Kubernetes | Command Cheat Sheet

Overview

Well yes, you are thinking right that I am learning Kubernetes so wanted to share some useful insights and will continue to share stuff on this. Below are some commands for daily operations while working with Kubernetes. I will keep on adding stuff here.

 

Command to	Command
Check Minikube version	$minikube version
Start Minikube cluster	$minikube start
Check if Kubectl is installed	$kubectl version
Check kubectl cluster info	$kubectl cluster-info
Check kubectl node info	$kubectl get node

Read More

No comments |  December 26, 2020

PS | How to get HA restarted VM's Org and OrgvDC info with VM Name

Overview

You will see many blogs giving solution for fetching the VM names which are restarted by HA in event of esxi host failures using Get-VIEvent powercli command. But the extracted VM Name too is not in well format to use as it is. You have to use excel and text to column and then extract the VM Name etc. For me, I have vCD also so at the time of ESXi host failures and HA events, I not only need to fetch the VM Name but also Org and OrgvDC info to share it with my customer. It becomes more lengthy for me and I need to make it quick. So it is extended solution for such kind of scenario. Hope you will find it useful.

Let's see how I could do it using powershell.

Script

Click here to download it. Please note that at line number 12, I have mentioned 5,6. It is because I wanted to have complete VM Name even if there is any space in the VM Name. There could be chances that few VMs are not searchable then I have added another Function to search those VMs again for Org and OrgvDC info.

Any doubt? Comment box is yours :)

Let's give it more power

If you have smtp configured in your environment then simply you can mail it from the same script using Send-MailMessage command but for that you might have to do some tweak in above script. 

Hint is, You have to save final report. Change in the last line of above script like

$myView | Out-File C:\Temp\vmsrestartedbyHA.csv

then use below command

Send-MailMessage -From 'gautam.johar@vcnotes.in' -To 'my.reader@home.com', 'myreader2@home.com' -Subject 'HA Event is triggered and VM list is attached' -Body "Please find the attachment" -Attachments C:\Temp\vmsrestartedbyHA.csv -Priority High -DeliveryNotificationOption OnSuccess, OnFailure -SmtpServer 'smtp.vcnotes.in'

Change wherever applicable.

If you are good enough in PowerShell then you can have many ways to enhance the ideas. For me this is basic script which is working fine for me.

Side Note

I created this script to run perfectly in PowerShell ISE so run in that please or if you have any error in running it in simple powershell cli terminal then you might need to fix the visible errors.

Good Luck!

Read More

Filed in Automation, PowerShell, vCenter |  No comments |  December 22, 2020

vRA | How to manually assign the unassigned shards

 Overview

In one of the vRA upgrade from 7.4 to 7.6, I faced this issue post upgrade. All went well except below error on VAMI page of both vRA appliances (as I had two nodes). If you have more and if you stuck with this error then you will see this error on all the nodes. 

================

Elasticsearch validation failed:

status: red
number_of_nodes: 2
unassigned_shards: 4
number_of_pending_tasks: 0
number_of_in_flight_fetch: 0
timed_out: False
active_primary_shards: 113
cluster_name: horizon
relocating_shards: 0
active_shards: 226
initializing_shards: 0
number_of_data_nodes: 2
delayed_unassigned_shards: 0

=================

If you read above error then you will understand that there are 4 unassigned shards which were not automatically assigned to any of the available vra node. 

Cause 

It happens if and when DB sync between primary and slave vra nodes are not good. When primary node was not having updated data but slave nodes were running with some additional data. Total break between Master and Replica DB replication. In my case also before upgrading there were many issues with DB.

If you recover the cluster state even then these shards might not assign automatically and give above alert. Now you have to assign the unassigned shards manually. Let's see the process.

Resolution

1. Check the state from Master node CLI with below command

#curl http://localhost:9200/_cluster/health?pretty=true

You will have this error in output

{
  "cluster_name" : "horizon",
  "status" : "red",
  "timed_out" : false,
  "number_of_nodes" : 2,
  "number_of_data_nodes" : 2,
  "active_primary_shards" : 113,
  "active_shards" : 226,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 4,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0
}

2. Check the cluster information with below command

#curl -s -XGET http://localhost:9200/_cat/nodes

You will have similar output

master.mylab.local 172.25.3.199 8   d * Dreadknight
replica.mylab.local 172.25.3.200 8   d m Masque

3. Search for unassigned shards

#curl -XGET 'http://localhost:9200/_cat/shards' | grep UNAS

You will see similar output as below

 % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 15870  100 15870    0     0   484k      0 --:--:-- --:--:-- --:--:--  484k
v3_2020-10-02  4 p UNASSIGNED
v3_2020-10-02  4 r UNASSIGNED
v3_2020-10-02  2 p UNASSIGNED
v3_2020-10-02  2 r UNASSIGNED

4. Re-assigned these using the following command, where index = v3_2020-10-02, and shards to be re-assigned are '2' and '4', while running on the master node - 'Dreadknight. Change your command according to your environment. for example, value after index will be changed, value after shard, after node will  be changed. Other infos will be same.

curl -XPOST 'localhost:9200/_cluster/reroute' -d '{"commands":[{"allocate":{"index":"v3_2020-10-02","shard":2,"node":"Dreadknight","allow_primary":"true"}}]}'

and

curl -XPOST 'localhost:9200/_cluster/reroute' -d '{"commands":[{"allocate":{"index":"v3_2020-10-02","shard":4,"node":"Dreadknight","allow_primary":"true"}}]}'

That's it. Now shards have been assigned or allocated automatically manually.

Log out all the nodes VAMI and log in back. You will not see any such error.

Read More

Filed in vRA |  No comments |  December 21, 2020

Miscellaneous Notes

This is dynamic post and I will keep on adding points in here. I generally add small but useful things here which is not worthy to create long post.

 

How to	Explanation
transfer the tech-support bundle to FTP on Arista Router	copy flash:/EOS-4.18.2F.swi ftp:/user:password@192.168.10.15/EOS-4.18.2F.swi user = username of ftp server account password = password of ftp server account 192.168.10.15 = IP address of ftp server EOS-4.18.2F.swi = tech-support bundle file name
Encrypt a PowerShell script	https://drive.google.com/open?id=19Bvik1FcSTC57eJ0CZPE4D-8hnQfyCi-
Reboot Windows with PowerShell command	powershell.exe -encodedCommand cwBoAHUAdABkAG8AdwBuACAALQByACAALwB0ACAAMAAxACAA
To create a digital clock	Download and run these PS script to create the clock on your PC. EST Clock | CST Clock | IST Clock
Do few things in Linux	Check Kernal Version in Linux - Rpm -qa | grep -I kernel Change IP on an interface - ifconfig eth1 192.168.2.2 netmask 255.255.255.0 To set or change DG of any VM - route add default gw 192.168.2.1 File location to change the IP - vi /etc/sysconfig/network-scripts/ifcfg-eth0
How to ping with the MTU value	ping www.yahoo.com -f -l 1492
Add Network Components in vRNI	Check this article
How to encode and decode Base64 script	Check this here
Ping an entire subnet in Windows	I have documented it here
Some Useful ESXi Commands	Check speed and other info of HBA card - esxcli storage san fc list
vCloud API Guide for NSX	Here is the vendor page for pdf
To create static routes in multiple esxi hosts	$esx = Get-VMHost -Name esxihost_Name $esxcli = Get-EsxCli -VMHost $esx -V2 $parms = @{ network = '192.168.102.0/24' gateway = '192.168.3.1' } $esxcli.network.ip.route.ipv4.add.Invoke($parms) $esxcli.network.ip.route.ipv4.list.Invoke()
Send mail to any mail account using PS	Download the powershell script from Google Drive. Click here
How to delete any iso file in all datastores which is older than 15 days	foreach($ds in Get-datastore){ New-PSDrive -Name GJ -PSProvider VimDatastore -Root '/' -Datastore $ds > $null Get-Childitem -Path GJ:\ -Recurse -Include *.iso | Remove-Item -Confirm:$true | Where ((Get-date).AddDays(-15)) #This will search each and every folder in your datastore and show you the file to delete it. Remove-PSDrive -Name GJ -Confirm:$false} Replace false to true in command (Remove-Item -Confirm:$false to Remove-Item -Confirm:$true)if you want to check and delete each file one by one
How to edit Login Banner in Vmware Cloud Director Appliance	1. Create or edit a file in /etc/login.warn and put your message in here. 2. Edit /etc/sshd/sshd_config file and change the line from #Banner none to #Banner /etc/login.warn

Read More

Filed in Other |  No comments |  December 14, 2020

PS | To extract DRS rules with VM names

Hi Guys,

This is not a big thing but still I wanted to document it for my own reference. I got a request like which VMs are in which DRS rules so I got below script.

#Start here

$VC = Read-host "Enter the FQDN\IP of vCenter Server"

Connect-VIServer $VC
$DRSRules = Get-Cluster | Get-DrsRule
$Results = ForEach ($DRSRule in $DRSRules)
     {
    "" | Select-Object -Property @{N="Cluster";E={(Get-View- Id $DRSRule.Cluster.Id).Name}},
    @{N="Name";E={$DRSRule.Name}},
    @{N="Enabled";E={$DRSRule.Enabled}},
    @{N="DRS Type";E={$DRSRule.KeepTogether}},
    @{N="VMs";E={$VMIds=$DRSRule.VMIds -split ","
     $VMs = ForEach ($VMId in $VMIds)
        {
        (Get-View -Id $VMId).Name
        }
      $VMs -join ","}}
     }
$Results | out-gridview

#End here

Another window will open and copy entire output into excel if you want.

Cheers!

Read More

Filed in PowerShell, vCenter |  No comments |  December 14, 2020

vCD | How to disable auto-discovery for particular OrgvDC

Overview
How to connect
How to check existing setting
How to update existing setting

Overview

I am creating a post on the subject because there is no clear cut article on this on web or might be I couldn't find straightforward process to do this. Basically, in vCD GUI there is option to disable or enable the auto-discovery for entire vCD system. On org level you cannot disable or enable auto-discovery but you can override this setting on OrgvDC level but with the help of Admin APIs. Hope you know about APIs but what is Admin APIs. This will automatically be answered in this post. Read this post carefully and I hope you will understand this. To know more about auto-discovery, you can check out this post by Tom Fojta.

How to connect

You cannot even check the auto-discovery status for OrgvDC from GUI. You need to use the API. I have already covered this in my previous posts to connect vCD in API tool. Have a look here

How to check existing setting

Once you are connected then Use below api query to extract your Org detail

1. GET https://vcloud_ip_or_fqdn/api/org 

Now, copy entire output and paste into notepad++ or any other text editor you want. Search for Org name where your orgvDC was created. Search in the notepad++ file only. You will get href link from there. Copy that link and paste it in API tool and send GET command. Example is shown below

2. GET https://vcloud_ip_or_fqdn/api/org/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc"

Now, you will get OrgvDCs list in this org. Copy entire output again and paste it into notepad++ again. Search target OrgvDC name and copy the href for that OrgvDC. Below is the example-

https://vcloud_ip_or_fqdn/api/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc"

In order to check the value you need to modify the above href value little bit. Check below

https://vcloud_ip_or_fqdn/api/admin/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc"

Hope you could notice the difference in above lines. Now create and send GET command as below

3. GET https://vcloud_ip_or_fqdn/api/admin/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc"

Note that if you run the GET command with adding "admin" then only you will get the auto-discovery option in output. Below is the example command and output with "admin" keyword-

Note that, if any OrgvDC output is not having this line that's mean it is following the vDC global level setting and to override this value by adding this line here. I will explain how.

Flase means VM auto-discovery is disabled and true means it is enabled. I explained you the process to get the value to Vm Auto Discovery status for OrgvDC. Now let's how to change this value.

How to update existing setting

To update this value from false to true or true to false or even enter the whole line here, you need to follow below steps

1. From above steps 3, you got orgvDC href value where you send GET query to get the auto vm discovery states, now you replace GET command with PUT command

2. Now, in the output for OrgvDC which you copied into notepad++,  If vmDiscoveryEnabled is false and you want to make it true then change the keyword from false to true and vice-versa. 

