Tag:

vmware

Deploying & Configuring the VMware LCM Bundle Utility on Photon OS: A Step-by-Step Guide

by Tommy Grot June 3, 2025

written by Tommy Grot 4 minutes read

The need for streamlined VMware appliance updates is undeniable. Managing a VMware Cloud Foundation environment and its appliances can quickly become a complex and time-consuming task, especially in an offline, disconnected VCF environment. This post provides a detailed, step-by-step guide to deploying and configuring the VMware Lifecycle Manager (LCM) Bundle Utility on Photon OS, offering a significant improvement in update management efficiency. We’ll cover everything from initial setup to verifying successful configuration, providing clear instructions and practical advice for administrators comfortable with Photon OS command-line interfaces. Let’s get started!

If you’re interested in creating an offline depot for VCF, check out Aaron Rombaut; he wrote an excellent blog post tailored for VCF offline depots.

What is Required:

Photon OS ISO (Only Supported on Photon**)
Virtual Machine with 2+ vCPUs & 4GB+ Memory & 1TB Storage
PuTTY
WinSCP

** The LCM Bundle Utility is currently not supported on other Linux distributions or Windows, particularly due to the new Broadcom Token Implementation

You will need to obtain the full ISO x86_64 image.

Download	Size	sha512 checksum
Full ISO x86_64	4.4G	6a7a258399a258da742032987c043ab25503698d35edafaf1ae000f12127da1a161d8b84caa17fd8f23d129e81e1faa7ab087c20ab9229772a643f8f9475305f

Create New Virtual Machine ->

Virtual Machine name ->

Select the compute resource ->

Select your Storage ->

Select Default ->

Select VMware Photon OS (64-bit)

Configure the virtual machine with the following specifications: 2 vCPUs, 4GB of memory, a 1TB disk, and network access. The number of CPUs and memory can be increased later if required.

Deploy!

Now, that you have deployed the virtual machine, lets connect to it via VMRC and mount the Photon OS ISO.

Install ->

EULA ->

Select the 1TB disk. I kept the partitioning on Auto, but you can manually partition it if you prefer.

Select, Photon Real Time ->

Since my Photon LCM VM is deploying on an NSX segment with DHCP, I left it on automatic, but the configuration will vary depending on your implementation.

Set Host name ->

Password ->

Start Install ->

Installing…

Lets boot up to the new Photon VM!

Connect to the Photon OS VM via Remote Console and log in.

Let’s edit the sshd_config file to allow root to connect via SSH.

vi /etc/ssh/sshd_config

Update the following config and uncomment

Port 22
AddressFamily any
ListenAddress 0.0.0.0

Change PermitRootLogin to yes from no

Restart SSH Service

systemctl restart sshd.service

Now that we have completed deploying Photon OS and preparing the virtual machine so that we can SSH into it, we needed to update the SSH configurations within the sshd_config file to allow root to SSH and allow port 22 to listen. Next, we will upload the LCM Bundle Utility via WinSCP

Connect via PuTTY, and then we will untar the lcm-tools-prod.tar.gz.

We will need to make the bin directory with lcm-bundle-transfer-util executable

chmod u+x -R bin/

Change directory to conf. Next, we will use vi to edit the application-prod.properties file and update the required fields below.”

You will need to tailor the Depot Properties to accommodate the Broadcom Download Token. More information is available here.

################### Depot properties ########################
lcm.depot.adapter.certificateCheckEnabled=false
lcm.depot.adapter.port=443
lcm.depot.adapter.host=dl.broadcom.com
lcm.depot.adapter.remote.rootDir=/<Token Here>/PROD
lcm.depot.adapter.remote.repoDir=/COMP/SDDC_MANAGER_VCF
lcm.depot.adapter.remote.index.filename=index.v3
lcm.depot.adapter.remote.offline.index.filename=index.offline
lcm.depot.adapter.local.baseDir=${lcm.bundle.download.default.dir}/tmp
lcm.depot.adapter.local.input.spec.dirname=asyncPatchSpecs
lcm.depot.adapter.local.compatibility.path=v1/products/bundles/type/vcf-lcm-bundle
lcm.depot.adapter.enableBundleSignatureValidation=true
lcm.bundle.manifest.dirname=manifests
lcm.bundle.dirname=bundles

lcm.depot.adapter.lcmManifestFile=lcmManifest.json
lcm.depot.adapter.remote.productVersionCatalog.filename=productVersionCatalog.json
lcm.depot.adapter.remote.lcmManifestDir=/COMP/SDDC_MANAGER_VCF/lcm/manifest
lcm.depot.adapter.enableBundleChecksumValidation=true

lcm.depot.adapter.enableLatestToolVersionCheck=true
lcm.depot.adapter.remote.bundletransferconfig.repoDir:/COMP/SDDC_MANAGER_VCF/obtu

Now that we have updated the applications-prod.properties file, let’s run it. I have extracted my PlannerFile and uploaded it to /root/plannerFile.json.

./lcm-bundle-transfer-util --download --plannerFile /root/plannerFile.json --depotUser <Email-Here>

It is working on Photon OS! The download process has begun.

Deploying the VMware Lifecycle Manager Bundle Utility on Photon OS is a worthwhile investment for any administrator responsible for a VMware Cloud Foundation environment. This guide has provided the foundation for simplifying your appliance updates, reducing operational overhead, and ensuring a more stable and efficient infrastructure. Embrace this approach and take control of your VCF updates!

June 3, 2025 0 comments 447 views

VMware Cloud Foundation

VMware Cloud Foundation: Don’t Forget About SSO Service Accounts

by Tommy Grot May 14, 2025

written by Tommy Grot 5 minutes read

VMware Cloud Foundation (VCF) delivers a modern, automated infrastructure. A vital, but frequently neglected, element of its operation is enabling password rotations. The svc-nsx-vc-fqdn service account within the vCenter Server SSO domain and SDDC Manager. This account is critical for NSX or LCM functionality and integration between solutions, and its failure – typically due to an expired or incorrect password – can cause significant disruption to your VCF environment. This post will highlight the importance of svc-nsx-vc-fqdn, explain the impact of a failed account, and provide proactive measures to ensure its ongoing health and prevent costly outages.

Error Message – “NSX is integrated with vLCM feature of vSphere system. Cannot disable two way authentication and service account creation functionality”

Verifying Service Account with CURL

When the SDDC Manager Password Management UI displays an invalid or outdated timestamp for the svc-nsx-vc-fqdn service account, it indicates a potential synchronization issue between SDDC Manager and the underlying vCenter SSO domain. This can lead to authentication problems and network connectivity issues within your VMware Cloud Foundation environment. As illustrated below, the ‘Last Modified Date’ is incorrectly displayed as 11/10/23 1:03PM. Let’s examine this issue in more detail.

Addressing SDDC Manager UI Timestamp Discrepancies

To troubleshoot this, administrators can use the curl command to directly query the VCF SDDC API and verify the existence and timestamp of the svc-nsx-vc-fqdn object. This bypasses the SDDC Manager UI and provides a more accurate view of the account’s state.

