I am happy to announce that as of today I entered the VMware vExpert NSX sub-program. Thanks, VMware for the award and congratulations to everyone else who also made it! Also an extraordinary achievement for our team at ITQ, we managed to get seven consultants in the vExpert NSX 2018 sub-program! This year VMware awarded 169 people worldwide for the vExpert NSX sub-program.
Since when does the vExpert NSX sub-program exist?
The VMware vExpert NSX sub-program was introduced in the year 2016 and announcements are made every year.
So what is the difference between the vExpert NSX sub-program and vExpert program?
The program is built upon the vExpert program. To apply you must be a current vExpert as well as evangelizing VMware NSX.
What is VMware expecting of a vExpert NSX?
Each of these vExperts has demonstrated significant contributions to the community and a willingness to share their expertise with others. Contributing is not always blogging or Twitter as there are many public speakers, book authors, scriptwriters, VMUG leaders, VMTN community moderators and internal champions among this group.
The vRealize Orchestrator Client is the required tool for vRealize Orchestrator (vRO) server. The vRealize Orchestrator client is used for designing, administering, setting permissions and running workflows. The vRealize Orchestrator client is Java 8 based and should be running locally on your Windows desktop or management server.
The last couple of years a lot of new displays are released that are supporting resolutions above full high definition (HD) (1920 x 1080). As a result of these large displays with high resolutions (for example 3840 × 2160), the vRealize Orchestrator Client is not scaling correctly. The fonts are too small and some boxes are not readable anymore, this is mainly caused because of the scaling that is zoomed out like 300%. This is quite irritating when developing a workflow and you are just not sure if you typed “Input_Username”, “Input Username” or “Input__Username” for example. You are just guessing or copy and pasting between an application to view the text that is written.
So it was time to investigate the problem and look for a solution.
Option 01: Lowering your screen resolution
The easiest option is to lower your screen resolution to 1920 x 1080. This is not always the most prefered option but it is the fastest.
Option 02: Modifying the vRO Client File
This option modifies the file that is used to launch the vRealize Orchestrator Client.
1. Navigate to the vRealize Orchestrator webpage (https://%FQDN%:8281/vco/). 2. Click on the link “START THE ORCHESTRATOR CLIENT“. 3. Save the “client.jnlp” on your desktop or other location on your workstation. 4. Open the “client.jnlp” file with a code/text editor for example Notepad++. 5. Add the following line of code to the resources block at the end (see screenshot below).
6. Save the file and close the editor. 7. Now launch the “client.jnlp“. This will start-up the vRealize Orchestrator Client without the screen resolution problems.
vRealize Orchestrator 7.4 – Start the Orchestrator Client
vRealize Orchestrator 7.4 – Client.jnlp
vRealize Orchestrator 7.4 – Without DPI aware setting
vRealize Orchestrator 7.4 – With DPI aware setting
In this blog post, I described two methods to deal with large screen resolutions in combination with the vRealize Orchestrator Client. Personally, I prefer option two because it is more permanent and I don’t have to change my resolution which effects other applications. Keep in mind: I only tested this on Microsoft Windows and not on Apple OS X or Linux.
At VMware EMPOWER 2018 in Vienna, I passed the VMware Certified Advanced professional 6.5 Data center Virtualization Design exam or in sort VCAP6.5-DCV. This exam was already for a very long on my certification list, to be more precise for about four years. Because of the large number of new products VMware released the last couple of years, my priorities shifted many times because Data center Virtualization was not really too interesting to study anymore… (sorry Data center Virtualization for calling you not interesting). My experience with VMware vSphere started more than ten years ago and over the years I have been responsible for designing multiple infrastructures for customers.
The VMware way of describing the VMware Certified Advanced Professional 6.5 – Data Center Virtualization Design certification:
“The VCAP6.5-DCV Design certification validates advanced knowledge of simplifying data center operations through virtualization with vSphere 6.5 and its related components, and is able to recommend and design VMware solutions to meet specific goals and requirements. This industry-recognized certification improves your credibility among your peers and proves that you have a deep understanding of data center virtualization design principles and methodologies.”
