Step by Step: How to document your environment with the As-Built report by Tim Carman (PowerShell/PowerCLI/PScribo)

So many of us have seen the As Built Report by Tim Carman.  It’s a fantastic resource but if you’re not a strong Powershell/PowerCLI user there are a few steps you may be unaware of.  Follow along from a new workstation perspective and we’ll go through everything you need. This is specific to a basic report using a Windows workstation and VMware vCenter. The As-Built has much more functionality to explore!

First and foremost of course is Powershell. Every newer Windows install will have it by default, let’s check it out.  Click on your START button and type PowerShell.  Right click on Windows PowerShell and choose “Run as administrator”. We’re going to need admin privileges for a few of these steps.

Ok, now we’ve got PowerShell open as Administrator, that’s the hard part. What version do you have? Run the command below, it’ll probably return with a version similar.

$PSVersionTable.PSVersion

Now we can start installing and connecting all the pieces the As-Built script needs to do its work. We’ll need PScribo and PowerCLI. To get those, you have to open the gates a bit as PowerShell is secured by default against random stuff being installed. As this guide is just to make sure you can run the report and see it, we’ll be opening and trusting a few things with a “just open it up” security posture. Please make your own choices and be careful what you install after this post.

Here we’re going to tell PowerShell to run modules and scripts regardless if the code is signed or not. Run the following:

Set-ExecutionPolicy Unrestricted

Let’s reach out to the internet and grab our first module. When you run the install command, PowerShell queries the PowerShell Gallery for the module you want. Think of it like an App Store. Run this:

Install-Module PScribo

So our install started, but as you can see there’s additional dialog to acknowledge. We’re telling PowerShell to use the new method of installing plugins (NuGet) and to trust the PowerShell Gallery (the app store). Chose Y for NuGet and A for the repository. You’ll see some updates happen and then be dropped back to the command prompt. Great work, you’ve installed your first PowerShell module! Now let’s add in some PowerCLI. The workstation I was on had an existing, out of date PowerCLI install and that interfered with this post, let’s clear that out first. Click on start and type appwiz.cpl or navigate to add/remove programs as you like. Select the old PowerCLI and uninstall. If you don’t have PowerCLI installed, this step doesn’t apply.

Now we’re ready to install, run the following commands one at a time. The first line is just if you’d like to see the current version hosted in the PowerShell Gallery and isn’t necessary. After the install is completed, we’ll run the Get-Command to see the VMware commands, proving our install.

Find-Module  -name VMware.PowerCLI

Install-Module -name VMware.PowerCLI -scope CurrentUser

Get-Command -Module *VMware*
Here we can see the VMware commands proving PowerCLI is installed.

Similar to how we configured PowerShell, we’ll now configure PowerCLI. The first command is just to skip a prompt for the Customer Experience Improvement Program and the second enables us to run the scripts . Since the As-Built has unsigned scripts, we’ll need to tell PowerCLI to ignore that.

Set-PowerCLIConfiguration -Scope AllUsers -ParticipateInCeip $false

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore

Now our workstation environment is ready! Let’s get the scripts and get to work. Browse to the GitHub repository. (<–that’s the link) Make sure you’re on the Master branch, then download the .ZIP file and extract the files.

Oh man, we’re so close. Before we run this script, there is an option I want to call out where you can set the detail level of the report. If you browse to the extracted file location, you can edit the vSphere JSON template. If you leave it at the default of 3 across the board, you’re going to get a boat load of information. For your first run, I’d recommend setting a few of the categories to 0 to get a feel for the report. Turn them back on as you like, but understand that’s where you set your detail options. If you make a change, ensure you save the JSON file before you run the report.

This is it! You’re almost there! In PowerShell (and still as Administrator), browse to the location of your extracted scripts.

To run the scripts successfully, we’re going to pass a bunch of information to get the script to do what we want against the stuff we want. Where you see a $field, put in your actual vcenter/username/credentials. You want vCenter admin credentials when you pass this.

.\New-AsBuiltReport.PS1 -Target $vCenter.domain.tld -username $domain\$user -password $yourvcenterpassword -type vSphere -Format Word,HTML -Timestamp -Path C:\$yourpath
Sorry this one is blurry!

PowerShell throws one more warning about the script, hit R to continue and follow along with the prompts. Fill in the requested information if you like or just accept the defaults. Here’s Tim and Matthew presenting at VMworld discussing the report prompts and the output. Once it kicks off, you’ll get a Word doc and an HTML document output. Fantastic resource and I hope this post gets you able to run it. The configuration is up to you.

