[HorizonAPI]Finding VDI or RDS machines based on wrong/old Golden Image

One of the first thing I did years ago when I first learned of the Horizon API’s was to start working on the vCheck for Horizon as I at that point was managing a Horizon 6.2* environment with lots of pools and lots of issues. With the vCheck I didn’t need to log into all pod’s anymore and nor did I need to check each and every pool after a recompose if all desktops had the correct image. Last week Guy Leech asked me if there was a script that could do this for RDS farms as he was working on a script that has to do with App Volumes & RDS hosts. I was like hell yeah we have that but when I looked at the vCheck and had to admit that it was a actually a hell no.

So after creating a new RDS image that could be used with Instant Clones this week it was time to create that vCheck. This morning and I even splashed a bug in the VDI wrong snapshot check when a Desktop Pool doesn’t have any machines in it. This led to this tweet that you might have seen:

SO what is actually the magic behind these checks? To be honest it is rather simple as the names of both the VM and the Snapshot in use are embedded in object both on pool/farm level and in the machine objects themselves.

First I connect to the connection server so we’ll use a credentials file and I also define 2 variables that we will use later

$hvconserver="pod2cbr1.loft.lab"
$credsfile="D:\homelab\creds.xml"

$creds=Import-Clixml $credsfile

$hvserver=connect-hvserver -Server $hvconserver -Credential $creds
$hvservice=$hvserver.ExtensionData
[email protected]()
[email protected]()

After this I use 2 query’s to gather Pool and Farm information. The summaryviews don’t contain the needed information so I have to use farm.farm_get with the id to get what we need.

# --- Get Desktop pools
$poolqueryservice=new-object vmware.hv.queryserviceservice
$pooldefn = New-Object VMware.Hv.QueryDefinition
$pooldefn.queryentitytype='DesktopSummaryView'
$poolqueryResults = $poolqueryService.QueryService_Create($hvservice, $pooldefn)
$pools = foreach ($poolresult in $poolqueryResults.results){$hvservice.desktop.desktop_get($poolresult.id)}
$poolqueryservice.QueryService_DeleteAll($hvservice)
# --- Get RDS Farms

$Farmqueryservice=new-object vmware.hv.queryserviceservice
$Farmdefn = New-Object VMware.Hv.QueryDefinition
$Farmdefn.queryentitytype='FarmSummaryView'
$FarmqueryResults = $FarmqueryService.QueryService_Create($hvservice, $Farmdefn)
$farms = foreach ($farmresult in $farmqueryResults.results){$hvservice.farm.farm_get($farmresult.id)}
$Farmqueryservice.QueryService_DeleteAll($hvservice)

So how does this look?

and inside the automateddesktopdata and automatedfarmdata we find a property called virtualcenternamesdata that has what we need

Next I will create object for both the first farm and the first pool to show what where we need to look for in the vdi/machine objects

$queryservice=new-object vmware.hv.queryserviceservice
$defn = New-Object VMware.Hv.QueryDefinition
$defn.queryentitytype='MachineSummaryView'
$defn.filter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.desktop'; 'value' = $pool.id }
$queryResults = $queryService.QueryService_Create($hvservice, $defn)
$poolmachines=$hvservice.machine.machine_getinfos($queryResults.results.id)


$queryservice=new-object vmware.hv.queryserviceservice
$defn = New-Object VMware.Hv.QueryDefinition
$defn.queryentitytype='RDSServerInfo'
$defn.filter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.farm'; 'value' = $farm.ID }
$queryResults = $queryService.QueryService_Create($hvservice, $defn)
$farmmachines=$queryresults.results

As you can see I take an extra step for the desktops as the information that we need is not visible in the MachineSummaryView and the MachineDetailsView is a mess to run query’s for. The VDI machines have the GI and snapshot data stored in $machines.managedachinedata.viewcomposerdata (yes also for Instant Clones) while the rds hosts have it stored in RdsServerMaintenanceData.

After this it’s a matter of combining that information into a nice script that will grab it all for you.

$hvconserver="pod2cbr1.loft.lab"
$credsfile="D:\homelab\creds.xml"

$creds=Import-Clixml $credsfile

$hvserver=connect-hvserver -Server $hvconserver -Credential $creds
$hvservice=$hvserver.ExtensionData
[email protected]()
[email protected]()

# --- Get Desktop pools
$poolqueryservice=new-object vmware.hv.queryserviceservice
$pooldefn = New-Object VMware.Hv.QueryDefinition
$pooldefn.queryentitytype='DesktopSummaryView'
$poolqueryResults = $poolqueryService.QueryService_Create($hvservice, $pooldefn)
$pools = foreach ($poolresult in $poolqueryResults.results){$hvservice.desktop.desktop_get($poolresult.id)}
$poolqueryservice.QueryService_DeleteAll($hvservice)
# --- Get RDS Farms

$Farmqueryservice=new-object vmware.hv.queryserviceservice
$Farmdefn = New-Object VMware.Hv.QueryDefinition
$Farmdefn.queryentitytype='FarmSummaryView'
$FarmqueryResults = $FarmqueryService.QueryService_Create($hvservice, $Farmdefn)
$farms = foreach ($farmresult in $farmqueryResults.results){$hvservice.farm.farm_get($farmresult.id)}
$Farmqueryservice.QueryService_DeleteAll($hvservice)




foreach ($pool in $pools){
  $poolname=$pool.base.name

  if ($pool.type -like "*automated*"){
    $queryservice=new-object vmware.hv.queryserviceservice
    $defn = New-Object VMware.Hv.QueryDefinition
    $defn.queryentitytype='MachineSummaryView'

    $defn.filter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.desktop'; 'value' = $pool.id }

        $queryResults = $queryService.QueryService_Create($hvservice, $defn)

    if ($queryResults.results.count -ge 1){
      $poolmachines=$hvservice.machine.machine_getinfos($queryResults.results.id)
      $wrongsnaps=$poolmachines | where {$_.managedmachinedata.viewcomposerdata.baseimagesnapshotpath -notlike  $pool.automateddesktopdata.VirtualCenternamesdata.snapshotpath -OR $_.managedmachinedata.viewcomposerdata.baseimagepath -notlike $pool.automateddesktopdata.VirtualCenternamesdata.parentvmpath}
      if ($wrongsnaps){
        foreach ($wrongsnap in $wrongsnaps){
          $wrongsnapdesktops+= New-Object PSObject -Property @{
            "VM Name" = $wrongsnap.base.name;
            "VM Snapshot" = $wrongsnap.managedmachinedata.viewcomposerdata.baseimagesnapshotpath;
            "VM GI" = $wrongsnap.managedmachinedata.viewcomposerdata.baseimagepath;
            "Pool Snapshot" = $pool.automateddesktopdata.VirtualCenternamesdata.snapshotpath;
            "Pool GI" = $pool.automateddesktopdata.VirtualCenternamesdata.parentvmpath;
          }
        }
      }
    }
    $hvservice.QueryService.QueryService_DeleteAll()
  }
}

foreach ($farm in $farms){
  $farmname=$farm.data.name

  if ($farm.type -like "*automated*"){
    $queryservice=new-object vmware.hv.queryserviceservice
    $defn = New-Object VMware.Hv.QueryDefinition
    $defn.queryentitytype='RDSServerInfo'

