Wednesday, February 29, 2012

Citrix, constancy is nice in a GUI

 

It is a small thing but a little consistency would be nice… I have one example below, just one, I am being nice.

image

Tuesday, February 21, 2012

MFCOM Error in the Citrix XA 6.5 discovery process (W2K8R2)

 

Error MFCOM Service error when running doing the initial Citrix discovery (w28kr2/XA6.5)

“Errors occurred when using <server name> in the discovery process.

image

An unexpected error occurred. Check that the server name is correct, that the server is on, that Citrix Presentation Server is installed on this server, and that the Citrix MFCOM Service is running.”

There are multiple possible causes for this issue. The most common are as follows:

First, did you run the first time configuration?

See below, it will show this error as the IMA service does not start because it is not configured… Run the XenApp Role Manager and follow the bouncing ball.

image

Still a problem?

Enable / install the network com+ service

image

Add the user to the BUILT-IN\Distributed COM

Users group on the server you are connecting to. The recommendation is to do this using groups.

image

Another option to check.

set the DCOM Default Impersonation

On the server, set the DCOM Default Impersonation Level to Impersonate by following these steps:
a. Go to Administrative Tools, Component Services, Computers, Right-click My Computer and select Properties.
b. Select the Default Properties tab.
c. From the Default Impersonation Level drop-down list, select Impersonate and click OK.

image

Reboot and try again.

 

http://support.citrix.com/article/CTX112853

http://support.citrix.com/article/CTX126977

http://support.citrix.com/article/CTX119519

Monday, February 20, 2012

Do you need VMware ESX? (vSphere)

Update:1 – corrected some numbers. Thanks @jasonboche

Let me just say I love VMware, particularly ESX and have worked with it from before GSX was in shorts, back in the workstation days, when only para-virtualisation existed. I have rolled out ESX 2/3/4 farms (no 5 yet)… I have never had a purple screen of death, I have never had to rollback a workload to hardware, I have VMed Exchange 2k/2k3/2k7, DCs 2k-2k8r2, file & print, SQL servers, Citrix servers they all run great on ESX/ESXi.

But do you need it? Or are you after a solution has all the features, are you after the Rolls Royce? What are you really trying to do? Are you exotic or somehow special?

You want ESXi that's fine, go ahead I don't get paid either way, but then nor does anyone so please do.

Lets just think about what server virtualisation does (as of todays date):

Feature

ESX/ESXi Hyper-V XENserver

Bare-metal architecture

Yes No, but core Yes
VMotion like Yes Yes Yes

Small footprint

Yes No, but core Yes-ish
Cluster (pool) 32 nodes 16 nodes 16 nodes

CPU virtualisation

Yes Yes Yes
RAM Support Host 2TB 1TB 1TB
RAM support VM 1TB 64GB 128GB
RAM overcommit Yes Yes Yes

NIC teaming

Yes No*/vendors Yes

VM RAM Page sharing

Yes No No

Ballooning

Yes Yes Yes

Capacity prioritisation

Yes Yes-ish Yes-ish

Traffic Shaping

Yes No No

Virtual NIC

Yes Yes Yes

Virtual switches

Yes Yes Yes

VLAN tagging

Yes Yes Yes

Dynamic volume resizing

Yes Yes Yes

Raw device mapping

Yes Yes Yes

LUN management

Yes Yes-via vendors Yes-add on
Guest Windows Yes Yes Yes
Guest Linux Yes Yes-limited Yes-good
Guest Other Great OK Good

Paravirtualisation

None (good!) Yes, LAN/Disk yes-ish

Distributed Power Mgnt

Yes Some Some

Wake-on LAN

Yes No No

There are hundreds more features such as “Boot from SAN” which are specific or particular so I have not listed them above, if YOU need them they are critical but lets just focus back on the 99%

So to look at this list above there are some clear areas where ESXi wins out, specifically on the very large scale, telco scale, intensive power saving, dare I say cloud providers… But if you are one of the people who just need a bunch of VMs per server for general workloads any of the three products above is going to work fine. Scale up the CPU, RAM, Network cards and you can go to higher density?

The limits are disappearing.

So now lets look back at yourself, do you really need ESX? Maybe you could save some money… Look around.

Just before signing off, read this: http://www.thincomputing.net/2011/03/07/how-many-users-can-i-host-per-server-with-remotefx-for-hyper-v-and-what-is-the-cost-per-user/

This document is the source for the core of this post:
“vmware-vsphere-features-comparison-ch-en.pdf”
Intel: “xeon_7500_Virtualization_solbrief.pdf”

* Microsoft say dont use teaming, but vendors support it. Buyer beware… Microsoft Support Policy for NIC Teaming with Hyper-V - http://support.microsoft.com/kb/968703

Friday, February 17, 2012

Folder redirection on Windows 7

Without an intervention from you, users settings and user files are stored in the local user profile, under the Users folder on the local drive. “C:\USERS\etc”. I think we all know we cant trust users to backup so lets look at it.

There are two technologies to ‘fix’ this situation, Roaming Profiles and Folder Redirection.

