Tag Archives: Hyper-V

Shutdown Storage Spaces Direct (S2D) or Azure Stack HCI Hyper-Converged cluster safely

11 Replies

Yes, we are building clustered solutions to keep as high uptime as possible but sometimes there is a planned or unplanned electrical outage or maintenance work on power lines when we are simply forced to shutdown our cluster – and in that situation we want to do it safely.

When we talk about Storage Spaces Direct (S2D) on Windows Server 2016 / 2019 / 2022 in a hyper-converged scenario (when hyper-v virtualization and storage are inside the same system) it is very important to take care of properly shut down such system not to get in problematic situations where data corruption or some other issues could emerge. Becouse of that Microsoft has a great article about how to safely and properly shutdown a node in S2D configuration.

I would like to share with you a concept that could help you with getting whole cluster safely turned off.

Scenario consists of 2-node S2D solution, standalone hyper-v (on which I run file share witness (for S2D)) and PRTG that by using SNMP monitors APC UPS 2200:

So first of all we need to get the information about Battery capacity by using SNMP query to APC Network management card – this will be the value that we will monitor and based on the current value we will trigger some actions.

Then we need to prepare Notifications templates where we define Powershell scripts to be executed.
I am using three scripts:
First script will make a graceful stop of storage services and put S2D Cluster N2 in maintenance mode (all roles will be drained to S2D Cluster N1) after that it will shut down S2D Cluster N2
Second script will trigger shutdown of all virtual machines on S2D Cluster N1 and after 180 seconds it will shut down the S2D Cluster N1
– Third script will shut down third hyper-v host (standalone)

With the action Execute Program on our Notification Template we define which script we would like template to use and username and password that will be used only to execute the script on local machine (PRTG) – credentials for powershell remoting that will do the shutdown jobs can be safely saved separately so you do not need to enter plain-text credentials to access the hosts anywhere.

After that we need to configure triggers – when scripts will be executed based on the battery capacity – so in my case I decided to set it up like this:

  • When battery is on 65% turn off S2D Cluster N2 (drain roles (VMs and cluster service roles to S2D Cluster N1), put the node in maintenance mode, shut down the physical node S2D Cluster N2).
  • When battery is on 45% turn off S2D Cluster N1 by firs shutting down all VMs, than wait 180 seconds for shutdown to complete and then shut down physical S2D Cluster N1.
  • When battery is on 15% turn off standalone Hyper-V host – where our Witness and PRTG VMs are running

If we check the scriptblocks inside our scripts:

Shutdown-N2.ps1 (the script that in my case we will run first):

In first part of the script we need to setup credentials that will be used to execute powershell remoting:
You can do this buy simply entering username and password into the script (Please do not do that! Powershell allows you to do it way more securely. Please read this article about securely saving encrypted password in separate file.

Invoke-Command -ComputerName S2D-N2 -Credential $credential -ScriptBlock {
$nodename = ‘S2D-N2’
Suspend-ClusterNode -Name S2D-N2 -Drain -Wait
Get-StorageFaultDomain -type StorageScaleUnit | Where-Object {$_.FriendlyName -eq $nodename} | Enable-StorageMaintenanceMode
Stop-ClusterNode -name S2D-N2
Start-Sleep -Seconds 10
Stop-Computer -Force
}

Shutdown-N1ps1 (the second script that will be executed – this will turn off VMs and finaly S2D Cluster N1):

Invoke-Command -ComputerName S2D-N1 -Credential $credential -ScriptBlock {
Get-VM | Stop-VM -Force -AsJob
Start-Sleep -Seconds 180
Stop-Computer -Force
}

Shutdown-HyperV.ps1 (the third script that will turn off stand alone Hyper-V host):

Invoke-Command -ComputerName StandaloneHyperV -Credential $credential -ScriptBlock {
Stop-Computer -Force
}

So the shutdown sequence will be:
– when electricity is turned off and PRTG gets the info by querying UPS that capacity of the battery is under 65 %:
S2D Cluster – N2 will bi gracefully stopped (by draining roles and putting it in maintenance mode and shutdown after that)
– when the battery is under 45 %:
S2D cluster – N1 will be gracefully stopped (by shutting down all VMs and finally shutting down)
– when the battery capacity is under 15 %:
Our standalone host (where PRTG and File Share Witness (needed for S2D Cluster)) will be shutdown.

