Tag: VM

Config a VCF (vSAN ESA) host the Easy Way

A while ago i created: Config vSAN ESA host or VCF ESA vSAN Host the easy way with Config-VSAN-ESA-VCF-Lab-Host Script.

Sow it’s time for a new updated version.

What does the script now:

✅ Disable ipv6

✅ Set DNS domain name

✅ Rename local datastore

✅ Configure NTP

✅ Installs the vSAN ESA Hardware Mock VIB

✅ Installs the Synology NFS Plug-in for VMware VAAI

✅ Installs the Realtek Network Driver for ESXi more information here
I use the 10Gtek 1.25/2.5/5/10GBase-T SFP+ RJ-45 CAT.6a Copper Transceiver on the MS-A2

✅ Configure vSAN DOMNetworkSchedulerThrottleComponent

✅ Generate new certificate on the ESXi host (for the VCF verification check)

✅ Ask are you running Miniforum MS-A2(AMD) host & Then Disable apichv

✅ Enable Memory Tiering

You need to download the vibs separately!
For the installs put the vib’s in the same map as the script
You can download the script: HERE

Powercli Script to update From VMware.Powercli to VCF.Powercli

I made a little script that does the following:

  1. Check if VMware or VCF PowerCLI is installed and is outdated
  2. Check if VCF.Powercli is the latest installed
  3. If VMware.Powercli is installed upgrade to VCF.Powercli
  4. If VCF Powercli is installed but not the latest version upgrade to VCF to the latest version

You can download the script on my github repository: https://github.com/WardVissers/VCF-Public/blob/main/Check%20Installed%20VCF-Powercli%20Version.ps1

$installedVCFPowercli   = Get-InstalledModule VCF.PowerCLI -ErrorAction SilentlyContinue
$installedVMwarePowercli   = Get-InstalledModule VMware.PowerCLI -ErrorAction SilentlyContinue
$latestVCFPowercli    = Find-Module VCF.PowerCLI -ErrorAction SilentlyContinue
$latestVMwarePowercli =  Find-Module VMware.PowerCLI -ErrorAction SilentlyContinue
$OldModules = Get-InstalledModule VMware.* -ErrorAction SilentlyContinue
$OldModules += Get-InstalledModule VCF.* -ErrorAction SilentlyContinu | Where-Object {[version]$_.Version -lt $latestVCF.Version}

Function Uninstall-OldPowercliEditons {
$Total = $OldModules.Count
$Index = 0
foreach ($Module in $OldModules) {
    $Index++
    $Percent = ($Index / $Total) * 100

    Write-Progress `
        -Activity "Delete old PowerCLI version" `
        -Status "Uninstall version $($Module.Version) ($Index from $Total)" `
        -PercentComplete $Percent

    try {
        Uninstall-Module -Name $Module.name -AllVersions -Force  # -ErrorAction silentlycontinue -ErrorVariable +err
        Write-Host "🗑 Removed: PowerCLI $($Module.Name) with $($Module.Version)"
    }
    catch {
        Write-Error "❌ Error with deleting PowerCLI $($Module.Version): $_"
    }

    Start-Sleep -Seconds 1
  }
}

if (-not ($installedVMwarePowercli -or $installedVCFPowercli -or $OldModules )) {
    "❌ VCF.PowerCLI is not installed"
    Install-Module VCF.PowerCLI -AllowClobber  -Scope CurrentUser # -SkipPublisherCheck
}
elseif ([version]$installedVCFPowercli.Version -eq [version]$latestVCFPowercli.Version) {
    "✅ VCF PowerCLI is up-to-date ($($installed.Version))"
}
elseif ($installedVMwarePowercli) {
    "⬆ VMware Powercli is installed needed upgrade to VCF Powercli"
    Uninstall-OldPowercliEditons
    Write-Host "Uninstall is succes vol"  -ForegroundColor Yellow
    Install-Module VCF.PowerCLI -AllowClobber  -Scope CurrentUser # -SkipPublisherCheck
    Write-Host "Install VCF Powercli is succes" -ForegroundColor Green
}
else {
    "⬆ VCF Powercli Update beschikbaar $($latestVCFPowercli.Version)"
    Uninstall-OldPowercliEditons
    Write-Host "Uninstall is succes" -ForegroundColor Yellow
    Update-Module -Name VCF.PowerCLI -Force
    Write-Host "Update is succes vol" -ForegroundColor Green
}

