The VMware Labs flings monthly for September 2019

And yet another month gone, next week I will be in Kopenhagen for Nutanix .Next and the month after that I will be speaking at VMworld Barcelona. Will I see you at either of these two events? Last month one new fling was released:  Kubernetes eXtensible Desktop Client (KXDC) , seven received updates: App Volumes Entitlement Sync, vSphere HTML5 Web Client, DoD Security Technical Implementation Guide(STIG) ESXi VIB, VMware OS Optimization Tool, vSphere Mobile Client, Workspace One UEM Workload Migration Tool, USB Network Native Driver for ESXi and one was marked deprecated: VIB Author.

New releases

Kubernetes eXtensible Desktop Client (KXDC)

The Kubernetes eXtensible Desktop Client (KXDC) is a simple and multi-platform desktop client for Kubernetes (K8S). In the same way the kubectl command requires only a valid kubeconfig file to run commands against a K8S cluster, KXDC requires you just to configure one or more valid kubeconfig files to interact with one or more K8S clusters.

Main features:

  • Support for multiple kubeconfig files.
  • UI-driven interaction with the most frequently used K8S entities.
  • One-click terminal with the proper KUBECONFIG env variable set.
  • Generation of custom kubeconfig files for a given namespace.
  • Highlight sustainability and security-related data.

Updated flings

App Volumes Entitlement Sync

The App Volumes Entitlement Sync fling will read, sync and compare entitlements between various App Volumes instances.

Changelog

Version 2.2

  • Ignore Extra AppStacks on Primary or Secondary Server – these would cause compare to crash
  • Export Primary or Secondary Server Entitlements to XML

vSphere HTML5 Web Client

Do you want to have the latest version of the html5 client? Than you need the vSphere HTML5 Web Client fling!

Changelog

Fling 4.3.0 – Build 14483008
New Features

  • Ability to customize the header color per vCenter to differentiate vCenter servers. Go to Administration -> System Configuration and select the vCenter for which you want to change the header color. If you have more than one vCenter server in linked mode, you can change the color for each of the vCenter servers

Bug fixes

  • Upload OVF files to Content Library

Release Notes

  • vSphere Perspective Management has been removed

DoD Security Technical Implementation Guide(STIG) ESXi VIB

The DoD Security Technical Implementation Guide(STIG) ESXi VIB fling helps in hardening your vSphere environment.

Changelog

Update September 2019

  • New ESXi 6.7 STIG VIB release
  • Updated sshd_config file. Removed protocol 2 setting as it is deprecated. Added “FipsMode yes” setting. Updated Ciphers and MACs for newer version of OpenSSH
  • Removed /etc/issue and /etc/pam.d/passwd files from VIB as those settings can be set via advanced settings now
  • Note – This VIB is based on draft STIG content! It is recommended to use this over the previous 6.5-7 STIG VIB

VMware OS Optimization Tool

The VMware OS Optimization Tool or OSOT in short is one of the best tools around to optimize your VDI image before publishing a desktop or rds host.

Changelog

September, 2019, b1110

  • New Common Options button – Allows you to quickly choose and set preferences to control common functionality. These would normally involve configuring multiple individual settings but can now be done with a single selection through this new interface
  • Split Windows 10 into two templates to better handle the differences between the versions; one for 1507-1803 and one for 1809-1909
  • Improved and new optimizations for Windows 10, especially for 1809 to 1909.

Updated and changed template settings for newer Windows 10 versions to cope with changes in the OS, registry keys and functionality:

  • Move items from mandatory user and current user to default user
  • Add 34 new items for group policies related to OneDrive, Microsoft Edge, privacy, Windows Update, Notification, Diagnostics
  • Add 6 items in group of Disable Services
  • Add 1 item in group of Disable Scheduled Tasks
  • Add 1 item in group of Apply HKEY_USERS\temp Settings to Registry
  • Add 2 items in group of Apply HKLM Settings
  • Removing Windows built-in apps is now simplified. Removes all built-in apps except the Windows Store.

Numerous bug and error fixes:

  • Reset view after saving customized template
  • Unavailable links in reference tab
  • Windows Store is unavailable after optimizing
  • Start menu may delay after optimizing
  • VMware Tools stops running after optimizing
  • Analysis Summary Graph is cropped

vSphere Mobile Client

Personally I think a phone screen is too small but this was one of the most asked questions the last few years: when can we manage vSphere from our phones? Well now you can with the vSphere Mobile Client fling.

Changelog

Version 1.5.0

New features

  • Direct connections to the ESXi hosts are now supported
  • Host can now be put in maintenance mode

Improvements

  • Going back from the details pages would not refresh the VM list
  • Improvements to how we indicate the user is in focused mode
  • Cluster card now shows issues, DRS, HA and number of vMotion events
  • Host card now shows issues, number of VMs, uptime and connection status

Bug Fixes

  • Removing a bookmark when in focused mode removes the item from the list too

Workspace One UEM Workload Migration Tool

With the Workspace One UEM Workload Migration Tool it’s easy to move devies and applications between WS One UEM environments.

Changelog

Version 2.0.0

  • Baseline Migration Support
  • MacOS application
  • UI refactoring to make bulk migrations easier
  • Added support for script detection with Win32 applications

USB Network Native Driver for ESXi

For the USB Network Native Driver for ESXi fling we need to thank WIlliam Lam I guess. For me it at least seems like he is the driving factor behind this fling.

