vSphere 6 Update 2 – Whats In It for Service Providers

vSphere 6 Update 2 – Whats In It for Service Providers

vSphere 6 Update 2 – Whats In It for Service…

It’s been just over a week since VMware released vSphere 6 Update 2 and I thought I would go through some of the key features and fixes that are included in the latest versions of vCenter and ESXi. As usual I generally keep an eye out for improvements that relate back to Service Providers who use vSphere as the foundation of their Managed or Infrastructure as as Service offerings.

VMware Social Media Advocacy


Build a custom automated ESXi installer image

Build a custom automated ESXi installer image

by Matt Bradford

If you’re like me, you’ve probably performed more manual ESXi installs than you care to admit. It’s not just the installation of the hypervisor, but the installation of the drivers and other bundles that can easily eat into your busy day. Not to mention if you try to image many hosts at the same time there’s a good likelihood that you’ll miss something that will come back and haunt you later.

One of the benefits of working with a great vendor is that they’re usually willing to ship your hosts pre-imaged and built to your spec. In order to make my vendor’s lives easier I wanted an ISO that would install ESXi to our spec without intervention. I needed to build a custom automated ESXi installer image. It may sound complicated but it’s pretty simple and the best thing is it doesn’t take long. Your first time may take 30 minutes, but once you have everything together you will be able to create the ISO in about five. Here’s how you do it…

Download the ESXi Offline Bundle. You can use the generic or vendor provided image.



Download the driver and other offline bundles you want to pack into your image. Copy everything to a folder. (Note that offline bundles may be inside the zip file you download.)



Open PowerCLI and add the ESXi offline bundle.

Add-EsxSoftwareDepot .\VMware-ESXi-5.5.0-Update3-3248547-HPE-550.



Add the driver offline bundles.

Add-EsxSoftwareDepot .\hpsa-


We need to get the name of the image by entering…

Get-EsxImageProfile | Select Name

In this case our image name is HPE-ESXi-5.5.0-Update3-550.


We’ll take the name of the profile from the previous step and create a new image with it.

New-EsxImageProfile -CloneProfile HPE-ESXi-5.5.0-Update3-550. -Name ESXi-5.5-VMSpot-Customized

By default the acceptance level will be Partner Supported. More info available here.


Export the image to an ISO by typing…

Export-EsxImageProfile -ImageProfile ESXi-5.5-VMSpot-Customized -ExportToIso -Filepath .\ESXi-5.5.0.VMSpot.iso


Launch WinISO and open the ISO.


Create a file called KS_CUST.CFG and add the following…

# Accept the VMware End User License Agreement
# Set the root password for the DCUI
rootpw VMwareR0cks!
# The install media is in the CD-ROM drive
installorupgrade --firstdisk --overwritevmfs
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=vmnic0
# reboots the host after the scripted installation is completed


Copy BOOT.CFG from the ISO and change the kernelopt line as such…

kernelopt=runweasel ks=cdrom:/KS_CUST.CFG


Add the KS_CUST.CFG file to the root of the ISO and overwrite BOOT.CFG. Save the ISO.


Mount the ISO to your host and boot.


The installation process will now run without any manual intervention.




It’s okay to ignore the DHCP warning. It will clear automatically after a few seconds.



The installation is finished! The host will now reboot automatically!


(Courtesy of VMSpot)

VMware Social Media Advocacy

Getting Started with the Free Log Insight for vCenter

Getting Started with the Free Log Insight for vCenter

Courtesy of Virten.net

VMware gives away a 25-OSI pack of vRealize Log Insight 3.3 for all users with a supported vCenter Server license. VMware vRealize Log Insight is a log management software with intuitive dashboards, sophisticated analytics and broad third-party extensibility. It provides deep operational visibility and faster troubleshooting.

Log Insight is not a new product. I’ve already written about it during the beta phase and the final product was introduced back in 2013. With the release of vSphere 6.0 Update 2, VMware has included a 25-OSI package to all vCenter installations allowing all customers to use the product in small environments for free.

