iSCSI has become a very popular way of having shared storage among several physical or virtual computers. The benefits of shared storage are even greater when combined with the abilities of VMWare such as VMotion, High Availability and Distributed Resource Scheduler.
Below are the basic (and I do emphasize basic) to configuring iSCSI storage with VMWare 3.0. Like any shared storage infrastructure there are a number of possible methods and structures that could change the way that iSCSI is installed and used.
Step 1 – Add in extra Service Console and iSCSI VMKernal
The service console and VMKernal need to be on the same physical NIC on the ESX server. The IP’s for these services need to be on the same subnet as the iSCSI storage device. The pictures below outline the end-result if your iSCSI VLAN were to be 192.168.4.0/24. Note that the service console that you is shown below is the second and therefore additional service console. The original stays unchanged.
Sample Configuration Page
Sample End Result
Step 2 – Allow iSCSI traffic through the firewall
The Software iSCSI Client for ESX needs to be allowed through the firewall which is located under the security profile section. If you don’t do this then you will not be able to use the service. I found this interface “tricky” to use. Sometimes I would make changes and they wouldn’t take effect until the server was rebooted.
Step 3 – Enable Software Initiator Properties
The iSCSI storage adapter needs to be configured. Find the newly created iSCSI Software Adapter on the Storage Adapters tab you will need to:
- Open the properties
- Configure and subsequently enable the iSCSI Initiator
- On the Dynamic Discovery tab you can add in the iSCSI server IP
Step 4 – Create iSCSI targert on iSCSI device
This will depend on your iSCSI hardware as to how you do this. Each manufacturer has their own way of doing this.
Step 5 – Add LUN to target
VMWare’s design guide for iSCSI – short but good: http://www.vmware.com/pdf/vi3_iscsi_cfg.pdf
Really good blog post by David Davis about VMWare and iSCSI:
It is available on public Windows Update Servers:http://download.windowsupdate.com/msdownload/update/software/svpk/2008/04/windowsxp-kb936929-sp3-x86-enu_c81472f7eeea2eca421e116cd4c03e2300ebfde4.exe
At the Management Summit in Vegas, Microsoft announced the beta of System Center Virtual Machine Manager 2008. This version can manage Hyper-V hosts!
It should be available on connect.
Microsoft has announced the formal name and beta availability of System Center Virtual Machine Manager 2008, a member of the System Center suite of server management products. The announcements came April 29 at the Microsoft Management Summit in Las Vegas, which showcased the beta of the System Center Virtual Machine Manager 2008 (VMM), managing both Hyper-V and VMware virtual infrastructure. Additional functionality new to this version of VMM includes Performance and Resource Optimization (Pro), which dynamically tunes virtual infrastructure, simplified virtual host cluster support, and other improvements and enhancements.
On all Windows 2008 Editions, the firewall is on by default. This true in a Server Core as well. Many IT Pro loves a new Windows 2008 Server Core Edition, but friendly speaking manage it from a command line for many Administrators is not so easy. Yes, We can manage Windows 2008 Core remotely, but we have to configure Firewall on the Core box. There are then three scenarios for remote management via MMC:
- Server Roles – when a server role is installed, the appropriate ports are opened to allow the role to function as well as to allow remote management, so no additional configuration is required. Using the Remote Server Administration Tools (RSAT) feature on a full server installation, we can install just the MMC snap-ins for a role and use them to remotely manage the role on Server Core.
- Domain joined – Once domain joined, the firewall profile is changed to the domain profile which allows remote management. Again, no additional configuration is required.
- Workgroup server – This is the scenario (is most popular when IT Pro demonstrates or tests a new Windows 2008) in which We may need to make firewall configuration changes to allow remote management. If we want all remote managements to work, we can use:
Netsh advfirewall firewall set rule group=“remote administration” new enable=yes
However, there may be situations where we only want to allow certain MMCs to connect for remote administration. Not every MMC snap-in has a firewall group, here are those that do:
Remote Event Log Management
Remote Service Management
File and Printer Sharing
Remote Scheduled Tasks Management
Reliability and Performance
“Performance Logs and Alerts” and “File and Printer Sharing”
Remote Volume Management
Windows Firewall with Advanced Security
Windows Firewall Remote Management
On the Server Core box we can enable these by running:
Netsh advfirewall firewall set rule group=“<rule group>” new enable=yes
Where <rule group> is the name in the above table.
