tag:blogger.com,1999:blog-14628407150536475132024-03-04T23:51:24.312-08:00Exploring the WonderCalebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.comBlogger107125tag:blogger.com,1999:blog-1462840715053647513.post-73717693172088978682017-09-25T19:48:00.002-07:002017-09-25T19:48:18.286-07:00Blog moved....Please checkout <a href="https://blog.lottabytes.com/">https://blog.lottabytes.com</a> as it is the new location I will be using. Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-71461486188105710052017-06-08T11:50:00.000-07:002017-06-08T11:50:19.126-07:00Deploying vRealize Log Insight (vRLI) via APII've finally gotten around to upgrading the <a href="https://github.com/calebs71/vmware/tree/master/vmware_li_config_api_tool" target="_blank">vRLI Configuration Management and Audit Tool </a>to handle the full deployment process as well as clustering! Let's take it for a spin to see what the new features allow us to do!<br />
<br />
1. First we need to deploy the vRLI VMs from OVA that can be downloaded from my.vmware.com. Once they have been fully booted and you see them serving the following webpage we can start. You can close your browser at this point; nothing is required here other than we are checking to make sure that they are fully booted.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV9fZum4Se2wLLgQmCXZEKNJcIbyVeOnjHwPVNs2vDRvVI3cDTPHrNL8skkVYGZlA0TiCqmsvl236TnLIbwFBQGgtJz-HgvF6v33lNEBgdvw5cucehWSu1Bj31UrT4iIJwwvcD-b_gff0/s1600/vrli-demo-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="247" data-original-width="648" height="121" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV9fZum4Se2wLLgQmCXZEKNJcIbyVeOnjHwPVNs2vDRvVI3cDTPHrNL8skkVYGZlA0TiCqmsvl236TnLIbwFBQGgtJz-HgvF6v33lNEBgdvw5cucehWSu1Bj31UrT4iIJwwvcD-b_gff0/s320/vrli-demo-1.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
2. The tool uses a JSON configuration file that you can see a sample of by running the program with a "-d" flag or browsing the first part of the Python (my recommended approach). You can also generate a simplified version by calling the wizard using a "-b" flag. For now, I'm going to create my configuration file based on the sample in the documentation with a single Master Node under the "fqdn" key and 2 Secondary Nodes under the "nodes" key in my JSON file. This means that when the script is done I will have a new, 3 node vRLI Cluster. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUYwsZVqhtcuVt_zzoq0hiHbhOBMCfIYGtqKnZLb4NGYCrxp6LWchyphenhyphencVDzvZ66JbpfSZQ7-PASaIpSAUMltTuAgx2WJlXGpDB1gP3jF35XW6hNhc4YZn-_GHI1HdYbQ7IbpxHh-j-YDWk/s1600/vrli-demo-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="107" data-original-width="414" height="82" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUYwsZVqhtcuVt_zzoq0hiHbhOBMCfIYGtqKnZLb4NGYCrxp6LWchyphenhyphencVDzvZ66JbpfSZQ7-PASaIpSAUMltTuAgx2WJlXGpDB1gP3jF35XW6hNhc4YZn-_GHI1HdYbQ7IbpxHh-j-YDWk/s320/vrli-demo-1.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: left;">
Let's kick off the program and tell it to use my configuration file by running:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i>python li-json-api.py -f ctest.json -r</i></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Note: the "-r", otherwise known as"<u>remediation enabled</u>" flag is required since building a new cluster requires changing settings. If you forget this step, don't worry, it will remind you. Also, <u>remember that when building a new node/cluster you must supply the "admin" user's credentials.</u></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Now, what's going on behind the scenes in the newly added code?</div>
<div class="separator" style="clear: both; text-align: left;">
1. The script detects that the Master Node is in pre-bootstrap mode and is awaiting the initial configuration.</div>
<div class="separator" style="clear: both; text-align: left;">
2. We complete the initial bootstrap process as <a href="https://vmw-loginsight.github.io/#Deployment-API" target="_blank">partially described in the vRLI API documentation</a>. The missing piece here is that the documentation never tells you that you need to explicitly use port 9543 for these calls. <u>During deployment is the only time this is required.</u></div>
<div class="separator" style="clear: both; text-align: left;">
3. We license the first node which allows us to add additional nodes.</div>
<div class="separator" style="clear: both; text-align: left;">
4. We add each secondary node and authorize it with the Master and repeat until complete.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The process looks like this:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTyDdkZwhHasgx9A81IMxu4p3J0J8EzOorC3UcwmXSfPlYYrmsh8YUh_iOA31Jc-xQ7FvyJFZ1NwTScbBs0kByiarzZD-2nKp_9glvi44iR8YPCCur0HriHbVNmOd7GsAcBSG-Td5OS7I/s1600/2017-06-08+12_05_39-Fedora+25+-+VMware+KVM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="568" data-original-width="807" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTyDdkZwhHasgx9A81IMxu4p3J0J8EzOorC3UcwmXSfPlYYrmsh8YUh_iOA31Jc-xQ7FvyJFZ1NwTScbBs0kByiarzZD-2nKp_9glvi44iR8YPCCur0HriHbVNmOd7GsAcBSG-Td5OS7I/s400/2017-06-08+12_05_39-Fedora+25+-+VMware+KVM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The rest of the operations that we do to configure the various settings in vRLI are all old functionality but none-the-less, important.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The code can be run as often as you would like without any ill effect. Our approach is to store our configuration files in source control and have the job run on a reoccurring basis to catch any unauthorized changes and automatically remediate configuration drift. Below is an example of me re-running the job against the cluster we just built. Because it is matching the desired state, no changes are executed against the cluster.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8O80L3SMyEXLi5kSoTRfwNINWhu5Dym5je5VkRgSKA8c4mP7tlberOfPT_RfRNWRzkK0WxpAq5a-dOQhsh6JziQag-ZL9reIvo5Itx9kGPUKi1kRkNholXBxOb5GQqtjp6-X9ImQfFBg/s1600/vrli-demo-3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="744" data-original-width="800" height="371" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8O80L3SMyEXLi5kSoTRfwNINWhu5Dym5je5VkRgSKA8c4mP7tlberOfPT_RfRNWRzkK0WxpAq5a-dOQhsh6JziQag-ZL9reIvo5Itx9kGPUKi1kRkNholXBxOb5GQqtjp6-X9ImQfFBg/s400/vrli-demo-3.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Let's say that our vRLI Cluster is growing (excellent!) and we want to add another node to it. No worries, just deploy a new VM and add the new IP/FQDN to your JSON configuration file as a new "node" and run the script again! </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAjUOn8CMA5u7q0Tigh_khDuPymZ-YuRyt0FRobKBhIf7GvM6m-zZtrKtF7YkMCrTTfoyf95GaQrNA_wCyLcebJGlvsF2Jt7w9OkSfoCr15R1l4Fs9QIIddOy5ArjMg5jP0H5o0grzAxw/s1600/vrli-demo-4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="393" data-original-width="804" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAjUOn8CMA5u7q0Tigh_khDuPymZ-YuRyt0FRobKBhIf7GvM6m-zZtrKtF7YkMCrTTfoyf95GaQrNA_wCyLcebJGlvsF2Jt7w9OkSfoCr15R1l4Fs9QIIddOy5ArjMg5jP0H5o0grzAxw/s400/vrli-demo-4.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
As you can see, the original nodes are recognized as already in a cluster and the 4th node (.40) is discovered as a new node and added to the cluster. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-30060662379645466862016-10-14T13:24:00.001-07:002016-10-14T13:24:13.469-07:00Find DN of my user in AD<div class="separator" style="clear: both; text-align: left;">
Sometimes you need to know what your DN is in Active Directory and want a quick way to find it without powershell scripts or AD related tools. This command is the best way I've see thus far to accomplish it:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i>whoami /fqdn</i></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirMKva56KhNVlayvdW6An5PswV1zyJ17WRJ53bWPJsfJB9XUwRIbeEv-X9X_n63MP2_PHhZg_ETT4BtVWdQZFaxvHKRYZ_QvbyIyWDVd3MUA6w6NWHqHERig0R691p20T6ysulR6pV1Y8/s1600/FQDN+of+user+in+AD.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="74" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirMKva56KhNVlayvdW6An5PswV1zyJ17WRJ53bWPJsfJB9XUwRIbeEv-X9X_n63MP2_PHhZg_ETT4BtVWdQZFaxvHKRYZ_QvbyIyWDVd3MUA6w6NWHqHERig0R691p20T6ysulR6pV1Y8/s640/FQDN+of+user+in+AD.png" width="640" /></a></div>
Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-62925950694982468602016-10-05T08:39:00.000-07:002016-10-12T14:52:36.046-07:00Getting Fancy with Log Insight Alerting (aka. Monitoring DHCP pools via logs)Recently, I was asked about monitoring Microsoft DHCP IP Address Pools using Log Insight to alert when the pool was exhausted and DHCP requests were failing. There are a couple ways to do this, but I'd like to cover two as a demonstration of getting a bit fancy with your alert queries and it paying off big time!<br />
<br />
First off, Microsoft DHCP Servers write their events to a log file - at the end of the day.... so we can parse that file for an Event ID of 14 to see when we ran out. This is easy to do as shown below using Event ID 11 (DHCP Renew) as an example. The regex is simple but unfortunately we get the information way too late!<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWuGD0tTS06lOzubvq7kyH9bqFut2nG3F97XQJDHvlaIm6MSQ0S80l4kEM0bhgtVxPd4r0ZMM_nw6a1W3r2FXONRmehx5tReDlW2D6Yx1dphkFCrgSIwv-9KOUVmWqcYjsRvrkk-r3AaU/s1600/Log+File+Renew+Event.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="236" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWuGD0tTS06lOzubvq7kyH9bqFut2nG3F97XQJDHvlaIm6MSQ0S80l4kEM0bhgtVxPd4r0ZMM_nw6a1W3r2FXONRmehx5tReDlW2D6Yx1dphkFCrgSIwv-9KOUVmWqcYjsRvrkk-r3AaU/s640/Log+File+Renew+Event.png" width="640" /></a></div>
<br />
<br />
Enter the Log Insight Agent's ability to read Windows Event Logs! As your DHCP Server starts running low on available addresses in a certain pool it starts to throw warnings in the System Event Log with an Event ID of 1376 that state what percent is currently used and how many addresses are still available.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg4hKDBUh3DZu6fvGFmOehfozyD6AEfjGikUu8E_UUz_5S3YHxODGQn0yWdKONPPzTO-J-bVu2Y9SZnQrQjhpXLF9Xp8Y02iBX3E1BYvCipUegJ1nPbi1js1II5fU_71iLK1KD3oRrENs/s1600/Base+query.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="370" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg4hKDBUh3DZu6fvGFmOehfozyD6AEfjGikUu8E_UUz_5S3YHxODGQn0yWdKONPPzTO-J-bVu2Y9SZnQrQjhpXLF9Xp8Y02iBX3E1BYvCipUegJ1nPbi1js1II5fU_71iLK1KD3oRrENs/s640/Base+query.png" width="640" /></a></div>
<br />
It would be really cool if we could have Log Insight fire off an alert if these messages showed that we were above 90% used, right? But it's text... how do we do math on text in log messages? The good news is that not only can you accomplish this; it's easy to do!<br />
<br />
First off, we need to create an Extracted Field that allows us to treat the value of percentage used as an integer. Simply highlight the number and select "Extract Field"<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgh8rLjN6yar8dUrpe7IgVY5s5PX2nrGKDwKKqx5URPQfVtK5BEBBB12wp6lt-qg5YXSiRot5sEJGXnquoeIsTcBM-KZR7Q9OAmoacdWp1zRyqwZsv-JrgtclVbiRFesi-fSiFoV7A7In4/s1600/extract+field+option.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgh8rLjN6yar8dUrpe7IgVY5s5PX2nrGKDwKKqx5URPQfVtK5BEBBB12wp6lt-qg5YXSiRot5sEJGXnquoeIsTcBM-KZR7Q9OAmoacdWp1zRyqwZsv-JrgtclVbiRFesi-fSiFoV7A7In4/s640/extract+field+option.png" width="640" /></a></div>
<br />
Now you will have a dialog box on the right hand side that allows you to define what exactly makes this extracted field. Let's look into these options with a bit of detail...<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3yFgi28qexJZpmEy_9HKugI3nv6IVzFwJp4gOHidOhKfgfqnHhd9GLvLvrSdf9Fn88FFzjRLNCFEvxFza0Z3CMLoG5_IG6AMVCxQOo5u-1t4f544PTXXzUd4fF6TMwEv3jGbSSYe2Abg/s1600/create+extracted+field.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3yFgi28qexJZpmEy_9HKugI3nv6IVzFwJp4gOHidOhKfgfqnHhd9GLvLvrSdf9Fn88FFzjRLNCFEvxFza0Z3CMLoG5_IG6AMVCxQOo5u-1t4f544PTXXzUd4fF6TMwEv3jGbSSYe2Abg/s400/create+extracted+field.png" width="255" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Extracted Value: </b>For this use case you will be leaving this field alone as any changes will remove the type of "Integer". This can be problematic if you have numbers with a comma (1,000) but the engineering team is aware of it. For now, leave it as is.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Pre Context:</b> This is a regex defining what comes before our desired value. In this example it is the word "is" from "<b>is</b> 85 percent full".</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Post Context:</b> The same as pre-context just for the regex after the value. It's important to make both the pre and post context detailed enough that they only apply to this exact context/event type. It's better to go a bit overboard with the regex than make it too simple. Just make sure to keep some room available in the text for the next item, keyword search terms....</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Additional Context (keyword search terms): </b>In this section you'll want to add in keywords that are found in the data <u>outside of your regex</u>. In this case my keywords match strings found before my pre-context regex. These are important as they help improve your query performance and lighten the load on your Log Insight Server.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Additional Context (filter): </b>Why search through 2 billion events when you only need to search 100? That's exactly why you should also use filters to help narrow down where this Extracted Field will apply. Your users will thank your for keeping the performance on your Log Insight Server at peak efficiency!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Now that we have our Extracted Field defined we can modify our initial query to have an additional filter that says "ms_dhcp_pool_use_percent" (Name of our new Extracted Field) is greater that X%! This is demonstrated in the below screenshot where everything below 86% is dropped, and consequentially, would never be alerted on.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjg0WNGeRzsckeoRJ4bKZbFvWj2w2ngK12rtTybNo0iX31x0pkApno_ppjVjqfj60d-Jrtqv7F6-W_Dd-diLrSiXWTv_D_LaAIBOKZa2sdwxakWzzT903w3Ujh-NXR2ZClNWW4F6OvW58/s1600/end+result.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="388" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjg0WNGeRzsckeoRJ4bKZbFvWj2w2ngK12rtTybNo0iX31x0pkApno_ppjVjqfj60d-Jrtqv7F6-W_Dd-diLrSiXWTv_D_LaAIBOKZa2sdwxakWzzT903w3Ujh-NXR2ZClNWW4F6OvW58/s640/end+result.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Lastly we need to define an alert off of our new query. Select the little red bell and select "Create Alert from Query"</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsInDu6Sy-zrwO7ZA4SIQMqsxpFgIvuNCjeT0L5lgnVY5cgsyDKwxLNJ6GYsH8zUg8fKs7W8mE-2BmI1ghnK1za9o9ZAtUTjuQJ59xanJlIvXO2WQexL7sVXrrZXu6ytB5gP0yD4z45Nw/s1600/create+alert.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsInDu6Sy-zrwO7ZA4SIQMqsxpFgIvuNCjeT0L5lgnVY5cgsyDKwxLNJ6GYsH8zUg8fKs7W8mE-2BmI1ghnK1za9o9ZAtUTjuQJ59xanJlIvXO2WQexL7sVXrrZXu6ytB5gP0yD4z45Nw/s320/create+alert.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Here we define the new alert properties for when our alert query returns a result.</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhulJPpl7RHP7qoh9xquwbWM4qYFRs7BaXwkUNVta5RxVGS9I94Vl-u5-HTVEJ8MwH9rvVrhFovH573Ic4uFoHFJEg3D_xsQ_IyVQXsQQYllzgRCC5SPAv_sS9xdPICx7yHVow8U1peP5U/s1600/alert+notification.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="604" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhulJPpl7RHP7qoh9xquwbWM4qYFRs7BaXwkUNVta5RxVGS9I94Vl-u5-HTVEJ8MwH9rvVrhFovH573Ic4uFoHFJEg3D_xsQ_IyVQXsQQYllzgRCC5SPAv_sS9xdPICx7yHVow8U1peP5U/s640/alert+notification.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
