Addressing errors when using vRA 7.4 Guest Agent

Having upgraded my vRA instance in my HomeLab to 7.4 not long after it GA’d, I recently decided to create some nice, new templates as well. You know, latest patches, hardware, basic config etc.

I won’t bore you with exactly how I installed Windows, patched it or configured it. The relevant part of the process to this article was the installation of the vRA Guest Agent and subsequent testing of it.

I already had my vRA blueprint configured; just a simple Windows Server 2012 R2 template that has the vRealize LogInsight agent installed and configured on it automatically as part of the provision process:

Installing the vRA Guest Agent

This is a documented process to install the software agent on a Virtual Machine that is then subsequently turned in to a template. For vRA 7.4, the documentation can be found on VMware’s site:

Install the Guest Agent on a Windows Reference Machine

Prepare a Windows Reference Machine to Support Software

This worked without issue. I shutdown the machine, turned it in to a template and update my blueprint.

Testing the new template

This is where I ran in to an issue. Continue Reading

Unitrends announces VM Backup Essentials (vBE)

If you’re working for an Enterprise with your workloads based purely on VMware vSphere, then there’s a new launch from Unitrends that you may be interested in looking at for your virtual backup / business continuity solution that I have learned about.

vBE (short for VM Backup Essentials), converges enterprise-grade backup software, ransomware detection, and cloud continuity into a powerful, easy-to-use, all-in-one platform boasting the following features:

  • Total Protection – No limits on the number of virtual machines that can be protected on a host
  • No License Tiering – No tiering of licenses based on the number of cores in the CPU socket.
  • Only License what you need! – Only occupied sockets require a license, but ALL occupied sockets of the host must be licensed to protect its virtual machines.
  • Infinite retention!– Retention is directly proportional to the amount of storage that can be provided by the customer for backup. The license has no limits on retention.
  • Replication to the Cloud – Site-to-site replication is not supported at this time. vBE does support replication to the cloud – both hyperscale clouds such as AWS, Google and Rackspace as well as clouds pur­pose-built for DRaaS services.
  • Advanced Ransomware Protection– New ransomware variants are emerging every day and your ransomware protection needs to evolve to keep up.

Unitrends are billing vBE as an “all-in-one solution” that provides a disruptive approach to backup. It offers complete vertical integration (including the cloud), fast time to value and an all-in-one solution provided by a single vendor with industry-leading customer service. vBE includes all the software and features you would find in an enterprise-level data protection and recovery solution. vBE includes operating system, security, backup software, WAN acceleration, replication, cloud integration, and archiving. Continue Reading

Automated NIC names in Linux on VMware vSphere

A colleague of mine was working with a customer recently on some changes to their automated VM provisioning process (they’re not vRA customers… yet). He got stuck trying to get around a particular challenge with the automatic naming of network interfaces in certain Linux distributions.

The customer in question is using vRealize Orchestrator (vRO) to create (not clone) their Virtual Machines from a JSON structure that is supplied by an external system. In that structure there are definitions for the hardware, OS network identity (name, IP etc) and OS installation sources (ISO file for installation and floppy image for a ks.cfg (KickStart) file).

Once the JSON object is provided to the vRO workflow, the VM is created, booted and automatically starts to install and configure itself.

Customer’s Simple VM

Simple VMs have a number of disks defined (for root, opt, var, swap etc partitions) that are attached to a single ParaVirtual SCSI adapter. The VM is also equipped with a single VMXNET3 network adapter.

In this configuration, there is no problem. The installation of the OS runs through to completion and the VM is handed off to Puppet and eventually goes in to service.

Customer’s Complex VM

For the provision of Linux-based Oracle servers however, the customer wanted to be able to specify not only extra disks and partitions, but extra SCSI controllers too. Continue Reading

VCAP6 exams retiring in September 2018

If you’re looking at taking one of the VMware Advanced Professional exams listed below, you might want to get your skates on as they’re being retired at the end of September:

  • VCAP6 – Data Centre Virtualization Design (VCAP6-DCV Design)
  • VCAP6 – Cloud Management and Automation Design (VCAP6-CMA Design)
  • VCAP6 – Desktop and Mobility Design (VCAP6-DTM Design)

Slots for these exams will start to run out in the next few weeks, so book up now if you want to take them.

All available exams and certifications are detailed on VMware’s certification page. If you want to check the list of retired or retiring exams, the document detailing those can be found here.

