Virtualization Archives - Page 5 of 12

Issues with authentication when running vSphere 5.5 with AD and SSO server on Windows Server 2012

September 26, 2013 by Sean

This week I spent a considerable amount of time trying to first of all upgrade a vSphere 5.1 environment to 5.5, and then trying to build a new 5.5 environment up from scratch.

In both cases, the core environment was configured as follows:

Windows Server 2012 AD
Windows Server 2012 vCenter Server 5.5 + SSO
Windows Server 2012 with SQL Server 2012 for vCenter database

The upgrade process went fairly smoothly as expected. However, every time I tried to login to vCenter as a domain user via the vSphere Web Client, I would receive a message stating “cannot parse group information“. I did not find too much in terms of helpful messages in any logs, and the SSO log file that existed with vCenter 5.1 under the C:\ProgramData\VMware…\… folder does not seem to exist anymore (who knows where this went!)

However, after much struggling, I finally got the authentication working for users. Here is my authentication source configuration:

ad-ldap-source

The critical bit I found needed to actually login to the vSphere web client or the vSphere client (C# windows app) was that the format for usernames needed to be:

username@domainname.lan

For example:

vsphere-client-55-login-example

Any other format for the username that you would expect to work (like mydomain\username) would just fail, and in the web client you would see the error “cannot parse group information”.

This morning I saw that VMware had announced an issue specifically with this kind of configuration (AD on 2012 with SSO on 2012 server), and have posted a workaround. I have not yet tested their official workaround and patch yet, but found that the above worked for me. All my logins needed to be in the above format though – PowerCLI, VMware 3rd party apps, vSphere client etc…

Fun tweets relating to the experience:

Updating one of the work lab environments to vSphere 5.5 GA 🙂

— Sean Duffy (@shogan85) September 23, 2013

SSO with vCenter Server 5.5. Not fun. Glad I seem to have fixed this issue now though. So much for it being "vastly improved for the better"

— Sean Duffy (@shogan85) September 24, 2013

Looks like the beta testing of vSphere 5.5 failed to pick up on this scenario then.

Ebook – VMware Workstation – No Experience Necessary

October 30, 2013September 25, 2013 by Sean

A little while back I got involved with Packt Publishing to help with the publishing of a book called “VMware Workstation – No Experience Necessary”. I was helping in the capacity of a technical reviewer – this meant reading and reviewing each chapter and suggested changes or improvements where necessary whilst the book was in development.

The book has now been published, and you can grab yourself a copy / support the author (Sander van Vugt) over at the Packt website: Link to ebook. This is a great book if you are new to VMware Workstation, and being fairly short (around 100 pages), it reads well and is to the point. It contains information on every aspect of setting up Virtual Machines, their configuration, networking and other tasks such as snapshots and remote management using Workstation so it really does a great job of getting the beginner up to speed.

It is also available on Amazon in Paperback and Kindle editions

Regarding the actual work involved, I was purely interested in the review process and thought it would be an interesting project to help with – none of the book sale proceeds come my way.

VM provisioning from e-mail using Python and the VMware Perl SDK

April 12, 2015August 21, 2013 by Sean

This is a bit of a fun project that I did as a part of my presentation of the vPi project. It doesn’t necessarily achieve anything useful (at least not on the surface), but it does demonstrate some techniques that could be put to far greater use.

In summary, this integration turns e-mails from people into Virtual Machines on a vSphere environment. It consists of the following components:

Raspberry Pi running the vPi image
Python script
VMware Perl script (vmcreate.pl) + a bit of XML used for the VM template.
VMware Perl script (vmcontrol.pl)

The way it works, is a Gmail mailbox is setup to capture e-mails sent to a specific e-mail address. The Raspberry Pi runs a Python script that logs into Gmail, and looks for any new e-mail that has arrived. If an e-mail is found, it takes the FROM address and splits it up into components, determining the sender’s first and last names.

The script then opens up the XML template file that the vmcreate.pl script uses as a basis to creating VMs, and searches it for a bit of bespoke text we placed there called “TEMPLATE_NAME”. Once found, it strips this out and replaces the TEMPLATE_NAME with the sender’s name.

We then move onto the next procedure, which involves invoking the vmcreate.pl script from the Python script, passing it in the parameters required (such as the server to connect to, credentials, and the all important XML template). This runs against the vSphere environment in question, and creates a VM named after the e-mail sender, (appending a random string of text and numbers to the end to ensure that multiple e-mails from the same person do not cause an issue with duplicate named VMs).

Once the VM is provisioned, the Python script invokes the vmcontrol.pl script using the name of the VM we just provisioned to power the VM up. Lastly, the Python script sends an e-mail back to the sender, stating that their VM has been created and powered on. After that, voila! You will have a new VM created and deployed in your Datacenter all triggered from a simple e-mail.

