Sam has been working in the IT industry for nearly 20 years now, and is currently working for VMware as a Senior Technical Marketing Manger in the Cloud Management Business Unit (CMBU) focussed on Automation. Previously, he has worked as consultant for VMware PSO, specializing in cloud automation and network virtualization. His technical experience includes design, development and implementation of cloud solutions, network function virtualisation and the software defined datacentre. Sam specialises in automation of network virtualisation for cloud infrastructure, enabling public cloud solutions for service providers and private or hybrid cloud solutions for the enterprise.
Sam holds multiple high level industry certifications, including the VMware Certified Design Expert (VCDX) for Cloud Management and Automation. He is also a proud member of the vExpert community, holding the vExpert accolade from 2013-present, as well as being selected for the vExpert NSX, vExpert VSAN and vExpert Cloud sub-programs.
It is with great relief that I can announce I have passed my VCP NV (Network Virtualisation) having been caught out by the difficulty of the exam and failing previously.
Exam Preparation I was fortunate to attend a VMware internal bootcamp (roughly equivalent to the ICM course) for NSX and have had experience deploying production NSX environments, so that is by far the best preparation. As always, the exam blueprint is crucial, you *have* to know all areas covered there.
After a bit of a rocky start (missed my flight and the partner day due to tendonitis in my knee) I arrived in Barcelona for my 2nd VMworld Europe. I headed straight from the airport to the PernixData party and caught up with the rest of the Xtravirt guys.
Tuesday morning started as ever with a keynote address. It was a little disappointing, but not unexpected, that there were no real announcements or reveals in the keynote.
With the release of vCAC 6.1 there have been some great improvements in the setup of the clustered vCAC appliances - none of the previous copying of configuration files between appliances - just a simple wizard to do it all for you. In my opinion this is superb.
You’ll need to have deployed a load balancer of some sort - vCAC 6.0 build-out to distributed model – Part 3.1: Configure Load Balancing with vCNS or vCAC 6.
SSO is a fundamental requirement when deploying vCAC, whether for a distributed or simple installation. This walk through goes through the deployment and configuration of the vCAC Identity Appliance, which provides a stand alone SSO instance for vCAC.
Some of the posts in this series are completed with vCAC 6.0.1, others will be with 6.1. Where there are differences I will aim to point them out!
Deploying the OVF Deploying the OVF is very simple, just run through the wizard:
The NSX Edge Gateway comes pre-armed with the ability to provide an SSL VPN for remote access into your network. This isn’t a new feature (SSL VPN was available in vCloud Networking and Security), but it’s worth a run through. I’m configuring remote access to my Lab, since it’s often useful to access it when on a client site, but traditional VPN connections are often blocked on corporate networks where HTTPS isn’t.
Quick post to cover a fix for installing the VNXe SRA when you encounter the below error:
Failed to load SRA from ‘C:/Program Files/VMware/VMware vCenter Site Recovery Manager/storage/sra/EMC VNXe SRA’. SRA command ‘queryInfo’ didn’t return a response.
The components installed (in this order) are:
vSphere 5.5 SRM 5.5 UNISphere CLI 1.5.4.1.0027-1 VNXe SRA 5.0.0 The root cause is that the system locale is EN-GB rather than EN-US, however even changing the locale does not resolve the issue.
As a PowerShell fan I find using the vCO PowerShell plugin makes my life a whole lot easier. What isn’t easy however, is the configuration of vCO and a PowerShell jump host. Having done it a few times, this is my method for ensuring a secure working connection using HTTPS and Kerberos.
Configure the Orchestrator Appliance Since we’re planning on using Kerberos authentication, we’d better ensure that the time is correct AND syncs to the same source as the domain.
This was a fun little error, whilst installing the distributed IaaS roles I couldn’t seem to get the IaaS components to install – when I got the Website and Model Manager Data install it would fail with the following message:
##InitializeRepo Registering solution user in the VA, initializing Repository MetaModel and Authorization "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe" RegisterSolutionUser -url https://vcloud.definit.local --Tenant "vsphere.local" -cu "[email protected]" -cp ****** --FileName "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.
Recently I encountered this problem in a customer site whereby the logon to VCSA 5.5 would either time out, or take 3-5 minutes to actually log on.
Running a netstat on the VCSA during the attempt to logon showed there was a SYN packet sent to the vCOps appliance on port 443 that never established a connection. Another check was attempting to connect using curl <https://> –k - this would time out.
This is the fourth article in a series about how to build-out a simple vCAC 6 installation to a distributed model.
By the end of this post we will have deployed a second vCAC Appliance, clustered it with the first appliance and registered the load balanced URL with the Identity Appliance. This will mean logging on to https://vcloud.definit.local/shell-ui-app will be successful.
vCAC deployment with clustered and load balanced vCAC Appliances An overview of the steps required are below:
