Wednesday, October 17, 2018

VMware Update manager connection / plug-in error and how to fix it

Recently for some reason we had to remove and then re-join our VMware update manager server to domain (here you might have a question, why but that’s a different story), once the server re-joined then when tried to connect to our vCenter server, got following pop-up,

Note: this is vCenter 6.0

We tried to enable the Update manager plug-in but no avail.

And when checked from the Web client and tried to connect to Update manager got the following similar error message.
or

So, here it seems like domain re-join of VMware update manager broke the link between the Update manager and vCenter and now the question is how we would fix that.

To fix these errors, we need to re-validate the VMware Update manager configurations and to do that,
  • First Stop the VMware Update manager Service, then
  • Go to Update Manager installation directory, C:\Program Files (x86)\VMware\Infrastructure\Update Manager
  • Now find and open the vci-integrity.xml file and look for the “<vpxdLocation>” tag and verify the vCenter connection URL / IP detail.


In my case, here my vCenter IP is mentioned correctly but not the port detail, notice the use of http/https.
  • Change the port number mentioned here to 80 and now the URL should look like,


Now Start the VMware Update Manager Service

Now you should be able to enable the VUM plug-in in #C client / access the VMware Update manager from web client.

That’s it… 😊


An useful VMware learning resource for beginners

Today while reading something on one of the VMware Blogs site, came across this interesting VMware learning resource site called vSphere Central, as it seems really useful so thought of making a note of it.

This site is a good place to find the detailed information of some the important features of the vSphere Products, vCenter, ESXi and vRealize Operations manager with related configuration walkthrough.



etc...

Hope it would be useful for others...That's it :)


Sunday, July 15, 2018

How to check and verify the I/O device firmware/driver compatibility with VMware HCL

This is something, we as a VMware admin should be aware of because in case of any related issue this is where we check if the device is supported, if supported then what capabilities have been tested as well as the detail of device driver and compatible firmware version.

In order to check about a IO device, browse to VMware Compatibility Guide site  and select I/O devices from "What are you looking for drop-down".

Or directly browse to https://www.vmware.com/resources/compatibility/search.php?deviceCategory=io


In order to check the I/O cards detail we need to have highlighted information handy.

VID: Vendor ID
DID: Device ID
SVID: Sub-Vendor ID
SSID: Sub-Device ID

We can get this detail on an ESXi host using vmkchdev command as follows,

#vmkchdev -l |grep I/O_device_name

So, here in case of vmnic0,

VID:DID SVID:SSID
8086:100f 15ad:0750

Same is true for any other connected I/O device.

In case of hba, use

#vmkchdev -l |grep vmhba

Now use this detail on "VMware Compatibility Guide for I/O device page" to get the required detail.

Note: you may also use #vmkchdev -l | more command to find VID:DID SVID:SSID detail of all connected PCI devices or filter the information using the grep command.


That's it... :)


Sunday, July 8, 2018

How to check FC hba driver & firmware version on ESXi host

Lately while storage team was planning to upgrade the storage system OS, during initial checks they found there are some ESXi hosts in the environment having an old version of hba driver so, they sent their recommendation to upgrade the hba driver to a minimum supported version or later.

Now here is the point, while planning to upgrade the hba or any other device driver always make sure to check and upgrade the firmware of the device to a compatible version as well otherwise you might face some serious performance and related issues (better to upgrade the device driver and firmware at same time).

One can check and verify the IO devices firmware/driver compatibly and ESXi support information on VMware Compatibility Guide Site.

Now here are the steps to check the installed firmware/driver version of any connected hba device.

First check what type of hba driver is being used on the server by running one of the following cmd,

# esxcfg-scsidevs -a

Or

# esxcli storage core adapter list

The second column of the output shows the driver that is configured for the HBA.

For native hba driver, use following cmds to get the driver/firmware detail:

# /usr/lib/vmware/vmkmgmt_keyval/vmkmgmt_keyval -d

​Here you can see the names of connected HBAs, suppose they’re: vmhba0 and vmhba2


# /usr/lib/vmware/vmkmgmt_keyval/vmkmgmt_keyval -l -i vmhba0/Emulex (type the hba/vender_name correctly as it’s case sensitive)

The output of the cmd will show you the installed hba firemware & driver version.


To check the information when legacy driver is being in use.