Setting Up KubeDoom on Kubernetes: A Beginner’s Guide

I followed William Lam’s article about MS-A2 VCF 9.0 Lab: Configuring vSphere Kubernetes Service (VKS)

I don’t have much experience with Kubernetes but wanted to try some new things.

The only container that I have running is Home Assistant on Docker.

Got to try to get Kubedoom working. So I did with the following steps.
Maybe in the near future I’ll try to add more games: Retro DOS Games on Kubernetes

Finally having a Kubernetes cluster version 1.32, which was required for running KubeDoom.

Afbeelding met tekst, schermopnameDoor AI gegenereerde inhoud is mogelijk onjuist.

Download kubectl

Afbeelding met tekst, schermopname, brief, ontwerpDoor AI gegenereerde inhoud is mogelijk onjuist.

mkdir d:\kubectl

Extract the downloaded ZIP file and place both executables (kubectl.exe and kubectl-vsphere.exe) in a folder such as: d:\kubectl

.\kubectl version –client

mkdir .kube

cd .kube

New-Item config -type file

.\kubectl vsphere login –server=https://31.31.0.7 –insecure-skip-tls-verify

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml get pods

kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml apply -f kubedoom.yaml

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

kubectl –kubeconfig=kubernetes-cluster-jzvx-kubeconfig.yaml -n kubedoom get svc

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

The password to Kubedoom is idbehold

Download VNC Viewer: https://www.realvnc.com/en/connect/download/viewer

Afbeelding met tekst, schermopname, pc-game, MultimediasoftwareDoor AI gegenereerde inhoud is mogelijk onjuist.

This is funny and cool!

Omnissa and the 100Gb Core vSAN license

When you design a new VDI vSAN you have take licensing into account

Some links about the licensing:

Broadcom describes the vSAN licensing in VVF for VDI, https://ftpdocs.broadcom.com/cadocs/0/contentimages/VVF_VDI_SPD_November2024.pdf

You can find more information also here: Omnissa Horizon combined offering with VMware vSphere Foundation for VDI – FAQ (6000381)

So for this test purpose I have 3 x 3.2TB Storage Drives for test.
Sow I have 9.7 TB storage available in a Single node vSAN Cluster

The 100GB “vSAN” Evaluation License comes from the host license! (Licensed for 50years)

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.


With a 2 x 32 core server I have a total of 64 cores.

With 64 Cores and 100Gb/PerCore license I should not extend more then the raw of 6.4TB.

Wit current raw capacity of 9.6TB I get a error

Alarm is gone after removing 1 Disk from the 9.6 TB vSAN Storage (Left 1 Disk as spare). Storage is now 6.4 TB.

So the conclusion is DON’T go above the RAW Core capacity!!!

For design is the following handy:

Horizon Sizing: The Spreadsheet I Made So I’d Stop Yelling at My Monitor

The Hidden Delta Disk Nobody Cared About

Upgrade VCF to 9.0.1: Setting Up an Offline Depot on Ubuntu

Upgrade VMware VCF 9.0.1: Essential Setting Up an Offline Depot on Ubuntu Instructions

If you are planning to upgrade to latest release of VMware Cloud Foundation (VCF) 9.0.1 and you what to install/upgrade you need to have a offline depot.

I had some struggle with the VCF Fleet upgrades. I thought the VCF installer Offline Depot was sufficient. I seems not.

