Browsed by
Tag: vCenter

dcli and orphaned VMs in vCenter Server inventory

dcli and orphaned VMs in vCenter Server inventory

The orphaned VMs in vCenter inventory is an unusual view in experienced administrator’s Web/vSphere Client window. But in large environments, where many people manage hosts and VMs it will happen sometimes.

You do know how to get rid of them using traditional methods described in VMware KB articles and by other well known bloggers, but there’s a quite elegant new method using dcli.
This handy tool is available in vCLI package, in 6.5/6.7 vCSA shell and vCenter Server on Windows command prompt. Dcli does use APIs to give an administrator the interface to call some methods to get done or to automate some tasks.

How to use it to remove orphaned VMs from vCenter inventory?

  1. Open an SSH session to vCSA and log in as root user.
  2. Run dcli command in an interactive mode.

    dcli +i
  3. Get a list of VMs registered in vCenter’s inventory. Log in as administrator user in your SSO domain. You can save credentials in the credstore for future use.

    com vmware vcenter vm list
  4. From the displayed list get VM’s MoID (Managed Object Id) of the affected VM, e.g. vm-103.
  5. Run this command to delete the record of the affected VM using its MoID from vCenter’s database.

    com vmware vcenter vm delete --vm vm-103
  6. Using Web/vSphere Client check the vCenter’s inventory if the affected VM is now deleted.

It’s working!

VCSA monitoring and recovery options

VCSA monitoring and recovery options

The new vCenter Server Appliance Management Interface is still accessed via port 5480 for any vCenter Server or Platform Services Controller appliance. This refreshed UI now includes additional resource utilization graphs to provide a simple-to-consume visualization of CPU, Memory, Disk, and Database metrics :

vcenter7

Above screenshot to the right shows the new vCenter Database monitoring screen that provides some insight into the PostgreSQL database disk usage to help prevent crashes due to running out of space. There are also new default warnings presented in the vSphere Web Client to alert administrators when the database is getting close to running out of space and a graceful shutdown mechanism at 95% full to prevent database corruption. Customers can also configure syslog in this improved VAMI.

SUMMARY

  • New vCenter Server Appliance Management Interface
  • Built in monitoring : Network, CPU, and Memory
  • Visibility to vPostgres DB
  • Remote syslog configuration

New in vCenter Server 6.5 is native backup and restore for the vCenter Server Appliance. This new out-of-the-box functionality enables customers to backup vCenter Server and Platform Services Controller appliances directly from the VAMI or API. The backup consists of a set of files that will be streamed to a storage device of the customer’s choosing using SCP, HTTP(s), or FTP(s) protocols. This backup fully supports vCenter Server Appliances with embedded and external Platform Services Controllers.

vcenter8

vcenter9

The Restore workflow is launched from the same ISO from which the vCenter Server Appliance or PSC was originally deployed or upgraded. You can see from the lower screenshot that we have a new option to restore right from the deployment UI. The restore process deploys a new appliance and then uses the desired network protocol to ingest the backup files. It is important to note that the vCenter Server UUID and all configuration settings will be retained.

There is also an option to encrypt the backup files using symmetric key encryption. A simple checkbox and encrypted password is used to create the backup set and then that same password must be used to decrypt the backup set during a restore procedure. If the password is lost there is no way to recover those backup files as we do not store the password and do not use reversible encryption.

SUMMARY:

  • Restore vCenter Server instance to a brand new appliance
  • Supports backup/restore of VCSA & PSC appliances
  • Includes embedded and external deployments
  • Supported Protocols include:
    • HTTP/S
    • SCP
    • FTP/S
  • Option for Encryption
  • Restore directly from VCSA ISO
vSphere 6.5 – enhanced logging

vSphere 6.5 – enhanced logging

 

vSphere 6.5 introduces audit logging, before vSphere 6.5  logs were more focused on finding root causes of a problem – not releate deep  to IT operations or security use cases. For example, if a virtual machine was reconfigured from one storage adapter to another in logs we would find only “Virtual Machine <name> reconfigured”.

 But now logs which are coming from vCenter via Syslog will contain data from vCenter Events. These logs will clearly show “Before” and “After” setting changes.  This enhances the ability of IT and Security administrators to troubleshoot issues by providing information what was exactly changed in the vSphere environment.

 security1

Enhanced logging summary:

  • Improved vCenter/ESXi event logs quality
    • Informative auditing without having to enable verbose mode
  • Structured vCenter Events SysLog Stream
    • Minimal VC overhead
    • Simplified deployment
    • Enables upper level intelligence
  • Customer auditing examples:
    • VM was moved to a wrong network
    • VM disk was deleted by accident
    • VM was under/over provisioned

Now let’s see how to enable streaming VC events to remote syslog server :

security2

security3

NOTE!!! This feature is not available on Windows VC

1. Enable event syslog:

security4

2. Configure connection parameters:

security5

And finally let’s look at some examples of vCenter events audit quality:

security6

 

 

vSphere 6.5 Installation – Part 2 – vCenter Server Appliance

vSphere 6.5 Installation – Part 2 – vCenter Server Appliance

In the previous Part I of the series, I described the installation process of external PSC in vSphere 6.5.  In this part I’ll go through the process of vCenter Server appliance deployment.

