LeftHand OS 10.0 – Active Directory Integration

I upgraded the vmFocus lab last night to LeftHand OS 10.0 as with anything new and shiny, I feel an overwhelming urge to try it!

So what’s new? Well according to the HP Storage Blog the following:

  • Increased Windows integration – We now offer Active Directory integration which will allow administrators to manage user authentication to HP StoreVirtual Storage via the Windows AD framework. This simplifies management by bringing SAN management under the AD umbrella. With 10.0 we are also providing support for Windows Server 2012 OS.
  • Improved performance – The engineering team has been working hard with this release and one of the great benefits comes with the performance improvements. LeftHand OS version 10.0 has numerous code enhancements that will improve the performance of HP StoreVirtual systems in terms of application performance as well as storage related functions such as snapshots and replication. The two major areas of code improvements are in multi-threading capabilities and in internal data transmission algorithms.
  • Increased Remote Copy performance – You’ll now experience triple the performance through optimization of the Remote Copy feature that can reduce you backup times by up to 66%.
  • Dual CPU support for VSA – In this release, the VSA software will now ship with 2 vCPUs enabled. This capability, in addition multi-threading advancements in 10.0, enhances performance up to 2x for some workloads. As a result of this enhancement, we will now also support running 2 vCPUs in older versions of VSA. So if you’ve been dying to try it, go ahead. Our lab tests with SAN/iQ 9.5 and 2 vCPUs showed an up to 50% increase in performance.
  • Other performance improvements – 10.0 has been re-engineered to take advantage of today’s more powerful platforms, specifically to take better advantage of multi-core processors, and also improves the performance of volume resynchronization and restriping and merging/deleting snapshot layers.

Active Directory Integration

The first thing I wanted to get up and running was Active Directory integration.  So I went ahead and created a Security Group called CMC_Access


Naturally, we need a user to be in a Security Group, so I created a service account called CMC and popped this into the CMC_Access Security Group

CMC User

Into the CMC, oops I mean the new name which is HP LeftHand Centralized Management Console.  Expand your Management Group and Right Click Administration and Select Configure External Authentication.

CMC External Authentication 1

Awesome, we now need to configure the details as follows:

  • Bind User Name the format is username@domain.  So in my case it’s cmc@vmfocus.local
  • Bind Password is your password, so in my case it’s ‘password’
  • Active Directory Server IP Address (which is VMF-DC01), your port is 389
  • Base Distinguished Name this is DC=vmfocus, DC=local

CMC External Authentication 2

Hit ‘Validate Active Directory’ and you should be golden.

CMC External Authentication 3

Hit Save, don’t worry it will take a while.

TOP TIP: If your note sure what your Base Distinguished Names is, launch ADSI Edit and that will soon tell you.

Next we need to Right Click on Administration and choose New Group

CMC External Authentication 4

Give your Group a name and a Description, I’m going to roll with cmc_access (I know original) and they are going to have Full rights.   We then need to click on Find External Group

CMC External Authentication 5

In the ‘Enter AD User Name’ enter the Bind User Name from the External Authentication, so in my case this is cmc@vmfocus.local and hit OK

CMC External Authentication 6

If all has gone to plan, you should see your Active Directory Group, select this and hit OK

CMC External Authentication 7

It should appear in the Associate an External Group dialogue box, hit OK

CMC External Authentication 8

Then logout and log back in again as your Active Directory user, making sure that you use the format name@domain

CMC External Authentication 9

One of the odd things that I have noticed, is that it takes an absolute age to login, not sure why this is, but I’m sure HP will fix it in an upcoming release!

Is VMware Site Recovery Manager Really Worth It?

Following on from yesterdays post ‘10 Questions With Craig Kilborn‘ VMware have posted my first article on the Bloggers Bench

It’s not a ‘true’ technical article, more along the lines of why use technology to met your business objects.

From the Bloggers Bench: Is VMware Site Recovery Manager Really Worth It?

Let’s start off with a cheery fact ‘the U.S. Department of Labor estimates over 40% of businesses never reopen following a disaster. Of the remaining companies, at least 25% will close within 2 years. Over 60% of businesses confronted by a major disaster close by two years, according to the Association of Records Managers and Administrators (information source).

A question I’m asked a lot is do I really need DR? Well reading the above statement, I hope the answer is yes, but in all reality the actual answer is, it depends.  OK that is probably the most ‘woolly’ thing anyone in IT can say, we like hard and fast, black and white rules as engineers dammit!

For example, you may work for a company that has no on premise IT, you use a cloud based platform for your accounts, CRM and HR packages and you use hosted Exchange, SharePoint and Lync as your communication pieces, would you need DR, well the answer is probably not.

What about if you work for a company with a vSphere environment which can cater for two host failures and has redundancy on every level.  This is then housed in a Tier 5 Datacenter offering 99.999% uptime, with the usual battery backed generators, diverse internet links, fire suppression systems and environmental monitoring.  Connectivity is provided by diverse links to the datacentre, would you need DR then? Possibly as it depends on how the company views risk, if I was a betting man, I would say in most scenarios DR wouldn’t be necessary.