And with that you're done!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Special thanks to my co-worker <a href="http://www.simonlong.co.uk/blog/about/" target="_blank">Simon Long</a> for bringing up the need for this cool use case!</div>
<br />
<br />Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com1tag:blogger.com,1999:blog-1462840715053647513.post-72730589715039846322016-09-22T10:01:00.002-07:002016-09-22T10:01:31.270-07:00Corrupt Microsoft SQL Database Log in AlwaysOn High Availability Group (AAG)<div>
<span>We recently ran into an issue with one of our environments where the Microsoft SQL Server experienced corruption in the database log. This issue is usually discovered when you attempt to create a new backup and it fails with the message "BACKUP detected corruption in the database log"</span><span><br /></span></div>
<div>
<span><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFiafLColWWGQNimVRlM5B55yZx_481wy5mDXiXuBZoUVeVXoYBaWxT3Ph9_wxdk1nLGrmmT09CobAuUm3z9t1uQpJTDKAE0DRYz9bRLJ21lUJWrZvfY9TsZ7ic3ePGR5hpceC2cAY3Ys/s1600/Backup+Error.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="171" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFiafLColWWGQNimVRlM5B55yZx_481wy5mDXiXuBZoUVeVXoYBaWxT3Ph9_wxdk1nLGrmmT09CobAuUm3z9t1uQpJTDKAE0DRYz9bRLJ21lUJWrZvfY9TsZ7ic3ePGR5hpceC2cAY3Ys/s640/Backup+Error.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Resolving this issue is normally fairly easy (set the database from a Full Recovery Model to simple and then back again) but it gets a bit more complex when you database is replicated via an AlwaysOn High Availability Group. Here are the steps to fix it (assuming no other databases are in the AAG).</div>
<div>
<span><br /></span></div>
<div>
<span>1. </span>Remove Secondary Replica - First we need to stop replication to the secondary replica. To do this we are going to connect to the primary node in our cluster and right click on the SECONDARY replica. Then we select "Remove from Availability Group" and follow the wizard.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhm5p2mrhiBYd0-B7BzTRx1gcKS01c3EkwF_NoPol_8TPQcuaR3W86uOW-ENGicWUaeNsbs_C0oYsHT0HAtRSNNClCGwkMvJnd3-UhtEK4YWWy3LpAE-Pu0c2EA0htaln43W1407DCFnhc/s1600/remove+seconday+replica.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhm5p2mrhiBYd0-B7BzTRx1gcKS01c3EkwF_NoPol_8TPQcuaR3W86uOW-ENGicWUaeNsbs_C0oYsHT0HAtRSNNClCGwkMvJnd3-UhtEK4YWWy3LpAE-Pu0c2EA0htaln43W1407DCFnhc/s400/remove+seconday+replica.png" width="333" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
2. Remove Database from AAG - Next we need to remove the database from the AAG by right clicking on it under the Availability Databases folder and selecting "Remove Database from Availability Group"</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqueC5KaZeoVVDxHD3XTm1LHB1bYDbM9YwcLKMkfb9RCCML1VondwkID22cRH5KMW6no2rEzw7B3hVIumHOCnelBDKdoqiZRkcU249-0FvoQRUC80iPs7J2Hd5V2yHcaYSj_saBRC8O2g/s1600/remove+db+from+AAG.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqueC5KaZeoVVDxHD3XTm1LHB1bYDbM9YwcLKMkfb9RCCML1VondwkID22cRH5KMW6no2rEzw7B3hVIumHOCnelBDKdoqiZRkcU249-0FvoQRUC80iPs7J2Hd5V2yHcaYSj_saBRC8O2g/s400/remove+db+from+AAG.png" width="351" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
At this point you should have your primary node as the only member of the AAG with no databases associated. At this point you are going to delete the database from the <b><u>SECONDARY</u></b> node. Your secondary server should now have no replicas, no availability databases and no database. </div>
<div>
<br /></div>
<div>
3. Next we need to change the remaining copy of the database on our primary node from Full to a Simple Recovery Model by right clicking on the database and selecting properties > Options.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizk4s3QPEHjrCifvPYIoobDXdQSAWOiQa7ljGvfjXRN30o9tPKXehxscmPvwgNUDgzZjWJw235eDNN7Ho6Ic1JWWXvwxG96GpulTkPDVUIdsvts65Oh1L0oargfameJv70gb-c_JgNV-Q/s1600/change+to+full+recovery.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="361" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizk4s3QPEHjrCifvPYIoobDXdQSAWOiQa7ljGvfjXRN30o9tPKXehxscmPvwgNUDgzZjWJw235eDNN7Ho6Ic1JWWXvwxG96GpulTkPDVUIdsvts65Oh1L0oargfameJv70gb-c_JgNV-Q/s400/change+to+full+recovery.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
4. Next we need to do a full backup of the database.</div>
<div class="separator" style="clear: both; text-align: left;">
5. Repeat the steps in #3 but in this case change it from simple back to the original Full Recovery Model.</div>
<div class="separator" style="clear: both; text-align: left;">
6. Backup the database again.</div>
<div>
<br /></div>
<div>
Now we are ready to re-add the secondary replica</div>
<div>
<br /></div>
<div>
7. On the primary server right click on the Available Replicas folder and select "Add Replica..."</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj407owjVKBJEp3arpc7bBbfQ4p7dxedl8jBfUuvIReRbomcH1LvoAec70goX4aoBIYoPfkT043a6PB8HnLgkt1XUvZFplYJ57-mutfa7Y7jkPWYdh9jGNO-m1Mp9fnQKTa5g2fOYXHATI/s1600/re-add+replica.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj407owjVKBJEp3arpc7bBbfQ4p7dxedl8jBfUuvIReRbomcH1LvoAec70goX4aoBIYoPfkT043a6PB8HnLgkt1XUvZFplYJ57-mutfa7Y7jkPWYdh9jGNO-m1Mp9fnQKTa5g2fOYXHATI/s400/re-add+replica.png" width="225" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Next you will need to select the "Add Replica" button and will be prompted to connect to your secondary server.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsuffNNhm58iJgNjVTpivRmNKaDOt3Fu6-VBbDErbcVWW0XP8xwJ65KI7RvFvEd3MYUS8i82RM4bzHjc_0vtB3WwXa3qEfsyvj4GluIo3FeSeBmG-rh_Jd_dO3hncgJnGcpL_Rn1_C_Bk/s1600/Add+replica1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="427" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsuffNNhm58iJgNjVTpivRmNKaDOt3Fu6-VBbDErbcVWW0XP8xwJ65KI7RvFvEd3MYUS8i82RM4bzHjc_0vtB3WwXa3qEfsyvj4GluIo3FeSeBmG-rh_Jd_dO3hncgJnGcpL_Rn1_C_Bk/s640/Add+replica1.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div>
After this you will want to configure your replica. In our case we have selected to have the secondary copy of the database as readable as well as enabling automatic failover.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvy51Q5ch39lKCKuIalCHJusv4lTvdvpxfqTMNF3471ppKyb7qOiicFlBRIkzoXjSJR3e3WlBWPlbT3kDuA2RPwcJAkk8kHPYkG13SkhTGZN91D4RhiOCx0gLByZKKg1hPGQicDK2NEYM/s1600/add+replica2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvy51Q5ch39lKCKuIalCHJusv4lTvdvpxfqTMNF3471ppKyb7qOiicFlBRIkzoXjSJR3e3WlBWPlbT3kDuA2RPwcJAkk8kHPYkG13SkhTGZN91D4RhiOCx0gLByZKKg1hPGQicDK2NEYM/s640/add+replica2.png" width="640" /></a></div>
<div>
<br /></div>
<div>
In the next screen you will need to configure your sync preferences. We are using a Full sync which requires a file share accessible by both SQL Servers. Using this file share SQL will run a backup and place it on the remote share and the secondary node will restore the database from this initial backup. </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgODqyKhLvfJIhbW2tNRBXUkCXCmjTaRwdoJ9Dt8az0EO4VKMDCpNEsJTKGk1gQ6c7uf9gynl9-gb8u0lsoMiPcPSF7R-1FqtKMdaM5g0HfAgbkFcWNoalM8zYDEoH0-bq5xxwawnw9HD0/s1600/Add+replica3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="491" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgODqyKhLvfJIhbW2tNRBXUkCXCmjTaRwdoJ9Dt8az0EO4VKMDCpNEsJTKGk1gQ6c7uf9gynl9-gb8u0lsoMiPcPSF7R-1FqtKMdaM5g0HfAgbkFcWNoalM8zYDEoH0-bq5xxwawnw9HD0/s640/Add+replica3.png" width="640" /></a></div>
<div>
<br /></div>
<div>
Follow the wizard and verify that everything passes</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgawprCw6iDXFWC28EiaRwK3bH1pqTQFm-j5zPxIDEm_dV6p5WvkKqJQcXUXctQOzg2vmMlmLcV1qLYdUloRscBnpBOYKBuf37qHgs-zWtVUn1BjE8jZmw_cBepW86LdEMIIvdI-i76dmo/s1600/Add+replica4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgawprCw6iDXFWC28EiaRwK3bH1pqTQFm-j5zPxIDEm_dV6p5WvkKqJQcXUXctQOzg2vmMlmLcV1qLYdUloRscBnpBOYKBuf37qHgs-zWtVUn1BjE8jZmw_cBepW86LdEMIIvdI-i76dmo/s640/Add+replica4.png" width="640" /></a></div>
<div>
<br /></div>
<div>
After this you can track the progress of the backup/restore/sync</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_0oLLF07lQvsQcK6ZHGav9nBtmNq-tJdrMu01B4w5os4AUGzoJm5uSAqS5NDo8sVS1O_8g01Sm8KVS5Oqt7Wn7F4zn1Jjw13AiGS9l6JqMMeSVN-xH-KO6wcrDqlDw1kygibYyZ-9gmM/s1600/Add+DB+final.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="373" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_0oLLF07lQvsQcK6ZHGav9nBtmNq-tJdrMu01B4w5os4AUGzoJm5uSAqS5NDo8sVS1O_8g01Sm8KVS5Oqt7Wn7F4zn1Jjw13AiGS9l6JqMMeSVN-xH-KO6wcrDqlDw1kygibYyZ-9gmM/s400/Add+DB+final.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
With that you should have a working AlwaysOn Availability Group again!</div>
<div>
<br /></div>
Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-4472154417262045592016-09-16T11:12:00.002-07:002016-09-16T11:12:27.939-07:00FreeTDS and Microsoft SQL Server Windows Authentication - Part 1I've been trying to get the Zenoss SQL Transaction Zenpack working so that we can use Zenoss to run SQL queries for specific monitoring purposes and ran into a few things that might be worth sharing.<br />
<br />
<b>Using tsql for troubleshooting</b><br />
<br />
Zenoss, among many other tools uses pymssql to connect to your SQL Servers; and pymssql uses FreeTDS behind the scenes. If you can't get pymssql to work them you can go a layer deeper to see if you can find the issues. In my case I have the following configuration:<br />
<br />
Fedora Server 23<br />
freetds-0.95.81-1<br />
pymssql-2.1.3<br />
<br />
First off, FreeTDS uses a config file at /etc/freetds.conf that has a [Global] section and examples for configuring individual server types. This is important because you need to use TDS version 7.0+ for Windows Authentication to work.<br />
<br />
If we try to connect using the diagnostic tool tsql (not to be confused with the language T-SQL) without changing the default TDS version or adding a server record in the config file our attempts will fail<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeKOAZIBA8nv19uny1i6s83-HVjlQofTo_BQmfkjAXX1mMifYI7ZxmuCqwrDhvCd_R3iuSro_gA2tBxBuLTy1IRWEce6BtFj3YNT_CoqKgg5lGTSGnfyf4z-GOhr62_ipT1_-oLnqP6eo/s1600/freetds+config.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeKOAZIBA8nv19uny1i6s83-HVjlQofTo_BQmfkjAXX1mMifYI7ZxmuCqwrDhvCd_R3iuSro_gA2tBxBuLTy1IRWEce6BtFj3YNT_CoqKgg5lGTSGnfyf4z-GOhr62_ipT1_-oLnqP6eo/s640/freetds+config.png" width="640" /></a></div>
<br />
To fix this you can either:<br />
Change the Global value for "tds version" to be 7+ (sounds like a good idea to me if you only have MSSQL):<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhowWwjKR2hMZ1aaGpz9Yo71l4x1oXxcnwR2UPXo0NqxaGM1EM9yUegpe7kOwesWmd6z1t_uaLAfPjc-KR4qaOJGcHdnxNqKnERRDedBzD8lox1oiABAfCUkDzzOevNhf6jbpkvuH0Rvho/s1600/freetds+global.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="428" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhowWwjKR2hMZ1aaGpz9Yo71l4x1oXxcnwR2UPXo0NqxaGM1EM9yUegpe7kOwesWmd6z1t_uaLAfPjc-KR4qaOJGcHdnxNqKnERRDedBzD8lox1oiABAfCUkDzzOevNhf6jbpkvuH0Rvho/s640/freetds+global.png" width="640" /></a></div>
<br />
or you can add a server record for each Microsoft SQL Server and leave the global version less than 7.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrMNMTczUQtxeTPmzu9EWgzy-Ziq39gE_joz-akwtlGfZk1L-xq-Szh9wkic7Smn3n3kRw7A1bhAYw67PmtswRle2CwDOteLg0g-SXsEQ4FrP66gZuhEsJlS5dBwYYF0az1Dyo5ItIgrA/s1600/freetds+MSSQL+server.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrMNMTczUQtxeTPmzu9EWgzy-Ziq39gE_joz-akwtlGfZk1L-xq-Szh9wkic7Smn3n3kRw7A1bhAYw67PmtswRle2CwDOteLg0g-SXsEQ4FrP66gZuhEsJlS5dBwYYF0az1Dyo5ItIgrA/s400/freetds+MSSQL+server.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The catch to second method is that when you do your queries you will have to call the name as shown in the config file (in this case us01-0-srs1) and you cannot use the FQDN or it will fail because it defaults back to the Global setting. This method also creates overhead in managing the list of MSSQL Servers in the freetds.conf file.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7z7nCeFrP15VJa1FCjfLyIf4vCbdcfoeZVA42YWYATZdipYbZzT6StZ8kL5Y4vHkqnKqMp8bEKsTltD-q-5T0pAGMYNsVFY6D_PoaQf1Hz-AQRzmMwOmxhf2eF633wH-zWAVaowOK6tM/s1600/freetds+config+match.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7z7nCeFrP15VJa1FCjfLyIf4vCbdcfoeZVA42YWYATZdipYbZzT6StZ8kL5Y4vHkqnKqMp8bEKsTltD-q-5T0pAGMYNsVFY6D_PoaQf1Hz-AQRzmMwOmxhf2eF633wH-zWAVaowOK6tM/s640/freetds+config+match.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Either way, at this point you should have tsql being able to query your MSSQL Servers using Windows Authentication</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb5zgc_Xm6JZB7O-nkhcTE9QlMkNoa80VDGs5GQJurnCR04S9RtAtsrVzvi7CgkI3wlmKgrU_X6Z7S8PfIDwz0O5gRTJ7NuGfyTftu3T50jblZpP788lwF3vMmTBCvFSfGK09MiKXuiQc/s1600/tsql+working+example.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="106" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb5zgc_Xm6JZB7O-nkhcTE9QlMkNoa80VDGs5GQJurnCR04S9RtAtsrVzvi7CgkI3wlmKgrU_X6Z7S8PfIDwz0O5gRTJ7NuGfyTftu3T50jblZpP788lwF3vMmTBCvFSfGK09MiKXuiQc/s640/tsql+working+example.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b>Getting started with pymssql</b></div>
<div class="separator" style="clear: both; text-align: left;">
To make sure that pymssql is working I threw together a quick bit of python that allows you to connect using Windows Authentication</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfCiiglzN4-zriwOMZYEyiYahqtptaLZsBxUxjxD_WGo-hA3YMuZj6CvD5rJ8LDODS-oHAglBz4NVcN1lWOVoVUT1f9QqB-qiXUAi2o68aO05YhVZWHJsko2E4L8Xr5I7Sv9LN_mh3c04/s1600/python+pymssql+code.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfCiiglzN4-zriwOMZYEyiYahqtptaLZsBxUxjxD_WGo-hA3YMuZj6CvD5rJ8LDODS-oHAglBz4NVcN1lWOVoVUT1f9QqB-qiXUAi2o68aO05YhVZWHJsko2E4L8Xr5I7Sv9LN_mh3c04/s640/python+pymssql+code.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