In this post I am goging to explain how to obtain the 25-OSI pack and deploy Log Insight for vCenter.

VMware vRealize Log Insight 3.3.1 for vCenter Server is available as virtual appliances. The download has been added to the vSphere 6.0 section, but there is no difference to the “VMware vRealize Log Insight 3.3.1” package, available in the vRealize section.

Download vSphere 6.0

Log Insight 3.3 for vCenter Server will accept any vCenter Server 6.0 Standard, Enterprise, or Enterprise Plus license. For vCenter Server 5.x users, a license key can be found on the Log Insight 3.3 for vCenter Server download page:

Use the Deploy OVF Template function to install the Appliance:

The extra small configuration supports up to 20 ESXi hosts. To take full advantage of the 25-OSI package, and generally for production, the small configuration is recommended. The largest deployment supports up to 1500 ESXi hosts (15,000 events/second). There is no need to make a final decition here. The appliances can be extended later.  


After finishing the deployment wizard, wait a couple of minutes until the Appliances has finised initial configuration tasks. The appliances is available when the following screen is visible in the console:

To configure VMware Log Insight, open a browser and navigate to the URL mentioned in the console and select Next > Start New Deployment

Add a License key. You can either use your vCenter Server 6.0 License key, or the key provided at the Log Insight download page.

Log Insight is now ready to collect logs. The following sources can be configured:

  • vSphere Integration, collects data from vCenter Server and ESXi hosts
  • Agents installed on Linux or Windows systems
  • Syslog Server

To add your vSphere Environment to Log Insight, open Configure vSphere integration »

Add your vCenter Server:

This will automatically configure the vCenter Server, and all ESXi hosts to send their logs to the appliance. You can verify the state, and add/remove ESXi hosts on the detail page:


Logfiles are now ready to be analysed. I’ve deployed 2 ESXi hosts with a vCenter Server, so there are still 22 free licenses left to add more ESXi hosts, or other systems.


VMware Log Insight is not limited to VMware products. It’s intended as central logging system. It is shipped with the following agents:

  • VMware vRealize Log Insight 3.3.1 – Window agent
  • VMware vRealize Log Insight 3.3.1 – Linux agent 32/64-bit (RPM)
  • VMware vRealize Log Insight 3.3.1 – Linux agent 32/64-bit (Debian)
  • VMware vRealize Log Insight 3.3.1 – Linux agent 32/64-bit (binary)

I’m installing the Linux Agent on a Debian based Ubuntu 14.04.4 LTS.


root@aztec:~# dpkg -i VMware-Log-Insight-Agent_3.3.1-3636434.deb
Vorbereitung zum Entpacken von VMware-Log-Insight-Agent_3.3.1-3636434.deb ...
Entpacken von vmware-log-insight-agent (3.3.1-3636434) ...
vmware-log-insight-agent (3.3.1-3636434) wird eingerichtet ...
Starting VMware Log Insight Agent: *

Installation completed.

ATTENTION: Please edit configuration file:

For online documentation please visit:
Trigger für ureadahead (0.100.0-16) werden verarbeitet ...
ureadahead will be reprofiled on next reboot

The Agent needs to know the address of the Log Insight server. Any further configuration can then be done from the Log Insight Management console. Edit the configuration file /etc/liagent.ini and set the hostname to your Log Insight server.

The Linux host should now appear in the Agent Configuration.


Groups can be created to deploy the same configuration on a large number of hosts. I’ve created a group for Linux Hosts and added the gathering of /var/log/syslog:

I’ve also added the Log Insight Server as Syslog server on my router. Very nice and quick solution for small networks. But what is the outstanding feature of VMware vSphere Log Insight? Content Packs!

VMware vSphere Log Insight is not just a log aggregator, it also has a deep understanding of log entries, allowing administrators to find quick solutions for problems. Here are some examples from the VMware vSphere Content pack, which is available by default:



VMware Social Media Advocacy

Get peace of mind with these simple monitoring tips

Get peace of mind with these simple monitoring tips

If a server falls over in the forest and no one raises an incident, does it actually go down?

