Visitors

Top 10 reasons to upgrade to vSphere 6.5

Top 10 reasons to upgrade to vSphere 6.5

Top 10 reasons to upgrade to vSphere 6.5

Savvy IT leaders are moving their organizations—and their careers—forward by making the move to VMware vSphere® 6.5.


VMware Social Media Advocacy

Technical Insights about Horizon Cloud on…

Technical Insights about Horizon Cloud on Microsoft Azure

Technical Insights about Horizon Cloud on…

After much anticipation, VMware Horizon Cloud on Microsoft Azure is finally released. Horizon Cloud now offers three different options providing capacity for desktops and hosted applications. With Horizon Cloud on Microsoft Azure, you gain all of the benefits of a cloud-managed service, including the ability to manage RD Session Hosted desktops and applications on Microsoft […] The post Technical Insights about Horizon Cloud on Microsoft Azure appeared first on VMware End-User Computing Blog .


VMware Social Media Advocacy

VMware Cloud on AWS: Live End to End Demo

VMware Cloud on AWS: Live End to End Demo

VMware Cloud on AWS: Live End to End Demo

Provision SDDC: 9:04 Login to vCenter: 14:17 Deploy a VM: 19:00 Hybrid Linked Mode: 20:30 vRealize Suite: 25:10 Add host and Rest API: 27:20


VMware Social Media Advocacy

HOW TO: Reset the Isilon Administration GUI

If you try to login to Ision Administration web GUI interface and get the following message:

Isilon Administration
503: Service Not Available
The most common reason for this is that the node has become overloaded and is prioritising the file system over other processes. Consider using a different node.

To resolve this issue please run the following on the node where you have the problem.

webui_webware_ctl restart

This resets the admin gui on a node.

isilon01-1# webui_webware_ctl restart
/usr/local/sbin/webui_webware_ctl restart: webware (54373) stopped
According to the pid file, the server is still running.
Trying to terminate the server with pid 77496...
Server with pid 77496 has been terminated.
Starting WebKit.ThreadedAppServer...
Output has been redirected to '/var/log/webui_webware.log'...
/usr/local/sbin/webui_webware_ctl restart: webware (77498) restarted

Hope this will help.

The Beginner’s Guide to managing the NSX…

The Beginner’s Guide to managing the NSX Distributed Firewall with Security Policies

The Beginner’s Guide to managing the NSX…

In an earlier article, I covered what the basics of the NSX Distributed Firewall allow you to accomplish. Now let’s take a deeper look at those concepts and figure out the best way to apply th…Read More


VMware Social Media Advocacy

Goodbye, vSphere Web Client!

Goodbye, vSphere Web Client!

Goodbye, vSphere Web Client!

VMware plans to deprecate the Flash-based vSphere Web Client with the next numbered release (not update release) of vSphere. The next version of vSphere will be the terminal release for which vSphere Web Client will be available. The vSphere GUIs, including the vSphere Web Client and HTML5-based vSphere Client, are tools that are used every day The post Goodbye, vSphere Web Client! appeared first on VMware vSphere Blog .


VMware Social Media Advocacy

Isilon InsightIQ and OpenDJ LDAP integration

LDAP integration has been configured on Isilon InsightIQ v. 4.1.1.3 and LDAP groups assigned to the appropriate InsightIQ Roles (admin or read-only). N.B. Nested LDAP group are NOT supported, nested LDAP groups do NOT inherit permissions.

When we tried to login, we received the following error message:

You are not a member of a privileged LDAP group in InsightIQ. Please contact your administrator to receive login access.

We were absolutely confident there was nothing wrong with the LDAP server or group membership. We have had some other issues with OpenDJ LDAP implementation in the past therefore we knew we need to dig dipper.

There are so many LDAP implementations and some Directory Service attributes are different to the standard. In this particular case we had to work with OpenDJ 2.6.3 where, for example, the ‘Member Of‘ Attribute is called ‘isMemberOf‘ insted of standard ‘memberOf‘.

