Flash Player and VMware Management Consoles – What to do

Hi! Thanks for joining me back at this new post. We will be talking about what to do if you came up with the Flash Player End of Life and you are not ready for upgrading your infrastructure. If you are ready for upgrade, I have wrote down some tips on how to check VMware products upgrade path and compatibility matrix.

Most of you might noticed that when accesing some VMware mangement consoles (eg: vCenter, Horizon View, etc) that uses Flash, an icon like the one below will be shown because of Flash EOL on January 12, 2021 https://www.adobe.com/la/products/flashplayer/end-of-life.html

Internet Explorer:

Google Chrome:

What can we do to address this?

  • First and foremost, do not panic, it only affects your management console but not your virtual machines or services like Horizon. Everything will keep on working as it was before.

I have tested it on Internet Explorer and it worked like a charm.

Original file:

Modified file:

Gained acces again, Woho!

  • If you are not on a critical situation, plan you upgrade, check the product interoperability matrix and the upgrade path of each product you have on the same situation, or products related to the ones that you will need to upgrade.

The product interoperatibility matrix will tell you if a product is compatible with another one (eg: vCenter with Horizon, vCenter with NSX, etc).

The upgrade path will tell you which upgrades from version to version are supported, so you can plan if multiple upgrades are required to reach the desired state. Let’s suppose going from Horizon 6.2.9 to Horizon 8 (2012) you will need an intermediate upgrade to Horizon 7.13, and then Horizon 8 (2012)

Product Interoperatibility Matrix: https://www.vmware.com/resources/compatibility/sim/interop_matrix.php

Upgrade Path: https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#upgrade

How to use Product Interoperatibilit Matrix? It’s very easy. Just select at least two products (you can select more than one at “2. Add Platform/Solution”) and It will display if they are compatible or not.

If the products selected have a green check, good to go, plan the upgrade (check the upgrade path section too, it’s very important) and also plan a rollback just in case is needed (eg: backup, snapshots, etc). If you got into a failure open a support case with VMware https://www.vmware.com/support/file-sr.html
*You must have your support up to date to have support. Contact VMware or your Partner to renew it.

If a red line is displayed, do not try that combination of versions, its incompatible and the product might work in an unexpected and unsupported way.

If a grey line is displayed, they are not supported. You will have to find a combination that might work for you and the corresponding upgrade path if the products are linked in some way. A situation like this might be upgrading vCenter from 6.5 U2 to 7.0 U1 and NSX-V from 6.3.7 to 6.4.9. You will need to upgrade first NSX-V from 6.3.7 to 6.4.6, then vCenter from 6.5 U2 to 6.7 U3 (you can not jump directly to 7.0 U1 because NSX-V would not support it based on product interoperatibility matrix), then NSX-V from 6.4.6 to 6.4.9 and again vCentr from 6.7 U3 to 7.0 U1.

If you want me to write a more detailed post on how to plan a VMware upgrade just type in the comments section below.

Thanks for reading. See you on the next post =)

How to prepare a VMware Exam?

Hi everyone! This post will be focused on VMware exams how to check which ones are available, requirements, how to prepare and some other tips.

The following tips are the ones that were useful for me and I would appreciate if you can share your own experience in the comments section below.

You can go to this link to check all available exams https://www.vmware.com/education-services/certification.html

By the time of this post, there are 6 tracks alligned with different VMware products. Some of them are going to have certification and digital badges. There are 4 certification levels, VCTA, VCP, VCAP and VCDX. Keep in mind not all tracks include all the levels VCTA, VCP, VCAP and VCDX.

Once you’ve decided the track that you’re going to be evaluated on, you have to click on the selected track and then on the specific exam.

Once you click on the selected exam, you will be redirected to a web page where you will see the exam details like duration, number of questions, passing score and format.

Now that we know a few basics about the exams, we will step forward to the following tips.