As every good VMware administrator knows, there is no known good reason on earth as to why you shouldn’t be using some form of monitoring solution to keep watch on your VMware platforms. As the “VMware guy” you really can’t afford to waste your time keeping a constant watchful eye on things, just in case something bad were to happen. But let’s face it – from time to time bad things do happen!

There are many, many options available in the market to poke and probe your infrastructure to check if it’s all still there, doing what it should be doing. These range from free tools that simply ping devices and alert you if something fails to respond, to monster-sized monitoring and management solutions that cost an arm and a leg. The big comprehensive solutions are great, but they are typically very complex to design, deploy, configure and keep running, and will often only alert you to an issue once it has occurred and the phone is already ringing with your boss saying “has anything changed on the VMware platform today?”. That’s when panic sets in as you realise the production VMware cluster is spiralling into a full meltdown. The two options available to you are a) start troubleshooting the issue and hope you find a solution PDQ, or b) pick up your jacket, exit the building, and start getting your LinkedIn profile up to date because you’re going to need a new job!

Taking a proactive approach

Wouldn’t a better approach be to discover potential issues in your environment before they were about to happen? What if you could fix an issue before it brings down your entire VMware cluster? Surely that would have you rise up the ranks to demigod level and then you could spend more time playing with all the cool new things you wish you had time to try.

I’ve spent the last few months getting to know the Runecast Analyzer product very well.  I can honestly say “Wow! I’m impressed”. From the simplicity of the product to be able to quickly deploy and have it scanning your environment in minutes, to its easy-to-use and great looking web interface, it really is an excellent tool to have in your toolbox.

Rich capability

What makes Runecast really stand out to me, is that it is capable of looking at the setup of your VMware platform and check this against three main sources of information:

  1. VMware knowledge base articles
  2. VMware best practice guides
  3. VMware security hardening guides


The expert guys who developed and founded Runecast (VCDX #74, VCAP’s, VCPs, etc) continuously monitor and assess new KB’s, best practice guides and security recommendations, and determine how to check for them. These updates are then automatically pulled down into the Runecast Analyzer appliance on a regular basis.

Once a scheduled scan occurs and picks up a potential issue in your environment, not only does Runecast flag this issue, it provides you with a copy of the KB article directly in the web interface or a link to the best practice/security hardening guide where it came from. This means you can fully understand the issue before you decide to address it or choose to ignore it.

For example, it may be a requirement in your environment to allow certain non-standard settings such as allowing promiscuous mode on a port-group. In this instance you can simply choose to ignore this alert by way of the highly configurable filter. Runecast will continue to re-scan your environment on a regular basis (defined by you) to ensure continuous compliance and help protect you against configuration drift.


It also allows you to send the log files from vSphere hosts and Virtual Machines (the VMs VMware logs, not from inside the Virtual Machines Operating Systems/applications, just to be clear) to the Runecast Analyzer appliance and have these logged and checked for issues too. All of this can be configured in the Runecast UI (provided the account you use has sufficient permissions in vCenter to make these changes) by a couple of simple clicks. It couldn’t actually be any easier than that, could it?

And… it does all this onsite, so no data is sent back from the appliance for analysis somewhere in a different country, or stored on a server that you have no control over – so there’s no issues with security there.

As I said, I’ve been giving this VM monitoring and troubleshooting solution a really good bash around for the last few months, and I’m well impressed. If you fancy checking it out for yourself you can download a free 30-day trial, and get it up and running in your own environment in minutes. And who knows, perhaps just doing this alone could help save one tree, sorry, server from falling over.