It's basically a simplified version of the <a href="http://pymssql.org/en/latest/pymssql_examples.html" target="_blank">example on the pymssql web page</a>, but will prove if pymssql and MSSQL Windows Authentication is working or not.<br />
<br />
-------------BEGIN Code<br />
import pymssql<br />
<br />
print('Connecting to SQL')<br />
conn = pymssql.connect(server='server.domain.com', user='DOMAIN\\username', password='Super Secret P@ssW0rds', database='master')<br />
<br />
print('Creating cursor')<br />
cursor = conn.cursor()<br />
<br />
print('Executing query')<br />
cursor.execute("""<br />
SELECT MAX(req.total_elapsed_time) AS [total_time_ms]<br />
FROM sys.dm_exec_requests AS req<br />
WHERE req.sql_handle IS NOT NULL<br />
""")<br />
<br />
print('Fetching results')<br />
row = cursor.fetchone()<br />
while row:<br />
print(row[0])<br />
row = cursor.fetchone()<br />
<br />
print('Closing connection')<br />
conn.close<br />
<div>
-------------END Code </div>
<div>
<br /></div>
<div>
After filling in the details on your MSSQL Server you can simply run it and get the results</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLRO0Q9GdbiTBUd-gJQZnkKb-aYQqNUzcd88GNv-ZtESSttofhIQ_TJAbNl1T-kuRnRYVNXPjTwqUu4rTM4BXK4voW5FRs_6ryCz2hQCsjMe5redgvu5JS0S4fiXZ7vAwy0TeRhfiOaxM/s1600/python+test.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="138" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLRO0Q9GdbiTBUd-gJQZnkKb-aYQqNUzcd88GNv-ZtESSttofhIQ_TJAbNl1T-kuRnRYVNXPjTwqUu4rTM4BXK4voW5FRs_6ryCz2hQCsjMe5redgvu5JS0S4fiXZ7vAwy0TeRhfiOaxM/s400/python+test.png" width="400" /></a></div>
<div>
<br /></div>
<div>
Part 2 will cover the Zenoss specific aspects of this...</div>
<div>
<br /></div>
Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-35522187399238782732016-08-26T14:33:00.000-07:002016-08-26T14:33:44.306-07:00Zenoss and ServiceNow Integration - Custom Fields and ValuesOur Zenoss instance is integrated with ServiceNow so that our support organization can open an incident with the appropriate event details at the click of a button from the Zenoss Events Console. The workflow for this looks something like the below flowchart that I just threw together.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4v1s67B6vm195KR5NPMRSKGqL37kBSodTV85XufLJcAdvPqMhT3qfAbH5e1XS-hOSBbeE4EcamqfbtZmxf9aWOTTIAMMN7uDADFnx26wB9vY2ZBfQuIpJAwtl63EwaJSOSN26Wqn6U00/s1600/Zenoss-SNow+Event+Cycle.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="372" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4v1s67B6vm195KR5NPMRSKGqL37kBSodTV85XufLJcAdvPqMhT3qfAbH5e1XS-hOSBbeE4EcamqfbtZmxf9aWOTTIAMMN7uDADFnx26wB9vY2ZBfQuIpJAwtl63EwaJSOSN26Wqn6U00/s400/Zenoss-SNow+Event+Cycle.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The problem however is that our Zenoss instance was not following through in the last step after incident resolution and closing out the associated Zenoss Event. Because of this we were missing alerts on re-occurring issues since the event was in an acknowledged state. By default the Zenoss Incident Management ZenPack looks at the incident_state field for values 6 and 7 to indicate a closed event. However, our ServiceNow instance uses the underlying <u>state</u> field that is inherited from the task table that the Incidents table is built on top of instead of <u>incident_state</u>.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaEULuQxMFIVN-a6avej3fnxVW9Lvdr12mxU-IRIr-ZgAzoTguYdMwt1jW55Sak8O8b5uldDIF7cH6rDqJ2y5VxcigdPbyt20LSJ722DCpzxBCkxbN4WLN1R6IgCv437hLvCUa4tIDu6s/s1600/ServiceNow+-+state.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="209" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaEULuQxMFIVN-a6avej3fnxVW9Lvdr12mxU-IRIr-ZgAzoTguYdMwt1jW55Sak8O8b5uldDIF7cH6rDqJ2y5VxcigdPbyt20LSJ722DCpzxBCkxbN4WLN1R6IgCv437hLvCUa4tIDu6s/s320/ServiceNow+-+state.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
You can find out what field you are using by right clicking on the State label and either seeing the "Show - '<field name="">'" or clicking on "Configure Label" which will show you the associated table</field></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSrtjr9Op7dPlwV_8BNzjbdsm-2v4Tiis_0H1P952185pc8HbW1IcaPhsTdciHCVQK7KIHl23Y2uczTIeTq-0zJDNZp_hUE35q9B-uBRg1fk7V1IWjMWmRVSadudvzhXGCr4b9foNAYBo/s1600/ServiceNow+task+table.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSrtjr9Op7dPlwV_8BNzjbdsm-2v4Tiis_0H1P952185pc8HbW1IcaPhsTdciHCVQK7KIHl23Y2uczTIeTq-0zJDNZp_hUE35q9B-uBRg1fk7V1IWjMWmRVSadudvzhXGCr4b9foNAYBo/s1600/ServiceNow+task+table.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Next we need to find out the appropriate values associated with the state so that we can update Zenoss. Open the Task table under "System Definition - Tables". </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5hgVQZ8SfmXhgzd5CxCjZ_JgP8YRD2vICFi4uZGwtnycYkoNrz62Rmy8kDhF4JtH-G8HQM_X3lax82zd_QL06GRZzTpi8znXyWFhzgtMicBbBwHbpgzG5a8INJUdcvIUXqtVVMx-SPE8/s1600/task+table.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5hgVQZ8SfmXhgzd5CxCjZ_JgP8YRD2vICFi4uZGwtnycYkoNrz62Rmy8kDhF4JtH-G8HQM_X3lax82zd_QL06GRZzTpi8znXyWFhzgtMicBbBwHbpgzG5a8INJUdcvIUXqtVVMx-SPE8/s400/task+table.png" width="400" /></a></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
Then open the state column. (You can do this by clicking on the information button).</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitEGlGBDxWdj0SdjANqr1UeTZ06smTWNKze1tjZCHklLQ81LDMOZctg9o7oDmi41WLx8T16oAFstCZhvxw3MxuLLBO3adjAsLOAnub1KT6kV1r6jAi1_vaPN9xsAiBCR1e8yVBDK0zMW0/s1600/state.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitEGlGBDxWdj0SdjANqr1UeTZ06smTWNKze1tjZCHklLQ81LDMOZctg9o7oDmi41WLx8T16oAFstCZhvxw3MxuLLBO3adjAsLOAnub1KT6kV1r6jAi1_vaPN9xsAiBCR1e8yVBDK0zMW0/s400/state.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Next you will want to filter the results down to the Incident table and you will be able to find the integer values for your state.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJu7g2kt4le30myralzxvaL2OW4vL8vKuRzfC-52Eudhq90qXm0nowdjB9SVSP1GyPAwq1if19bjCBiDnoXmzf6W_00_IBiuY-PRhtTUkg_TVfRpcIIS3LyVEGOhlOF89fq7lNSLlaz2M/s1600/incident+values.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJu7g2kt4le30myralzxvaL2OW4vL8vKuRzfC-52Eudhq90qXm0nowdjB9SVSP1GyPAwq1if19bjCBiDnoXmzf6W_00_IBiuY-PRhtTUkg_TVfRpcIIS3LyVEGOhlOF89fq7lNSLlaz2M/s400/incident+values.png" width="373" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
In this case I want an incident with a state value greater than 3 to be considered from a Zenoss point of view to be "closed" and monitoring to be re-enabled by moving the Zenoss event from an "Acknowledged" state to "Closed".</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Now, to make the change on our Zenoss server we need to create a snapshot of the Zope container, make the changes to the IncidentManagement ZenPack configuration and commit the snapshot so that the changes are persistent when the zenincidentpoll container is restarted.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
From my Control Center I'm going to run the below command to start:</div>
<div class="separator" style="clear: both;">
<i>serviced service shell -i -s update_closed_sn zope</i></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
After that I can modify the appropriate file changing the values to match what I've discovered in the previous steps:</div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
<i>vi /opt/zenoss/ZenPacks/ZenPacks.zenoss.IncidentManagement-2.3.16-py2.7.egg/ZenPacks/zenoss/IncidentManagement/servicenow/action.py</i></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglYCMk-UjDs7ztY76VsQ5J0zhoFdmjXP6Ti6WAb5rCU8JOA6JKWL0rnmrEyJTrVaXi8gXTZ1WCUc_bJdbRab4beDDH-S5D1N6cOEcMIQllYEAvxBgvaQh6J9HYHS3HvFLGp2fDKjmxSSw/s1600/zenoss+config.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglYCMk-UjDs7ztY76VsQ5J0zhoFdmjXP6Ti6WAb5rCU8JOA6JKWL0rnmrEyJTrVaXi8gXTZ1WCUc_bJdbRab4beDDH-S5D1N6cOEcMIQllYEAvxBgvaQh6J9HYHS3HvFLGp2fDKjmxSSw/s400/zenoss+config.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
After saving the file and exiting the Zope container using "<i>exit</i>" we now need to commit the new image using:</div>
<div class="separator" style="clear: both; text-align: left;">
<i>serviced snapshot commit update_closed_sn</i></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
After committing the snapshot you need to restart your zenincidentpoll container from the Zenoss Control Center UI and then your changes will be live and you should be able to close an Incident in ServiceNow and have Zenoss automatically close the associated Zenoss event as seen in the below event notes.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinoIFKbUyfqUQmYA92iddI3A3guF-32F2u8P549w3UqM42ayzC2pU1u9jB9DXzUfRjEzgzUZiHULhmkxxuCvKeHXG42VPypjeV6FCqoJyZmw4oxyuKEmMV99Bh2WFpHFdknaZ6Bp02F40/s1600/Zenoss+closed.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="175" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinoIFKbUyfqUQmYA92iddI3A3guF-32F2u8P549w3UqM42ayzC2pU1u9jB9DXzUfRjEzgzUZiHULhmkxxuCvKeHXG42VPypjeV6FCqoJyZmw4oxyuKEmMV99Bh2WFpHFdknaZ6Bp02F40/s320/Zenoss+closed.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Hopefully that helps!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
.Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-80112292136193914292016-07-25T15:24:00.000-07:002016-07-25T15:24:31.981-07:00vCloud Director LoggingI was recently asked how to go about configuring the Log Insight Agent with VMware vCloud Director and thought that I would take the time to document it here for anyone else who is interested.<br />
<br />
Logging in vCD is normally handled by log4j and configured by $VCLOUD_HOME/etc/log4j.properties.with the official KB located <a href="https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004564" target="_blank">here</a>. You should either use log4j <b>OR </b>the Log Insight Agent, <b>but not both </b>or you will have event duplication.<br />
<br />
<b>Log4j Configuration</b><br />
First a quick overview of the log4j configuration.<br />
1. Open $VCLOUD_HOME/etc/log4j.properties<br />
2. Append "vcloud.system.syslog" to the rootLogger and make sure to not forget the comma before it<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDZPIgm9ar68My1qfFBZW9ywtRWUqaZZWnZzPMLu4mckMQRZbmq4Gt_hCaMOAhfcOMDlthDV_aIZMOBj-QtupSWPbS__9_4uvTN04eL5T89a0uNsQvVXFxlwbLKNAuCu2YKSPQCfXdHik/s1600/add_global.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDZPIgm9ar68My1qfFBZW9ywtRWUqaZZWnZzPMLu4mckMQRZbmq4Gt_hCaMOAhfcOMDlthDV_aIZMOBj-QtupSWPbS__9_4uvTN04eL5T89a0uNsQvVXFxlwbLKNAuCu2YKSPQCfXdHik/s640/add_global.png" width="640" /></a></div>
3. At the bottom of the file go ahead and append the below 6 lines outlined in the KB making sure to change your target FQDN. <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWQRaRW1er5qNkgYOkxHTBV0E3vP8ngGbhAHi41bqE5deTDgKi6A-pe0Q01-fEPFUNWaU9VngUNi2M7D2ilLOPTV85HNE4dkESaQnyw0BIBHWYcnV58rmBKrF1x01_xwvOttzabA7ATQ/s1600/syslog_target.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWQRaRW1er5qNkgYOkxHTBV0E3vP8ngGbhAHi41bqE5deTDgKi6A-pe0Q01-fEPFUNWaU9VngUNi2M7D2ilLOPTV85HNE4dkESaQnyw0BIBHWYcnV58rmBKrF1x01_xwvOttzabA7ATQ/s640/syslog_target.png" width="640" /></a></div>
4. Unfortunately with vCD 5.x you also have to restart the vmware-vcd service for the changes to take effect. Hint: if you don't want to restart the services and take an outage you can continue reading and use the Log Insight Agent instead :)<br />
<br />
<b>Log Insight Agent</b><br />
vCloud Director supports RHEL and CentOS so you only need to worry about the RPM install of the Log Insight Agent. First though, we need to do some prep work on the Log Insight Server.<br />
<br />
1. Install the vCD Content Pack - On the Log Insight Server that you will be pointing your LI Agent at you will need to have the vCD Content Pack installed so the Agent Group is available. This is easily done via the Marketplace<br />
<br />
2. Create your Agent Group - From the Administration window select <u>Agents</u> and then highlight the <u>vCloud Director Cell Servers</u> pre-defined Agent Group.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJdLXpDJbZdciJTGpDHPXbIwK9sooFlyMnFUG5x0iTYBCc3t7fBqHqcQJXm3etAn2M4jQZe_303entT9HfXzVITBuCalnBvK-QnyCGyWQkSg3Cd8KDbqOXPXlVqKuztDLnNgDzbG4K1zw/s1600/vcd_agent_grou.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJdLXpDJbZdciJTGpDHPXbIwK9sooFlyMnFUG5x0iTYBCc3t7fBqHqcQJXm3etAn2M4jQZe_303entT9HfXzVITBuCalnBvK-QnyCGyWQkSg3Cd8KDbqOXPXlVqKuztDLnNgDzbG4K1zw/s400/vcd_agent_grou.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: left;">
Next scroll to the bottom of the page and select <u>Copy Template</u></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
3. Next you will need to define a filter that limits this collection to only vCD Cells. My test example here is very basic and limiting to hosts with a certain hostname prefix.</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikB-_9TE-kZNslbtoNTVtRg9t3WS5GZO_d573hCCzCBH84vd4bF3dBMTdD7qY-TDr2EnVuV1z8zhis-1gjLaG2PiY0jW4qxXa7cevnRVlle2aTrLF2s9ZPWRnM8sfg0DnOvGBvg1gpUNs/s1600/agent_group_filter.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="73" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikB-_9TE-kZNslbtoNTVtRg9t3WS5GZO_d573hCCzCBH84vd4bF3dBMTdD7qY-TDr2EnVuV1z8zhis-1gjLaG2PiY0jW4qxXa7cevnRVlle2aTrLF2s9ZPWRnM8sfg0DnOvGBvg1gpUNs/s400/agent_group_filter.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
You can see in the bottom section of the agent group the actual files that will be collected by the agent.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9FwbltUDFbSU5iq8GvtsW9ZhHPf_R-rtUu94w8NTnXR94qplrTeDsEUdvjcmn0w-RgIWY4yU2KY_Ifxg277wj1zvOVWRWl6pEvgjTtTOlHTGIBB___jMJ0hIh06cUDBQYBSEgKrJz1e0/s1600/vcd_files.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="337" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9FwbltUDFbSU5iq8GvtsW9ZhHPf_R-rtUu94w8NTnXR94qplrTeDsEUdvjcmn0w-RgIWY4yU2KY_Ifxg277wj1zvOVWRWl6pEvgjTtTOlHTGIBB___jMJ0hIh06cUDBQYBSEgKrJz1e0/s640/vcd_files.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
By default the agent only collects info level logs but you can easily switch that to debug level logs if you desire. Feel free to check out <a href="http://calebs71.blogspot.com/2016/02/log-insight-migration-to-debug-level.html" target="_blank">my very basic sizing calculator</a> on Github if you are curious of the impact of the additional logs. For now, just hit <u>Save Agent Group</u> to continue.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
4. Now you are ready for the actual agent installation! You will need to copy the RPM to your vCD cells /tmp directory. The LI Agent will need to be installed and configured on every vCD Server.</div>
<div class="separator" style="clear: both; text-align: left;">
