For the final target "client" for accessing vSphere from the equipment closet (EC2), we are contemplating getting a new machine (to replace tibet77), running WinXP and VMware Workstation with a Linux NAT server as the LAN/Internet forwarder. This machine will sit in EC2.
More later.
Monday, November 29, 2010
More on the AD move
As of now, most of the critical VM's have been migrated to Gig-e and the Active Directory DNS has 75% of the new 10.x addresses, leaving the less critical Xenapp and VMware View VM's yet to be migrated (add new Gig-e nic cards; assign new 10.x addresses).
This will be completed by week's end.
This will be completed by week's end.
Sunday, November 28, 2010
Catch-22
We are using one of the Win XP VMware View VM's (dt-xp002) as the client for the vSphere client, accessing it via RDP. While this is a temporary setup during the config for the equipment closets, it presents a catch-22.
Since this VM resides on westwood and the vCenter Server VM resides on northvale, there is no easy way of shutting down either ESXi server without losing control of vSphere.
Until the move is ready, we will be accessing vSphere via Gig-e from external clients. In the end, the Win XP hardware called tibet-77 will move to the closets and be the client machine.
Since this VM resides on westwood and the vCenter Server VM resides on northvale, there is no easy way of shutting down either ESXi server without losing control of vSphere.
Until the move is ready, we will be accessing vSphere via Gig-e from external clients. In the end, the Win XP hardware called tibet-77 will move to the closets and be the client machine.
Move Active Directory to Gig-e
First, the Domain Controller (trenton) needed a 2nd NIC card and an assignment to the gig-e network. Once in place, DNS was updated manually to reflect the 10.x address (DNS is running on this DC).
Since the move to the equipment closet will mean that all internet traffic from vSphere will need to be forwarded to the new NAT server, the network card gateway was set to point at cape-may. The DNS setting would point at itself.
Once these changes were made, all domain traffic will go over Gig-e. It will cause all other domain members to be confused until their NIC card and DNS configurations were updated.
Tomorrow....
Since the move to the equipment closet will mean that all internet traffic from vSphere will need to be forwarded to the new NAT server, the network card gateway was set to point at cape-may. The DNS setting would point at itself.
Once these changes were made, all domain traffic will go over Gig-e. It will cause all other domain members to be confused until their NIC card and DNS configurations were updated.
Tomorrow....
Moving vSphere hardware - #2
So we were aware that to move the vSphere hardware would require moving all network traffic to the Gig-e network. The biggest issue here is that Windows Active Directory and it's DNS were built on the local LAN.
Also in the plan is to move the ESXi hypervisor networks, as these were built on the LAN as well.
A little planning was needed in order to gracefully move the core VM's to Gig-e. Also, not all domain members were built with dual NIC cards.
Also in the plan is to move the ESXi hypervisor networks, as these were built on the LAN as well.
A little planning was needed in order to gracefully move the core VM's to Gig-e. Also, not all domain members were built with dual NIC cards.
Saturday, November 27, 2010
Proof of Concept NAT Server
To validate the NAT scenario, a Ubuntu server VM was created called cape-may. This is just the CRM standard Ubuntu build, with IP forwarding and IP Tables configured.
One NIC card on cape-may is connected to the internal LAN while a 2nd NIC was placed on the dvs-Production distributed switch (Gig-e). Client devices that need access to the LAN and internet can be placed on dvs-Production with a gateway address of cape-may on gig-e and a DNS setting of the LAN switch.
Some preliminary testing using the Win2k VM win2kmove validated the config quickly. Both ping access and web browser internet is functioning. It is important to add the DNS entry on the client, since that is how internet names are resolved. This will become more complicated once AD is moved (more on this later).
In the equipment closet configuration, the LAN card will probably be a USB wireless network adapter.
The next step is to configure VMware Tools on cape-may to get better throughput by loading the Tools' NIC drivers. This will happen in the next week or so.
The other item that needs testing is the ingress access which is required to get to the vCenter and ESX servers. This might require additional configuration on the NAT server.
One NIC card on cape-may is connected to the internal LAN while a 2nd NIC was placed on the dvs-Production distributed switch (Gig-e). Client devices that need access to the LAN and internet can be placed on dvs-Production with a gateway address of cape-may on gig-e and a DNS setting of the LAN switch.
Some preliminary testing using the Win2k VM win2kmove validated the config quickly. Both ping access and web browser internet is functioning. It is important to add the DNS entry on the client, since that is how internet names are resolved. This will become more complicated once AD is moved (more on this later).
In the equipment closet configuration, the LAN card will probably be a USB wireless network adapter.
The next step is to configure VMware Tools on cape-may to get better throughput by loading the Tools' NIC drivers. This will happen in the next week or so.
The other item that needs testing is the ingress access which is required to get to the vCenter and ESX servers. This might require additional configuration on the NAT server.
Moving vSphere hardware
It has been a plan for sometime to move the vSphere hardware out of the lab and into one of the equipment closets. One of the issues with this plan has been how to get LAN access to the equipment closets, as well as internet access.
Short of running additional cables, a NAT Linux server with a wireless NIC should be able to forward traffic to the lab LAN and on to the internet. Obviously, the production instance will need to be real hardware since VM's don't support things like USB network adapters.
Short of running additional cables, a NAT Linux server with a wireless NIC should be able to forward traffic to the lab LAN and on to the internet. Obviously, the production instance will need to be real hardware since VM's don't support things like USB network adapters.
New Win7 x64 desktop
It has been a while but some progress has been made. The Dell 745 has been installed with Win7 x64 (6 GB memory) and is now the primary workstation. The HP laptop is in it's case (where it belongs), ready for customer site travel.
The dual monitor set up has been transferred to this environment, using the Dynadock.
The faster performance of the 64 bit platform and extra memory is very noticeable.
The dual monitor set up has been transferred to this environment, using the Dynadock.
The faster performance of the 64 bit platform and extra memory is very noticeable.
Subscribe to:
Posts (Atom)