Last week I had to change VMX files for 500 XenDesktop machines because the users where able to eject removable devices

To mass disable HotPlug capability by editing the .vmx file via PowerCLI I used the following script:

$key = "devices.hotplug"
$value = "false"
get-cluster "CL02.XD" | get-VM -Name 000-CXD* | foreach {
  $vm = Get-View $_.Id
  $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
  $vmConfigSpec.extraconfig += New-Object VMware.Vim.optionvalue
  $vmConfigSpec.extraconfig[0].Key=$key
  $vmConfigSpec.extraconfig[0].Value=$value
  $vm.ReconfigVM($vmConfigSpec)
}

Optional (manual) options:

You can disable HotPlug capability using the vSphere Client or by editing the .vmx file.
Note: You can disable HotPlug capability for PCI devices such as e1000 or vmxnet3 NICs.
To disable HotPlug capability using the vSphere Client:

1. Connect to the ESXi/ESX host or vCenter Server using the vSphere Client.
2. Power off the virtual machine.
3. Right-click the virtual machine and click Edit Settings.
4. Click the Options tab.
5. Click General > Configuration Parameters > Add Row.
6. Insert a new row with the name devices.hotplug and a value of false.
7. Power on the virtual machine.

To disable HotPlug capability using the vSphere Web Client:

1. From a web browser, connect to the vSphere Web Client.
2. Log in with Administrator credentials.
3. Navigate to the virtual machine you want to modify.
4. Right-click the virtual machine and select Edit Settings.
5. Click the VM Options tab.
6. Click Advanced > Edit Configuration > Add Row.
7. Insert a new row with the name devices.hotplug and a value of false.
8. Power on the virtual machine.

To disable HotPlug capability by editing the .vmx file:

1. Power off the virtual machine.
2. Access the ESXi/ESX service console using an SSH client.
3. Open the virtual machine configuration file (.vmx) in a text editor. The default location is:
   /vmfs/volumes/datastore_name/vm_name/vm_name.vmx
4. Add the line:
   devices.hotplug = "false"
   Note: This setting does not interfere with HotPlug CPU/memory.
5. Save and close the file.
6. Power on the virtual machine.

More information:

VMware

Current build VMware vCenter Server 6.0.0 2776510, vSphere client 6.0.0 2741530

 

Note: Supported upgrade paths to VCSA 6.0 U1 include from 5.1 U3 & 5.5.

While on the topic of upgrades, going from VCSA 6.0 to 6.0 U1 is quite simple. First, you’ll need a patch ISO, which can be found on here. You ‘ll notice there are two patch ISOs, FP and TP.

Download VCSA patch from here.

FP is a full product patch for VC & PSC appliances only.

TP is third party patch spanning multiple products, such as VCSA, vCenter Windows, VUM, PSC appliance and windows.

 

To update/patch your vCenter 6.0 Appliance, please follow the below steps:

1. Connect directly to vSphere host which running vCenter Appliance
2. Take a snapshot of VCSA
3. Connect downloaded ISO file to the VCSA VM
4. Log in to the VCSA via SSH
5. Run the following command

To mount ISO and accept EULA:

software-packages stage –iso –acceptEulas

 

To stage ISO:

software-packages install –iso

 

To see  the staged content:

software-packages list –staged

 

To  install the staged rpms:

software-packages install –staged

 

shutdown reboot –r patching

 

Result

New buildnumber: VMware vCenter Server 6.0.0 3018523

 

More information: VMware

This article provides vSphere Administrators steps to toggle between default shells available on the vCentrer Server Appliance (vCSA). 

Currently, the vCSA is bundled with these supported shells:

• Appliance Shell
• BASH Shell

Today I tried to upgrade vCenter Appliance 6.0.0 to Update 1, after runnning command “software-packages stage –iso –acceptEulas” I receiver message:

-bash: software-packages: command not found

 

Switching the vCenter Server Appliance 6.x to Appliance Shell

 

1. Log in to the vCenter Server Appliance via SSH.
2. Run this command to change from using the BASH Shell to the Appliance Shell:

   chsh -s /bin/appliancesh root

3. Log out from the BASH Shell and re-log in for this to take affect.

 

Result

After restart the SSH sessoin I was able to run commands in bash shell

 

More information: VMware

A few weeks ago a customer asked me to take a look at the following warning message in VMware vCenter when the Performance Tab in the vSphere client is being opened.

  

Perf Charts service experienced an internal error.

