I did that on Web Client of vCenter 6.5 U1. You may see different procedure on earlier versions.) Edit the host profile of Auto DeployNetworking configurationHost port group — Highlight Management Network — The option Determine how MAC address for vmknic should be decided — Choose Use the MAC Address from which the system was PXE booted.

If you don’t do step 1, your nested ESXi hosts may not able to get DHCP IP addresses properly, or it can get IP addresses but maps to a new MAC address lead to network packages cannot be transmitted.

Nested ESXi hosts get a DHCP IP addresses when do PXE booting. The hosts get another new IP addresses when apply host profile as soon as management network is created. It could be two different IP addresses and the MAC address of management network could be a new one that not same to any of vmnics. It will be hard to trace back on network switch in real environment, so I think it’s better also to do step 2.

Update 10/25/2017 — You should choose “User must explicitly choose the policy option” in step 2 above if you have multiple NICs. The reason is DHCP IP address during PXE may be captured by random NICs. If you choose what I mentioned in step 2, you will see DHCP server may learns MAC address of a none management network NICs associated with management IP address. Please refer this article for more detail.

Maximum Supported Boot Devices in Virtual Machine BIOS

Noticed a interesting limitation on VMware virtual machines. If you configure multiple SCSI controllers and distribute more than  8 virtual  disks. You may experience randomly OS boot up failure when power cycle VMs. Only last 8 disks with higher SCSI ID present in boot order settings of BIOS. You cannot choose the disks with lower SCSI ID.

You need to following up VMware KB “Changing the boot order of a virtual machine using vmx options (2011654)” to force virtual machines boot up on proper SCSI node.

Automatic vSphere Capacity Report in PPT

Reporting is important to management. To be a IT Pro, you may need to run regular reports for management. Some reports may be generated time consume. vRealize Operations Manager is an alternative to create customized reports. It’s a powerful product to organize data and create PDF or CSV files on scheduled intervals. I recommend have a look if you have planned to implement performance, capacity and alarm system for virtual environment.

What if budget is constrained? Is there a way to create such kind of reports? The answer is “Yes”. I worked out an automatic workflow to create the reports. I will not provide step-by-step guide in this post since it’s advanced integration of multiple products, everyone may have different way to do that. You can even create everything by script if you have strong programming skill. I’m not, I only look for the easiest way to achieve the goal.

Here is a scenario for  example: I want to run a monthly report for vSphere CPU and memory count and present to management by PowerPoint. I want to show management the historical trend of CPU and memory data. The traditional way is collect data in vCenter, organize and create charts in PowerPoint slides. So the whole workflow is: vCenter -> PowerPoint

If you want to automate the whole process you need to introduce few things more: PowerCLI, CSV and Excel. You need to develop a PowerCLI script to grab CPU and memory data on vCenter Server, then export the data to a CSV table by PowerShell command export-csv. Then import the table to an Excel file by Office feature Query Data. It loads the CSV table dynamically, you can even specific what data can be queried by filter.

Once the table is present in Excel, you need to create a chart accordingly. It’s trick when you paste the chart to PowerPoint Slide. You need to use Paste Special to paste the chart as Microsoft Excel Chart Object. The pasted chart can be updated automatically when you open the PowerPoint file.

The last step is created a scheduled task to run the PowerCLI script. Make sure you read my blog Extremely slow when run PowerShell script by scheduled tasks before create the task.

You can also configure the Excel file to automatically update table by CSV file.

Cannot Launch Patch Installer on Windows Server 2016

I was trying to update one Windows Server 2016 by standalone patch file. Somehow nothing happened after I double click the installer file. That’s because Windows Server 2016 prevent execute the  file due to it’s download from internet.

The quick fix is right click the file – Properties – Check Unblock – Click OK button.

Further more. The file has ADS (alternate data streams) attached. The ADS marked the file as download from internet.

You can run following two PowerShell commands to figure out object and value of the ADS.

PS C:\> Get-Item test file.msu -Stream *
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Users\wzheng110917a\Dow
 $DATA
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Users\wzheng110917a\Dow
PSChildName : 20171011_KB4038801_Updates.msu::$DATA
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
FileName : C:\Users\wzheng110917a\Downloads\20171011_KB4038801_Updates.msu
Stream : :$DATA
Length : 1241376269

PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Users\wzheng110917a\Dow
 one.Identifier
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Users\wzheng110917a\Dow
PSChildName : 20171011_KB4038801_Updates.msu:Zone.Identifier
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
FileName : C:\Users\wzheng110917a\Downloads\20171011_KB4038801_Updates.msu
Stream : Zone.Identifier
Length : 26

 

PS C:\> Get-Content testfile.msu -Stream Zone.Identifier
[ZoneTransfer]
ZoneId=3

You can  see the ZoneId is 3. Following is a table to show which type of file it is.

