VMWARE VVOL 3PAR and IBM XIV Second Findings

Hello All ,

Before start maybe you need to be sure something about VVOL ;

-> VVOL is object !  http://blogs.vmware.com/education/2015/08/top-questions-vvol-webinar.html

->VMware Virtual Volume API instead of simply presenting a LUN to the hypervisor, letting an ESXi host do data placement and access, a storage system takes on itself a bulk of storage-related functions.

-> Storage Policy Based Management is must

->PE (Protocol Endpoint) what kind a passive multiplexer is it ? Finally understand it from Cormac PE.

  • Protocol Endpoint is a logical I/O proxy presented to a host to communicate with Virtual Volumes stored on a Storage Container. When a virtual machine on the host performs an I/O operation,the protocol endpoint directs the I/O to the appropriate virtual volume. This is a LUN on block storage arrays, and a mount point on NAS arrays. These must be pre-configured on the array, and then presented to all the ESXi hosts that wish to use VVols. These are discovered ‘or’ mounted to the ESXi hosts just like a datastore. However they are not used for storage, just communication.

-> Actually for 3PAR no need to have pre-configured LUN also same on IBM XIV (I mean yourself, they do it for you)

Lets come to IBM VVOL implementation ;

  • You need IBM Spectrum Control Base Edition(SCBE) -> Without it no way to establish control plane between vCenter and IBM XIV (its free)
  • 3PAR VVOL integration completely easy then IBM
    • With IBM you need to install IBM Spectrum Control Base Edition  first
    • Enable Meta Data Service on XIV
    • XIV support Multi-Tenancy (3PAR also have) and before configure VVOL need to create external managed Domain (IBM Spectrum Control Base Edition will manage it) Please google redp5183 , its good and single documentation :D
    • Then need to care about redundancy of control plane actually ibm have a solution for IBM Spectrum HA Config (You can integrate 3PAR with vCenter as a Storage Provider need only startvasa command on it)
    • Then add the array ;)
      • I have to note here removing storage array from SCBE do not cause any data lost , just only XIV removed from management of IBM Spectrum Control Base Edition
  • Need to set space and service
    • Space just a logical name which can contain service and multiple space provide multiple storage containers
    • Service is about about capability like Thin,Thick and Compression, Encryption and of course about VVOL service
    • Then add new resource/attach resource to service then its over , just only need to add VVOL type datastore

– > About multiple PE ;

What i see , 3PAR support single PE . For IBM XIV because of you are creating ALU for each ESXi node you also provide LUN ID which means you are creating PE for each host. (No documentation but because of we are assigning LUN ID each and ALU is called PE)

IBM created a ALU on the XIV, its is a master LUN, all of the VVOL are luns “behind” the ALU. This is done so we dont exceed the number of paths ESX supports. With the ALU, there is only one set of paths defined, not a set for every VVOL.

-> What is not cool with IBM implementation ;

You should read from notes of SCBE for do not care about meta and tick pools :) but they looks like bad , i don’t know why they do not hide it and giving warning bla bla

Screen Shot 2015-08-20 at 15.41.14

Also you will see very interesting named values there and looks like VVOL and RTM is not working together

Screen Shot 2015-08-20 at 15.46.07


VMWARE VVOL 3PAR and IBM XIV First Findings

Hello All,

Actually a lot of VVOL configuration articles , HP pdfs and IBM XIV Redbook for that but sometimes need more clear explanations.

First you should be sure and double check your HBA firmware, for example i am using Emulex OCe11100 with 10.2.340.18-1OEM.550.0.0.1331820 which is coming with HP VMware 6.0 iso but until upgrade it 10.6.x version i couldn’t see Protocol Endpoint :(

To learn driver version, there is lovely article from vmware http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1027206

[root@vcd8betahost3:~] esxcfg-scsidevs -a

vmhba0  hpsa              link-n/a  sas.500143802386c9c0                    (0000:03:00.0) Hewlett-Packard Company Smart Array P220i

vmhba1  lpfc              link-up   fc.50060b0000c26e09:50060b0000c26e08    (0000:04:00.2) ServerEngines Corporation Emulex OneConnect OCe11100 FCoE Initiator

vmhba2  lpfc              link-up   fc.50060b0000c26e0b:50060b0000c26e0a    (0000:04:00.3) ServerEngines Corporation Emulex OneConnect OCe11100 FCoE Initiator

vmhba32 usb-storage       link-n/a  usb.vmhba32                             () USB

