Why IT is so fun sometimes

So our company sprung and purchased IT a copy of VMWare Infrastructure Foundation so we can get on the virtualization bandwagon. The VI Server software fairly rocks. Setting it up is a breeze, networking is all virtualized, and setting up virtual servers is a piece of cake.

The idea is to set up a new accounting timesheet server and Exchange test server on the VMWare boxes. The accounting timesheet server will be easy. However, Exchange might be a bear. So I look up the requirements: There must be a Windows 2003 SP1 domain contoller somewhere for Exchange to muck up with it’s schema changes and such.

We have such a server, but it’s in out Dayton, OH office. Everything else is a Windows 2000 DC. Not good to have your Exchange server talking to a remote DC over a DSL link, so the plan is to install a DC here at the local office. Normally that would involve new hardware and software, and you gotta justify it and order it and have it shipped and install it in the rack and hook it up and install the software.

That’s why VMWare rocks. I download the 2008 install iso from Microsoft, create a new virtual machine, configure it to be a 2008 server, virtually attach the CD-Drive to the iso, configure the vm to boot to the iso, and away we go. No hardware, no justifications, just make sure you have a license!

I set up a Server 2008 core vm in a matter of minutes. It’s sweet.

So I wanted to make my new Server 2008 a domain controller. TO do that, you have to run some preparation scripts against your existing Active Directory domain to prepare it to have a Windows 2008 server join. There were some snafus there due to some experimentation with MS Services for Unix and AD4Unix back in the day (note: do NOT extend your AD schema unless you absolutely have to and know what you’re doing), but they were fairly easy to work out.

Another note: I decided to go with Windows Server 2008 core, which is MS’ way of being all Unixsy by neglecting a GUI and making all configuration done via command prompt (although some programs still pop up a dialog box when looking at the help…huh?). So I had to find a reference on the command-line commands to do things like set up the networking, change computer name, join a domain, etc. Luckily, they have this nice thing called the internet with a fancy search interface called Google which finds me anything I could possibly want, provided I know how to ask (and please just ain’t the answer sometimes 😉

So Google enlightened me how to make my spiffy virtual Windows Server 2008 Core machine a domain contoller (hint: DCPromo and an answer file stripped down from an unattend.txt file).

Now to be a domain controller in an Active Directory environment, you must also be a DNS Server. Again, Google was the way and the truth and the light by finding me the OCSetup command, which adds “roles” to a Server 2008 installation. Wanna be a DNS server? BAM! Wanna be a DHCP server? WHAM!

Now here’s where the fun begins. I figured I could continue my command-prompt configuration education, but sometimes life is short and you just wanna use a damn GUI. Microsoft has traditionally offered AdminPaks for the client OS to manage MS server OSes. Google showed me that Microsoft thought RSAT would be a better name (Remote System Administration Tools). Of course, MS also though that it would be awesome to only have the remote admin tools for Server 2008 run on Vista w/SP1.

Luckily, I have me a Vista machine I’m testing out right here to my left. Alas, after downloading the RSATPak, it tells me this update is not for my machine. A lil’ bit or research (log files this time, not Google) tells me my machine doesn’t have SP1 installed.

Since Vista’s SP1 came out ages and eons ago, I wonder why my machine didn’t install it.

The first place to check is our WSUS 3.0 SP1 machine. I look, and it has downloaded Vista’s SP1 (and is even impatiently waiting for me to approve the EULA for XP SP3.) So it’s not the WSUS machine’s fault.

Back to my machine to look at the WindowsUpdate.log file. I find that it seems the updates, and it likes the updates, but some regulation is denying it from downloading the updates.

I swear to GodAllahYahwehBuddahHughHeffner! The error is: Update X us “PerUpdate” regulated and can NOT be downloaded.

So Google came up with some answers to this one, but I though that the first step would be to download Vista SP1 (tardily) and install it, to see if it would help.

Cause then with Vista SP1, I can install the RSAT. So I can be lazy and configure the DNS of my new virtual 2008 core server via a GUI So I can make sure it’s ready to interface with my new Exchange 2007 test server. And I still need to go back and make sure Vista SP1 fixes my Automatic Download problems on Vista…

And this doesn’t take into account the loads of other stuff I need to be doing. The joy of being IT at a small company is that I get to learn all kinds of new things and play with lots of new toys.

