WilliamLam.com

Automating VCSA 5.5 Configurations including SSO Administrator password

by // 3 Comments

As many of you know, I am a huge fan of the VCSA (vCenter Server Appliance), not only for its ease of deployment and setup but also the fact that I can easily automate the entire deployment in just under a couple of minutes. I have written about this topic in the past using the vpxd_servicecfg command to automate both VCSA 5.0 and VCSA 5.1. I figured it was probably a good idea to update this for latest VCSA 5.5 which includes several new enhancements to vpxd_servicecfg command such as the VMware Customer Experience Improve Program configuration (vTelemtry) among other options that you can explore by simply running the vpxd_servicecfg on the VCSA.

The other reason I wanted to update this for the latest VCSA 5.5 is that I was working with Engineering last week on a project and several of them did not know about this capability of being able to automate the VCSA configuration. Instead of providing them with the raw commands, I thought I would create an updated script that can be shared with the community so that others could also benefit from it. Lastly, I also did this for myself as I deploy a large amount of VCSA for all sorts of testing that I am doing on a regular basis and this would allow me to quickly speed up my deployment by simply going to my own blog 🙂

Below is a shell script that contains several variables that can be edited based on your environment setup and you can run this script over SSH using something like: ssh root@[VCSA-IP] < configureVCSA.sh

#!/bin/bash
# William Lam
# www.virtuallyghetto.com
# Script to automate VCSA 5.5+ Configurations

# User Configurations

# SSO Administrator password (*protected email*)
SSO_ADMINISTRATOR_PASSWORD=VMware1!

# Join Active Directory (following 5 variables required)
JOIN_AD=0
AD_DOMAIN=primp-industries.com
AD_USER=administrator
AD_PASS=mysupersecurepassword
VCENTER_HOSTNAME=vcenter51-1.primp-industries.com

# Enable NTP
ENABLE_NTP=0
NTP_SERVERS=192.168.1.1

# Enable VMware Customer Experience Improvement Program
ENABLE_VC_TELEMTRY=1

################ DO NOT EDIT BEYOND HERE ################
 
echo "Accepting VMware EULA ..."
/usr/sbin/vpxd_servicecfg eula accept

if [ ${JOIN_AD} -eq 1 ]; then
        echo "Configuring vCenter Server hostname ..."
        SHORTHOSTNAME=$(echo ${VCENTER_HOSTNAME} |  cut -d. -f1)
        /bin/hostname ${VCENTER_HOSTNAME}
        echo ${VCENTER_HOSTNAME} > /etc/HOSTNAME
        sed -i "s/localhost/${SHORTHOSTNAME}/g" /etc/hosts
 
        echo "Configuring Active Directory ..."
        /usr/sbin/vpxd_servicecfg ad write "${AD_USER}" "${AD_PASS}" ${AD_DOMAIN}
fi

echo "Enbaling Time Synchronization ..."
if [ ${ENABLE_NTP} -eq 1 ]; then
	/usr/sbin/vpxd_servicecfg timesync write ntp ${NTP_SERVERS} 
else
	/usr/sbin/vpxd_servicecfg timesync write tools 
fi 

echo "Configuring vCenter Server Embedded DB ..."
/usr/sbin/vpxd_servicecfg db write embedded
								 
echo "Configuring vCenter Server SSO w/custom *protected email* password ..."
/usr/sbin/vpxd_servicecfg sso write embedded ${SSO_ADMINISTRATOR_PASSWORD}

echo "Starting the vCenter Server Service ..."
/usr/sbin/vpxd_servicecfg service start

if [[ -e /var/log/vmware/phonehome ]] && [[ ${ENABLE_VC_TELEMTRY} -eq 1 ]]; then
	echo "Enabling vCenter Server Telemtry ..."
	/usr/sbin/vpxd_servicecfg telemetry enable
fi

 

Quick Tip - Automate the enabling of the Customer Experience Improvement Program (vTelemetry) in VCSA

by // 4 Comments

The VMware Customer Experience Improvement Program is a new feature that was introduced with the latest release of vCenter Server 5.5 Update 2 (vCenter Server for Windows & the VCSA). This feature provides the following per the documentation:

If you choose to participate in the Customer Experience Improvement Program (Program), VMware receives anonymous information to improve the quality, reliability, and functionality of VMware products and services. VMware wants to understand better your vSphere deployment and business needs, and improve VMware response to customer requirements. You can choose to participate in the Program for vSphere at any time.

