Comments (2)

By admin, April 6, 2011 12:57 pm

Xangati for ESX (Free Edition) is always ranked as one of the top 10 Free ESX Appliances. I finally got time to test it although not very successful, the following is my findings. 

• Xangati called its product a management tool for ESX, in fact, it is really a packet sniffer built on Linux CentOS like Wireshark or Ethereal and on top it combines the ESX monitoring capability like Veeam Monitor or Vizioncore’s vfoglight.
• Documentation for Xangati for ESX (Free Edition) is too simple, although you will find two video on Youtube that showing how to setup Xangati, but there is FAQ or community help (There is a community, but it’s really an one way Xangati board)
• Importing OVF into ESX is straight forward, but after starting up the VM, I encountered a problem that the screen showing blank with only X cursor moving, hence, I have no way to open GUI and continue to installation. There was a error in VM event showing my video ram is not big enough, so I’ve increased it to 16MB and the problem continues, quitting the session, I found VM console was showing some kind of JAVA error, I guess there is something wrong with JAVA that prevents the GUI (or JAVA) console to be shown. Finally, I’ve also tried to re-deploy the OVF as thick as thin format may cause the reason, but it still showing blank screen anyway
• After google a bit, again I was lucky to find a PDF that showing a bit more details for the installation, although it’s for Xangati Dashboard, within I was able to locate the username “setupip”, but where is the password? So I used the same username as password, ok, I got in and successfully configured my Network, DNS, Time Zone, etc. Btw, I’ve sent an email to support@xangati.com regarding the blank screen originally, but still got no reply after 24 hours.
• After connected to the configured Xangati appliance via browser and login as admin, I was able to pull some traffic across my internal ESX host and management IP range. Then I figured out the Free Version can only support 10 IP devices and most importantly, it doesn’t support vCenter, but only 1 ESX Host although I’ve already configured my vCenter IP and tested the connection is valid (no warning in that step), so I’ve changed the vCenter IP to a ESX Host IP and removed all the discovered devices and let the appliance run for 5 minutes, later it just show the traffic for the ESX host and not the VM within, so what’s the point after all?
• The biggest draw back is there is no where mentioning in that 4 page quick installation guide which network portgroup should we connect Xangati VM to. To my instinct, I just use the Service Console portgroup network segment, as it’s where most these kind of monitoring tools works, like Veeam Monitor and Vizoncore vfoglight. However, why there is no VM showing up? I don’t know.
• Veeam Monitor and Vizoncore vfoglight are not appliance based, but application based software instead but they can also provide almost exactly the same feature for showing exactly what’s going on each ESX Host as well as individual VM. Yes, they do not provide any insight into traffic pattern, such as how much WWW is going though at the moment, as well as Email traffic etc. However since I am using PRTG’s packet monitoring that can directly connect into the external switch’s mirror port and monitor all the incoming/outgoing traffic from there, so I don’t really need this feature with Xangati. Last time, this great feature allows me to quickly identify a server IP that’s sending 100Mbps outgoing DDOS via UDP protocol using an encrypted PHP script, which was uploaded by hacker to a client’s web site through it’s ASP upload security hole.
• Finally, the UI of Xangati is not eye catching and easy to use as the Veeam Monitor or Vizoncore vfoglight, combining with installation and the rest, I think it’s potentially a great product, but still has a long way to catch up.

Comments (0)

By admin, April 4, 2011 10:21 pm

Recently, I tried to configure vSphere VLAN 802.1q VST Mode with external Netgear switch. On Netgear side, VLAN (ID=10) was set correctly on ports by using Tagged Port (ie, 802.1q), the same VLAN ID is also assigned to ESX Portgroup, but the connected VMs couldn’t visit the outside Internet.

I did a simple test by giving a private IP 10.0.18.10 to VM1 on ESX Host 1 which is on vlan 10, then I did the same for VM2 on ESX Host 2 which is also on vlan 10.

Guess what? They can ping each other!

To future prove my original Netgear VLAN setting is correct, I did the following tests as well:

Test 1. Change vlan 10 to vlan 20 on ESX Host 1, now VM1 cannot ping VM2, so original VLAN tagging or 802.1q is working!

Test 2. Change Netgear Port 11 & Port 12 (both on ESX Host 1) to Untag, now VM1 cannot ping VM2, so original VLAN tagging or 802.1q is working indeed!

After researching for several days, I found the following, BINGO!

For example, consider the organization whose servers plug into distribution layer switches. These distribution layer switches then connect to a core switch. If the connections between the core switch and the distribution switch are not already configured as VLAN trunks, i.e., are capable of carrying multiple VLANs simultaneously, then using VST is impossible. Each of the distribution switches only carries a single VLAN and is only capable of carrying a single VLAN.

