NSX CSM (Cloud Service Manager) CA Certificate

February 3, 2022 Chris Noon 0

I recently worked on a customer project where they replaced the NSX Manager certificate with a company-signed certificate using their own CA. This caused an issue when pairing the CSM with the NSX Manager, i.e. certificate error. This short blog post will run through the steps ran through to allow the CSM to peer with the NSX Manager. I understand this post won’t receive a lot of traffic, my hope is it helps someone in the future. The Procedure SSH to the CSM and login as root. Prepare your root CA cert in perm format and upload it to the CSM. On the CMS, get the JKS password from the following file: PASSWORD=`cat /config/http/.http_cert_pw` Add the root CA cert to […]

How the vExpert program impacted my life

January 12, 2022 Kim Bottu 0

When we look at the benefits of the vExpert program, it is logical that we look at the professional benefits first. After all, the program is mostly professional related. But what being a vExpert changed most to me is not the professional part, it is the personal part. The obvious benefit As with most people, I like to share information. On the one hand because I am proud I figured something out, on the other hand because I like to know that someone is using what I shared. It tastes like recognition and recognition tastes like candy to grownups. With that recognition come great jobs. Add the vExpert licenses, access to the vExpert Slack channels, access to the community at […]

Lets Talk About Protecting and Recovering VMs with #VCDR #vExpert

December 6, 2021 Bilal Ahmed 0

So now we have deployed and configured VCDR, now we can go into all the bits that allow you to protect your VMs and failover! Protection Groups So now we can get into the nitty-gritty of starting to create Protection Groups and Recovery Plans. This is the meat of it all, where you define what is going to be protected and how it should be recovered. As you can see you can define how VMs are added to the protection group by using Naming Patterns, Tags or VM Folders. In this example I have used vSphere Tags: In my vCenter you can see I have created a tag specifically for VCDR to use: Then we can look at the various […]

Avi Logo

NSX ALB (Advanced Load Balancer) Design

December 6, 2021 Chris Noon 0

I wrote three (3) blogs on Avi Load Balancing, now rebranded as VMware NSX ALB (Advanced Load Balancer). These were around the basic concepts, base configuration, and that configuration using API. https://vmusketeers.com/2020/05/09/avi-networks-the-advanced-nsx-load-balancer/ https://vmusketeers.com/2020/05/24/avi-networks-base-configuration/ https://vmusketeers.com/2020/06/19/avi-network-base-configuration-via-api/ I noticed it was difficult to find a single post that discusses the different types of design solutions. In this post, I want to discuss the design decisions when deploying an ALB solution and expand on my previous blogs. Management Components The management components in the ALB solution are the controllers. The controllers are what the users interact with that which pushes instructions to the data plane components. They can be deployed in one (1) of two (2) ways: Single Controller: A single controller is deployed […]

Let’s talk about configuring and deploying VMware Cloud Disaster Recovery #VCDR #vExpert

November 22, 2021 Bilal Ahmed 0

So, let’s talk about VCDR VMware Cloud Disaster Recovery. It was acquired from Datrium and I have some customers who are in the process of looking into it and deploying it. If you have ever used SRM, you will feel very at home with VCDR, as you will see as I explain it in more detail. I am a big fan of DR in general, I used to work for a BC/DR provider, and I lost count of the number of times people never tested their plans and were then surprised they didn’t work as they had hoped. I always used to say, you should be happy they failed now, imagine if this had been real and you couldn’t recover! […]

Automating HCX Cutover using PowerCLI #HCX #PowerCLI #vExpert

November 15, 2021 Bilal Ahmed 0

So I was provided with a script from my buddy Charlie at Tower Associates, and then myself and Dean Lewis edited it a bit to make it work alongside the scripts we had already produced in our previous posts. I’ve always been an advocate of doing the cutover manually. Cutting over 200 VMs or so in one go is daunting and lacks the control I would personally like. I like to be able to tell customers, ok we have cut over these 20 VMs for this app, please get them to test it, then when they are happy move to the next set. It is nice and controlled and instils confidence in the migration process. That is not to say […]

HCX DR Use Cases #HCX #DR #vExpert

November 8, 2021 Bilal Ahmed 0

*These are my own ramblings and nothing I say is officially supported by VMware!* So HCX does have a DR feature. It does not get talked about much, because at VMware if you are talking fully-fledged DR you will be looking into SRM and the new offering VCDR. The HCX DR service uses vSphere Replication (VR) under the hood in the same way, SRM can use vSphere Replication. The main difference is that the IX appliance in the service mesh is the vSphere Replication Manager. SRM does full-on DR orchestration, failing over VMs in a specific order, with recovery plans, HCX does not do any of that. When I have talked to GSS and some customers, I have discovered that […]

SDDC to SDDC Migrations #VMConAWS #HCX #Migrations

November 1, 2021 Bilal Ahmed 2

So I had a customer recently that had deployed a VMConAWS SDDC using a /23 subnet. This is fully supported, but they then ran into scalability issues as that subnet is limited to only allow 27 ESXi hosts. So now they wanted to scale beyond that but were stopped by this configuration limit. Now you can’t adjust that post-deployment, so this lead to a discussion about standing up a new SDDC and migrating to it or migrating into an existing SDDC that uses /20 subnet. Now there are 2 supported ways to do that using HCX and I am going to discuss both of them. I have 2 SDDCs : TF_TEST and SDDC-Jeff (great names I know!) Option 1: Deploy […]