All new Nutanix Test Drive now available

The last few weeks I was invited to and involved with beta testing of the all new Google Cloud based Nutanix Test Drive running AOS. Previously it was hosted on Ravello and running on a version of the Community Edition. When you go to http://nutanix.com/testdrive just enter your details and you’ll be running in no-time. Please make sure that you copy the admin password from the next page. You should also receive an email with these credentials but you never know with the spam filters these days.

After this you can hit the start test drive button, accept the next certificate warning and you’re set to run the testdrive. Use admin as username and the provided password to log on.

First you will get a guided tour through the basic features and when you finish that you will probably have about an hour and 50 minutes of the original 2 hours left.

Personally I was amazed with the speed of the testdrive. I have no idea where it is hosted but it was full steam ahead from start to finish. The console you get is the basic Prism console for a cluster, not Prism Central that allows you to manage multiple clusters.

 

Applying Golden Images for VDI & RDS cloned pools using the Horizon View API’s

Recently I came up with the idea to create a script to apply new Golden Images against the various types of desktop pools and farms that we have in Horizon View. This was something that I thought was not available from the vmware.hv.helper module but after some research I did find that it it available from the module by using start-hvpool and start-hvfarm. No those are not the best names for the functions in my opinion. This wouldn’t stop me for creating this post though on how to apply the images using api’s only since the module uses mapentries and I still hate those. I will cover full clones and defining a new image without recomposing in a next post since that requires updating the pools.

Let’s take a look at the api explorer on what is needed to recompose or push an image.

 

The DesktopPushImageSpec for instant clones has a comparable setup with some nuance differences.

For RDS farms the linked clones spec is equal to the desktop spec but for instant clones there’s a rather big difference but I will cover that later on.

So the common steps for most types of applying the golden image are:

  • Selecting the Desktop Pool or RDS Farm
  • getting the id for the vcenter or datacenter where the parent VM lives
  • getting the id of the Parent VM
  • getting the id of the snapshot to use
  • getting the id’s of the machines in the desktop pool (Linked Clones only)
  • Select date & time for the recompose or imagepush (if required)
  • combine the above info into a spec to recompose or imagepush
  • Apply the recompose or ImagePush

Each step uses information from the step above it.

Selecting the Desktop Pool or RDS Farm

This can be done using queries. For desktops we user the desktopsummaryview definition and for farms farmsummaryview.

And for a farm

getting the id for the vcenter or datacenter where the parent VM lives

For desktops this is a property of the $desktoppool object we have now

For automated farms we need a small extra step since it is not property for the summary data we we can get it by doing a farm_get with the id we received from the query

getting the id of the Parent VM

Using the vcenterid as done below we are able to list all vm’s in the vCenter that might be a Golden Image using

You might be able to see it but this gives a list of all VM’s in the vCenter, sadly there is no query for this yet even though that would be really useful. If you know the exact name you can select on that but if you look at the IncompatibleReasons property there’s info to filter (if you want to create a menu for example)

InUseByDesktop is a usable one for instantclones. I don’t know why InUseByLinkedCloneDesktop doesn’t give any true values even though I have one pool with linked clones, viewcomposerreplica does work. I have filtered this on some of the more obvious ones and end up with both my golden images for Windows 7 & Server 2016

I will do it easy and select on the name for now

getting the id of the snapshot to use

With the baseimagevmid we can utilize the baseimagesnapshot method to get the id for the snapshot.

In this there is also an IncompatibleReasons property but that doesn’t give a lot of information so we’ll need to filter on name.

getting the id’s of the machines in the desktop pool

As you’ll see later in the spec there’s a requirement to list the machine id’s for the pool if you want to do a recompose. These can be grabbed by doing a query

For Linked Clone RDS farms you ned to use the QueryEntityType of RDSServerSummaryView but since I don’t have those in my lab I can only show the theory

Settings date and time for the action

It’s not required to set a date and but is very usable if you want to schedule an action. Please be aware that this is based on us format for day and time so mm-dd-yyyy otherwise I would have scheduled it for august.

The [DateTime] converts the string that follows it to a variable of the type day and time

combine the above info into a spec to recompose or imagepush.

To build the spec we first need to declare a new object with new-object vmware.hv.DesktopRecomposeSpec please be aware that for this name you need to look at the data object in the API explorer and not the class.

