Something I didn’t handle previously was the creating of applications in Horizon. Since they are always hard wired to a farm or desktop it might happen that you need to re-create these so automation is preferred.
When looking at the api call for creating an application I find that we need to create an objetc of the type VMware.hv.ApplicationSpec
One of the options already available using the Horizon REST API‘s is working with Instant Clone Administrators. In total there are 5 API calls available and I will give an explanation for al 5 on how to use them. As you can see you’ll run all of them against /rest/config/v1/ic-domain-accounts.
ptp_vmw is a Linux driver for VMware Precision Clock, a new type of virtual device available in ESXi 7.0 (hardware version 17 on-wards) that provides virtual machines with access to the underlying ESXi host’s system clock. Guests can use the device as a reference clock in Chrony time synchronization software to synchronize their system clocks with.
Precision Clock offers an alternative to existing methods of time synchronization in the guest, such as NTP. A potential benefit of using Precision Clock, when compared to a network time synchronization, is that it uses a VMware proprietary paravirtual interface between a virtual machine and the host to fetch time information. Achievable accuracy using network based time synchronization in a guest is limited by delay and variability in the virtual networking paths (including the guest’s own networking stack), especially under high loads. By avoiding virtual networking, time synchronization using Precision Clock can, potentially, achieve higher accuracy. See the vSphere 7.0 documentation at https://docs.vmware.com for more information about this virtual device.
This fling includes a Linux kernel module source RPM, which can be built and installed in a Linux system. Upon loading the driver, a PTP clock device is created, which can be consumed as a reference clock in Chrony. See included README file for more information.
Demo Appliance for Tanzu Kubernetes Grid
A Virtual Appliance that pre-bundles all required dependencies to help customers in learning and deploying standalone Tanzu Kubernetes Grid (TKG) clusters running on either VMware Cloud on AWS and/or vSphere 6.7 Update 3 environment for Proof of Concept, Demo and Dev/Test purposes.
This appliance will enable you to quickly go from zero to Kubernetes in less than 30 minutes with just an SSH client and a web browser!
Quickly deploy TKG Clusters onto VMware Cloud on AWS or vSphere-based infrastructure
Online vSphere Content Library to sync all TKG Demo Appliance dependencies
Accompany step-by-step workshop-style guide
Embedded Harbor registry pre-loaded with all required TKG and Demo Containers
Support for Air-Gapped and Non-Internet accessible environments
Sample demo applications including Persistent Volume, K8s 3-Tier Application with a LoadBalancer example
With machine learning is widely used in enterprises, big data are trained on the edge, inference services go to production either in the cloud or on the edge.
On the edge
Edge devices have limited resources, space and power supply
Edge servers cost much higher than devices
Hardware accelerators are heterogeneous in architecture and various on interfaces and performance on the edge
In the cloud
Accelerator market is dominated by Nvidia GPU
Other options come as AMD GPU, Intel Habana Goya/Altera FPGA, AWS Inferentia, Xilinx FPGA etc
Common inference interfaces from cloud to edge doesn’t appear generally
Limitation on specific hardware accelerators or cloud leads to new vendor lock-in
Project Supernova is to build a common machine learning inference service framework by enabling machine learning inference accelerators across edge endpoint devices, edge systems and cloud, with or without hardware accelerators.
Micro-service based architecture with Restful API
Support heterogenous system architectures from leading vendors
Support accelerator compilers to native code
Neutral to ML training framework file formats
Work on both edge devices and clouds
Hardware CPU support:
Hardware accelerator support:
Intel VPU, Google Edge TPU, Nvidia GPU
Inference toolkit support: OpenVINO, TensorRT & Tenserflow Lite
Training framework data format: Tensorflow, Caffe, ONNX, MxNet
The Virtual Machine Compute Optimizer (VMCO) is a Powershell script that uses the PowerCLI module to capture information about the hosts and VMS running in your vSphere environment, and reports back on whether the VMs are configured optimally based on the Host CPU and memory.