Important part is “lpfc” for me , then

[root@vcd8betahost3:~] vmkload_mod -s lpfc | grep Version


For Emulex http://www.emulex.com/downloads/emulex/drivers/vmware/vsphere-60/drivers/ you find out driver from link and just standard vib or offline-bundle installation is required lie below ;

esxcli software vib install -v {VIBFILE}  (here replace {VIBFILE} with lpfc-


esxcli software vib install -d {OFFLINE_BUNDLE} (here replace {OFFLINE_BUNDLE} with VMW-ESX-6.0.0-lpfc-

its take a while for me , if something wrong pls check “esxupdate.log” from ESX node

PE(Protocol Endpoint) known as a Proxy , IBM call ALU (Administrative Logical Unit)

Also check firmware requirements from this pdf for HP page 7 http://h20195.www2.hp.com/v2/GetPDF.aspx/4AA5-6907ENW.pdf and for IBM XIV 11.6.0.b

i guess 3PAR VVOL configuration easier and more understandable then IBM XIV For example no need to create additional domain , pool and create manual administrative logical unit which 3PAR create automatically, just only need be sure VASA service is running on 3PAR.

Be sure Protocol Endpoint is running , if service is disabled then execute “startvasa” command

HOSTNAME3PAR cli% showvasa

-Service- ———VASA_API2_URL——— -MemUsage(MB)- -Version-

Enabled            339 2.1.6

For IBM XIV (i guess it will be also needed for Storewize) you need to extra install “IBM Spectrum Control Base” software, its kind a thin version and of course free version with some functionality of IBM Tivoli. Its looks like developed with python django framework. After register XIV and then create VVOL Service and Resource on it and register VASA Storage Provider on vCenter then its okay to go.

Most important thing is checking the log , its all “/var/log/sc” folder and from events.log you can find out many things. (Pls check all others for learn and see different things)

To install and troubleshot pls download IBM_Spectrum_Control_Base_2.1.0_UG

Example view of it

Screen Shot 2015-08-11 at 00.53.51

You will mostly see that every article will inform you to execute “esxcli core storage device list –pe-only” but here pls do not forget for example if VASA service on 3PAR is not running or something wrong with HBA,Storage firmware then you can not see something and if everything is success additional to your storage device which vmware aware about it you will have another extra new device with same name but “Is VVOL PE ” is  true , like below

   Display Name: 3PARdata Fibre Channel Disk (naa.2ff70002ac00cb53)

Vendor: 3PARdata

Is VVOL PE: true

Display Name: 3PARdata Fibre Channel Disk (naa.60002ac0000000000000000a0000cb53)

Vendor: 3PARdata
Is VVOL PE: false

For 3PAR you will see some capacity assigned to VVOL PE enables device which is 512 B don’t worry

Like VSAN you have to create VM Storage Profile , here some documentations show different thing but for VASA 2.0 we should use com.hp.3par.spbm for data service.

About the rule sets  you will see some screenshots like below

Screen Shot 2015-08-11 at 01.16.43


but for me its not like that at the startup more strong and long lines but after logout and login vCenter Web Clients its fixed like above :D

Some notes for me , to do not forgot something about 3PAR command line

Also i made some snapshot test and i can see that still Checkpoint_Unstun there :(

3PAR Host Creation

First need to define host but before need to learn host types (Actually on XIV generally we set Generic if its not other IBM device);

HOSTNAME3PAR cli% showhost -listpersona

Persona_Id Persona_Name   Persona_Caps

1 Generic        UARepLun,SESLun

2 Generic-ALUA   UARepLun,SESLun,ALUA

6 Generic-legacy —

7 HPUX-legacy    VolSetAddr,Lun0SCC

8 AIX-legacy     NACA

9 EGENERA        SoftInq

10 ONTAP-legacy   SoftInq

11 VMware         SubLun,ALUA

12 OpenVMS        UARepLun,RTPG,SESLun,Lun0SCC

13 HPUX           UARepLun,VolSetAddr,SESLun,ALUA,Lun0SCC

15 WindowsServer  UARepLun,SESLun,ALUA,WSC

Then create host and set persona but before check WWPN appeared by 3PAR ;

HOSTNAME3PAR cli% showhost

Id Name Persona -WWN/iSCSI_Name- Port

0 ESX  VMware  50060B0000C26E08 1:1:1

—              50060B0000C26220 1:1:1

500143802668E844 1:1:1

Creating host ;

createhost ESX 50060B0000C26E08

Related command set persona value default 2 pls set it 11 and what i saw when active i can not set it to 11 which is support ALUA and reset the node when its offline set it for 11 (pls test with your 3par maybe no needed to offline node)

