Changing the default locale for virtual machine templates in Virtual Machine Manager 2012 R2

Microsoft System Center Virtual Machine Manager 2012 R2 or 2012 SP1 does not allow you to set the locale via the user interface (gui). There are currently 2 workarounds for this. One uses powershell to alter the template itself. And one uses a unattended.xml which you add to the template using the user interface (gui).

The powershell method

1. Launch the VMM Console.
2. Click on the Settings option.
3. Click on PowerShell and execute the commands below on the respective Template.

$template = Get-SCVMtemplate | where {$_.Name  -eq "Template_Name"} 
$settings = $template.UnattendSettings;
$settings.add("oobeSystem/Microsoft-Windows-International-Core/UserLocale","cy-GB");
$settings.add("oobeSystem/Microsoft-Windows-International-Core/SystemLocale","cy-GB");
$settings.add("oobeSystem/Microsoft-Windows-International-Core/UILanguage","cy-GB");
$settings.add("oobeSystem/Microsoft-Windows-International-Core/InputLocale","0452:00000452");
Set-SCVMTemplate -VMTemplate $template -UnattendSettings $settings

NOTE: For the steps above, the regional settings (e.g. cy-GB) will vary based on the language being used. 

Look up the values you need from the two following locations

http://technet.microsoft.com/en-us/library/cc766503%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/cc766191%28v=ws.10%29.aspx

The unattended.xml method

Create an unattend.xml with the specific locale settings required. Below is a sample unattand.xml set to en-us but you can replace the en-us entries with the language code of your choice.

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-us</InputLocale>
            <SystemLocale>en-us</SystemLocale>
            <UILanguage>en-us</UILanguage>
            <UILanguageFallback>en-us</UILanguageFallback>
            <UserLocale>en-us</UserLocale>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:c:/install.wim#Windows Server 2012 SERVERDATACENTER" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

References

http://support.microsoft.com/kb/2709539

// CrashMAG

Setting up a 2-node GlusterFS filesystem

This will be a quick howto on how you would set up a 2-node GlusterFS filesystem. You may look up more information at http://www.gluster.org/.

Volume types for GlusterFS

– Distributed. Distributed volumes distributes files throughout the bricks in the volume
– Replicated. Replicated volumes replicates files across bricks in the volume
– Striped. Striped volumes stripes data across bricks in the volume
– Distributed Striped. Distributed striped volumes stripe data across two or more nodes in the cluster
– Distributed Replicated. Distributed replicated volumes distributes files across replicated bricks in the volume
– Distributed Striped Replicated. Distributed striped replicated volumes distributes striped data across replicated bricks in the cluster
– Striped Replicated. Striped replicated volumes stripes data across replicated bricks in the cluster

The high level overview of how the process will be is as follows

  • Installing the required software
  • Disable or add proper firewall rules
  • Adding nodes into the cluster
  • Preparing “bricks” for use on each server
  • Creating and starting the actual GlusterFS volume
  • Mounting the GlusterFS volume
  • Installing the required software

    I will be providing examples for CentOS, Fedora, Debian and Arch Linux. The examples for CentOS will work for RHEL and Scientific Linux as well.
    CentOS
    The following command will install all dependencies.

    # yum install glusterfs

    Fedora
    The following command will install all dependencies.

    # yum install glusterfs-server

    Debian
    The following command will install all dependencies.

    # apt-get install glusterfs-server

    Arch Linux
    The following command will install all dependencies.

    # pacman -S glusterfs

    Disable or add proper firewall rules

    You will need to open the following ports for GlusterFS.

    24007 – GlusterFS Daemon
    24008 – Management
    24009 - Each brick for every volume on your host requires it’s own port. For every new brick, one new port will be used starting at 24009. (For GlusterFS versions earlier than 3.4)
    49152 - Each brick for every volume on your host requires it’s own port. For every new brick, one new port will be used starting at 49152 (GlusterFS 3.4 and later)
    38465:38467 - This is required if you use the GlusterFS NFS service.
    

    CentOS
    Disabling the default firewall

    # chkconfig iptables off
    # service stop iptables

    Fedora

    systemctl disable firewalld
    systemctl stop firewalld

    Debian
    There are no default firewall installed on Debian.
    Arch Linux
    There are no default firewall installed on Arch Linux.

    Adding nodes into the cluster

    This is incredibly easy. You may do the following command from either server. In my example I am on server1. If you don’t have a solid DNS you should add each server to each others hosts file.

