vCloud Director: New/Set Catalog PowerShell Modules

A couple years ago I asked the #vExpert community for help to figure out how to create a new catalog within vCloud Director with powershell. There was no option to do so, and Jon Waite was amazing when he created the new-catalog module. The module works great to create a new catalog, but I wanted to take it another step to add in the publish and subscribe to external catalogs ability. I modified the module from Jon to add in these features. I am not 100% sure how to modify the module and check it into his original module so I did it in my blogpost files.

Giving full credit to Jon Waite for making this module. I have added the following to new-catalog.psm1:

• Ability to create a new catalog as published externally
• Script returns the published catalogs URL
• The above URL can be captured as a variable for use in other scripts (see below)

Set-cicatalog was created to change an existing catalog into an externally published catalog:

• Requires the catalog to already be created
• Script returns the published catalogs URL
• The above URL can be captured as a variable for use in other scripts (see below)

New-subscribedcatalog was created as I could not figure out how to put all of these features into 1 single module/function, which I might revisit:

• Ability to create a new catalog within vCD that is subscribed to an “external” feed
• Does minor error reporting if the catalog is created with a bad password and fails to sync
• Does minor status reporting and will return status of sync
• Allows variables to be passed in the script – meaning you can use the URL captured if the above modules 🙂

Hope this helps people in the future and please let me know if there are features I missed or something I can change to make it more user friendly!

vCloud Director: How to unsubscribe a subscribed catalog using PostgreSQL

Something that has perplexing for some time in vCloud Director is how to unsubscribed a catalog once it has been subscribed to an external feed. This is something that could be done to retain content without having to copy it to a local catalog. vCloud Director does not allow this to be done within the UI but it is a pretty quick change in the database

**Please note that these scripts are just for reference – use at your own risk** – Standard disclaimer 🙂 and take backups!!

Using either a SSH session or pgAdmin

The SSH session will be covered first(hopefully adding pgAdmin steps later):

Once a SSH session has been established with the PSQL DB machine, use the following commands to access the specific vCloud Director Database instance:

[root@bblab-vcddb ~]# su - postgres

Last login: Sat Jan 25 21:51:55 UTC 2020 on pts/0

-bash-4.2$ psql -d bblab-vcddb

psql (10.11)

Type "help" for help.

bblab-vcddb=#

Having accessed the vCloud Director database, it is time to track down the catalog in question. A safe way that I have found is to use the org_id to ensure you have tracked down the correct catalog within the given org that is being targeted. Copy the below and change the org name as needed:

select org_id from organization WHERE name = 'bblab-testorg1';

This will return the org_id from the database that is needed to ensure the proper catalog is selected and modified to no longer be subscribed.

select org_id from organization WHERE name = 'bblab-testorg1';

org_id

--------------------------------------

6a8b1172-7c13-4111-bb76-33a1b9471147

(1 row)

From there, take the org_id and catalog name in that needs to no longer be subscribed. Input those into the below statement and run!(please take a backup first – safety)

UPDATE catalog SET subscribed_to_ext_feeds = 'f' WHERE name = 'bblab-catalog1' AND org_id = '6a8b1172-7c13-4111-bb76-33a1b9471147';

Once the above has been ran, only 1 row will be updated. Checking the vCD UI, the catalog that was changed in the DB will no longer show subscribed and the items that had been synced will remain!

Hope this helps and I hope to post pgAdmin steps/screenshots in the near future!

vCloud Director: Update PVDC supported hardware version via PowerCLI

This post servers as a reminder for me but also hopefully helpful to others that want to “explore” ExtensionData with powercli. This post shows how to declare a variable and navigate to the extension data for a Provider Virtual DataCenter within vCloud Director and adjust the Highest Supported Hardware Version.