Note: At some point after this step you will need to decide when to remove the log4j configuration and when to enable the Agent. I would personally recommend disabling log4j before installing the agent as short term you won't lose any events since the LI Agent will go through all the log files on the server and forward them on.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
5. Install the agent via RPM</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitt0FhRec9at-s59tbhgkLFKKKl8pECgsC0ecLs_EZGw9KwzR9merVj9VM5zpA-Df9F3fKQ8blGJorY95rd8y2kwVUiGjWmtlnXF3fwrtdmWLKIj3Nv1pB4SyrT5He-enVmmnJ2Ak3Z6o/s1600/rpm.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitt0FhRec9at-s59tbhgkLFKKKl8pECgsC0ecLs_EZGw9KwzR9merVj9VM5zpA-Df9F3fKQ8blGJorY95rd8y2kwVUiGjWmtlnXF3fwrtdmWLKIj3Nv1pB4SyrT5He-enVmmnJ2Ak3Z6o/s640/rpm.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
6. If you downloaded the agent from the Log Insight server it is supposed to be forwarding to then you don't need to modify the liagent.ini file but if you downloaded it from my.vmware.com or another Log Insight Server you will need to update the target hostname.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg64YnbUfM6UiW-N6EeFfqqD1dBrLz63pLIyF7jY5HzBUUEWBC34UJMHpYzC3poZaZYiuKqytiWFpLx81Vv3eewhTrBMIytLFJFVNMcKUD2XoEQrVWWAi3VVLzjQEqB4PBJ4ttU0hyebfo/s1600/liagent.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg64YnbUfM6UiW-N6EeFfqqD1dBrLz63pLIyF7jY5HzBUUEWBC34UJMHpYzC3poZaZYiuKqytiWFpLx81Vv3eewhTrBMIytLFJFVNMcKUD2XoEQrVWWAi3VVLzjQEqB4PBJ4ttU0hyebfo/s320/liagent.png" width="320" /> </a></div>
<div class="separator" style="clear: both; text-align: left;">
If you want to be secure you can enable ssl and your /etc/liagent.ini file will look more like the below</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMtCkzMswkMWm1SfO8cV-65Zym8OBCNp6ILdQqZzV7ISCxo-tHBA5HMwg4843j3wpLVUUYeHlrS2RUIRMMDRIMp2tLj2CVPPZpqs3fBBCOC1j6ol0f68E-NJiEWdiPXgjYGwx89eNoHfA/s1600/liagent-secure.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="126" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMtCkzMswkMWm1SfO8cV-65Zym8OBCNp6ILdQqZzV7ISCxo-tHBA5HMwg4843j3wpLVUUYeHlrS2RUIRMMDRIMp2tLj2CVPPZpqs3fBBCOC1j6ol0f68E-NJiEWdiPXgjYGwx89eNoHfA/s320/liagent-secure.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Don't forget that you'll need certificates for SSL so follow the full official documentation available <a href="http://pubs.vmware.com/log-insight-33/index.jsp?topic=%2Fcom.vmware.log-insight.administration.doc%2FGUID-D0727922-91E8-4352-B909-7595254620C5.html" target="_blank">here </a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
At this point you should see that your agents are alive and sending data to your Log Insight Server</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4tYHWabys3EOAKy-FOU3Glo6VJAalslDPmwyLi67let8L1CgMf67jpcYB5_yfyFV2n6Nc5CUCWPXGgtCfVUyw8rLxaJbql35yX7pInRChLmRBkIKmiGxYv_ltmb4zsm8mTNHndJzszM0/s1600/li-up.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="139" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4tYHWabys3EOAKy-FOU3Glo6VJAalslDPmwyLi67let8L1CgMf67jpcYB5_yfyFV2n6Nc5CUCWPXGgtCfVUyw8rLxaJbql35yX7pInRChLmRBkIKmiGxYv_ltmb4zsm8mTNHndJzszM0/s640/li-up.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<br />
Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-29112566419547563292016-07-08T20:15:00.000-07:002016-07-09T13:43:16.003-07:00Early Boot Windows Debugging - Part 2 - Kernel Debugging over SerialThis post is a continuation of Part 1; I think I shall call it "Help, my ntbtlog.txt isn't being written to disk and I'm flying blind"<br />
<br />
Ok, now I need more data because I'm not getting anywhere. Fortunately Windows still has the option to log kernel debugging over serial. A feature I wasn't aware existed util today. That brings up the big question: how do I make that work on a VM and a physical device without a serial port?<br />
<br />
First you need to enable virtual printers in VMware Workstation under Edit > Preferences. Without this enabled Workstation can't attach to named pipes.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkwGy15Q9915uJx3k02JafvAw7YL36Dl9bAgkAruWX-eR5SfqgkWL1bxKJYHziY-fSUvtJGJpRKHtkCZPny-AhJWb8KPcUlaICw6Zq3Gj9yQRmssybYtqRZqMWt0osW9qKht6lwVXmgjk/s1600/8+-+Virtual+Printers.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="197" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkwGy15Q9915uJx3k02JafvAw7YL36Dl9bAgkAruWX-eR5SfqgkWL1bxKJYHziY-fSUvtJGJpRKHtkCZPny-AhJWb8KPcUlaICw6Zq3Gj9yQRmssybYtqRZqMWt0osW9qKht6lwVXmgjk/s400/8+-+Virtual+Printers.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Next we need to add a virtual serial port to our VM and tell it to output to named pipe</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYOncqlpw1xu9aBTwiQPFxoHIi8LzYbGrTgo4j_mPPpkU6oAZVtvq12HdzHrT3MlKUlNhKt89rFZLANwfgmoxpBDoUsmjGfI0w0nKXzxhyphenhyphen1uQvaKlvnIltbb5FBcMCmIlD_0dhyphenhyphenMebTvg/s1600/11+-+Output+to+pipe.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYOncqlpw1xu9aBTwiQPFxoHIi8LzYbGrTgo4j_mPPpkU6oAZVtvq12HdzHrT3MlKUlNhKt89rFZLANwfgmoxpBDoUsmjGfI0w0nKXzxhyphenhyphen1uQvaKlvnIltbb5FBcMCmIlD_0dhyphenhyphenMebTvg/s1600/11+-+Output+to+pipe.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Next accept or change the named pipe (only replace the part "com_1" if you change it) and set it so that "This end is the server" and "The other end is an application". This means that your VM is the server and you are going to attach an application to the named pipe.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKmVGpvearz4HT0qQw6X0b5DNJirxmXOZpULIiV5HNtQHcg3gEqm3zrgkAmwjZIB6mYNNl19ctiQ__vHMoljQk8PiLSn2jzJjVtf2HlhkfZB542SwgtkJm_whOuSpYOqXwq8vbRxR-z64/s1600/12+-+Named+pipe+config.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKmVGpvearz4HT0qQw6X0b5DNJirxmXOZpULIiV5HNtQHcg3gEqm3zrgkAmwjZIB6mYNNl19ctiQ__vHMoljQk8PiLSn2jzJjVtf2HlhkfZB542SwgtkJm_whOuSpYOqXwq8vbRxR-z64/s1600/12+-+Named+pipe+config.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
With that out of the way you need to install the Windows Debugging Tools which are included in the Windows SDK. Link for Windows 10 is <a href="https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk" target="_blank">here</a>. After installing the debugging toolset we need to launch a new kernel debug session.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipmvrfXq6pstK2GtEM9BnkA3FV6cWSouoJHhPRbsZWVxzh1mO8lRJFgiRb3AwMcLGMR79vEMKLuUPREf0zZC1zkflVMXDNO8NO8zax5ceOiSVrM9_5nn0KQ29Nq9is8YWtp580b2dFaSg/s1600/windows+debugger+icon.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipmvrfXq6pstK2GtEM9BnkA3FV6cWSouoJHhPRbsZWVxzh1mO8lRJFgiRb3AwMcLGMR79vEMKLuUPREf0zZC1zkflVMXDNO8NO8zax5ceOiSVrM9_5nn0KQ29Nq9is8YWtp580b2dFaSg/s1600/windows+debugger+icon.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Go File > Kernel Debug in WinDbg</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc3j4XVtuonc7hnFXCNcTpDVMLb33uS-G-auh8f74tz3NhGi_qjwAoirgS8n0Eac9UT5BTE2wAEEurML24vaiiMKiOxm94lvu-XJSn2GJZCkKWjAvp0TnCH4fiRuVasmLRq6TX3VSq6R8/s1600/13+-+Kernel+debugger.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc3j4XVtuonc7hnFXCNcTpDVMLb33uS-G-auh8f74tz3NhGi_qjwAoirgS8n0Eac9UT5BTE2wAEEurML24vaiiMKiOxm94lvu-XJSn2GJZCkKWjAvp0TnCH4fiRuVasmLRq6TX3VSq6R8/s1600/13+-+Kernel+debugger.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Next select the COM tab and fill it out with the below settings but replacing the name of the port with your named pipe.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTyUnOCDRzcbg2vPtjodmD7a26PHnSeSEQ0cVbeXLxtZeVm-qN7Qdu5KEqmfewm8J5q2pg3KGG1fIPOAKp5O5ZX9RVav3ifrVqZaFYl3raIcuSPEfGXwaAF1oxTMxugHRV0og2dCOEHW4/s1600/14+-+COM+settings.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTyUnOCDRzcbg2vPtjodmD7a26PHnSeSEQ0cVbeXLxtZeVm-qN7Qdu5KEqmfewm8J5q2pg3KGG1fIPOAKp5O5ZX9RVav3ifrVqZaFYl3raIcuSPEfGXwaAF1oxTMxugHRV0og2dCOEHW4/s320/14+-+COM+settings.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Hit Ok and you should see your debugger start and say it's "Waiting to reconnect..."</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvXekttJfv3UhDfIGFwNgUhqFFavxo-fOevtYG8kj816kBtrosKdKk01x5tPKeuM8AOJoWFFXCG67hwMnfrtDJx_TGPIcnU7wx-gzKIC8XC-vEzhc6-h4xKcrDzq0XJIiD4P7s0l5xqh8/s1600/windbg+start.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="92" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvXekttJfv3UhDfIGFwNgUhqFFavxo-fOevtYG8kj816kBtrosKdKk01x5tPKeuM8AOJoWFFXCG67hwMnfrtDJx_TGPIcnU7wx-gzKIC8XC-vEzhc6-h4xKcrDzq0XJIiD4P7s0l5xqh8/s400/windbg+start.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Even if you boot the VM at this point you won't get any information first we need to boot to the Windows Repair wizard, go to Troubleshoot > Command Prompt and enable debugging using bcdedit.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Commands:<i> </i></div>
<div class="separator" style="clear: both; text-align: left;">
<i>bcdedit /bootdebug {bootmgr} on</i> (Windows Boot Manager)</div>
<div class="separator" style="clear: both; text-align: left;">
<i>bcdedit /bootdebug on </i>(boot loader)</div>
<div class="separator" style="clear: both; text-align: left;">
<i>bcdedit /debug on </i>(OS Kernel debugger)</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglWDZrNzY-20qYlmDfqPKi22zOgopQw9jShHYQiSSfeoCqdrQC3xol7CIaZ2l6GPH1k0j4M0w94YTOZ0lkjbPkX7Ex1yl_dXfPSk3Dju9KZu_Ulr0VnlGGsiTLst5EGG-gzwnmKjEambw/s1600/bcdedit+default.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglWDZrNzY-20qYlmDfqPKi22zOgopQw9jShHYQiSSfeoCqdrQC3xol7CIaZ2l6GPH1k0j4M0w94YTOZ0lkjbPkX7Ex1yl_dXfPSk3Dju9KZu_Ulr0VnlGGsiTLst5EGG-gzwnmKjEambw/s400/bcdedit+default.png" width="397" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
At this point you can now reboot. In theory this should be all that you need for debugging but I've noticed that the information is still lacking.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjleFv6xrRccvCz_ZrpXSJT75D1fyEpQsJy2MG7TwSXZllW-Khrn3yeCNKe8CFh1MPDsvSkey2ulRVbfJ6fxeB6HLJ4EhBHY4czxGEZVu75Wr-P3vMXcHsw4nxsMMpMwOm9FSA92dtknrI/s1600/debug1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="459" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjleFv6xrRccvCz_ZrpXSJT75D1fyEpQsJy2MG7TwSXZllW-Khrn3yeCNKe8CFh1MPDsvSkey2ulRVbfJ6fxeB6HLJ4EhBHY4czxGEZVu75Wr-P3vMXcHsw4nxsMMpMwOm9FSA92dtknrI/s640/debug1.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Instead have it boot explicitly to debug mode</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM5lDdP6fhi0IqQ-ah7aaWNbcMYh6PbPwPGXFDl9lMGrtrlqVYP9W6QbGjJJJ71SHDcZhqvQNkCHgRC88S0de0-lDO-9kXLe5qXaO2GRphy3rGIU8fyZ1tN6Xcd0BZkgddfYkcJqWiJxs/s1600/debugging+mode.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM5lDdP6fhi0IqQ-ah7aaWNbcMYh6PbPwPGXFDl9lMGrtrlqVYP9W6QbGjJJJ71SHDcZhqvQNkCHgRC88S0de0-lDO-9kXLe5qXaO2GRphy3rGIU8fyZ1tN6Xcd0BZkgddfYkcJqWiJxs/s320/debugging+mode.png" width="313" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Now your debug should have much more valuable information, this time pointing to "<u>IOINIT: Built-in driver \Driver\sacdrv failed to initialize with status - 0xc0000037</u>"</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEnXKwEfbiZ4W95_wc-8XjvhneSipF4SLteN0rSPoObXKKZ3n-bNMdJxa0Nh9epkzjtv5n6yV8N-Q6iWb2juUYgz0fSwfCK8kfwMD9uaJFg16bpWcvvFsumHYXaApBj0VGfTOxCAxSlxM/s1600/debug2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="630" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEnXKwEfbiZ4W95_wc-8XjvhneSipF4SLteN0rSPoObXKKZ3n-bNMdJxa0Nh9epkzjtv5n6yV8N-Q6iWb2juUYgz0fSwfCK8kfwMD9uaJFg16bpWcvvFsumHYXaApBj0VGfTOxCAxSlxM/s640/debug2.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Congratulations, you can now see what is actually going on in your OS and where the root of the issue is at more more clarity.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-47911622577422452016-07-08T19:27:00.001-07:002016-07-09T13:44:28.465-07:00Early Boot Windows Debugging - Part 1 - BasicsI have a Windows Server 2012 VM that will not boot past the Windows splash screen but throws a BSOD with the error "SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (NETIO.SYS). It's been a long while since working on troubleshooting Windows (I primarily use CentOS) but here's what I've found. I don't have the solution yet but I'm recording some tidbits that I found so I will have them later.<br />
<br />
First a bit of preamble:<br />
<br />
1. Advanced Boot Options - When you select "Enable Boot Logging" this is supposed to write a log file named ntbtlog.txt. However, in this particular case that never happens. This is presumably because it is before the appropriate driver is loaded to write log files. However with 2012 this is conjecture since the latest Microsoft documentation that I can find applies to Server 2000. Regardless of reason, it isn't captured in this instance.<br />
2. This VM was originally running on ESXi but I have exported and OVF to my local VMware Workstation for my troubleshooting.<br />
3. In the below operations I will be referencing "d:\" which is actually the c:\ of the server. It is referenced from the rescue command prompt as d:\ on my system.<br />
<br />
Step 1: Boot to the command prompt from the troubleshooting menu in the Automatic Repair wizard<br />
Step 2: Run a chkdsk to verify the filesystem is in working order. My scan came back with required repairs which it corrected. Subsequent scans come back clean.<br />
<br />
Command: <i>chkdsk d: /f</i><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjscsVGlJl2ubSumCWsZ2NJM4gAKj_qp6w3gN-T7nxmYHx60RDJ03l3ywPWYS4qsYLU6Zr-o8-TLSE7pwbm3Zu5_tbi9uzc29fLz3YsED7a0UYnKnAqwL23wpLLGitnqX600Eq_YtkKAVc/s1600/6+-+chkdsk+with+repair.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjscsVGlJl2ubSumCWsZ2NJM4gAKj_qp6w3gN-T7nxmYHx60RDJ03l3ywPWYS4qsYLU6Zr-o8-TLSE7pwbm3Zu5_tbi9uzc29fLz3YsED7a0UYnKnAqwL23wpLLGitnqX600Eq_YtkKAVc/s400/6+-+chkdsk+with+repair.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Step 2: Run sfc to verify that Windows is ok. This returns that everything is ok</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Command: <i>sfc /offbootdir=d:\ /offwindir=d:\Windows /scannow</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigta4_bSoXu_Hh5nhY3CkQwfL5MM-XOHHiYVYqQDlft-qw97Ngdh0NK_CJIeR1ZpClG2Qr6ojF3Qx9fqIYbhaNdWDxErUgXPguwywP09X93hUL9ApCO2PYUgH_tBFoFL3x4WWrG3RrtEU/s1600/7+-+sfc+scan.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="76" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigta4_bSoXu_Hh5nhY3CkQwfL5MM-XOHHiYVYqQDlft-qw97Ngdh0NK_CJIeR1ZpClG2Qr6ojF3Qx9fqIYbhaNdWDxErUgXPguwywP09X93hUL9ApCO2PYUgH_tBFoFL3x4WWrG3RrtEU/s400/7+-+sfc+scan.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Step 3 - Just for grins I also ran DISM (Deployment Image Servicing and Management) to check the integrity. It will throw a warning if you don't give it a scratch directory so I just created a temporary one on my drive. This also returns no found corruption.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Command: <i>dism /image=d:\ /cleanup-image /scan-health /scratchdir=d:\temp</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ-1imJa8X6KvXmMOB9LYR0sBOKGncygf7aHB_u5JJtt0RWJcaES7VsIclq3dC-tpetA4R_xECK0Ckl_XiELPtX3gZuNFXa0fMJlSPDUiMBg_TJEj2ONhOaiFVdMJoqOUOWqaarRuvMro/s1600/2+-+dism+clean.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="103" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ-1imJa8X6KvXmMOB9LYR0sBOKGncygf7aHB_u5JJtt0RWJcaES7VsIclq3dC-tpetA4R_xECK0Ckl_XiELPtX3gZuNFXa0fMJlSPDUiMBg_TJEj2ONhOaiFVdMJoqOUOWqaarRuvMro/s400/2+-+dism+clean.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