In my opinion, this has been needed for quite some time now. If you have ever installed any consumer based software, there is usually an option that allows customers to provide basic telemetry data back to the vendor so that they can better understand how the product is being used and more importantly leverage that data to help improve the product and features future.

The process of collecting basic telemetry (sometimes also known as phone home) is not a new concept in the Enterprise. In fact, for those of you who manage a storage array, this has been a standard practice for many many years now where every night, the storage array sends back a variety of telemetry data that may include performance information, utilization, logs, etc. to the vendors HQ. This data is then analyzed and the vendor maybe able to sport trends of a potential issue and proactively alert customers to take action before a problem even arises. Michael White has also recently written about the topic here which I recommend a read as well.

There are four categories of data that is being collected:

  • esxcfg-info.xml
  • Extension.json
  • AboutInfo.json
  • performance-stats.txt

If you wish to learn more about what is being collected and how to view the data before it is sent, please take a look at the documentation here.

One thing I had noticed when deploying the latest VCSA 5.5 Update 2 is that there is now an option to enable the Customer Experience Improvement Program and of course I was interested in automating this configuration as part of my VCSA deployment script.

automate-telmetry-customer-improvement-program-0
Taking a look at the logs, I found that there is a new option that has been introduce in /usr/sbin/vpxd_servicecfg called telemtry:

Telemetry data collection modes:
read         : read and return the current status of the collector
enable       : enables the telemetry data collection
disable      : disables the telemetry data collection

To enable the Customer Experience Improvement Program as part of the VCSA setup, you must enable it after vpxd (vCenter Server) has started. Here is the modified VCSA configuration shell script:

#!/bin/bash

echo "Accepting EULA ..."
/usr/sbin/vpxd_servicecfg eula accept

echo "Configuring Embedded DB ..."
/usr/sbin/vpxd_servicecfg db write embedded

echo "Configuring SSO ..."
/usr/sbin/vpxd_servicecfg sso write embedded

echo "Starting VCSA ..."
/usr/sbin/vpxd_servicecfg service start

echo "Configuring VC Telemetry ..."
/usr/sbin/vpxd_servicecfg telemetry enable

If you decide not to enable this feature during the initial deployment or if you have upgraded from an existing vCenter Server, this feature can also be enabled after the fact. To do so, you will need to login to your vCenter Server using the vSphere Web Client and under the Settings tab of your vCenter Server, there is an option to enable or disable the Customer Experience Improvement Program

automate-telmetry-customer-improvement-program-1
Note: When enabling or disabling the Customer Experience Improvement Program, a restart of vCenter Server is not necessary.

Hopefully customers will see the benefit and value in joining the VMware Customer Experience Improvement Program and over time, I think you will start to see some really neat benefits for those who participate in this program.

How to automate NTP configurations on the VCSA using the CLI

by // Leave a Comment

NTP configurations should be a mandatory setting for everyone, regardless of whether we are talking about VMware products or general infrastructure software. It is just as critical as having proper DNS configured and can cause a whole slew of issues if not configured or setup properly. A question that was raised internally a couple of days back was around automating NTP configurations on the VCSA (vCenter Server Appliance) which is normally performed through the VAMI web interface as seen in the screenshot below.

Instead of using the VAMI UI, the user was interested in automating it through the command-line and wondered if this was possible. This is definitely possible among other VAMI operations by leveraging the vpxd_servicecfg utility and there are a couple of options when configuring NTP on a VCSA 5.5 system.

The option that most of you will probably using is to configure a list of NTP servers (comma separated). To do so, you can run the following command (replace the NTP server with your own):

/usr/sbin/vpxd_servicecfg timesync write ntp '172.30.0.100' ''

This command should have a return code of 0, else there maybe an issue connecting to your time source from the VCSA. You can also confirm the operation was successful or query the current configuration by running the following command:

/usr/sbin/vpxd_servicecfg timesync read

If you wish to synchronize your time with the underlying ESXi host through VMware Tools, then you can run the following command:

/usr/sbin/vpxd_servicecfg timesync write tools '' ''

Finally, if you wish to disable time synchronization on the VCSA for whatever reason, you can do so by running this command:

/usr/sbin/vpxd_servicecfg timesync write none '' ''

Note: If the VCSA is joined to an Active Directory domain, then the time synchronization is provided by your Active Directory server and no additional configurations are required.

Once you have configured your NTP servers, you should can also manually force a sync to ensure the current date/time is correct by running the following command:

sntp -P no -r [NTP-SERVER]