For the instant clone image push there’s an extra layer required for the settings

The recompose for a linked clone rds farm is similar to the desktop linked clone.

For RDS instant clone farms the pushing of a new image is part of the maintenance schedule that can be done immediate or recurring. I will do the recurring option for now since rds hosts needs to be refreshed every once in a while anyway. There’s some options inside the settings that are explained in the api explorer.

Apply the recompose or ImagePush

This is the easiest part of the spec’s have been build properly.

Please note that the variables for the pools I use are a bit different to show the linked and instant clone pools

No visible feedback but it’s visible from the admin console (sadly not all tasks can be gotten from the api’s yet 🙁 )

That’s it for now but expect future posts about full clones, setting a default image for linked clones without recompose and maybe a complete script that does it all for you.

The VMware Labs flings monthly for January 2019

One month down, eleven to go for 2019! I am very busy planning the first Nutanix User Group meet and hopefully I will be selected again as vExpert. You can also still apply for vExpert at http://vexpert.vmware.com/. Back to the flings, this month there has been one new release:  Policy Enforcer and four updates: ESXi Embedded Host Client,
vSphere HTML5 Web Client, vSAN Hardware Compatibility List Checker and vSphere PKS Plugin.

New Releases

Policy Enforcer

Policy Enforcer is used to check and remediate restriction policies on a Workspace ONE Managed Windows 10 machine. If a user were to try to override configured Policy CSP settings by attempting to edit the Windows Registry, Policy Enforcer will compare the current value with the MDM configured value and reset the registry if the values differ.

Policy Enforcer can be implemented by uploading the MSI installer to the WS1 UEM console and deploying as an internal app via Apps & Books.

Updated

vSAN Hardware Compatibility List Checker

With the vSAN Hardware Compatibility List Checker you are able to test your hardware against the vSAN Hardware Compatibility list.

The vSAN Hardware Compatibility List Checker is a tool that verifies all installed storage adapters against the vSAN supported storage controller list. The tool will verify if the model, driver and firmware version of the storage adapter are supported.

Using a supported storage controller and firmware is important in a vSAN deployment to ensure normal operations, optimal performance, and to reduce the chances of hardware/firmware issues. This tool can be useful to ensure that a storage device and its firmware went through certification testing supported by VMware and its partners.

Some scenarios where the tool can be useful:

  • Verify if new server and storage adapter are supported for a vSAN deployment
  • Verify if re-purposed server, storage adapter are supported for a vSAN deployment

For a full vSAN system check, please check vSAN health UI through vSphere web client after a vSAN deployment.

Changelog

Version 2.0

  • Add 3 new checks
  • Controller is VMware certified for ESXi release
  • Controller driver is VMware certified
  • Controller firmware is VMware certified
  • Update HTML report format
  • Bug fixes

vSphere PKS Plugin

The vSphere PKS plugin gives the administrator a graphical interface within the vSphere HTML5 console.

Changelog

Version 1.0.1 – Build 168317

  • A PKS instance can be added to the plugin by providing the Ops Manager credentials
  • Support an alternate IP address (such as an NSX floating IP) to be used as the registration server and plugin server IP. It is assumed that the IP will be mapped to the appliance’s NIC via other means
  • Minor bug fixes

ESXi Embedded Host Client

The latest and greatest version of the ESXi embedded host client as found in production since ESXi6.0

Changelog

Version 1.33.1 build 12086396 (Fling 23) – January 31, 2019
OVF issues 

  • Various fixes for ovf import issues
  • ISO files are now imported from OVAs

General 

  • Fixed an issue with special characters in datastore names in some versions of ESXi
  • Fix swapped labels for transmit and receive in network chart
  • Network adapters are added to the vm in the correct order
  • Fixed issue with firewall notifications displaying incorrect information
  • provide notifications for expiring licenses
  • Support for Swedish input locale in the vm console
  • Display Fibre channel wwn and wwp as 64bit addresses

 vSphere HTML5 Web Client

This is the newest release of the HTML5 Web Client for vSphere. The downloadable version is 4.0.1 while the changelog is 4.0 so we’ll have to assume that 4.0.1 is a small bug fix. Starting from this version the fling ONLY supports vSphere 6.5 and newer!

