Step By Step, Install VMware Horizon 8

Hi, today in this post, I decided to explain how we can install VMware Horizon 8 in high availability mode.

You can find more detailed information about What’s New in this link.

You can find more detailed information about Horizon Administration in this link.

What is my plan:

We have in

Part 1

How to install the Connection server?

Part 2

How to add a license for the Connection Server?

How to add a vCenter Server Instance?

Part 3

How to install the Horizon Replica server?

Part 4

How to install and configure the Events Database?

Part 5

1- Create the Domain Admin User
2- Create OUs for Instant-Clone Desktops and RDSH Servers and Delegate Control
3- Add an instance – Clone Domain Administrator
4- Add Domain Bind

Part 6

How to create a Single – User Desktop Pool?

Part 7

How to Create RDSH – Published Desktop and Applications?

Part 8

How we can provision Users and Access Desktops and Apps?

Part 9

How to publish panel connection servers to the Internet through UAG?

Finish 🙂

How to join ESXi to the domain and set Active Directory groups to log in to ESXi via PowerShell.

Hi, Today I want to set the ESXi host to join to the domain and I adjust Active Directory groups to log in to ESXi with domain’s account, through PowerShell.

1- Run PowerShell as Administrator

2- Install VMware powercli

Install-Module VMware.PowerCLI

3- Connect to vCenter

Connect-VIServer -Server "your Server FQDN or IP address" -user "your username"

4- Enter your vCenter username and password

5- Create a variable

$ESXiHost = Get-VMHost

6- Join to Domain

$ESXiHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain 
"DomainName" -user "Username" -password "password" -Confirm:$false

7- Add your Active Directory Group that member’s of that group want login to ESXi Host.

$ESXiHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value "Group Name"

For Example:

Connect-VIServer -Server vcenter.khoshraftar.com -User administrator@vsphere.local

$ESXiHost = Get-VMHost

$ESXiHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain khoshraftar.com -user khoshraftar -password *******  -Confirm:$false

$ESXiHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value  VirtualizationTeam  

Now, I have a username that is a member of VirtualizationTeam, I can login with it to ESXi UI.

Finish 🙂

How to reset iLO 5 password from ESXi 7 shell

Hi, Today I need to reset forgotten ilo password, and I can’t reset my ESXi host.

If you install ESXi from HPE customized ESXi image, you can use hponcfg application, that exists on ESXi.

First SSH to your ESXi, Then go to this address:

cd /opt/tools
or
cd /opt/hp/tools

Then we need to create an XML file. I used vi tools.

vi resetpassword.xml

You must copy and paste this below information and save and exit.

<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="Administrator" PASSWORD="yourpassword">
<USER_INFO MODE="write">
<MOD_USER USER_LOGIN="Administrator">
<PASSWORD value="yourpassword"/>
</MOD_USER>
</USER_INFO>
</LOGIN>
</RIBCL>

Then run this command:

./hponcfg -f ./resetpassword.xml

You see a successful message.

Finish 🙂

ESXi 7.0 u3 Not Registering Name With DHCP Server

Hi, Today I set ESXi 7.0 update 3 servers to get an IP address from DHCP server, the host got an IP address, but it didn’t register name with DHCP.

 What is the solution? 

You must open this file in a text editor.

/etc/dhclient-vmk0.conf

Add this line:

send host-name "yourservername";

For Example:

 send host-name "Host-24";

Exit and save the file and reboot the host.

Note: The ; at the end of line is very important, Don’t forget that.

Finish 🙂

How to enable SNMP v3 manually on ESXi 7.0

Hi, I want to enable SNMP v3 manually on my ESXi 7.0.

In ESXi 5.1 and later releases, the SNMP agent adds support for version 3 of the SNMP protocol, offering increased security and improved functionality, including the ability to send informs.

As an alternative to configuring SNMP manually using esxcli commands, you can use host profiles to configure SNMP for an ESXi host. 

By default, the embedded SNMP agent listens on UDP port 161 for polling requests from management systems. You can use the esxcli system snmp set command with the –port option to configure an alternative port. To avoid conflicting with other services, use a UDP port that is not defined in /etc/services.

Procedure

1- (Optional) If you want to change the default port, you could use this command:

esxcli system snmp set --port port

2- Every SNMP v3 agent has an engine ID which serves as a unique identifier for the agent. The engine ID is used with a hashing function to generate keys for authentication and encryption of SNMP v3 messages.
If you do not specify an engine ID, when you enable the SNMP agent, an engine ID is automatically generated.

esxcli system snmp set --engineid id

Here, id is the engine ID and it must be a hexadecimal string between 5 and 32 characters long.

esxcli system snmp set --engineid 80001ADC05876457531638093177

3- SNMPv3 optionally supports authentication and privacy protocols.

Authentication is used to ensure the identity of users. Privacy allows for encryption of SNMP v3 messages to ensure confidentiality of data. These protocols provide a higher level of security than is available in SNMPv1 and SNMPv2c, which use community strings for security.

Both authentication and privacy are optional. However, you must enable authentication to enable privacy.

esxcli system snmp set --authentication protocol

Here, protocol must be either none (for no authentication), SHA1, or MD5.

esxcli system snmp set --privacy protocol

Here, protocol must be either none (for no privacy) or AES128.

esxcli system snmp set -a SHA1 -x AES128

4- You can configure up to 5 users who can access SNMP v3 information. User names must be no more than 32 characters long.