I thought I don’t need to get my Netgear to talk to data center’s core switch in order to have ESX VST working, this is exactly I was wrong! After talking to my data center, I got it working finally, but I still decided not to use VLAN (VST mode) on public IP addresses as it doesn’t provide real benefits and ESX Portgroup won’t allow traffic sniffer anyway, so it’s pretty secure, rather I found a private or local 802.1q VLAN is more useful say to configure a Private LAN between VMs (sometimes, you need a private LAN for backup)

Comments (0)

By admin, April 1, 2011 10:01 am

“阿飛正傳”仍然是自己最喜歡的一套戲﹐不論是情節﹑畫面﹑音樂等﹐都覺得配合得天衣無縫。是的﹐八年過去了﹐原來是真的﹐要記得的﹐永遠都會記得﹗

Comments (0)

By admin, March 29, 2011 9:56 pm

幾年前就曾經光顧過在銅鑼灣的Pasha老舖﹐現在它又在TST重生了﹐作為羊痴的我每次都肯定不會放過它那好吃的羊肉串。

Comments (0)

By admin, March 28, 2011 11:27 pm

Nice to try it when there is 50% off promotion going.

Comments (0)

By admin, March 25, 2011 12:33 am

今天的球聚遇見了一位很特別的80後年輕人J。

首先他的先天機能(體格)比一般人強壯的多﹐全身上下散發著運動員的氣息。

傾談中得知原來一直有打籃球習慣的他因為屢次受傷﹐而且做過手術﹐所以最近選擇了網球這項比較安全的運動。在他老闆親自指導下(真羨慕現在還有這樣的好BOSS)打了近五個月的網球﹐平時幾乎每天有空就會在樓下的球場對著空場(不是練習牆)練習正反手抽擊和開球﹐回家有空就看YOUTBUE FYB和模仿學習其它PRO的打法和姿勢。

打了4局後﹐完全感受到了什麼是天生的運動細胞﹐人家五個月已經等于我五年的功力(當然不排除我網球先天資質方面比較遲鈍的可能性)。

謙虛的他令我很樂意地跟他分享我的經驗﹐尤其指出他的單反用了很多手腕力去打﹐這樣會很容易受傷﹐還有就是LATE HIT遲拉拍的問題。

自問不夠資格指導別人﹐但SHARING真的可以令人很快樂的﹐尤其看見聰明的他很快就能掌握我所提出的建議﹐目睹他的進步飛快更使我想在以後的球聚提供多些建議給他﹐令他可以儘快打得更好些﹐當然除了我﹐還希望各路好手有機會多多指導這位謙虛有潛能的年輕人。

相信在他不斷的努力和毅力下﹐日後肯定會是一個出類拔萃的網球好手﹐J加油啊﹗

Comments (0)

By admin, March 23, 2011 12:59 pm

Basically, there are 3 methods to get instant email alert via email by using VMware vCenter, Dell iDRAC and Dell IT Assistant (ITA) which I will focus the most, 2 of them are specific to Dell Poweredge Serer and ITA solution.

Method 1: How to get hardware failure alert with vCenter

This is the easiest but you do need to have vCenter, so it may not be a viable solution for those using free ESXi (there are scripts to get alert for free ESXi, but it’s not the content of today’s topic).

From the top of the hierarchy in vCenter, click Alarms, then New Alarm, give it a name say “Host Hardware Health Monitor”, in Triggers, Add, select “Hardware Health Changed” under Event and “Warning” for Status, Add another one with the same parameter except “Alert” for Status. Finally, for Actions, choose “Send a notification email” under Action and put your email address there.

Of course, you need to configure SMTP setting in vCenter Server Settings first.

Method 2: How to get hardware failure alert with Dell iDRAC

This is probably is even more simple than the above, but it does not report all of the hardware failure in ESX Host, so far I can say it doesn’t report harddisk failure which is very critical for many, so I would call this is a half working or a handicapped solution.

Login to iDRAC, under Alerts, setup Email Alerts and SMTP server, you will need to setup a SMTP server on your dedicated DRAC network to receive such alerts and forward those email alert to your main email server on external. Under Platform Events, you need to CHECK Enable Platform Events Filter Alerts and leave all the default as it is. As you have probably found out already and scratching your head now, how come Dell didn’t include Storage Wanring/Critical Assert Filter? For that question, you need to ask Michael Dell directly.

Btw, I am using iDRAC6, so not sure if your firmware contains such feature.

Method 3: How to get hardware failure alert with Dell IT Assistant (ITA)

This is actually today’s main topic I would like to focus on, it is the proper way to implement host alert via SNMP and SNMP Trap and it does provide a complete solution, but quite time-consuming and a bit difficult to setup. I tried to consolidate all the difficult part, eliminated all the unnecessary steps and use as much GUI as possible without going into CLI.