William Liam did a nice explaining about the options: VCF Software Depot Structure Deep Dive for Install & Upgrade. Which confirms my struggle.

Sow I build my own offline depot

Prerequisites

First, download the required bundle files from the Broadcom VMware portal. This includes:

  • vcf-9.0.1.0-offline-depot-metadata.zip (mandatory)
  • vcf-download-tool-9.0.1.0.24962179.tar.gz (mandatory)

On the Depot Server (Ubuntu)

Sizing for the disk is minimal 100GB I used 200GB thin Provisiond

I did a Ubuntu install on a 200GB disk (Partition without lvm)

Login

Login with the user account that you create

Sudo passwd root

Vim /etc/ssh/sshd_config

 if the following line exists, possibly commented out (with a # in front):

PermitRootLogin

Then change it to the following, uncommenting if needed (remove the # in front):

PermitRootLogin yes

sudo service ssh restart

now you can login als root

Install Apache and tools

Sudo update

sudo apt install apache2 openssl apache2-utils unzip

Create a certificate config file

nano ~/vcf-openssl.cnf

Paste the following:

[ req ]

default_bits = 2048

prompt = no

default_md = sha256

distinguished_name = dn

x509_extensions = v3_req

[ dn ]

C = US

ST = CA

L = LA

O = TS

OU = IT

CN = flt-depot.wardhomelab.nl

emailAddress = a@b.c

[ v3_req ]

basicConstraints = CA:FALSE

keyUsage = digitalSignature, keyEncipherment

extendedKeyUsage = serverAuth

subjectAltName = @alt_names

[ alt_names ]

DNS.1 = flt-depot.wardhomelab.nl

IP.1 = 192.168.150.246

Replace the values with your organization’s details.

Generate the certificate

cd /etc/apache2
sudo mkdir ssl

sudo openssl req -x509 -nodes -days 365 \

-newkey rsa:2048 \

-keyout /etc/apache2/ssl/vcf.key \

-out /etc/apache2/ssl/vcf.crt \

-config ~/vcf-openssl.cnf

Create a basic auth user

Sudo htpasswd -c /etc/apache2/.htpasswd vcfadmin

Configure Apache

sudo nano /etc/apache2/sites-available/default-ssl.conf

Paste the following:

<VirtualHost *:443>

ServerAdmin webmaster@localhost

DocumentRoot /var/www/html

SSLEngine on

SSLCertificateFile /etc/apache2/ssl/vcf.crt

SSLCertificateKeyFile /etc/apache2/ssl/vcf.key

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

RequestHeader unset Proxy early

<Directory /var/www/html>

Options Indexes FollowSymLinks

AllowOverride None

AuthType Basic

AuthName “VCF Depot”

AuthUserFile /etc/apache2/.htpasswd

Require valid-user

</Directory>

</VirtualHost>

Enable modules and restart Apache

sudo a2enmod ssl headers

sudo a2ensite default-ssl

sudo systemctl restart apache2

Extract the metadata ZIP

Sudo chmod 777 /home

Upload vcf-9.0.1.0-offline-depot-metadata.zip /home/ with Winscp

Sudo unzip vcf-9.0.1.0-offline-depot-metadata.zip -d /var/www/html

Make sure this file exists:

ls /var/www/html/PROD/metadata/productVersionCatalog/v1/productVersionCatalog.json

Remove Index.html

sudo rm -f /var/www/html/index.html

Create your Download token

Create your Download token in de Broadcom portal

Create a token file in /home folder

Upload the VCF download tool

Sudo mkdir /home/vcf-download-tool

Sudo chmod 777 /home/vcf-download-tool


cd /tmp/vcf-download-tool

Upload the tool in /tmp/vcf-download-tool folder

tar -xf vcf-download-tool-9.0.1.0.24962179.tar.gz

sudo reboot

Run the following

Cd /tmp/vcf-download-tool/bin

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –automated-install –type=INSTALL