    $defn.filter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.farm'; 'value' = $farm.ID }

    $queryResults = $queryService.QueryService_Create($hvservice, $defn)
    $farmmachines=$queryResults.Results
    if ($farmmachines.count -ge 1){
      $wrongsnaps=$farmmachines | where {$_.rdsservermaintenancedata.baseimagesnapshotpath -notlike  $farm.automatedfarmdata.VirtualCenternamesdata.snapshotpath -OR $_.rdsservermaintenancedata.baseimagepath -notlike $farm.automatedfarmdata.VirtualCenternamesdata.parentvmpath}
      if ($wrongsnaps){
        foreach ($wrongsnap in $wrongsnaps){
          $wrongsnaphosts+= New-Object PSObject -Property @{
            "RDS Name" = $wrongsnap.base.name;
            "VM Snapshot" = $wrongsnap.rdsservermaintenancedata.baseimagesnapshotpath;
            "VM GI" = $wrongsnap.rdsservermaintenancedata.baseimagepath;
            "Farm Snapshot" = $farm.automatedfarmdata.VirtualCenternamesdata.snapshotpath;
            "Farm GI" = $farm.automatedfarmdata.VirtualCenternamesdata.parentvmpath;
          }
        }
      
      }
      $hvservice.QueryService.QueryService_DeleteAll()
    }
  }
}
$wrongsnaphosts
$wrongsnapdesktops

Yes this is the same idea as what I use in the vCheck and what I will be using in the ControlUp Script Based Action that I will be creating soon.

 

The VMware Labs flings monthly for August 2020- Time for a new OSOT

The schedule builder for VMworld is open but we should have been at VMworld US around this time if only that stupid virus would have stayed away. In august there where three new fling releases and eight got one or more updates.

New

Software-Defined Data Center Skywalk

Federated Machine Learning on Kubernetes

VMware Container For [email protected]

Updates

FlowGate

VMware Machine Learning Platform

Demo Appliance for Tanzu Kubernetes Grid

Infrastructure Deployer for vCloud NFV

Workspace ONE UEM SCIM Adapter

VMware OS Optimization Tool

App Volumes Migration Utility

USB Network Native Driver for ESXi

New Releases

Software-Defined Data Center Skywalk

Even with the description it’s not always clear what Software-Defined Data Center Skywalk does but apparently it helps in building vpn’s between VMC & on-prem datacenters.

The current API/UI workflow requires multiple operations in different VMC Software Defined Data Centers’ (SDDC) either using API’s or UI. We are solving the problem to auto register, discover, connect VPN’s between VMC SDDC’s on single click event. The Distributed Firewall DFW firewall policies are also mapped on user inputs from on-premises to VMC SDDC using this interface.

Federated Machine Learning on Kubernetes

Federated Machine Learning (FML) is one of the most promising machine learning technologies to solve data silos and strengthening data privacy and security, which is accepted by more and more financial organization. FATE is an opensource project hosted by Linux Foundation to provide a federated learning framework. FATE has been used to increase the performance of predictions in credit reporting, insurance and other financial areas, as well as surveillance and visual detection projects. It helps organizations to comply with strict privacy regulations and laws such as GDPR and CCPA.

This Fling provides a tool to quickly deploy and manage a FATE cluster by either Docker-compose or Kubernetes. Its features include:

Test and develop models in Jupyter using Federated Machine Learning technologies;
Build a FATE cluster with full life-cycle management of federated learning platform.
In the Fling, a command line tool talks to Kubenetes to initiate an entire FATE cluster. The Fling includes a sample configuration which can be used to quickly deploy and try out federated learning. The configuration can be customized based on actual requirements.

VMware Container For [email protected]

VMware Container for [email protected] Home is a docker container for running folding at home client. This container is supported on both Docker standalone clients and on a Kubernetes Cluster. Optional command line toggle GPU support on or off as well as all other common FAH client command line in puts.

The [email protected] container is configured to automatically join Team VMware ID 52737. Everyone is welcome to join! Check out http://vmwa.re/fah for team and individual statistics.

Updated flings

FlowGate

In enterprise data centers, IT infrastructure and facility are generally managed separately, which leads to information gaps. Collaboration between facility and IT infrastructure systems are limited or manual, and virtualization adds more complexity.

The goal of Flowgate is to make facility awareness in IT management system and make IT operations management and automation better on high availability, cost saving and improved sustainability, with more information on power, cooling, environment (e.g. humidity, temperature) and security.

Changelog

Version 1.1.2 Update

  • Add Chassis support in API
  • Add PDU phase data.
  • Upgrade Springboot from 1.4.7 to 2.3.7

VMware Machine Learning Platform

The goal of vmlp is to provide an end-to-end ML platform for Data Scientists to perform their job more effectively by running ML workloads on top of VMware infrastructure.

Changelog

Version 0.3.0

  • Federated ML based on FATE
  • Istio 1.4.9
  • Horovod 0.19.2
  • Upgraded major components (MLflow 1.10.0, Pandas 1.0.3 and others)
  • Important stability bug fixes
  • Added documentation

Includes contributions from: Jiahao “Luke” Chen (bug fixes and Federated ML/FATE integration),
Shan Lahiri (Getting Started Guide), Jason Hutson (relentlessly debugging Kubernetes on VMware
infra), Nick Ford (sorting out VMware NSX Advanced Load Balancer/AVI Networks configuration and issues)

Demo Appliance for Tanzu Kubernetes Grid

A Virtual Appliance that pre-bundles all required dependencies to help customers in learning and deploying standalone Tanzu Kubernetes Grid (TKG) clusters running on either VMware Cloud on AWS and/or vSphere 6.7 Update 3 environment for Proof of Concept, Demo and Dev/Test purposes.

Changelog

Aug 10, 2020 – v1.1.3

  • Support for latest TKG 1.1.3 release
  • Support for TKG Workload Cluster upgrade workflow from K8s 1.17.9 to 1.18.6
  • TKG Crash Diagnostic utility (crash-diagnostics) included in appliance
  • Helm (3.2.4) included in appliance
  • Updated to latest version of Harbor (1.10.3), Docker Compose (1.26.2), Kubectl (1.18.6), Octant (0.14.1) and TMC (d11404fb) CLI in appliance
  • PowerCLI script to automate 100% of pre-req for running on TKG on VMware Cloud on AWS

TKG-Demo-Appliance-1.1.3.ova
MD5: 86ce0c263ebcb6d20addcb6e1767e55a

Infrastructure Deployer for vCloud NFV

Infrastructure Deployer for vCloud NFV is an automation-based deployment tool used for setting up the VMware vCloud NFV platform

Changelog

Version 3.3 Update

  • Updated RAID version from 3.2.1 vCloud NFV VCD to 3.3 vCloud NFV OSE (OpenStack Edition)

Workspace ONE UEM SCIM Adapter

Workspace ONE UEM SCIM Adapter provides SCIM user/group management capabilities to Workspace ONE UEM. The middleware translates the System for Cross-Domain Identity Management, SCIM, to a CRUD REST framework that Workspace ONE UEM can interpret. This capability allows Workspace ONE UEM to synchronize cloud-based identity resources (users/groups/entitlements) without the need for an LDAP endpoint (service to service model). Examples include Azure AD, Okta, and Sailpoint.

