My Daily Cloud Blog

Home

Christian Marrero
1–2 minutes

  • AWS Hand-On Tutorial Experience

    AWS Hand-On Tutorial Experience

    The AWS Hand On Tutorial page it’s a great resource to learn AWS It provide step by step on how to perform or deploy certain workloads, application or utilize a vast of their Services. And the best part, it is free.

    Navigating the Site is very straightforward, with a filter column to where you can specify the category or categories you are mainly looking to focus on:

    Now, if you are very new to AWS or have very basic knowledge, the Get Started Center is a way to get your feet wet but for now, I will be focusing with the Hands On Tutorial.

    I few college asked me if it a great resource to studying for any AWS exam, it depend! Yes you can use this as a way to validate knowledge, perhaps build knowledge around scenario based as you will be deploying workloads with certain services. Some other tutorials will help you understand more about certain consoles or services such as User Management, IAM, etc.

    Once you find and select a Hand-on lab, the layout, content and font is very easy to follow and read. It does provide quite a lot of images which are great reference in case you get a bit lost or behind. I do also find very beneficial all the URL across the entire lab guide. They will take you straight to service specific public page or to specific section within the AWS Documentation Guide.

    I strongly suggest to get this a try, get some Hand-on labs done and provide feedback as AWS may find them very useful to continue developing more and maintain them relevant as technology evolve. Cheers!

    ,

  • Nutanix Cluster NCC host resolution check warning alert

    Nutanix Cluster NCC host resolution check warning alert

    For the past few month, I been troubleshooting for what seems to be DNS related issue which trigger a warning alert. I tried multiple steps such as:

    1. Check all DNS records are in DNS
    2. Ensure no ACL or Firewall is blocking ingress / egress traffic from to CVM via port 53
    3. Ensure DNS Servers IP are consistent in ESXi as well in PRISM UI

    After all this, everything seems to be in good standing but the alert still coming back. Ran the NCC check via CLI and same result. I reference this KB from the Nutanix Support Portal (1709) but still same issue.

    After verifying my primary and secondary DNS Servers, I realize that the location of the other DNS server wasn’t local or was on the other side of the country so I decided to remove the remote DNS Server. Once I removed it from PRISM and ESXi, the CVM started to resolving IP to Hostname and Hostname to IP Address and the check result change to PASSED:

    Now, the only issue I have with this, single DNS Server therefore, I opened a case with Nutanix Support to further investigate this matter. I will keep update this post once I get in a Zoom with Nutanix.

    , ,

  • How to change the default ADMIN password on AHV

    How to change the default ADMIN password on AHV

    If you forgot the ADMIN password for your AHV Hypervisor node but never did change the nutanix account password, you still have to opportunity to reset those password or hardening them as well.

    First, login to the AHV Hypervisor via SSH using the nutanix account. The default password notmally is nutanix/4u

    Second, we will start by resetting the Admin Password so run the following command:

    sudo passwd admin

    Then, type the new password and confirm the new password:

    You should get a Successful respond as illustrate above.

    Now, we will reset the nutanix as well root account password. To do this, log in with your admin account using the newly reset password we did previously.

    Repeat same steps we follow when we reset the admin account.

    This time it will asked you to provide the admin credentials before elevating the command:

    Then proceed to type the new password and confirm it. Follow same process with the root account.

    ,

  • Create a sudo user in CentOS

    Create a sudo user in CentOS

    This article describes the process of granting sudo access to a new or existing user on CentOS

    Create a new user by using the adduser command followed by the new user’s <username> as shown in the following example:
     

    [root@funserver ~]# adduser bobby

    Use the passwd command followed by the new user’s <username> to set up a password for bobby user. Enter the new password in the verification prompt twice.


    [root@funserver ~]# passwd bobby
    Changing password for user bobby
    New password:
    Retype new password:
    passwd: all authentication tokens updated successfully

    Now we have a user created however, this users only have the least privilege therefore we have to elevate them otherwise wouldn’t be able to do much with the user bobby.

    Grant root permissions to a new or existing user

    Edit the sudoers file by using the following command:
     

    [root@funserver ~]# visudo

    You then see a version similar to following text:


    ## Next comes the main part: which users can run what software on
    ## which machines (the sudoers file can be shared between multiple
    ## systems).
    ## Syntax:
    ##
    ##      user    MACHINE=COMMANDS
    ##
    ## The COMMANDS section may have other options added to it.
    ##
    ## Allow root to run any commands anywhere
    root    ALL=(ALL)       ALL

    ## Allows members of the ‘sys’ group to run networking, software,
    ## service management apps and more.
    # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

    ## Allows people in group wheel to run all commands
    %wheel  ALL=(ALL)       ALL

    ## Same thing without a password
    # %wheel        ALL=(ALL)       NOPASSWD: ALL

    ## Allows members of the users group to mount and unmount the
    ## cdrom as root
    # %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

    ## Allows members of the users group to shutdown this system
    # %users  localhost=/sbin/shutdown -h now

    ## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
    #includedir /etc/sudoers.d

    Press the i key on your keyboard to enter insert mode. Next press the j key to move the cursor down and the k key to move it up to the following section:


     ## Allow root to run any commands anywhere
     root    ALL=(ALL)       ALL

    Add the newly created user by inserting <username> ALL=(ALL) ALL on a new line as show in the following example:


    ## Allow root to run any commands anywhere
    root    ALL=(ALL)       ALL
    newuser ALL=(ALL)       ALL

    Press the i key to exit insert mode, followed by typing :wq to save and exit.

