The first VMware User Group Hungary conference will be on Tuesday, 28th of March. This time I will participate as a speaker, I am preparing with the following:
“Self-Signed vCenter SSL Certificate – Creating and Replacing”
I will tell about the creating and replacing process, which wasn’t a smooth task at all 😀 So we will also go through a couple of exciting errors.
The agenda is already available, Csaba has just send it out via mail. Also available on the VMUG Community website, here.
- 9:00-9:50 – Regisztráció
- 9:50-10:00 – VMUG Leader köszöntő
- 10:00-10:30 – Dell-EMC
Előadás címe: VMware vRealize Operations Manager bevezetés és tapasztalatok a Lapker Zrt.-ben
Előadó: Gyémánt Krisztián (Areus Zrt.) és Kiss Tibor Lapker Zrt.
- 10:30-11:00 – Veeam
Előadó: Boris Mittelmann (Veeam)
Előadás címe: Hidden and overlooked gems that make Veeam unigue availability solution
- 11:00-11:30 – Kávészünet
- 11:30-12:00 – VMware
Előadó: Czuczumanov Valentin
Előadás címe: VMware bejelentések, újdonságok az EUC háza tájáról
- 12:00-12:30 – Lenovo
Előadás címe: Lenovo nagyvállalati megoldásai VMware-re hangolva
- 12:30-13:00 – EBÉD
- 13:00-13:30 – VMware
Előadó: Czuczumanov Valentin
Előadás címe: VMware Validated Designs
- 13:30-14:00 – Közösségi előadás
Előadó: Herceg András (VCAP-DCA/DCD, vExpert)
Előadás címe: vCenter SSL tanusítvány készítése és cseréje
- 14:00 – Sorsolás, Zárás
Additionally, it will be again in the Cinema City – IMAX Arena, which was a great former location of the VMUG many years ago.
Here you can register!
VMware has just released a new fling called vSphere Compatibility Predictor. It is basically an upgrade checking tool. Validates if your currently running vSphere 5.5 / 6.0 infrastructure components will work with 6.5 or not.
This Fling scans all PSCs connected to a single
PSC. It will detect the versions of all the vCenter Servers connected to PSCs and all the Solutions connected to vCenter Servers. It will then depict the connectivity in pictorial form.
When you choose the Upgrade View in the Fling, it will show which Solutions are compatible with vCenter Server 6.5. This can help the administrator plan the upgrade in advance.
After accepting the Technical Preview License, the .zip can be downloaded. It contains the VMware-vSphere-Compatibility-Predictor-Setup-1.0.0-20170127.exe, install it on a Windows 2008R2/2012/8.1.
I have tested it with both existing vCenter versions: 5.5 and 6.0. Use the PSC/SSO credentials. (vsphere.local\Administrator). With the default settings you can login into a vCenter 6.0 only – that is using the LDAP port 636. So based on the versions you need the following LDAP ports:
- vSphere 5.5 SSO: use the port 11712
- vSphere 6.0 PSC: use the port 636
Otherwise you will get the following error:
Could not able to make the connection to PSC/SSO Ldap Server…
However the same will be displayed, even with wrong user/password, port, IP as well.
After a successful login Accept the thumbprint, then select the site (vCenters and PSCs will be displayed) and press Upgrade View. In our 5.5 example a couple of extensions are compatible with 6.5:
- vCenter Intelligent Power Plug-in (EATON)
- vShield Manager
- VR Management
- VDP 6.1
Do not forget to check the fling site!
Recently we have received a couple of DELL PowerEdge R730 rack servers. Of course, each has already vSphere installed with the new HTML5 vSphere Web Client Appliance.
In our lab till now there were mainly IBM /Lenovo and Fujitsu servers, so the R730 was also new for me.
The 13th Gen server (of course it is great and fast) has a very special functionality, called iDRAC Quick Sync. This solution allows you to manage some of the 13th Gen Dell rack servers by touching your phone to the front bezel using the NFC technology. Sounds amazing, right?
The iDRAC Quick Sync is visible at back side of the front bezel
How to setup
- Power On the NFC capable 13th Gen Dell server
- Install the DELL OpenManage Mobile to your iOS /Android phone
- Enable the NFC on your phone
- Press the iDRAC Quick Sync button on the front bezel
- In the OpenManage app select the iDRAC Quick Sync Read option and touch the front bezel with your phone (can be password protected)
- After 1-2 sec a new iDRAC item will be listed in the app.
What is possible?
With this convenient mobile solution lots of information about the server can be polled.
- Basic data, server components list
- Server event logs
- Firmware details (from all of the components, even from the PCIe cards)
- Network (iDRAC) details: IPv4/6 and MAC addresses
- Health (storage, battery, FAN, Power, Temp, Voltage..) status
- Warranty info – based on the Service Tag the start/end date, order and customer numbers are displayed
- Link to the components list.
