Posts

Posted on

XFS – Resize the immutable file system

In the Veeam Backup & Replication environment, it may be necessary to expand the allocated space of a Linux repository.

In my environment, there is an Ubuntu 22.04 server to which a second disk(dev/sdb) was added, formatted as xfs, and made available as mount point /mnt/backup/ .

The server is used in hardened repository mode (immutability)
(https://helpcenter.veeam.com/docs/backup/vsphere/hardened_repository.html?ver=120).

Let’s look at the simple procedure:

  • The packages to install are cloud-guest-utils and gdisk:
    “sudo apt -y install cloud-guest-utils gdisk”
  • To find out the structure of the file system use the command:
    “sudo lsblk”

      • The result shows the sizing, and mount point of Ubuntu server file system:
        NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
        sda 8:0 0 16G 0 disk
        ├─sda1 8:1 0 1M 0 part
        ├─sda2 8:2 0 1.8G 0 part /boot
        └─sda3 8:3 0 14.2G 0 part
         └─ubuntu–vg-ubuntu–lv 253:0 0 10G 0 lvm /
        sdb 8:16 0 100G 0 disk. └─sdb1 8:17 0 80G 0 part /mnt/backup
        sr0 11:0 1 1024M 0 rom
  • To find out if the file system has additional space to allocate:
    “sudo growpart /dev/sdb 1”

    • The result shows the item changed
      CHANGED: partition=1 start=2048 old: size=167770079 end=167772126 new: size=209713119 end=209715166
  • The final command that widens the file system is: sudo “xfs_growfs /mnt/backup/”
  • Check the result through the command already seen: sudo lsblk”
Posted on

Veeam + ReFS: How much space you save

ReFS is the advanced file system from Microsoft that improves data availability through technologies that can:

  1. Ensuring greater resilience of data stored on the file system.
  2. Increase the performance in reading and writing.
  3. Improve the scalability (we are talking about millions of TB).

One of the most useful and widely used features in backup is the technology of Block-Cloning which allows Veeam Backup & Replication to create full backups equal in size to an incremental.

The operation logic is simple and consists of 3 phases:

  1. TheBackup copies to the target Repository (ReFS), the incremental data of the VM / Instances / Physical Servers/ Clients To be protected.
  2. The File System ReFS will take care of storing the new blocks and creating the metadatarelated to the newly written data.
  3. The option “create a Syntethic-full” actually triggers anoperation at the level of metadata. ReFS adds to the metadata just created, those related to previous backups, thus creating a new full child of the union of all the necessary metadata. To further simplify, a logical full is created without any block being copied/moved.

Note 1: The result is not only a saving in space but also in the time it takes to make the full.

Well, how is it possible to quantify the disk space saved in the repository (ReFS)?

Timothy DeWin has made a tool (blockstat.exe) perfect for this calculation, to which I refer you for all possible options.

In my case, I solved the client’s need through:

  1. Creation through powershell of a text file (Unicode format) that would search all the Backup files generated by Veeam Backup & Replication within the ReFS repository. (See image 1)
  2. Captured the output of the bloclstat command. (see image 2)

Picture 1

picture 2

Posted on

SQL Reporting Server – Self Certificate & Veeam ONE

Veeam One is a splendid Advanced Analysis and Reporting tool for virtual and backup environments.

In an Enterprise architecture, the Veeam One roles are distributed on different Servers.

Let’s talk about the DataBase ( MS-SQL ), the Reporting Server ( SSRS ) and obviously the Veeam ONE Server ( VOS )

In this article, I will illustrate how you can streamline your reporting by creating an encrypted connection between Veeam ONE and the Reporting Server at the same time.

The procedure consists of three macro phases.

  1. The first creates the certificate that enables the HTTPS encrypted connection on the SSRS server.
  2. In the second, you configure SSRS to accept HTTPS connections.
  3. In the third, we configure the Veeam ONE server to use SSRS for reporting.

1- Creation of the certificate

If there is no certificate authority installed in your domain (like mine), you need to create a Self-Signed certificate.

