Uncategorized

Aria Operations (vROPs) can report how many Secure Boot enabled VMs you have

There was a recent Microsoft Windows Update released for Windows Server 2022, when applied to VMs that have Secure Boot enabled, on reboot the VM boots directly into the BIOS and never hits the OS bootloader.

This not only posed a challenge but there are environments that may have couple of hundred VMs to a few thousands. For those those customers that have entitlement to Aria Operations or Aria Operations Cloud (formerly vRealize Operations) customers can generate a inventory report of VMs that contain that value with a few customizations.

Before I get into the steps I have to give credit to Brock Peterson for showing me the ropes on this. Check out his personal blog BrockPeterson.com.

In this example I’m running vROps 8.10.2 on-prem. The first step will be to modify the existing Active policy. From the vROps homepage go to Configure >> Policies. From here you should see the name of the default policy that comes out the box when you install vROps. Also notice the ‘Status’ column and it’s labeled as ‘Active’

From here you have two options in how you want to get to the edit. For the first option you can edit the entire policy by clicking ‘Edit Policy’

or

If you know which part of the policy you want to modify, you can click on the individual setting from within the policy itself

We will select ‘Metrics and Properties’

Begin typing ‘Virtual Machine’ and select the first one that says ‘Virtual Machine’

The following Metrics and Properties relating to Virtual Machines will appear, you can drill down and find the desired setting or you can even use a filter option.

From Properties>>Configuration>>Security>> ‘EFI Secure Boot enabled’ by default is set to ‘Deactivated’, click on the drop-down menu and select ‘Activated’

Click ‘Save’ and exit out, you may want to wait 5-10 minutes for vSphere to perform a collection an scan of the objects.

The next step will be adding the newly activated property to a ‘View’ so that we can generate a report that contains that modified View.

Click on the ellipses to open a menu and select ‘Edit’

When the Edit View appears, you want to go to ‘2. Data’ section and in step 2 you can either perform a keyword search or drill down the options.

From there on Step 3 highlight the property and drag it into the existing View and place it in your desired location. I personally chose to have it come after ‘Hardware Version’

In the ‘Configuration’ section, the ‘Metric name’ is the default name, however you can choose to change it in the ‘Metric label’

Click ‘Update’

In the Preview Source you will see a sample of the report with your data already generated.

Now you can go to the ‘Reports’ section and find the ‘Inventory Report – Virtual Machines’ and run the report.

In the following example, this is a preview of the PDF version of the report. However you can export to CSV and help track those VMs and attend to any maintenance or troubleshooting.

Home Lab, Uncategorized

VMware vCenter 8 Upgrade Step-by-Step – Part 1 – vCenter Upgrade

First step will be to take a snapshot of the vCenter, if you are running Enhanced Linked Mode, ensure you power all vCenters off and take cold-snapshots from the Host UI.

Because the upgrade deploys a new vCenter appliance, we will be renaming our existing VM object from ‘vCenter’ to ‘vCenter_old’

Accessing good old fashioned ui-installer wizard, will be selecting ‘Upgrade’

This will be a various of steps, for Step 1. It will be ‘Deploy a vCenter’, this step is to begin the deployment of a new VCSA (vCenter Server Appliance)

After accepting EULA, the next step will be to ‘Connector to Source Appliance’ this would be the hostname of the VM (not the VM object name in vCenter)

I will then put in the landing vCenter I want to deploy the new appliance too.

For Step 5 you will select a Folder location for the VM, followed by Step 6 which is select a Compute Resource.

Step 7 will ask for the name of the new VM appliance and desired root password

For Step 8 you will select the deployment size of the new appliance. These in every environment will vary and always plan for anticipated future growth.

The next step will be to deploy a datastore, I will personally be deploying and will select a storage location, I will select storage and will enable ‘Thin Provisioning”

The next step to select the portgroup assigned to the desired network and a temporary IP address for the VCSA because at the end of the upgrade, all the network settings remain the same for the new appliance.

This is the final configuration for this part of the upgrade, it will be followed by confirmation and then waiting for installation to complete.

Once the installation is completed, you should receive the following confirmation, from here you can prompt, notice that you do have a temporary VAMI interface to the new vCenter in the event you have to do any troubleshooting. The installer should continue.

The beginning of the wizard should only prompt one option and that is the 2nd step. Click Continue.

These are the warnings that appeared in my environment, these should allow me to proceed

The next step is to select what information do you want copied over, I personally want to choose both, my environment is smaller. Click Next.

For the final steps, it will be the option to join CEIP followed by confirming you performed backup and then kicking off process.

During the process you will lose connectivity to your vCenter, you can always look for one of the hosts the vCenter is residing in and monitor from console.

And just like that…we upgraded to 8 successfully.

For future blogs I will try and dive into vSphere 8 features more in depth.

Uncategorized

Installation of SDDC Health Monitoring Solution 8.10

Whether you are running VMware Cloud Foundation (VCF) or standalone vRealize LifeCycle Manager instance managing your vRealize products, the following management pack for vRealize Operations will help give a health monitoring dashboard to your solutions. You can monitor capacity growth over time as well as certificate monitoring.