VMUG Leadership as the new guy or: How I learned to stop worrying and love the Twitters.

Hi Brian,

Thank you for taking the time to chat with our team today, it was so nice to meet you. Welcome to your official position as a volunteer leader of the Seattle VMUG Community and to the VMUG Leader Community at large – we are excited you are on board and look forward to working with you!

That email actually came in back in October of 2018 and man, what a ride it’s been since! The on-boarding process will differ between communities but leaning on previous leaders is vital. I’ve spent quite a bit of time in person and webex with the former leaders and current steering committee. Here’s what it looked like for me to get spun up into the community and moving on events.

First month tasks:

  1. What can I do?
  2. What tools do I have?
  3. What does the community want?
  4. Who do I know? (this is probably the most important thing you can ask yourself)
  5. How do I begin?

For the first bullet, I have no idea what I can do! Let’s skip it.

2. Next up was to figure out what resources are available. OK, let’s get a hold of the social media accounts, i.e. Twitter, VMUG community, vBeers, Seattle@VMUG.com emails etc. Luckily for me, there was a Slack channel that the previous leaders and current steering committee members lurk in. A few password resets to old accounts and off we go! Time to make noise on the internet. Social media is vital for career growth and expanding your peer group. Get on it if you’re not!

3. What does the community want from VMUG Seattle? Can’t really answer that yet either, but I know people like beer. Let’s get them beer!

4. Who do I know? As a VAR, I’m well positioned already with a subset of vendors and contacts. I’m working on expanding that list all the time, so if you are or know a rep and are interested in sponsoring a VMUG event, hit me or the @SeattleVMUG twitter account up. As a VMUG leader, I’m completely agnostic to technology or labels.

5. We’ve already established beer is a great start, so I planned 2 vBeers events. The Seattle metro is stretched cluster with 3 solid communities. Seattle, Bellevue and Tacoma/Olympia are all decent user bases and since I live in the South Sound area I wanted to have multiple events for the seperate communities. I picked out a couple locations based on feedback from previous leaders and called to reserve a space at each location. @Cohesity came through with the sponsorship and we had a really good turn out at both events.

Where do we go from here? Well, the sky is the limit honestly. I got very lucky to have someone approach me at the first Seattle event who was interested in being a leader so at the beginning of the month we welcomed a new leader who’s on the Eastside. We could still use some help in the Seattle downtown metro if anyone is interested! We’re deep into planning our UserCon on February 19th, and I hope to have more information on that to publish in the future.

Thanks, and see you out there.

Achievement unlocked, VCP6.5-DCV! Or, tips to pass your VMware VCP 6.5 DCV

The past few days have been pretty stressful for me and my family.  The last stretch cram session before any exam is hectic. Thankfully today I can put the VCP exam behind me and move on to more useful (in my opinion) certifications.  Here’s the resources I used to be successful in my journey.

First and foremost is the blueprint, now called the Exam Guide. This is your bible and your only anchor I recommend depending on.  If you can check these blocks, you will pass.  If you skip some blocks, you’ll flirt with passing and probably have a retake.  So now that you know what you need to know, how do you get there?

My main VCP man, Greg Shields and his VCP 6 Course on Pluralsight was my first stop. I know it says VCP 6 and not 6.5 but the What’s new in 6.5 document from VMware will cover all of the differences.  This course is such an amazing resource. When Greg calls out a topic as possibly on the exam, you can bet it will be.  Listen for the cues, pause the video and then go do the task and read the document he calls out. Spend some time on the things he says “might be a good exam question”. I want to say that again, read the documentation he calls out.

If the intermediate course is a bit too advanced, David M. Davis is Greg’s counterpart and he covered the 6.5 Foundations course also on Pluralsight.  Again, listen for the cues and follow along in your lab.  What’s that?  You don’t have a lab?  I got you covered!

When I crashed my lab and didn’t have time to rebuild it properly, I leaned heavily on the VMware Hands on Labs. Specifically, I used anything that had “Advanced” in the title and wasn’t 6.7. There is a pretty solid cross reference between the labs and the blueprint.  You can usually find a lab that calls out exactly what you’re doing or just follow along with David and Greg. Actually seeing the menus and building that muscle memory was invaluable. The biggest missing pieces from the lab is Autodeploy and vSphere Replication. There are countless blogs about building your own labs from budget to production level.  If you can’t, the HOL will get you about 80% there.