The bad thing about being IT at a small company is that I have to learn all kinds of new things across many different technologies. Alongside my computer and network IT duties, I am also Lord and Master of a vintage 1990’s era Nortel Modular ICS system, the alarm system for the building, the card access system, a third-party accounting system based on VB apps written around a COBOL database, and a fleet of new Crackberries used by people who reside at remote offices (and I don’t even have a Crackberry!).

Luckily I have my idiot savant relationship with anything IT, so I can figure it out. I don’t know why I get it, I just get it. KMart sucks…

My $.02 Weed

One thought on “Why IT is so fun sometimes”

Virtualization

Because I work at UltraMegaCorp — a much larger company — my role is a bit more specialized. Officially, I am an “AIX and HPUX System Administrator Level 2”. Which is kind of funny, because I have a lot more experience than some of our Level 3 and Level 4 guys.

Anyway, the reality is I’m one of the few admins who actually works in the data center. Outside of the 3 UNIX admins here, the several dozen others are remote and we get to be their remote hands, and get dirty with a lot of different projects. That helps keep it fresh, I guess.

Here are the virtualization environments we have going:

An educational environment running a proprietary combination of Xen and Oracle database. Approximately 200 quad to octo-core systems with 32GB-128GB of RAM apiece virtualize several thousand test-beds for students. There are two disks on each system, but their only purpose is to be mirrored copies of a swap partition created on each bootup for the Host operating system. All the machines boot from NAS over 1Gbit fiber, although a 10Gbit upgrade is in the works. We make really heavy use of Network Appliance’s FlexClone ability here to dramatically reduce the disk space requirements for each Guest OS. It’s quite a sweet setup. Unfortunately, my involvement in this environment is practically nil. But I can admire from afar.
A Quality-Assurance testbed running VMWare Server. Just for the record, from a large-deployment management and ease-of-installation perspective, Xen doesn’t yet compete with VMWare in the slightest unless you bake your own tools. The setup is much like the educational setup above, but a different virtualization product and only around 100 servers at present with a game plan to expand much larger. The cool thing about this one is the provisioning system. A QA tester requests a system for a certain duration according to his test schedule, puts in the system requirements, and BINGO! Out pops a virtualized environment within a half hour that meets his requirements, and is automatically retired when the tester’s stated test period is over. I’m involved with maintaining the host operating systems, but 90% of the Guest OSs are Windows, not Linux or something else. The NAS back-end is Pillar, and because they don’t yet have a FlexClone equivalent in their stable NAS code, they just bought a freaking huge amount of storage for a cheap price.
The project we’re currently knee-deep in is figuring out how to virtualize Solaris build & test servers. See, the “old process” prior to the acquisition of my company was that the UNIX team — my old team — was included in discussions regarding new hardware. That way, we could provide sanity checks and compatibility information. The “new process” is that Management and Project Managers decide what hardware is needed, negotiate sweetheart deals on bleeding-edge, untested equipment for practically nothing from hardware vendors, and then the resultant mess is tossed our way and we’re told “make it work”. Well, unfortunately, we need to build to Solaris 8 and Solaris 9 targets for our customers, and these new systems only run Solaris 10 and newer. So we get to build Solaris 10 Host operating systems that run Solaris 8 and Solaris 9 guests in virtualization. It’s taking a lot of time, because the Sun product is, unfortunately, much more Xen-like quality and refinement than VMware-like, resulting in the need to write a whole lot of scripts to get the job done. My co-worker is heading this one up, but I’ll be involved eventually.

My department oversees about 1,600 of the physical servers in this 10,000 server data center, and UltraMegaCorp is building a new data center nearby that will be four times as large, and probably ultimately cost around half a billion dollars (not counting the machines inside). I think I’m going to keep working here for a while, because, well, damn, what a big playground it is!

The sad fact of my job, though, is that lately I’m much more of the backup monkey than anything else. With over 1.5 PETABYTES of backup tapes floating around on 4GB to 200GB tapes, it could really be a full-time job by itself.

There are some vacancies here, too… let me know if you guys are interested in moving to Utah 🙂

—
Matthew P. Barnson

Comments are closed.