AskAresh

There is no single place to find a consolidated list of Load balancer health check monitors (aka Service Monitors in NSX) for the VMware EUC products:

• Horizon
• Unified Access Gateway
• VMware Identity Manager
• App Volumes

I have been using VMware NSX load balancer across the board. The below details will provide an overview of what to enter for the health monitors. Note – If you are using something more meaningful  for your environment leave feedback in the comments section. I will try to implement the same and update the blog later.

VMware Unified Access Gateway (UAG)

Create a new Service Monitor under NSX and call is UAG_https_monitor. Refer to the screenshot for more details.

VMware Identity Manager (VIDM)

Create a new Service Monitor under NSX and call is VIDM_https_monitor. Refer to the screenshot for more details.

Horizon Connection Servers

Create a new Service Monitor under NSX and call is Horizon_https_monitor. Refer to the screenshot for more details.

VMware App Volumes

Create a new Service Monitor under NSX and call is AV_https_monitor. Refer to the screenshot for more details.

I hope you will find these monitors useful in monitoring the VMware EUC products.

Thanks,
Aresh Sarkari

On 9^th Aug 2018, I took the most difficult decisions of my life to leave my country India and one of the best companies in information technology VMware after working for 4.5 years. Our search for a better standard of living in a developed country and secured future for my kids ended up in Australia. We did evaluate Canada & Germany as well, but looking at all the factors, Australia was the place which we locked down to migrate and settle.

Back in early June, I started looking for an internal transfer within VMware. However, after talking to multiple bosses and divisions, nothing was materializing for an internal move. I had to make a hard choice to leave VMware and move ahead with my decision of moving countries. I began my job hunt during my notice period within VMware and 15 days later I came across a wonderful opportunity in Dell EMC @ Sydney, Australia. I am pleased that I got an opportunity in the parent and consortium of companies

Although I am going to miss working with a lot of colleagues @ VMware. But I am looking forward to working with new colleagues, projects and challenges in Dell EMC. It would be fun learning new things and solving problems from the real world and get an outside perspective. Will keep in touch on Twitter and LinkedIn

Thanks,
Aresh Sarkari

We were having frequent hardware issues on our Dell PowerEdge R630 hyper converged servers and the Dell Support recommended in upgrading the Avago (LSI) Dell PERC H730 Mini Controller Driver and Firmware to the latest version.

Note: The procedure of upgrade is applicable and tested on vSphere 6.5 U1 or vSAN 6.6 environments

We were running the support Driver/Firmware as all vSAN Health checks were green. However, there was a latest build available which included few additional fixes. Let me show you how easy it was to update the Storage Controller Drivers and Firmware using the VMware Update Manager and vSAN Configuration Assistant Upgrade Tool.

The Sequence that we need to execute is as follows:

• Upgrade the Driver – LSI_mr3 VIB driver using the VMware Update Manager
• After doing the above step you will start seeing the Controller Firmware and Avago Management Tool listed in the vSAN Configuration Assistant Update Tool

Step 1 – Sync Cluster to Perform Online Test

Add the my.vmware.com account in the vCenter to enable checking/sync with the online engine

• Enter the Username and Password

Step 2 – Update Storage Controller Driver

The VMware Update Manager (VUM) will perform the Controller Driver Update in rolling reboot fashion one ESXi Host at a time

• Select the Cluster and Choose the lsi_mr3: Avago Native MegaRAID SAS driver

• Click on the Remediate Button
• Select VSAN Cluster under Baseline Groups and the VIB Driver LSI under Baselines
• Click Next

• Select all the Host in the Cluster (E.g. If you want to perform a quick test you can select one-host). In our case we selected all the 21 hosts

• Select the Package

• Click on Ignore warning

• Select Do Not Change Power State and leave the timings to defaults

• Select the three options as below
• Disable DPM
• Disable HA admission control
• Migrate Powered-off VM

• Click Finish
• Click on Pre-check Remediation and see the current configuration
• The upgrade will start in a rolling reboot (1-by-1)

• Make sure to verify the versions of the driver is showing updated/passed in the VSAN health tests

Step 3 – Storage Controller Firmware

Once the Driver is installed the Controller Management Tools and Firmware for Avago get listed together in the vSAN Configuration Assistant Update tool.

Both the components get installed onto the ESXi host together:

• Click on Download and that will turn the status in Ready to install
• Click on the Update All  and select the second option Rolling reboot (one host at a time)
• Install the Firmware on all the ESXi Host within the cluster.

