VMware Cloud Foundation

vCenter Server Identity Federation with Pocket ID

04.02.2025 by William Lam // Leave a Comment

Having explored various OIDC identity providers, including Authentik, KeyCloak and Synology SSO, I recently came across Pocket ID, a super basic OIDC provider. Instead of using traditional username and passwords, Pocket ID only supports passkeys authentication based on the WebAuthn standard, which means you can login to your vCenter Server or VMware Cloud Foundation (VCF) environment using a physical device like a Yubico YubiKey or Apple Face ID.

Disclaimer: Pocket ID is not an officially supported vCenter Server IdP, please use at your own risk.

[Read more...]

vCenter Server Identity Federation with Synology SSO

03.31.2025 by William Lam // Leave a Comment

I recently found another cool use case for my Synology NAS, which is using the Synology SSO application to setup vCenter Server Identity Federation. I had not considered looking at Synology, but I was recently setting up some additional DNS entries and noticed there was SSO Server application, that supports both SAML2 and OIDC.

For those with a Synology, this is a super easy way to get hands on experience with configuring vCenter Server Identity Federation and this can all run locally within your environment, unlike some of the other external identity providers which typically will require direct/in-direction connection to your vCenter Server or require a SCIM (System for Cross-domain Identity Management) proxy server.

Disclaimer: Synology SSO is currently not an officially supported vCenter Server IdP, please use at your own risk.

[Read more...]

ESXi on GMKtec NucBox K11

03.20.2025 by William Lam // 10 Comments

The GMKtec NucBox has been growing in popularity amongst the VMware community as a modern AMD Ryzen-based alternative to the Intel/ASUS NUC, offering many of the same advantages while avoiding some of the drawbacks of Intel's Hybrid CPU architecture.

In preparation for my upcoming session at the inaugural VMUG Connect Conference in April, I have been experimenting with several modern hardware options, with the goal of deploying the full VMware Cloud Foundation (VCF) solution for use within a lab environment, while still staying budget friendly!

I know several folks have had great success with the GMKtec NucBox K8 Plus and it just so happens, while browsing the GMKtec website, I noticed an additional NucBox has just been released called the K11.

While the differences between the K8 Plus and K11 is pretty minimal, I was interested in validating some new hardware add-ons, so getting the latest hardware would hopefully give me the best chance!

In collaboration with the VMware {Code} team, I was able to get hands on with the latest GMKtec NucBox K11!

UPDATE (06/25/25) - The K11 can be used to run VCF 9.0, but you will NOT be able to run VCF Automation (VCFA). You can see how I have used the K11 is used in a "Hybrid" configuration in this blog post under Scenario 3.

[Read more...]