By Stuart McEwan

– See more at: http://www.vifx.co.nz/blog/get-peace-of-mind-with-these-simple-monitoring-tips#sthash.A1abTdJt.dpuf

VMware Social Media Advocacy

Virtual Volumes At EMC World

Virtual Volumes At EMC World

Virtual Volumes At EMC World

EMC world is coming up quickly and will be held in Las Vega from May 2nd to May 5th. This year there will be plenty to talk about for Virtual Volumes, in December 2015 the EMC VMAX team became the first EMC array to deliver certified support for VVols, the VNX team also launched their technical preview for Virtual Volumes with the EMC VNX Virtual Appliance.

VMware Social Media Advocacy

The Practical Path to NSX: Security, Automation, Application Continuity

The Practical Path to NSX: Security, Automation, Application Continuity

Read more about network virtualization with VMware NSX here: https://www.vmware.com/products/nsx/ Milin Desai of VMware discusses an overview of VMware NSX at VMworld 2015. He highlights the 3 most common pain points within customers and how VMware NSX has addressed them through its value proposition. See a live demo of VMware NSX’s infrastructure security, IT automation, and application continuity in action.

VMware Advocacy

Working with the VMware vCenter Server Appliance

Working with the VMware vCenter Server Appliance

While working with the VMware vCenter Server Appliance (VCSA) the last couple of years I came across several bits and pieces of information that I collected which, I think, are useful for working with the VMware vCenter Server Appliance (VCSA) and combined them in this blog post.

VMware vCenter Server provides a centralized platform for managing your VMware vSphere environments through a single pane of glass. The VMware vCenter Server Appliance (VCSA) is a preconfigured Linux-based virtual appliance that can be deployed simply as a Virtual Machine. This VM is optimized for running vCenter Server and the associated services on Linux.

Highlighted in this VMware vCenter Server Appliance blogpost:

  • Change the Password and Password Expiration Settings of the Root User
  • Enabling SSH, Local Access and Bash shell
  • Unlocking a locked out Root account
  • Updating or patching the VCSA
  • VCSA startup stages after reboot
  • WinSCP to vCenter Server Appliance


Change the Password and Password Expiration Settings of the Root User

When you deploy the vCenter Server Appliance, you set the initial password of the root user, which expires after 365 days by default. For security reasons, you can change the root password, as well as the password expiration settings. In version 5.5 and 6.0 of the VCSA the root password expires in 90 days, with the updated version by default the root password will expire in 365 days. You can login to the VMware Appliance Management Interface (VAMI) with a web browser on the following address:

Important: If there is no VAMI page showing up on port 5480 you are probably running VCSA version 6.0, because VMware removed the VAMI from vCenter Server 6.0. This issue can be resolved by updating the VCSA to Update 1 or later. For the necessary steps on upgrading please check the paragraph about Updating or patching the VCSA.

  1. Login with Root and the root-password.


  1. Go to Administration in the left panel


  1. In the right panel you can Change the Root Password
  2. In the panel below you can adjust the Password Expiry Settings


Enabling SSH, Local Access and Bash shell

After installing the VCSA local access and SSH access will be disabled. If you need to install plugins in the VCSA like the NexentaConnect for VSAN you will need SSH access to adjust some local settings and add the package for the plugin. You have multiple ways to activate Local Access and SSH possibilities.

Option 1: Through the VMware Appliance Management Interface

  • Login to the VAMI
  • Go to Access in the left pane
  • Check the two boxes enabling ssh login and bash shell


Option 2: Through the vSphere Web Client

  • Login to the vSphere Web Client
  • Go to Administration > System Configuration > Right-Click the correct VCSA node > Edit settings


  • Adjust accordingly how you would like it to behave



Unlocking a locked out Root account

If the root account is not accessible through the console, the secure shell, and the Virtual Appliance Management Interface (VAMI) (vCenter Server Appliance 5.5 and 6.0 Update 1+), the root account has been inactivated due to password expiration. To reactivate the root account, the vCenter Server appliance must be rebooted and the kernel option modified in the GRUB bootloader to obtain a root shell.

First of all you have to edit the settings of the VCSA to delay the boot sequence through the vSphere Client. Make sure you know on which ESX host the VCSA runs before you shut it down. The time between when you power on the virtual machine and when it exits the BIOS or EFI and launches the guest operating system software is short. You can change the boot delay or force the virtual machine to enter the BIOS or EFI setup screen after power on.