    # gluster peer probe server2
    Probe successful

    Preparing “bricks” for use on each server

    Nothing fanzy, you just need to create folders. It’s also important to note that you will need to use a folder, even if you intended to use a single disk.
    Execute the following on both of your servers

    # mkdir -p /data/brick>

    Creating and starting the actual GlusterFS volume

    Creating the GlusterFS volume
    Syntax:

    gluster volume create NEW-VOLNAME [replica COUNT] [transport [tcp | rdma | tcp,rdma]] NEW-BRICK...

    Example:

    # gluster volume create test-volume replica 2 transport tcp server1:/data/brick server2:/data/brick
    Creation of test-volume has been successful
    Please start the volume to access data.
    

    Starting the GlusterFS volume

    # gluster volume start test-volume

    Mounting the GlusterFS volume

    It’s important to note that you will need to mount the GlusterFS to use it. WARNING: Adding files directly to a brick will not be included in a GlusterFS volume.
    Syntax:

    # mount.glusterfs servername:volumename /mnt/mountpoint

    Examples:

    # mount.glusterfs server1:test-volume /mnt/glusterfs/

    OR

    # mount -t glusterfs server1:test-volume /mnt/glusterfs/

    References

    http://www.gluster.org/wp-content/uploads/2012/05/Gluster_File_System-3.3.0-Administration_Guide-en-US.pdf
    http://gluster.org/community/documentation/index.php/QuickStart

    // CrashMAG

    Enable TLS 1.1 and 1.2 in Mozilla Firefox 24.0

    For you Firefox users out there here’s the way to enable TLS 1.1 and 1.2.

    Mozilla Firefox 24.0 defaults to SSL 3.0 for the lowest type of encryption and TLS 1.0 as the highest type of encryption.

    Type in

    about:config

    in the address bar and move past the warning.
    Type in

    security.tls.version.max

    and replace the ‘1’ with ‘3’ to enable TLS 1.2.

    You may also set the lowest allowed encryption menthod by doing as follows.

    Type

    security.tls.version.min

    and replace the ‘0’ with ‘1’ to switch from SSL 3.0 to TLS 1.0.

    You may also look up the reference over at Mozilla by yourself here

    // CrashMAG

    Creating a bootable firmware bios update iso for your Supermicro motherboard

    This is a short guide in how you can create your own bootable DOS iso image so that you may upgrade the bios of your Supermicro motherboard. A short overview of the process is as follows.

      Downloading the freedos OEM CD builder
      Downloading 64-bit binaries for mkisofs.exe (Optional depending on your OS)
      Downloading the BIOS firmware
      Booting the ISO and running the BIOS update

    Downloading the freedos OEM CD builder

      Go to http://www.fdos.org/bootdisks/ and download the FDOEMCD.builder.zip file.
      Extract the content to any location of your choice. I prefer to use the “extract here” option provided by tools such as 7-zip. So from here on, this folder will be referred to as “FDOEMCD”.

    Downloading 64-bit binaries for mkisofs.exe

    It should go without saying that you only need this step if you’re on a 64-bit Operating System.

      Go to http://smithii.com/cdrtools and download the cdtools-latest.zip.
      From this zip file, extract “mkisofs.exe” and “cygwin1.dll” and put them in your “FDOEMCD” folder. Accept the prompt for overwriting the “mkisofs.exe” file already there.

    Downloading the BIOS firmware

      Go to http://www.supermicro.com/support/bios/ and download the BIOS for your particular motherboard.
      Extract the content of this .zip file into “FDOEMCD\CDROOT”.
      The ISO will be read-only so you’ll need to modify “FDOEMCD\CDROOT\AMI_2.bat” file. Remove the 2 following entries:

    – REN AFUDOSU.SMC AFUDOSU.EXE
    – REN AFUDOSU.EXE AFUDOSU.SMC

      Then rename AFUDOSU.smc files to an executable (.exe). I have no idea why they do it this way, but they do. And due to read-only media we’re creating it’s a no go.

    Creating the ISO image

    Simply run “FDOEMCD\makeiso.bat” from command prompt. And you’ll end up with fdoem.iso in this folder.

    Booting the ISO and upgrading the BIOS

    Boot the iso using your preferred choice, most likely being IPMI. Run the following

    ami_2.bat <your bios binary file>

    Wait until it is done and reboot.

    // CrashMAG

    How to identify ECC memory modules

    This is a short article describing how you proceed to identify whether or not you have ECC memory modules in your Linux workstation or server.