Changelog

September 27, 2019 – v1.2

  • Added support for Aquantia Multi-Gig (1G/2.5G/5G) USB network adapter (see Requirements page for more details)
  • Added support for Auto Speed/Connection detection for RTL8153/RTL8152 chipsets

ESXi670-VMKUSB-NIC-FLING-28903484-offline_bundle-14722970.zip
ESXi650-VMKUSB-NIC-FLING-28903792-offline_bundle-14722993.zip

New Horizon API explorer posted (new queries!)

While watching the VMworld US 2019 video of Sean Massey presenting about getting started with the Horizon API’s I decided to check if the API explorer has been updated. To my surprise it was and it is good to see that several queries have been added besides the method’s that I previously found.

The new queries that I found are:

  • DesktopAssignmentView
    • Description:
      • Desktop id + Desktop assignment data which will include desktop pool information, operation system, global entitlement.
  • DesktopHealthInfo
    • Description:
      • Desktop health Information. This data will be populated only for the desktops which support application remoting.
  • GlobalEntitlementSummaryView
    • Description:
      • Summary information about Global Entitlements.
  • MachineSummaryView
    • Description:
      • This View includes summary data of all entities related to this Machine

So the DesktopAssignmentView seems to give a lot of similar data to what the DesktopSummaryData query already gives. They both give global entitlement data plus user assignment data. The big difference is that it gives way more detailed information about the desktop pool itself like vGPU settings. The names should have been DesktopInfo in my opinion.

Desktophealthinfo is created for the new Windows 10 App remoting and the monitoring for that. The globalentitlementsummaryview and machinesummaryview are linked to GlobalEntitlementInfo and MachineDetailsView from which they give a subset of data.

I hope to have a new blog post soon with more detailed information of what the new method’s and queries will bring but I wanted to update you with the fact that the api explorer has been updated as soon as possible.

Generating a clean Host Profile using PowerCLI

First of all: I love Host Profiles! But they’re easy to mess up as well, leave something selected related to hardware and an update in ESXi, vib’s or even a firmware update might break it. For a customer where we are going to do the entire vSphere build from scratch I got the idea to generate an empty Host Profile and extend that one using scripting. At first I though this would be an easy thing but it definitely isn’t, a reply from PowerCLI guru Luc Dekens at the VMware{Code} forums set me on the right path to do so. Luc’s remark that editing Host Profiles might take some reverse engineering for the lack of documentation is a huge understatement. It has cost me many many hours to build the script below.

I strongly recommend having the reference host as clean as possible.

These are the steps the script takes

  1. connect to vCenter
  2. extract a new Host Profile
  3. Gets the new Host Profile
  4. Copies all members of the new Host Profile to an object that can be edited
  5. Sets everything that I could find in my environment to false
  6. Updates the Host Profile with the edited object

Required parameters

  • vCenter
    • Your vCenter host
  • Referencehost
    • the name of the host in vCenter
  • Hostprofilename
    • Name for the Host Profile

There are also a couple of optional parameters:

  • dnshost
    • It’s mandatory to have a DNS set in the defaulttcpipstack. With this parameter you can change this.
  • domainname
    • Like DNS it’s mandatory to have a domainname set in the defaulttcpipstack. With this parameter you can change this
  • Cleanup
    • This one defaults to false but can be set to true. It will remove all NFS Datastores, vmkernel ports, portgroups, device aliases and direct i/o profiles.
    • Use this one with care, if you apply it to a host it will most probably remove all networking details for that host making it unusable.

This is how a manual extracted Host Profile looks

This is how a Host Profile looks after using my script without the cleanup option, everything is deselected but the device aliases for example are kept.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname

And this is how it looks with the cleanup used.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname -cleanup $true

The script itself can be found on Github as well:

#-------------------------------------------------
# Generates a clean Host Profile
#
# Build using PowerCLI 11
#
# Version 1.0
# 17-08-2019
# Created by: Wouter Kursten
# Website: https://www.retouw.nl
#
#-------------------------------------------------

param(
[Parameter(Mandatory=$true)][String]$Hostprofilename,
[Parameter(Mandatory=$true)][String]$vcenter,
[Parameter(Mandatory=$true)][String]$referencehost,
[Parameter()][String]$dnshost,
[Parameter()][String]$domainname,
[Parameter()][bool]$Cleanup = $false
)

# I grabbed this function somewhere from an example by Luc Dekens
function Copy-Property ($From, $To, $PropertyName ="*"){
    foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName){
        trap {
            Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force
            continue
        }
    $To.$($P.Name) = $From.$($P.Name)
    }
}

#connect to the vCenter
connect-viserver $vcenter

# This deletes any existing Host Profile with the same name as we're using in this script
get-vmhostprofile -name $Hostprofilename  -ErrorAction SilentlyContinue | Remove-VMHostProfile -Confirm:$false

# This creates a new Host Profile from the referencehost
new-vmhostprofile -name $Hostprofilename -referencehost $referencehost

# Retrieves the newly created Host Profile
$hp = Get-VMHostProfile -Name $Hostprofilename

# Creates the spec where the cleanup is done
$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

# Copies all properties of the new Host Profile to the spec
Copy-Property -From $hp.ExtensionData.Config -To $spec

# This removes everything that could be specific to the referencehost
if ($cleanup -eq $true){
    $spec.ApplyProfile.Network.Vswitch=$null
    $spec.ApplyProfile.Network.VMportgroup=$null
    $spec.ApplyProfile.Network.HostPortGroup=$null
    $spec.ApplyProfile.Network.pnic=$null
    $spec.ApplyProfile.Storage.NasStorage=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*DeviceAlias*"}).profile=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*PCI*"}).profile.property.profile=$null
}