So where is the exam about: The exam is about the VMware Design Methodology used for designing a VMware vSphere infrastructure the right way. To pass the exam you need to know everything about the following items and make sure you can apply them in real-life examples/use cases:
– AMPRS (Availability, Manageability, Performance, Recoverability and Security).
– RCAR (Requirement, Constraint, Assumption and Risk)
– Non-functional and functional requirements
– RPO (Recovery Point Objective)
– RTO (Recovery Time Objective)
– Conceptual, Logical and Physical Designs
– vSphere 6.5 features, what did the release of vSphere 6.5 provide to each feature and what are the requirements and constraints for implementation.
– vSAN 6.5 features, design and architecture
– Site Recovery Manager features, design and architecture
– vSphere Replication features, design and architecture
For me, the preparation of the exam started with a couple of sessions about the vSphere Design Methodology. Jeffrey Kusters was so kind to host a couple of sessions in his spare time about the subject for all the ITQ colleges. Jeffrey Kusters is one of our VMware VCDXs that works at our firm and has a lot of years of experience designing vSphere Infrastructure as an IT architect.
I have used many different material/sources to prepare myself for the exam but watch out. There is so much information available that you can study until 2020 and then you are still not able to read all the information. Focus on the items listed above and you will have a good chance of passing. Important note, sometimes information on a blog or book is a couple of years old and you might expect it to be not relevant. This is not the case the VMware Design Mythology has not changed over the years.
I passed the exam on the first attempt with a good score. The questions are decent around 12 drag en drop and 48 multiple choices. The questions are decent and require you to have deep knowledge of the products. So basically you know the answer or you just don’t. For me passing the VCAP6.5-DCV Design made me a VCIX6.5-DCV, so I was extra pleased with the result.
Special thanks to Jeffrey Kusters! You have been an absolute help!
Recently I was deploying the vRealize Suite Lifecycle Manager (vRSLCM) at a customer. One of there requirement was that the appliance only could reach the internet with their internet proxy configured. The deployment was based on the latest version of the vRSLCM appliance version 1.2. The main use case for deploying this appliance at the customer was to reduce the time spend on Lifecycle Management. The appliance is able to maintain vRealize Automation (vRA), vRealize Business (vRB), vRealize Log Insight (vRLI) and vRealize Operations Manager (vROPS).
So for the proxy configuration, we need to identify which URLs are required. Luckily in the VMware Documentation, there is a list of URLs and ports which the vRealize Suite Lifecycle Manager uses. So I configured the URLs but it appeared to be not working. The vRSLCM was complaining about the URL (https://my.vmware.com). So after analyzing the proxy logging, I could conclude that the URL list was not complete. Below this section, I display the difference between the official statement and what was required to get it working.
Proxy URLs – Official List:
This is the official URL list from the vRealize Suite Lifecycle Manager (vRSLCM) v1.2 documentation:
Proxy URLs – Unofficial List:
This is the list that was required to get vRSLCM working through the proxy, keep in mind there are a lot of different functionalities in the vRSLCM appliance and I was not using the entire set of functionalities. There might be even more URLs required…
Icons for marketplace
In the steps below I explain the proxy configuration in the vRealize Suite Lifecycle Manager web interface:
Open the a web browser.
Navigate to the vRSLCM URL (https://%FQDN%).
Log in with an administrator account (admin@localhost).
Navigate to the following page (Settings > My VMware).
Toggle the Configure Proxy to enabled.
Enter the following proxy information:
Proxy Server: %FQDN% or %IP%
Proxy Port: %Port Number%
Proxy Username: %Username%
Proxy Password: %Password%
Click on the Submit button.
Verify if the My VMware communication is working and the appliance is able to download the media.
vRealize Suite Lifecycle Manager (vRSLCM) requires ICMP communication with the internet proxy. When configuring a proxy in vRSLCM version 1.3 the configuration validation fails without allowing ICMP.
