How to Roll Back ESXi Patch/Upgrades? - vmware

Using vSphere Update Manager I've installed some updates and patches onto my host, however I have an issue with it picking up a datastore now so I want to roll back these changes to see if that fixes the issue.
From my research I understand that you can't uninstall these patches and you have to revert back to a previous ESXi version. I'm attempting to do this following the steps here: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1033604
However it does not give reference on how to access the Console for the Host. I can't find a way to access it in vSphere, but found a way by downloading putty and running the DCUI command.
The problem I have is that it says Reboot and then:
When the Hypervisor progress bar starts loading, press Shift+R.
However when I reboot putty loses connection to the host (presumably because it is rebooting) so I never get to see the boot up screen and Hypervisor progress bar to press Shift+R.
Am I missing something simple here? Server is Dell running ESXi 5.5. Thank you.

Dell ilo interface shall provide you the recover(Shift+R) while rebooting and hence rollback option.
The default credentials for dell ilo would be,
username : root
pwd : calvin
The steps to achieve this would be as follow,
Get ur ILO link, please see if below link is useful to you in this regard.
https://www.dell.com/community/Systems-Management/How-to-get-the-DRAC-IP-address-from-the-localhost/td-p/2374426
otherway would be ping your server FQDN and it would return the ILO IP.
Once you find ilo url or IP, login to it using above mentioned default login credentials(root/calvin).
Now, in ILO interface find the option to launch the console (server -> Virtual console preview -> Launch).
Save the JNLP file and run it.
Further, Press F12 for "Shout down /restart"
Here onward I believe you will get it.
Thanks,
Manjunath.

Related

AWS Cloud9 on Graviton Terminal Spinning

I decided to try to run Cloud9 on an ARM server ("Graviton"). I created an EC2 t4g.medium instance and a key, made sure I could SSH into it as expected (no problem), and then created a Cloud9 SSH environment. It mostly seemed to install without issue aside from a mild complaint about Sqlite. When I opened the IDE, it was perfect. Terminals worked as expected, files saved, autoformatter autoformatted and the world was good.
Every subsequent time I have opened the IDE, however, it has just given me a loading spinner. After a lot of Googling I noted that this pattern has been seen before. I tried installing tmux, but that had no effect. See screenshot:
screenshot of cloud9 error message and spinning terminal
According to this document, graviton isn't officially supported: https://docs.aws.amazon.com/cloud9/latest/user-guide/ssh-settings.html#ssh-settings-requirements. Other things that might cause it to fail are if the instance isn't publicly accessible on the internet (ie on the public subset with port 22 open, or connectable through a jump host). Also, you'll probably want a security group that only allows traffic from Cloud9; see here: https://docs.aws.amazon.com/cloud9/latest/user-guide/ip-ranges.html.
Additionally, I found the Cloud9 installer doesn't mention needing to install gcc-c++ in addition to gcc.
Because I don't want my machine on the public subnet, I'm giving up and waiting until this is supported. But I hope this might give you some useful information.

Is it possible to set a GRUB password in an Ubuntu VM instance?

I have set up a GRUB password as per the link below:
https://www.techrepublic.com/article/how-to-password-protect-the-grub-boot-loader-in-ubuntu
I'm using a console to connect to the VM. I arrived at the GRUB start screen but I'm not able to type anything. The console looks frozen as per the attached image.
Is it possible to set a Grub password and how can it be done?
Thank you,
I reproduced the error in my own project.
And I investigated further trying to fix this issue. But unfortunately, currently it is not possible to set up the GRUB password in a VM Instance in GCP.
You could see that there is an opened Feature Request in Public Issue Tracker that requests it: [FR] Enable option to set up "grub password" on GCE Instances.
If you “star” the request you will receive notifications for any important updates and keep track of its progress.