    Also as a side note, the importance of ECC memory is great. Even filesystems such as ZFS with check summing will not account for flipped bits due to cosmic rays. According to studies such as http://www.cs.toronto.edu/~bianca/papers/sigmetrics09.pdf , a DIMM has an 8% chance per year of getting a correctable error. Multiply that with the amount of DIMM’s you have in your system (4 or more?), and you suddenly have a very likely chance of seeing data corruption during a year.

    To display what type of memory module you have, we make use of the following DMI type:

    16   Physical Memory Array

    Command

    # dmidecode --type 16

    Output

    # dmidecode 2.11
    SMBIOS 2.7 present.
    
    Handle 0x0007, DMI type 16, 23 bytes
    Physical Memory Array
            Location: System Board Or Motherboard
            Use: System Memory
            Error Correction Type: Single-bit ECC
            Maximum Capacity: 32 GB
            Error Information Handle: 0x0010
            Number Of Devices: 4
    

    Both on Debian/Ubuntu and RedHat based distributions this tool is provided by the dmidecode package.

    // CrashMAG

    How to configure network bonding (LACP) on Debian Wheezy

    This process essentially consist of two steps. I will be detailing steps relevant for the Linux host.

    • Configuring the switch for LACP bonding.
    • Configuring the Linux host for LACP bonding.

    Prerequisites

    • ifenslave
    • Shut down the network after installing ifenslave.
    • Start the network once the configuration changes are in place.

    Steps

    This is a virtual package and will in reality install ifenslave-2.6

    # aptitude install ifenslave

    Stop the network. Make sure you’re not connected via SSH while doing this.

    # /etc/init.d/networking stop

    Debian Kernel Module Configuration

    File: /etc/modprobe.d/bonding.conf

    #/etc/modprobe.d/bonding.conf
    alias bond0 bonding
            options bonding mode=4 miimon=100 lacp_rate=1

    File: /etc/modules

    echo "bonding" >> /etc/modules
    echo "mii" >> /etc/modules

    Debian Network Configuration

    /etc/network/interfaces
    #/etc/network/interfaces 
    auto eth0
        iface eth0 inet manual
        bond-master bond0
    
    auto eth1
         iface eth1 inet manual
         bond-master bond0
    
    auto bond0
         iface bond0 inet static
         address 192.168.0.10
         gateway 192.168.0.1
         netmask 255.255.255.0
         bond-mode 802.3ad
         bond-miimon 100
         bond-downdelay 200
         bond-updelay 200
         bond-lacp-rate 4
         bond-slaves none
         dns-nameservers 192.168.0.1
         dns-search domain.int

    Start up the network.

    # /etc/init.d/networking start

    // CrashMAG

    Linux KVM host to guest connectivity

    If you’re experience a lack of connectivity between your KVM host and your guests please see below. The instructions below will only directly work on Debian and/or Ubuntu. They will also require your guests to use macvlan or macvtap. This will also work if you’re using LXC.

    Add the following to your

    /etc/network/interfaces

    configuration file. You need to adjust the network portion of the example below according to your own setup.

    auto macvlan0
    iface macvlan0 inet dhcp
        # as eth0 and macvlan0 are on the same LAN, we must drop default route and LAN route
        pre-up route del default
        pre-up route del -net 192.168.0.0 netmask 255.255.255.0
        pre-up ip link add link eth0 name macvlan0 type macvlan mode bridge
    

    Now, either reboot or run

    ifup macvlan0

    as root.

    // CrashMAG

    Disable the filesystem check (fsck) at boot time

    There’s several ways of accomplishing this. I will list all the methods beneath, just pick the one that fits the situation/you.

    • Filesystem tunable
    • Grub boot parameter
    • Placing command files on your root device
    • Active reboot without FSCK

    Filesystem tunable

    Use the tune2fs command to tell your filesystem to have a max count of mounts before a check to 0 to disable it.

    # tune2fs -c 0 /dev/sda1

    Parameter reference:

    -c max-mount-counts
     Adjust the number of mounts after which the filesystem will be  checked  by  e2fsck(8).   If max-mount-counts  is  0  or -1, the number of times the filesystem is mounted will be disregarded by e2fsck(8) and the kernel.
    

    Grub boot parameter

    Add the following at the end of your grub boot linux line.

    fastboot

    This can be done by editing “grub.conf” or by editing the boot command via the grub menu at boot.

    Placing command files on your root device

    To disable the filesystem check on boot.

    # touch /fastboot

    To enable a filesystem check on boot.

