Mumblestiltskin

Tuesday, March 03, 2015

Windows Azure - Setting up a static ip for a windows azure VM

A quick article to note down the steps to assign static IP, I am sure not all my terminology will be correct.

If you are reading this then you are probably aware of the fact that windows azure VMs are given internal IPs via DHCP, and they are dished out in order. The first four addresses are reservered, so for a range of 192.168.1.0/24, IPs

192.168.1.0 (network address),

192.168.1.1,

192.168.1.2,

192.168.1.3

are all taken by Azure.

So the first VM you fire-up will take the next IP 192.168.1.4. All seems good..

It is, however as these are DHCP they have a lease as it can expire. So say you down a couple of machines for maintenance, depending on in what order these machines are restarted you can find the machine will come up with a difference IP address.

Now late in 2014 Microsoft announced that you can actually force an IP to be assigned to a particular VM. It is still given via DHCP but the VM is guaranteed the same IP.

Currently there is no way to achieve this via the GUI/portal and it maust be achieved via powershell.

If you have not used powershell to configure windows azure, you will need to download and install the powershell

http://azure.microsoft.com/en-us/documentation/articles/powershell-install-configure/

OK, now first thing is to configure the computer to talk to Azure this can be down manually or automatically. Below I show how to setup automatically.

Open powershell and type

Get-AzurePublishSettingsFile

A browser window will appear to

https://windows.azure.com/download/publishprofile.aspx

Login and a file download should begin. If you open this file you will see its an XML file containing subscription information.

Now we need to get the powershell session logged into Azure, we do this by calling get-crendential and assigning to a variable.

$cred = get-credential

This command will open a dialog that will allow you to type in your azure username and password.

Now lets import the subscription info.

Change to the path and name of the publish file downloaded earlier, you should see the contents of this file printed on the screen.

Import-AzurePublishSettingsFile .publishsettings

Ok, lets now test the IP we want to assign is available

Test-AzureStaticVNetIP -VNetName -IPAddress

Output should tell its or isn't available. If its not available it probably means the VM is still running, go to the azure and shutdown properly and then retest.

Ok now we get to the pointy end.

Get-AzureVM -ServiceName -Name | Set-AzureStaticVNetIP -IPAddress | Update-AzureVM

Tuesday, February 10, 2015

DELL Switch - Intermittent Cable fault Arghhhh!

Recently I had to track down a very peculiar problem. We were experiencing a number of issues, that seemed to be unrelated. These issues were sporadic, and at times would appear to go away for weeks at a time.

However after looking at a number of things including application code and server config, we determined that the problem was more than likely in the network. A great command for doing this is to use a constant ping but with a large packet size.

PING x.x.x.x -l 5000 -t

If there are issues within the network this should at least show them up if left running for a period of time. In our case it showed that we were having random timeouts.

The network was a very flat design of 6 switch stacks with 4 port LAGS defined between each switch stack. The switches in question were DELL N2000 series switches

So how to look for problems, now the command line syntax for the DELLs is very cisco-esque, not 100% but close enough to at least get you pointing in the right direction.

So the command that I used to review was this

show interfaces counters errors

This gives us an output table like below

Align-Err: Alignment errors
FCS-Err: FCS errors
Xmit-Err: Total transmit errors
Rcv-Err: Total packets received with MAC errors
UnderSize: Fragments/undersize received
OutDiscard: Total transmit packets discarded

Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize OutDiscard
--------- ---------- ---------- ---------- ---------- ---------- ----------
Gi1/0/1 0 0 0 0 0 0
Gi1/0/2 0 0 0 0 0 0

This command was run on all 6 switch stacks, and on one of the switches we show errors on one of the port channels.

Gi1/0/21 0 0 0 0 0 105597
Gi1/0/22 0 0 0 0 0 147720
Gi1/0/23 0 99521583 0 99835323 812 6386
Gi1/0/24 0 2 0 2 0 4006

Port
Channel Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize OutDiscard
--------- ---------- ---------- ---------- ---------- ---------- ----------
Po1 0 99521585 0 99835325 812 19945
Po2 0 0 0 0 0 301690

You can see that only one of the ports in the LAG was having problems. Once found this began to tie together all the problems we were seeing and also explained the intermittent nature of our fault. The switches saw that the ports were up and to it the link looked ok. We run the command a few times, each time showing the errors increasing. Once this was identified we replaced the cable... and the errors stopped.

Port-Channels (LAGS) do not spread traffic across the ports by packets they do it by session, what I mean is that if you copy a file across that port channel it will only go across 1 of the cables (i.e you get a maximum of 1Gbps per transfer). You may have a port-channel with 4Gbps bandwidth, but this actually equates to you can have 4 separate 1Gbps transfers occurring at the same time.

So in our case, the faulty connection was not fully down, it was just corrupting packets. Therefore the unlucky transfer that got put onto this link would be very slow. This was what the large PING was doing, every now and again the ping would be directed ontot he faulty link and it would then timeout.

Now we have found the problem, I can look back at some of the wireshark captures we got that showed a number of duplicate packets on slow running transfers.