Let’s see how to proceed:

On the SSRS , start a PowerShell console as administrator and run the following commands:

  1. New-SelfSignedCertificate -CertStoreLocation cert: \ LocalMachine \ my -dnsname NAMESERVER -NotAfter (Get-Date) .AddMonths (60) (replace NAMESERVER with your Server name).
  2. $ pwd = ConvertTo-SecureString ” yourpassword ” -asplainText -force (replace your password with a complicated one of your choice).
  3. $ file = ” C: \ MyFolder \ SQLcertificate.pfx ” (this is the location where the certificate will be exported ).
  4. Export-PFXCertificate -cert cert: \ LocalMachine \ My \< Thumbprint created from the output of the first command> -file $ file -Password $ pwd ( Copy the certificate to the file created in step 3 ).
  5. Import-PfxCertificate -FilePath $ file cert: \ LocalMachine \ root -Password $ pwd ( imports the certificate into the SSRS ).

Now it’s time to copy the SQLcertificate.pfx file (point 3) into the VOS and proceed with its installation as indicated in the next lines.

  1. Double click on the file and in the first window choose ” Local Machine “.
  2. When prompted for the password , provide the one set in step 2.
  3. On the next screen select ” Place all certificates in the following store “, and after selecting Browse, select from the ” Trusted Root Certification Authorities ” list.
  4. Ok and after selecting Next, finish the installation.

2- SSRS configuration

Using the SSRS configuration manager it is possible to set the HTTPS connection as shown in images 1,2 and 3.

Picture 1

picture 2

Picture 3

3- Veeam ONE configuration

Images 4 and 5 show how to configure VOS to use SSRS to generate reports.

Picture 4

Picture 5

Note 1: From image 5 we can see that it is possible to test the connection via the Test Connection button.

Note 2: The details on which ports open in the firewalls are documented in the guide. ( helpcenter.veeam.com) ; remember to add port 443 🙂

See you soon

Posted on

ESXi v.7: host patching

In this article, I will explain the procedure to upgrade the ESXi Host when the VMware environment consists of only one server.

Note 1: The first task is to update the vCenter ( VCSA ) by checking which ESXi versions are supported.

Note 2: The traditional method of updating ESXi Hosts uses the automated update process managed by the vCenter console.

Note 3: The DR site of my laboratory consists of a single VMware ESXi Host on which the secondary vCenter ( VCSA ) is present; in this scenario, the methodology indicated in note 1 cannot be used, since, during the update phase, the ESXi Host is placed in maintenance mode. In this state, all the VMs present are off (including the VCSA ).

The solution is to use the procedure on the VMware ESXi Patch Tracker site which consists of the following steps:

1- Selection of the software version that will be installed on the host at the end of the process (see image 1)

Picture 1

2- Determine the CLI commands to use during the update procedure:

The procedure is illustrated in the pop-up that appears when you click on the selected package (see image 2)

picture 2

3- Enable the ESXi Host for ssh connection (image 3)

Picture 3

4- Connect via ssh to the ESXi host and run the commands previously shown in the pop-up.

In my case:

  1. esxcli network firewall ruleset set -e true -r httpClient
  2. esxcli software profile update -p ESXi-7.0U3d-19482537-standard \ -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
  3. esxcli network firewall ruleset set -e false -r httpClient

5- Put the ESXi Host in Maintenance mode and restart it.

6- At the end, check that the update was successful (image 4 and 5)

Picture 4 – Pre Update

Picture 5 – Post Update

Note 4 : In case the hardware is not in the compatibility matrix, the advice is to use the option< –no-hardware-warning> . In my case the second command was changed to:

esxcli software profile update -p ESXi-7.0U3d-19482537-standard \ -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml –no-hardware-warning

See you soon

Posted on

Bye Antonio

Antonio was an eclectic person, with many interests, among which he favored bridge, the mountains and good food.

It was always a pleasure to meet him, you knew he would tell funny life stories that, thanks to his great oratory, managed to capture the attention of all bystanders.

If the Bisbino had seduced him as a young man, teaching him the love for the mountains, Bormio and its valleys were the holiday destinations most dear to him and of which he knew every corner and ravine.