0     My Computer 
1     Local Intranet Zone 
2     Trusted sites Zone 
3     Internet Zone 
4     Restricted Sites Zone

For more reference please read Microsoft blog “Alternate Data Streams in NTFS“.

You can use Unblock-File if you want to unblock multiple files.

 

博客是记录思想的地方

科技的发展真是非常快,十年前我还在用Windows Server 2003 和 Windows XP。十年后的今天,我们已经初尝到人工智能的味道。有那么多的Apps、网站、技术帮助我们更快速的学习新知识,人们的生活节奏越来越快,甚至学习这个人类的基本技能也在传统方式上增加了“碎片时间”方式(一个被“逻辑思维”所倡导的,2017年很流行的学习新方式)。

各种高科技的今天,我们可以用智能手机记录生活中的点点滴滴,甚至影像资料。但是“思想”,这个人类智力的核心却是无法记录的,唯文字可以反映作者当时的状态、情绪和记忆。在快节奏的城市生活中,我们有时候是需要慢下来、停下来的。回头看看自己的过去,读读当时的思想,回忆回忆曾经的记忆。很久前网络上开始流行一句话,大意是“别走得太快,等一等灵魂”(可能是假的名人名言)。我想也许文字可以做到这点。

这个国庆假期,利用空闲时间在网络上搜索搭建SS服务器的资料,无意间看到逗比根据地上的一篇文章介绍一个给互联网上所有网站做历史快照的网站,就随手搜了搜我的过去,竟然无意间发现了自己十几年前写的博客。这些文章早已被我遗留在互联网的某个角落,忘记了。看起来那应该是我从MSN Live空间搬过去的,还依稀记得2000年那会儿博客非常火爆,互联网企业都在推各自的免费博客服务,微软也不例外,但是后来好像因为这种服务不赚钱,以及监管原因,大量的博客服务开始关停,微软也不例外。幸好我当时把文章都转移了,今天才有机会帮我回忆起当时的状态。

非常高兴我可以重读当年的心力路程,让我再次如身临其境般的回到那个时代、回到那个状态。我会尝试花一些时间记录生活,给我的未来留下些参考。

Memory Errors on Modern Servers

I used to see memory degrading on  Cisco  UCS blades. But less see on HPE blades. I thought it maybe quality control problem of Cisco manufacture. Today I read two articles in Cisco website, it explains why we see memory degrading and how it works. I attached the articles below.

Managing Correctable Memory Errors on Cisco UCS Servers

UCS Enhanced Memory Error Management

The conduction in the whitepaper is not only specific for Cisco UCS, but also for any modern servers. Following is summary of why memory errors rates is going high nowadays.

  • Larger memory systems contain more bits
  • Higher capacity DRAM chips require smaller bit cells which result in fewer stored charges per bit
  • Lower operating voltages can lead to reduced noise margin
  • Higher operating speeds can lead to reduced timing margin

Oracle Utilizes 50% of Physical Processors on HPE Server

DBA team told me Oracle was running slow on a HPE server. I observed the CPU utilization was about 50% of overall capacity. Whenever Oracle database bumps up the system experienced slowness.

Further  digged into the issue, I see Oracle workload only ran on single physical processor, but the server has two processors. And the  Windows 2012 R2 resource manager show the system used Processor Group, the two physical processors were grouped out. This technology is described in Microsoft MSDN article.

To fix the issue you have to change value of “NUMA Group Size Optimization” to “Flat” in BIOS. Please refer to HPE article for detail  steps.

Detail of HPE server behavior  is documented here. Please note, the article says it impacts to ProLiant Gen9 and Intel E5-26xx v3 processors. But it actually also impacts to Intel E5-26xx v4 and Synergy blades.