I have now reset the counters, and currently we have no errors.... :) Just for reference the command to clear the counters is
clear counters port-channel 1

Tuesday, January 13, 2015

Azure - Copy VM disk from one Azure Storage account to another (across regions)

OK, its been a while... A quick article written at work so forgive bad english etc... as I have not reread/proof read etc... it... :p

Recently had to move a VM from a US Azure region to an Australian Region... Thought this would have been an easy task from within the Azure web portal (be it the current manage.windowsazure.com or the preview portal portal.azure.com), however whilst not complicated its a little more involved than just copying/moving the vhd from one storage account to another.

Below is a quick account of this process, it is summarised as I want to ensure I can quickly refresh myself next time, I include all references I used at the end.

Some background...
When you create a VM you actually are using 2 azure services, virtual networking and storage. Now to improve performance these are hosted in the same region.

Steps
1. Stop the VM
2. Review the disks the VM uses in the azure portal (on the dashboard tab), you will need this info later on.
3. Delete the VM, but retain the disks. - Important!! :)
4. Kick off a server side copy
5. Create disk from copied blob. (after a copy the vhd file is just a blob, azure does not see it as a disk initially) - this part screwed me over, as I did the copy once and thought I had done something wrong as the vhd would not appear in the "my disks" section of the VM image gallery, and I actually deleted the vhds... :( Its all a learning experience!
6. Create VM from newly copied files.

There are 3 ways I found to perform this process

Powershell
azcopy
Azure Explorer (by cerebata) - free at the time of writing this article. There maybe other 3rd party tools that can achieve the same

I am going to skip the powershell, as that was too convoluted for me to repeat for a number of files. I provide reference to an microsoft article that includes powershell scripts, please note that I didnot try this so I don't know if it works. I used the azcopy on this page and it didnot work, so whether the powershell script works I can't say.
http://azure.microsoft.com/blog/2014/10/22/migrate-azure-virtual-machines-between-storage-accounts/

Steps 1,2,3
Ok, I am assuming you have some familiarity with Azure portal, and can stop and review the disks used by a VM. So once you have done this delete the VM but retain the disks (important :) )

Step 4
azcopy
Now as I state above I used the article for a starter, but the version of azcopy i got didnot like the syntax in that article. I include the syntax that worked for me below.
azcopy is a downloadable command line tool, once installed you can add the installation folder to the path environment variable and use azcopy easily from the command prompt.

azcopy /Source:[containerurl] /Dest:[containerurl] /SourceKey:[access key] /DestKey:[access key] /Pattern: [filename]

(/S recursive optional, please see note below)

note: Using wilcards is dependent on the source (if local filesystem then wildcards can be used), if a blob container then pattern mathching is exact, except when using recursive (/S) then the pattern is used as a prefix match. i.e /Pattern abc /S will match abc.txt, abcd.txt, abcFDKF.txt.

The access keys you can get from the primary page of the storage tab in azure portal (Manage Access Keys link at bottom of page).
The container urls can be copied from the containers tab of the individual storage accounts.
The filename, is the name of the disk you looked at earlier.

azcopy will sit active, and give you updates on the progress (in terms of number of files) so in this case if you are just doing one file then you will just get the copy speed updated, until the file is copied.

Azure Explorer
http://www.cerebrata.com/products/azure-explorer/introduction
Download and install the tool.
Run the application, and under the file menu click "Add Connection"
Enter the storage account name and the access key.
Repeat for both the source and destination accounts.

Once added you should be able to use the tool in a similar manner to Windows Explorer. Copying moving files between accounts and also to your local machine

note: If you try to move a file, then you may need to break the lease, to get it to complete the move. I had the move error with a lease error. It actually copied the file, so I assume the last part of the move is to delete the source, with failed due to the lease.

Step 5
The copy of all necessary disks is now complete. We need to make the copied files into disks (otherwise they will not be listed under the "My Disks" section in the VM image gallery.

Go to the Virtual Machine section in Azure portal, and select disks. Now click create (down the bottom of the page). Give the disk s name, then use the browse tool (click on the image of the folder) and browse to the copied vhd. If its the OS disk tick the checkbox to indicate it contains an OS.

Repeat for any other files you want to tell azure storage are disks...

Step 6
Now go through the normal process of creating a Virtual machine, however in the image gallery select "My Disks", any unassociated disks with an OS should be listed and if all has gone well the new disks should be available.

References:
http://azure.microsoft.com/blog/2014/10/22/migrate-azure-virtual-machines-between-storage-accounts/
http://azure.microsoft.com/en-us/documentation/articles/storage-use-azcopy/#install
http://blogs.msdn.com/b/windowsazurestorage/archive/2012/06/12/introducing-asynchronous-cross-account-copy-blob.aspx
http://www.cerebrata.com/products/azure-explorer/introduction

Monday, June 09, 2014

Prevent RAS leasing IPs from DHCP server

We had a Windows 2008 R2 server that was setup as a network policy server, which I believe installed the RAS service. Now the server has been around for a while so I must add that I am not sure if RRAS had been installed in the past and used, and then uninstalled, but RRAS was not installed at this time.

