WilliamLam.com

Quick Tip - Which vCenter Server Key Provider (KMS) is a VM using?

by // 3 Comments

vCenter Server requires a Key Management Service (KMS) for enabling VM Encryption, vTPM, or vSAN Encryption. Users have the choice of configuring the embedded Native Key Provider (NKP) built into vCenter Server and/or use an external KMS with the Standard Key Provider (SKP) option.


If you have more than one KMS configured in vCenter Server, you can specify one of the KMS key providers to be your default, which will automatically be used for any KMS-related activities. You can switch between the default KMS key provider and you can certainly specify a specific KMS key provider when using the vSphere API to provision a VM that will leverage VM encryption.

So how do you figure out which KMS key provider a VM is using?

[Read more...]

Automating bulk OPNsense Unbound DNS host overrides

by // Leave a Comment

I recently deployed OPNsense in my homelab, which I will be using it to setup my VMware Cloud Foundation (VCF) environment. A critical part infrastructure service that is often miss-configured is DNS and OPNsense provides a simple way add your custom DNS entries (forward/reverse) called Host Overrides, which uses Unbound DNS behind the scenes.

Like most, I have a number of DNS entries that I would like to pre-create and the UI is not exactly the quickest for any type of "bulk" operation as each entry is added sequentially.


Luckily, OPNsense does have a REST API for Unbound functions, but the documentation was not very useful as it just direct users to use the browser to extract the JSON payload, while something I am comfortable with, I think that is not what I expected from something called an API Reference ...

In any case, this was a simple enough API, that I was able to create a quick PowerShell script to parse a CSV file that contains the list of FQDN, IP Address and Description and then perform a bulk create since the API itself was also sequential in nature 🙁

[Read more...]

ESXi on GMKtec NucBox K11

by // 7 Comments

The GMKtec NucBox has been growing in popularity amongst the VMware community as a modern AMD Ryzen-based alternative to the Intel/ASUS NUC, offering many of the same advantages while avoiding some of the drawbacks of Intel's Hybrid CPU architecture.

In preparation for my upcoming session at the inaugural VMUG Connect Conference in April, I have been experimenting with several modern hardware options, with the goal of deploying the full VMware Cloud Foundation (VCF) solution for use within a lab environment, while still staying budget friendly!

I know several folks have had great success with the GMKtec NucBox K8 Plus and it just so happens, while browsing the GMKtec website, I noticed an additional NucBox has just been released called the K11.


While the differences between the K8 Plus and K11 is pretty minimal, I was interested in validating some new hardware add-ons, so getting the latest hardware would hopefully give me the best chance!

In collaboration with the VMware {Code} team, I was able to get hands on with the latest GMKtec NucBox K11!

[Read more...]