WilliamLam.com

Quick Tip - Which vCenter Server Key Provider (KMS) is a VM using?

by // 2 Comments

vCenter Server requires a Key Management Service (KMS) for enabling VM Encryption, vTPM, or vSAN Encryption. Users have the choice of configuring the embedded Native Key Provider (NKP) built into vCenter Server and/or use an external KMS with the Standard Key Provider (SKP) option.


If you have more than one KMS configured in vCenter Server, you can specify one of the KMS key providers to be your default, which will automatically be used for any KMS-related activities. You can switch between the default KMS key provider and you can certainly specify a specific KMS key provider when using the vSphere API to provision a VM that will leverage VM encryption.

So how do you figure out which KMS key provider a VM is using?

[Read more...]

Quick Tip - VMware Cloud Foundation (VCF) Bringup fails without persistent ESX-OSData

by // 4 Comments

You will never run into this problem if you follow current recommended practices to install the ESX-OSData volume on a persistent storage device that could either be dedicated and/or co-located your ESXi installation.

For those deploying VMware Cloud Foundation (VCF) in a lab environment, you might attempt to reserve the limited number of storage devices for use with vSAN and decide to install ESXi on a USB device, which is perfectly fine but if you do not select a persistent storage device for the ESX-OSData volume, then it will default to use the ESXi ramdisk.

I recently observed that if you have such a configuration, the VCF Cloud Builder Bringup process will fail after attempting (three times) to re-deploy the vCenter Server Appliance (VCSA).


As you can see from the screenshot above,  VCF Cloud Builder UI does not provide any details and ask users to look at the vCenter Server installation logs.

[Read more...]

ESXi on GMKtec EVO-X1 with AMD Ryzen AI Pro 300 Series (formally Strix Point)

by // 3 Comments

My experiences with small form factor (SFF) systems and Mini PCs over the years have primarily involved Intel-based systems, as they have been the most capable and compatible with the VMware ESXi Hypervisor—especially when it comes to onboard networking options.

Intel's introduction of their Hybrid CPU core architecture starting with 12th Gen (Alder Lake) and continues with 13th Gen (Raptor Lake), 14th Gen (Meteor Lake), and now 15th Gen (Arrow Lake), presents a unique challenge for running ESXi.

When AMD announced their Ryzen AI 300 Series processors (formally codenamed Strix Point) based on their new Zen 5 architecture, I was pretty excited with their approach to a "Hybrid" processor:

AMD's approach to its 'compact' Zen 5c cores is inherently different than Intel's approach with its e-cores. Like Intel's E-cores, AMD's Zen 5c cores are designed to consume less space on a processor die...But the similarities end there. Unlike Intel, AMD employs the same microarchitecture and supports the same features with its smaller cores.

Since both the Zen 5 and Zen 5c cores contain the exact same CPU features, they would be considered uniform cores unlike the Intel platform, which now includes three different core types (Performance, Efficiency & Low-Power Efficiency), requiring additional workarounds to be able to utilize most of the cores available on the SoC.

While there is currently only a handful of Ryzen AI Pro 300 Series kits that are available for purchase, I was fortunate to get hands on with one from a company called GMKtec, who is a relatively new player in the small form factor market. I have personally never used a GMKtec system before, so I was looking forward to seeing what they had to offer.


Disclaimer: As of publishing this blog post, a fellow colleague has not had any luck in contacting GMKtec to initiate a return, they have been completely non-responsive for several weeks now. I have also observed simliar negative feedback on various Reddit threads, which is certainly concerning for potential prospects. Users may want to consider purchasing GMKtec systems using Amazon, rather than directly from the vendor in case you need an exchange or return.

[Read more...]