    Verify permission change

    Now that we have an su user with some power, we need to ensure we can elevate to su with our newly create user.

    Use the su command followed by – <username> to access the new user account.
     [root@funserver ~]# su – bobby
     [bobby@funserver ~]$

    Use the sudo -i command to test if the new user account can elevate permissions. Enter the new user’s password. Verify these steps by using the following example:

     [bobby@funserver ~]$ sudo -i

    We trust you have received the usual lecture from the local System
     Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
      #2) Think before you type.
      #3) With great power comes great responsibility.

    [sudo] password for bobby:
     [root@funserver ~]#

    Use the whoami command to verify you are currently the root user.
     

    [root@funserver ~]# whoami
     root

    Please, be mindful as this can have some legitimate reason to elevate an account before elevating any account. Cheers ~

    , ,

  • Moving vDisk between Storage Container in Prism Central

    Moving vDisk between Storage Container in Prism Central

    With the latest Nutanix Prism Central version, now Nutanix Admin do have the capability to move vDisk between storage containers.

    Nutanix since the beginning, always had the capability and provide the flexibility to create storage containers and enable to proper storage policies for efficiency such as Compression, Dedupe, EC-X Now, with PC be able to re-allocate vDisk to ensure the are in the proper container with correct Storage Efficiency Policies enabled. This will maximize performance and ensure best used of storage capacity.

    The process is very simple, first navigate to the VM section under the Compute and Storage in Prism Central. Then, select the Virtual Machine need the vDisk migrate. Select the Action Ribbon and click on Update.

    It will open the VM update Wizard Page:

    Then, navigate to the Resource Page under the Update VM Wizard, select the Disk need to be migrate to new Storage Container and Select Edit.

    This will take you to the Update Disk Section or Page:

    As you can see, I have the Default Storage Container however, I created a new Storage Container with more specific Storage Efficiency Policies for this particular VM so I will click the drop down arrow, look for my new Storage Container and select:

    Hit Save and move on with Updating the Virtual Machine Wizard.

    A quick Note, depend of the size of the vDisk, it can take as only as 10 seconds to a few minutes, again, it all depend of the size of the vDisk.

    We would like Nutanix continue on developing more on this as this was a long due ask for sometime now from customers and us Technology Afficionadors.

    Until later!!

    , ,

  • Hello World!

    Hello World!

    I been in the IT Industry for quite sometime now, can believe! Almost 20 years!! It is a long time and with this amount of time, experience, challenges and skills had been learned.

    I’m a true believer that sharing is carrying so I decide to share some of the knowledge, notes, experience I encounter for those Technologist out there perhaps those starting this journey.

    Again, may years started as an PC technician back in the late 90s and work my way up, I know sounds cliches, to now be a Cloud Architect, with a passion in everything technology, except spend hours with Internet Service Providers in the middle of the night! Shout out to those Network GURUS spending time with ISPs much love and respect for them!!

    I hope this can help and again, it is a platform to share knowledge perhaps comments are welcome with constructive feedback as I put quite sometime on building all the materials and it only represent my self and opinion.

  • Veeam Backup and Replication Error: Failed to open VDDK Error Message

    Veeam Backup and Replication Error: Failed to open VDDK Error Message

    PROBLEM:

       Certain VMs are unable to being backed up due to error message Error: Failed to open VDDK disk datstore_name_VM_Name.vmdk] ( is read-only mode – [true] ) Failed to open virtual disk disk datstore_name_VM_Name.vmdk (flags: 4) Logon attempt with parameters [VC/ESX: [vcenter_server];Port: 443;Login: [account_name];VMX Spec: [moref=vm-56235];Snapshot mor: [snapshot-68079];Transports: [nbd];Read Only: [true]] failed because of the following errors: Failed to open disk for read. Failed to upload disk.


    CAUSE:

    This issue is related to connection between Backup Proxy and ESXi Host via Management Agent.

    RESOLUTION:

    Identify the VMs being affected, then see if they are all belong to the same host, then proceed to the following steps:

    1. Log in to SSH or Local console as root on the host in question.

    2. Run these commands:

         /etc/init.d/hostd restart
        /etc/init.d/vpxa restart


    3. Run this command to verify if hostd is running:

        /etc/init.d/hostd status

    4. If the ESXi Host is manage by a vCenter Server, run the following command to verify if the vpxa  is running:

        /etc/init.d/vpxa status

    5. Re-Try the Backup Job.

        If the problem persist, ensure that the account you are using to run the job have full access to download files on the datastore by login in to vCenter with those credentials, then proceed to explorer the content on the datastore were the VMs affected resides, then open the VM folder and identify the file on the message. Try to download the file in question, if it fail with Access Denied or not have permissions, then the issue is related to permissions therefore, provide Administrator Role to the account on vCenter. Also, make sure you are using the right Transport Mode for your proxy or proxies, please refer to the Veeam Backup & Replication Documentation for more information pertaining Proxies and Transport Mode.

