My thoughts on 70-535 Architecting Microsoft Azure Solutions

On By JaimeIn UncategorizedLeave a comment

I was off to a good start, but have not posted in a few weeks. Partly due to recovering from end of quarter craziness, (lots of OT), and preparing for 4 certification exams before Nov 15th. Most recently 70-535. I won’t go into the gritty details of preparing for the exam. There are many blog posts on the subject. Here’s my prep. A few months ago I attended two week long Azure classes. A Azure train the trainer class, and an Azure Stack installation class. Fast forward lots of OT, and a looming exam date that can’t be rescheduled. I quickly watched the PluralSight 70-534 course, and used a free Azure trial as a refresher. Going into the exam I felt Ill prepared, but passed the exam in the end. I dislike the new MS exam format. No going back after completing a section. I take tests based on first instinct. Your first choice is often the correct one, don’t overthink it.  If the question requires more contemplation, mark it for review, and go back later if time permits. If you learn the service definitions, and apply the 50/50 elimination rule to answers you should be alright. On to the next exam.

EHC upgrade foundation init failure. SyntaxError: String contains control character

On By JaimeIn EHC1 Comment

When upgrading DellEMC’s EHC foundation modules. The DellEMC EHC foundation module initialization workflow fails with an error:  SyntaxError: String contains control character Workflow:CreatePropertyGroupAndCustomPropertiesSiteAffinity / Create Property Group (item1)#35) (Workflow:CreatePropertyGroupAndCustomPropertiesSiteAffinity / Create Property Group (item1)#35)

This failure occurs due to special characters found in property groups property values during a JSON conversion.

A few property value examples causing the failure:

scriptpathcharacters1

scriptpathcharacters

To resolve:

  1. Backup the property groups using cloudclient, or manually steps 3-6
  2. Delete the property groups from the vRA UI
  3. Run Initialize EHC foundation workflow again
  4. Restore property groups.

 

Convert vRA property groups visibility from global to tenant.

On By JaimeIn VMware, vRA 7.31 Comment

When migrating from vRA 6.2 to 7.x property groups are copied, but are converted to global visibility. It’s great that everything copies over, but the property group conversion causes an export problem. Cloudclient should be able to read/export global property groups soon. Someone else had the same issue. In my use case I needed to temporarily export the property groups and delete them due to an error in a EHC workflow.  I had to open a  ticket with VMware vRA Engineering for this process. (Thanks guys)

 

On with the show, here’s how to convert property group visibility manually. I’ll work on automating the process when time allows.

Requires Linux or MAC machine with access to vRA appliance.

1. Obtain auth token – login as a user with permission to create/manage property groups:

– POST to https://$VA/identity/api/tokens
– curl syntax:

curl –insecure -H “Accept: application/json” -H ‘Content-Type: application/json’ –data ‘{“username”:”user@domain”,”password”:”password”,”tenant”:”tenant_name”}’ https://<vra_url>/identity/api/tokens

Example:

dev-1 $ curl –insecure -H “Accept: application/json” -H ‘Content-Type: application/json’ –data ‘{“username”:”fritz@coke.sqa-horizon.local”,”password”:”Password1!”,”tenant”:”rivet”}’ https://$VA/identity/api/tokens {“expires”:”2018-07-24T05:49:43.000Z”,”id”:”MTUzMjM4MjU4MzY2MjoxNGY4ZjcxMjZhOThhYjViNTI1YTp0ZW5hbnQ6cWV1c2VybmFtZTpmcml0ekBjb2tlLnNxYS1ob3Jpem9uLmxvY2FsZXhwaXJhdGlvbjoxNTMyNDExMzgzMDAwOjViY2JkOTBhYzI4YWRiYjMyMmY5NjUyZmY1NDIyODlhNDhjYzkxYjI0M2QzMThjN2E5MDMyY2JhMzAwZWEwM2I0MzhmZTFmNDM4ZGQ4ZjhmZTM5M2EyZTU3YjgzYTViZDAyYzdhOWJlZWQ0MmRkNWRlNjMxOGY4OTJmODY3″,”tenant”:”rivet”}

