Building the lab 5: Storage I

This part of my homelab rebuild will touch on something interesting… storage options. Knowing that my lab is going to be a couple levels of nesting, I wanted to look at the different options that are out there.

For years, I have had and use a Synology DS 1512+ storage array. This thing has been running like gangbusters. It serves multiple purposes from backups & fileshares, to NFS storage for the virtual environment.

Over the years, I have upgraded the drives from 1TB to 2TB, to 3TB. Because of this, I have a few drives lying around not in use. I thought that maybe I could spin up a FreeNAS or OpenFiler box for iSCSI within the environment. By creating differing storage arrays, I could introduce Storage Policies within the environment for potential feature consumption down the road.

As I explored the various options out there, I discovered many simulators from various vendors: 3PAR, EMC, NetApp. In addition to these, you have the free options as mentioned above: OpenFiler, FreeNAS, etc. But I also stumbled across this jewel….. XPEnology.

I’m sure you are wondering — What is XPEnology?
Xpenology is a bootloader for Synology’s operating system which is called DSM (Disk Station Manager) and is what they use on their NAS devices. DSM is running on a custom Linux version developed by Synology. Its optimized for running on a NAS server with all of the features you often need in a NAS device. Xpenology creates the possibility to run the Synology DSM on any x86 device like any pc or self-built NAS.

You read that right, it is possible to run XPEnology on bare metal. XPEnology runs as a faux Synology NAS.

Now, before you continue, you should know this. XPEnology is not supported or owned by Synology, micronauts, or anyone in their right mind. The links provided are ONLY for experimentation purposes and should not be used in any production or development environment. It is very possible you could lose all data and put yourself in jeopardy. If you need reliable, dependable storage, then buy a Synology NAS.

PROCEED AT YOUR OWN RISK!

Alex Lopez at ThinkVirtual has a good write up on how to create a Synology Storage VM
https://ithinkvirtual.com/2016/04/30/create-a-synology-vm-with-xpenology/

Alex’s write up was based on Erik Bussink’s build, found here.
https://www.bussink.ch/?p=1672

The original XPEnology website walkthrough on how to create a Synology Storage VM.
http://xpenology.me/installing-dsm-5-1-vmware-esxi5-5u1/

The original Xpenology website has become a ghost-town. I’m not sure if it is being maintained, or if the original creator(s) just don’t have the time to update it any longer. The last updates came out around DSM 5.2-5644.5 (so a while ago). However, the XPEnology forums will provide all kinds of glorious information from the wealth of knowledge within the community.

Additionally, you can get more information from this new XPEnology info site. They also have a pretty good walk-through for a storage VM. The video tutorial even covers how to setup ESXi 5.1 (http://xpenology.org/installation/).

I chose to build on baremetal.
While having a storage VM is great, I think having XPEnology on baremetal is even better. As you read and research how to do this, you are going to discover that it involves grabbing files stashed all over the internet — files ranging from a bootloader to PAT files. Make sure that you read EVERYTHING. I reutilized some hardware and some of my old synology drives and built a XPEnology server on bare metal.

I booked marked this site (https://github.com/XPEnology/JunLoader/wiki/Installing-DSM-6.0-Bare-Metal) as it provides a pretty good walkthrough on how to create a bootable USB drive for the XPEnology OS. I also found this one (http://blog.pztop.com/2017/07/24/Make-Xpenology-boot-loader-1.02b-for-DSM-6.1-on-Ubuntu/). For those of you, like myself, who are on a MAC…. you may need this nugget (https://xpenology.com/forum/topic/1753-create-a-bootable-usb-on-os-x/).

Again, I would like to say, if you need reliable and dependable storage, go purchase a real storage array.

Building the lab 4: Stand up vCloud Director

First, I would like to declare: “vCloud Director is NOT dead!” I can say emphatically, this product did not die, never died, and I don’t believe that it is going to die! It is still actively being developed by VMware.

With this clarified, let’s move on to getting vCD stood up. Again, I followed along with the wonderful guide from Sysadmin Tutorial.

This guide has a very good walk-through for standing up vCloud Director 8.0 for a Proof of Concept (it also works well for 9.0). There are multiple steps that break out each milestone of the installation/deployment. You could follow along each part, as I did. Along the way, I will point out the various things that I did or changed for my environment.

Part One is self explanatory. The walkthrough shows you how to set up a SQL database. Yes, MS SQL is still supported with vCD 9.0. While you may want to migrate or move to a PostGreSQL Database, this guide sets you up for MS SQL. (I will cover how to setup PostGreSQL and migrate the database sometime in the future. You may need or want this down the road when you get ready to upgrade.)

Part Two – setting up a RabbitMQ server, I skipped. Why do you ask? Well, the answer is selfish. My environment is small and is designed for one thing – quick deployment and stand up of an SDDC environment for play and discovery. Unlike many vCD environments that can be found in the wild, I will not be interfacing or integrating with any outside services. Nor will I be standing up mulitple cells. So I have no need of a RabbitMQ server at this time. You and your environment may very well need one.