So far, so good... except it still won't boot up. I have an existing "twin" of this machine that should match it in most regards so just to be super certain I also run a manual hashing check on netio.sys and sacdrv.sys (more on that file later). The syntax for that is:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i>certutil.exe -hashfile drivers\netio.sys md5 (or sha1)</i></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The number 1 cause of netio.sys BSOD are driver conflicts according to googling so I start down that road next. An export of all the drivers between the 2 systems shows that they are absolutely identical. Because that doesn't help me I start yanking out drivers to see if it will make a difference.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
To get a list of non-Microsoft drivers I again use DISM and find that there are fortunately only 8 to worry about.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Command: <i>dism /image:d:\ /scratchdir:d:\temp /get-drivers</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVN7k3ZiaUyvRvElSsm7td7q1mE2YSGKHHsUuE7HYrYqY8CL86m4bHVTs28no3OkRshnSB1Flj5LD6-TJw98w_i4RQ0OEwZzANufDzVbk25YsEbo7hxCDzCsxCiNVZAUH8TXV_AY4WaQA/s1600/dism+get-drivers.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="251" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVN7k3ZiaUyvRvElSsm7td7q1mE2YSGKHHsUuE7HYrYqY8CL86m4bHVTs28no3OkRshnSB1Flj5LD6-TJw98w_i4RQ0OEwZzANufDzVbk25YsEbo7hxCDzCsxCiNVZAUH8TXV_AY4WaQA/s400/dism+get-drivers.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
I'm going to start removing drivers to see if that makes any difference. Again, using DISM I start by removing the vmxnet3 driver since it makes the most sense considering a netio.sys error.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Command: <i>dism /image:d:\ /scratchdir:d:\tetmp /remove-driver:oem4.inf</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1G1xwt-LyteOQfRE7JP7qClufMfv5Lzmx0ZCLbsFXjfRzoCQLg-xeUX5U1HZvb1qtro5l474gl61Lrxyn2pp8vTIfYxdEK4cyO0jqwjSOAq2P747VJ0EyZn2v1f1tV9J37xbz_bBb5eY/s1600/DISM+remove-drivers.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="171" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1G1xwt-LyteOQfRE7JP7qClufMfv5Lzmx0ZCLbsFXjfRzoCQLg-xeUX5U1HZvb1qtro5l474gl61Lrxyn2pp8vTIfYxdEK4cyO0jqwjSOAq2P747VJ0EyZn2v1f1tV9J37xbz_bBb5eY/s400/DISM+remove-drivers.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
After a reboot, no change. In 1 of my tests I also then proceed to remove the 7 remaining drivers, that also did nothing. Time to get more information.... Queue next post.... </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i><br /></i></div>
<div class="separator" style="clear: both; text-align: left;">
<i><br /></i></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />
<br />
<br />Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-86891351476530049062016-07-01T08:19:00.001-07:002016-07-01T08:19:49.722-07:00Log Insight Configuration API Audit and Standalone Remediation Tool - Updated!For those of you who are interested I have updated the <a href="https://github.com/calebs71/vmware/tree/master/vmware_li_config_api_tool" target="_blank">API based audit and remediation tool</a> with a couple new features. After all, what is the use of automation if it isn't user friendly?<br />
<br />
1. Better error handling of remediation errors: In the past you would just get a message to the effect of "Something went wrong" but now the tool will pass the HTTP status code and Error Details from the Log Insight Server's response to your remediation request. In the below example you can see this in action.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhABx-95NY0oF3ucawwtk8L9pGAJ2FKgLMAlaCwahvFwhsFNE1xxp7Uzl63vWLX6sMkyCAcJuzg8RhuahJq5ogP_xGXBQgZ-Uvo8IcfL_4ZqewpgvzMyQx1x91SciXLDNa2JVwkPR71IIQ/s1600/LI+Error+Handling.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhABx-95NY0oF3ucawwtk8L9pGAJ2FKgLMAlaCwahvFwhsFNE1xxp7Uzl63vWLX6sMkyCAcJuzg8RhuahJq5ogP_xGXBQgZ-Uvo8IcfL_4ZqewpgvzMyQx1x91SciXLDNa2JVwkPR71IIQ/s640/LI+Error+Handling.png" width="640" /></a></div>
<br />
2. Now includes a wizard to help build a simplified JSON configuration file! Now, without having to create a single bit of JSON you can quickly get value from the tool. The wizard is simplified because let's be honest, if you want the wizard you don't want to answer 250 questions. Because of this some things are assumed/disabled. If you want them then you can simply add it to the code or use the template in the included docs (use the -d switch).<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0CKcfjGG7mbLnpcfyOav2Gx3cKLxmLu7IHntpLLbrEmBdSGhYzTg3VofO2JOogIud7dEBDguJ7oSVxJdjkUceIpmgHSGh6Z1P-evtK7JpeGG3ZQpzwI8yaFNd-slp2ve62fRqFZckPAk/s1600/LI-audit-build-wizard.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="270" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0CKcfjGG7mbLnpcfyOav2Gx3cKLxmLu7IHntpLLbrEmBdSGhYzTg3VofO2JOogIud7dEBDguJ7oSVxJdjkUceIpmgHSGh6Z1P-evtK7JpeGG3ZQpzwI8yaFNd-slp2ve62fRqFZckPAk/s640/LI-audit-build-wizard.png" width="640" /></a></div>
<br />
I hope that this helps you get started in seeing the value of using Configuration APIs to manage your Log Insight Servers!Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-46404371905560678722016-05-18T15:31:00.001-07:002016-05-18T15:41:49.777-07:00Log Insight Configuration APIsFor those of you who have followed my blog you will know that I deal with Log Insight quite a bit in our production environments. Because of this I was excited that in the latest release of Log Insight 3.3 there are several new Configuration API's released under Tech Preview status. That said, the documentation around these APIs is very difficult to nail down. The exciting part is that I've just uploaded a new and unofficial standalone audit and remediation tool to my <a href="https://github.com/calebs71/vmware/tree/master/vmware_li_config_api_tool" target="_blank">github repo</a>! As always this code is my personal code and not supported or officially recognized by VMware.<br />
<span id="goog_668340012"></span><span id="goog_668340013"></span><br />
<span id="goog_668340012">Here's how it works: </span><br />
<span id="goog_668340012">The tool reads the desired state of your Log Insight Server from a JSON file that you define. It can use that file to then connect to the Log Insight Server and audit it to see if it matches your desired state. If you wish you can throw in the -r switch and the script will make the Log Insight Server match your desired state.</span><br />
<br />
<span id="goog_668340012">Let's see it in action: </span><br />
<span id="goog_668340012">First up, let's pull up the embedded documentation by running the script with the -d switch to see what the JSON file needs to look like. I've taken pains to try and include complex examples so that you won't be left in the dark on anything.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span id="goog_668340012"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL5fF7JgYes5FbeLR72DrCQoQLz22CKmRwai5Td2AQ4PwuXRnFQI7vPP3ML0zO-xZZhYztzHZ-wqceDGqvWtf0nK1Gu7RV-jMRp_vPZryHJGMsj70P2OTnm3jl3nXTWagNI1mTjyhdIIA/s1600/li-audit-doc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL5fF7JgYes5FbeLR72DrCQoQLz22CKmRwai5Td2AQ4PwuXRnFQI7vPP3ML0zO-xZZhYztzHZ-wqceDGqvWtf0nK1Gu7RV-jMRp_vPZryHJGMsj70P2OTnm3jl3nXTWagNI1mTjyhdIIA/s400/li-audit-doc.png" width="400" /> </a></div>
<span id="goog_668340012">After creating a new JSON file with our desired state it's time to run the tool in audit only mode by just specifying the -f flag and the name of our JSON file. The results that come back are that we have several areas that need remediation (email, event forwarders) and 1 (content packs) that cannot be remediated yet (hopefully in a later version).</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfzhUlXOWK0Na-v9AiHrG-ntq66AGQ0GELee3o0vaJ2j1HhTt2pOgUIfPTnULZ_8hUnG1O7OXR0qtkTioE4B9OXYltb4PM2giS-ryNkxkCVWYOw2Mv5Owt4nKMer4UyKq9tOkR_me_TRY/s1600/li-audit-scan.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfzhUlXOWK0Na-v9AiHrG-ntq66AGQ0GELee3o0vaJ2j1HhTt2pOgUIfPTnULZ_8hUnG1O7OXR0qtkTioE4B9OXYltb4PM2giS-ryNkxkCVWYOw2Mv5Owt4nKMer4UyKq9tOkR_me_TRY/s400/li-audit-scan.png" width="400" /> </a> </div>
<div class="separator" style="clear: both; text-align: left;">
That's all good but we want the tool to fix those issues so we append the -r flag</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmwYTNgvFALrXvHA815TiRhZCNVpvuMeE0giiswsYKMnwKE01NP-1fCViC2gcNchjiYpWsVrcRDUE4twhQN4azl9Blot4W_D9Zvjp9qc463zXkBwxw9e3OOKcnFaHv1QsRKPELm17qQkU/s1600/li-audit-remediation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmwYTNgvFALrXvHA815TiRhZCNVpvuMeE0giiswsYKMnwKE01NP-1fCViC2gcNchjiYpWsVrcRDUE4twhQN4azl9Blot4W_D9Zvjp9qc463zXkBwxw9e3OOKcnFaHv1QsRKPELm17qQkU/s400/li-audit-remediation.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: left;">
If you run the tool again the output comes back as all objects matching desired state but the nice thing is that you don't need to run it again. Once the remediation HTTP POST is sent to the server the tool will automatically go back and query the server for the configuration to verify that your changes have been implemented and the server is now set correctly. It will then show you success in the message immediately following the remediation step. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The portions of Log Insight that the tool has the ability to configure are:</div>
<div class="separator" style="clear: both; text-align: left;">
License Key</div>
<div class="separator" style="clear: both; text-align: left;">
NTP Configuration</div>
<div class="separator" style="clear: both; text-align: left;">
SMTP Configuration</div>
<div class="separator" style="clear: both; text-align: left;">
Event Forwarder Configuration</div>
<div class="separator" style="clear: both; text-align: left;">
Active Directory Configuration</div>
<div class="separator" style="clear: both; text-align: left;">
RBAC Configuration</div>
<div class="separator" style="clear: both; text-align: left;">
Content Packs (audit only right now) </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Stay tuned as I plan on updating the tool over time as more APIs are released and as my python knowledge increases. In the meantime happy auditing and automatic remediation! </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<span id="goog_668340012"><br /></span>
<span id="goog_668340012"> </span><span id="goog_668340013"></span>Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-21201760491870444402016-03-08T10:02:00.001-08:002016-03-08T10:53:26.926-08:00SELinux Hangs on Relabel Attempt - RHEL 7I've recently run into an issue where during a recovery scenario it was necessary to relabel SELinux contexts on RHEL7.1. This is normally done by either placing an empty file at the root of the file system "touch /.autorelabel" or using the "fixfiles onboot" command; both of which I tried in this case. However in this case upon reboot the machine just hung at "Reached Target initrd Default Target" with no sign of even attempting to relabel the filesystem. Doing a bit of troubleshooting isolated the issue to SELinux as adding the "enforcing=0" parameter to GRUB allowed the machine to boot without issue. I tried quite a few different things including setting SELinux to "Permissive" in /etc/selinux/config and then back again, as well as a failed attempt to use "fixfiles restore /" and "restorecon -Rv /" which I'm assuming failed because SELinux was in permissive mode. Until today I've never seen a machine that won't respect the "touch /.autorelabel" nuclear option.<br />
<br />
Ok, here's the fix that I found, odd as it is:<br />
1. Modify GRUB to include "enforcing=0" to allow the OS to boot this first time without SELinux<br />
2. Once inside the OS make sure that /etc/selinux/config is set to enforcing<br />
3. Change the default runlevel from graphical to multi-user (think runlevel 3) with "systemctl set-default multi-user.target"<br />
4. Reboot without modifying GRUB so that selinux is properly enabled on this boot<br />
<br />
On the next reboot oddly enough the system recognized that a relabel had been ordered and proceeded as it should have the whole time. After another reboot and setting the default target back to graphical "systemctl set-default graphical.target" and another reboot as a sanity check it's working as expected again. Very odd problem and I must admit a very odd solution....Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-62557584801759421862016-02-12T13:55:00.000-08:002016-02-12T13:55:56.748-08:00Log Insight - Migration to debug level logsOne of the projects that I am working on is enabling the forwarding of debug logs on all of our VMware vCloud Director Cells to our global Log Insight instance. To do this however we need a fairly accurate appraisal of what the increased overhead is going to look like. As part of this process I'm starting to create a python program that will allow me to quickly find what the current Events per Second (EPS) and log size in KBps are.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiaCFiqbYCmIUwZ8N0UkQ03GdLk1MRKFi7e4ozKKu7-CpThEmh3NWUk2767aH0Cpy6xeQ7wokpH-2Oe8Q0Isck3PpzjMKk4ljQzVDmeuHTlcdLv7_6kzWRiJQrqe3jXOm9v2k9tTyAfrI/s1600/EPS+Calc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="356" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiaCFiqbYCmIUwZ8N0UkQ03GdLk1MRKFi7e4ozKKu7-CpThEmh3NWUk2767aH0Cpy6xeQ7wokpH-2Oe8Q0Isck3PpzjMKk4ljQzVDmeuHTlcdLv7_6kzWRiJQrqe3jXOm9v2k9tTyAfrI/s640/EPS+Calc.png" width="640" /></a></div>
<br />
As you can see the script can be run locally or be pointed at a remote host and looks for the latest fully committed debug log. If you don't want to use that one, no worries, you can easily specify a different log file to use. If the target is a remote server the script will copy the appropiate log file to the machine running the script and then do the analytics locally to remove any possibility of unnecessary overhead from the cell server.<br />
<br />