Go to /proc/scsi directory and look for lpfc (for emulex) or qla (for qlogic) or bfa (for brocade and sometime for qlogic as well).

Now, change the directory to appropriate hba model dir, if its lpfc then:

# cd /proc/scsi/lpfc####

Where #### is the model of the Emulex hba

Run the cmd the content of this dir,

# ls -lia

Now check the files available here (with the names as a number), in case there is a file named 6 then:

# Cat 6

You would get an output similar to,

Chip Revision: Rev-D
Manufacturer: QLogic
Model Description: QLogic-###
Instance Num: 0
Serial Num: ALX0xxxxxxxx
Firmware Version: 5.4.x.x
Hardware Version: Rev-D
Bios Version: x.x.x.x
Optrom Version: x.x.x.x
Port Count: 1
WWNN: xxxxxxxxxxxxxxxxx
WWPN: xxxxxxxxxxxxxxxxxx

To quickly check the HBA Driver in use:

1. Open a console to the ESXi/ESX host.

2. Run this command to obtain the driver type that the Host Bus Adapter is currently using:

# esxcfg-scsidevs -a

Or

# esxcli storage core adapter list

Note: The second column shows the driver that is configured for the HBA.

1. Run this command to view the driver version in use:

# vmkload_mod -s HBADriver | grep Version 

For example, run this command to check the vmkata driver:

# vmkload_mod -s vmkata | grep Version 

or you may also use following cmd.

esxcli software vib list | egrep vmkata

This will show you the driver version of hba.


To obtain the driver version for all HBAs in the system:

# for a in $(esxcfg-scsidevs -a |awk '{print $2}') ;do vmkload_mod -s $a |grep -i version ;done

That's all... :)


Monday, July 2, 2018

How to check ESXi vmnic driver and firmware detail

This is something which you may need to check while troubleshooting a network card related issue on ESXi host and want to cross verify the vmnic driver / Firmware version compatibility with VMware HCL.
In order the check the required vmnic driver/firmware detail, first connect the to the desired ESXi host over ssh using Putty or you may also connect to DCUI, 

Now use following command to get detail of connected network cards,

# esxcli network nic list

There is also a legacy command to get the same information,

# esxcfg-nics -l 

Once you identified the required vmnic name, then use one of the below command to get firmware and driver detail.

 # ethtool -i vmnic_name 

Or

# esxcli network nic get -n vmnic_name

Refer to following screenshot to see the same in action, 
Here the Firmware version is listed as N/A just because the screenshot is taken from my nested lab.

That's it... :)


Sunday, June 24, 2018

ESXi upgrade, ValueError: Cannot merge VIBs...

Recently while upgrading one of the VMhost from ESXi 6.0 U2 to U3 using VMware update manager, one of my colleague first encountered following error during remediation,

“Cannot execute upgrade script on host”

And when he tried to upgrade the VMhost by manually booting it up using the HPE custom ESXi 6.0 U3 image, he got stuck with following error,


On checking /var/log/vua.log file on host, found similar entries there.

Here it looks like the Intel_bootbak_intelcim_provider_0.5-3.3 has been released more than once, with different sizes.

So, here to fix this upgrade issue we need to remove the conflicting intelcim_provider vib. Before trying to remove it, make sure the CIM Server service is in stopped state otherwise you would get an error like, "Can't remove....device or resource busy" while trying to remove it.

Sometimes it may look like in Stopped state however as set to Start and Stop with Host, you would get an error when try to remove it. In such case, set this Service to start and Stop manually and once done, then you would be able to remove the intelcim_provider vib.

Refer to following screenshots for steps about how to Stop the CIM Server service or change its Startup type.


Now, you can remove the conflicting vib using the following cmd after connecting to host over ssh using putty:

esxcli software vib remove -n intelcim-provider  (A reboot may be required, check the cmd output reboot required parameter value)

Once done now you can re-run the ESXi upgrade again and hopefully this time it will get through as well as install the correct version of intelcim-provider.

Note: Don't forget to change the Startup type of CIM Server service post ESXi upgared/host reboot.

That's it... :)


Wednesday, May 9, 2018

Inconsistent LUN mapping related issues on ESXi hosts

Lately came across this issue, where for some reason storage team unmapped and re-mapped few RDM LUNs to VM host group (from Storage array side) and now the respective RDM disks connected to VMs get disappeared.
We had already re-scanned the hosts to storage change and Luns were showing as mounted on all the hosts and after spending two hours with VMware support we had also rebooted the host but that didn't make any difference.