• Make sure to verify the versions of the firmware is showing updated/passed in the VSAN health tests

Check the Up-time of the ESXi host (Check every 2 hours and update the tracker)

This step will enable you to track the progress of the cluster as on how many host are done. In our scenario for the Driver (8 hr) and Controller (8 hr) combined together for a 21 host cluster it took close to 16 hours. Off course this number will vary depending upon the cluster usage.

• Connect to the vCenter Linked mode

• Check the Uptime of ESXi Host

I hope you will find these steps useful in upgrading the VSAN Controller/Driver firmware easily using the Update Manager + Configuration Assist Update Tool. Let me know, if you have additional questions in the comments section.

Thanks,
Aresh Sarkari

I had been intrigued by the Samsung DeX mode post its launch but didn’t have the courage to buy the 125$ (Rs. 10,000/- INR) Samsung DeX Station. I was on a look-out for an alternate Hub which could do the DeX mode on my Galaxy S8+ for a lot less. After searching @ AliExpress I finally managed to find a hub called EASYA Thunderbolt 3 USB C to HDMI Adapter DeX Mode for Samsung Galaxy S8/S9 which had some good positive reviews and for 33$

The moment of truth was to plug-in the Galaxy S8+ and try the DeX mode. Attempt-1: Managed to plug the phone to the hub and HDMI monitor as the output. Next thing I noticed was the screen mirror got enabled and DeX Mode pop-up wouldn’t come or get detected.

Attempt-2: Additional to the above I plugged in the Power in the USB-C 3.1 PD Port and magically the pop-up appeared on the phone “Start DeX Mode”

If you don’t have the wireless mouse plugged in the entire Galaxy S8+ screen acts like a mouse trackpad which can come-in handy.

Productivity with VMware Horizon:

The Horizon Client available on the Android Store has integration with DeX mode that enables you to use the Virtual Desktop in Full screen mode. I launch my Windows 10 Desktop and use it for an entire day. I was easily able to work on the following applications without any issues

If you are using multiple vRealize Operations Manager (vROPS) – Management Packs like Horizon, VSAN, NSX and vCenter and want to monitor their availability of the adapter/POD in terms of whether they are “Collecting Data” and get notified via email when the collection of data stops due to unknown reasons. Then go ahead and read further.

If you don’t setup the monitoring one doesn’t get notified until someone logins to the vROPS Manager and see the adapter status physically.

Adapter Status:

Collection State/Status:

To achieve the above its a 3 steps process. You will have to create the following:

• Custom Symptom Definition
• Custom Alert Definition
• Custom Notification

Symptom Definitions

We will create four custom Symptom Definition (SD) for Horizon Adapter, Horizon POD as it collects data, vCenter instances and VSAN Adapter. Following are the SD combined:

• Horizon Adapter Instance
• Open the vROPS Manager and navigate to Alerts – Symptom Definitions
• Click on the +
• Under the Base Object Type Select – View Adapter Instance
• Under Metrics Select vRealize Operations Generated – Availability
• Enter a Symptom Definition Name – SD_Horizon_Adapter_Avail
• is – Critical
• metric – is less than
• Numeric Value – 1
• Under Advance
• Wait Cycle – 3
• Cancel Cycle – 3
• Recommended – The wait/cancel cycle of 3 means that in case of any failure user will be notified after 15 minutes (3 cycles x default 5 minutes data collection interval)

• vCenter Adapter – vCenter

• Open the vROPS Manager and navigate to Alerts – Symptom Definitions
• Click on the +
• Under the Base Object Type Select – vCenter Server
• Under Metrics Select vRealize Operations Generated – Availability
• Enter a Symptom Definition Name – SD_vCenter_Adapter_Avail
• is – Critical
• metric – is less than
• Numeric Value – 1
• Under Advance
• Wait Cycle – 3
• Cancel Cycle – 3
• Recommended – The wait/cancel cycle of 3 means that in case of any failure user will be notified after 15 minutes (3 cycles x default 5 minutes data collection interval)

• View POD

• Open the vROPS Manager and navigate to Alerts – Symptom Definitions
• Click on the +
• Under the Base Object Type Select – View POD
• Under Metrics Select vRealize Operations Generated – Availability
• Enter a Symptom Definition Name – SD_View_POD_Avail
• is – Critical
• metric – is less than
• Numeric Value – 1
• Under Advance
• Wait Cycle – 3
• Cancel Cycle – 3
• Recommended – The wait/cancel cycle of 3 means that in case of any failure user will be notified after 15 minutes (3 cycles x default 5 minutes data collection interval)

We will create four custom Alert Definition (AD) for Horizon Adapter, Horizon POD as it collects data, vCenter instances and VSAN Adapter. Following are the AD combined:

• Horizon Adapter Instance
• Open the vROPS Manager and navigate to Alerts – Alert Definitions
• Click on the +
• Enter a Name – AD_Horizon_Adapter
• Under the Base Object Type Select – View Adapter Instance
• Under the Alert Impact
• Impact – Health
• Criticality – Symptom Based
• Alert Type and Subtype – Virtualization/Hypervisor: Availability
• Wait Cycle – 1
• Cancel Cycle – 1
• Under Add Symptom Definitions
• Defined on – Self
• Symptom Definition Type – Metric /Property
• In the search box enter the previously created Symptom Definition – SD_Horizon_Adapter_Avail
• Under Add Recommendations – Search and Select “Check if the resources are available. If it isn’t restart it. If it is available check the network connectivity between the remote checks and the resource”

• vCenter Adapter Instance
• Open the vROPS Manager and navigate to Alerts – Alert Definitions
• Click on the +
• Enter a Name – AD_vCenter_Adapter
• Under the Base Object Type Select –  vCenter Server
• Under the Alert Impact
• Impact – Health
• Criticality – Symptom Based
• Alert Type and Subtype – Virtualization/Hypervisor: Availability
• Wait Cycle – 1
• Cancel Cycle – 1
• Under Add Symptom Definitions
• Defined on – Self
• Symptom Definition Type – Metric /Property
• In the search box enter the previously created Symptom Definition – SD_vCenter_Adapter_Avail
• Under Add Recommendations – Search and Select “Check if the resources are available. If it isn’t restart it. If it is available check the network connectivity between the remote checks and the resource”

• View POD
• Open the vROPS Manager and navigate to Alerts – Alert Definitions
• Click on the +
• Enter a Name – AD_View_PODS
• Under the Base Object Type Select –  View Pod
• Under the Alert Impact
• Impact – Health
• Criticality – Symptom Based
• Alert Type and Subtype – Virtualization/Hypervisor: Availability
• Wait Cycle – 1
• Cancel Cycle – 1
• Under Add Symptom Definitions
• Defined on – Self
• Symptom Definition Type – Metric /Property
• In the search box enter the previously created Symptom Definition – SD_View_PODS_Avail
• Under Add Recommendations – Search and Select “Check if the resources are available. If it isn’t restart it. If it is available check the network connectivity between the remote checks and the resource”

• VSAN Adapter Instance
• Open the vROPS Manager and navigate to Alerts – Alert Definitions
• Click on the +
• Enter a Name – AD_VSAN_Adapter
• Under the Base Object Type Select –  vSAN Adapter Instance
• Under the Alert Impact
• Impact – Health
• Criticality – Symptom Based
• Alert Type and Subtype – Virtualization/Hypervisor: Availability
• Wait Cycle – 1
• Cancel Cycle – 1
• Under Add Symptom Definitions
• Defined on – Self
• Symptom Definition Type – Metric /Property
• In the search box enter the previously created Symptom Definition – SD_VSAN_Adapter_Avail
• Under Add Recommendations – Search and Select “Check if the resources are available. If it isn’t restart it. If it is available check the network connectivity between the remote checks and the resource”

Notifications

We will create four Notification Rules for Horizon Adapter, Horizon POD as it collects data, vCenter instances and VSAN Adapter. Following are the Rules for Email Alerts combined:

• Rule – Horizon Adapter Instance is down
• Open the vROPS Manager and navigate to Alerts – Notification Settings
• Click on the +
• Enter a Name – _Horizon_Adapter is down
• Under Method Select – Standard Email Plugin
• Instance – SMTP (previous configured)
• Enter Recipients – Email Address
• Notification Trigger – Alert Definition
• Add the previously created _AD_Horizon_Adapter

In this post I will demonstrate the configuration that are required to deploy the VMware Enrollment Servers for High availability and redundancy. This includes two Certificate Authority CA’s and Enrollment Servers

My colleague Tarique Chowdhury has an excellent post on the TrueSSO Lab Setup. However in that deployment it talks about a single Enrollment Server and Certificate Authority Server.

This post is not a replacement of the Setting Up TrueSSO guide on VMware Pubs. However the below mentioned two sections complement during the configurations for everything else follow the setup guide/blogs:

Certificate deployment – Enrollment Agent (Computer).

Deploying the Enrollment Agent (Computer) certificate onto this server, we are authorizing this ES to act as an Enrollment Agent and generate Certificates on behalf of users.

Both the Certificate Authority Server Enrollment Agent (Computer) certificate needs to be added. They are added one-by-one. The Personal –> Certificate store should look like below on the ES:

Configure TrueSSO on the Horizon Connection Servers:

Step1: Adding both the Enrollment Server (ES) – Adding the ES to the environment, we are able to query the ES about the domain and relevant True SSO info.