What’s (in) my backpack for @VMworld US 2018

I did a similar post for Nutanix .Next in Nice last year and there won’t be a lot of differences with that one. There will be some differences though since I need some world plugs for my european equipment plus I changed employers so I have a new laptop with new stickers (please help me to stay away from paper stickers, those are hell to remove). With less then two weeks to go for the event I don’t think a lot will change after this post. There’s a good chance that I will take a pass on the official VMworld backpack since I have enough of them now + there’s now the option to choose a charity over it.

First my bag, while I normally sport the 2016 Cohesity vExpert Timbuk2 backpack or a more recently received Nutanix Wenger backpack for daily use I decided to go with the XD Design Bobby backpack that I received the day that I started with my current employer AnylinQ. These have a great surface for customizing them with stickers as you can see below.

For the tech in it some things have changed, the laptop has been replaced by a newer generation so now I have the HP Probook 440 G5 + a Microsoft designer mouse has been added to replace the Xiaomi mouse. For the rest it’s still the Sony MDR-ZX770BN headset, an older Xiaomi 10k battery pack, Roundcube Rewirable  USB Travel adapter and the good old (hey, it’s over a year old now!) Samsung A5 2017 phone. All loose stuff will again by packed into the same Bubm DIS-L case.

 

 

New View API query services in PowerCLI 10.1.1: pulling event information without the sql password.

A while back I already posted about new services that where available for the View API’s in PowerCLI 10.1.1. Recently the api explorer for this version was published and can be found here. Two things that I didn’t find back then was the addition of two services for the query service. The first is GlobalApplicationEntitlementInfo this one can be compared to the previously already available GlobalEntitlementSummaryView and will return information about global entitlements.

The second added services is extremely useful: you can now query the event database. This means you don’t need the actual sql password anymore to query the events. According to the api explorer at least Horizon 7.3 is required and only events from the Event and Event_Data database tables. A simple query will show all events.

As you can see the data is divided in data and namesdata properties, these contain the same data as what is returned with get-hvevent. I added some selections to show only one event.

and

Offcourse it;s better to use filtering from the query directly. The full lust for that is available from the api explorer but I will give a couple of examples. (be aware that membername and the value are case sensitive)

Or by severity

As said it can be filtered on other properties as well but that might require some more logic to get the userid or desktopid for example. This is a very useful addition in my opinion to the Horizon View api’s.

My Experience with the NSX 6.2 ICM On-Demand traning and the VCP-NV exam

For the people who are only interested in the result: today I passed the VCP-NV exam with 367 points. This after I followed the NSX Install, Configure, Manage (hence the ICM) On-Demand course in May. This training was provided through the Partner training funds that my employer TenICT/AnylinQ have been assigned by VMware.

About the NSX ICM On-Demand training.

For the people not familiar with the on-demand training possibilities from VMware: with these courses one has a month the time to follow a set of computer narrated lectures covering all the same subjects as the official classroom training provides. Besides this you have access to a digital book belonging to the training. You also have access to a lab environment during this month where you have to complete all the lab tasks during the training.

Personally, I prefer classroom training since this allows the trainer to deviate from the official training when possible or required. Think about explaining things in a bit different matter or diving deeper into some of the material. Also, the computer-generated voice gets boring pretty fast and the sound quality also went sub par during some of the chapters. Combine this with a price that is only a fraction lower than the official price and I wouldn’t really recommend it unless you have someone sponsoring it for you.

What the training did was provide a good base for the exam. After this it’s a question of reading blog posts, playing with it in the lab (or Hands on Labs) and maybe you might need to read a book.

About the exam

So I did the exam as almost usual at @TheAcademy in Eindhoven, The Netherlands. They have a new room setup since over a year that I hadn’t been into yet (doing SME jobs has its perks) equipped with what I believe to be 21″ full HD screens. While these don’t provide for a better experience for vcp exams they do for vcap’s so that’s good to know. There are 77 multiple choice questions and I had two hours to spend on these. This time I didn’t need, and I left the building after 45 minutes. I can read English just as fast or sometimes faster than my native Dutch. The questions where a bit easier than I expected so maybe that score of 367 should have been a bit higher.

