WilliamLam.com

Self-Contained & Automated VMware Cloud Foundation (VCF) deployment using new VLC Holodeck Toolkit

by // 6 Comments

I recently came to learn about a really neat solution that was released called the VMware Cloud Foundation Lab Constructor (VLC) Holodeck Toolkit, which makes it super easy for anyone to deploy a complete functional VCF environment, fully self-contained and deploys all the required networking and infrastructure services that dramatically reduces the amount of time and effort to deploy a VCF environment for evaluation or learning purposes.

What is unique about the VLC Holodeck Toolkit is that it ships with a special vPodRouter VM, which provides all the networking and connectivity that is required to deploy a typical production VCF environment. If this sounds familiar, this is exactly how VMware Hands-On-Labs (HOL) works where isolated networking is provided to each "vPod" through their vPodRouter VM. In addition, the VLC Holodeck Toolkit also builds a custom Windows Jumphost (bastion) ISO that includes all the infrastructure services like DNS, Directory, Certificate Authority, etc. that is fully configured and ready to use once it is deployed and this is how users interact with the VCF environment.

With the VLC Holodeck Toolkit providing and building all the necessary "virtual" infrastructure, the barrier to entry is further reduced and customers can easily stand up a fully functional VCF environment running on just a single ESXi host without any special physical networking requirements. For a detailed overview of the solution, check out overview video below.


After learning about the solution, I also had the opportunity to kick the tires and provide some early feedback, which included a few additional optimizations that made its way back into the toolkit. For those interested, below is the high level workflow to go from a single ESXi host with minimal configuration to a fully functional VCF environment.

[Read more...]

Quick Tip - Multi-Factor Authentication (MFA), IP Address Range & Source Domain restrictions available for all VMware Cloud Services

by // Leave a Comment

A lesser known capability of the VMware Cloud Console is that we support a number of different authentication policies that can be configured to provide more secure access and/or restrict who can access the different VMware Cloud Services like VMware Cloud on AWS, vSphere+, vSAN+, VMware Cloud Foundation+ or ANY other VMware Cloud Service for that matter within your VMware Cloud Organizations(s)!

To configure the authentication policies, you will need to have the Organization Admin role and then click on "View Organization" under your user name and then navigate to Organization->Authentication Policy. In addition to configuring Multi-Factor Authentication (MFA), users also have the option of configuring IP Address Range (allow/deny rules) and Source Domain (allow) restriction policies as shown in the screenshots below.


For more details, please refer to the official VMware Cloud Services documentation on configuring these different authentication policies.

Lastly, you can also configure Enterprise Federation which allows you to login to the VMware Cloud Console using your desired identity provider, which is another frequently asked question.

VMware Cloud Foundation on Intel NUC?

by // 9 Comments

Say what!? 😎


As some of you may have noticed, the theme for several of my blog posts this week has been about deploying VMware Cloud Foundation (VCF) in a homelab environment.

To conclude this week, I thought it would be a fun experiment to see if I could leverage all the tricks that I have shared this week (here, here and here) and push the boundary even further and attempt to deploy a VCF Management Domain running on just a single Intel NUC?


Sounds crazy, right? I thought so too until I realized it was actually possible!

[Read more...]