WilliamLam.com

Quick Tip - How to actually disable host encryption mode on ESXi?

by // 2 Comments

This recent quote from my buddy Timo Sugliani (definitely worth a follow on Twitter), perfectly captures the essence of an issue that I had ran into and I am sure many of you can also relate! 😀

Trying to do ONE thing and deviating to X, Y and Z. The common IT Journey

I was trying to generate an ESXi support bundle to share with Engineering and when ran the "vm-support" command, I was surprised that it failed with the following message:

Command cannot succeed because this host is in crypto safe mode and the vm-support incident key is missing.


I had never seen this message before and I had assumed it was probably due to my recent use of adding vTPM to VM that caused the host encryption mode to get enabled on this particular ESXi host. Although there were commands that I could run follow, I actually just wanted to disable it and get the support bundle over to Engineering. I figure I should be able to easily disable it, right?

[Read more...]

Exploring the Cloud-init Datasource for VMware GuestInfo using vSphere

by // Leave a Comment

While exploring some upcoming capabilities and providing early feedback to Engineering, I came to learn about a new Cloud-init datasource called VMware GuestInfo that was recently merged into the project last August. The Cloud-init Datasource for VMware GuestInfo started out as an OSS project created by Andrew Kutz of VMware and it provides an easy way for a vSphere-based VM to leverage the popular Cloud-init tool for OS initialization and configuration. 

Unlike the recent vSphere Guest OS Customization with Cloud-init feature in vSphere 7.0 Update 3, the Cloud-init Datasource for VMware GuestInfo works by configuring specific guestinfo variables on a VM which are then transported into the guest operating system (GOS) using VMware Tools and is then processed by the cloud-init service that is running inside of the GOS. The nice thing about using this new Cloud-init datasource is that it is not tied to a specific release of vSphere and for those with Cloud-init experience, this is an easy way to incorporate your existing workflows. While I was somewhat familiar with Cloud-init and Linux GOS, I did not know that support for Microsoft Windows was also possible through the use of another project similiar to Cloud-Init called Cloudbase-Init.

It took me some time to figure out how to setup Cloudbase-init with Windows and I have to give a huge shoutout to Jay Vyas for pointing me over to one of his pet projects SIG Windows Development Environment that provided a clue to what the configuration file should look like. While learning about both Cloud-init Datasource for VMware GuestInfo and Cloudbase-init, I found that it was not trivial to get started and I wanted to document some concrete examples that can easily illustrate the power of this capability but also help anyone that might be interested in using this feature and how to quickly get started.

[Read more...]

Heads Up - Potential missing vCenter Server Events due to sequence ID overflow

by // 2 Comments

We had a few users who had reported issues with using the VMware Event Broker Appliance (VEBA) solution where VEBA was not receiving any events from the connected vCenter Server. This was really puzzling for the team to debug because the user clearly saw events in both the vSphere UI as well as using vSphere Automation Clients like PowerCLI.

After a bit of debugging with a few of our users (huge thanks to Michael Gasch for driving this), we discovered that in certain environments, the generated sequence number that is used for the vCenter Event ID has overflowed and causes the value to have a negative number. To further complicate the debugging, there are actually two ways of fetching vCenter Server Events using the vSphere API. The first is to just look at the LatestPage property, which will return the most recent events and not care about event ID and the second is to use CreateCollectorForEvents() which is more of an event stream and it does care about the event ID being non-negative. You can probably guess which vSphere API VEBA was using, not only because of our check-pointing feature but LatestPage could lose events from a client request point of view for chatty environments.

[Read more...]