Posts

Unable to push CA certificates and CRLs to host

Note: This post addresses and (hopefully) fixes the cause of the issue found here: vVols Endpoint - Failed to establish connection on ESXi host Recently, one of my customers was trying to refresh the CA store on newly built ESXi 6.7 U3 hosts under a freshly upgraded vCenter Server 6.7 U3 instance. When the admin tried refresh the CA store, they were getting this error message in the vSphere Client:

vVols Endpoint - Failed to establish connection on ESXi host

My customer has successfully rolled out VMware vSphere Virtual Volumes (or “vVols”) in their environment. They’re loving the simplicity of storage management in vSphere, but were a little stuck when they added a pair of newly installed ESXi hosts to their environment. The hosts were not mounting the vVols datastore as expected meaning hosts could not run VMs backed by vVols. All existing hosts were OK. To start, they dug in to the logs at /var/log/vvold.

Install Firely III on FreeNAS

During my time at iseek, a great colleague Angus Kelsey introduced me to a self-hosted budget management application Firefly III. I was impressed with the finish on the product and was happily surprised to find it was open source and could be self-hosted. I’ve got a FreeNAS server running at home for private workloads and wanted to install Firefly III on this server. Can’t be that hard, I thought. A quick search online didn’t find a straight forward article on installing exactly what I needed to get up and running.

Using Regex in vRealize Orchestrator - extracting useful information from a VM name

Recently I had a customer wanting to identify if a VM of theirs was in Production, Test, or Development based on the VM’s name. Luckily, all of their VMs are named using a naming standard of “{customer}{P|T|D}{application}{server-role}”, giving a generic VM name like “custpdc1” or “cust-t-sql2”. They’re just getting started on their journey with vRealize Orchestrator, and wanted to use it to perform this function. Easy enough, what do we need?

Unable to authenticate against LDAPS in vCloud Director 9.5

I had a customer upgrade their vCloud Director environment from v8.20 to v9.5. The upgrade itself went fine, however some tenants were now unable to login. Interestingly, the affected tenants were authenticating against their own LDAP server over LDAPS. All other tenants were authenticating against the Service Provider managed LDAP server. For this particular service provider customer and their tenant, the LDAP server was specified using an IP address instead of a FQDN.

vExpert 2019!

Thanks to all 5 of my avid readers, I’ve been awarded vExpert for 2019! What is vExpert? Taken from VMTN The VMware vExpert program is VMware's global evangelist and advocacy program. The program is designed to put VMware's marketing resources towards your advocacy efforts. Promotion of your articles, exposure at our global events, co-op advertising, traffic analysis, and early access to beta programs and VMware's roadmap. The awards are for individuals, not companies, and last for one year.

Back from VMware's World Wide Kickoff event

I’m back from VMware’s internal Worldwide Sales Kickoff in Las Vegas! My first Kickoff and it was everything everyone told me it would be. What is Kickoff? It’s VMware’s internal networking conference for VMware staff that are in some way involved in the sales process. It’s to equip them with the tools and knowledge to deliver real solutions to real world business problems (can you tell it’s working??). The biggest highlight for me was hearing our CEO Pat Gelsinger during his keynote.

I'm now at VMware!

After many years of working with VMware products and having been on the receiving side of VMware’s support and business development team, I can now hop the fence and make a difference directly with VMware! I was given the amazing opportunity to join the Brisbane office in Queensland, Australia as a Technical Account Manager and today was my first day! Without a doubt, there is plenty to learn and do over the next few weeks (maybe even months) and I expect this blog will take a temporary back seat until I’ve taken the reigns and settled into my new life.

Managing Windows Server VM templates with Packer - Part 1

Introduction We all know the immense pain of managing Windows Server VM templates, regardless of the platform you’re using. Sure, you can build them once then update them manually on a schedule. However, it’s tedious to document and even worse to execute, making sure the template is identical every time (except for your new updates of course). In my experience, you also have to maintain multiple versions and editions of Windows Server.

Poor performance generating entropy in a VM from /dev/random

Just recently a few colleagues of mine were attempting to generate new private keys with a 4096 bit size but they were seeing shocking performance from all of their Linux VMs. They were seeing key generation taking up to 15 minutes while smashing away at the keyboard to generate entropy. It wasn’t a resource issue, the VMs were sized appropriately and showed no signs of stress. They asked me if they could throw a “Chaos Key” USB device into each of the ESXi hosts to generate more entropy to reduce the time it takes, but I knew that wasn’t required (like I was going to let that happen).