  1. The first step is to download the vCSA ISO image and mount it for instance to your desktop. Inside the ISO image go to D:\vcsa-ui-installer\win32 and run the installer.exe. (This is the same ISO image used for PSC deployment). Then we choose the Install option, as you can see there are also available such option as Upgrade, Migrate and Rocever. All of them will be described further in next part of the series.

1vcsa

  1. In vSphere 6.5 the process of deployment is divided into two phases, or more correctly stages. The first stage contains the deployment of the appliance where it is deployed in our infrastructure. The second stage will let you configure the PSC and creating SSO domain, etc. It’s nothing to do on this step, simply click Next.

 

2vcsa

  1. Accept the End User License Agreement and click Next.

3vcsa

4. Choose the deployment type page allows you to choose which component should be deployed. In my case the external PSC was deployed in previous step and now I’m choosing vCenter Server. It’s important to notice that external PSC must be deployed before you start the deployment of vCenter Server Appliance.

4vcsa

5. In this step you have to provide the information about the host or vCenter where the appliance will be deployed. I’d like to emphasiss the option with vCenter which is new and in my opinion very helpful. It’s also the recommended option, of course if you already have a vCenter in place. That’s because if you connect directly to an ESXi host and it is in a DRS cluster, DRS initiated vMotions may occur during deployment process. To prevent this, you can either connect to vCenter managing the ESXi host or ensure the cluster where this ESXi host resides is not set to Fully Automated DRS for the duration of the deployment. You also need to provide the credentials to vCenter or ESXi host for an user that have the privileges do deploy and configure virtual appliances.

5vcsa

6. Verify and confirm the Certificate warning.

6vcsa

7. In case you have choosen the vCenter to connect tom, you can indicate a specific folder for the appliance. Click Next.

7vcsa

8. Choose the correct ESXi host to deploy it and click Next.

8vcsa

9. Specify the Virtual Machine name, root password and click Next.

9vcsa

10. Choose the right size of your deployment. VMware was so nice and inclueded information on the screen to let you choose the right size for your environment. In my case it’s “just” the lab so Thiny version will be more than enough. Click Next to go further.

10vcsa

11. Choose the datastore you want to use. There is also an option to configure the appliance this in thin provisioning mode. If you prefer so, simply mark the checkbox “Enable Thin Disk Mode” and click Next.

11vcsa12. This steps requires the network configuration. You are supposed to provide port group from the available list of port groups configured on ESXi host/vCenter you choosed before. There is also a place for system name which is optional (in case you don’t provide it, IP address will be used instead)

12vcsa13. Last step in stage one – confirmation. If all settings are correct click Finish to start the deployment process.

13vcsa

14. After all you can observe the progress via installator and host/vCenter.

15vcsa 14vcsa

15. When the deployment stage is done you go pass to stage 2 – basic configuration of our vCenter Server Appliance. To do that, click Continue.

16vcsa

16. Again you will see the welcome screean which informs you that this is the beginning of stage 2. Click Next to start.

17vcsa

17. Provide the IP address of NTP Server, mark the enable SSH checkbox and click Next.

18vcsa

18. This is the step when you have to connect with your PSC. Provide the PSC FQDN name, SSO domain name, password for Administrator, and click Next.

19vcsa

19. Review all the configured options and values and click Finish.

20vcsa

20. You will need to confirm the warning that you are completely sure about your choice. The process could not be interrupted after that.

21vcsa

21. Again as in the stage 1 you can monitor the progress untill it’s finished.

22vcsa

22. After the deployment is done, you can access the using the IP or FQDN name with port 443.

23vcsa

It’s done you vCenter Server Appliance is up and ready to start work with.

In the next part I’ll describe the straightforward process of Windows vCenter Server installation.

 

Please, check the other parts of the series:

vSphere 6.5 Installation – Part 1 – External PSC

vSphere 6.5 Installation – Part 1 – External PSC

This is the first part of the series describing the different options to install, restore and upgrade vSphere 6.5, especially the vCenter server.

In this part we will describe the process of External PSC deployment.

1.The first step is to download the vCSA ISO image and mount it for instance to your desktop. Inside the ISO image go to D:\vcsa-ui-installer\win32 and run the installer.exe.

1

2. Then we choose the Install option, as you can see there are also available such option as Upgrade, Migrate and Rocever. All of them will be described further in next part of the series.

2

3. In vSphere 6.5 the process of deployment is divided into two phases, or more correctly stages. The first stage contains the deployment of the appliance where it is deployed in our infrastructure. The second stage will let you configure the PSC and creating SSO domain, etc. It’s nothing to do on this step, simply click Next.