Isilon InsightIQ interface does not allow you to change the Advanced LDAP Settings like Isilon OneFS does therefore it is not possible to amend the ‘Member Of ‘ attribute through InsightIQ GUI and you need to edit the configuration files:

  1. Login to the console or SSH to the InsightIQ appliance as administrator;
  2. Navigate to /usr/share/isilon/lib/python2.7/site-packages/insightiq/controllers/;
  3. Edit security.py as the following:
    1. FROM:
      # Group roles list is sorted by role with admin groups first
      for group in self.ldap_service.fetch_group_roles():
          # Search for membership of specified user in privileged group
          # This should cover all RFC 2307 compliant AD servers
          search_str = self.ldap_service.filter_format(
                '(&(objectClass=%s)(memberOf=%s)(uid=%s))',
                [user_object_class, group['dn'], username])
          conn.search(search_dn, search_str)
    2. TO:
      # Group roles list is sorted by role with admin groups first
      for group in self.ldap_service.fetch_group_roles():
          # Search for membership of specified user in privileged group
          # This should cover all RFC 2307 compliant AD servers
          search_str = self.ldap_service.filter_format(
                '(&(objectClass=%s)(isMemberOf=%s)(uid=%s))',
                [user_object_class, group['dn'], username])
          conn.search(search_dn, search_str)
  4. Save the file;
  5. Restart InsightIQ.

Hope this will help.

 

 

vExpert 2017 Award Announcement

vExpert 2017 Award Announcement And for a third year in a row, I’m a vExpert!

vExpert 2017 Award Announcement

First we would like to say thank you to everyone who applied for the 2017 vExpert program. I’m pleased to announce the list 2017 vExperts. Each of these vExperts have demonstrated significant contributions to the community and a willingness to share their expertise with others. Contributing is not always blogging or Twitter as there are many public speakers, book authors, CloudCred task writing, script writers, VMUG leaders, VMTN community moderators and internal champions among this group.


VMware Social Media Advocacy

HOW TO: Configure syslog server for VMware NSX for vSphere Controllers using REST API

After installing Management Pack for NSX for VMware vRealize Operations Manager, I got a warning that “There is no syslog server configured on the NSX Controller

There is no syslog server configured on the NSX Controller

The only “supported” method of configuring syslog server for VMware NSX for vSphere 6.x Controllers is using the REST API.

Before you begin configuring the Syslog service using the REST API, there are a couple of things you need to have in place:

  1. REST API Client. For example, RESTClient Add-On for Mozilla Firefox browser.
  2. Authentication header.

The request body to configure this is fairly straight forward, as there are only a few elements that can be configured.

<controllerSyslogServer>
<syslogServer>10.160.20.1</syslogServer>
<port>514</port>
<protocol>TCP</protocol>
<level>INFO</level>
</controllerSyslogServer>

Before we begin configuring the Syslog service using the REST API, let us take a brief look at what REST client(s) are available to enable us to quickly perform this configuration programatically.

Once you are done with enabling either of these plug-ins, you need to know couple of other pieces of information before you send the REST request body to the NSX for vSphere Manager to setup the Syslog for NSX for vSphere Controller.

First of all REST API Requests require Authentication header (REST Client will Base 64 Encode the Credentials for NSX for vSphere Manager. Also PUT or POST (If sending HTTP Body) will require you to set an additional Header. There are as below:

  • Name = Content-Type
  • Value = application/xml

Confirm Authorization & Content-Type headers are properly setup.

  • If you want to retrieve details about the configured syslog exporter on the specified controller node, you need to send this HTTP request.
    Method: GET
    Request: https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog

    No Syslog configured:
    VMware NSX Configuring Syslog for NSX for vSphere Controller - GET

  • To configure syslog server(s) paste the request in the Request Body and change the method to POST:
    Method: POST
    Request: https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog
    VMware NSX Configuring Syslog for NSX for vSphere Controller - PUT
  • If you want to delete the syslog exporter on the specified controller node then use this HTTP request.
    Method: DELETE
    Request: https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog

Please refer to VMware KB Article “Configuring syslog server for VMware NSX for vSphere 6.x controllers (2092228)” for more details.

VMware vCenter Single Sign-On (SSO) upgrade runs out of disk space and fails

VMware: vCenter 5.5 Update 2d in Linked Mode
OS: Windows Server 2012 R2
vCenter SSO: Multisite deployment
VMware vCenter 5.5 Update 2e: Release Notes & Installation and Upgrade Issues

I tried to upgrade VMware vCenter 5.5 from Update 2d to Update 2e. The Linked Mode was unconfigured prior to upgrade.

All services were running OK and the server had 20GB of disk space available on the C: drive. After launching the vCenter SSO installer it detected a previous version and prompted to upgrade. The upgrade took a long time and eventually prompted that the server ran out of disk space on the C: drive. On close inspection there were quite a few hs_err_PID*(.log) (where PID – Process ID) Java crash dump files generated in the following folders:

  • C:Program FilesVMwareInfrastructurevSphereWebClientserver
  • C:Program FilesCommon FilesVMwareVMware vCenter Server - tc Serverbinwinx86_64

When the Java error dump files were deleted, I clicked on Retry and SSO upgrade completed successfully. Although no new Java error dump files were generated, the VMware Identity Management Service failed to start. Obviously, the vCenter Server was broken and it was not possible to upgrade other vCenter Services/Modules.

Suspecting something is not right with the VMware JRE, I rolled back the snapshot, restarted the server and tried to upgrade VMware JRE (Java Running Environment) by running VMware-jre.exe from {vCenterInstallationMedia}:vJRE folder (same as from {vCenterInstallationMedia}:Single Sign-Onprerequisites) . The upgrade completed successfully but when I attempted to upgrade SSO, I had exactly the same issues as described. Back to the snapshot… :(

Here is what you need to do to resolve this issue:

  1. Stop all VMware services that rely on VMware JRE:
    • VMware vSphere Profile-Driven Storage Service
    • VMware VirtualCenter Management Webservices
    • VMware vSphere Web Client
    • VMware vCenter Inventory Service
    • VMware Secure Token Service
    • VMware Log Browser
    • VMware Identity Management Service
  2. Uninstall VMware vCenter Server – Java Components
    • There are no files left in C:Program FilesCommon FilesVMwareVMware vCenter Server - Java Componentsbin folder
    • There are no running processes using java: tasklist | findstr java
  3. Map the vCenter media of the currently installed version of the vCenter. In my environment, vCenter 5.5 Update 2d
  4. Install VMware vCenter Server – Java Components from {vCenterInstallationMedia}:vJRE folder.
    All services that were stopped in Step 1 will start automatically.
    Restart the server to make sure all vCenter services start successfully…
  5. Map the target version vCenter media
  6. Upgrade vCenter Server

A couple of post-upgrade tips:

  1. Logging in to the Web Client took a VERY long time after the upgrade… As I have quite a few Web Client Plug-ins and some of them have multiple versions, I stopped VMware vSphere Web Client, copied all Plug-in folders from ‘C:ProgramDataVMwarevSphere Web Clientvc-packagesvsphere-client-serenity’ to a new Backup folder and then started VMware vSphere Web Client. Only the latest versions of The Web Client Plug-ins were copied back into the folder. That seems to help with logging in to the Web Client;
  2. vCenter Upgrade Manager upgrade failed but completed successfully when I enabled Internet access on the VUM server;
  3. If you need to check VMware Java version installed, run the following command:
    C:Program FilesCommon FilesVMwareVMware vCenter Server - Java Componentsbin
    >java.exe -version
    java version "1.7.0_55"
    Java(TM) SE Runtime Environment (build 1.7.0_55-b32)
    Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)

Hope this will help.