vSphere

Automated ESXi Installation to USB using Kickstart

07/09/2019 by William Lam 6 Comments

I frequently re-install ESXi on my physical host for various types of testing as I normally work with a number of future releases. Although the process just takes a couple of minutes, having to enter the exact same information each time and also requiring a keyboard and monitor is not really ideal. For the majority, this is really not a problem and manually going through the install workflow is fine for most folks, especially as this is an infrequent operation.

However, with some recent customer conversations, I thought it was worth while to re-visit this topic and demonstrating just how easy it is to automate the installation of ESXi with just a single bootable USB device and embedding an ESXi Kickstart Script. Even for infrequent installation and/or upgrades of ESXi for home labs, this can be a time saver, especially if you do not have monitor and keyboard just lying around. Below are instructions including a reference Kickstart example that folks can use as a starting point. For more advanced automation, please take a look at my ESXI Kickstart Resources as well as the official VMware documentation for ESXi Scripted Installations.

New hardware support & enhancements to USB Network Native Driver for ESXi

06/17/2019 by William Lam 1 Comment

Since releasing the USB Network Native Driver for ESXi Fling back in February, the feedback and support for this Fling has simply been amazing. I especially enjoy hearing from customers, almost on a weekly basis, on how they are taking advantage of this solution in their vSphere/vSAN/NSX home lab and enabling for more complex networking topologies.

When we released the fling, we had focused on the most popular USB 3.0 network adaptors that we had accessed to which were based on AX8817a, AX88179 & RTL8153 chipsets. The initial list started out with just 5 devices, but we knew there were going to be others. In fact, Songtao and I have received plenty of feedback from our customers on what they would like to see supported, including USB 2.0 network adaptors. Another highly requested feature that customers have been asking for is support for Jumbo Frames and this is usually in the context of setting up either an NSX-V or NSX-T environment.

Thunderbolt 3 enclosures with (Single, Dual & Quad) M.2 NVMe SSDs for ESXi

06/03/2019 by William Lam 14 Comments

Thunderbolt 3 (TB3) and eventually USB 4 is a really fascinating technology and I believe it still has so much untapped potential, especially when looking at Remote/Branch Office (ROBO), Edge and IoT types of deployments. TB3 was initially limited to Apple-based platforms, but in the last couple of years, adoption has been picking up across a number of PC desktop/laptops including the latest generations of Intel NUCs which are quite popular for vSphere/vSAN/NSX Home Labs. My hope with USB 4 is that in the near future, we will start to see servers with this interface show up in the datacenter 🙂

In the mean time, I have been doing some work with TB3 from a home lab standpoint. Some of you may have noticed my recent work on enabling Thunderbolt 3 to 10GbE for ESXi and it should be no surprise that the next logical step was TB3 storage. Using a Thunderbolt interface to connect to external storage, usually Fibre Channel is something many of our customers have been doing for quite some time. In fact, I have a blog post from a few years back which goes over some of the solutions customers have implemented, the majority use case being Virtualizing MacOS on ESXi for iOS/MacOS development. These solutions were usually not cheap and involved a sizable amount of infrastructure (e.g. storage arrays, network switches, etc) but worked very well for large vSphere/MacOS based environments.

New Thunderbolt 3 to 10GbE options for ESXi

04/17/2019 by William Lam 27 Comments

With the help from Aquantia, we now have an ESXi driver to enable the built-in 10GbE adaptor for both the Apple 2018 Mac Mini and the iMac Pro. Although this was exciting news for our VMware/Apple customers, I was actually more excited for what this development meant for the larger VMware Community when it comes to 10GbE accessibility.

Many Enterprise customers have already been using Thunderbolt 2/3 to access their 10 Gigabit infrastructure, usually over SFP+ but Ethernet based options also exists such as the Sonnet solution which I had shared last year. This is especially common for VMware customers who virtualize Apple MacOS on vSphere for MacOS/iOS development and the use of Thunderbolt enables ESXi to connect to the underlying storage and networking infrastructure, which traditionally has been either Fibre Channel and/or IP-based storage running over a 10Gig link.

