World IPv6 launch – 6th June

I like to think of myself as an IPv6 expert, sadly it isn’t hard to be when so few people even know it exists!

I try and raise awareness through work, and through development of software which highlights IPv6. My Firefox extension Sixornot was one of the first to do this, and has inspired several others. I’m also using some of the unique features of v6 (multicast and scope identifiers) at work in building an innovative test management system.

blogger_v6

I’m glad to see that (at least for me, using AAISP) Google has got most of the domains blogger uses IPv6 enabled. One of the cool features Sixornot has over its competitors is the ability to see whether each component of a remote website is being loaded using IPv6. Quite a lot of sites who claim to be IPv6 ready use CDNs or advertising networks which do not support the new protocol!

You can find more information on IPv6 via the launch day website – it’s well worth finding out about this crucial next-generation Internet technology. You’ll be one of a select few who know what they’re talking about!

Advertisements

Hyper-V and Azman for delegated VM access (using PowerShell!)

There’s an excellent article about delegating Hyper-V permissions using Azman (Authorization Manager) which has recently proven invaluable for me. We’ve been using VMM for a while, but the only real use case we have is to impose a simple segregation between our “production” development systems and our test systems (to avoid testers accidentally powering off the CI server, for example).

VMM is really overkill for this, and after upgrading to VMM 2012 I found that it no longer even managed to set permissions properly. (All our users hate the VMM self-service portal and want to use the Hyper-V MMC anyway…)

One part of the process detailed in that article which I wanted to improve on was the VBS scripts used to set the Scope for VMs. The permission model relies on assigning VMs to scopes (and then assigning users to those scopes with particular permissions profiles). The latter can be done with the Azman UI (or, I am sure, via scripting of some kind via WMI). The former can only be done via scripting. Since I do most of my Hyper-V management using PowerShell I wanted a simple solution to keep it all in one place.

https://github.com/tbentropy/vmscope

So I wrote a simple PowerShell module with two methods, Get-VMScope and Set-VMScope. Get-VMScope lists the scope for the given VM (either pass a string with the name or a wildcard pattern, or pipe in an object with either a “VMName” or “ElementName” property – e.g. you can pipe in the VM objects which are returned by the psHyperV module. Set-VMScope takes a (single) VMName/ElementName and you set the Scope using the -Scope parameter.

No documentation (yet), but it’s fairly self-explanatory!

One issue I found while migrating from VMM 2012 to using this was that snapshots contain a scope property which will override the global one whenever the machine is reverted. This can be overcome by re-snapshotting, or manually editing the snapshot XML file, or running a script/task to set the scope whenever the machines are reverted automatically. This problem will gradually go away as the machines get rebuilt of course.

PXE configuration

(This is just a random braindump, no real structure!) Directory structure:


RemoteInstall/ - Base folder, shared using TFTP, HTTP and SMB
Boot/ - No reason for this subfolder (hang over from using WDS initially)
abortpxe.0 - Permits exit from PXE process via menu
abortpxe.com
boot.gpxe - Initial boot file for gPXE, see below
chain.c32
gpxe-1.0.1-gpxe.kpxe - Initial file used to boot gPXE
gpxe-1.0.1-undionly.kpxe - Same, but using UNDI only (I found this doesn't work with a lot of older NICs)
ifcpu.c32 - CPU feature detection, use for menus
ifcpu64.c32 - CPU feature detection, use for menus
LiteTouchPE_x64.iso
LiteTouchPE_x86.iso - Images produced using MDT, and then booted using memdisk - see notes
memdisk - Used to boot from an ISO image
poweroff.com - Turn off machine
pxechain.com
pxelinux.0 - This is loaded by gPXE to provide the menus
pxelinux.com
vesamenu.c32 - Provides menu system
Linux/ - Place to put Linux files (and things like memtest)
pxelinux.cfg/ - Configuration for pxelinux
default - Default menu loaded for all clients
graphics.conf - Configuration for menu graphics
linux.menu
logo.jpg
tools.menu

DHCP configuration: I’m using the Windows DHCP server. You need to configure some server options at the root of your scope:


Option Name Value Class
066 Boot Server Host Name None
067 Bootfile Name http:///reminst/Boot/boot.gpxe gPXE
067 Bootfile Name Boot\gpxe-1.0.1-gpxe.kpxe None

You’ll need to create a custom class called gPXE to specify one of the options inside. Right-click on “IPv4” under your DHCP server -> “User Classes” -> Add Name: gPXE Description: gPXE Clients ASCII: gPXE Other than that set up DHCP as normal. You don’t need to configure option 60. More details on chainbooting gPXE can be found here. boot.gpxe:


#!gpxe
chain http:///reminst/Boot/pxelinux.0

This is simple, but can be made much more complex (see gPXE command line reference). MDT notes: Generating the MDT images is fairly straightforward, though obviously you need to configure MDT first (outside the scope of this article). The .iso MDT produces contains a WIM image, boot.sdi and bootmgr etc. This can be used to boot windows PE, which then triggers OS deployment. One little thing to mention here is that for this process to work you need to disable the “Press any key to boot from CD/DVD” option which comes up. This is done by removing the bootfix.bin file from the generated ISO. Delete it from: C:\Program Files\Windows AIK\Tools\PETools\x86\boot\ C:\Program Files\Windows AIK\Tools\PETools\amd64\boot\ And MDT won’t copy it into the ISOs it generates. Menu entries for MDT:


LABEL wds
MENU LABEL ^Windows Deployment Services (x86)
LINUX http:///reminst/Boot/memdisk
APPEND iso raw
INITRD http:///reminst/Boot/LiteTouchPE_x86.iso


LABEL wds
MENU LABEL ^Windows Deployment Services
LINUX http:///reminst/Boot/memdisk
APPEND iso raw
INITRD http:///reminst/Boot/LiteTouchPE_x64.iso

Selecting either option will download memdisk and the iso, then boot from the ISO (which takes you into the MDT wizard, or if you configure a default task sequence per machine it’ll automatically begin to deploy). gPXE: You can get gPXE ROMs from here. I chose to use the all drivers one for simplicity, and because I found the UNDI-only one didn’t work with some NICs. The “PXE bootstrap loader” option is the right one (.kpxe) Other notes: Menu item for booting from local disk should be…


LABEL local
MENU DEFAULT
MENU LABEL Boot from ^Harddisk
LOCALBOOT -1

Links: Download SYSLINUXTFTPD