vCSA how to disable IPv6?

18/04/2017

For me it was already a common practice to disable IPv6 on ESXi hosts, but until recently I did not realize that vCenter Server can also benefit from it. For vCenter Server on Windows, you reconfigure the Windows network configuration. But how do you disable IPv6 on the vCSA?

I recently found that a vCSA 6.0 has at least three options to reconfigure the network settings. But only one option enables you to disable IPv6.

Using a web browser you can log in to the vCSA Web console by entering URL: https: //<vCSA hostname or IP address>:5480

From there go to Networking, under Networking Interfaces, choose Edit to open the “Edit IP Configuration” window. Here you can configure IPv4 and IPv6 and disable IPv4, but no option to disable IPv6.

Fig.1

Read the rest of this entry »


vCSA default shell is BASH

14/04/2017

A quick post about a little caveat while working in the vCenter Server Appliance (vCSA) shells. Yes correctly, shells in plural. The vCSA is bundled with at least two different shells:

  • Appliance Shell (default)
  • BASH shell

The “Appliance shell” is the default shell. After you log in to the vCSA, it will present the following well known screen.
Fig 1.

The appliance shell can be used for updating the vCSA, using the software-packages command and has some other use cases. From here you can enable the BASH shell as shown in the Fig 1. for the duration of your session with the following commands:

# shell.set --en -s /bin/bash root
# chsh -s /bin/bash root

You can also set the BASH shell as the default shell by performing the following command. Make sure, you first enable the BASH shell as shown above:

# chsh -s /bin/bash root

For the change to take effect, log out and log in again. Now you will directly enter the BASH shell.

But while working in the BASH shell, you need to temporarily switch to the Appliance shell?
In that case, provide the following command:

# appliancesh

That’s it. A shell is nothing more or less than an executable; the “Appliance shell” is no exception and can be found as /bin/appliancesh.

For more information, see: VMware KB “Toggling the vCenter Server Appliance 6.x default shell (2100508)


Best way to create vCSA support bundles

09/04/2017

In general, during contact with a Customer Support team, whether being a Hardware vendor (Servers, Storage) or a Software vendor, the likelihood that you will be asked to upload some log files for further investigation is significantly.

In case of VMware vSphere, you will have multiple options for collecting a support bundle; to name a few:

  • Windows vSphere Client
  • vSphere Web Client
  • PowerShell scripts

See also VMware KB “Collecting diagnostic information for VMware vCenter Server 4.x, 5.x and 6.x (1011641)” for a complete overview.

Using some of these methods is very convenient; however there is a little caveat, when the vCenter Server is a vCenter Server Appliance (vCSA) 6.x.

Under certain conditions, a vCSA might contain core dump files. When requested to create a support bundle these core dump files will be added to the support bundle, together with the log files. The issue that may arise is that the location where the support bundle will be created (partition /storage/log) has a fixed size and possibly is too small.

Is that is the case, the creation of the support bundle will halt with error “Cannot create a diagnostic bundle” and the desired support bundle will not be created.

VMware recommendation is to create and download a support bundle using the web browser. To do so enter the following URL:
https ://<VCSA Hostname or IP address>/appliance/support-bundle

Fig 1

After providing the credentials, the support-bundle (filename is: vm-support.tgz) will start downloading. The progress of the process will be shown in the browser.

Using this method, the files will be directly downloaded to your local computer, instead of being prepared on the vCSA.

As always, I thank you for reading.


Check_MK and vSphere – vCenter Server

22/08/2016

This post is the third part in a series about Check_MK and vSphere. In the second part, I showed you the options for monitoring an ESXi host without using vCenter Server. In this post we will explore the options for monitoring a vCenter Server on Windows and also the vCenter Server Appliance (VCSA).

vCenter Server Windows

For this POC we have a vCenter Server 6.0 U2 (build 3634793) on a Windows Server 2012 R2. As this is a normal Windows server, I installed the Check_MK agent for Windows and added the host to Check_MK. For the property Agent type, select “Check_MK Agent (Server)”.

2016-08-21_01Figure 1

By default the Check_MK Windows Agents presents – without further tweaking – a lot of information; CPU and Memory utilization, Disk I/O, status of the filesystems, status of the Network interfaces and many more.

Now it’s time to reveal the vSphere options. We follow the same procedure as we did for the ESXi host. In the WATO configuration go to Host & Service Parameters \ Datasource Programs and select Check state of VMware ESX via vSphere. Now create a second rule for the vCenter Server, start with providing a descriptive name.

Read the rest of this entry »


Implementing CA signed SSL certificates with vSphere 5.x – Part 3 – vCenter Server Appliance

11/03/2015

In the previous post, we highlighted the default template needed, in case of an Organizational CA, and ended with the creation of the certificates needed for the vCenter Server components.

According to our compass KB “Implementing CA signed SSL certificates with vSphere 5.x (2034833)”, the next step is to replace the vCenter Single Sign-On certificate and it points us to KB “Configuring CA signed SSL certificates for vCenter Single Sign-On in vSphere 5.5 (2058519)”.

Unfortunately, we are in trouble now, as KB 2034833 refers to the Windows vCenter Server components, with no reference to the vCenter Server Appliance. We will return to this KB later, for the vSphere Update Manager.

Luckily, KB “Configuring Certificate Authority (CA) signed certificates for vCenter Server Appliance 5.5 (2057223)” is available for the vCenter Server Appliance. In fact this KB contains all steps for setting up OpenSSL, generating certificate requests, getting and implementing certificates.

The Script

In fact, we have reached the section “Installation and configuration of the certificates for all the components”. This 40 step long section contains a lot of commands. To overcome the differences and make the installation process easier, I have created a script which can be found in this post. Copy and paste the content in a notepad and save as vcsa_certs.sh.

Read the rest of this entry »


vCenter Server Appliance Greenfield deployment

18/01/2014

Recently, I needed to deploy the vCenter Server Appliance (VCSA from now on) in an environment under the following conditions:

  • ESXi host have been installed and configured.
  • ESXi hosts reside in a different VLAN then the VCSA.
  • DNS servers are not available at the time of the installation.
  • Not much time.

The first step is to deploy the VCSA. So connect the vSphere Client to an ESXi host and start the deployment. The wizard walks you through some of the details, like name, location, storage location and network mapping. If you have ever deployed the VCSA on a vCenter Server, you will notice that this crucial window is missing. So we are not able to provide information like the IP address.

20140118-01Figure 1

Read the rest of this entry »