0

Documenting vCenter Privileges with PowerCLI

A customer that I’m working with at present asked this week if the minimum privileges required for vRA to access a vSphere Endpoint could be documented. As someone who isn’t a fan of unnecessary wheel re-invention, my initial response was to direct them to the relevant VMware documentation (vRA 7.3 vSphere Agent Requirements).

Then they explained why that wouldn’t quite cover their requirement. I won’t explain exactly why, but they wanted a matrix that showed exactly what privileges each of the vRealize products (and associated management packs) needed in vCenter to provide to their security team. Somewhere in the dark and dusty reaches of my mind, a lightbulb flicked on…

lightbulb

Wait, I’ve done this before!

Like a number of other bloggers in my industry, I started this as a place to record some of things that I was doing in the hope that they might be useful to someone else, or even useful for myself in the future. Continue Reading

0

vRetreat London 2018 and Zerto Virtual Replication 6.0

I was lucky enough last year to be invited to the inaugural UK vRetreat, organised by fellow vExpert Patrick Redknap. If you’ve not encountered a vRetreat before, or are wondering what it is, it’s an event with a small delegation of bloggers invited to pick apart some presentations by the event’s sponsors.

Following on from Silverstone in 2017 I had assumed that I’d had my shot and that other bloggers would get their chance at the next event. Fast-foward to February 2018 and I again found myself sitting down with a number of quality vCommunity members to exchange stories and, most importantly for vRetreat, listen to some detailed presentations by a select delegation of IT vendors.

The Crypt - yes, it's in a church!

One key difference between the two events (I think that Barry Coombs and myself are the only two attendees of both events) was the venue and the “extra-curricular activity”. Instead of the Porsche driving experience from last year, we would all be entering the Crystal Maze. (Great fun, especially if you remember the TV game show, although the team I was on had two people carrying injuries and, to be honest, we sucked!)

The venue for the daytime, technical part of the day was familiar to me too from the numerous times that I’ve been to CloudCamp in London. Ominously named “The Crypt”, it is in fact a Church near Farringdon.

Back to the purpose of the vRetreat. Although I mentioned presentations before, the idea is that it starts out that way but, with a smaller audience, it gets a bit more interactive as the attendees ask lots of detailed questions that you might not get in a larger setting. On this particular occasion, we had the pleasure of hearing from Zerto and Cohesity. With the room divided between the two, I have the pleasure of covering Zerto. Continue Reading

0

Extensibility course in vRA / vRO (Feb 2018)

A new vRA / vRO Extensibility course is scheduled to be held in the UK in February 2018. It will provide detailed information on how to leverage the power of vRealize Automation and vRealize Orchestrator.

I should point out that it’s a beta course, so it may not be 100% polished and pristine. However, the course is focussed on version 7.3 of both products (the latest at the time of writing) so it will be bang up-to-date and help you learn the “art of the possible”.

Extensibility course outline and details

The course runs for a full week from Monday 19th February at VMware’s UK office in Staines. If you’re new to vRA and vRO, or you want to take your automation beyond simple virtual machine deployment then this course will likely benefit you. If you don’t manage to get on it, I’m sure there will be further opportunities throughout the year.

Extensibility Topics Covered

The topics covered by the course include:

  • The basics of vRO workflows
  • Design considerations for vRO workflows
  • Development of vRO workflows
  • Extending vRA using the Event Broker
  • Using vRO workflows with vRA’s Event Broker
  • Using vRO workflows to provide XaaS catalog items and resource actions
  • Working with REST APIs using vRO

You can register for the course via VMware’s myLearn website.

2

Root password expired on vCenter VCSA 6.5

I thought I’d update my homelab’s primary vCenter to the latest and greatest (6.5 update 1d), when I encountered an issue with the root password. The update showed up ok in the appliance’s VAMI interface and I selected to install it but an error quickly showed up:

VCSA 6.5 is not ready to be updated

Not ready, huh? When I clicked on the “Show Details” button, I saw a message informing me that the root password had expired or expiring soon:


VCSA 6.5 update is blocked by expired root password

Well ok, I’ll go and reset it and turn off the expiry I thought. (That process is covered in the vCenter documentation.) But noooo, permission denied! The password couldn’t be set and the expiry settings could not be changed. Continue Reading

0

New Year, New CTOA – Congratulations

CTOA logoVMware’s Office of the CTO (OCTO) runs an annual programme internally to appoint a limited number of outstanding individuals as CTO Ambassadors (CTOA). Broadly, the role of an ambassador is to help ensure a tight collaboration between VMware’s R&D and VMware’s customers.