The procedure to turn the system back on is the following:
– First we will turn on standalone host (and Files Share Witness VM)
Please do not turn on PRTG server until UPS battery capacity is not over 65% (because PRTG will turn on the procedures again if capacity is below 65%)
– When you checked that standalone host has network connectivity and File Share Witness VM is working and has connectivity too we can proceed further by turning on S2D Cluster N1
– When S2D Cluster N1 is up we can turn on VMs* (as Witness is there and N1 is fully functional you are able to start your production VMs – there will be more data to resync so if you have time it is better to wait for N2 to get back online and put it out of maintenance mode.)
– We can now turn on S2D Cluster N2 and when it comes back online we need to bring it back into fully functional Cluster member state by executing the script:

$ClusterNodeName = ‘S2D-N2’
Start-ClusterNode -name $ClusterNodeName
Get-StorageFaultDomain -type StorageScaleUnit | Where-Object {$_.FriendlyName -eq $ClusterNodeName} | Disable-StorageMaintenanceMode
Resume-ClusterNode -Name $ClusterNodeName -Failback Immediate

After executing the script you can check the progress of storage re-synchronization by executing Powershell cmdlet: Get-StorageJob

When UPS battery capacity reaches over 65% you can turn on your PRTG monitoring system again.

Demystifying SMB 3.x multichannel – part 4 – Hyper-V server to Hyper-V server example with windows teaming tool (server manager / powershell) and VMSwitch with multiple virtual network cards

Leave a reply

We are pushing it forward – in previous example (part 3) we made virtual switch just by simply using Hyper-V Manager (or Powershell) but with no extra configuration – the result was that when copying from server to server we got only 1 gigabit throughput.

Now, we are trying to upgrade the scenario by using Powershell (you can only do this by using Powershell or by using System Center Virtual Machine Manager (that below also uses Powershell :)) – we are going to create Virtual Switch but then we are going to assign more than just one virtual network card to host operating system (our Hyper-V host):

So by doing:

New-VMSwitch -Name Team01 -AllowManagementOS $false -NetAdapterName Team01

We simply create a virtual switch, that does not have in previous part mentioned checkbox  “Allow management operating system to share this network adapter” checked so, no Virtual Network card is created – !Warning! If you run only this cmdlet you will cut yourself out of your Hyper-V host – so it is better to prepare also the second part and run it all together so we will continue by using cmdlet Add-VMNetworkAdapter:

Add-VMNetworkAdapter -ManagementOS -SwitchName Team01 -Name MGMT01
Add-VMNetworkAdapter -ManagementOS -SwitchName Team01 -Name MGMT02
Add-VMNetworkAdapter -ManagementOS -SwitchName Team01 -Name MGMT03
Add-VMNetworkAdapter -ManagementOS -SwitchName Team01 -Name MGMT04

This cmdlets will create 4 virtual adapters for your Hyper-V Host to use (yes, you can also use VLANS with this network adapters).

As can be seen in the video we are getting better results than with a single virtual network adapter but still we are getting not more than 2 gigabit of bandwidth – and it is not stable.

Demystifying SMB 3.x multichannel – part 3 – Hyper-V server to Hyper-V server example with windows teaming tool (server manager / powershell) and VMSwitch on top

Leave a reply

As I told you at the beginning of this series I am a big fan of Hyper-V – I have been implementing it since 2008 (when nobody believed this would ever become a serious virtualization platform :)). So in Windows server 2012 / 2012 R2 the most common way of setting up your Hyper-V networking was to just team your NICs by using Windows provided tool and then just to create a VMSwitch on top of it – by using Hyper-V manager or Powershell and by using the checkbox Allow management operating system to share this network adapter. After this process you ended up with a new virtual NIC called for example vEthernet (Team01).

Like in previous scenario (part 2) we have 1 gigabit speed when copying files from server to server. And yes, if there was a third server we would probably start using next NIC so we would have 2 gigabit traffic from server 1 – 1 gigabit to server 2 and 1 gigabit to server 2 – but still just a gigabit to each of them.

In this video you can see that we are upgrading previous scenario (teamed NICs) by enabling Hyper-V Virtual Switch (External type) using Hyper-V Manager – you could also do that by using Powershell following the documentation.

Add-VMNetworkAdapterExtendedAcl – allow only specific traffic to a VM and allow all outgoing traffic from a VM on Windows server 2016 – Hyper-V

Leave a reply
Block all trafic to a VM:
Add-VMNetworkAdapterExtendedAcl –VMName “vm01” –Action “Deny” –Direction “Inbound” –Weight 10
Allow (for example) TCP 80 (HTTP) and TCP 443 (HTTPS) to a VM:
Add-VMNetworkAdapterExtendedAcl –VMName “vm01” –Action “Allow” –Direction “Inbound” –LocalPort 80 –Protocol “TCP” –Weight 11
Add-VMNetworkAdapterExtendedAcl –VMName “vm01” –Action “Allow” –Direction “Inbound” –LocalPort 443 –Protocol “TCP” –Weight 12
 
