Nexus 1000v in a Hyper-V 2012 Environment (Part 1)

June 19, 2013August 31, 2015 Josh Reichardt 7 Comments

In the next few posts I will be going over some of the basics on how to get the Nexus 1000v setup and working in a Hyper-V environment. I must warn readers ahead of time, this product was just released (as of a week or two ago) and the Cisco documentation is seriously lacking. What documentation that does exist is thoroughly confusing so it may take some time to work through all of the issues. Just as much if not more irritating, the Hyper-V way of doing things is just as confusing. Taking on a project like this will surely improve your skills and abilities with virtualization, especially network virtualization. I must admit, this stuff can get very confusing at first so it is important to realize that you might not understand everything at first, just be patient, it will eventually start making more sense.

First I need to lay some ground work. I think it’s important not only in this example but a good habit in general to spec out a project and figure out all of the requirements in order to make sure you have everything lined up that you might need before tackling a project. A few important considerations when working with the 1000v are to make sure the networking and NIC’s on the Hyper-V hosts are set correctly, Virtual Machine Manager (SCVMM) is installed and configured, the network is configured (LACP port channels, trunk ports, correct VLAN assignment, etc) and that configuring all of these pieces won’t cause any downtime or other issues with your production network. Ideally, all of this would be thought of and set up ahead of time. Luckily I have a test environment as well as SCVMM in my test environment to test this with and do not have to worry about any real world down time or production issues.

One of the most important things to get established is getting the underlying Hyper-V network stack configured properly. I try to mimic a production type environment as much as possible so this configuration is a typical design you may see in the real world. So let’s lay out the structure of the design.

Management VLAN(s)
DMZ VLAN(s)
Inside VLAN(s)
Live Migration VLAN(s)

It is common to break these out through different physical connections, so as an example you might see 4 different NIC’s on the Hyper-V host connecting to a switch that has 4 different VLAN’s configured. If you want redundancy you can add NIC teaming into this scenario (which is native in Server 2012 now, which is nice). I have limited resources so I am using a single NIC for management, DMZ and live migration traffic, and teaming the inside connection with 2 NIC’s. Here is a crude example of how this is setup.

If you are setting this up in a clustered environment, you would want these settings to be identical across all Hyper-V hosts. Once this is setup correctly make sure you have SCVMM installed and configured. That is a separate process and therefore is out of the scope of this post, I’d be happy to answer any questions you have, I’m just not discussing it here. You will need to grab the Cisco Nexus 1000v for Hyper-V. To download the files necessary for installation (let me know if you don’t have one) you will need a valid Cisco ID. Cisco also provides some documentation as well as some installation videos links but I have found them to be less than helpful to be honest, there is some useful information to be sure, I just want to walk you through the process myself because there were a few caveats and the documentation creates a lot of unnecessary confusion.

There is some basic terminology to be familiar with when getting the 1000v up and going that helps to understand how and why different parts work the way that they do when running through the installation.

vsm – virtual superviser module. This logically controls the virtual switch and can be thought of as a virtual line card to manage the different VEMs.
vem – virtual ethernet module. This is the piece that actually replaces the virtual switch
nsm – network segmentation manager.

Once you have the 1000v downloaded you need to make sure you run the installation for it on the server that is hosting SCVMM. The installer is hidden in the following location,

\Nexus1000v.5.2.1.SM1.5.1\VSM\Installer_App\Cisco.Nexus1000VInstaller.UI.exe

When you run this executable it should bring up a GUI to install and configure the virtual switch(es). You will need to use an account that is a member of the SCVMMAdmins group in Active Directory, otherwise the installer will not be able to connect to SCVMM and will not be able to create and configure the VM for the new virtual switch.

The next portion of the installer is where things may get confusing if you don’t know what you are looking for. I have linked to the sample configuration I used in my lab to help with this. Since this is what I used in my test environment I know at least at one point this configuration worked. It would be a good idea to deploy the VSM’s in high availability if you can, otherwise it isn’t a big deal.

Choose a meaningful name for VSM name, basically this is the same as the host name.
The ISO linstall location is, \Nexus1000v.5.2.1.SM1.5.1\VSM\Install\nexus-1000v.5.2.1.SM1.5.1.iso.
From the documentation I’ve read the VEM MSI location indicated is a little misleading because it points at the wrong installation file. It should point at \Nexus1000v.5.2.1.SM1.5.1\VMM\Nexus1000V-VSEMProvider-5.2.1.SM1.5.1.0.msi.
The VSM IP address should be an address in your management network, it can basically be thought of as the address to use to connect to the 1000v virtual switch.
Subnet mask should be fine as 255.255.255.0.
Gateway IP should match up with the VSM IP address, essentially they just need to be on the same subnet.
Domain ID is an arbitrary number that is associated with the virtual network. For most use cases you should be able to use one ID, 1000 in my example.
Use the VLAN ID that your VSM is on, in my case it is my management ID.
Since our management VLAN is that same as the VSM VLAN (typical in most deployments) simply choose “Yes” here.

At this point everything should be configured, the installer just needs to go out and create the VM’s and take care of getting everything up and running. It may take awhile so take a break if needed and come back later.

Everything should complete successfully, if not you will need to look at the log file and troubleshoot any errors you may have.

Almost done. Everything should be out there and running but there is still one very important step left. If you notice, about halfway down the installation summary page there is a username/password of admin and admin. This obviously will change once the 1000v gets put into use but there is NOTHING in the documentation that tells you that this will break the configuration in SCVMM!

What you need to do is hop on the SCVMM server and manually configure the credentials that are used to connect to the 1000v switch. To do this, drill down into the security settings in SCVMM by flipping open the Configuration pane -> Security -> Runas accounts -> Right click your 1000v admin account and select properties.

Then you will change the username and password to match the credentials that you have set on the 1000v. This will allow the switch to communicate with the SCVMM server so that 1000v network settings can be managed through Hyper-V.

In Part 2 I will discuss the intricacies of configuring the 1000v as well as how to reflect these settings in your Hyper-V virtual environment. Since this is a brand new product, there are still some things yet that need to get worked out, especially the documentation. And as I mentioned earlier, the network settings in Hyper-V and SCVMM can be extremely confusing the first time you see them. Working through and troubleshooting these issues will quickly help improve your knowledge and understanding of how Hyper-V and the Nexus 1000v work together to improve virtual networking. If you have any questions or concerns about any of this I will try to help, but I am not promising anything at this point.

Getting Python Fabric setup in Windows

May 30, 2013August 31, 2015 Josh Reichardt 1 Comment

This has really turned into a wild goose chase. Initially my goal when I set out on this project was simply to get Fabric up and running so I could test out some different features on some network gear. It seems like the Python integration in Windows is very different than it is in the Linux world where everything is all bundled up nice and neatly. There are several separate, seemingly unrelated pieces that all need to fit together to get Python and Fabric working correctly in a Windows environment, which can be very perplexing at first, hence my need to write a post so I don’t have to remember all this complexity for next time. I thought I might as well show people how I got this to work instead of picking and choosing different bits of information from the internet.

The following is a list of links that I have found to be helpful in getting everything up and going, flip back to here for the different resources and components:

Official Python download page
Official docs for installing and using Fabric
using this post I was able to get pip installed and set up
Install and configure virtualenv
Distribute modules for Windows
pip modules for Windows
Pycrypto modules for Windows
MinGW32 installer

There’s a few steps for getting up and running. For basic Python functionality it should be enough to download and install Python via the basic installer in your Windows environment. Accepting the defaults should be enough. Also, I recommend going with Python 2.7, rather than 3.3 because it has much better backwards compatibility. You will also want to double check to make sure you download the correct version for you OS as well, either 32-bit or 64-bit.

Once you have your Python install up and going you will want to get pip installed. You will use this tool to get Python modules because it aids tremendously with downloading, managing and installing useful Python code.

