PowerShell: Quick way to tell if a particular hotfix is installed – local and remote

A colleague just asked me if there was a quick and easy way to find out if a hotfix was installed on a Windows machine. The answer is “yes, use PowerShell”.

Get-HotFix

will list all the hotfixes installed on the computer. You can then filter this by using Where-Object to Match part of the hotfix ID:

Get-HotFix | Where-Object -Property HotfixID -Match "2823180"

or use EQ to find only fully matching hotfix IDs:

Get-HotFix | Where-Object -Property HotfixID -EQ "KB2823180"

or if you want to shorten the command line:

Get-HotFix | where HotfixID -match "2823180"

You can obviously do this query remotely too, using Enter-PSSession:

Enter-PSSession -Computername rcmhv01 -Credential rcmtech-admin
Get-HotFix | Where-Object -Property HotfixID -EQ "KB2823180"
Exit-PSSession

Note that the Credential will assume the current Active Directory domain, but you can prefix the username with alternativedomain\ if you want to use a different one. The credential prompt will pop up an authentication dialogue to ask for the password. If you’re logged on with an account that has sufficient permissions (e.g. administrator) on the remote machine then you can omit the Credential parameter completely. The PowerShell prompt will change after the Enter-PSSession command to indicate that you’re now executing commands on a different machine.

Or do it on one line:

Invoke-Command -ComputerName rcmhv01 -Credential rcmtech-admin -ScriptBlock {Get-HotFix | Where-Object -Property HotfixID -EQ "KB2823180"}

If you’re having issues running commands remotely then check the steps here.

VMM 2012 SP1: Create Virtual Switch fails with Unknown error 0×80041008

This seems to be because you’re trying to create a Virtual Switch that uses teamed physical NICs that are already part of a Windows Server 2012 Team. This might be because you deleted on old Virtual Switch via Hyper-V Manager’s Virtual Switch Manager. Doing this doesn’t remove any Windows native NIC team that the switch was connected to.

Run LbfoAdmin (or click Server Manager, Local Server, and click the text saying “Enabled” to the right of “NIC Teaming”). Then investigate whether the team showing is using the NICs you were trying to allocate to the new Virtual Switch in VMM 2012 SP1. If they’re in use, you will not be able to use them and will get the following error when you try and add the Virtual Switch:

An internal error has occurred trying to contact the hv01.rcmtech.co.uk server:

WinRM: URL: [http://hv01.rcmtech.co.uk:5985], Verb: [GET], Resource: [http://schemas.microsoft.com/wbem/wsman/1/wmi/root/scvmm/ErrorInfo?ID=1003]

Unknown error (0x80041008)

Recommended Action
Check that WS-Management service is installed and running on server test-hv01.test.local. For more information use the command "winrm helpmsg hresult". If hv01.rcmtech.co.uk is a host/library/update server or a PXE server role then ensure that VMM agent is installed and running.

There are likely no problems with WS-Management (test with the command winrm qc on the host).

The solution is therefore to remove the NICs from the team (or remove the team, and thus free the NICs).

Script comparison: CMD, VBScript, Powershell

This was going to be a short scripting exercise for a new member of staff, but has been ditched due to time constraints. I’d written some sample scripts to see how long it’d take, so thought I’d post them as interesting comparison of the three languages.

They’re perhaps more a reflection of my abilities than being textbook examples of the three languages. I know there are better ways that bits of them could be done, but these were knocked up by me in as little time as possible so needed to be functional rather than perfect.

The brief was to write a short script, around 10-20 lines, that would move files from one folder to another if they had a certain text string in the filename. The folders were both located in the current user’s Documents folder. Source folder was called TestFiles, destination folder for matching files was called NewFiles. The text string to look for in the filenames was “robin” (minus the quotes). I wanted the script to be easily changed to use different folders or to look for a different text string. I also wanted the script to write some basic activity information to screen.

