vSphere

Quick Tip - Adding a vTPM (Virtual Trusted Platform Module) to a Nested ESXi VM

05.13.2022 by William Lam // Leave a Comment

I had an interesting question this morning asking whether it was possible to add a vTPM (Virtual Trusted Platform Module) to a Nested ESXi VM? The user was interested in testing a particular scenario with the new vSphere Trust Authority feature that was introduced in the vSphere 7.0. I personally had not done much with vTPM and I had assumed it should just work as long as you have a physical TPM chip in the underlying hardware and you have setup either a Standard or Native Key Provider within your vCenter Server.

The user observed that adding a vTPM to a Windows VM was possible using the vSphere UI but when attempting to perform the same operation on a Nested ESXi VM, the option to add vTPM device was not available. After spending ~30 minutes asking around for hardware that had a physical TPM, I remember that my Quartz Canyon NUC (NUC 9 Pro) is a Xeon based system and it has TPM 2.0 chip. I was able to take a closer look and quickly found the solution was very pretty straight forward!

[Read more...]

vSphere Event-Driven Automation using VMware Event Router on VMware Cloud on AWS with Knative or AWS EventBridge

05.10.2022 by William Lam // Leave a Comment

The VMware Event Broker Application (VEBA) is a popular VMware Event-Driven Automation solution that can be consumed using either the open source or commercial offering from VMware. The commercial offering of VEBA is already available to customers today via our Tanzu Application Platform (TAP) offering, which I have previously written about here. The open source offering of VEBA can be consumed in either a pre-packaged Virtual Appliance or a native Kubernetes Application called for those with an existing Kubernetes cluster.

Deploying the VEBA Virtual Appliance is well documented (here and here) and I wanted to spend some time covering the native Kubernetes deployment model, as it there are actually a couple of options and most recently, this came up in a customer discussions as they were interested in forwarding vSphere Events from VEBA to AWS EventBridge.

In the open source version of VEBA, there is a component called the VMware Event Router, which is responsible for connecting to an event source such as vCenter Server and then forwarding those events to a processor which can either be a a function that you have written to react to a specific event using Knative or to AWS EventBridge to integrate with other AWS native services like CloudWatch as an example.

To demonstrate the two different ways to deploy the VMware Event Router, I have created the following Github repo https://github.com/lamw/vsphere-event-driven-automation-vmware-event-router that provides an example to easily deploy the VMware Event Router to an existing Kubernetes cluster. For my environment, I will be using VMware Cloud on AWS and the managed Kubernetes offering called Tanzu services, which is included as part of the base offering and there is no additional cost of running the Kubernetes infrastructure, which is certainly an added bonus 😀

[Read more...]

Integrating VMware Event Broker Appliance (VEBA) with Zapier

04.28.2022 by William Lam // Leave a Comment

Michael Gasch and I recently had an internal discussion with an Engineer about our VMware Event Broker Appliance (VEBA) project and they had shared some additional integration ideas that could be useful for our community. The solution was a cloud service called Zapier, that makes it easy for users (non-developers) to automate workflows across a number of web applications. In the case of Zapier, they have a catalog of over 4k+ integrations and users can also create their integration into Zapier by creating what they call a Zap.

The really cool thing about a Zap is that it can be trigged via an incoming webhook! Why is that cool, well you can probably guess from the title of this article? 😀

Simliar to how VEBA can easily send a notification to Slack or Microsoft Teams via a webhook, VEBA can also be used to integrate with over 4k+ apps within Zapier using this exact same pattern. In fact, the code to trigger a Zapier workflow within a VEBA function is exactly the same and it was literally copy/paste, which took me less than 5 minutes to fully implement!

The use case that I thought would be cool to demonstrate with Zapier is to react to all failed vCenter Server login attempts and automatically send that information to a Google Spreadsheet as shown in the final implementation below.

A huge benefit of using a solution like Zapier is that it simplifies the more complex integrations. One example is if you wish to integrate with Google Docs, you will need to figure out the authentication scheme and understand the required Google APIs and the finally write the code to perform the task you are interested in. With Zapier and simliar solutions, all of that is automatically handled for you and requires very little configuration, which can all be setup using the Zapier UI.

If you are interested in using Zapier or implement the solution above, take a look at the instructions below.

[Read more...]