Sunday, March 26, 2017

New vSphere 6.0 Version Release this week!

VMware Releases vCenter Server 6.0 Update 3a 


Here's What's New in this release:

What's New

The vCenter Server 6.0 Update 3a release addresses an Apache Struts security vulnerability documented in the Resolved Issues section listed here:

Resolved Issues

  • Update to Apache Struts
    Apache Struts is updated to version 2.3.32 to resolve CVE-2017-5638.

The rest of the detail can be found in the Release Notes: Here

===============================================================

If you missed what vSphere 6.0 Update 3 included here's the What's New from it:

What's New

  • Support for Transport Layer Security (TLS) protocol: Support for TLSv 1.0, TLSv 1.1, and TLSv 1.2 are enabled by default and configurable for vCenter Server 6.0 Update 3.
    • VMware Syslog Collector on vCenter Server Appliance supports TLSv1.0 only.
    • To configure TLSv 1.0, TLSv 1.1and TLSv 1.2, see KB 2148819.
    • For VMware products supported for TLSv1.0 disablement and the use of TLSv1.1, TLSv1.2, see KB 2145796.
    • Download the TLS configuration script from the Product Download page
    • For known issues related to the TLS protocol, see KB 2148819.
  • External database support: vCenter Server now supports the Microsoft SQL Server 2012 Service Pack 3.

  • Changes in command-line templates and strings: Updates to command-line interface templates and strings. For information about the changes in the CLI installer, see VMware vCenter Server Appliance 6.0 Update 3 CLI Installer Changelog. For information about deploying and upgrading the vCenter Server Appliance, read the Command-Line Deployment and Upgrade of the VMware vCenter Server Appliance.

  • Windows to Linux migration support: With installation and upgrade, migration from vCenter Server Windows 5.5.x to vCenter Server Appliance 6.0 Update 3 is supported. Read the vSphere Migration documentation for more information on migrating VMware vCenter Server to vCenter Server Appliance.

  • Updates to time zones in the Linux guest operating system customization: vCenter Server Linux guest operating system customization supports latest time zones. For more information on time zone changes and daylight saving time (DST) changes in Linux guest operating systems, see the Time Zone Database by Internet Assigned Numbers Authority (IANA).

  • Updates to time zones in the Windows guest operating system customization: vCenter Server Windows guest operating systems customization supports the latest time zones. For more information on time zone changes and daylight saving time (DST) changes in Windows guest operating systems, see the Microsoft Knowledge Base article 3162835.

  • Platform Services Controller: Platform Services Controller of vCenter Server Appliance is installed with 4 GB of memory by default, for fresh install and while upgrading from 5.5.x to 6.0 Update 3.

  • Transmission Control Protocol (TCP) over User Datagram Protocol (UDP) for Kerberos operations: For improved performance, use Transmission Control Protocol (TCP) over User Datagram Protocol (UDP) for Kerberos operations when it is a part of the Active Directory. To enable this feature, leave and join a domain for a minor update:
    1. Update your setup to 6.0 Update 3
    2. Leave and join a domain so that udp_preference_limit entry appears in /etc/krb5.conf
    Note: It is applicable for vCenter Server Appliance only. The current setting may remain functional if no operation is performed.
  • Resolved Issues: This release of vCenter Server 6.0 Update 3 addresses issues that are documented in the Resolved Issues section.
The rest of the detail can be found in the Release Notes: Here

Please comment on adoption of these updates...

Friday, March 17, 2017

NEW VC, vSphere Client & VDP Version Releases this week from VMware!!

Well, not only has this week seen the belated by one month Patch Tuesday by Microsoft, VMware followed suit with two releases themselves...

VMware vCenter Server Release 6.5b

Updated on: 14 March 2017
vCenter Server 6.5.0b | 14 MARCH 2017 | ISO Build 5178943
vCenter Server Appliance 6.5.0b | 14 MARCH 2017 | ISO Build 5178943
vCenter Server 6.5.0b on Windows | 14 MARCH 2017 | ISO Build 5178943

http://pubs.vmware.com/Release_Notes/en/vsphere/65/vsphere-vcenter-server-650b-release-notes.html

You can use the link to see everything, but here's What's New:
This release of vCenter Server 6.5.0b delivers a number of bug fixes that have been documented in the Resolved Issues section.
  • Updates to time zones in the Linux Guest Operating System customization. vCenter Server Linux guest operating system customization supports latest time zones. For more information on time zone changes and daylight saving time (DST) changes in Linux guest operating systems, see the Time Zone Database by Internet Assigned Numbers Authority (IANA).
  • Updates to time zones in the Windows Guest Operating System customization. vCenter Server Windows guest operating systems customization supports the latest time zones. For more information on time zone changes and daylight saving time (DST) changes in Windows guest operating systems, see the Microsoft Knowledge Base article 3162835.
  • Updates to JRE package. The Oracle (Sun) JRE package is updated to version 1.8.0_121 to support Turkish timezone.
  • Additional functionality to the vSphere Client. This release delivers additional functionality to the HTML5-based vSphere Client. For more information, see Functionality Updates for the vSphere Client.
Here's more detail on the Updates to the vSphere Sphere Client in VC 6.5b:

