WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

Automating bulk OPNsense Unbound DNS host overrides

03.25.2025 by William Lam // Leave a Comment

I recently deployed OPNsense in my homelab, which I will be using it to setup my VMware Cloud Foundation (VCF) environment. A critical part infrastructure service that is often miss-configured is DNS and OPNsense provides a simple way add your custom DNS entries (forward/reverse) called Host Overrides, which uses Unbound DNS behind the scenes.

Like most, I have a number of DNS entries that I would like to pre-create and the UI is not exactly the quickest for any type of "bulk" operation as each entry is added sequentially.


Luckily, OPNsense does have a REST API for Unbound functions, but the documentation was not very useful as it just direct users to use the browser to extract the JSON payload, while something I am comfortable with, I think that is not what I expected from something called an API Reference ...

In any case, this was a simple enough API, that I was able to create a quick PowerShell script to parse a CSV file that contains the list of FQDN, IP Address and Description and then perform a bulk create since the API itself was also sequential in nature 🙁

[Read more...]

Categories // Automation Tags // OPNsense

Quick Tip - VMware Cloud Foundation (VCF) Bringup fails without persistent ESX-OSData

03.12.2025 by William Lam // 5 Comments

You will never run into this problem if you follow current recommended practices to install the ESX-OSData volume on a persistent storage device that could either be dedicated and/or co-located your ESXi installation.

For those deploying VMware Cloud Foundation (VCF) in a lab environment, you might attempt to reserve the limited number of storage devices for use with vSAN and decide to install ESXi on a USB device, which is perfectly fine but if you do not select a persistent storage device for the ESX-OSData volume, then it will default to use the ESXi ramdisk.

I recently observed that if you have such a configuration, the VCF Cloud Builder Bringup process will fail after attempting (three times) to re-deploy the vCenter Server Appliance (VCSA).


As you can see from the screenshot above,  VCF Cloud Builder UI does not provide any details and ask users to look at the vCenter Server installation logs.

[Read more...]

Categories // Automation, VCSA, VMware Cloud Foundation, vSphere Tags // vLCM, VMware Cloud Foundation

Quick Tip - Listing all vSphere Privilege Definitions

03.04.2025 by William Lam // Leave a Comment

By design, the vSphere platform (includes vCenter Server and ESXi) is highly extensible and additional vSphere Events and Privileges can added by 2nd and 3rd party solutions. Similiar to vSphere Events, where you can query your specific vCenter Server (or ESXI hosts) to list all vSphere Event definitions, you can also do the same for vSphere Privileges.

Using PowerCLI, we can use the Get-VIPrivilege cmdlet to help list out the vSphere Privilege Groups and the specific granular vSphere Privileges that exists within deployment.

Here is an example of listing all the different vSphere Privilege Groups that have been defined, either out of the box and/or by 2nd or 3rd party solution:

Get-VIPrivilege -PrivilegeGroup | select id,Description | Sort-Object -Property Id


As of vCenter Server 8.0 Update 3c, there are currently 111 out of the box vSphere Privilege Groups, you may have more or less depending on your version and the number of 2nd/3rd party integrations.

Here is an example of listing all the vSphere Privilege definitions that have been defined, either out of the box and/or by 2nd or 3rd party solution:

Get-VIPrivilege -PrivilegeItem | select id,Description | Sort-Object -Property Id


As of vCenter Server 8.0 Update 3c, there are currently 473 out of the box vSphere Privileges, you may have more or less depending on your version and the number of 2nd/3rd party integrations.

Additionally, you may also find these other vSphere Authorization blog posts useful:

  • Exploring the new vSphere Privilege Recorder in vSphere 8.0 Update 1
  • Listing all Events for vCenter Server
  • Quick Tip - Audit vCenter Server Role & Permission Usage

Categories // Automation, vSphere, vSphere 7.0, vSphere 8.0 Tags // privilege, vCenter Server

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 224
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Ultimate Lab Resource for VCF 9.0 06/25/2025
  • VMware Cloud Foundation (VCF) on ASUS NUC 15 Pro (Cyber Canyon) 06/25/2025
  • VMware Cloud Foundation (VCF) on Minisforum MS-A2 06/25/2025
  • VCF 9.0 Offline Depot using Synology 06/25/2025
  • Deploying VCF 9.0 on a single ESXi host? 06/24/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...