So to get up and running with pip, first make sure that you have the correctly matched version of Python and the pip installed for your environment. For example the 2.7 pip installer will not work with a 3.3 Python installation. Second, you will need to make sure you have the Distribute package installed in your Python environment as well. This is the tool that will allow pip to work. Once you have these modules installed you will need to switch to the directory where pip is installed (or add it to your ENV path variable). For me it was located in the following location:

C:\Python27\Scripts\pip.exe

So the command to install Fabric would be as follows:

pip.exe install fabric

You would think that’s all you need to get fabric working right? Well it turns out that using this method we do not have the correct version of Pycrypto installed.

So using the link posted above go ahead and get the correct version of Pycrypto downloaded and installed (version 2.1.0). That still doesn’t fix it though! It just gets us to a different error. I used this post and this post as a guide for getting the correct version of Pycrypto installed on the Windows machine.

Okay, so now we should have a fully functioning Python environment with Fabric installed. The only main issue that remains at this point (to my knowledge at least) is that pip still doesn’t work quite right when attempting to install various Python packages. To get that part working you will need MinGW32 installed (reference above for links). But that is basically out of the scope of this post, I will write another post about it if there is any interest or you can ask me if you have issues as always.

The only other piece left then is to get Fabric up and going with our Cisco gear. Take a look at the docs for basic usage on getting acquainted with Fabric, it is fairly straight forward for the most part.

One thing I was not aware of was the way Cisco CLI and devices would behave when using Fabric to control them remotely. I was having issues with Fabric flaking out whenever I went into config mode on a Cisco switch. It turns out that when you enter into config mode you are essentially dropped into a new shell and Fabric doesn’t have a nice way to deal with that. So something like this will bomb out,

def test():
	run("conf t", shell=False)
	run("int 1/0/1", shell=False)
	run("no shut", shell=False)
	run("exit", shell=False)

The “conf t” command opens your new shell and the Cisco gear freaks out because it doesn’t know what to do with the next command. I should also mention the shell=False is somewhat unrelated to this issue but it gets around Fabric trying to use bash as its default shell. The workaround? Use the open_shell command in Fabric and escape each command by using \n to escape to a new line. So a sample command using this format would be something like the following,

def test():
	open_shell("conf t \n"
		   "ip name-server 1.1.1.1 \n"
		   "exit \n"
		   "exit \n"
		   )

Yeah this is sort of hacky, and I’m not sure if it will be able to do everything I am looking for but hey at least it kind of works. I am currently looking for a more robust and easier way around this limitation so if you have any suggestions let me know.

Credit goes to markmm on reddit for letting me know about this workaround as well as the people who hang out on the #fabric irc channel on freenode.

Conversation history not saving in Outlook 2010

May 20, 2013August 31, 2015 Josh Reichardt 1 Comment

Recently I ran into an issue with a Lync environment (2010) where Lync conversations were not being saved to the “Conversation History” folder in Outlook (2010). Luckily there is a quick way to fix this issue, through Exchange. From the reading that I have done it seems like the most common reason this occurs is when a user in your Exchange environment reaches or surpasses 1,000 combined folders and sub folders in their mailbox. The easiest way to check if a user has reached this threshold is to use the Exchange Management Shell to quickly take a look at their total combined mailbox folders using the following command.

(Get-MailboxFolderStatistics “user”).Count

Easy enough, often times this is enough to determine the cause. But I have taken this command one step further and wrapped it into a little script that will go through your Exchange environment and record all users that have reached this threshold and place their display name as well as the number of folders/subfolders into a csv file for an easier to reference. Here is the logic of the script.