SSH Into SDDC Manager – ( Prepare your command using your SSO account credentials. While ‘[email protected]‘ may be a default account, you must retrieve the current, rotated password using the lookup_password utility within SDDC Manager.
Elevate to root ” su – “
Run the Bearer Token curl to retrieve a access token

TOKEN=$(curl -d '{"username" : <sso_username>, "password" : "<sso_password>"}' -H "Content-Type: application/json" -X POST http://127.0.0.1/v1/tokens | jq -r '.accessToken')

Once we have gotten the Bearer Token we are now able to execute the next CURL command with syntax below:

curl -k -X GET -H "Authorization: Bearer "$TOKEN"" --insecure 'https://localhost/v1/system/credentials/service' | json_pp

So, now that we have execute the CURL command above you will get a detailed JSON API back which has all the creation times and ensuring that the SSO Service account still exists and has not disappeared even though the SDDC Manager UI is showing — or incorrect timestamp of last time it was active / updated / modified.

{
"creationTime" : 1699646593061, #This is the timestamp representing when the object was created
"credentialType" : "SSO" #This is indicating that it is apart of the SSO Domain
"entityId" : "17bd9679-a83b-485c-9b97-ac079827224d", # Unique identifier which is stored in the VCF SDDC Database.
"entityType" : "VCENTER", #Displays that this SSO object is related to vCenter
"id" : "b69362ad-c797-4689-b763-f1fc4aed5dff",
"modificationTime" : 1699646593061, #Timestamp showing when last time this object was modified
"serviceId" : "0dd05d81-6eaa-442b-9d47-fb1134ffdbe6", #This is the ID between NSX Managers and vCenter
"serviceType" : "NSXT_MANAGER",
"targetType" : "VCENTER",
"username" : "[email protected]" # Username of service account which is integrating the two solutions
}

Now that you have executed the curl command, you should see output similar to the example JSON I’m providing above, where I’m commenting on the specific API fields of interest and explaining what they mean.

As demonstrated in the JSON outputs for other credentials, the ‘secrets’ field typically contains the encoded password within the API. However, for this specific SSO Account, this field is absent, allowing us to manually set the password on both sides of vCenter and NSX and SDDC and re-establish the connection.

Remediation of Service Account

After verifying that the SSO accounts still exist within SDDC, if you attempt to rotate them using the SDDC Password Manager UI, the initial rotation will often stall at approximately 50% and present a retry or cancel popup. Waiting the 15 minutes suggested in some KB articles and then retrying will result in the process reaching 100%, followed by a rapid failure. This is due to timing differences and synchronization processes between vCenter, NSX and SDDC.

First, lets set a basic password within vCenter SSO for the “[email protected]” Set it to VMware1!VMware1! , after you hit save wait few seconds

After the password has been updated manually via vCenter Users and Groups for the “[email protected]”.

Then log into your NSX Manager – > System -> Fabric -> Compute Managers -> Edit on vCenter Object and click edit on the FQDN | IP Address, and input your svc sso account and password.

Note: Ensure that ‘Create Service Account’ is enabled and ‘Enable Trust’ is also selected. If you encounter an error during the connection process, toggle the ‘Create Service Account’ option, enter the password, save the configuration, and then re-enable the Service Account.

Finally, lets go back into the SDDC Manager -> Password Management -> Filter based on vCenter

Enter the remediated password you previously set within vCenter and NSX. Executing this operation should result in a successful completion task within a few minutes.

Now that two-way communication between vCenter and NSX has been re-established, you can resume standard operations, including enabling vLCM for baseline-controlled patching or image-based deployments.

Beyond the technical steps, this highlights the importance of treating credential management as a proactive, ongoing process. Regular audits, automated password rotation, and diligent verification using methods like the curl command we’ve explored, aren’t merely reactive fixes—they’re essential components of a robust security posture and a resilient infrastructure. Prioritizing these practices ensures that your VMware Cloud Foundation environment remains a reliable and secure foundation for your critical applications and workloads.

May 14, 2025 0 comments 341 views

Events

VMware Explore Las Vegas 2025: Illuminating the Path to Cloud Excellence!

by Tommy Grot May 5, 2025

written by Tommy Grot 15 minutes read

In the vibrant city of Las Vegas, where lights illuminate the night sky, technology enthusiasts and visionaries will gather for VMware Explore 2025 – an event that promises to be a beacon of innovation. This year’s conference will not only showcase the latest advancements in cloud computing and VMware Cloud Foundation, but also inspire attendees to embrace the transformative power of digital technologies.

As we prepare for this remarkable gathering, expect to witness a fusion of cutting-edge solutions and entertainment. VMware Explore Las Vegas 2025 aims to provide a platform where industry experts share their insights on shaping the future of cloud infrastructure. From cloud security strategies to the latest developments in edge computing, every presentation is tailored to equip businesses with the tools needed for sustainable growth.

Be part of this illuminating experience and discover how VMware’s vision aligns with your own digital aspirations. Network with peers, learn from industry leaders, and explore the city that never sleeps during the day—all while gaining valuable insights into cloud technologies.

Welcome to a journey where knowledge meets excitement at VMware Explore Las Vegas 2025!

Explore 2025 Registration

Pricing Options:

Attending the highly anticipated VMware Explore Las Vegas 2025 doesn’t have to break the bank. The event offers a range of pricing options to cater to various budgets and levels of participation:

Full Event: Secure your spot early and enjoy a discounted rate. These tickets are ideal for those who want to maximize savings while ensuring their place at the conference. (Price: $1795, onsite rate $2,195)
Essentials: $1,195 – Get almost everything from what the Full Event pass has minus, Sessions & Labs Scheduling, Certification Exam, The Party, Events Meals, Explore Backpack and T-Shirt.
Meetings+: $695 This pass is meant for customers that are only interested in the General Session, The Meeting Center, The Hub.

Registration Benefits:

Access to world-class keynote speakers and industry thought leaders.
In-depth workshops and technical sessions covering cloud management, security, and more.
Networking opportunities with peers and potential business partners.
Exclusive event merchandise and digital resources post-event.

Don’t miss out on this opportunity to invest in your professional development while exploring the vibrant city of Las Vegas. Register now and secure your place at VMware Explore 2025!

Hands-On Labs (HOL) and Their Impact & Experience’s

One of the most exciting aspects of attending VMware Explore Las Vegas 2025 is the opportunity to engage in hands-on labs (HOL), which offer a practical, immersive learning experience. These labs are designed to empower end users and administrators by providing them with a chance to experiment with new VMware solutions in a controlled environment.

Why Hands-On Labs Matter:

Practical Application: HOL allows attendees to apply theoretical knowledge gained from presentations and discussions. By actively working with VMware technologies, participants gain a deeper understanding of their capabilities and limitations.
Risk-Free Experimentation: In a controlled lab setting, administrators can test new configurations, deploy virtual machines, or explore advanced features without impacting production environments. This risk-free environment encourages experimentation and innovation.
Skill Enhancement: These labs are tailored to cover various skill levels, from beginner to advanced. Beginners can grasp fundamental concepts, while experienced professionals can delve into complex scenarios, ensuring everyone benefits.
Realistic Scenarios: VMware Explore often recreates real-world use cases, enabling administrators to simulate enterprise environments. This helps them understand how to apply VMware solutions in practical situations, enhancing their problem-solving skills.

Benefits for End Users and Administrators:

Enhanced Learning Experience: Hands-on labs provide an interactive learning curve, making it easier for attendees to retain information. By doing, they learn more effectively than through passive listening.
Productivity Boost: Administrators can gain hands-on experience with the latest VMware products, enabling them to implement new solutions faster and more efficiently upon returning to their organizations.
Community Engagement: HOL sessions often foster discussions among attendees, allowing them to share insights, ask questions, and learn from peers. This collaborative environment expands their network and knowledge base.
Staying Ahead of the Curve: VMware Explore introduces new technologies and best practices. By participating in these labs, administrators stay informed about industry trends and can offer innovative solutions to their organizations.

