Wednesday, 8 November 2017

VDP Expired Certificate

There has been a lot of issues going on around the VDP deployment due to an expired certificate issued to the OVF template.

Basically, if you are running vCenter 6.5. then the web client is the only option to deploy the OVA files. And you cannot move past the section where it displays the certificate section as expired. If you are using pre 6.5 vCenter, then you can deploy this through the Windows C# client. Even though it says "Invalid" certificate, you can still click Next and proceed further.

If you are on 6.5, then the workaround is this:
1. Download the required version of VDP Server. All of them have their certificates expired around September.
2. Use a 7-zip utility to extract the OVA template. This will give you 4 files. The VMDK, OVF, MF and the CER.
3. In web client, when you deploy OVA, you can multi select the files. So select the 3 files (vmdk, ovf and mf) excluding the .cer file
4. This then displays No Certificate during the deployment and let's you proceed further.

This certificate is signed just for the OVA template and not for any particular port / service for the VDP itself.

EMC is currently working to update the certificate information for these templates. Hope this helps!

Monday, 28 August 2017

Bash Script To Extract vSphere Replication Job Information

Below is one bash script that extracts information about replication for configured VMs. It displays, the name of the virtual machine, if yes or no for quiesce Guest OS and Network Compression. Then it tabulates RPO (in minutes) as "bc" is unsupported on vR SUSE to perform hour floating calculations and then the datastore MoRef ID.

The complete updated script can be accessed from my GitHub Repo:

As and when I add more or reformat the information the script in the link will be updated.

echo -e " -----------------------------------------------------------------------------------------------------------"
echo -e "| Virtual Machine | Network Compression | Quiesce | RPO | Datastore MoRef ID |"
echo -e " -----------------------------------------------------------------------------------------------------------"
cd /opt/vmware/vpostgres/9.3/bin
./psql -U vrmsdb << EOF
\o /tmp/info.txt
select name from groupentity;
select networkcompressionenabled from groupentity;
select rpo from groupentity;
select quiesceguestenabled from groupentity;
select configfilesdatastoremoid from virtualmachineentity;
cd /tmp
name_array=($(awk '/name/{i=1;next}/ro*/{i=0}{if (i==1){i++;next}}i' info.txt))
quiesce_array=($(awk '/networkcompressionenabled/{i=1;next}/ro*/{i=0}{if (i==1){i++;next}}i' info.txt))
compression_array=($(awk '/quiesceguestenabled/{i=1;next}/ro*/{i=0}{if (i==1){i++;next}}i' info.txt))
rpo_array=($(awk '/rpo/{i=1;next}/ro*/{i=0}{if (i==1){i++;next}}i' info.txt))
datastore_array=($(awk '/configfilesdatastoremoid/{i=1;next}/ro/{i=0} {if (i==1){i++;next}}i' info.txt))
for ((i=0;i<$length;i++));
printf "| %-32s | %-23s | %-10s | %-10s| %-20s|\n" "${name_array[$i]}" "${quiesce_array[$i]}" "${compression_array[$i]}" "${rpo_array[$i]}" "${datastore_array[$i]}"
rm -f info.txt
echo && echo

For any questions, do let me know. Hope this helps. Thanks.

Wednesday, 9 August 2017

Bash Script To Export VDP Backup Job Details

So you can use this script to export your current backup and replication job configurations to a text file and save it to your local desktop. In case if you run into any redeployment situation and you are unaware of the backup configuration, you can have a look at the exported text file.

The script exports, Job Name, State of the job, Clients in the job, Schedule, Retention and the type.
It currently does not export agent level backup jobs such as SQL, Exchange and Share-point.

The script needs the MCS service to be up as it relies on that. I am planning to export details from psql which can be used even when MCS is down.

This is what I have for right now. The script can be accessed from the below link:

Suggestions and bugs are always welcome. Drop a comment for anything.

Hope this helps!

Sunday, 30 July 2017

Bash Script To Determine Retired Clients.

While in VDP you have a built in feature for unprotected VMs (That is VMs not added to VDP backup job) you might need a script to determine if VMs are missing from a backup job.

The script has a simple algorithm:
> The first time it runs it creates a file to gather all the protected client list
> The next time it runs it will check what is missing since the last protect client list.
> New added VMs will not be considered as Missing, however on Next iteration of script execution it will run a check to see if the new clients are missing.
> If you remove the first generated file for protected list post your second execution, then the third iteration will be void as it will generate a new protected client list.