– 2018-07-16: Added additional proxy URLs for the vRealize Suite Lifecycle Manager version 1.3. – 2018-07-16: Added link for the vRealize Suite Lifecycle Manager manual version 1.3. – 2018-07-16: Added additional note about ICMP.
At a customer I came across the following problem, the customer was not able to remove a Content Library from vCenter Server. They just created a Content Library and after that, they wanted to remove the item. When they tried to remove the content library it failed. We started troubleshooting the log files and tried to remove the Content Library in different ways with the vSphere Web Client, PowerShell and REST API but all ended with the same error. The error messages are listed below.
To add some more background information: the customer was running the environment with an external platform services controller and a vCenter Server (VCSA). The version that was being used was VCSA 6.5 Update 1e.
Content Library – Error messages
Cannot Remove Content Libary – 01
Cannot Remove Content Libary – 02
Cannot Remove Content Libary – 03
We ended up calling VMware Global Support Services (GSS) to resolve the issues. They were very helpful and fixed it within a couple of minutes. The knowledge base article listed below is only available for internal VMware personal.
The internal knowledge base article related to the issue: – https://ikb.vmware.com/s/article/50121825 – Unable to delete the stale entry for the content library from the web client
Recently somebody asked me a question about VMware vCenter running on a Windows Server. The Windows Server was running VMware vCenter 6.5 and in case of a datacenter related problem, they wanted to get access to the vSphere Web Client (Flash) on the system locally.
It sounds easy right…? Just open the browser on the Windows Server and navigate to the vSphere Web Client page but that didn’t appear to be the case, because the system is missing the browser plugins required to open the vSphere Web Client.
So let’s dive into the problem.
Microsoft Browsers: They are running Windows Server 2016 and you might expect it to have two browsers: Internet Explorer 11 and Microsoft Edge. That does not seem to be the case. Windows Server 2016 is only shipped with Internet Explorer 11. Why? Windows Server 2016 is marked as an LTSB (Long Time Service Branch) so this means no Microsoft Edge and it is also not available for manual installation.
Microsoft: “The Long-Term Servicing Branch (LTSB) versions of Windows, including Windows Server 2016, don’t include Microsoft Edge or many other Universal Windows Platform (UWP) apps. These apps and their services are frequently updated with new functionality, and can’t be supported on systems running the LTSB operating systems.”
Third-party browsers: The company who was asking had a security policy that does not allow an installation of third-party browsers like Mozilla Firefox or Google Chrome. Alright, so this is not an option. Don’t have to look at that further.
Adobe Flash: So let’s try Internet Explorer 11. It appears to be missing Adobe Flash and you can not download and install it from Adobe Website.
At this point, I was stuck and there did not seem to be a simple solution.
vSphere Web Client missing Adobe Flash
Adobe Flash not available for installation on Windows Server 2016
After searching for a solution for about an hour. I came across a Microsoft Blog article listed below. This article is talking about installing Adobe Flash on Windows Server 2016. It appears that all the software is already on the system but just needs to be installed.
Procedure: – Step 01: Close all browsers – Step 02: Start a PowerShell session with elevated rights. – Step 03: Run the following command: dism /online /add-package /packagepath:"C:WindowsservicingPackagesAdobe-Flash-For-Windows-Package~31bf3856ad364e35~amd64~~10.0.14393.0.mum" – Step 04: Wait for the installation to complete. – Step 05: Open a browser and navigate to the vSphere Web Client. – Step 06: Everything should be working now.
Note: In the Microsoft Blog article they are talking about a reboot required in my case it was not required. Just a browser restart was enough.
Installing Adobe Flash on Windows Server 2016
vSphere Web Client with Adobe Flash
It sounded like an easy problem at first but it took some more time than I expected. The problem is solved with a simple one-liner and the customer is happy. I personally think that there might be other solution to the problem. If you know them please add a comment below.
Today I was checking my standalone vRealize Orchestator (vRO) appliance in my 24×7 Lab environment for scheduled task activities but something didn’t seem to be right. All scheduled tasks appeared to be running without problems, but there was no workflow output.
