Today I hit a bit of a speed bump during some ESXi host upgrades. I like to roll out firmware upgrades while I’m upgrading ESXi, and some Dell M620’s decided they didn’t want to play ball.
I was using the Dell Bootable Firmware Update utility available here. While the ISO was in fact bootable, none of the scripts or inventory collectors were able to run. Repeated attempts to mount the virtual CDROM would fail, followed by this message:
I recently had the need to update an AWS Route53 domain NS configuration so that it could be protected by CloudFlare. This domain was purchased via Route53. I had updated the hosted zone NS records with the new Name Servers, but the domain continued to point to AWS and it drove me nuts. Turns out there is another section in Route53 where you updated the NS records for your Route53 managed domain.
Here are some of the resources that I worked through as study material for the VCAP6-Design exam. A lot of these links and the discovery of these links can be attributed to a lot of others, and I’ll try to credit them where I can.
vBrownBag EMEA - VCAP6-DCV Design - vBrownBag YouTube channel Some great presenters here that highlight some of the key concepts and follow up with discussions vThing - VCAP Study Resources - Andres Herceg’s blog https://vthing.
After months of studying and a Design and Deploy course for good measure, I passed the incredible VCAP6-DCV Design exam!
This certification in combination with my VCAP5-DCA from 18 months ago has awarded me the VCIX6 title which I’m incredibly proud of. Here’s the official link from VMware about the certification: https://mylearn.vmware.com/mgrReg/plan.cfm?plan=89125&ui=www_cert
To give you an idea of what the Design exam is about, take a look at https://www.virtualtiers.net. That exam simulator is a great representation of how the exam is formatted and how you’re tested.
Hello again! Today’s adventures drove me a little wild…
Some background first. In my test environment, I have a full vCloud Director v8.10.1 deployment, load balanced with an F5 LTM. The certificates are loaded on the F5 so that traffic is terminated and re-encrypted on it’s way to the vCloud cells. Since deployment, both the http and console FQDNs functioned as expected. This all changed just a few months ago…
After a very successful and quick migration from Windows SSO 5.5 U3e installation to a Platform Services Controller v6.0U3 appliance I was ready to get my VMCA into action.
We have a corporate internal Microsoft CA with the VMware certificate templates already created as per VMware KB 2112009. Everything was coming up Milhouse, until CSR generation time using the ‘certificate-manager’ on the PSCs.
After stepping through the ‘certificate-manager’ wizard and having the CSR and private key files sent to a directory of my choosing, I quickly inspected the CSR using openssl to make sure I was on the right track:
After performing the vSphere v5.5 to vSphere 6.0 migration in our testing environment with great success, I began work on our production environment. First things first, migrating Windows SSO to PSC appliance.
I had successfully converted the first machine, and started doing some testing. Things like logging into the thick client and checking all vCenter servers and basic login services.
Problem
Out of 6 vCenter servers, only 1 was having issues.
While trying to troubleshoot another problem, we tried Refreshing vCloud to vCenter which includes registering/updating the extension. This is when we hit a beauty we’d never seen before:
Alright, calm down. Probably something with the network, right? And if it’s not the network then it’s probably DNS. Right? Oh how I wish that were so.
I dug around in the vCenter MOB and found the vCloud Director extension. As expected it already had a “vCloud Director-1” named extension.
Roughly 2 weeks ago one of our vCloud Director tenants reported an error when attempting to increase a disk on their VM. They were told to contact their cloud administrator (yay). When we tried to perform the increase, we received an error we’d never seen before: “java.lang.NullPointerException”.
Here is what we checked:
Confirm the tenant Org vDC has the appropriate resources available (this was an ‘Allocation’ style vDC). Check the status of vCloud to vCenter connection and perform a vCenter Reconnect followed by a Refresh.
I was just in the middle of configuring a PSC 6.0 node’s VMCA as an intermediate CA and, in traditional fashion, went to request a certificate from a Windows Server 2008 R2 Microsoft CA using the web enrollment form (as per this VMware KB article).
Oddly enough though my brand spanking new vSphere 6.0 machine and intermediate CA certificate templates were missing from the template selection drop down.
I had a look around online and found that MS CA v3 certificate templates are not supported in the web enrollment form.
Latest Posts
- Restore of a Wordpress deployment is stuck redirecting the port
- Backups and Restores using Velero in TKGm 1.6.1
- Unable to upgrade the database: org.postgresql.util.PSQLException: ERROR: could not open shared memory segment: No such file or directory
- Upgrading Cloud Director 10.4.1 to 10.5
- Installing and Configuring Velero in TKGm 1.6.1 on vSphere
Advertisement
Popular Tags
vmware63
vrealize-suite19
vsphere19
how-to17
vcloud-director12
professional-development10
aws8
certificates8
vrealize-orchestrator7
github6
hugo6
lambda6
tanzu6
vcd6
vcenter6
blog5
s35
homelab4
python4
tanzu-kubernetes-grid4
tkg4
tkgm4
vmware-cloud-director4
vrealize-automation4
vrealize-suite-lifecycle-manager4
api3
api-gateway3
automation3
container-service-extension3
cse3
csp-cloud-builder3
esxi3
javascript3
kubernetes3
pfsense3
powercli3
psc3
upgrade3
vcsa3
velero3
vrealize-log-insight3
vrealize-operations-manager3
vrealize-saltstack-config3
azure2
cassandradb2
certification2
cloud-director2
dns2
hardware2
microsoft2
packer2
rest2
saltstack2
storage2
swagger2
telegraf2
vcd-10.4.12
vcd-10.52
vcloud-availability2
vcp2
vrealize-operations2
active-directory1
adfs1
alp1
app-launchpad1
automator1
blueprints1
bmc1
certificate-authority1
cisco-aci1
clarityui1
cloud-init1
converter1
cpu1
custom-resource1
dell1
docker1
draas1
federation1
firmware1
freebsd1
freenas1
gcp1
ipmi1
ipsec1
json1
macos1
network1
nodejs1
nsx1
opensource1
ova1
postman1
quanta1
route531
saml1
self-hosted1
ubuntu1
utilities1
vcenter-server1
vcloud1
vcpp1
vexpert1
vidm1
virtual-network-gateway1
vmware-identity-manager1
vpn1
vrli1
vro1
vsan1
vvols1
windows-server1
wordpress1