vCenter Server 7.0.0b

VMware vCenter Server 7.0.0b

VMware released a new vCenter Server version: 7.0.0b, 7.0.0.10400, build 16386292. In this article I cover the resolved issues and I show how easy is to update from the previous version of vCenter Server 7.0.0 to the latest 7.0.0b.

In case you are looking for an upgrade demonstration from vCenter Server 6.7 to vCenter Server 7.0.0, you can check my other article: How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1.

If you want to install vCenter 7.0.0, please check How to Install VMware vSphere 7.0.

vCenter Server 7.0.0b – Resolved Issues

vCenter Server 7.0.0b introduces two new features:

  • It adds a Replication State Change alarm to the vCenter Server Appliance that displays when a replication state changes to READ_ONLY.
  • You can use the Show only rollup updates toggle button to filter and select patches that you want to include in a baseline when using the vSphere Lifecycle Manager.

This release of vCenter Server delivers the following patch:

  • VMware-vCenter-Server-Appliance-7.0.0.10400-16386292-patch-FP.iso
Read More
vCenter Server 7.0.0a

VMware vCenter Server 7.0.0a

VMware released a new vCenter Server version: 7.0.0a, 7.0.0.10300, build 16189094. In this article I cover the resolved issues and I show how easy is to update from the previous version of vCenter Server 7.0.0 to the latest 7.0.0a. I also include few images with the new update notification features from vSphere Client.

In case you are looking for an upgrade demonstration from vCenter Server 6.7 to vCenter Server 7.0.0, you can check my other article: How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1.

vCenter Server 7.0.0a – Resolved Issues

This release of vCenter Server 7.0.0a delivers the following patch:

  • Patch for VMware vCenter Server Appliance 7.0.0a (VMware-vCenter-Server-Appliance-7.0.0.10300-16189094-patch-FP.iso)

The patch resolves a vSAN issue: vSphere Lifecycle Manager and vSAN File Services cannot be simultaneously enabled on a vSAN cluster. With vCenter Server 7.0.0a you can enable both vSAN File Services and vSphere Lifecycle Manager at the same time on a cluster.

Upgrade from vCenter Server 6.7 Update 3g to vCenter Server 7.0.0a is not supported. Upgrade is supported though from older versions of vCenter Server 6.7. You can check KB67077 for the upgrade matrix.

Read More
Install vSphere 7.0

How to Install VMware vSphere 7.0

In this article I will show you how to install VMware vSphere 7.0. If you are looking for instructions about how to install the older version vSphere 6.7, you can find them here.

To begin with, you need an installation iso for vSphere 7.0, which you can download from your My.VMware account. I downloaded VMware-VMvisor-Installer-7.0.0-15843807.x86_64.iso (vSphere 7.0 build 15843807). I will install vSphere into a virtual machine (don’t do this in production, this is a configuration unsupported by VMware, but often seen in home labs), so I will just mount the iso file into the CD drive and power on the VM.

Install VMware vSphere 7.0

As soon as the VM boots, you will see a “Loading ESXi installer” screen:

Install vSphere 7.0 - Loading ESXi installer
Read More
VMware Security Advisory

VMSA-2020-0009 – VMware vRealize Operations Manager Vulnerability

Updated on 16 May 2020 with fixed versions of vRealize Operations.

VMware has released a new security advisory VMSA-2020-0009: VMware vRealize Operations Manager addresses Authentication Bypass and Directory Traversal vulnerabilities.

Two vulnerabilities were disclosed in Salt, an open source project by SaltStack, which is used by VMware vRealize Operations Manager. This advisory documents the remediation of one critical and one important issues. The Application Remote Collector (ARC) introduced with vRealize Operations Manager 7.5 utilizes Salt and as such presents two vulnerabilities, one authentication bypass and one directory traversal.

The Common Vulnerabilities and Exposures project has assigned the identifiers CVE-2020-11651 to the authentication bypass vulnerability and CVE-2020-11652 to the directory traversal.

A malicious actor with network access to port 4505 or 4506 on the ARC may take control of the ARC and any Virtual Machines the ARC may have deployed a Telegraf agent to. For the second vulnerability, a malicious actor with network access to port 4505 or 4506 on the ARC may access the entirety of the ARC filesystem.