Finally when we rebooted the cluster nodes then I found this has something to do with consistent mapping of rdm Luns across VM hosts (where the cluster nodes residing).

In order to check if a LUN is consistently mapped on all VM hosts in cluster, one need to have a look at Lun's canonical name's (naa.id) corresponding vmd.id

One can check the naa.id's corresponding vml.id by running following cmd  on host (over ssh, using putty),
esxcli storage core device list -d naa.id

So, if the naa.id is naa.60060480000190104063533030353445 then the command would be,

esxcli storage core device list -d naa.60060480000190104063533030353445


For example,  vml.02000500006006048000019010406353303035344553594d4d4554

One need to look at the fifth and sixth digits (see highlighted) of vml.id, this is hexadecimal number which represents the LUN number. On converting to decimal it should match to actual Lun number.

Now to fix this issue what we can do is,  remove the affected RDM disk from the both nodes and then delete the RDM pointer file from Datastore (this doesn’t affect your actual data on LUN). Now after re-scanning the hosts for Datastores, re-add the LUN as RDM drive on both nodes. Now you would be able to power on the affected node.

If due to any reason above doesn’t work then as above after removing the affected RDM drives from both nodes, follow these steps,
  1. Note the NAA_ID of the LUN.
  2. Detach RDM using vSphere client.
  3. Un-present  the LUN from host on storage array. 
  4. Rescan host storage. 
  5. Remove LUN from detached list using these commands:

    #esxcli storage core device detached list
    #esxcli storage core device detached remove -d naa.id
  6. Rescan the host storage. 
  7. Re-present LUN to host. 
  8. Now again rescan the hosts for datastores
Now cross check the vml.id on hosts and it should be same and after adding the RDM drive on nodes you will be able to power on the VM nodes.

Note: If the LUN has been flagged as perennially reserved, this can prevent the removal from succeeding and step 5 would fail.

Run this command to remove the flag:

#esxcli storage core device setconfig -d naa.id --perennially-reserved=false

Now the command to remove the device should work.

# esxcli storage core device detached remove -d naa.id


I had faced a related issue in past and discussed about that in following post, 

After unexpacted host reboot, Powering on a RDM attached virtual machine fails with the error: Incompatible device backing specified for device '0

That's it... :)


Friday, April 6, 2018

AWS Public IP vs Elastic IP and how can we assign one to EC2 instance

In my previous post I mentioned that in order to make an EC2 instance internet accessible, it should have a Public or Elastic IP assigned. Here anyone new to AWS may wonder that, what is this Elastic IP and How its different from Public IP.

In this post we will discuss about the similarities and differences between these two and how one can assign a Public or Elastic IP to an EC2 instance.

If you are looking from a functional point of view then they both are publicly routable IP addresses and can be used to connect your instance to internet but are different how they persist and the way you can assign one to your instance.

public IP address is assigned to your instance from Amazon's pool of public IPv4 addresses, and is not associated with your AWS account. When a public IP address is disassociated from your instance, it is released back into the public IPv4 address pool, and you cannot reuse it.

If we put it in simple word then, Public IP addresses are dynamic, which means if you stop/start your instance you get reassigned a new public IP however it would persist if you just reboot the ec2 instance.

Public IP addresses are free and you will not be charged anything for using them.

An Elastic IP address is a static public IPv4 address, designed for dynamic cloud computing. If your instance does not have a public IPv4 address, you can associate an Elastic IP address with your instance to enable communication with the internet.

An Elastic IP address is associated with your AWS account and with it, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.
While your instance is running, you are not charged for one Elastic IP address associated with the instance, but you are charged for any additional Elastic IP addresses which is not in use.

Now let’s look at the difference between these two IP types.

1. Elastic IPs are assigned to AWS accounts which you can attach to instances. Public IPs assigned to instances directly.
2. You cannot manually attach or detach public IP from the instance. It’s auto allocated from the pool. Elastic IP can be manually attached and detach from the instance.

3. When an instance is stopped and started again, public IP gets changed. But if the instance is assigned with elastic IP, it will remain the same even if the instance is stopped and started again.