CMD (Windows Command processor/batch file)

@echo off
set Folder=%userprofile%\Documents\TestFiles
set NewFolder=%userprofile%\Documents\NewFiles
set FindText=robin
for /f "delims=" %%i in ('dir /b %Folder%') do (
   echo %%i
   call :FindAndMove "%Folder%\%%i" %FindText%
)
:FindAndMove
echo %1 | find /i "%2" >nul:
if %errorlevel%==0 (
   move %1 %NewFolder%\ >nul:
   echo Moved to new location
)
goto :eof
echo Done.

VBScript

Option Explicit
Dim oFSO, oFolder, oShell, oFile
Dim sFolderPath, sFindText, sNewFolder
Set oFSO = CreateObject("Scripting.FileSystemObject")
Set oShell = CreateObject("WScript.Shell")
sFolderPath = "%userprofile%\Documents\TestFiles"
sNewFolder = "%userprofile%\Documents\NewFiles"
sFindText = "robin"
sFolderPath = oShell.ExpandEnvironmentStrings(sFolderPath)
sNewFolder = oShell.ExpandEnvironmentStrings(sNewFolder)
Set oFolder = oFSO.GetFolder(sFolderPath).Files
For Each oFile In oFolder
   WScript.Echo oFile.Name
   If InStr(oFile.Name,sFindText) Then
      oFSO.MoveFile oFile.Path,sNewFolder&"\"
      WScript.Echo "Moved to new location"
   End If
Next
WScript.Echo "Done."

PowerShell

$Folder = $env:USERPROFILE+"\Documents\TestFiles"
$NewFolder = $env:USERPROFILE+"\Documents\NewFiles"
$FindText = "robin"
$FolderObj = Get-ChildItem -Path $Folder
foreach($File in $FolderObj){
   Write-Host $File.Name
   if($File.FullName -match $FindText){
      Move-Item -Path $File.FullName -Destination $NewFolder
      Write-Host "Moved to new location"
   }
}
Write-Host "Done."

 

vSphere: Convert RDM to VMDK and vice-versa on Windows VM with no downtime

This method will work for non-OS disks (so not your C drive), and will not required the server or application to go down during the process. You need a version of Windows that supports software RAID, which includes all versions of Windows Server and some Client versions too.

You had a good reason to use an RDM (or maybe you didn’t!) but have now changed your mind, or your needs have changed, or your storage infrastructure has changed (perhaps you’re replacing your old Clariion with a Tintri).

Or, maybe you provisioned a machine with a VMDK disk but now it’s gone live or the system performance needs have ramped up and you need to switch it to some dedicated spindles.

We’re going to be using Windows software RAID 1 to copy the data over, this is a block-level process so will transfer all the data and permissions across. It’s mirroring the entire NTFS filesystem, and it does it online. Clearly you’re going to take a bit of a hit in performance whilst the mirror is synchronising, but we’ll be breaking it again as soon as it’s finished. Your data disk will be converted to and remain as a Dynamic disk if it wasn’t already, but this effectively makes no difference (as long as you don’t want to access it from DOS or Linux).

So here we go, with screenshots (wow!). This is an RDM to VMDK conversion, but it’s the same process to go from VMDK to RDM.

1. Here’s the current VM config:
   
   Hard disk 2 is the data disk, and is the one we’ll be switching to a VMDK.
2. Here’s the disk config in Windows:
   
3. Make a note of the size of the disk that you’re going to transfer. As with all RAID 1, the disk you’re going to mirror onto must be the same size (or larger) than the existing disk. My disk is 10Gb, so I’m going to add a new 10GB VMDK disk to the VM:
   
4. Here’s the new disk in Windows Disk Management:
   
5. First you need to bring the disk online. Right-click the disk (where it says Disk 2, Unknown, 10.00GB, Offline) and choose Online.
6. Now you need to initialise the disk, right-click again and choose Initialise:
   
7. Now that we have our new disk ready for use, we can add it as a mirror to the original (RDM) disk. Right-click the RDM disk and choose Add Mirror…:
   
8. Select the new unallocated disk:
   
   Click Add Mirror.
   If your original disk is currently a Basic disk you’ll be warned that the disk will be converted to a dynamic disk:
   
