WilliamLam.com

Configuring Additional Windows vSphere Web Client 5.1 Servers

by // 10 Comments

Did you know in vSphere 5.1, you can now configure multiple vSphere Web Client servers to multiple vCenter 5.1 Servers and get a single view of your entire infrastructure as well as provide redundancy to the vSphere Web Client? This is all made possible with the new vCenter SSO (Single Sign-On) and Lookup Service feature.

When you first install vCenter Server, you can install the vSphere Web Client on the same machine or you can install it on a separate machine. If you decide to install the vSphere Web Client on a separate system or add additional vSphere Web Client servers, you simply just need to point them to your main vCenter SSO instance.

Note: If you wish to re-point or re-register other vCenter Server components, there is nice VMware KB that goes over all the steps.

Before getting started, it is very important to ensure you have proper DNS resolution (forward / reverse working) on all your Windows servers.

If you are running Windows, when you install the vSphere Web Client, you will be brought to a screen to specify your SSO Administrator credentials (admin@System-Domain for windows) or (root for VCSA) as well as the Lookup Service URL which will be the same system running your vCenter SSO service.

Note: In my lab, I am using the VCSA for my vCenter Server as well as my SSO server, but this can also be a Windows vCenter Server and SSO Server.

You also have the ability to re-point your vSphere Web Client to another vCenter SSO server and you can do so by using the following script: C:\Program Files\VMware\Infrastructure\vSphereWebClient\scripts\client-repoint.bat To use the script, you just need to specify the new Lookup Service URL along with the SSO Administrator credentials.

C:\Program Files\VMware\Infrastructure\vSphereWebClient\scripts\client-repoint.bat https://172.30.0.181:7444/lookupservice/sdk root vmware

Once the script has finished registering with the new vCenter SSO server, you can now connect to the vSphere Web Client URL by going to https://[webclient-hostname-ip]:9443/vsphere-client and you now should be able to see all the vCenter Servers that have registered with the same vCenter SSO server.

Here is another view using the new VIN 1.2 (vSphere Infrastructure Navigator) to show that I have two vSphere Web Client servers (webclient 3 and webclient4) registered to my primary vCenter SSO Server (vcenter51-1) as well as two additional vCenter Server (vcenter51-2 and vcenter51-3) that are also registered with the same SSO Server.

As you can see this provides me with single view of all my vCenter Servers and I can now connect to either vSphere Web Client servers which can be used for both load balancing as well as redundancy. You probably might have guessed, the next logical step is to put an actual load balancer in front of multiple vSphere Web Clients and simply expose a single entry point for your end users .... stay tune 🙂

FYI - If you are interested in using the VCSA and only enabling the vSphere Web Client feature, the process is slightly different and I will share the procedure in a separate post.

A Pretty Cool Method of Upgrading to ESXi 5.1

by // 44 Comments

I recently came across an interesting article by Andreas Peetz which shows you how to patch an ESXi host using an image profile that is directly available on VMware's online depot within the ESXi shell. I knew that VMware had online depots for use with VUM and Auto Deploy but I was not aware of this particular method, especially directly from the host.

Disclaimer: This method assumes you can install the default ESXi Image Profile with no additional drivers or packages, else you may have connectivity issue after the upgrade. If you still need to customize the ESXi Image Profile before installation, you will still need to use something like Image Builder and then upload that to your online depot.

Note: There are many ways that you can patch/upgrade your ESXi hosts, here is another article that provides more details for command-line only methods.

Before you get started, you will need to make sure that your ESXi host has the httpClient firewall rule enabled, else you will not be able to connect to VMware's online depot. To enable this, run the following ESXCLI command:

esxcli network firewall ruleset set -e true -r httpClient

Also make sure that your ESXi host can reach the following URL (you can specify a proxy if needed):

https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml

To view the available ESXi Image Profiles, run the following ESXCLI command (use the --proxy if you need to specify a proxy to reach VMware's online depot):

esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml

If you are able to successfully connect to the online depot, you see a list of all the ESXi Image Profiles that are available to you. You will see two ESXi 5.1 Image Profiles (these were recently published), one with VMware Tools and one without VMware Tools.

Note: Before you begin, make sure you do not have any running VMs and put your host into maintenance mode.

Let's go ahead and upgrade our ESXi 5.0 Update 1 host to latest ESXi 5.1. To install the new Image Profile, run the following command:

esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-5.1.0-799733-standard

This can take a few minutes to complete depending on how fast you can pull down the Image Profile. Once it is done, you will see all the new VIBs that have been updated and you will be asked to reboot for the changes to go into effect and then you will be running ESXi 5.1! Pretty cool IMO!

vCloud Director 5.1 Introduces "Open in vSphere Web Client" & Task Correlation ... Awesomeness!

by // Leave a Comment

Have you ever had to troubleshoot something in vCloud Director such as looking into a particular vApp and then realizing you needed to jump over to the vSphere environment to continue troubleshooting? This meant you had to perform a separate login to your vSphere environment and most likely using a different set of credentials and then find the set of Virtual Machines that made up that vCloud Director vApp ... painful and annoying right? Wish you could just right click and jump straight to that vApp construct in vSphere?

Well, now you can with the latest release of vCloud Director 5.1 which introduces a new option called "Open in vSphere Web Client".

In the screenshot above, I have a vCloud Director vApp which contains 3 Virtual Machines and I want to jump straight to that object in the vSphere Web Client. To do so, simply right click on the object and select "Open in vSphere Web Client".

This will open up a new browser to the vSphere Web Client and locate the object in the appropriate vCenter Server and automatically log you in using the new vCenter SSO. Pretty cool huh!? This new option is not just limited to vCloud Director vApps and VMs, but applies to any vSphere object found within vCloud Director.

Note: You will need to be a System Administrator in vCloud Director to perform this operation as you will need access to the vSphere infrastructure.

Another challenge that you might have faced while troubleshooting in vCloud Director is to be able to correlate the tasks generated from vCloud Director and map those back to vSphere tasks in vCenter Server. This is not a trivial thing to do and required you to jump between vCloud Director and vCenter Server manually correlating the tasks. In vCloud Director 5.1, this has been enhanced by providing users with a single view for a given vCloud Director task and all the associated vSphere tasks that were created.

When you open a given vCloud Director task, you will be defaulted to the vCloud Director task details as you would expect. In the same view, there is also a new tab called vSphere Tasks which contains all the vCenter Server tasks generated from that given vCloud Director task.
As you can see from these two enhancements, you will be able to quickly and easily view all tasks that have taken place between vCloud Director and vCenter Server, all from a single location. If you need to drill down further into the vSphere layer, it is simply a right click and you will be taken directly to the vSphere object in the vSphere Web Client without having to provide additional credentials.