Innovative Technology Weblog

OpsMgr is mainly used to get a grip on you server infrastructure and to optimize performance and availability by using best practice, which knowledge provide in the MP’s, and resolve errors with a head start with the provided knowledge. But the next step into monitoring is getting the most out of your infrastructure and Virtualization is one of these things that can help you get there.

Currently a lot of organizations want to save money and cut back on hardware and power with the great green IT wave landing in most organizations right now. OpsMgr can help you that. VMM 2008 has the ability to manage and optimize performance, load and availability and cut back on the off hour work by leveraging the heterogenic environment to a single management console in combination with PRO ( Performance and Resource Optimization ) it does give you the insides and tips in your environment. So System Center Operations Manager and Virtual Machine Manager will give you the tools you need the manage it all.

But how can i select the best virtualization candidate in my environment to make the first steps in optimizing my infrastructure? The answer is easier than expected.

To select the best virtualization candidates just import the System Center Virtual Machine Manager 2008 and the System Center Virtualization Reports 2008 Management pack from the catalog to run the report for virtualization candidate selection, even when you not using VMM 2008 in your environment.

This MP is not only for the SCOM 2007 R2 users but can be used in SCOM 2007 SP1 too. Just download the System Center Virtual Machine Manager 2008 Management Pack for System Center Operations Manager 2007 and import the Microsoft.SystemCenter.VirtualMachineManager.2008.mp and the Microsoft.Virtualization.Reports.2008.mp and you can run your reports.

Getting into the report go, in the SCOM console, to the reporting area and navigate to the System Center Virtualization reports 2008  and select the Virtualization Candidates report. Now you can define the parameters for you selection of virtualization candidates.

Start identifying you virtualization candidates and building your dynamic datacenter, have fun with it!

Update: The selection process for virtual candidates relays on the “Virtual machine” property “IsVirtualMachine” to be FALSE for selecting the physical machines in your environment. The downside to that property is that VMWare virtual machines are not detected so the generated reports will show the physical machines you want to see and the virtual VMWare machines.

The solution to that problem is the following Management pack made by Pete Zerger of the System Center Central. Thanks Pete!

Virtual Machine Discovery MP for OpsMgr 2007

This MP extends existing discovery of virtual machines by Operations Manager and Essentials to include VMware guests. The MP will update the “IsVirtualMachine” property of the Windows Computer object to TRUE for VMware guests. Also disables and replaces the existing discovery rule that sets this value to false for non-MS VMs.

Regards,
Walter Eikenboom
http://weblogwally.spaces.live.com

One of the most anticipated features of SCCM 2007 R2 is “App-V Integration”. We have recently tested the end-to-end scenario for this integration and we can say with confidence: it BLOWS . In a nutshell, by integrating App-V with SCCM you lose App-V’s best features and reduce the solution to something that’s even worse than SCCM by itself!

So what happens when you enable the App-V/SCCM integration feature in the SCCM Management Console?

• Control of the App-V client is seized by the SCCM client. If you had App-V running on its own before you enabled the integration, you’ll notice that all App-V apps that are published through App-V’s Publishing Server are now rendered invalid. On launch you’ll get a “Unable to initialize package information (0×00000000)” error.
• You must now publish your App-V apps through SCCM as “Virtual Application Packages”. This works by importing the .XML file of the App-V package. SCCM will distribute the packages to its Distribution Points and you can enable those Distribution Points for HTTP(S) streaming.
• To get the App-V apps to your clients, you’ll have to create SCCM advertisements. Basically SCCM advertisements replace the App-V Publishing Server. The behavior of getting App-V apps to your desktop now becomes eerily similar to SCCM’s way of installing applications. No more getting your shortcuts immediately upon logon (like you get with App-V); you will have to go get a cup of coffee and hope that SCCM is willing to give you your apps today.
• If you created non-mandatory assignments, then you’ll have to go to Add/Remove Programs yourself and click “Run” for all the apps that you want. However clicking “Run” doesn’t actually run your app, it only registers the App-V app with the local App-V client. Don’t expect to see any progress bar or visual feedback that the registration actually happened; just keep scouring around in your Start Menu in hope of finding the shortcuts for your new app.
• If you created mandatory assignments, you’ll get one or more notifications from SCCM (after some time ofcourse) that SCCM has App-V apps for you that it would like to register with the local App-V client. It will do that on *every* desktop you logon to. Prepare to spend quite a bit of quality time with the SCCM Client…
• If you’re using either Windows Terminal Services or Fast User Switching in Vista, you’re SOL because the SCCM Client is allergic to terminal sessions. You’ll get a message telling you that “No programs are available to run from a Terminal Services session”. How nice. If you happen to be running the console session, you won’t notice this limitation because at the console session, everything works just fine. So make sure you also test your solution via a terminal session so you won’t get caught by surprise.