3. Copy entire output again after changing the value and paste it in the BODY, select RAW and select xml as shown in my previous post.

4. You will not click on send button now, you need to add one more header here along with other placed headers. Header info is given here and practical use below. For this reason only, I had to create an entire post. This is not clearly mentioned on any article on web so now you have one.

In case, you want to use JSON then you can use that too but make sure then JSON must be selected in body where you pasted the data from notepad++.

Once you put the content-type then make sure you have entered the right vDC href and selected operations in PUT and not GET. 

Now hit the send button.

You will get message "202 Accepted" if all went good.

Read More

Filed in API, Cloud Director |  No comments |  November 16, 2020

vCD | How to select ESP as Protocol in firewall rule of ESG

Overview
How to connect
How to extract edge firewall rules config
How to update edge firewall rules config

Overview

This post is to share the process to change the existing available protocols in NSX-v Edge firewall rule (Not DFW). Available protocols are TCP, UDP, ICMP and Any on vCD's Edge Service Gateway page. See below image.

My customer's demand was to set another protocol here which is ESP. I checked on GUI and it was clear that it is not possible from here so I could change it successfully from API queries.

How to connect

Before updating this firewall rule field, we must know that how to connect vCloud Director in any API tool. You can use Postman, Insomnia, ARC (Advance Rest Client) as a tool to connect vCD. You might need to disable SSL check before executing any api call. Below snippet is from Postman API tool.

Once that SSL check is disabled then
1. Set Authorization as Basic Auth. See below image

2. Set header as mentioned below
Accept application/*;version=32.0

Version can be according to your vCD version. 

3. Now create api query like https://vcloud_ip_or_fqdn/api/sessions and select POST in query type. It will be like
POST https://vcloud_ip_or_fqdn/api/sessions
This query is to get authorization and access token. Once you entered the URL and selected query type as POST then hit "Send" button to run this query.
Post run you will get "200 OK" and authorization and access token headers. See below images

Use above two headers as shown in below images

Now, you are ready to do any operations in vCD using this API tool

How to extract edge firewall rules config

Use below api query to extract your Org detail

1. GET https://vcloud_ip_or_fqdn/api/org

Copy the output and paste in Notepad++. Search for target OrgvDC name where your edge is residing. Then create another query and run it

2. GET https://vcloud_ip_or_fqdn/api/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc"

You will see similar output in your Notepad++ data. Just copy vdc href from notepad++ file not from here and paste in Postman and then hit send

Here, you will have another output from OrgvDC. Search here the edge name. You will get line like below. Copy that line similar below and run another query 
https://iaas-sin.aticloud.aero/network/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc/edges
Now, create a API call like

3. GET https://vcloud_ip_or_fqdn/network/vdc/a038859f-bf22-4d64-b6dc-e1cb8fdf2fbc/edges

It will give you output like below. Only single line.

https://vcloud_ip_or_fqdn/network/edges/1343b683-bdca-4b80-9e19-8d668f98d8bc

Now, again create a query to fetch edge firewall services. It will be like

4. GET https://vcloud_ip_or_fqdn/network/edges/1343b683-bdca-4b80-9e19-8d668f98d8bc/firewall/config. 

It will give you all configuration of this edge. 

How to update edge firewall rules config

It is a simple process. Copy the output of point 4 in text editor like notepad++ and search for entries like below-

<application>

  <service>

    <protocol>tcp</protocol>

    <port>any</port>

    <sourcePort>any</sourcePort>

Here in protocol we need to replace it from tcp to esp. In notepad++ itself change the field to esp. It will be like below

<application>

  <service>

    <protocol>esp</protocol>

    <port>any</port>

    <sourcePort>any</sourcePort>

Now, copy entire output from notepad++. Full output not these 5 lines. and paste in postman. where? See below-

Once done, create below query

PUT https://vcloud_ip_or_fqdn/network/edges/1343b683-bdca-4b80-9e19-8d668f98d8bc/firewall/config

and hit send button. That's it. To cross check it either you can check in GUI or again follow "How to extract edge firewall rules config"

Read More

Filed in API, Cloud Director |  1 comment |  October 31, 2020