虚拟主机无法获得DHCP IP地址

刚解决了一个问题,快速更新一下。当虚拟主机无法获得DHCP IP地址时,应该做的第一件事情是检查防火墙,无论是Windows防火墙或者物理防火墙。UDP端口67和68不能被阻挡掉。否则会出现虚拟主机只能获得169.x.x.x的IP地址,这个地址是不可用的,表示虚拟主机无法从DHCP服务器获得地址。

这两个端口是DHCP客户端用来从DHCP服务器获取IP地址的。具体的技术细节可以参考RFC文档

DHCP uses UDP as its transport protocol. DHCP messages from a client

to a server are sent to the ‘DHCP server’ port (67), and DHCP

messages from a server to a client are sent to the ‘DHCP client’ port

(68). A server with multiple network address (e.g., a multi-homed

host) MAY use any of its network addresses in outgoing DHCP messages.

我在排错过程中也用到了这篇文章。

搜索虚拟主机时提示:Login To The Query Service Failed

使用vSphere Client登录vCenter Server 6.0时可能会出现如下报错信息:

Login to the query service failed.

The server could not interpret the communication from the client. (The remote server returned an error: (500) Internal Server Error.)

这是因为在登录vSphere Client时勾选了”Use Windows session credentials“。试试取消它。

相关知识库链接:Searching the Inventory with the vSphere Client fails (2143566)

Login To The Query Service Failed When Search Virtual Machine

You may see following problem if you login vCenter  Server 6.0 by vSphere Client:

Login to the query service failed.

The server could not interpret the communication from the client. (The remote server returned an error: (500) Internal Server Error.)

That’s because “Use Windows session credentials” checkbox is selected. Deselect it and give it a try.

Refer KB Searching the Inventory with the vSphere Client fails (2143566)

Virtual Machine Cannot Get DHCP IP Address

Just a quick post. When virtual machine cannot get DHCP IP address the first thing you want to check is firewall. Whatever Windows firewall or physical firewall. You should make sure UDP port 67 and 68 are not blocked. Otherwise you  will see the virtual machine gets 169.x.x.x IP address only.

The two  ports is required for DHCP client to query IP addresses. The methodology is introduced in RFC document.

DHCP uses UDP as its transport protocol. DHCP messages from a client
to a server are sent to the ‘DHCP server’ port (67), and DHCP
messages from a server to a client are sent to the ‘DHCP client’ port
(68). A server with multiple network address (e.g., a multi-homed
host) MAY use any of its network addresses in outgoing DHCP messages.

I also got some ideas in this post.

Adobe Flash Player Out of Date on vSphere Web Client

You may see ‘Adobe Flash Player Out of Date’ on Chrome when you open vSphere Web Client. Click the text Chrome will update Flash Player automatically. But in some cases it doesn’t work due to maybe your Chrome is controlled by company policy or internet problem to Adobe.com. I found an article to show how to offline fix the issue. You can download Flash Player for Opera and Chromium-based browsers – PPAPI in official Adobe KB article.

You may also want to check out my other articles about Flash issue on browsers.

Flash menu appears when right click on vSphere Web Client in Chrome

Cannot open vSphere Web Client on IE11 on Windows 8.1

Network Latency on Virtual Machine

Slight network latency may cause application problem  on sensitive virtual machines. Even the network responding time is just 3 or 7 ms. There is a way to improve the  stability of responding latency – Enable RSS on NIC.

Network traffic is handled by single CPU core when RSS is disabled. Enable it will distribute the workload to 4 cores by default. You can increase CPU for RSS by change registry.

To summarize the solution. Go to Device Manager -> NIC properties -> Advance -> Find RSS option  and enable it. You will see 2 – 3 network drops when applying it.

You can refer following articles for detail.

Poor network performance or high network latency on Windows virtual machines

Virtual Receive-side Scaling in Windows Server 2012 R2

Regarding increase CPU for RSS. Read following article to learn how to modify it.

Setting the Number of RSS Processors

vRealize Operation Manager Installation Pending on install.sh

If your company implemented firewall and blocked public NTP server, you may see installation of vRealize Operation Manager pending on ./install.sh on console. That’s because the installer tries to negotiate with NTP server http://www.iana.org. The firewall blocked the traffic.

VMware TAM Manager Shan told me  there are two options on firewall to block traffic: REJECT and DROP. REJECT means firewall responding to the request and let source device knows it’s rejected. DROP means firewall immediately ignores the request and no responding to source device. Looks like there is a bug in vROPs code that it hung if NTP request gets drop and no responding.