1. Install ITA latest version which is 8.8 (while 8.9 is coming, but still not available for download). One thing you need to take care is to put the ITA network within the same management network of ESX Hosts or add a NIC that connects to the server network that need to be monitored.
2. Install OSMA 6.3 or above (6.5 is on the way) on ESX 4.1 Hosts, as I found OSMA version 6.3 is already configured with some important necessary steps like SNMP trap setting to be used later.
3. Edit the SNMP conf file under /etc/snmp/snmpd.conf, replace public with your own community_stringe.g. com2sec notConfigUser  default       public
4. Restart the SNMPD service by /sbin/service snmpd restart.
5. Enable SNMP Server under Security Profile using vSphere Client GUI, that will enable UPD Port 161 for receiving and UPD Port 162 for sending out SNMP Traps.
6. Start to discover and inventory in ITA, you will find ESX hosts are added to Server Section. This completes the Pull side (ie, ITA Pull stuff from ESX Hosts), next we need to setup the Push side (ie, ESX Hosts Push alerts to ITA)
7. Done? Not Yet, in order for ESX host to send snmp trap to ITA , you will need to specify the communities and trap targets with the command using VMware PowerCLI.

   vicfg-snmp.pl –server <hostname> –username <username> –password <password> -t <target hostname>@<port>/<community>

   For example, to send SNMP traps from the host esx_host_ip to port 162 on ita_ip using the ita_community_string, use the command:

   vicfg-snmp.pl –server esx_host_ip –username root –password password -t ita_ip@162/ita_community_string

   for multiple targets, use , to seperate the rest trap targets:

   vicfg-snmp.pl –server esx_host_ip –username root –password password -t ita_ip@162/ita_community_string, ita_ip2@162/ita_community_string

   To show and test if it’s working
   vicfg-snmp.pl –server esx_host_ip –username root –password password — show
   vicfg-snmp.pl –server esx_host_ip –username root –password password — test

8. Remove all VM related alerts from Alert Categories under ITA, leaving ONLY vmwEnvHardwareEvent as I only want ITA to report EXS Host Server Hardware related warning or critical alerts. The reason is I found ESX sometimes generate many useless false alarms (e.g., “Virtual machine detects a loss in guest heartbeat”) regarding VM’s heardbeat which is related to VMTools installed in the VM.

Remember to enable UPD Port 162 on ITA server firewall. Simply treat ITA as a software device to receive SNMP Trap sent from various monitoring hosts.

Another thing is for Windows hosts to send out SNMP Trap, you will also need to go to SNMP Service under the Traps tab, configure the snmp trap ita_community_string and the IP address of the trap destination which should be the same as ita_ip.

So I did a test by pulling one of the Power Supply on ESX Host, and I get the following alert results in my inbox.

From ITA:
Device:sXXX ip address, Service Tag: XXXXXXX, Asset Tag:, Date:03/22/11, Time:23:18:38:000, Severity:Warning, Message:Name: System Board 1 PS Redundancy 0 Status: Redundancy

From iDRAC:
Message: iDRAC Alert (s002)
Event: PS 2 Status: Power Supply sensor for PS 2, input lost was deasserted
Date/Time: Tue Mar 22 2011 23:26:18
Severity: Normal
Model: PowerEdge RXXX
Service Tag: XXXXXXX
BIOS version: 2.1.15
Hostname: sXXX
OS Name: VMware ESX 4.1.0 build-XXXXXXXX
iDrac version: 1.54

From vCenter:
Target: xxx.xxx.xxx.xxx Previous Status: Gray New Status: Yellow Alarm Definition: ([Event alarm expression: Hardware Health Changed; Status = Yellow] OR [Event alarm expression: Hardware Health Changed; Status = Red]) Event details: Health of Power changed from green to red.

What’s More

Actually there is Method 4 which uses Veeam Monitor (free version) to send email, but I haven’t got time to check that out, if you know how to do it, please drop me a line, thanks.

Finally, I would strongly suggest Dell to implement a trigger that will send out email alert directly from OpenManage itself, it’s simple and works for most of the SMB ESX Host scenario that contains less than 10 hosts in general, you can say this is Method Number 5.

Update Mar-24:
I got ITA working for PowerConnect switch as well, so my PowerConnect can now send SNMP trap back to ITA and generate an email if there is warning/critical issue, it’s really simple to setup PowerConnect’s SNMP community and SNMP trap setting, and I start to like ITA now, glad I am not longer struggling with DMC 2.0.

Finally, there is a very good document about setting up SNMP and SNMP Traps from Dell.

Update Aug-24:
If you are only interested to know if any of your server harddisk failed, then you can install LSI Megaraid Storage Manager which has the build-in email alert capability.