“sethost -persona 11 -os VMware ESX” (ESX is hostname also this command from HP docs , i push this command without -os paramter)

To see the created/assigned virtual volumes to me (don’t mix it with 3PAR virtual volumes) execute fallowing command below ; Via API communications storage also aware about VMs :D

HOSTNAME3PAR cli% showvvolvm


VM_Name Num_vv Physical Logical GuestOS               State

VVOLVM1      3    30771   49152 windows8Server64Guest Bound

HOSTNAME3PAR cli% showvvolvm -vv


VM_Name VV_ID vVol_Name             vVol_Type Prov Physical Logical

VVOLVM1    12 cfg-VVOLVM1-4cbe8a29  Config    tpvv     3200    4096

13 dat-VVOLVM1.-be812edd Data      tpvv    18560   40960

14 swp-VVOLVM1f-fcf1f816 Swap      full     4915    4096

For Stats ;

HOSTNAME3PAR cli% statvv dat-VVOLVM1.-be812edd

13:15:50 08/17/2015 r/w I/O per second KBytes per sec    Svt ms IOSz KB

VVname      Cur  Avg  Max  Cur  Avg  Max  Cur  Avg Cur Avg Qlen

dat-VVOLVM1.-be812edd   t    0    0    0    0    0    0 0.00 0.00 0.0 0.0    0


1   t    0    0         0    0      0.00 0.00 0.0 0.0    0

3PAR CLI Commands http://etactiks.blogspot.com.tr/2013/02/hp-3par-cli-command-list.html

Other good article from HP for implementation http://h20195.www2.hp.com/v2/GetPDF.aspx/4AA5-6907ENW.pdf


vSphere 6 and HP Untagged (Access) Communication Issue – ProLiant BL460c Gen8

Hello All

Today i tried to install and run vsphere6 with my hp servers . I saw that somehow if related NICs/ports configured Access there is no way to access to node or node can not access anywhere , when you change the configuration from access to trunk it start to work .

My Emulex Drivers are so old but i never faced such issue before after upgrade the firmware everything start to work correctly .  Maybe someone could have such issue at test environment  , update firmware ! :D

Old Version : 49.311.20

Updated Version : 105.65.21

Bye !

Windows Update and Hyper-V Cluster

I understood today Windows Update Client is most powerful Sith Lord and no any Jedi stop him :)

After stupid mistake (Set Automatic Windows Update Enabled) I saw that all virtual servers moved to another node but only one of VM in Saved State status and never activated . (its another story why VM couldnt moved or activated )

Actually I’m VMware guy and expect that without all VMs moved, source node shouldn’t be rebooted but its ! Actually i have some expectation from VMM but completely forgot Cluster Service , still all resources failover managed by it.

Again , no way to stop Windows Update Client ;)

Disable auto update or change something about resource failover policy

Cool … I know, its my bad , nothing about design …

System Center DPM 2012 R2 Install Error ID: 812

Error id 812 is indicate that you have a problem with SQL Server Reporting Services

This is very clear and also its too clear that you forgot to configure SSRS

MSSQL installation do not auto configure SSRS

DPM also failed with default SSRS configuration because DPM use https to connect SSRS and default SSRS configuration work with http

Also another complexity is you have to create/generate self signed certificate

To create self signed certificate i advise you download selfssl why because automatically you can create and import it to trusted container of your server

Use such command in cli and pls pls do not care about error message what it out

Selfssl.exe /N:CN=MACHINENAME /V:365 /T

Also more important one is if your server in domain pls use FQDN for create self signed certificate otherwise you will see that you can not call reporting server url

And pls recreate reporting db  after you introduce and configure self signed certificate because otherwise you will get some can’t encrypt messaged from SSRS

After all you will install DPM lovely :)


Create a VM Network When Subscription is created in Windows Azure Pack with SMA part2

and finally i succeed the create a VM Network, activate NVGRE GW with NAT and set some settings how i want

in part one i explained almost everything to create a runbook, now i completed the code in part2

you can find out some stupid variables like $a , $z and also some different ideas to generate some needs which are very clear to understand but all are my own if you have better way or more short way use it pls :)

Important parameters are “-ForOnBehalfOf” , “-OnBehalfOfUser” , “-OnBehalfOfUserRole”

For such parameters and value what you will set please fallow your SCVMM -> Job section . You will find the owner informations there