Not every MMC snap-in has a rule group to allow it access through the firewall.
MMC Snap-ins that Require Addition Configuration
In addition to allowing the MMC snap-ins through the firewall, the following MMC snap-ins require additional configuration:
- Device Manager
To allow Device Manager to connect, you must first enable the “Allow remote access to the PnP interface” policy
- On a Windows Vista or full Server installation, start the Group Policy Object MMC snap-in
- Connect to the Server Core installation
- Navigate to Computer Configuration\Administrative Templates\Device Installation
- Enable “Allow remote access to the PnP interface”
- Restart the Server Core installation
- Disk Management
You must first start the Virtual Disk Service (VDS) on the Server Core installation
- IPSec Mgmt
On the Server Core installation you must first enable remote management of IPSec. This can be done using the scregedit.wsf script:
Cscript \windows\system32\scregedit.wsf /im 1/span>
By running Oclist on Windows 2008 Server Core we can get full information what Installed and what Not installed on server.
The full list is very long and not comfortable for reading. If you don’t want to include all of the many “Not Installed” options in the output of Oclist, run:
Oclist | find ” Installed”
We can do this via WMI.
The command line is:
wmic path win32_operatingsystem get OperatingSystemSKU / value
The value Should be converted to hex and then mapped to the list at:
One of the first software that I install on any OS under VMWARE is VMware Tools. The most important benefit is the VMware enhanced video and mouse drivers. On VMware ESX, VMWare tools must be installed to get the NIC working. The Installation process of VMware Tools on Windows 2008 Server Core edition is a bit tricky. As far as you remember, Server Core it is a command line only version of Windows Server 2008. VMWareTools is a GUI installation so this is not an option for Server Core. Today we have few workarounds …Solution 1
- Log into your Windows Server 2008 Server Core VM with an admin account
- From the VMware Workstation console, click the VM menu Install VMware Tools. This will mount the VMware Tools disk (Windows. iso file) in the virtual CD-Rom drive.
- Switch to drive D: (or whatever drive is your CD drive)
- Type Setup and press Enter
- Click Install to the VMware informational message. The VMware Tools will begin to setup.
- Click Next to install
- Click Next to perform a Typical setup
- Click Install to begin the installation
- When you see the status stall, open Task Manager (Ctrl-Alt-Ins Start Task Manager)
- Click the Applications tab, select the RUNDLL process and choose End Task
- Close Task Manager and click OK to any error messages. Setup will continue as normal.
- Click Finish and click Yes to restart the server
- When Windows Server 2008 Server Core starts up, it will be in 640×480 resolution. As a quick solution, read my “CoreConfigurator – Graphic Management Tool for Windows Server 2008 Core” post to explain how to configure the resolution in Windows 2008 Server Core :).
- First step, On Server Core we need to mount the VMware Tools ISO by selecting the “Install VMware Tools” option:
- From a command line run the following command:
msiexec / i “d:\VMware Tools. msi” / qn
This solution a specially for VMware ESX Server. The workaround is to transfer VMWareTools (contained in a file called windows.iso) from your ESX server to a local drive. Use Virtual Center to mount the windows.iso file as a CDROM drive in the Windows 2008 Server Core VM. The exact location of driver is: \ Program Files\VMWare\VMWare Tools\Drivers\VMXNet\w2k of the windows.iso file. The command used to install the drivers is:
C:\Windows\System32> pnputil – i -a vmxnet. inf
You should get the following message:
Microsoft PnP Utility
Processing inf : vmxnet. inf
Successfully installed the driver on a device on the system.
Driver package added successfully.
Published name : oem2. inf
The next step is to set “Hardware Acceleration” for the display adaptor to “Full”. Well, you have to use Registry.
