VMware – Tech Poli

Como atualizar/instalar certificado SSL VMWare Cloud Directory

5 de setembro de 2021 Nenhum comentário

Olá amigos, abaixo veremos como executar a troca do certificado SSL no vCloud Directory, lembrando que o mesmo procedimento serve também para instalação:

Observação: O Tipo de certificado usado no VMWare Cloud foi JKS (Java Key Store).

Link da Documentação:

Deploy the VMware Cloud Director Appliance with Signed Wildcard Certificates for HTTPS and Console Proxy Communication

Pré-requisitos:

Primeiro passo é gerar certificado SSL tipo PFX/PKCS#12 . Uma dica é usar o site: SSL Converter
Informando o Certificate + Private Key + Intermediate + RootCA juntamente com a senha do certificado.

Copiar o arquivo PFX do novo certificado para qualquer servidor com Keytool (Necessário JDK) e iniciar o procedimento de criar o certificado JKS:

Documentação usada no procedimento abaixo: Build a JKS

Lembrando que o VMWare Cloud tem dois serviços na qual o JKS precisa ser gerado:
Alias 1=http
Alias 2=consoleproxy

Gerando o certificado JKS:

Conforme o comando abaixo, estamos utilizando o PFX gerado no procedimento acima para gerar o JKS referente ao HTTPS service:

keytool -importkeystore -srckeystore certificado.com.br.pfx -srcstoretype pkcs12 -srcalias 1 -destkeystore certificado.com.br.ks -deststoretype jks -
deststorepass 3gSA2 -destalias http

Muito semelhante ao comando acima a alteração realizada está no nome do serviço, na qual incluímos no JKS criado o ConsoleProxy service:

keytool -importkeystore -srckeystore certificado.com.br.pfx -srcstoretype pkcs12 -srcalias 1 -destkeystore certificado.com.br.ks -deststoretype jks -deststorepass 3gSA2 -destalias consoleproxy

Procedimento:

Pronto, assim você gerou em um unico arquivo os dois Alias necessarios para o Vmware Cloud.

1 – Copiar o JKS para: /opt/vmware/vcloud-director/data/transfer/certificado/
2 – Mudar o author do arquivo para usuário vcloud: chown vcloud.vcloud certificado.com.br.ks
3 – Rodar o comando de import passando o novo certificado KS juntamente com a senha do certificado:
- cd /opt/vmware/vcloud-director/bin
- ./cell-management-tool certificates -j -p -k /opt/vmware/vcloud-director/data/transfer/certificado/certificado.com.br.ks -w 3gSA2
6 – Reiniciar o serviço do VMWare Cloud: systemctl restart vmware-vcd

Observação, realizar este procedimento em todas as instancias VCD.

Validação:

Dicas para validação após este procedimento:

Reiniciar servidores do VMWare Cloud.
Validar saúde do cluster em: “Embedded Database Availability”
Testar o certificado SSL para cada instancia:
curl -k -v https://instance1/api/versions
curl -k -v https://instance2/api/versions
curl -k -v https://instance3/api/versions
curl -k -v https://instance4/api/versions

Validar erros da Instancia:

cat /opt/vmware/vcloud-director/logs/cell-runtime.log | grep ERROR
tail -f /opt/vmware/vcloud-director/logs/cell-runtime.log

É isso ai pessoal, qualquer duvida fico a disposição.

Hypervisor, Vmware

How to Install and Configure VMware vSphere Hypervisor 6.0 (ESXi 6.0)

25 de maio de 2017 Nenhum comentário

1. Register with VMware.com and Download VMware vSphere Hypervisor 6.0

Open the following link in your web browser https://my.vmware.com/web/vmware/evalcenter?p=free-esxi6

Click the License and Download Tab

VMware60-DownloadCenter1

Click Create an Account, to Create an Account and Login to the VMware Download Center. VMware will email you an Activation link which needs to be opened to create the account.

The following page will be displayed when you have successfully logged into the VMware Download Center.

VMware60-DownloadCenter2

Pay special attention to the FREE License information which is displayed, and record this License Number, this will be required in a later article.