Before the exam:

  • Check the exam code and download the blueprint from the exams detail webpage.
  • Check the blueprint sections and objectives. This is everything that you will need to cover before the exam. Start studying the objectives where you are sure that it’s a weak or unknown spot. That will give you more confidence that you will be ready because on strong spots you might need less time to study and if the exam date comes up close, you can give it your best shot.
  • To prepare each objective/section you will have a list of reference documents to read and learn.
  • Check the blueprint if there are any recommended courses because I have found some of them to be extremely useful (eg: VMware vSAN: Production Operations [V6.7])

During the exam:

  • If you do not know the answer, mark the question and keep going. At the end, you will have the oportunity to review the marked questions. Do not rush to skip it, but do not take too much time to decide, you have a limited time to do the exam.
  • If you are taking a VCAP Deploy exam, check on the time frequently, time is your number one enemy. Think if the task is a long one (eg: feature enablement, component deployment, etc) and keep going with the next task after having the task running. Do not lose time waiting for it to finish.
  • For all exams, if time has ended, the exam will be saved. I thinks that you will not lose points for the questions answered (I suppose, not sure 100%).

After the exam:

  • If you passed it, congratulate yourself and start preparing for the next one.
  • If you took a VCAP Deploy exam, relax because it might take 1 or 2 weeks to have the results because they are not shown immediately when finished. You will receive an email like the following.
  • If you have failed it, check the score report so you can make focus at weak spots for the next time. It’s not the end of the world, a failure is an opportunity to learn more.

Veeam Notifications Error

Hi. I want to share with you an error that today I came up with. Some of our customers started to experience and error with Veeam Backup & Replication notifications. I have made a procedure to fix it my way, there is no Veeam KB or support ticket related to it, so use it at your own risk. Please make a backup of the database before continuing.

When a job finished it was displaying this message:

When you open the general options to check the notifications section, a message like this is displayed:

To do the following steps you will need a SQL Management Studio to access the SQL Server hosting the DB and a user with privileges to access it.

Based on the message I started to check tables in the database that might contain the information that was not parsed ok and I reached a table called Options so I made a select to the table to check if it was storing information that might need to be modified to fix the issue.

SELECT *
FROM [VEEAMDB].[dbo].[Options]

/** Modify the VEEAMDB database name to you enviroment database **/

Once I made the select I discovered that it was an entry with the email_notification configuration:

If you do not remember the configuration you had, you can click the value and gather the info in an XML format.

After making a backup of the information, I cleaned up the value with the following query:

  update [VEEAMDB].[dbo].[Options]
  set value = ''
  where name ='email_notification'

After executing the query (no reboot needed) I was able to open the general settings and configure the notifications options again based on this Veeam procedure

I think that this “bug” might be related to something like this Veeam KB on datetime format when installing or upgrading.

I hope it helps you and any recommendation or question, please comment below.

Speedup host readiness for VMware Cloud Foundation (VCF)

Hi, and welcome to my first post.

In the last couple of months I have doing lots of POCs (Proof Of Concepts) about VMware Cloud Foundation (VCF onwards) and every time I reinstalled the hosts to show the Bring Up process (that will be covered in another post) I was spending a lot of time, approximately 10 minutes per host between login, page navigation and configuration, to get a host ready to be used by the Cloud Builder VM.

Because of that, I have developed a script to speedup the process and minimizing the human error of having a configuration mismatchs between hosts.

The Cloud Builber VM requirements for the ESXi are the following:

Note: They might be different depending on the version of VCF you are using, at least for 3.9.1, 4.0, 4.1 the above image is the same.

If any of the above requirements are not met, the Cloud Builder VM will display a warning message that can be dismissed, but the process will fail and you will have to start over.

The script will address only the following ones:

  • VM Network portgroup must match the Management Network VLAN ID
  • TSM-SSH must be turned on and configured to Start and Stop with Host
  • NTP must be configured, running and configured to Start and Stop with Host
  • Check if the vSwitch0 has more than one nic configured (just inform, does not modify vSwitch nic assingment)

How to run it? Grab the latest version of Power CLI from VMware{code}, copy the content of the script into a file and save it with a .ps1 extension, open powershell as an administrator and run the .ps1 file. The script itself will modify some PowerShell configurations to run.

The script run will look something like the following.

  • Errors that must be fixed are displayed on red
  • Warnings might be ignored and are displayed on yellow

So now that we know which are the requirements and how to run it lets dig in into the code. Feel free to copy, modify and share it. If you find any bug or recommendation please post it in the comments section.

Ps! While this post is out, I’m working on a new version to make it even easier. So be ready for more VCF scripts!

If it fails just run $error on powershell and send me the output to fix it!

#fcardarelli@soluciones.com.ar - 10/24/2020
#Speed up of VCF host readiness
#OCT/31/2020 -> Added DNS Server configuration
#NOV/12/2020 -> Fixed a bug when no hostnames were entered
  
#Added to ignore the invalid certificate warning
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
  
#Clear the view
cls
  
Write-Host -ForeGround 'Yellow' -back 'black' 'To use this script you will need to:'
Write-Host -ForeGround 'Yellow' -back 'black' '- Have configured ESXi management networks'
Write-Host -ForeGround 'Yellow' -back 'black' '- Have root password'
Write-Host -ForeGround 'Yellow' -back 'black' '- Provide all the IP Addresses, VLAN ID, and NTP Addreses'
  
$warning = 'Enter Y to continue. ---> '
Do {
  Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  $continue = Read-Host
  $warning = 'Mmmm... Some info missing? When ready enter a Y to continue! ---> '
} While ($continue -notmatch 'Y')
  
#Regex patterns for validations
$ipRegexPattern = '^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$'
$vlanRegexPattern = '[0-4095]'
$fqdnRegexPattern = '(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]{1,63}(?<!-)\.?)+(?:[a-zA-Z]{2,})$)'
$hostcountRegexPattern = '[1-100]'
  
#Variables
$esxiIPs = @()
$hostnames = @()
  
#Constants
$esxUser = 'root'
  
$warning = 'Enter the root password, it wil be hidden so relax of watchers! ---> '
Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  
#Request root password for host configuration
$esxPswd = Read-Host -AsSecureString
$credentials = New-Object System.Management.Automation.PSCredential ('root', $esxPswd)
  
for ($i= 0 ;$i -lt 4;$i++){
  
    switch ( $i )
    {
        0 { $warning = 'Enter the IP address of the FIRST ESXi! ---> '}
        1 { $warning = 'Enter the IP address of the SECOND ESXi! ---> '}
        2 { $warning = 'Enter the IP address of the THIRD ESXi! ---> '}
        3 { $warning = 'Enter the IP address of the FORTH ESXi! ---> '}
    }
      
    Do {
      Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
      $esxi = Read-Host
      $warning = 'You did not enter a valid IP address. Please try again! ---> '
    } While ($esxi -notmatch $ipRegexPattern)
    $esxiIPs += $esxi
}
  
#Configure hostnames?
$warning = 'Do you want to configure esxi Hostnames? If already configured on DCUI, skip this step. Enter Y to confirm. ---> '
Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
$configureHostnames = Read-Host
  
if ($configureHostnames -eq 'Y'){
    for ($i= 0 ;$i -lt 4;$i++){
  
        switch ( $i )
        {
            0 { $warning = 'Enter the Hostname (FQDN) of the FIRST ESXi! ---> '}
            1 { $warning = 'Enter the Hostname (FQDN) of the SECOND ESXi! ---> '}
            2 { $warning = 'Enter the Hostname (FQDN) of the THIRD ESXi! ---> '}
            3 { $warning = 'Enter the Hostname (FQDN) of the FORTH ESXi! ---> '}
        }
          
        Do {
          Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
          $hostname = Read-Host
          $warning = 'You did not enter a valid FQDN. Please try again! ---> '
        } While ($hostname -notmatch $fqdnRegexPattern)
        $hostnames += $hostname
    }
}
else{
    Write-Host -ForeGround 'Yellow' -back 'black' 'Ok, no hostname configuration' 
}
  
$warning = 'Enter the VLAN ID for the VM Network (it must match the Management Network VLAN)! ---> '
Do {
  Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  $VLANID = Read-Host
  $warning = 'You did not enter a valid VLAN ID. Please try again! ---> '
} While ($VLANID -notmatch $vlanRegexPatter)
  
$warning = 'Enter the NTP Address! ---> '
Do {
  Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  $NTP1 = Read-Host
  $warning = 'You did not enter a valid NTP IP Address. Please try again! ---> '
} While ($NTP1 -notmatch $ipRegexPattern)
  