Part Three of this guide is very good. I like how they dig into the certificate creation and the details of what to do with them. This portion of the walkthrough also includes how to create the cert with a Microsoft CA server. These are details that I would like to see VMware include in their documentation. This is one area that plagues many installations as certificates always seem to be problematic and having a good walkthrough would really go a long way.

Once you complete these steps, you are ready to configure vCloud Director for consumption. Like all VMware products, you should have a good idea of how or what you want to do. Setting this up to play with is one thing. But if you are trying to utilize it beyond “how do I install it?”, then you need to have an idea of what you are trying to accomplish. If you haven’t taken the time to do this, you should.

For me, as I said previously – I want to stand up vCloud Director to be a mechanism where I can quickly deploy full SDDC environments to manipulate and play with. I want to utilize these environments to learn, discover, and grow my skillset. I do not want to destroy and rebuild my lab environment every time I have a different scenario I want to test. My goal is to ‘mimic’ the Hands On Lab environment. Ambitious? Yes.

I’m going to stop here as the next Part of the SysAdmin Tutorial walkthrough was already covered when I stood up NSX in “Building the lab 3: NSX”. Before I continue with the SysAdmin Tutorial on and kick off Part 5, I want to set up more storage.

Bypass HSTS

While I am an avid supporter of encryption and security, I do have to admit… getting the dreaded HSTS error within the Chrome browser sucks. When this happens, one of the quickest easiest “hacks” (tips!) to bypass it is to just type “badidea” on your keyboard. And voila! HSTS is bypassed.

I learned of this trick from the following blog post by Scott Helme. He details how to do this, but more importantly why it’s not really a good idea. If you are getting an HSTS error, then there is obviously something wrong with your SSL Certificates and you should investigate.

Bypass HSTS
Bypass HSTS

How to upgrade a simple vRA 7.0 instance to vRA 7.0.1

Just this week, VMware released vRealize Automation 7.0.1 (vRA). It contains many bug fixes and some enhancements to the vRA platform. I was excited for it to come out and was anxious to perform an upgrade in my home lab.

I will advise caution and planning in any upgrade of your environment. But I would stress heavily on the planning. You should know your dependencies before you attempt an upgrade, and always. ALWAYS, read the Release notes before you start the upgrade process.

The following process is for a simple vRA instance. This is the Proof Of Concept build, sometimes referred to as a “Lab” or “Sandbox” build. However, these steps can be modified for a fully distributed vRA instance.

Here is how I upgraded my lab.

1) Take snapshots of the vRA Cafe Appliance, IaaS VM, and SQL VM.

2) Shutdown the vRA Services
     SSH into the vRA Cafe Appliance and shutdown the vco-server, vcac-server, apache2, and the rabbitmq-server services.

  1. Run the below commands to stop the above listed services:
    • #service vcac-server stop
    • #service apache2 stop
    • #service rabbitmq-server stop
    • #service vco-server stop


    You can check that the services have stopped using the status syntax: #service vco-server status

  2. Log into the IaaS Virtual Machine and stop the below listed vRA services.
    • All VMware vCloud Automation Center agents
    • All VMware DEM Workers
    • VMware DEM Orchestrator
    • VMware vCloud Automation Center Manager Service


3) Download the vRealize Automation Appliance 7.0.1 Update Repository Archive ISO.

4)Upload the ISO to a datastore, and mount the iso to the vRA Cafe Appliance’s CDRom.

VM Settings
5) Open a browser and log into the vRA Cafe. Then Navigate to the “Update Tab” –>> “Settings”.

6) Change the Update Repository to “Use CDRom Updates”. Click on “Save Settings”.

Use CDRom Updates
Use CDRom Updates

7) Select the “Status Tab”.

8) Click on “Check For Updates”.

Check For Updates
Check For Updates

9) An update should be found (as shown in the photo above). Click on “Install Updates”.

10) Wait for the update to complete. This took approx 30 minutes for my lab.

Install Updates
Install Updates

11) Once the updates complete, you will be notified to reboot the vRA Cafe Appliance.
Reboot Notice
Reboot Notice

12) Once the vRA Cafe Appliance has completed the reboot, log back into the vRA VAMI and verify the version.
Updated Version
Updated Version

This completes the vRA Cafe Appliance upgrade. Now it is time to focus on the IaaS Server.

13) Open a console or RDP session into the IaaS Server and log into the machine with the vRA Administrator Service Account.

14) Open a web browser and browse to the vRA Cafe Installer page. “https://[vRA Appliance FQDN]:5480/installer”

15) Download the “DBUPGRADE SCRIPTS”.

16) Verify the Java Path in the Environmental variables.

Java Path
Java Path

17) Open the File Explorer and browse to the folder where you downloaded the “DBUPGRADE.zip” scripts file. Extract the DBUpgrade.zip file.

18) Open an elevated Command Prompt.

19) Change the directory to the location of the DBUpgrade Extraction Folder.

