my personal blog about systemcenter

HP have 2 integrations with Virtual Machine Manager , this post will cover the basic install of the HP Storage UI Add-In for System Center , this tool provides a overview of the storage connected to the Microsoft Hyper-V / Microsoft Virtual Machine Manager Installation , 2nd a post will cover SMI-S integration for assigning storage to Hyper-V hosts

 

This post will cover the install and a few screen shots of the UI integration with Virtual Machine Manager

 

 

image

Start the installer

image 

This is the install on the Virtual Machine Manager server so we will select HP Storage UI Add-In Server

image

Select path for install

image

Go Go

image

Install should not take more than a few minutes

image

DO NOT use a domain admin for this purpose , testing with the Hyper-V management account , not sure why HP wants to use a domain admin seems like a terrible idea

image

So i will use the Hyper-V account used in VMM again needs further testing

image

Go to Settings Console Add-Ins , ensure that you did a run as administrator when launching the VMM console

image

Import the add-in

image

Go Go

 

image

Add the HP 3PAR storage systems through VMM

image

Set the IP address on the 3PAR’s and select the action account

 

image

 

image

Just for testing i added the FC and NL for provisioning in a later post

image

Go Go

image

In the VMM console select HP Storage Management , and select Authorize on the storage systems , this will prompt for credentials

image

And we now can see what LUN on the 3PAR a VM is located on and what paths/speed is used

image

And a general overview of the 3PAR

So one of the news in UR3 to Data Protection Manager 2012 R2 is the Scalable VM Backup

This adds more scale to each DPM server ensuring backup of the VM on each host

http://support.microsoft.com/kb/2966014

Features that are implemented in this update rollup
  • Scalable VM backup
    This update rollup improves the reliability at scale for Virtual Machine (VM) backups on Hyper-V and Windows Server 2012 R2 infrastructures. This feature is supported on both Cluster Shared Volumes (CSV) and scale-out file server (SOFS) storage configurations for VMs.
    Prerequisites

 

Ensure April Update on Everything

image

So patch your test dpm servers and update the agents

image

Reboot is NEEDED even on 2012 R”

image

Sucess Smiley

 

image

You will need to run a consistency check of all VM’s

image

image

DPM issues a checkpoing before the CC

image

After checkpoint is complete we can create a recovery point

image

image

And we can see the snapshot being created and the deltas moved.

image

and on the plus side , no more errors on the VDS Basic Provider after the upgrade , and from the testing so far no issues with ODX enabled

PATCH TEST WAIT DEPLOY in PRODUCTION

One of the steps in creating a secure PKI infrastructure is protecting the Root CA from attacks when its not used , normally we see people exporting VM’s with the Offline Root CA to multiple external drives and then storing them in a secure location and then out of the safe once a year to refresh the CLR or whenever a Issuing CA needs to be “killed” or renewed

But often in midsize installations the Offline Root CA stays in the environment making it subject for offline attacks and loss of control of the PKI environment

In the perfect world the CA root would be secured properly or might even be a physical HSM but sometimes ease of access and reduced complexity / cost wins

This is a attempt to meet in the middle , keeping a higher security level than just leaving the VM around , and easier to manage than VM exported to a removable media

There been multiple articles on how to use Bitlocker in a hypervisor where we don’t have access to the TPM chip that might reside in the server

This example follows 2012/2012R2 VM as generation 1 , the VM was created as a gen1 to ensure that potential problems with secureboot when moving the VM through Hypervisor lifecycle would prevent a boot

http://blogs.msdn.com/b/mszcool/archive/2010/02/03/bitlocker-in-a-windows-7-guest-running-on-a-hyper-v-r2-environment-or-any-environment-without-a-tpm.aspx

The above article is a example on how to enable Bitlocker on a Windows 7 Guest and we follow the same procedure

 

 

image

Through gpedit.msc enable Allow Bitlocker without a compatible TPM

 

image

Create a new virtual floppy

 

image

And attach it to the VM , this floppy files needs to be preserved in a safe as it will have the bitlocker recovery keys

image

Enable the bitlocker role on the VM

image

start manage-bde –on C: –rp –SK A: , this will enable the encryption after next reboot ,

the recovery password needs to be printed and secure with the virtal floppy ,

as this is a test enviroment created for this blog the password/key isnt pixelated

image

After reboot we can see that bitlocker is enabled

image

And verified from the gui

image

image

If we remove the virtual floppy

image

the VM wont boot so we need to virtual floppy to continue

 

Its a improvement over having a VM locally that can just be copied or stated up ,

scrubbing the data area where the virtual floppy is created to will improve further as changing encryption levels on the bitlocker drive

This is not a prefect implementation but over a VM just sitting there offline this wins every time.

As the ever brilliant Stanislav pointed out there is a new management pack in town , well new name and version number but still its new Smiley

 

http://cloudadministrator.wordpress.com/2014/06/30/hp-storefront-manager-for-microsoft-4-0-hp-storage-management-integration-with-ms-system-center/

 

We currently have the 3.1 version of the HP Storage Management Pack installed

 

image

 

And its happy and shiny showing us the state of our 3PAR installation

image

And along comes the next version of the management pack , before reading the documentation we install it in the test enviroment only to find out that a upgrade is not supported

 

image

Upgrading HP Storage Management Pack for System Center
Before installing v4.0, uninstall any previous versions of HP Storage Management Pack for System
Center.
NOTE: Upgrade to HP Storage Management Pack for System Center v4.0 is not supported.

 

And after reading the documentaion we can see thats its not supported

I get that its a free management pack but the kit we are monitoring is far from free so a litte effort for a upgrade patch would have been nice

 

 

image

So time to kill our Override Management Pack

 

image

Library and Other Storage related MP’s

 

 

image

image

And uninstall the binaries

 

image

And time to launch the installer

image

Installing locally on dedicated management servers

image

For the install we wont have the bindings to VMM so only the 3PAR MP without integration will be installed

 

image

After install start the HP Storage Management Pack User Configuration Tool

image

Add the 3PARs you want to monitor

image

We have created dedicated browser users on each 3PAR , dont really understand why they want a superuser for discovery ,

not sure if its related to the VMM integration , but for now we use a browser user until we see something that breaks

 

image

Time to override the discovery

 

image

Enable the override for the discovery

image

and 600 seconds and a bit later we have a shiny overview of our 3PAR installation , future post will cover enhancements