All posts by bsier

VLC/VCF Lab Dedicated Server, best value I’ve seen!

The other day I was helping a friend of mine get VLC up and running on his server. When doing some discovery about what hardware he had I learned that it was a dedicated server hosted at OVH. I asked how much he paid per month and was quite surprised at the response. As this is something that we constantly run into… HOW much for a lab to run VCF?! I was surprised enough that I went out and got my own!

Continue reading VLC/VCF Lab Dedicated Server, best value I’ve seen!

Install VCF, Workload Management and Tanzu Kubernetes Cluster in an afternoon

Yes! It’s possible, I’ve done it.. twice, just to make sure :). At the risk of being redundant @Kyle Gleed was instrumental in driving K8’s in VCF consolidate and has a blog post and paper here, @Tom Stephens posted a great blog on Minimalistic VCF 4.0 deployments with Kubernetes, but I’m lazy and like to make things even easier. That is what I am to cover here, There are a lot of steps, and tons of screenshots making this blog post quite lengthy, my apologies.. I’ll learn to split these up!

Continue reading Install VCF, Workload Management and Tanzu Kubernetes Cluster in an afternoon

Multi-NIC, Multi-VDS, vSphere Cluster in VCF 4.0

It seems like a good time to have an update post on Multi-NIC “stuff” in VCF 4.0. Before we get to the creation of the cluster, I think it’s important to go over one of the biggest networking changes in VCF 4.0/vSphere 7.0. With vSphere 7.0 came the introduction of the vSphere Distributed Switch 7.0 and with that, some welcome changes that I haven’t really seen mentioned anywhere.

Continue reading Multi-NIC, Multi-VDS, vSphere Cluster in VCF 4.0

VLC- Expansion Pack – VCF 3.9.1

The expansion pack feature in VLC can be used for a few things;
1) Building nested hosts
2) Expanding your nested VCF implementation!
3) Testing the limits of your hardware <- You know you want to!

In this post we’re going to talk about Building Nested Hosts and I’m sure you’ll be able to figure out how to do the other two things on your own, or I’ll write a blog article on it! Make sure you follow the implementation guide for VLC with regards to PowerCLI and OVFtool versions and settings.

Continue reading VLC- Expansion Pack – VCF 3.9.1

Getting vSphere 6.7U3b up and running on a non-UEFI server

Hi all, I thought I share since I went through this yesterday on my HP DL360p G8 in the lab. It started out with the cheap-o USB stick I had installed ESXi on flaking out.. and for those that have had it happen it can be unnerving to say the least. I couldn’t power down VM’s, make changes to the config, etc… I knew what had likely happened and on a reboot.. well, it never came back.

Continue reading Getting vSphere 6.7U3b up and running on a non-UEFI server

VLC-Build it for me, vRealize Operations deployment – VCF 3.9.1

If you’ve been following the VLC-Build it for me posts you should have VRSLCM up and running. As promised this exercise will be quite a bit shorter due to the work we put in getting VRSLCM built. vRealize Operations gives a view into operations management of both applications and infrastructure and, in the context of VCF, as you grow your solution help you plan, scale, and easily connect new Workload domains and their resources to be included in vROps pervue.

Continue reading VLC-Build it for me, vRealize Operations deployment – VCF 3.9.1

VLC-Build it for me, VRSLCM deployment– VCF 3.9.1

After getting your external access up and running, I’m sure your ready to start deploying some additional solutions! Let’s start with the vRealize suite and that all begins with downloading and deploying VRSLCM – (vRealize Suite Lifecycle Manager). Go ahead and get that queued up and downloading, it’s about 3GB in size and it should be available under the Repository -> Bundles page, click the Download Now button next to the vRealize Suite Lifecycle Manager bundle.

Continue reading VLC-Build it for me, VRSLCM deployment– VCF 3.9.1

VLC – Build it for me, External Access

So you got through all the BGP fun and have a fully deployed VCF instance, congrats! Of course now, you want do add some functionality and get your FULL SDDC on. Thankfully, there are only a few more steps to go and you’re already an expert at this.

The long and short of it is that SDDC manager will need access to https://depot.vmware.com. That means you’ll need outbound network connectivity and DNS resolution. Let’s talk about the outbound network connectivity first.

Continue reading VLC – Build it for me, External Access

Resizing the LCM Volume group on SDDC Manager

One of the users of the VLC (VCF Lab Constructor) had an issue with drive space when attempting to upgrade from VCF 3.9 -> 3.9.1. This has been a problem in previous releases at times as well, so I thought it’d be a good opportunity to post about it. That and I don’t post nearly as often as I want to!

SDDC Manager uses LVM for several of it’s critical mount points. Coupled with the EXT4 filesystem this allows those mounts to be very flexible and non-disruptive when increasing their size.

Continue reading Resizing the LCM Volume group on SDDC Manager

NSX 6.1.3/6.1.4 API Changes and Other Fun Registration Knowledge

regnow

While working on a project I discovered that previous powershell/curl and various rest client REST requests that would register the NSX manager with vCenter and SSO server were no longer working.

For example, against NSX 6.1.2 the following code worked fine Returning a 200:

curl -k -u admin:VMware1! -H 'Accept:application/xml' \
-H 'Content-Type:application/xml' \
-X PUT https://10.0.0.80/api/2.0/services/vcconfig \
-d '<vcInfo> \
     <ipAddress>10.0.0.30</ipAddress> \
     <userName>administrator@sierlab.local</userName> \
     <password>VMware1!</password> \
     <assignRoleToUser>true</assignRoleToUser> \
    </vcInfo>'

With 6.1.3 and 6.1.4 it would return a 403 error with a cryptic error:

<?xml version="1.0" encoding="UTF-8"?>
<error>
  <details>92:4D:D6:A4:C2:C2:39:EE:81:11:AA:A9:8D:0D:1F:17:D0:33:C2:C1</details>
  <errorCode>226</errorCode>
</error>

With help from @voltmer we were able to figure out that the returned error was the certificate thumbprint of the vCenter server.  Turns out you need to pass the thumbprint along with the rest of the payload starting with version 6.1.3.  With the above example, it would look like this:

curl -k -u admin:VMware1! -H 'Accept:application/xml' \
-H 'Content-Type:application/xml' \
-X PUT https://10.0.0.80/api/2.0/services/vcconfig \
-d '<vcInfo> \
     <ipAddress>10.0.0.30</ipAddress> \
     <userName>administrator@sierlab.local</userName> \
     <password>VMware1!</password> \
     <assignRoleToUser>true</assignRoleToUser> \
     <certificateThumbprint>92:4D:D6:A4:C2:C2:39:EE:81:11:AA:A9:8D:0D:1F:17:D0:33:C2:C1</certificateThumbprint> \
    </vcInfo>'

Looking at the API doc’s for NSX this requirement is not noted but this is being addressed.

While I’m at it, there was a additional step required to fully integrate NSX into the WebClient that I didn’t have to do before.  This would be the step of adding a SSO domain user or group and setting a role in NSX.  In vCenter 6.0 if you’ve installed you know that logging in as root the first time get’s you nowhere special.  The administrator@<the sso domain you created on install> has all the power nowadays.   When you register the NSX manager with the vCenter it does not give the user used to register and kind of role within NSX.  When you login to vCenter after registering with the API you can see the Networking and Security Icon, but are unable to see any NSX managers.  Thankfully this is easily rectified by using an additional NSX API call after SSO and vSphere registration:

curl -k -u admin:VMware1! -H 'Accept:application/xml' \
-H 'Content-Type:application/xml' \
-X POST https://10.0.0.80/api/2.0/services/usermgmt/role/administrator@sierlab.local??isGroup:false \
-d '<accessControlEntry> \
     <role>super_user</role> \
    </accessControlEntry>'<br>

Make sure you logout of the webclient and back in to be able to see the NSX manager inside of the Networking and Security -> NSX Managers menu.

FYI, the curl in this article will most likely need some modifying.. I “adjusted” it so it would read better, but don’t know if it will run as is.  If you need the original drop me a line.

Hope this helps!

Links of thanks:

@voltmer (fyi, he hasn’t been active on twitter for some time)