$mailboxes = Get-Mailbox
$overlimit = @()

ForEach ($mailbox in $mailboxes) {

$mbxmember = New-Object PSObject
$folders = (Get-MailboxFolderStatistics $mailbox).Count
$mbxmember | Add-Member -MemberType NoteProperty -Name "Display Name" -Value $mailbox.DisplayName
$mbxmember | Add-Member -MemberType NoteProperty –Name “Folder Count” –Value $folders

	If ($folders -gt 1000) {
		$overlimit += $mbxmember
	}
}

$overlimit

That logic right there is very basic but will iterate over all mailboxes in the Exchange environment, grab those with over 1,000 folders/sub folders, place them into an array and output the array. This will take a while depending on the size of your environment, so feel free to let it run in the background. It is not a super intensive process, it just takes forever. To get this into a CSV file use the following Powershell command, I have this script name Get-Folders.ps1 in this example.

.\Get-Folders.ps1 | Export-CSV users.csv

That should be it. Not everybody will need this obviously but I found that it came in handy.

Evo 4G Customization Goodness

May 13, 2013August 31, 2015 Josh Reichardt 13 Comments

Since my initial rooting and unlocking project last weekend I haven’t been able to stop thinking about the shiny new ROM I have installed and how awesome it is. So now that I have the taste for flashing custom ROM’s, I wanted to see what else was out there. I did some digging and learned (to my happy surprise) that the Evo 4G, or the “OG” as community members refer to it as, is still alive and well, with a very talented community and very active user base. Especially for a device that is nearly 3 years old.

If you missed my original ROM flashing post you can view it here. That should get you up speed.

Custom ROM’s can be confusing and maybe a bit intimidating at first but once you start to wrap your head around the concept then things get much easier. If you have any questions let me know and I will do my best to help explain things as best I can (from my own understanding of how it all works at this point). I am certainly new to this as well but am quickly beginning to understand the power and draw behind custom ROM’s, especially for tinkerers and people that are interested in DIY tech projects, there is really a whole world out there to go explore for this type of stuff. I would take a look at XDA Developers forum for a good place to get started on many of these topics.

I am working on putting together a list of the latest and greatest ROM’s that I have stumbled across since my initial flash using the MazWoz Jelly Bean ROM last week. I will also try to offer some perspective and comparisons between these custom ROM’s to help you choose which one will suit your needs and will work best in your use case. All of the ROM’s that I have been testing are currently all 4.2.x (Jelly Bean) and are all fantastic, so if you are having trouble picking one out I would advise that you just pick one. More than likely it will be a good fit. The only difference between many of these are small subtleties such as specific themes, customization options, look and feel and a few packaged apps here and there. So for example, Slim Bean offers a UI “pie controls” that aren’t built in to some of the other ROM’s. But for the most part many of these ROM’s are using a lot of the same “stuff” in the background. There are probably more out there but I will just be covering the most popular and most active ROM’s that I cam across, so let’s go ahead get started.

MazWoz – http://forum.xda-developers.com/showthread.php?t=1947452

This is a great ROM and the first custom ROM that I tried. Nearly everything is working currently, it is certainly stable enough for every day use IMO. It did a hot reboot on me once and the camera was a little bit on the glitchy side, there were some strange GUI effect glitches every now and WiMax is broken (which won’t get a fix it doesn’t look like but who cares) but otherwise worked flawlessly, it is very snappy and responsive, it provides a buttery smooth experience. I would highly recommend giving this ROM a shot since it is both stable and smooth. It isn’t quite there 100% on all the new Jelly Bean features but it is getting there and is under active development by its creator and maintainer. The latest release was about a month ago so hopefully there will be an update to provide some of these niceties in the near future.

Slim Bean – http://forum.xda-developers.com/showthread.php?t=2217412

Currently testing this ROM out. So far so good, it is fast and everything I’ve tried seems to be working correctly. This ROM is designed to be light weight and snappy, so only basic themes, look and feel and apps although I will say that after booting initially it felt a very tiny bit slower than the MazWoz ROM but this slowdown was still very tolerable. I suspect there may have been issues since it was trying to sync up and download things in the background, because everything has been working much more smoothly after the everything is in sync. The camera works slightly more fluidly than the MazWoz camera and there do not appear to be any other noticibly odd glicthy behaviors with the GUI. Other initial findings were that there is no WiMax (again expected) and no front camera. This ROM is very smooth and there is support for facial recognition and unlock which is pretty slick. There are some other cool features baked in such that other ROM’s do not offer such as “The Real Dark Slim (TRDS)” which is basically a customization engine for this particular ROM as well as Slim PIE and a few other unique customizations for this ROM which allow for a more fine tuned experience.

