vCSA and trusted AD sources

01/04/2018

Just a quick write up for my own convenience. Large organizations tend to have a lot of everything, from buildings and employees to Domain Controllers.
In times were Domain Controllers undergo maintenance, like an upgrade or relocation, dependent services may be impacted.
The way identity sources are configured differs per product, fortunately less often hard-coded by specifying a single domain controller, usually more flexible by specifying the AD domain.

For a vCenter Server Appliance (vCSA), additional identity sources can be configured, one commonly used is the Active Directory (Integrated Windows Authentication).

20180401-01.jpg

BTW, As a prerequisite, the vCSA should be joined to the Windows domain.

Read the rest of this entry »


vCSA, root partition is (almost) full

18/02/2018

hwA short post on a topic that I recently experienced on vCenter Server Appliance, version 6.0.
After receiving an alert that the root “/” partition was quickly filling up, it is time to act quickly. When the root partition reaches 100% of it’s capacity, service disruption can occur.
First step is to check the capacity of the vCSA partitions. Log in to the vCSA through SSH, if you are running the appliance shell, enable and access the Bash shell:

Command> shell.set --enabled true
Command> shell

In the Bash shell run this command to check the capacity of the partitions:

# df -h

The second line of the output (starting with /dev/sda3) shows the status of the root partition. If the value under Use% reaches 100%, you are in trouble. Also notice that the root partition is only 11 GB.
Second step is to determine the root cause of the full partition. A good strategy is to look for large consumers. The next command searches for files larger then 100 MB, only on the root partition:

# find / -xdev -type f -size +100M

In my case some interesting results:

/usr/lib/vmware-sca/wrapper/bin/wrapper.log
/usr/lib/oracle/11.2/client64/lib/libociei.so
/var/log/dnsmasq.log-20180121
/var/log/dnsmasq.log-20180128
/var/log/dnsmasq.log-20180107
/var/log/dnsmasq.log-20180114
/var/log/dnsmasq.log
/etc/vmware-vpx/docRoot/client/Vmware-viclient.exe

The most eye-catching files are: the wrapper.log and the dnsmasq.log files.

Read the rest of this entry »


vCenter Server Appliance Greenfield deployment

18/01/2014

Recently, I needed to deploy the vCenter Server Appliance (VCSA from now on) in an environment under the following conditions:

  • ESXi host have been installed and configured.
  • ESXi hosts reside in a different VLAN then the VCSA.
  • DNS servers are not available at the time of the installation.
  • Not much time.

The first step is to deploy the VCSA. So connect the vSphere Client to an ESXi host and start the deployment. The wizard walks you through some of the details, like name, location, storage location and network mapping. If you have ever deployed the VCSA on a vCenter Server, you will notice that this crucial window is missing. So we are not able to provide information like the IP address.

20140118-01Figure 1

Read the rest of this entry »