2. For convenience, assign auth token value to shell environment variable:

dev-1 $ export TOKEN=”MTUzMjM4MjU4MzY2MjoxNGY4ZjcxMjZhOThhYjViNTI1YTp0ZW5hbnQ6cWV1c2VybmFtZTpmcml0ekBjb2tlLnNxYS1ob3Jpem9uLmxvY2FsZXhwaXJhdGlvbjoxNTMyNDExMzgzMDAwOjViY2JkOTBhYzI4YWRiYjMyMmY5NjUyZmY1NDIyODlhNDhjYzkxYjI0M2QzMThjN2E5MDMyY2JhMzAwZWEwM2I0MzhmZTFmNDM4ZGQ4ZjhmZTM5M2EyZTU3YjgzYTViZDAyYzdhOWJlZWQ0MmRkNWRlNjMxOGY4OTJmODY3″

3. Retrieve JSON definition for desired global property group:

– GET from https://$VA/properties-service/api/propertygroups/<property-group-id&gt;
– curl syntax (note Authorization header with auth token from steps 1 and 2):
 
 
curl –insecure -H “Content-Type: application/json” -H “Accept: application/json” -H “Authorization: Bearer $TOKEN” https://$VA/properties-service/api/propertygroups/<property-group-id&gt;

Example:

dev-1 $ curl –insecure -H “Content-Type: application/json” -H “Accept: application/json” -H “Authorization: Bearer $TOKEN” https://$VA/properties-service/api/propertygroups/Test
{“id”:”Test”,”label”:”Test”,”description”:”All tenants”,”properties”:{“one”:{“facets”:{“visibility”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”encrypted”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”mandatory”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”defaultValue”:{“type”:”constant”,”value”:{“type”:”string”,”value”:”two”}}}}},”tenantId“:null,”createdDate”:”2018-07-23T20:55:48.908Z”,”lastUpdated”:”2018-07-23T20:55:48.908Z”,”version”:0}

4. Copy JSON returned in step 3 and edit: set the tenantId:

– Change: “tenantId“:null to “tenantId“:”<desired-tenant>
 
Optional: change the description field as/if desired.

5. From the vRA UI, delete the property group for which you obtained the JSON definition in step 3.

Example:

Login to vRA UI and delete property group “Test”.

6. From the command line, create a new property group from the edited JSON at step 4.

POST to https://$VA/properties-service/api/propertygroups
– curl syntax (note Authorization header with auth token from steps 1 and 2):
 
 
curl –insecure -H “Content-Type: application/json” -H “Accept: application/json” -H “Authorization: Bearer $TOKEN” –data ‘<edited-JSON-from-step-4>’ https://$VA/properties-service/api/propertygroups

Example:

dev-1 $ curl –insecure -H “Accept: application/json” -H “Content-Type: application/json” -H “Authorization: Bearer $TOKEN” –data ‘{“id”:”Test”,”label”:”Test”,“description”:”New Test”,”properties”:{“one”:{“facets”:{“visibility”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”encrypted”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”mandatory”:{“type”:”constant”,”value”:{“type”:”boolean”,”value”:false}},”defaultValue”:{“type”:”constant”,”value”:{“type”:”string”,”value”:”two”}}}}},“tenantId”:”rivet”,”createdDate”:”2018-07-23T20:55:48.908Z”,”lastUpdated”:”2018-07-23T20:55:48.908Z”,”version”:0}’ https://$VA/properties-service/api/propertygroups

7. Repeat steps 3 – 6 until all property groups have been redefined.

 

vRA remove requests pending Approval

On By JaimeIn VMware, vRA 7.3Leave a comment

While trying to remove a few stuck requests pending approval I found the VMware KB 2114385 is wrong. The State needs to be changed.

From https://kb.vmware.com/s/article/2114385

 

Correct commands below

#SSH to vRA node

#Backup postgres DB

service vcac-server stop

su -m -c “/opt/vmware/vpostgres/current/bin/pg_dumpall -c -f /PATH/vcac.sql” postgres

bzip2 -z /PATH/vcac.sql

service vcac-server start

#Connect to the database by running these commands:

/opt/vmware/vpostgres/current/bin/psql vcac postgres

\connect vcac;

\x

#Check for total count of hung requests.

select count(*) from cat_request where state = ‘PENDING_PRE_APPROVAL’;

#Run these cleanup scripts

BEGIN;

