• A
    Adam Tyler

    So as is the way with IT, persistence and patience over skill gets you there. I finally got this working. I think my biggest problem was that I didn't follow the article exactly. I had actually built the cluster through the GUI initially rather than running the PowerShell commands.. Only other difference I can think of is that I never installed the File Services role like the article suggested.. Anyhow, I went back and blew up the cluster and ran through the article again exactly. One command had changed completely since it was posted...

    Reference article:
    https://www.virtualtothecore.com/en/build-a-microsoft-storage-spaces-direct-cluster-using-vmware-virtual-machines/

    Command difference:
    Article says to run:

    Enable-ClusterS2D -CacheMode Disabled -AutoConfig:0 -SkipEligibilityChecks
    

    Actually had to run:

    Enable-ClusterS2D -AutoConfig:0 -SkipEligibilityChecks
    set-ClusterStorageSpacesDirect -CacheState Disabled
    

    For Reference:
    I am running Server 2016 10.0.14.393 N/A Build 14393

    I'm not sure if that set command actually does the same thing as the above "-CacheMode" switch, but it doesn't seem to be supported any longer on my build.

    So, S2D lab built, only one problem... Well one problem and one question... First, there's this...
    alt text

    I am able to build new volumes manually with commands like this:

    New-Volume -StoragePoolFriendlyName Pool01 -FriendlyName Volume2 -PhysicalDiskRedundancy 1 -FileSystem CSVFS_ReFS -Size 10Gb
    

    I don't really get the redundancy setting above. No idea what 1 vs another number would do. Need to research more.

    Also not sure why the GUI things the pool isn't configured correctly. So this is unsupported Microsoft territory then? Can't use Storage Spaces Direct in this manner at the guest and call Microsoft if there is a problem?

    We use a replication technology for DR purposes that simply doesn't support volumes that aren't in a VMDK file. So I haven't been able to use Windows Clustering yet. Would really be cool not to patch things at midnight. :)

    ~
    Another question. Can you not use an S2D volume as a witness disk?! why!?

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Mr. Gordon, thanks for your quick reply!

    Yes, I did use the ".virtualHDD = 1" option within the VMX as I do not have SSD drives installed into the server. Speaking of the server, this happens to be an HP DL360 G7 server with a p420i RAID controller. It has 4 physical drives that are in a RAID 10 array presented to the ESXi OS as a single VMFS datastore.

    So, not JBOD. I guess I thought this would definitely not work for a bare metal install of Windows Server and S2D, but I thought after watching the show you could do this at the VM level and not care about the underlying storage system? The "option 2" deployment in cloud infrastructure or on premise virtualized environments.

    Ps.. I also did use Thick provisioned eager.

    I notice I am using the VMware paravirtual scsi controller within the VM, I will try and switch that back to the LSI default and see what I get.

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Hello ITPro! So I just sat through the S2D class for 70-740 exam prep and it totally blew me away. I immediately ran to my lab and tried to get this going. I've got like 3 hours wrapped up into it now and am not having any luck. So I have a cluster built with two Datacenter 2016 servers. I added two additional virtual hard drives each 40Gb in size. Attempted to enable S2D for the cluster and I get this error:

    alt text

    In looking at the drives a bit more closely I see this:

    alt text

    I have been following this article and made the necessary changes to the VMX file as well as deployed the drives and thick like suggested. I was interested in testing the 2 node mirror option for VMs. In cloud scenarios...

    https://www.virtualtothecore.com/en/build-a-microsoft-storage-spaces-direct-cluster-using-vmware-virtual-machines/

    What am I missing?

    I am running ESXi 6.5..

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Thanks for your response Mike. I actually deployed a new domain in a lab just to play with this. Currently just using the default domain\Administrator account to play around. Just checked and the PowerShell session I used to run this script is in the "Administrator: Windows PowerShell" Context... Hmm.

    What happened in your environment when you tried to re-create this? At this stage I am just creating the script to deploy this "server" side of Desired State Configuration.. So I don't really need to store the MOF for reference and continual execution correct? That's more for the next phase when the clients are configured to check in with this web service.....?

    In your example you had a pretty clean folder structure that looked like this for your client:
    c:\Configs\TargetNodes\WindowsBackup\

    I believe the MOF and the hash would go here for clients to continually check in. Why the "WindowsBackup" subfolder though? Could you not put all MOFs in the TargetNodes folder directly? Is this folder path called out somewhere within the server configuration? How does IIS know to serve this folder path up for DSC requests?