Changelog

20.08 Release Notes & Update:

**Please Note:** If you have already setup WS1 SCIM Adapter, it is possible that moving to 20.08 will create new accounts. Please consider resetting Directory Services configuation for the OG you are connecting to.

New Features:

  • Deployments now exclusively supported on Docker. See install instructions for more details on how to orchestrate the deployment using the included Helm chart.

Bugs Fixed:

  • createGroup returns unexpected error due to missing payload return

Other Notes:

  • Bitnami deployment script introduced in 20.03 has been deprecated. Although it is still possible to deploy on Appliance form-factors, future development will be exclusively supported on Docker.

VMware OS Optimization Tool

I have read in plenty of places that people managed to mess up their image with OSOT and that they’re never going to use it anymore and even worse accept unoptimized images in production. This is the wrong choice in my opinion. please use osot or other ways to optimize your image but think about what you need to optimize and test it!

Changelog

August, 2020, b1171 Version Update

Optimizations

Disable Passive Polling is no longer selected by default as this was shown to cause issues with some applications thinking they did not have internet connectivity. Note that this optimization entry was previously incorrectly named as Enable Passive Polling.
Added new setting to Use WDDM graphics display driver for Remote Desktop Connections.

UI Improvements

Brand new interface functionality to allow searching of the optimizations to find specific entries. This is available on both the Optimize and My Templates tabs and allows you to find and view settings based on what you type in.
Added a grid splitter to extend area of left tree view under My Templates.

Common Options

New controls to simplify keeping Cortana search and how the search box appears in the taskbar.

Generalize

New option to specify the Administrator account to use after running SysPrep. This defaults to the current user account. The account specified is also added to the Administrators and Remote Desktop Users groups.
New option to perform an automatic restart after the Generalize task has completed.

Bug Fixes

  • Common Options settings were reset after an optimization. These should now be retained.
  • Changed the way the default profile was used to ensure that this works when OSOT is run using the system account.
  • Windows Syspart Repair was being prevented from being disabled properly.
  • Windows Superfetch was being prevented from being disabled properly.
  • Windows Update was sometimes not disabled properly after running a generalize.
  • Updated templates were saved to the wrong location.

August, 2020, b1170 Update

Templates

New combined template for all versions of Windows 10 and Windows Server 2016 and 2019. Optimizations can have optional parameters to filter the version that a setting is applied to.

Optimizations

Turn off NCSI is no longer selected by default as this was shown to cause issues with some applications thinking they did not have internet connectivity.

New Optimizations added and some removed, For details see: https://techzone.vmware.com/resource/vmware-operating-system-optimization-tool-guide#Template_Updates

Bug Fixes

  • Fixed issues with re-enabling Windows Update functionality on Server 2016 and 2019.
  • Fixed issue that was preventing Windows Antimalware from being disabled properly.

Common Options

Changed interface and language on the Common Options page for Windows Update to remove confusion. This option can only be used to disable Windows Update as part of an optimization task. To re-enable Windows Update functionality, use the Update button on the main menu ribbon.

Guides

Updated OSOT user guide: VMware Operating System Optimization Tool Guide.

App Volumes Migration Utility

App Volumes Migration Utility allows admins to migrate AppStacks managed by VMware App Volumes 2.18, to the new application package format of App Volumes 4. The format of these packages in App Volumes 4 have evolved to improve performance and help simplify application management.

Changelog

1.0.4 Version Update

  1. Fix for “AppVolumes Manager is invalid” error shown in the UI when connecting to App Volumes Manager 4 version 2006.
  2. Fix for the bug “failed to get old appID from YML entries” in the AppCapture.log during migration of appstacks.

USB Network Native Driver for ESXi

USB has become one the most widely adopted connection type in the world & USB network adapters are also popular among Edge computing platforms. In some platforms, there is either limited or no PCI/PCIe slots for I/O expansion & in some cases, an Ethernet port is not even available. Another advantage of a USB-based network adapter is that it can be hot-plugged into an system without a reboot which means no impact to the workload, same is true for hot-remove.

This Fling supports the most popular USB network adapter chipsets found in the market. The ASIX USB 2.0 gigabit network ASIX88178a, ASIX USB 3.0 gigabit network ASIX88179, Realtek USB 3.0 gigabit network RTL8152/RTL8153 and Aquantia AQC111U. These are relatively inexpensive devices that many of our existing vSphere customers are already using and are familiar with.

Changelog

Aug 24, 2020 – v1.6Add

  • support for Aquantia and Trendnet AQC111U (0xe05a:0x20f4)
  • Add support for Realtek RTL8153 (0x045e:0x07c6)
  • Add support for Realtek RTL8156 (0x0bda:0x8156)
  • Support for persistent VMkernel to USB NIC MAC Address mappings
  • Simplified USB NIC persistency
  • Resolved link speed issue for RTL8153 chipsets

Note 1: There are known issues when using Jumbo Frame 9K for RTL* chipset, this is still being investigated. For now, only up to 4K is supported.

Note 2: This will be the last release which will include support for ESXi 6.5

ESXi700-VMKUSB-NIC-FLING-39035884-component-16770668.zip
ESXi670-VMKUSB-NIC-FLING-39203948-offline_bundle-16780994.zip
ESXi650-VMKUSB-NIC-FLING-39176435-offline_bundle-16775917.zip

Using the Horizon 8 swagger page

A couple weeks back when Horizon 8 was released they also made us happy with the Swagger page to browse the rest api methods. One thing it lacks though is a way to easily authenticate to actually try them. There is an Authenticate button but I couldn’t find any information on what it actually needs. While creating my previous blog post I was messing around with things and actually found a way to authenticate. First I tried to authenticate using the actual api method for that but trying any call afterwards still showed me as not being authenticated. You could copy/paste the access token though and you’ll see in the script how that might work, or check the 3rd screenshot.

Let’s have a look at the script.