Delaying the boot operation is useful for changing BIOS or EFI settings such as the boot order. For example, you can change the BIOS or EFI settings to force a virtual machine to boot from a CD-ROM.


  1. In the vSphere Client inventory, right-click the virtual machine and select Edit Settings.
  2. Click the Options tab and under Advanced select Boot Options.
  3. In the Power on Boot Delay panel, select the time in milliseconds to delay the boot operation.
  4. (Optional) Select whether to force entry into the BIOS or EFI setup screen the next time the virtual machine boots.
  5. (Optional) Select whether to try to reboot after a boot failure.
  6. Click OK to save your changes.
  7. Power-On the VCSA

To reactivate the root account:

  • When the GRUB bootloader appears, press the spacebar to disable autoboot
  • Type p to access the appliance boot options
  • Enter the GRUB password

Note: If the vCenter Server appliance was deployed without editing the root password in the Virtual Appliance Management Interface (VAMI), the default GRUB password is vmware. If the vCenter Server appliance root password was reset using the VAMI, then the GRUB password is the password last set in the VAMI for the root account.

Use the arrow keys to highlight VMware vCenter Server Appliance and type e to edit the boot settings

  • Scroll to the second line displaying the kernel boot parameters
  • Type e to edit the boot command
  • Append init=/bin/bash to the kernel boot options
  • Press Enter. The GRUB menu reappears
  • Type b to start the boot process. The system boots to a shell
  • Reset the root password by running the passwd root command
  • Restart the appliance by running the reboot command


Updating or patching the VCSA

Depending on which VCSA version you are running you have two options to update the VCSA.

Option 1 – Updating or Patching the VCSA through a SSH connection

  • Download VCSA update from the following location:
  • Upload the ISO to a Datastore
  • Attach the downloaded ISO to the VCSA virtual machine (Do not forget to check the connected box)
  • SSH to the VCSA

    ssh root@vcsa_hostname

  • Run the following commands

To stage the ISO

software-packages stage –iso

Run through the EULA (with ENTER) and answer with yes. To see the staged content

software-packages list –staged

To install the staged rpms

software-packages install –staged


After patching is successful use the following command to reboot the VCSA

Shutdown reboot –r Update_to_last_patches


Option 2 – Updating or Patching the VCSA through the VAMI

You can also update the VCSA throught the VAMI web interface when you are running a version of VCSA which has a active/available VAMI

  • Go to Update in the left panel and than in the right panel to Check Updates


You have the choice to use a CDROM or download it through a URL.


VCSA startup stages after reboot

The VCSA goes through different stages while booting, it has five visible stages:

  • You can connect to the IP address/FQDN of the VCSA


  • Error message 503 when trying to connect to the vSphere Web Client

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x7f809c7187b0] _serverNamespace = /vsphere-client _isRedirect = false _port = 9090)

  • You will see a Blanc screen while trying to connect to the vSphere Web Client
  • The vSphere Client web server is initializing message is visible


  • You can login through the vSphere Web Client Login Screen  (Do not forget the administrator@vsphere.local instead of root)


Now the VCSA is fully booted and operational.


WinSCP to vCenter Server Appliance

When trying to connect WinSCP to the vCenter Server Appliance (VCSA) you will get an error message and you can not connect to upload or retrieve files from the VCSA. When you copy files using WinSCP, part of the operation happens on the target Linux system. The default Appliance Shell cannot be the remote partner of WinSCP. You must enable the Bash shell on the appliance, you can do that through the VAMI as described in the paragraph about Enabling SSH, Local Access and Bash shell. You can also do it by

  • Login to the VCSA through a SSH connection
  • Provide the the username root and the root password when prompted
  • Inserted the following commands:

Than go to the Bash shell


In the bash shell switch from default shell to Bash

chsh -s /bin/bash root

Now you can use WinSCP to place or get files on the VCSA

To return the Bash shell to the Appliance shell use

chsh -s /bin/appliancesh root

When using Linux to place or retrieve files you can use PSCP.