4. If elastic IP is allocated to your account and not in use then you will be charged for it on an hourly basis.

5. Public IP released once your instance is stopped so no question of getting charged for not using it.

6. You won’t be able to re-use same public IP since its allocated from free IP pool. You can always re-use, re-attach elastic IP to other instance when it is released from current instance.

7. You can have maximum 5 elastic IP to your account per region. But, you can have as many public IPs as EC2 instances you spin up.

8. You can have either of them for an instance. If you assign elastic IP to instance then its currently assigned public IP will be released to the free pool.

How would be assign Public or Elastic IP to an instance: 

Public IP: It can be assigned to an instance only during the instance creation time and there are two ways of doing that.

  • Edit the Subnet setting and enable Auto-assign Public IP to any EC2 instanced launched in this Subnet.

To do so, From AWS Console => Under Networking & Content Delivery, Select VPC => Now Click on Subnet Tab => Select the intended Subnet and either right Click or from Actions => Select Modify auto-assign IP address

That will open the following Modify auto-assign IP address pop-up, now as shown enable auto-assigning Public IP address.

Now any EC2 instance which would be launched in this subnet would have a public IP assigned.

  • You can also assign the Public IP during EC2 instance launch time, you can also alter the default public IP assignment in a subnet from here.

Whatever you select here would over right the default IP assignment settings.

Elastic IP: We need to allocate the Elastic IP address to our AWS account before making use of it.

You can go to Elascic IP windows either from EC2 instance or VPC Dashboard, once you are there then => Select Elastic IP address => Allocate new address


There is not much to discuss here, once you would click on allocate in next screen, It would allocate you an Elastic IP.

Now if you want to assign this IP to any instance, just select it and either click on Actions or Right click on it and Select Allocate address.


That would open the following Associate Address window, from here you can select the intended EC2 instance or specific network interface.


Once select the intended instance, the elastic IP would get associated with the selected instance.

Note: As mentioned in above screenshot, if you associate an Elastic IP address to an EC2 instance which already has a public IP assigned, the public IP is released.

That's it ... :)


Tuesday, April 3, 2018

Launching your first AWS EC2 instance and making it internet accessible

I assume this is your first EC2 instance and you just have the default VPC with default Security groups, Network Access list and Routing table etc.

As this EC2 is being created in default VPC, which by default has an Internet Gateway attached with a route specified to internet gateway in attached route table so, one only need to complete following steps to make it internet accessible,

  • Create this EC2 instance with a Public IP

  • If the instance was not created with a public IP then create an Elastic IP and attach it to the EC2 instance

  • Identify the attached security group and create a custom inbound rule to allow traffic (RDP and ICMP etc) from an specific IP/Network or from anywhere (0.0.0.0/0)

Here you don’t need to create any outbound rule because Security groups are state full and on the other hand Network access lists by default allow all the traffic.

Note: If you didn’t select a security group during ec2 launch then the ec2 instance would have a new security group name Launch-Wizard-x created and attached, then you need to create custom inbound rules to allow RDP or ICMP traffic for this group.

If required, you can change the attached security group for an instance from here EC2 Dashboard => Network & Security =>Network interfaces.

That's it... :)


Monday, March 26, 2018

Amazon Web Services: A short description of some of the AWS services

As I am planning to sit in my next AWS Certification exam which is Architect Professional in next few months so, thought of starting from scratch and make a note of all common AWS services with their short description (Actually at times I find it hard to recall what service is there for a particular use case so...from next time, I can have a look here).

Amazon Web Services offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security and enterprise applications. These services help organizations move faster, lower IT costs, and scale.


Compute Services :-

Amazon EC2 : Virtual Servers in the Cloud

Amazon EC2 Auto Scaling : Scale Compute Capacity to Meet Demand

Amazon Container Service : Run and Manage Docker Containers

Amazon Lightsail : Launch and Manage Virtual Private Servers

AWS Batch : Run Batch Jobs at any Scale

AWS Elastic Beanstalk : Run and Manage Web Apps

AWS Lambda : Run your code in Response to events

VMware Cloud on AWS : Build a Hybrid Cloud without Custom Hardware

Storage Services :-

Amazon S3 : Scalable Storage in the Cloud

Amazon EBS : Block Storage for EC2

Amazon EFS : Managed File Storage for EC2

Amazon Glacier : Low cost Archive Storage in Cloud

AWS Storage Gateway : Hybrid Storage Integration

Database Services :-

Amazon RDS :  Managed Relational Database Service For MySQL, PostgreSQL, Oracle, SQL Server and MariaDB

Amazon Aurora : High Performance Relational Database

Amazon DynamoDB : Managed NoSQL Database

Amazon Redshift : Fast, Simple, Cost-effective Data Warehousing

Amazon ElastiCache : In-memory Data Store and Cache

Amazon Neptune :  Fully Managed Graph Database Service

Migration Services :-

AWS Database Migration Service : Migrate Database with Minimal Downtime

AWS Application Discovery Service : Discover On-Premises Application to Streamline Migration

AWS Server Migration Service : Migrate On-Premises Servers to AWS

AWS Snowball : Petabyte-scale Data Transport

AWS Snowball Edge : Petabyte-scale Data Transport with On-board Compute

AWS Snowmobile : Exabyte-scale Data Transport

AWS Migration Hub : Track Migrations from a single place

Networking and Content Delivery Services :-

Amazon VPC : Isolated Cloud Resources

Amazon Route 53 : Scalable Domain Name System

AWS Direct Connect : Dedicated Network Connection to AWS

AWS CloudFront : Global Content Delivery Network

Elastic Load Balancing : High Scale Load Balancing

Amazon API Gateway : Build, Deploy and Manage APIs

Management Tools :-

AWS CloudWatch : Monitor Resources and Application

AWS Auto Scaling : Scale Multiple Resources to Meet Demand

AWS CloudFormation : Create and Manage Resources from Templates

AWS CloudTrail : Track User Activity and API Usage

AWS Config : Track Resources and Inventory

AWS OpsWorks : Automate Operations With Chef and Puppet

AWS Service Catalog : Create and Manage Standardized Products

AWS System Manager : Gain Operational Insight and Track Action

AWS Trusted Advisor : Optimize Performance and Security

AWS Personal Health Dashboard : Personalized View of AWS Service Health

Analytics :-

Amazon EMR : Hosted Hadoop Framework

Amazon Kinesis : Work With Realtime Streaming Data

Amazon Redshift : Simple, Fast, Cost-effective Data Warehousing

Amazon CloudSearch :  Managed Search Service

Amazon Elasticsearch Service :  Run and Scale Elasticsearch Cluster

Amazon Quicksight : Fast Business Analytics Services

AWS Data Pipeline : Orchestration Service for Periodic, Data-driven Workflow

AWS Glue : Prepare and Load Data

Amazon Athena : Query Data in S3 using SQL

Security, Identity & Compliance :-

AWS Identity & Access Management : Manage User Access and Access Keys

AWS Single Sign-On : Aloud SSO Service

AWS Organizations : Policy-based Management for multiple AWS accounts

AWS Key Management Service : Managed Creation and Control Of Encryption Keys

Amazon Inspector : Analyzed Application Security

AWS Shield : DDoS Protection

AWS Guard Duty : Managed Threat Detection Service

AWS WAF : Filter Malicious Web Traffic
......................................................................
...........................................................................
................................................................................


My previous AWS exam related posts can be fond here,



Hope this would be useful for others as well...That's it for now :)


Saturday, March 10, 2018

VMware vExpert 2018 award Announced

After lots of delay VMware finally announced the list of vExpert 2018…. I am very honored to be named a VMware vExpert again, this is my fourth vExpert award…..

Congrats to all those who named as a 



Here is the full list of vExpert 2018... https://vexpert.vmware.com/directory 

vExpert 2018 Announcement on VMTN Blog,
https://blogs.vmware.com/vmtn/2018/03/vexpert-2018-award-announcement.html

That's it... :)


Sunday, March 4, 2018

Unable to power-on a VM in nested ESXi, hanging at some random point with a question in the events

I would say this is the most weird issue I ever faced, it took me so long to find a solution so thought of making a note of it.

My setup is all nested, VMware workstation on my Lab Windows PC and then ESXi, vCenter and everything else as VMs running on workstation.

After building a vSphere 6.5 lab environment, when I deployed my first VM and tried to power it on it got stuck at a some point, after waiting for few minutes when checked the task and events, found following info event there,
"Running VMware ESX in a virtual machine will result in degraded performance. Do you want to continue"


Then I created few other VMs but they all got stuck at some random point during power-on operation and the same event was there in events.

