Thrilled to join the @MyVMUG community at VMUG Connect in Amstedam! I’ll be diving into Minimum 2 Node Homelab Setup and sharing practical insights you can use in your environment. Can’t wait to learn from other members too!
Config a VCF (vSAN ESA) host the Easy Way
A while ago i created: Config vSAN ESA host or VCF ESA vSAN Host the easy way with Config-VSAN-ESA-VCF-Lab-Host Script.
Sow it’s time for a new updated version.
What does the script now:
✅ Disable ipv6
✅ Set DNS domain name
✅ Rename local datastore
✅ Configure NTP
✅ Installs the vSAN ESA Hardware Mock VIB
✅ Installs the Synology NFS Plug-in for VMware VAAI
✅ Installs the Realtek Network Driver for ESXi more information here
I use the 10Gtek 1.25/2.5/5/10GBase-T SFP+ RJ-45 CAT.6a Copper Transceiver on the MS-A2
✅ Configure vSAN DOMNetworkSchedulerThrottleComponent
✅ Generate new certificate on the ESXi host (for the VCF verification check)
✅ Ask are you running Miniforum MS-A2(AMD) host & Then Disable apichv
✅ Enable Memory Tiering
You need to download the vibs separately!
For the installs put the vib’s in the same map as the script
You can download the script: HERE
Powercli Script to update From VMware.Powercli to VCF.Powercli
I made a little script that does the following:
- Check if VMware or VCF PowerCLI is installed and is outdated
- Check if VCF.Powercli is the latest installed
- If VMware.Powercli is installed upgrade to VCF.Powercli
- If VCF Powercli is installed but not the latest version upgrade to VCF to the latest version
You can download the script on my github repository: https://github.com/WardVissers/VCF-Public/blob/main/Check%20Installed%20VCF-Powercli%20Version.ps1
$installedVCFPowercli = Get-InstalledModule VCF.PowerCLI -ErrorAction SilentlyContinue
$installedVMwarePowercli = Get-InstalledModule VMware.PowerCLI -ErrorAction SilentlyContinue
$latestVCFPowercli = Find-Module VCF.PowerCLI -ErrorAction SilentlyContinue
$latestVMwarePowercli = Find-Module VMware.PowerCLI -ErrorAction SilentlyContinue
$OldModules = Get-InstalledModule VMware.* -ErrorAction SilentlyContinue
$OldModules += Get-InstalledModule VCF.* -ErrorAction SilentlyContinu | Where-Object {[version]$_.Version -lt $latestVCF.Version}
Function Uninstall-OldPowercliEditons {
$Total = $OldModules.Count
$Index = 0
foreach ($Module in $OldModules) {
$Index++
$Percent = ($Index / $Total) * 100
Write-Progress `
-Activity "Delete old PowerCLI version" `
-Status "Uninstall version $($Module.Version) ($Index from $Total)" `
-PercentComplete $Percent
try {
Uninstall-Module -Name $Module.name -AllVersions -Force # -ErrorAction silentlycontinue -ErrorVariable +err
Write-Host "🗑 Removed: PowerCLI $($Module.Name) with $($Module.Version)"
}
catch {
Write-Error "❌ Error with deleting PowerCLI $($Module.Version): $_"
}
Start-Sleep -Seconds 1
}
}
if (-not ($installedVMwarePowercli -or $installedVCFPowercli -or $OldModules )) {
"❌ VCF.PowerCLI is not installed"
Install-Module VCF.PowerCLI -AllowClobber -Scope CurrentUser # -SkipPublisherCheck
}
elseif ([version]$installedVCFPowercli.Version -eq [version]$latestVCFPowercli.Version) {
"✅ VCF PowerCLI is up-to-date ($($installed.Version))"
}
elseif ($installedVMwarePowercli) {
"⬆ VMware Powercli is installed needed upgrade to VCF Powercli"
Uninstall-OldPowercliEditons
Write-Host "Uninstall is succes vol" -ForegroundColor Yellow
Install-Module VCF.PowerCLI -AllowClobber -Scope CurrentUser # -SkipPublisherCheck
Write-Host "Install VCF Powercli is succes" -ForegroundColor Green
}
else {
"⬆ VCF Powercli Update beschikbaar $($latestVCFPowercli.Version)"
Uninstall-OldPowercliEditons
Write-Host "Uninstall is succes" -ForegroundColor Yellow
Update-Module -Name VCF.PowerCLI -Force
Write-Host "Update is succes vol" -ForegroundColor Green
}
Setting Up KubeDoom on Kubernetes: A Beginner’s Guide
I followed William Lam’s article about MS-A2 VCF 9.0 Lab: Configuring vSphere Kubernetes Service (VKS)
I don’t have much experience with Kubernetes but wanted to try some new things.
The only container that I have running is Home Assistant on Docker.
Got to try to get Kubedoom working. So I did with the following steps.
Maybe in the near future I’ll try to add more games: Retro DOS Games on Kubernetes
Finally having a Kubernetes cluster version 1.32, which was required for running KubeDoom.
