How to create a RHEL 7 template in VSphere ESXi 6.7
Unlike for Windows , RHEL based template creation requires additional steps to make it work. During this process , I came across very valuable information from the linuxtechi blog . I am summarizing the steps and some additional steps that I followed during the whole. process. ( But , I am not adding the steps that you need to follow in ESXi to convert a VM in to template)
Source: https://www.linuxtechi.com/create-vm-template-ovirt-environment/
Environment Details:
- RHEL 7.3
- ESXi 6.7
+ Create a RHEL 7.3 VM
+ Install the Operating System and all other Packages needed.
+ Yum update it (If you have a valid RHEL subscription).
Thereafter , we need to follow the below steps to generalize the VM by removing any VM specific configuration and you need to do the below:
+ Remove the SSH host keys
# rm -f /etc/ssh/ssh_host_*
+ Remove the hostname and set it as local host(This is optional , because if
you have not provided any hostname during the step , it will retain
localhost as the name.
# hostnamectl set-hostname ‘localhost’
+ Then remove any reference for UUID , HWADDR & MAC
# rm -f /etc/udev/rules.d/*-persistent-*.rules
# sed -i ‘/^HWADDR=/d’ /etc/sysconfig/network-scripts/ifcfg-*
# sed -i ‘/^UUID=/d’ /etc/sysconfig/network-scripts/ifcfg-*
At this point , please make sure that , while deploying the VM’s from this template you need to create an VM customization specification and forcing to enter the IP address details. Otherwise , you will end up all the VM’s having the same hostid.
+ Again this is optional if you have not registered the VM
#rm -f /etc/sysconfig/rhn/systemid
+ Poweroff the VM systematically (Similar to Windows Sysprep)
# sys-unconfig
Update#1: In case , if the sys-unconfig command does not work, you must use the virt-sysprep command . Details steps can be found in the below article
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_disk_access_with_offline_tools-using_virt_sysprep
NOTE: VM Customization specification is mandatory to avoid the VM’s getting the same hostids. Steps are as below;
+ Login to the VCenter.
+ Open Policies & Profiles.
+ Select VM Customization Specification.
+ Provide the details , based on your environment.
+ In the Network screen , select “Manually Select Custom Settings”.
+ Click on Add.
+ In the IPv4 section , select ” Prompt the user for an IPv4 address when the
specification is used “.
Good Luck .
Cannot open mailbox features in ECP
Sometimes you may receive the below error , when you try to access the Mailbox features for a Mailbox via ECP.
In this situation the Exchange server version is 2016 and it happened only on a single mailbox.
After several hours of troubleshooting we came to know that , this could happen if the mailbox is in quarantined state. During this problem user will not be able to access his mailbox neither by Outlook nor any clients)
(You could refer https://www.nucleustechnologies.com/blog/how-to-fix-exchange-mailbox-quarantine-issue/ to have an idea about possible causes for a mailbox to go in to quarantined mode).
To confirm this we ran the below command via the Exchange Powershell
Get-Mailboxstatistics -identity “Test User” | fl Isquarantined
The output was True , now we could confirm his mailbox is in quarantined state.
To disable the quarantine state we ran the below command:
Disable-MailboxQuarantine “Test User”
But , for us unfortunately , the user mailbox goes again to quarantine mode after few minutes. Thus we tried to repair the mailbox using the below command.:
New-MailboxRepairRequest -Mailbox test@test.local -CorruptionType ProvisionedFolder,SearchFolder,AggregateCounts,Folderview
In our situation even the repair was not solving the issue and we had to recreate the mailbox. The reason , I shared the above steps as it could help somebody , without the need for recreating the mailbox.
Good Luck.
How to Track File Deletion on a File Server
Hi Folks
Anybody wants to enable auditing on their file server , for the purpose of tracking and auditing who has deleted any files or folders , I would recommend the below article.
It covers detailed steps on how to enable the Group Policy for auditing and enabling Folder level Auditing parameters. However after enabling the required configuration you need to filter out for the event ID’s 4663,4624,5140, and 4660 in the Security Event Log.
These event ID’s will provide the audit trail for the event.
How to reject emails that tagged as SPAM by spamassassin
Hi Guys,
I have wrote a seperate blog post on how to configure spamassassin ,spamass-milter & sendmail to combat SPAM. But this article focus on how to reject emails that are tagged as SPAM by spamassassin. By default the emails will not be rejected , and it will be delivered to the MTA as it is.
In order to achieve this , you need to modify the spamass-milter configuration file in /etc/sysconfig/spamass-milter , and uncomment the line
EXTRA_FLAGS=”-m -r 15″
and modify the -r value to based on your needs, and leave the -m as it is, this will prevent the spamass-milter modifying the header. In my case I have set the -r value to 5 . Do not forget to restart the spamassassin , spamass-milter & sendmail services.
That’s it.
System Reserved Partition is full and the VEEAM backup job with Guest Processing option enabled will fail.
When there is less free space on the System Reserved Partition , the VEEAM backup jobs will fail(Only when the Guest Processing is enabled). There are so many articles , you could use to solve this issues at the Microsoft Operating System level , leveraging Native MS Tools or some 3rd Party Disk Management Tools.
On the other hand , you could use VMware VCenter Converter to increase the System reserved Partition , by using the “Convert VM” option. To do so , during the Wizard , when you reach the last screen
- Select “Data to Copy”
- Then Choose “Select Volumes to Copy” in Data Copy Type.
- Select the System Reserved Partition and then choose “Type size in GB” and enter the desired value.
That’s it once the VM is converted , the System reserved partition will be expanded. Now you could happily backup the VM’s using the VEEAM B&R.
Update1:
Even after the above procedure we still had the same issue . However , we were able to identify the root cause and fix it permanently with the help of VEEAM support.
Cause: Even though we increase the system reserved partition size , under System reserved partition properties (in Disk Management , Right Click on System reserved partition and select Properties) we were able to see that, the maximum limit has not been updated in the Shadow copies Tab , and it was showing the old value only.
Resolution : When we changed the settings to No Limit , voila the backup started working fine.
Reset to device, \Device\RaidPort0, was issued” error in the Windows event log
Environment: VSphere ESXi 6.7 on HP DL 380 (Single Server)
Problem: The VM’s getting hanged / frozen. Cannot Login to Windows nor issue any Power off commands. During the investigation , we found out that the VM’s were recording Event ID 129 with the Warning message “Reset to device, \Device\RaidPort0, was issued” , just before the VM becoming unresponsive.
We were referring the VMware KB https://kb.vmware.com/s/article/2063346 , and confirmed the LSI_SAS driver is updated to the latest version. But , luckily in our case , this deployment was a temporary one as we are planning to move this VM’s to a stable VSphere Cluster running on Nutanix. After few days ,moving the VM’s to the Nutanix environment , we noticed that the VM’s were functioning well with out any issues.
So for those who are having a similar issue , you need to check the underlying storage structure . As it could cause similar issues like this.
NOTE: During this unresponsive state , you could notice the Disk Latency stays at more than 20. This definitely a problem for a VM’s responsiveness.