Allow any TCP and UDP from VM to ANY port and ANY address:
Add-VMNetworkAdapterExtendedAcl -VMName “vm01” -Action Allow -Direction Outbound -RemotePort Any -Protocol tcp -Weight 100 -IdleSessionTimeout 3600 -Stateful $True
Add-VMNetworkAdapterExtendedAcl -VMName “vm01” -Action Allow -Direction Outbound -RemotePort Any -Protocol udp -Weight 101 -IdleSessionTimeout 3600 -Stateful $True
 
Want to start over? Remove all ACLs:
Get-VMNetworkAdapterExtendedAcl -VMName “vm01” | Remove-VMNetworkAdapterExtendedAcl

“Demystifying” Windows server 2012 Hyper-V 3.0 network virtualization – part II (two hosts / same subnet)

5 Replies

Today I was presenting @ bleedingedge.si conference… My session was about Windows server 2012 / Hyper-V 3.0 network virtualization.

 

I have recorded this sequence of commands so you can see the configuration and how it works:

http://www.screencast.com/t/wsDAKpKumlSm – Hyper-V 3.0 – Network virtualization Part 1

http://www.screencast.com/t/q3G9SViY6gId – Hyper-V 3.0 – Network virtualization Part 2

http://www.screencast.com/t/bxOznDklp – Hyper-V 3.0 – Network virtualization Part 3

 

In my demo environment I have:

Two Windows server 2012 with Hyper-V 3.0 role installed

HV01 / Only one network card so it is used by VMs and host (management) with IP 172.31.200.11
HV02 / Only one network card so it is used by VMs and host (management) with IP 172.31.200.12

On each host there are TWO virtual machines:

On HV01 there are:

– Blue01 (10.10.10.11 with STATIC MAC*address AAAAAAAAAA01)
– Red01 (10.10.10.21 with STATIC MAC*ddress CCCCCCCCCC01)

On HV02 there are:

– Blue02 (10.10.10.12 with STATIC MAC*address AAAAAAAAAA02)
– Red02 (10.10.10.22 with STATIC MAC*address CCCCCCCCCC02)

*You should DEFINE STATIC MAC on Virtual Machine network configuration – you must not use dynamicaly assigned MAC address (System center Virtual machine manager 2012 SP1 will do that for you automaticaly)

By defalt all machines are able to ping themselfs… We want to isolate Blue network so only Blue01 and Blue02 can ping each other and Red network so only Red01 and Red02 can ping each other.

First thing we need to do is to enable ms_netvm component on PHYSICAL NIC! (not on virtual switch created NIC!)
Enable-NetAdapterBinding “Ethernet” -ComponentID ms_netwnv

Second thing is that we need to create Lookup records on both Hyper-V servers. You should copy/paste this script on both hosts:
New-NetVirtualizationLookupRecord -CustomerAddress “10.10.10.11” -ProviderAddress “172.31.200.11” -VirtualSubnetID “5001” -MACAddress “AAAAAAAAAA01” -Rule “TranslationMethodEncap”
New-NetVirtualizationLookupRecord -CustomerAddress “10.10.10.12” -ProviderAddress “172.31.200.12” -VirtualSubnetID “5001” -MACAddress “AAAAAAAAAA02” -Rule “TranslationMethodEncap”

Then you need to create Costumer Route – on both Hyper-V hosts:
New-NetVirtualizationCustomerRoute -RoutingDomainID “{11111111-2222-3333-4444-000000005001}” -VirtualSubnetID “5001” -DestinationPrefix “10.10.10.0/24” -NextHop “0.0.0.0” -Metric 255

Then you need to add provider address to PHYSICAL NIC – you need to find out interface index by using get-netadapter!

In my example on HV01:
New-NetVirtualizationProviderAddress -InterfaceIndex 12 -ProviderAddress “172.31.200.11” -PrefixLength 24
New-NetVirtualizationProviderRoute -InterfaceIndex 12 -DestinationPrefix “0.0.0.0/0” -NextHop “172.31.200.1”

and on HV02:
New-NetVirtualizationProviderAddress -InterfaceIndex 12 -ProviderAddress “172.31.200.12” -PrefixLength 24
New-NetVirtualizationProviderRoute -InterfaceIndex 12 -DestinationPrefix “0.0.0.0/0” -NextHop “172.31.200.1”

When this is done we need to configure VirtualSubnetID on virtual machines:
On HV01 (where Blue01 vm is running) we should do:
Get-VMNetworkAdapter -VMName Blue01 | where {$_.MacAddress -eq “AAAAAAAAAA01”} | Set-VMNetworkAdapter -VirtualSubnetID 5001

and on HV02 (where Blue02 vm is running) we should do:
Get-VMNetworkAdapter -VMName Blue02 | where {$_.MacAddress -eq “AAAAAAAAAA02”} | Set-VMNetworkAdapter -VirtualSubnetID 5001

Now network virtualization will take place and Blue01 will only be able to ping Blue02 and vice-versa. Red01 and Red02 are outside this VitualSubnet. In video you can see network monitoring where you can detect GRE network between hosts.
In video I also do live migration so I move Blue02 machine from HV02 to HV01 so you can see that network virtualization is aware of live migration and moving machines between HV hosts in the same network or also cross premise… I will cover that in next part! 🙂

Let’s virtualise!

