Thursday, February 28, 2013

Convert from XenServer 5.6SP2 to VMWare ESXi 5.1

Recently we converted our main environment from XenServer 5.6 SP2 (Lefthand Networks SAN/iQ) to VMWare ESXi 5.1 (Nimble Storage CS240).

First off, we looked very hard at XenServer 6, Hyper 2012, and ESX.  After getting hands on for each solution VMWare imo was hands down easier to use and gave better results.

Next, Nimble Storage is awesome!  If your looking at storage give them a good look.



The conversion is pretty easy really, but if you get the steps wrong you can end up with BSOD and other ickyness.  This worked for me, your experience may be different.  I took snapshots at the Lefthand level and XenServer level before touching anything.  Results may vary.

There may be an easier way, doesn't really matter to me. This worked consistantly for me so I'm stickin to it.

It's best practice to rebuild rather than convert.  I only converted machines that couldn't be rebuilt, where being replaced soon (but not ready to replace just yet), or when I was short on time and had to move it immediately. 

Server 2008 / 2008 R2
  1. Download and install VMWare Converter 4.3, yes, the older version
  2. Disable any services necessary (ie, IIS, etc)
  3. Ensure your logged in through the default view, not RDP.
  4. Uninstall XenTools and reboot
  5. Go into Device Manager
  6. You'll see that the SCSI Controller doesn't have a driver.
    1. VMWare converter won't see the disks because of this
  7. Right click the SCSI Controller
  8. Update Driver Software
  9. Browse my computer for driver software
  10. Let me pick from a list of device drivers on my computer
  11. (Standard IDE ATA/ATAPI contoller)
    1. IDE Channel
    2. If you get the wrong one you'll likely see a BSOD upon reboot
  12. Reboot
  13. Open VM Converter
  14. Convert Machine
  15. Select "This local Machine"
  16. Note that "View source details..." lights up. Click it
  17. Ensure that a Source disk is listed (if you didn't change the controller driver then none will be listed and it will error when you attempt to convert)
  18. Type in the info for one of your VMWare hosts
  19. Select your datastore target
  20. Change RAM, CPU, etc as fit
  21. Finish and wait
  22. Once it's completed shutdown the VM in XenServer
  23. In the VMWare console edit the VM.
  24. Delete the CDROM and Hard Disk
  25. Add a new Hard Disk as the SCSI 0:0 and point to the VMDK
  26. Add new CDROM with basic settings
  27. Start the machine and install tools
  28. Note that the VM Version is listed as 4
    1. Shutdown the VM
    2. Right click the VM and choose the option for "Upgrade Virtual Hardware"
    3. It should now show as a vmx-09
  29. Change the nic to vmxnet3 if desired
  30. Boot and change IP address if needed
  31. Uninstall VMWare converter

Since typing the Windows 2008 section, I tried something new that worked amazingly well with little downtime.  I did this with Windows 2008 RTM x32 and Windows 2008 R2 successfully.
  1. Download and install VMWare Converter 4.3.  New version may work better.
  2. Open VM Converter
  3. Convert Machine
  4. Select "This local Machine"
  5. Type in the info for one of your VMWare hosts
  6. Select your datastore target
  7. I had to edit the devices and change the controller to IDE
  8. Finish and wait
  9. At this point it's extermely important to remember that we don't want both VM's on at the same time.  BUT I wanted to ensure that my new VMWare VM would boot...
  10. Change Settings
    1. Change network to an isolated network off production.
  11. Delete the CDROM and Hard Disk
  12. Add a new Hard Disk as the SCSI 0:0 and point to VMDK
  13. Add new CDROM with basic settings
  14. Start the machine
  15. Uninstall XenServer Tools
  16. Reboot
  17. Install VMWare Tools
  18. Shutdown
  19. Note that the VM Version is listed as 4
    1. Shutdown the VM
    2. Right click the VM and choose the option for "Upgrade Virtual Hardware"
    3. It should now show as a vmx-09
  20. Boot the server and ensure it boots
  21. Shutdown VMWare VM
  22. Shutdown XenServer VM
  23. Edit VMWare VM and change NIC to production network
  24. Boot and change IP address if needed
  25. Uninstall VMWare converter
I was amazed how well this worked.  NOTE: I did this on fairly unimportant systems.  Not sure I'd do it with systems that are critical (besides, I rebuilt anything critical, converting is never my first choice)

Windows 2008 RTM: I also had to delete the NIC (which was listed as Flexible) and add a new one for VMXNET3.

One final strange thing I noticed is that the IntialKeyboardIndicators key would get messed up.
This is found under KHEY_USERS\.Default\Control Panel\Keyboard
It would be set to 21474836648 after conversion
Changing this back to 0 made it work as expected.

Pagefile on XenApp

Building out a new environment and I got to the point of setting the pagefile...

I've always been told 1.5 x RAM or other numbers that I didn't know any better and just did it.

So, building the XA65 server and I look around to see what recommendations are for XenApp 6.5 and found this:
http://blogs.citrix.com/2011/12/23/the-pagefile-done-right/

What a concept, pagefile should be set depending on what the server load is.  All these years and I only just now learned this.

