WilliamLam.com

Quick Tip - Using HTTP(s) proxy for connecting to 3rd party Content Library in vSphere 6.0

by // 11 Comments

A couple of weeks back I was asked by a customer who was interested in subscribing to my 3rd Party Content Library which hosted several of my Nested ESXi and VSAN OVF Templates. The problem was that in his environment, like many others, he did not have direct access internet access from within vCenter Server for the Content Library subscription to be created. The customer was wondering if the Content Library feature supported a proxy server which is a very common method for Enterprise customers to provide access to external sites requiring internet access. The Content Library Service does provide a way to configure a proxy server and below are the instructions for configuring both the VCSA and vCenter Server for Windows.

UPDATE (09/27/17): As of vSphere 6.5 Update 1, the Proxy Configurations for the Content Library has been pulled directly into the service itself and you no longer have to manually edit the Java wrapper.conf files. You can now access the proxy configurations by using the vSphere Web Client going to Administration->System Configuration->Services->Content Library Service->Transfer Service as shown in the screenshot below. For 6.0 and 6.5, you will need to continue to follow the instructions below on editing the wrapper.conf file.

vCenter Server Appliance (VCSA)

The configuration file that you will need to edit is /usr/lib/vmware-vdcs/wrapper/conf/wrapper.conf and below are the three lines to add:

wrapper.java.additional.20=-Dhttps.proxySet=true
wrapper.java.additional.21=-Dhttps.proxyHost=proxy.server.com
wrapper.java.additional.22=-Dhttps.proxyPort=8080

Once you have saved your changes, you will need to restart the Content Library service for the changes to go into effect by running the following command:

/etc/init.d/vmware-vdcs restart

The proxy server will now be used and assuming the proper ACL's have been added on the proxy server itself to allow traffic from your vCenter Server to the appropriate destination site, you should now be able to use the Content Library to subscribe to my 3rd Party Content Library.

vCenter Server for Windows

The configuration file that you will need to edit is C:\Program Files\VMware\vCenter Server\vdcs\wrapper\conf\wrapper.conf and below are the three lines to add:

wrapper.java.additional.20=-Dhttps.proxySet=true
wrapper.java.additional.21=-Dhttps.proxyHost=proxy.server.com
wrapper.java.additional.22=-Dhttps.proxyPort=8080

Once you have saved your changes, you will need to restart the Content Library service for the changes to go into effect by going to the Windows services panel.

content-library-service

Configuring per-VMDK IOPS reservations in vSphere 6.0

by // 1 Comment

One of the new features in vSphere 6.0 that was quickly mentioned at the end of Duncan Epping's What's New Storage DRS blog post is the ability to configure an IOPS reservation on a per-VMDK basis which is now integrated with both Storage IO Control (SIOC) and Storage DRS. As Duncan mentioned at the end of his article, this feature is only consumable through the vSphere API and given that, it may not be a feature that is widely known or used. This topic had recently surfaced in an internal thread on how to set the IOPS reservations and below are the details if you wish to leverage this new vSphere 6.0 storage platform capability.

To be able to use this new feature, there are two requirements:

  1. You need to set the IOPS reservation value on an individual VMDK which is under the StorageIOAllocationInfo property of a VMDK called, not surprisingly, reservation.
  2. All ESXi hosts mounting the Datastore must be running vSphere 6.0

To be clear, this reservation property has been around since vSphere 5.5, but had only had support for local datastores. In vSphere 6.0, shared datastores are now supported along with both SIOC and Storage DRS being aware.

To exercise the use of this vSphere API, I have created a simple PowerCLI script called configurePerVMDKIOPS.ps1 (works with both vSphere 5.x & 6.0) which you will need to edit to include your vCenter Server, the name of the VM you wish to set the IOPS reservation along with the VMDK label and IOPS value.

Here is an example output for configuring a VM named Photon with IOPS reservations of 2000 on Hard Disk 1:

configure-per-vmdk-iops-reservations
I have been told that in the future, the plan is to make this configurable available in the vSphere Web Client. Though, honestly why would anyone want to perform this change across multiple VMs by hand, when you can quickly and efficiently automate this across your environment with a simple script? 😉

vCenter Server 6.0 Tidbits Part 8: Useful ldapsearch queries for vmdird

by // Leave a Comment

Last week I demonstrated how you can connect to the VMware Directory Service (vmdird) in vSphere 6.0 using JXPlorer, a graphical LDAP browser to extract useful information such as all the deployed vCenter Servers and Platform Services Controllers in your environment. I have also shown in past articles on how you can also retrieve this information programmatically which I have described here and here. Since vmdird is an LDAP-based system, we can also easily retrieve this information using simple LDAP commands that you may already be familiar with.

Disclaimer: Please take extreme caution when connecting to the vmdird database, this is primary for educational purposes. You should take extreme care in making changes while in the database else you can negatively impact your environment.

For performing search queries within an LDAP system, we can use the ldapsearch command which is available among other commands within the VCSA as well as other *NIX based system including Mac OS X. You can use this command to connect to both Windows and the VCSA running either an Embedded deployment or just the Platform Services Controller services.

Below are three useful ldapserach queries for identifying all deployed vCenter Servers and Platform Services Controllers including the SSO Site Name. The parameters highlighted below in blue will need to be modified based on your environment. The -h parameter specifies the Hostname/IP Address of your PSC, the -w parameter is the SSO Administrator password and the dc property is the name of SSO Domain.

Finding all deployed vCenter Servers:

/opt/likewise/bin/ldapsearch -h psc-01.primp-industries.com -w 'VMware1!' -x -D "cn=Administrator,cn=Users,dc=vghetto,dc=local" -b "ou=Computers,dc=vghetto,dc=local" -s one "objectclass=computer" cn

useful-ldapqueries-to-platform-services-controller-0
Finding all deployed Platform Service Controllers:

/opt/likewise/bin/ldapsearch -h psc-01.primp-industries.com -w 'VMware1!' -x -D "cn=Administrator,cn=Users,dc=vghetto,dc=local" -b "ou=domain controllers,dc=vghetto,dc=local" -s one "objectclass=computer" cn

useful-ldapqueries-to-platform-services-controller-1
Finding SSO Site Name:

/opt/likewise/bin/ldapsearch -h psc-01.primp-industries.com -w 'VMware1!' -x -D "cn=Administrator,cn=Users,dc=vghetto,dc=local" -b "cn=Sites,cn=Configuration,dc=vghetto,dc=local" "objectclass=container"

useful-ldapqueries-to-platform-services-controller-2