links for 2010-09-03
Posted: September 3rd, 2010 | Author: delicious | Filed under: del.icio.us | View Comments-
I really dig Omnigraffle and this guide is a must for everyone who use this awesome software on a daily basis.
*Italiani leggete sotto*
With the *real* VMworld winding down, the hype for the European event is building up (the event is smaller, but at least we have decent beers here
).
It’s been a LONG time since I’ve been to a VMworld event (it was February 2008), this year will be all different to me, the keynote will be delivered by the new CEO (in 2008 Diane Greene did the opening speech) and there will be a lot of new interesting ecosystem partners on the showfloor.
This year I will travel alone, I’ll stay at the CABINN Metro which is probably the cheapest hotel in Copenhagen from Monday ’til Thursday so if anyone want to join me to do a tweetup or just to share a beer at the (in)famous VMworld party just let me know, you can reach me at fabio@p2v.it or on twitter @fabiorapposelli.
Italians do it better
Se siete italiani, state leggendo il mio blog, e sarete presenti al VMworld Europe vi invito ad aggiungervi a questa lista: http://bit.ly/VMworld2010IT, sto cercando di raggruppare un contingente italiano per condividere le esperienze sulla virtualizzazione e magari riuscire finalmente a creare un VMUG Italiano, se vi piace l’idea fate girare il link!
Technorati Tags: VMware, vSphere, VMworld
Doing the VCDX design in these two weeks has been a crazy ride, I spent near twelve hours a day creating, drawing and reviewing a (in my opinion) great documentation.
As many others before me I can clearly say that this is the most challenging part in the whole VCDX experience, sure, the Enterprise Admin exam was tricky, and studying for the Design exam was a thought task (the blueprint wasn’t that clear…) but compiling the Application Form and preparing all the documentation as requested by VMware was a really demanding task. Doing that with a two weeks deadline was an epic job for me, I’m not used to that pressure
.
But now that I submitted the design I can sleep tight at night, if the design will be accepted I’ll defend the first week of November in Cambridge, MA.
I wish to thank my wife for supporting me and for yelling at me at 3am forcing me to go to bed
Technorati Tags: VCDX, VMware, Design
Like many before, I borrow this post title from (the always great) Duncan Epping to say that I’ve sit through the Design Exam and PASSED!
This time I scored 400, a little better than my VCE310, which in my opinion was much harder.
The day before taking the test I did an extensive research on the Internet to see what the other who passed VCD310 were saying about the test, and after taking it I can affirm that everyone was right
there was one of the multiple-answer question with a duplicated answer, leading to an impossible to answer question, also the design portion was quite messy, I completed it with 10 seconds left but I’m sure that my drawing was awful.
Right now I should be on holiday but I’m neck-deep into the VCDX application form, I’m trying to reach the last deadline for VCDX3 defenses which is August 30th, wish me luck!
Technorati Tags: VMware, vSphere, VCDX, VCD310
Just a quick entry to say that VMware Fusion was just updated to version 3.1.1, here you can find the release notes.
The most important change (in my opinion) is regarding vSphere 4.1 support, now you can run ESX 4.1 on Fusion, definitely fundamental if you’re a developer or an architect.
Technorati Tags: VMware, vSphere, Fusion
I had a brief conversation with a customer the other day regarding NUMA best practices with Intel Nehalem processors.
The customer was deploying two full blade chassis with vSphere and was wondering if enabling the NUMA Node Interleave option in the BIOS was a good choice, he was arguing that by enabling this option the memory performance would be leveled for all the system but I suggested him that this was not the case with vSphere.
In fact if you enable Node Interleave you will negatively affect vSphere memory performance because the VMkernel try optimize the memory placement using the memory banks controlled by the CPU on which the virtual machine is running.
Node Interleaving is usually disabled in most Server BIOSes, but if you’re diagnosing a performance issue which is memory bound go check this BIOS setting, it can really improve the overall performance.
Technorati Tags: pCPU, vCPU, VMware, vSphere, NUMA, BIOS, Node Interleaving
Couple of weeks ago I was preparing a demo lab for a technology event held by my company here in San Marino and I had to join a couple of NetApp filers to an Active Directory environment.
The process itself is very simple but there are a couple of things to keep in mind regarding the time so I thought it would be nice to share them.