First vSphere Client (HTML5) update debuts in VC 6.5b


https://blogs.vmware.com/vsphere/2017/03/first-vsphere-client-html5-update-vsphere-6-5-b.html

New Features – Huge Jump

The online documentation for vSphere 6.5.0b is the best source for detailed documentation on what functionality is now available (http://pubs.vmware.com/Release_Notes/en/vsphere/65/vsphere-client-65-html5-functionality-support.html), but for comparison sake, the bits are just after Fling v3.2, plus a few minor things. The only notable addition beyond v3.2 is the “Accept License” page on OVF deploy, which we specifically pushed into this patch to enable OVF deploy.
This is the list of some of the additional functionality included. Note, some of these features are presented in a partially complete manner. For example, OVF deploy in 6.5.0b will only support URL deployment (no local file). The plan is to fill out all of these features, but the more feedback we get from you regarding what is most important will help us deliver faster.
  • OVF Deploy
  • Deploy VM from Content Library
  • Drag and Drop
  • VM conversion to/from templates
  • Actions on multiple VMs
  • Register VMs
  • SDRS management
  • Dashboard
  • Advanced network operations – Distribute switch, Port group creation
  • Datastore create, mount and unmount
  • Storage overview
  • Host configuration (PCI Passthrough)
  • Host profiles compliance monitoring
  • Roles and permissions
  • Create Tags and categories
Some of these flows may have had minor tweaks to make them easier to use and learn. If you have feedback about any of the new behavior, or missing portions of features, of course let us know using the integrated feedback tool by clicking on the smiley face in the upper righthand corner.

vSphere Data Protection Release 6.1.4 (VDP)


http://pubs.vmware.com/Release_Notes/en/vdp/61/data-protection-614-release-notes.html#fixedproblems

List of fixed problems:

Fixed Problems

The following table lists the problems that have been fixed in this release of vSphere Data Protection:
Defect NumberDescription
265470When you perform an FLR, and you browse for a virtual machine, the vSphere Data Protection GUI displays a misleading error.
268134A replication recovery job that runs on a target vSphere Data Protection appliance publishes the task by specifying the source server as unknown.
274652Tivoli Java Collections Library is vulnerable that enables exploitation of port 7778 by running a command on a remote client.
Fix common vulnerabilities and exposures (CVEs) that are found in third-party libraries by updating vSphere Data Protection appliance with Avamar OS rollup version Q4 2016.
On vSphere Data Protection appliance, update the Java runtime binaries version to 8u121.
Provide support for vCenter Server 6.0 U3.
On vSphere Data Protection appliance, enable TLS 1.2.
Fix the error, System accounting is not in use: System accounting not found in /etc/cron.d/sysstat.

Friday, March 10, 2017

Failed to Deploy OVF package

Failed to deploy package: File ds:///vmfs/volumes/UUID/_deviceImage-0.iso was not found


While working on setup for a Custom version of our Exchange 2013/2016 Ultimate Bootcamp today, I came across a problem which is not new, but was new to me.

A colleague had saved some VMs to OVA format for deployment in a Master vApp.  As I went to deploy them, I received the following error message:


After doing some research, I came across a couple of articles.  Neither gave me what I needed, but through combining bits and experimenting, I found a solution.

PROBLEM: 

   The VMs had ISOs attached to their CD-ROMs when the were exported to OVA format.
   The OVF file inside the OVA package has information about the attached ISO.

 

SOLUTION:

  1. Uncompressed the OVA file using either TAR on Linux/ESXi or 7-Zip on Windows.
  2. Located the OVF file which contains the configuration of the VM to deploy.


      
  3. In the VMname.OVF file, I searched for “vmware.cdrom.iso
  4. I replaced vmware.cdrom.iso with vmware.cdrom.remotepassthrough and saved the file.

  5. Calculated a new SHA1 hash for the updated VMname.OVF file using HashMyFiles (Download here: http://www.nirsoft.net/utils/hash_my_files.html)

  6. Edited the VMname.mf file and replaced the SHA1 hash for the VMname.ovf with the new one & saved the file.

       
     
  7. Deployed a new VM using the OVF file.
  8. Optionally you could repackage the OVF to an OVA using either OVFTool or TAR in a host.
    tar cvf VMname.ova VMname.ovf
    tar uvf VMname.ova *.mf *.vmdk

Another option would be to simply delete the MF file.  vSphere deployment of the OVF then wouldn't do a hash check at all and the install will complete as expected.  Your choice!

Wednesday, March 1, 2017

Restart VCSA 6.5 Install at Stage 2

Problem: For whatever reason, your install of, migration to or upgrade to VCSA 6.5 stops after completing Stage 1


While teaching class today, I had a student ask if they could restart their VCSA 6.5 installation after Stage 1.  I wasn't sure, so I did some research.

It turns out you can restart at Stage 2. 

All you need to do is access the new VCSA VM created in Stage 1 with:
 https://<VCSA_IP_or_FQDN>:5480
which will redirect to:
 https://<VCSA_IP_or_FQDN:5480/#/installer?locale=en

You will then be presented with the following screen.  Simply click on the appropriate choice to continue...


One reason a Stage 2 pre-upgrade check error may occur is if your source vCenter manages the cluster where you're deploying the new vCenter Server Appliance 6.5, you should specify an ESXi host on the following screen: