Monday 24 February 2020

Replacing machine ssl certificate on vcsa 6.7 failed with error

Replacing machine ssl certificate with custom certificate on VCSA 6.7 failed with error
"Error certificate-manager 'lstool get' failed:1"

Description:
Replacing machine ssl certificate with custom certificate on VCSA 6.7 failed due to 3rd party plugins deployed/installed with no valid certificate

Cause:
The certificate replacement process will check whether the 3rd party plugins installed have valid certificate or not. If not, the certificate replace will get failed.

Resolution:
The only resolution is to skip the validation that is being carried out by certificate manager process

1. Navigate to directory
#cd /usr/lib/vmware/site-packages/cis/

2. Take a backup of certificatemanagerhelper. Py file

3. Open the file using vi editor and edit the following section
#to remove LsTools stdout
If(rc! =0) :
    logging.error("'lstool get' failed{}".format(rc))
Comment the line #raise exception("'lstool get' failed: %d" %rc) and instead TYPE rc=0

4. Keep the certificate and certificate chain ready

5. Replace the certificate

Replacing machine ssl certificates with custom certificates on VCSA 6.7 failed

Replacing machine ssl certificates with custom certificates on VCSA 6.7 failed

Description:
We have vcsa 6.7 deployed and vcsa HA configured. Active node runs in site A, whereas passive and witness node runs on site B. When we try to replace machine ssl certificate with custom cert, it got failed while trying to update cert on passive node

Resolution:
Replacing certificate on HA enabled vcsa cluster is not supported

The solution is to destroy vcsa HA first and then replace machine ssl certificate. Once done, enable VCSA HA and then complete the HA configuration.


Tuesday 26 November 2013

How to recreate vmdk descriptor file

Below are the steps to recreate a missing text descriptor file for a virtual disk

Important points:

1. Make sure u backup the virtual machine configuration file
2. Make sure u have last successful backup for your virtual machine.

Steps to follow:

1. Login to ESX/ESXi server using putty session

2. Switch to virtual machine directory as show below

#cd /vmfs/volumes/<datastore name>/<virtualmachine folder>

3. list the vmdk files and check whether the text descriptor file is present or not

#ls -l *.vmdk


Pre-requisites:

4.  In order to re-create the missing text descriptor file, we should first know the scsi controller type which was being used by the virutal disk. Below command helps you to get that information

#less *.vmx | grep -i virtualdev
scsi0.virtualdev = "lsilogic"

5. Next u need to have the exact size of the virtual disk. Below command will do that for you. Copy the value as shown in the output

#ls -ll *-flat.vmdk

6. vmkfstools command will help you to recreate a missing text descriptor file.  options used are (CAD)

#vmkfstools -c <size value> -a lsilogic -d thin temp.vmdk

c - create; a - scsi controller type; d - disk type (thin or thick)

7. list the vmdk files and check whether the new descriptor file named temp.vmdk was created or not. Note that 2 files will be created text descriptor file and its associated flat file

#ls -ll *.vmdk

temp.vmdk
temp-flat.vmdk


8. rename the newly created descriptor file to your servername as shown below:

#mv temp.vmdk servername.vmdk

9. Note that your servername.vmdk file is still pointing to temp-flat.vmdk file. So edit the servername.vmdk file and point it to servername-flat.vmdk file as shown below.

#vi servername.vmdk

in extent description section change the file name

Also note that if your disk is thick provisioned then remove the line "ddb.thinprovisioned" = 1 at the last and then save the file

10. Check all the steps are correctly performed and then power on the virtual machine. 



Monday 25 March 2013

How to convert a RDM disk from Physical Compatibility mode to Virtual Compatibility mode

Purpose

This article provides steps to switch a Raw Data Mapping (RDM) between physical and virtual compatibility modes without data loss.

VMware KB - 1006599

Resolution

To change an RDM from physical to virtual compatibility mode:

Note: VMware recommends that you backup your configuration before performing these steps.

Step 1: Power off the virtual machine.
Step 2: Right-click the virtual machine and click Edit Settings.
Step 3: Note the SCSI device that the RDM is using (for example, SCSI0:5).
Step 4: Remove the RDM hard disk from the virtual machine, ensuring that the Delete from Disk option is selected, and then click OK.

Note: Unlike VMDK files, the Delete from Disk option removes only the RDM pointer files. Data on the RDM remains intact.

Step 5: Right-click the virtual machine and click Edit Settings.
Step 6: Add the RDM back to the virtual machine as a new disk and select virtual compatibility mode. Ensure that you use the SCSI device that you noted in step 3.
Step 7: Power on the virtual machine.

Note: An RDM can also be changed from virtual compatibility mode to physical compatibility mode. To change from virtual to physical compatibility mode, ensure there are no snapshots and select physical compatibility mode when completing step 6.

Friday 22 March 2013

How to collect IBM Dynamic System Analysis(DSA) logs for an ESXi server

It is possible to gather DSA data from an IBM server running ESXi without having to boot with a bootable CD or reboot the server at all.