Fixed errors in reporting for some VMs that are on hosts with 4 sockets
Fixed “memory” missing from Details when VM memory spans pNUMA nodes
Added ability to call function with “-simple” which only reports VM info (leaves out vCenter, Cluster, and Host)
Added support for vSphere with Kubernetes and Tanzu Kubernetes GRID in addition to VMware
Upgraded to Kubeflow 1.0 GA
Added support for GPUs
Introduced a new data registry component called Data Manager
Upgraded minor components/libraries to the latest versions
Added an easy-to-use installer
Lots of bug fixes
vSphere Mobile Client
The vSphere Mobile client is the tool to have if you want to be able to an early check on your vCenter while running to your desk to do it on those nice and fancy big screens you have over there.
Virtual keyboard for VM console, with all special keys available
Details page for cluster objects
iOS devices now have the VM console, still requires direct ESXi connection for both Android and iOS
Library updates for better compatibility
Host no longer shows as standalone when part of a cluster
Issues for all objects are calculated similarly, by adding together fired alarms and configuration issues
Virtual CPU count in VM summary page is now correct
All details pages are showing information in a similar way
Horizon Session Recording
The Horizon Helpdesk Recording fling is an underestimated fling in my eyes, it gives you the opportunity to properly record whats’s happening in a users vdi session.
Note: Version 2.0.8 is a complete re-write of the whole fling, This fling does not support upgrading, this will require a new deployment, server and agent.
The agent is now multi-threaded.
The web service is now written in angular.
The web service now supports high availability (see documentation).
This release will only work with Horizon 7.9 or higher.
Horizon Helpdesk Utility
After Reach that sadly had to be pulled the Horizon Helpdesk Utility is on of the best flings to have ever been released for Horizon. FInally a fast tool that properly helps your helpdesk without having to go to the admin console.
Fixed an intermittent issue with the agent crashed when viewing a pool / session.
A while ago I blogged about adding an Instant Clone administrator using the api’s. I never looked at creating a linked clone domain administrator though so let’s do that.
When checking the services near the bottom we see a service called ViewComposerDomainAdministrator
Now let’s check the available methods
The difference between ViewComposerDomainAdministrator_Create and ViewComposerDomainAdministrator_CreateByServerDefinition is that for the first you’ll need the virtualcenterid and for the lather the ServerDefinition for the configured vCenter.I will go with the easier first one.
Let’s see what’s required
so we need a spec of the type VMware.Hv.ViewComposerDomainAdministratorSpec this is what the api explorer says about it:
So for the base we actually need another object of the type vmware.hv.ViewComposerDomainAdministratorBase, let’s create both
see how I do the where? For this one it doesn’t really matter but doing it this way is muchos faster than using where-object
In the base the username and domain are strings so those are easy. For the password we need to have it encrypted in a certain way. Luckily I already used it in the vCenter adding post that I gave an update last week.
So last week I created a blog about gathering Horizon entitlements using the api’s. At the end I promised that my next blog post would be about creating entitlements and guess what: that’s this post 🙂
First a short explanation about what UserEntitlements actually are in Horizon. When you pull the entitlement info the base property has the needed information.
So in short an entitlement is a link between the userorgroup object id and a resource object id. The resource object can be: Application, Desktop, Global Application Entitlement, Global Desktop Entitlement and URLRedirection.
Let’s first grab the id’s that we need, I use 2 queries for that bur first I put the names of the group and the desktop in variables:
Somehow I have never really blogged about using the Horizon api’s to gather entitlement data. These are actually stored in entitlement objects and we can find them using a query against either the EntitledUserOrGroupLocalSummaryView or EntitledUserOrGroupGlobalSummaryView objects. Let’s start with the local variety.
Yes that’s me making a typo, try to talk to me on Slack. I hardly type anything without typo’s. Back to the $queryresults because there’s an easier way to get the group or username because it’s listed under the base property.
So we now have the group or username now we need to find what they have been entitled to, this information is stored under localdata.
The Applications and Desktops properties contain the ids where the users have rights to so if we use Desktop.Desktop_GetSummaryViews or Application_GetSummaryViews we end up with the relevant data. I have opened the summarydata for both to make things more visible.