$url = read-host "url for connectionserver"

$username=read-host "Username"
$domain=Read-host "Domain"
$password=read-host "Password" -AsSecureString

$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password) 
$UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)

function Get-HRHeader(){
    param($accessToken)
    return @{
        'Authorization' = 'Bearer ' + $($accessToken.access_token)
        'Content-Type' = "application/json"
    }
}
function Open-HRConnection(){
    param(
        [string] $username,
        [string] $password,
        [string] $domain,
        [string] $url
    )

    $Credentials = New-Object psobject -Property @{
        username = $username
        password = $password
        domain = $domain
    }

    return invoke-restmethod -Method Post -uri "$url/rest/login" -ContentType "application/json" -Body ($Credentials | ConvertTo-Json)
}

function Close-HRConnection(){
    param(
        $accessToken,
        $url
    )
    return Invoke-RestMethod -Method post -uri "$url/rest/logout" -ContentType "application/json" -Body ($accessToken | ConvertTo-Json)
}
try{
$accessToken = Open-HRConnection -username $username -password $UnsecurePassword -domain $Domain -url $url
Set-Clipboard (Get-HRHeader -accessToken $accessToken).Authorization
}
catch{
    write-host "Error while authenticating"
}

To make it directly usable I have chosen to ask for web address of the server, username, domain and password and in the end I copy the token you need to the clipboard for you. Let’s have a look at it

No further output but I can paste what I have in the clipboard now in the Authenticate field at the swagger page, hit authorize and close.

And now I can try api calls, pulling machines from the inventory for example.

SO that’s how we can actually use the Swagger page to try api calls.

Horizon 8 released: Moar api’s!!

So yesterday every VMware EUC person was going wild because Horizon 8 was released. I won’t go into all the stuf that’s new because plenty of other folks have already done that (love the parentless instant clones though!). So what exactly are the new things looking from the API perspective? From the good old soap api’s I didn’t expect any changes and couldn’t find any either but a new api explorer page was published anyway. From the REST side a lot as changed. First of all here also a new api explorer page was published. Besides that an explanation of the API’s was actually posted on Techzone over here. On this page some excellent things can be found like there’s a swagger page now on your connection server: https://connectionserverfqdn/rest/swagger-ui.html as of now I haven’t found a way on the page itself to authenticate as you need an api key for the authorize button but that’s something I had requested anyway to make available.

But also a set of postman collections if that’s your preferred method to test api’s it has collections for all the Horizon releases that contained public rest api’s.

In the swagger ui it’s possible to browse all the api calls we can do and I’ll use that in later blog posts to actually do new things because I have seen a shitload of new possibilities!

 

The VMware Labs flings monthly for July 2020- Reach is back!

A couple of days late but I had  good excuse: I was away on a holiday. I needed it and enjoyed it and have a week left before I start work again. This month there was one new release and nine flings received an update. Overall it’s a EUC rich overview since no less than seven of those are Horizon / App Volumes related.

New Releases

App Volumes Packaging Utility

Updated flings

HCIBench

App Volumes Migration Utility

Horizon Session Recording

Power vRA Cloud

Horizon Reach

Desktop Watermark

App Volumes Entitlement Sync

vSphere Mobile Client

VMware OS Optimization Tool

New Releases

App Volumes Packaging Utility

This App Volumes Packaging Utility helps to package applications. With this fling, packagers can add the necessary metadata to MSIX app attach VHDs so they can be used alongside existing AV format packages. The MSIX format VHDs will require App Volumes 4, version 2006 or later and Windows 10, version 2004 or later.

Updated Flings

HCIBench

HCIBench is a VMware wrapper around VdBench or Fio to test the capabilities of your HCI environement. I would recommend always to test with your own settings so you can do an honest comparison.

Changelog

Version 2.4.0

  1. Fixed tvm deployment bug when specifying host
  2. enabled easy run to support stretched cluster
  3. fixed timezone issue on pdf report, and added more vSAN info into PDF report
  4. set testname and testcase as variables in grafana
  5. added CPU workload into fio config page
  6. updated rbvmomi to support vsphere 7.0+
  7. enhanced fio and vdbench graphite dashboards

MD5 Checksum: 0cfd6cc852e33e5ce32022a66539b4c9 HCIBench_2.4.0.ova

App Volumes Migration Utility

The App Volumes Migration Utility helps the users in moving from App Volumes 2.18 to App VOlumes 4 so app stacks don’t need to be reprovisioned.

Changelog

Version 1.0.3 Update

  • Field “uniqueId” is added in the metadata JSON for migrated appstacks.

Version 1.0.2 Update

  • Fix for fling bug 983.
  • The customer bug on the fling, exposed an un handled scenario.
  • Prior to migration if the appstacks registry database contained registry keys with embedded NUL
  • (\0) chars in their name, Migration fails.
  • This scenario has now been addressed with this update.

Horizon Session Recording

The Horizon Session Recording is a usefull tool when an Horizon Admin wants to be able to record sessions and see what the users are doing exactly when a problems happens.

Changelog

Version 2.1 Update

  • Many bugfixes in agent side

Power vRA Cloud

PowervRA Cloud is a PowerShell module that abstracts the VMware vRealize Automation Cloud APIs to a set of easily used PowerShell functions. This tool provides a comprehensive command line environment for managing your VMware vRealize Automation Cloud environment.

Changelog

Version 1.3

  • 4 x New Cmdlets for VMC
  • 5 x New Cmdlets for AWS
  • Powershell 7 on Windows Support
  • Bugfixes

Horizon Reach

If you don’t have any other 3rd partly tooling (like ControlUp, sorry gotta plug my employer 😛 ) to manage your Horizon environment than Reach is a very useful tool. This is not an update but a re-release, read below why.

Warning: Horizon Versions 7.10 through 7.12 have a known issue which can cause Horizon Reach to trigger a low memory issue on the Horizon Connection Server.

For Horizon 7.10, ensure to deploy Horizon 7.10.2. For 7.11 and 7.12, please refer to the following document here.

Desktop Watermark

The Desktop Watermark fling gives you the option to visible and unvisible mark the desktop that you are using.

Changelog

v1.2 – Build 20200713-signed Version Update

  • Added support for multiple displays.

App Volumes Entitlement Sync

The App Volumes Entitlement Sync flings helps an APp VOlumes admin to sync various App Volumes Environments like test/dev/prod or different pod’s for example.

Changelog

Version 4.1 Update:

  • Get App Volumes version from an API value which always returns the build number.
  • App Volumes 2006 and later has a problem with version 4.0 of the Fling in returning a string value.

vSphere Mobile Client

Manage vSphere from your phone or tablet with the vSphere Mobile Client fling, do I need to say more?

Changelog

Version 1.13.2 Update:

New:

  • Datastore details page (link from VM details page)

Improvements:

  • Fixed issues related to connecting to standalone ESXi VM console
  • Fixed issues when switching between servers

VMware OS Optimization Tool

Do you build golden images or templates? Than use the VMware OS Optimization Tool to optimize them!

Changelog

August, 2020, b1170 Update

Templates

  • New combined template for all versions of Windows 10 and Windows Server 2016 and 2019. Optimizations can have optional parameters to filter the version that a setting is applied to.