# From here it's just disabling of items except for:
# -items under storage> PSA Configuration (profiles are removed)
# -Properties of the fixed DNS config (set to the default values from this scripts parameters)
$spec.ApplyProfile.Datetime.Enabled=$False
$spec.ApplyProfile.Authentication.Enabled=$False
$spec.ApplyProfile.Authentication.ActiveDirectory.Enabled=$False

foreach ($o in $spec.applyprofile.Option){
    if ($o.Enabled){
        $o.Enabled=$False
    }
}

foreach ($p in $spec.ApplyProfile.Property.Profile){
    if ($p.Enabled){
        $p.Enabled=$False
    }
    foreach ($pa in $p.Property.Profile){
            if ($pa.Enabled){
                $pa.Enabled=$False
                }
        foreach ($paa in $pa.Property.Profile){
                if ($paa.Enabled){
                    $paa.Enabled=$False
                }
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Nasstorage){
    if ($s.Enabled){
        $s.Enabled=$False
    }
    foreach ($sa in $s){
        if ($sa.Enabled){
            $sa.Enabled=$False
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Property.Profile){
    if ($s.Enabled){
        $s.Enabled=$False
    }

    if ($s.ProfileTypeName -eq "psa_psaProfile_PluggableStorageArchitectureProfile" -AND $cleanup -eq $true){
        foreach ($sa in $s.property){
            if ($sa.propertyname -like "*psa_psaProfile_PsaDevice*"){
                [email protected]()
            }
        }
    }
    foreach ($sa in $s.Property.Profile){
        if ($sa.Enabled){
            $sa.Enabled=$False
            }
        foreach ($saa in $sa.Property.Profile){
            if ($saa.Enabled){
                $saa.Enabled=$False
            }
        }
    }
}

foreach ($f in $spec.ApplyProfile.Firewall.ruleset){
    if ($f.Enabled){
        $f.Enabled=$False
    }
}

foreach ($n in $spec.ApplyProfile.Network.vswitch){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.link){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NumPorts){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.pnic){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.VmPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.HostPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.IpConfig){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.Property.Profile){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n.Property.Profile){
        if ($na.Enabled){
            $na.Enabled=$False
            }
        foreach ($np in $na.policy.policyoption){
            if ($np.id -eq "FixedDnsConfig"){
                foreach ($npp in $np.parameter){
                    if ($dnshost){
                        if ($npp.key -eq "address") {
                            [string[]][email protected]($dnshost)
                            $npp.value=$dnsarray
                        }
                    }
                    if ($domainname){
                        if ($npp.key -eq "domainName"){
                            $npp.value=$domainname
                        }
                    }
                }
            }
        }
        foreach ($naa in $na.Property.Profile){
            if ($naa.Enabled){
                $naa.Enabled=$False
            }
            foreach ($naaa in $naa.Property.Profile){
                if ($naaa.Enabled){
                    $naaa.Enabled=$False
                }
            }
        }
    }
}


(Get-VMHostProfile $Hostprofilename).ExtensionData.Updatehostprofile($spec)
disconnect-viserver $vcenter -confirm:$False

And yes that’s a lot of foreach’s.

 

 

I have been named EUC Champion for 2019!

A couple of weeks ago I was informed that I would be awarded the EUC Champion for the second time.  The EUC Champions program grew from 35 to 42 and you can find all of us over here: https://www.vmware.com/euc-champions/current-champions.html As you can see in that list my very good friend and vmug stage buddy Hans Kraaijeveld was also awarded the EUC Champion title as well into this EUC elite group of people.

So what are the EUC Champions?

What is the EUC Champions program?
EUC Champions is an experts-only program that provides a forum for the EUC community and VMware EUC product teams to share industry trends, new product information and ideas through in-person meetings, networking events, industry conferences and webinars.

This is the official statement but there is more. We also have access to dedicated EUC Champions Slack channels at the VMware slack with direct contact to some of the EUC product teams. Also the knowledge sharing between each other has been awesome in my opinion. Plus we get to test some flings that Andrew Morgan created that might or might not be released at https://labs.vmware.com/flings

Do you also think you have it to become an EUC Champion? You can find more info at https://www.vmware.com/euc-champions.html

What did I do to become an EUC Champion? Well it’s my blogging over here but certainly also presenting at vmug’s about EUC related things.

 

The VMware Labs flings monthly for June 2019

Wow there are already six months gone in 2019. Both my kids passed passed their schoolyears and this month there have been three new fling releases and four that have received updates. The new ones are: vSphere Mobile Client, Workspace ONE UEM SCIM Adapter and FlowGate. The ones that received updates are USB Network Native Driver for ESXi, HCIBench, IOBlazer and the Horizon DaaS Migration Tool.

New Releases

vSphere Mobile Client

I already posted a short blog about this fling over here.

vSphere Mobile Client enables administrators to monitor and manage vSphere infrastructure directly from any mobile device. Whether you want to check on the current or historical resource consumption; you want to get notifications on long running tasks; or you want to check the currently running tasks – the vSphere Mobile Client is there to help.

Features

  • VM overview: Review the status of your VMs including state (powered on/off), resource usage and configuration information
  • VM management: Change the power state of a VM or restart it. Locating the virtual machine to operate on can be done through search.
  • Task monitoring: Subscribe to any running task and receive a notification on your mobile device upon task completion, even when your device is in-active or you have another application running on the foreground.
  • Performance charts: Monitor the resource usage of a VM in real time or a day, week, month or year back. Counters include CPU, Memory, Storage and Network.