20) NOTE: Verify that the vRA Administrator Service Account has the SQL sysadmin role enabled.

21) Run the following command to update the SQL Database:
      # dbupgrade -S sql.dwarf.lab -d vra -E -upgrade

Replace sql.dwarf.lab with the FQDN of your SQL server.

DBUpgrade Script
DBUpgrade Script

The process may take a few minutes to complete.

22) Return to the vRA Cafe Installer page. “https://[vRA Appliance FQDN]:5480/installer”. Download “IaaS_Setup”.

23) Browse to the downloaded file in File Explorer. Right-Click the file, and “Run as Administrator”.

vRA 7.0.1 IaaS Installation - 1
vRA 7.0.1 IaaS Installation – 1

vRA 7.0.1 IaaS Installation – 2
vRA 7.0.1 IaaS Installation – 2

vRA 7.0.1 IaaS Installation – 3
vRA 7.0.1 IaaS Installation – 3

24) Select “Upgrade”
vRA 7.0.1 IaaS Installation – 4
vRA 7.0.1 IaaS Installation – 4

vRA 7.0.1 IaaS Installation – 5
vRA 7.0.1 IaaS Installation – 5

25) Fill in the Blanks.
vRA 7.0.1 IaaS Installation – 6
vRA 7.0.1 IaaS Installation – 6

NOTE: For the SQL Connection. If you are not using SSL, uncheck the option to “Use SSL for Database Connection”; else you will experience the following error.
vRA 7.0.1 IaaS Installation – 7
vRA 7.0.1 IaaS Installation – 7

26) For my lab, I had to remove the SSL connection between the IaaS Server and the SQL Database Server.
vRA 7.0.1 IaaS Installation – 8
vRA 7.0.1 IaaS Installation – 8

vRA 7.0.1 IaaS Installation – 9
vRA 7.0.1 IaaS Installation – 9

vRA 7.0.1 IaaS Installation – 10
vRA 7.0.1 IaaS Installation – 10

vRA 7.0.1 IaaS Installation – 11
vRA 7.0.1 IaaS Installation – 11

27) The upgrade installation will take some time to complete. I recommend going and grabbing a drink. The process took approx 30 mins for me for it to complete.
vRA 7.0.1 IaaS Installation – 12
vRA 7.0.1 IaaS Installation – 12

28) The upgrade finishes.
vRA 7.0.1 IaaS Installation – 13
vRA 7.0.1 IaaS Installation – 13

29) Click finish and reboot the IaaS Server.

30) When the server comes back online. Log back in and verify that all vRA services have restarted.

vRA Services
vRA Services

31) Log back into the vRA Cafe Appliance and check all Services are returned to “Registered”.
Cafe Services
Cafe Services

If everything happened without any issues, then you have successfully upgraded vRA from 7.0 to 7.0.1. Go log into your portal and check it out!

vRA Portal Login
vRA Portal Login

Prevent the incrementing of eth devices on Linux systems after guest customization of a cloned VM

I’ve ran into this issue before and found the following article written by Chris Greene from Orchestration.io.

After the guest customization process runs on cloned VMs in some VMware products, you may notice that on your Linux systems the eth device number gets incremented. For example, when the system is first built, the first eth device will be eth0. If the system is cloned & customized, the eth device will become eth1. This may not be a problem on some systems, but people often need/prefer the first eth device to be eth0 or at least to not change after the system is customized.

The issue arises because of old entries in the udev network file – /etc/udev/rules.d/70-persistent-net.rules. After an initial install of a Linux system that has a NIC with a MAC of “00:50:56:02:00:7c”, /etc/udev/rules.d/70-persistent-net.rules will look something like

When you perform a clone & customization (as in creating a new vApp from a template in vCloud), the source VM is cloned and has NIC with a new MAC address. When the cloned VMs boots, udev notices the new NIC and updates /etc/udev/rules.d/70-persistent-net.rules with the new NIC and gives it the name eth1.

A new file named /etc/sysconfig/network-scripts/ifcfg-eth1 will be created that points to the eth1 device

Now when ifconfig is ran, you will see eth1 instead of eth0.

To prevent the issue from occurring, delete the /etc/udev/rules.d/70-persistent-net.rules file before shutting down the VM and turning it into a template. This will cause a new /etc/udev/rules.d/70-persistent-net.rules to be created when the customizing VM boots up. The new file will only contain the NICs on the system and they should be labelled as eth0, eth1, etc.

Another thing you may want do before shutting the VM down to be added as a template is modify /etc/sysconfig/network-scripts/ifcfg-eth0 so that ONBOOT is set to no (ONBOOT=no). I’ve seen issues in vCloud where multiple vApp templates are being deploying onto the same network and the VMs have the same IP (that was initially on the VM before it was turned into a template). Then the systems boot, ifup is ran, which runs arping. I’ve seen arpping return an error in these situations, which causes VMware tools to not start. This then causes guest customization to fail since VMware tools is relied up by guest customization.