**Please note that these scripts are just for reference – use at your own risk** – Standard disclaimer 🙂

Connect to a vCloud Director Instance:

Connect-CIServer bblab-vcd

Get a list of PVDCs within the vCD instance:

Get-ProviderVdc

Name Status Enabled CpuUsedGhz MemoryUsedGB StorageUsedGB
---- ------ ------- ---------- ------------ -------------
bblab-pvdc Ready True 8.43 (14.3%) 9.464 (13.0%)

Selecting one of the returned PVDCs above declare it as a variable:

 $hwversionchange = Get-ProviderVdc -name bblab-pvdc

Using the declared variable “pipe” “|” it to Format-List or FL to show more details(Note there is a HighestSupportedHardwareVersion here showing Unknown(possible bug):

 $hwversionchange | FL
Href : https://bblab-vcd/api/admin/extension/providervdc/uuid-here
StorageUsedGB :
StorageOverheadGB :
StorageTotalGB : 0
StorageAllocatedGB :
Status : Ready
MemoryUsedGB : 49.3623046875
MemoryOverheadGB : 1.73046875
MemoryTotalGB : 30.9296875
MemoryAllocatedGB : 14
Enabled : True
HighestSupportedHardwareVersion : Unknown
CpuUsedGHz : 17.164
CpuOverheadGHz : 0.384
CpuTotalGHz : 5.104
CpuAllocatedGHz : 4
ExtensionData : VMware.VimAutomation.Cloud.Views.VMWProviderVdc
StorageProfiles : {bblabcompute}
Description :
Name : bblab-pvdc

ExtensionData is one of the listed items above, adding a . after the variable will expose usable options. Type the PVDC variable and add .ExtensionData on the end to see a full list(Note as in above examples you can add any of these to the end of the variable.extensiondata to see more):

$hwversionchange.ExtensionData
HighestSupportedHardwareVersion : vmx-13
ResourcePoolRefs : {VMware.VimAutomation.Cloud.Views.VimObjectRef1}
VimServer : {bblab-vc1}
DataStoreRefs : {VMware.VimAutomation.Cloud.Views.VimObjectRef1, VMware.VimAutomation.Cloud.Views.VimObjectRef1, VMware.VimAutomation.Cloud.Views.VimObjectRef1,
VMware.VimAutomation.Cloud.Views.VimObjectRef1...}
HostReferences : VMware.VimAutomation.Cloud.Views.VMWHostReferences
NsxTManagerReference :
Status : 1
StorageCapacity :
ComputeCapacity : VMware.VimAutomation.Cloud.Views.RootComputeCapacity
IsEnabled : True
AvailableNetworks : VMware.VimAutomation.Cloud.Views.AvailableNetworks
Vdcs :
Capabilities :
StorageProfiles : VMware.VimAutomation.Cloud.Views.ProviderVdcStorageProfiles
NetworkPoolReferences : VMware.VimAutomation.Cloud.Views.NetworkPoolReferences
Tasks :
Description :
OperationKey :
Client : VMware.VimAutomation.Cloud.Views.CloudClient
Type : application/vnd.vmware.admin.vmwprovidervdc+xml
Link : {, , , ...}
AnyAttr :
VCloudExtension

Simplifying things the HighestSupportedHardwareVersion  has been added to the command:

$hwversionchange.ExtensionData.HighestSupportedHardwareVersion

vmx-13

Keeping the format from above I know I can increase the value to vmx-14 based on the vCloud Director Admin Guide. Set the value with the below command:

$hwversionchange.ExtensionData.HighestSupportedHardwareVersion = 'vmx-14'

The value needs to be “committed” by using the “UpdateServerData()” command which will push the updated value to the vCD instance(Note – make sure you have a backup of your vCD Database in case something goes wrong):

 $hwversionchange.ExtensionData.UpdateServerData()

Once the above command has finished it will return all of the ExtensionData including the newly changed first line 

HighestSupportedHardwareVersion : vmx-14

There is plenty to explore with ExtensionData in vSphere and vCloud Director – explore safely……… with backups 😉

vCloud Availability for Cloud-to-Cloud DR aka vCAV Install and Config part 3

Building off of Part 1 & Part 2 which covers “what is vCAV and how to use vCAV”, I’ll detail in this post, the configurations of policies, protect VMs/vApps, do a migration and cleanup migrated VMs/vApps that no longer need to be protected.