So now we’ve got a good background.  We’ve spent the 30+ hours with Greg and maybe the 15+ hours with David. How do we practice?  That’s when you get over to Simon Longs blog. This amazing dude built out a huge test repository of questions that also include the answers and references. Additionally, the Pluralsight subscription comes with Kaplan practice questions. Take those tests and when you get a question wrong, don’t memorize the answer.  Go and research the question.  Dig up the relevant documentation and then go back into your lab or HOL and do the task. Build that muscle memory!

 

Good luck and i hope to post again in a couple weeks with my VCAP recap!

How do I become a VMUG Leader? My journey to giving back to the community. (Part 1)

I received an email the other day from VMUG Leadership and I’m pretty excited!

Hi Brian,

Thank you for your interest in becoming a leader for the Seattle VMUG community! The next step for your on-boarding is to complete VMUG Leader Training, which will focus on all the tools, resources and best practices to be an active volunteer. 

My application was accepted and I’ll (hopefully soon) be able to help our local community as a VMUG Leader volunteer. This has been something I’ve thought about for quite awhile.  I’ve been fortunate enough to personally know several of the former local Seattle leaders and many of the other leaders from across the country.  Hanging out with the leaders from other states at VMworld has shown me how valuable the community can be.

If you haven’t yet joined your local community, and you work in the VMware product sphere, you’re definitely missing out. I’ve found great value in having a peer group who speaks the same language as me and has been through similar challenges. The amount of specific product knowledge available through these user groups is invaluable. Along with the community, VMUG offers their VMUG Advantage subscription. The education, product licenses and discounts from membership are well worth the $200 annually.

Leadership though means a different path then just consuming the outstanding benefits as a user. I can’t speak to what it’s like from the inside quite yet, but I hope you follow along with this series and are encouraged to contribute back to your community. Part 2 of this will be about the on-boarding process and what that looks like.

 

 

Basic vSphere host network troubleshooting for ISCSI connectivity

This is me playing with formatting on instruction sets. It’s mostly a writing exercise.  There are probably 1000 better blog posts out there for this subject. I’m trying to see how I’d want this written if I was desperately googling at 7 p.m. on a client site.

vMotion, ISCSI, Management, VM Network, we’ve all had issues connecting.  Here’s the steps I’m writing down for myself to reference when I’m onsite and brain is fuzzy from deployment lag. Let’s assume we’re troubleshooting an ISCSI connection back to a storage array. Connectivity from the host is via 2x 10gbe ports on physical NICs 2 and 5. Assume vSwitch settings and port bindings are set correctly. Assume the storage target IP is 192.168.1.100, host 1 has an ISCSI VMKernel adapter IP of 192.168.1.101 and host 2 has 192.168.1.102. For this exercise, I just want ping connectivity.

  1. Is it plugged in?  So often we skip this or assume.  Physically touch point to point connections and look for link lights. Note physical ports on host and switch, verify against your workbook.
  2. Check the network.  It’s always the network unless it’s DNS.  But it’s probably the network.  Easy steps are ping IPs down the pipe.  Gateway, DNS servers, destination.  Neighbor VMs, neighbor hosts. Verify ICMP Echo is on, otherwise no pings anyway!
  3. You probably can’t ping, otherwise you wouldn’t be here. If you can ping, it’s permissions. Check VLANs across the pipe.  Putty into relevant switch stacks and look at the ports.  Are they in a No Shutdown state?(this means it’s up) Are the port ranges tagged or untagged?  If tagged, you have to specify VLAN on your port groups.  If untagged, remove the VLAN from your port group by setting the VLAN to 0.  On the switch(generally), SSH in, authenticate and type: Show Run to see the running config.
  4. Test across specific interfaces.  Let’s start by identifying our NICs. SSH into the host.  In vCenter, Host>Configure>Services>SSH START. Open PuTTY and enter your Host 1 management IP and login as Root. Now that we’re SSH’d in to our first host, let’s identify our interfaces.  Type: esxcli network ip interface list. Now we have a list of our NICs along with the identifier we’ll use.  Find the NIC you want from your ISCSI vSwitch and ping from that interface to the storage array.  In the host SSH session, type vmkping -I vmk2 192.168.1.100 (replace that ip with your storage array target). We’re telling our host to send a ping out that specific interface (vmk2 or physical NIC2) to that storage target IP. If you don’t specify that interface, you’re going to ping out the management interface and that’s probably not on the ISCSI VLAN.
  5. Assuming that fails, let’s try pinging another host along the same path. Type: vmkping -I vmk2 192.168.1.102 (replace that IP with the ISCSI VMkernel adapter IP on your second host)
  6. If it’s successful, you’ve eliminated your networking between hosts and have moved the issue down to the storage path. If not, you’re more than likely back on the switch stack.  Double check your access groups in your storage.  Does the storage know it’s allowed to talk to the hosts? If your storage array doesn’t have the correct HBAs in it’s allowed list, it’ll drop traffic and your hosts will never connect. After you get connected to the array, ensure your volumes are mapped to the hosts.  If you’ve made changes, don’t forget to rescan your ISCSI software adapters. Go to the host in vCenter>Configure>Storage Adapters>Rescan Storage