Pls command me something wrong or need to explain more

workflow VahoTest2

    #Get some values to use it inside InlineScript
    #We will generate User and UserRole to use it create a VM Network
    #We have to generate first 27 character of AdminId underscore whole SubscipritonId


    # I dont know why but maybe because of design Owner of the VM, Network and other objects are
    # generated via first 27 character of AdminId underscore subscriptionId
        $SubscriptionID =  $USING:WAPSubscriptionId
        $UserRole = $USING:WAPAdminId
        $UserRoleCut = $UserRole.Substring(0,27)
        $Under = "_"
        $Dot = "."
        $NameForSearch = $UserRoleCut + $Under + $SubscriptionID

     # Try to generate random name for VMNetwork we will create
        $NetworkName = "VirtualNetwork"
        $NetworkNameSuffix = Get-Random -Maximum 9999999
        $NetworkNameTemplate = $NetworkName + $Under + $NetworkNameSuffix

     # Connect to SCVMM Server
     # Important thing is -ForOnBehalfOf because for WAP SPF need to connect SCVMM
     Get-SCVMMServer -ComputerName your.scvmm.fqdn -ForOnBehalfOf | Out-Null

     #To get a SCVMM user role for only related SubscriptionId and User
     $z = Get-SCUserRole | where {$_.Name -match $NameForSearch}
     $a = $UserRoleCut

     # Create a Virtual Network For Customer
     # Actually i set static LogicalNetwork in this runbook becauase Provider Address Spaces is my NVGRE enables one
     # After such command executed empty VM Network object will be appear in SCVMM
     $NewVMNetwork = New-SCVMNetwork -Name $NetworkNameTemplate -LogicalNetwork "Provider Address Spaces” -OnBehalfOfUser $a -OnBehalfOfUserRole $z

     # To assign ip block to customer need to randomize the octests
     # Actually we are using network Virtualisation and can overlap it but treditional logic, sorry :( 

     [string]$octet1 = 10
     [string]$octet2 = Get-Random -Maximum 254
     [string]$octet3 = Get-Random -Maximum 254
     [string]$octet4 = 0
     $subnetmask = "/24"

     $GenerateVMNetworkSubnetID = $octet1 + $Dot + $octet2 + $Dot + $octet3 + $Dot + $octet4 + $subnetmask

     # Because of we are dealing with NVGRE,Network Virtualisation we do not have to set some VLAN ID
     # Just create a subnet object, thats it
     $CreateVMNetworkSubnet = New-SCSubnetVLan -Subnet $GenerateVMNetworkSubnetID

     # Right now in SCVMM VM Subnets tab is empty for create VM Network above
     # We need to add VM Subnet
     [string]$RSID = Get-Random -Maximum 254
     $NameVMSubnetUnderVMNetworkTemplate = $NetworkNameTemplate + "_Subnet" + "_" + $RSID
     $CreateVMSubnetUnderVMNetwork = New-SCVMSubnet -Name $NameVMSubnetUnderVMNetworkTemplate -VMNetwork $NewVMNetwork -SubnetVLan $CreateVMNetworkSubnet -OnBehalfOfUser $a -OnBehalfOfUserRole $z

     # SCVMM can do the IP Address Management, now we will define our ip range , dns
     # No need to deal with GW it will be auto created
     # First need to create some veriables
     #$GenerateVMNetworkSubnetWithoutMask = $octet1 + $Dot + $octet2 + $Dot + $octet3 + $Dot + $octet4
     $RangeStart = $octet1 + $Dot + $octet2 + $Dot + $octet3 + $Dot + "50"
     $RangeEnd = $octet1 + $Dot + $octet2 + $Dot + $octet3 + $Dot + "254"

     # Create the IP Pool
     $ipAdressPoolName = $NetworkNameTemplate+"_Pool"
     $dnsIP = ""

     # After this command executed you have to see an IP Pool under VM Network
     $staticIPAddressPool = New-SCStaticIPAddressPool -Name $ipAdressPoolName -VMSubnet $CreateVMSubnetUnderVMNetwork -Subnet $GenerateVMNetworkSubnetID -IPAddressRangeStart $RangeStart -IPAddressRangeEnd $RangeEnd -DNSServer $dnsIP -OnBehalfOfUser $a -OnBehalfOfUserRole $z