The script is still in active development as a side project but I hope to add the ability to query vCenter Servers as well in the near future. If you're curious the code is hosted on my <a href="https://github.com/calebs71/vmware">Github repo</a> and as always is not supported or affiliated with VMware in any way....Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-41264567579869068392015-12-17T14:09:00.000-08:002015-12-17T14:31:12.523-08:00Zenoss Monitoring WinRM Error (Server not found in Kerberos database: HTTP@XX.XX.XX.XXWe recently rolled out Zenoss 5 in an environment and when we attempted to connect to Windows Servers over WinRM using a domain user received the below error:<br />
<br />
Error on <machine name="">: Server not found in Kerberos database: HTTP@10.xx.xx.xx</machine><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMp4y-uPq7TYqEgoRjBBxEEZwgYmOhzZm96-pQ9OMDB-maMfnDQsscQZoQRrsa53EOGpYhrqtLFgO3AXI5fEdJuZnOMXfwWOWxNQYOsOXrCy-PyCcjbMAD8OiGN0U32_HAZoGwVJ4KpiU/s1600/Zenoss+SPN+Error+Sanitized.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMp4y-uPq7TYqEgoRjBBxEEZwgYmOhzZm96-pQ9OMDB-maMfnDQsscQZoQRrsa53EOGpYhrqtLFgO3AXI5fEdJuZnOMXfwWOWxNQYOsOXrCy-PyCcjbMAD8OiGN0U32_HAZoGwVJ4KpiU/s400/Zenoss+SPN+Error+Sanitized.png" width="400" /> </a> </div>
<div class="separator" style="clear: both; text-align: left;">
After doing a tcpdump on the Zenoss server using "tcpdump -s 65535 -w <file .dmp=""> <i>filename.dmp"</i>and loading the results into wireshark I found this in the traffic between Zenoss and the Domain Controller:</file></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNHyFggXj1K4j-5TMvqiC0lnZAmFMFWFMmKt1Dp9YcBiO57NETFLj7GTIKz5hNc_uwk3je39wxMg2NtDgpefkPyHHGYfosNzGTeAhada896T5JbNAE-uiYF0AEogaetcLNjWwnk1p2Yv0/s1600/Zenoss+Wireshark.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="278" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNHyFggXj1K4j-5TMvqiC0lnZAmFMFWFMmKt1Dp9YcBiO57NETFLj7GTIKz5hNc_uwk3je39wxMg2NtDgpefkPyHHGYfosNzGTeAhada896T5JbNAE-uiYF0AEogaetcLNjWwnk1p2Yv0/s400/Zenoss+Wireshark.png" width="400" /> </a></div>
<div class="separator" style="clear: both; text-align: left;">
Turns out the Zenoss server was looking for an SPN of the FQDN of my Windows host and not the hostname. We went ahead and added a new SPN for the FQDN using "setspn -S HTTP/<fqdn> <hostname>< FQDN > < hostname >"<fqdn> <hostname> and that resolved the issues!</hostname></fqdn></hostname></fqdn></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<fqdn><hostname><fqdn><hostname>One other side note: In one of the Zenoss documents that I saw it mentioned the need to install the krb5-workstation package on your remote collectors. This is easily accomplished by "yum -y install krb5-workstation" but due to the sequence of of my troubleshooting I cannot prove/disprove that it made a difference. If anyone finds this and can sort out that detail I'd be happy to hear the results.</hostname></fqdn></hostname></fqdn></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-3335498044316578052015-07-24T10:38:00.002-07:002015-07-24T10:38:35.870-07:00Presenting at VMworld 2015I will be presenting at VMworld 2015 in session MGT4579 on "Data In-Sight!! Experiences Running VMware's Private Cloud with Log Insight". If you are at VMworld feel free to attend and say hi as I'd love to get to meet you in person!Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-17004115695591832892014-07-10T11:25:00.001-07:002014-07-10T11:26:41.285-07:00Log Insight Content Pack for vCDHey all,<br />
I just released the official GA version of the vCD 5.5 Log Insight Content Pack which is now available on the VMware Solutions Exchange at <a href="https://solutionexchange.vmware.com/store/products/vcd-log-insight-content-pack#.U77ZHPldV8E">https://solutionexchange.vmware.com/store/products/vcd-log-insight-content-pack#.U77ZHPldV8E</a>. Take a look and let me know of any changes that you think would be helpful to you.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2dAMOIbAumg5kKbyDawEBNqpUYFW8AEI16VFKuv-M9cjt4Ka1I_pPrGT-AOrr5d73INR5g-cmaBUvHbMt-2uSzn_yHyT0pwCJbfUoLePDy9-8pzRlgRcoAEpRazdQK5qn2TEI37fVLzA/s1600/Sanatized+Overview+Dashboard.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2dAMOIbAumg5kKbyDawEBNqpUYFW8AEI16VFKuv-M9cjt4Ka1I_pPrGT-AOrr5d73INR5g-cmaBUvHbMt-2uSzn_yHyT0pwCJbfUoLePDy9-8pzRlgRcoAEpRazdQK5qn2TEI37fVLzA/s1600/Sanatized+Overview+Dashboard.jpg" height="320" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimDTJxxGgXPLSqfCgYzhBRTkQLF5uN4EMKagnSWZE25oAOzmCtqvftm4dZ96MPnkkY2p8x-Fo546EV-tPpzL5QT2VJGaZA4en2zyDIcF6-jVbujMOLYKwyEcaIMFz_eXNR1kadTCorUqk/s1600/Sanatized+vApp+Ops+Dashboard.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimDTJxxGgXPLSqfCgYzhBRTkQLF5uN4EMKagnSWZE25oAOzmCtqvftm4dZ96MPnkkY2p8x-Fo546EV-tPpzL5QT2VJGaZA4en2zyDIcF6-jVbujMOLYKwyEcaIMFz_eXNR1kadTCorUqk/s1600/Sanatized+vApp+Ops+Dashboard.jpg" height="320" width="640" /></a></div>
<br />Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-73977821569626246902014-05-29T16:16:00.001-07:002014-05-29T16:16:03.647-07:00Setting vShield Edge Device Syslog via API<p>If you need to update your vSE devices to send traffic to a syslog server then you might be slightly disappointed to see that there are no instructions in the vCNS API guide to do this, especially if you have a bunch of edges. I experienced this same feeling today and am happy to say that now you don’t have to. Below are a quick couple scripts that will allow you to update single edges or a whole bunch at once using curl!</p> <p>1. First off we need to get a list of our edge devices from the vCNS Manager. We will be using the edgeID acquired here to configure the syslog settings in a minute.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpj_LgQ__7U3It6XqECmGkJALeB5E4TxpMC3XL8Dzml_aEonf23GTDDIGLAvTHNI4JRiUyLQU8A7xkDdCfsNS-AyoLKmxH6apQ6fs1eLO9yhl2zn84N5utEqAeIaSxZw-wJ4C-_oKdRSY/s1600-h/Get%252520Edges%25255B6%25255D.jpg"><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="Get Edges" border="0" alt="Get Edges" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNHrTvs3B2TjIxGDzWB27RFs23sckzPIiebK9nEM38PbPSwA-n3k5BtO1HlR2jX4MGhESI0sYQhmDQZRIvoFF2Dr5FSAc-GtVf9_lfG5z_xO5HZ2OB3agX6YqDeWUrmw38jyWIIzuKOns/?imgmax=800" width="868" height="330"></a> </p> <p>2. This list is a bit too much for our use so I’m going to parse it down to just the edgeID of all the devices.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAfN8e679VRChnKfqPLFchwUv5dfu-x_3PoLaoAdeSwtLIElmsATcsMuy6Y30FfQ3CSweKMwQXYXZiEc26FB7Gtxtk2SIyxSAUSucoK2sziBtiKo0_LNpOQ1MWVsL_Dpyr8ed1jIPHHdo/s1600-h/vSE%252520List%25255B6%25255D.jpg"><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="vSE List" border="0" alt="vSE List" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhMdZBXvRAiDflD_7rsspaWbOaK7-tfQfWYm9uVMaiOm5WI7evL9cZ3dEWsRtJpMaB6YHOuV3_siYc0UZ0KlpBzkjMxACeReOHwU1WEu6itJ5w0k4HhYtWCfHEsjrMeb_4ZcjrT03874s/?imgmax=800" width="886" height="282"></a> </p> <p>3. But I’m going to add them all to a text file (edges_test.txt) that I can parse later (code below):</p> <p>curl -k -H "Authorization: Basic XXXXXXXXXXXXX" -X GET <a href="https://vsm.sub.domain.com/api/3.0/edges">https://vsm.sub.domain.com/api/3.0/edges</a> | xmllint --format - | grep "<id>edge-[0-9]*" | sed -n 's/<id>//p' | sed -n 's/<\/id>//p' > edges_test.txt</p> <p>Now you have to make a decision, modify individual edges or all of them?</p> <p>a. Let’s just edit one (MAKE SURE to set the edgeID in the below statement):</p> <p>curl -k -H "Authorization: Basic XXXXXXXXXXXXX" -H "Content-Type: application/xml" -d '<?xml version="1.0" encoding="UTF-8"?><syslog><enabled>true</enabled><protocol>udp</protocol><serverAddresses><ipAddress>XX.XX.XX.XX</ipAddress></serverAddresses></syslog>' -X PUT <a href="https://vsm.sub.domain.com/api/3.0/edges/edge-282/syslog/config">https://vsm.sub.domain.com/api/3.0/edges/<strong>edge-282</strong>/syslog/config</a></p> <p>b. Let’s edit them all! For this one I have a simple bash script that loops through the text file with all the edge devices and runs the curl statement against them.</p> <p>Here’s the script:</p> <p><em>while read edge; do<br>echo "Beginning Update on $edge"<br>curl -k -H "Authorization: Basic XXXXXXXXXXXXX" -H "Content-Type: application/xml" -d '<?xml version="1.0" encoding="UTF-8"?><syslog><enabled>true</enabled><protocol>udp</protocol><serverAddresses><ipAddress>XX.XX.XX.XX</ipAddress></serverAddresses></syslog>' -X PUT </em><a href="https://vsm.sub.domain.com/api/3.0/edges/"><em>https://vsm.sub.domain.com/api/3.0/edges/</em></a><em>$edge/syslog/config<br>echo "Ending Update on $edge"<br>sleep 5s<br>done < edges_test.txt</em> <p>Really simple but very effective! <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieUcaNbY6I8bdK18ZmJslbbD0bZAP1LWkUqLuiY2sbRcjZBWPswIc02LIFtwzs7gXAnjTHNIX-qjFcZLh88j2lfeJ2IugF8E5SSBKpwAjX1xuvt4FbK7feSLQWnV9cJA_o4UebOqNvl8c/s1600-h/start%252520script%25255B3%25255D.jpg"><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="start script" border="0" alt="start script" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMNlduEhQ49mNOeXAAVEz9LLsg_9YXg8FnzbIf792TRx4hg5n4ttbr0qSm4EqFe-J1bfNvyGlPOD76799kpA1_PtfIQthR7sdytn-HC_HQ28OCdtTRuM8ijKUjhnpvOLFSKa-VnZ7NRSY/?imgmax=800" width="583" height="174"></a> <p></p> <p>Now all that is left is to verify the results:</p> <p><em>curl -k -H "Authorization: Basic XXXXXXXXXXXXX" -X GET </em><a href="https://vsm.sub.domain.com/api/3.0/edges/edge-282/syslog/config"><em>https://vsm.sub.domain.com/api/3.0/edges/<strong>edge-282/</strong>syslog/config</em></a><em> | xmllint --format -</em> </p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSJJLBlvd2uhXkS1TcnJrwjJvKkms-FnkbKaPoOVAD4pidtsDq8lYlKo_UEZukWEIRciyFXM4zDV50wafZwZhz-SccstVevboiVm5tsse0QcV6rgdCXub7Rn1pucyRWG9_V30lXK3mdAM/s1600-h/Verify%252520results%25255B4%25255D.jpg"><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="Verify results" border="0" alt="Verify results" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_pbyysbOUR1QTTsWnMTZogXacsjqEJemBKCMW1lJ_xZ-3heMPjCjz7h0TACfQJT_27J3Cm0BIVnYwUemmida1hAakXWRsRFjyYLpjeozESXOpWoFWaKHltZYzs6cZkngVkp9w9Io86fk/?imgmax=800" width="847" height="189"></a> </p> <p>Have fun not having to use the UI :)</p> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-90881589017974329512014-03-20T15:04:00.000-07:002014-03-20T15:20:39.333-07:00Cloud Content Pack (vCD) for Log Insight<p>For those of you out there who use VMware vCloud Director and Log Insight you may be interested in a content pack that we have built for use by the OneCloud team to help make our cloud run smoother and to give us a ton of (wait for it) Insight into our environment. It's been a work in progress for about 9 months off and on but has served us very well. I hope that it serves you just as well. </p> <p>Here are some screenshots:<br></p> <div style="text-align: center; clear: both" class="separator"><a style="margin-left: 1em; margin-right: 1em" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKG-uaD8rYECTKmcr4g1k-67Zz7apz68IAExQAsM-W2VJCNUEA1USi4_RaEvYOyjkEUpqOSTXu09e20v1J9QyHyJyXAI9IlmVdIpNlfw9q1FMOVK113hv-njk4KsZOqYCvvDtraRxW8DU/s1600/Cloud+LI+Dashboard.jpg" imageanchor="1"><img style="border-right-width: 0px; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKG-uaD8rYECTKmcr4g1k-67Zz7apz68IAExQAsM-W2VJCNUEA1USi4_RaEvYOyjkEUpqOSTXu09e20v1J9QyHyJyXAI9IlmVdIpNlfw9q1FMOVK113hv-njk4KsZOqYCvvDtraRxW8DU/s1600/Cloud+LI+Dashboard.jpg" width="640" height="317"></a></div> <div style="text-align: center; clear: both" class="separator"><br></div> <div style="text-align: center; clear: both" class="separator"><a style="margin-left: 1em; margin-right: 1em" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8q-jtYFqWWkcNgCqtptEAuS8PWEjs7iz8v4DxW953JORGUFzQ4jvfKeBXgFSWolpbea5YWrz6ap-8EEulRuSc4j5KwriMIN7wi0xXVWpfUUHzxNzyH_9062h0hdYEbh3hsJtDIZ5BdHU/s1600/Cloud+LI+Summary.jpg" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8q-jtYFqWWkcNgCqtptEAuS8PWEjs7iz8v4DxW953JORGUFzQ4jvfKeBXgFSWolpbea5YWrz6ap-8EEulRuSc4j5KwriMIN7wi0xXVWpfUUHzxNzyH_9062h0hdYEbh3hsJtDIZ5BdHU/s1600/Cloud+LI+Summary.jpg" width="640" height="374"></a></div> <div style="text-align: center; clear: both" class="separator"><br></div> <div style="text-align: center; clear: both" class="separator"><a style="margin-left: 1em; margin-right: 1em" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyjZW5cyIIV2DwbZ_tWUoQj4kUo9-ylmCTA2HPg30eVwtcGKFEYSFxiZpHa0Dwq0BdPpiHO_d-F9UN3hyDJzJYBXIAcNpICecufBP5kU1hYHe-cT4JimKKBcxmH9PprfPIPWEVJ1DfJi0/s1600/Cloud+LI+Alerts.jpg" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyjZW5cyIIV2DwbZ_tWUoQj4kUo9-ylmCTA2HPg30eVwtcGKFEYSFxiZpHa0Dwq0BdPpiHO_d-F9UN3hyDJzJYBXIAcNpICecufBP5kU1hYHe-cT4JimKKBcxmH9PprfPIPWEVJ1DfJi0/s1600/Cloud+LI+Alerts.jpg" width="640" height="358"></a></div> <div style="text-align: center; clear: both" class="separator"> </div> <div style="text-align: center; clear: both" class="separator" align="left">I hope that this content pack is able to help you better manage your VMware vCloud Director environment. You can download the Content Pack <a href="https://drive.google.com/file/d/0Bw2Mo7MXUJ6daVh0bDlfVm95Vjg/edit?usp=sharing">here</a> just be aware that this is not released by VMware and is not supported by them. Like everything else on my blog it just came from a random blogger on the internet :)<br></div> <div style="text-align: center; clear: both" class="separator" align="left"> </div> <div style="text-align: center; clear: both" class="separator" align="left"><br> </div> <div style="text-align: center; clear: both" class="separator"> </div> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-80105609796601923882014-03-14T10:00:00.001-07:002014-03-14T10:00:34.148-07:00Monitoring VMware vCenter Servers using HTTP Health checks<p>If you are curious about monitoring your VMware vCenter Servers which I am sure that most of you are then you might find this interesting. Did you know that you can monitor the:</p> <ol> <li>VMware vSphere Profile-driven Storage Service</li> <li>vCenter Inventory Service</li> <li>ESX Agent Manager</li> <li>vService Manager</li> <li>vCenter Storage Monitoring Service</li> <li>vCenter Logging Services</li> <li>Autodeploy Service</li></ol> <p>All with a simple, unauthenticated HTTP GET request? Here’s how:</p> <p>Inside of /usr/lib/vmware-vpx/extensions/ you will find several sub folders, one for each extension and inside of those an extension.xml file. That file contains the URL for the healthcheck for each service.</p> <p><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="image" border="0" alt="image" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQCi88POBL46iJ0hAqf6_Is1TVRlWH99JEi15lfNTtKWX1wpnXo2nR23KZ8hYFBAONukVIOr3d_r0au0eBTWcyKyOYQMZtbhw_0uBwFKRwRo1VzIl5d2i_1R6_zCaC_z_W86LQ91A2vuo/?imgmax=800" width="594" height="251"> </p> <p>If you do a GET request against the URL listed it will return a bit of XML that includes the status of the service that you are inquiring about.</p> <p><img style="border-bottom: 0px; border-left: 0px; display: inline; border-top: 0px; border-right: 0px" title="image" border="0" alt="image" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9cBIT9kofpsf1A5C1pWDbD6aO2x-PX41V_Ws2Wa47XPhWrpYgTCh7BA9VG67nf2HR17wK1jVOJUuvdyxxbsKqrBygX2px3V4p6C9e5HryxUIKS8CKjJ0fzmB64sPm-bIxxCWfoA-aCE4/?imgmax=800" width="584" height="133"> </p> <p></p> <p>For quick reference here are the ones currently available in 5.x</p> <p>https://<font color="#ffeedd"><FQDN></font>/sps/health.xml - Storage Profile Service<br>https://<FQDN>/sms/health.xml - vCenter Storage Monitoring Service<br>http://<FQDN>/eam/eamService-web/health.xml - ESX Agent Manager<br>https://<FQDN>vsm/health.xml - vService Manager<br>https://<FQDN>:8443/ls/health - vCenter Logging Services<br>https://<FQDN>:6502/vmw/rbd/health-info - Autodeploy Service <p>The inventory Service works out of box on a Windows vCenter but on the vCSA you will need to open port 10080 on the iptables firewall first, preferably only to your monitoring host. <p>http://<FQDN>:10080/health - vCenter Inventory Service <p>and here is the needed firewall update:</p> <p>iptables -I INPUT -p tcp –s <SOURCE IP> --dport 10080 -j ACCEPT<br>service iptables save</p> <div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:0767317B-992E-4b12-91E0-4F059A8CECA8:c4350d16-f6f6-49a9-a6a5-275a0d00b2da" class="wlWriterEditableSmartContent">Technorati Tags: <a href="http://technorati.com/tags/VMware" rel="tag">VMware</a>,<a href="http://technorati.com/tags/vSphere" rel="tag">vSphere</a>,<a href="http://technorati.com/tags/vCenter" rel="tag">vCenter</a>,<a href="http://technorati.com/tags/vCSA" rel="tag">vCSA</a>,<a href="http://technorati.com/tags/HTTP" rel="tag">HTTP</a>,<a href="http://technorati.com/tags/Monitoring" rel="tag">Monitoring</a>,<a href="http://technorati.com/tags/Health+Check" rel="tag">Health Check</a>,<a href="http://technorati.com/tags/XML" rel="tag">XML</a>,<a href="http://technorati.com/tags/GET" rel="tag">GET</a>,<a href="http://technorati.com/tags/Service" rel="tag">Service</a>,<a href="http://technorati.com/tags/iptables" rel="tag">iptables</a></div> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com1tag:blogger.com,1999:blog-1462840715053647513.post-45931511178385285232014-03-06T11:35:00.001-08:002014-03-06T11:35:36.494-08:00Automatically Configure VMware Log Insight<p>One of the things that I recently needed to do was be able to script the configuration of Log Insight so that an admin no longer needed to go through the web UI to do the initial installation. The below script works but has a limitation: You need to know what your AD password hash and and the admin password hash and salt are. The way that I did this is by using the values from my original Log Insight server. You can be more clever if you are so inclined.</p> <p>The script is designed to use the lower level Linux commands which can obviously be replaced with simple file copies but for what it’s worth here you go.</p> <div style="border-bottom: silver 1px solid; text-align: left; border-left: silver 1px solid; padding-bottom: 4px; line-height: 12pt; background-color: #f4f4f4; margin: 20px 0px 10px; padding-left: 4px; width: 97.5%; padding-right: 4px; font-family: 'Courier New', courier, monospace; direction: ltr; max-height: 200px; font-size: 8pt; overflow: auto; border-top: silver 1px solid; cursor: text; border-right: silver 1px solid; padding-top: 4px" id="codeSnippetWrapper"> <div style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px" id="codeSnippet"><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum1"> 1:</span> <span style="color: #008000">#Change the default NTP Servers</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum2"> 2:</span> sed -i <span style="color: #006080">'s/server 0.us.pool.ntp.org/time.domain.com/'</span> /etc/ntp.conf</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum3"> 3:</span> sed -i <span style="color: #006080">'s/server 1.us.pool.ntp.org/time1.domain.com/'</span> /etc/ntp.conf</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum4"> 4:</span> sed -i <span style="color: #006080">'s/server 2.us.pool.ntp.org//'</span> /etc/ntp.conf</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum5"> 5:</span> sed -i <span style="color: #006080">'s/server 3.us.pool.ntp.org//'</span> /etc/ntp.conf</pre><!--CRLF--><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum7"> 7:</span> cp /etc/ntp.conf /etc/ntp.target.conf</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum8"> 8:</span> chkconfig ntp --level 35 on</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum9"> 9:</span> service ntp restart</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum10"> 10:</span> <span style="color: #008000">#License LI</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum11"> 11:</span> echo <span style="color: #006080">"XXXXX-XXXXX-XXXXX-XXXXX"</span> >> /usr/lib/loginsight/application/etc/license/loginsight_license.txt</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum12"> 12:</span> <span style="color: #008000">#Configure LI. I wanted this as low level as possible, nothing stops you from just copying the file instead of creating it line by line.</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum13"> 13:</span> mkdir /storage/core/loginsight/config</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum14"> 14:</span> echo <span style="color: #006080">"<config>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum15"> 15:</span> echo <span style="color: #006080">" <version>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum16"> 16:</span> echo <span style="color: #006080">" <strata-version value=\"1.5.0-1435442\" release-name=\"1.5 GA\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum17"> 17:</span> echo <span style="color: #006080">" </version>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum18"> 18:</span> echo <span style="color: #006080">" <alerts>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum19"> 19:</span> echo <span style="color: #006080">" <admin-alert-receivers value=\"alert-notify-email@domain.com\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum20"> 20:</span> echo <span style="color: #006080">" </alerts>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum21"> 21:</span> echo <span style="color: #006080">" <ntp>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum22"> 22:</span> echo <span style="color: #006080">" <ntp-servers value=\"time.domain.com, time1.domain.com\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum23"> 23:</span> echo <span style="color: #006080">" </ntp>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum24"> 24:</span> echo <span style="color: #006080">" <authentication>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum25"> 25:</span> echo <span style="color: #006080">" <auth-method value=\"active-directory\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum26"> 26:</span> echo <span style="color: #006080">" <ad-domain value=\"domain.com\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum27"> 27:</span> echo <span style="color: #006080">" <ad-username value=\"username\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum28"> 28:</span> echo <span style="color: #006080">" <ad-password value=\"XXXXXXXXXXXXXXXXX\"</span> /><span style="color: #006080">" >> /storage/core/loginsight/config/loginsight-config.xml#9</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum29"> 29:</span> echo "</span> </authentication><span style="color: #006080">" >> /storage/core/loginsight/config/loginsight-config.xml#9</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum30"> 30:</span> echo "</span> <smtp><span style="color: #006080">" >> /storage/core/loginsight/config/loginsight-config.xml#9</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum31"> 31:</span> echo "</span> <server value=\<span style="color: #006080">"smtp.domain.com\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum32"> 32:</span> echo <span style="color: #006080">" <default-sender value=\"log-insight-server1@domain.com\" />"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum33"> 33:</span> echo <span style="color: #006080">" </smtp>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum34"> 34:</span> echo <span style="color: #006080">"</config>"</span> >> /storage/core/loginsight/config/loginsight-config.xml<span style="color: #008000">#9</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum35"> 35:</span> <span style="color: #008000">#Add Content Packs</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum36"> 36:</span> mkdir /usr/lib/loginsight/application/etc/content-packs/vCD</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum37"> 37:</span> <span style="color: #008000">#copy Content Pack contents to /usr/lib/loginsight/application/etc/content-packs/vCD/content.json</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum38"> 38:</span> <span style="color: #008000">#Update the admin email address and password</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum39"> 39:</span> /usr/lib/loginsight/application/lib/pgsql/bin/psql logdb -p 12543 -U liuser -c <span style="color: #006080">"UPDATE li_user SET email = 'admin-email@domain.com', password = 'XXXXXXXXXXXXXXXXXXX', salt = 'XXXXXXXX' WHERE name = 'admin';"</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum40"> 40:</span> <span style="color: #008000">#First start</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum41"> 41:</span> service loginsight restart</pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: #f4f4f4; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum42"> 42:</span> <span style="color: #008000">#Add AD group to be a LI admin group.</span></pre><!--CRLF--><pre style="border-bottom-style: none; text-align: left; padding-bottom: 0px; line-height: 12pt; background-color: white; margin: 0em; border-left-style: none; padding-left: 0px; width: 100%; padding-right: 0px; font-family: 'Courier New', courier, monospace; direction: ltr; border-top-style: none; color: black; border-right-style: none; font-size: 8pt; overflow: visible; padding-top: 0px"><span style="color: #606060" id="lnum43"> 43:</span> /usr/lib/loginsight/application/lib/pgsql/bin/psql logdb -p 12543 -U liuser -c <span style="color: #006080">"INSERT INTO li_group (group_id, domain, name, role_id) VALUES (5, 'domain.com','log_insight_admins',1);"</span></pre><!--CRLF--></div></div><br /><p>Now you are ready to login using either your new admin password or via your Active Directory account.</p><br /><p> </p><br /><p><br /><div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:0767317B-992E-4b12-91E0-4F059A8CECA8:27046f7c-4223-429a-bbfa-35604cb8a9d2" class="wlWriterEditableSmartContent">Technorati Tags: <a href="http://technorati.com/tags/Log+Insight" rel="tag">Log Insight</a>,<a href="http://technorati.com/tags/VMware" rel="tag">VMware</a>,<a href="http://technorati.com/tags/script" rel="tag">script</a>,<a href="http://technorati.com/tags/automation" rel="tag">automation</a>,<a href="http://technorati.com/tags/automate" rel="tag">automate</a>,<a href="http://technorati.com/tags/configure" rel="tag">configure</a></div></p> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com1tag:blogger.com,1999:blog-1462840715053647513.post-84917908446691091442014-02-13T13:15:00.000-08:002014-02-13T13:15:33.974-08:00SSRS Prompting for Authentication Using FQDNI ran into a weird problem that I figured I would share the solution to since it seems to be floating around on the internet. Basically the scenario is that if I connect to my MSSQL Reporting Server using the IP or shortname it works fine but once I use the FQDN I get prompted for credentials and it never lets me authenticate. The root cause of this is Windows Loopback Check Functionality due to a DNS and Domain mismatch. Here's what I mean:<br />
<br />
My Domain = domain.com<br />
My FQDN = servere1.sub.domain.com<br />
<br />
If you do not correctly set the "Primary DNS Suffix for this Computer" under System Properties > Change > More as seen below you will experience this issue.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRfiyfaFwFGdhg0yw_oLmLnag5i-5DUOf2IHSLcyYdavRL_fsj5KQ0ckGxY9nfHnM3d0X6NuKUt3BcelnUHudB9gHcyD33rsQpu2W7vwXXBKMyCjmAZGcSxvoKVRCa_8lAk22W8weIe1o/s1600/Bug+Fix.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRfiyfaFwFGdhg0yw_oLmLnag5i-5DUOf2IHSLcyYdavRL_fsj5KQ0ckGxY9nfHnM3d0X6NuKUt3BcelnUHudB9gHcyD33rsQpu2W7vwXXBKMyCjmAZGcSxvoKVRCa_8lAk22W8weIe1o/s1600/Bug+Fix.png" height="320" width="219" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
If you are interested there is a MS KB http://support.microsoft.com/kb/926642 that has more details but does not necessarily address this specific cause.Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-2545180546663913902013-11-19T14:47:00.001-08:002013-11-19T14:47:03.986-08:00Intelligent Password Changes with Puppet<p>I need to change the root password on all my hosts but I have a small problem: some hosts have older md5 hashed passwords and the newer ones use the more secure SHA-512 hash. If I did not care about the different hashes and wanted to have SHA-512 across the board I would do a very simple manifest entry to make this happen: Problem is I want to replace the old md5 hashes with new md5 hashes and the old SHA-512 with new SHA-512; not something that Puppet supports very easily. To do this we are going to build a new module with a Custom Fact written in Ruby. First off I need to explain some things if you are new to Puppet. </p> <ul> <li>A module is stored under /etc/puppet/modules and is called via an include declaration in the site.pp Master Manifest</li> <li>A module has it's own Manifest called init.pp under /etc/puppet/modules/<module_name>/manifests</li> <li>Inside the init.pp is a class that <strong>MUST</strong> be named the same as your folder structure. Example: if the folder at /etc/puppet/modules/<module_name> is named "rootpass" then your class declaration must be "class rootpass {...."</li> <li>A module is very powerful and the functionality is written in Ruby</li></ul> <p>Now that we have those out of the way lets start. If you are doing this your self here is the folder structure to make life easier:</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUZfUuECYj_Ez5Yt0pBsDTPMIm1NTDOpMtcQLDT5KKUnhVoeuoedU3hHsJ0aba8_5gU4XqcqDkmRjkeeN85wKvlJuv5wNWayTMCHmQrO8XnaLrYCS6L4WA_saKrux6wt5QALc9BXh9qLU/s1600-h/password-structure%25255B7%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-structure" border="0" alt="password-structure" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiv8rX9qKQ66N-y2ZafE8E2fI4B6mA4qhYgk2ZAYLGDl3CBmq7EKwS8CtR0AIS05rNh1UlxKCTvf8eVoM5RNKS9BZZbiOU2AtuqR4SGNlM_F06wfh4dkHHDPyMP-g4PH21DHXBOEg0toSw/?imgmax=800" width="440" height="433"></a></p> <p>Let's visit each component a piece at a time</p> <p>1. <strong>Custom Fact - sha512rootpass.rb. </strong>Puppet if Statements can be a bit tricky (see <a href="http://docs.puppetlabs.com/learning/variables.html">http://docs.puppetlabs.com/learning/variables.html</a>) so in this case I needed a Custom Fact that checked to see if the root password was a SHA-512 hash which is indicated by it starting with "$6$" (md5 is $1$). If the root password is indeed a SHA-512 hash then the variable sha512rootpass will return with a "true" value. This functionality is delivered by Ruby Facter. For more information take a look at <a href="http://docs.puppetlabs.com/guides/custom_facts.html">http://docs.puppetlabs.com/guides/custom_facts.html</a>. My custom fact is silly simple, it just greps the shadow file for "root:$6$*" and if it's there then returns "true" which means that root has a SHA-512 hashed password.