As a result of the findings described above, we were pretty disappointed with the solution and decided to reverse our decision to integrate App-V with SCCM. However we did like the idea of using SCCM Distribution Points to stream App-V apps from. So we had a go at doing a manual integration of App-V with SCCM so that we could use just the SCCM parts we wanted. The idea was inspired by Tim Mangan’s article which included this diagram:

In his article he never got around to actually testing if it was possible to stream an application that was published by App-V’s Publishing Server from an SCCM Distribution Point. He only verified that is was possible to install the App-V app through an MSI with SCCM. So we ventured to get HTTP streaming working against SCCM Distribution Points, with the shortcuts still being provided by an App-V Publishing Server. In a nutshell: it works! You do have to setup a few mechanisms to get load balancing working though.

Here is how it works:

• First and foremost: disable the App-V integration with SCCM. To do this, go to the SCCM Console -> Site Database -> Site Management -> <Site> -> Site Settings -> Client Agents -> Advertised Programs Client Agent -> Properties and make sure “Allow virtual application package advertisement” is NOT selected.
• Enable your SCCM Distribution Points for BITS, HTTP and HTTPS content transfer. To do this, go to the SCCM Console -> Site Database -> Site Management -> <Site> -> Site Settings -> Site Systems -> <your DP> -> ConfigMgr distribution point -> Properties and select “Allow clients to transfer content from this distribution point using BITS, HTTP and HTTPS”.
• We found that (at least in the RTM version of SCCM 2007 R2) you don’t have to enable “virtual application streaming” on the “Virtual Applications” tab of the distribution point to be able to stream from a SCCM DP when using our manual integration. The added benefit of this is that you can now also use Secondary Site DP’s as streaming servers!
• Set up an App-V Management Server on any server you like. You can even set it up on a SCCM server, it doesn’t matter. Use the default installation settings for the entire installation. After installation, set the Default Content Path to the following: http://%SFT_SOFTGRIDSERVER%
• Add an App-V package to SCCM for distribution and streaming:
  • Go to the SCCM Console -> Site Database -> Computer Management -> Software Distribution -> Packages -> New -> Package. Enter the information about your package and click Next. Select “This package contains source files” and set the Source Directory to the location of your App-V package and click Finish. Note that you import the App-V package as a normal SCCM package and NOT as a Virtual Application Package. Importing it as a Virtual Application Package will cause the .SFT file in the App-V package to be renamed and cause the .SFT file to be added to not 1 but 2 locations on each SCCM Distribution Point, doubling storage requirements.
  • When the package is added to SCCM, find the Package ID and use it to update the streaming location in the App-V OSD files. For each OSD file in your App-V package, update the HREF statement to HTTP://%SFT_SOFTGRIDSERVER%/SMS_DP$/SMSPKG/<your SCCM Package ID>/<name of your SFT file>
    (If you are using a File Share Distribution Point, the IIS vdir may be different than SMS_DP$. Verify the vdir name in IIS Manager and ensure that all DP’s are either standard DP’s or File Share DP’s.)
  • Now add some SCCM Distribution Points to your package so that SCCM can distribute the App-V content
• Import the same App-V package into the App-V Management Server so that you can distribute the shortcuts and set permissions:
  • On the App-V Management Server, go to the App-V Management Console, go to Applications
    -> Import Application and go to the same App-V package folder. Select the .SPRJ file and click Open. Perform your regular App-V import steps and finish the import.
  • The imported applications in the App-V Management Console should now show the correct http:// paths to both the OSD file(s) and the SFT file(s).
• That’s it! Now just configure your App-V Clients on the desktops to use your newly setup App-V Management Server by configuring a Publishing Server and use Group Policy to set the %SFT_SOFTGRIDSERVER% to the name of a SCCM Distribution Point nearby. We set this variable to DNS name that uses DNS Round Robin to distribute the load to multiple DP’s.