   Click Yes.
9. The original disk and the new unallocated disk will be converted to dynamic disks:
   
   And very shortly afterwards the mirroring process will commence:
   
   How long this takes depends on the speed of your disks. In my experience there is very little CPU load generated by this process.
10. Once the resynching process has completed both disks will show as Healthy:
    
11. Now it’s time to remove the mirror from the original disk. Right-click it and choose Remove Mirror…:
    
    The Remove Mirror dialogue box will open, it selects the disk that you right-clicked but just confirm that it’s the right one:
    
    Click Remove Mirror, then click Yes.
    
12. Now you’ll be running from the new VMDK disk, the old RDM disk will be showing as unallocated:
    
13. Before removing the disk from the VM I like to right-click it and put it offline:
    
14. Now edit the settings of the VM and remove the RDM disk:
    
    Choose the “and delete files from disk” option as this will delete the .rdmp file.
15. Finally, here is the view from Windows Disk Management showing the VM that’s now only seeing the (new) VMDK disk:
    

Enterprise Storage Part 1 – What are IOPS, and other basics

If you’re specifying storage for enterprise class applications, or more recently, looking at specs of Solid State Disks – even ones for your PC, you’ll see a lot of mentions of IOPS. What exactly are IOPS?

IOPS stands for Input/Output operations Per Second, or IOs Per Second, and is a way of measuring the amount of data you can get into or out of a disk or storage system.

So how big is an IO? The simple answer is that it depends. By IOs we really mean “IO instruction”, ignoring the amount of data. Thus you can get different sized IOs, as on the whole an IO instruction with no associated data is not going to be much use when you’re trying to get data into or out of a storage device.

The chunks of data dealt with by individual IOs tend to be relatively small, ranging between about 512 bytes to 64K bytes. The performance figures for disks will, if you look hard enough, give you detailed figures for the IOPS for a range of different sizes. Consumer SSDs tend to at least mention 4KB IOs.

In the case of individual disks, in physical terms it will clearly take longer to write a larger amount of data to a disk then to write a smaller amount. Think of a spinning disk, if you write 512 bytes to the magnetic surface the disk platter will only have to rotate a small amount between where it starts to write and when it has finished, whereas to write 64KB will take somewhat longer (roughly 64,000 / 512 = 125 times longer). This is why enterprise-grade disks tend to spin faster than consumer disks. A standard consumer disk will spin at 7200rpm whereas an enterprise SAS (Serial Attached SCSI) or FC (Fibre Channel) will spin at 15,000rpm.

But that’s not the only factor that determines how many IOs a device can handle. In the case of spinning magnetic disks, you also have to take into account the “seek time”. This is how long it takes for the disk controller to move the read/write head to the correct place on the surface of the spinning disk, ready to start reading or writing data. For consumer disks this tends to be around 11ms, for decent enterprise grade disks it’ll be more like 4ms. 4ms might not sound like a lot, but it really is a very long time, especially if you are needing to read and write hundreds of times a second at random places over the surface of the disk. This seek time delay is what solid state drives effectively remove, and is one of the main reasons (when compared to magnetic disks) why their IOPS figures tend to be so high, especially for random read operations.

There are a few other factors that can affect IOPS figures for a particular disk, and one of the more interesting ones is the number of IOs that a disk can queue up. This is called Native Command Queuing (NCQ) or Tagged Command Queuing (TCQ). Enterprise disks can usually queue 32 instructions, whereas historically consumer grade disks tended not to queue more than about 2 (this changed with the introduction of the SATA interface). The reason this is important is because if the disk knows what it’s going to be asked to do in the future, it gives it the possibility of re-jigging the order of executing those instructions to take advantage of the physical characteristics of the storage medium. As a very basic example, imagine instructions as follows:

1. Read 4k from position 0
2. Write 8K to position 10000
3. Read 16k from position 2
4. Read 4k from position 10050

Executed in order, the heads on the disk will be moving rapidly from position 0 to position 10000 to position 2 to position 10050. If the device was able to see the entire queue it might instead choose to execute in the following order:

1. Read 4k from position 0
2. Read 16K from position 2
3. Write 8K to position 10000
4. Read 4K from position 10050

This has turned out to be a much longer article than I originally envisaged, so I’m going to leave it there. At some point I’ll write part 2 and cover things like RAID levels and cache.