Optimizations

  • Turn off NCSI is no longer selected by default as this was shown to cause issues with some applications thinking they did not have internet connectivity.
  • New Optimizations added and some removed, For details see: https://techzone.vmware.com/resource/vmware-operating-system-optimization-tool-guide#Template_Updates

Bug Fixes

  • Fixed issues with re-enabling Windows Update functionality on Server 2016 and 2019.
  • Fixed issue that was preventing Windows Antimalware from being disabled properly.

Common Options

  • Changed interface and language on the Common Options page for Windows Update to remove confusion. This option can only be used to disable Windows Update as part of an optimization task. To re-enable Windows Update functionality, use the Update button on the main menu ribbon.

Guides

[Horizon]Creating applications using PowerCLI

Something I didn’t handle previously was the creating of applications in Horizon. Since they are always hard wired to a farm or desktop it might happen that you need to re-create these so automation is preferred.

When looking at the api call for creating an application I find that we need to create an objetc of the type VMware.hv.ApplicationSpec

After defining this spec we’ll see that two objects are needed: Data and ExecutionData. This is also visible in the API Explorer.

Let’s define both of these and see what the options are.

Looking at the API explorer for Data only the name is actually required while for Executiondata only the Executablepath and the desktop or farm id is required

(going lazy here and using vmware.hv.helper to get the farmid)

And now I can create the application itself

The VMware Labs flings monthly for June 2020

And another month gone, for some the Summer Holidays have already started while others might have to wait a few weeks or so. This month there have been two new fling releases and seven received an update.

New Releases

Workspace ONE App Analyzer for macOS

True SSO Configuration Utility

Update flings

Python Client for VMC on AWS

FlowGate

VMware OS Optimization Tool

VMware Event Broker Appliance

App Volumes Entitlement Sync

Unified Access Gateway Deployment Utility

vSphere Software Asset Management Tool

New Releases

Workspace ONE App Analyzer for macOS

The Workspace ONE macOS App Analyzer will determine any Privacy Permissions, Kernel Extensions, or System Extensions needed by an installed macOS application, and can be used to automatically create profiles in Workspace ONE UEM to whitelist those same settings when deploying apps to managed devices.

 

True SSO Configuration Utility

True SSO can be a though cookie to actually configure the True SSO Configuration utility might be help to help you with that.

This project is intended for the VMware Horizon customers in order to use True SSO Configuration Utility to help you configuring TrueSSO using View Connection Server, Enrollment Server and your Certificate Authoriry / Active Directory.

Updated Flings

Python Client for VMC on AWS

If Python is your favorite programming language the Python Client for VMC on AWS will help you in automating things for VMC.

Changelog

Version 1.1

  • Added support for Distributed Firewall.

FlowGate

Flowgate helps you integrate multiple systems like Infoblox, Pulse IoT center and PowerIQ with your IT management systems..

Changelog

Version 1.1

  • Refactor the powerIQ and Nlyte adapter to support more metrics and properties
  • Refactor the Metric api.
  • Enhance the manual facility mapping functionality, support pdu,switch and sensor mapping.
  • Support add IP and AssetName mapping.
  • Security bugs fixed.
  • largely reduce the images size

VMware OS Optimization Tool

If you are into EUC the VMware OS Optimization Tool is THE tool to optimize your images or at least the base to use for scripting those optimizations.

Changelog

June, 2020, b1160

Windows Update

Brand new option called Update that make it easier to re-enable Windows Update functionality on a Windows image that has previously been optimized and had this disabled.

This process has the following four steps:

  • Enable – Changes the required registry values, local group policy and enables the required services.
  • Windows Update – Starts the Windows update process and open the Windows setting page. You can run the Windows Update process as often as required and reboot, if necessary, before progressing to the next step.
  • Restore – Returns all settings to their original values. This will also disable scheduled tasks that get regenerated when a Windows Update runs.
  • Recommendations – After updating Windows, it is recommended that you rerun an optimize and then a finalize task.

Generalize

Completely redesigned interface that makes it easier to change the settings to customize the unattend answer file. These include:

  • Time Zone.
  • Input, system, UI, and user locales.
  • Administrator account autologon and password.
  • Copy Profile.

You still have the ability to view and edit the generated unattend answer file, if required, before execution.
Added cleanup of the local administrator profile before performing a copy profile including deleting the following registry entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\FileAssociationsUpdateVersion
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations

Finalize

Commands added to disable App Volumes services, if installed, before running the Finalize steps.

Common Options

Selections are now retained between runs. This makes it easier to rerun an optimize with the same common option settings.

Command Line

Standardization for the main command line options.

  • Optimize can be run with either -optimize or -o
  • Generalize can be run with either -generalize or -g
  • Finalize can be run as either -finalize or -f

Optimizations

Remove optimizations that, while not selected by default, can cause issues if selected:

  • CloudExperienceHost – CreateObjectTask (Disable Scheduled Tasks)
  • CacheTask (3 items)

Guides
Updated OSOT user guide: VMware Operating System Optimization Tool Guide.

VMware Event Broker Appliance

The VMware Event Broker Appliance provides functionality for event driven automation in your SDDC.

Changelog

https://github.com/vmware-samples/vcenter-event-broker-appliance/releases/tag/v0.4.1

App Volumes Entitlement Sync

The App Volumes Entitlement Sync Tool will read, compare and sync entitlements from one App Volumes instance to another.

Changelog

Version 4.0 Update:

  • Still supports 2.x App Volumes Managers
  • Added support for 4.x – both Application Packages and Legacy 2.x AppStacks
  • Fixes Application / Package relationships on replication
  • Saves manager address, username and domain to registry
  • Improved logging and error trapping
  • Able to sync Application Package Markers
  • Able to delete empty Applications
  • Detects and displays selected assignment type
    Displays the version of the CURRENT marker or shows if none is set
  • Shows App Volumes manager version on main page

Unified Access Gateway Deployment Utility

I personally prefer to deploy my uag’s using powershell but if you prefer a gui the Unified Access Gateway Deployment Utility will help you with that.

Changelog

1.1.0 Version Update

  • Bug fixes and minor improvements
  • New logo

vSphere Software Asset Management Tool

The vSphere Software Asset Management (vSAM) is a tool that collects and summarizes vSphere product deployment information.

Changelog

Version 1.2 Update

  • Show vSAN product information in the report.
  • Show unmasked license keys in the report as an option.
  • Add a License Inventory Table in the report.

 

[HorizonRestAPI] Handling Instant Clone Administrator accounts

One of the options already available using the Horizon REST API‘s is working with Instant Clone Administrators. In total there are 5 API calls available and I will give an explanation for al 5 on how to use them. As you can see you’ll run all of them against /rest/config/v1/ic-domain-accounts.

GET : for all Instant Clone Domain accounts

POST : to create a new Instant Clone Domain accounts

GET : To retreive a specific Instant Clone Domain account with it’s ID

PUT : to update an Instant Clone Domain account.

