Top VCF 9 Updates: Installer, NVME, and More

Afbeelding met tekst, schermopname, ontwerp

Door AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, Lettertype, logo

Door AI gegenereerde inhoud is mogelijk onjuist.

What are my things I would like to test

  • VCF 9 installer (VCF 9 Beta i looked good)
  • NVME Tiering
  • vSAN ESA Dedub
  • VCF 9 with Ubiquiti
  • Kubernetes Service now includes Windows containerization
  • NSX VPC Support

Afbeelding met tekst, schermopname, Lettertype, nummer

Door AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, software, multimedia

Door AI gegenereerde inhoud is mogelijk onjuist.

The VCF Cloud Foundation Installer makes lives a lot easier! More about this coming very soon

Afbeelding met tekst, multimedia, software, schermopname

Door AI gegenereerde inhoud is mogelijk onjuist.

The VCF Operations Console is looking good! I used it in the VCF 9 beta

More about this also later!

Config vSAN ESA host or VCF ESA vSAN Host the easy way with Config-VSAN-ESA-VCF-Lab-Host Script.

William Lam created the vSAN ESA HCL hardware mock VIB for Nested ESXi.
It works great for vSAN ESA or for VCF vSAN ESA Nested nodes.

You can download the needed vib here

A whale ago I found a easy way to the deployment of a VMware SDDC based on vSAN ESA: VCF automated lab deployment with vSAN ESA

It works great. I a few hours you have a working VCF management domain on vSAN ESA.

Sow what about the script

For the Workload domain domain I created de nested ESXi vm’s manually .
And I did some testing for VCF 9 which I created the nested ESXi host also manually.

Configure by hand takes a lot of time. So I did some scripting and I used some code
from: VCF automated lab deployment with vSAN ESA

So I created a script that does the following:

  • Login on DHCP address en configure a Fixt IP address based on DNS name
  • Disable IPv6
  • Rename the local datastore to a uniek name with the name of the host
  • Configure NTP
  • Install the vSAN ESA VIB mock en restart vSAN mgmt.
  • Generate new certificate for the host with the correct domain name in it.
  • Enable KB372309 (10GB ethernet for vSAN ESA)

It works great for ESXi Nested nodes (ESXi 8.0u3b and ESXi9.X beta)

You can find the script HERE!!

Afbeelding met tekst, schermopname, nummer, Lettertype

Door AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, nummer, Lettertype

Door AI gegenereerde inhoud is mogelijk onjuist.

Benefits of the Ubiquiti Flex 2.5G in a Home Lab

For my home lab I used for many years the Netgear GS108 unmanaged switch.

I works great.

Gigabit Unmanaged Switch-serie - GS108 | NETGEAR

Because the rest of my home work exist of Ubiquity devices I’ve wanted for a long timo to replace my netgear switch’s with a managed one. But the question was which one?

I used the Flex Mini behind the TV and for my PC and NAS. But not for my “server”.

With the release of the Flex 2.5G Switch it will make my homelab a little futher proof.

I have bought in de past the Synology DS723+ which support 2.5G en 10G with a optinal adapter. I wrote about it here

I have the luck that I don’t need to consult with the WAF ☺ Sow the decision was made quickly

Afbeelding met elektronica, Elektronisch apparaat, op afstand

Door AI gegenereerde inhoud is mogelijk onjuist.

now I can really use VLANs within the various virtualization solutions and keep things separate from each other

Afbeelding met schermopname, tekst

Door AI gegenereerde inhoud is mogelijk onjuist.

My labs are even more realistic because of this upgrade!

Deploying VCF Workload Domain with One NSX Manager

For your VCF homelab you wan to keep the resources small with a little bit overhead.
In this post I will talk about how i managed to deploy a VCF Workload Domain with a single NSX Manager, instead of the standard three nsx nodes.

Warning: Use this only in a Homelab!

The trick is to SSH into your SDDC Manager using the vcf user, and the password used during bring-up of the management domain.

When logged in, run su and log in as root using the password used during bring-up.

run: vi /etc/vmware/vcf/domainmanager/application-prod.properties

Hit i in your keyboard to go into insert mode. Go to the end of the file, and append the following:

nsxt.manager.formfactor=medium
nsxt.manager.resources.validation.skip=true
nsxt.manager.cluster.size=1
nsxt.manager.wait.minutes=120

This will make it so that any workload domain you deploy has one NSX Manager, and that it uses a smaller size. Once done, hit ESC in your keyboard, then type :wq and hit enter to save the file. (w = write, q = quit).

Then run systemctl restart domainmanager and you are good to go!

This worked in my nested Cloud Foundation deployment in my lab running 5.2.1.0.

You will still have to fill in the information for the extra nodes in the UI.

Easy Script to Create DNS Records in VCF Lab

When you build your VCF Lab environment you want to create your DNS records automatically. I use for DNS a Windows Server.

The Script:

function ConvertTo-DecimalIP {
param ([string]$ip)
$parts = $ip.Split(‘.’) | ForEach-Object { [int]$_ }
return ($parts[0] -shl 24) + ($parts[1] -shl 16) + ($parts[2] -shl 8) + $parts[3]
}

function ConvertTo-DottedIP {
param ([int]$intIP)
$part1 = ($intIP -shr 24) -band 0xFF
$part2 = ($intIP -shr 16) -band 0xFF
$part3 = ($intIP -shr 8) -band 0xFF
$part4 = $intIP -band 0xFF
return “$part1.$part2.$part3.$part4”
}

$zone = “testlab.nl”
$startip = “192.168.200.10”

$dnsrecords = “vcf-m01-cb01″,”vcf-m01-sddcm01″,”vcf-m01-esx01″,”vcf-m01-esx02″,”vcf-m01-esx03″,”vcf-m01-esx04″,”vcf-w01-esx02″,”vcf-w01-esx03″,”vcf-w01-esx04″,”vcf-w01-esx04″,”vcf-m01-nsx01a”,”vcf-m01-nsx01b”,”vcf-m01-nsx01c”,”vcf-m01-nsx01″,”vcf-w01-nsx01a”,”vcf-w01-nsx01b”,”vcf-w01-nsx01c”,”vcf-w01-nsx01″,”vcf-m01-vc01″,”vcf-w01-vc01″
$count = $dnsrecords.count

# Convert start IP to decimal

$decimalIP = ConvertTo-DecimalIP $startIP
$i = 0

# Loop and print incremented IPs

foreach ($dnsrecord in $dnsrecords) {
$i -lt
$count;
$i++
$currentDecimalIP = $decimalIP + $i
$currentIP = ConvertTo-DottedIP $currentDecimalIP
Add-DnsServerResourceRecordA -Name $dnsrecord -ZoneName $zone -AllowUpdateAny -IPv4Address $currentIP -CreatePtr
Write-Output “DNS record $dnsrecord in $zone with $currentIP is created” -ForegroundColor Green

Simplified DNS Zone Commands for Windows

     

To very handy command’s when you are building your labs multiple times when using a Windows Server as a DNS Server

I wanted to do it through Powershell but i think this is the easiest way to do.

dnscmd /zoneexport “wardvissers.nl” “wardvissers.nl”

dnscmd /zoneadd “wardhomelab.nl” /primary /file wardhomelab2.nl.dns /load

Deploying Windows VMs with Terraform and Packer

A whale ago, I started using Packer for creating Windows Templates for using in my home lab.
I blogged about it here: Windows Server 2025 “Preview” deployment with Packer

So now I want to deploy a template with Terraform, which was created earlier by Packer.

First, we need to ensure we have the Terraform downloaded and the vSphere provider Initialized.

  1. Install Terraform: You can download it from the official Terraform website and follow the installation instructions for your operating system.

I made my life a little easier to create a PowerShell script that downloads the latest version: Download Terraform.ps1

  1. Initialize Your Terraform Configuration: Create a directory for your Terraform configuration files. Inside this directory, create a `main.tf` file (or any `.tf` file) where you will define your provider and other configurations.
    Define the vSphere Provider in Your main.tf: Add the following block to your Terraform configuration file to specify the use of the vSphere provider:

terraform {

  required_providers {

    vsphere = {

      source = “HashiCorp/vsphere”

      version = “> 2.11”

    }

  }

}

provider “vsphere” {

  user           = vcenter_username

  password       = vcenter_password

  vsphere_server = vcenter_server

  # If you have a self-signed cert

  allow_unverified_ssl = true

}

Replace ”vcenter_username”, ” vcenter_password” , ”vcenter_server” with your actual vSphere credentials and server address.

  1. Basic Terraform Commands

Terraform.ps1

# Go to the Terraform download folder

$terraformfolder = ‘d:\automation\terraform\’

Set-Location $terraformfolder

# Download Terraform plugins

.\terraform.exe init

# Test Run

.\terraform.exe plan

# Run Terraform

.\terraform.exe apply

# Clean Up what you created

.\terraform.exe Destroy

Initialize the Terraform Working Directory: Run the following command in your terminal from the directory where your Terraform configuration file is located:

terraform init

Afbeelding met tekst, schermopname, Lettertype, software

Door AI gegenereerde inhoud is mogelijk onjuist.

