tag

Using PowerCLI and vSphere Tags to create/migrate HCX Mobility Groups to VMware Cloud SDDC

10.21.2020 by William Lam // Leave a Comment

If using your voice to create an HCX Mobility Group and initiate a migration to a VMware Cloud SDDC is not your thing, here is a more practical example using PowerCLI which includes HCX cmdlets that was introduced awhile back.

Here are the 12 configurable variables that you will need to update based on your own environment.

$VC_SERVER="vcsa.vmware.corp"
$VC_USERNAME="*protected email*"
$VC_PASSWORD="VMware1!"
$HCX_SERVER="hcx.vmware.corp"

$VSPHERE_TAG_CATEGORY="Cloud"
$VSPHERE_TAG_NAME="VMC"

# vMotion, Bulk, Cold, RAV, OsAssistedMigration
$MIGRATION_TYPE="RAV"

$TARGET_NETWORK_NAME="L2E_HOL-10-f58e483b"
$TARGET_DATASTORE_NAME="WorkloadDatastore"
$TARGET_RESOURCE_POOL_NAME="Compute-ResourcePool"
$TARGET_VM_FOLDER_NAME="Workloads"

$MOBILITY_GROUP_NAME="VMworld-2020-Demo"

[Read more...]

Enhanced vCenter Server Audit Event & Logging in vSphere 6.7 Update 2

04.08.2019 by William Lam // 7 Comments

A couple of years back I had published a detailed analysis on vCenter Server's Authentication (AuthN) and Authorization (AuthZ) from an auditing and logging standpoint. This has been the go to reference for many of our customers and the posts also includes a number of log samples which I have documented in the following Github repository.

In addition to serving as a reference for our customers, it has also helped our Product and Engineering teams understand where we still had some gaps and how we could improve the overall user experience. As hinted in the recently announced vSphere 6.7 Update 2 release, which will be available soon, there are number of new auditing enhancements that have been made to both vCenter Server and the vCenter Single Sign-On (SSO) service that I think customers will really appreciate.

"Real" client IP address in Events

When you look at a login or logout Event in vCenter Server today, you may have noticed the user's client IP Address is actually of the vCenter Server rather than the actual remote client's address and the reason for this is explained here. In vSphere 6.7 Update 2, the real client IP Address is now captured and is included in all successful login/logout and failed logins. This information can now enable administrators to easily identify unauthorized access and be able to quickly track down the systems initiating the connections.

[Read more...]

vSphere Tag Attach/Detach events now in VMware Cloud on AWS

03.05.2019 by William Lam // 4 Comments

The underlying products (vSphere, vSAN & NSX) that run within VMware Cloud on AWS (VMC) are constantly being improved with new capabilities and enhancements. As a service, VMC is updated more frequently than a traditional on-premise environment and one huge benefit for our customers is that they get to access all the latest and greatest features of the platform!

Yesterday, I came to learn about some improvements that we had made to our vSphere Tagging infrastructure to start publishing vCenter Server Events for when a vSphere Tag is attached or detached from an inventory object such as a Virtual Machine. This has been a frequently requested feature by our customers, especially for auditing purposes and this also enables the ability to perform additional actions through the use of a vCenter Alarm.

UPDATE (10/13/20) - vSphere 7.0 Update 1 now includes vCenter Events for both vSphere Tag Attach/Detach operations. For complete list of out of the box vCenter Server Events, you can refer to this Github repo.

In the vSphere UI for a VMC vCenter Server, you can now see these new tagging events by selecting the vCenter Server inventory object and then go to Monitor->Events and filter by "attached tag" or "detached tag".

[Read more...]