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Okay, had a chance to test this while I was at the office... So I am using this script:

    C:\Configs\Sample_xDscWebServiceREgistrationWithSecurityBestPractices.ps1

    I made the following changes.

    # ======================================== Arguments ======================================== #
    $certificateThumbPrint = "AD45081CCC1564FA06AA39F760BC3D01888CC381"
    $registrationkey = "74d16e84-5bd4-4c7a-80d2-b438fb29d0c9"
    # ======================================== Arguments ======================================== #
    
    # =================================== Section DSC Client =================================== #
    configuration Sample_xDscWebServiceRegistrationWithSecurityBestPractices
    {
        param 
        (
            [string[]]$NodeName = 'localhost',
    
            [ValidateNotNullOrEmpty()]
            [string] $certificateThumbPrint,
    
            [Parameter(HelpMessage='This should be a string with enough entropy (randomness) to protect the registration of clients to the pull server.  We will use new GUID by default.')]
            [ValidateNotNullOrEmpty()]
            [string] $RegistrationKey # A guid that clients use to initiate conversation with pull server
        )
        
        Import-DSCResource -ModuleName xPSDesiredStateConfiguration
    
        Node $NodeName
        {
            WindowsFeature DSCServiceFeature
            {
                Ensure = "Present"
                Name   = "DSC-Service"            
            }
    
            xDscWebService PSDSCPullServer
            {
                Ensure                  = "Present"
                EndpointName            = "PSDSCPullServer"
                Port                    = 8080
                PhysicalPath            = "$env:SystemDrive\inetpub\wwwroot\PSDSCPullServer"
                CertificateThumbPrint   = $certificateThumbPrint         
                ModulePath              = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
                ConfigurationPath       = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"            
                State                   = "Started"
                DependsOn               = "[WindowsFeature]DSCServiceFeature" 
                RegistrationKeyPath     = "$env:PROGRAMFILES\WindowsPowerShell\DscService"   
                AcceptSelfSignedCertificates = $true
                UseSecurityBestPractices = $true
            }
    
            File RegistrationKeyFile
            {
                Ensure          = 'Present'
                Type            = 'File'
                DestinationPath = "$env:ProgramFiles\WindowsPowerShell\DscService\RegistrationKeys.txt"
                Contents        = $RegistrationKey
            }
        }
    }
    Sample_xDscWebServiceRegistrationWithSecurityBestPractices -RegistrationKey $registrationkey -certificateThumbPrint $certificateThumbPrint
    # =================================== Section Pull Server =================================== #
    
    # =================================== Section DSC Client =================================== #
    [DSCLocalConfigurationManager()]
    configuration Sample_MetaConfigurationToRegisterWithSecurePullServer
    {
        param
        (
            [ValidateNotNullOrEmpty()]
            [string] $NodeName = 'localhost',
    
            [ValidateNotNullOrEmpty()]
            [string] $RegistrationKey, #same as the one used to setup pull server in previous configuration
    
            [ValidateNotNullOrEmpty()]
            [string] $ServerName = 'localhost' #node name of the pull server, same as $NodeName used in previous configuration
        )
    
        Node $NodeName
        {
            Settings
            {
                RefreshMode        = 'Pull'
            }
    
            ConfigurationRepositoryWeb CONTOSO-PullSrv
            {
                ServerURL          = "https://$ServerName`:8080/PSDSCPullServer.svc" # notice it is https
                RegistrationKey    = $RegistrationKey
                ConfigurationNames = @('ClientConfig')
            }   
    
            ReportServerWeb CONTOSO-PullSrv
            {
                ServerURL       = "https://$ServerName`:8080/PSDSCPullServer.svc" # notice it is https
                RegistrationKey = $RegistrationKey
            }
        }
    }
    

    Now, if I run this script from a PowerShell window using zero options/switches, I end up with a new folder path:

    C:\Configs\Sample_xDscWebServiceREgistrationWithSecurityBestPractices\localhost.mof

    So it looks like the script completed without any errors. Here was the output I got when running.

    PS C:\Configs> .\Sample_xDscWebServiceRegistrationWithSecurityBestPractices -outputpath c:\Configs\PullServer
    WARNING: The configuration 'Sample_xDscWebServiceRegistrationWithSecurityBestPractices' is loading one or more built-in resources without
    explicitly importing associated modules. Add Import-DscResource –ModuleName 'PSDesiredStateConfiguration' to your configuration to avoid this
    message.
    
