VMware | the broadcast

ESXi 6.7u2 and later – SCAv2 (Side Channel aware Scheduler v2)

By: ron

On: 2021-09-21

While the „old“ SCAv1 built a virtual fence around all virtual processors („Intra VM Security Boundary“), SCAv2 lets processors of one virtual machine (VM) to run within a „common fence“ („Inter VM Security Boundary“) which balances security and performance for most workloads. See https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/performance/scheduler-options-vsphere67u2-perf.pdf for performance analysis. Configure Verify Configure SCAv1Read More →

Determine Power-CLI Object-Type

By: ron

On: 2021-05-14

In: Scripting

With: 0 Comments

pass a power-shell object to a function with the correct object-typeRead More →

VMware ESXi: Generate Self-Signed Certificate for FQDN and retrieve SSL-Thumbprint

By: ron

On: 2021-05-13

In: automation, Scripting

With: 0 Comments

Background VMware wants us to prepopulate an Excel-Sheet with SSH-Keys and SSL-Thumbprints of all ESXi-Hosts, who have been freshly deployed minutes before, which effectivly protects against man-in-the-middle-attacks – maybe a problem in US-datacenters. Beginning with VMware Cloud Foundation Release VCF 4.2 the Cloud-Builder-App verifies the „CN“ of all ESXi-SSL-Certificates, which is in default-setup set to „localhost“ (to be overwritten when connecting to the vCenter so this is seemed to be no issue) – not accepted, CN has to be set to <server-fqdn>. Solution plink.exe „plink.exe“ from the Putty-Suite allows to be called from PowerShell in automated fashion without interactive Password-Prompt. (In May 2021 there seemsRead More →

Virtual Machine with direct Storage Access

By: ron

On: 2021-05-01

In: homelab

With: 0 Comments

Business Case My QNAP-NAS (TS-431X2) is slow this must not be QNAPs fault, maybe the drives (4 disks, RAID5, between 147..167 MB/second for sequential read) are the root cause adding a SSD-Cache didn’t improve performance when I had a 3-disk RAID 5 many people around the world are troubleshooting this without success so I decided to use the QNAP-NAS as a Virtual-Tape-Library for Backup-Purposes etc use my ESXi-Host as Storage-Server „Storage Server“ VM I regularily use „Nested ESXi“-Hosts for Lab Environments which should access the storage, so I decided to first give NFS a try – ESXi has no built in NFS-Server, so a smallRead More →

vSphere vCenter – PowerShell: reliable Connection

By: ron

On: 2021-03-19

In: automation

With: 0 Comments

From time to time the first try to connect to a vCenter-Server fails, building a simple loop to allow a limited number of retries fixes this possible issue.Read More →

COT – Common OVF-Tool – Import of VCenter HTTPS Certificate

By: ron

On: 2018-10-16

In: automation, linux

With: 0 Comments

Background: Python-Requests wants to verify https-certificates, which makes sense to me. – but my VCenter uses a self-signed Certificate Don’t think about ignoring certificate errors 😉 Prerequisites Download the certificate from the VCenter: Install the certificate: Now Python.requests validates the vCenter: Add the Export to ~/.bashrc at the end of the fileRead More →

Cisco CSR1000v – additional Interfaces? Common OVF Tool (COT)!

By: ron

On: 2017-12-20

In: automation

With: 0 Comments

Routers with more than three interfaces? Not that uncommon! It might be handy, if several devices are needed with more than three interfaces, to: not: deploy the devices with three interfaces first add the needed number of interfaces to the routers attache tne new interfaces to the correct vSphere-Portgroup but instead: create an OVA-Template with the correct number of interfaces (one time) deploy the routers and attach them during deployment to their portgroup So using vNIC Hot-Add might be not the favourite way to work. Common OVF Tool COT lets you to deploy Cisco CSR1000v routers by easy to use (linux-)commands. (Common OVF Tool (COT)Read More →

Cisco CSR1000v – additional Interfaces? vNIC Hot-Add!

By: ron

On: 2017-12-18

In: wan

With: 0 Comments

My apprehension – a weird nightmare of having to shutdown the router, add the nic and boot the router again – proved wrong. vNIC Hot-Add is supported for VMware ESXi, Citrix XenServer and KVM Not for Hyper-V, Azure, AWS today. Cisco: Virtual Machine Requirements …up to 10 vNICs for ESXi btw. Starting with three default-interfaces select the VM go to „Edit Settings“ Next, Next, Finish be patient …Hot-Remove is supported only using a special „two-step“ strategyRead More →

Linux: vSphere CLI Installation

By: ron

On: 2017-11-30

In: linux

With: 0 Comments

Sometimes I need a lightweight straight-forward toolset to provision, modify or delete vSphere-Objects. Installation was a nightmare in former times, but vSphere CLI Release 6.5 works with Ubuntu server 16.04.3 LTS „out of the box“. And – it’s compatible with ESXi 6.0 hosts. (don’t waste time trying to install vSphere CLI Release 6.0 on a current Linux Server) Consider the docs: vSphere CLI Documentation VMware [Code] vSphere-CLI 6.5 Download the 64-bit Archive Use the vmware-search or Google… „Download VMware vSphere Command Line Interface 6.5“ might be a promising query. I downloaded VMware-vSphere-CLI-6.5.0-4566394.x86_64.tar.gz using my Windows Machine. Transfer the Archive to the Linux-VM using SCP SinceRead More →