Click the download link for VMware vSphere Hypervisor 6.0 – Binaries ESXi ISO Image to download the software required to install ESXi 6.0 and also download the VMware vSphere Client 6.0. The VMware vSphere Client 6.0 software is the client software that allows us to connect and manage the ESXi 6.0 server, this will be required in a later article.

Either use the Download Manager or Manually Download button (which uses your web browser). The CD ISO is only 301MB so should not take too long to download. We have a very slow internet connection, at approx 350 kB/sec, and it takes us approximately 10 minutes to download.

2. Installing VMware vSphere Hypervisor 6.0 (ESXi 6.0)

Write (Burn) the VMware-VMvisor-Installer-6.0.0-2159203.x86_64.iso downloaded in Step 1, to a blank CDROM, using your favourite CD writing software. We use ISO Recorder (http://alexfeinman.com/isorecorder.htm). If you are using remote server utilities, e.g. HP iLo or Dell iDRAC,. you can attach the virtual CDROM drive in the server to the VMware-VMvisor-Installer-6.0.0-2159203.x86_64.iso ISO, so there is no requirement to write a CDROM.

This is a step which is often missed, ensure the BIOS BOOT order is set to BOOT from the CDROM Device or ATAPI device in the server, otherwise the computer will not BOOT from the CDROM.

Power on the Computer, the computer will BOOT from the CDROM, and the following BOOT screen will be displayed

ESXi6.0-CDROM-BOOT

The default option is to BOOT ESXi-6.0.0-2159203-standard Installer after 10 seconds, hit any key will pause the BOOT process.

ESXi6.0-CDROM-BOOT1

At the Welcome to the VMware ESXi 6.0.0 Installation screen Hit Enter to Continue the installation.

Press F11 (Function Key 11) to Accept the VMware End User License Agreement (EULA)

2015-01-03-13-39-16-Greenshot

The ESXi installer will scan the computer storage controller for available devices to install ESXi.

ESXi can be installed on a USB flash drive, SD card attached to the computer, local SATA, local RAID Array, or Fibre Channel or iSCSI LUN. All these are supported options. As the footprint for ESXi is very small only 1GB is required for the ESXi OS installation.

We have written an EE Article here on How to Backup an ESXi installation on an USB Flash Drive or SD card, for security or redundancy. After you have completed the ESXi 5.1 installation, shutdown the server, remove the USB flash drive or SD card, and duplicate it using our EE Article.

When prompted select a disk to install ESXi on, in the following example, we have two disks connected to this computer, a single 1GB disk, and a 120GB disk. We are going to use the small disk for the OS. (this simulates the USB flash drive!). The larger 120GB disk will be used later for the storage of virtual machines.

When prompted, select the keyboard layout and hit Enter to continue. The default keyboard layout is US Default.

When prompted enter a root password, confirm the password and hit Enter to continue

The following will be displayed

When prompted Confirm the Installation on the selected disk and press F11 (Install)
– Function Key 11
All data will be erase, as the disk will be repartitioned.

The Progress Bar will confirm installation progress.

The installation only takes approximately 5-10 minutes, depending upon speed of storage. When the installation has completed the following screen will be displayed.

Remove the CDROM installation disk before rebooting. Hit Enter to Reboot. After hitting Enter the follow screen will be displayed and the computer will reboot.

ESXi 6.0 will operate in evaluation mode for 60 days. This is the same mode as a FULLY LICENSED ESXi 6.0 server. If you wish to evaluate all the bells and whistles that ESXi 6.0 has to offer, do not register your FREE license. for 60 days, this will allow you to evaluate ESXi 6.0 server fully. On day 59/60, Apply your FREE license to continue using the product, or you will not be able to power on any virtual machines.

3. Configuring VMware vSphere Hypervisor 6.0 (ESXi 6.0)
The following screen is displayed when VMware ESXi 6.0 first boots

The server is fully booted when it displays the following screen

The default server configuration is to use DHCP, if you do not have a DHCP server issuing IP Addresses on your network you will need to assign an IP Address. We recommend you use a static IP Address for your ESXi Host Server.

Press F2 to Customize System, you will be prompted to enter the root username and password.