Read More
Configure vRealize Orchestrator 8.1

How to Configure vRealize Orchestrator 8.1

In a previous article I documented steps required to install the latest VMware vRealize Orchestrator 8.1. After vRO deployment, you have to go through the initial configuration of the application. In this article I will show you how to configure a standalone vRealize Orchestrator 8.1 with vSphere authentication.

By default the password expiry of the root account of the vRealize Orchestrator Appliance is set to 365 days. If you choose to extend the expiration period, you can do that opening a SSH connection to the vRO appliance and running this command:

passwd -x number_of_days_to_expire root

Configure vRealize Orchestrator - Change Password Expiration Policy

While you are connected to the SSH, you can also run a check for proper DNS resolution, forward and reverse:

nslookup vro_FQDN

nslookup vro_IP_address

Configure vRealize Orchestrator - Check DNS Resolution
Read More
vRealize Orchestrator 8.1

How to Install VMware vRealize Orchestrator 8.1

In this article I will demonstrate how to install VMware vRealize Orchestrator 8.1 step by step. This is the latest vRO version to date, released only days ago. You can read more details about the changes in vRO 8.1 in one of my previous articles: VMware vRealize Orchestrator 8.1.

First step is to download the required OVA file: O11N_VA-8.1.0.9326-15995344_OVF10.ova. Make sure DNS resolution for your future vRO appliance works, both forward and reverse (hostname and IP address). You can then proceed to deploy the appliance from your vCenter Server (minimum vCenter Server version is 6.0, although that is already an unsupported version by VMware, and I hope you are at least on version 6.5, if not on 7.0).

Read More
vRealize Orchestrator 8.1

VMware vRealize Orchestrator 8.1

Few days ago, VMware released the latest version of their orchestration application, vRealize Orchestrator 8.1 (O11N_VA-8.1.0.9326-15995344_OVF10.ova, build version 15995344).

A little bit of my history with vRO: after playing with versions 5 to early 7 for few years, I took a pause in using Orchestrator. At the beginning of this year, I accepted the challenge to co-run a VMUG presentation on Orchestrator and I tried one of the first version 8 releases. I have to admit I missed few things from my old vRO days. Among them, the new HTML client felt a little strange with the biggest changes being the missing tree view or the removal of visual binding. I think VMware is on a good track now with this product, and 8.1 looks promising 🙂

Read More
PowerCLI 12.0.0

VMware PowerCLI 12.0.0

VMware released a new PowerCLI version, version 12.0.0. I will cover in this article the improvements brought by PowerCLI 12.0.0 and the easy installation process on both Windows and Linux. For full documentation on this version of PowerCLI you can check the code.vmware.com page.

PowerCLI 12.0.0 Changes

New features:

  • New module: VMware.VimAutomation.WorkloadManagement -provides cmdlets for managing namespace lifecycle and policy for Project Pacific.
  • New module: VMware.CloudServices – provides cmdlets for managing VMware Cloud Services.
Read More
VMware vCenter Server 6.7 Update 3f

VMware vCenter Server 6.7 Update 3f

VMware released a new vCenter Server version: 6.7 Update 3f, 6.7.0.43000, build 15976714. In this article I will cover the resolved issues and I will show how easy is to update from a previous version of vCenter Server 6.7 to VMware vCenter Server 6.7 Update 3f.

In case you are looking for a plain installation of vCenter Server 6.7, you can check my other article: How to Install VCSA 6.7 (VMware vCenter Server Appliance).

Resolved Issues

This release of vCenter Server 6.7 Update 3f delivers the following patch:

  • Security Patch for VMware vCenter Server 6.7 Update 3f (VMware-vCenter-Server-Appliance-6.7.0.43000-15976714-patch-FP.iso)

VMware vCenter Server 6.7 Update 3f resolves a critical security issue documented in security advisory VMSA-2020-0006: vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), may not correctly implement access controls. A malicious actor with network access to an affected vmdir deployment may be able to extract highly sensitive information which could be used to compromise vCenter Server or other services which are dependent upon vmdir for authentication.

Read More

How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 2

In a previous article (How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1) I walked through the first phase of the upgrade process for vCSA 7.0 – Deploy the OVA File of the new vCenter Server Appliance. In this article I will cover phase 2 of the vCenter upgrade – transfer the data and setup the newly deployed vCenter Server Appliance.

Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 2

In the last step of the phase 1, I was presented with the following screen:

Upgrade-vCenter-Server-Appliance-from-6.7-to-7.0-Deploy-VCSA-Completed
Read More