You can obtain the management pack couple of different ways. One way is through the VMware Marketplace, download the pack and upload to the vRSLCM via SCP.


https://marketplace.cloud.vmware.com/services/details/sddc-health-monitoring-solution-8-10-1?slug=true

Always check the Marketplace carefully for management pack versions, publisher and release notes.

The other method to access the Marketplace through the vRealize Lifecycle Manager

In the lab I downloaded the pack and uploaded it to the following location on the appliance

Once uploaded, jump into the vRSLCM appliance, you can see here in the Environment section it shows no information available for Health and the ‘i’ icon explains what we need to do.

From the vROps Environment, click ‘View Details’, once inside the vROps environment, click on the ellipses and you will a pre-built action to install the SDDC Management Pack.

Once prompted I placed /data/marketplace and click Discover, this found the file I downloaded and uploaded. Click Submit

The Request page updates to Successfully deployed

After about 15-20 minutes, you will find health is Green now.

What to do next? Check out the newly installed dashboards in vROps.

Uncategorized

My First YouTube Video!

I have a whole renowned respect for content creators, influencers, and video graphic artists. Content creation is no joke, even the tool vROps itself requires individuals in organizations to be created with designing dashboards.

I’ve always wanted to do this, it’s a means of getting better and giving back to the community. There is still much to improve on, I mean this is just a series of clips of me performing an upgrade task.

In this video, I run through upgrading vROps using VMware’s LifeCycle Manager appliance.

Uncategorized

VMware Skyline Collector 3.0 Deployment

There are a lots of tools in the shed when it comes to overseeing the health of your VMware software-defined datacenter. One of those tools, Skyline, is a free SaaS offering on console.cloud.com when you have an active ELA or a Success 360 customer (Premier Support).

From VMware http://www.customerconnect.vmware.com you can go out to Downloads and obtain the VMware Skyline Collector 3.0. This will download an OVA file to deploy in your virtual environment.

I will be fast-forwarding through most assuming the audience is familiar with deploying Virtual Machines.

Some recommendations I would give is prior to deploying in any environment, come up with a hostname for the VM, reserve an IP address, create a DNS entry.

Another recommendation is to review the Skyline Collector User Guide which contains how to configure the endpoint user accounts with a strict permission model (Read Only). https://docs.vmware.com/en/VMware-Skyline-Collector/3.0/user-guide.pdf

Choose to leave default name or create a custom vSphere object name (prefer making the name the same as your reserved hostname), everyone’s standard will be different. Click Next.

The next step, select cluster/compute resource the virtual machine will be deployed on.

Review the details of the appliance, the next screen will be EULA (End User License Agreement). Click Next

Select the storage for the appliance, click Next.

Select the desired network, click Next.

For the next step, create a custom ‘root’ account password, assign the networking, domain and DNS related entries to complete customizing the template. Once that is completed, click Finish

In the event you lose or forget the root password for the appliance or the ‘admin’ account, visit the following KB: https://kb.vmware.com/s/article/52652

Initially I got thrown the following error, all i did was refresh my session and run through the installation setup a little quicker, there were some delays while creating the post.

Once the VM is created, you will need to power it on. Once it’s full booted up and network services are on. You should be able to reach the appliance by its hostname.

The default password for the ‘admin’ account is ‘default’. Once you log in, you will be prompted to change the password immediately and then to log back in.

Once you log in with the newly changed password a setup wizard will begin the registration of the collector to Skyline Advisor and option to configure endpoints. There are some additional prerequisites that are recommended to perform prior to complete next steps, such as creating the suggested Read-Only accounts to be used for configuring the endpoints.

From the beginning 1. Test & Save the hostname configuration and configuring a proxy (optional), click ‘Continue’.

Next is the CEIP, click ‘Continue’,

As we are going through the wizard, step 3. Collector Registration, will require signing onto the console.cloud.vmware.com and from the Cloud Console home select ‘Skyline Advisor’

In our example, there is an existing Skyline under a cloud org and we will be adding an additional collector. Click ‘Add Collector’

You will now be presented with an option to Copy/Paste a generated token

Go back to the Collector configuration wizard, paste the token and click ‘Register Collector’

Create a ‘Friendly Name’ the collector will be identified as in Skyline Advisor, it’s recommended if you are deploying collectors are several sites to create names easily identified.

Enable Auto-Upgrade is off by default, I’m turning it on, this is a service that will not disrupt anything in the environment.

Starting with adding credentials, the following example is an Active Directory account that is configured with a Read Only role set in Global Permissions on the vCenter.

You may proceed with configuring additional products into Skyline. Fast forward through all the solutions, once completed, the Endpoints may come up red for a moment or show green immediatly.

If you go back to the VMware Cloud Console, the final step would be to click ‘Complete Setup’ This should then take you back to the Skyline Advisor and the number of collectors should increase by one.

I hope this document was helpful and there is plenty more of information and details pertaining to Skyline.