Trending Topics

VMware on AWS - How to restore NSX DFW firewall rules to previous state

Image
Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works  NSX DFW configuration has versioning, and it is stored in the NSX Manager.  Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again.  You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen.  Let’s go through the use case:  1. Original state- default config with no custom rules:  a. There are no saved configurations during last 30 days: In my existing test setup, with the current setting

An Overview of Hyper-V Live Migration




Hyper-V Live Migration Configuration Requirements


Before a running virtual machine can be migrated from one host to another there are some mandatory requirements that must first be met:
Hyper-V 2008 R2 must be deployed on both hosts. The first version of Hyper-V does not support live migration.
Source and destination Hyper-V hosts must be configured as a Failover cluster with shared storage enabled.
Source and destination systems must be using shared storage (i.e. via SAN or iSCSI configurations)
Source and destination systems must be running processors from the same manufacturer. It is not, for example, possible to migrate a virtual machine from an Intel based host to one containing an AMD CPU.
The virtual machine on which the migration is to be performed must be configured as Highly Available and to use Cluster Shared Volumes.
The virtual machine's Automatic Start Action setting must be set to do Nothing.
All Hyper-V hosts in the Failover cluster must be configured to boot from the same drive letter. In other words, a host that boots from the C drive cannot perform a live migration to a host that boots from the D drive.


The Live Migration Process


The live migration process performs the following tasks:
Configuration transfer - The source host transfers the configuration data for the virtual machine to the destination host.
Destination VM creation - Based on the configuration data the destination host creates a new virtual machine and allocates adequate memory.
Transfer of memory pages - The memeory pages used by the virtual machine on the source host are transferred to the destination host. During this process, the source host monitors the memory and records any changes that take place after each page is transferred. Modified pages are then resent to the destination host.
Transfer of state - Register and device state are sent to the destination server.
Transfer of storage - The source host transfers the shared storage handle to the destination host where it is used to access the virtual hard disks (VHDs) and passthrough disks required by the virtual machine.
VM brought online - The migrated virtual machine is brought online on the destination host.
Network Re-direction - The network environment is modified to direct traffic intended for the virtual machine to the destination host.


Configuring a Virtual Machine to be Highly Available


As previously mentioned, a virtual machine must be configured as highly available before it is eligible to participate in a live migration. This task is performed from within the Failover Cluster Manager (Start -> Administrative Tools -> Failover Cluster Manager).


Within the Failover Cluster Manager, select the cluster to manage and click on Services and Applications followed by the Configure a Service or Application option located in the Action pane.


An informational screen may appear. Read the information provided and click Next to proceed. On the subsequent Select Service or Application screen click Virtual Machine and then click on Nextto proceed to the Virtual Machine screen. On this screen, select the check box next to the virtual machine to be configured, click Next.


On the Select Virtual Machine page, check the name of the virtual machine that you want to make highly available, and then click Next. Review the information listed on the confirmation screen and click Finish to complete the operation.


Configuring the Virtual Machine for Automatic Start


Open the Hyper-V Manager console, select the virtual machine to be migrated and click on the Settings link located in the Action pane. In the left pane of the settings panel click on Automatic Start Action and under section in the main pane entitled What do you want this virtual machine to do when the physical computer starts?, select the Nothing option followed by Apply.


Performing a Live Migration using the Failover Cluster Manager


Assuming that the system requirements outlined earlier in this chapter have been met and a virtual machine is running on a host within such an environment, a live migration can be now initiated.


Live migrations may be initiated either from within the Failover Cluster Manager console or using Windows PowerShell.


In the Failover Cluster Manager console, select the cluster to which the source and destination Hyper-V hosts (referred to as nodes within the context of a cluster) belong. In the tree in the left hand pane of the console, select the node on which the virtual machine is currently running, right click on the virtual machine in the main pane and select Live migrate virtual machine to another node.


Finally, select the destination node to initiate the live migration. Once completed, the virtual node will be listed as being assigned to the different node to the one it was origianlly running on underCurrent Owner.


Performing a Live Migration using Windows PowerShell


For a command-line or script based method of performing live migrations, the Windows PowerShell environment may be used as follows:


To open a PowerShell window, select Start -> All Programs -> Accessories -> Windows Powershell -> Windows PowerShell. Within the PowerShell window, install the Failover Clustering feature as follows:Import-Module FailoverClusters



To perform the live migration, enter a command using the following syntax:Get-Cluster “<cluster>” | Move-ClusterVirtualMachineRole -Name “<vm group>” Node “<destination node>”



Where:
<cluster> represents the name of the cluster that contains the virtual machine to be migrated.
<vm group> represents the virtual machine resource group containing the virtual machine.
<destination node> represents the name of the destination host node within the Failover cluster to which the virtual machine is to be migrated.

Popular posts from this blog

HOW TO EDIT THE BCD REGISTRY FILE

Image
The BCD registry file controls which operating system installation starts and how long the boot manager waits before starting Windows. Basically, it’s like the Boot.ini file in earlier versions of Windows. If you need to edit it, the easiest way is to use the Startup And Recovery tool from within Vista. Just follow these steps: 1. Click Start. Right-click Computer, and then click Properties. 2. Click Advanced System Settings. 3. On the Advanced tab, under Startup and Recovery, click Settings. 4. Click the Default Operating System list, and edit other startup settings. Then, click OK. Same as Windows XP, right? But you’re probably not here because you couldn’t find that dialog box. You’re probably here because Windows Vista won’t start. In that case, you shouldn’t even worry about editing the BCD. Just run Startup Repair, and let the tool do what it’s supposed to. If you’re an advanced user, like an IT guy, you might want to edit the BCD file yourself. You can do this
Read more

DNS Scavenging.

                        DNS Scavenging is a great answer to a problem that has been nagging everyone since RFC 2136 came out way back in 1997.  Despite many clever methods of ensuring that clients and DHCP servers that perform dynamic updates clean up after themselves sometimes DNS can get messy.  Remember that old test server that you built two years ago that caught fire before it could be used?  Probably not.  DNS still remembers it though.  There are two big issues with DNS scavenging that seem to come up a lot: "I'm hitting this 'scavenge now' button like a snare drum and nothing is happening.  Why?" or "I woke up this morning, my DNS zones are nearly empty and Active Directory is sitting in a corner rocking back and forth crying.  What happened?" This post should help us figure out when the first issue will happen and completely avoid the second.  We'll go through how scavenging is setup then I'll give you my best practices.  Scavenging s
Read more

AD LDS – Syncronizing AD LDS with Active Directory

Image
First, we will install the AD LDS Instance: 1. Create and AD LDS instance by clicking Start -> Administrative Tools -> Active Directory Lightweight Directory Services Setup Wizard. The Setup Wizard appears. 2. Click Next . The Setup Options dialog box appears. For the sake of this guide, a unique instance will be the primary focus. I will have a separate post regarding AD LDS replication at some point in the near future. 3. Select A unique instance . 4. Click Next and the Instance Name dialog box appears. The instance name will help you identify and differentiate it from other instances that you may have installed on the same end point. The instance name will be listed in the data directory for the instance as well as in the Add or Remove Programs snap-in. 5. Enter a unique instance name, for example IDG. 6. Click Next to display the Ports configuration dialog box. 7. Leave ports at their default values unless you have conflicts with the default values. 8. Click N
Read more