Recover Orphaned Virtual Machines

After several host network issues some of the VMs in the inventory were displayed as orphaned. No worries, this is an easy one🙂

orphaned

However in this state the VMs are not usable, but a few options are still available. To recover them there are the following possibilities:

  • simply migrate (cold vMotion) the orphaned VMs to another ESXi host. After the re-registration they will be active again.
  • remove (unregister) the VMs from the inventory, open the Datastore and add (register) the .vmx file to the vCenter server.

Usable KBs in this topic:

  1. Virtual machines appear as invalid or orphaned in vCenter Server (1003742)
  2. vSphere Docu Center
Posted in Uncategorized | Tagged , , | Leave a comment

vSphere 6.5 – launched!

As I thought (It wasn’t so hard to find out) the vSphere 6.5 just launched today during the VMworld, in Barcelona. It will be available for download in Q4 2016. Bellow a few very good article and blog post about the announcement and the new features.
cvc5c1pwyaa6wg4

Official sites

cvcrdslusaajdmd

Blog posts:

Posted in Uncategorized | Tagged , , | 2 Comments

vSphere 6.5 is almost here – VMworld?

Everybody knows, that the vSphere 6.5 is in the tube and almost here. The public beta is running, we have seen a few breadcrumbs about the 6.5 (from vladan.fr, on reddit, etc.) The vSphere HTML5 Web Client fling is an awesome technical preview, I have also tried it. It can be the one of the biggest feature of the vSphere 6.5 from management point of view.

h5-icon

An additional blog post, from the VMware Education with “Get Ready for vSphere 6.5: Training Courses Now Open for Registration” title describes the following three new courses:

  • vSphere: What’s New [V5.5 to V6.5]
  • vSphere: Install, Configure, Manage [V6.5]
  • vSphere: Optimize & Scale [V6.5]

Currently the VMworld is running in Barcelona, so I am pretty sure that the vSphere 6.5 will launch. Can’t wait.

Update 18.10:

The blogpost from VMware Edu has been deleted (drops page-not-found), but the links about the courses are still available. It seems it was an accident🙂

Outline of the What’s New [V5.5 to V6.5]:

  1. Course Introduction
    • Introductions and course logistics
    • Course objectives
  2. Introduction to vSphere 6.5
    • Discuss vSphere 6.5 feature enhancements
    • Use vSphere Client, VMware Host Client, and the appliance shell of vCenter Server Appliance
  3. Installation and Upgrade
    • Describe new vCenter Server architecture features
    • Choose between a distributed configuration and an embedded configuration based on your requirements
    • Describe the enhancements to vCenter Server Appliance
    • Describe the vCenter Server Appliance deployment
    • Describe the hardware requirements for installing vCenter Server Appliance
    • Identify the information that is needed before you begin the installation
    • Deploy a Platform Services Controller appliance
    • Describe how to upgrade vCenter Server Appliance 5.x to vCenter Server Appliance 6.5
    • Describe how to upgrade an ESXi 5.x host to an ESXi 6.5 host
    • List the benefits of using the content library
    • Create a basic content library
    • Synchronize a content library across vCenter Server instances
  4. Compute Enhancements
    • Discuss the enhancements to vSphere 6.5 scalability and performance
    • Discuss the additional features to support hot-plug and SMART solid-state drives
    • Describe new capabilities of host profiles introduced in vSphere 6.5
    • Discuss the improvements to lockdown settings
    • Describe the addition of smart-card authentication
    • Explain the changes that enhance user accountability
    • Discuss how virtual hardware 12 extends virtual machine resource configurations
    • Describe how using large receive offload reduces CPU-associated costs for network packet processing
    • Discuss how hot-add memory is distributed across NUMA nodes in vSphere 6.5
  5. Storage Enhancements
    • Discuss the benefits of using VMFS 6 with vSphere
    • Upgrade from VMFS 5 to VMFS 6
    • Discuss the benefits of using VMFS 6 with vSphere
    • Discuss the benefits of using NFS v4.1 with vSphere
    • Identify the differences between NFS v3 and NFS v4.1
    • Describe the implications of using NFS v4.1
    • Describe the advantages of the new VMware Virsto™ on-disk file system
    • Describe the advantages of the vsanSparse snapshot format
    • Describe the advantages of fault domains to withstand rack-local failures
    • Describe the benefits of applying different default policies to different VMware Virtual SAN™ datastores
    • Describe the benefits of using virtual volumes
    • Describe per virtual machine, policy-based policy management
    • Describe how VMDK data operations are offloaded to storage arrays through the use of VMware vSphere® API for Storage Awareness™
  6. Network Enhancements
    • Work with Network I/O Control
    • Upgrade Network I/O Control to version 3
    • Enable network resource management on VMware vSphere® Distributed Switch™
    • Configure bandwidth allocation for system and virtual machine traffic based on shares and reservations.
    • Discuss IPv6 support in vSphere 6.5
  7. Management Enhancement
    • List the core security modules that are part of Platform Services Controller
    • List the VMware certificate management components
    • Describe certificate use changes in vSphere 6.5
    • List the certificate management components that are part of Platform Services Controller
    • Describe the primary services provided by the VMware Certificate Authority component
    • Describe the primary services provided by the VMware Endpoint Certificate Store component
    • Define VMware CA certificate replacement options
    • Describe ESXi certificate replacement options
    • Discuss certificate-based guest authentication
  8. Availability Enhancements
    • Describe the new TCP/IP stack for vSphere vMotion
    • Explain the changes that make vSphere vMotion migrations across high-latency networks possible
    • Discuss the requirements for migrating a virtual machine across vCenter Server instances
    • Explain how VMware vSphere® Fault Tolerance supports virtual machines with multiple virtual CPUs
    • Describe how vSphere Fault Tolerance maintains the secondary virtual machine in a ready state
    • Explain the mechanism by which the primary virtual machine is determined
    • Discuss the improvements made in handling all paths down and permanent device lost conditions
    • Describe the increased scalability of vSphere HA
    • Explain the additional compatibility supported by vSphere HA
  9. Security Enhancements
    • Plan for secure boot support for ESXi host
    • Deploy enhanced vCenter Server events and alarms, and vSphere logging
    • Evaluate virtual machine encryption
    • Enable encrypted vSphere vMotion
    • Use encrypted core dumps
Posted in Uncategorized | Tagged , , , , | 1 Comment

VMworld 2016 – Barcelona

I has just started, but I am not attending.  A few links to follow the four days long conference:

Posted in Uncategorized | Tagged | Leave a comment

VMUG Hungary – 2016 Q3

The 3rd VMUG will be on 25th of Oct, in SZAMALK Training Center, so next Tuesday!

vmug-logo

The event agenda is the following:

9:00 – 9:40 Regisztráció
9:40 – 9:50 VMUG Leader köszöntő
9:50 – 10:20 AVNET-EMC – #YOAF – Egységben az Erő! Módly Zoltán
10:20 – 10:50 Veeam – Rendelkezésre állás a hybrid cloud-ban, avagy bemutatkozik a Veeam új platformja Keszler Mátyás
10:50 – 11:20 Kávészünet
11:20 – 11:50 Netapp-Dimension Data – NetApp SolidFire – A felhőszolgáltatók tárolója az Adatközpontunkban? Varga Gyula
11:50 – 12:20 F5-Alef Vmware – F5 and VMware NSX integration Lubos Klokner – Angol nyelvű előadás
12:20 – 13:00 EBÉD
13:00 – 13:30 VMware – VMware újdonságok Czuczumanov Valentin
13:30 – 14:00 Közösségi előadás – “Világokat teremtünk” – Automatizáció, fejlesztés, tesztelés, profit Bertalan Bence – Keler Zrt.
14:00 Sorsolás, Zárás

Unfortunately I won’t be there, I can’t go. But the agenda sounds promising, so do not miss it! For more info and registration: event site, twitter, facebook

Posted in Uncategorized | Tagged , , | Leave a comment

Download all VMworld 2016 US sessions – 160GB torrent

This is just a quick reblog of the post from wojcieh.net. All VMware 2016 US sessions can be downloaded:

torrent

Have fun!