Select Configure Management Network to change Network Parameters.
Select IPv4 Configuration

Set the Static IPv4 address and network configuration, Subnet Mask and Default Gateway, it’s important to set the correct Default Gateway, as this will be used later. Hit Enter to confirm and save the configuration.

Select DNS Configuration, enter the correct DNS information for your network, and enter a hostname for your server. Hit Enter to save the configuration.

Select Custom DNS Suffixes
Enter your DNS suffix (the domain name for your network). Make sure you have created a DNS A Record in your DNS, so that this server can be resolved correctly through forward and reverse lookups.

Hit Enter to save your configuration.

Press Escape, the following screen will appear, select Y(es) to apply changes.

Press Escape to Logout and return to the console screen.

You will notice on the console screen, the server now has a hostname configured, and correct static IP Address.

Congratulations you have successfully installed and configured VMware vSphere Hypervisor 6.0.

In the next article in the series, we will connect and continue to configure the VMware vSphere Hypervisor 6.0.

Hypervisor, Vmware

Installing VMware vSphere 6.0 and accessing with VMware vSphere Client. Full video.

1 de maio de 2016 Nenhum comentário

Hello friends. I created a video installation and access to Vmware Vspher.

Any questions or suggestions send a message.

Any questions I created hum Installation tutorial: How to Install and Configure VMware vSphere Hypervisor 6.0 (ESXi 6.0)

Thank you

CentOS 7, Linux

How to install MailServer Zimbra on Centos 7

29 de fevereiro de 2016 Nenhum comentário

Disabled SELINUX

# vim /etc/sysconfig/selinux

Change enforcing to disabled :

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Stop any MTA services installed in the server

# systemctl stop postfix
# systemctl disable postfix
# systemctl stop sendmail
# systemctl disable sendmail

Update the OS

# yum update -y

Install the required packages and libraries by issuing the following command :

#yum install perl perl-core ntpl nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite -y

Extract the downloaded tar file :

Using the following command you can extract the tar file, We downloaded in previous step

wget https://files.zimbra.com/downloads/8.6.0_GA/zcs-8.6.0_GA_1153.RHEL7_64.20141215151110.tgz
tar xzf zcs-8.6.0_GA_1153.RHEL7_64.20141215151110.tgz

Go to extracted ZCS Open Source Edition :

cd zcs-8.6.0_GA_1153.RHEL7_64.20141215151110

Instal Zimbra.

./install.sh

Hypervisor, Vmware

How to set a static MAC address on VMware ESXi virtual machine

23 de janeiro de 2016 5 Comentários

Question: I want to assign a static MAC address to a virtual machine (VM) on VMware ESXi. However, when I attempt to start a VM with a static MAC address, the VM fails to start and throws an error “The MAC Address entered is not in the valid range. Valid values are between “xx:xx:xx:xx:xx:xx” and “xx:xx:xx:xx:xx”.

When you create a VM on VMware ESXi, each network interface of the VM is assigned a dynamically generated MAC address. If you want to change this default behavior and assign a static MAC address to your VM, here is how to do it.

As you can see above, VMware’s vSphere GUI client already has a menu for setting a static MAC address for a VM. However, this GUI-based method only allows you to choose a static MAC address from 00:50:56:xx:xx:xx, which is VMware-reserved MAC address range. If you attempt to set any arbitrary MAC address outside this MAC range, you will fail to launch the VM, and get the following error.

Fortunately, there is a workaround to this limitation. The solution is, instead of using vSphere GUI client, editing .vmx file of your VM directly, after logging in to the ESXi host.

First, turn off the VM to which you want to assign a static MAC address.

Enable SSH access to your ESXi host if you haven’t done it already. Then log in to the ESXi host via SSH.

Move to the directory where your VM’s .vmx file is located:

# cd vmfs/volumes/datastore1/[name-of-vm]

Open .vmx file with a text editor, and add the following fields. Replace the MAC address field with your own.

#ethernet0.addressType = "static"
#ethernet0.checkMACAddress = "false"
#ethernet0.address = "00:0c:29:1f:4b:ac"

Now you should be able to launch a VM with the static MAC address you defined in .vmx file.