By Edwin Weijdema

VMware Advocacy

VMworld 2016 Call for Papers Open Until April 12th

VMworld 2016 Call for Papers Open Until April 12th

VMworld 2016 Call for Papers Open Until April 12th

Can you believe it? VMworld 2016 is fast approaching! This year’s US event takes place August 28 – September 1, 2016 in Las Vegas at the Mandalay Bay Hotel and Convention Center. But before the event can kick off, VMware needs to issue a “Call for Papers” in order to build up its session list. And that’s exactly what they have done.

VMware Advocacy

In Guest VMware Tools CLI commands

In Guest VMware Tools CLI commands

In general it seems typical that VMware Tools gets installed on the Guest OS and then left alone after that. While doing some reading and working on some “slowness” issues, I’ve found the Tools CLI to become very handy and powerful.

On the Windows side of things here are a few “common” commands to use tools via the command line. First we need to get into the directory where tools is installed and the toolbox command can be run. The default directory is “C:\Program Files\VMware\VMware Tools”

The command below in the screenshot lists the base commands available with the VMwareToolboxCmd: VMwareToolboxCmd.exe help


I’m not covering all of the commands there but the documentation from VMware does a good job.

I’ve been using the VmwareToolboxCmd.exe stat “subcommandhere” for seeing stats within the GuestOS and I’ve included the snipit from the VMware doc with a little detail for each stat subcommand:


As you can see it covers many useful areas to see if the VM is having performance issues related to CPU Limits perhaps or to see if any memory is ballooning, or swapping(I’ve also included memres and cpures just to see if your VM has any reservations):


You can manually turn timesync with the host on/off/and check status:


Another command that I would imagine is useful would be the disk command and shrink subcommands that can be used to actually shrink and reduce the space the virtual disk takes up. As you can see from the screenshot my test VM is a linked clone and this can not be run against it. This doesn’t work against thick provisioned VMs as it wouldn’t shrink the virtual disk since the space has already been allocated for the virtual disk:


**NOTE certain version of Fusion have a “Clean Up Virtual Machine” button and Workstation has a “Compact” menu command that will do the same thing.

The commands are pretty much the same within a Linux OS, below is a screenshot of a CentOS VM. The default directory for this is /usr/sbin/ and the command is “vmware-toolbox-cmd”:vmware-toolbox-cmd-help

There are many more commands that can be run from within the Guest OS, as I stated I’ve been using and seeing these commands used to track down slowness issues within VMs.

Note these commands were taken from the following User’s Guide from VMware andVMware vSphere 6.0 Documentation Center.

By Brandon Bazan Twitter – @bbazan

VMware Advocacy

VMware NSX and Cisco ACI: NSX Now Supported on ACI

VMware NSX and Cisco ACI: NSX Now Supported on ACI

In May of 2015, we did a video around VMware NSX vs. Cisco ACI. As part of that video, we made the prediction that VMware NSX and Cisco ACI would not be an either/or discussion in the future (I also did a webinar on the topic that you can download here). At the time, the common question we were getting from clients was if they should be using NSX or ACI. My opinion was that Cisco ACI quite well complimented the feature sets of VMware NSX and that one could really support the other.

Now let’s fast forward to last month (February 2016) to Cisco Live Berlin where an announcement was made that supported just that idea. In  sessions at the conference, they talked about a number of overlay networks in Cisco ACI and specifically mentioned VMware NSX. So what are these use cases? I’m planning on doing a series of videos to explore the topic further. The next video will discuss heavily utilizing Cisco ACI with an overlay of VMware NSX. After that, we’ll look at the opposite – more heavily leveraging the feature sets of NSX on top of the fabric automation feature sets that exist in ACI.

VMware NSX and Cisco ACI: NSX Now Supported on ACI

Watch on GreenPages’ YouTube channel

VMware Advocacy