Folder Redirection lets you redirect the path of a folder to a new location. The location can be another folder on the local computer like a D: or a directory on a file server. to the users it is as if the documents were based on a local drive. The documents in the folder are available to the user from any computer on the network and offline via offline folders.

Advantages of Folder Redirection

If users log on to different computers on the network, their data is available.

Offline Files (which is turned on by default) gives users access to the folder even when they are not connected to the network. This is for people who use laptops.

When it is stored in a network it can be backed up…. Nice idea huh?

When using Roaming User Profiles, you can use Folder Redirection to reduce the total size of your Roaming Profile and make the user logon and logoff more quicker for the user.

You can use GPO to set disk quotas, limiting how much space is taken up by user profile folders.

You to select the location of the redirected folder on a network or in the local user profile:

  1. Redirect everyone's folder to the same location. This setting enables you to redirect everyone's folder to the same location and is applied to all users included in the GPO
  2. Create a folder for each user under the root path. This option creates a folder in the form \\server\share\User Account Name\Folder Name. Each user has a unique path for their redirected folder.

image

Folder Redirection in Windows 7 improves first-time Folder Redirection performance because the the computer redirected folder data in the background, not just at logon. However the first time a user logs on, Offline Files moves all files and folders from the server to the local cache. The user is blocked from logging on to the computer during this task. Then, Offline Files synchronises from the local cache with the redirected user folder on the server. . So turn this on at the initial deployment, not later and be careful of WAN links.

image

Offline Files synchronises new and changed files and folders from the local computer to the server when the network becomes available or in the background when the connection is slow.

Windows 7 new slow link detection

Slow link detection works via Network Location Awareness (NLA). This networking layer service allows applications, like GPOs, to request networking information from the network adapters in a computer, rather than implementing their own. NLA  monitors the existing traffic of a specific network interface. This provided two important benefits:

  1. it does not require any additional network traffic to accomplish its bandwidth estimate no network overhead, and
  2. it does not use ICMP.

Windows 7 slow-link mode, Offline Files

A shared folder automatically transitions to the slow-link mode if the round-trip latency of the network is greater than 80 milliseconds, or as configured by this policy.

After transitioning a folder to the slow-link mode, Offline Files synchronises the user's files in the background at regular intervals, or as configured by the 'Configure Background Sync' policy. While in slow-link mode, Windows periodically (every 2 Minutes) checks the connection to the folder and brings the folder back online if network speeds improve.

Wrap-up

It is not always plane sailing occasionally the laptop users loss where it was, don't let it sync or don't know where files are, but this is outwaited by the value of having their information backed up.

From the Start menu, type sync and it will bring up the sync centre to allow you to see what is going on.

image

 

This information is generally from here:
http://technet.microsoft.com/en-us/library/cc732275.aspx
http://blogs.technet.com/b/netro/archive/2010/09/15/slow-link-detection-for-offline-files-in-windows-vista-sp2-amp-windows-7.aspx
http://blogs.technet.com/b/askds/archive/2009/10/23/group-policy-slow-link-detection-using-windows-vista-and-later.aspx

VirtualBox Network command lines

 

If you run a bunch on VMs in VirtualBox and use NAT to keep consistent addresses changing the active network card (from wireless to wired etc) on the computer is a pain as you need to go into the VM and click disconnect network, ok, connect network ok.

Well that is way to may steps for my liking. Here is the command line to pop and icon in the desktop or run as a task/script.

vboxmanage controlvm "WORK SOE" setlinkstate1 off
vboxmanage controlvm "WORK SOE" setlinkstate1 on

If you want to change the network adaptor connection (ie, not connected or to the NAT), this is how.

vboxmanage controlvm "w2k8r2dc1" nic1 null
vboxmanage controlvm "w2k8r2dc1" nic1 nat

You can also start and sleep them on the command line.

vboxmanage controlvm "nameOmachine" savestate
vboxmanage startvm "nameOmachine"

And just to suspend the laptop from the command:
sudo pm-suspend


image

Friday, February 10, 2012

VMware clusters and multiple SANs

 

Most large organisations have two SANS and many larger organisation still have two or more data centres.

Lets just start with this is not a cloud, it is a data centre or separate SAN, OK that is off my chest. Bloody private cloud, this and that, don't get me started, “Why I oughta…”

You can utilise this architecture with VMware ESX/vSphere as active-active or active-passive, but I don't see value in active-passive so lets not speak of it again, it is not cheap, not effective and not quick. So back to Active-Active.

To build a single ESX cluster over 2 SANs (or 2 data centres) is basically the same, but as you reach out of the single data centre you need some extra configurations such as:

  • An IP network with a minimum bandwidth of 622 Mbps is required.
  • The maximum latency between the two VMware servers cannot exceed 5 milliseconds (ms).
  • The source and destination ESX servers must have a private VMotion network on the same IP subnet and broadcast domain.
  • The IP subnet on which the virtual machine resides must be accessible from both the source and destination ESX servers.
  • The data storage location including the boot device used by the virtual machine must be active and accessible by both the source and destination VMware ESX servers at all times.
  • Access from vCenter to all ESX servers is needed.
  • The two SANs to be supported it must have synchronous data replication (sometimes and expensive add on).

