Below is an alternate method that I have used to remove disks owned by control domain
Obtain the UUID of the VM in question
<UUID of VM> = 26708987-c6b2-3243-c49c-db20a96b15a8
From the command line interface run the following command:
xe vbd-list vm-uuid=26708987-c6b2-3243-c49c-db20a96b15a8
uuid ( RO) : 81ae5475-02fd-ba46-68f6-4a170102641a
vm-uuid ( RO): 26708987-c6b2-3243-c49c-db20a96b15a8
vm-name-label ( RO): FvWebProxy01
vdi-uuid ( RO): <not in database>
empty ( RO): true
device ( RO): xvdd
uuid ( RO) : 974dc129-48bf-eac2-ab6c-467ef0dfd620
vm-uuid ( RO): 26708987-c6b2-3243-c49c-db20a96b15a8
vm-name-label ( RO): FvWebProxy01
vdi-uuid ( RO): 8d673a64-26a2-4e8e-8c8d-0cd4efcf2520
empty ( RO): false
device ( RO): xvda
and then execute the following command. NOTE: I chose vdi-uuid 8d673a64 because the other VDI is listed as not in the database
xe vbd-list vdi-uuid=8d673a64-26a2-4e8e-8c8d-0cd4efcf2520
uuid ( RO) : 64cd3f2e-66c4-ae3f-7f53-d83d97d2601f
vm-uuid ( RO): 70ad4283-6d3e-47c6-9c3c-070f586f43c2
vm-name-label ( RO): Control domain on host: FsXENSVR152
vdi-uuid ( RO): 8d673a64-26a2-4e8e-8c8d-0cd4efcf2520
empty ( RO): false
device ( RO): sm/backend/2710d6e3-fb6b-0cdf-0230-845f87620eab/8d673a64-26a2-4e8e-8c8d-0cd4efcf2520
uuid ( RO) : 974dc129-48bf-eac2-ab6c-467ef0dfd620
vm-uuid ( RO): 26708987-c6b2-3243-c49c-db20a96b15a8
vm-name-label ( RO): FvWebProxy01
vdi-uuid ( RO): 8d673a64-26a2-4e8e-8c8d-0cd4efcf2520
empty ( RO): false
device ( RO): xvda
and then run the following command. NOTE: I chose UUID 64cd3f2 because as you can see the vm-name-label is Control domain on host
xe vbd-unplug uuid=64cd3f2e-66c4-ae3f-7f53-d83d97d2601f
The device is not currently attached
device: 64cd3f2e-66c4-ae3f-7f53-d83d97d2601f
xe vbd-destroy uuid=64cd3f2e-66c4-ae3f-7f53-d83d97d2601f
The VM disks that were owned by the control domain should now be gone.
Tuesday, January 24, 2017
Monday, January 23, 2017
VM disks Owned by the Control Domain
You tried to migrate a VM, move a disk, or take a snapshot, and you look on your SR to find that your VM’s disk is owned by “the control domain”.
1. Why does this happen?
Basically it boils down to disk operations on/from a VM failing. Operations such as move, copy, snapshot, export, etc.
2. How do I get around it?
One answer is to reboot.
Another way is to find the link between your virtual disk and DOM0 (the control domain) from your stand-alone XenServer (or primary server if you have a pool).
Use list_domains to get the UUID of DOM0 (the control domain):
[root@rightserver boot]# list_domains
id | uuid | state
0 | 09dffafe-5bec-430d-bc80-6ddb2313beff | R
1 | 94c63c12-0851-708d-7f95-c011f2760649 | RH
21 | a8f76fee-0b45-b5ee-7d83-14f6b530141f | B H
id | uuid | state
0 | 09dffafe-5bec-430d-bc80-6ddb2313beff | R
1 | 94c63c12-0851-708d-7f95-c011f2760649 | RH
21 | a8f76fee-0b45-b5ee-7d83-14f6b530141f | B H
The control domain UUID is 09dffafe-5bec-430d-bc80-6ddb2313beff
Now we have to find the VBD(s) that DOM0 (the control domain) owns:
xe vbd-list vm-uuid=<DOM0 UUID, such as 09dffafe-5bec-430d-bc80-6ddb2313beff id>
This will show information about any Virtual Block Device (VBD) that DOM0 (the control domain) may be hanging onto. What we are interested in is the UUID of the VBD(s).
Grab the VBD’s UUID and execute:
xe vbd-unplug uuid=<UUID of the VBD being held by DOM0>
Finally, run:
xe vbd-destroy uuid=<UUID of the VBD being held by DOM0>
And there – rescan your storage repository and your VDI (virtual disk interface) should be free for your use.
Switch Commands
Dell M8024-k switch
Enable SSH on switch
Connect to switch via CLI
Module A1(config)#crypto key generate dsa
Do you want to overwrite the existing DSA keys? [Y | N] :y
DSA key generation started, this may take a few
minutes..................................................................................................................................
.......................................................
DSA key generation complete.
Module A1(config)#crypto key generate rsa
Do you want to overwrite the existing RSA keys? [Y | N] :y
RSA key generation started, this may take a few minutes....................
RSA key generation complete.
Module A1(config)#ip ssh server
Module A1(config)#exit
Module A1#exit
Module A1>en
Password:***********
Module A1#show ip ssh
SSH Server enabled. Port: 22
Protocol Levels: Versions 1 and 2.
