Recently had a problem where an Microsoft SQL instance on a Development server was in accessible. The server was no longer bound to the domain and the local Windows Administrator accounts didn't have sysadmin access to the SQL. I found a great post over at David Browne's - Batch File to Grant Local Administrators a Sysadmin Login in SQL Server on the method by which you could give access to the administrative accounts.
The outcome is that if you have Administrator access to the machine you can ways give yourself Full access to the databases.
Wednesday, December 15, 2010
Thursday, December 9, 2010
Nexus 1000 Interface resetting when only member of Port-Channel
This should be the first of many posts on configuring VMware ESX Hosts to use the Nexus 1000. This is a work in progress. First and foremost, I am not a networking guy and this is a very complicated configuration. The networking admin where I work, Chris Johnson, is very good and has been teaching me as we work out the problems. I'm learning this stuff with you and please post any help you can. I'll try and do the same.
Post a comment if you have any idea why or over at at my post at http://communities.vmware.com/message/1661219#1661219.
One of the thousand problems I've been working with actually came the host we use to migrate machines on and off the nexus switches. We have some hosts that use the regular Vmware Distributed virtual switch (DVS) and we have test hosts that use the Nexus v1000 Distributed virtual switch.
- All our VMware ESX hosts use Dual Port 10 Gig FCoE Emulex cards setup as trunks.
- All hosts also have two 100 MB Nics
- One is for for the lights out management, (Dell Remote Management Cards and a really crappy IBM knock off).
- One is for service console not on the distributed virtual switch but the normal Virtual Switch. The service console isn't on the distributed virtual switch because we've had to many problems managing the hosts when the Emulex cards and/or nexus fail.
One host has a single 10G nic on the regular Vmware Distributed virtual switch and its other 10G nic on Nexus v1000 Distributed virtual switch. This host is for migrating machines on and off the nexus hosts. As a result the the Nexus 10g Nic interface was setup in a port-channel by itself. The result was that the interface kept reseting every minute. It would say up for 30 seconds, then off line for 30 seconds.
Here is how this looked in the logs.
Nexus 1000 Command: show logging last 100
2010 Dec 7 12:12:07 ac02-ns1-01 %ETHPORT-5-IF_DOWN_INITIALIZING: Interface Ethernet6/3 is down (Initializing)
2010 Dec 7 12:12:07 ac02-ns1-01 %ETHPORT-5-SPEED: Interface port-channel4, operational speed changed to 10 Gbps
2010 Dec 7 12:12:07 ac02-ns1-01 %ETHPORT-5-IF_DUPLEX: Interface port-channel4, operational duplex mode changed to Full
2010 Dec 7 12:12:07 ac02-ns1-01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface port-channel4, operational Receive Flow Contol state changed to on
2010 Dec 7 12:12:07 ac02-ns1-01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface port-channel4, operational Transmit Flow Contol state changed to on
2010 Dec 7 12:12:40 ac02-ns1-01 %ETH_PORT_CHANNEL-4-PORT_INDIVIDUAL: port Ethernet6/3 is operationally individual
2010 Dec 7 12:12:40 ac02-ns1-01 %ETHPORT-5-IF_UP: Interface Ethernet6/3 is up in mode trunk
2010 Dec 7 12:13:07 ac02-ns1-01 %ETHPORT-5-IF_DOWN_INITIALIZING: Interface Ethernet6/3 is down (Initializing)
2010 Dec 7 12:13:08 ac02-ns1-01 %ETHPORT-5-SPEED: Interface port-channel4, operational speed changed to 10 Gbps
2010 Dec 7 12:13:08 ac02-ns1-01 %ETHPORT-5-IF_DUPLEX: Interface port-channel4, operational duplex mode changed to Full
2010 Dec 7 12:13:08 ac02-ns1-01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface port-channel4, operational Receive Flow Contol state changed to on
2010 Dec 7 12:13:08 ac02-ns1-01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface port-channel4, operational Transmit Flow Contol state changed to on
2010 Dec 7 12:13:44 ac02-ns1-01 %ETH_PORT_CHANNEL-4-PORT_INDIVIDUAL: port Ethernet6/3 is operationally individual
2010 Dec 7 12:13:44 ac02-ns1-01 %ETHPORT-5-IF_UP: Interface Ethernet6/3 is up in mode trunk
2010 Dec 7 12:14:08 ac02-ns1-01 %ETHPORT-5-IF_DOWN_INITIALIZING: Interface Ethernet6/3 is down (Initializing)
2010 Dec 7 12:14:08 ac02-ns1-01 %ETHPORT-5-SPEED: Interface port-channel4, operational speed changed to 10 Gbps
2010 Dec 7 12:14:08 ac02-ns1-01 %ETHPORT-5-IF_DUPLEX: Interface port-channel4, operational duplex mode changed to Full
2010 Dec 7 12:14:08 ac02-ns1-01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface port-channel4, operational Receive Flow Contol state changed to on
2010 Dec 7 12:14:08 ac02-ns1-01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface port-channel4, operational Transmit Flow Contol state changed to on
2010 Dec 7 12:14:41 ac02-ns1-01 %ETH_PORT_CHANNEL-4-PORT_INDIVIDUAL: port Ethernet6/3 is operationally individual
2010 Dec 7 12:14:41 ac02-ns1-01 %ETHPORT-5-IF_UP: Interface Ethernet6/3 is up in mode trunk
ESX Command: tail /var/log/vmkernel -n 30
Dec 7 11:43:02 nkuvmhost9 vmkernel:
Dec 7 11:43:30 nkuvmhost9 vmkernel: 3:21:34:09.172 cpu8:4531)Need to send MAC Move for Inband Port
Dec 7 11:43:30 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 60 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 70 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 200 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 268 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 274 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:02 nkuvmhost9 vmkernel: 3:21:34:41.376 cpu3:4319)Not removing sys vlan 275 from the ltl 18
Dec 7 11:44:02 nkuvmhost9 vmkernel:
Dec 7 11:44:31 nkuvmhost9 vmkernel: 3:21:35:10.172 cpu8:4104)Need to send MAC Move for Inband Port
Dec 7 11:44:31 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.376 cpu8:4319)Not removing sys vlan 60 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.376 cpu8:4319)Not removing sys vlan 70 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.376 cpu8:4319)Not removing sys vlan 200 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.376 cpu8:4319)Not removing sys vlan 268 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.377 cpu8:4319)Not removing sys vlan 274 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:02 nkuvmhost9 vmkernel: 3:21:35:41.377 cpu8:4319)Not removing sys vlan 275 from the ltl 18
Dec 7 11:45:02 nkuvmhost9 vmkernel:
Dec 7 11:45:32 nkuvmhost9 vmkernel: 3:21:36:11.172 cpu8:4531)Need to send MAC Move for Inband Port
It seems we can hide this issue if we remove the interface from the port-channel.
Warning: Before you can disable Vpc (Virutal port channel) you must remove all but one nic it from the Distubed switch in ESX.
An example on how to remove an interface from a port-channel.
- > conf
- > interface ethernet 6/3
- > no channel-group 21 mode active
But why does it fail in the first place when its the single member of the port-channel?
Post a comment if you have any idea why or over at at my post at http://communities.vmware.com/message/1661219#1661219.
Subscribe to:
Posts (Atom)