What to Expect at VMware Explore 2025 HOL:

Diverse Topics: Labs will cover a wide range of subjects, including VMware Cloud Foundation 5.x, vSphere Foundation, NSX networking, vSAN, and more. Each lab will provide step-by-step guidance and practical exercises.
Expert Mentors: VMware’s subject matter experts (SMEs) will be on hand to assist participants, answer questions, and offer valuable insights during the hands-on sessions.
Interactive Workshops: Some HOL sessions might include interactive workshops where attendees work in pairs or small groups, fostering collaboration and knowledge sharing.
Post-Lab Support: After completing a lab, participants can access online resources, documentation, and forums for further learning and troubleshooting.

Attending VMware Explore Las Vegas 2025 and actively participating in the hands-on labs is an investment in your professional growth as an end user or administrator. It offers a unique opportunity to learn, experiment, and connect with industry experts, ultimately benefiting both personal development and organizational success.

Certifications: Maximizing Your Investment

Attending VMware Explore Las Vegas 2025 offers not only valuable learning experiences but also provides an excellent opportunity to enhance your credentials through certifications. Let’s dive into how this event can benefit you financially and professionally, especially regarding exam preparation and retakes.

Certifications at Your Fingertips:

Convenient Exam Opportunities: During VMware Explore, there are dedicated certification exam sessions where you can sit for various VMware exams right after completing relevant training on hands-on labs. This streamlined process saves time and minimizes the hassle of scheduling exams separately.
Wide Range of Certifications: From VMware Cloud Foundation (VCP-VCF), VMware vSphere Foundation (VCP-VVF), to VCP and VCAP’s ranging from NSX networking and Cloud on VMware solutions, a variety of certifications are available, catering to different career paths and skill levels. You can choose the most relevant credential for your goals.

Benefits of Passing Exams at VMware Explore:

Cost Savings: By passing exams during the event, you avoid the expense of taking them separately elsewhere. Also a benefit of the Full Event Pass you get a complimentary exam voucher and during the event certifications are half off, discounted price. The cost of attending VMware Explore includes access to certification exams, making it a cost-effective way to gain qualifications.
Retake Privileges: In many cases, if you don’t pass an exam on your first attempt, you have the advantage of retaking it during the event. This flexibility is valuable as it allows you to strengthen your understanding and improve your chances of success without additional fees.
Instant Feedback: After taking the exam, you often receive immediate results, feedback, and score breakdowns. This instant feedback helps identify areas for improvement, allowing you to focus on specific topics before retaking the exam.

Long-Term Advantages:

Enhanced Career Prospects: VMware certifications hold significant weight in the industry and are recognized globally. Obtaining these credentials can boost your employability, open doors to new career opportunities, and potentially lead to higher salaries.
Continuous Learning: VMware Explore encourages a culture of continuous learning. By attending regular events and updating your certifications, you stay current with the latest technologies, ensuring your skills remain market-relevant.
Community Engagement: The certification process often involves interacting with peers and industry experts. Building these connections can lead to valuable collaborations, mentorships, or even job opportunities.

Strategizing Your Success:

Preparation is Key: Before attending VMware Explore, ensure you have a solid foundation in the relevant areas. Review study materials, participate in HOL sessions, and consider joining preparation groups or forums to share insights.
Time Management: Plan your schedule during the event to allocate sufficient time for exam preparation and retakes if needed. Prioritize exams based on your career goals and the time required to study for each.
Post-Exam Support: After passing (or retaking) an exam, take advantage of post-exam resources, such as review materials and support forums, to reinforce your understanding and knowledge retention.

By strategically approaching VMware Explore 2025 with a certification focus, you can maximize the event’s benefits, save costs, and advance your career prospects simultaneously. It’s a win-win situation that demonstrates VMware’s commitment to empowering professionals through continuous learning and development.

Product Related Information / Broadcom’s Vision:

Hock Tan began by highlighting VMware by Broadcom’s rich history and its role in revolutionizing virtualization and cloud computing.

At VMware Explore 2024, the company’s CEO, Hock Tan, took the stage to present a vision for the future of the company and reassure customers about its commitment to innovation and their success.

He acknowledged the company’s impressive track record of innovation, including recent innovations like VMware Cloud Foundation 9 and many other updates within Private AI and business operations, which have expanded VMware’s capabilities in areas like cloud management and multi-cloud.

Tan’s key messages from the general session and explore how VMware is positioning itself for the future while maintaining a strong focus on its customers’ needs. Along with announcing the large community that backs VMware – VMUG and VMware vExperts.

Meeting that One Person:

Attending an event like VMware Explore can be a fantastic opportunity to meet like-minded professionals from various sectors, all united by their passion for cloud computing and virtualization.

VMware Explore 2024 was an absolute blast. It was great to connect with many outstanding individuals, just interacting and sharing experiences with fellow tech enthusiasts is always an inspiring time, filled with passion and energy

Connecting with fellow tech enthusiasts offers several benefits:

Knowledge Exchange: Engaging with people from various backgrounds and experiences provides opportunities to learn different perspectives, best practices, and innovative ideas related to cloud computing, virtualization, and beyond.
Networking Opportunities: Building relationships with like-minded professionals can lead to future collaborations, mentorships, or even business partnerships. These connections often become valuable resources throughout your career.
Inspiration and Motivation: Interacting with individuals who are passionate about technology can be incredibly inspiring. Their enthusiasm and dedication can ignite your own passion, motivate you to explore new possibilities, and push the boundaries of what you thought was achievable.
Community Building: Events like VMware Explore contribute to a global tech community. These gatherings strengthen this community by fostering dialogue, sharing knowledge, and encouraging collaboration. It’s a reminder that we’re all part of something bigger, working together to shape the future of technology.
Personal Growth: Stepping out of your comfort zone and engaging in conversations with strangers can boost your confidence, improve communication skills, and enhance your ability to connect with people from diverse backgrounds.

Remember, building connections is a two-way street. Being genuine, show interest in others, and offer value wherever possible. The right person could be anyone, and by putting yourself out there, you increase your chances of meeting that one individual who will make a significant impact on your career or personal growth.

So, it’s no wonder that VMware Explore 2024 left a lasting impression and inspired many. Keep nurturing these connections, stay open to new ideas, and let the energy and passion continue to drive your tech journey!

The Most Valuable Session(s):

The most valuable sessions for me were ‘Shaping the Future of Cloud and AI Innovation’ and learning how to leverage VMware Cloud Foundation (VCF) and Private AI Foundation to enable organizations to implement a private AI ecosystem. This includes utilizing CPUs to run AI language model (LLM) workloads, not just relying on GPUs.

This knowledge has empowered me to make strategic decisions for my organization and the customers I support, and it has provided me with a deep understanding of what is involved in hosting and providing your own private AI solution on VCF.

Shaping The Future Of Cloud And AI Innovation [GEN2495LV]

As we navigate the rapidly evolving landscape of cloud and artificial intelligence (AI), it’s crucial to stay ahead of the curve. In this thought-provoking session, you’ll have the opportunity to explore the latest advancements in cloud and AI innovation, and discuss how they will shape the future of our industry.

