Jeantet’s Blog

So I’ve been working with VMware quite a bit for the past few years and I just learned what the “ESX” in VMware ESX stands for:

• ESX = Elastic Sky X
• GSX = Ground Storm X  (VMware GSX was the predecessor to VMware server, their host-based server virtualization product)

So the next time somebody talks about “Enterprise” or “Groupware”, you’ll know that info is incorrect.

Another cool acronym: TWAIN = Technology Without An Interesting Name

Share on Facebook

So I decided it was finally time to set up a little ESX cluster with OpenFiler. Everything was going smoothly until it came time to configure OpenFiler… being that I’m not a storage guy. Then the OpenFiler people seem to want to make money off selling the admin guide. *sigh*. Fortunately, there is a *great* little howto here. Thank you Lee Wynne.

Then I got the first ESX host connected no problem, but the second wasn’t connecting despite every bit of troubleshooting I tried. Fortunately, it seems that other people have not only done this before me, but they’re smarter than me. Crumpuppet figured it out here. (scoll down into the thread.) Basically, it looks like a bug – either with ESX or with OpenFiler.  The fix is in the /etc/initiators-allow and /etc/initiators-deny files, a TCPwrappers sorta way of controlling access by iSCSI initiators. It basically only lets the first one in and rejects everything else. Nice. I wasted 2 hours of my life on this one. The fix, in a nutshell:

I was scratching through the openfiler settings on the console, and found two files – initiators.allow, and initiators.deny. I did a couple of tests on OF in adding initiators to the local network. When adding one, it added an entry for it in the “allow” file, as you would expect.

But – the deny file had one single entry that looks like this:

iqn.2006-01.com.openfiler:tsn.6ef258ca57df ALL

I figured, the allow one gets processed after this one, so my “allowed” initiators will be given access anyway. This was not the case. Every time I made a change to the list of initiators on the OF web interface, this line was added to initiators.deny. I put a comment in front of it and restarted the iscsi-target service. I finally managed to discover my iSCSI target on my esx hosts.

So remember to check these files! If you also have the “ALL” line in initiators.deny, just put a # in front of it, and run:

service iscsi-target restart

This will probably have to be done every time you add a host. I’m not prepared to write-protect the initiators.deny file for in case OF cries about it, but can anyone think of a fix for this?

I recommend you read the entire thread and consider the security implications of this hack. For now at least, I’m up and running.

Share on Facebook

If you’re not a geek and for some odd reason you regularly look at this blog, you’re probably wondering what on earth that title means.

Translation:  set up a windows 2003 server to share data using methods from UNIX rather than Windows.

Why on earth do such a thing you ask?  Why not use OpenFiler or FreeNas?  Why burden myself with a win2k3 machine?  Well, because it does other stuff too.  That’s why.

Basically, I’ve got a decent sized chunk of disk space for my stuff which now includes VMs (Virtual Machines).  I need my ESX server to be able to save VMs here, but ESX does not speak Windoze.

I had a hell of a time getting SFU working (no, not STFU)  SFU=Services For Unix, which is what allows a windows machine to speak UNIX protocols, like NFS.  Basically, I had no idea what I was doing, and it’s a bit too complicated to just BS your way through it.

Turns out, you have to create user and group mappings, which sounds awfully insecure, but ESX only does root (at least, as of 3.5):
Users:  root –> administrator
group: root –> administrators

Then, surprise, it just works.  I actually found the answer here, in a VMware forum.

Now, if only I didn’t need this machine as a Fax / print server / CIFS file share, I could go 100% linux… except for VirtualCenter.  Darn it.

Share on Facebook

I run a few Linux VMs without Xwindows, and as such there is no convenient check box to enable time sync with the ESX server.  It turns out there are two ways to set up time synchronization: the first is from the service console, the other is from the VM itself.  Either way, it boils down to a setting in the VM’s VMX file, the difference is how we install that setting.

The following were found in the VMware communities forum here.

From the Service Console command line:
# vmware-cmd /vmfs/volumes/datastore/VMname/VMname.vmx setconfig tools.syncTime TRUE

From the VM’s console (include the double-quotes in the command):

(to turn it on)
# vmware-guestd –cmd “vmx.set_option synctime 0 1″

(and to turn it off)
# vmware-guestd –cmd “vmx.set_option synctime 1 0″

Share on Facebook

My friends know that I’ve been a geek for some time.  So much so, in fact, that I made a somewhat decent career out of it.  But I’d like to go back for a moment to the year 2000.   At the time, I was the “new kid” in the IP Engineering group.  I studied and got my MCSE, my CCNA and my mentor, Malcolm, taught me the basics in UNIX.  I learned how the web worked, and set up my first server at home.

Fast forward to a year ago.  I was hosting 79 domains, dedicated Celeron 533 for DNS and my personal e-mail, a PIII500 for hosted mail (RedHat 9), PII350 for Apache (RedHat 7.3), a file server (PIII600 win2k), a firewall on a PII350, a desktop and a lot of heat.  Being that I think VMware is the greatest thing since sliced bread (and I teach the stuff professionally,) it was time to put my money where my mouth was.  I bought an HP XW6200 on eBay for about $400 and built out an ESX server.  Granted, these workstations are not on the VMware HCL for ESX for a number of reasons (the least of which is lack of redundancy and it has SATA controllers), but after a few BIOS tweaks, it’s rock solid.  For the money, you can’t beat it.  There are a lot of them coming off lease right now so it’s time to pounce if you want one.

Moving forward to this post, I’ve virtualized the entire shebang. No redundancy, but hey, it’s not like there was any before!  So now I’ve decommissioned all these old machines and am getting rid of them (as well as the spare parts I was keeping on hand).   I mean, it’s not like this equipment can run Vista (or for that matter, OSX or Ubuntu.)

Inwin Case.  When it ran RedHat 6.2 with no GUI, it was a Celeron 533 with 128MB RAM and two 3com NICs.  For its new life as WinXP, the CPU was changed to a PIII 500, 512MB RAM, a single Netgear NIC, a sound card and an ATI Rage AGP adapter.

This is what prompted me to write this post.  I just built my old faithful RedHat 6.2 server with over 3600 days of service into a WindozeXP machine that I’m passing forward to a friend (There was extensive vacuuming btw.)  .  It’s not fast, but it’s got VLC, Open Office, Firefox and AVG.  Hopefully it will help some young kids get their feet wet.  It’s a bittersweet farewell to that old beast.

Share on Facebook