    # touch /forcefsck

    Active reboot without FSCK

    # shutdown -rf

    Parameter reference:

    -r     Reboot after shutdown.
    -f     Skip fsck on reboot.
    

    // CrashMAG

    Fix host network issues with VMWare Workstation or Virtual Box using bridged networking

    If you’ve ever experienced temporary loss of connectivity or other weird issues when you run virtual machines in VMWare Workstation and/or Virtual Box then you’re in for a treat. The issue is to my knowledge specific to Intel network cards. I’m not sure how relevant it is but I was running Windows 7 SP1 64-bit with the most recent drivers at the time when I started noticing the issue.

    This is about two modes that you can set via the registry for your network card to fix the issue. What you need to use depends on your network card.

    Allow tagged frames to be passed to your packet capture software by going into the registry and either add a registry dword and value or change the value of the registry key. The registry change required is determined by the driver in use

    Registry Key          Adapter Driver
    MonitorModeEnabled    e1g, e1e, e1y
    MonitorMode           e1q, e1k, e1c, e1d, ixe, ixn, ixt
    

    To solve my issue with my Intel PRO/1000 PT Dual Port Server card I added the DWORD key “MonitorMode” to the following registry path

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0007

    with a value of “2” to fix my issue. Note: Due to my dual port adapter I had two entries for my 1 physical network card.

    Anyways, head on over to the Intel support article for a detailed description on how to correct this issue for yourself.

    Good luck!

    // CrashMAG

    Testing SMTP, POP3 and IMAP protocol access

    This article assumes you have access to telnet and openssl. The example tests have been run against a Microsoft Exchange 2010 server. The IP and hostname have been obfuscated. The commands needed to perform these protocol access tests will be the same on both Linux and Windows.

    Testing SMTP

    Test using plain text

    Execute the following command to initiate a plain text connection over port 25.

    telnet smtp.server.com 25

    Example output

    The following is the typical output you’ll see as a response from a SMTP server. In this case being Microsoft Exchange 2010.

    Trying 74.161.5.111...
    Connected to smtp.server.com.
    Escape character is '^]'.
    220 smtp.server.com Microsoft ESMTP MAIL Service ready at Thu, 3 May 2012 13:06:21 +0200
    

    Test using an encrypted connection

    Execute the following command to initiate an encrypted connection over port 25.

    openssl s_client -starttls smtp -crlf -connect smtp.server.com:25

    Parameters

    Beneath you’ll see the documentation for the parameters used in the above example.

    -starttls protocol
    send the protocol-specific message(s) to switch to TLS for communication.  protocol is a keyword for the intended protocol.  Currently, the only supported keywords are "smtp", "pop3", "imap", and "ftp".
    
    -crlf
    this option translated a line feed from the terminal into CR+LF as required by some servers.
    

    Example output

    There’s little to see here mainly because I had to exclude the certificate verification information to anonymize the test server.

    <certificate verification output>
    250 CHUNKING
    

    Tip: You may run the usual SMTP commands directly from the command prompt after you initiated the encrypted connection.

    Testing IMAP

    Test using plain text

    Execute the following command to initiate a plain text connection over the standard IMAP port 143.

    telnet imap.server.com 143

    Example output

    The following is the typical output you’ll see as a response from an IMAP server. In this case being Microsoft Exchange 2010.

    Trying 74.161.5.111...
    Connected to imap.server.com.
    Escape character is '^]'.
    * OK The Microsoft Exchange IMAP4 service is ready.
    

    Test using an encrypted connection

    openssl s_client -connect imap.server.com:993

    Example output

    <certificate verification output>
    * OK The Microsoft Exchange IMAP4 service is ready.
    

    Testing POP3

    Test using plain text

    telnet pop.server.com 110

    Example output

    The following is the typical output you’ll see as a response from a POP server. In this case being Microsoft Exchange 2010.

    Trying 74.161.5.111...
    Connected to pop.server.com.
    Escape character is '^]'.
    +OK The Microsoft Exchange POP3 service is ready.
    

    Test using an encrypted connection

    openssl s_client -connect pop.server.com:995

    Example output

    <certificate verification output>
    +OK The Microsoft Exchange POP3 service is ready.
    

    References

    SMTP – Simple Mail Transfer Protocol
    IMAP – INTERNET MESSAGE ACCESS PROTOCOL
    POP 3 – Post Office Protocol – Version 3
    The OpenSSL Project

    // CrashMAG

    Linux | Open Source | Databases | Web