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfnGCq1PuKlrzh_8sR2rTxo6uvJeZgIBccMrkyNnyEqGBV9S6P8Xj22ZKEaGWXJM1Z6qsPgJjOT4A0oozetbYWwHwcLDFPEclq0Lpnvvk7Pdd6SDtV6xcg0UwZYMucNpXD0Ayl9E7zKOA/s1600-h/password-sha512%25255B3%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-sha512" border="0" alt="password-sha512" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5VN82m8qEHPXx2LBC0VEb9xIkaqEN8UtX6DysN6nDxOcgZZG9IUrvYzlCdgz8aHFDpHApDagzeLW129CzFhgPL6Rzs41Tqp6Ee0wXvR4RUZanMOg2QzovTnZlJVbRvKtkCdXVS50wVKI/?imgmax=800" width="574" height="154"></a></p> <p>2. <strong>New Class - init.pp</strong>. The logic for the operation that we actually want to run is located in the init.pp file. Here is where we define our class (reminder, it needs to be the same as you top level folder name). This one basically says "If root is using a SHA-512 password hash (defined by $sha512rootpass = true) replace it with this new one. If not then assume it's md5 and replace it with this new md5 hash.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7VHw9ewtXrDDzsjRYcK0383eDjeGCN6UTM3D7GBayEAfczetOLx-XoguxXYn3dbnYUD4WPjIS1cBe0uSQHBIn5RMYO2-dc3JYvOPZ0FZ7og2qbQL7EeCdi14pWUEcAvtGT85KMhvMB3s/s1600-h/password-init%25255B3%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-init" border="0" alt="password-init" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj6CzfLZ6nTRqKZhPkdm1JUQdA2sl79pHXx5tz4o8_dmxkDx7EtdYXGLNFkSf4AoYdTDcLd90uPtDruHf4HLYJIfpjumfGdA9uq1VYuCHFjhAUok_xNlCV9CBpcOEGU-5lAhj6t4lzRTA/?imgmax=800" width="576" height="402"></a></p> <p>Now we need to tell Puppet what servers to apply this to and this is done by modifying the site.pp Manifest on the Puppet Master. For now I'm going to apply it to all my nodes and so I just add it to my default. If you wanted you can add a new section that says "node <hostname> {include rootpass}" and it would be applied just to that host.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilwKgdXiq6fNX-Sf7amm6V_i3zBKekg5-DndV9psEsKlTNfBRguaSTQVd6S6a_g1mkbTGeLdJ77CFAikH1hHsNPSRAya3xnYVWEZlXwdBGkUSuHLqdJSrZSRLfXtnZkgmsBqtEq4rSZsY/s1600-h/password-include%25255B3%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-include" border="0" alt="password-include" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpGuW1Kp-Mx17-YqvK0wNfczZouhTiGlm0CWXHWCt837Pc64HIIzyxJ5I9QqcFOIZAhMdMB5BXpMbnCnTZtB6EkDYYa_GlPvNcaWLI4c43UDdFQqfQHlwuFCRMcI4g76AQ3kyEjqkgi8s/?imgmax=800" width="576" height="183"></a></p> <p>Now lets test it on an agent box that has an md5 hashed password and a box that has a SHA-512 password. Our older box with md5 is the first up to bat.....</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-EAZf0NBxZRCZj6rPQkm6cv8LfGF1KxS7XkfpcGA_ojZjuyrxFei8ybKJfolqfsu0_GKtwnQP4vxx9gETENufri4AYoKGikSJ9pdpjMOISFJLrJYiDj21rqafZ8PzKU6Ho9Cbfz9Xiog/s1600-h/password-md5%25255B7%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-md5" border="0" alt="password-md5" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsw9jeFc7pw2J21xWIuF_t5PyuaisaKlGPB31ufqlYd6KxNvkW2_MLcxv1B6oV6LEhReAORkvYGJ3QXelFwFzto1lRhoJ0QdAohzpuvj-cRvVVYXncWpt6RISt295i43rOU8MdfylxPVM/?imgmax=800" width="573" height="322"></a></p> <p>As you can see the password was a md5 ($1$) and was changed appropriately. Next let's look at a box with SHA-512.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhz3P8Epscn2blG2EfYkgkzjibCb8niPACoWjRfKC4VJ8T_Q1KqItEin91uhuc-3gIeJfj965RR45-BDOwPHPnP4yab4Ev2DfL1ZQxjzrJCUMX0uNk81qUhKmlbIJ7oriUj92J7QoQ_pe8/s1600-h/password-shachange%25255B3%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="password-shachange" border="0" alt="password-shachange" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimZSE884UEm0ifQut_zGfqhcOR3Cci6FPGBzXQnWa73DR_cqqqjrxf9OpQtFcwefgETSrLFSAiEQJ80M2if6B6M9iU5GD5wHCp-D5eVA7W4vLXy_SaAK8JrHygg-egkflLypYV8hZOydw/?imgmax=800" width="586" height="310"></a></p> <p>As you can see the old password was a SHA-512 hash and has been replaced with the new SHA-512 hash. Success!</p> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-76292204242989210752013-11-19T11:26:00.001-08:002013-11-20T10:37:50.671-08:00Getting Started with Puppet Open Source<p>I'm starting to work with Puppet and noticed that when I am using the open source version there is not really a good "Getting Started" guide and documentation is rather lacking. Not wanting anyone else to suffer through that here is my attempt at it. Hope it helps others.</p> <p><strong>Building the Puppet Master</strong></p> <p>First we are going to check what OS we are running, in my case it's CentOS 6.4 x64 so we're going to grab the repo from yum.puppetlabs.com. After that I look to see what's available and then finally install with a <strong>yum install puppet-server.noarch</strong>.</p> <p> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTbPiFRS-Y9JgkQuxbZrziFhWYSyzwoDCKdOACj-huJxozTdOQ4Hpv_0E0MivwCzsyo3S11Uiulj0ppRj510aMv6-4KE3wOXrbxGUxCJk9rp0eVGdpNk6owV-0p0OMXoWjBmN8REXzTYI/s1600-h/puppet-repo%25255B4%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-repo" border="0" alt="puppet-repo" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2trYkMRIx4IVKT2-TpGQJyOPQrtHVOR0497Ei5IveCYLZFX7qGFqrxcUZMZA4iBsdzrl6FLzFRNvqMfsithGI9vL8lGdkuVIx_0vCDxgVrek6rvNCime9-_cdvtkJewwgFLOVpkJe904/?imgmax=800" width="546" height="462"></a></p> <p>Once Puppet is installed we need to do some things. First we take a look at the stock puppet.conf file. Now, let's make it useful by adding the server name (remember: this is the Puppet Master so it's $HOSTNAME) and enabling pluginsync.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDIVm-arc9X4t9sP4r9uEZ6h66p_n1xHKDjHqfPijqblxXPq1w7mbj1D_I_nIWGtc8VEsiwftYHODVf4kuYmCCbewbpHRjBQC1fkHavbib0IKA0wSNGAJVk6QEsKD2jL-iXWNLcZzle3w/s1600-h/puppet-start-config%25255B5%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-start-config" border="0" alt="puppet-start-config" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2uYN0Pe0oqTElx3qaE3IepxdtmtStSt-oFSKpMaCdrXcGrcb3_3Ak6yTm_N-6QeDyEVFQbXKAg0mj8ymq9IkygLIOP_964trwhym-uz8Bwftywm-54HnKA36mQplvtgWLbBGH_9F58ns/?imgmax=800" width="473" height="786"></a></p> <p>As you can see the file structure of Puppet is pretty empty with the open source version... Let's add site.pp which is the master Manifest for all your Puppet tasks.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghgHmtwtRFxWgou8o75Fax21_8gTvUvWZS5hzgGRC67tdRyEJuMAk0yWK4Euw80kTOKy_N19fsr2aoHh7U577bv5g0FfkMZNn7qcxFHnUf3wQjMsjsHaB5i37GGPT_lddm9KsxbWiu9UU/s1600-h/puppet-site.pp%25255B3%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-site.pp" border="0" alt="puppet-site.pp" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHbCrY6VTukPcaEXFOYPs0DqBbUX_uX6YoECgbpXrMkU6_fr2WP85_dCx62c1eEcYpwAUaSogm8Ir4KvNn1oAHzhLTQbw4aUJ6WbQtc_1Gxuo0Md6J9MCeNNrUc_uH1XD8rUn3_s9cKms/?imgmax=800" width="572" height="179"></a></p> <p>I'm going to add a very simple puppet command that applies to all hosts (nodes) and creates a new user with a SHA-512 password hash. This Manifest file is the source of truth for all your Puppet tasks, more about that later for now remember site.pp is critical.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAbjGutJ4v5SFR27YlT1MDn4PA5VqosvlmjZJUVBkG0tiL61t4SG-YgnnrsKe3vQ6qFRFtKpGfGo7-UgQpEa5Nqj2vhWFTi9CRl2ybY_OB5sxa6HT0BcwvCcmRB1H6jgXTZ8OqEUwk5gA/s1600-h/puppet-site-pp-creation%25255B3%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-site-pp-creation" border="0" alt="puppet-site-pp-creation" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixo_GDoe70XEX3Nb3xpS5aeWCO364ZgjmtgdBDWL_77lT_Ifi3qLCUxb3MRZIQZU43zmwOhFjetxKhYLJJodTECKCCb81pm4aFwpu3Fe4f8Qzb2uP9EVsW1Ps18G9kaQMaq69suwq0rEs/?imgmax=800" width="585" height="203"></a><br></p> <p>Lastly before starting the services we need to open 2 ports on the firewall.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYaT7quokRHc1ULVwcFoyT1m1ydg0WlY-TYoejvMXUM-YdAzf_tNfBoPmSDpw2T66qd3-8Rpx7CIoR4hFJ7SPY5kYZJuXRcC3Xq-Wuo_aolDDF0KCJo1kinD-xL2J1Z-T3WWZ_rQ7ZE78/s1600-h/iptables-puppet%25255B3%25255D.png"><img style="background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px" title="iptables-puppet" border="0" alt="iptables-puppet" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ4QUtMs47WpD734ff-Vzx0tfCLoBg7FTx-XBCNUGd4IzyLGVFsfDtEhAeai5NI5SpLgPsPqi4SntjbQb1a4URY_iirG8MkOeIoiw8PdsBhyyDycIrUcZ8aRHNayz22Y_T6fKyIpjBm4w/?imgmax=800" width="560" height="472"></a></p> <p>Now that the Manifest is complete and we have open ports let's start the Puppet and Puppet Master services.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy9a2rM5jEeEqCR-kLqjgveAz35R45CFYcsrsutEJ6142g0A3U-inyf19-QHAQ-itZ-RHnO3OrYD1ZlJWxTvUJPhyphenhyphenza73Xvp_5LBvK0dOx7wlpDLDvi4mf5lgJQPSrl4plzdLF_s0iYCo/s1600-h/puppet-running%25255B3%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-running" border="0" alt="puppet-running" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcYS9W3uyO9baP358rIIQ5DQfDxLcg9ZOMyRmVIYZ6qrWIFgtnDAu43CsphsF07o3bXWpFvcxsv2KbeYlfKD3Edvl9pKsqojE3OHPYqYwJbScWoe_5yxPeO4rL-z-1rz1_MQtUpZWbs60/?imgmax=800" width="591" height="383"></a></p> <p>We did all that work, let's see if Puppet works. (Note, if you get an error here there is a good chance that iptables is blocking your Puppet traffic). To do that we are going to call the Puppet agent and tell it to run, but not apply any changes (-noop). As we can see it detected that our new user account is missing but did not change anything.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhAgXxTNs4G0IPrYSNm1Ja95VyIIa7dwBKtuleRnw2JMnaX2Xi0i-o3HVMFXGYROJ77JLhBqZ8DCkN3qA1MhxVkJhtSoISx9Fhl5lv2StcW_1Xf6MawXSUXCV4aJupcq97Th0CrLmL8l8/s1600-h/puppet-noop-test%25255B4%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-noop-test" border="0" alt="puppet-noop-test" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9dWhUl2FTKx7l1eBXj07l7ZB8rcq9IsWpG37gmxMzywRzmYv4vXErghYsKt24dQhQsDPrsvQTJ3LpfSgGmOxcJg3xyyjDghNshcQW9BD2rEljsKkd8cnPhCUU5Lrg9GEFWMFs0JsZhPE/?imgmax=800" width="601" height="286"></a></p> <p>That's all great, now let's apply it. There are a couple ways to do this:</p> <blockquote> <p>1. Wait 30 minutes, the agent will automatically run and apply the change.</p> <p>2. Run <strong>puppet agent --test</strong></p></blockquote> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSMnDLubUEFOMWV1d6MJcJZyHbh2JuOepZTgWroD-20TGy0LJ8RG4VUQ_U-TWYLPTCYfFGctHd6nBOsySuEggMBjm6Jx7wUW8c8Lp5BkWD9DbgOXeZ6sqN4OAb9wBWRh2MOJ4937b1VM0/s1600-h/puppet-add-user%25255B3%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-add-user" border="0" alt="puppet-add-user" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglw4qpsrB60N3MyKNL899OKWlAc2lgJW9c4LAICkUNazjPxaoKkSk-_05mn2gts0EoCO2cFBG152RjjLmn1xSIx6UZi9_CYDkt5eZ0OnBhrs3w5PYp0dEgHpPAm7g0M7KNzdwBsgZJYM0/?imgmax=800" width="592" height="408"></a></p> <p>As we can see, the change was successfully made on the Puppet Master, now lets go start installing an agent on another host.</p> <p><strong>Installing Puppet Agents</strong></p> <p>As you can see we are doing basically the same thing as on the Puppet Master but only installing the Puppet Agent.</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYFRLUJ6BLGT3K-y9NWxssTvqCTofIs3GCm5Tl0idD7VctwPwNFBzPw1v4a0PPTx6QwnSGp5pni8KT8BHBj6_wV2wRB6u3QkHlfd5DH2STokBtPYjneCpfe_aXlnONzbk1XBmOJDsL2ss/s1600-h/puppet-agent-install%25255B4%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-agent-install" border="0" alt="puppet-agent-install" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgquzlspJgUvU0JOkwqYPuFPMdSwrVCB_wANCeK-Zkm_hEDKjS_f-sHzJzUMXpE6xefwdoTIy_OUqYVHSFCCYQiCoxMmWRlGggclrqUXIfwgrFMp5MUdxRpplpU9cBVJ2ErGj07brK2snM/?imgmax=800" width="584" height="637"></a></p> <p>After the install completes we need to configure the agent to talk to the Puppet Master. This configuration is done in the same /etc/puppet/puppet.conf as the Puppet Master but we change what we add...</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimP1MYNcjnfu1LLPZxZxysjDg0Rh550k6Tbtws0CTUrG1cn0x3u94FkyLet2KghpP64hWfGHJVhvK1ZncFXXUB1_gnPloLirDrXaS_IS9KNDmN2saR8JjDOxLHrVKhPPK4fPB2HLWmqbc/s1600-h/puppet-agent-config%25255B4%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-agent-config" border="0" alt="puppet-agent-config" src="http://lh5.ggpht.com/-YOjZY7QsIjg/Uou7XShk5HI/AAAAAAAAAlg/LQtU_eC7uWI/puppet-agent-config_thumb%25255B2%25255D.png?imgmax=800" width="581" height="657"></a></p> <p>Next you need to start the Puppet Agent Service: <strong>puppet resource service puppet ensure=running enable=true</strong></p> <p>At this point assuming no firewall issues your agent is now talking to the Puppet Master (test using the "puppet agent --test --noop" command we used earlier); however there is still one thing that needs to be done. We need to approve the agent's certificate on the Puppet Master; once that is complete then the agent will start applying changes that are specified in the Puppet Master's site.pp. You do that from the <strong>Puppet Master</strong> using the puppet cert commands:</p> <p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGwA5r-rjjxmaBZpSuQn3rBCzvYY9doLVNx13NMm14N7SbfzfNDl2Vn4npJESPKWSjyYnBRs6v9L1uJgCBujjYO0jciQHxTpIOm5VNQ6wYkqy0DgflqS9ODv1-bf-THpiYtWJoJJBJQvg/s1600-h/puppet-sign-cert%25255B3%25255D.png"><img style="background-image: none; border-right-width: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="puppet-sign-cert" border="0" alt="puppet-sign-cert" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsGx6bo83-IP7yAugElEnr3j2PD5T1V30PlZEUWEhDbV6L2p3LLKHxvrkOa2sD2XQZfAuMaHGsQZL3nv-M9BJ-Gp2M50nnujJ7LNBq1OOFcco0hwp1IWFV6ApPdsbiK48ik6eAexah-sE/?imgmax=800" width="586" height="171"></a></p> <p>Congratulations! You just setup a Puppet Open Source instance and are now well on your way to using Puppet to help you manage your infrastructure.</p> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0tag:blogger.com,1999:blog-1462840715053647513.post-25630181672025609642013-10-22T10:07:00.001-07:002013-10-22T10:07:06.257-07:00IPv6 Regex<p>I needed to do a massive rip and replace on some IPv6 IP’s and so a regex seemed the best way to go. </p> <p>What I was using: Link-local</p> <p>fe80::([0-9a-f])*:([0-9a-f])*:([0-9a-f])*:([0-9a-f])*</p> <p>All IPv6 IP’s.</p> <p>([0-9a-f])*::([0-9a-f])*:([0-9a-f])*:([0-9a-f])*:([0-9a-f])*</p> Calebhttp://www.blogger.com/profile/03140501813997033425noreply@blogger.com0