The workaround is create a port group without physical uplinks and install vRealize Operation  Manager. Then move it to proper network after installation  is completed. You can configure correct IP addresses when import the OVF file so later on you just need simply move the network.

Flash menu appears when right click on vSphere Web Client in Chrome

There is a KB describes how to fix right click issue in IE on vSphere Web Client. But my problem was in Chrome. I searched a lot in internet but no lucky till today.

The problem was flash menu appears when I right click anything in vSphere Web Client in Chrome. I have two computers that both has Chrome installed but one has issue, other one works fine. I compared version of Chrome, noticed working one was 55.x, problematic one was 49.x. The issue gone after upgraded to 57.x.

After dig into that problem, looks like Google fixed the problem on version 54.0.2840 that there was a bug related to right click. Check out release notes here.

 

My New Toy Raspberry Pi 3

I own Raspberry Pi 1 and 2 both. I used to do some small projects and learn Python on its. It’s great computer to learn scripting and Linux. But not something can be used in daily based.

I was excited when I hear Raspberry Pi foundation released Pi 3. Thanks foundation brought our world a powerful, cheap and flexible computer that can replace my laptop. In general, I think Pi 3 can be used for daily work in GUI interface. It comes with embedded WiFi, Bluetooth and quad-core 1.2GHz CPU! It frees up the 4 USB ports so I can use it for other purpose.

I have a laptop that motherboard was dead, screen still works. So I bought driver board for the LED screen. Connected Pi 3 to the driver board by HDMI cable. The official Pi 2 case is compatible with Pi 3 except power LED in the other side. I use the latest OS “RASPBIAN JESSIE WITH PIXEL“. I have to say the graphical interface is awesome! It’s more like a modern, real computer. I use default browser Chromium which is similar with Chrome PC version. I also installed “Google Input Tool” extension on Chromium so I can input Chinese. Since most of my work on websites so I don’t have to install input tool on OS. And I saw some interface problem when use Chinese input tool for Linux. I also tried bluetooth headset, not working well. So I turned to USB headset, it works perfectly.

I opened 10 more tabs in Chromium just like how do I use my PC. I also ran a online website to streaming music to USB headset. Wrote blog, brows photos, edit files…etc. I didn’t see any performance issue so far. I guess my high performance TF card may helped. I bought Samsung 64GB UHS-1 Class10 for my Pi 3.

 

vSphere Data Protection将停止更新

VDP在未来的vSphere版本中将不再继续更新。在2022年以前对于现有的VDP客户没有影响。如果客户想迁移到其他备份方案,VMware提供限定时间内的免费迁移至Dell EMC Avamar Virtual Edition的促销。客户依旧可以通过vCenter的存储API把第三方备份解决方案和vCenter整合。

详细资料请参阅问答文件。另外VMware产品生命周期矩阵供你参考。

vSphere Data Protection End of Availability

Just a quick update that VDP will discontinued in future release of vSphere. It doesn`t impact to existing customers till 2022. VMware offers free migration to Dell EMC Avamar Virtual Edition in limited time if customers want to move to other backup solution. Customers can also use other 3rd party backup solutions to integrate with vCenter Server via storage API.

Read this FAQ for detail. VMware products lifecycle matrix for your reference.

“No host data available” Reported in Hardware Status Tab

Just noticed a issue that nothing reported in ‘Hardware Status‘ tab of ESXi hosts in vSphere Web Client. KB 2112847 gives a solution but not works for me. The feature can be used to monitor hardware failures. I figured out a way to workaround it. You just need to login by Administrator account and click ‘Update‘ button under ‘Monitor‘ – ‘Hardware Status‘ for each ESXi host. You will get the status after few minutes.

微信公众平台是否适合数据中心领域的纯技术文章?

最近迷恋于罗胖的“得到App“订阅专栏和其中的各种有声图书,罗胖说他的公司要做信息提供商,又说在信息大爆炸的时代一个有价值的服务就是帮人甄选好信息。这让我思考一个问题:微信公众平台究竟是否适合数据中心领域的纯技术文章?