Thursday, February 21, 2013

DHCP Migrate from Split Scope to Windows 2012 DHCP with Failover

There are already several excellent posts out there about how to migrate to Windows 2012 DHCP.
Microsofts own blog is an excellent reference.
http://blogs.technet.com/b/teamdhcp/archive/2012/09/11/migrating-existing-dhcp-server-deployment-to-windows-server-2012-dhcp-failover.aspx

I'm writing this, because I didn't find a lot about migrating from multiple DHCP servers with split scopes to a single 2012 with failover and bringing the leases along with.  This is a very easy process and requires minimal work.  (note, you can also just set conflict detection and then unauthorize the old servers and let it all sort itself out).  I decided not to use conflict detection this time around as last time I did this some users got a popup about their IP expiring, this caused a call to IT to tell them to restart.  Not a big deal, but this is easy and causes one less call to IT - I'm all for less calls.


In my case I migrated off 2 Windows 2008 R2 servers with split scopes.  I wanted to pull the leases off both servers and combine them and then make the DHCP servers failover with hot standby.
I'll refer to the old servers as DC01 and DC02
The new servers will be DC03 and DC04

  • Add the DHCP role to both of your new servers.
  • On DC03 right click, run as administrator on Powershell.
  • Export-DhcpServer -ComputerName DC01 -Leases -File C:\export\dhcpDC01.xml -Verbose
  • Export-DhcpServer -ComputerName DC02 -Leases -File C:\export\dhcpDC02.xml -Verbose
  • Open both xml files with notepad (I prefer Notepad++)
    • These xml files have the full DHCP config for your old server, we need to combine the leases so that when you import all of the leases get combined.
    • Do a search for
    • This is the begining section for all your leases.
    • On the DC02 xml file copy from the first (note that I dropped the "s") down to the last Lease section.  Make sure you get both the starting and ending tags for each active lease.
    • Remove any leases that are from reservations if you have any, otherwise they will be duplicates.
    • In the DC01 xml file paste these leases into the section.  I pasted mine after the last DC01 lease, but just before the tag.
  • On DC03 run: Import-DhcpServer -ComputerName DC03 -Leases -File C:\export\dhcpDC01.xml -Verbose
  • Ensure that DC03 is authorized
  • In the DHCP mmc "unauthorize" the server for DC01 and DC02
  • You may get a parameter error when unauthorizing servers.  I found that it still worked if I closed the mmc and reopened.  In one case I did the unauthorize from the server directly or simply waited a couple minutes then closed / reopened and did it again.  Don't forget to use refresh.
    • In a pinch you can also shutdown the DHCP Server service.
  • Close DHCP mmc and reopen.  Right click DHCP and Manage Authorized Servers and check that the list is correct.
  • Go into your scopes and "merge" your scope exclusions.  I had my new single scope exclusions already written down so that I could just delete all the old exclusions and re-enter the new ones.  EDIT: You can also modify the xml file the same way you did for the leases to include the new exclusion ranges.  Look for the tags
  • I always like having conflict detection, so ensure this is on.  It's under IPv4, Properties, Advanced.  (if you had it set on your old DHCP then it will have migrated with the import)
  • I like to use a tool like MS Windows dhcploc.exe or netscan to check and ensure that I don't have rogue DHCP servers.  Check and ensure that only your new server is handing out addresses at this point. http://www.softperfect.com/products/networkscanner/
Okay, so at this point we have:
  • 1 server 2012 handing out DHCP for the entire environment (DC03)
  • 1 server 2012 with DHCP installed, but not configured  (DC04)
  • 2 old servers that have been unauthorized (DC01 and DC02)
Now we just need to configure DC04
  • From DC03 powershell (run as administrator)
  • Export-DhcpServer -ComputerName DC03 -File C:\export\dhcpexp2012.xml -Verbose
    • Note, we don't want the leases
  • Move the export file over to DC04 locally.  The next steps can be done from DC03, but I found that it ran much faster locally then remotely.
  • From DC04:
  • DHCP role should already be installed, if not install it.
  • Open powershell with run as administrator
  • Import-DhcpServer -ComputerName DC04 -File C:\export\dhcpexp2012.xml -ServerConfigOnly -Verbose -BackupPath C:\export\backup
    • This imports the server config only. No leases or scopes
  • Refresh screen
  • Right click DC04 and authorize the server

Now lets setup failover / replication
  • These next steps are done from DC03, it will be our active server while DC04 will be the standby server
  • Right click on IPv4
  • Configure Failover
  • Select the network - Next
  • Change name if desired
  • Change to mode to "Hot Standby"
  • Enter a shared secret
  • Next
  • Close
  • Refresh DHCP mmc

That's it.  Now if you right click on a scope and go to properties you will find a failover tab.  This will tell you if it's in failover and what the role of that particular server is.

At this point I would run netscan again and check which servers it sees handing out DHCP as well as which servers it shows as AD-authorized.  In my case it shows DC03 as handing out DHCP and it shows AD authorized as DC03 and DC04.
http://www.softperfect.com/products/networkscanner/


Note: dhcploc.exe is included with the Microsoft tools on the Windows 2003 cd. (believe it's also on the 2008+ cd's).  To run it I typed "dhcploc.exe mymachinesIPaddress".  I took awhile to start displaying.