How To: Connect a DroboPro to a VMWare ESX host via iSCSI

Originally I was going to publish an article talking about my trials and tribulations (and really rudimentary performance info) around testing a DroboPro in my work VMWare infrastructure. Well, I found myself burning a bunch of time figuring out how to just get VMWare to see the Drobo. I figured the steps were worthy of mention as there's a couple of things on the VMWare side I missed that caused issues. I opened a ticket to Drobo, but have yet heard back from them on the matter yet, so I don't know if they have it documented or not. I also didn't see anything Drobo specific on the interwebs, so I thought maybe there's others out there who would be able to benefit from my misery.

Also an apology, being as this relates to a Drobo Pro and VMWare ESX, this clearly has no business on a blog about free stuff. However, for a small business, this could potentially allow for the use of big boy technology at a fraction of the cost of enterpise class gear. (My DroboPro as configured is about 10% the cost of a similarly sized EMC unit).

Now onto the details. This article assumes you have an ESX server licensed to use iSCSI, an available NIC port, and of course a DroboPro with some drives in it.

After a little bit of reasearch and experimenting, I have successfully gotten an ESX host to talk to the DroboPro. Below are the basic steps required.

1. Attach the Pro to a Windows or Mac desktop via USB or Firewire. Install the Drobo Dashboard per the included documentation
2. Configure the volumes on the unit to not exceed 2TB (the limit for VMWare) using the wizard.
3. Once attached and configured, go into the advanced settings in the drobo dashboard to configure a static IP address for iSCSI
4. Reboot the unit and test ethernet connectivity
5. Connect the unit to a dedicated NIC port on the ESX host either direct cable or via a switch (reccommend jumbo frames and flow control if using a switch)
6. On the ESX host, create a new network segment for the DroboPro. Under the networking tab, click add networking, select VMKernel, click next. Select the appropriate NIC, and follow the rest of the steps to add an IP address on the same segment as the Drobo. Save the changes
7. (This is the step that got me, as it's not obvious.) Click the newly created network and select properties. Click Add and add Service Console. Assign the Service Console a unique IP in the same subnet as the drobo and VMkernel settings. Edit the original VMkernel network to allow VMotion. Save the changes.
8. If you are running a version of ESX prior to 3.5 you will need to add a firewall exception under security for outbound traffic for the iSCSI client. This is done for you in 3.5 and newer.
9. Under configuration for the ESX host, select Storage adapters. Click on the iSCSI adapter then click properties in the detail window below.
10. In the general tab of the pop up window, click configure and then check enable to turn on iSCSI. The name is not important.
11. Under the dynamic discovery tab, click Add and enter the IP information for the drobo unit. Click OK and close the wizard. A dialogue will come up asking to rescan all storage, click no.
12. Right click the iSCSI adapter in the adapter list and click rescan. Wait patiently this could take several minutes
13. If all went well you should now see the number of targets change to 1. This indicates the host is successfully talking to the Drobo.
14. In the hardware section of the configuration pane, select storage. Click Add storage. The available volumes on the Drobo should appear in the window. Select one of the LUNS and follow the wizard to configure as desired.
    

A call to Mac users: stop with the malware huberis already!

Ok, first of all I am currently a Mac user and have been off and on for years. I say this as a friend, not some sort of anti-mac PC geek: Stop being so damned smug. I am talking about the stance on the lack of malware. This stance is pretty much echoed by everyone on the pro-Mac side of the fence from users all the way to Apple itself (just watch a random I'm a Mac, I'm a PC ad).

I was listening to the latest installment of Macbreak Weekly, and a couple of panelists were extolling the virtue of the malware free paradise that is OS X. Well here's the deal folks. This sort of thing is absolutely a dangerous attitude. How many Mac users use any sort of anti-virus at all? Pretty few. To that point, there actually ARE very few AV programs to begin with. Edit, there is the open source (and keeping to my roots, free)ClamXav.

Sure, the Mac OS is actually reasonably secure out of the box (we'll ignore the fact that the firewall is OFF by default) but some of the other protections work very well and are what Windows Vista wanted to be *cough* UAC *cough*

What we have here is the calm before the storm or so to speak. These days, malware, botnets viruses (virii?) are all about dollars and sense. Gone are the days of the pimply faced kid writing a little code to erase hard drives. The bad guys are writing stuff to make money by stealing personal data, sending spam, DDOS blackmail, you name it. Since this is a business, it's simply much more profitable to target the PC world.

Therefore, many Mac users sit around sneering at the PC world because the Mac folk live some sort of mythical land of rainbows and unicorn tears that no virus dare enter. I'm pretty sure the people in Pompeii kinda thought the same thing about volcanoes too.

That will always be the case, a target rich environment will always get the attention, but think about the Mac side of things for a while. There's a 10% or so slice of the market that's almost completely unprotected. Once somebody really takes advantage of this situation (and I do mean when, not if) it will be an unmitigated crisis.

Think I'm being a little bit alarmist? You might have missed this, but there's a currently exploitable (as in drive by scripting) vulnerability in the Java implementation of OS X. Despite 10.5.7 being put out mere days ago, this vulnerability has not been patched even though it's been known for at least six months. For more, visit this site which even features a proof of concept that will execute arbitrary (but harmless) code on your very own magic, walled unicorn powered Garden of Eden.

So my Mac friends, enjoy your beautifuly designed hardware, (mostly) reliable OS and fantastic UI. But please, please, stop thinking it's a freakin' suit of armor and go install some sort of anti-malware. Tin foil hat optional.

Off Topic, an ironic rant about Twitter advice from bloggers

I know, I know, I've been promising actual content to all (3) of my readers for weeks now. I've got some stuff in the works, a meta post with various updates and musings. I'm currently waiting my DroboPro (alas, not free) shipment to write a real article about trying to get it to play with VMWare ESX and some non-scientific performance stats. But that's not why I'm here now!

No, I am here because I've become irritated about blog posts from the "technorati" expounding on their detailed criteria to get you, the common plebeian, followed by them. I say.. enough already. Seriously. The universal rule should be, do you have interesting things to say? If so, people who find them interesting will follow you.

So far, my favorite bit of advise from these neo-sages is to make sure you are active so you're @ replying a lot. Yeah, ok. I've looked at the tweets from some of these people. Half of what they say is replies to other people I'm not following. So you get this disjointed mess of random half conversations.

Before Twitter, society used to have a term for that: Crazy dude at the bus station.

Some mini updates and random thoughts

Ok, it's been a while since I've updated the blog. To my one reader, I apologize for my slacker tendencies. The family is about to embark on a vacation to Orlando for a couple nights then a 3 night Disney cruise with a baby and a really rambunctious toddler, should be entertaining. Which of course there's another week with out an article. I am planning on tweeting photos as I go (during the non-international roaming parts of the trip.) So if you're interested, play along on Twitter

In the mean time, I'm just going to throw out a few notes on the great TiVo crisis and a couple of articles I have bouncing around in my head.

TiVo crisis update: After a lot of troubleshooting which involved ripping apart the Western Digital TiVo extender (really an over glorified mybook eSATA drive) as well as the TiVo itself to run extensive hard drive tests from WD. Both tests came back clean which was odd. So that essentially left either the SATA cable, the CableCard (yikes!) or some actual hardware issue. Unfortunately the next option I had was to disconnect the extender and let the TiVo divorce it (therefore deleting all of my videos).

This test so far has proven successful, no issues, and my wife's American Idol episodes actually recorded. For some reason Idol was the first program that started showing signs of distress and it ALWAYS got screwed up after that. The unit has been crusing along for over a week with no signs of distress, so I am calling the issue as a bad SATA cable (or connector on one of the units, we'll soon find out when I order a new cable.

In the pipeline.
One the IT Pro font, I've gotten approval for the Drobo Pro to extend the Dell NAS server we use for our disk to disk backup system. Before I attach it there, I'd like to slap it on a workstation to play with it a little and get some peliminary performance numbers. Then I want to see if I can get it talking with a VMWare ESX host as an iSCSI device. If I can I'll then try to run some numbers on it vs. direct storage and our 2gbps fibre channel SAN. I don't expect a lot on the VMWare front as I think the unit will probably take a beating on I/O. But if it can actually work, it might be a good solution for guest machines that don't hit the disk system a lot or are low use type machines.

Finally, some iPhone love is in the works too. I went crazy and downloaded a ton of apps trying to win the billionth app contest (alas I lost). They were all free apps, and I've been culling the ones I deem crappy. When the reckoning is finally over, I'll write about what's left as I did find a couple of cool, or at least amusing (I'm talking about you, iPity (link opens to random review I found on Google)) apps.

That's it for now folks, time to find some sandals to pack!