What you need to know

  • What permission level is needed to know what (Enterprise admin, NSX Admin, Auditor, Security Admin)
  • Order of installing things or setting them up
  • Be able to read drawings to follow the packets
  • Be able to create those drawings in your head and follow the packets
  • Some basic command line stuff for example for the controller cluster (only that what can be found in the courseware!)
  • Know your Distributed switches and what they can do
  • VPN Types
  • Best practices
  • What vm/function related to NSX does what
  • Networking basics
  • Numbers & maximums i.e. how many of what can do what, what’s needed to do that, what numbers needs this to be, What’s the default number for this.

Study Materials Used

  • NSX ICM On-Demand training
  • the links in vmiss’s blog post here
  • The Official Cert guide. Be aware that the exam is for 6.2 and not the 6.1 of the book but most still applies.

Do I know NSX inside out now?

No, and do you want to know why? This exam only hits the top of the iceberg in NSX possibilities, for example it hardly touches any real configuration nor does it have a lot of load balancing or nerd knob settings. For those things you really need to have a lot more experience and do the vcap exam. I am not sure if I will be following that path but this training and exam at least gives me enough knowledge to break things in NSX.

And a Queen video for those still reading

The VMware Labs flings monthly for June 2018

It’s less than two months before VMworld US is on us, are you looking forward to it? I know I am! In June there have been six updates to VMware flings:

ESXi Compatibility Checker

This was a new fling last month and now the ESXi Compatibility checker has been expanded with several functions like offline and multiple vCenter support. With this tool it is possible to check if your ESXi hosts will work with the latest and greatest that VMware has to offer.

Changelog

Build 8951845

Offline case support

  • The current script requires to be executed with access to both public internet and target hosts. The new version can separately validate compatibility from collecting hardware information. Hence, user can collect hardware information on a system without public internet access and save the information in a json file. And he can validate compatibility of collected hardware from a saved json file on a system with public internet access.

Example

  • The ‘-g’ option will collect hardware information and generate a json file. (no need to have internet access)

  • The ‘-f’ option will validate compatibility from a json file (no need to access target hosts)

Multiple virtual centers support

  • The host parameter with the ‘-s’ option now accepts comma separated multiple hostnames. This feature will be useful to create a single compatibility report for multiple VCs

example

More information in the compatibility report

  • “Installed Release”, “Checked Release”, and hardware information have been added in the report.

The “-p” option to set a proxy server

  • The https proxy server can be specified with the “-p” option

Cross vCenter Workload Migration Utility

The Cross vCenter Workload Migration Utility provides a GUI to migrate vm’s between vCenters.

Changelog

Version 2.1, June 21, 2018

  • Increased simultaneous migration limit to 100 from 10
  • Added check to ignore unknown fields for inventory info
  • Fixed source/target site names in task status view
  • Updated status API to include version number

 

DRS Lens

As VMware vSphere DRS has become more widely adopted now, more and more users are interested in knowing how it works. They need more insights into DRS activity and actions. They want to know the value that DRS provides to their clusters. DRS Lens is an attempt to provide a UI-based solution to help understand DRS better. (yes this is a lame copy/paste, it’s too hot to come up with original stuf)

Changelog

Version 1.3

  • Upgraded apache tomcat to version 8.5.31 for security compliance.

vSphere HTML5 Web Client

What would this monthly overview be without the vSphere HTML5 Web client?

Changelog

Fling 3.39 – Build 8835608

New Features

  • All the features of Auto Deploy (when compared with the vSphere Web Client)
    • Software Depots
    • Deploy Rules
    • Deployed Hosts
    • Discovered Hosts
    • Configure (Auto-Deploy configuration)
  • Script Bundles support for Auto-Deploy (Available only in the vSphere Client)
    • Script Bundles view where all bundles are listed
    • Ability to Upload a script bundle
    • Ability to Add/Edit deploy rules with script bundles
  • New virtual switches view on a host which includes topology diagrams for standard and host proxy switches

Improvements

  • vApp properties create, edit, delete and set value functionality
  • VM vApp option properties create, edit, delete and set value functionality
  • vCenter Extensions
  • VM SDRS create, edit and delete

VMware OS Optimization Tool

Being an EUC guy this is simply my favorite fling, nothing new this time, it’s just a bug fix release.