*Once again disclaimer – I’m writing this for the 3.0 Beta version and features. The process outlined below may change – 3.0.1 is GA as of the 23rd of May 2019 release notes found here

Before protecting a VM or vApp to be migrated to a new cloud site the policies will need to be configured on each site. Policies can be created for use by a single Org or can be assigned any combination of Orgs per policy. Each policy can be configured to allow outgoing or incoming replications, to limit the number of replications and snapshots per replications, and the minimum allowed RPO. A fantastic explanation for RPO can be found here. The RPO value can be changed per workload protection but this setting is for the minimum allowed value.

If a new policy is not created, the following error will appear when attempting to protect a new workload:

To create a new policy, navigate to Policies on the left hand navigate pane and click NEW(The default policy can be edited to allow replications and by default all discovered orgs are attached to this policy):

The New Policy window will pop up and each name and setting can be adjusted for each policy created:

Once created, click the radio button next to the policy to assign a new org or orgs and click the ASSIGN button above the polices:

Once the policies have been assigned to the orgs required, vApps can now be protected. Navigate to the left hand side and click from Cloud or to Cloud depending on the direction of the migration:

For this example to Cloud was selected under Outgoing Replications – the on the top menu click NEW to begin protecting a vApp.

The New Outgoing Replication menu appears and allows to sort by the vApp/VM or OrgVDC(VDC aka OVDC) to find the items that need to be protected:

***Note the yellow warning banner notes the VM(s) are powered off and a seed will not be created on the destination side unless done manually or the VM(s) becomes powered on***

After clicking NEXT, the Target Site needs to be selected and authenticated to along with the Target VDC(OVDC). Once these have been configured the next menu will show the Protection Settings:. Below for each migration there are a number of values that can be configured based on the policy settings created above. RPO, Storage policies, does the VM support quiesceing, and compress replication traffic. Each of these is configurable for each protection.

The next menu is Scheduling, which is a fantastic add in 3.x versions! This allow the synchronization of the selected workloads to begin as a specified time or done immediately:

Lastly a summary page Ready To Complete appears detailing the protection settings for the selected workloads. Clicking on FINISH will complete the wizard and file the job within the vCAV appliances!

What happens when vApps/VMs are migrated?

When a vApp or VM is migrated with vCAV, all of the data is synced over to the destination side, the source VM is powered off gracefully and the destination becomes ready in vCD(depending on the power state selected during migration, the power state may be on/off).

What happens when vApps/VMs are “failed-over”?

This assume the source side is down and is more of a disaster recovery option. The Source side is not touched in this case, and the destination side will have the last synchronized data based on the selected RPO.

*Please note the below feature was available in 1.5.

How to report on usage:

Login to the vCloud Availability vApp Replication Manager as root with the following command

c4 loginroot C4-Root-Password-Here

Generate the vCloud Availability for Cloud-to-Cloud DR usage report(report_summary and report_details can be changed to any report name)

usage-report --output /tmp/report_summary.tsv --details /tmp/report_details.tsv

Download the vCloud Availability for Cloud-to-Cloud DR usage report locally.

scp /tmp/report_summary.tsv /tmp/report_details.tsv user@your-host:/download-target-location

(Optional) Remove the generated reports from the vCloud Availability vApp Replication Manager appliance.

rm /tmp/report_summary.tsv /tmp/report_details.tsv

Notes for the above usage report can be found here:

https://docs.vmware.com/en/VMware-vCloud-Availability-for-Cloud-to-Cloud-DR/1.5/com.vmware.c2c.install.config.upgrade.doc/GUID-F36C3CDD-2477-48DE-9883-333D1828A969.html

A HUGE thanks to the vCAV product team that I’ve had the pleasure of working closely with in my current role. They are striving to get to increase scale and get new features into the product quickly! This product just keeps getting better with every release.

Please let me know if you have feedback or question – I’ll do my best to answer them!

 

 

Gifts for Tech People

My wife tells me I’m difficult to shop for.  I believe it, as I have heard this from a few different sources.  As a techy person, tech gifts aren’t something I often receive, and to be fair, when they are given, I probably could have found it better and less expensive!  I have found a few things that are less common that other tech people might love.  If nothing else, I hope I will ignite the spark of a new idea for your techy loved one… and if you want to send any of these my way, well, that’s fine, too.