Changelog

Fling 4.0 – Build 11785236

  • New Features
    • Support for VC 6.7
    • ESX Agent Manager UI
    • MxN Convergence in System Configuration
    • Import Certificate and Generate CSR
    • Code Capture: the record button can be toggled between hidden and shown.
    • Ability to remove Script Bundles in Autodeploy for 6.7 VC
    • Ability to remove Discovered hosts in Autodeploy for 6.7 VC
    • Export licensing data in CSV for all licensing views
    • Add and Assign license with single operation
    • Authentication Proxy configuration for VC 6.5+ (VC > Configure  > Settings > Authentication Proxy)
  • Improvements
    • Improved performance for Files browser for VC 6.7
  • Bug Fixes
    • Fixed an issue where starting a Code Capture recording would lead to dialogs loading slowly or not at all.
  • Known Issues
    • To open the Fling UI, you need to use https://<Fling IP>/ui
    • The VMware vSphere Update Manager (VUM) plugin will not be loaded when the Fling 4.0 is connected to vSphere 65
  • Release Notes
    • The upgrade from Fling 3.x to Fling 4.0 will require to establish new connection to the vSphere by providing the vSphere credentials.
    • The Fling 4.0 is based on the vSphere 6.7 client and does not support vSphere versions prior to vSphere 6.5

Added Checks to the vCheck for Horizon View

Starting this year I decided to really restart working on the vCheck for Horizon. I had several requests for RDS checks & Active directory plus I really wanted to get rid of everything related to the vmware.hv.helper module to make using it a little easier.

Just like the pools I pull the farms in the connection plugin so these can be used from other plugins.

The deleteall() for the queries needs to be added to clean things up, otherwise you will run out of queries pdq. The RDS plugins I created are visible down below.

Also an AD check was added

The vCenter api call was split into three checks for vCenter itself, ESXi and datastores.

Besides these I have also added a saml check (tested by Aresh Sarkari, thank you!) and truesso checks (don’t have it in my lab so can’t test).

If you want an example of the vCheck that can be found HERE.

Honored to be named Nutanix Technology Champion once again

Just like in 2017 and 2018 I have been named a Nutanix Technology Champion for 2019. While I haven’t been involved with the tech as much as in 2017 at least I tried to keep up to speed in 2018 by playing with the community Edition. Besides that I started two things on the Nutanix front in 2018: getting an NPX bootcamp to The Netherlands which I attended in September and trying to start a Nutanix User Group in The Netherlands and that will have it’s first meeting the 1st quarter of 2019! Besides that I attended the Nutanix .Next on tour event in Utrecht and of course .Next EU 2019 in London.

Being an NTC is for me all about the vCommunity, we try to help others but if we need a hand others will help you as well. Just ask Nutanix’ awesome community manager Angelo Luciani and he will tell you all about it 😉

 

2018 has been awesome but I am 100% sure that 2019 will be even better!

The VMware Labs flings monthly for December 2018

Happy New Year everyone! Hope you all had a great (and safe!) end of the year. I just need to close the year up with one thing: an overview of flings that have been released or updated in December. No less than four new flings have arrived: VMware Workspace ONE Provisioning ToolDispatch-SoloAndroid Device Pre-Verification Suite and PowerCLI for VMware Cloud on AWS. Two flings have received an update: PowerCLI Extensions and the HCIBench.

New

VMware Workspace ONE Provisioning Tool

The VMware Workspace ONE Provisioning Tool gives you an gui to provision and test WS One Applications.

The VMware Workspace ONE Provisioning Tool helps you test and validate your applications (exported as a .ppkg file) and the special-purpose unattend.xml configuration file as part of the Dell Provisioning for Workspace ONE offer. This tool simplifies the testing and validation of this process in your own environment before these files are sent and applied in the Dell factory.

Highlights

  • Simple UI to easily enable the IT admin to validate their ppkg and unattend.xml files in their own environment, mimicking what Dell is doing in the factory.
  • Supports PPKGs and unattend.xmls generated with Workspace ONE UEM Console 1811 or newer.
  • Highly flexible. Allows IT admins to specify the configurations for tool in a text based config file in order to change things like tool timeout and report location, to name a few.
  • Generates a detailed final summary report with client details and app installation results. This file is saved in C:\ProgramData\Airwatch\UnifiedAgent\Logs\PPKGFinalSummary.log after the “Full Process” button is clicked.
  • Halts the process if any steps fails for the given operation, giving the ability to IT admins to view & debug the state of the machine and the apps.

