Month: May 2017

May 31, 2017

Installation of Veeam Availability Console 2.0

I’ve been privileged enough to get my hands on the RC version of Veeam Availability Console, or VAC as its more commonly known. The build number of this version is  2.0.1.983.

What is Veeam Availability Console?

VAC is the new iteration of Veeam Managed Backup Portal which is available to Veeam Certified Service Providers. VAC provides the following features:

  • Allows VCSP’s and Enterprise customers to deploy, mange and report on their BaaS or DRaaS customers utilising Veeam Cloud Connect
  • Provides the ability to deploy  Veeam Agents across multiple physical, virtual or cloud platforms
  • Supports multi-tenancy to provide managed customers with unique dashboards and reports of the backup or replication jobs

How to install Veeam Availability Console?

1

Initial Setup

2

.NET Framework 4.5.2 is required for this installation

3

Reboot after .NET Framework Installation

4

Accept the EULA

5

Install License File

6

Installation Components

7

Installation pre-reqs

8

Installation of missing pre-reqs

9

Completion of pre-reqs

10

Credentials for local windows service

11

Confirmation on ports required. These can be customised to suit your environment

12

Installation of SQL 2012

13

Installation of components

14

Installation of components

15

Installation complete

16

 

Next i will follow up with a post on configuration of Veeam Availability Console

May 30, 2017

NetApp FAS2650 node panic – ONTAP 9.1

After installing a new NetApp FAS2650 recently, a bug was observed which was causing one of the nodes to panic, and restart to the LOADER A prompt. After engaging with NetApp support, the following bug was found

A PCI NMI error triggers from QLogic 16Gb FC or 10 GbE Converged Network Adapter
(CNA) ports on some storage systems, such as FAS8200, FAS2650, FAS2620,
AFF A300, or AFF A200. The issue might continue to reoccur several times. This
issue only occurs when the port pair is configured in CNA mode.
An example of an error message is displayed, as follows:
PANIC : PCI Error NMI from device(s):RPT(0,3,3):QLogic FC/10GbE CNA on
Controller.

http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=1026931

To resolve this, the following workaround is available:

Use the service processor to perform a system power cycle on the affected controller.

Reconfigure all unused CNA port pairs to Fibre Channel (FC) mode. Run the below commands from the Service Processor, commands below:

  1. ucadmin show –node “Affected Node” –adapter *
  2. ucadmin modify -node * -adapter * -mode fc -type target

You will need to make sure all CNA adapters are changed to fc to resolve the issue. Example below:

Before example:

*> ucadmin show

Current  Current    Pending  Pending    Admin

Adapter  Mode     Type       Mode     Type       Status

——-  ——-  ———  ——-  ———  ——-

0c     fc       target     –        –          offline

0d     fc       target     –        –          offline

0e     cna      target     fc       –          offline

0f     cna      target     fc       –          offline

Example 2/:

*> ucadmin modify -m fc -t target 0f

ucadmin modify: Mode on adapter 0f and also adapter 0e will be changed to fc.

Do you want to continue (y/n)? y

*> ucadmin show

Current  Current    Pending  Pending    Admin

Adapter  Mode     Type       Mode     Type       Status

——-  ——-  ———  ——-  ———  ——-

0c     fc       target     –        –          offline

0d     fc       target     –        –          offline

0e     cna      target     fc       –          offline

0f     cna      target     fc       –          offline

After Modify command is used

::> ucadmin show

Current  Current    Pending  Pending    Admin

Node          Adapter  Mode     Type       Mode     Type       Status

————  ——-  ——-  ———  ——-  ———  ———–

Node01            0c       fc       target     –        –          online

Node01            0d       fc       target     –        –          online

Node01            0e       fc       target     –        –          online

Node01            0f       fc       target     –        –          offline

 

Caveat: information presented in this how to guide is as is,  myself or my employer hold no responsibility to the guaranteed success of this guide

 

May 25, 2017

Upgrading VMware ESXi whilst using Nexus 1010v VDS

Recently i went through a process of upgrading a VMware environment that utilised the Nexus 1010v Virtual Distributed Switches.