Pallas helps an admin to manage edge ESXi hosts where it’s not possible to manage them using vCenter due to security reasons.
The goal of Pallas is to provide management ability for ESXi hosts that cannot be managed by vCenter due to firewall or network issues.
Case 1: You have several ESXi hosts which running in a private network, but you have requirement to management them in the public network.
Case 2: Your ESXi host don’t wire connections and must connected through WiFi or Mobile network. For example, you use ESXi running on the oil rig, train head and you want to remote manage the ESXi securely.
Case 3: In IOT world you have the virtualized Edge devices requirements (ESXi host on Edge Device) and need remote management the ESXi(like patch, create VM etc.)
This solution includes a dominate-agent VM to provide remote management ability on the ESXi. If the ESXi has no wire connection then a pluggable network device (USB WiFi card, 3G/4G/5G sim card or other device that can provide network access ability) is needed, the pluggable network device will be pass-through directly to the dominate-agent VM. A remote manager server that accept connections either in public cloud/hybrid or private datacenter.
The dominate agent VM will talk to ESXi through ESXi SDK for workload VM management. There is no direct connection between the workload vm and dominate agent by default.
The dominate agent VM will talk to Pallas Manger though MQTT protocol, it will not allow any inbound traffic.
Virtual Machine Compute Optimizer
Virtual Machine Compute Optimizer is a script that analyses vm’s and the hosts running them to see if they run in an optimized way. It does not look into the vm’s themselves, if that is needed vRealize Operations is recommended.
Modified Get-OptimalvCPU.ps1 to account for vCenters with no clusters
Modified Error Catches so they display the line number of the error
Code Capture new language: the recorded interaction can now be translated to Go.
PowerActions: integrating PowerCLI and the vSphere Client. The vSphere Client now provides the ability to execute PowerCLI commands and scripts, and store scripts in a library. Custom actions backed by PowerCLI scripts can be defined and executed on inventory objects.
PowerActions must be explicitly enabled on a vSphere Client Fling deployment. For setup instructions and a quick walkthrough, see the file PowerActions_documentation_Fling50.pdf .
PowerActions: when executing a script from the context menu of an object, the context object is prepopulated, but the object selector control has to be expanded and collapsed in order for this to become visible.
The base operating system for the fling is changed to Photon OS.
Upgrade from previous versions to 5.0 is not supported. A new appliance has to be deployed.
Server.bat Replaced, December 3
Fix a small error where ls.url was printed twice in the resulting webclient.properties which leads to errors when trying to login to the H5 web client.
App Volumes Entitlement Sync
The App Volumes Entitlement Sync helps the App Volumes admin in copying entitlements between various App Volumes environments like from test to production.
Fixed problem with sync button being disabled
Added check for App Volumes 2.x and App Volumes 4.x managers and will pop up message that they can’t be synced
Fix for Migrated Appstack upload failure in AVM due to JSON parsing error.
Instructions doc updated to reflect the name change from “Upload Prepackaged Volume” to “Upload Template” in the AVM UI.
vRealize Build Tools
vRealize Build Tools provides tools to development and release teams implementing solutions based on vRealize Automation (vRA) and vRealize Orchestrator (vRO). The solution targets Virtual Infrastructure Administrators and Solution Developers working in parallel on multiple vRealize-based projects who want to use standard DevOps practices.
Support vRA 8 support for blueprints, custom forms, subscriptions and flavor-mapping
vRO 8 support for existing content management and import
Support vRO 8 export of WFs in a folder structure derived from WF tags
Support for running WFs on vRO using maven command
Support persisting JS Actions IDs in source to allow for actions originating in vRO first to not create conflicts
TypeScript Projects (experimental) support improvements and bug fixes
General bugs fixing an documentation updates
Power vRA Cloud
Power vRA Cloud makes the vRA API’s more accessible for people already used to PowerCLI or PowerShell.
After years of contracting a new challenge lays ahead for me in the vendor space. Until now I have always been on either the customer or partner side of things but was always curious how things would be from a vendor perspective. Recently I saw an opportunity at ControlUP passing by that I couldn’t resist in asking if it would also be feasible do do this from The Netherlands since it was posted for the UK. The lines where short since I am already working on for them on a freelance base creating Horizon scripts.
PS Engineers are experienced IT professionals that guide customers through their journey of assessing needs and implementing ControlUp solutions. Prospective candidates must be self-motivated, charismatic individuals that are willing to meet customers and work in very dynamic situations that present new, never before seen business and technical challenges on a regular basis. Ideal candidates possess several years of enterprise IT consulting experience and a deep technical skill set covering VMware’s or Citrix virtualization and PowerShell scripting.
· Professionally represent ControlUp values at all times
· Maintain current knowledge of the entire ControlUp product portfolio
· Become a trusted advisor to both colleagues and customers
· Help our customers succeed by solving their challenging technical problems, from design through to production operations
· Work closely with customers to understand their needs and objectives
· Provide regular transfer of information presentations to customers
· Provide regular feedback to management for process and practice improvements
· Assist with all phases of Couchbase implementations, starting with installation, architecture design and review
· Contribute to internal technical projects, which can include software development, benchmarking, troubleshooting
· Work closely with the sales team and presales team on technical escalations and help grow opportunities in existing accounts
· Assist with customer PoC/Pilots through effective management of acceptance criteria and issue escalation/resolution
· Work with all technical levels from managers, to architects and developers in the Couchbase Server technology and architecture
· Identify and write internal and external technical collateral, like typical deployment architectures or best practices
· Travel to customers at least 25%
· 10+ years of experience in information technology- A MUST
· 5+ years of customer-facing professional services or VDI Administration- A MUST
· Fluent Speak and Writing English- A MUST
· Strong VMware or Citrix experience
· Strong Windows desktop OS administration experience
· VCP/CTP/VCPDT strongly preferred
· B.S./B.A./M.S. degree or equivalent technical training & experience
· Proven technical background –You will need to have a strong hands-on understanding of a number of popular technical platforms
· Positive attitude and very customer-centric; always willing to put the customers’ needs first
· MCSE – a plus
While I have been doing mainly VMware for the last few years I also have a bit of history with Citrix so I thought this would fit perfectly. After a couple of zoom calls first I traveled to ControlUP’s yearly Sales Kick-Off in Jerusalem last month to have a face to face meeting but also to feel how things are run inside the company. Looking back at that I have to say I really enjoyed it and was able to connect with just about everyone (I just didn’t have the time to connect with everybody). So when I received the call a week or so later that they wanted to hire me I couldn’t be more happy about that and I will be starting March first as Professional Service Engineer!
tldr: Got hired by ControlUP as Professional Services Engineer starting March first
Last week Mark Brookfield asked the question if it is possible to configure the event database in code. My answer was that I thought it should be possible until Stephen Jesse pointed me to the the vmware.hv.helper where there is the set-hveventdatabase cmdlet for this. When looking at the code I noticed something familiar:
Author : Wouter Kursten
Author email : [email protected]
Version : 1.0
===Tested Against Environment====
Horizon View Server Version : 7.4
PowerCLI Version : PowerCLI 10
PowerShell Version : 5.0
So that’s why I knew it was possible! A good reason to create a quick blogpost though. Mark made a nice script for himself with variables and all those fancy things but I just want to quickly show how you can do it.
Something that was added in the last few versions of the Horizon API is the option to handle UAG’s. Since I had to add an uag to my lab for another project I decided to find out what api calls are possible. First I’ll check what services there are.
$hvservice | Select-Object gateway*
I will ignore the GatewayAccessUserOrGroup since that was already in there so we are left with Gateway and GatewayHealth. Let’s see what methods are available under Gateway.
$hvservice.Gateway | gm
I Gateway_Get and Gateway_List will show the same information as always but with _Get you will need a gateway ID and it only shows the information about one gateway. WIth _List you will get the information about all registered gateways.