Supported Operations

  • Apply Apps Only – Given a ppkg, this tool deploys the applications on a test windows machine
  • Apply Full process – Given a ppkg and xml file, this tool deploys the applications on a test windows machine followed by Workspace ONE enrollment and Sysprep.

Dispatch-Solo

The Dispatch-Solo fling actually is a prepackaged VM to get you started with dispatch as easily as possible.

Dispatch-Solo is lean version of Dispatch which has been packaged as VM appliance. The goals of Dispatch-Solo are simple:

  • Lower the barrier to entry – get started with Dispatch in a matter of minutes
  • Support nearly the full Dispatch feature set – API compatibility
  • Explore use-cases – get user feedback and iterate

Because Dispatch and serverless is still in its infancy, understanding use cases is the highest priority. It therefore makes sense to continue to focus on getting Dispatch in as many hands as possible and making it as easy as possible to get started exploring its usage. By packaging Dispatch-Solo as a VM appliance, getting started is quick and predictable.

For full documentation and examples see the Dispatch project page.

Android Device Pre-Verification Suite

This Android Device Pre-Verification Suite Fling reduces the time to perform a preliminary test on any Android device from any OEM. Pre-verification result decides whether the device is eligible for a full device verification program or not. This eliminates the TAT (turnaround time) for basic test failures during the initial phase of verification from VMware. Customers/Partners can run this tool at their premise and check whether the device passes the device verification program entry criteria.

PowerCLI for VMware Cloud on AWS

If you are using VMware Cloud on AWS the PowerCLI for VMware Cloud on AWS fling will give you an preview on what to expect from PowerCLI to automate VMC.

This Fling provides a community preview of the upcoming PowerCLI commands for managing VMware Cloud on AWS. It comes in the form of a single PowerCLI module and integrates with existing PowerCLI modules.

All commands have been automatically generated. They are still in development, contain known issues, and will change in the future.

Updated

PowerCLI Extensions

The PowerCLI extensions fling gives you a preview on what to expect in the official PowerCLI releases.

Changelog

Version 3.0.0.11173018

  • Updated PowerCLI.Extensions Module to be compatible with VMware PowerCLI 11.0.0

HCIBench

This one should be known by now, the HCIBench is made for benchmarking your hyperconverged infrastucture. Ideal for things like vSAN but please be aware that it could also possibly be tuned for that.

Changelog

Version 1.6.8.7

  • Enhanced easy-run, put original 4k,70% read as the first test case, then 4k, 100% read and 256k, 100% write
  • Enhanced tvm deployment validation
  • Added Checksum into easy-run consideration
  • Updated guest VM template with increased ring_pages and disk scheduler
  • Added DNS configuration guidance into welcome message

Version 1.6.8.5

  • Added 2 more test cases into easy-run, 4k 100% random read and 256k 100% sequential write
  • Batch deployment will be involved if deploying more than 8 VMs to speed up deployment process
  • Allow user to choose IP prefix when using static IP
  • Optimized UI to allow user to review the results by single click
  • Fixed regression issue when placing Datacenter/Cluster in the folder

 

The VMware Labs flings monthly for November 2018

The year’s almost over but for me it feels like it just got started, how does it feel for you? Time certainly flies! This month there was one new fling: vSphere PKS Plugin and five have received updates: Workspace ONE UEM Profile Migration UtilityHCIBenchESXi Embedded Host ClientCross vCenter Workload Migration Utility and Workspace ONE Configuration Tool for Provisioning.

New

vSphere PKS Plugin

The vSphere PKS Plugin provides a user interface for managing and monitoring Kubernetes cluster deployments for the PKS platform. Using the vSphere PKS Plugin you can view details about your Kubernetes clusters, including master and worker nodes as well as networking configuration.

Features

The vSphere PKS Plugin:

  • Provides a graphical interface to visualize the Kubernetes clusters deployed and managed by PKS
  • Provides visibility into underlying infrastructure such as VMs, network objects and storage objects that are created when a Kubernetes cluster is deployed in a vSphere environment
  • Provides a centralized launch point for viewing components deployed with the Kubernetes cluster, including nodes and network objects such as routers, logical switches, load balancers
  • Provides a simple user interface to get easy access to the cluster using the kubectl interface and the cluster Dashboard

Updated

Workspace ONE UEM Profile Migration Utility

The Workspace ONE UEM Profile Migration Utility helps  in moving profiles between various WS One UEM Consoles.