     # Now time to deal with NVGRE GW Service
     # This will be little static, maybe next time i will update it more dynamic and possible to load balance the service
     # Lets set static veriables
     $NVGREGWName = "internetgwservice2"
     # A statement below basicly put the NVGREGWName in front of the _Gateway string, we will use it next
     $NVGREGWNameTemplate = "{0}_Gateway" -f $NVGREGWName
     # NVGRE GW have an editional interface for internet access and distribute pulic ip address to Tenant Networks
     # Set you static IP Pool Name below
     $NVGREGWStaticIPPoolForIntenet = "Internet01"
     # A statement below basicly put the already created VM Network Name in front of the _Gateway string, we will use it next
     $VMNetworkNATConnName = "{0}_NatConnection" -f $NetworkNameTemplate
     # Now we are getting whole information about NVGREGW
     $NVGREGWOwn = Get-SCNetworkGateway -Name $NVGREGWName
     # After execute command below in SCVMM you can check the VM Network properties Connectivity Tab
     # Default Connect directly to an additional logical network & Direct Routing should be choosed
     #I command out first ActivateNVGREGWForVMNetwork because i got Error (11418) You do not have permission to access one or more of the objects required by this operation.
     #$ActivateNVGREGWForVMNetwork = Add-SCVMNetworkGateway -Name $NVGREGWNameTemplate -EnableBGP $false -NetworkGateway $NVGREGWOwn -VMNetwork $NewVMNetwork -OnBehalfOfUser $a -OnBehalfOfUserRole $z
     $ActivateNVGREGWForVMNetwork = Add-SCVMNetworkGateway -Name $NVGREGWNameTemplate -EnableBGP $false -NetworkGateway $NVGREGWOwn -VMNetwork $NewVMNetwork
     # To get public ip address and activate NAT to get ip pool
     $NVGREExternalIPPOOL = Get-SCStaticIPAddressPool -Name $NVGREGWStaticIPPoolForIntenet
     # Check the Connectivity Tab again, NAT should be choosed and you have an IP Address Now
     #$ActivateNAT = Add-SCNATConnection -Name $VMNetworkNATConnName -VMNetworkGateway $ActivateNVGREGWForVMNetwork -ExternalIPPool $NVGREExternalIPPOOL -OnBehalfOfUser $a -OnBehalfOfUserRole $z
     $ActivateNAT = Add-SCNATConnection -Name $VMNetworkNATConnName -VMNetworkGateway $ActivateNVGREGWForVMNetwork -ExternalIPPool $NVGREExternalIPPOOL


Create a VM Network When Subscription is created in Windows Azure Pack with SMA part1

In this article i would like to describe how to create a VM Network under subscription of WAP (Windows Azure Pack) with using SMA when subscription is created but looks like its better to divide it two parts. Actually i m not very good about PS (powershell) and this is the first time use PS Workflow if you are like me, its better to start to read Microsoft Scripting Guy article first.

Shortly Azure Pack SMA is one of the good think i have ever seen after PowerShell for Microsoft. Shortly its a automation or orchestration tool . To install it please read this article from Romain Serre.

Actually you can find out a lot of article about SMA but i believe that this article different is explain something more clear for newbies like me.

First login WAP Service Management Portal, “AUTOMATION” section you will find out all things about create runbooks.

Screen Shot 2015-01-30 at 23.33.50


To create a runbook , press to New-> RUNBOOK -> QUICK CREATE

Screen Shot 2015-01-30 at 23.36.15


Set any name how you want, description but most important part is TAGS section , it should be “SPF” always , i will explain it a bit latter, but first important thing is never forget to tag your runbook.

Second important thing when you start to develop your workflow code pls do not change the workflow name latter, because for make a test you will run you runbook and an error will be appear that workflow name is different then what you run . If you would like to change the workflow name pls create a new workflow how you want and copy/past your code there.

After you create your first runbook pls filter it and be ready to edit for example , you can see that i clicked RUNBOOKS from top of the page and filter my runbook. I have some old runbooks and one of them is suspended other completed and newly created runbook is appeared never run, zero job and not published.

its very clear that to use runbook you need to publish, without publish your runbook it will never appear.
3rd important thing is when you develop your runbook it should never expect something from you when its run (means interaction like answer something yes or no , wait some input from console),  if its then you should see such exception and runbook status will be suspended, i will show you from where you can see the such exception and script out

Screen Shot 2015-01-30 at 23.53.35

Screen Shot 2015-01-30 at 23.47.03

Click on your create runbook and wait for new screen appear

Screen Shot 2015-01-31 at 00.11.32

Very easy you can fallow your runbook how many times its run , status and some other informations. Click “AUTHOR” and wait a new screen appear and then click “DRAFT” because we have not published something yet, need to write some code.