This command will download the vSphere provider and initialize your Terraform working directory. It sets up and downloads the necessary provider plugins for Terraform to interact with vSphere.

Verify the Installation: After running `terraform init`, you should see output indicating that the vSphere provider has been successfully installed. You can now proceed to create Terraform configurations to manage your vSphere resources.

Deploy a Template VM within vSphere

In this example, we are deploying a VM running Windows Server 2022.

Terraform Module Structure

  1. variables.tf: Define the variables for the module.
  2. main.tf: Contains the main configuration for the VM.
  3. outputs.tf: Define the outputs for the module.

Variables.tf

variable “vsphere_user” {

  default     = “<your_vcenter_username_here>”

   description = “vSphere username to use to connect to the environment – Default: administrator@vsphere.local”

}

variable “vsphere_password” {

  default     = “<your_vcenter_password_here>”

  description = “vSphere vCenter password”

}

variable “vsphere_server” {

  default = “<your_vcenter_here>”

  description = “vSphere vCenter server”

}

variable “datacenter” {

  default = “<your_datacenter_here>”

  description = “vSphere datacenter”

}

variable “cluster” {

  default = “<your_cluster_here>”

  description = “vSphere cluster”

}

variable “network” {

  default = “<vcenter_network>”

  description = “vSphere network”

}

variable “datastore” {

  default = “<your_destination_datastore_>”

  description = “vSphere datastore”

}

variable “template” {

  default = “<your_template_name_here>”

  description = “Template VM”

}

variable “customization_specifications” {

  default = “<vcenter_customization_specifications>”

  description = “Customization Spec”

}

When you run “.\terraform plan” you do a test run to check your coding

Afbeelding met tekst, schermopname, Lettertype

Door AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, Multimediasoftware, software

Door AI gegenereerde inhoud is mogelijk onjuist.

When you run “.\terraform apply” build your virtual machine

Afbeelding met tekst, schermopname, Lettertype

Door AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, Lettertype, software

Door AI gegenereerde inhoud is mogelijk onjuist.

Based on: https://vminfrastructure.com/2025/03/11/deploying-a-vm-using-terraform/

It works but it need some tweaking and fixing.

Adding a TPM2.0 security device does not work right now
Server 2025 customization does not work

Get LDAPS Certificates: A Guide with OpenSSL

Using OpenSSL on Any Platform to get the LDAPS Certificate from the AD Server

Using OpenSSL should work with any Active Directory Server platform. (Windows, Linux etc.). I use Windows in my case

Requirements:

  • Openssl
  • FQDN or IP of the Active Directory Server
  • LDAPS certificate installed in the Active Directory Server certificate store

Steps:

  1. Run the following command from your local computer:
    openssl s_client -showcerts -connect <ip or fqdn of your active directory server>:636
  2. In the output, copy the certificate portion of the output to a text file

rtal

3. Save the text file as my_ldaps_cert.pem.

The saved certificate can be installed into any software that needs to connect to your Active Directory using LDAPS.

How to Obtain 3 Years of VMware Licenses with Certification

By passing either of the new VCP-VCF level certification exam(s), anyone maintaining an active VMUG Advantage membership can receive 3 years worth of extensive VMware Cloud Foundation licensing for home lab use!

Afbeelding met tekst, computer, schermopname, Website

Door AI gegenereerde inhoud is mogelijk onjuist.

The VMUG Advantage program has offered affordable home lab VMware licensing packages for years, but did cover most over the entire product portfolio.

Last year Broadcom made a change into this.

Option 1: Get vSphere Standard Edition 32 cores for 1 year: Pass one of the following VCP certification exams

  • VCP-VVF (admin/architect)
  • VCP-VCF (admin/architect)

Option 2:  Get VMware Cloud Foundation (VCF) 128 cores for 3 years: Purchase & Maintain VMUG Advantage, pass the following VCP certification exam.

  • VCP-VCF (admin/architect)

A VMUG Advantage membership was complimentary for vExperts in 2025

The membership is $210 otherwise, and does include a voucher for a 50% discounted VCP-VCF exam

With the requirements in place, head to the Broadcom “VCP Certification Non-Production Licenses” portal and request licenses.

Afbeelding met tekst, software, Computerpictogram, Webpagina

Door AI gegenereerde inhoud is mogelijk onjuist.

Translate »