CTO Ambassadors come from customer facing roles within VMware (such as SEs, PSO, TAMs and GSS). A good number of them are involved with, or are usually present at VMware’s customer focussed events (such as vForum, VMUGs and VMworld). With the new year comes a number of newly minted CTOAs. Whilst I can’t count myself amongst them, I’d just like to say a big, public “congratulations” to everyone that has been selected as a 2018 ambassador.

0

Automating vSphere VM disk zeroing with vRA7 and vRO

A long time ago, on a project far back in time, the team that I was part of was given a requirement to zero the disks of VMs before they were deleted by vRA / vRO (or vCAC and vCO as they were called back then). One of my colleagues on the project, Jonathan Medd, devised an approach for doing this using an “experimental” PowerCLI feature and wrote it up on his blog.

Fast forward nearly two and a half years and I’m looking at an upgrade for this platform and wondering if there’s a way to accomplish the same task in vRO rather than by breaking out to PowerCLI. Don’t get me wrong, I love PowerCLI. But fewer parts would mean that there’s less to go wrong. How to do it then…

Disk zeroing in PowerCLI

This is still listed as an experimental feature in the PowerCLI documentation for vSphere 6.5. The Set-HardDisk cmdlet has the -ZeroOut option and it would still be used exactly as Jonathan describes it in his article.

PowerCLI documentation for Set-HardDisk

PowerCLI documentation for Set-HardDisk

Disk zeroing in vRO

I’m not sure when it was added (i.e. which version), but back in 2014 we couldn’t find equivalent functionality in vRO. I did a quick search of the vCenter plugin methods in my v7.2 appliance and couldn’t see it there either. It turns out though that I was having a bad typing day. Burke Azbill pointed me to the right place (thank you):

vRO API help for zeroFillVirtualDisk_Task

vRO API help for zeroFillVirtualDisk_Task

So, “zeroFillVirtualDisk_Task” is a method called from VcVirtualDiskManager. All we need to give it is a datastore path and a VcDataCenter object and it’ll do the rest.

Getting a datastore path is relatively straight forward. Using vSphere’s Managed Object Browser (MOB), I can pick a VM object and navigate down to the config (1) and the hardware (2), get the disk devices (3) and look at their backing (4). The fileName attribute gives me the datastore path that I need.

Example VM configuration information in the vSphere MOB

Example VM configuration information in the vSphere MOB

Obtaining a VcDataCenter object, if I have the VM object already is a doddle too. There’s a vCenter plugin action that will do it for me based on the information that I have available to me in the MOB above. Taking the datastore attribute, which is a reference to a datastore object, I can pass it to the action below and get the VcDataCenter back.

Library vRO action getDatacenterForDatastore

Library vRO action getDatacenterForDatastore

Putting it together

Starting with a vCenter VM (vm in the script below) object in vRO then, zeroing all of the VM’s disks can be achieved as follows:

Deconstructing the code:

Line 1 – Gets the vCenter plugin connection for the vCenter that owns the VM called vm.
Line 2 – Gets the VCVirtualDiskManager object that the zeroFillVirtualDisk_Task method is a member of.
Lines 3 to 5 – Getting the config, hardware and devices for the VM. This could be done as one line.
Line 9 – Starts a loop to run the following code for each device.
Line 10 – Checks to see if the current device is a Virtual Disk.
Line 11 – Gets the Virtual Disk filename.
Line 12 – Gets the VcDataCenter object using the Virtual Disk datastore as an input.
Line 14 – Instructs vCenter to zero the Virtual Disk.

Considerations for vRA

There are a few considerations aside from some minor tweaks to make the code more efficient or robust before we look at adding this as a workflow subscription in vRA.

  • Firstly, on some storage devices (my home lab included), zeroing the disks causes a thin provisioned disk to expand to its full size. If the disks are large, you can expect the task to take some time and / or consume a lot of storage space.
  • Secondly, if there are snapshots running on the VM, they must be removed first.
  • Thirdly, the VM must be powered off before this will run. If the workflow subscription takes place at the right time, this shouldn’t be a problem however.
  • Finally, as I’ve already mentioned, this process could take some time to complete. The zeroFillVirtualDisk_Task method returns a vCenter task reference. Ideally that should be monitored for completion rather than just firing and forgetting. If the VM has multiple disks, that’s multiple tasks.

Adding it to the vRA Event Broker

Taking the original script above and factoring in the considerations too, it’s possible to create a fairly simple workflow that can be added as an Event Broker subscription in vRA. I’ll post it up here soon.