Changelog

June 14, 2018

  • Issue fix: Crash in non-English locale (e.g. French)

Horizon Migration Tool

The Horizon Migration Tool helps you to migrate from Xendesktop/App to Horizon View. This is mainly a maintenance version for a tool they missed in the last release.

Changelog

Version 3.0.1

  • Fixed issue: add missed XenAppDumper.exe for XenApp 5.0

 

My presentation at the vEUCtechcon 2018

Yesterday it was clear for me that more people are interested in what Dutch secret agents have to do with airwatch/workspace one uem then with PowerCLi for Horizon View. Nonetheless there where some people listening to my presentation and watching the ginormous slide deck filled with gif’s that I created. My personal experience was that it went ok but nothing more than that. Sadly using the vga cable didn’t help against the connection bugs all presenters where having during the entire day. Also I would have preferred to have a monitor in front of me so I could actually hear myself talking in that big room. Personal points for next time: I had a good storyline in my head in advance, that didn’t come out at all. Also I need to channel my personal energy onto stage, I have the feeling that wasn’t really visible. Aka I need to do some more energetic storytelling.

For the people interesting in the presentation it can be found HERE. There’s a video recorded that I will add to this post when it gets published. Luckily there where also a couple of tweets about my sessions so we do already have some pictures.

The art of planning your VMworld sessions

The content catalog for VMworld has opened last week and I already know I marked way to many sessions as favorite for my own good. That’s why I decided on writing a couple of tips to the art of planning your conference. This might help you when the schedule builder opens on July 19th.

Levels

For each session there is a level listed with 100 for beginners, 200 for advanced and 300 for deep dives. My experience is that you might want to take the 200 and 300 levels with a grain of salt sometimes. I have seen deep dives that didn’t get any further than a high level overview but also had advanced sessions that went deeper than deep. Please look at the names of the presenters and check if you can find any old sessions for them to see if they managed to deliver the level the promised back then.

Yes this is my own session, I promise I will dive as deep as possible into those api’s

Workshops

First of all if you want to do any workshops its a case of being lightning fast when they are published to get a spot. Last year most of the workshops were reserved within hours of the schedule builder. Also keep in mind that the expert led hands on labs are mostly nothing different then the regular HOL’s but that there’s someone explaining some extra stuff. Some are unique though like the vCloud Foundation workshop last year where they had real VCF clusters for the students to play with. This is not something that easily done for the regular hol’s.

Regular workshops though will contain live exercises led by an expert that can more or less customize the workshop depending on the audience in the room.

Allow for time between sessions

This has been said before but if you have back to back sessions that are on complete different corners of the conference you will probably not make it. This is something you might only see when you get close to the conference  since rooms will be assigned rather late due to lots of people scheduling them. Thus make sure your schedule will still work when you arrive at the conference itself and when you have a feeling where all rooms are located.

Plan to visit the show floor

If you plan on only visiting the show floor briefly between I can guarantee you that you will be skipping the next session. I always plan a couple of 2-3 hour gaps for the show floor. Don’t expect a lot during the Welcome reception and/or the hall crawl, things will be packed then up to the point that it’s getting really hard to move around. Some of the sessions in the schedule builder are actually on the show floor so don’t get distracted too much when heading out for those.

Don’t plan too many sessions each day

You know that after lunch feeling you have at work or even worse when attending a course? This will probably be worse during VMworld since you will be overloaded with information during the day and parties at night. Personally I kept it to a maximum of four sessions each day or less.

Export your schedule to your personal agenda

While there will be an app released shortly before VMworld it might be handy to track all your appointments and sessions inside your own agenda. This way you can make sure that you have no overlapping between sessions and other activities. In previous years there was always an export function that made this easy.