What’s This General Session All About?

Join us as we delve into the exciting world of cloud and AI, exploring topics such as:

Cloud-Native Applications: Learn about the latest trends and best practices for building cloud-native applications that are scalable, secure, and highly available.
AI-Driven Innovation: Discover how AI is transforming industries and driving innovation, from natural language processing to computer vision and beyond.
Edge Computing: Understand the importance of edge computing in today’s IoT-enabled world and learn about the latest advancements in this rapidly evolving space.

AI Without GPUs: Using Your Existing CPU Resources To Run AI Workloads [INVB2189LV]

As AI adoption continues to grow, the need for powerful processing capabilities becomes increasingly important. Traditionally, this has meant relying on Graphics Processing Units (GPUs) or specialized hardware like TPUs or FPGAs. However, what if you could harness your existing Central Processing Unit (CPU) resources to run AI workloads? In this session, we’ll explore the possibilities and limitations of running AI without GPUs.

What’s This Session All About?

Join us as we delve into the world of CPU-based AI processing. You’ll learn about:

CPU-Accelerated AI: Discover how CPUs can be used to accelerate AI workloads, such as machine learning, computer vision, and natural language processing.
Best Practices for Optimizing CPU-Based AI: Learn strategies for optimizing your CPU-based AI workloads, including data type selection, kernel optimization, and memory management.

Community Events:

Community events and leadership receptions like the one from VMware Explore 2024, play a pivotal role in shaping one’s journey within the tech industry. These gatherings offer a myriad of benefits, fostering connections, sharing knowledge, and inspiring growth. Here’s why:

Networking Opportunities: Such events bring together professionals from various sectors and backgrounds. They provide a unique platform for individuals to expand their network, meet potential mentors, collaborators, or even future employers. Face-to-face interactions often leave a lasting impression, leading to meaningful relationships that can open doors to new opportunities.
Knowledge Transfer: Tech events are hotspots for knowledge sharing. Presentations, workshops, and panel discussions offer insights into the latest technologies, best practices, and industry trends. Attendees gain access to expertise from leaders in the field, enabling them to stay ahead of the curve or solve complex problems they encounter in their work.
Career Growth: For early-stage professionals or those seeking a career shift, community events can be instrumental. They offer exposure to diverse roles and opportunities within the tech industry. Mentorships initiated at such events can guide individuals through their career paths, provide advice on skill development, and open doors to new possibilities.
Building a Support System: The tech journey can be isolating, especially for remote workers or those in niche fields. Community events create a sense of belonging by bringing together people who share similar passions. This support system can offer encouragement, challenge one another’s ideas, and provide a safe space for open dialogue.
Inspiring Innovation: Interacting with peers from different organizations sparks creativity and innovation. It allows you to see how others are tackling challenges, leading to new perspectives and potential solutions. These exchanges can inspire individuals to think outside the box and approach their work from fresh angles.
Learning from Peers: Sometimes, the best learning occurs when professionals share their experiences and struggles. Community events provide a safe environment for peer-to-peer learning, where individuals can discuss challenges, exchange war stories, and gain insights into how others have navigated similar situations.
Brand and Company Exposure: For tech companies, these events serve as a platform to showcase their products, services, and company culture. They attract potential talent, foster brand awareness, and build a positive employer reputation. Leadership receptions in particular can facilitate direct interactions between company representatives and interested individuals.

In essence, community events and leadership receptions are vital for personal and professional growth within the tech realm. They bridge the gap between learning, networking, and applying knowledge to real-world challenges, ultimately contributing to a thriving tech ecosystem.

Why VMware Explore 2025 in Las Vegas is a Must-Attend Event

VMware Explore 2025, taking place in the vibrant city of Las Vegas, promises to be an extraordinary gathering of tech enthusiasts, innovators, and industry leaders. Here’s why you should consider making it a priority:

Tech Innovation Hub: Las Vegas serves as a global hub for innovation, and VMware Explore leverages this by showcasing cutting-edge technologies, trends, and advancements in cloud computing, AI, security, and more.
Networking Paradise: The event brings together a diverse range of professionals from around the world, offering unparalleled networking opportunities. You’ll connect with peers, mentors, and potential partners, fostering relationships that can shape your tech journey.
Knowledge Exchange: With insightful keynotes, workshops, and panel discussions, VMware Explore 2025 is a knowledge hub. You’ll gain access to industry experts sharing their insights, best practices, and real-world experiences, empowering you with valuable takeaways.
Inspirational Stories: Hear from influential speakers who have navigated the tech landscape successfully. Their inspiring journeys and visionary ideas can ignite your creativity and motivate you to push boundaries in your own career.
Fun and Engagement: Beyond learning, VMware Explore offers a unique blend of social activities, entertainment, and networking events and not to forget but The Party, last year Jimmy Eats World played at Explore. Las Vegas provides an energetic backdrop for building connections while enjoying the city’s vibrant culture.

In summary, VMware Explore 2025 is not just an event; it’s an immersive experience that combines learning, networking, and inspiration. Attending will equip you with valuable insights, expand your professional network, and leave you energized and ready to tackle tech challenges head-on.

May 5, 2025 0 comments 319 views

VMware Cloud Foundation

Securing Software Updates for VMware Cloud Foundation: What You Need to Know

by Tommy Grot March 24, 2025

written by Tommy Grot 2 minutes read

Starting March 24, 2025, Broadcom will implement a significant change in the distribution of VMware software binaries for key products. This update aims to enhance security and ensure compliance with industry standards for all our VMware Cloud Service Providers (VCSPs).

From this date onwards, downloading updates and patches for VMware Cloud Foundation, vCenter, ESXi, and vSAN File Services will be handled through a secure new process. This change is crucial for maintaining the integrity and confidentiality of software components, protecting against potential vulnerabilities, and ensuring reliable access to the latest features and bug fixes.

Stay tuned for more details on the implementation and any necessary steps to ensure a smooth transition. Your trusted cloud services are about to get even stronger!

Prepare for VMware Utility

Links for PowerShell Gallery

You will need to download and install PowerCLI addons for PowerVCF and VMware.Powercli for your desktop or virtual machine. As shown in the example below I needed to download both.

VMware Depot How To:

Log into Broadcom Support Portal, in the main dash board toward the bottom right you will see Quick Links -> Generate Download Token ->

Select your Site ID and click Generate Token

Once you have generated a token, you will need to download the VMwareDepotChange Script from VMware KB

Now that you have the script downloaded, you will want to execute the command below, before running the script.

The SSL connection could not be established, see inner exception.

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

The SSL connection could not be established, see inner exception.
See pre-requisites. Ensure you have set the PowerCLI to ignore invalid certificates or have established SSL trust.

First we will select 1. Choose deployment type and connect:

Now, the interactive prompt will ask you if it is a VCF Deployment? (Y)

After you have connected to your SDDC Manager and vCenter, next we will select Option 2. Enter your token. Below is an example of the output. (My Token is masked out)

Next we will select Option 4 Update, this will connect to the SDDC Manager and vCenter and update the depot from the old vmware depot to dl.broadcom.com/etc/…

After you have updated the depot, log back into VCF/SDDC Manager and go to Administration -> Depot Settings and Authenticate, once you have finished wait 5 minutes and you will be able to download again!