Screen Shot 2015-01-31 at 00.15.25

WAP have an editor, for example you can see that it can automatically manage () and {} also after you start to set variables it will auto complete it when you need it next time.

Now start to talk about example code below;

We know that we created a VahoTest runbook (or your one) and next we will care about param section.

Param section manage parameters but i really confused and couldn’t understand well i saw some parameters like $resourceObject and params, because they are different then what you set a parameter. For example you can set a parameter like Name, like “param ([string]$name)” and you can request parameter “VahoTest -name something” but $resourceObject and params are little different. Actually i write down such script to understand whats inside and after all i saw that they carry many key and value for different events.

I have to explain that SMA provide event base runbook execution, we will see it shortly and configure  do something when VM is created or do something when subscription create or do another thing when something deleted.



Screen Shot 2015-01-31 at 00.55.17


VMNetwork creation event happened and $resourceObject and params are carry something. You will see the full things when execute the script on your side.

InlineScript, workflows do not support all powershell cmdlets because of that InlineScript section comes to rescue, you can use it for commands which are not supported by workflow.

To access variables out of InlineScript section you need to use $USING:

Here maybe its good time to read something about workflow limitations.

Last lines are about testing and troubleshooting , for more please read this article.

After copy/past the code below, save it then click “PUBLISH” button. You will see that now nothing under “DRAFT” and its moved to “PUBLISHED” . When you want to edit again, come to “DRAFT” and click “EDIT RUNBOOK”

workflow VahoTest
        Foreach ($param in $params)
        Foreach ($resources in $resourceObject)
    write-output (Get-Date)
    write-warning "Warning Message"
    write-error "Error Message"
    write-verbose "Verbose Message"

Screen Shot 2015-01-31 at 01.18.58

Now time to assign runbook for any type of event we need, In my example above playing with “VM CLOUDs” . Click “AUTOMATION” link, you can see already created things.

In my example i want to execute runbook when VMM start to create VM Network (its easy then create a subscription or VM :) ). You can imagine anything you want, for example its a good exercise to see what key/values are passed to $resourceObject and params for different kind of events

Screen Shot 2015-01-31 at 01.24.03

Please go to WAP from tenant portal try to create a VM Network manually, you will see that SMA will trigger the runbook , back to the admin portal find runbook , click on it and then click “JOBS” , check the job output. Thats it !

Screen Shot 2015-01-31 at 01.47.44

Now we are ready to switch part 2


Python ,vCloud Director REST API Series for Beginners – Just get the list of Org

Hola Everybody, (I’m not Spanish or Catalan but under effect this days)

In my first article about vCloud REST and API , i just tried to describe how to get the token with very bad coding example in WordPress. Its good to find a way to share codes from WordPress, thanks for this article.

In this article I added getting org list from vCloud Director also made error handling and XML parse with ElementTree

I’m expecting in next article start to create something inside vCloud Director with REST API and python and extend the code

# coding=utf-8
def get_vcloud_token(vcd_hostname, password, api_version):
    import urllib2
    import base64

    vcloudsession_url = "https://" + vcd_hostname + "/api/sessions"
    encode_credentials = base64.b64encode(password)

    # Prepare headers we will post
    vcloudapi_version = "application/*+xml;version=" + api_version
    vcloudapi_auth = "Basic %s" % encode_credentials
    data = ""
    authheaders = {'Accept': vcloudapi_version, 'Authorization': vcloudapi_auth}
    request_format = urllib2.Request(vcloudsession_url, data, authheaders)
    make_request = urllib2.urlopen(request_format)
    # We will not need to read whole html out
    # result = make_request.read()
    # Just need to catch key provided by vCloud Director from header response
    token = make_request.info()['x-vcloud-authorization']
    # this function will turn result to get and use it where it called
    return token

def get_vcloud_org_list(exisiting_token):
    import urllib2
    import xml.etree.cElementTree as ET

    vcloudapi_url = "https://v.dorukcloud.com/api/" + "org/"
    api_version = "5.5"
    vcloudapi_version = "application/*+xml;version=" + api_version

    # Now use the requested token before for query the org list
    afterauthheader_org = {'Accept': vcloudapi_version, 'x-vcloud-authorization': exisiting_token}

    # Be careful, there is no PUT request here, we will make a GET because of that second parameter
    # described with headers = afterauthheader_org and if you do not set headers then second parameters
    # will be accepted as a data
    make_org_list_call = urllib2.Request(vcloudapi_url, headers=afterauthheader_org)