Key knife – infinitely useful and stays on your key chain, blending in with other keys.  The main purpose I use this for is opening packages, both from Amazon and on birthdays/holidays.  Honestly, I use my key knife daily. Most recently, we used it to free a distressed and trapped garter snake from a cheap plastic fence in our local botanical garden/sculpture park!  It’s always at the ready and handy.  (The snake is fine now, by the way!)

Isis puzzle ball – Looks simple enough but provides hours of puzzle solving enjoyment. Once you take this on you will want the next in the series to solve.

Nerdy Tie Dyes – When my wife found out I was making this blog post, she insisted we include our favorite tie dye shop!  This girl does the best tie dyes that are so bright and cheerful!  She can do swirls and all that jazz, of course.  But her custom designs are where she shines! We have gotten guitars, Darth Vader, rainbows, hearts, turkeys, a peeps bunny, and so much more swirled into shirts.  When we had our last baby, we got several newborn onesies that were beautiful. We didn’t find out the sex, so we loved having not only gender neutral clothes at first, but truly beautiful clothes perfect for photo ops (and hiding barf). She is great to work with and we have always been pleased with the quality and craftsmanship of her dyes.  We also got a special offer for anyone who wants to order from her through this blog! Enter the coupon code NERDYDYES for 15% off of anything in the shop and free shipping (to U.S. customers)!

Seagull Mobile – makes it onto my list as the most inconspicuous and surprising item that I’m sure no one will have.  I have this hanging from the ceiling over my chair at my desk. I get so deep into work that I forget to take deep breaths or blink or whatever.  All I do is tilt my head back and try to move the seagulls with my breath.  It’s really, really simple, but really effective and calming.  Any mobile or thing hanging from a string would work just as well.

Darn Tough socks – I love these socks! Made in the U.S.A., they have a lifetime gaurantee and are so comfortable! They’re just made better than other socks.  They allow your feet to breathe, and do such a good job of wicking moisture and smell that I’ve worn them for days… Amazing for traveling, growing boys and stinky feet.

Theraband bands/mini tramp/exercise ball- I’m all about small breaks that make your work day better by clearing your mind, even if the break is only for a minute or two.  It’s not enough time to sweat, but an active quick break for mental health!

Lodge Cast Iron griddle – I love cast iron!  This griddle is the creme de la creme when it comes to cast iron.  It has a grill side and a flat side, which is the one we almost always use.  It cleans up so shiny and has a commercial kitchen feel to it; you get more space to cook. Everything cooks so beautifully and quick, even when compared to the rest of our cast iron.  We use it for potatoes, eggs, paninis, veggies, pancakes, English muffins, burgers, etc.

GIPF series of games/7 wonders duel – These are some of the best games I have ever played. They are all two person games.  The strategy is different in all of them, and I love the adjustment of acclimating to the strategy needed to win.  They’re all super simple yet complex, and MOST people don’t have them (nor have ever heard of them)! Each one of us has a different favorite! 7 Wonders Duel was given to me by an great friend and we’ve been playing at least once a week since.

Car trunk organizer – This has been a much needed addition for years.  It was one of those purchases that after I had them, we both had this, “where have these been our whole lives?” kind of response.  I have two: one for the staples that stay in the car (jumpers, reusable bags, etc.) and one that is used solely for groceries (so we don’t forget anything in the trunk). They fold up nicely and barely take up any space.

Rice bag heat packs – I get these at local artist markets, but you could get them at Etsy or anywhere.  They have been amazing for any mild aches, pains, sore muscles, cold nights, etc. There are so many uses for them.

Garden seeds – Request a catalog from this company and it’ll have you dreaming of spring with ambitions of growing your own beautiful harvest this year!

Pump-its – They cut anything you can think of that fits the diameter the tool says it can take. At the time we got them my 6 year old had no trouble cutting branches with these!

Merrell sandals – Hands down the most comfortable shoe!  I use these for long periods of time in the kitchen (when my wife has me slaving away without breaks for weeks) and they always keep my feet nice and happy.

Sherlock holmes/mystery book – a good mystery book with great vocabulary and British humor is always a great idea.

