Quick post, a couple of vendors have Visio Stencils that can be used for VMware designs.
Free stuff is always good, thanks to both vendors for taking the time out to create them.
Problem Description
Windows 2008 R2 vCenter stuck on applying computer settings.
Event logs shows the following errors:
Event 4, Security Kerberos, The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server dc01-ad01$. The target name used was GC/DC01-AD01.gascompany.com/gascompany.com. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (GASCOMPANY.COM) is different from the client domain (GASCOMPANY.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
Event 7038, Service Control Manager, The vpxd service was unable to log on as GASCOMPANYService.vCenter with the currently configured password due to the following error:
The trust relationship between this workstation and the primary domain failed.
Event 7000, Service Control Manager, The VMware VirtualCenter Server service failed to start due to the following error:
The service did not start due to a logon failure.
Resolution
The key is Event 7038, the trust relationship between this workstation and the primary domain failed. To resolve the issue perform the following steps:
Now that we are in the server, it is time to resolve the actual issue, being the trust relationship with the primary domain.
You will be prompted to enter your password. If all details are correct, you will be prompted to say machine account has been reset.
When you login you will now see the prompt to state ‘the trust relationship between this workstation and the primary domain failed’
One of the items that I wanted to gain some clarity on, was the new edition of the vSphere Remote Office Branch Office (ROBO) Editions which have been announced at VMorld 2014. Hopefully this post will go some way towards clarifying what you do and don’t get.
Licensing Types
vSphere ROBO will come in two flavours, Standard and Advanced.
| Item | vSphere ROBO Standard | vSphere ROBO Advanced |
| Licensing | 25 Virtual Machine Pack | 25 Virtual Machine Pack |
| Features | High AvailabilityvMotion
vSphere Data Protection vSphere Replication vSphere EndPoint Fault Tolerance Storage vMotion |
High AvailabilityvMotion
vSphere Data Protection vSphere Replication vSphere EndPoint Fault Tolerance Storage vMotion Distributed Switch Host Profiles Auto Deploy |
Licensing Limitatons
What About vSphere Essentials Editions?
vSphere Essentials and Essentials Plus is going end of life in the next couple of months. I assume that if a customer is in support they will be upgraded to vSphere ROBO standard or Advanced with a ‘free vCenter Standard license’.
When this information is released, I will update this post to reflect the details.
Thoughts
Often clients won’t pay for vSphere Enterprise Plus for ROBO, which means that vSphere Standard is the de-facto choice. This results in higher operational costs as you don’t have access to Host Profiles or Virtual Distributed Switches.
Having the ability to purchase 1 x 25VM pack to cover a number of ESXi Hosts across sites, will be much more cost effective with the list price of vShere Standard being approximately £1,000 versus £2,700 for vSphere Advanced Edition (1 US Dollar = 0.60 Britsh Pounds).
What I think would be even better is if VSAN was included in the package!
Problem Statement
Datastores do not show under Array Managers > Devices and therefore you cannot create Protection Groups.
Replicated datastores have virtual machines within them and replication has completed within the Centralized Management Console
Methodology
Solution
Even though your datastores are showing correctly and are replicating, a lower case character match is required between your vSphere iSCSI and the CMC initiator node name.
In my case the vSphere IQN contained DC01-ESXi01 in capitals, whereas the CMC IQN contained dc01-esxi01.
It’s now two weeks since I received my results from Mark Brunstad’s team that I had failed to pass the VCDX on my first attempt, something which I completely expected as I failed to perform on the day.
Feelings
Feelings, what is Craig going on about, isn’t this meant to be a technical blog? After I had finished the defence, design and troubleshooting scenario, I had a multitude of feelings with one being a sense of relief that it was all over, but the overwhelming one was disappointment in the sense that I felt I had let everyone down who had supported me, my wife and children whom had spent endless hours away from me and also my employer who had sponsored me throughout the process.
Investment
Anyone who has embarked on the journey to VCDX understands that you make a massive investment not only in personal time, but you forsake your life for a number of months.
I was lucky enough to be involved with the EMEA VCDX Study Group, which was originally formed by @GreggRobertson5. We met every night from the day we received confirmation that we had been accepted to defend. The group was formed of:
We then had regular guest appearances from Frank Buechsel @fbuechsel who provided some excellent troubleshooting scenarios for the group to digest.
Each night we went over certain aspects of vSphere such as networking, storage, virtual machine design, troubleshooting, design and presentations. This was excellent as it allowed me to home my skills and I’m sure the other guys would agree that I lead most of the areas explaining how various components worked.
I knew that from a technical perspective I was fairly strong across all areas and their was an expectation within the EMEA Study Group that it was a given that I would pass!
Mentoring
I had an un-official mentor which was Rene Van Den Bedem @vcdx133 whom spent his own personal time to help me throughout the process investing a massive amount of his personal time in helping me tune my skillset.
The same should also be mentioned of Steve Wenab @stevewenban7 who was constantly challenging me and asking the most random of questions!
Even though I failed without the help of these two individuals I would have failed on an approach/technical perspective rather than what I mention in the section below.
What Went Wrong?
From a preparation perspective I had spent five months (February to July) aiming towards the VCDX, I had performed mock defences both with the EMEA VCDX Study Group and with work colleagues and I was in a good place.
So what went wrong then? Have you ever been writing a document and you can’t remember how to spell a word such as ‘went’? That was me on the day, basic things that I can normally knock out of the park without even thinking about it, I just couldn’t do!
If I had of passed, it would have made a mockery of the VCDX process as I knew, that if I had seen me on the day then I wouldn’t have thought this person is VCDX calibre.
What’s Next?
The plan is to go for the VCDX again early next year, I did consider October in Frimley (UK), however with family commitments and with VMware launching numerous new products that I need to get my head around (Horizon 6, vSphere 6, NSX, VSAN) it wouldn’t have been sensible to go for this time frame.
What I take from the whole process is that (without sounding arrogant), I know that I’m at VCDX level, something which I’m sure my EMEA VCDX Study Group members will confirm. I just need to perform on the day, I’m not sure if that’s easier than having to enhance your technical knowledge or not!
Watch this space…
VMFocus 