SSH Connections Currently in Use: ............. 0
Maximum number of SSH Sessions Allowed: ....... 5
SSH Session Timeout: .......................... 600
RSA key was generated.
DSA key was generated.
SSH Public Key Authentication is disabled.
Active Incoming Sessions.
Ip Address User Name Idle Time Session Time
--------------- --------------- ------------ ------------
Module A1#exit
Module A1>exit
=====================
Disable Telnet
=====================
config
ip telnet server disable
exit
test a telnet connection to see if it fails
========================================================================
Ran the following command from the command line interface :
config t
line vty 0 4
transport input ssh
line 5 15
transport input ssh
copy run start
I tested a telnet connection and it failed. SSH connection worked successfully.
========================================================================
============
Enable HTTPS
============
Module A2(config)#crypto certificate 1 generate
Module A2(config-crypto-cert)#?
common-name Specifies the common name.
country Specifies the country name.
do Run Privileged Exec mode commands.
duration Specifies number of days a self-signed certi fication
would be valid. If unspecified defaults to 3 65 day.
email Specifies the contact email address.
exit To exit from the mode.
key-generate Regenerate SSL RSA key.
location Specifies the location or city name.
organization-name Specifies the organization name
organization-unit Specifies the organization internal unit
show Show configured settings and operational sta tus.
state Specifies the state or province name.
Module A2(config-crypto-cert)#key-generate ?
<cr> Press enter to execute the command.
<length> Specifies the length of the SSL's RSA key. I f
unspecified, length defaults to 1024.
Module A2(config-crypto-cert)#key-generate
Module A2(config-crypto-cert)#exit
Certification Generation Successful..
Module A2(config)#ip http secure-certificate 1
Module A2(config)#ip http secure-server
Module A2(config)#exit
Module A2#show ip http server secure status
HTTPS Server is Enabled. Port : 443
DH Key exchange enabled.
Certificate 1 is active.
Issued by: self-signed
Valid from Mar 8 05:11:14 2006 GMTMar 8 05:11:14 2007 GMT0.0.0.0 to Mar 8 05:11:14 2007 GMT0.0.0.0
Subject: /CN=0.0.0.0
Fingerprint: DF1027F336CC450ED2AC1C740DF24921
Module A2#show ip telnet
Telnet Server is Disabled. Port : 23
Module A2#show ip http server status
HTTP Server is Disabled. Port : 80
Enable SSH on switch
Connect to switch via CLI
Module A1(config)#crypto key generate dsa
Do you want to overwrite the existing DSA keys? [Y | N] :y
DSA key generation started, this may take a few
minutes..................................................................................................................................
.......................................................
DSA key generation complete.
Module A1(config)#crypto key generate rsa
Do you want to overwrite the existing RSA keys? [Y | N] :y
RSA key generation started, this may take a few minutes....................
RSA key generation complete.
Module A1(config)#ip ssh server
Module A1(config)#exit
Module A1#exit
Module A1>en
Password:***********
Module A1#show ip ssh
SSH Server enabled. Port: 22
Protocol Levels: Versions 1 and 2.
SSH Connections Currently in Use: ............. 0
Maximum number of SSH Sessions Allowed: ....... 5
SSH Session Timeout: .......................... 600
RSA key was generated.
DSA key was generated.
SSH Public Key Authentication is disabled.
Active Incoming Sessions.
Ip Address User Name Idle Time Session Time
--------------- --------------- ------------ ------------
Module A1#exit
Module A1>exit
=====================
Disable Telnet
=====================
config
ip telnet server disable
exit
test a telnet connection to see if it fails
========================================================================
Ran the following command from the command line interface :
config t
line vty 0 4
transport input ssh
line 5 15
transport input ssh
copy run start
I tested a telnet connection and it failed. SSH connection worked successfully.
========================================================================
============
Enable HTTPS
============
Module A2(config)#crypto certificate 1 generate
Module A2(config-crypto-cert)#?
common-name Specifies the common name.
country Specifies the country name.
do Run Privileged Exec mode commands.
duration Specifies number of days a self-signed certi fication
would be valid. If unspecified defaults to 3 65 day.
email Specifies the contact email address.
exit To exit from the mode.
key-generate Regenerate SSL RSA key.
location Specifies the location or city name.
organization-name Specifies the organization name
organization-unit Specifies the organization internal unit
show Show configured settings and operational sta tus.
state Specifies the state or province name.
Module A2(config-crypto-cert)#key-generate ?
<cr> Press enter to execute the command.
<length> Specifies the length of the SSL's RSA key. I f
unspecified, length defaults to 1024.
Module A2(config-crypto-cert)#key-generate
Module A2(config-crypto-cert)#exit
Certification Generation Successful..
Module A2(config)#ip http secure-certificate 1
Module A2(config)#ip http secure-server
Module A2(config)#exit
Module A2#show ip http server secure status
HTTPS Server is Enabled. Port : 443
DH Key exchange enabled.
Certificate 1 is active.
Issued by: self-signed
Valid from Mar 8 05:11:14 2006 GMTMar 8 05:11:14 2007 GMT0.0.0.0 to Mar 8 05:11:14 2007 GMT0.0.0.0
Subject: /CN=0.0.0.0
Fingerprint: DF1027F336CC450ED2AC1C740DF24921
Module A2#show ip telnet
Telnet Server is Disabled. Port : 23
Module A2#show ip http server status
HTTP Server is Disabled. Port : 80
Subscribe to:
Posts (Atom)