NOTE: vSphere Mobile Client is currently available for Android and iOS devices and vCenter 6.0+ deployments. Check the “Requirements” tab for more details. Access to vSphere infrastructure may require a secure access method such as VPN on a mobile device.

This is a technical preview release and as such it only has a limited subset of the intended functionality. The team would be releasing updates with new features regularly, but our main task is to gather feedback so please do not hesitate to reach out to us.

Workspace ONE UEM SCIM Adapter

Workspace ONE UEM SCIM Adapter provides SCIM user/group management capabilities to Workspace ONE UEM. The middleware translates the System for Cross-Domain Identity Management, SCIM, to a CRUD REST framework that Workspace ONE UEM can interpret. This capability allows Workspace ONE UEM to synchronize cloud-based identity resources (users/groups/entitlements) without the need for an LDAP endpoint (service to service model). Examples include Azure AD, Okta, and Sailpoint.

Flowgate

The Flowgate fling is all about linking IT & Facility systems with each other.

In enterprise data centers, IT infrastructure and facility are generally managed separately, which leads to information gaps. Collaboration between facility and IT infrastructure systems are limited or manual, and virtualization adds more complexity.

The goal of Flowgate is to make facility awareness in IT management system and make IT operations management and automation better on high availability, cost saving and improved sustainability, with more information on power, cooling, environment (e.g. humidity, temperature) and security.

Built-in adapter for multiple DCIM and CMDB system integration:

  • Nlyte
  • PowerIQ
  • Infoblox
  • Labsdb
  • IBIS(TODO)
  • Pulse IoT Center (TODO)
  • Open for other facility system integration

Built-in adapter for multiple IT stack systems:

  • vCenter Server
  • vRealise Operation Manager
  • Open for other IT stack integration. More systems will coming soon.

 

  • UI based Integration process: One click integration.
  • Role based access control: API level access control support.
  • RESTFul API support: Provide unified facility information querying services. APIs for all operations and data query make it easy to integrate with other systems.

Updated flings

USB Network Native Driver for ESXi

Are you building an awesome homelab but received some funky USB Network adapters? The USB Network Native Driver for ESXi might just have the correct drivers for you.

Changelog

June 17, 2019 – v1.1

  • Added support for 9 additional USB NIC devices including USB 2.0 RTL8152 & TPLINK (see Requirements page for complete list)
  • Added support for Jumbo Frames (up to 4K) for RTL8153 & AX88179
    ESXi670-VMKUSB-NIC-FLING-24524132-offline_bundle-13958648.zip
    ESXi650-VMKUSB-NIC-FLING-24599816-offline_bundle-13964320.zip

HCIBench

HCIBench is one of two benchmarking utilities that received an update.

Changelog

Version 2.1

  • Switched UI to dark theme
  • Redesigned VMDK preparation methodology, which can complete much faster using RANDOM on deduped storage
  • Added VMDK preparation process update
  • Added Graphite port check into prevalidation
  • Added vCenter/Host password obfuscation
  • Added “Delete Guest VM” button
  • Fixed Grafana display issue
  • Fixed FIO blank results issue
  • Bug fixes
    MD5 checksum of HCIBench_2.1.ova: d37e6f164ed962a6e7ccbe104ba9eaec

IOBLazer

It looks like the IOBlazer fling was first released in 2014(!!!!) as a tool to benchmark all kinds of storage systems. Since I haven’t posted about it here yet let me give you the overview:

IOBlazer is a multi-platform storage stack micro-benchmark. IOBlazer runs on Linux, Windows and OSX and it is capable of generating a highly customizable workload. Parameters like IO size and pattern, burstiness (number of outstanding IOs), burst interarrival time, read vs. write mix, buffered vs. direct IO, etc., can be configured independently. IOBlazer is also capable of playing back VSCSI traces captured using vscsiStats. The performance metrics reported are throughput (in terms of both IOPS and bytes/s) and IO latency.

IOBlazer evolved from a minimalist MS SQL Server emulator which focused solely on the IO component of said workload. The original tool had limited capabilities as it was able to generate a very specific workload based on the MS SQL Server IO model (Asynchronous, Un-buffered, Gather/Scatter). IOBlazer has now a far more generic IO model, but two limitations still remain:

  1. The alignment of memory accesses on 4 KB boundaries (i.e., a memory page)
  2. The alignment of disk accesses on 512 B boundaries (i.e., a disk sector).

Both limitations are required by the gather/scatter and un-buffered IO models.

A very useful new feature is the capability to playback VSCSI traces captured on VMware ESX through the vscsiStats utility. This allows IOBlazer to generate a synthetic workload absolutely identical to the disk activity of a Virtual Machine, ensuring 100% experiment repeatability.

Changelog

Updates in IOBlazer 1.01:

  • Added configurable IO alignment
  • Increased the robustness of the trace file parser in the face of spurious lines
  • Increased the robustness of the build process by automatically detecting target OS and arch within the Makefile
  • In the Windows version, changed the raw access mode from volume to physical drive to avoid unnecessary mount/unmount operations at every test run.

Horizon DaaS Migration Tool

The Horizon DaaS Migration Tool is for the Horizon DaaS providers to migrate their customers to the latest version of Horizon DaaS.

Changelog

Version 2.1.0

  • Fix for the bug on “Requested Capacity” at the pool/assignment summary page showing inappropriate values.
  • Intelligently handling import of new VMs skipping previously imported VMs.

[API]Resetting Desktops

This is the first post in a series of shorts that I will be posting about various methods that you can use with the VMware Horizon API’s. This time it will be about resetting desktops. When looking at the API Explorer you’ll see that there are two ways do do this from the machine service.

So the first is for a single VDI desktop and the latter for multiple.

First we need to get a list of vm’s I will be using the machines in pod1pool02 as victims for this post.

$queryservice=new-object VMware.Hv.QueryServiceService
$defn=New-Object VMware.Hv.QueryDefinition
$defn.QueryEntityType="MachineNamesView"
$filter=new-object VMware.Hv.QueryFilterContains
$filter.MemberName='base.name'
$filter.Value="Pod1Pool2"
$defn.filter=$filter
$results=($queryservice.QueryService_Query($services1, $defn)).results

with this result:

From this we’ll make a variable with all of them and one with a single one

$singlevm=$results | select-object -first 1
$multiplevms=$results

Before I will reset the single VM I will show the state of all the vm’s.

($queryservice.QueryService_Query($services1, $defn)).results.base.basicstate

And now let’s reset the vm.

$services1.machine.machine_reset($singlevm.id)

Since this is an instant clone you’ll see provisioned and not reset. Now let’s reset the rest as well.

$services1.Machine.Machine_ResetMachines($multiplevms.id)

And this method will work for all managed vdi desktops full, linked or instant clones.

The VMware Labs flings monthly for March 2019

We’re already into April that means it’s time for the flings update for March. There have been 3 updates and two new flings. I already have a blogpost about one of the updated flings: The Horizon Helpdesk Utility. The new flings are: Identity Manager Migration/Backup Tool and Physical Desktop as a Thin Client. The updated ones are: vSAN Hardware Compatibility List Checker, vSphere HTML5 Web Client and as said earlier the Horizon Helpdesk Utility.

New Releases

Physical Desktop as a Thin Client

Personally I don’t see the added value for this fling since there are already plenty of products that provide the functionality and you can even do it yourself with gpo’s. (and the logo is outdated as well)

A thin client is a stateless, fanless desktop terminal that has no hard drive. Thin clients provide businesses a cost-effective way to access virtual desktop infrastructures (VDI). To simplify the operation steps to access VDI, some features are embedded in thin clients.

For example:

  • Launch the RDP client default
  • Hide desktop/task bar
  • Disable system options to prevent user using other applications

And so on

This Fling will convert physical desktop as a thin client. It will restrict end-users’ behaviors when users log into physical desktops. After user logged in, Horizon view client will be launched automatically and other applications are forbidden to switch. Physical desktop will log off automatically once user exit Horizon view clients.

Identity Manager Migration/Backup Tool

The Identity Manager Migration/Backup Tool helps you in migrating vIDM settings between environments.

Identity Manager Migration/Backup Tool automates the process of exporting or importing applications and entitlements from one Identity Manager instance to another. If entitlements exists, they will also be backed up to an XML file. This Fling uses Identity Manager API’s for Export, Import, Delete and applying entitlements.

Updated flings

vSAN Hardware Compatibility List Checker

With the vSAN Hardware Compatibility List Checker you can check easily if you’re hardware is supported for VSAN.

Changelog

Version 2.1

  • Fixed the bug that firmware version of some controllers can’t be fetched

Version 2.0

  • Add 3 new checks
  • Controller is VMware certified for ESXi release
  • Controller driver is VMware certified
  • Controller firmware is VMware certified
  • Update HTML report format
  • Bug fixes

vSphere HTML5 Web Client

Nuf said about this one.

Changelog

Fling 4.1.0 – Build 12518617
New Features

  • Hiding VMs in Hosts and Clusters view – A very popular desktop client feature is brought into the vSphere HTML5 client where you can go to User’s menu, select My preferences and Inventory tab from where you can show/hide VMs in Hosts and Clusters view by selecting the checkbox.
  • User’s menu -> My preferences will have additional preference options like Language, Time Zone, Console and Inventory
  • Developer Center now has API Explorer tab listing all the REST APIs exposed by vSphere SDK.
  • New layout for the feedback tool and feedback tool can be invoked even when a dialog is open on the screen. This enables taking the screenshot of the client including the dialogs. Also, feedback tool now has the ability to add screenshots, this will help you compare the features between different clients and upload the screenshots.

Improvements

  • We added the support back to 6.0 vCenters to the fling. You can now point vSphere HTML5 client fling v4.1 to 6.0 or 6.5 or 6.7 version of vCenter servers.
  • License expiration notification now is increased from 60 to 90 days and includes all the licenses
  • Evaluation License is now shown in the licenses list
  • Sorting and Filtering by License Expiration date in the Licenses list

Known Issues

  • New layout of the feedback tool has issues in the Firefox browser, so you will see old feedback tool in that browser.
  • There are some areas where feedback tool might not capture the screenshot of the dialog, like VM edit settings.

Horizon Helpdesk Utility

For a more complete overview of the Horizon Helpdesk Utility fling so the link I posted in the intro to my previous blogpost.