Bye-bye SAN, Hello Tintri

I first came across Tintri over a year ago, had a look at their product on their website and thought “this sounds rather good”. I’ve chatted to them at IP Expo for the last two years, and recently had a WebEx with a few of their guys and a handful of my colleagues, where they went into some detail about what the product does, plus a quick demo.

If you’re currently running VMware VMs from VMFS volumes presented from something like an EMC Clariion SAN then you really want to look very seriously at the Tintri T540.

What is it? 13.5TB of storage in a 3U box. Fast storage, 50k-75k IOPS. Designed for VMware (Hyper-V support coming soon).

How do you get that amount of performance from 3U? You combine SSD and HDD. The T540 has eight 300GB SSDs in RAID 6 (striped with two parity disks) and eight 3TB HDDs, also in RAID 6. Nothing new there, except that Tintri have written their own optimised filesystem called VMstore featuring inline dedupe and some clever MLC flash optimisations. Without this, the Flash wears out quite fast due to the high random writes caused by your VMs hammering away all the time. Even if your VMs are writing mostly sequential data, when you combine many sequential writes together the component disks in the array see a random workload. SSD loves random workloads.

The data within the Tintri is structured such that all writes go to SSD, the data is then migrated to HDD where appropriate in 8k blocks – this is the size they found worked best during testing, and conveniently works nicely with most enterprise apps, including SQL Server and Exchange. Tintri claim to be able to service around 99% of IO from SSD. You can also pin entire VMs or just individual .vmdk files to sit only on SSD, should you want to.

Let’s contrast this to how a Clariion works. The Clariion was designed to be able to service defined, fairly consistent workloads, e.g. a single database on a set of disks. Sure you can make more than one LUN from a set of disks, but you need to understand the workload of each LUN such that one doesn’t negatively impact another. Try doing that for hundreds of VMs all on the same pool/RAID Group… On the Clariion, all writes smaller than the write-aside value (default 1MB) go via the storage processor RAM cache. On a CX4-480 this is about 4GB. There is (usually) a tiny amount of read-ahead cache allocated too, but it’s small because it hardly ever gets used. Back to the write cache. If this fills above the high watermark (default 80%) the SP initiates flushing to disk until the cache falls below the low watermark (default 60%). If you perform a read and the data you want is still held in the write cache, the read will be serviced from the cache, otherwise it’ll come from disk. In reality this means basically all writes come from disk of one form or another. Think about how much provisioned storage you have in your Clariion (it’ll be TB) vs a tiny 4GB write cache.

The Clariion has a couple of data tiering features that you might think would help, and they might, but possibly not as well as you might be led to believe, especially if your workload is servicing VMs.  These are FAST and FAST Cache:

• FAST (Fully Automated Storage Tiering) moves data around between different types of disk within a Pool, so you could have SSD, FC HDD and SATA HDD. It does not work on RAID Group LUNs as you can only have one type of disk within a RAID Group. The tiering chunk size is 1GB – which is nowhere near granular enough for the jumbled mass of data that you’ll have if you’ve been thin-provisioning your vmdk files. Writes will go to whichever tier the 1GB chunk that holds the block you’re addressing is currently sat on – so possibly SATA.
• FAST Cache is a misnomer, it’s not a cache at all. It’s enabled per LUN, and allows up to 2TB of SSD to hold promoted 64kB blocks of data. If you enable FAST Cache for some LUNs, the FAST Cache algorithm monitors the blocks on those LUNs and gradually promotes the most active blocks to SSD. How busy a block needs to be to determine if it’ll be promoted is based on it’s relative “busy-ness” compared to all other blocks on FAST Cache-enabled LUNs across the entire SAN. Writes to otherwise untouched blocks do not go direct to SSD, and writes to relatively quiet blocks do not go direct to SSD. Only writes to already busy blocks that have been promoted will go direct to SSD.