When you start looking at 10GbE accessibility for VMware home labs which could potentially apply to remote office/branch office (ROBO) and Edge/IoT environments, the cost and the complexity of the setup is something that many folks have to consider. There are definitely some creative options out there, most recently Chad Moon shared his solution using a Thunderbolt 3 to PCIe expansion chassis with his Intel NUCs which will run you about $230 per setup or you can be a true hardware hacker like Jack Harvest and use one of the M.2 slots in the Intel Skull Canyon NUC and connect that to PCIe 10GbE SFP+ card with a custom 3D printed chassis to hide everything for just $43.68 🙂

Enhanced vCenter Server Audit Event & Logging in vSphere 6.7 Update 2

04/08/2019 by William Lam Leave a Comment

A couple of years back I had published a detailed analysis on vCenter Server's Authentication (AuthN) and Authorization (AuthZ) from an auditing and logging standpoint. This has been the go to reference for many of our customers and the posts also includes a number of log samples which I have documented in the following Github repository.

In addition to serving as a reference for our customers, it has also helped our Product and Engineering teams understand where we still had some gaps and how we could improve the overall user experience. As hinted in the recently announced vSphere 6.7 Update 2 release, which will be available soon, there are number of new auditing enhancements that have been made to both vCenter Server and the vCenter Single Sign-On (SSO) service that I think customers will really appreciate.

"Real" client IP address in Events

When you look at a login or logout Event in vCenter Server today, you may have noticed the user's client IP Address is actually of the vCenter Server rather than the actual remote client's address and the reason for this is explained here. In vSphere 6.7 Update 2, the real client IP Address is now captured and is included in all successful login/logout and failed logins. This information can now enable administrators to easily identify unauthorized access and be able to quickly track down the systems initiating the connections.

How to immediately refresh the network GuestInfo using VMware Tools?

04/03/2019 by William Lam 1 Comment

We all know the benefits of installing VMware Tools into your guest operating system which also includes additional functionality such as the Guest Operations APIs, allowing administrators to perform operations directly within the guest (credentials required), even if networking is not available. In addition to all these benefits, customers also get better visibility into the guest such as the underlying OS that is actually installed, disk volumes and networking information such as hostname and IP Addresses for the different network interfaces.

I am assuming most of you have seen the VM Summary page in the vSphere UI and if VMware Tools is installed and running, some of the GuestInfo data will be displayed such as networking.

An interesting tidbit that I had learned recently about VMware Tools while working on Instant Cloning Apple MacOS (yup, this works!) is that there is a default polling interval of 30 seconds in which this GuestInfo data is updated. In general, this is not a problem as this type of information does not change frequently and the default should be more than sufficient for most customers.

However, if you are performing an Instant Clone and you are relying on the vSphere API and the GuestInfo data to determine the IP Address of the guest, having to wait up to 30seconds is not ideal, especially since the actual Instant Clone operation completes in just a few seconds. One option is to change the default polling interval, which I have outlined the details in the MacOS Instant Clone article, but rather than changing the default which can add some additional load, there is actually a much simpler solution.

With VMware Tools 10.1 or newer, customers now have a way to immediate initiate a refresh of the networking info, directly from within the guest. This is perfect for the Instant Clone use case where network configuration is applied through a customization script and you can then run the update command afterwards to ensure the GuestInfo data is immediately reflected. Below are the respective commands for each OS type and you will need to have administrator privileges to perform this operation.

Windows:

C:\Program Files\VMware\VMware Tools\VMwareToolboxCmd.exe info update network

Linux:

/usr/bin/vmware-toolbox-cmd info update network

MacOS:

/Library/Application\ Support/VMware\ Tools/vmware-tools-cli info update network