The value of this is protection from a SAN failure and all hardware used. If this is across data centres then you also have DR knocked on the head (your mileage may vary).

There are some issues such as a power outage in DC1 will cause all the VMs to restart in DC2 via HA so it is not true protection from massive outages. Secondly if you use vMotion to move the servers to the other nodes in DC2 the SAN writes are now subject to the latency of this link, so there can be a performance penalty. Additionally DRS may need to be manually updated to be aware of this configuration.

This is how it would look (minus some SAN switches etc.)

ESX clusters

Here are the VMware prerequisites:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2007545

Here is Cisco discussing this:

http://blogs.vmware.com/networking/2009/06/vmotion-between-data-centersa-vmware-and-cisco-proof-of-concept.html

Here is a good blog on this:

http://www.van-lieshout.com/2009/11/geographically-dispersed-cluster-design/

Thursday, February 02, 2012

Stooging on XenApp 4? Upgrade now.

 

To clarify the distinction between upgrade and migrate:

  • Upgrade: Installing a newer version over an existing version
  • Migration: A clean, new installation of that program or service.


XenApp 4/4.5 –> XenApp 5

  1. Upgrade Pres Server 4.0 for Windows Server 2003 to XenApp 5 for Windows Server 2003. In this case, to maintain the existing data store and server farm configuration. Each server must be upgraded, and Hotfix Rollup Pack 3 should be installed. In addition, the relevant components will also be upgraded. Lastly, .NET 2.0 SP1 or higher and Java Runtime Environment 1.6 Update 5 or higher are required.
  2. Upgrade Pres Server 4.5 No FP1 or FP1 farm to XenApp 5 for Windows 2003. In this case, to maintain the existing data store and server farm configuration. This type of deployment is based on upgrading the relevant components only. If FP1 is not installed, please note that .NET 2.0 SP1 or higher and Java Runtime
    Environment 1.6 Update 5 or higher are required. In addition, Hotfix Rollup Pack
    3 should be installed.
  3. Upgrade all servers in the existing Pres Server 4.5 FP1 farm to XenApp 5 for W2K3 and add several XenApp 5 for W2K8 servers to the farm until it can be
    transitioned to XenApp 5 for W2K8 entirely. This case is similar to the previous one, except that some XenApp 5 for W2K8 servers are added to the farm. In this case, maintain a mixed farm based on the existing data store and server farm configuration.
  4. Migrate to a new XenApp 5 for W2K8 farm. In this case, the farm migration is based on a completely new installation of XenApp that initiates a new data store and server farm.


XenApp 5 –> XenApp 6

To transition to XenApp 6, administrators must migrate to a new farm and have the following options:

  1. Create a new XenApp 6 farm and configure all settings manually
  2. Create a new XenApp 6 farm and migrate settings from an existing XenApp 5 or Presentation Server 4.5 farm

Transferring settings from the legacy farm is best performed by installing the XenApp 6 Migration Tool on a XenApp 6 server and directly importing the settings by pointing at a server in the legacy farm. It is possible to import all settings or be selective. If the existing farm is based on server or application folders, these settings can be exported and designated so that they will be identified as Worker Groups within the new farm. Additional command-line entries are available to include, exclude, or modify specific settings. The administrator must have full administrative
rights in the target XenApp 6 farm and a minimum of view-only rights in the source legacy farm.

Prior to initiating the migration of settings, Worker Groups should be designated so that server and application silos can be assigned appropriately. This provides administrators with additional flexibility and enables a significant number of new servers to be added to the new XenApp 6 farm at once using a tool such as Citrix Provisioning services.

XenApp 6 –> XenApp 6.5

XenApp 6.5 implementations must be based on clean Windows Server 2008 R2 operating system installations as Citrix does not support operating system upgrades. Thus, there is no upgrade path to XenApp 6.5 from XenApp 5 or earlier products. In addition, a XenApp 6.5 farm can only encompass XenApp 6.5 servers - mixed farms are not supported.

Want ‘proper’ Java on Ubuntu 11.10?

 

I am of course an open source fan, but when it doesn't work, it is time for some proprietary solution. IE, Webex did not work with Icedtea Java Plugin and OpenJDK. Error "applet not initialized” at the bottom of the browser window.

So either apt-get remove or ubuntu software centre, remove OpenJDK and IcedTea java components.

then copy and paste the following:

cd 
wget https://raw.github.com/flexiondotorg/oab-java6/master/oab-java6.sh -O oab-java6.sh
chmod +x oab-java6.sh
sudo ./oab-java6.sh
sudo apt-get upgrade

Open the browser and go to:

http://java.com/en/download/installed.jsp

It was ask for a plug in, select the IcedTea java plug and you should be sweet.

Furth (dated) details here:

https://github.com/flexiondotorg/oab-java6

Blog Archive