Posted in Uncategorized | Tagged | Leave a comment

Replace Just Expired Self-Signed vCenter SSL Certificate – Part 2 of 3: Replacing

So we have already created the self-signed certificate via MS AD Certificate Service for the vCenter Server in the Part 1. In this second section we will replace the expired certificate using the chain.pem and rui.key files. Let’s do this with the VMware SSL Certificate Automation Tool!

Attempt #1

Start the ssl-updater.bat and select the option 5, then 2. That would have been the easiest and the normal method.

07-update-cert

But, it couldn’t log in to the vCenter Server (Me neither manually via vSphere client). So got the following error message:

[2016.08.29. - 16:47:04,02]: "Cannot log in to vCenter."
[2016.08.29. - 16:47:04,03]: The vCenter certificate update failed.

Tried several times, also with another accounts, but same results. The Deploying and using the SSL Certificate Automation Tool 1.0.x (KB2041600) has a similar problem in the known issues section, but in our case the Managed Object Browser was not disabled. I have checked also the logs, but nothing helpful. Okay, we have to find another solution.

Attempt #2

Fortunately there is a KB exactly about this issue: Recovering from expired SSL Certificates in VMware vCenter Server 5.5 (KB2096030). I have done the steps 1-7, then with the step 8 for the following command:

ssolscli listServices https://vc.domain.com:7444/lookupservice/sdk

I got the message:

com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate assertion not verified and thumbprint not matched

Nice… There are various KBs about this issue, but nothing useful.

Attempt #3

It’s not the most beautiful solution, I know, but let’s change the date and time of the vCenter server. The certificate was valid till 27th of Aug, 2016, so I selected the 26th of August. Finally I could login into the vCenter via the vSphere client. Okay let’s try to replace the certificate with the SSL Certificate Automation Tool, as in the Attempt #1. In this case the tool could login to the vCenter, but I got a new error message:

08-falied

2016-08-26T15:15:13.935+0200 [c.v.s.c.ValidateChainMain] ERROR The certificate chain file does not contain a valid certification path. PKIX path validation failed with: Could not validate certificate: certificate not valid till 20160829155832GMT+00:00 (at certificate #1)
2016-08-26T15:15:13.935+0200 [c.v.s.c.ValidateChainMain] ERROR The supplied certificate chain is not valid.

I thought, that something is wrong with the certificate, so re-crated very carefully 2 times – same results. It should have been OK, but… it didn’t work.

Attempt #4

What if, I change the date and time of the MS AD Certificate Service server? That is a Windows 2008 R2, let’s try it. I used the same date: 26th of August. Afterwards I have tried to create a new certificate again, but the MS ADCS webpage wasn’t even available. Interesting, what happened? Changed back the date – everything back to normal. I have checked the events and logs in the Windows server and founded the following from the CertificateAuthority:

08-vrootca-time-drift-cannot-loginGotcha!! So there was a date/time drift between the MS ADCS and the MS AD. That’s true. Let’s change the date on the Active Directory server. (I know… ) The MS ADCS become available, so I could create a new certificate again.

Go back to the SSL Certificate Automation Tool and did the same steps as above. The results:

[.] The supplied certificate chain is valid.
Loading 'screen' into random state - done
"Restarting services... (This can take some time)"
"Stopping vCenter Web Services..."
"Stopping vCenter Server..."
"Starting vCenter Server and other services..."

[2016.08.26. - 15:49:07,19]: Last operation update vCenter Server SSL certificate completed successfully.
[2016.08.26. - 15:49:07,20]: Go to the next step in the plan that was received from Update Steps Planner.

09-success

FINALLY!😀

Also tried with the PowerCLI:

10-OK

The new certificate is valid till 26th of August, 2018. Of course the inventory is visible in the Web Client and I could also login to the vCenter via the vSphere Client. I have corrected the date and time of the AD, AD CS and vCenter servers – everything back to normal.

In the last post (part 3 of 3) the 3rd party components will be fixed.

Posted in Uncategorized | Tagged , , , , | Leave a comment