March 24, 2025 0 comments 514 views

VMware Cloud Foundation

VMware Cloud Foundation 5.2: A Guide to Simplified Upgrade with Flexible BOM

by Tommy Grot March 11, 2025

written by Tommy Grot 5 minutes read

VMware Cloud Foundation (VCF) has revolutionized the way organizations deploy, manage, and secure their on-premises infrastructure. With the recent release of VCF 5.2, VMware continues to push the boundaries of hybrid-cloud innovation, offering enhanced features, improved scalability, and streamlined management capabilities.

One of the most significant enhancements in VCF 5.2 is the introduction of Flexible Bill of Materials (BOM), a game-changing approach to infrastructure upgrades. Gone are the days of rigid, one-size-fits-all upgrade paths; with Flexible BOM, administrators can now customize their upgrade process to meet the unique needs of their organization.

In this blog post, we’ll delve into the world of VCF 5.2 and Flexible BOM, exploring the benefits, best practices, and step-by-step procedures for a successful upgrade. Whether you’re a seasoned VCF administrator or just starting your hybrid-cloud journey, this guide will provide you with the insights and expertise needed to elevate your infrastructure to the next level

Flexible BOM Process

Downloading The Bits:

The files will be downloaded with a internet connected laptop/desktop or virtual machine.

Note: I am using “03102025” as the directory structure for this process, you can use any name you like for the folder.

First, let’s open up the Offline Bundle Utility Tool (LCM) and start preparing commands to enter, you may copy below and replace to fit your system and your credentials.

(Since, I am using windows for downloading the bundles you will want to run the LCM with out the ./lcm-bundle… as executable, so it would just be “lcm-bundle… for windows” )

lcm-bundle-transfer-util --download --manifestDownload --depotUser <email> --outputDirectory C:\03102025

lcm-bundle-transfer-util --download --bundleManifests --depotUser <email> --bundleManifestsDir C:\03102025

lcm-bundle-transfer-util --download --compatibilityMatrix --depotUser <email> --outputDirectory C:\03102025

Note: If you do not have a VXRAIL Platform, you and disregard the –pdu dell_depot_email, remove it from the syntax as below in the screenshot.

lcm-bundle-transfer-util --depotUser <email> --download productVersionCatalog --outputDirectory C:\03102025

Uploading The Bits:

Once you have downloaded all the updates and manifest files, upload them to the SDDC manager appliance. Keep all the files extracted in the /home/vcf/ directory.

For actual bundles those will be uploaded to the /nfs/vmware/vcf/nfs-mount/ due to the large size and /home/vcf/ is limited on space.

File Structure Table

Note: This will provide simplified way of uploading and ingesting the VCF files and updates following the table below.

`--bundleManifests`	/home/vcf/bundleManifests	Upload the bundleManifests directory into /home/vcf/
`--compatibilityMatrix`	/home/vcf/Compatibility/	Upload the Compatibility directory into /home/vcf/
`productVersionCatalog`	/home/vcf/	`Upload the productVersionCatalog`.json in /home/vcf/ directory
`--sourceManifestDirectory`	/home/vcf/lcm/	Upload the lcm directory into /home/vcf/

bundleManifests

./lcm-bundle-transfer-util --update --sourceManifestDirectory /home/vcf --sddcMgrFqdn FQDN --sddcMgrUser [email protected]

./lcm-bundle-transfer-util --upload --bundleManifests --bundleManifestsDir /home/vcf/

./lcm-bundle-transfer-util --update --compatibilityMatrix --inputDirectory /home/vcf --sddcMgrFqdn FQDN --sddcMgrUser [email protected]

./lcm-bundle-transfer-util --upload productVersionCatalog --inputDirectory /home/vcf --sddcMgrFqdn FQDN --sddcMgrUser [email protected]

After you have completed the above steps for updating the BOM and Products, Manifests. Next we will go to the workload domain you want to patch. Select Plan Patching -> Select the Products you want to upgrade/patch.

./lcm-bundle-transfer-util –generatePlannerFile –sddcMgrFqdn <your FQDN> –sddcMgrUser [email protected] –outputDirectory /home/vcf –domainNames vcf-m01 -p 5.2.1.0

An Example of the plannerFile.json below:

[{"id":"f486b010-2441-4ee3-93a3-1cae8d375e1e","type":"VMWARE_SOFTWARE","description":"This VMware Software Upgrade bundle contains vSphere ESXI 80U3d, for more information, refer https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3d-release-notes.html","version":"608.169.14-83637536","severity":null,"vendor":"VMware","releasedDate":"2025-02-24T12:00:00Z","isCumulative":false,"isCompliant":null,"sizeMB":606.376953125,"downloadStatus":"PENDING","components":[{"description":"ESXI bundle element","vendor":"VMware","releasedDate":"2025-02-24T12:00:00Z","toVersion":"8.0.3-24585383","fromVersion":"1.1.1-1","imageType":"PATCH","id":"54bf5dce-40e1-408b-9a1d-6ebb63b3dabe","type":"HOST"}],"applicabilityStatus":"PENDING","applicabilityOrder":2,"isPartiallyUpgraded":false},{"id":"d70ed6b4-26b7-4e40-a516-57492b7ddb72","type":"VMWARE_SOFTWARE","description":"This VMware Software Upgrade bundle contains NSX 4.2.1.3, For more information, refer https://techdocs.broadcom.com/us/en/vmware-cis/nsx/vmware-nsx/4-2/release-notes/vmware-nsx-4213-release-notes.html","version":"310.71.51-83059794","severity":null,"vendor":"VMware","releasedDate":"2025-02-03T12:00:00Z","isCumulative":false,"isCompliant":null,"sizeMB":9070.224609375,"downloadStatus":"PENDING","components":[{"description":"NSX-T Manager patch bundle element","vendor":"VMware","releasedDate":"2025-02-03T12:00:00Z","toVersion":"4.2.1.3.0-24533884","fromVersion":"1.1.1-1","imageType":"PATCH","id":"2b89cce2-b0e9-4595-964e-0df5711b0a9d","type":"NSX_T_MANAGER"}],"applicabilityStatus":"AVAILABLE","applicabilityOrder":1,"isPartiallyUpgraded":false}]

Once you have generated the file, copy it from the SDDC Manager onto your internet connected machine.

lcm-bundle-transfer-util --download --plannerFile C:\03102025\plannerFile.json --depotUser <your username for VMware Depot>

Once your bundles have been downloaded, you will want to transfer them to the system that will be upgraded. After everything is uploaded into the NFS Directory on SDDC Manager, you will want to make sure that you elevate to root by su for ingesting bundles.

Now we will go back to the SDDC Manager, upload the actual bundles into the /nfs/… share and ingest them with command below.

./lcm-bundle-transfer-util --upload --bundleDirectory /nfs/vmware/vcf/nfs-mount/03102025/

If you have a VXRAIL VCF Deployment you will want to upload the Partner Bundles with the command below:

./lcm-bundle-transfer-util --upload "uploadPartnerBundle" --bundleDirectory directory-path

Once all update bundles have been uploaded, go back to the SDDC Manager User Interface, and you should see that the Update Now button shows up and lets you proceed with the upgrade!