My Schedule for VMworld EU 2017, or at least one of the versions.

 

 

 

New Horizon API calls in PowerCLI 10.1.1

VMware quietly released a new version of PowerCLI last week: 10.1.1. This release is mainly an update for the Horizon View API’s. This to bring it back on level with the current Horizon release at 7.5. The release notes are not very extensive but it has a fix for some people getting time-outs when connecting to a Connection server  plus a bunch of new api calls.

I have dumped the output from the available api calls into two text files and made a comparison:

Since there’s no update yet in the API explorer I will have to make an educated guess on what the functions do:

DesktopTask

When looking at the available method’s for this call it looks like it has everything to do with Desktop task. But it also can’t do a damn thing without an vmware.hv.desktoptaskid. This will most probably bu retrievable using a query. This is something I will further investigate in the future.

DiagOperation

To be honest I have no idea yet what this one does. I have tried created a VMware.Hv.DiagOperationRequest and tried to send it but got an error that no message queue handler was found. This might be something from Horizon 7.5 since I haven’t updated my lab yet.

GatewayAccessUserOrGroup

This one is easy, it creates, deletes, gets and lists remote access users. You can expect a function for this in the near future since it looks easy to build.

JwtToken

According to my sources this is a SSO token between the flex and html5 clients.

LogonTiming

This obviously is created to pull logon timing as the name suggests. I have put a session ID in a variable but sadly the data is not usable from PowerCLI. WHat it seems to be is the api call the Helpdesk client uses to pull the logon time. I didn’t have the timing profiler turned on initially and neither the helpdesk tool or this call gave my any information. Disconnected sessions also don’t give any information and when reconnected it gives the reconnection time not the initial logontime for when the session started. This is the same behaviour as the helpdesk tool.

Apparently the output is in a json format and for now I doubt if it will be usable in a function.

While the session itself has this information.

NetworkProxyConfiguration

No idea yet why there is a networkproxy configuration in here.

Performance

This gets some performance data using a session id as also visible in the helpdesk tool.

RemoteApplication

Gives per session information on the Skype 4 Business pairing mode.

RemoteAssistantTicket

100% sure related to the remote assistance function in the helpdesk tool.

RemoteProcess

Looks like this one gets some information from a query and then kills the process, will have to dig into it some further later on. This for sure is a function in the helpdesk tool.

ViewClient

Again from the helpdesktool, this gives the client version of a session.

Conclusion

For now I only see the DesktopTask and GatewayAccessUserOrGroup ending up in a function in the vmware.hv.helper. The first one will need some digging on how it exactly works but it has the looks of a usable call. The latter on can be in there pretty fast if I find the time to do so. The other ones

 

Update

Already received some extra information about some calls.

New experimental functions for the vmware.hv.helper on github

While working on my presentation for the 2nd vEUCtechcon event in Utrecht (The Netherlands) on may 28th I have added a list of new functions to the vmware.hv.helper module. While I haven’t had the time yet to clean them up to be proper coded scripts I have decided to already publish them on Github. All of them work but might be missing a feature or two and almost all of them are get-hv* or new-hv* type functions. Since the presentation is all about building an environment I have decided to build the remove parts later on. You might have already seen some screenshots on twitter recently:

Added functions that are not in the official module yet:

  • register-hvvirtualcenter
  • set-hveventdatabase
  • set-hvlicense
  • get-hvlicense
  • new-hvinstantcloneadministrator
  • New-HVRole
  • Get-HVRole
  • Get-HVpermission
  • New-HVPermission
  • Get-HVVirtualcenter
  • Get-HVInstantCloneAdministrator
  • Get-HVPod
  • Set-HVPod
  • Get-HVHomeSite
  • New-HVHomeSite

 

The VMware Labs flings monthly for May 2018

It’s June already, time flies when you are having fun right? This month there have been three new and five updated flings. In the category new there is an ESXi Compatibility checker, DRS Entitlement viewer and the Cellular Module User Space USB Driver on ESXi. In the updated category we have the eternal HTML5 vSphere web client, I/O Analyzer, Desktop WatermarkCross vCenter Workload Migration Utility and last but not least Blockchain on Kubernetes.