From any machine, Windows or linux, you can run the latest release of the DSA tool, then reference the ESXi server using commandline parameters when running the DSA tool.

Step 1: Download the appropriate IBM DSA utility on any windows server that has connectivity to ESXi server.

Step 2: Open the command prompt and go to the directory where the DSA utility presents.

Step 3: Enter the below command to collect system information

#ibm_utl_dsa_dsyt85t-3.40_portable_windows_x86-64.exe --vmware-esxi  user:password@ip-address

Note: this will take some time to gather diagnostics logs and store it in C: drive.

Thursday 21 March 2013

How to consolidate snapshots in VMware ESXi 5.0

What is snapshot consolidation?

Snapshot consolidation is nothing but committing snapshots.

When snapshot consolidation is required ?

  • The snapshot commit fails due to locked files. For details on how to release the lock on locked files
  •  There is a temporary loss of communication between the vCenter Server and the ESXi/ESX host during snapshot commit. To refresh the connectivity, restart the ESXi/ESX host management agents.
 What happens when delete or delete all is iniatiated on snapshots?

When "delete" or "delete all" is iniated on snapshots, snapshot details are deleted from snapshot manager, then snapshot files well be consolidated and merged to another snapshot files or the virtual machine's parent disk.

What happens when snapshot consolidation fails?

If consolidation fails, there were no snapshot details in snapshot manager, but still the snapshot files exist in the datastore and cause the datastore to run out of disk space.

Note: The ESXi host that the virtual machine is registered on must be an ESXi 5.x host.
 

Checking if virtual machine consolidation is required

To check if virtual machine consolidation is required:
  1. Select a vCenter Server host or a cluster and click the Virtual Machines tab.
  2. Right-click the menu bar for any virtual machine column and click Needs Consolidation. The Needs Consolidation column appears.
     
A Yes status indicates that the snapshot files for the virtual machine should be consolidated and that the virtual machine's Tasks and Events tab shows a configuration problem.
A No status indicates that the files are OK.
Note: A Configuration Issue warning is also displayed in the Summary tab of the virtual machine indicating that virtual machine disk consolidation is needed.

Consolidating snapshots for a virtual machine

To consolidate snapshots:
  1. To consolidate the snapshot files, right-click the virtual machine and click Snapshot > Consolidate.
  2. Check the Need Consolidation column to verify that the task succeeded.
     
    If the task succeeded, the Configuration Issues message clears and the Needs Consolidation value is No.
Note: The consolidate option allows you to consolidate the snapshots when there are no snapshots shown in the Snapshot Manager, but does not fix the underlying issue that may have caused this to occur initially.
 
 

Wednesday 20 March 2013

How to kill a Virtual Machine Process using CLI and ESXTOP

Sending signals on ESXi to power off the virtual machine

Warning: This procedure is potentially hazardous to the ESXi host. If you do not identify the appropriate process ID (PID) and kill the wrong process, it may have unexpected results. If you are not comfortable with the following procedure, file a support request with VMware Technical Support and note this Knowledge Base article ID (1014165) in the problem description.

In ESXi 3.5-5.x, you can use the kill command to send a signal to, and terminate, a running virtual machine process.

Step 1: On the ESXi console, enter Tech Support mode and log in as root.

Step 2: To determine if the virtual machine process is running on the ESXi host, run this command:

#ps | grep vmx

The output appears similar to:

7662 7662 vmx /bin/vmx
7667 7662 vmx /bin/vmx
7668 7662 mks:VirtualMachineName /bin/vmx
7669 7662 vcpu-0:VirtualMachineName /bin/vmx


Several rows are returned, one for each vmx process. Identify the parent vmx process for the target virtual machine. The first column contains the PID, and the second contains the parent's PID. Ensure you terminate only the parent process. The parent Process ID (PID) for each process is listed in the second column, identified in this example in bold. Take note of this number for use in the following steps.

Caution: Ensure that you identify the line specific only to the virtual machine you are attempting to repair. If you continue this process for a virtual machine other than the one in question, you can cause downtime for the other virtual machine.
Step  3: If the vmx process is listed, terminate the process using this command:

#kill ProcessID

Note: Wait 30 seconds and repeat step 2 to check for the process again.

Step 4: If it is not terminated, run this command:

#kill -9 ProcessID
Note: Wait 30 seconds and check for the process again.


Using esxtop to send a signal to, and kill, a running virtual machine process


Step 1: On the ESXi console, enter Tech Support mode and log in as root.
Sep 2: Run the esxtop utility using this command:

#esxtop

Step 3: Press c to switch to the CPU resource utilization screen.
Step 4: Press Shift+v to limit the view to virtual machines. This may make it easier to find the Leader World ID in step 7.
Step 5: Press f to display the list of fields.
Step 6: Press c to add the column for the Leader World ID.
Step 7: Identify the target virtual machine by its Name and Leader World ID (LWID).
Step 8: Press k.
Step 9: At the World to kill prompt, type in the Leader World ID from step 6 and press Enter.
Step 10: Wait 30 seconds and validate that the process is not longer listed.