This list can be refreshed whenever you want. The another great function is that e.g. the iDRAC network settings can be modified and applied on the server.
So if you have such DELL Rx30 server and NFC capable phone, it definitely worth a try!
Almost every week a new beta version of the vSphere HTML5 Web Client is released. As you already know the community loves this product: the site has more than 1400 comments, 63 bugs and a huge changelog with lot of improvements and bug fixes. The huge enthusiasm is understandable, because the HTML5 based client provides a modern, flat based much cleaner interface. Of course the most important advantage is the rocket speed response time.
This year in March I also tested the first version. (For Hungarian readers: Zoli has also posts here and here) Since then, VMware has released the vSphere 6.5 VCSA including a “supported version” of the vSphere H5 Client. (bulid 4598948)
Unfortunately upgrading of this vSphere Client inside the VCSA is not possible currently. The only way to have the latest Fling (which is 2.19 – Build 4810256) is using the vSphere Web Client Appliance. The installation method is pretty much the same, as with the Bulid 3680819, but since the 1.17 – Build 4202128 a new way is available through the Fling Appliance Management Interface (FAMI). This web interface eliminates most of the CLI part – theoretically:) Let’s check it.
- Download the OVA, deploy it and boot it. You will get the following on the console:
- On the VCSA6.5 the default shell must be changed to bash, this can be done via SSH.
- Now we can use the Fling Appliance Management Interface (FAMI), which is available at https://H5_Appliance_IP_Address:5490 (On the port 5480 we can modify the IP, GW, DNS, hostname of the appliance). With the FAMI the VCSA registration can be done.
Web Server started
- Looks great! Now we have two H5 Clients: the integrated one inside the VCSA and the latest one as an OVA appliance. Let’s check the latest H5 Client with opening the https://H5_Appliance_IP_Address/ui Unfortunately there is no UI, but an error message was waiting for me
A server error occurred.
 An error occured while sending an authentication request to the vCenter Single Sign-On server – An error occured when processing the metadate during vCenter Single Sign-On setup – null.
Check the vSphere Client server logs for details
Oookay. Look into the logs
root@vcsa65 [ ~ ]# /etc/init.d/vsphere-client show_log
At the end:
[2016-12-29T11:54:02.900Z] [INFO ] cm-catalog-manager-pool-5 c.v.v.s.c.impl.SecurityTokenServiceImpl$RequestResponseProcessor Request message has expired. Server message: ns0:MessageExpired: The time now Thu Dec 29 12:54:03 UTC 2016 does not fall in the request lifetime interval extended with clock tolerance of 600000 ms: [ Thu Dec 29 11:44:02 UTC 2016; Thu Dec 29 12:14:02 UTC 2016). This might be due to a clock skew problem.
[2016-12-29T11:54:02.900Z] [INFO ] cm-catalog-manager-pool-5 c.v.v.s.c.impl.SecurityTokenServiceImpl$RequestResponseProcessor Server returned 'request expired' less than 0 seconds after request was issued, but it shouldn't have expired for at least 600 seconds.
[2016-12-29T11:54:02.900Z] [ERROR] cm-catalog-manager-pool-5 com.vmware.vise.vim.security.sso.impl.SsoUtilInternal Time sync error: VC Server and local machine's clocks are out of sync by more than the accepted tolerance.
[2016-12-29T11:54:02.900Z] [ERROR] cm-catalog-manager-pool-5 com.vmware.vise.vim.security.sso.impl.NgcSolutionUser Solution user login failed. com.vmware.vim.sso.client.exception.TimeSynchronizationException: Server returned 'request expired' less than 0 seconds after request was issued, but it shouldn't have expired for at least 600 seconds.
After several host network issues some of the VMs in the inventory were displayed as orphaned. No worries, this is an easy one 🙂
However in this state the VMs are not usable, but a few options are still available. To recover them there are the following possibilities:
- simply migrate (cold vMotion) the orphaned VMs to another ESXi host. After the re-registration they will be active again.
- remove (unregister) the VMs from the inventory, open the Datastore and add (register) the .vmx file to the vCenter server.
Usable KBs in this topic:
- Virtual machines appear as invalid or orphaned in vCenter Server (1003742)
- vSphere Docu Center
As I thought (It wasn’t so hard to find out) the vSphere 6.5 just launched today during the VMworld, in Barcelona. It will be available for download in Q4 2016. Bellow a few very good article and blog post about the announcement and the new features.
Everybody knows, that the vSphere 6.5 is in the tube and almost here. The public beta is running, we have seen a few breadcrumbs about the 6.5 (from vladan.fr, on reddit, etc.) The vSphere HTML5 Web Client fling is an awesome technical preview, I have also tried it. It can be the one of the biggest feature of the vSphere 6.5 from management point of view.
