めもぶろぐ

お勉強したこと、趣味なんかを適当に書いてます。。。

レプリカVMをStorage vMotion で移動したい - how to S-vMotion replica virtual machine for Horizon

I don't know Horizon well. So I can't S-vMotion replica VM for recreate VMFS datastore from VMFS5 to VMFS6.

This is memo how to Storage vMotion for replica machine.

unprotect replica machine for S-vMotion

SviConfig.exe -operation=unprotectentity -dsnname=ViewComposer -dbusername=vcmpuser -dbpassword="Vmware1!" -vcurl=https://vc01w.corp.local/sdk -vcusername=administrator@vsphere.local -vcpassword="Vmware1!" -InventoryPath="/west/vm/VMwareViewComposerReplicaFolder" -Recursive=true

#/Datacenter/vm/Folder

then vmotion / S-vMotion if you succeded to unprotect VM.
finishing move it, re-protect replica machine

protect replica machine

SviConfig.exe -operation=protectentity -dsnname=ViewComposer -dbusername=vcmpuser -dbpassword="Vmware1!" -vcurl=https://vc01w.corp.local/sdk -vcusername=administrator@vsphere.local -vcpassword="Vmware1!" -InventoryPath="/west/vm/VMwareViewComposerReplicaFolder" -Recursive=true

CentOS7のセットアップメモ | SNMP, syslog, bash, epel

あまり参考にしてほしくないですが、めも

やってること

  • Epelレポジトリを使えるようにする
  • SNMPのパッケージ入れて、SNMPDとSNMPTRAPDを動かしてSNMPサーバ化
  • locate使えるようにする
  • 負荷ツールのstressコマンド入れる
  • syslogサーバ化する※ただしのsyslogサービスはちゃんと設定してあげないとログが欠けます。journaldの設定とかもしてね。面倒くさいので基本設定だけ。なぜならばvRLIに集約しているため基本的には使用しない
  • セキュリティ設定をゆるゆるにする ※職場ではつかわないでね。完全に安全な環境か検証環境ならともかく
  • 不要なサービス停止 ※僕にとって不要なものです。今回の初期インストール時に選別したもの
  • vimerなのでCLI操作をvi化
  • 全パッケージ、なんならカーネルまで最新化
  • リブート
#!/bin/bash

###############################################################################
# install packages
###############################################################################
yum -y install epel-release vim-enhanced net-snmp net-snmp-utils ntp perl mlocate net-tools
yum -y install stress



###############################################################################
# setup lazy security configuration
###############################################################################
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
systemctl stop firewalld;  systemctl disable firewalld
#systemctl stop chronyd; systemctl disable chronyd
#systemctl stop ntpd; systemctl enable ntpd

#mount /dev/sr0 /mnt
#tar xvzf /mnt//VMwareTools-*.tar.gz -C /tmp
#/tmp/vmware-tools-distrib/vmware-install.pl
#umount /mnt
#reboot
#vim /etc/ntp.conf
#vim /etc/rsyslog.conf


###############################################################################
# disable services
###############################################################################
systemctl disable abrtd.service
systemctl disable atd.service
systemctl disable auditd.service
systemctl disable microcode.service
systemctl disable postfix.service
systemctl disable smartd.service
systemctl disable tuned.service

###############################################################################
# setup snmp server: snmpd/snmptrapd
###############################################################################
# configuration
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org
cat <<'EOF' >> /etc/snmp/snmpd.conf
# Map 'idv90we3rnov90wer' community to the 'ConfigUser'
# Map '209ijvfwer0df92jd' community to the 'AllUser'
#       sec.name        source          community
com2sec ConfigUser      default         idv90we3rnov90wer
com2sec AllUser         default         209ijvfwer0df92jd
com2sec AllUser         default         public
# Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
# Map 'AllUser' to 'AllGroup' for SNMP Version 2c
#                       sec.model       sec.name
group   ConfigGroup     v2c             ConfigUser
group   AllGroup        v2c             AllUser
# Define 'SystemView', which includes everything under .1.3.6.1.2.1.1 (or .1.3.6.1.2.1.25.1)
# Define 'AllView', which includes everything under .1
#                       incl/excl       subtree
view    SystemView      included        .1.3.6.1.2.1.1
view    SystemView      included        .1.3.6.1.2.1.25.1.1
view    AllView         included        .1
# Give 'ConfigGroup' read access to objects in the view 'SystemView'
# Give 'AllGroup' read access to objects in the view 'AllView'
#                       context model   level   prefix  read            write   notify
access  ConfigGroup     ""      any     noauth  exact   SystemView      none    none
access  AllGroup        ""      any     noauth  exact   AllView         none    none
EOF