Cyanogenmod 10.1 – http://forum.xda-developers.com/showthread.php?t=2244061

This is the defacto for custom ROM’s currently, it easily has the largest user and developer base and its latest version has been ported over to the Evo 4G. This is pretty much the most complete package as far as custom 4.2.x ROM’s go. It has basically every standard feature that comes along with this version of Android as well as a ton of tweaks and improvement, including pie controls and speed/optimization improvements and other nice goodies. There is no official release for this build because this current port literally just happened not more than a few weeks ago but I’m sure the word will spread quickly. So far I have liked this release for the most part, there are some issues though, such as a little big of glitchiness as with the other releases I have tried, the swype style keyboard doesn’t work all the time, the launcher (trebuchet) crashed ones, no front camera, some of the camera options aren’t perfect either and there is no WiMax support. These are really just small gripes though and outside of that it is snappy and also probably the smoothest ROM I’ve tried so far. It has some slick features built in including a custom launcher, file manager and media player, as well as some additional themes and widgets built in which are a really nice touch. The CyanogenMod is an all around good experience and with all of the little additions and bells and whistles built in has been my favorite ROM so far.

AOKP – http://forum.xda-developers.com/showthread.php?t=2257194

This is one of the newer projects out there but it is gathering steam and the community as well as developers have really worked hard to make this ROM very nice. The features of this ROM are on par (some may even say better) than Cyanognmod and this ROM certainly delivers so very nice customization options as well as a stable and fast platform. I have only recently tried this ROM out myself yet so I can’t report on all of the issues that it has other than the standard issues that all of these ROM’s suffer from. No front camera, no WiMax, some weird camera issues, etc. Nothing out of the ordinary. I have really liked the quickness of this ROM so far, I’d say it is on par or better than Slim Bean and offers a really nice experience overall and the ability for a lot of customization. I would definitely recommend trying this ROM out. The only caveat for getting this ROM to work correctly is that you need to partition your SD card prior to flashing, otherwise you will suffer from boot loops which caught me originally. Other than that, it is pretty straight forward to flash and use.

Evervolv – http://forum.xda-developers.com/showthread.php?t=2172323

This one is worth a mention as well but seems to be losing some of its previous favor amongst the community as of late (at least as far as I can tell, I could be totally wrong about this though). It seems like a lot of ROM’s are built using much of Evervolv’s code but the project itself isn’t quite as popular as it was at one time. I haven’t tried this ROM out for myself yet, I just found that it was worth a mention because of its support for the Evo 4 G. I might come back and update this post if I ever switch and try this ROM out, but I just can’t get away from Cyanogenmod right now.

Hack your Evo 4G into a High End Smart Phone

May 6, 2013August 31, 2015 Josh Reichardt 5 Comments

I was in desperate need of a phone upgrade recently and ran across a nice little deal on an old Evo 4G (not to be confused with the Evo 4G LTE) on craigslist this past weekend, which to my surprise turned into a nice little phone hacking project. Luckily for me the phone I got was basically in mint condition as it belonged to an older gentlemen who I imagine didn’t get a lot of mileage out of it. On top of that, it was layered in protective casings.

Sometimes buying phones on craigslist can be scary and turn into a crap shoot but in my own experience I’ve found them to work out more often than not. The two pieces of advice I can offer when buying a used phone on craigslist are to have the seller send you the ESN number prior to meeting so you can check to make sure it is active (there are many online ESN checkers out there). The other, simple advice is to look at the phone when you meet and make sure you can turn it on and off and that it can hold a charge.