DELETE : To delete an Instant Clone Domain account

Getting Started

To start showing these I am starting with the same base that I used in my first blog post about the Horizon REST api’s:

$url = read-host -prompt "Connection server url" 
$username = read-host -prompt "Username" 
$password = read-host -prompt "Password" -AsSecureString 
$Domain = read-host -Prompt "Domain" 
$url = "https://pod1cbr1.loft.lab"


$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password) 
$UnsecurePassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)


function Get-HRHeader(){
    param($accessToken)
    return @{
        'Authorization' = 'Bearer ' + $($accessToken.access_token)
        'Content-Type' = "application/json"
    }
}
function Open-HRConnection(){
    param(
        [string] $username,
        [string] $password,
        [string] $domain,
        [string] $url
    )

    $Credentials = New-Object psobject -Property @{
        username = $username
        password = $password
        domain = $domain
    }

    return invoke-restmethod -Method Post -uri "$url/rest/login" -ContentType "application/json" -Body ($Credentials | ConvertTo-Json)
}

function Close-HRConnection(){
    param(
        $accessToken,
        $url
    )
    return Invoke-RestMethod -Method post -uri "$url/rest/logout" -ContentType "application/json" -Body ($accessToken | ConvertTo-Json)
}

$accessToken = Open-HRConnection -username $username -password $UnsecurePassword -domain $Domain -url $url

Invoke-RestMethod -Method Get -uri "$url/rest/config/v1/ic-domain-accounts" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken)

GET

The regular get is really straight forward, just invoke a get and you get the results.

Invoke-RestMethod -Method Get -uri "$url/rest/config/v1/ic-domain-accounts" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken)

As you can see I currently have 2 accounts configured.

POST

With post we can configure a new Instant Clone Domain account. Let’s see what we need. According to the API explorer it looks like we need to supply a domain ID, password and account.

To get the domain ID we’ll actually need to do a GET against another url:

$domains=Invoke-RestMethod -Method Get -uri "$url/rest/external/v1/ad-domains" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken)

Now I will create the json that we’ll need to configure the account. The $data variable is just a regular powershell array that  afterwards convert to the actual json

$domainid=$domains |select-object -expandproperty id -first 1

[email protected]{
ad_domain_id= $domainid;
password= "password";
username= "username"
}

$body= $data | ConvertTo-Json

Now let’s use the Post method to apply this

Oops, too slow let’s authenticate and try again

Invoke-RestMethod -Method Post -uri "$url/rest/config/v1/ic-domain-accounts" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken) -body $body

There are a few remarks about this: no propper error is returned when a wrong username and password is used. Wen you try to create an account that already exists it will return a 409 conflict.

GET with ID

This is straightforward again, just extend the url for the get with the ID of the account you want to get. I grabbed this from the regular pul request and filtered on the user account I just created

$icaccounts= Invoke-RestMethod -Method Get -uri "$url/rest/config/v1/ic-domain-accounts" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken) 
$accountid=($icaccounts | where {$_.username -eq "username"}).id 
Invoke-RestMethod -Method Get -uri "$url/rest/config/v1/ic-domain-accounts/$accountid" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken)

PUT

Put can be used to change a users password. It’s requires a combination of the url with the ID from the get with id and a body like in the Post.

[email protected]{password="Demo-02"}
$body = $data | ConvertTo-Json
Invoke-RestMethod -Method Put -uri "$url/rest/config/v1/ic-domain-accounts/$accountid" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken) -Body $body

DELETE

To delete an account simply use the url with the id in it with the DELETE method

Invoke-RestMethod -Method Delete -uri "$url/rest/config/v1/ic-domain-accounts/$accountid" -ContentType "application/json" -Headers (Get-HRHeader -accessToken $accessToken)

 

The VMware Labs flings monthly for May 2020

Another month, another monthly overview of the new and changed flings as published on https://flings.vmware.com/. There are three new flings and seven received an update.

New flings:

Linux Driver for Precision Clock Virtual Device

Demo Appliance for Tanzu Kubernetes Grid

Supernova – Accelerating Machine Learning Inference

Update flings:

VMware Appliance for [email protected]

VMware Event Broker Appliance

Virtual Machine Compute Optimizer

VMware Machine Learning Platform

vSphere Mobile Client

Horizon Session Recording

Horizon Helpdesk Utility

New Releases

Linux Driver for Precision Clock Virtual Device

The Linux Driver for Precision Clock Virtual Device fling is an alternative way for synchronising time using a newly introduced piece of virtual hardware in vSphere 7.

ptp_vmw is a Linux driver for VMware Precision Clock, a new type of virtual device available in ESXi 7.0 (hardware version 17 on-wards) that provides virtual machines with access to the underlying ESXi host’s system clock. Guests can use the device as a reference clock in Chrony time synchronization software to synchronize their system clocks with.

Precision Clock offers an alternative to existing methods of time synchronization in the guest, such as NTP. A potential benefit of using Precision Clock, when compared to a network time synchronization, is that it uses a VMware proprietary paravirtual interface between a virtual machine and the host to fetch time information. Achievable accuracy using network based time synchronization in a guest is limited by delay and variability in the virtual networking paths (including the guest’s own networking stack), especially under high loads. By avoiding virtual networking, time synchronization using Precision Clock can, potentially, achieve higher accuracy. See the vSphere 7.0 documentation at https://docs.vmware.com for more information about this virtual device.

This fling includes a Linux kernel module source RPM, which can be built and installed in a Linux system. Upon loading the driver, a PTP clock device is created, which can be consumed as a reference clock in Chrony. See included README file for more information.

Demo Appliance for Tanzu Kubernetes Grid

A Virtual Appliance that pre-bundles all required dependencies to help customers in learning and deploying standalone Tanzu Kubernetes Grid (TKG) clusters running on either VMware Cloud on AWS and/or vSphere 6.7 Update 3 environment for Proof of Concept, Demo and Dev/Test purposes.

This appliance will enable you to quickly go from zero to Kubernetes in less than 30 minutes with just an SSH client and a web browser!

Features:

  • Quickly deploy TKG Clusters onto VMware Cloud on AWS or vSphere-based infrastructure
  • Online vSphere Content Library to sync all TKG Demo Appliance dependencies
  • Accompany step-by-step workshop-style guide
  • Embedded Harbor registry pre-loaded with all required TKG and Demo Containers
  • Support for Air-Gapped and Non-Internet accessible environments
  • Sample demo applications including Persistent Volume, K8s 3-Tier Application with a LoadBalancer example
  • Easily access and debug TKG Clusters using Octant

What’s Included:

Supernova – Accelerating Machine Learning Inference

With machine learning is widely used in enterprises, big data are trained on the edge, inference services go to production either in the cloud or on the edge.