  
#Need another NTP Server?
$warning = 'Add a second NTP? Enter Y to confirm ---> '
Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
$anotherNTP = Read-Host
  
if ($anotherNTP -eq 'Y'){
    $warning = 'Enter the Secondary NTP Address! ---> '
    Do {
      Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
      $NTP2 = Read-Host
      $warning = 'You did not enter a valid NTP IP Address. Please try again! ---> '
    } While ($NTP2 -notmatch $ipRegexPattern) 
}
 
 
#DNS Configurations
$warning = 'Enter primary DNS Server! ---> '
Do {
  Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  $dnspri = Read-Host
  $warning = 'You did not enter a valid DNS IP Address. Please try again! ---> '
} While ($dnspri -notmatch $ipRegexPattern)
  
  
#Need another DNS Server?
$warning = 'Add a second DNS Server? Enter Y to confirm ---> '
Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
$anotherDNS = Read-Host
  
if ($anotherDNS -eq 'Y'){
    $warning = 'Enter the Secondary DNS IP Address! ---> '
    Do {
      Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
      $dnsalt = Read-Host
      $warning = 'You did not enter a valid DNS IP Address. Please try again! ---> '
    } While ($dnsalt -notmatch $ipRegexPattern) 
}
 
#DNS Configurations
$warning = 'Enter search domain name! ---> '
Do {
  Write-Host -ForeGround 'Yellow' -back 'black' -noNewLine $warning
  $searchdomainname = Read-Host
  $warning = 'You did not enter a valid DNS IP Address. Please try again! ---> '
} While ($searchdomainname -notmatch $fqdnRegexPattern)
 
#Loop with all the ip address provided
$counter = 0
foreach ($esxi in $esxiIPs) {
  
    $errorFlag = $false
  
    Write-host 'Connecting to ' $esxi
      
    try {
        Connect-VIServer -Server $esxi -Credential $credentials -ErrorAction Stop | Out-Null
        Write-Host -ForeGround 'black' -back 'green' 'Connected to host =======> ' $esxi
        $esxcli = Get-EsxCli -VMHost $esxi
         
        if ($hostnames.length -gt 0){
            $esxcli.system.hostname.set($null,$hostnames[$counter],$null) | Out-Null
        }
          
        #Search for vSwitch0 object
        $vswitch = Get-VirtualSwitch -VMHost $esxi -Name vSwitch0
          
        if ($vswitch.nic.length -gt 1){
            Write-Host -ForeGround 'white' -back 'red' 'Host ' $esxi ' has more than 1 nic on vSwitch0, please check the host before proceeding with Bring Up Process.'
            $errorFlag = $true
        }
        else{
            Write-Host -ForeGround 'black' -back 'green' 'Host ' $esxi ' has only 1 nic on vSwitch 0. Well done!'
        }
  
        try{
              
            $VMNetworkPG = Get-VirtualPortgroup -Name 'VM Network'
            Set-VirtualPortGroup -VirtualPortGroup $VMNetworkPG -VLanID $VLANID -ErrorAction Stop | Out-Null
            Write-Host -ForeGround 'black' -back 'green' 'Configured VM Network of host ' $esxi ' with VLAN ID ' $VLANID
        }
        catch
        {
            Write-Host 'The portgroup might not be created, lets try to fix it.'
            #Create the PG and set the VLAN ID
            $VMNetworkPG = New-VirtualPortGroup -VirtualSwitch $vswitch  -Name 'VM Network' | Out-Null
            Set-VirtualPortGroup -VirtualPortGroup $VMNetworkPG -VLanID $VLANID -ErrorAction Stop | Out-Null
            Write-Host -ForeGround 'black' -back 'green' 'Configured VM Network of host ' $esxi ' with VLAN ID ' $VLANID
        }
  
        try{    
            #NTP Adjustment
            Add-VMHostNtpServer -VMHost $esxi -NtpServer $NTP1 -ErrorAction Stop | Out-Null
            Write-Host -ForeGround 'black' -back 'green' 'Configured NTP Server 1 of host ' $esxi ' with NTP ' $NTP1
        }
        catch
        {
            Write-Host -ForeGround 'black' -back 'Yellow' 'I was not able to configure NTP ' $NTP1 ' on ' $esxi ' maybe its already added.'
              