Good luck, it’s probably the network.

Book Review: IT Architect Series – The Journey by Melissa Palmer, VCDX-236

Just finished up reading book three in the IT Architect Series.  This one was written by Melissa Palmer, VCXD-236. Not sure why they got the beginners guide for the third book but hey!  You can buy it here.

Melissa lays out foundational objectives along with the resources to track them. She’s included worksheets, journal ideas and skill assessments.  The book covers what an IT Architect is, skills they need and qualifications helpful to pursuing that career. She also includes many insightful pieces about her own personal journey and choices along the way.

Who should read this book?  Well, let me give a bit of my background so my opinion has context.  I’ve been around for awhile, got my start back in the late 90’s Army doing x.500 type stuff on DMS and tactical message switching on gear so obscure I couldn’t find a pic to link! I had an MCSE in 2003, a VCP 5.5 etc, and now work for a VAR in the Seattle, WA metro. I’ve recently made the transition from customer to the dark side. (We have cookies)  This book, in my ever so humble opinion is a fantastic resource for the 2nd to 5th year IT person.  You’ve made it out of help desk hell, you’ve gotten a piece of design and you really want more.  It can be tough running that gauntlet solo, and tougher without a plan.

Melissa did a very thorough walk through about the entirety of this career field. It’s very readable, easy to consume and informative. Having someone lay out the path, objectives and check points along with telling you exactly how they did it was interesting.  I wish I could go back 10 years and give this book to myself. If you’re a budding SA/SE with aspirations, pick this up. If you’re like me and just had your world shook by finding out about VMware Validated Designs along with the realization someone gets paid to do that, use this as a check point.

Stay tuned, I’m off to read Foundation in the Art of Infrastructure Design by  Vcdx-001, John Yani Arrasjid (Author), Vcdx-023, Mark Gabryjelski (Contributor), Vcdx-079, Chris Mccain (Contributor)

 

 

 

 

 

25GbE networking issues

TL;DR Update your firmware and use name brand parts!

Recently I’ve been involved in an 8 node VxRail deployment that involved a Compellent 5020 and a couple SC420 shelves.  Both sets of equipment are using 25GbE networking for the first time in this .EDU data center.  We’ve run into a couple issues and I’ll outline the fixes here.

First, the Compellent 5020 wouldn’t even *see* the HBA cards.  It was shipped from the factory with cards that the controllers weren’t even aware of.  The root cause was out of date firmware.  The reason it was old was the firmware was released the day after the physical install!  Co Pilot dropped the ball on this one and we spent about 12 hours chasing license files thinking that was the fix.  At that time, 23/24 August 2018, you had to opt into the firmware release and gain Co Pilot approval by serial number.  Once we shook enough trees, we find out Storage Center 7.3.2 was required to unlock the 25 or 100 GbE networking. This also requires Storage Manager 18R1 or newer. Bottom line, update your firmware!  Here’s the relevant release notes. 680-021-021 Storage Center 7.3 Release Notes (003)

Next up, the VxRail!  The architect involved in the original Bill of Materials was pushed to use customer supplied SFP28 modules instead of the Dell branded parts.  The customer was adamant to use their supplier as they had been using the off brand 10GbE SFP+ for years and they would save (in theory) several hundred per SFP.  We relented,  and on deployment day not only were the customer supplied SFP28 modules not recognized, the Corning fiber jumpers wouldn’t even seat properly.  The jumpers did seat perfectly in the Dell branded SFP28s that we ordered as backups. Unfortunately, due to shortages we’re now pushing the install a week or more.  Additionally, we ran into an issue with the ports not lighting up.  We found the answer in this Tech Note. Auto negotiation may or may not be enabled depending on switch type and media type.

25GbE_Auto-Negotiation_TechNote

 

Stay frosty!