Launch the Registry editor on the command prompt by typing “ regedit”. Then you navigate to:
The long number is a GUID and it will be different on your system. You should find Acceleration.Level key in the 0000 folder. To be sure that you’ve found a correct key check in the same location key “Device Description” with a value “VMware SVGA II“. You have to set the Acceleration.Level key value to 0.
Exit from registry and reboot your server.
The END :).
The default management for Windows Server 2008 Core is the command line. Yes, the main powerful of Windows Server Core becomes available when using such an approach, but sometimes it’s not so user friendly. This is why I’ve been asking so many times if exist anything more graphic :). Yes, one of the first recommendations to work and manage Windows 2008 Server Core is to use MMC from a remote machine, but MMC cannot do everything. Of course to allow work with remote tools this tool should be allowed passage through the firewall packages Server Core. In addition, this is for many more difficult than editing the registry. Therefore, I would like to have a simple graphical tool for configuring local system. The task of developing such an interface is complicated by that the Server Core has a limited set of graphics API, this is a reason why so beautiful MMC doesn’t work on it.
So, if Microsoft has not established such utilities anybody else did this. Look at the utility CoreConfigurator developed by Guy Teverovsky, MVP from Israel.
This is what it can:
- Product Activation Product Activation
- Configuration of display resolution Configuration of display resolution
- Clock and time zone configuration Clock and time zone configuration
- Remote Desktop configuration Remote Desktop configuration
- Management of local user accounts (creation, deletion, group membership, passwords) Management of local user accounts (creation, deletion, group membership, passwords)
- Firewall configuration Firewall configuration
- WinRM configuration WinRM configuration
- IP configuration IP configuration
- Computer name and domain/workgroup membership Computer name and domain / workgroup membership
- Installation of Server Core features/roles Installation of Server Core features / roles
To setup this utility use MSI package and then run the CoreConfigurator. exe file. The following interface will appear.
Just in case, it’s not necessary to install CoreConfigurator, we can simply copy its files into the system. The result will be the same. The video settings look like this:
Setting “Show window content while dragging” may very markedly improve display window objects, if you work with the server via terminal connection. Please note that the setting affects only the current user. According to the picture, to change the time zone, the developer did not reinvent the wheel, and just call to standard timedate.cpl
Remote Desktop Options look like this:
All would be good, but in this version you still have to allow RDP connections in the firewall manually using netsh. Hopefully, in the next version this will be fixed. Management of local users and groups is done through the following windows.
Installation of Roles and Features became a more visual :
Instantly, functionality of firewall management is very limited, but at least he had already to incorporate all necessary rules for the remote control.
Configuring your network interfaces habitually looks fairly.
To set the activation key and Activate the OS is also very simple and all this done via GUI
In addition, let me show winrm interface, interface to rename computer and join it to domain:
It is understandable that CoreConfigurator is not officially supported by Microsoft. Many IT professionals probably have any doubts, whether to trust manufacturer of the software. As usual choice, set its server utility or not is up to you.
I’ve just come back from Seattle where I have been on Global MVP Summit 2008.
Microsoft spoke about new technologies, about new products, about plans and visions.
I have been on many sessions, and I’d like to say what I see as of the highest importance.
If you are Network or Systems Administrator and dealing with Windows environment, you SHOULD start to learn and using PowerShell (if you already not doing so :)). An absolutely every new program / system from Microsoft supports PowerShell, I remember just one exception, Windows 2008 Core. We cannot install and use PowerShell on Windows 2008 Core box, but we can manage and control Windows 2008 Core by using PowerShell on other Windows 2008, Vista or even Windows XP machines.
I’ll try to speak more about PowerShell and I’ll show how PowerShell can serve us in our daily stuff. If you want to do any script and consider about doing it in PowerShell, VB or simple Batch file, I suggest to do it in PowerShell. I’ll try to assist you as much as I could.
At this time I have been in Seattle, on the MVP Summit 2008. Soon I’m going back to home. I had a lot of good sessions about Windows 2008, Exchanges, SharePoint, PowerShell and much more. The detailed report about new Microsoft staff I will write a bit later. It’s not going to be a report with big details, a lot of information on this Summit is under NDA, but I’ll try to publish as much as I can. So, keep checking for a new posts 😉