        }
          
        if ($NTP2 -ne '') {
            try{    
                #NTP Adjustment
                Add-VMHostNtpServer -VMHost $esxi -NtpServer $NTP2 -ErrorAction Stop | Out-Null
                Write-Host -ForeGround 'black' -back 'green' 'Configured NTP Server 2 of host ' $esxi ' with NTP ' $NTP2
            }
            catch
            {
                Write-Host -ForeGround 'black' -back 'Yellow' 'I was not able to configure NTP ' $NTP2 ' on ' $esxi ' maybe its already added.'
            }
        }
         
        if ($dnsalt -ne '') {
            try{    
                #DNS Servers Adjustment
                Get-VMHostNetwork -VMHost $esxi | Set-VMHostNetwork -DNSAddress $dnspri, $dnsalt -SearchDomain $searchdomainname -Confirm:$false | Out-Null
                Write-Host -ForeGround 'black' -back 'green' 'Configured DNS Servers of host ' $esxi ' with DNS Server ' $dnspri ' and ' $dnsalt
            }
            catch
            {
                Write-Host -ForeGround 'black' -back 'Yellow' 'I was not able to configure DNS ' $dnspri ' and ' $dnsalt ' on ' $esxi ' maybe its already added.'
                  
            }
 
        }
        else
        {
            try{    
                #DNS Servers Adjustment
                Get-VMHostNetwork -VMHost $esxi | Set-VMHostNetwork -DNSAddress $dnspri -SearchDomain $searchdomainname -Confirm:$false | Out-Null
                Write-Host -ForeGround 'black' -back 'green' 'Configured DNS Server 1 of host ' $esxi ' with DNS Server ' $dnspri
            }
            catch
            {
                Write-Host -ForeGround 'black' -back 'Yellow' 'I was not able to configure DNS ' $dnspri ' on ' $esxi ' maybe its already added.'
                  
            }
        }
  
        #Adjust the ESXi time with local computer time
        $t = Get-Date
        $dst = Get-VMHost -Name $esxi | %{ Get-View $_.ExtensionData.ConfigManager.DateTimeSystem }
        $dst.UpdateDateTime((Get-Date($t.ToUniversalTime()) -format u)) | Out-Null
        Write-Host -ForeGround 'black' -back 'green' 'Synchornized time of host ' $esxi ' with computer time '
  
        #Open NTP ports
        Get-VMHostFirewallException -VMHost $esxi | where {$_.Name -eq 'NTP client'} | Set-VMHostFirewallException -Enabled:$true | Out-Null
        Write-Host -ForeGround 'black' -back 'green' 'Added firewall exception for NTP Client on host ' $esxi
  
        #Start NTP Service and set it to autostart
        Get-VmHostService -VMHost $esxi | Where-Object {$_.key -eq 'ntpd'} | Start-VMHostService -Confirm:$false | Out-Null
        Get-VmHostService -VMHost $esxi | Where-Object {$_.key -eq 'ntpd'} | Set-VMHostService -policy 'on' | Out-Null
        Write-Host -ForeGround 'black' -back 'green' 'NTP started and configured to Start and Stop with host on host ' $esxi
  
        #Start SSH Service and set it to autostart
        Get-VmHostService -VMHost $esxi | Where-Object {$_.key -eq 'TSM-SSH'} | Start-VMHostService -Confirm:$false | Out-Null
        Get-VmHostService -VMHost $esxi | Where-Object {$_.key -eq 'TSM-SSH'} | Set-VMHostService -policy 'on' | Out-Null
        Write-Host -ForeGround 'black' -back 'green' 'TSM-SSH started and configured to Start and Stop with host on host ' $esxi
          
        $counter += 1
  
        Disconnect-VIServer -Server $esxi -Confirm:$false
        Write-Host -ForeGround 'black' -back 'green' '<======= Disonnected from host ' $esxi
          
        if ($errorFlag){
            Write-Host -ForeGround 'white' -back 'red' 'Check the configuration of ' $esxi ' before proceeding with bring up process.'
        }
        else{
            Write-Host -ForeGround 'black' -back 'green' 'Host ' $esxi ' is ready for VCF! Woho!'
        }
    }
    catch{
        Write-Host -ForeGround 'white' -back 'red' 'I was not able to connect ' $esxi ' please check the connection to it.'
    }
}