我觉得要先定义什么是“纯技术文章”。我的理解是细致的讲解操作过程、实现原理以至于这篇文章可以当作操作步骤在实际工作中使用的文章。这也是我写这篇文章的前提限定条件。我的思考如下:

首先数据中心领域的纯技术的文章有时需要用较复杂的形式和较长的篇幅来表达,微信公众平台暂时还不具备这个功能,这个可以比较一下微信公众平台和WordPress的文章编辑器功能。

其次从用户的角度来考虑,当一个供职于数据中心的IT Pros遇到问题时,第一时间应该会想到的是搜索引擎,而不是相对封闭、搜索能力较差的微信公众平台。我一直认为微信是在中国特色信息化政策下的特定产物,信息在流动,但又相对于其他社交产品更加孤岛化。

再者从实用性来看,微信生来就带着移动互联网特性,甚至PC端也是很久以后才有的。而数据中心的IT Pros在工作中还是用PC多过用移动终端的,日常业务中的复制粘贴可能用的很多,微信在这方面总感觉弱一些。

最后从目标用户来看,个人理解是一个重社交的平台,聚集的人群并不是大量的专业用户。而IT专业用户可能也没多少时间看微信、朋友圈、订阅号等。而作为一个公众号能提供的大量纯技术领域专业文章一定是单一方面的,对于普通订阅者来说,很容易产生倦怠。

基于以上这几个思考,我认为这个平台暂时还是不适合作为IT Pro的专业文章发布平台,倒是更适合比较泛泛的介绍功能、原理、架构、思路等的文章。你觉得呢?

Host Cannot Download Files From VMware vSphere Update Manager Patch Store

You may see following error when you scanning ESXi hosts by vCenter Update Manager.

Host cannot download files from VMware vSphere Update Manager patch store. Check the network connectivity and 
firewall setup, and check esxupdate logs for details.

You also see similar logs in /var/log/esxupdate.log.

[Errno -2] Name or service not known

The root cause could be following:

  1. ESXi host cannot resolve DNS name of vCenter Update Manager Server.
  2. One of the DNS servers incorrect if you set multiple DNS servers on ESXi host.

Migrate vCenter Server 5.5 Windows to 6.0 Virtual Appliance 

Virtual appliance is future of how VMware delivery their product to customers. It’s pain to migrate from vCenter Server Windows version to virtual appliance. The only way was build up new virtual appliance and move everything out of Windows vCenter Server. The challenge is you lost data if you have integrated vCenter Server with other VMware products, or using DVS.

VMware released vCenter Server Migration Tool after VMworld 2016. It gave me confidence to give it a try. I assume vCenter Server is embedded SSO. I did the migration 2 or 3 times, following is summary of my experience. The migration tool only support migrate vCenter Server 5.5 windows edition to vCenter Server 6.0 U2.

Prerequisites

  1. vCenter Server is more like core services today since lot of 3rd party software call vCenter API to interactive with VMs. You may have some products integrated with vCenter Server already. Please upgrade to vCenter 6 compatible version before migration.
  2. I suggest create a local account on source vCenter Server if your server is domain member. You can login back source vCenter by local account in case migration failed.
  3. vCenter Server Migration Tool applies temporary IP address on destination vCenter virtual appliance during migration. It’s used to communicate with source vCenter. Please register a temporary IP address for destination vCenter Server.
  4. A helper VM is required to run migration image. Please make sure you have a free Windows VM be ready to mount migration image.
  5. SQL database is exported to source vCenter Server if you want migrate performance and event data. So you need to make sure enough space on C: drive on source vCenter. The free space should be much bigger than vCenter database size.
  6. Of course you need a vCenter Server 6 license key since old key doesn’t support the version.
  7. Some cases show migration process stopped during export SQL database. That’s because memory of source vCenter is too small. Please make sure RAM of source vCenter should be equal or greater than destination vCenter Server.
  8. The other tricky is database table. You may see migration processes is completed but destination vCenter Server doesn’t come up, and no data actually imported. That’s because ‘checksum‘ column existing in table [dbo].[VMO_ResourceElementContent] in vCenter DB. You can run following SQL query to remove it before migration.
    alter table dbo.VMO_ResourceElementContent drop column checksum;

Procedure

The items above can be done anytime before the migration window. Following steps should be token during migration.

  1. You need to disable firewall and anti-virus software on old vCenter to avoid communication issue between Migration Assistant and new vCenter Server.
  2. To avoid any unstable, resource contention, or potential network connectivity lost issue, I suggest temporarily disable DRS and HA on source and destination cluster if they are virtual machine.
  3. Copy Migration Assistant from migration image to old vCenter.
  4. Take snapshot on old vCenter and backup database of old vCenter.
  5. Connect to console of source vCenter and run Migration Assistant.
  6. Mount vCenter Server 6 U2m image on helper VM. Launch vCenter migration. The migration process is straightforward. I wouldn’t introduce more here.