3

4. Accept the End User License Agreement and click Next.

4

5. Choose the deployment type. In my case I’m going to use external PSC and this is my first node, mark Platform Service Controller and click Next.

3a

6. In this step you have to provide the information about the host or vCenter where the appliance will be deployed. I’d like to emphasiss the option with vCenter which is new and in my opinion very helpful. It’s also the recommended option, of course if you already have a vCenter in place. That’s because if you connect directly to an ESXi host and it is in a DRS cluster, DRS initiated vMotions may occur during deployment process. To prevent this, you can either connect to vCenter managing the ESXi host or ensure the cluster where this ESXi host resides is not set to Fully Automated DRS for the duration of the deployment. You also need to provide the credentials to vCenter or ESXi host for an user that have the privileges do deploy and configure virtual appliances.

5

7. Verify and confirm the Certificate warning.

6

8. In case you have choosen the vCenter to connect tom, you can indicate a specific folder for the appliance. Click Next.,

7

9. Choose the correct ESXi host to deploy it and click Next.

8

10. Specify the Virtual Machine name, root password and click Next.

9

11. Choose the datastore you want to use. There is also an option to configure the appliance this in thin provisioning mode. If you prefer so, simply mark the checkbox “Enable Thin Disk Mode” and click Next.

10

12. This steps requires the network configuration. You are supposed to provide port group from the available list of port groups configured on ESXi host/vCenter you choosed before. There is also a place for system name which is optional (in case you don’t provide it, IP address will be used instead)

11a

13. Last step in stage one – confirmation. If all settings are correct click Finish to start the deployment process.

12

 

14. During the dpeloyment process you can observe the progress via installer, or vSphere Client/Web Client.

13

14

15

15. After the deployment is done you have to option to continue and move to stage two via the installer window. If you do not want to perform this stage at he moment, you can close the installer and do it later from the vCenter Server Appliance Management Interface ( it’s available at https://your_PSC_FQND_or_IP:5480) We will go through this proces at once.

16

16. The welcome screan informs you that this is the stage 2. Click Next.

17

17. Provide the IP address of NTP Server, mark the enable SSH checkbox and click Next.

18

18. Here you have two option – create a new SSO domain or join the esixting one. This is my first PSC in the environment so I will create new SSO domain. Be aware that it is not an Active Directory! It’s a separate domain for VMware and I suggest to choose a different name than you AD domain. The domain name must conform the RFC 1035 standards. Site name could be helpful in case you have two datacenters and in both of them you are going to deploy the PSC infrastructure. It will let you distinguish these sites. The siete name could be connected with datacenter name or the city in which it’s located. It’s up to you, just remember that the name should include alphanumeric characters or the symbol dash (-). They should not exceed 63 characters and include high-ASCII/non-ASCII characters. After all, click Next.

19

19. Choose the option to join or not to join the VMware’s Experience Improvement Program (CEIP) and click Next.

 

20

20. Review all the configured options and values and click Finish.

21

21. You will need to confirm the warning that you are completely sure about your choice.

22

22. Again as in the stage 1 you can monitor the progress untill it’s finished.

23

23. After the deployment is done, you can access the PSC Client at https://psc_FQDN_or_IP:443/psc

24

Now you can make the initial configuration of you SSO domain. I would start from adding the appliance do AD domain. To do it you have to log to the 5480 port ( VAMI interface) using root account with password you specified during instalation.

35

When you are logged in go to Configuration -> Manage -> Active Directory Join and provide the required information. After that you have to manually reboot the PSC node.

31

After the PSC node is back you can verify that the domain is listed in Manage tab.

32

Then you can log into PSC client (https://psc_FQDN_or_IP:443/psc) using administrator account and password in domain you created during installation ( in my case it’s vv.cloud so so the user will be administrator@vv.cloud). Next you can add the new identity source using Windows Integrated Authentication. To perform this action move to Configuration -> Identity Sources -> Add.

 

33

You can also indicate this identity source as Default Domain using globe icon.

37

 

It’s done, your PSC is up and ready. You can continue the configuration or deploy the vCenter Server and connect it to this SSO domain.

I’ll show the process in next part of the series.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

vSphere 6.5 GA is now available to download!

vSphere 6.5 GA is now available to download!

That’s the day most of us ( or at least me :)) were waiting for. It’s officialy available to download vSphere 6.5 GA.

It can be downloaded directly from this page.

Documentation can be found here.

The most important features are:

  • HTML 5 vSphere Client
  • ProactiveHA
  • Network-Aware DRS
  • vCenter Backup and Restore
  • Auto Deploy integraded with Web Client
  • vSphere Update Manager built-in vCenter Server Appliance.
  • General Storage, NFS and Network enhancements

I guess that there aren’t many of you who will install it in the production environments. I won’t too, however ESXi and vCenter ISOs are already downloaded, lab is also up and ready so it’s high time to test it. I’ll share my findings here as soon as possible, so please stay tuned.