WilliamLam.com

Search Results for: synology

vCenter Server Identity Federation with Pocket ID

by // Leave a Comment

Having explored various OIDC identity providers, including Authentik, KeyCloak and Synology SSO, I recently came across Pocket ID, a super basic OIDC provider. Instead of using traditional username and passwords, Pocket ID only supports passkeys authentication based on the WebAuthn standard, which means you can login to your vCenter Server or VMware Cloud Foundation (VCF) environment using a physical device like a Yubico YubiKey or Apple Face ID.


Disclaimer: Pocket ID is not an officially supported vCenter Server IdP, please use at your own risk.

[Read more...]

Useful vSphere Automation techniques for assisting with CrowdStrike remediation

by // 9 Comments

By now, you have probably heard about or have directly been impacted by the recent CrowdStrike software update to Microsoft Windows system causing an unprecedented global outage. I know IT administrators are working around the clock to remediate thousands if not tens of thousands of Windows systems, the current recommended remediation process from CrowdStrike is definitely painful since it requires users to go into Windows safe mode to remove the offending file. To further complex things, most organizations enable Microsoft Bitlocker, which adds additional step to the already painful manual remediation process as you now have to locate your recovery keys before you login to apply the fix.

Within hours of the CrowdStrike news, I already saw a number of inquiries from our customers and field asking if there were any automated solutions or scripts that could aide in their remediation as asking any organization to manually remediate is a non-starter with the scale of deployments for most Enterprises. While getting up to speed on the remediation steps and thinking about how our vSphere platform can help users automate, what is typically a manual task, I had a few ideas that folks might find useful.

Disclaimer: The scripts provided in this article are meant as examples, please test and adapt them based on your own environment as these have not been tested in any official capacity and the behaviors may vary from environment to environment. Please use at your own risk.

[Read more...]

How to download offline copy of the Tanzu Kubernetes releases (TKr) Content Library?

by // 2 Comments

As part of the setup for vSphere with Tanzu, a local vSphere Content Library needs be created to store the various Tanzu Kubernetes releases (TKr) which users typically synchronize from VMware's online TKr Content Library repository.


I typically recommend configuring the content library subscription to only download files when needed, rather than the entire library, which is currently over 200GB+.

After standing up another vSphere with Tanzu environment, I needed to download additional TKr images but I could not reuse my existing subscribed content library since it was configured on a different vCenter Server.

With the ability to host a custom vSphere Content Library on my Synology, I realized a better solution would be for me to simply download the full VMware TKr Content Library and host that locally on my network rather than re-downloading the same images each time I have a new deployment.

[Read more...]