    # Also lets improve our code with exception handling
        make_org_list_request = urllib2.urlopen(make_org_list_call)
        # Now we take the response as a file like object
        org_list_response = make_org_list_request.read()
        org_list_in_xml = ET.fromstring(org_list_response)
        # Here because of result is file like its a string we are importing it and ET will parse it
        org_list_in_xml = ET.fromstring(org_list_response)

        # Pls print response to understand how is the result
        # You will see that its an XML out and OrgList is will be the root tag or root element, it will have some child(s)
        # it will be Org and Org will have some attributes like Name , Href and type
        # we will take the name attributes of each child(s)

        # Create an empty array
        org_name_array = []

        for child in org_list_in_xml:
            # Add child.attrib['name'] inside the array

        return org_name_array

    except urllib2.URLError,e:
        print 'I guess wrong URL, SORRY ! '

# This is another function defined and name is main, you can see that inside main function we are calling get_vcloud_token function

def main():
    token_result = get_vcloud_token("you_vcloud_url", "Sit_Lord@System:password", "5.5")
    #This lines for tests , you can use it after remove the #
    #print token_result

    org_names = get_vcloud_org_list(token_result)

    #This lines for tests , you can use it after remove the #
    #print type(org_names)
    #for i in org_names:
    #    print i


Python , RESTClient and vCloud Director REST API Series for Beginners – Just login and take token

Today is 16 November 2014 and i m so new to python, RESTClient and vCloud Director API. This article is for beginners , hope help a lot for newbies

Update : in this article i have a bad view about coding , next article have better and if something wrong pls read it too .

First start from RESTClient

Before start we need to learn about little REST ,Methods and Headers . Please read when you are free this and thisquicktips and methods .

I do not have any programming background because of that explaining everything with my way. We have well known protocol which is HTTP/HTTPS and  using it for make some query and execute tasks . Softwares like vCloud Director provide us interface to do it. Methods , actually we are using each day it via web browsers , if you like to see http://www.vmware.com web site actually your are doing HTTP GET and if you would like to fill out some forms you are making HTTP POST. Headers are very important here , actually we mostly know header information like “User-Agent” , “X-Forwarded-For” , list to headers

Okay, ready now . Please download RESTClient plagin for Firefox and execute it

Screen Shot 2014-11-11 at 08.00.08

Now to make something with REST API on vCloud Director , we need to login first and  after provide credentials vCloud Director will provide us a token to use it next calls .

First change the Method to POST and write down you vCloud Director url , example https://your_vclouddirector_url/api/sessions

Second, i told you headers are very important , you will see now , on top pls click Headers and then Custom Header

Screen Shot 2014-11-11 at 08.15.44

then Name part type Accept and Value part application/*+xml;version=5.5

Version part should need to be change for which version vCloud Director you are using , in my example i am using 5.5 , you can use 5.1 then type it like that
Here also i wonder what is accept and related value , accept is client site (means we are) requesting something and accept only xml base content-type, here little special thing for vCloud Director . Check headers explanations

Screen Shot 2014-11-11 at 08.17.11

Now need to add our credentials for authenticate and get token from vCloud Director

Again from the top, select Authentication and choose Basic (you could do that add like custom header what we did before)

Screen Shot 2014-11-11 at 08.26.34

Now its time to provide your credentials , here don’t forget user name should be like user@organization , here if you use System Administrator to do something you have to use admin_name@System , RESTClient will convert it base64 encoding automatically. Base64 is

Screen Shot 2014-11-11 at 08.34.54

and we are ready to go please click SEND and see the response

Screen Shot 2014-11-11 at 08.36.14

important part is x-vcloud-authorization response header , this is very important because for 30 mins it will be our key to query without credential . This article is cover only How to get Token , now do it with python , also not for you if you see any ” its quotas , i don’t know why its appearing like that :(

Token Request Python Code

# Welcome to Python
# Python is very easy to use, no need to use $ to set veriables and use , ; end of the line.

# urllib2 is module, actually its a another code, have some functions inside. Used for web browser like functionality inside code.
# We are importing such modules to use inside our own code(to call , run and get result)

import urllib2

# base64 is module, job is endoing and decoding , we need this when provide password to connect vCloud Director

import base64

# Using import cause need to use functions with module name, means to use urllib2, you need to call module like urllib2.request
# If you import module like ‘from urllib2 import xxx” means you can use xxx function only, no whole code will be loaded. Ex: request
# Setting vCloud Director API URL, use your own one ! https://your_vcloud_url/api/
# This link will be used for make next calls after we have a token
# You can set the stings inside “” or ”
# For numbers no need to set value between “” or ”, just type it a = 5
# u is indicating its a unicode , here its not important but you should need it when using different languages letters like Turkish

vcloudapi_url = u”https://your_vcloud_url/api/”