Download kubectl
mkdir d:\kubectl
Extract the downloaded ZIP file and place both executables (kubectl.exe and kubectl-vsphere.exe) in a folder such as: d:\kubectl
.\kubectl version –client
mkdir .kube
cd .kube
New-Item config -type file
.\kubectl vsphere login –server=https://31.31.0.7 –insecure-skip-tls-verify
kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml get pods
kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml apply -f kubedoom.yaml
kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml -n kubedoom get svc
The password to Kubedoom is idbehold
Download VNC Viewer: https://www.realvnc.com/en/connect/download/viewer
This is funny and cool!
Omnissa and the 100Gb Core vSAN license
When you design a new VDI vSAN you have take licensing into account
Some links about the licensing:
Broadcom describes the vSAN licensing in VVF for VDI, https://ftpdocs.broadcom.com/cadocs/0/contentimages/VVF_VDI_SPD_November2024.pdf
You can find more information also here: Omnissa Horizon combined offering with VMware vSphere Foundation for VDI – FAQ (6000381)
So for this test purpose I have 3 x 3.2TB Storage Drives for test.
Sow I have 9.7 TB storage available in a Single node vSAN Cluster
The 100GB “vSAN” Evaluation License comes from the host license! (Licensed for 50years) 
With a 2 x 32 core server I have a total of 64 cores.
With 64 Cores and 100Gb/PerCore license I should not extend more then the raw of 6.4TB.
Wit current raw capacity of 9.6TB I get a error
Alarm is gone after removing 1 Disk from the 9.6 TB vSAN Storage (Left 1 Disk as spare). Storage is now 6.4 TB.
So the conclusion is DON’T go above the RAW Core capacity!!!
For design is the following handy:
Horizon Sizing: The Spreadsheet I Made So I’d Stop Yelling at My Monitor
Fixing LCMVROPCONFIG20013 in VCF 9.0.1
ERROR LCMVROPCONFIG20013 while VCF Operations update from 9.0.0 to 9.01
ERROR LCMVROPCONFIG20013
Installed Tree: apt install tree # tree
File Exsist on the Offline Depot
File Remove from the Binary Management 
Download the upgrade file again
Download the file again: sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VROPS
Pre-staged the VROPS update again
Update successfully
Upgrade VCF to 9.0.1: Setting Up an Offline Depot on Ubuntu
Upgrade VMware VCF 9.0.1: Essential Setting Up an Offline Depot on Ubuntu Instructions
If you are planning to upgrade to latest release of VMware Cloud Foundation (VCF) 9.0.1 and you what to install/upgrade you need to have a offline depot.
I had some struggle with the VCF Fleet upgrades. I thought the VCF installer Offline Depot was sufficient. I seems not.
William Liam did a nice explaining about the options: VCF Software Depot Structure Deep Dive for Install & Upgrade. Which confirms my struggle.
Sow I build my own offline depot
Prerequisites
First, download the required bundle files from the Broadcom VMware portal. This includes:
- vcf-9.0.1.0-offline-depot-metadata.zip (mandatory)
- vcf-download-tool-9.0.1.0.24962179.tar.gz (mandatory)
On the Depot Server (Ubuntu)
Sizing for the disk is minimal 100GB I used 200GB thin Provisiond
I did a Ubuntu install on a 200GB disk (Partition without lvm)
Login
Login with the user account that you create
Sudo passwd root
Vim /etc/ssh/sshd_config
if the following line exists, possibly commented out (with a # in front):
PermitRootLogin
Then change it to the following, uncommenting if needed (remove the # in front):
PermitRootLogin yes
sudo service ssh restart
now you can login als root
Install Apache and tools
Sudo update
sudo apt install apache2 openssl apache2-utils unzip
Create a certificate config file
nano ~/vcf-openssl.cnf
Paste the following:
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
distinguished_name = dn
x509_extensions = v3_req
[ dn ]
C = US
ST = CA
L = LA
O = TS
OU = IT
CN = flt-depot.wardhomelab.nl
emailAddress = a@b.c
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = flt-depot.wardhomelab.nl
IP.1 = 192.168.150.246
Replace the values with your organization’s details.
