Building an advanced lab using VMware vRealize Automation – Part 7: Configure vCenter Server Appliance SSL certificates

20150630 - vRAIn part 6 we installed and configured a vCenter Server Appliance in the lab.  This will manage the various components, plus serve as an endpoint for vRealize Automation.

In this post we replace the default SSL certificates from the vCSA with trusted certificates from our in-house certificate authority. Continue reading

Building an advanced lab using VMware vRealize Automation – Part 6: Deploy and configure the vCenter Server Appliance

20150630 - vRAIn part 5 of this series we created a Windows 2012 R2 Domain Controller to provide our authentication services for the environment.

In this part, we deploy the VMware vCenter Server Appliance (vCSA) 5.5. This will serve as the backbone to our infrastructure, as well as the endpoint for the majority of our VMware vRealize Automation deployments. Later in the series, we will configure other endpoints such as VMware’s vCloud Air or AWS. Continue reading

Building an advanced lab using VMware vRealize Automation – Part 5: Authentication services

20150630 - vRAIn part 4 of this series we configured two ESXi hosts to host our lab.  In this part we will setup a Windows Server 2012 R2 Core virtual machine and configure it as a domain controller in a separate root domain.  We will then configure a forest trust to our production domain so that our users can authenticate. Continue reading

Building an advanced lab using VMware vRealize Automation – Part 4: Physical infrastructure – compute

20150630 - vRAIn part 3 of this series on building a lab using VMware vRealize Automation we configured the physical networking to support our lab.  In this part we install and configure VMware vSphere 5.5 on our servers.

Before we can install vSphere, we have to analyse our requirements and source hardware to satisfy them.  Obviously we would like hardware that comes with as much compute, storage and network capacity as possible, but budgetary constraints must be taken into consideration. Continue reading

Building an advanced lab using VMware vRealize Automation – Part 3: Physical infrastructure – networking

20150630 - vRAIn part 2 we outlined our storage resources for the project.  We built a Windows 2012 R2 Server which provided iSCSI and NFS services to the environment.

In this part we configure the networking infrastructure that has been provided for the lab, and prepare it for the introduction of our VMware ESXi hosts.  Continue reading

Building an advanced lab using VMware vRealize Automation – Part 2: Physical infrastructure – storage

20150630 - vRAIn part 1 I outlined the aims of the project, which is to build an advanced lab using VMware vRealize Automation.  In this article, we will configure the storage that will house our provisioned virtual machines.

The first constraint that has been identified is cost, which effectively rules out fibre channel storage of any kind.  However, with the right hardware, we can utilise other technologies such as iSCSI and still provision high-performance storage: Continue reading

Wednesday Tidbit: Create custom ESXi ISO with ESX-tools-for-ESXi

20150713 - PowerCLIMy test cluster in the lab recently needed to be rebuilt.  As this cluster is nested and I wanted the latest version of ESXi to be deployed, I thought it would be good to use Image Builder to combine the two.

After downloading the VMware Tools for Nexted ESXi tools fling, I followed Andreas Peetz’ article on how to use them to build an offline bundle.

Once done, I used the following PowerCLI script with Image Builder to create my new ISO complete with VMware Tools for Nested ESXi:

# Add VMware depot
Add-EsxSoftwareDepot C:\Depot\ESXi550-201505002.zip

# Clone the ESXi 5.5 GA profile into a custom profile
$CloneProfile = Get-EsxImageProfile ESXi-5.5.0-20150504001-standard
$MyProfile = New-EsxImageProfile -CloneProfile $CloneProfile -Vendor $CloneProfile.Vendor -Name (($CloneProfile.Name) + "-virtualhobbit") -Description $CloneProfile.Description

# Add the Nested ESXi VMTools Offline bundle
Add-EsxSoftwareDepot C:\Depot\esx-tools-for-esxi-9.7.1-0.0.00000-offline_bundle.zip

# Add the esx-tools-for-esxi package to the custom profile
Add-EsxSoftwarePackage -SoftwarePackage esx-tools-for-esxi -ImageProfile $MyProfile

# Disable signature check
$DeployNoSignatureCheck=$true

# Export the custom profile into an ISO file
Export-EsxImageProfile -ImageProfile $MyProfile -ExportToISO -NoSignatureCheck -FilePath C:\Depot\ESXi550-201505002-virtualhobbit.iso

I also chose to export the image profile to a .zip file, so I could use it to remediate an existing cluster using VUM.

Export-EsxImageProfile -ImageProfile $MyProfile -ExportToBundle -NoSignatureCheck -FilePath C:\Depot\ESXi550-201505002-virtualhobbit.zip

Building an advanced lab using VMware vRealize Automation – Part 1: Intro

20150630 - vRAA few months back my boss came to me and asked if I could build a test lab for the company.  Being a managed services company with a number of technical staff, it was important to give them a training ground where skills can be learned but mistakes also made without consequence.

We have a lot of kit we currently use for testing changes on prior to putting them live, but not a segregated area dedicated for this purpose. Continue reading

Wednesday Tidbit: PowerCLI script to enable copy & paste

20150713 - PowerCLIUnlike at work, when I access servers in the lab I use the vSphere Client remote console.  Unfortunately since vSphere 4.1, copy & paste between the host and the console has been disabled – which I find a pain (even though it’s probably more secure).  It can be enabled per-VM with the following two settings:

isolation.tools.copy.disable="false"
isolation.tools.paste.disable="false"

I wanted to enable it on all my backend VMs, but not my other VMs (DMZ etc).  For this I used the following PowerCLI script:

$esxi = "lab01.mdb-lab.com"
$credential = Get-Credential
$tgtVLAN = 'VLAN70','VLAN80','VLAN120'

Connect-VIServer $esxi -Credential $credential

Get-VM |where {
   (Get-NetworkAdapter -VM $_ | %{$tgtVLAN -contains $_.NetworkName}) -contains $true} | %{
      New-AdvancedSetting $_ -Name isolation.tools.copy.disable -Value false -Confirm:$false -Force:$true
      New-AdvancedSetting $_ -Name isolation.tools.paste.disable -Value false -Confirm:$false -Force:$true
   }
}

Disconnect-VIServer $esxi -Confirm:$false

I’d like to thank Luc Dekens for helping me with that last bit. If you get chance, check him out at http://www.lucd.info/.