Before starting, here’s a bit of background on why clock is very important:
Active Directory authentication is based on a protocol called Kerberos, which use a ticketing system to grant access, the system time is very important because:
[...] In order to prevent intruders from resetting their system clocks in order to continue to use expired tickets, Kerberos V5 is set up to reject ticket requests from any host whose clock is not within the specified maximum clock skew of the KDC. Similarly, hosts are configured to reject responses from any KDC whose clock is not within the specified maximum clock skew of the host. The default value for maximum clock skew is 300 seconds, or five minutes. [...]
(taken from the Kerberos V5 System Administrator’s Guide).
So, basically, if the system clock of a machine is not within the 5 minutes range, the Kerberos system deny the authentication saying “clock skew too great”.
In order to avoid this we need to make sure that our NetApp FAS is within the acceptable range because even the join cannot complete if the clocks are not aligned, so first of all, issue a date command with this syntax:
demo02> date 201002171454 Warning: syncing time to an external time source which will eventually override the time set by the date command.
201002171425 which is (YYYYMMDDhhmm) means:
February, 17th 2010 2:54pm
And then we need to configure the NTP server to keep the time in sync with the Domain Controllers:
demo02> options timed.enable off demo02> options timed.proto ntp demo02> options timed.servers <NTP SERVER ADDRESS> demo02> options timed.max_skew 5m demo02> options timed.enable on
Now you can proceed with the domain join which is a very simple wizard-like interactive procedure, the command is cifs setup and here you can find a transcript:
demo02> cifs setup This process will enable CIFS access to the filer from a Windows(R) system. Use "?" for help at any prompt and Ctrl-C to exit without committing changes. Your filer does not have WINS configured and is visible only to clients on the same subnet. Do you want to make the system visible via WINS? [n]: A filer can be configured for multiprotocol access, or as an NTFS-only filer. Since multiple protocols are currently licensed on this filer, we recommend that you configure this filer as a multiprotocol filer (1) Multiprotocol filer (2) NTFS-only filer Selection (1-2)? [2]: 2 CIFS requires local /etc/passwd and /etc/group files and default files will be created. The default passwd file contains entries for 'root', 'pcuser', and 'nobody'. Enter the password for the root user []: Retype the password: The default name for this CIFS server is 'DEMO02'. Would you like to change this name? [n]: Data ONTAP CIFS services support four styles of user authentication. Choose the one from the list below that best suits your situation. (1) Active Directory domain authentication (Active Directory domains only) (2) Windows NT 4 domain authentication (Windows NT or Active Directory domains) (3) Windows Workgroup authentication using the filer's local user accounts (4) /etc/passwd and/or NIS/LDAP authentication Selection (1-4)? [1]: 1 What is the name of the Active Directory domain? [HANDS-ON.LOCAL]: HANDS-ON.LOCAL In order to create an Active Directory machine account for the filer, you must supply the name and password of a Windows account with sufficient privileges to add computers to the HANDS-ON.LOCAL domain. Enter the name of the Windows user [Administrator@HANDS-ON.LOCAL]: Administrator@HANDS-ON.LOCAL Password for Administrator@HANDS-ON.LOCAL: CIFS - Logged in as Administrator@HANDS-ON.LOCAL. The user that you specified has permission to create the filer's machine account in several (2) containers. Please choose where you would like this account to be created. (1) CN=computers (2) OU=Domain Controllers (3) None of the above Selection (1-3)? [1]: 1 CIFS - Starting SMB protocol... It is highly recommended that you create the local administrator account (DEMO02\administrator) for this filer. This account allows access to CIFS from Windows when domain controllers are not accessible. Do you want to create the DEMO02\administrator account? [y]: Enter the new password for DEMO02\administrator: Retype the password: Currently the user "DEMO02\administrator" and members of the group "HANDS-ON\Domain Admins" have permission to administer CIFS on this filer. You may specify an additional user or group to be added to the filer's "BUILTIN\Administrators" group, thus giving them administrative privileges as well. Would you like to specify a user or group that can administer CIFS? [n]: n Welcome to the HANDS-ON.LOCAL (HANDS-ON) Active Directory(R) domain. CIFS local server is running.
As you can see it’s a really simple and straightforward process, and you can even fire up compmgmt.msc from your Windows box and point it to the NetApp to see and map shares!.
Technorati Tags: NetApp, Storage, FAS, Active Directory