ESXi Compatibility Checker

This is a new fling that makes it easier to check if you’re hardware is still supported by VMware. It does require python to be installed.

The ESXi Compatibility Checker is a python script that can validate VMware hardware compatibility and upgrade issues of ESXi.

VMware hardware compatibility and product interoperability need to be validated when new hardware is installed on an existing ESXi or when a VC/ESXi version needs to be upgraded. Unfortunately, it is not a trivial task as the compatibility information is scattered in multiple web pages. The user needs to understand the data and validate them one by one manually. This process is tedious, laborious and often prone to error when done at scale.

This Fling will provide a simple and easy way to collect server and IO device details from ESXi and provide a command line interface to validate their VMware compatibility and upgrade issues. Users no longer need to understand compatibility details or manually compare the dataset to find out compatibility or upgrade issues. The Fling can generate a compatibility report for many ESXi managed by a VC with a simple command.

Changelog

  • first release May 15, 2018 v1.0 – Build 8532763

DRS Entitlement Viewer

This HTML5 client plugin shows entitled resources per VM and resource pool.

DRS Entitlement Viewer is installed as a plugin to the vSphere client. It is currently only supported for the HTML5 based vSphere client. Once installed, it gives the hierarchical view of vCenter DRS cluster inventory with entitled CPU and memory resources for each resource pool and VM in the cluster.

Entitled resources can change with VMs’ resource demand and with the VM’s and resource pool’s reservation, limit and shares (RLS) settings. So, customers can get the current entitlements based on the VMs’ current demand and RLS settings of the VMs and resource pools.

DRS Entitlement Viewer also provides 3 different What-If scenarios,
1. Changing RLS settings of a VM and/or resource pool
2. What-If all the VMs’ resource demand is at 100%
3. Both 1 and 2 happen together

Customers can pick one of the 3 scenarios and can get new entitlements without actually changing RLS settings on the cluster.

Finally, DRS Entitlement Viewer also provides an option to export the new RLS values from a What-If scenario as a vSphere powercli command which customers can execute against their vCenter to apply the new settings.

Changelog

  • First public release May 29, 2018 v1.0.2

Cellular Module User Space USB Driver on ESXi

The Cellular Module User Space USB Driver on ESXi provides you with a driver so you are better able to use a cellular module form ESXi.

IoT is growing rapidly so many users would like to enable ESXi on their IoT devices. Driven by VMware’s virtualization technology, which can help them address some challenges like security issues, fragmentation, multi-tenancy, etc. The reality is that many of those IoT devices have a variety of devices and busses that ESXi does not support. The Cellular Module is one of those devices in the case of IoT. Typically, these devices have to communicate with their own remote management center.

This Fling provides a driver to enable deployment on ESXi on their IoT devices. Note that this driver is running in UserSpace mode. While many widely used IoT Edge Gateways are equipped with a cellular module, ESXi does not have a driver to activate that cellular module. So our cellular module userspace USB driver can enable that hardware module to communicate with a remote cloud server.

Changelog

  • First release May 07, 2018 v1.0

vSphere HTML5 Web Client

The fat client’s already gone, the flash client is on its way out so better get used to the vSphere HTML5 Web Client!

Changelog

Fling 3.38 – Build 8535804

New Features

  • Guest OS User Mappings for VMs
  • Serial port support for VMs
  • Improved search including
    • New redesigned search results page
    • VM search results has filters such as power state, guest os, host, clusters, datacenter
    • Save search

Improvements

  • VM Quick power operations

I/O Analyzer

The I/O Analyzer doesn’t get a lot of updates so you might not have heard of it. Like the names says it’s a very usable tool to test your storage performance.