The script files required + XML and XML schema files are available for download below. The main python script is fairly lengthy, so I won’t include the content direct on this post. Just download the file to grab everything.

Notes to get the script up and running:

I found the vmcreate.xsd (XML Schema file) for the VMware vmcreate.pl script did not work, so I had to modify it to change some of the property names to match those of which the vmcreate script was expecting. My updated version is included in the download below if you get any errors from the vmcreate.pl script. It’s default location is: /usr/lib/vmware-viperl/apps/schema
You will need to find and edit some variables in the main Python script – your mailbox name and password, plus the IP, username and password for the vmcreate.pl and vmcontrol.pl perl script calls.
In the vmtemplate.xml file you should define the characteristics of your VMs that are created. GuestOS, Disk size, etc… Of particular importance, is the name of your host to deploy to, Datacenter name, Datastore name to deploy to, and default VM network to use. These are all of course unique to your own environments.

[download id=”26″ template=””]

[download id=”27″ template=””]

Once you start to think of other ways of using this, you can begin to imagine some really great (and even crazy) solutions. As a start, it would be quite easy to begin extending this, so that e-mails undergo some sort of validation first. E.g. does the domain the sender sent from exist in our “Whitelist” of people allowed to provision e-mails, or does a specific “password” required exist in the body of the e-mail etc…

How about having a standard e-mail template, where the sender can specify more details, such as vCPUs, RAM, disk sizes, OS to install? You could then provision from VM templates instead of creating new VMs, that have customization specs attached. Once powered up and provisioned, a script within the VM could be initiated to accept parameters the VM was created with, and use those to send the requestor an e-mail to say “Hey! I’m now ready for you to connect, and here is the IP you can use…”.

Of course, this is not limited to vPi and the Raspberry Pi – that was just the platform I demonstrated this on. Being standard SDKs and scripting languages, you could use the above solution anywhere.

vPi – a Raspberry Pi for VMware presentation on vBrownBag EMEA

August 11, 2013 by Sean

Last week I hosted a session talking about vPi. vPi is an image for the Raspberry Pi based on Raspbian, specifically targeted at VMware integration. Many great things can be done with this solution, including some very nifty automation, scripting and reporting.

The session was hosted on the weekly vBrownBag EMEA webinar. Take a look at the embedded Vimeo video below to watch through. Here is a basic breakdown of what the session covers:

Introduction / about
Basic intro to Raspberry Pi
Basic intro to vPi
Live demo
- Demonstration of various VMware utilities included with vPi, such as ESXCLI, the RVC fling, vmkfstools, etc…
- Very cool provisioning script demo using Python and Perl to deploy Virtual Machines by users sending a simple e-mail through to a designated mailbox (audience participation)
- Quick demo of a home automation script that integrates with Foursquare, Facebook, and local Weather channels to announce various statuses/states
Conclusion

Remember to switch to HD mode so you can read the text in the presentation and PuTTy session I had open. Also a big thanks to Gregg Robertson (co-worker and fellow saffa) for inviting me to present on last week’s vBrownBag EMEA session.

httpvh://vimeo.com/71875957

Slides are available for download here, but it probably makes more sense to check the whole presentation out on Vimeo, as the demo is the bulk of the session:

[download id=”26″]

VMware vExpert for 2013

June 10, 2013 by Sean

This is a bit of a delayed reaction to the vExpert 2013 announcements late last month, but I have been very busy and didn’t have time to finish posting the below on the day…

I woke up this morning to a flurry of tweets announcing the vExpert 2013 nominations. I was honoured to have received this title for a second year running now. Four of my colleagues at Xtravirt also received the title, as did 25 or so fellow London VMUG members. In total there were 500 or so people that received this title for 2013, out of 850 applicants. Congratulations to all who were nominated this year around!

Along with the flurry of activity on twitter came the inevitable blog posts. Two of my favourite so far are from @dawoo and @rimmergram.

Jane’s post rang true for me as one topic she covered was the perceived negativity to the announcements from some. I had also noticed a little bit of negativity from others on twitter around the announcements and the greater number of vExperts this year. Of course everyone is entitled to their own opinions. For me, I was just honoured to be able to keep the title for a second year around. This means I was able to keep at my quest for sharing knowledge in 2012 – my main platform being this blog.

Going slightly off topic, I did a look up on Google Analytics the other day, and Shogan.tech has been running for 5 years now! In that time it has received almost 300 000 page views.It started off as a really old version of WordPress running on a humble Dell Optiplex PC at one of my previous abodes, running on top of a VMware Server 2.0 VM (uBuntu Server with Apache, mySQL and PHP). After 6 months of PC issues and website outages, I decided to go the hosted route. It is a great feeling to know that many people have benefited from the content of my blog, and I hope to continue this trend throughout 2013.

For those interested, the official VMware vExpert 2013 announcement blog post and list of people awarded can be found here.