WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud
  • Tanzu
    • Application Modernization
    • Tanzu services
    • Tanzu Community Edition
    • Tanzu Kubernetes Grid
    • vSphere with Tanzu
  • Home Lab
  • Nested Virtualization
  • Apple

Heads Up - No healthy upstream error with VEBA vSphere UI plugin with vSphere 7.0 Update 3

10.20.2021 by William Lam // Leave a Comment

After upgrading my homelab to vSphere 7.0 Update 3, I noticed that my VMware Event Broker Appliance (VEBA) vSphere UI Plugin which is included as part of the VEBA Appliance was no longer functioning properly and would display no healthy upstream error message.


I initially thought this might be environmental, since I had just upgraded from lab from vSphere 7.0 Update 2d to 7.0 Update 3. I had reported the issue to our vSphere UI Engineers who built the VEBA UI plugin and while they were looking into the issue, we had another report from a VEBA user who also was hitting the same issue. Today, I got an update from Engineering and it looks like there was a regression in the Envoy service running in the VCSA which had caused this issue. This issue will be fixed in a future patch update for the VCSA, but in the mean time, VEBA users can apply the workaround outlined below.

[Read more...]

Share this...
  • Twitter
  • Facebook
  • Linkedin
  • Reddit
  • Pinterest

Categories // vSphere 7.0, vSphere Web Client Tags // VMware Event Broker Appliance, vSphere 7.0 Update 3

How to restrict vSphere UI access while maintaining vSphere API functionality?

06.08.2021 by William Lam // 2 Comments

Although I come across a fair amount of interesting and challenging questions posed by our customers, I have to say this is certainly one of the more stranger question that continues to surface every so often. The question itself is fairly straight forward, but what I find strange is the reasoning and justifications for needing such a solution.

In case the title was not a give away, the question is having the ability to restrict a set of user(s) from the vSphere UI while still allowing access to the vSphere API for these same user(s). To be clear, the behavior of vSphere is that if you have vSphere UI access, then you also have vSphere API access which is all based on the permissions a user or group has been granted. There is no way to distinguish or limit access between these interfaces including any vSphere SDK or PowerCLI usage which also relies on vSphere API access.

There may be valid use cases for needing such a capability, however from my experience in talking with our customers and field, it feels like this is an attempt to solve organizational and/or process issues. Let give you a few examples that I have come across over the years:

  • I need to prevent [team|individual] from using the vSphere UI, because they are not using the internal provisioning tools we have built
  • I need to prevent [team|individual] from using the vSphere UI, because they need to learn how to automate using the vSphere API
  • I need to prevent [individual] in [team] from using the vSphere UI, because they are making changes to VMs without filing support tickets
  • I need to prevent [individual] on my [team] from using the vSphere UI, because they are bypassing our change control policies

[Read more...]

Share this...
  • Twitter
  • Facebook
  • Linkedin
  • Reddit
  • Pinterest

Categories // vSphere Web Client Tags // vSphere UI, vsphere web client

Quick Tip - Changing the size of vSphere Dump Collector for VCSA 6.7 & 7.0

06.01.2021 by William Lam // 2 Comments

When an ESXi host crashes, the generated core dump can be sent over the network to a remote core dump server. The vCenter Server Appliance (VCSA) can be configured as a destination by enabling the built-in vSphere Dump Collector service. By default, the storage repository for the vSphere Dump Collector service is configured to 2GB and can be increased up to 10GB, which is the supported maximum.

In earlier vSphere releases, configuring the vSphere Dump Collector repository size could be done using the vSphere Web (Flash) Client as shown in the screenshot below.

Configure and test of ESXi Dump Collector – Notes from MWhite
Screenshot courtesy from Michael White's blog post https://notesfrommwhite.net/2016/01/20/configure-and-test-of-esxi-dump-collector/

However, as part of the vSphere (HTML5) UI Client transition, it looks like all general VCSA service configurations including the vSphere Dump Collector was not ported over. I can only assume the reasoning for this was due to the infrequency configuring or updating these settings. This has been a question that has come up a few times across both VCSA 6.7 and 7.0 environments and I was recently reminded of the solution and I realized I had not blogged about the solution.

[Read more...]

Share this...
  • Twitter
  • Facebook
  • Linkedin
  • Reddit
  • Pinterest

Categories // vSphere 6.7, vSphere 7.0, vSphere Web Client Tags // Dump Collector

  • 1
  • 2
  • 3
  • …
  • 30
  • Next Page »

Search

Author

William Lam is a Senior Staff Solution Architect working in the VMware Cloud team within the Cloud Infrastructure Business Group (CIBG) at VMware. He focuses on Cloud Native technologies, Automation, Integration and Operation for the VMware Cloud based Software Defined Datacenters (SDDC)

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Connect

  • Email
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • Vimeo

Support

Recent

  • ESXi running in unexpected places ... 05/20/2022
  • Quick Tip - Adding a vTPM (Virtual Trusted Platform Module) to a Nested ESXi VM 05/13/2022
  • vSphere Event-Driven Automation using VMware Event Router on VMware Cloud on AWS with Knative or AWS EventBridge 05/10/2022
  • Integrating VMware Event Broker Appliance (VEBA) with Zapier 04/28/2022
  • Using Terraform to activate Tanzu Kubernetes Grid Service on VMware Cloud on AWS 04/27/2022

Advertisment

Copyright WilliamLam.com © 2022

 

Loading Comments...