The script has an email feature to send the output to a mailing address. If you want to exclude this, then discard line-21 to line-32. If you want to run the script as a cronjob, you can add it to crontab -e, but you cannot have manual email address input running in the script. You will have to create a constant for your email address and call it in the EOF.

The script can be accessed from my repository here:

The code {}

IFS=$(echo -en "\n\b")
if [ ! -f $FILE ]
client_list=$(mccli client show --recursive=true | grep -i /$(cat /usr/local/vdr/etc/vcenterinfo.cfg | grep vcenter-hostname | cut -d '=' -f 2)/VirtualMachines | awk -F/ '{print $(NF-2)}')
echo "$client_list" &> /tmp/protected_client.txt
sort /tmp/protected_client.txt -o /tmp/protected_client.txt
new_list=$(mccli client show --recursive=true | grep -i /$(cat /usr/local/vdr/etc/vcenterinfo.cfg | grep vcenter-hostname | cut -d '=' -f 2)/VirtualMachines | awk -F/ '{print $(NF-2)}')
echo "$new_list" &> /tmp/new_list.txt
sort /tmp/new_list.txt -o /tmp/new_list.txt
missing=$(comm -3 /tmp/protected_client.txt /tmp/new_list.txt | sed 's/^ *//g')
if [ -z "$missing" ]
printf "\nNo Client's missing\n"
printf "\nMissing Client is:\n" | tee -a /tmp/email_list.txt
printf "$missing\n\n" | tee -a /tmp/email_list.txt
printf "Emailing the list\n"
read -p "Enter Your Email: " TO
(cat - $FILE)<< EOF | /usr/sbin/sendmail -f $FROM -t $TO
Subject: Missing VMs from Jobs
To: $TO
sleep 2s
printf "\nEmail Sent. Exiting Script\n\n"
rm /tmp/new_list.txt
rm -f /tmp/email_list.txt

Feel free to reply for any issues. Hope this helps!

Monday, 17 July 2017

Bash Script To Determine Backup Protocol

In vSphere Data Protection, you have couple of backup protocols. SAN mode, HotAdd, NBD and NBD over SSL. HotAdd is always the recommended protocol, as data handling and transfer is much faster than the rest. If your backups are running slow, then the first thing we will check is the backup protocol mode. Then we will move further to VDP load and finally the VMFS / Array performance.

If you have few VMs, you can easily find out the protocol type from the logs. However, if you have a ton of VMs and would like to determine the protocol, then you can use this script that I have written.

IFS=$(echo -en "\n\b")
echo "This script should be executed on a proxy machine"
echo "Checking current Machine......"
if [ ! -d "$directory" ]
printf "Current machine is Proxy machine"
printf "Current machine is VDP Server"
echo && echo
sleep 2s
echo -e "--------------------------------------------------------"
echo -e "| Client Name | Backup Type | Proxy Used |"
echo -e "--------------------------------------------------------"
cd /usr/local/avamarclient/var
backupLogList=$(ls -lh | grep -i "vmimagew.log\|vmimagel.log" | awk '{for (i=1; i<=8; i++) $i=""; print $0}' | sed 's/^ *//')
for i in $backupLogList
clientName=$(cat $i | grep -i "<11982>" | awk '{print $NF}' | cut -d '/' -f 1)
protocolType=$(cat $i | grep -i "<9675>" | awk '{print $7}' | head -n 1)
proxyName=$(cat $i | grep -i "<11979>" | cut -d ',' -f 2)
if [ "$protocolType" == "hotadd" ]
elif [ "$protocolType" == "nbdssl" ]
elif [ "$protocolType" == "nbd" ]
protocol="SAN Mode"
printf "| %-20s| %14s| %12s|\n" "$clientName" "$protocolType" "$proxyName"
echo && echo
Few things:
> The script must be always executed on a proxy machine. If your VDP is using internal proxy, then run it on the VDP machine itself.
> If you are using one or more External Proxy, then you need to run this on each of the proxy machines.
> Note, this will work on 6.x VDP and above.

I have added an IFS (Internal Field Separator) to handle spaces in backup job names. The rough version of script had issues handling spaces in job names.

It's a very lightweight script, takes seconds to execute and does not make any changes to your system.

Hope this helps.