I’m not as familar with other SAN vendors tech as I am with the stuff from EMC but a lot of the above will be similar, if not the same. Check out the granularity of the tiering mechanism, and see if the SSD “cache” is actually a cache.

The Tintri T540 is presented to your ESXi hosts as a single large NFS datastore, via dual controllers (active/standby config) each with two 1/10Gbps Ethernet interfaces (also in active/standby config). Due to the use of NFS and thus Ethernet, you could potentially not only ditch your SAN, but also your FibreChannel fabric(s) too. (Oh, and your storage team… oops)

There’s no more creating LUNs then adding them as datastores, no upgrading VMFS versions, managing SAN RAID Groups or Storage Pools. The Tintri T540 also understands what the files in the NFS datastore are – it knows what makes up a VM and allows you to see how busy a VM is in a variety of different ways, and apply Quality of Service to it.

As you can probably tell, moving your VMs to a T540 will massively reduce complexity and management overhead. Yes – you can adjust the placement of VMs and set QoS, but unless you have some specific requirements this box is “set it and forget it”. Because the T540 integrates with vCenter and understands the data it’s holding, it’s not “just another” SSD+HDD box. It has a load of performance overview and reporting features to make the VM admin’s life easier. Because of the massive amount of performance it can soak up and throw out think how nice it’d be to run SQL Server or Exchange from it.

The T540 makes provisioning a new VM from the vSphere Client super-fast. We’re talking seconds. This is achieved via supporting VAAI. It also has built-in cloning and snapshot capabilities, the latter can be scheduled. Think how handy that speed could be for devs who need a constant supply of new servers or who want to snapshot a VM before they roll out an update.

Check out the features for yourself.

At the head of Tintri the company are people from VMware, Sun, and Data Domain. In addition to those companies the engineering team has people from Citrix, NetApp, Google and Brocade. They know their stuff, and know the storage issues that face anyone who’s taken advantage of server virtualisation whilst having to use legacy SAN/NAS technology.

Clearly, you need to have some idea of what your environment is doing to know if your storage workload would be suitable, but I reckon it would be perfect for a lot of people who’ve had no choice apart from traditional SAN or NAS until now. And if you have a VM-based VDI solution then Tintri could solve all your storage provisioning and boot storm issues.

Oh, and they’re winning awards all over the place. I want one. No, I want two.

PowerShell: Scan subnet for dead addresses

Quick script to scan a range of addresses on an IPv4 subnet and report ones that don’t ping, additionally doing a reverse DNS query on those IP addresses to try and get their names.

I’m doing two pings, as I found that when only doing one I got a lot of false positives. The reverse DNS query slows things down quite a bit so comment that out if you don’t need it.

$Subnet = "164.11.249"
$MinAddress = 47
$MaxAddress = 254
# step through each address from MinAddress to MaxAddress
for($Address=$MinAddress;$Address -le $MaxAddress;$Address++){
    # make a text string for the current IP address to be tested
    $TestAddress = $Subnet+"."+[convert]::ToString($Address)
    # do the ping(s), don't display red text if the ping fails (erroraction)
    $Result = Test-Connection -ComputerName $TestAddress -Count 2 -ErrorAction SilentlyContinue
    if($Result -eq $null){
        Write-Host "No reply from $TestAddress" -NoNewline
        # have to use try/catch as the GetHostByAddress errors in a nasty way if it doesn't find anything
        try{
            # do the reverse DNS query
            $HostName = [System.Net.Dns]::GetHostByAddress($TestAddress).HostName
            if($HostName -ne $null){
                # found something in DNS, display it
                Write-Host " ($HostName)"
            }
        } catch {
            # didn't find anything (GetHostByAddress generated an error), just do a CRLF
            write-host ""
        }
    }
}

This script demonstrates the use of reverse DNS queries, a try catch statement, and converting integers to strings.