WilliamLam.com

Self-Contained & Automated VMware Cloud Foundation (VCF) deployment using new VLC Holodeck Toolkit

by // 3 Comments

I recently came to learn about a really neat solution that was released called the VMware Cloud Foundation Lab Constructor (VLC) Holodeck Toolkit, which makes it super easy for anyone to deploy a complete functional VCF environment, fully self-contained and deploys all the required networking and infrastructure services that dramatically reduces the amount of time and effort to deploy a VCF environment for evaluation or learning purposes.

What is unique about the VLC Holodeck Toolkit is that it ships with a special vPodRouter VM, which provides all the networking and connectivity that is required to deploy a typical production VCF environment. If this sounds familiar, this is exactly how VMware Hands-On-Labs (HOL) works where isolated networking is provided to each "vPod" through their vPodRouter VM. In addition, the VLC Holodeck Toolkit also builds a custom Windows Jumphost (bastion) ISO that includes all the infrastructure services like DNS, Directory, Certificate Authority, etc. that is fully configured and ready to use once it is deployed and this is how users interact with the VCF environment.

With the VLC Holodeck Toolkit providing and building all the necessary "virtual" infrastructure, the barrier to entry is further reduced and customers can easily stand up a fully functional VCF environment running on just a single ESXi host without any special physical networking requirements. For a detailed overview of the solution, check out overview video below.


After learning about the solution, I also had the opportunity to kick the tires and provide some early feedback, which included a few additional optimizations that made its way back into the toolkit. For those interested, below is the high level workflow to go from a single ESXi host with minimal configuration to a fully functional VCF environment.

[Read more...]

ESXi configstorecli enhancement in vSphere 8.0 Update 1

by // Leave a Comment

The ESXi configstorecli was introduced back in vSphere 7.0 Update 1 and provides access to the ESXi ConfigStoreĀ which responsible for centrally managing all configurations for an ESXi host instead of relying on different methods including a variety of configuration files, I highly recommend reviewing this refresher article HERE if you have not heard of the configstorecli before. The ESXi ConfigStore is also the underlying infrastructure that powers the new vSphere Configuration Profile feature which is also part of the vSphere Lifecycle Manager (vLCM) solution.

For those who currently or plan to automate ESXi installations using Kickstart, I wrote an article HERE last year on how to start converting some of your existing automation into using the new ESXi configstorecli, which is another article I recommend folks take a look if you have no already.

One of the challenges that I personally found when using configstorecli was purely figuring out the overall schema for the different components, groups and keys that are available. While I have demonstrated how to traverse the configstore in this blog post HERE, I still found experience less than ideal. I would have liked a bit more of an iterative exploration of the configstore itself and rather than showing the entire schema, I could slowly expect each node as configstore is a stored as a JSON document.

[Read more...]

Changing the default HTTP(s) Reverse Proxy Ports on ESXi 8.0

by // 5 Comments

The process of changing the default ports for the ESXi Reverse Proxy service has always been pretty straight forward, which I had also shared back in 2015 HERE. While most customers stick with the default configuration (80 for HTTP and 443 for HTTPS), we do have some customers that need to change these ports to meet certain organization security and/or compliance requirements.

I recently came across a customer report where the previous method for changing the ESXi Reverse Proxy ports on an 8.0 host no longer worked and the only thing that was shared was that the user could no longer run ESXCLI directly within the ESXi Shell, which I thought was a strange observation.

I deployed the latest ESXi 8.0b as a Nested ESXi VM and I went through the instructions I had outlined in my blog post HERE and changed the HTTPS port from 443 to 4444, which was the setup the user was looking to do and I ran into the exact same issue. At first, I thought maybe we actually no longer support this capability and decided to quickly test by using the remote version of ESXCLI, which allows you to specify a port as part of the connection and it failed with the same error.

[Read more...]