However there is no way to answer the question, nothing in VM summary and no pop-up nothing.

A quick search about the issue lead me to VMwareb# 2108739 however adding msg.autoAnswer = "FALSE" in host .vmx file or /etc/vmware/config didn't make any difference.

Initially I thought this is something related to ESXi 6.5 so, just to check deployed another VM with ESXi 6.0 but even on nested ESXi 6.0, VM power-on operation stuck at random point.


Earlier, I had a working vSphere 5.5 nested lab on this system so, thought of checking with ESXi 5.5 but to my surprise VM power-on operation got stuck with same "Running VMware ESX in a virtual machine will result in degraded performance. Do you want to continue" question (without any way to answer it) for ESXi 5.5 too.

Then I thought this is something related to VMware workstation so, downgraded it from version 14 Pro to 12 Pro but there was no difference.

This is when I started looking at other things and eventually found that its my antivirus which was causing this issue.....Avast Antivirus...... enabling or disabling the features in the software did nothing however uninstalling Avast worked like a charm and now everything working again as expected.

Hope this would help...

That's it ...:)


Saturday, March 3, 2018

How to Check, Start, Stop or Restart Windows version of vCenter 6.x Services

Today while working on something I rebooted my vCenter server and post reboot when tried to connect to vCenter using Web client, end up with following error,


This error is something which usually occurs when there there is some issue with vCenter Web client, probably the service is set to manual or somehow got stopped.

Ideally Web client service should have startup type set as Automatic and in start state.

To verify this, opened Services and to my surprise couldn't find the vCenter Web Client Service listed there, even vCenter service was not there (ideally this shouldn't be the case).


So, here how would you check the status of Web Client Service or for any other service not listed in Services.

For Windows version of vCenter, to list the vCenter Server and/or Platform Services Controller services,
  • Open command prompt as Administrator and change the directory to C:\Program Files\VMware\vCenter Server\bin (or any other relevant path, if you didn't install vCenter on default location)
  Now we will use Service-control utility, available here to check the status of service or perform a related operation on it.
      To view the available option, run service-control --help
  • Run following command to list vCenter Server and/or Platform Services Controller services,
          service-control --list-services
  • Run this command to view the current status of all vCenter Server and/or Platform Services Controller services: 
    service-control --status

     To check the status of individual services, use this,

      For Web client Service:
    service-control --status vsphere-client

  For vCenter service:
         service-control --status vpxd
    

 From here, you can start, stop any of vCenter Server and/or Platform Services Controller   services using below cmd,

service-control --start 'Service Name'

Or to start all services,

service-control --start --all


Note:To perform a dry run of the command, add the option --dry-run to the command, doing so will display what actions the command will run without executing the actions. 

Hope this would be helpful.

Reference: VMware kb# 2121043 & 2109881
Related Post: VMware vCenter Server 6.x Appliance services: how to find service status or start/stop

That's it... :)


Sunday, February 25, 2018

How to find and install VMware PowerCLI Module

As most of us would be already aware that, VMware PowerCLI is now available as a PS module and can be installed directly from Microsoft Powershell Gallery, in this post I'll summaries the process of online and offline installation of PowerCLI.

PS commands to be used:

Get-Module : To list the available/already installed modules on you local machine
Find-Module : To find the available modules in an Online PS Gallery
Install-Module : To download and install the specified module from an online gallery
Save-Module : To download and sad save a PS module for offline use

Online installation of PowerCLI : To install the PowerCLI from Microsoft PS gallery, follow these steps,

  • If you are not sure about the name of the actual VMware PowerCLI module, use below cmd to find the same,

Find-Module -name *VMware*

  • Once you have identified the module name, use Install-Module CMD to install it.
          Here we will install VMware "VMware.PowerCLI"

Install-Module -Name VMware.PowerCLI


Press Y [yes] or A[yes to all], when prompted.

Depending upon your internet connection speed, it would take some time in downloading and installing the requested PS module, once done then close the current Powershell sessions and restart it, now newly installed PowerCLI module will load and you can use it.

