Čítačka správ

VMware App Volumes 4 Update 1

VMware Community - Pi, 03/13/2020 - 08:58

An update to App Volumes 4 has just been released to resolve a few critical issues:

 

  • Chrome fails with the "Aw,Snap!" error occurs due to compatibility issues with Chrome version 78 and later. [2478183]
  • Silent installation or upgrade of App Volumes Agent requires the EnforceSSLCertificateValidation parameter be set to 0 or 1. [2488638]
  • In some cases, the login process spans a few minutes until the user is able to utilize the desktop. [2506815]

 

See the VMware App Volumes 4 Update 1 Release Notes for details.

Kategórie: VMware

What's New in SRM and vSphere Replication 8.3

VMware Documents - Ut, 03/10/2020 - 17:50

Hi All,

 

A new blog post has just been released, I found it really informative, so I thought I would share.

 

Please see the link below:

 

What's New in SRM and vSphere Replication 8.3 | VMware vSAN

 

--

Fouad

Kategórie: VMware

VMware vCenter 6.0 Migrate from Windows to Linux (VCSA 6.7) and to embedded PSC

VMware Documents - Št, 03/05/2020 - 12:05

This is the procedure how to upgrade/migrate your Windows vCenter server 6.0U3 to Linux (VCSA) appliance 6.7U1. The setup in question has one External Platform Service Controller (PSC) with two vCenters connected to it.

Short overview:
1. Upgrade and Migrate the External PSC 6.0U3 to VMware linux appliance 6.7U1

2. Upgrade and Migrate the Windows vCenter server 6.0U3 to a VCSA 6.7U1
3. Migrate the External VMware PSC appliance 6.7U1 to embedded one in each VCSA

 

General prerequisites

0. Prerequisites (Create snapshot of the vCenter server, PSC server, vCloud Director cells and the Oracle DB):

0.0. Check the compatibility with the following products: ChargeBack Manager, NSX, Usage Meter, vCloud Director, vRealize Orchestrator, Operations Manager;

 

I. (PSC upgrade and migration to 6.7U1)

Prerequisites:

0.1. Check if the network adapter have default gateway (not persistent route); if not - add it;

0.2. Check if port 9123 is open between the vCenter server and the other server;

0.3. Ensure that there is more than 12 GB of free space on the vCenter server (where it's installed; typically in C drive);

0.4. Login locally to the host on which the vCenter server VM resides (esx01 and esx02);

0.5. Ensure DNS resolution is working on the PSCs and VCs (e.g. nslookup yourvcenter01)

0.6. Check the SSL certificate configuration (if needed change/renew the certificate with the FQDN):

0.6.1. Two ways:

0.6.1.1. Using VECS-CLI (https://kb.vmware.com/s/article/2111411)

"%VMWARE_CIS_HOME%"\vmafdd\vecs-cli entry getcert --store MACHINE_SSL_CERT --alias __MACHINE_CERT --output c:\certificates\machine_ssl.crt

0.6.1.2. Open a browser to "yourpsc.local" and open the certificate > Details tab > Copy to File... > save to desired location

0.6.1. Identify which ESXi hosts are running all of the PSC(s) and vCenter Server(s) in the SSO domain, and verify we can log into all of these ESXi hosts directly with the vSphere Client and root

0.7.2. Shutdown all PSCs and vCenter Servers in the SSO domain

0.7.3. Create backups & snapshots of these servers

0.7.4. Power on all PSC(s) & vCenter Server(s) in the SSO domain

0.7.5. Verify all services are working as expected

0.7.6. Use the certificate-manager utility on the PSC(s) and replace the Machine SSL certificate with a certificate signed by the VMCA, where the FQDN is in the Subject Alternative Name (SAN); D:\Program Files\VMware\vCenter Server\vmcad > certificate-manager > option 3 for self-signed certificates > username > password > Country (leave default) > Enter > leave default > leave default > leave default > leave default > leave default > Enter > leave default > FQDN (e.g. yourpsc.local) > Short name (e.g. yourpsc) > Y

Enter proper value for 'Country' [Default value : US] : leave default

Enter proper value for 'Name' [Default value : CA] : leave default

Enter proper value for 'Organization' [Default value : VMware] : leave default

Enter proper value for 'OrgUnit' [Default value : VMware] : leave default

Enter proper value for 'State' [Default value : California] : leave default

Enter proper value for 'Locality' [Default value : Palo Alto] : leave default

Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : leave default

Enter proper value for 'Email' [Default value : email@acme.com] : leave default

Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Doma

in Name(FQDN), For Example : example.domain.com] :  yourpsc.local

Enter proper value for VMCA 'Name' : yourpsc

You are going to regenerate Machine SSL cert using VMCA

Continue operation : Option[Y/N] ? : Y

https://kb.vmware.com/s/article/2097936

0.7.7. Perform restart operation on the vCenter Server/s by using 'service-control --stop --all' and 'service-control --start --all'

0.7.8. Verify all services are working as expected

0.7.9. Repoint the NSX Managers (MGMT and RES; https://nsxmanager01 and https://nsxmanager02) to the PSC with the new certificate

0.7.10. Confirm the connection in Usage Meter (Edit vCenter > unselect and then select PSC); accept all new thumbprints;

0.8. Check the exclusion list of the NSX manager and see if all VMware infrastructure VMs are in the list (PSC, VCM, VCR, etc.)

0.9. Disconnect all other users before the migration and stop all unnessary services (e.g. browsers, vSphere Clients, etc.)

0.10. Add the domain user to the Enterprise Admin group

 

 

Actual Upgrade:

0. Stop the PSC and vCenter servers and create snapshot of the VMs (psc01, vcenterresource01, vcentermanagement01) and backup of the Oracle DBs

1. Mount the VCSA 6.7U1 ISO file on the vCenter server (During the next steps simultaniously steps 7-15 can be executed)

2. Go to "migration-assistant" > VMware-Migration-Assistant.exe

3. Enter the SSO credentials in the new window

4. Enter the credentials for service account

5. Enter the IP network which will be primary for the vCenter server

6. After the prechecks the wizard will stop on "Waiting for migration to start…"

7. Mount the VCSA 6.7U1 ISO file on another Windows machine (not the vCenter server) utilityserver01 > go to "vcsa-ui-installer" > win32 > installer.exe > Migrate

8. Always specify the IP not the FQDN for the vCenter server

9. In Stage 1 the new appliance will be deployed:

10. Specify in the wizard all necessary information about the source vCenter server;

11. Specify IP of the destination host on which the new VM will be deployed;

12. Specify the size of the setup (Tiny, Large, etc.);

13. Select the datastore on which the appliance will be deployed;

14. Select the appropriate network port group;

15. Enter the information about the new server appliance (name: psca01, network (temporary): PROD: 10.10.10.10, 255.255.252.0, Gateway: 10.10.10.254; DNS servers: 10.10.10.20,10.10.10.21; etc.);

16. Add the new VM (Linux appliance) to the exclusion list inside the Management NSX (NSX > Firewall Settings > Exclusion List > Add > Select the new object > arrow > OK)

17. Stage II - Copy the data and finish the process by automatically shut down the source vCenter server:

18. Enter service account credentials for Ad;

19. Select Configuration and historical data (Events);

20. Deselect "Join the VMware's Customer Experience Imprevement Program";

21. Select "I have backed up the source vCenter server and all the required data from the database";

22. Click "Finish" > OK (after the migration the source (Windows vCenter server) will shut down);

23. Check the status of the new PSC Appliance server.

24. Re-register the PSC and the vCenter server in Usage Meter, vCloud Director, vRO, NSX Manager (Using web Interface)

25. Rename the old vCenter server VM and disconnect the network adapters

26. Rename the new Linux Appliance to the original VM's name

27. Billing team to check the integration of ChargeBack

28. Setup the FTP backup through the VAMI interface

29. Check if all services are working: (vCenter server (if you can login using the Web Console with domain credentials), ChargeBack Manager, NSX (check the status in the Web console of NSX manager and also in vCenter server), Usage Meter (re-establish the connection with PSC and vCenter servers), vCloud Director (refresh the connection with the vCenter server), vRealize Orchestrator, Operations Manager)

 

II. (vCenter Upgrade and migration to VCSA 6.7U1)

Prerequisites:

0.1. Check if in "Local Security Policy" > Local Policies > User Rights Assignment > Replace a process level (token) Assignment > Add User or Group (add the service account);

0.2. Check if the network adapter have default gateway (not persistent route); if not - add it;

0.3. Check if the OOB address of the utility server has DNS record in SDI; if not: submit request to SDI;

0.4. Check if port 9123 is open between the vCenter server and the other server;

0.5. Prepare the future monitoring change;

0.6. Prepare FTP server for backup of the vCenter server;

0.7. Ensure that there is more than 12 GB of free space on the vCenter server (where it's installed; tipically in C drive);

0.8. Ensure no 5.5 objects still exist. This includes ESXi hosts, Host profiles, DVS, and any vmfs3 volumes. Upgrade or remove them beforehand if they do;

0.9. Login locally to the host on which the vCenter server VM resides (esx01 and esx02);

0.10. Stop and unregister the Update Manager: https://communities.vmware.com/thread/592318

0.10.1. Stop Update manager service & disable the UM plugin

0.10.2. Remove the UM extension from vCenter MOB page by following below VMware KB article https://kb.vmware.com/s/article/1025360

0.10.3. Extension for UM: com.vmware.vcIntegrity;

0.11. Unregister the VSC (NetApp plugin) and SnapCenter plugin; com.netapp.nvpf and com.netapp.nvpf.webclient and com.zerto.plugin

0.12. Ensure DNS resolution is working on the PSCs and VCs (e.g. nslookup vcentermanagement01)

0.13. Make sure that every component (VCs, PSCs, Source/Destination ESXi hosts) are in time sync:

0.13.1. Windows cmd: w32tm /query /configuration

0.13.2. Windows cmd: w32tm /query /status

0.13.3. Windows cmd: Time /T

0.13.4. VMware ESXi: check the time servers entered in the config: Configuration > Time Configuration > Properties

0.14. Set DRS automation to manual on the cluster the new appliance will be created.

0.15. vSphere Client (6.0U3) should be installed on the UTL server before the migration (in this way we can access locally the ESXi hosts)

0.16. Check the exclusion list of the NSX manager and see if all VMware infrastructure VMs are in the list (PSC, VCM, VCR, etc.)

0.17. Enable TLS 1.2 for Windows Server 2008 R2.1.

0.17.1. Navigate to the registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

0.17.2. Create a new folder (New Key) and label it TLS 1.2.

0.17.3. Create two new keys with the TLS 1.2 folder, and name the keys Client and Server.

0.17.4. Under the Client key, create two DWORD (32-bit) values, and name them "DisabledByDefault" and "Enabled".

0.17.5. Under the Server key, create two DWORD (32-bit) values, and name them "DisabledByDefault" and "Enabled".

0.17.6. Ensure that the Value field is set to 0 and that the Base is Hexadecimal for "DisabledByDefault".

0.17.7. Ensure that the Value field is set to 1 and that the Base is Hexadecimal for "Enabled".

0.17.8. Reboot the Windows Server 2008 R2 computer.

0.18. Disconnect all other users before the migration and stop all unnessary services (e.g. browsers, vSphere Clients, etc.)

0.19. Deploy a new Edge Gateway and configure NAT rule for OOB IP address

 

 

Upgrade:

0. Stop the vCenter Servers and vCDs (Create snapshot of the vCenter server, PSC server, vCloud Director cells and the Oracle DB)

1. Mount the VCSA 6.7U1 ISO file on the vCenter server

2. Go to "migration-assistant" > VMware-Migration-Assistant.exe

3. Enter the SSO credentials in the new window

4. Enter the credentials for service account

5. Enter the IP network which will be primary for the vCenter server

6. After the prechecks the wizard will stop on "Waiting for migration to start…"

7. Mount the VCSA 6.7U1 ISO file on another Windows machine (not the vCenter server) utilityserver01 > go to "vcsa-ui-installer" > win32 > installer.exe > Migrate

8. Always specify the IP not the FQDN for the vCenter server

9. In Stage 1 the new appliance will be deployed:

10. Specify in the wizard all necessary information about the source vCenter server;

11. Specify IP of the destination host on which the new VM will be deployed;

12. Specify the size of the setup (Tiny, Large, etc.);

13. Select the datastore on which the appliance will be deployed;

14. Select the appropriate network port group;

15. Enter the information about the new server appliance (name: vcsa01, network (temporary): PROD: 10.10.10.10, 255.255.252.0, Gateway: 10.10.10.254; DNS servers: 10.10.10.20,10.10.10.21; etc.);

16. Add the new VM (Linux appliance) to the exclusion list inside the Management NSX (NSX > Firewall Settings > Exclusion List > Add > Select the new object > arrow > OK)

17. Stage II - Copy the data and finish the process by automatically shut down the source vCenter server:

18. Enter service account credentials for Ad;

19. Select Configuration and historical data (Events);

20. Deselect "Join the VMware's Customer Experience Imprevement Program";

21. Select "I have backed up the source vCenter server and all the required data from the database";

22. Click "Finish" > OK (after the migration the source (Windows vCenter server) will shut down);

23. Check the status of the new vCenter Appliance server.

24. Re-register the PSC and the vCenter server in Usage Meter, vCloud Director, vRO, NSX Manager (Using web Interface)

25. Rename the old vCenter server VM and disconnect the network adapters

26. Rename the new Linux Appliance to the original VM's name

27. Billing team to check the integration of ChargeBack

28. Setup the FTP backup through the VAMI interface (e.g. https://vcentermanagement01.local:5480)

29. Check if all services are working: (ChargeBack Manager, NSX (check the status in the Web console of NSX manager and also in vCenter server), Usage Meter (re-establish the connection with PSC and vCenter servers), vCloud Director (enable the integration (only Resource vCenter server); refresh the connection with the vCenter server), vRealize Orchestrator, Operations Manager)

30. Register vRealize Orchestrator plugin using this article: https://docs.vmware.com/en/vRealize-Orchestrator/7.2/com.vmware.vrealize.orchestrator-install-config.doc/GUID-2E89186B-E44F-4124-8848-82002BA6BBA6.html

31. Check if the NSX agents on the hosts are up and running properly (and if they are up-to-date version 6.4.4)

 

https://vspherecentral.vmware.com/t/vcenter-server/vcenter-lifecycle-install-upgrade-and-migrate-3/windows-vcenter-server-6-5-external-migration-to-vcsa-6-7

 

 

Rollback: https://kb.vmware.com/s/article/2146453

1. Power off the new Platform Service Controller Appliance.

2. Power back the PSC (SSM server); Rejoin the server to the domain;

3. Verify that all Single Sign-On services are up and running.

4. Power off the vCenter Server Appliance.

5. Ensure the vCenter database is available if using an external database.

6. Power back the vCenter server.

7. Wait for all vCenter Server services to start and log in to the vSphere Web Client to verify your vSphere inventory.

 

 

III. Migrate External PSC to Embedded one

Prerequisites:

0.0. Login locally to the ESXi hosts in the management vCenter server.

0.1. Stop/change the VAMI backup of the VCM, VCR and SSM linux appliances using disable option: https://yourvcenter.local and https://vcentermanagement01.local and https://yourpsc01.local

 

 

1. From Usage Meter (https://usagemeter01.local:8443/um) products > Delete vCenter yourvcenter.local, vcentermanagement01.**.local

2. Put suppression in Monitoring system

3. Disable vCenter in the respective for the environment vCloud Director.

4. Shutdown vCenter servers vcenterresource01, vcentermanagement01 and the PSC psc01 from the ESXi hosts;

5. Create new series of snapshots for vcenterresource01, vcentermanagement01, psc01.

6. Power ON psc01. After several minutes power on vcenterresource01

7. Copy the converge tool from the ISO file VMware-VCSA-all-6.7.0-11726888.iso\vcsa-converge-cli\ to utility Windows server

8. Copy the template (vcsa-converge-cli/templates/) to the folder where vcsa-util resides

• converge.json

9. Edit the converge.json:

{

    "__version": "2.11.0",

    "__comments": "Template for VCSA with external Platform Services Controller converge",

        "vcenter": {

            "description": {

               "__comments": [

                       "PR",

                    "vcentermanagement01, vcenterresource01 and psc01"

                ]

            },

            "managing_esxi_or_vc": {

                "hostname": "esx01.local",

                "username": "root",

                "password": "pass"

            },

            "vc_appliance": {

                "hostname": "vcentermanagement01",

                "username": "administrator@vsphere.local",

                "password": "pass",

                "root_password": "pass"

            },

            "ad_domain_info": {

                "__comments": [

                    "Important Note: This section is needed only when PSC (Platform Services Controller) appliance is joined to a domain.",

                    "Remove this section if PSC appliance is not joined to a domain.",

                    "Keeping this section without valid values results in JSON validation errors."

                ],

                "domain_name": "pr.local",

                "username": "user",

                "password": "pass"

            }

        }

}

 

 

10. Go to \vcsa-converge-cli\win32

11. Run "vcsa-util.exe converge --no-ssl-certificate-verification --backup-taken --verbose D:\Support\converge.json"

12. When the procedure has been completed, type y to reboot the appliance. After rebooting the vCSA, the converge process has been completed

!Hint: on successful converge after login to the VAMI interface of vCenter you should see "Type: vCenter Server with an embedded Platform Services Controller"

13. Configure the backup of the VCSA using the VAMI interface:

14. Reconfigure the NSX Manager configuration: https://10.10.10.30/home.html#/manage/components/vshield > Manage vCenter Registration > Edit > Repoint to the new embedded PSC (yourvcenter.local)

15. Reconfigure the Usage Meter: https://usagemeter01.local:8443/um/ > Products > Show Inactive vCenter Servers > Activate vcentermanagement01.local > Un-check External PSC > Save.

16. Repeat the steps above for VCR

17. Shut down the PSC machine and disconnect the virtual adapters

18. Enable vCenter in vCloud Director.

 

https://kb.vmware.com/s/article/59508

https://kb.vmware.com/s/article/59907

https://kb.vmware.com/s/article/68052

https://kb.vmware.com/s/article/68086

https://kb.vmware.com/s/article/68159

https://kb.vmware.com/s/article/70420

https://kb.vmware.com/s/article/70781

https://kb.vmware.com/s/article/74678

Kategórie: VMware

NSX-V Segment ID Pool Migration

VMware Documents - Št, 03/05/2020 - 10:15

This procedure is based on KB 57844
When you have overlapping segment ID Pool range in a specific environment (one vCenter server) with another environment (second vCenter server) this is the full process how to migrate the current working objects (VMs, NSX Edges, Logical Routers, Logical Switches) to a new Segment ID Pool:


I. Prerequisite

0. Put monitoring suppression for vCD Cells, vCenter server and NSX Manager

1. Upgrade all components to 6.4.4: NSX Manager, NSX Controllers, host agents, Edge Gateways

2. Stop the backups (if they are using the vCenter server API)

3. Setup Postman

3.1. Download and start Postman

3.2. Create a request

3.3. Headers > Key "Content Type" > Value "application/xml"

3.4. Authorization > Basic Auth > username "admin" > password

3.5. File > Settings > Turn off "SSL Certificate Verification"

4. Stop the vCenter server operations from vCD: login vCD (https://yourowncloud.com): Manage & Monitor > vCenters > Right click on the vCenter server > Disable

5. Change cluster DRS configuration from Fully Automated to Manual

6. Gather information (with PowerShell) in CSV file, about all NSX objects which will be migrated: Logical Switches, Logical Routers, Edges, VMs, etc. (script bellow just collect data):

[CmdletBinding(PositionalBinding=$false)] Param ( [parameter(Position= 0, Mandatory = $false)] [string]$VIServer = "YOURCLOUDVCR01.local", [string]$PathExportNsxLogicalSwitch     = "C:\Support\Scripts\NSX\NSXReport.csv", [string]$PathExportNsxLogicalRouter     = "C:\Support\Scripts\NSX\NSXLogicalRouter.csv" ) begin {     If ( ! (Get-module PowerNSX )) {     Import-Module PowerNSX     } # connecting to the NSX server $connection = Connect-NSXServer -vCenterServer $VIServer $defaultNsxConnection = $connection $defaultViServer = $connection.viConnection } process { # Getting NSX Edge information $getEdge = get-nsxedge |Get-NsxEdgeInterface $edge = $getEdge | select name,edgeId,portgroupName $edgeEdgeSub = $getEdge | Get-NsxEdgeSubInterface # Getting NSX Logical Router information $getNsxLogicalRouter = Get-NsxLogicalRouter | Get-NsxLogicalRouterInterface | select connectedToId,logicalRouterId,connectedToName,type     $output =    foreach ( $ls in Get-NsxLogicalSwitch ) {         $pg = $ls | Get-NsxBackingPortGroup         foreach ( $portgroup in $pg) {             $vm = $portgroup| Get-VM             foreach ( $virtualmachine in $vm) {                     $vlookup = $edge | where {$_.portgroupName -like $ls.name}                     $vlookupEdgeSub = $edgeEdgeSub | where {$_.logicalSwitchName -like $ls.name}                     $VMdetails = (get-vm $virtualmachine.name | Get-NetworkAdapter | where {$_.NetworkName -like $portgroup.name})                  [pscustomobject]@{                     "vCenter" = $defaultViServer.name                     "NSX" = $defaultNsxConnection.server                     "LS_ObjectID" = $ls.objectId                     "LS_Name" = $ls.name                     "LS_vdnId" = $ls.vdnId                     "EdgeID" = $vlookup.edgeId                     "EdgeVNIC" = $vlookup.name                     "EdgeTrunk_LS_ID" = $vlookupEdgeSub.logicalSwitchId                     "EdgeTrunk_LS_Name" = $vlookupEdgeSub.logicalSwitchName                     "EdgeTrunk_LS_isConnected" = $vlookupEdgeSub.isConnected                     "LS_tenantId" = $ls.tenantId                     "BackingPortGroup" = $portgroup.name                     "VirtualMachine" = $virtualmachine.name                     "VirtualMachineNICname" = $VMdetails.name                     "VirtualMachineNICmac" = $VMdetails.MacAddress                  } # END pscustomobject             }         }     } $getNsxLogicalRouter | export-csv $PathExportNsxLogicalRouter -NoTypeInformation $output | export-csv $PathExportNsxLogicalSwitch -NoTypeInformation } end {    Disconnect-NsxServer }

 

II. Migration

1. Create a new non overlapping Segment Range using Postman (Body > raw):

POST https://10.10.10.40/api/2.0/vdn/config/segments <segmentRange> <name>DATACENTER</name> <begin>10001</begin> <end>20000</end> </segmentRange>

 

# Note the segment range “id” (lets call it newRangeId) returned in response payload.

 

2. # GET segments will also return segment range "id" using Postman:

GET https://10.10.10.40/api/2.0/vdn/config/segments

 

it will return <newRangeId> here

example output:

 

<segmentRanges>

  <segmentRange>

    <id>1</id>   <- this is the ID to use in step 4.

    <name>5000-5999</name>

    <begin>5000</begin>

    <end>5999</end>

    <isUniversal>false</isUniversal>

    <universalRevision>0</universalRevision>

  </segmentRange>

</segmentRanges>

 

3. Disconnect Edges, VMs, vNIC from the dvpg (LogicalSwitch) by following the steps bellow:

3.1. Before any deletion every logical switch connection should be write down (VMs, Edges):

3.1.1. Home > Network and Security > Logical Switches > take screenshot of Logical Switch ID, Segment ID, Name > Click on the logical switch > Related Objects > take screenshot of Edge tab, VMs tab

3.1.2. Home > Network and Security > Edge Gateways > Click on the Edge (or Logical Router) > Manage > Settings > Interfaces (take a screenshot & write down the information inside the edit menu)

3.1.3. Based on the logical switch ID go to network port group and take a screenshot of the VMs: Home > Networking > portgroup name > VMs

3.2. Remove and disconnect the related objects:

3.2.1. Home > Network and Security > Logical Switches > Select each logical switch > Related Objects > Actions > Remove VM > Select all the VMs in the list > Remove

# DisconnectNic is taken from   PowerNSX module function DisconnectNic {                     param (         $nic,         $WaitTimeout = 90     )                     #See NSX API guide 'Attach or Detach a Virtual Machine from a Logical Switch' for     #how to construct NIC id.     $vmUuid = ($nic.parent | get-view).config.instanceuuid     $vnicUuid = "$vmUuid.$($nic.id.substring($nic.id.length-3))"                     #Construct XML     $xmldoc = New-Object System.Xml.XmlDocument     $xmlroot = $xmldoc.CreateElement("com.vmware.vshield.vsm.inventory.dto.VnicDto")     $null = $xmldoc.AppendChild($xmlroot)     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "objectId" -xmlElementText $vnicUuid     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "vnicUuid" -xmlElementText $vnicUuid     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "portgroupId" -xmlElementText ""                     #Do the post     $body = $xmlroot.OuterXml     $URI = "/api/2.0/vdn/virtualwires/vm/vnic"     if ( $confirm ) {         $message  = "Disconnecting $($nic.Parent.Name)'s network adapter from a logical switch will cause network connectivity loss."         $question = "Proceed with disconnection?"                         $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]         $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))         $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))                         $decision = $Host.UI.PromptForChoice($message, $question, $choices, 1)     }     else { $decision = 0 }     if ($decision -eq 0) {         Write-Progress -Activity "Processing" -Status "Disconnecting $vnicuuid from logical switch"         $response = invoke-nsxwebrequest -method "post" -uri $URI -body $body -connection $connection         Write-Progress -Activity "Processing" -Status "Disconnecting $vnicuuid from logical switch" -Completed                         $job = [xml]$response.content         $jobId = $job."com.vmware.vshield.vsm.vdn.dto.ui.ReconfigureVMTaskResultDto".jobId                         Wait-NsxGenericJob -Jobid $JobID -Connection $Connection -WaitTimeout $WaitTimeout -FailOnTimeout:$FailOnTimeout                     } } #vCenter Connection and Path to file $VIServer = "YOURCLOUDVCR01.local" $connection = Connect-NSXServer -vCenterServer $VIServer $defaultNsxConnection = $connection $defaultViServer = $connection.viConnection # Point to the CSV file generated from the script above !!! $Import = import-csv C:\Support\Scripts\NSX\NSXReport.csv # Put the current Virtual Wire you are working on $virtualwire = "virtualwire-01" $pathToVMList = $Import | where {($_.LS_ObjectID -eq $virtualwire) -and ($_.VirtualMachine -notlike "vse-*")} # disconnect VM from Logical Switch (there is a 100 sec timeout) foreach ($vm in $pathToVMList){ $VirtualMachineNic = get-vm $VM.VirtualMachine | Get-NetworkAdapter | where {$_.NetworkName -eq $VM.BackingPortGroup} DisconnectNic -nic $VirtualMachineNic  -WaitTimeout 100 }

 

3.2.2. Home > Network and Security > NSX Edges > Double Click on the Edge (or Logical Router) > Manage > Settings > Interfaces (take the name of the logical switch) usually vNIC 1 > Select (radio button) > Disconnect > Confirm "Yes" > wait till Pending Job finish.

 

When disconnecting edges with High Availability configured, do remember to check and ensure HA is not configured on a logical switch also. (if the HA configuration is vNic "Any" there is no need to change anything)

 

Note: if you have only one connected interface you should connect another one and then disconnect the original one which should be migrated. After the migration connect back the original one and delete the temporary one.

 

4. Move each logical switch from the old segment range to new segment range.

This API needs virtualwire-id and rangeId as inputs which can be taken from the get-NSXinfo report. API payload is empty (on success the status code of the request will be "200 OK"):

 

PUT https://10.10.10.40/api/2.0/vdn/virtualwires/virtualwire-100/segmentreconfig/<newRangeId>

 

===

Try this in case of an error: POST "https://10.10.10.40/api/2.0/vdn/virtualwires/virtualwire-40/backing?action=remediate

===

 

5. ONLY for Logical routers:

5.1. POST https://10.10.10.40/api/4.0/edges/{edge-id}?action=vdridreconfig&vdnRangeId=<newRangeId>

Output: 204 (No Content)

 

6. Go to Home > Network and Security > NSX Edges > Double Click on the Edge > Manage > Settings > Interfaces and then reconnect the interface that was disconnected (wait till Pending Job finish)

 

7. Redeploy the migrated edge/logical router

 

8. Check if the new configuration for each logical router is pushed to the host with net-vdr  - "net-vdr -L -l edge-113 more"

#http://www.enterprisedaddy.com/2018/04/how-to-execute-script-remotely-on-esxi-hosts/ # C:\Support\plink.exe is needed. # add info $root = "root" $Passwd = "  add password here   " $esxlist = " add servers here", "add servers here" $edge = "edge-123" # "edge-100" # work $cmd = "net-vdr -L -l $edge" $plink = "echo y | C:\Support\plink.exe" $remoteCommand = '"' + $cmd + '"' $outResult = foreach ($esx in $esxlist) {     Connect-VIServer -Server $esx -User  $root -Password $Passwd > $null     # Write-Host -Object "starting ssh services on $esx"     $sshstatus = Get-VMHostService  -VMHost $esx | Where-Object { $psitem.key -eq "tsm-ssh" }     if ($sshstatus.Running -eq $False) {         Get-VMHostService | Where-Object { $psitem.key -eq "tsm-ssh" } | Start-VMHostService     }     # Write-Host -Object "Executing Command on $esx"     $output = $plink + " " + "-batch -ssh" + " " + $root + "@" + $esx + " " + "-pw" + " " + $Passwd + " " + $remoteCommand     $message = Invoke-Expression -command $output     [PSCustomObject]@{         Name = $esx         Vxlan = ($message | Select-String -Pattern "Vxlan:").ToString().split("Vxlan:")[-1]     }        Disconnect-VIServer -Server $esx -Confirm:$false } $outResult

 

9. Home > Network and Security > Logical Switches > Select each logical switch > Related Objects > Actions > Add VM > Search for the name of the VM > Select the VM > Click the right arrow > Next > Select the appropriate network adapter > Next > Finish

# connect foreach ($vm in $pathToVMList){ $VirtualMachineNic = get-vm $VM.VirtualMachine | Get-NetworkAdapter | where {($_.MacAddress -eq $VM.VirtualMachineNICmac) -and ($_.Name -eq $VM.VirtualMachineNICname)} Connect-NsxLogicalSwitch -NetworkAdapter $VirtualMachineNic -LogicalSwitch (Get-NsxLogicalSwitch -Name $VM.LS_Name) -WaitTimeout 100 }

 

10. After we migrate all Logical Switches and routers (on success the status code of the request will be "200 OK"):

DELETE https://10.10.10.40/api/2.0/vdn/config/segments/<oldRangeId>

 

11. Enable the integration between the vCD and the vCenter: login to vCD > Manage & Monitor > vCenters > Right click on the vCenter server > Enable

 

12. Change the cluster DRS from "Manual" to "Fully Automated"

 

===========================================

Backout plan:

1. Login vCD (https://yourowncloud.com): Manage & Monitor > vCenters > Right click on the vCenter server > Disable

2. Login to https://YOURCLOUDVCR01.local

3. Disconnect Edges, VMs, vNIC from the dvpg (LogicalSwitch) by following the steps bellow:

3.1. Before any deletion every logical switch connection should be write down (VMs, Edges):

3.1.1. Home > Network and Security > Logical Switches > take screenshot of Logical Switch ID, Segment ID, Name > Click on the logical switch > Related Objects > take screenshot of Edge tab, VMs tab

3.1.2. Home > Network and Security > Edge Gateways > Click on the Edge (or Logical Router) > Manage > Settings > Interfaces (take a screenshot & write down the information inside the edit menu)

3.1.3. Based on the logical switch ID go to network port group and take a screenshot of the VMs: Home > Networking > portgroup name > VMs

3.2. Remove and disconnect the related objects:

3.2.1. Home > Network and Security > Logical Switches > Select each logical switch > Related Objects > Actions > Remove VM > Select all the VMs in the list > Remove

# DisconnectNic is taken from PowerNSX module function DisconnectNic {                     param (         $nic,         $WaitTimeout = 90     )                     #See NSX API guide 'Attach or Detach a Virtual Machine from a Logical Switch' for     #how to construct NIC id.     $vmUuid = ($nic.parent | get-view).config.instanceuuid     $vnicUuid = "$vmUuid.$($nic.id.substring($nic.id.length-3))"                     #Construct XML     $xmldoc = New-Object System.Xml.XmlDocument     $xmlroot = $xmldoc.CreateElement("com.vmware.vshield.vsm.inventory.dto.VnicDto")     $null = $xmldoc.AppendChild($xmlroot)     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "objectId" -xmlElementText $vnicUuid     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "vnicUuid" -xmlElementText $vnicUuid     Add-XmlElement -xmlRoot $xmlroot -xmlElementName "portgroupId" -xmlElementText ""                     #Do the post     $body = $xmlroot.OuterXml     $URI = "/api/2.0/vdn/virtualwires/vm/vnic"     if ( $confirm ) {         $message  = "Disconnecting $($nic.Parent.Name)'s network adapter from a logical switch will cause network connectivity loss."         $question = "Proceed with disconnection?"                         $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]         $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))         $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))                         $decision = $Host.UI.PromptForChoice($message, $question, $choices, 1)     }     else { $decision = 0 }     if ($decision -eq 0) {         Write-Progress -Activity "Processing" -Status "Disconnecting $vnicuuid from logical switch"         $response = invoke-nsxwebrequest -method "post" -uri $URI -body $body -connection $connection         Write-Progress -Activity "Processing" -Status "Disconnecting $vnicuuid from logical switch" -Completed                         $job = [xml]$response.content         $jobId = $job."com.vmware.vshield.vsm.vdn.dto.ui.ReconfigureVMTaskResultDto".jobId                         Wait-NsxGenericJob -Jobid $JobID -Connection $Connection -WaitTimeout $WaitTimeout -FailOnTimeout:$FailOnTimeout                     } } #vCenter Connection and Path to file $VIServer = "YOURCLOUDVCR01.local" $connection = Connect-NSXServer -vCenterServer $VIServer $defaultNsxConnection = $connection $defaultViServer = $connection.viConnection # csv file from get-NSXinfo $Import = import-csv C:\Support\Scripts\NSX\NSXReport.csv $virtualwire = "virtualwire-60" $pathToVMList = $Import | where {($_.LS_ObjectID -eq $virtualwire) -and ($_.VirtualMachine -notlike "vse-*")} # disconnect foreach ($vm in $pathToVMList){ $VirtualMachineNic = get-vm $VM.VirtualMachine | Get-NetworkAdapter | where {$_.NetworkName -eq $VM.BackingPortGroup} DisconnectNic -nic $VirtualMachineNic  -WaitTimeout 100 }

 

3.2.2. Home > Network and Security > NSX Edges > Double Click on the Edge (or Logical Router) > Manage > Settings > Interfaces (take the name of the logical switch; e.g. dvs.....) usually vNIC 1 > Select (radio button) > Disconnect > Confirm "Yes" > wait till Pending Job finish.

 

When disconnecting edges with High Availability configured, do remember to check and ensure HA is not configured on a logical switch also. (if the HA configuration is vNic "Any" there is no need to change anything)

 

4. Move each logical switch from the old segment range to new segment range.

This API needs virtualwire-id and rangeId as inputs which can be taken from the get-NSXinfo report. API payload is empty (on success the status code of the request will be "200 OK"):

 

PUT https://10.10.10.40/api/2.0/vdn/virtualwires/virtualwire-100/segmentreconfig/<newRangeId>

 

===

Try this in case of an error: POST "https://10.10.10.40/api/2.0/vdn/virtualwires/virtualwire-40/backing?action=remediate

===

 

5. ONLY for Logical routers:

5.1. POST https://10.10.10.40/api/4.0/edges/{edge-id}?action=vdridreconfig&vdnRangeId=<newRangeId>

 

6. Go to Home > Network and Security > NSX Edges > Double Click on the Edge > Manage > Settings > Interfaces and then reconnect the interface that was disconnected (wait till Pending Job finish)

 

7. Redeploy the migrated edge/logical router

 

8. Check if the new configuration for each logical router is pushed to the host "net-vdr -L -l edge-113 more"

#http://www.enterprisedaddy.com/2018/04/how-to-execute-script-remotely-on-esxi-hosts/ # C:\Support\plink.exe is needed. # add info $root = "root" $Passwd = "  add password here   " $esxlist = " add servers here", "add servers here" $edge = "edge-123" # "edge-117" # work $cmd = "net-vdr -L -l $edge" $plink = "echo y | C:\Support\plink.exe" $remoteCommand = '"' + $cmd + '"' $outResult = foreach ($esx in $esxlist) {     Connect-VIServer -Server $esx -User  $root -Password $Passwd > $null     # Write-Host -Object "starting ssh services on $esx"     $sshstatus = Get-VMHostService  -VMHost $esx | Where-Object { $psitem.key -eq "tsm-ssh" }     if ($sshstatus.Running -eq $False) {         Get-VMHostService | Where-Object { $psitem.key -eq "tsm-ssh" } | Start-VMHostService     }     # Write-Host -Object "Executing Command on $esx"     $output = $plink + " " + "-batch -ssh" + " " + $root + "@" + $esx + " " + "-pw" + " " + $Passwd + " " + $remoteCommand     $message = Invoke-Expression -command $output     [PSCustomObject]@{         Name = $esx         Vxlan = ($message | Select-String -Pattern "Vxlan:").ToString().split("Vxlan:")[-1]     }        Disconnect-VIServer -Server $esx -Confirm:$false } $outResult

 

9. Home > Network and Security > Logical Switches > Select each logical switch > Related Objects > Actions > Add VM > Search for the name of the VM > Select the VM > Click the right arrow > Next > Select the appropriate network adapter > Next > Finish

# connect foreach ($vm in $pathToVMList){ $VirtualMachineNic = get-vm $VM.VirtualMachine | Get-NetworkAdapter | where {($_.MacAddress -eq $VM.VirtualMachineNICmac) -and ($_.Name -eq $VM.VirtualMachineNICname)} Connect-NsxLogicalSwitch -NetworkAdapter $VirtualMachineNic -LogicalSwitch (Get-NsxLogicalSwitch -Name $VM.LS_Name) -WaitTimeout 100 }

 

10. Enable the integration between the vCD and the vCenter: login to vCD > Manage & Monitor > vCenters > Right click on the vCenter server > Enable

 

11. Change the cluster DRS from "Manual" to "Fully Automated"

 

===========================================

Impact:

During the migration for each logical switch there will be a short (5-10 minutes) disconnection of the networking for all Edges, Logical Routers and VMs. All related networks which are in the current Logical Segment Pool will lose connection to the migrated logical switch which is in the new Segment ID Pool.

VMs and Edges: is equal to unplug the network cable from a physical server.

===========================================

 

Test Details:

1. Log in into https://YOURCLOUDVCR01.local

2. Go to Network & Security

3. Check the status of the Logical Switch (Logical Switches section)

4. Check the status of the Edges connected to the logical switch (Edge section)

5. Based on the information extracted before the change check the status of the VMs connected to the Logical switch

6. Check the options are in place after refreshing the vSphere Web Client.

7. Go to vCD: https://yourowncloud.com and check the status of the Orgs

8. Go to vCD and check the logs under System

9. Go to vCD: check Stranded Items, Switches & Port Groups, Storage Policies, Datastores, Hosts, Resource Pools, vCenters, Network Pools, External Networks, Edge Gateways, Organization VDCs, Provider VDCs, Cloud Cells, Organizations

10. Check if there are errors/warnings on cluster level for the tenant which was migrated

11. Check each host which is part of the tenant cluster if there are errors in: /var/log/vmkernel.log (Use Log Insight)

12. Manually move several VMs in the vCenter server and check if there are warnings/errors in the tenant cluster

13. Wait DRS to automatically move some VMs from one host to another and check for warnings/errors in the tenant cluster

14. Check again the status of the VMs and the Edges inside the vCD

Kategórie: VMware

IMG_7694.HEIC

VMware Documents - Št, 02/27/2020 - 22:26
Kategórie: VMware

AWS EC2 Backup with NAKIVO Backup & Replication

VMware Documents - St, 02/26/2020 - 14:14

Consistently having all of your data backed up is of the highest priority. NAKIVO Backup & Replication offers advanced backup capabilities for reliable and robust protection of your entire AWS EC2 environment. Its many benefits include automated policy-based backup, intuitive interface, fast and easy setup process, and much more. NAKIVO Backup & Replication guarantees a high level of security for every single byte that is stored in backups as well as their successful recovery.

Below, you can find a step-by-step guide on how to protect your AWS EC2 instances with NAKIVO Backup & Replication.

 

7 steps total

 

Step 1. Create a new backup job

Start by creating a new backup job for Amazon EC2. Click on the Create button and select the Amazon EC2 backup job.

 

Step 2. Select the source for backup

The next step is to choose the EC2 instances you wish to back up. Select the Amazon EC2 account that should already be added to inventory, tick the necessary options, and click Next.

 

 

Step 3. Select the destination location

At this step, you need to choose the destination location for storing your Amazon EC2 backups.

By clicking on Advanced Options, you can access the configuration of the selected backup repository.

 

 

Step 4. Schedule backup jobs

You can run jobs on-demand or you can schedule the time at which the backup job will be performed. The choice depends on the amount of new data that is added to AWS EC2 instances daily or weekly.

 

Step 5. Select a retention policy

It’s time to choose how many recovery points you wish to keep and for how long. With NAKIVO Backup & Replication, you can save up to 4,000 recovery points for each backup job.

 

 

Step 6. Configure additional options and Finish

At the final step, you can name the job, and decide whether application-aware mode, encryption, or network acceleration should be enabled. You have the option of leaving the default settings and running the job, or, you can adjust options based on your needs to make the backup process more efficient. If you would like to start the backup job right away, click the Finish & Run button. If you wish to save the job and let it start at the time you have scheduled it, click the Finish button.

 

 

Step 7. View and manage jobs

You can see all  AWS EC2 backup jobs in the main window of NAKIVO Backup & Replication. View, manage and update the job settings whenever you need, and keep all data protected on a regular basis.

 

 

Conclusion

Create a high-performance AWS EC2 backup by installing NAKIVO Backup & Replication - one of the best backup solutions on the market, and get the most from global data deduplication, compression, swap data exclusion, and log truncation, as well as automating AWS EC2 backups by setting up policy-based backup jobs.

 

References:

Kategórie: VMware

VxRail:クラスター全体でvSphere HAを再構成する

VMware Documents - Ne, 02/23/2020 - 01:15

vSphere HAが有効なクラスタ環境の場合、ESXiホストにHAに関する警告が表示される場合があります。

このような場合、発生した警告からVMwareナレッジを検索し、対処を行うことになります。

ただ、ESXiを右クリック「vSphere HA用に再構成」では解消されない場合があり、

そのような場合についてはクラスタ全体としてvSphere HAを再構成する方法が有効です。

 

以下にその方法を画像付きで紹介したいと思います。

 

vSphere Web Client
  1. vCenter Web Clientにログインします。
  2. インベントリを「ホストおよびクラスタ」に切り替えます。

  3. クラスタを選択し「管理」タブ「設定」からvSphere HAの「編集」ボタンを表示します。

  4. 編集をクリックすることでクラスタの「設定の編集」ウィザードが表示されます。

  5. 「Turn on vSphere HA」のチェックを外し、ウィザード下部の「OK」ボタンをクリックします。

  6. クラスタの再設定タスクが完了するまで待機します。

     

  7. 再度クラスタの「設定の編集」画面から「Turn on vSphere HA」をチェックし、「OK」をクリックします。

  8. vSphere HAの再設定タスクが実行されるので完了まで待機します。

 

上記がWeb ClientでのvSphere HAの再構成の手順となります。

 

 

vSphere Client(HTML5 Client)

 

  1. vCenter のHTML 5 Clientにログインします。
  2. インベントリを「ホストおよびクラスタ」に切り替えます。

  3. クラスタを選択し「設定」からvSphere HAの「編集」ボタンを表示します。

  4. 「編集」ボタンをクリックすることでクラスタの「設定の編集」ウィザードを表示します。

  5. 「vSphere HA」スライドクリックし(緑からグレー)、「OK」をクリックします。

  6. クラスタの再設定タスクが完了するまで待機します。

  7. 再度クラスタの「設定の編集」画面から「vSphere HA」スライドをクリックし(グレーから緑)、「OK」をクリックします。

  8. クラスタの再設定タスクが完了するまで待機します。

 

上記がvSphere Client(HTML5 Client)でのHA再構成の手順となります。

 

HAに関する警告が解消されるかご確認ください。

Kategórie: VMware

Initial password does not work post deploying NSX-T Autonomous Edge client

VMware Documents - Št, 02/20/2020 - 07:56

Post deploying NSX-T Autonomous Edge client, specified password (during wizard) does not work and below error is seen on console.

 

 

This document talks about resetting the password without redeploying the appliance.

 

Login with root and enter default password vmware ; you will be prompted to enter the current password followed by new password. In my example password was VMware@12345

 

 

Post entering the password, it will auto-login.

 

 

Let's change the admin password and then reboot the appliance. To reset password for admin account we need to run below command and enter new password.

 

 

Now reboot the appliance. The password notification should not come up and you will be able to login with new credentials.

Kategórie: VMware

VMware LEarning Platform: Compatibility checker

VMware Documents - Po, 02/10/2020 - 11:51

VMware Learning Platform is a cutting edge application that uses some newer features that may not be supported by your browser. VLP gives an option to run a compatibility check when user starts the lab.

 

This can be enabled by tenant administrators from Tenant Settings -> General options – “Auto run compatibility checker when user starts the lab”. If enabled, when a user starts a lab, the system prompts the user to choose whether to run a compatibility check. When run, the compatibility check shows and saves a report.

 

Below parameters are verified when a Compatibility check is run by a user:

  • Cookies are a basic feature of the web used on most web sites. This application uses cookies to keep you logged in and track your active session.
  • Web Storage (localStorage and sessionStorage) an HTML5 feature that provides the ability to store some semi-persistent information on your computer. Web Storage is used throughout the application to save information that improves your experience.
  • Canvas is an HTML5 feature that enables dynamic generation of images in your browser. This application requires Canvas. This application requires Canvas.
  • WebSocket is an HTML5 feature enables websites to communicate over a full-duplex network channel. This application requires WebSockets.
  • A Web Proxy is a server that acts as an intermediary for requests from clients (browsers) seeking resources from other servers. This application works best when a web proxy is not used.

 

  • Supported Browsers:
    • FireFox 13+
    • Chrome 18+
    • Safari 6+
    • Internet Explorer 11
    • Microsoft Edge

 

  • Supported Devices:
    • Apple iPad

 

  • Bandwidth:

          The speed test will help us evaluate any potential performance issues you are having with VMware Learning Platform that may be related to network bottlenecks. The test will be run three           times, connecting to a different server each time. It first tests latency (network delay) and then speed (network bandwidth).

 

         

 

  • Recommended Scores

           Latency - A good latency score would be less than 300 ms; the lower the better

           Speed - A good speed score would be greater than 1.5Mb/s; the higher the better

Kategórie: VMware

VMware Learning Platform: SpeedTest and Troubleshooting Console Slowness

VMware Documents - Po, 02/10/2020 - 11:37

Although the VMware Learning Platform (VLP) has been optimized for world class performance, sometimes users could experience slowness due to latency in their network.

Students can use VLP’s built in Speedtest tool, and Tenant Administrators can enable Console connection monitoring to narrow down the issue.

 

The speed test can be accessed from below location (use applicable tenant name):

http://learningplatform.vmware.com/tenant_name/speed-test/

 

The speed test will assist in evaluating any potential performance issues you are experiencing which could be related to network bottlenecks. The test is run three consecutive times, connecting to a different server each time. Latency (delay) is tested first, followed by speed (bandwidth).

 

Recommended Scores :

Latency - A good latency score would be less than 300 ms; the lower the better.

Speed - A good speed score would be greater than 1.5Mb/s; the higher the better.

 

If you are experiencing any issues, please do the below in an effort to alleviate:

  • Clear your browser cache and cookies.
  • Pause / avoid using high bandwidth consuming applications like Video streaming, web conferencing, downloads, system updates, etc.
  • If you are on a wireless network and there are potential issues due to range, try switching to a LAN (wired) network.
  • Disconnect from any VPN network (if applicable).
Kategórie: VMware

VMware Learning Platform Drag and Drop Feature

VMware Documents - Po, 02/10/2020 - 11:31

VMware Learning Platform now has a drag and drop feature. The feature allows an end-user, someone taking Lab, to drag text from the lab’s instructional manual and drop it into a field in the lab console.

To use the Drag/Drop feature:

  1. Select some text in the manual. The Grab icon appears.
  2. Drop the text into the appropriate lab console.

Consider, the following example from HOL Lab: HOL-2085-01-EMT - VMware Learning Platform - Interactive Quick Demo on page no. 16, the manual instructs the end user to “LOG INTO USER INTERFACE”.  Using Drag/Drop you can simply drag your username (user@vlp.com) from the manual and drop it into the username field on the lab console and likewise, drag your password (VMware1!)and drop it into the password field.

See the Drag and Drop feature in action :

Kategórie: VMware

C:\Windows\Temp\vmware-viewcomposer-ga-new.log file is not present on instant clone VM with Horizon View 7.11

VMware Community - Po, 02/10/2020 - 08:39

I'm able to instant clone VMs using View Connection Server 7.11 and View Agent 7.11 . I have cloneprep power-off script added in View pool settings. But looks clonePrep script is not working as expected. I want to debug issue why the script is not using by checking the vmware-viewcomposer-ga-new.log file. But the file is not generating on VM at location  C:\Windows\Temp\ . I already set cloneprep.debug.mode = "ON" on the master VM image and took snapshot with these settings.  I have vGPU assigned to the master image. I have checked another customer's setup, their also I have not seen vmware-viewcomposer-ga-new.log file. Is the log file location got changed? Why this log file is not generating? I have applied all windows update on VM [Windows 10 RS5 ].

Kategórie: VMware

VCAP-DVC-Deploy - findings

VMware Documents - Pi, 02/07/2020 - 10:20

As I have resumed my journey for VCAP-DCV-Deploy I thought I create a dedicated page here which can help others.

Anyone one contribute to this page. I'm mostly going to give some heads. My Intention is to save your valuable time.

 

To Start

 

  1. vSphere Management Assistance does not work. If you start deploying and start searching forum you will discover it is already end of life last year.
  2. Other option is vCLI. vCLI on windows has not worked for me. It may not be the case for you. Also, resxtop does not work on Windows vCLI
  3. vCLI on Linux work to great extent but again resxtop has not worked for me. Lot of package and dependencies needs to be met. i'm not linux guy, end up spending time doing something else.
  4. If you run esxtop in batch mode, wish to replay using vm-support, it may not work for you and might give "snapshot". Unfortunately ./reconstruct.sh is not longer present in the directory.

 

 

The following are the collections of HOL Labs recommended. Some might be duplicate, I will review and remove. You can also edit it.

 

  1. HOL-1706-SDC-3
  2. HOL-2011-01-SDC – VMware vSphere – Getting Started
  3. HOL-2010-01-SDC – Virtualization 101: Introduction to vSphere
  4. HOL-2011-03-SDC
  5. HOL-1901-02-CMP Optimize Performance and Assess vSphere Configuration and Compliance with vRealize Operations
  6. HOL-1804-02-CHG
  7. HOL-1808-02-CHG
  8. HOL-SDC-1602 – vDS, Content Libraries, Auto Deploy, Host Profiles
  9. HOL-SDC-1627 – VSAN, vVOLS, Storage Policies
  10. HOL-SDC-1604 – Performance
  11. HOL-SDC-1607 – PowerCLI
  12. HOL-1911-01-SDC-MYVMW-HOL
  13. HOL-2004-02-CHG    vSphere Challenge Lab
  14. HOL-2008-02-CHG    vSAN Challenge Lab
  15. HOL-2005-02-HCI    VMware vSphere Virtual Volumes and Storage Policy Based Management
  16. HOL-2004-01-SDC    Mastering vSphere Performance
  17. HOL-2008-91-HCI    vSAN Quick Start - Lightning Lab
  18. HOL-2010-91-SDC    vSphere Distributed Switch - Lightning Lab
  19. HOL-2011-02-SDC    VMware vSphere - Advanced Topics
  20. HOL-2012-01-SDC    VMware vSphere Automation - PowerCLI

 

 

Date: 8th Feb, 2020

 

Apparently the log level are no longer available in vCenter. The syslog log levels were available in SUSE based appliance but Photon things have changed. So the reference blogs settings do not work anymore. Last I heard is that rsyslog is broken in 6.7U3. Might be fixed in the latest version.

Tips

In Powershell, you can ISE. This will help you manipulate text faster.

I think using variables can reduce lot of time e.g. $vm=get-vm <nameofvm>

In hol, in case you are looking for administrator@vsphere.local, it is not. It is administrator@regiona.local and administrator@regionb.local.

Products not available in HOL

vSphere data protection and vSphere replication products are not available in HOL. You can use feature walkthrough for vSphere 6.5

IN

If you are searching for where to change the start up type for vSphere Auto deploy and Image builder service, please use Flash based. In HTML5 it is not available

 

  1. You can take a snapshot of VM with independent disk BUT VM must be powered off
  2. VMware does not support snapshots of VM are using  Bus Sharing. You need in guest agent to take backup.
  3. Also when you using iSCSI initiators in guest OS, snapshot is also not supported.

 

References

1. Amazing blog on Auto Deploy based on 6.5. Link here

 

Reference for Exam objective: VMware Advanced Skills for vSphere Professionals Workshop [V6.7]

Kategórie: VMware

hyper-v crashing

VMware Community - Po, 02/03/2020 - 16:28

Hello, I'm attempting to run Windows 2019 with Hyper-V on ESXI 6.7 with the latest build but having an issue with Hyper-V crashing every 28-29 mins of running.

Kategórie: VMware

Generate ESXi Host EOL report

VMware Documents - Pi, 01/31/2020 - 11:15

<#

        ===========================================

        Created By:   Jason Pierce

        Created on:   31/Jan/2020

        Version:         3.0 (Final)

        NOTE:           The $vCenters and $vmHostModelEolMapping variables need to be edited to include your environment details before running the script

        ===========================================

#>

 

# login to vCenter(s) - use CTRL to select multiple vCenters

$cred = Get-Credential -Message "  ***********  Enter vCenter Credentials  ***********"

 

$vCenters = @(

    "vc1.company.com"

    "vc2.company.com"

    "vc3.company.com"

    "vc4.company.com"

    "vc5.company.com"

    )

 

$selectedVC = $vCenters | Out-GridView -Title "  ***  vCenter Listing - Select required vCenter(s)  ***" -OutputMode Multiple

Connect-VIServer -Server $selectedVC -Credential $cred -ErrorAction SilentlyContinue

 

 

# Server model to EOL date mappings, edit to add/correct dates

$vmHostModelEolMapping = @{

    # Cisco Servers

    "B230-BASE-M2"      = "2020/Jun"

    "C260-BASE-2646"    = "2020/Jun"

    "UCSB-B200-M4"      = "2024/Feb"

    "UCSC-BASE-M2-C460" = "2020/Apr"

    # Dell Servers

    "PowerEdge R630"    = "2018/May"

    "PowerEdge R640"    = "No EOL Published"

    "PowerEdge R710"    = "2016/May"

    # VxRails

    "VxRail E460"       = "2023/05"

    "VxRail P570F"      = "No EOL Published"

    }

 

# Install the ImportExcel module if not already installed and prepare Excel layout@@

If (!(Get-module -ListAvailable "ImportExcel")) {

    Find-Module -Name ImportExcel | Install-Module -Scope CurrentUser

    }

 

$ContainsBlanks = New-ConditionalText -ConditionalType ContainsBlanks

 

$hash = @{

    Path = "C:\Temp\EOLreport.xlsx"

    Show = $true;

    AutoSize = $true;

    AutoFilter = $true;

    ConditionalText = $ContainsBlanks

    ShowPercent = $true;

    #HideSheet = "Sheet1";

    }

 

Remove-Item $hash.Path -ErrorAction Ignore

 

# Collect ESXi Host details for EOL Report

$vmHostAll = Get-VMHost

$i = 1

 

$vmHostAll | ForEach-Object -PipelineVariable vmhost -Process {

    Write-Progress -PercentComplete ($i / $vmHostAll.count * 100) -Activity "Generating Server End Of Life Report" -Status "Getting info on $_"

    $i++

 

    try {

        $esxcli = Get-EsxCli -vmhost $_ -V2 -ErrorAction Stop

        $platform = $esxcli.hardware.platform.get.invoke()

        }

 

    catch {

        Write-Host -ForegroundColor red  "Get-EsxCli failed for $($_.Name)"

        }

 

 

    [pscustomobject] @{

        vCenter          = [System.Net.Dns]::GetHostEntry((Get-View $_ -ErrorAction SilentlyContinue).summary.managementserverip).HostName

        "ESXi Host Name" = $_.Name

        Vendor           = $platform.VendorName

        Model            = $platform.ProductName

        Serial           = $platform.SerialNumber

        EOL              = $vmHostModelEolMapping[$platform.ProductName] -replace "^$", 'Unknown'

        }

 

} | Sort-Object vCenter, "ESXi Host Name" | Export-Excel @hash

Kategórie: VMware

How to extend AppDefense appliance password expiration

VMware Documents - Ut, 01/21/2020 - 08:32

You can extend the password expiration time manually to number of days required for the AppDefense Appliance. If needed, you can also disable the password expiration permanently. Default setting is to expire both ‘admin’ & ‘root’ account password after every 90 days as per VMware’s security policy.

 

 

To change the password expiration to X days as per your organizations security policy below commands can be run on the appliance via SSH session –

sudo chage -I -1 -m 0 -M <X days> -E -1 admin

sudo chage -I -1 -m 0 -M <X days> -E -1 root

Replace the <X days> with the integer value which should be set as password expiration days

 

 

Also, you can disable the password expiration permanently for the AppDefense Appliance. To disable password expiration permanently run the below commands on the appliance

sudo chage -I -1 -m 0 -M 99999 -E -1 admin

sudo chage -I -1 -m 0 -M 99999 -E -1 root

 

 

Happy AppDefending!

Kategórie: VMware

Vulnerabilities management using AppDefense

VMware Documents - Po, 01/20/2020 - 11:20

This feature delivers full suite of capabilities around vulnerability assessment. AppDefense enumerates vulnerabilities on vSphere components, Operating Systems, as well as the applications running on top. As processes execute, AppDefense determines the vulnerabilities associated with that software. This feature requires outbound internet access. In addition to enumerating the vulnerabilities in your environment, AppDefense prioritizes every vulnerability using real-time threat information collected from sensors around the world. AppDefense ingests this feed from Kenna Security, the leader in vulnerability prioritization, to determine the overall risk for your environment.

 

As a vCenter Server administrator, you always want to minimize the emergency downtime. You can now monitor all data center vulnerabilities from the AppDefense plug-in. To enable the vulnerability assessment feature, you should make sure that AppDefense Service (SaaS) subscription and the AppDefense Appliance are connected to AppDefense Service (SaaS).

 

 

AppDefense provides risk score to each vulnerability. The Risk Score combines publicly available CVSS information with proprietary threat data and advanced modeling to produce a metric that accurately represents the risk of a given vulnerability in your data center.

 

https://docs.vmware.com/en/VMware-AppDefense/2.3/install-appdefense-plugin/GUID-E8FD1FBB-1167-434B-89A1-BDE0751D0328.html

 

 

Hosts affected by the vulnerability are listed in the Affected Hosts panel. Click the host and go to the Host > Monitor > AppDefense > Vulnerabilities tab. The AppDefense > Vulnerabilities tab lists all the vulnerabilities affecting that host. Similarly for OS & applications running inside VM vulnerabilities can be found under Windows & Linux OS tab.

 

Happy AppDefending!

Kategórie: VMware

AppDefense log locations

VMware Documents - Po, 01/20/2020 - 10:21

This article describes the locations where AppDefense stores the logs and can help customer to monitor and troubleshoot the AppDefense by using the AppDefense Appliance, vSphere Client, vCenter Server, AppDefense Manager, and other AppDefense components, as needed. You can collect log files using Export logs option from the appliance that can help to troubleshoot any issues with AppDefense.

If you would like to investigate any particular components logs or have them forwarded to a centralized syslog server below logs directories could be useful.

 

AppDefense Appliance –

  • /var/log/appdefense/

 

AppDefense host module –

  • Most recent logs - /var/log/glx.log
  • Rolled over logs - /var/run/log/glx.X.gz

 

AppDefense guest module –

  • Most recent logs - /vmfs/volumes/[datastore]/[vm_name]/vmware.log
  • Rolled over logs - /vmfs/volumes/[vm_name]/ vmware-X.log

 

Happy AppDefending!

Kategórie: VMware

VCAP DTM Exam Experience Sharing.docx

VMware Documents - So, 01/18/2020 - 16:55
Kategórie: VMware
Syndikovať obsah