A few months ago my beloved colleague Walter gave me the Beta version of System Center Virtual Machine Manager. Unfortunately I haven’t had the time to play with it until now. While most people enjoy their well earned vacation, I’m playing around with SCVMM.

There are definitely things to be excited about:

• Ability to manage both Hyper-V and VMware farms
• Migrate virtual machines between Hyper-V hosts (maybe not a live migration, but a migration none the less! )
• But the main thing to be excited about is the future integration within the System Center family.

And their are also some irritating things:

• Hyper-V has just RTM’ed and SCVMM is still in beta. This means you got to install update after update to make everything work.
• When I try to install the integration services on Windows Vista it comes with the message: “Unsupported Guest OS – An error has occurred: The specified program requires a newer version of Windows.” Unfortunately I’m not yet in the possession of Windows 7… 
• I created a new library share. But when I try to mount an ISO file to my virtual machine it fails and the only thing you can do with your virtual machine from that point is remove it and repair it. Through the repair option you can save him by the way.

I properly can go on and on with these things but I can rather posts these on connect.microsoft.com. It is still a beta and I believe eventually these ‘minor’ issues will be solved.

There is one very interesting feature I found in SCVMM and I’m still not sure if it’s a brilliant or stupid thing. When you create a new virtual machine you got to choose your processor type. Not just the number of virtual processors or the clock rate, no actually the processor type. Like the 1.2 Ghz Athlon, the 3.0 Ghz Pentium 4 (HT Technology) or the 2.8 Ghz Xeon MP.

It states that it uses this info to determine the processor requirements of the virtual machine. That’s being used when calculating host ratings and when setting CPU resource allocations.
You can view the host rating when you create a new virtual machine. The host rating helps you to choose the best host for your virtual machine. Based on free resources.
CPU resource allocation is something we know from VMware ESX. VMware uses shares to do this. A plain number like 1000 or 2000. The virtual machine with 2000 shares gets twice the amount of CPU cycles (when needed) in comparison with the machine that has 1000 shares.

I understand that SCVMM should use his own system that can be plotted on all the different virtualization platforms it’s going to manage (Hyper-V, XEN, ESX). But I don’t understand how a 2.4 Ghz Opteron relates to a 2.4 Ghz Xeon.
So if I just want my production server to have a 50% preference over my test server which should I choose? And what’s worse, if I’m in doubt with this option, how about a self service user that’s got the option to create a new virtual machine? I can imagine it would properly mean that this user got the advise to skip it.

But there is one more thing confusing about this. When you use the Virtual Machine Manager snap in, there is another way to set the processor weight and you can use a simple number!

So if I change the processor type in SCVMM of a virtual machine, you would suspect something to change within this screen. But it doesn’t… Neither does it the other way around.

I’m going to investigate some more but if you got some tips or hints, please post them!

I actually ran into more problems with the PKI after the installation. Although SCCM detects your Site Server Signing certificate during setup, the process of dragging and dropping the certificate from the current user branch to the local machine branch may (not sure if there are situations where this does not happen) corrupt the private key in the certificate. To fix this, you have to change the template for the Site Server Signing certificate. On the ‘Request Handling’ tab, check ‘Allow private key to be exported’. Then go through the process of requesting the certificate as usual, and don’t drag and drop as I described in my previous post, but export from the current user certificates and import in the local machine certificates. That should fix the Site Server Signing certificate.

I also had a problem with the Web Server certificate, don’t know if it’s related to having a Windows Server 2008 Certificate Authority or not. In the Microsoft walkthrough they tell you to duplicate the normal Web Server template. When I did this, SCCM kept reporting the Management Point giving problems; a test http request would return an error. After a little Googling I found the solution: on the new template (I named it SCCM Web Server) add Client Authentication on the ‘Extensions’ tab. Don’t forget to re-enroll and re-assign the certificate to your website.

I hope that’s all I have to say about this.