Changelog

Version 1.3.3.1

  • Removed machine listings from session view (overkill)
  • Improved Environment view to include metrics on all connected infrastructure:
    • vSphere
    • Hosts
    • Datastores
    • Remote Pods
    • Events
    • Problem Machines
  • Added repeated queries for logon breakdown if missed on first instance
  • Added event query support for logon breakdown
  • Added events view for Farm and Desktop pools
  • Added inbuilt find / search to users / machines in pool views
  • Added support for multiselect in pool / farm views
  • Added graph / chart views of machines / sessions and problem machines on the environment overview
  • Added a pod switcher to the environment overview
  • Added a global search to the environment overview
  • Added support for Pod Jumping.
    • the ability to jump to a pod on demand
    • the ability to jump to a pod a session belongs to
  • Added support for an architecture view of Desktop Pools
  • Added support for an architecture view of Farms
    • Enhanced view of servers load evaluator value
  • Added bulk user tasks via pool or farm views:
    • Bulk messaging
    • Bulk log off
    • Bulk disconnect
    • Bulk reset
    • Bulk restart
  • Added support for a local pod view (AKA environment view):
    • Connection servers
    • Farms
    • Desktop pools
  • Added documentation (finally)
  • Added MSI installation support
  • Added a start time column to user sessions (this will persist as a preference)

vExpert 2019? check! Why does it matter for me?

Last week whilst on holiday in Disneyland Paris I received the email every aspiring and existing vExpert was waiting for.

This means that for the fourth consecutive year I have been named a vExpert.

What is a vExpert? (or any other community award like NutanixNTC)

Per the vExpert site the criteria for becoming a vExpert are:

If you are interested in becoming a vExpert the criteria is simple. We are looking for IT Professionals who are sharing their VMware knowledge and contributing that back to the community. The term “giving back” is defined as going above and beyond your day job. There are several ways to share your knowledge and engage with the community. Some of those activities are blogging, book authoring, magazine articles, CloudCred task writing, active in facebook groups, forum (VMTN as well as other non VMware) platforms, public speaking, VMUG leadership, videos and so on.

I totally agree on the above description, for me a real vExpert shares knowledge in one of many ways. But blogging, speaking, tweeting, podcasting, writing isn’t the only way. We answer questions online and offline and if we don’t know the answer than we have an awesome backstop to ask questions called the vCommunity. Is it technical only you might ask? Absolutely not! I have seen hundreds of job changes by now because of the vCommunity. People were helped with personal issues, hell even home deco tips and tricks are shared. I think it’s just in our nature to help one another.

Yes it’s also about advocacy but the sharing of information is all voluntary. Do you want to tweet or blog about stuff? No-one will force you but they do appreciate it if you share news.

One things advocacy program members are also good at is providing feedback. Not only to the software vendor but if you want some feedback about a possible blog post, presentation idea, news item or piece of hardware most of us will give you that feedback. Just be prepared because we can be brutally honest if it sucks!

But there are over 1700 vExperts, is it about quantity or Quality?

This is a point where I personally disagree on how the program is run. I have the idea that they want to grow just to grow and for me the selection criteria could be tightened quite a bit. I value growing but please do it by adding quality. If you look at smaller programs like some of the vExpert subprograms or others like the VMware EUC Champions or Nutanix NTC’s they are most times better managed, get more briefings, nda information and events. Not that the vExpert program is managed badly or doesn’t have an awesome party at VMworld but things just get more complicated at this scale.

But does the program still matter to you?

It certainly does! Through the vExpert program I have managed to grow personally and professionally but also made boatloads of friends online and offline. All the extra’s like licenses, swag and things like that are fun but nothing is as good as knowing you have some great people who are always happy to help you in any way possible!

I want in too, how do I become a vExpert?

Currently the sign ups are closed but until they open again (probably somewhere in June) you can start doing some things already:

  • Start a blog, most people do it as their own knowledge base. Write about what you experienced at work or a customer so you won’t forget it for next time.
  • Get a twitter account, follow a bunch of people and interact with them.
  • Help others out in places like VMTN, Reddit.
  • Present at a vmug or at your employer about things that could be interesting to others. This could be as basic as explaining how your homelab is setup.

If you need help or feedback on your blog or need help on how to build your presentation I am always happy to provide my 2 cents.

When the sign ups are opened again contact your local vExpert pro with how to tackle the application form. You can also ask me or any other vExpert you might know personally.

The VMware Labs flings monthly for November 2018

The year’s almost over but for me it feels like it just got started, how does it feel for you? Time certainly flies! This month there was one new fling: vSphere PKS Plugin and five have received updates: Workspace ONE UEM Profile Migration UtilityHCIBenchESXi Embedded Host ClientCross vCenter Workload Migration Utility and Workspace ONE Configuration Tool for Provisioning.

New

vSphere PKS Plugin

The vSphere PKS Plugin provides a user interface for managing and monitoring Kubernetes cluster deployments for the PKS platform. Using the vSphere PKS Plugin you can view details about your Kubernetes clusters, including master and worker nodes as well as networking configuration.

Features

The vSphere PKS Plugin:

  • Provides a graphical interface to visualize the Kubernetes clusters deployed and managed by PKS
  • Provides visibility into underlying infrastructure such as VMs, network objects and storage objects that are created when a Kubernetes cluster is deployed in a vSphere environment
  • Provides a centralized launch point for viewing components deployed with the Kubernetes cluster, including nodes and network objects such as routers, logical switches, load balancers
  • Provides a simple user interface to get easy access to the cluster using the kubectl interface and the cluster Dashboard

Updated

Workspace ONE UEM Profile Migration Utility

The Workspace ONE UEM Profile Migration Utility helps  in moving profiles between various WS One UEM Consoles.