An additional blog post, from the VMware Education with “Get Ready for vSphere 6.5: Training Courses Now Open for Registration” title describes the following three new courses:
- vSphere: What’s New [V5.5 to V6.5]
- vSphere: Install, Configure, Manage [V6.5]
- vSphere: Optimize & Scale [V6.5]
Currently the VMworld is running in Barcelona, so I am pretty sure that the vSphere 6.5 will launch. Can’t wait.
The blogpost from VMware Edu has been deleted (drops page-not-found), but the links about the courses are still available. It seems it was an accident 🙂
Outline of the What’s New [V5.5 to V6.5]:
- Course Introduction
- Introductions and course logistics
- Course objectives
- Introduction to vSphere 6.5
- Discuss vSphere 6.5 feature enhancements
- Use vSphere Client, VMware Host Client, and the appliance shell of vCenter Server Appliance
- Installation and Upgrade
- Describe new vCenter Server architecture features
- Choose between a distributed configuration and an embedded configuration based on your requirements
- Describe the enhancements to vCenter Server Appliance
- Describe the vCenter Server Appliance deployment
- Describe the hardware requirements for installing vCenter Server Appliance
- Identify the information that is needed before you begin the installation
- Deploy a Platform Services Controller appliance
- Describe how to upgrade vCenter Server Appliance 5.x to vCenter Server Appliance 6.5
- Describe how to upgrade an ESXi 5.x host to an ESXi 6.5 host
- List the benefits of using the content library
- Create a basic content library
- Synchronize a content library across vCenter Server instances
- Compute Enhancements
- Discuss the enhancements to vSphere 6.5 scalability and performance
- Discuss the additional features to support hot-plug and SMART solid-state drives
- Describe new capabilities of host profiles introduced in vSphere 6.5
- Discuss the improvements to lockdown settings
- Describe the addition of smart-card authentication
- Explain the changes that enhance user accountability
- Discuss how virtual hardware 12 extends virtual machine resource configurations
- Describe how using large receive offload reduces CPU-associated costs for network packet processing
- Discuss how hot-add memory is distributed across NUMA nodes in vSphere 6.5
- Storage Enhancements
- Discuss the benefits of using VMFS 6 with vSphere
- Upgrade from VMFS 5 to VMFS 6
- Discuss the benefits of using VMFS 6 with vSphere
- Discuss the benefits of using NFS v4.1 with vSphere
- Identify the differences between NFS v3 and NFS v4.1
- Describe the implications of using NFS v4.1
- Describe the advantages of the new VMware Virsto™ on-disk file system
- Describe the advantages of the vsanSparse snapshot format
- Describe the advantages of fault domains to withstand rack-local failures
- Describe the benefits of applying different default policies to different VMware Virtual SAN™ datastores
- Describe the benefits of using virtual volumes
- Describe per virtual machine, policy-based policy management
- Describe how VMDK data operations are offloaded to storage arrays through the use of VMware vSphere® API for Storage Awareness™
- Network Enhancements
- Work with Network I/O Control
- Upgrade Network I/O Control to version 3
- Enable network resource management on VMware vSphere® Distributed Switch™
- Configure bandwidth allocation for system and virtual machine traffic based on shares and reservations.
- Discuss IPv6 support in vSphere 6.5
- Management Enhancement
- List the core security modules that are part of Platform Services Controller
- List the VMware certificate management components
- Describe certificate use changes in vSphere 6.5
- List the certificate management components that are part of Platform Services Controller
- Describe the primary services provided by the VMware Certificate Authority component
- Describe the primary services provided by the VMware Endpoint Certificate Store component
- Define VMware CA certificate replacement options
- Describe ESXi certificate replacement options
- Discuss certificate-based guest authentication
- Availability Enhancements
- Describe the new TCP/IP stack for vSphere vMotion
- Explain the changes that make vSphere vMotion migrations across high-latency networks possible
- Discuss the requirements for migrating a virtual machine across vCenter Server instances
- Explain how VMware vSphere® Fault Tolerance supports virtual machines with multiple virtual CPUs
- Describe how vSphere Fault Tolerance maintains the secondary virtual machine in a ready state
- Explain the mechanism by which the primary virtual machine is determined
- Discuss the improvements made in handling all paths down and permanent device lost conditions
- Describe the increased scalability of vSphere HA
- Explain the additional compatibility supported by vSphere HA
- Security Enhancements
- Plan for secure boot support for ESXi host
- Deploy enhanced vCenter Server events and alarms, and vSphere logging
- Evaluate virtual machine encryption
- Enable encrypted vSphere vMotion
- Use encrypted core dumps