Manage Hyper-V Virtual machines using WMI and VBS scripts

15 Replies

Today I was working on how to manage Hyper-V virtual machines using WMI.
This VBS scripts can be modified to suit your needs…
Each script takes one argument “machine name”:

listvm.vbs – display all virtual machines on Hyper-V – this script will create a TXT file (you should edit path and filename inside the script) with all virtual machines that are on Hyper-V host. It will print names of the machines and current state (Running, Off, Saved)

sortvm.vbs – this script alphabeticaly sorts list of virtual machines (you should edit path and filename inside the script)

startvm.vbs – usage: startvm.vbs “Name of your virtual machine” – this script will start the virtual machine

stopvm.vbs – usage: stopvm.vbs “Name of your virtual machine” – this script will turn of (dirty!) your virtual machine

shutdownvm.vbs – usage: shutdownvm.vbs “Name of your virtual machine” – this script will shut down your virtual machine if it is Integration Services aware – it will signal/notify guest operating system to initialize shutdown procedure. It works only on machines that support Hyper-V Integration services.

hardresetvm.vbs – usage: hardresertvm.vbs “Name of your virtual machine” – this script will reset (dirty!) your virtual machine

savestatevm.vbs – usage: savestatevm.vbs “Name of your virtual machine” – this script will save and turn off your virtual machine

I have compiled this scripts using resources regarding Hyper-V and WMI
http://msdn.microsoft.com/en-us/library/cc136992(VS.85).aspx
http://blogs.msdn.com/virtual_pc_guy/

Enjoy, WMI power!

SBS 2008 (AD server) virtualized on Hyper-V – what about time synchronization?

1 Reply

Hi!

This blog post is about time synchronization with Hyper-V Integration services when you virtualize SBS 2008 server. You should never leave Hyper-V host to “force” time on servers that you virtualize and that are Active Directory servers (at least not PDC that is the root time server for a domain).

By default Hyper-V enables all Integration services components on your virtual machine but it’s better to configure your virtual machine in my case SBS 2008 server that is Active Directory server too with external NTP time source. Becouse if something goes wrong or you have wrong time on your Hyper-V host you can get in troubles when Hyper-V host will push this “bad time” into your virtual machine.

You should also know that by default on boot virtual machine get’s time from your Hyper-V host becouse of that I have writen two articles. First is about configuring your Hyper-V host that is not joined into a domain (so it does not get the right time from AD server) so it can receive the right time from NTP time source.
And the second one about setting correct values on SBS 2008 server and disabling Hyper-V integration services feature Time Synchronization.

Hope it helps…

Time sync in SBS 2008 virtualized on Hyper – part 1.docx
Time sync in SBS 2008 virtualized on Hyper – part 1.pdf

Time sync in SBS 2008 virtualized on Hyper – part 2.docx
Time sync in SBS 2008 virtualized on Hyper – part 2.pdf

Luka

Hyper-V in Hyper-V?!? :)

4 Replies

For testing and presentation puropuses I have installed inside my full Windows server 2008 64 BIT installation with Hyper-V another standalone Microsoft Hyper-V Server 2008 – everything works – you can even manage it using Hyper-V manager from other server but you can not (obviously! :)) run virtual machines. You get an error saying unable to create partition. You should be a wirdo to even think about souch stuff but I had a chance and I just could not resist pressing the START button. 🙂 So you know now… Hyper-V inside Hyper-V does not work! 🙂

Microsoft Hyper-V server 2008 is here!!!

Leave a reply

I welcome you to join virtualisation experience with this fantastic product… At the moment of writing I am testing Microsoft Hyper-V server 2008 and it works great… In next days I will post some screenshots on how to install, configure and manage Microsoft Hyper-V server 2008…

http://www.microsoft.com/servers/hyper-v-server/default.mspx

Hyper-V FreeBSD shutdown problem workaround

1 Reply

Thanks to Mike … 

Mike wrote: 

“I’ve found an even easier way to do this.  I found a PowerShell Hyper-V script at:

http://www.codeplex.com/PSHyperv

It has a lot of functions already, and I added a “Kill-VM” function that automates the kill process:

Kill-VM <VM name>

My modified script is attached to this message.

To use it, you need to install PowerShell (Under Server Manager -> Features in Win2008).  Once installed, run PowerShell from Start -> Search, find the script, and type:

. .hyperv.ps1

Once loaded into memory, type:

Kill-VM <VM Name>

Enjoy”

Click here to download script – hyperv-script.zip