Download all the appliances

sudo ./vcf-download-tool binaries list –depot-download-token-file=/home/token –vcf-version=9.0.1 –type=INSTALL –sku=VCF


Upgrade

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component SDDC_MANAGER_VCF

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VCENTER

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRSLCM

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VROPS

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component NSX_T_MANAGER

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VCF_OPS_CLOUD_PROXY

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRA

Additional

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRNI

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRLI

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component HCX

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VRO

sudo ./vcf-download-tool binaries download –depot-download-token-file=/home/token -d /var/www/html –vcf-version=9.0.1 –type UPGRADE –component VIDB

Afbeelding met tekst, schermopname, Lettertype, softwareDoor AI gegenereerde inhoud is mogelijk onjuist.

Upgrade Binaries will be visible

Afbeelding met tekst, schermopname, nummer, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

On de SDDC manager

Open de VM console

Login with the root user

Vim /etc/ssh/sshd_config

 if the following line exists, possibly commented out (with a # in front):

PermitRootLogin

Then change it to the following, uncommenting if needed (remove the # in front):

PermitRootLogin yes

systemctl restart sshd

Copy vcf.crt

scp root@ftt-depot.wardhomelab.nl:/etc/apache2/ssl/vcf.crt /tmp/vcf.crt

Import the certificate into the Java truststore

sudo keytool -import -trustcacerts -alias vcfDepotCert1 \

-file /tmp/vcf.crt \

-keystore /usr/lib/jvm/openjdk-java17-headless.x86_64/lib/security/cacerts \

-storepass changeit

Reboot

Now u should connect VCF to you offline depot

Afbeelding met tekst, schermopname, software, nummerDoor AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, nummer, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

You want you upgrade to 9.0.1 ivm Edge Issue

Special thanks to vmtechnics for putting me in the right direction

MS-A2: How a Ubiquity Flex 2.5G skips the 10G check in VCF 9.X

VCF 9 and 9.0.1 require 10GB nic.

I use for my homelab the MS-A2 with the 2 x 10GbE Intel X710 SFP+ (NIC 1 & 2 from the left). It is silent and fast and have enough power to run VCF 9!

Afbeelding met elektronica, Elektronisch apparaat, Elektronische engineering, ComputeronderdeelDoor AI gegenereerde inhoud is mogelijk onjuist.

So I bought also the  10GbE SFP+ to Copper Transceiver

But when you connect the MS-A2 to USW Flex 2.5G switch on the switch side is 2.5G.

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

But on the VMware side is 10GB 😊

Afbeelding met tekst, schermopname, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

No need to do the following: Disable 10GbE NIC Pre-Check in the VCF 9.0 Installer or

Enhancement in VCF 9.0.1 to bypass vSAN ESA HCL & Host Commission 10GbE NIC Check

It working great! No need to buy expensive 10GB switch!

How to update standalone ESX(i) server

 Sometimes I write stuff for myself and publish it as a archive piece, so as this one.

For 8.0U3

 esxcli software sources profile list -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml | grep -i ESXi-8.0U3

Afbeelding met schermopname, tekstDoor AI gegenereerde inhoud is mogelijk onjuist.

For ESX(i) 9

esxcli software sources profile list -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml | grep -i ESXi-9

If you got a memory error run the following commands

If you do not get a list of versions run the following commands :

esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 0
cp /usr/lib/vmware/esxcli-software /usr/lib/vmware/esxcli-software.bak
sed -i ‘s/mem=300/mem=500/g’ /usr/lib/vmware/esxcli-software.bak
mv /usr/lib/vmware/esxcli-software.bak /usr/lib/vmware/esxcli-software -f
esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 1

Source: https://williamlam.com/2024/03/quick-tip-using-esxcli-to-upgrade-esxi-8-x-throws-memoryerror-or-got-no-data-from-process.html

Install latest Update (ESXi-8.0U3g-24859861-standard)

esxcli software profile update -p ESXi-8.0U3g-24859861-standard -d https://dl.broadcom.com/<Your_Broadcom_Download_Token>/PROD/COMP/ESX_HOST/main/vmw-depot-index.xml

Top VCF 9 Updates: Installer, NVME, and More

Afbeelding met tekst, schermopname, ontwerpDoor AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, Lettertype, logoDoor AI gegenereerde inhoud is mogelijk onjuist.