Changelog

Version 1.6

  • Added a log file for more advanced troubleshooting and auditing. A new file in the folder called: WS1UEM-Profile-Migration-Utility-log.txt
  • Added logic to ensure the user has to hit Review button before Create
  • Fixed a bug where the Status wouldn’t clear if selecting a new Profile therefore the user was unable to tell if the new Create Profile was successful

HCIBench

The HCIBench is a Hyperconverged Infrastructure Benchmark build around VDbench.

Changelog

Version 1.6.8.1

  • Fixed regression when datastore is in the datastore folder
  • Avoid checking connection to host directly and use tvm deployment instead
  • Added Vdbench version check in summary script

Version 1.6.8

  • Added resource pool and VM folder fields for VMC environment
  • Fixed easy-run disk size issue
  • Enhanced pre-validation error message handling
  • Changed the names of network interface from “Public Network” to “Management Network”, and “Private Network” to “VM Network”

ESXi Embedded Host Client

While the ESXi embedded host client has been officially released for 5.5, 6, 6.5 and 6.7 the fling gets all the latest updates.

Changelog

Version 1.32.0 build 10692217 (Fling 22) – November 2, 2018

  • Import / Export
    • Iso files and nvram files can now be exported and imported (if suppored by the esx version)
    • Files can be individually selected when exporting
    • All advanced vm config options are exported by default
    • Several bug fixes related to the export wizard
  • General
    • Permissions previews now display correctly
    • Support Bundles are now generated on the fly
    • Domain user functionality has been restored
    • Fibre Channel WWNs are displayed in hex

Cross vCenter Workload Migration Utility

If you want to use a gui to move vm’s between different vCenter servers than the Cross vCenter Workload Migration Utility is the tool to use.

Changelog

Version 2.5, November 5, 2018

  • Remember registered site information (without password)
  • Easily retry a previously attempted task in case of failures
  • Search box for keyword filtering of migration task history
  • Option to clear task history by removing completed tasks
  • Added documentation and other links under the help menu
  • Partial fix for an issue related to duplicate network names

Workspace ONE Configuration Tool for Provisioning

The Workspace ONE Configuration Tool for Provisioning assists in building unattend.xml configuration files that can be used by Dell (or others when more provide the service) when delivering systems from the factory to set them up for your environment.

Changelog

Release Update – Version 2.0.0

Improvements

  • The version number is shown in the window title
  • The version number is shown as a comment in the generated XML
  • The product key is now validated to conform with the 11111-11111-11111-11111-11111 pattern
  • Split the locale settings into ‘Operating System Language’, and ‘Region and Keyboard Settings’.
  • ‘Operating System Language’ maps to the language of the operating system installation media, and ‘Region and Keyboard Settings’ maps to the locale settings available to the user during OOBE
  • ‘Operating System Language’ is now a required field as it is needed for certain customizations, such as adding a user to the administrators group
  • Removed the ability to set a custom computer name. The computer name now defaults to ‘*’, which causes the Windows OS to generate a random name, taking up to seven characters from the ‘Registered Organization’ field plus eight random characters. This change makes sure every computer has a unique name on the network.
  • The ‘Auto Admin Logon’ feature is no longer selectable. Instead, it will be activated when it is required by the deployment scenario.
  • All deployment scenarios now allow for the creation of a local user.
  • Moved the node from the ‘oobeSystem’ pass to the ‘specialize’ pass
    to be consistent with the node

Bug Fixes

  • Auto Admin Logon would only work with an unattend XML generated for an en-US installation image
  • Enabled the ASSIGNEDTOLOGGEDINUSER=Y flag to enable the WS1 agent to correctly enroll the user in the ‘Workgroup’ deployment scenario
  • Fixed an issue where the ‘Show Privacy Settings’ option would have no effect

The VMware Labs flings monthly for July 2018

It’s been a busy month in the world of flings all of the flings except for one on the first page are new or updated ones. This means there are five(!) new ones and six(!) have received an update. The new ones are: Policy BuilderSDDC Certificate ToolvAssist.ai NLP PlatformWorkspace ONE UEM Samsung E-FOTA Tool and the Horizon Helpdesk Utility that I wrote yesterday about. The ones that received an update are: Cross vCenter Workload Migration Utility,  Blockchain on KubernetesHCIBenchESXi Embedded Host ClientvSphere HTML5 Web Client and last but not least the VMware OS Optimization Tool.

The new releases

Policy Builder

The policy builder is an hosted fling that helps the user to create custom MDM policies for Workspace UEM (former Airwatch)

Official summary:

This cloud hosted Fling helps users with custom Mobile Device Management (MDM) policy generation that use MDM capabilities available through Microsoft’s Windows 10 MDM Configuration Service Providers (CSPs).

Note: On login with My VMmware credentials, the tool provides an easy to use form based UI that allows the Windows 10 admin to simply enter the required values for the policies and auto generates corresponding syncML that can be copied to publish through Workspace ONE Unified Endpoint Management.

This tool greatly reduces the effort of hand rolling syncML and the possibility of code and formatting errors when creating or managing custom settings profiles through Workspace ONE UEM.

SDDC Certificate Tool

The SDDC Certificate Tool is an automated process that replaces all certificates in a SDDC for you. This normally can be a lengthy process but should be a breeze with this fling.

Official summary:

Replacing SSL certificates across VMware products is a manual and time-consuming process. The SDDC Certificate Tool automates this workflow and makes it easy to keep certificates across your SDDC up to date. It will replace all certificates in the supported products and reestablish trust between the components.