UPDATE comp_bprequest

SET status = ‘FAILED’

WHERE external_request_id::uuid IN

(SELECT id

FROM cat_request

WHERE STATE in (‘PENDING_PRE_APPROVAL’)

AND (DATE_PART(‘day’, now() – lastupdated) * 24 + DATE_PART(‘hour’, now() – lastupdated) > ‘8’));

UPDATE cat_request

SET state = ‘FAILED’

WHERE id::uuid IN

(SELECT id

FROM cat_request

WHERE STATE in (‘PENDING_PRE_APPROVAL’)

AND (DATE_PART(‘day’, now() – lastupdated) * 24 + DATE_PART(‘hour’, now() – lastupdated) > ‘8’));

UPDATE cat_resource

SET

status = ‘DELETED’

WHERE request_id in

( select id from cat_request where state in ( ‘FAILED’ ) AND type = ‘CI’ AND (DATE_PART(‘day’, now() – lastupdated) * 24 + DATE_PART(‘hour’, now() – lastupdated) > ‘8’));

#Verify that updates are successful by running Select queries:

SELECT id,

status

FROM comp_bprequest

WHERE external_request_id::uuid IN

(SELECT id

FROM cat_request

WHERE STATE in (‘PENDING_PRE_APPROVAL’)

AND (DATE_PART(‘day’, now() – lastupdated) * 24 + DATE_PART(‘hour’, now() – lastupdated) > ‘8’));

SELECT count(*)

FROM cat_request

WHERE STATE in (‘PENDING_PRE_APPROVAL’)

AND (DATE_PART(‘day’, now() – lastupdated) * 24 + DATE_PART(‘hour’, now() – lastupdated) > ‘8’);

SELECT count(*) FROM cat_resource WHERE request_id IN (SELECT id FROM cat_request WHERE STATE in (‘PENDING_PRE_APPROVAL’) AND type = ‘CI’);

#If count is 0 for all 3 of the select queries, then COMMIT; else  ROLLBACK;

vRA 7.3 LDAP Authentication Fails after adding connector

On By JaimeIn VMware, vRA 7.3Leave a comment

Ran into a strange bug while installing vRA 7.3 in preparation for vRA 6.2 to 7.3 migration. The install  went without issue, and no errors. After adding a secondary connector all LDAP authentication failed. Getting the connector added was a pain. It took forever to add, or would not add. As part of our troubleshooting we removed LDAP and started over several times. The connector add failure was caused by port 4003 not open on vRA nodes, and the hosts file was not created correctly. At the time of this writing there is not a published VMware KB, but one should be forthcoming.

 

vRA 7.x if unable to add secondary connector, or access denied to EHC tenant after enabling LDAP access.

Verify idP hostname set to vRA-vip FQDN, port 4003 enabled on vRA host via iptables

Port 4003 instructions:

SSh to vRA node and run iptables –L –n if port 4003 not seen for both vRA nodes contact VMware support. You’ll need to replace 3 files to enable ehcache port 40003 in vRA 7.3.1 firewall rules.

 

 

 

The Journey Begins

On By JaimeIn UncategorizedLeave a comment

Well folks. I’ve been told I needed a blog for years. Early on I always viewed a blog as to much of a hassle due to NDA’s and what not. I finally decided to start a blog for the odd technical issues I encounter at work. Maybe my notes will save someone a few hours of searching for a work around. If you’ve wandered here and expected me to spin a yarn, you’ve come to the wrong place. Riveting reading this is not. Short and sweet is what to expect. The entries are often my notes from working through a problem. My notes may confuse folks at times, so as always any questions just ask. Maybe we’ll both learn something.   Thanks for joining me!

Why riveting clouds? It’s a cross between my work and personal interests. “Today” I work as a Consultant for DELL EMC focused on Multi-Cloud. “Today” only because I’m from the legacy EMC side, and as we all know Everything Must Change. My title or division seems to change once or twice a year. What I do doesn’t. Pointed down range engaging customers. I spend most of my days fixing problems. Please note these are my musings, and in no way should reflect my employers opinion.  The little free time I have away from work and family I like to use for aviation. Be it flying or building aircraft. Who knows you may see a few Thatcher CX5 build log entries here as well.

Good company in a journey makes the way seem shorter. — Izaak Walton

post