Message: Report application initialization is not completed successfully. Retry in 60 seconds

 

Troubleshooting time

Global checks:

• The Windows Event logs are clean
• VMware vSphere (web-) services are started with normal credentials
• I was able to restart service accounts with domain based credentials (no locking)
• Windows Firewall was enabled but no drops in the logging
• No recent installed Windows Updates
• No unplanned restarts or crashes
• The installed certificate was not expired
• The installed certificate was 2048 bit
• No conflicting webserver ports at the vCenter server

..some more troubleshooting

I checked the wrapper.log and stas.log files located at the following location:

Path: C:\ProgramData\VMware\VMware VirtualCenter\Logs\

 

 

 

 

 

 

 

 

 

  

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hmm, he logging shows that there are problems with the installed vCenter SSL certificate:
 

Error constructing private key..

..Error decrypting password

After some troubleshooting I saw that every time I open the Performance tab a new webserver SSL private key decrypting error was written in the stats.log.

I already had checked the expire date of the installed SSL certificate, it was a normal 2048 bit wildcard certificate.. oh, eh, wildcard..?? Let’s see if it is supported:

“The use of wildcard certificates are not supported with vCenter Server and its related services. Each service must have its own unique certificate”

Nope, it is not! Maybe this is the root cause.

After checking the SSL requirements at the VMware KB  I found the SSL format which is needed to generate the certificate: OpenSSL Version 0.9.8 must be used. If you do not use this version, the SSL implementation fails. <– I couldn’t check this because there was no documentation of the SSL generation

 

Solution

The customer used a wildcard SSL certificate which is not supported

More information: VMware

Blokkeer je agenda alvast voor  17 maart 2016 – dan is het tijd voor de NLVMUG UserCon. De NLVMUG UserCon is het grote jaarlijke usergroup evenement van de Nederlandse VMUG.

Kom op 17 maart naar conferentiecentrum 1931 in Den Bosch en krijg antwoord op je vragen én leer van tips en adviezen van experts, mede vmugers, VMware en de aanwezige sponsors. We gaan wederom voor een gevarieerd programma met voor ieder wat wils!

Wil je er bij zijn? Inschrijven kan nu al! Ga naar www.nlvmug.com. Wij maken in januari de opening keynote en eerste sprekers bekend.

Wij zien er naar uit u op donderdag 17 maart 2016 te ontvangen.

 

 

17 Maart 2016 8:00 – 17:00

Conferentiecentrum 1931 Oude Engelenseweg 1 5222 AA ’s-Hertogenbosch

Some months ago I installed 15 new vSphere 6.0 hosts with local flash disks. After installation I configured the VMware Syslog Service at the vCenter appliance. Few weeks later the vSphere web-client shows some warnings about disk usage

Problem

Filesystem /dev/mapperlog_vg_log usage 100%, mounted on /storage/logs

 
Use this command to verify which disk is experiencing disk space issues:

 

 

 

 

 

 

 

 

 

 

 

 

Solution

As you can see the the /storage/logs mount point is located at VMDK5

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Edit de vCenter appliance virtual hardware, select disk Hard disk 5 and increase the provisioned size, in my case from 10 to 20 GB

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once the virtual disk has been increased, return to the SSH session and execute this command to automatically expand any logical volumes for which the physical volumes are increased:

vpxd_servicecfg storage lvm autogrow

 

 

 

 

 

When the grow operation is successful, you see output similar to:

VC_CFG_RESULT=0

 

Run this command to confirm that the virtual disk has been successfully grown:

df -h

 

 

 

 

 

 

 

 

 

More information: VMware

Install and configure VMware vCenter Support

1. Download the VMware vCenter Support Assistant

2: Deploy the OVF > Accept license agreement > login to the appliance’s IP via web browser (login/password –  root/vmware)

3: From withing the web UI of the appliance, connect and push the installation of vCenter web client plugin > Enter SSO user name and password > done

 

 

 

 

 

 

 

 

Read more…

Connecting from workstation with PowerCLI to VMware vCenter 6.0 appliance fails with error:

Could not connect using the requested protocol

 

 

 

 

Solution

This issue occurs due to the proxy settings in the environment. To resolve this, check the proxy settings using the PowerCLI and set the proxy to “No Proxy”.

To set the proxy setting to No Proxy:

Run this command to find the current proxy settings:

Get-PowerCLIConfiguration

 

 

 

 

 

To change this setting, run this command:

Set-PowerCLIConfiguration -ProxyPolicy NoProxy -Confirm

 

 

 

 

 

Result

 

 

 

 

 

More information: VMware

Last week I deployed with Update Manager some patches at an existing vSphere 6.0 environment, during the remediate process I received this error message:

 

 

 

The operation is not supported on the selected inventory objects. Check the events
for the objects selected for the operation.

 

Solution

During the Remediate process you need to disable Admission Control, also when you have enough resources available in the cluster. You can do this for this specific host you selected for remediate or you can you this temporary at cluster level