So what kind of schedule tasks is this Orchestrator running you might ask? This Orchestrator is responsible for maintaining my environment. Think about tasks like cleaning up snapshots, removing mounted CD-ROM media and adding new Virtual Machines to my backup schedule.
Let’s analyze the problem:
To check what was going-on I created a Workflow with a Scriptable Task that outputs text (the Workflow is displayed in the screenshot below). After realizing that vRO was not able to output any information to the screen it was time to start troubleshooting.
To start troubleshooting I connected with SSH to the vRealize Orchestrator appliance and started looking at the log files. Because vRO consists out of a lot of smaller sub systems it’s important to find the right log file.
First I ran a command to show all log files with the latest change date. It appeared that the “catalina.out” was very busy. Every time I ran the command the file had a new timestamp. ls -ltur /var/log/vmware/vco/app-server/
So lets look in the log file to figure out who is logging to this file: tail -f /var/log/vmware/vco/app-server/catalina.out
It appeared that Apache Lucene was generating a continuous stream of messages/errors. Caused by: java.lang.IllegalArgumentException: An SPI class of type org.apache.lucene.codecs.Codec with name 'Lucene6 0' does not exist. You need to add the corresponding JAR file supporting this SPI to your classpath. The current cl asspath supports the following names: [Lucene62]
... 103 more
19:30:49,588 WARN StubbornRetrier:38 - Retry 1/6 failed because of: Could not load codec 'Lucene60'. Did you forget to add lucene-backward-codecs.jar?
19:30:49,609 WARN StubbornRetrier:38 - Retry 5/6 failed because of: Could not load codec 'Lucene60'. Did you forget to add lucene-backward-codecs.jar?
19:30:49,611 WARN StubbornRetrier:38 - Retry 3/6 failed because of: Could not load codec 'Lucene60'. Did you forget to add lucene-backward-codecs.jar?
As I explained before vRO consists out of multiple smaller systems and Apache Lucene is one of them. So what is Apache Lucene exactly?
Apache LuceneTM is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform.
When searching on the log file error I directly found a VMware KB to resolve this issue.
Start a SSH session with the vRO Appliance.
Login with the root account.
Stop the vRO server service. service vco-server stop
Run the following command to remove the old lucene logs, this might be a single file or multiple files. rm -rf /var/log/vco/app-server/scripting.log_lucene*
Start the vRO server service. service vco-server start
vRealize Orchestrator 7.4 – Login
vRealize Orchestrator 7.4 – Applying Fix
To confirm the procedure/fix I ran the test workflow again. The screenshot is listed below and shows output to the screen. This is the expected behavior so we can conclude that the fix solved the problem.
Based on the information already available on the internet it seems that the upgrade from vRealize Orchestrator 7.3.1 to 7.4 is the root cause of the problem. The positive side of the problem is that the vRealize Orchestrator engine is just doing its work. In my lab environment I discovered the problem three weeks after the upgrade. To clarify: all my workflows that were running in these three weeks were not experiencing any problems.
Today I was dealing with an issue in vRealize Automation (vRA). The customer had deleted some virtual machines in the vCenter inventory that were managed by vRealize Automation (vRA). So this resulted in registered virtual machines in vRealize Automation that were reported as missing.
For this blog post I recreated the problem in my Lab environment to have the ability to share the screenshots.
Like explained in the beginning of this blog post. I recreated the problem in my home lab environment. To give you some background information about this environment. The Lab environment is running the following products and versions: – VMware vCenter 6.5 – VMware ESXi 6.5 – VMware vRealize Automation 7.3.1 – VMware vRealize Orchestrator 7.3.1 – VMware NSX-V 6.4.0
The clusters are split into a “Mgmt & Edge” Cluster and a “Payload” Cluster. The virtual machines that were managed by vRealize Automation were located on the “Payload” cluster. So to recreate the problem I removed the virtual machines in the “Payload” cluster.
Incase you are interested in more information about my Home Lab, you can go to the following page.
Download the latest version of the vRealize ClientCloud from the VMware website (the link can be found below).
When the download is done, unzip the zip file (VMware_vRealize_CloudClient-4.5.0-8227624.zip).
Navigate to the following directory (VMware_vRealize_CloudClient-4.5.0-8227624bin).
Start the CloudClient (Windows: cloudclient.bat / Linux: cloudclient.sh).
Log in to the vRA Appliance: Syntax: vra login userpass --user admin ID --tenant Tenant Name --server vRA FQDN --password Password
This afternoon I took the VMware vSAN 2017 Specialist and I passed with a score of 456 points. The exam is about… guess what Virtual SAN (vSAN)! To be more precise the latest version of vSAN version 6.6. The exam is a mix of deployment & design questions. In my opinion it is a smaller version of the separated Deploy & Design exams as in the major exam tracks (DCV, NV, CMA, DTM). The questions were really good and realistic, some examples: like about space efficiency, cluster sizing and some customer use cases. The exam contains 60 questions and you have 105 minutes to complete the exam.
Over the years I have done a lot of vSAN deployments, starting in the vSAN 5.5 days. So personally it was not the most difficult exam to pass but a good one to add to my résumé.
The official exam description from VMware: “The VMware vSAN 2017 Specialist badge holder is a technical professional who understands the vSAN 6.6 architecture and its complete feature set, knows how to conduct a vSAN design and deployment exercise, can implement a live vSAN hyper-converged infrastructure environment based on certified hardware/software components and best practices, and can administer/operate a vSAN cluster properly.”
The Specialist Exams
At VMworld 2017 three new specialist exams were announced by VMware Education:
VMware vRealize Operations 2017 Specialist
VMware vSAN 2017 Specialist Exam
VMware Validated Designs for Software-Defined Data Center 2017
Currently the remaining two are on my “To Do” list because they all cover my area of expertise. The vSAN Specialist exam is the only one of the three that is done at a test center, the other two are online exams.
There is a lot of free vSAN 6.6 content available, especially the VMworld 2017 sessions are full of useful information. Take a look Duncan Epping his YouTube Channel (the URL listed below).
On the 28 of February VMware PowerCLI 10.0.0 was released. The biggest change in this release is the multi-platform support which includes the support for Mac OS and Linux. Oh and they kind of increased the version number a bit… from 6.5.X to 10.0.0 ;).
So I decided to upgrade PowerCLI in my Lab environment. In my Lab environment, I have a Windows 10 virtual machine that runs as an Administrator Workstation. The upgrade was very smooth and it took about one minute but after the upgrade, no connections were possible with my vCenter server.
The following error was displayed in the PowerShell prompt, screenshots are displayed below: Error: Invalid server certificate. Use Set-PowerCLIConfiguration to set the value for the InvalidCertificateAction option to Prompt exception for this server.
It appears that they have changed the default PowerCLI behaviour regarding certificates.
Note:The solution I offer below is going ignore the SSL certificate checking, make sure this is something you want. A better way to validate this is to sign the certification of the vCenter Server with for example an Enterprise Certificate Authority. A write-up can be found here.
After the PowerCLI 10.0.0 upgrade on your system, you try to connect to your vCenter Server, but you receive the following error (image 01).
The error is pointing us to the following PowerCLI command-let “Get-PowerCLIConfiguration” (image 02). It appears that based on the output of the command the “InvalidCertificateAction” is configured as “Unset“.
Let’s look at the possible settings available for “InvalidCertificateAction” (image 03). In my case “Ignore” is the best option because I’m running a test environment.
Let’s change the setting to “Ignore” to disable the certificate check (Image 04).
Now it’s time to connect with your vCenter Server again (Image 05).
Everything should be working again without certificate warning messages.
PowerCLI 10.0.0 – 01 – Certificate Error
PowerCLI 10.0.0 – 02 – Show current SSL settings
PowerCLI 10.0.0 – 03 – List options
PowerCLI 10.0.0 – 04 – Configure settings for users
PowerCLI 10.0.0 – 05 – Connections are possible again
Be-Virtual.net - Cookies