What are my things I would like to test
The VCF Cloud Foundation Installer makes lives a lot easier! More about this coming very soon
The VCF Operations Console is looking good! I used it in the VCF 9 beta
More about this also later!
William Lam created the vSAN ESA HCL hardware mock VIB for Nested ESXi.
It works great for vSAN ESA or for VCF vSAN ESA Nested nodes.
You can download the needed vib here
A whale ago I found a easy way to the deployment of a VMware SDDC based on vSAN ESA: VCF automated lab deployment with vSAN ESA
It works great. I a few hours you have a working VCF management domain on vSAN ESA.
Sow what about the script
For the Workload domain domain I created de nested ESXi vm’s manually .
And I did some testing for VCF 9 which I created the nested ESXi host also manually.
Configure by hand takes a lot of time. So I did some scripting and I used some code
from: VCF automated lab deployment with vSAN ESA
So I created a script that does the following:
It works great for ESXi Nested nodes (ESXi 8.0u3b and ESXi9.X beta)
You can find the script HERE!!
For my home lab I used for many years the Netgear GS108 unmanaged switch.
I works great.
Because the rest of my home work exist of Ubiquity devices I’ve wanted for a long timo to replace my netgear switch’s with a managed one. But the question was which one?
I used the Flex Mini behind the TV and for my PC and NAS. But not for my “server”.
With the release of the Flex 2.5G Switch it will make my homelab a little futher proof.
I have bought in de past the Synology DS723+ which support 2.5G en 10G with a optinal adapter. I wrote about it here
I have the luck that I don’t need to consult with the WAF ☺ Sow the decision was made quickly
now I can really use VLANs within the various virtualization solutions and keep things separate from each other
My labs are even more realistic because of this upgrade!
For your VCF homelab you wan to keep the resources small with a little bit overhead.
In this post I will talk about how i managed to deploy a VCF Workload Domain with a single NSX Manager, instead of the standard three nsx nodes.
Warning: Use this only in a Homelab!
The trick is to SSH into your SDDC Manager using the vcf user, and the password used during bring-up of the management domain.
When logged in, run su and log in as root using the password used during bring-up.
run: vi /etc/vmware/vcf/domainmanager/application-prod.properties
Hit i in your keyboard to go into insert mode. Go to the end of the file, and append the following:
nsxt.manager.formfactor=medium
nsxt.manager.resources.validation.skip=true
nsxt.manager.cluster.size=1
nsxt.manager.wait.minutes=120
This will make it so that any workload domain you deploy has one NSX Manager, and that it uses a smaller size. Once done, hit ESC in your keyboard, then type :wq and hit enter to save the file. (w = write, q = quit).
Then run systemctl restart domainmanager and you are good to go!
This worked in my nested Cloud Foundation deployment in my lab running 5.2.1.0.
You will still have to fill in the information for the extra nodes in the UI.
When you build your VCF Lab environment you want to create your DNS records automatically. I use for DNS a Windows Server.
The Script:
function ConvertTo-DecimalIP {
param ([string]$ip)
$parts = $ip.Split(‘.’) | ForEach-Object { [int]$_ }
return ($parts[0] -shl 24) + ($parts[1] -shl 16) + ($parts[2] -shl 8) + $parts[3]
}
function ConvertTo-DottedIP {
param ([int]$intIP)
$part1 = ($intIP -shr 24) -band 0xFF
$part2 = ($intIP -shr 16) -band 0xFF
$part3 = ($intIP -shr 8) -band 0xFF
$part4 = $intIP -band 0xFF
return “$part1.$part2.$part3.$part4”
}
$zone = “testlab.nl”
$startip = “192.168.200.10”
$dnsrecords = “vcf-m01-cb01″,”vcf-m01-sddcm01″,”vcf-m01-esx01″,”vcf-m01-esx02″,”vcf-m01-esx03″,”vcf-m01-esx04″,”vcf-w01-esx02″,”vcf-w01-esx03″,”vcf-w01-esx04″,”vcf-w01-esx04″,”vcf-m01-nsx01a”,”vcf-m01-nsx01b”,”vcf-m01-nsx01c”,”vcf-m01-nsx01″,”vcf-w01-nsx01a”,”vcf-w01-nsx01b”,”vcf-w01-nsx01c”,”vcf-w01-nsx01″,”vcf-m01-vc01″,”vcf-w01-vc01″
$count = $dnsrecords.count
# Convert start IP to decimal
$decimalIP = ConvertTo-DecimalIP $startIP
$i = 0
# Loop and print incremented IPs
foreach ($dnsrecord in $dnsrecords) {
$i -lt
$count;
$i++
$currentDecimalIP = $decimalIP + $i
$currentIP = ConvertTo-DottedIP $currentDecimalIP
Add-DnsServerResourceRecordA -Name $dnsrecord -ZoneName $zone -AllowUpdateAny -IPv4Address $currentIP -CreatePtr
Write-Output “DNS record $dnsrecord in $zone with $currentIP is created” -ForegroundColor Green
To very handy command’s when you are building your labs multiple times when using a Windows Server as a DNS Server
I wanted to do it through Powershell but i think this is the easiest way to do.
dnscmd /zoneexport “wardvissers.nl” “wardvissers.nl”
dnscmd /zoneadd “wardhomelab.nl” /primary /file wardhomelab2.nl.dns /load
A whale ago, I started using Packer for creating Windows Templates for using in my home lab.