March 11, 2025 0 comments 702 views

VMware Cloud Foundation

VMware Cloud Foundation 5.2: Unlocking Secure Hybrid Cloud Capabilities with Microsoft Certificate Authority

by Tommy Grot February 18, 2025

written by Tommy Grot 5 minutes read

In the ever-evolving landscape of cloud computing, security remains paramount, especially as organizations strive to build robust hybrid cloud environments. VMware, a pioneer in virtualization and cloud infrastructure, has released an update that strengthens its portfolio—VMware Cloud Foundation 5.2. This new version brings a plethora of enhancements, focusing on improved security features, and integration is with Microsoft Certificate Authority or also OpenSSL but we will utilize Microsoft Certificate Authority.

The Power of Secure Certificates

Certificates play a pivotal role in establishing secure connections within cloud environments. They ensure data encryption, authenticate users and devices, and prevent man-in-the-middle attacks. With this latest release, VMware Cloud Foundation 5.2 leverages the power of MCA to provide organizations with a centralized, automated, and scalable certificate management system.

Integrating Microsoft Certificate Authority

Microsoft Certificate Authority (MCA) is a robust solution for managing digital certificates, offering advanced security features and seamless integration with various cloud platforms. By integrating MCA into VMware Cloud Foundation 5.2, organizations can:

Automate Certificate Deployment: Streamline the process of issuing and deploying certificates across multiple clouds and on-premises data centers.
Centralized Management: Gain a unified view and control over all certificates from a single location, simplifying administration.
Enhanced Security: Benefit from MCA’s advanced security features, including long-term key protection and certificate revocation, to safeguard cloud infrastructure.
Cost Efficiency: Reduce the overhead of managing certificates independently in different environments.

What’s Ahead for Hybrid Cloud Security

VMware Cloud Foundation 5.2 marks a significant step towards simplifying and strengthening security in hybrid cloud deployments. By embracing this update, organizations can future-proof their infrastructure, ensuring data and user privacy. Stay tuned for more insights into this exciting release and its impact on the cloud computing landscape.

Procedure

This walk through assumes that you have already configured a Certificate Authority server, if you did not, ensure to get that created first but in the mean time lets get started!

First, we will go connect via RDP to the Microsoft CA Server

Ensure to install the Following:

Certificate Authority
Certificate Enrollment Policy Web Service
Certificate Enrollment Web Service
Certification Authority Web Enrollment

Once all the Roles are installed, give the CA Server a reboot. Next we will Configure a Role for IIS to do the Enrollment via Web Service using Basic Authentication.

Open up server manager, add the required feature under IIS.

Basic Authentication

After you have installed all the required roles above, next we will enable Basic Authentication under IIS

Navigate to Sites -> Default Web Site -> CertSrv
Under IIS, double-click Authentication.
On the Authentication page, right-click Basic Authentication and click Enable.
In the navigation pane, select Default Web Site.
In the Actions pane, under Manage Website, click Restart for the changes to take effect.

After you have enabled the Basic Authentication, we will need to ensure that the CA Server Web Enrollment has a CA Signed Certificate with the FQDN, IP in its SANs (Subject Alternative Name). The SDDC Manager requires a secure connection between the appliance and the certificate authority.

This walk through will not cover how to create a Web Server Certificate for your CA IIS Site Binding, assuming you already have it configured.

Right Click -> Default Web Site -> https 443 Binding -> Attach the new certificate for the CA Server Web Enrollment.

After all the perquisites are done we will configure a Template for SDDC Manager to utilize.

Clone the Web Server Template and we will configure it:

Configure name for the template, I used VMware SDDC

Click Start Run, enter certtmpl.msc, and click OK.
In the Certificate Template window, under Template Display Name, right-click Web Server and select Duplicate Template.
In the Properties of New Template dialog box, click the Compatibility tab and configure the following values.

For the VMware SDDC Template – I configured 2 years, and the Template Display Name – VMware SDDC

Setting	Value
Certification Authority	Windows Server 2008 R2
Certificate recipient	Windows 7 / Server 2008 R2

In the Properties of VMware SDDC Template dialog box, click Extensions tab and configure the option below:

Click Application Policies and click Edit
Click Server Authentication, click Remove, and click OK.
Click Basic Constraints and click Edit.
Click the Enable this extension check box and click OK.
Click Key Usage and click Edit.
Click the Signature is proof of origin / nonrepudiation check box, leave the defaults for other options and OK.

Start up Run, enter certsrv.msc, and click OK
In the Certification Authority, in the left pane, right-click Certificate Templates, and select New Certificate Template to Issue.
In the Enable Certificate Templates dialog box, select VMware SDDC, and click OK.

Permissions

Before you can start using your new template that you created, next we will need to add permissions to the following VMware SDDC Template for the service account to utilize, my service account is [email protected]

Setting	Value
Full Control	Deselected
Read	Deselected
Write	Selected
Enroll	Selected
Autoenro;;	Deselected

Below we will configure the Microsoft CA and provide your FQDN that is for your Certificate Authority. I created a A record in my DNS for certs.virtualbytes.io and created a CA signed certificate for it for SDDC to accept it.

Once you have configure everything your SDDC Manager is now able to create CSRs, Certs and assign them to the products within VCF!

February 18, 2025 0 comments 362 views

VMware Cloud Foundation

VMware Cloud Foundation – Memory Tiering: Optimizing Memory Utilization for Enhanced Performance

by Tommy Grot February 5, 2025

written by Tommy Grot 4 minutes read

In the ever-evolving landscape of virtualization, efficient memory management is crucial to ensuring optimal performance and resource utilization. VMware ESXi, a powerful hypervisor, introduces an innovative feature called Memory Tiering that revolutionizes how virtual machines (VMs) interact with system memory. This blog post delves into the intricacies of ESXi Memory Tiering, exploring its benefits, implementation, and real-world impact on data center operations.

NVMe PCIe Storage and Memory Tiering

High-Speed Interface: NVMe PCIe is a high-speed, low-latency storage interface designed for SSDs (Solid-State Drives). It provides significantly faster data transfer rates compared to traditional SATA-based SSDs.
Direct Access to Memory: When combined with Memory Tiering, NVMe storage allows direct access to the host’s system memory (RAM) over the PCIe bus. This bypasses the traditional storage controller, resulting in even lower latency and higher throughput for memory operations.
Performance Benefits: With NVMe, the slower tier of memory (e.g., SSDs or persistent memory) can still offer decent performance. This is because NVMe SSDs have much faster read/write speeds, enabling quicker movement of pages between tiers.

Why NVMe Matters for Memory Tiering

Reduced Latency: Lower latency access to storage means faster page movement and improved overall system responsiveness, which are crucial for time-sensitive applications.
High Throughput: NVMe SSDs offer higher data transfer rates, enabling efficient handling of large memory pages and bulk data transfers during VM operations.
Cost-Effectiveness: By utilizing NVMe storage in the slower tiers, organizations can achieve cost savings while maintaining high performance for critical workloads.

Best Practices

Storage Configuration: Ensure that the ESXi host has the necessary PCIe slots and support for NVMe devices. Properly configure the storage to align with memory tier requirements.
Performance Monitoring: Continuously monitor VM performance and memory utilization to fine-tune Memory Tiering policies and ensure optimal page placement.
Hardware Compatibility: Verify that all hardware components, including memory modules, storage drives, and PCIe cards, are compatible with NVMe to avoid performance bottlenecks.

The integration of NVMe PCIe storage enhances VMware ESXi Memory Tiering’s capabilities, making it a powerful solution for data centers seeking to maximize memory utilization and application performance.

How To Configure Memory Tiering:

SSH into Each ESXi Host, If you ESXi Hosts are managed by VCF/SDDC Manager, you will need to lookup the password in SDDC Manager.

Enable Memory Tiering with the command below, if you want to revert and disable it set it back to FALSE and put it in maintenance mode / reboot the host.

esxcli system settings kernel set -s MemoryTiering -v TRUE

Choose the NVMe device to use as tiered memory and note the NVMe device path (i.e. /vmfs/devices/disks/).

Locate the NVMe Disk which mine is below as an example

esxcli system tierdevice create -d /vmfs/devices/disks/t10.NVMe____INTEL_SSDPED1D280GAH____________________000142FC3BE4D25C

Create the tier partition on the NVMe device. esxcli system tierdevice create -d /vmfs/devices/disks/

esxcli system settings advanced set -o /Mem/TierNvmePct -i 200

Go to -> Configure under the host -> Advanced System Settings – Filter For Mem.TierNvmePct

This is where you will set the percentage of NVMe will be set for its ratio configure that specific host

Configuring the DRAM to NVMe Ratio

As noted in the NVMe Device Recommendations section, by default, hosts are configured to
use a DRAM to NVMe ratio of 4:1. This can be configured per host to evaluate performance
when using different ratios.
The host advanced setting for Mem.TierNvmePct sets the amount of NVMe to be used as
tiered memory using a percentage equivalent of the total amount of DRAM. A host reboot is
required for any changes to this setting to take effect.
For example, setting a value to 25 would configure using an amount of NVMe as tiered memory
that is equivalent to 25% of the total amount of DRAM. This is known as the DRAM to NVMe
ratio of 4:1. A host with 1 TB of DRAM would use 256 GB of NVMe as tiered memory.
Another example, setting this value to 50 would configure using an amount of NVMe as tiered
memory that is equivalent to 50% of the total amount of DRAM. This is known as the DRAM to
NVMe ratio of 2:1. A host with 1 TB of DRAM would use 512 GB of NVMe as tiered memory.
One last example, setting this value to 100 would configure using an amount of NVMe as tiered
memory that is equivalent to 100% of the total amount of DRAM. This is known as the DRAM to
NVMe ratio of 1:1. A host with 1 TB of DRAM would use 1 TB of NVMe as tiered memory.
It is recommended that the amount of NVMe configured as tiered memory does not exceed the
total amount of DRAM.

Reference – https://knowledge.broadcom.com/external/article/311934/using-the-memory-tiering-over-nvme-featu.html

February 5, 2025 0 comments 458 views

VMware Cloud Foundation

VMware Cloud Director 10.6.1: Taking Cloud Management to New Heights

by Tommy Grot February 5, 2025

written by Tommy Grot 7 minutes read

VMware has just released an exciting update Cloud Director 10.6.1—to revolutionize how we manage our cloud infrastructure. This new version is packed with powerful features designed to make IT professionals’ lives easier and their cloud services more efficient.

Cloud Director 10.6.1 offers a range of improvements, from simplifying complex tasks to providing advanced analytics. It’s all about making cloud management more accessible and effective. With this release, VMware aims to help organizations handle their hybrid cloud environments like never before.

In the following blog post, we’ll break down the exciting new features and explain how they can benefit you. Get ready to discover a streamlined approach to cloud infrastructure management!

Information from VMware’s Site Below:

Cloud computing is constantly evolving, and VMware Cloud Director (VCD) keeps advancing with new updates that strengthen security, streamline resource management, and give users greater control. VMware by Broadcom is thrilled to announce that VMware Cloud Director 10.6.1 is now available as part of the VCF (VMware Cloud Foundation) offering, starting January 31st, 2025.

Smarter VM Placement with Guest OS Awareness

Now, you can easily place virtual machines (VMs) on specific hosts or clusters based on their guest operating system. With this feature, system administrators can define VM Groups for specific OS types ensuring proper placement and compliance across all tenants. This also helps organizations stay aligned with Microsoft and other vendor licensing requirements, simplifying compliance while optimizing resource management.

Use case:

Automatic enforcement ensures that VMs are always placed in their designated groups.
Seamless reconfiguration means existing VMs will adopt this placement rule the next time they undergo a reconfiguration, such as a power cycle or VM edit.

This feature enhances workload distribution and simplifies multi-tenant management, giving you greater control over VM performance and security.

Take Control of API Token Security

Security is crucial and VCD now includes the ability to force API token expiration. If a token needs to be revoked immediately—whether due to security concerns or administrative changes—administrators can now invalidate it instantly. This provides a proactive approach to managing API access and securing cloud environments.

Use case:

Instant access revocation for better security governance.
More control for administrators over authentication and access management.

Flexible IP Retention for Sub-Providers & Managed Organizations

Managing IP addresses has never been easier! VMware Cloud Director now allows custom IP retention periods at both the sub-provider and managed organization levels. This means IP addresses can be retained even when VMs are deleted or NICs are removed—regardless of whether they were assigned via Static Pool, Static Manual, or DHCP.

Use case:

Customizable IP retention ensures continuity and minimizes reallocation efforts.
Metadata-based configuration allows admins to define retention periods tailored to organizational needs.
Leverages the Manual Reservation API to preserve IPs for seamless redeployment.

No more lost IPs or unnecessary reconfigurations—just streamlined network management.

Gateway Firewall Enforcement

This update introduces the ability to explicitly activate or deactivate gateway firewall enforcement which is natively integrated within the VCF stack, with full visibility of enforcement status across T1 and T0 firewalls. Tenant and Sub-Tenant administrators both can view and override default settings, ensuring security configurations align with organizational policies.

Use case:

Full transparency into firewall enforcement status.
Administrative control to enable or disable enforcement as needed.

Stateful Firewall Access & Edge Cluster Configuration

Provider administrators now have improved control over the stateful firewall service, which is natively integrated within the VCF stack. With this update, they can restrict tenants from adding stateful firewall rules on T1, T0, and vApps unless the ANS security stack is entitled. Additionally, a new configuration option on edge clusters allows providers to enable or disable stateful firewalls as needed.

Use case:

Granular control over firewall rules ensures security compliance.
Edge cluster configuration adds another layer of flexibility in managing network security.

Custom Segment Profiles – Now Shareable!

Service providers can now share custom segment profiles with tenant organizations, making it easier to standardize networking policies across multiple tenants.

Use case:

Improved collaboration between providers and tenants.
Consistent networking configurations across multiple organizations.

IPv6 Transparent Load Balancing – It’s Back!

Support for IPv6 and VMware Avi Load Balancer Transparent Load Balancing is back! Pool members can now view the client’s source IP, enhancing visibility and network efficiency. To enable this feature, VMware Avi Load Balancer must be integrated with VMware Cloud Director.

Use case:

Seamless IPv6 support for modern networking needs.
Enhanced load balancing with transparent traffic routing.

This VMware Cloud Director update is all about greater control, improved security, and enhanced networking capabilities. Whether you’re optimizing VM placement, tightening API security, or refining firewall enforcement, these changes empower cloud providers and tenants alike.

Other Enhancements

Fixed Update Custom Task API – No more double execution issues. The API now works correctly on the first attempt.
Resolved All Virtual Data Centers View Issues – Admins can now seamlessly navigate the view without encountering errors.
Removed NSX MP API References – Say goodbye to outdated NSX MP API references for a more streamlined experience.

This VMware Cloud Director update is all about better control, improved security, and enhanced networking capabilities. Whether you’re optimizing VM placement, tightening API security, or refining firewall enforcement, these changes give more control to both cloud providers and tenants.

