Planning a vSphere Upgrade

Many of my customers request help when preparing for an upgrade to the latest version of vSphere (recently, they've been wanting to upgrade vCenter to 6.5 on the vCenter Server Appliance, but this is generally a recurring request for each new version).  And I get it, there's a lot of moving parts to consider when planning on an upgrade like this.  So, I figured that I'd do a quick write-up about the process that I go through when planning for an upgrade like this.

The first thing that I do is compile a big list of all of the solutions in the environment that are dependent on vCenter and ESXi.  I just build a big spreadsheet with 4 columns: Solution, Current Version, Desired Version, and Notes.  When collecting this list, it's important to consider other VMware solutions (such as vRealize Automation Center, Horizon, Network Insight, etc.), hardware platform (is this running on HP BL460c blades?  Nutanix?  IBM?), backup solutions (Avamar is very common amongst my custome…

PowerNSX Tips

I've recently had the opportunity to do some work with NSX during some server migrations.  That work has been fairly repetitive for each group of servers that we're migrating so, you guessed it, I looked for an easy scripting/automation solution, and PowerNSX proved to be the right tool for the job!

As the name implies, PowerNSX is the NSX portion of PowerCLI.  Installing it is a breeze - just use a relatively up-to-date PowerShell window and fire off install-module PowerNSX.  That'll give you access to a whole set of NSX-oriented PowerShell cmdlets.  It's still in beta, so there's a lot of rough edges, but it's still proven to be an excellent tool for many tasks, including manipulating large numbers of VM Security Group Membership settings and creating Firewall rules.

One of those "rough edges" involves cached instances of objects.  For example, if I want to add a bunch of VMs to various security groups based on a CSV input, I'd often write a scr…

vExpert 2018

I'm proud to say that I have been selected as a 2018 vExpert!  This is my 5th year in the program and I'm very thankful for the opportunities that it has provided me to get to know so many excellent people in the virtualization community.  I can't even count the number of times that I've needed help understanding some concept or solving some problem, and the community has always been there for me.  Hopefully, I've been able to help some of you guys since I started this blog (way back in 2012), too!

VMware User Environment Manager Condition Logic

One of my customers is using UEM and wants to set up a default printer per user group, but only set that default printer if the user hasn't already got one configured.  Setting up a default printer as a User Environment policy is trivial, but the conditions to preserve existing settings were interesting.

We determined that, if the current default printer contains either the words "Microsoft" or "Webex", then we'd consider it to be unset and would correct it, otherwise we'd leave it alone.  Of course, we also need to detect that the computer is in the correct room group, too, so what's that logic look like?  I wrote it out in PowerShell style pseudo-code like this: If ((DefaultPrinter -match "Microsoft" -or DefaultPrinter -match "WebEx") -and ComputerGroup -eq "RoomA"){Set Default Printer}.

My first challenge came from the fact that, while UEM Conditions do offer logical AND and OR, they do not offer parenthesis.  When I…

Troubleshooting with vRealize Network Insight

I've had the opportunity to use vRealize Network Insight (vRNI) lately during a network migration project and it has proven invaluable.  We've used it to collect data about the subnets before they're migrated and we use it to help troubleshoot issues after the migration is completed.  It's given us great visibility into the traffic on the network and into where that traffic is being blocked.  So, how do we use it?

Before the migration, we use it to scrape a ton of data from the source subnet, as we need to know what's going on with the servers that are running there.  At the start of the project, we attempted to learn those details by asking the application owners about their applications' requirements, however we found that the vendor documentation was universally poor, especially when compared against the needs of micro-segmentation.

To get that information, I execute a very simple query in vRNI: flows where subnet = <subnet>.  This returns a list of al…

Behind the Scenes with VMware UEM Run Once Settings

I've recently had the opportunity to do a project with VMware UEM where we've made some use of the Run Once setting on a few config items (expect more on that later).  I was hesitant to build that setting into my design though, without having a thorough understanding of what it's doing behind the scenes (for example, what do I do if I need to make it run a second time for some reason?), so I did some research and experimenting.

Eventually, I came across a VMware KB Article describing the Run Once Special flag, which explained what was going on, although I still had to poke around a bit to find the file itself and fully understand the behavior.  That article described the Run Once process as creating flag files named .[L-computername.1] in the hidden FlexRepository user profile folder.  If those files are found for a given setting, it does not run the setting with that flag enabled. 

Let's look at an example Logon Task that has Run Once enabled, and how the system works…

The Value of Automation

I've been doing more and more work around automation, as have a lot of people in our industry.  But, why do we do it?  Many of the tasks that we automate are trivial, easy things that an administrator can do with very little thought, yet we still invest days, weeks or even months in creating automated systems to do those tasks instead.

Well, first lets look at why we automate those trivial tasks.  It turns out that very few tasks are actually trivial, we are just really good at glossing over details.  That's just part of being human and is how we manage to get by in the world.  Take an activity as simple as typing this blog post - trivial, right?  Just type some things into the interface. 

Well, discarding any difficulties in figuring out what to type, think of the pure mechanics of getting it into the interface.  Every character in this post corresponds with a keystroke on my keyboard (and, given how many typos I make and how often I change my mind about what I want to say, i…