AWS EC2 instance Login failure

I am getting below error when trying to login into my AWS EC2 instance. Last login was around 2 weeks back and everything was working fine so the password I am using is correct. No other information is available on the error message.
Is there a way I can see any logs through management console ?
Appreciate any help on this.
Remote Desktop Connection
An authentication error has occurred.The function requested is not supported
It seems like you are facing this issue.
Bottemline, This is caused by a Microsoft Security Patch. The Microsoft Security patch issued on Tuesday, May 8th 2018 triggered the problem by setting and requiring remote connections at the highest level.
Simply adjust the Remote Desktop settings on the host machine to a lower security level. From File Explorer, choose Computer, right-click and select Properties, then click Change Settings, and go to the Remote tab.
From Windows 10, uncheck the option to “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)”
From Windows 7, it’s setting the option to the Less Secure option rather than More Secure
Once these are set, users can remote to the machine again.
If you don't have any other way into the machine except Remote Desktop, I'm afraid the machine is lost.
For anyone facing this issue. Below is response from AWS technical support team:
Looking at the error message you posted, this is due to a recent patch (KB4103727) that Microsoft has released to fix a vulnerability. It is a mandatory requirement from Microsoft that both the client machine (the computer from which you are trying to RDP into your instances) and the remote server (your EC2 instance) has the latest updates installed. If one of these machines has the latest updates installed and the other does not, RDP connection would fail.
Note: If you see your Windows is up to date and you do not see the KB4103727 installed, it could be a different KB article which applied the KB4103727 as a cumulative update. If this is the case, please uninstall all KBs that were installed recently before the RDP connection was broken.
For more information about this hotfix, please refer to the Microsoft documentation below:
https://blogs.technet.microsoft.com/yongrhee/2018/05/09/after-may-2018-security-update-rdp-an-authentication-error-occurred-this-could-be-due-to-credssp-encryption-oracle-remediation/
https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
There are multiple workarounds for this issue:
Option 1: If the update is installed on your client (workstation) and is not installed on your EC2 instance.
Uninstall KB4103727 from your client machine. After you uninstall the KB and gain RDP access to the EC2 instance, you can patch the instance with latest updates first and then update your client machine with the KB by running Windows Update again.
Alternately, you can keep your client machine updated and you can install latest Windows updates on your EC2 instance remotely using SSM Run Command. For detailed instructions on how to configure your instance to use SSM Run Command, please refer to the below documentation:
SSM Prerequisites: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-prereqs.html
Run Command Tutorial: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/tutorial_run_command.html#rc-tutorial-ui
After you configure your instance to use SSM Run Command, you can execute the Run Command document "AWS-InstallWindowsUpdates" remotely on your instance.
Option 2: If the KB is installed on your EC2 instance and is not installed on your client machine
Run Windows Update on your client machine and install latest software updates. Once the latest updates are installed on both your instance and the client machine, you should be able to RDP into the instance.
Alternately, if you have a backup AMI or an EBS snapshot created before the patch was installed on your EC2 instance, you may consider restoring your instance from the backup to roll back the installed software updates.
Option 3: There is a workaround suggested by third party websites to disable the check altogether on the unpatched Windows machine and RDP should work normally. On the unpatched machine, open a command prompt with Administrator privileges and run the command mentioned below:
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /f /v AllowEncryptionOracle /t REG_DWORD /d 2
Please note, you may have to reboot your Windows machine for the changes to take effect after you install/uninstall the KB.
So, finally I had to uninstall mentioned update from client machine(using which I was trying to connect to the aws instance) which allowed me to connect to the instance. Once connect, I updated the instance with windows updates and rebooted it which resolved the issue.

Fatal Error: 8 (Device Error) Boot on ESXI

We got one server which runs a vmware esxi and also holds two other VMs. When we try to reboot the desktop, we encounter this error below:
I tried to do another reboot to enter the BIOS setup. I'm not sure if it has anything to do with the boot sequence but below is the current set-up:
I'm really not a infra or systems admin person and appreciate any resolutions to resolve the problem. I previously only access the server through the vSphere client. Apologies if my jargons aren't correct.
Thanks!
I had same problem, first tried the recovery (Shift+R) it also failed. Then restarted and while loading countdown for boot i hit enter then it went successful boot.

How to set up Micro CloudFoundry on Windows

tldr; This question was to get help setting up Micro Cloud Foundry on Windows XP behind a corporate firewall as an innovation-demonstration project for a Fortune 500 IT departent. Basically, the project stalled, despite this stackoverflow page - the magic wasn't strong enough. I am accepting #DanHigman answer below, but if anyone sees this and can provide a simple straight-forward answer, by all means...
Can anyone provide a clear step-by-step on setting up MCF on a Windows (XP in my case) machine behind a corporate firewall, for demostrating the feasibility of PaaS in the corporate IT world?
My VM is installed and running and I can use the menu ok. I have vmc working. I have a test Node.js server app, that works on local, ready to push. But I can't get past that stage.
The firewall gave me trouble so I lowered my goal to just work offline. I followed the instructions noted below as best I could, but often the instructions are mac oriented - I would like them for a Windows command line (especially SSH tunneling):
http://blog.cloudfoundry.com/2011/09/08/working-offline-with-micro-cloud-foundry/
http://support.cloudfoundry.com/entries/20332921-micro-cloud-foundry-trouble-shooting-help
This blogger may have half-way covered my problem doing the SSH tunnel settings, but all it gives is "use Putty" - more detail would help:
http://support.cloudfoundry.com/entries/20419943-using-micro-cloud-locally
Also, whenever the vmc obviously gets an error or other message, it only outputs the following in the command line:
vmc target http://api.vcap.me
<<<
[200, "<html><body>SNP/2.0/102/Unknown Command 'info'</body></html>\r\n\r\n", {}
]
>>>
Thanks for any help. BTW - I know I could do this on my mac, the big obstacle is the windows and firewall environment.
Update:
#Dan and #ebottard: Thanks to your help, I'm almost there. ping is working now, hosts file seems right, but the vmc target api.vcap.me still does not find the VM at that 192.168.253.128 IP - even tho ping does. In the first link above, Martin wrote the following, but assuming we are doing it on a mac:
After the update is complete, you will need to make some changes on your local system. What you will need to do is to set up an SSH tunnel to access your Micro Cloud Foundry VM (note that you will need to supply the IP address in the command below with the actual IP of your VM, which is displayed in the console).
sudo ssh -L 80:192.168.168.149:80 vcap#192.168.168.149
Password:
vcap#192.168.168.149's password:Â
The first password being prompted is the sudo password for your machine, as it is needed to open port 80 which requires root privileges. The second password is the vcap user password which you entered during the initial configuration of your Micro Cloud Foundry.
I need to have these instructions translated into Windows, and all I have to go on is that I might use puTTy (which I have downloaded) to do it. Any more ideas?
Looks like you're running an application on your Windows machine called "Snarl" (a poor Windows-based clone of the OS 10 app Growl :-p). It looks like it's interfering with communication to the MCF intstance, close it and have another try.