After Migration

Basically you need to revert all the temporary changes made before. Such as delete snapshot and DB backup, enable DRS and HA, and disable vNIC on source vCenter Server to avoid any human error.

How to Integrate PowerCLI 6.5 with PowerShell and PowerShell ISE

I wrote an article to introducing how to integrate PowerCLI with PowerShell and PowerShell ISE. VMware just released PowerCLI 6.5 R1, it includes lot  of new features and modules. And somehow my way doesn’t work. Following is new way to integrate PowerCLI 6.5 with PowerShell and PowerShell ISE in Windows 10.

PowerShell and PowerShell ISE both have it own $profile. So we need to do two times.

Before we start

Please make sure your PowerShell execution policy is not restricted. You can get the setting by run  following command:

Get-ExecutionPolicy

PowerShell Integration

  1. Open PowerShell window. Run following command to confirm profile file is not existing.
    Test-Path $profile

    If return is ‘False’, go to step 2.
    If return is ‘True’, Backup the file and go to step 3.

  2. Run following command if the  profile file  doesn’t existing.
    New-Item -Path $profile -type file -force | Out-Null
    
    Test-Path $profile

    The return above should be ‘True’. Profile file is created.

  3. Run following command to include VMware PowerCLI modules in  PowerShell.
    Add-Content -Path $profile -value "# Load Windows PowerShell cmdlets for managing vSphere `r`n. 'C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Scripts\Initialize-PowerCLIEnvironment.ps1'"

    The blue text above maybe different in your environment base upon where your PowerCLI is installed.

PowerShell ISE Integration

PowerShell ISE process is same to PowerShell, only different is all the operation should be completed in PowerShell ISE window.

Reboot is not required in my environment. But anyhow please reboot if you see any issue.

The processes above integrate PowerCLI 6.5 with PowerCLI and PowerCLI ISE for  current user only. If you want to integrate for all users on the machine, you need to refer to this article.

VMworld 2016

本年度VMworld重回拉斯维加斯,相比旧金山各方面都要好很多,参会这几天有不少乐趣。技术层面,本年度vmworld主要聚焦于用户端统一管理、公有云、以及vmware自家的“超融合软件”。
第一天的主题演讲回顾了近十几年来传统IT、私有云、公有云的增长趋势,这里有个很有意思的地方。我一直以为IT的转变方式应该是从传统到私有,最终到公有的。但是从演讲看,私有云和公有云占有率同时保持增长,公有云甚至一直比私有云要高一些。但直到今年云的占有率依旧不敌传统IT架构,这还是在国际大公司接近80%虚拟化的现状下。演讲中还提出了一个观点——数字化商业。今天,企业都在追求创新、高效的商业,IT已经不像过去仅仅支持企业内部的信息系统,而是引导企业走向何方,IT更加紧密的和商业结合在一起,很难想象一家没有技术驱动的企业可以高效的与客户沟通和分析数据、快速的对市场做出反应、自动化的生产经营。第二天的主题演讲介绍了一些用户层面的新解决方案,由于本人不关注该层面,没有太多了解。

Continue reading

Virtual Machine Console in vCenter is Opened by VMware Workstation

If you have VMware Workstation and VMware Remote Console both installed on Windows 10 you may see vCenter virtual machine console in vSphere Web Client is opened by VMware Workstation instead of VMware Remote  Console. If you see same case your VMware Remote Console may be hijacked. I call it “hijack” since there is no easy way to revert it back.

Continue reading

VMware Workstation自动打开vCenter虚拟机的控制台

如果你的Windows 10电脑上装了VMware Workstation和VMware Remote Console,当你在vSphere Web Client里打开运行在vCenter上的虚拟机控制台时,VMware Workstation可能会代替VMware Remote Console自动连接到控制台。恭喜!你的VMware Remote Console被劫持了。这个问题解决起来比较复杂所以我叫它“劫持”。

Continue reading

2016年三亚亲子度假

2014年在泰国度假后,我们有了小宝宝Vinny,过去两年里老婆和我都忙于照顾小家伙,没有太多时间考虑外出。眼看着Vinny从刚出生时的弱不经风到今天一岁三个月的活泼好动,是时候尝试带Vinny看看世界了。正好我和老婆都有假期,于是计划了这趟旅行。

Continue reading