Changelog

Version 1.6

  • Added a log file for more advanced troubleshooting and auditing. A new file in the folder called: WS1UEM-Profile-Migration-Utility-log.txt
  • Added logic to ensure the user has to hit Review button before Create
  • Fixed a bug where the Status wouldn’t clear if selecting a new Profile therefore the user was unable to tell if the new Create Profile was successful

HCIBench

The HCIBench is a Hyperconverged Infrastructure Benchmark build around VDbench.

Changelog

Version 1.6.8.1

  • Fixed regression when datastore is in the datastore folder
  • Avoid checking connection to host directly and use tvm deployment instead
  • Added Vdbench version check in summary script

Version 1.6.8

  • Added resource pool and VM folder fields for VMC environment
  • Fixed easy-run disk size issue
  • Enhanced pre-validation error message handling
  • Changed the names of network interface from “Public Network” to “Management Network”, and “Private Network” to “VM Network”

ESXi Embedded Host Client

While the ESXi embedded host client has been officially released for 5.5, 6, 6.5 and 6.7 the fling gets all the latest updates.

Changelog

Version 1.32.0 build 10692217 (Fling 22) – November 2, 2018

  • Import / Export
    • Iso files and nvram files can now be exported and imported (if suppored by the esx version)
    • Files can be individually selected when exporting
    • All advanced vm config options are exported by default
    • Several bug fixes related to the export wizard
  • General
    • Permissions previews now display correctly
    • Support Bundles are now generated on the fly
    • Domain user functionality has been restored
    • Fibre Channel WWNs are displayed in hex

Cross vCenter Workload Migration Utility

If you want to use a gui to move vm’s between different vCenter servers than the Cross vCenter Workload Migration Utility is the tool to use.

Changelog

Version 2.5, November 5, 2018

  • Remember registered site information (without password)
  • Easily retry a previously attempted task in case of failures
  • Search box for keyword filtering of migration task history
  • Option to clear task history by removing completed tasks
  • Added documentation and other links under the help menu
  • Partial fix for an issue related to duplicate network names

Workspace ONE Configuration Tool for Provisioning

The Workspace ONE Configuration Tool for Provisioning assists in building unattend.xml configuration files that can be used by Dell (or others when more provide the service) when delivering systems from the factory to set them up for your environment.

Changelog

Release Update – Version 2.0.0

Improvements

  • The version number is shown in the window title
  • The version number is shown as a comment in the generated XML
  • The product key is now validated to conform with the 11111-11111-11111-11111-11111 pattern
  • Split the locale settings into ‘Operating System Language’, and ‘Region and Keyboard Settings’.
  • ‘Operating System Language’ maps to the language of the operating system installation media, and ‘Region and Keyboard Settings’ maps to the locale settings available to the user during OOBE
  • ‘Operating System Language’ is now a required field as it is needed for certain customizations, such as adding a user to the administrators group
  • Removed the ability to set a custom computer name. The computer name now defaults to ‘*’, which causes the Windows OS to generate a random name, taking up to seven characters from the ‘Registered Organization’ field plus eight random characters. This change makes sure every computer has a unique name on the network.
  • The ‘Auto Admin Logon’ feature is no longer selectable. Instead, it will be activated when it is required by the deployment scenario.
  • All deployment scenarios now allow for the creation of a local user.
  • Moved the node from the ‘oobeSystem’ pass to the ‘specialize’ pass
    to be consistent with the node

Bug Fixes

  • Auto Admin Logon would only work with an unattend XML generated for an en-US installation image
  • Enabled the ASSIGNEDTOLOGGEDINUSER=Y flag to enable the WS1 agent to correctly enroll the user in the ‘Workgroup’ deployment scenario
  • Fixed an issue where the ‘Show Privacy Settings’ option would have no effect

What’s (in) my bag for Nutanix .Next 2018 London

This post is fairly similar to my posts for .Next Nice in 2017 and VMworld US of this year. For security reasons I decided to go with the XD Design Bobby again. Since it’s a lot harder to open when on my back I feel it’s a bit more secure while travelling on the London Underground. A couple of other changes also have been made, the bubm bag was replaced by a bit smaller pouch from the same maker and my Sony headset has gone to my wife since I settled on the Jabra Move I got from Cohesity at VMworld. The Jabra just sits a bit more comfortable for me and fits perfectly in it’s own bubm case.