Supported Products

  • VMware Platform Services Controller (PSC)
  • VMware vCenter Server (VC)
  • VMware NSX for vSphere (NSX)
  • vRealize Log Insight (vRLI)
  • vRealize Operations Manager (vROps)
  • vRealize Automation (vRA)
  • vRealize Business for Cloud (vRB)
    More about this Fling: New SDDC Certificate Replacement Fling by William Lam

vAssist.ai NLP Platform

Not my cup of tea but this fling is supposed to be an example where you can talk against vRealize Automation.

Official summary:

vAssist.ai, a Natural Language Processing (NLP) platform, enables bot developers to train machine learning models for intent classification and entity extraction. This platform is available as a SaaS model which exposes easy-to-use REST APIs to train and parse natural language inputs. It also provides a multi-tenant user interface dashboard which can be used to annotate and visualize training data expressions and train machine learning models in the cloud.

VMware customers who are serious about building conversational interfaces can benefit from this platform. With this Fling we trained a sample model for vRealize Automation. Users can chat with the test bot to query available catalog services and initiate a provisioning request in a natural, conversational way. Please note that we are using a sample internal environment for vRealize Automation.

Features

  • NLU Engine for Intent and entity extraction
  • Customizable NLU pipeline
  • Rule based and ML based Conversation Engine
  • Privacy of the data
  • Scalable and Fault Tolerant
  • REST APIs exposed for integration with multiple channels and platforms

Workspace ONE UEM Samsung E-FOTA Tool

The Workspace ONE UEM Samsung E-FOTA Tool is a fling for Workspace One UEM to add some extra functionality for Samsung devices.

Official summary:

The Workspace ONE UEM Samsung E-FOTA Tool is designed to add to the existing abilities of AirWatch’s Samsung E-FOTA implementation. These new abilities include scheduling a firmware/OS update in a targeted window. This feature is dependent on the existing abilities within AirWatch which enroll the MDM into Samsung E-FOTA and push profiles to enroll the device into Samsung E-FOTA. Users should use this tool along with the information gathered from the Workspace ONE UEM console. The information can then be used to make an API command to schedule the firmware/OS update to your Samsung devices.

Horizon Helpdesk Utility

Like I said yesterday the Horizon Helpdesk Utility is how the original Horizon View Helpdesk Tool should have been. Please read yesterdays;s post for more information and screenshots.

The Horizon Helpdesk Utility is designed to be a tool used by real help desk agents. The Horizon Helpdesk Utility takes all of the functionality of the current HTML5 based Helpdesk in VMware Horizon and adds true desktop integration features, including:

  • Greater speed in queries
  • Reduced steps to find a session
  • Multiple monitoring windows
  • Keystrokes for fast access
  • Native remote control functionality
  • Real-time updates
  • Built-in session experience score based on session performance and variables

Updated flings

VMware OS Optimization Tool

Changelog

July 30, 2018, b1100

  • Issue fix: With group selection operation, unselected optimization items are applied.
  • Issue fix: can not export analysis report

July 20, 2018, b1099

  • Template update: Windows 10 & Windows Server 2016
  • Prevent the usage of OneDrive for file storage
  • Registry changes:
reg add "HKLM\DEFAULT\Software\Classes\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d 0 /f
* reg add "HKLM\DEFAULT\Software\Classes\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\System\GameConfigStore" /v GameDVR_Enabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People" /v PeopleBand /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v AppCaptureEnabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance" /v Enabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\PenWorkspace" /v PenWorkspaceButtonDesiredVisibility /t REG_DWORD /d 0 /f reg delete "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDrive /F reg delete "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDriveSetup /F

Cross vCenter Workload Migration Utility

Changelog

Version 2.2, July 16, 2018

  • Support for vSphere Resource Pool and VM folder for placement under advanced options
  • Support for VMware Cloud on AWS (VMC) by specifying resource pool and folder options

Blockchain on Kubernetes

Changelog

July 16 2018, BoK 2.1

  • Support deployment of Hyperledger Fabric 1.1.0.
  • Allow users to customize the Fabric organizations and peers in bok.yaml.
  • Add ingress controller for serving traffic to Fabric peers nodes and explorer node.
  • Make improvement on stability and usability.
  • Verified against Kubernetes 1.10.3 and Pivotal Container Service (PKS) 1.1.0.
  • Updated the PCF Fabric Tile which supports creating Kubernetes cluster via PKS Tile and deploy Hyperledger Fabric in the Kubernetes cluster.

HCIBench

Changelog

Version 1.6.7.1

  • Fixed vSAN Performance Diagnostic API call
  • Fixed network validation message not clear issue
  • Fixed setting re-use VMs as default bug in 1.6.7

Version 1.6.7

  • Enabled https instead of http
  • Added storage policy field, user can specify storage policy for the data disks. For this version, storage policy can’t be assigned to existing client VMs
  • Enhanced deployment methodology
  • Enhanced vSAN Observer to avoid blow up the memory
  • Enhanced vSAN Performance Diagnostic API call with HCIBench workload configuration included
  • Added timestamp to the testing status
  • Bug fixes

ESXi Embedded Host Client

Changelog

Version 1.31.0 build 9277095 (Fling 21) – July 20, 2018

  • General
    • Resolve several issues related to dropdown selection
    • Update NTP UX
    • Update AngularJS to 1.6.10
    • Other minor bug fixes

vSphere HTML5 Web Client

Changelog

Fling 3.40 – Build 9292689
New Features

  • Host profiles
    • Check compliance
    • Pre-check and remediate host (known issue exists – see known issues)
    • Extract, edit host profile
    • Host profile favorites management (vCenter 6.5)
    • Copy settings between profiles (vCenter 6.5)