Generate the certificate
cd /etc/apache2
sudo mkdir ssl
sudo openssl req -x509 -nodes -days 365 \
-newkey rsa:2048 \
-keyout /etc/apache2/ssl/vcf.key \
-out /etc/apache2/ssl/vcf.crt \
-config ~/vcf-openssl.cnf
Create a basic auth user
Sudo htpasswd -c /etc/apache2/.htpasswd vcfadmin
Configure Apache
sudo nano /etc/apache2/sites-available/default-ssl.conf
Paste the following:
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/vcf.crt
SSLCertificateKeyFile /etc/apache2/ssl/vcf.key
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
RequestHeader unset Proxy early
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride None
AuthType Basic
AuthName “VCF Depot”
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
</VirtualHost>
Enable modules and restart Apache
sudo a2enmod ssl headers
sudo a2ensite default-ssl
sudo systemctl restart apache2
Extract the metadata ZIP
Sudo chmod 777 /home
Upload vcf-9.0.1.0-offline-depot-metadata.zip /home/ with Winscp
Sudo unzip vcf-9.0.1.0-offline-depot-metadata.zip -d /var/www/html
Make sure this file exists:
ls /var/www/html/PROD/metadata/productVersionCatalog/v1/productVersionCatalog.json
Remove Index.html
sudo rm -f /var/www/html/index.html
Create your Download token
Create your Download token in de Broadcom portal
Create a token file in /home folder
Upload the VCF download tool
Sudo mkdir /home/vcf-download-tool
Sudo chmod 777 /home/vcf-download-tool
cd /tmp/vcf-download-tool
Upload the tool in /tmp/vcf-download-tool folder
tar -xf vcf-download-tool-9.0.1.0.24962179.tar.gz
sudo reboot
Run the following
Cd /tmp/vcf-download-tool/bin
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –automated-install –type=INSTALL
Download all the appliances
sudo ./vcf-download-tool binaries list –depot-download-token-file=/home/token –vcf-version=9.0.1 –type=INSTALL –sku=VCF
Upgrade
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component SDDC_MANAGER_VCF
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VCENTER
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRSLCM
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VROPS
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component NSX_T_MANAGER
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VCF_OPS_CLOUD_PROXY
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRA
Additional
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRNI
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRLI
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component HCX
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRO
sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VIDB
Upgrade Binaries will be visible
On de SDDC manager
Open de VM console
Login with the root user
Vim /etc/ssh/sshd_config
if the following line exists, possibly commented out (with a # in front):
PermitRootLogin
Then change it to the following, uncommenting if needed (remove the # in front):
PermitRootLogin yes
systemctl restart sshd
Copy vcf.crt
scp root@ftt-depot.wardhomelab.nl:/etc/apache2/ssl/vcf.crt /tmp/vcf.crt
Import the certificate into the Java truststore
sudo keytool -import -trustcacerts -alias vcfDepotCert1 \
-file /tmp/vcf.crt \
-keystore /usr/lib/jvm/openjdk-java17-headless.x86_64/lib/security/cacerts \
-storepass changeit
Reboot
Now u should connect VCF to you offline depot
You want you upgrade to 9.0.1 ivm Edge Issue
Special thanks to vmtechnics for putting me in the right direction
Addressing Edge Server Issues in VCF 9.0 after a Shutdown
After shutting down the VCF 9.0 environment completely, I had 2 strange things.
I followed the shutdown order for the management domain.
Edge servers lost from NIC 2 and NIC 3 the network configuration
Edge Servers did not start, not correctly
I deployed a third edge server. Two new distributed port groups were created.
These are missing for the edge01a and edge01b servers. These should not be deleted/missing after shutdown.
Create a distributed port group with a VLAN trunk
Set NIC 2 and 3 to this network.
Edge Nodes’ Edge Cluster is running fine again 😊
I found this on the Daniel Kruger Blog: https://sdn-warrior.org/posts/vcf9-ms-a2-special/
This is a known issue with VCF 9.0.0: When an edge is created by the Setup Network Connectivity UI, the system-created dvpg consumed by the edge gets deleted when the edge is powered on after 24 hrs. The port group assigned to the NSX Edge uplink has disappeared, making it impossible to use the network through NSX Edge. You can find the release notes here.
Build my lab nested, but not enough resources to do a full upgrade to 9.0.1.
So I build the lab again, but physically. More about that later!
I love testing things; you learn so much!
MS-A2: How a Ubiquity Flex 2.5G skips the 10G check in VCF 9.X
VCF 9 and 9.0.1 require 10GB nic.
I use for my homelab the MS-A2 with the 2 x 10GbE Intel X710 SFP+ (NIC 1 & 2 from the left). It is silent and fast and have enough power to run VCF 9!
So I bought also the 10GbE SFP+ to Copper Transceiver
But when you connect the MS-A2 to USW Flex 2.5G switch on the switch side is 2.5G.
But on the VMware side is 10GB 😊
No need to do the following: Disable 10GbE NIC Pre-Check in the VCF 9.0 Installer or
Enhancement in VCF 9.0.1 to bypass vSAN ESA HCL & Host Commission 10GbE NIC Check
It working great! No need to buy expensive 10GB switch!
How to update standalone ESX(i) server
Sometimes I write stuff for myself and publish it as a archive piece, so as this one.
For 8.0U3
esxcli software sources profile list -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml | grep -i ESXi-8.0U3
For ESX(i) 9
esxcli software sources profile list -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml | grep -i ESXi-9
If you got a memory error run the following commands 
If you do not get a list of versions run the following commands :
esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 0
cp /usr/lib/vmware/esxcli-software /usr/lib/vmware/esxcli-software.bak
sed -i ‘s/mem=300/mem=500/g’ /usr/lib/vmware/esxcli-software.bak
mv /usr/lib/vmware/esxcli-software.bak /usr/lib/vmware/esxcli-software -f
esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 1
Install latest Update (ESXi-8.0U3g-24859861-standard)
esxcli software profile update -p ESXi-8.0U3g-24859861-standard -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml
You must be logged in to post a comment.