Read the rest of the article here

10 Questions With…Craig Kilborn

Seems quite strange writing a blog post about myself.

A little while ago VMware SMB contacted me after seeing my series on ‘Configuring Site Recovery Manager (SRM) with HP StoreVirtual VSA’ and wondered if I would contribute on the SMB site.  Naturally, I was more than happy to be considered!

Part of the process was to answer 10 questions about your truly, it’s perhaps one of the hardest things that I have done, give me a technical article any day.

If you want to know a little bit more about me and how I got into VMware check out this link

HP P2000 G3 Firmware Upgrade

The HP P2000 G3 is HP’s entry level SAN, it’s a robost piece of kit, as long as you keep the firmware updated.

Before we upgrade the SAN firmware, let’s run through a couple of items.

  1. Brick – It might happen, the SAN could become a brick after the firmware upgrade, always get a good backup of your data before you embark on the firmware upgrade.
  2. Downtime – Even though this can be done live, I recommend you arrange downtime, it’s just the sensible thing to do and gives you flexibility.
  3. Internet – This should go without saying, as you need to be able to download the drivers.
  4. Alarms/Monitoring – Turn this off for the SAN, as you will be inundated with emails/tickets.

Right then let’s crack on shall we.

First of all we need to download the right firmware at the time of writing this the TS240P003 has been released, this can be obtained from here

To make things slightly easier the one you want is in the red box below,.

After you have downloaded the firmware, we need to extract it, you can try the online flash, but for me it never works.

The file we care about is TS240P004-02.bin

Log into your P2000 G3 by browsing to the IP Address of either Management Controller

Select the SAN name on the top left level and go to Tools > Update Firmware

At this point, I would double check that you have an straight upgrade path from your current contoller firmware to the one you intend to install.  I have checked mine so we are golden.

Click Browse to locate the TS240P004-02.bin file

TOP TIP: The controller you are logged into is the controller you will be upgrading the firmware on.

Click on OK and you will see the firmware being uploaded and applied, this can take some time so don’t worry.

Boom, it’s finished you should receive a ‘firmware update succeeded, restarting controller’

At this point you should have different versions of firmware on your controllers

TOP TIP: Check iSCSI or Fibre Channel access to your Volumes before you move onto the next controller.

Rinse and repeat for the next controller, and you should be golden.

My First UK VMUG

Like many who use VMware products, I had heard about the VMware User Group but had not had the opportunity to attend due to various work commitments.  For those of you who are unaware, they are organised by the community, and people give up there time to orchestrate the event, which I for one applaud.

So, what’s it like? Well the easiest answer is ‘a mini VMworld, but for free’!

On arrival you perform the normal sign in process and then you are greeted by free tea and coffee.  What a great start to the day.

We then got chaperoned to the opening keynote from Joe Baguley who is the Chief Technologist for VMware EMEA.  This guy rocked, very witty and informative about the future roadmap that VMware has.

After this you can either choose to go to the (did I mention free) seminars or you can go the vendor hall.  I decided to go to a Veeam session ‘5 Ways Smart VM Backups May Surprise You’ did I learn something from this? absolutely.

We then had a thirty minute break to give you time to mingle with vendors or other like minded people, and drink some more (free) tea.

The next session I chose to attend was hosted by Frank Denneman and Duncan Epping which was a ‘Deep Dive Group Discussion’ they did an excellent job of translating business issues faced and some of the ways to overcome them.  I mean how often do you get to ask questions you have to industry experts?

Lunch was a great buffet spread which catered for pretty much everything you need (again for free).

In the afternoon, I attended a session hosted by Darren Woollard which was to design an infrastructure for a fictional company.  This lead to a decent debate of what servers, storage, switches and vSphere configuration should be used.  This was of particular interest for me, as it’s great to validate design ideas with your peers.  A worthy mention to Darren for then answering a number of my questions for what I’m sure seemed like an age to him!

I was keen to attend the session by Julian Wood on ‘vSphere Networking and Converged IO with Blade Servers’ as with 10GbE becoming more and more affordable it’s something that I will  be deploying in the not so distant future.  Julian did an outstanding job and he does know his ‘networking onions’.

The closing keynote was from industry heavy weight (not by size) Scott Lowe, again doing an awesome job of trying to educate us on how to ‘Stay Sharp and Relevant in IT’.

So in summary it was an action packed day, which I was overwhelmed with not only by how organised and professional it was but also by the number of industry leaders who the UK VMUG had arranged to attend.  Awesome job UK VMUG.

Social Media

For the social media folks, some twitter handles and websites

Joe Baguley @JoeBaguley

Duncan Epping @DuncanYB http://yellow-bricks.com/

Frank Denneman @FrankDenneman http://frankdenneman.nl/

Jane Rimmer @Rimmergram http://hiviz-marketing.com

Darren Woollard @dawoo http://blog.vmote.net

Scott Lowe @scott_lowe http://blog.scottlowe.org

Julian Wood @julian_wood http://woodITwork.com

Simon Gallagher @vinf_net http://vinf.net