On the edge

  • Edge devices have limited resources, space and power supply
  • Edge servers cost much higher than devices
  • Hardware accelerators are heterogeneous in architecture and various on interfaces and performance on the edge

In the cloud

  • Accelerator market is dominated by Nvidia GPU
  • Other options come as AMD GPU, Intel Habana Goya/Altera FPGA, AWS Inferentia, Xilinx FPGA etc
  • Common inference interfaces from cloud to edge doesn’t appear generally
  • Limitation on specific hardware accelerators or cloud leads to new vendor lock-in

Project Supernova is to build a common machine learning inference service framework by enabling machine learning inference accelerators across edge endpoint devices, edge systems and cloud, with or without hardware accelerators.

  • Micro-service based architecture with Restful API
  • Support heterogenous system architectures from leading vendors
  • Support accelerator compilers to native code
  • Neutral to ML training framework file formats
  • Work on both edge devices and clouds
  • Hardware CPU support:
    • x86-64, ARM64
  • Hardware accelerator support:
    • Intel VPU, Google Edge TPU, Nvidia GPU
  • Software
    • Inference toolkit support: OpenVINO, TensorRT & Tenserflow Lite
    • Training framework data format: Tensorflow, Caffe, ONNX, MxNet

Updated flings

VMware Appliance for [email protected]

Do you have some cpu resources left to use for a good cause? The VMware appliance for [email protected] makes life doing that just a bit easier.

Changelog

May 6, 2020 – v1.0.4

VMware-Appliance-FaH_1.0.4.ova
MD5: 151a5708f5d8cada3f5b48936e749f60

VMware Event Broker Appliance

The VMware Event Broker Appliance gives users makes live easier for creating business logic based on events.

Changelog

Here.

Virtual Machine Compute Optimizer

The Virtual Machine Compute Optimizer (VMCO) is a Powershell script that uses the PowerCLI module to capture information about the hosts and VMS running in your vSphere environment, and reports back on whether the VMs are configured optimally based on the Host CPU and memory.

Changelog

Version 2.1.0

  • Fixed errors in reporting for some VMs that are on hosts with 4 sockets
  • Fixed “memory” missing from Details when VM memory spans pNUMA nodes
  • Added ability to call function with “-simple” which only reports VM info (leaves out vCenter, Cluster, and Host)

VMware Machine Learning Platform

The VMware Machine Learning Platform was build to provide an end-to-end ML Platform.

Changelog

Version 0.2.0

  • Added support for vSphere with Kubernetes and Tanzu Kubernetes GRID in addition to VMware
  • Cloud Foundation/PKS
  • Upgraded to Kubeflow 1.0 GA
  • Added support for GPUs
  • Introduced a new data registry component called Data Manager
  • Upgraded minor components/libraries to the latest versions
  • Added an easy-to-use installer
  • Lots of bug fixes

vSphere Mobile Client

The vSphere Mobile client is the tool to have if you want to be able to an early check on your vCenter while running to your desk to do it on those nice and fancy big screens you have over there.

Changelog

Version 1.11.0

New features:

  • Virtual keyboard for VM console, with all special keys available
  • Details page for cluster objects

Improvements:

  • iOS devices now have the VM console, still requires direct ESXi connection for both Android and iOS
  • Library updates for better compatibility

Bugfixes:

  • Host no longer shows as standalone when part of a cluster
  • Issues for all objects are calculated similarly, by adding together fired alarms and configuration issues
  • Virtual CPU count in VM summary page is now correct
  • All details pages are showing information in a similar way

Horizon Session Recording

The Horizon Helpdesk Recording fling is an underestimated fling in my eyes, it gives you the opportunity to properly record whats’s happening in a users vdi session.

Changelog

Version 2.0.8

Note: Version 2.0.8 is a complete re-write of the whole fling, This fling does not support upgrading, this will require a new deployment, server and agent.

  • The agent is now multi-threaded.
  • The web service is now written in angular.
  • The web service now supports high availability (see documentation).
  • This release will only work with Horizon 7.9 or higher.

Horizon Helpdesk Utility

After Reach that sadly had to be pulled the Horizon Helpdesk Utility is on of the best flings to have ever been released for Horizon. FInally a fast tool that properly helps your helpdesk without having to go to the admin console.

Changelog

Version 1.5.0.21

  • Fixed an intermittent issue with the agent crashed when viewing a pool / session.

The VMware Labs flings monthly for April 2020

Another month down in the Corona quarantaine. That doesn’t mean that the engineers didn’t work on flings. More the opposite since I can’t remember having to go to page 2 on the site to see all of the new releases and updates. I see four new releases and nine updated flings.

The new ones: Tech For Good – Virtual Reality Experience, vSphere Replication Capacity Planning, Python Client for VMC on AWS, Horizon Cloud Pod Architecture Tools.

The updated flings: vRealize Operations REST Notifications Helper, App Finder for Tunnel, USB Network Native Driver for ESXi, vSphere Software Asset Management Tool, VMware OS Optimization Tool, Power vRA Cloud, VMware Appliance for [email protected], Virtual Machine Compute Optimizer, vSAN Performance Monitor.

New flings

Tech For Good – Virtual Reality Experience

The Tech For Good – Virtual Reality Experience fling is a VR huide through 4 key pieces of tech.

Download this Virtual Reality Application for the Oculus Quest and Oculus Go, you will watch this VR experience hosted by VMware, Bask Iyer, CIO and Chief Digital Transformation officer, as he walks us through 4 key technologies Cloud, Mobile, IoT and AI and illustrates new opportunities for technology to deliver a positive impact on society.

vSphere Replication Capacity Planning

The vSphere Replication Capacity Planning Fling reveals actual VM traffic consumption and delta size. This helps you perform a capacity planning or estimation of vSphere Replication network bandwidth utilization prior to enabling vSphere Replication for VMs.

This Fling exposes graphics regarding LWD (lightweight delta) network traffic and delta size metrics, represented in different time frames – hourly, daily, weekly and monthly.

Python Client for VMC on AWS

Python Client for VMware Cloud on AWS is an open-source Python-based tool. Written in Python, the tool enables VMware Cloud on AWS users to automate the consumption of their VMware Cloud on AWS SDDC.
Note this is not to interact with your VMware Cloud on AWS vCenter but to run tasks such as creating and deleting networks, setting up security groups and services and building network security rules on the Management and Compute Gateways.

Detailed instructions can be downloaded in the instructions tab or can be also found on the following blog post:
https://nicovibert.com/2020/02/25/pyvmc-python-vmware-cloud-aws/

Horizon Cloud Pod Architecture Tools

The Horizon Cloud Pod Architecture Tools fling is a set of tools that helps with managing a Horizon cloud pod.

Horizon cloud pod architecture (CPA) has lmvutil commands to manage the global database entitlements data using command line interface. A lmvtools command line wrapper is now available to enhance the command execution of lmvutil commands to input the password only once and leave the command execution to continue. It has capability to export all the site, site-pod mapping, global entitlements, user global assignments, local pool assignments, home site overrides, backup global entitlements in lmvutil commands format to file. The command builder has in-built mechanism to comment the stale user global assignments and stale home site assignments.

