Migrating from VCSA embedded PSC to external PSC

On a bit of a shorter note to my previous article/novella ↗ - I have been moving my lab to a bit more of an “enterprise” style architecture - deploying SRM was in the way for that, so I had the need to set up another vCenter, however this gave the opportunity to move to a multi-PSC, multi-VC architecture. There is quite some complexity in my lab with regard to vCenter and its integrations, I have running in production vRO, NSX and vCD - it’s also plugged into VIO and VR, so naturally I really don’t want to reinstall all these components and reconfigure them as a lot of work has gone in, in particular with NSX, dynamic peering etc set up with upstream routers and its integration with vCD....

October 30, 2016 Myles Gray

Deploying Dell OpenManage on ESXi and vCenter 6

If you’ve been reading my other posts of late, you will have gathered I’ve been building a new lab. I say “new”, the last one was a single R710 with a ReadyNas Ultra 6 attached. So essentially, this is my first REAL lab. It’s mostly based on Dell hardware; it’s cheap on eBay, I like their management tools and in the past i’ve only really had good experiences with them, granted it’s no Cisco UCS, HP Bladesystem or Dell M1000e - I think with the addition of OpenManage, and in particular OMIVV it makes it almost as manageable as those environments when you get the foundations laid down nice and solid....

July 26, 2015 Myles Gray

vSphere HA Configuration fails: Operation Timed Out

I recently rebuilt my lab and added 2x new ESXi hosts, I re-used my old single host in the process which I upgraded from ESXi 5.5 to 6.0 and patched to the same level as the new hosts. Everything was working as expected until it came for the time to enable HA. My old host claimed the master roll and thus the other boxes had to connect to it as slaves, however, these failed with “HA Agent Unreachable” and “Operation Timed Out” errors....

July 22, 2015 Myles Gray

Windows Integrated Auth (SSO) fails in vCenter 6.0

If you’ve just spun up a new vCenter 6.0 appliance, have joined it to the domain and added a new identity source but have found that your integrated windows auth (the handy checkbox you use for SSO) isn’t working with this error: A General System error occurred: Cannot get user info Then it’s because the nsswitch.conf file is missing the lsass parameter, to remedy this: SSH as root to your vCenter server appliance....

July 21, 2015 Myles Gray

Using AD signed certificates with vCenter Server Appliance 6

Creating signed certs for vCenter has never been easy, with the new release of 6.0 though this has changed somewhat, there is a built in certificate manager that allows you to import a CA (say Microsoft AD) cert and key to have VMCA sign it’s own certs with and make them trusted. First thing, we need to set up an AD cert template for vSphere 6.0, that’s in my article here....

July 19, 2015 Myles Gray

Creating a vSphere 6 certificate template in Active Directory

Signing certs for VMware has always been a pain in the ass, it’s gotten a lot better in v6 but there are a few caveats, what we’re going to do here is set up a certificate template in Active Directory from which we will sign our vCenter certificates. Load up your AD-CA box and run: certtmpl.msc Next right click on Web Server and click Duplicate Template: If you use an encryption level higher than sha1 choose Windows Server 2008 as the Certification Authority....

July 19, 2015 Myles Gray

Extend Dell MD3000i Virtual Disk LUN Size

I have had the need recently to expand a LUN on a Dell MD3000i SAN to above 2TB that is presented to VMWare ESX 5.1 hosts. There are a few caveats here: The VMWare datastore for 2TB+ LUNs must be VMFS-5 as it is now GPT based, not MBR. This can be updated on the fly without shutting down VMs (Configuration -> Storage, Click the Datastore -> “Upgrade to VMFS-5”) Expanding the virtual disks on MD3000i’s can only be done in CLI....

September 4, 2013 Myles Gray