    Hope this helps!

  • Update Manager 5.5 Stop working after Windows Server Updates

    Update Manager 5.5 Stop working after Windows Server Updates

       
            A few weeks ago, I update my vCenter Server with the latest update from Microsoft. After installing the update and rebooted the server, update manager stopped working. I tried numerous things from reconnecting again the Server with the Database, rebooting the server and manually attempting to start the services but nothing seems to work.

            Well it is time to do some hardcore troubleshooting on this issue. First, I went to the event viewer under SYSTEM and nothing lead me to a particular error only an event id indicating that the service timeout after 1000 milliseconds. Then, I proceed to go on the vum-server-log4cpp.log and I found the following entry:

    Failed to parse C:/Program Files (x86)/VMware/Infrastructure/Update Manager/jetty-vum-ssl.xml. Error: not well-formed (invalid token)


       Now we are making some progress, after I some research, I found an VMware KB indicating that the root cause was related to a file named jetty-vum-ssl.xml  got corrupted here is the Link for the KB Article https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2069750

    So the two options you may have are:

    1. Restore the File from a backup from a good state.
    2. Uninstall and Re- Install Update Manager.

    I recommend second option since the Restoring the file most of the time don’t work. Re-Installing Update Manager it is fairly simple and quite fast. Hope this helps!

    ,

  • NFS Volume Max Out Error Message in vSphere 5.5

    NFS Volume Max Out Error Message in vSphere 5.5
    A few days ago, I
    tried mounting a NFS volume I created to my ESXi hosts and I get the
    following annoying error message:
    Failed to mount to server
    xxx.xxx.xxxx.xxx mount point /mnt/nfs-share/subdir/subdir. NFS has reached the
    maximum number of supported volumes    .
    Gosh it is annoying!
    So I decide to share the solution on this quick post here. It is very simple
    and undisruptive ( no reboot to any of the ESXi host require) That is alwas
    good right?
    From the vSphere Client:
    1. Select the ESXi host you want
      to mount the NFS volume
    2. Under the Configuration Tab,
      select Software Advanced Settings
    3. Select NFS, look for NFS.MaxVolumes
      You will notice
      the default value is 8
    1. Change the value to a number
      between the Min and Max Range, I normally select the Max
                     5. Click OK and that’s it no
    reboot require or anything. Repeat all this steps to the rest of your
    hosts.
    If you are a vSphere Web Client admin, here are the
    step I followed    :
    1. Go to Host and Cluster
    2. Select the host I need to
      mount the NFS volume
    3. Under Manage Tab, Settings,
      Select Advanced System Settings
    1. Search for the NFS.MaxVolumes on the Filter field at the top right hand side or just
      simple scroll down until you find it
    1. Click on the Edit Pencil at
      the left hand side
    1. Enter the Value require, I
      personally enter the Max allowed:

    1. Click OK and you are done.
    ,

  • NetApp SnapMirror Between 8.2 and 8.3 Gotcha!

    NetApp SnapMirror Between 8.2 and 8.3 Gotcha!

    Last week I attempt to create a snapmirror job between two NetApp running on different version and it was quite challenge to setup I decide to share them with everyone since they are quite difficult to troubleshoot them. Here are the two gotcha that you have to be aware and how to tackle them.

    1. Unable to use GUI System Manager: The only way you are able to fully manage the Snapmirror will be via the CLI. The only action you will be to manage from the GUI are update, quiescence and abort, that’s about it. The advantage, it get you more time on the CLI if you are like me that love the System Manager alot!

    2. Language issue: Another gotcha I encounter was different language between SVMs. 8.3 does use different programing language than 8.2 which every volume will be set with the programming language set at the SVM level. So in order to make this work, I change the SVM programming language on my 8.3 to match the 8.2 SVM. So have you can do that? Here are the commands:

    First, needs to show the vserver or vservers language:
    GEEK::> vserver show -fields language
    vserver  language
    ——– ——–
    GEEKCIFS C
    GEEKDR   en_US
    GEEKESX  en_US
    GEEKHyperV
             en_US
    GEEKNAS  en_US
    GEEKSAN  en
    GEEKDemo  en_US
    blatz    C
    peacemaker
             C
    9 entries were displayed.

    You can see in the above example, some of them are C and some en_US.  
    To modify the destination vserver language, use the following command:  
    vserver modify -vserver -language C

    Note: You can’t change the language of an already created volume, so you’ll likely have to recreate the destination volume once you’ve changed the language (the volume inherits the SVM language).
    I always recommend to run snapmirror on same ONTAP version for numerous reason such support, data consistency, performance and many other reason so try alway to keep your NetApp Enviroment up to date as much as possible. Hope this gotchas helps.
    ,