What are my things I would like to test

  • VCF 9 installer (VCF 9 Beta i looked good)
  • NVME Tiering
  • vSAN ESA Dedub
  • VCF 9 with Ubiquiti
  • Kubernetes Service now includes Windows containerization
  • NSX VPC Support

Afbeelding met tekst, schermopname, Lettertype, nummerDoor AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, software, multimediaDoor AI gegenereerde inhoud is mogelijk onjuist.

The VCF Cloud Foundation Installer makes lives a lot easier! More about this coming very soon

Afbeelding met tekst, multimedia, software, schermopnameDoor AI gegenereerde inhoud is mogelijk onjuist.

The VCF Operations Console is looking good! I used it in the VCF 9 beta

More about this also later!

Config vSAN ESA host or VCF ESA vSAN Host the easy way with Config-VSAN-ESA-VCF-Lab-Host Script.

William Lam created the vSAN ESA HCL hardware mock VIB for Nested ESXi.
It works great for vSAN ESA or for VCF vSAN ESA Nested nodes.

You can download the needed vib here

A whale ago I found a easy way to the deployment of a VMware SDDC based on vSAN ESA: VCF automated lab deployment with vSAN ESA

It works great. I a few hours you have a working VCF management domain on vSAN ESA.

Sow what about the script

For the Workload domain domain I created de nested ESXi vm’s manually .
And I did some testing for VCF 9 which I created the nested ESXi host also manually.

Configure by hand takes a lot of time. So I did some scripting and I used some code
from: VCF automated lab deployment with vSAN ESA

So I created a script that does the following:

  • Login on DHCP address en configure a Fixt IP address based on DNS name
  • Disable IPv6
  • Rename the local datastore to a uniek name with the name of the host
  • Configure NTP
  • Install the vSAN ESA VIB mock en restart vSAN mgmt.
  • Generate new certificate for the host with the correct domain name in it.
  • Enable KB372309 (10GB ethernet for vSAN ESA)

It works great for ESXi Nested nodes (ESXi 8.0u3b and ESXi9.X beta)

You can find the script HERE!!

Afbeelding met tekst, schermopname, nummer, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

Afbeelding met tekst, schermopname, nummer, LettertypeDoor AI gegenereerde inhoud is mogelijk onjuist.

Deploying VCF Workload Domain with One NSX Manager

For your VCF homelab you wan to keep the resources small with a little bit overhead.
In this post I will talk about how i managed to deploy a VCF Workload Domain with a single NSX Manager, instead of the standard three nsx nodes.

Warning: Use this only in a Homelab!

The trick is to SSH into your SDDC Manager using the vcf user, and the password used during bring-up of the management domain.

When logged in, run su and log in as root using the password used during bring-up.

run: vi /etc/vmware/vcf/domainmanager/application-prod.properties

Hit i in your keyboard to go into insert mode. Go to the end of the file, and append the following:

nsxt.manager.formfactor=medium
nsxt.manager.resources.validation.skip=true
nsxt.manager.cluster.size=1
nsxt.manager.wait.minutes=120

This will make it so that any workload domain you deploy has one NSX Manager, and that it uses a smaller size. Once done, hit ESC in your keyboard, then type :wq and hit enter to save the file. (w = write, q = quit).

Then run systemctl restart domainmanager and you are good to go!

This worked in my nested Cloud Foundation deployment in my lab running 5.2.1.0.

You will still have to fill in the information for the extra nodes in the UI.

Translate »