Monday, April 21, 2014

Heartbleed Security Patches Fully Released

With the recent Heartbleed security issue on software which utilized the OpenSSL version 1.0.1.  As of 20th April 2014, VMware has release all Security Advisory of all affected producted as listed here.  Products that are utilizing OpenSSL below 1.0.1 are not affected as listed.

VMware has put in great effort to release all these security patches since the discovery announced on 14th April 2014 and release of the first patch on the day after.

The advice is to at least apply all security advisory as recommended at soonest to avoid any security breach.

Monday, April 7, 2014

Creating Nested ESXi in vSphere


Many of us always need to or want to do some testing for some solution using vSphere or preparing or some exams e.g. VCAP.  However sometimes you just didn't have enough resources or physical hosts.  Just like me I am running a home lab and would need 1 or 2 extra ESX servers if possible.

I find documents around the internet and some are not really updated.  So here I have consolidated to help you better.

Do note the places are slightly different for vSphere Client and the vSphere Web Client.  I have provided the screenshots for easy reference.

  • First create a Virtual Machine (doesn't matter which OS you choose as you will not find any ESX server in the drop down list even if you choose Windows, Linux or Other).
  • After creation, in vSphere Client, go to Edit Settings of the virtual machine.  Under Options tab, General Options change your OS.  Here you will find ESXi listed.
    For Web Client, please see screenshot below:
 vSphere Client

vSphere Web Client
  • Next in vSphere Client, go to Advanced section>CPU/MMU Virtualization  and select Use Intel VT/AMD-V for instruction set virtualization and Intel EPT/AMD RVI for MMU virtualization.
    For vSphere Web Client, do note you would need to use at least virtual hardware version 9 to expose hardware asisted virutalization to the guest OS.  Refer to the screenshot below for the differences:
 vSphere Client
  vSphere Web Client (vHardware v8)
 vSphere Web Client (vHardware v9)

  • Now you can start to install your ESX server.  If you encounter "Fatal error : 6 (Buffer too small)" (which I did after placing the ISO in the datastore), try mounting the ISO from other location.  I found someone also met the same issues.
  • Make sure all the physical ESX servers Port Group which contains your "VM Network" (or another name you have for it" where you vESX is connecting to, change the Security Configuration for Promiscuous Mode from Reject to Accept.  Duncan has a detailed of the steps here for the vSphere Client.
For vSphere Web Client, refer to the screenshot below:
vSphere Client

vSphere Web Client

  • Finally add the host to your cluster in vCenter.  Side note, if you have EVC turned on, you might have a problem adding the host into the cluster.  You can turn EVC off without doing any migration.
  • Lastly if you want to better manage your ESX server using the VM power functions as well as moving the mouse in and out of console smoothly, you can install the VMware Tools for ESX server found here.

Hope the above is good and well for your understanding.



Thursday, April 3, 2014

vCenter Operations Manager Packs

I often been asked and also have to refer internally what does vCenter Operations Manager (vC Ops) support in terms of plugin or adapters to what 3rd parties functions or software (in this case they are call packs).

During a search recently, I realize VMware Solution Exchange contains all these plugins or adapters and I thought I should just share this.  For vC Ops, you can go directly here.  You will be entitled to these adapters (any licensing requirements please check with specific vendors) depending on the vC Ops editions you own.  For only Advanced and Enterprise would have some free adapters for use and is classified in the page.  For Advanced, other than Hyperic and AWS, most of the adapters are related to Storage performance metrics.

For Enterprise Edition, you will see more 3rd parties monitoring tools like SCOM, IBM Tivoli, TeamQuest, etc are available.  Also Enterprise Edition will be able to use Advanced adapters too.

A simple screenshot of the listed adapters below.  Head down to the page and discover what others adapters are available.


Go asked can MS SCOM monitor vSphere the other way around?  Why not check out Microsoft Store and see what is the focus area and you tell me if it can do that.  Guess you would have to use Google and find all the plugin provided by all other parties and manage that yourself.

Wednesday, April 2, 2014

vExpert 2014 Results Announced!

