Tuesday, May 24, 2011

ESX Active Directory Integration 1/2

Today let’s talk about the AD Integration with ESX 3.5
I believe most of you have to, at least once, to log in the ESX console for some troubleshooting, some third part app installation or maintenance, whatsoever.

You can do this with root account.
But you don’t want to share it’s password with dozens of administrators of your company. The auditors will be pulling their hairs off if you do that.

The best practice is to disable the remote access (SSH) for the root account.
Edit the /etc/ssh/sshd_config file
And change the PermitRootLogin from yes to no
Restart the sshd service

Now you should be safe ; )

But you still need the capability of login remotely, right ?!?

Here’s the thing:

- create a local account, with blank password, where the ID’s match the ID’s on your AD
run: useradd bob
there are a few options for group, comments, shell, etc.. (Check useradd man page for all options)

now that you have your accounts create locally you can set up LDAP redirection to your domain.

esxcfg-auth --enablead --addomain=example.com --addc=dc1.example.com

now you should be able to login through a SSH session with the ID and password from your AD domain.

Now you realized you cannot run the command which require admin privileges.
It’s time to tweak the /etc/sudoers file. Use VISUDO to do that.
if you have doubts, here’s the SUDO website about it.

Next post I will talk about the Active Directory integration with ESX 4.x

Friday, May 13, 2011

Cannot add existing disks to my guest

Since I migrated my VMWARE environment to vSphere 4.1 Virtual Center, I started getting a few errors when adding existing disks to virtual machines.

The error says:
Adding existing IDE disk is not supported at the moment. IDE disks cannot be hot added or there are no free available IDE controller slots.

I realized that disk are old disks that are on my environment since older versions of virtual center and VMDK descriptor file contains a legacyesx value instead of the lsilogic value of current ESX versions.

Seems this parameter is not compatible with vSphere 4.1 anymore.
So, you need to edit the VMDK description file and replace

ddb.adapterType = legacyESX
ddb.adapterType = lsilogic

After that the disk could be attached to the virtual machine without any problem.
Check VMWARE KB 1025883 for more details

Friday, May 6, 2011

Cloud in a Box

Today let’s talk about what I call as Cloud in a box.

Probably you realized that to build your virtual infrastructure you have to deal with a lot of stuff, servers, storage, network , softwares, etc…. everything needs to be certified to interact with each other.

VMware provides a Hardware Compatibility List (HCL) which you can use to search every component to make sure it’s certified.
But, let’s be honest it’s not an easy/fast take.
Also you have to be an expert on network, storage and hardware to make the right call.

May be if you are a small or medium company you don’t have the right guy on your staff.

Well, but you do want to enter into the virtualization/cloud world, everybody does!!

That’s where the big players getting in… IBM, DELL and VCE have their own solution. In general it’s a rack with everything you need, servers, storage, network, software, installed, connected, tested, certified, ready for use.

It’s the new plug-and-play for Cloud.

Of course IBM will use it’s own brand, VCE will use EMC storage and Cisco switches. Despite the price you can pick up the one of your preference.

The only common thing among them is that VMWARE vSphere is running behind the scenes for the provisioning. How cool is that ?

IBM has CloudBurst
VCE (witch is a join venture between VMWare, Ciscos and EMC) has vBlock
Dell has vStart
NetApp has Flexpod





But, that has been always my choice. Enjoy

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive