The API for VCF is hands down, one of the most powerful in the industry. Allowing you to accomplish everything from scheduling backups, to rotating certificates and passwords across the deployment, to deploying an NSX Edge Cluster complete with Tier-0 and Tier-1 routers configured!
While the Developer Center is a great place to start and try out API’s, making it part of your enterprise automation/orchestration systems should be the goal. For that you’ll want the VCF API swagger file to import into your API Orchestration engine. While this isn’t able to happen straightaway, it’s easy to complete with just a few simple tweaks.
Keystores contain certificates used by Java-based applications to authenticate and encrypt HTTPS traffic. VMware Cloud Foundation (VCF) leverages a keystore and automates a significant part of the interaction with it. As a result, management of the keystore is often overlooked.
In this article, I’ll discuss the keystore used by VCF, why you would need to manage it, and demonstrate some of the commands you might use.
Most platforms today implement a password aging system that requires a user to change the passwords used within a specific interval or have access automatically disabled. VMware is no different. By default, password aging is enabled on most VMware products, including vCenter, NSX, and so on.
In this article, I’ll discuss what can happen when passwords expire within a VMware Cloud Foundation (VCF) environment and demonstrate how you can avoid issues.
During VCF 4.2 deployment I ran into a new error that I hadn’t see previously. Usually I am using VLC and all the pre-reqs have been taken care of for me. However in this instance I needed to deploy VCF in a nested environment under vCloud Director where VLC wouldn’t work. I loaded up my ESXi hosts and configured their IP/DNS/NTP settings, enabled ntp and ssh, and setup their networks and disks etc. Deployed Cloud Builder and populated my deployment spreadsheet. When I got to the validations after submitting my spreadsheet I ran into the following error:
Securing a VMware Cloud Foundation (VCF) environment can be a daunting task at times. There are several products that can be deployed, and each has specific things that need to be looked at. It’s especially important to think of VCF as a solution though, as actions that you may take on an individual product can impact the functionality of the solution as a whole. Today, however, this just got a bit easier…
You just downloaded the latest version of the VMware Cloud Foundation Lab Constructor (VLC) so you can deploy a nested version of VMware Cloud Foundation in your lab. You’ve read all the articles and followed the directions. You kick off the deployment and…. It fails with a BGP error.
Now what? Today I’ll show you something that might help…
Sometimes.. things just don’t work right, I am writing another blog entry that required me to deploy an edge cluster and well.. I fat fingered an IP address so there was a failure. While it would be nice to just make a change to the submitted configuration, we can’t in this instance. Rather we need to remove and then redeploy the edge cluster. There is a KB for this, but I like visuals to go along with my text so let’s walk through it together!
In the previousparts of this series, I discussed the architecture of the environment and we went through the configuration of pfSense. Now it’s time to get our SDDC deployed in our home lab, using VLC to drive VMware Cloud Foundation.
Building a lab running VCF is made easy through the use of the VCF Lab Constructor (VLC). When run in the ‘automated’ mode, VLC will build out a nested environment and deploy VCF in it. It even abstracts a lot of the networking setup to make it as easy as possible. But what if you want to build out the network manually? In this series of posts, I’ll walk you through doing exactly that!