Hosts don't reconnect after VUM upgrade to build 3248547

Recently VMware disabled SSLv3 protocol in vCenter/ESXi 5.5u3b.

A sideffect of this is that, as noted in the interoperability matrix, vCenter 5.5u3b is needed to manage ESXi 5.5u3b hosts.

Trouble is: if you use VUM to update your hosts you usually end up in a situation where vCenter is upgraded much less often than the ESXi, and you may still be running vCenter < 5.5u3b when VUM pushes to you the patches that will bring ESXi to 5.5u3b.

If you upgrade the hosts with VUM, after the reboot:
- vCenter will not be able to reconnect them
- you will receive "vim.fault.NoHost" errors when trying to reconnect them manually
- you will be able to connect normally to the host by vSphere client
- you will find SSL errors in the vpxd.log log of vCenter, basically in the form of "SSL short read" faults.



Explanation:

The reason behind the error is given in the release notes:

The release notes point to the KB 2139396 that describes the steps needed to *REENABLE* the disabled protocols: this is obviously discuraged, but is an effective workaround to put the hosts back online in vCenter until the vCenter itself can be upgraded to 5.5u3b.


Workaround: *USE AT YOUR OWN RISK*

To "fix" the hosts you have to follow the steps in the KB that relates to the ESXi - *NOT* those that refer to the vCenter

Kb:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2139396

So (follow the more precise indications in the kb):
- enable SSH by the vSphere client on the disconnected hosts
- connect to the hosts with putty/ssh as root
- Follow the steps in the chapter "Hostd - Port 443" of the KB (edit config.xml and add the indicated options)
- Ignore the "HostProfile" part since it matters only if you use autodeploy or host templates
- Follow the steps in the chapter "Authd - Port 902" of the KB (esxcli with the indicated options, restart the watchdog)
- Ignore the "HostProfile" part since it matters only if you use autodeploy or host templates
- Follow the steps in the chapter "SFCBD - Port 5989" of the KB (edit sfcb.cfg and add the indicated options, restart the watchdog)
- Ignore the "HostProfile" part since it matters only if you use autodeploy or host templates

If vSAN is in use the chapters "Virtual SAN VP - Port 8080" and "Virtual SAN Observer - Port 8010" should also be followed, but I don't advice messing up with this configs on a vSAN enabled cluster!!!

*IN TEORY* this works fine, but I don't advice this workaround in production and in a supported environment, since your system will be *OUT OF THE INTEROPERABILITY MATRIX* and since you will re-expose your system to the poodle security vulnerability.

The best option is probably to leave the upgraded ESXi disconnected and upgrade vCenter to 5.5u3b.

COMEMU!!!
http://sourceforge.net/projects/conemu/

A really must-have console replacement for Windows.
If you are used to scripting in Unix and must script in Windows, YOU WANT IT!!!!

And check this out for sane history/readline/tab completion in powershell:

http://www.howtogeek.com/126469/how-to-create-a-powershell-profile/

https://github.com/lzybkr/PSReadLine

enjoy

how to mount a CDROM under ESXi

esxcfg-mpath -l

Example output:

ide.vmhba32-ide.0:0-mpx.vmhba32:C0:T0:L0
   Runtime Name: vmhba32:C0:T0:L0
   Device: mpx.vmhba32:C0:T0:L0
   Device Display Name: Local TEAC CD-ROM (mpx.vmhba32:C0:T0:L0)
    State: active
   Transport: ide

Load the iso9660 module with this command:

vmkload_mod iso9660

Mount the CDROM using the device determined earlier with esxcfg-mpath -l:

/sbin/vsish -e set /vmkModules/iso9660/mount mpx.vmhba32:C0:T0:L0

The CDROM will be mounted under /vmfs/volumes/ [CDROM Label] /


source: https://communities.vmware.com/message/1692327

Script to set VMware Multipath policy by Powercli on a whole Datacenter/Cluster by specific LUN name:

Get-Datacenter "MyDatacenter" | Get-VMhost | Get-ScsiLun -CanonicalName "naa.6005076802*" -LunType disk | Set-ScsiLun -MultipathPolicy "RoundRobin"

Script to set default PSP for SATP, or anyway to loop a specific esxcli command throught a bunch of hosts by powercli:

$hosts = Get-Datacenter "MyDatacenter" |Get-VMHost
foreach($vihost in $hosts){
  $esxcli = get-vmhost $vihost | Get-EsxCli
  $esxcli.storage.nmp.satp.set($false,"VMW_PSP_RR","VMW_SATP_SVC")
}

(from http://www.virten.net/2014/02/howto-use-esxcli-in-powercli)

How to reactivate Windows trial licence (up to 3 times)

Just open an administrator prompt and use this command:

slmgr.vbs -rearm

Remove hidden network adapters in windows

set devmgr_show_nonpresent_devices=1 devmgmt.msc

http://www.draisberghof.de/usb_modeswitch/bb/viewtopic.php?t=672 maledetta chiavetta vodafone! Huawei K4605->E372