I blogged about it here: Windows Server 2025 “Preview” deployment with Packer
So now I want to deploy a template with Terraform, which was created earlier by Packer.
First, we need to ensure we have the Terraform downloaded and the vSphere provider Initialized.
I made my life a little easier to create a PowerShell script that downloads the latest version: Download Terraform.ps1
terraform {
required_providers {
vsphere = {
source = “HashiCorp/vsphere”
version = “> 2.11”
}
}
}
provider “vsphere” {
user = vcenter_username
password = vcenter_password
vsphere_server = vcenter_server
# If you have a self-signed cert
allow_unverified_ssl = true
}
Replace ”vcenter_username”, ” vcenter_password” , ”vcenter_server” with your actual vSphere credentials and server address.
Terraform.ps1
# Go to the Terraform download folder
$terraformfolder = ‘d:\automation\terraform\’
Set-Location $terraformfolder
# Download Terraform plugins
.\terraform.exe init
# Test Run
.\terraform.exe plan
# Run Terraform
.\terraform.exe apply
# Clean Up what you created
.\terraform.exe Destroy
Initialize the Terraform Working Directory: Run the following command in your terminal from the directory where your Terraform configuration file is located:
terraform init
This command will download the vSphere provider and initialize your Terraform working directory. It sets up and downloads the necessary provider plugins for Terraform to interact with vSphere.
Verify the Installation: After running `terraform init`, you should see output indicating that the vSphere provider has been successfully installed. You can now proceed to create Terraform configurations to manage your vSphere resources.
Deploy a Template VM within vSphere
In this example, we are deploying a VM running Windows Server 2022.
Terraform Module Structure
Variables.tf
variable “vsphere_user” {
default = “<your_vcenter_username_here>”
description = “vSphere username to use to connect to the environment – Default: administrator@vsphere.local”
}
variable “vsphere_password” {
default = “<your_vcenter_password_here>”
description = “vSphere vCenter password”
}
variable “vsphere_server” {
default = “<your_vcenter_here>”
description = “vSphere vCenter server”
}
variable “datacenter” {
default = “<your_datacenter_here>”
description = “vSphere datacenter”
}
variable “cluster” {
default = “<your_cluster_here>”
description = “vSphere cluster”
}
variable “network” {
default = “<vcenter_network>”
description = “vSphere network”
}
variable “datastore” {
default = “<your_destination_datastore_>”
description = “vSphere datastore”
}
variable “template” {
default = “<your_template_name_here>”
description = “Template VM”
}
variable “customization_specifications” {
default = “<vcenter_customization_specifications>”
description = “Customization Spec”
}
When you run “.\terraform plan” you do a test run to check your coding 
When you run “.\terraform apply” build your virtual machine
Based on: https://vminfrastructure.com/2025/03/11/deploying-a-vm-using-terraform/
It works but it need some tweaking and fixing.
Adding a TPM2.0 security device does not work right now
Server 2025 customization does not work
Using OpenSSL on Any Platform to get the LDAPS Certificate from the AD Server
Using OpenSSL should work with any Active Directory Server platform. (Windows, Linux etc.). I use Windows in my case
Requirements:
Steps:
3. Save the text file as my_ldaps_cert.pem.
The saved certificate can be installed into any software that needs to connect to your Active Directory using LDAPS.
By passing either of the new VCP-VCF level certification exam(s), anyone maintaining an active VMUG Advantage membership can receive 3 years worth of extensive VMware Cloud Foundation licensing for home lab use!
The VMUG Advantage program has offered affordable home lab VMware licensing packages for years, but did cover most over the entire product portfolio.
Last year Broadcom made a change into this.
Option 1: Get vSphere Standard Edition 32 cores for 1 year: Pass one of the following VCP certification exams
Option 2: Get VMware Cloud Foundation (VCF) 128 cores for 3 years: Purchase & Maintain VMUG Advantage, pass the following VCP certification exam.
A VMUG Advantage membership was complimentary for vExperts in 2025
The membership is $210 otherwise, and does include a voucher for a 50% discounted VCP-VCF exam
With the requirements in place, head to the Broadcom “VCP Certification Non-Production Licenses” portal and request licenses.
First post of 2025 it like to start with a good one for me 🙂 .
Very Very Happy with it!!
You must be logged in to post a comment.