    
        Directory: C:\Configs\Sample_xDscWebServiceRegistrationWithSecurityBestPractices
    
    
    Mode                LastWriteTime         Length Name
    ----                -------------         ------ ----
    -a----       12/22/2017  12:13 PM           5402 localhost.mof
    
    
    PS C:\Configs> .\Sample_xDscWebServiceRegistrationWithSecurityBestPractices -outputpath c:\Configs\PullServer
    

    So that's good stuff. No errors this time around. I'm a little confused as to why it created the folder under configs... Did I not use the "outputpath" switch correctly?

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Mike, thanks for your effort here! I will give this a shot over the weekend and let you know how things go.

    Regards,
    Adam Tyler

    posted in Microsoft read more
  • A
    Adam Tyler

    Hello, I am working through the Pull Server config out of "MCSA 2016 - 70-740 Install, Upgrade and Migrate Part 4" and it looks like I don't have access to this same sample script shown in the class. After installing the "xPSDesiredStateConfiguratoin" module, the folder" C:\Program Files\WindowsPowerShell\Modules\xPSDesiredStateConfiguration\8.0.0.0\Examples" folder has these two scripts:

    Sample_xDscWebServiceRegistration.ps1
    Sample_xDscWebServiceRegistrationWithSecurityBestPractices.ps1

    When I attempt to run the first one I get the following errors:
    Resource 'xDSCWebService' requires that a value of type 'Boolean' be provided for property 'UseSecurityBestPractices'

    When I run the second, I get this error:
    .Cannot validate argument on parameter 'certificateThumbPrint'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.

    Looks like the command or script may have changes some since the original episode was finished.. Any idea where I've gone wrong here?

    posted in Microsoft read more
  • A
    Adam Tyler

    Can anyone explain to me the difference between the VMFS block size of 1 MB and this concept of a file block size?

    It appears that the idea of a Small File Block size of 1 MB and Large File Block size of 512 MB were introduced with vSphere 6.5/VMFS6. Sounds like thin provisioned VMDK's take on SFB and thick take on LFB. But I am gathering this shouldn't be confused with the set block size of VMFS 6 which is just 1 MB. Am I on the right track?

    posted in General Discussion read more
  • A
    Adam Tyler

    Ran across this practice exam question that threw me off.

    |||||||||||||||||||||||||||||
    An administrator sees the following error in the log files:

    "Lost access to volume 496befed-1c79c817-6beb-001ec9b60619 (san-lun-100) due to connectivity issue."

    Which two events could be the source of the error message? (Choose two.)

    A. vCenter Server failure
    B. VXLAN failure
    C. Disk array failure
    D. Network failure
    E. ESXi host failure
    |||||||||||||||||||||||||||||

    My answer originally because my experience is related to iSCSI connections to shared storage was "C" and "D".

    However after reviewing the following article it looks like a potential answer could be "D". "due to a cable pull"? Like a network cable, a fiber channel cable, or an internal SAS cable...?
    https://kb.vmware.com/s/article/1009557

    ||||||
    "and loses connectivity (due to a cable pull, disk array failure, and so on) to the device for a period exceeding 16 seconds, the following error message appears:

    Lost access to volume 496befed-1c79c817-6beb-001ec9b60619 (san-lun-100) due to connectivity issues. Recovery attempt is in progress and outcome will be reported shortly."

    posted in General Discussion read more
  • A
    Adam Tyler

    Sanity check.. Ran across a practice exam question regarding Network I/O Control V3 that looks like this:

    What are two features introduced in Network I/O Control version 3? (Choose two.)
    A. Bandwidth reservation per traffic type
    ---Been doing some research and it looks like "reservations" are new to I/O control version 3. Before with 2, there were only shares and limits.

    B. Network resource pools
    ---User-defined network resource pools existed in version 2.

    C. CoS tagging
    ---CoS tagging was deprecated in Network I/O control version 3.

    D. Bandwidth guarantee to virtual machines
    ---Network I/O Control version 3 new feature is per individual VM shares, reservation, and limit.

    So I am thinking the answer to this question would be A and D. Agree or no? Why or why not?

    Regards,
    Adam Tyler

    posted in General Discussion read more