I also want to take a moment and tell everybody about the provider I use, which is Ting. Why? Because they are awesome and super easy to use. Ting offers a very competitive price and doesn’t require contracts, which I believe are important things to consider when selecting a provider. Anyway, I could probably write an entire post about how awesome Ting is and why you should use their service but I will forego the details for now. I just wanted to mention that you can activate your phone entirely on your own in like 5 minutes, which helped me out a lot with this project. There are detailed instructions on their site about activating new/used phones and porting over numbers, it is easy and Ting even encourages its users to root and unlock their phones. Long story short, Ting is awesome, it made this project much easier and you should give them a try.

Once you do all the running around and finally get your phone it is time to actually get down to the fun stuff. I learned that rooting the Evo 4G was a bit tricky since it had all of the newest firmware and protection from HTC. I have had less issues with rooting some other HTC devices in the past, but I don’t know how that effects the steps if the software and firmware change. In all reality the additional steps are just a technicality I would say and aren’t too much of a hindrance. So in the following details I will outline the process of getting your phone from the basic locked version of HTC Android to a fully unlocked phone with the capability of running custom ROMS, namely the MazWoz ROM which is currently the Jelly Bean ROM that I am using for the Evo 4G.

The first step is to get root. This is essential because without it you will not be able to get S-OFF and be able to flash custom ROM’s. Rather than go into great detail and post all of the steps here I will instead point you in the right direction on how to get started yourself. There are a ton of guides out there already on how to do this and there would really be no point to add another to that collection of guides, since there are some really good ones out there that have all the links and resources. I found this one and this one to be the most relevant and helpful. The first one is especially nice because it offers some video guidance as well as written. Basically when I got stuck with one of the guides I would just switch back and forth and reference the other. I feel that they both definitely compliment each other very well.

The second step is to obtain S-OFF. Use the links mentioned previously for obtaining root to obtain S-OFF as well, after you root your phone. This step was very confusing to me at first so I thought I would clarify the process to make things easier for readers to understand. Once you have root on your phone you can The major issue I ran across with this step was when I reached the step for copying over the flashimage and mtd-eng.img files. To get this step to work I had to be in Fastboot mode to gain read/write access to the sdcard. Other than that, everything else worked great. I should also note that for S-OFF I chose to use to use revolutionary.exe following the instructions from the first site. I think the steps for flashing S-OFF using the unrevoked method from the second link would work fine, maybe even preferably, I just never tested this myself.

The third step is to flash the custom ROM, along with the other apps and fixes that turn your phone in the Jelly Bean device. Jelly Bean brings with it a number of features and improvements that make for a much better, much smoother smart phone experience. It is really leaps and bounds above the stock version of Android OS that is shipped by default on the Evo 4G and the experience is often referred to as “buttery smooth” because it is so nice. Here is the link for getting the MazWoz Supersonic ROM. I used the B4 release, which is the most current as of this writing as well as the link to Gapps and the GPS fix. As of the B4 release the WiMax wasn’t working and the video is a little glitchy and the front camera isn’t working but other than that, this ROM is a fully functioning 4.2.1 Jelly Bean image. The WiMax isn’t important to me as I don’t have access to it where I live and the video isn’t really a big issue for me either since I don’t shoot a lot of video.

The positives of using this custom ROM immensely outweigh the negatives in my opinion. So all in all, hacking an almost 3 year old phone in about 3 hours time into a usable Jelly Bean device that typically sells for upwards of $300 for the bargain $80 price tag seems like a steal to me, the experience is nearly flawless. Granted there are a few caveats and you need to be willing to follow the steps for the upgrade but in my opinion this is still a great deal. You get to a) revive an old piece of hardware that is beginning to show its age, b) save a shitload of money on the cost of a new phone and c) get to tinker with your phone, which to me was the best part out of this project. Here is a link to some other devices that have been quickly faded in popularity that can potentially be updated and given new life. My hop is that this post will inspire you or at least give you some ideas to go and check what’s out there and maybe even help breathe some new life into some of your otherwise antiquated and dying android devices.