How to get llama 2 up and running , in a VM, with no GPU, and limited memory on Ubuntu

-
Image
OK I decided to write this up after unsuccessfully being able to find all the required info I needed in one place. In this setup we will be using Ubuntu Server 22.04.2 LTS as the OS. I have this running on a home lab ESXi server 8, on a HP Compaq Pro 6300 SFF CPU = Intel Core i7-3770 Installed Memory 16 GB I have some 10K SAS drives installed for the VM's If you have not already, navigate to  Get Ubuntu Server | Download | Ubuntu and download the 22.04.2 LTS ISO Next Lets create our VM that we are going to run this in. *Note Im using ESXi however you can probably do this in Workstation, Fusion, VirtualBox etc The main things to note on the VM creation. Set Ubuntu 64 bit as the guest OS Set your CPU relevant to the physicals CPU, I will be starting with 4 VCPU Set your Memory to as much as you can tolerate, I will be using 12 Disk Space - we are creating a 100G swap file, and the rest of the file can take up some room , so more is better if you can afford it Dont forget to add the U...
Post a Comment

WMI Query VMware View Agent Variables

-
The purpose of this post is to show how you can query the "Volatile Environment" variables from the View agent to get WMI information. I though I would share what I have done to maybe help others in similar situations.

Requirements:
The requirements for this view environment is to allow client drive redirection for internal users and disable it for external users.
The users are always in the same pool, and in this case we only have one connection server and one security server.

Because this is a feature that is either on or off and no built in way to control this, the thought is that we can create a GPO that and run off a WMI query to determine if the users are inside the network or outside of the network and disable client drive redirection based on the IP.

Lets Filter!
So we can create a simple GPO to disable CDR , however we do not want this to happen internally so we need something to query off of. It would seam this would be an easy task however I ran into the first issue with getting a WMI query for the registry key. There is no pre-defined value in the OS to do this. So we must do this on our own by creating and registering a MOF file that allows us to query the settings.

Where is the info?
View agent populates the "HKCU\Volatile Environment" key with a bunch of information, we are specifically looking for the "ViewClient_IP_Address" , however i figures since im already creating a MOF why not add all!



WTF MOF!?
So im going to skipp this part for now, but if you want to know more about MOF's read this:
https://technet.microsoft.com/en-us/library/cc180827.aspx

The MOF I created can be found here.

Load the MOF.
Copy the MOF to your parrent image in %systemroot%\System32\wbem\ and load it by runing the following command in the above directory:
Mofcomp -class:forceupdate VMwareView.mof



(Ill look into the auto recover stuff later, but for now lets test it)

Testing:
Connect to your View VM with the Viewclient and lets test.



Success!

How to disable CDR.
So I tried several different methods, however after some digging I found that the best way to do this is to call a script placed on the VM that stops the service.

This is the service "tsdrvdisvc"





This is exactly what i need, I see how i missed it as its not labeled like the rest of the VMware services.

This first example is to just stop the service on logon with a net stop tsdrvdisvc command.
We will put this in C;\temp\script.bat

We also need to create a GPO that runs when the user logs on.



After applying first lets make sure it does what it is supposed to.
It does not.
Why, the user does not have permission (because they are not admins).
Lets fix this, we need a tool from MS called subinacl to give the domain users permissions to the services.
once installed run the following:
subinacl.exe /service tsdrvdisvc /grant="yourdomain\Your Group"=top


ok, so lets reboot and try again.

Success! the service is stopped on logon.



Ok, now lest create some WMI Magic!
We already installed the MOF, the though is we can query for an IP range and if its not in that range then dont apply the policy.

So here is my WMI filter.

SELECT * FROM VMwareView WHERE ViewClient_IP_Address LIKE "192.168.%.%"

Now I have a new problem, it would appear that the variables are not getting populated fast enough , the query runs but because nothing is populated it returns false and does not apply so now what?

Well guess we will just do it the old fashioned way, script it!

replace your .bat with this .vbs. Delete the old GPO, Create a new one and set the logon script to point to the new script.

I have set a delay at the top of the script for 10 seconds for the population of the variables, your results may vary, feel free to adjust as need.

Hope this helps any one that needs it.





Comments

Post a Comment

Popular posts from this blog

vSphere 7 - Specify a vmkernel adapter to use for NFS datastores Step By Step \ Walkthrough on a DVS

-
Image
 Recently I needed to setup a NFS server but needed it to specifically be on a specific vmkernel adapter. I found this KB https://kb.vmware.com/s/article/50112854 however there were some things missing so I decided to write this walkthrough incase it helps any one else. First thing , remove all NFS mounted datastores if you haven't already. I ran through this on 7.0.2 however is probably the same for other versions. Step 1: This is going to be on a DVS, so we want to go ahead and create a port group to silo off our NFS traffic. To make life easy, we will just call it NFS Static binding and elastic port allocation were the defaults so I let these there. If you are VLAN'ing your traffic modify this info here, and complete the wizard. Next put your host into Maintenance Mode We are going to add a New TCP/IP stack to the host. First check that you have not already created one in the UI by opening a browser to the ESXi host, navigate to networking > TCP/IP Stacks SSH into your E...
Read more

Horizon View 2-factor Authentication for Free! with Google Authenticator or others

-
Image
So after quite a bit of work on my proof of concept google authenticator server, a colleague pointed out that LinOPT has already created this, along a whole slew of other options. So after spending a couple of nights reading and testing I figured id post a simple walk-through to get this up and running in your environment. As mentioned in the title this is a Free solution , however if you are wanting to scale this in a large organization you would most likely want to explore their support contracts , this is a good fall back when things just don't work and this also help the developers keep this type of software free for the rest of us. To start off we want to create 2 objects in Active Director. The first is just a standard user account LinOTP will use to connect to your domain. You can put these any where in your domain as we will access them directly later. In my case i create one called 'LinOTP Svc' and put it in the default Users OU. Next create a Global or ...
Read more

VMware View 2-factor authentication with Google Authenticator - Part Four

-
Image
Adding View to the Mix. Now that we have (almost) everything setup on the Linux server side, we just need to finish the view configuration and the client portion. Open up the View administrator, navigate to View Configuration > servers. Select the Connection Servers tab Select your Server and click the Edit button. in the "Edit Connection Server Settings" pop up window, change 2-Factor authentication to RADIUS Check enforce 2-factor and windows user name matching On Select Authenticator Select New. Update the fields with your information. We are now down with the View Configuration. download and install the google authenticator app for your device: https://support.google.com/accounts/answer/1066447?hl=en Now we sill set up the user to authenticate. Open up a putty session to your ubuntu server. type su someADusername you should now be logged in as that users run gauth, this will generate the QR code to scann from the install app on your ...
Read more