Foraging book – getting away from the screen is really important to me, and getting out into nature is fun and relaxing- but we wanted more!  Our questions have turned into knowledge and we have had some amazing trail side snacks and meals from food we have found!  My favorite is a cranberry and autumn olive sauce at Thanksgiving! But then there’s also wild garlic, morels, ramps, wild black raspberries, sassafras, mint, wild cherries, dandelion, apples, onions, grapes, wild mustard greens, rosehips, and so much more.  It’s awakening and inspiring when you step outside and a plant becomes a familiar culinary friend. The books listed are more specific to the Midwest U.S., so maybe find one indigenous to your area! If nothing else, this author is a great writer and he makes for some lovely reading.

If you’ve made it this far, you’re super desperate for a gift…. when everything else fails, gift cards still work 🙂

vCenter 6.7 vPostgres Database Tips

While digging into some validation tests and orphaned hosts I got a chance to learn how to do more things in the vPostgres database of a vCenter. For reference an orphaned host is one that exists in the DB but is no longer present in vCenter. Running a test against a vCenter may return failing results against a host that no long exists.

Accessing your vPostgres DB:

*Please do not run these commands without understanding exactly what they do and have a valid backup.*

Login to the vCenter via SSH, access the shell and run the following command(Note the -d VCDB portion refers to the default embedded DB instance name and your name may change)

/opt/vmware/vpostgres/current/bin/psql -d VCDB -U postgres

Once logged into the vCenter DB the prompt will be similar to VCDB# and commands against the DB can be run.

*Lots of disclaimers here since running commands against a live database can cause massive damage – please be responsible*

Basic commands:

\l+ shows a list of databases

\dt  shows a list of relations/tables

How to run select commands(Notice the ; at the end of each line – this is required to complete the command):

Below are examples of commands to return different values

The below command will show you the vCenter version

 SELECT * FROM VPX_VERSION;

This command will list all entities within the DB, which could include hosts, resource pools, vApps, virtual wires etc..

SELECT * FROM VPX_ENTITY;

This command proved very useful for me and it allows you to look up if a host(or other object) is actually still in the vC DB:

SELECT * FROM VPX_ENTITY WHERE NAME ='your-hostname-or-object-name';

Depending on the object you may get a return value or nothing like I did below:

id | name | type_id | parent_id
----+------+---------+-----------
(0 rows)

Once the work has been completed in the vC DB this is how you exit

\q

Hopefully this quick reference is helpful and please make sure you take backups before working on any DB

vCloud Availability for Cloud-to-Cloud DR aka vCAV Install and Config part 2

Building off of Part 1(what is vCAV, the architecture and how to deploy it), I’ll detail the configuration process of the Manager and Replication appliances.

Now that you’ve deployed vApp Replication Manager(s)/Replication Manager(s) and Replicators, it is time to configure them! I’ll start off with configuring a replicator appliance in a similar fashion as the documentation for vCloud availability for Cloud-to-Cloud DR.

How does one configure a vCloud availability for Cloud-to-Cloud DR Replicator appliance?

First, login to the deployed replicator by going to the IP address or FQDN set during deploy with :8043/ui/admin at the end.

My example is: https://replicator.vcavlab.com:8043/ui/admin

*Make sure you specify https otherwise your connection will fail*

Login with the set password during deployment of the OVA. Once logged in, a prompt will appear to change the password.

Create a secured password with a minimum of eight characters and at least one of each of the following criteria:

• Lowercase: a b c

• Uppercase: A B C

• Numeric: 1 2 3

• Special: & # %

Update the password, click apply and the main page loads where you can move on to the next configuration item!

Next up, click on “Register in Lookup Service”. Enter a valid lookup service address and click Apply. Enter the lookup service address in the following format https://Lookup-Service-IP-address: 443/lookupservice/sdk.

My example https://vCenter-PSC.vcavlab.com:443/lookupservice/sdk

After clicking apply for the Lookup Service Details, a prompt will show to accept a certificate. If the details look correct, click accept.

The System Monitoring page follows, which will show the details and health of the current deployment. Quick and easy, that is all there is to configuring a vCAV Replicator.

How to configure a vCloud availability for Cloud-to-Cloud DR Replication Manager appliance?