You could tell from that light that came on when he spoke of Val Viola, Val Zebrù and the Cancano Lakes.

I remember it a few years ago when, having reached the Forni glacier refuge on foot, he said loudly “I’m back” in a tone of voice that clearly indicated a reconciliation with that enchanted corner of Valtellina.

During lunch, rigorously with polenta and eggs, he said that a few years earlier that climb had hurt him (to the heart) and reaching the refuge again had strengthened that long and old friendship that seemed lost.

His motto was “It’s all flat!” and he often used it to convince people less accustomed to alpine trails to reach challenging destinations. He rewarded the winners by telling historical anecdotes about the place while they tasted typical dishes of the upper Valtellina.

He was certainly a good fork, his stomach allowed him to digest any dish. He said that if he had a heart as strong as his stomach he could live for another 100 years.

Seeing him then choose dishes from the menu was a real pleasure. He opened the menu, read it carefully (even if he preferred the places where the menu was told) and as if he were already savoring the dishes, before communicating his command, he rubbed his hands asking for some confirmation on the preparation of the dishes.

He was also an authority on the choice of wines, he always knew what to combine with what he ordered, always favoring the cellar over the name of the wine.

Perhaps not everyone knows that Antonio was also a fruit specialist. He knew all types of pears, apples, black cherries … and his true passion was cherries. In years of work, he had discovered and mapped all the “free” plants of the upper Milanese area and often stopped to pick the delicious fruit during his return trips.

His humor was enhanced in situations that seemed complicated.

With the group he had chosen to spend a few days in Tuscia. We had the first dinner in the farmhouse where we were staying, which had meat as a specialty.

While not great, most of us ate our portion.

When the hostess asked for an opinion, one of us criticized the dish by correctly indicating its limits.

Antonio took the ball, got up and with the excuse of wanting to know better the type of wines, he started talking to the owner of the farm.

Arrived at a safe distance, he began an intense conversation of which we did not understand the meaning.

After a few minutes, he returned to the table while the again serene lady headed into the kitchen.

To the mischievous question about what he had promised to make the lady happy, Antonio replied: “I simply said that our diner is a very rich duchess accustomed to fine cuts of meat and who sometimes honors us with her presence”.

As long as we stayed in the farmhouse, the owner always asked Antonio for confirmation whether the Duchess liked breakfast or lunch and we, like restless students in the classroom, barely hid the laughter.

On Wednesday afternoon he had a fixed appointment: the Bridge tournament in Mendrisio.

He was particularly fond of that event and the people who frequented that club. He felt honored to be part of that group and grateful for his friendship with President Luciano. He also often won there and used the francs he won to organize and pay for dinners in the Swiss crotti for his playmates.

In bridge he was well known not only for being a winning player, but above all for his cordial manner.

To those who asked for advice on how he should bid or play a hand, he always gave a detailed answer precisely because he knew that in order not to make the bridge disappear it was necessary to share his knowledge.

He threw himself into every event with the ardor of a twenty year old. Always sitting strictly in the North or in the East.

With the group, we took short and long holidays around our beautiful country, which Antonio defined as extraordinary, beautiful, and wounded by an atavistic inability to make it even more receptive to tourism.

The evenings ended with a game of Burraco where he also played with his daughter Bibi and inexorably won those who at that moment had the luck in favor. The teasing of the next day was to tell the miraculous catch that had allowed that illogical game to be a winner (classic in burraco).

Raffaella has been her playmate for the last 11 years and if we have met this wonderful character we must say thanks to her who immediately made him join a heterogeneous group of people united by a passion for the bridge (among other things, before starting the partnership asked me, like a man of yesteryear, if I agreed).

After a few years, I asked Antonio a simple question: he, a great player, how did he manage certain “illogical” plays by Raffaella?

He replied with a maxim that will remain with me forever: “Gabriel, save your breath, you’ll need it.”

Bye Antonio, I know that you will find your old bridge friends at the table and that you will continue to delight them with your true self.

We will miss you.