Update flings

vRealize Operations REST Notifications Helper

vRealize Operations REST Notifications Helper helps vRealize Operations Manager users improve and customize the REST notifications of alerts. It collects the most useful information about an alert, creates a new payload by user configuration, and sends it to third parties.

Changelog

Version 1.4.0

  • Added vRealize Operations Cloud Support
  • Added custom tags support
  • Bugfixes and improvements

App Finder for Tunnel

This application is a utility which can be used for conveniently flagging the applications to use WorkspaceONE Tunnel on macOS.

Changelog

Unknown

USB Network Native Driver for ESXi

Specially made for homelabs the USB Network Native Driver for ESXi makes it possible to use usb network cards with ESXi.

Changelog

April 6, 2020 – v1.5

  • Added support for ESXi 7.0

Note: This is ONLY for ESXi 7.0, for ESXi 6.5/6.7, please ensure you are using the correct version of driver.

ESXi700-VMKUSB-NIC-FLING-34491022-component-15873236.zip

vSphere Software Asset Management Tool

The vSphere Software Asset Management (vSAM) is a tool that collects and summarizes vSphere product deployment information. It calls on vSphere APIs for deployment data and produces a PDF report that the customer can consult as a part of their infrastructure review and planning process. This lightweight Java application runs on Windows, Linux or Mac OS.

Changelog

Version 1.1

  • Added vSphere 7.0 support; Added the Host Inventory Table in the generated software asset management report.

VMware OS Optimization Tool

Osot is the tool to optimize your Horizon golden images.

Changelog

April,2020,b1151

  • Fixed several issues in CLI.

April, 2020, b1150
.docx file of recent change log located in the hyperlink above.

Includes various bug fixes and many new optimizations that have a huge beneficial effect.

Support for Windows 10 version 2004 has been added.

Optimizations

Lots of Windows 10 and Windows Server optimizations have been added to this version. These include settings for Windows features and also for applications:

  • Office 2013/2016/2019
    • Disable start screens
    • Disable animations
    • Disable hardware acceleration
  • Internet Explorer 11 and Edge browserBlank home page
    • Prevent first time wizard
    • Disable hardware acceleration
  • Adobe Reader 11 and DC
    • Disable hardware acceleration
    • Multiple additional optimizations

More optimizations have been added for Windows services and scheduled tasks to achieve a faster OS initialization and improve performance.

UI Button Renames and Reorder

Several buttons have been renamed to more closely reflect the task they perform.

  • Analyze is now called Optimize.
  • The old page that displayed the results of an optimization task used to be called Optimize. That has been renamed to Results.

Inside the Optimize page the buttons at the bottom left have been reorganized. These are now in order that you would execute them in. Analyze > Common Options > Optimize

Removed the button for Compatibility as this was a legacy item.

The top-level buttons and tabs have been reordered to better reflect the main tasks and the order you carry them out in. Analyze > Generalize > Finalize.

Common Options

New option in Visual Effect to allow the selection of disabling hardware acceleration for IE, office and Adobe Reader. The default is that this is selected but this allows this to be easily unselected if using hardware GPU.

Added Photos to the list of Windows Store apps that can be selected to be retained.

Setting the background to a solid color is now selected by default.

Generalize

More comprehensive Sysprep answer file that helps with some optimization items that were getting undone by the Sysprep process.

Finalize

New options to carry out some tasks that get undone during Generalize.

  • Disable Superfetch service. This reduces high usage of CPU and RAM.
  • Clean temporary files from the default user profile.

Automate the use of SDelete to zero empty disk space.

  • Overwrites empty disk space with zeros so that the VMDK size can be reduced when it is cloned.
  • This uses SDelete which needs to be downloaded from Microsoft Sysinternals and copied to a location in the path (Windows\System32 or current user directory).

Create Local Group Policies

  • Creates local group policies for computer and user settings that can then be viewed with tools like RSOP and GPEdit.
  • This uses LGPO.exe which can be downloaded as part of the Microsoft Security Compliance Toolkit. LGPO.exe should be copied to a location in the path (Windows\System32 or current user directory).

Command Line

Command line support added for the Generalize step.

Command line support added for the Finalize step. This also simplifies and consolidates the previous system clean tasks (NGEN, DISM, Compact, Disk Cleanup) under the new -Finalize option. These can now be run without specifying a template.

Fixed naming of Paint3D application when wanting to retain this while removing other Windows Store Applications. This had been previously been incorrectly named as MSpaint.

Templates

Windows 10 version 2004 was added to the built-in template Windows 10 1809 – XXXX-Server 2019.

Legacy templates for Horizon Cloud and App Volumes packaging have been removed. The two standard Windows 10 templates should be used instead.

LoginVSI templates are no longer built in. They are still available to download from the public templates interface.

Guides

Updated OSOT user guide: VMware Operating System Optimization Tool Guide.

Updated Creating an Optimized Windows Image for a VMware Horizon Virtual Desktop guide coming soon.

Power vRA Cloud

PowervRA Cloud is a PowerShell module that abstracts the VMware vRealize Automation Cloud APIs to a set of easily used PowerShell functions.

Changelog

Version 1.2

  • Support for vRealize Automation 8.1
  • New cmdlets
  • Connect-vRA-Server
  • New-vRA-Server-CloudAccount-VMC
  • New-vRA-Server-CloudAccount-vSphere

VMware Appliance for [email protected]

This Fling is a vSphere Appliance that contains the [email protected] client software to help the fight against Covid.

Changelog

April 17, 2020 – v1.0.3

  • [email protected] software has been updated to latest 7.6.8
  • Add OVF property (guestinfo.fah_next_unit_percentage) to control Workload Unit Percentage (default value of 90)

VMware-Appliance-FaH_1.0.3.ova
MD5: d82d0829badc64e7e19bf24999a2db1a

April 1, 2020 – v1.0.2

  • [email protected] software has been updated to latest 7.5.1
  • Add OVF DeploymentOption (Small, Medium and Large) to help simplify initial configuration including optimal memory setting for 16 vCPU
  • SSH is now disabled by default (can be enabled during OVF deployment)

VMware-Appliance-FaH_1.0.2.ova
MD5: 44843701611febbf45d72b8b37a0778a

Virtual Machine Compute Optimizer

The Virtual Machine Compute Optimizer (VMCO) is a Powershell script that uses the PowerCLI module to capture information about the hosts and VMS running in your vSphere environment, and reports back on whether the VMs are configured optimally based on the Host CPU and memory.

Changelog

Version 2.0.4

  • Fixed errors with reporting on VMs with odd number of vCPUs
  • Fixed reporting on VMs that have CPU Hot Add enabled

vSAN Performance Monitor

The vSAN performance monitor is a monitoring and visualization tool based on vSAN Performance metrics.

Changelog

Version 1.3

  • Fixed issues related to user login. We have removed the user password configuration screen while deploying the fling. Users will be prompted to change the password after login.
  • Few tweaks related to Grafana charts. Removed the login screen to access graphs.