We were having an issue that this RAS server was grabbing blocks of 10 IP addresses from our DHCP server. After looking into this in became apparent that it was probably RRAS that was responsible, however as I say it was not installed. I did not fancy installing the RRAS role (in case it screwed up the current setup).

So…. I went looking for a Registry setting to turn off DHCP leasing for RAS or reduce the number of IPs that it gobbled up. Eventually I cam across this setting, which by default (or absence) is 10. This setting tells RAS how many IP addresses to grab.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\IP
Value Name: InitialAddressPoolSize
Data Type: REG_DWORD

Now this looked promising so I opened this key in the registry, and then stumbled across this beauty. This seemed to be more to my liking… actually turning DHCP leasing off… Surprised smile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\IP
Value Name: InitialAddressPoolSize
Data Type: REG_DWORD
Value: 1

It was set to one, and a quick lookup found something for windows CE, that stated 1=on and 0=off.

So I changed to 0.
deleted the DHCP leases and restarted the RAS service.

Hoorah no more DHCP leases from the RAS server.

I am hoping this is correct, if you want to try it, its at your own risk. But for now it seems to have worked.

References

http://community.spiceworks.com/topic/97183-prevent-ras-entries-in-dhcp

Thursday, August 22, 2013

Windows Servers - Slow network performance

I have had many instances over the last few years of slow netowrk performance on various machines.

Here I list the items I have changed to resolve these.

1. Disable AutoTuningLevel

netsh interface tcp set global autotuninglevel=disabled

To re-enable AutoTuningLevel if it does not work

netsh interface tcp set global autotuninglevel=normal

2. Disabling SMB 2

http://social.technet.microsoft.com/Forums/windowsserver/en-US/7817f338-50ec-4de6-b059-4370588f4e30/browsing-shared-folders-slow-from-xp

3. Disable TCP Offloading (needs restart)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Value = DisableTaskOffload
Type = DWORD
Data = 1

Value = EnableTCPChimney
Type = DWORD
Data = 0

Value = EnableTCPA
Type = DWORD
Data = 0

Value = EnableRSS
Type = DWORD
Data = 0

I have had SMB2 and the TCP Offloading sprt out various network performance issue over the years.

Sunday, July 28, 2013

XenServer Installation–Dell R710

I recently had to install XenServer onto a Dell R710.

This is an unlicensed install, Xen Server is now open source so this valid.

However in a unlicensed install updating the xenserver has to be down via the console.

Note: I had issues installing on to the R710 initially, I kept getting an unrecoverable error message. Stating something about the utility partition being unsupported on partition 2 (I cannot remember the exact message but I could not find anything on the internet about the message). However I fixed the problem by recreating the RAID5 array (PERC H700) and then reinitialising the array. Then I could happily install XenServer.

Once installed, I was able to browse to the XenServer IP I assigned via http, and I download XenCenter.

Once downloaded, I installed XenCenter on my Windows 7 x64 machine.

I then added the XenServer to XenCenter.

I then bonded to of the NICs together in an active-passive format (for redundancy). This took the nic setup I chose during installation, and applied it across the bonded nics. It was very easy to do.

There were 2 hot fixes to apply and this is where it started to depart from easyland.

With the unlicensed version they do not support installation of updates very the XenCenter, which would have been nice, you have to use the command line. I am not familiar with XenServer so this process was a bit alien to me.

1. Download the hotfixes and unzip the files.

2. Connect to XenServer via SFTP (I used FileZilla via SFTP, using root to connect).

3. I then changed to the \tmp folder and created a \tmp\updates folder, and uploaded the hot fixes into that folder. You only need the *.xsupdate files, not the *.tar.bz2 files.

4. Now we have to add to the pool database. In XenCenter goto the console. Change directory to the \tmp\updates folder.

5. xe patch-upload filename=<Path of file and name>

6. Record the UUID that is returned. Repeat step 5 for however many updates have been uploaded.

7. Run xe patch-list, this will list out the updates and you can check.

8. Run xe host-list, this will list out the UUID of the hosts. Not these UUIDs as these will be needed.

9. Now run xe patch-apply uuid=<UUID of the patch> host-uuid=<UUID of the host>

10. Repeat for all updates and then reboot the host server.

11. Once the reboot has completed you should be able to review the updates in XenCenter under the General tab for the host server, under the updates section.

References:

http://support.citrix.com/article/CTX132791

Sunday, May 12, 2013

Remove\Rename a stubbornWindows Folder

Had an issue, where i had a folder I had that was extracted from an archive, I wanted to rename the folder but Windows wouldn't let me.

I was getting errors from windows, saying that the folder no longer existed.

“The file or folder does not exist”

After trying a raft of things, I even moved the parent folder to another location, which windows happily let me do, I still couldn't rename the folder/s

When looking at the folders from the command prompt, it became there were some odd characters in the name that where no showing up in windows explorer, but in the command prompt they were appearing as white space.

In the end I managed to rename the folders using the command prompt and 8.3 filenames

“C:\ParentFolder\OddFolder Which Will Not Rename”

rename C:\ParentFolder\OddFo~1 C:\ParentFolder\Odd1