VMware I/O Analyzer is an integrated framework designed to measure storage performance in a virtual environment and to help diagnose storage performance concerns. I/O Analyzer, supplied as an easy-to-deploy virtual appliance, automates storage performance analysis through a unified interface that can be used to configure and deploy storage tests and view graphical results for those tests. I/O Analyzer can use Iometer to generate synthetic I/O loads or a trace replay tool to deploy real application workloads. It uses the VMware VI SDK to remotely collect storage performance statistics from VMware ESX/ESXi hosts. Standardizing load generation and statistics collection allows users and VMware engineers to have a high level of confidence in the data collected. Please post comments and questions regarding this fling to the I/O Analyzer Community.

Features

  • Integrated framework for storage performance testing
  • Readily deployable virtual appliance
  • Easy configuration and launch of storage I/O tests on one or more hosts
  • Integrated performance results at both guest and host levels
  • Storage I/O trace replay as an additional workload generator
  • Ability to upload storage I/O traces for automatic extraction of vital metrics
  • Graphical visualization of workload metrics and performance results

Changelog

New in version 1.6.2u1

  • Support vSphere 6.5 onward
  • Upgrade to OpenSSL 1.0.2o
  • Hot patch script to live upgrade existing 1.6.2 VMs

Desktop Watermark

Desktop Watermark is a tool that adds a visible or invisible watermark to a VDI Desktop. This can be used for auditing for example.

Changelog

Build 20180510

  • Added support for multiple monitors.

Cross vCenter Workload Migration Utility

I used the Cross vCenter Workload Migration Utility myself this week when I wanted to clone my golden image to the not linked vcenter servers in my lab. Yes it can also clone besides just moving the servers. I might end up putting up a seperate blog post about this.

Changelog

Version 2.0, May 4, 2018

  • Added support to select individual host as the placement target
  • Added support for migrating VMs with shared datastore
  • Added clone functionality in addition to relocate
  • Added resource summary details for placement targets
  • Added a prompt to verify site thumbprint during SSL verification
  • Added a link to refresh vm list in the inventory view
  • Updated REST APIs to add operation type parameter

Blockchain on Kubernetes

Not a blockchain person myself (yet) but this is the former Blockchain on vSphere fling that has been renamed to Blockchain on Kubernetes

Blockchain is an emerging technology which has been gaining traction globally throughout the past few years. Industries like finance, logistics, and IoT are actively working on research and pilot projects using blockchain.

Fabric is a sub project under Hyperledger (a LinuxFoundation project), it is probably the most mature blockchain solution available now for business use cases.

The mission of Blockchain on Kubernetes (formerly named Blockchain on vSphere) is to provide an end-to-end blockchain solution, from IaaS, to Blockchain platform and Blockchain applications. It allows organizations to quickly collaborate and evaluate the new business models and processes by using the decentralized blockchain technology.

By using BoK, blockchain developers can use BoK command line tool or a GUI tool provided by BoK PCF Tile to quickly set up an environment to build and test their blockchain applications.

Changelog

May 3 2018, BoK 2.0

  • Provide a new PCF Ops Manager Tile to deploy Hyperledger Fabric. It supports creating Kubernetes cluster via PKS Tile and deploy Hyperledger Fabric in the Kubernetes cluster.
  • Add a central config file bok.yml to specify all BoK configuration. No more manual code change is needed.
  • Support kafka as consensus mode.
  • Other enhancement for stability.
  • Verified against Kubernetes 1.9.7.

Registering an Instantclone administrator using PowerCLI

Another question Sean Massey asked me if it is possible to register an instant clone domain administrator. This is possible using the instantcloneenginedomainadministrator service with the InstantCloneEngineDomainAdministrator_create method. This needs a spec with the following content:

  • spec (vmware.hv.InstantCloneEngineDomainAdministratorSpec)
    • base (vmware.hv.InstantCloneEngineDomainAdministratorBase)
      • username (string)
      • domain (domainid)
      • password(vmware.hv.securestring)

The password can be created using the same scriptlet I used to register a new vCenter server. The domain ID can actually be gotten by listing all domains using

For now I have created a scripts that requires you to give some details so it can register the instant clone domain administrator. It can also be found on Github but I will also definitively add it to the vmware.hv.helper module.