Much like the above replicator appliance initial configuration, login to the web portal of the replication manager appliance you have deployed. Using the IP address or FQDN, login to the replication manager by added :8044/ui/admin to the end

My example is: https://manager.vcavlab.com:8044/ui/admin

*Make sure you specify https otherwise your connection will fail

Another new password.  The same rules apply as above:

Create a secured password with a minimum of eight characters and containing at least one of each of the following criteria:

• Lowercase: a b c

• Uppercase: A B C

• Numeric: 1 2 3

• Special: & # %

Once the password is updated, it’ll redirect to the System Monitoring page which will have a red triangle stating “Missing LookupService settings.” Click on “Configuration” on the left hand side.

On the Configuration page, there should be nothing listed under “Service endpoints –> Lookup service address”. Click Edit on the right which will allow the details to be entered into the Lookup service information.

To finish configuring the Lookup service, accept the certificate.

Once accepted, the Replication Manager configuration is finished. These steps can also be found here. Next up we will cover the configuration of the vApp Replication Manager.

How to configure a vCloud availability for Cloud-to-Cloud DR vApp Replication Manager appliance?

Following the same trend as above, login to the IP address or FQDN with /ui/admin on the end.

My example is: https://manager.vcavlab.com/ui/admin

*Make sure you specify https otherwise your connection will fail

Once logged in with the root account, it will redirect to the Getting Started page which has the Run initial setup wizard link. Click that to begin the configuration.

First, enter a Site name and a Description. Once entered you cannot change your Site name later! Enter something memorable or descriptive like your cloud location or something that makes it easy to identify later on and then click next.

Step 2 asks one more time to enter in the Lookup Service information like the above portals and accept that certificate to proceed.

Step 3 in this wizard asks to configure vCD or discover it automatically. The differences are listed below. Even if the vCloud Director instance is federated with a previously specified lookup service you can select to enter the details manually. Both options work in that case!

If selecting the “Enter details for the vCloud Director Service manually” option you will see the below screen where the following items need to be entered:

•  vCloud Director URL *Make sure you add it with https in the front and :443/api on the end
• vCloud Director Username – make sure the @system portion of the username is the organization the user is part of in vCloud Director. If the user is a system administration user @system
• vCloud Director Password – the password of the user account above

Step 4 is Licensing. Enter license key here and click next.

Step 5 asks if you would like to join the VMware Customer Experience Improvement Program. Please join if you can, the feedback is valuable to VMware.

Step 6 is the moment of truth where you have a chance to verify all of the information just entered in. After validating the details, simply click finish.

It then redirects to the portal login page where you can login with a username from vCD.

My example vcavlabuser@system

These steps can also be found in the official documentation here.

The configuration of the appliances has been completed! However, there are a couple more steps needed before we can start replicating content between sites.

How to add a configured Replicator to a configured Replication Manager in the same site?

Login to the Replication Manager management portal by using the IP address or FQDN configured upon deploy adding :8044/ui/admin to the end.

My example is: https://manager.vcavlab.com:8044/ui/admin

Login with the configured root account to get to the System Monitoring page. Click on Replicators. Click new to add replicator(s).

Enter in the following information for each added replicator.

*If you entered in the API URL as a FQDN the Replication management interface will show only the IP after you add the replicator. 

Accept the presented certificate and the replicator will be added!

Next we will pair cloud sites. Pairing cloud sites creates a trust between instances which allows protection, scheduling, fail over and/or migration workloads between sites.

How to pair clouds sites in a vCloud availability for Cloud-to-Cloud DR vApp Replication Manager appliance?

Login to the IP address or FQDN of the Replication Manager by either the default URL or by adding /ui/admin to the end

My example is: https://manager.vcavlab.com/ui/admin (Login as root)

or

My example is: https://manager.vcavlab.com (Login with a user account from vCloud Director)

Click Sites on the left hand side and then New Cloud Site:

After clicking on New Cloud Site, answer the following:

• Name the site
• Enter in the URL of the remote site Replication Manager *Be sure to use https and :8046
• Description, often overlooked but very useful for others that may use the environment
• Remote appliance credentials
  • Username/password not required but you cannot use the new site until these are entered. This will be the root user and password you changed upon login of that site

Click pair and accept the certificate that pops up. Repeat these steps for each additional site.

[/End post]

In Part 3 I will detail the steps to configure policies, protect VMs/vApps, do a migration and cleanup migrated VMs/vApps that no longer need to be protected.