For the rest there are the usual suspects: Xiaomi 10k battery pack, HP Probook 440 G5Microsoft designer mouseRoundcube Rewirable  USB Travel adapter and some various bits & pieces. My suitcase is simply packed with lots of stroopwafels and all the Nutanix NTC gear I have.

Horizon View Api’s: back to basics part 3: Methods

Like I said in part two I wanted to do that first before going to method’s since for some methods you actually need the output from a query. I posted an example of that in the meanwhile with my post about sending messages to users. The get-hvglobalsession and get-hvlocalsession are based on queries that are used for the Session_SendMessages method of the session service.

The obvious way of finding available methods is by looking into the API Explorer.

It’s a complete list but it’s hard to find all the methods that belong to a service. It’s easier to do a get-method on a service.

So, in here we have two methods: ConnectionServerHealth_Get and ConnectionServerHealth_List. Even my wide PowerShell window is not big enough to show what’s needed to with the ConnectionServerHealth_Get method. For that we can use service.method without any brackets.

and

The required input for the method’s is visible between the brackets. The _Get method requires an id of the type vmware.hv.connectionserverid and the list doesn’t even need an input. I will keep the first one to use for later while I run the latter one.

A lot of these lists have information that is available on a deeper level, with a get-method everything is shown.

The ones where you see a property that has a definition that starts with vmware.hv…. has more content hidden. It is possible to access these by putting the entire line between brackets followed by .membername for example

Please be aware that this can go multiple levels deep for some methods. To avoid unneeded api calls it’s wise to declare a variable from the method and use that to access the data.

Now to show the use of the _get method I could use the id that I received from the _list method but that would be cheating. What I will do is put a list of all connectionservers into an array (even though I only have 1) and do a foreach with the _get method.

This is the basic usage for method’s. For some method’s a spec is required for input please take a look at this post about adding an instantclone administrator for an example. I will show some more details about that one in here. Let’s take a look at what the method requires as input.

You can see that a spec is required of the type VMware.Hv.InstantCloneEngineDomainAdministratorSpec. The API Explorer will show that this actually is a bit weird one since it one contains a base.

If you click on the base you’ll see whats required in there.

These levels actually show that we need to declare multiple objects to build the actual spec. You can create the basic object with new-object objecttype

As you see the base is empty and doesn’t know what data it can contain. This shows that we need to declare the object for every level where we need to enter some information.

First I tried this using the class that’s shown in the API explorer, this obviously didn’t work so I use the data object name.

In the link I posted above you should be able to find what’s required to create an actual instantcloneadministrator. With this I have covered most of the method’s and how they work. Please don’t assume that _list nevers needs an id or that _get always needs one because that’s not true. Sometimes it will also say ids like with my previous post about sending messages that means it needs an array of id’s most possibly generated by a query or an _list method.

 

 

Sending messages to users with the Horizon API’s

I got the question today from Fabian Lenz if it is possible to send messages to end users using the Horizon API. I knew I had seen it somewhere already and here’s a quick explanation.

There are two method’s to do this, one for a single session and the other for a group of sessions. Both fall under the session service.

You can see both the methods called session_sendmessage and session_sendmessages if we look at what’s required for both we see that the difference is a single sessionid or an array of session id’s.

Let’s see what the API explorer says what’s needed.

So the msgtype is a string that can have three values and the message is just a string, let’s test this.

I am lazy and will use get-hvlocalsession for the sessionid.

I do the -first 1 so it isn’t an array but a single session.

Now let’s send a message.

And the result:

Now let’s do the same for multiple sessions.

And to show that this also works for global sessions (both where connected to pod2cbr1)

If you want to filter the sessions on user or machine name you can filter the $globalsessions on $globalsessions.namesdata.basenames

With the localsessions it’s located in $sessions.namesdata

It’s also possible to filter this with the query service, take a look on my previous post on how to handle queries.

So now you know how to send messages to users. Not that they always read these messages but at least you can try warning them a bit faster now!