WilliamLam.com

Native OVF support for Fusion/Workstation 2017 Tech Preview 

by // 1 Comment

The VMware Fusion and Workstation team just released their 2017 Tech Preview releases and there is a ton of new and awesome capabilities which you can read more about here and here. One of the exciting new features, which I was very fortunate to have been involved with is finally here, native OVF property support! Although customers have had the ability to import OVF/OVAs for some time now, if they included OVF properties, they would be ignored and often times this would result in a failed deployment as those properties are required for the initial setup.

A great example of this is trying to run the vCenter Server Appliance (VCSA) on either Fusion or Workstation. Today, the only workaround is to manually edit the VMX file and supplying the correct OVF properties which I have blogged about here. With the latest TP release of Fusion/Workstation, when you import an OVF/OVA that contains OVF properties, the UI will automatically render the required information directly into the UI without needing users to manually touch the VMX files.

Here is a screenshot of deploying the latest VCSA 6.5d OVA (jump to bottom for some additional VCSA tidbits when deploying to Fusion/Workstation):

[Read more...]

Workaround to deploy vSphere Integrated Containers 1.1 OVA using PowerCLI (SHA256 not supported)

by // 2 Comments

Last week I had noticed several folks were having issues deploying the latest vSphere Integrated Containers (vIC) 1.1 OVA using PowerCLI. The following error message was observed when using the Get-OvfConfiguration cmdlet which is needed before importing an OVF/OVA:

PowerCLI doesn't support SHA256 hash codes in OVF manifest

As you probably have guessed, the issue is that PowerCLI currently does not support the SHA256 hashing algorithm, which the latest vIC OVA was generated with. I suspect this is probably related to the change with OVFTool 4.2 which now defaults to SHA256 which also has some implications on which vSphere UI you can use to import OVF/OVAs which I had written about here. As of today, PowerCLI currently only supports SHA1 and anything greater will not work. I have already reported this to Jake Robinson who is the PM for PowerCLI and hopefully this will get addressed in a future update.

In the meantime, you can deploy vIC using either the vSphere Web Client and/or ESXi Embedded Host Client, both support SHA256. If you wish to Automate the deployment of vIC, the only option right now is to convert the OVA from SHA256 to SHA1. You can easily do this by using OVFTool which is available on all OS platforms. If you already have downloaded the vCenter Server Appliance (VCSA) ISO, you can even make use of its bundled OVFTool in case you did not want to install OVFTool (You can find it under vcsa/ovftool in extracted ISO).

To convert the hashing algorithm, we just need to pass in our desire hash to the --shaAlgorithm parameter.

ovftool.exe --shaAlgorithm=SHA1 C:\Users\primp\Desktop\vic-v1.1.1_56a309fb.ova C:\Users\primp\Desktop\vic-v1.1.1_56a309fb-SHA1.ova

Once the conversion is done, you can delete the original vIC OVA and then use PowerCLI to import the new OVA just like you would with any other OVF/OVA!

New "raw" VM Storage Policy support in OVFTool 4.2 simplifies bootstrapping VMs onto VSAN

by // 2 Comments

Several weeks back I came across a handy little tidbit on an enhancement that was added to the latest version of OVFTool (4.2) that greatly simplifies the bootstrapping of a vCenter Server or any other VM for that matter onto a vSAN Datastore. This is generally used when setting up a pure greenfield environment where your vCenter Server may not be setup yet and you want to run it on top of vSAN which is fully supported configuration. The process of "bootstrapping" a VCSA onto a single node vSAN datastore is documented on my blog here. The high level steps are as follows:

  1. Temporarily change default ESXi VM Storage Policy to allow forced provisioning and FTT=0 (e.g. no protection)
  2. Claim disks for creating vSAN Diskgroup(s)
  3. Create vSAN Cluster
  4. Deploy VCSA
  5. Apply the default vSAN VM Storage Policy to VCSA VM
  6. Revert the temporarily change of default ESXi VM Storage Policy

With this new OVFTool enhancement, Step 1 and 6 is no longer needed from the standpoint of needing to change the default VM Storage Policy on the ESXi host using the ESXi Shell or using the vSphere API. Instead, you can now pass in a "raw" VM Storage Policy (SPBM) to apply to the specific OVF/OVA that is being deployed rather having to make a global change on the ESXi host. This also helps reduce the post-deployment steps as you only need to re-apply the default vSAN VM Storage Policy to the vCenter Server VM and not have to touch ESXi host settings once the vCenter Server is up and running.

To use this new raw VM Storage Policy feature in OVFTool, there is a new command-line option called --defaultStorageRawProfile which accepts the "raw" VM Storage Policy as you would normally provide to SPBM APIs such as "((\"hostFailuresToTolerate\" i1) (\"forceProvisioning\" i1))" for example.

The really cool thing about this feature is that you can take advantage of this directly with the new OVFTool argument passthrough feature that was introduced in the VCSA 6.5 CLI deployment utility. Combining these solutions together, you can easily simplify the "bootstrapping" of a VCSA onto a vSAN Datastore. Below is the snippet that you would include in the VCSA JSON configuration file used for deployment.

"ovftool.arguments" : {
"defaultStorageRawProfile" : "((\"hostFailuresToTolerate\" i1) (\"forceProvisioning\" i1))"
}

Although a tiny enhancement, I think this is a pretty neat capability, especially being able to make use of it natively within the VCSA configuration file. It is definitely great to see us continue to simplify how VMware management infrastructure is deployed and definitely stay tuned on what else we have cooking in the future for this particular area 🙂