# Setting vCloud Director Session URL
# This link will be used for only get a token

vcloudsession_url = “https://your_vcloud_url/api/sessions”

# vCloud Pass,  use your own pass !

vcloud_pass = “Sit_lord@System:password”
# Now, remember RESTClient API and vCloud Director API needs. We have to set headers inside the request
# vCloud Director version, mine is 5.5 , if you have different one change it like 5.1

vcloudapi_version = “application/*+xml;version=5.5”

# You know RESTClient automaticly encoded authentication values to base64, now do it with python

convertto_base64 = base64.b64encode(vcloud_pass)

# Encoded value will be used for authenication, set the encoded value to vcloudapi_auth veriable

vcloudapi_auth = “Basic %s” % convertto_base64

# We have a empty veriable, which name is data. actually it used for make POST request

data = “”

# Creating headers for our web request
# Actually we are creating key and value pairs here

authheaders = { ‘Accept’ : vcloudapi_version , ‘Authorization’ : vcloudapi_auth}
# Now using urllib2 module Request function, combining url , method and headers to generate how we will request something from vCloud Director

request_format = urllib2.Request(vcloudsession_url, data, authheaders)

# Send request

make_request = urllib2.urlopen(request_format)

# Read web server answer

result = make_request.read()

# Take the token header from response of web server
# x-vcloud-authorization is header
# This token will be used for next requests , after that no need to send credenitals to vCloud Director for 30 mins , this is default
# info() — return the meta-information of the page, such as headers
# Additional getcode() and geturl() can be used, getcode() return the HTTP status code of the response
# geturl() return the URL of the resource retrieved, commonly used to determine if a redirect was followed

token = make_request.info()[‘x-vcloud-authorization’]

# write out token

print token

Then you should see something like that

Screen Shot 2014-11-16 at 16.11.41

 Now time to understand functions and turn the code with function

# for create a function you need to define it like below, start with def and then function name and give the parameters what you need to have, of course you should not need to get something you can leave it like this ()

# to use this function need to feed it with related parameters, otherwise it will be not work
# Sorry maybe it will not appear correct but the code block within every function starts with a colon (:) and is indented.

def get_vcloud_token (vcd_hostname,username,password,api_version):

import urllib2
import base64

vcloudsession_url = “https://” + vcd_hostname + “/api/sessions”
encode_credentials = base64.b64encode(password)

#Prepare headers we will post
vcloudapi_version = “application/*+xml;version=” + api_version
vcloudapi_auth = “Basic %s” % encode_credentials
data = “”
authheaders = { ‘Accept’ : vcloudapi_version , ‘Authorization’ : vcloudapi_auth}
request_format = urllib2.Request(vcloudsession_url, data, authheaders)
make_request = urllib2.urlopen(request_format)
result = make_request.read()
token = make_request.info()[‘x-vcloud-authorization’]
#this function will turn result to get and use it where it called
return token

# This is another function defined and name is main, you can see that inside main function we are calling get_vcloud_token function

def main():


print token_result

# To execute main function type the name() without or with parameters
# Now main function will be called and inside main another funtion will be called too !

Now, thats it , next articles will be more more easy …
Also i will try to find out another way to share the code to be more clear …



WAP, NVGRE and Hair pinning

Hello All ,

Today we faces connectivity issue between tenant networks behind same NVGRE GW.

Think that you have two tenants , Company A and Company B and two virtual networks and also NAT rule configured for remote access 3389 (RDP) to Company A VM can connect Company B VM but problem is two virtual networks are behind the same NVGRE GW.

Problem is single interface and To and From is behind a single interface , means source vm network coming from NVGRE outside interface and want to get in same interface to access other vm network .

This image could explain , BRIDGE is describing NVGRE , squares are vm networks and VM s behind


Pls check related settings on NVGRE GW node , active or passive , i guess its not important


PS C:\Users\Administrator.DORUKCOSN> Get-NetNatGlobal
InterRoutingDomainHairpinningMode : External


Then set it Local

PS C:\Users\Administrator.DORUKCOSN> Set-NetNatGlobal -InterRoutingDomainHairpinningMode Local
PS C:\Users\Administrator.DORUKCOSN>

Then go go go , try it now

External comes default , be care about it



Get every new post delivered to your Inbox.

Join 101 other followers