With April's Fool day in US, came the announcement of the results.  Of course this is not an April's Fool joke definitely.  Definitely the program team has put in much effort to release this results in just less than 2 months.

This year we have a great number of vExperts, a total of 754.  That is a great increased from last year 581.  This is indeed great news as we are seeing the communities has grown tremendously.

Of course if you missed out the application or just started in contributing in whichever ways in the VMware communities, you can still apply for vExpert 2014 every quarterly with the new initiative of vExpert 2014 program as I have previously mentioned here.  The application form is open all year round and results will be announced every quarterly.

Once again congrats to all existing and new vExpert to the group.  Hope to see more of you been awarded.


Update 21st Aug 2014
Once again there are many companies sponsoring and providing benefits for vExperts 2014.  I will do my best to update any new ones do check back.  Here I will list them as below:

vExpert Shirt from Tintri apply by 30th June 2014
http://www.tintri.com/congratulations-2014-vexperts-you-are-rock-stars

PuralSight
http://blog.pluralsight.com/2014-vexperts-mvps-free-training

HP StoreVirtual VSA NFR License (Only accessible by vExpert in vExpert Community)
https://communities.vmware.com/docs/DOC-26336

Many Software NFR consolidated by one
http://wojcieh.net/vmware-vexpert-2014-benefits/

Simplivity Coffee Press
http://simplivity.hs-sites.com/vexperts-register-for-your-free-coffee-press

Tegile Systems (access only available to vExpert 2014)
https://communities.vmware.com/community/vmtn/resources/vexpertforum/blog/2014/07/16/vexpert-gift-and-party-hosted-by-tegile-systems-at-vmworld-sf

What's New in Horizon Mirage 4.4

In my previous posts on Horizon Mirage,
Installation on Mirage 3.6
What's New in Horizon Mirage 4.2
What's New in Horizon Mirage 4.3

You would have find some of the things like e.g. leaving blank for SQL server entry if you are using the default instance name.

Also Best Practice to upgrade Horizon Mirage can be found in a KB here.

In Horizon Mirage 4.4, you will enter the SQL server name without the SQL instance name if you have use the default instance name e.g. MSSQLSERVER (in this case it's call unnamed instance not sure why).  This is required as shown during installation of Horizon Mirage Management Server and Horizon Mirage Server as shown below:


 
In Horizon Mirage there are a few changes.   The main new added is the Edge server.  Now instead of placing your Mirage Server in the DMZ and be compromise with security attacks or require a need of using VPN, now you have a Edge server to handle that piece just like what in Horizon View Security server does in DMZ having a secure gateway.

So if that portion of Edge server, it mean you would need SSL connection.  So for all IIS related via web access in the past prior to Horizon Mirage 4.4, we were using HTTP, however from Horizon Mirage 4.4 onwards, HTTPS is used.  This was also mentioned in the Release Notes.

During my upgrade completion, I was not able to load any of the web access namely:
  • Web Access
    https://Explorer (URL can be changed in the Horizon Mirage Server)
  • Admin Web Access
    https://AdminExplorer (this is something new where administrator can search for any specific user/desktop)
  • Web Manager(Dashboard used by Web Help Desk & Web Protection Manager role)
    https://HorizonMirage/Dashboard
So if you refer to Horizon Mirage 4.4 Installation guide, page 24, Configure IIS for SSL Support (in my case I am using self sign), you will have the web access pages loaded successfully.

Horizon Mirage 4.4 also include the Backup and restore of Windows 8 and 8.1 in a Disaster Recovery scenario.

Lastly, the option to only manage the migration of endpoints to Windows 7 without having to centralize the endpoint first before a migration saving time and storage space is useful especially for provisioning of new endpoint devices.

That's all for Horizon Mirage 4.4.  I cannot wait for the full administration web interface without need of MMC as well a centralize dashboard management when use with Horizon View, without having a separate administration console.

Windows 2016 Core Licensing FAQ

A very busy month for me and also traveling to take a break from work. Finally to sit down and compose which got confused by many of my co-w...