In case if you want to limit the scope of this module to current-user only then use following command instead, 

Install-Module -Name VMware.PowerCLI –Scope CurrentUser

Offline installation of PowerCLI: To download and install VMware PowerCLI Module follow these steps,
  • On a a system which is connected to internet, you can save the VMware PowerCLI module to your desired location using Save-Module cmd.
  • Now, we can copy this module (downloaded folders) to a system which is not connected to internet, and place them in a location where PowerShell can find them, modules folders can be confirmed by typing $ENV:PSModulePath at the PowerShell prompt.
Local User: $home\Documents\WindowsPowerShell\Modules 
All Users: $pshome\Modules


Once you copied these folder to the the modules folders and restarted the PowerShell window, the modules will automatically load this time and you can use them now.


That's it... :)


Thursday, February 22, 2018

How to reset iLO login password from within ESXi Shell

This is something could be useful if you are unable to recall the HP iLO login password.

Follow these steps to reset iLO password from esxi host
Create a file named reset_ilo_pwd.xml in tmp folder under root with the below info and add the new password in the password section:

<ribcl VERSION=”2.0″>
<login USER_LOGIN=”Administrator” PASSWORD=”password“>
<user_INFO MODE=”write”>
<mod_USER USER_LOGIN=”Administrator”>
<password value=”YOUR-NEW-PASSWORD”/>
</mod_USER>
</user_INFO>
</login>
</ribcl>

Alternatively you can create this file by copying these lines to notepad and then saving it as reset_ilo_pwd.xml file, now upload it to /tmp directory of your ESXi host using any ftp client like Winscp.

Now use the following command to commit the administrator password information from the file (reset_ilo_pwd.xml) to iLO using the below command

 
./hponcfg -f /tmp/reset_ilo_pwd.xml

This is it, now you should be able to login to iLO of your ESXi host using the password specified in the above xml file.

Additional Info: HPE offers support for the iLO features available on ProLiant servers with the HP Online iLO Configuration aka HPONCFG utility. HPONCFG can be used to set up and reconfigure the iLO (Integrated Lights-Out) management controller of a server.

HPONCFG is an online configuration tool used to set up and reconfigure iLO without requiring a reboot of the server operating system. The utility runs in a command-line mode and must be executed from an operating system command line on the local server. HPONCFG enables you to initially configure features exposed through the RBSU or iLO.
You can also use HPONCFG to reset the ILO from ESXi host and many other things.
Browse to /opt/hp/tools and execute the below command to reset the HP ILO configuration.

./hponcfg -r 

Before using HPONCFG, the iLO Management Interface Driver must be loaded on the server. HPONCFG displays a warning if the driver is not installed.
In case if its not already present on the server, you may download and install from following links: 
* HPE ESXi Utilities Offline Bundle for VMware vSphere 6.0 *

* HPE ESXi Utilities Offline Bundle for VMware vSphere 6.5 *


That's it... :)


Wednesday, February 7, 2018

How to reset HP iLO over ssh or remotely

Lately I faced this issue, where I was unable to login to iLO of one of my HP ProLiant server instead there was a ssh connection related error on login page.


I had seen this error during the iLO firmware upgrade in past but not any other time.

As I did upgrade this ProLiant server’s Firmware/Drivers last day using the latest HP Service Pack forProLiant (aka HP SPP) so, it had the latest iLO firmware ver 2.55 installed and I was sure everything was working as expected post SPP upgrade.

We tried few things to resolve the issue and eventually resting the iLO fixed the issue, as iLO web login was not available so we had to reset it via command line by connecting to iLO over ssh.

You would be able to access iLO over ssh only if you didn’t disable it during the initial iLO configuration (By default iLO ssh access is enabled).

The steps to reset the HP iLO over ssh are follows:-
  1. Open Putty (or any other ssh client) and connect to the iLO controller using its IP address or FQDN
  2. Login with iLO administrator credentails (or an account with equivalent rights)
  3. Once connected to iLO, issue the following command:
   cd /map1

Press Enter
  1. Then type
   Reset

Press Enter

Command and its output would be something like this on CLI:

hpiLO-> cd /map1

status=0
status_tag=COMMAND COMPLETED

hpiLO-> reset

status=0
status_tag=COMMAND COMPLETED

Resetting iLO.

CLI session stopped

The iLO controller will begin to reset itself. Resetting the controller fixes a lot of hung-up and freezes issues on the interface.

Note: In case of any issue, HPE always recommends upgrading the firmware on the iLO controller as the first thing and as it doesn’t require reboots or downtime so can be done anytime.

Additional resources:   

That's it... :)