cat <<'EOF' >> /etc/sysconfig/snmptrapd
#OPTIONS="-Ls6 -p /var/run/snmptrapd.pid"
OPTIONS="-Ls6d -p /var/run/snmptrapd.pid -M /usr/share/snmp/mibs:/usr/share/snmp/mibs/vmw -m all"
EOF

cat <<'EOF' >> /etc/snmp/snmptrapd.conf
disableAuthorization yes
EOF

systemctl enable snmptrapd.service
systemctl start snmptrapd.servic


# enable service
systemctl restart snmpd; systemctl enable snmpd
systemctl restart snmptrapd; systemctl enable snmptrapd


###############################################################################
# update mlocate 
###############################################################################
updatedb


###############################################################################
# setup bash environment
###############################################################################
echo 'set -o vi' >> /etc/bashrc

cat <<'EOF' >> /etc/inputrc
$if mode=vi
"jj": vi-movement-mode
set completion-ignore-case on
$endif
EOF


cat <<'EOF' >> /etc/vimrc
set nu
set ic
set smartindent
set autoindent
colorscheme murphy
EOF



cp -a /etc/rsyslog.conf /etc/rsyslog.conf.org
cat <<'EOF' > /etc/rsyslog.conf
# rsyslog configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
#$ModLoad imklog # reads kernel messages (the same are read from journald)
#$ModLoad immark  # provides --MARK-- message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514


#### GLOBAL DIRECTIVES ####

# Where to place auxiliary files
$WorkDirectory /var/lib/rsyslog

# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# File syncing capability is disabled by default. This feature is usually not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on

# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf

# Turn off message reception via local log socket;
# local messages are retrieved through imjournal now.
$OmitLocalLogging on

# File to store the position in the journal
$IMJournalStateFile imjournal.state


#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;local6.none    /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 :omusrmsg:*

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

# Save snmptrap messages
local6.*						/var/log/snmptrapd.log


# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g   # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList   # run asynchronously
#$ActionResumeRetryCount -1    # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
EOF



###############################################################################
# update quite packages
###############################################################################
yum -y update


###############################################################################
# reflect configuration
###############################################################################
reboot

vCenterにアクセスしようとしたら503がでた!

こんなんでました

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00007f66d4001e40] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)

5480ポートからアプライアンスの設定画面には入れたので、なんとなく起動してそうです。

ココを参照してみました。
https://kb.vmware.com/s/article/2121043

下記を実行してサービスの起動状態を確認します。

service-control --status --all


するとvmware-vpxdが停止状態でした。
下記を実行して、サービスを起動します。

service-control --start vmware-vpxd

StartPending:
applmgmt
Running:
lwsmd pschealth vmafdd vmcad vmdird vmdnsd vmonapi vmware-cis-license vmware-cm vmware-eam vmware-rhttpproxy vmware-sca vmware-statsmonitor vmware-sts-idmd vmware-stsd vmware-vmon vmware-vpostgres vmware-vpxd-svcs vsphere-client vsphere-ui
Stopped:
vmcam vmware-content-library vmware-imagebuilder vmware-mbcs vmware-netdumper vmware-perfcharts vmware-psc-client vmware-rbd-watchdog vmware-sps vmware-updatemgr vmware-vapi-endpoint vmware-vpxd vmware-vcha vmware-vsan-health vmware-vsm


vSphere Clientが無事起動しました。
service-control --status --allをこれからは実行してみて状態確認してみると良さそうですね。

つまりは十分なリソースで再起動しろってことです。

おわり