What to expect, when you’re expecting (a trip to VMworld)

It’s that time again! I seriously look forward to #VMworld as a highlight of my year. It’s a time to refocus my career, reload my enthusiasm for the products I support and nerd out. Last year, attendance was something like 20,000. That’s a whole lot of brain power.

Here’s my tips and tricks gathered over 4 years of VMworld. If you’ve got any tips I’ve missed, hit me up on Twitter and let me know.

Things to absolutely do:

Talk to strangers (with a VMworld badge). The amount of experience at your fingertips at this event is unimaginable. When you’re standing in line, or at a bar, or you sit down for a meal, talk to the attendees. Put yourself out there and it pays 10x in return.

Attend more breakout sessions or panels instead of lectures.  In my ever so humble opinion, the lectures don’t hold near the value of participating in a discussion.  Key word is participate! Ask questions, drive the discussion. Go to the #VBrownbag sessions and talk.  Hang at the #VMUG booth.

Go to the after parties.  They’re fun, they’re a large portion of why you’re there and it’s a great way to meet interesting people.  The flip side of this one is Go to your sessions. There’s no one to watch you, your boss will never know, but you’ll miss out on so much of the conference if you sleep in.  Stay up with the boys, but get up with the men. (that’s gender neutral btw)

Dress appropriately.  Not just clothes, this includes personal hygiene. Let the neckbeard stereotype die.  Wear clean clothes, wear deodorant, clean yourself.  So much of this event involves close quarters.  Please don’t stink.  I wouldn’t mention it if it didn’t happen. Wear breathable, comfortable clothing.  Wear shoes you can walk all day in. If you need to, swing back to your room and refresh.

Drink and eat well.  Swing by CVS and get some snacks and water bottles or use the (probably lame) bottle that comes with the backpack. Buying water in the hotels is crazy expensive. Drink and eat well also means don’t try to hang with people that drink more than you.  Every year I end up making sure some young thundercat gets back to their hotel safely.  Drink up me hearty, but then drink a water.  1 and 1 will keep you safe(r).

Things to NOT do:

Don’t sit in your room and game. Do that at home. Get out there and invest in yourself during this short opportunity.

Don’t worry about swag too much.  Get a good amount, but that’s not why you’re there.  Bring some back for your teammates!

Don’t leave your actual work email tied to your badge if you can help it.  Go edit your profile and use a burner email.  Solarwinds has great swag, but they will hound you. You’ve been warned.

Don’t make this a solo event if you’re by yourself.  Go to the welcome event and create your own crew.  I’ve been hanging with the same amazing people I met 4 years ago and before that first night we’d never met.

Don’t forget, all of the sessions and the Hands on Labs will be available later in the year online.  If you need a break from everything, go knock out a lab but remember to keep networking.

Looking forward to seeing you all there!

 

Step one (we can have lots of fun)

I just passed my VCP 6.5 Foundations Exam. It’s open book, so not a lot of celebrating is in order, but maybe a little.

Hurray!

Big shout out to Simon Long and his amazing test questions. A note about these. Don’t use them as a test check, use them to find the official docs and research the concept, not the answer.

VCP6.5-DCV Practice Exams

Other resources:
Pluralsight
Mastering Vsphere 6.5
vSphere Docs, man you’re going to spend a lot of time here!

I want to be a vExpert

vExpert

It sounds pretty cool!  It’s got a lowercase letter in front, so you know it’s technologically legit. I’ve got more then a few friends who’ve attained this moniker. Some say it’s been diluted with new eligibility criteria that has changed over the years.  For me, I see it as a new and different way of thinking about my career. Where once I was *the IT guy* and the go to for all things that plugged in, I’m now a tiny little fish in a ridiculously large ocean.

I’ve recently switched from the customer side (your traditional Systems Administrator) to the VAR side, or Value Added Reseller as a Solutions Engineer. In this role, I’m helping many customers across a broad solution set instead of managing a single companies infrastructure. My main focus will more than likely continue to center around the VMware product suite but it now also encompasses the diversity found in different business sizes and units.

I’m going to use this blog to track issues I run into in the field, discuss my certification paths, and highlight technologies I think are interesting.

From the link above:

“If you are interested in becoming a vExpert the criteria is simple. We are looking for IT Professionals who are sharing their VMware knowledge and contributing that back to the community. The term “giving back” is defined as going above and beyond your day job.”

With the stuff we run into on the VAR side, there’s plenty to discuss! Wish me luck.