The automatic upgrade that can be performed from the 1010v failed due to an issue on the VMware ESXi hosts. This was troubleshooted and identified as a stuck services on the VEM. The following process was completed to resolve the issue

It is advised to run this process whilst no virtual machines are located on the ESXi host

From ESXi Shell:

vem status -v

vem status -v

This command will identify the running version and status of the VEM package

To stop the VEM service

vem stop

Identify the process id of the VEM

lsof | grep Cisco

lsof grep cisco

Document the version and process ID. In this example we are using v173 and process id is 5516

Now kill the process:

kill -9 5516

Now install the upload the new vib to the ESXi host. We are using /var/log as our location

esxcli software vib install -v /var/log/vib_version.vib

Now check the status

vem status -v

Ensure this picks up the new version

Now from the Cisco NEXUS 1010v you should see the hosts logging in with the correct VEM version

 

Caveat: information presented in this how to guide is as is,  myself or my employer hold no responsibility to the guaranteed success of this guide

 

May 25, 2017

Password’s – An easy ticket into your organisation

With the ever changing security landscape, protection and compliance are high on the radar for most organisations. One area that gets forgotten in the battle against cyber threats, is authentication methodology, and more specifically why removing password authentication should be high on the priority list

Recently Microsoft announced some damning statistics around password authentication. For example, did you know that 63%* of all confirmed data breaches involved weak, default or stolen passwords. In addition to that statistic, did you know in a recent survey more than 25%** of employees would consider selling their password for less than £100

Pretty damning stuff wouldn’t you agree

So what can be done about this?

Multi-factor authentication is something you will start to hear more and more. The ability to authenticate against corporate environments using a multitude of methods will soon become the norm. Rather than enforcing strict password policies at an organisational level, or relying on users to adhere to password policies, utilising facial recognition, bio-metric scanning or token based authentication will enhance your security profile

Microsoft’s Azure AD can enhance this further by providing password management of a number of third-party applications and websites. By authenticating against an Azure AD platform using your chosen method of authentication, this can maintain security to SalesForce, Twitter, SAP and many more. This will prevent users having to maintain password based authentication for their other applications, and allow this security model to be maintained and control by centralised IT. Imaging Single Sign On across workloads using Multi-Factor authentication.

* figures provided by Microsoft at the Microsoft Tech Summit  2017

**figures provided ATLAS Sailpoint 2016 Market Pulse Survey. Survey polled 1000 people of which half work for a company with more than 10,000 employees

May 18, 2017

#VeeamOn from 4000 miles away

Veeamon2017logo

This week has been full of announcements from the eagerly anticipated VeeamOn event. With over 3000 attendee’s, many of you may have been lucky enough to attend this event. If you’re like me, and have been unable to attend and following online, here is a break down of the announcements so far

 

Tape-as-a-Service:

With recent events, the requirement for truly offline backups is increasing. Air Gapping is something that will crop up more and more in conversations. Veeam has natively supported tape backup in the last few version, but now it has included tape support to the BaaS offering powered by Veeam Cloud Connect. This will allow Veeam Service Providers to offload your Cloud Connect Backups to tape for enhanced protection.

It looks like the IBM Tape Loader attracted lots of attention

Tape.PNG

Microsoft Office 365 with Multi-Tenancy

Another feature primarily aimed at Veeam Service Providers. Veeam Backup for Microsoft Office 365 is currently available to all current Veeam customers for free. This will backup and protect your Veeam Office 365 instances, to provide item level recovery of all mailbox items.

With the announcement of Backup for Office 365 1.5, this will enable multi tenancy to allow service providers to protect Office 365 alongside VMs/Workstations or physical workloads.

office 365

Migrating, Managing and Protecting Public cloud (AWS, Microsoft Azure and other)

With the adoption of cloud computing across organisations growing, the ability to efficiently protect and maintain availability also becomes more challenging. The new Veeam Availability Console, this will deliver everything a service provider or distributed enterprise needs to deploy, manage and monitor Veeam-powered Availability services — no matter where the protected workloads are hosted.

 

Protecting Enterprise Mission-Critical Applications with NEW Veeam CDP 

Veeam Continuous Data Protection allows service providers to help customers to protect and recover business critical applications during a disaster. Veeam Cloud Connect uses vSphere APIs for I/O Filtering (VAIO) to offer continuous replication to private or managed clouds.

CDP

Built-in management for Veeam Agent for Linux and Veeam Agent for Microsoft Windows.

Currently Veeam Agent for Windows and Veeam Agent for Linux are manual, silo’d installations, with no over arching management. Now with the announcement of Veeam V10, built in management of those agents can now done via the Veeam Console. This will allow installation, monitoring and reporting of workloads where VAW or VAL are required

 

NAS backup support for SMB and NFS shares

An exiting feature, Veeam V10 will now incorporate the ability to protect availability of NAS/CIFS shares. If you’ve been using storage devices to provide CIFS workloads, but struggling to maintain the same level of availability as your virtual infrastructure, this feature will resonate with you.

cifs.PNG