Reference for info above: https://blogs.vmware.com/cloudprovider/2025/02/vmware-cloud-director-10-6-1-is-here-whats-new.html

Upgrade Procedure

Before we start the upgrade, lets ensure we have the following:

Take Disk Level Snapshots of all VCD Appliances
Take Backup of VCD via VAMI
Downloaded Bits from Broadcom’s Support Portal

My Current Version:

3. Upload the VMware_Cloud_Director_10.6.1.11753-24532678_update.tar.gz into the VCD appliance.

Once the update file is uploaded, SSH into the first VCD Cell appliance.

After you will need to SSH into all appliances – and you will shutdown VMware Cloud Director by running the command below:

/opt/vmware/vcloud-director/bin/cell-management-tool -u administrator cell --shutdown

Note: It is required to upgrade the primary VCD appliance first!

4. Lets start upgrading VCD 10.6.1 on the first appliance. Below we will un tar the Update package into the /tmp/local-update-package directory.

5. Let Extract the update files into the directory we created above.

tar -zxf VMware_Cloud_Director_10.6.1.11753-24532678_update.tar.gz \-C /tmp/local-update-package/

6. Now that the update package has been unzipped we will set the local-update-package be the update directory.

vamicli	update --repo file:///tmp/local-update-package

7. Using the vamicli update –check we will check the repo for the newest upgrade of VCD.

vamicli update --check

Before we start the upgrade, it is important to take a backup of the VCD Appliances, log into each VCD Node via VAMI https://IP_Address:5480 and go to Backup and take a backup.

vamicli update --install latest

Now that the primary appliance is upgrade, repeat the steps above to the other appliances that need, steps 3 through 7.

After the other VCD appliances have the upgrade staged and updated now go back to the primary appliance and execute the upgrade utility.

/opt/vmware/vcloud-director/bin/upgrade

Follow the prompts from the upgrade utility, it will ask if you are ready for the upgrade and if you have taken a backup.

Once the first appliance is upgraded, then repeat the upgrade process above for the additional VCD appliances.

After the upgrade is complete, lets reboot the full appliance so for this option do No (N)

We have successfully upgraded VMware Cloud Director to 10.6.1!

Troubleshooting After Upgrade

I logged into my VCD, first thing I noticed is that I kept getting this error:
invoke : vmware.solution-addon-landing-zone-1.2.0-24052750-default – urn:vcloud:entity:vmware:solutions_add_on_instance:49a00e79-c73d-49be-b990-fbcfa9d8de5b.

Then i started looking into the issue and it was related to certificates that were expired or needed to be reapplied. After I added the new certificate the issue went away.

Go to Certificates Library and remove any expired certs and replace them with up-to-date ones.

Also update the Public Addresses Certificate with the same one you uploaded into the Certificates Library if you are using a Wildcard Cert or Multiple SANs within the certificate.

Once you have all the certificates updated and cleaned up, the Task will be running automatically and here it will look like this below:

Issue Fixed!

February 5, 2025 0 comments 682 views

Omnissa Horizon

Omnissa Horizon Upgrade 2406 to 2412

by Tommy Grot January 29, 2025

written by Tommy Grot 2 minutes read

Omnissa Horizon has established itself as a leading solution for Virtual Desktop Infrastructure (VDI) and Desktop-as-a-Service (DaaS) environments. Building on the success of its predecessor, the Horizon 2406, we are excited to announce the release of the Horizon 2412 upgrade. This latest iteration offers a range of enhancements designed to further improve performance, scalability, and manageability for organizations leveraging VDI and DaaS solutions. With advanced features and improved capabilities, the Omnissa Horizon 2412 is poised to deliver even greater value to users, administrators, and IT professionals alike

Lets Upgrade!

Take a Snapshot of your Horizon Connection Server

Copy the Omnissa-Horizon-Connection-Server-x86_64-2412-8.14.0-12990578933.exe to your Horizon Connection Server.

Next ->

Your preference to join the CEIP -> Next

Install!

Follow up on the New Documentation site on Omnissa’s Site

New Look! For the Admin Login, really clean and streamlined and snappy interface I must say!

Now, that the Horizon Connection server is upgraded, we will now upgrade the Agent on our Image for our Pool, if you have a non-persistent image then you will need to unpack your template and update the gold image, but for my deployment I have persistent so I updated the VM it self.

Agent Upgrade

Next ->

Depending on your Deployment I would stick with IPv4 if you do not have IPv6 Routing capabilities.

Select your features you want enable on the Image.

Install!

Now we will re-deploy my Unified Access Gateway with the same IP address and configuration as my old 2406, but before turning off and removing the old UAG I exported my json file of my configuration to re-import it into the new 2412 UAG.

Now we will Import the settings, so when you import the json file you will need to also re-import your certificate file, mine is a PFX and reapply it because after the import and reboot of the Horizon Connection and UAG I kept running into this error, and it was due to that the certificate was not imported within the json file and it needed a re-import. After reboot and all I was able to login!

Really nice and clean UI of the new Horizon 2412 Upgrade!

January 29, 2025 0 comments 1.1K views

VMware Cloud Foundation

VMware Cloud Foundation 5.2.1.1

by Tommy Grot December 18, 2024

written by Tommy Grot 2 minutes read

VMware Cloud Foundation 5.2.1.1 Release Information

VMware Cloud Foundation 5.2.1.1 includes bug fixes and a new version of SDDC Manager.

You can upgrade to VMware Cloud Foundation 5.2.1.1 from VMware Cloud Foundation 5.2 or later.

Upgrading from 5.2.1:

SDDC Manager is the only component that requires an upgrade. See Independent SDDC Manager Upgrade using the SDDC Manager UI.

Upgrading from 5.2:

See Flexible BOM Upgrade in VMware Cloud Foundation. When selecting the target version for SDDC Manager choose the version listed in the BOM update table below.

Known issues:

In order to upgrade from 5.2 to 5.2.1.1, you must download the bundles for both SDDC Manager 5.2.1.0 and SDDC Manager 5.2.1.1.
The Bundle Management window in the SDDC Manager UI displays “VMware Cloud Foundation Update 5.2.1.0” instead of “VMware Cloud Foundation Update 5.2.1.1” for the 5.2.1.1 bundle. The description of the bundle correctly describes it as the upgrade bundle for 5.2.1.1. This is a cosmetic issue only and does not impact the upgrade.

VMware Cloud Foundation 5.2.1.1 contains the following BOM updates:

Software Component	Version	Date	Build Number
SDDC Manager	5.2.1.1	05 DEC 2024	24397777

Resolved Issues

The following issues are resolved in this release:

VMware Cloud Foundation 5.2 does not support the “License Now” option for vSAN add-on licenses based on capacity per tebibyte (TiB).
Remove unresponsive ESXi Host fails when SDDC Manager certificate does not have subject alternative name.

Upgrade Process

Take a snapshot or have a backup of SDDC Manager if anything goes wrong.

Update is downloading, should be ready within 10 minutes

Now that the upgrade is staged and the bundle has been automatically ingested you can start the upgrade!

The whole upgrade took – 20 minutes 22 seconds

Once your SDDC Manager is upgrade you may proceed to NSX and ESXi upgrades for this release, which the same upgrade process exists in my other blog posts.

December 18, 2024 0 comments 1.2K views

Newer Posts

Older Posts