While configuring a user, you generate authentication and privacy hash values based on the user’s authentication and privacy passwords and the SNMP agent’s engine ID. If you change the engine ID, the authentication protocol, or the privacy protocol after configuring users, the users are no longer valid and must be reconfigured.

esxcli system snmp hash --auth-hash secret1 --priv-hash secret2

The produced output might be the following:

Authhash: 08248c6eb8b333e75a29ca0af06b224faa7d22d6

Privhash: 232ba5cbe8c55b8f979455d3c9ca8b48812adb97

esxcli system snmp hash -r -A password1 -X password2


Authhash: 08248c6eb8b333e75a29ca0af06b224faa7d22d6
Privhash: 232ba5cbe8c55b8f979455d3c9ca8b48812adb97 

5- Configure the user

esxcli system snmp set --user userid/authhash/privhash/security
esxcli system snmp set --users user1/08248c6eb8b333e75a29ca0af06b224faa7d22d6/232ba5cbe8c55b8f979455d3c9ca8b48812adb97/priv
ParameterDescription
useridThe user name.
authhashThe authentication hash value.
privhashThe privacy hash value.
securityThe level of security enabled for that user, which can be auth (for authentication only), priv (for authentication and privacy), or none (for no authentication or privacy).

6- (Optional) If the ESXi SNMP agent is not enabled, run the following command:

esxcli system snmp set --enable true

7- (Optional) Send a test notification to verify that the agent is configured correctly.

esxcli system snmp test
Finish :-)

Reference:

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.monitoring.doc/GUID-2E4B0F2A-11D8-4649-AC6C-99F89CE93026.html

ESXi 7 System Storage Changes

Overview

We’ve reviewed and changed the lay-out for ESXi system storage partitions on its boot device. This is done to be more flexible, and to support other VMware, and 3rd party solutions. Prior to vSphere 7, the ESXi system storage lay-out had several limitations. The partition sizes were fixed and the partition numbers were static, limiting partition management. This effectively restricts the support for large modules, debugging functionality and possible third-party components.

That is why we changed the ESXi system storage partition layout. We have increased the boot bank sizes, and consolidated the system partitions and made them expandable. This article details these changes introduced with vSphere 7 and how that reflects on the boot media requirements to run vSphere 7.

The partition sizes in vSphere 6.x are fixed, with an exception for the scratch partition and the optional VMFS datastore. These are created depending on the used boot media and its capacity.

Consolidated Partition Layout in vSphere 7

To overcome the challenges presented by using this configuration, the boot partitions in vSphere 7 are consolidated.

The ESXi 7 System Storage lay-out only consists of four partitions.

  • System boot
    • Stores boot loader and EFI modules.
    • Type: FAT16
  • Boot-banks (x2)
    • System space to store ESXi boot modules
    • Type: FAT16
  • ESX-OSData
    • Acts as the unified location to store extra (nonboot) modules, system configuration and state, and system virtual machines
    • Type: VMFS-L
    • Should be created on high-endurance storage devices

The OSData partition is divided into two high-level categories of data called ROM-data and RAM-data. Frequently written data, for example, logs, VMFS global traces, vSAN EPD and traces, and live databases are referred to as RAM-data. ROM-data is data written infrequently, for example, VMtools ISOs, configurations, and core dumps.

ESXi 7 System Storage Sizes

Depending the boot media used and if its a fresh installation or upgrade, the capacity used for each partition varies. The only constant here is the system boot partition. If the boot media is larger than 128GB, a VMFS datastore is created automatically to use for storing virtual machine data.

For storage media such as USB or SD devices, the ESX-OSData partition is created on a high-endurance storage device such as an HDD or SSD. When a secondary high-endurance storage device is not available, VMFS-L Locker partition is created on USB or SD devices, but this partition is used only to store ROM-data. RAM-data is stored on a RAM disk.

ESXi 7 System Storage Contents

The sub-systems that require access to the ESXi partitions, access these partitions using the symbolic links. For example: /bootbank and /altbootbank symbolic links are used for accessing the active bootbank and alternative bootbank. The /var/core symbolic link is used to access the core-dumps.

Review the System Storage Lay-out

When examining the partition details in the vSphere Client, you’ll notice the partition lay-out as described in the previous chapters. Use this information to review your boot media capacity and the automatic sizing as configured by the ESXi installer.

A similar view can be found in the CLI of an ESXi host. You’ll notice the partitions being labeled as BOOTBANK1/2 and OSDATA.

You might notice the OSDATA partition being formatted as the Virtual Flash File System (VFFS). When the OSDATA partition is placed on a SDD or NVMe device, VMFS-L is labeled as VFSS.

Boot Media

vSphere supports a wide variety of boot media with a strong recommendation to use high-endurance storage media devices like HDD, SSD and NVMe, or boot from a SAN LUN. To install ESXi 7, these are the recommendations for choosing boot media:

  • 32GB for other boot devices like hard disks, or flash media like SSD or NVMe devices.
  • A boot device must not be shared between ESXi hosts.

Upgrading to from ESXi 6.x to ESXi 7.0 requires a boot device that is a minimum of 4 GB. Review the full vSphere ESXi hardware requirements here. As always, the VMware Compatibility Guide is the source of truth for supported hardware devices.

Legacy SD and USB devices are supported with some limitations listed below, more information in this FAQ.

  • To chose a proper SD or USB boot device, see Knowledge Base article 82515.You must provide an additional VMFS volume of at least 32 GB to store the ESX-OSData volume and required VMFS datastore. If the boot device is larger than 138 GB, the ESXi installer creates a VMFS volume automatically. Delete the VMFS datastore on USB and SD devices immediately after installation to prevent data corruption. For more information how to configure a persistent scratch partition, see Knowledge Base article 1033696.
  • If the VMware Tools partition is stored locally, you must redirect it to the RAM disk. For more information, see Knowledge Base article 83376.
  • You must use an SD flash device that is approved by the server vendor for the particular server model on which you want to install ESXi on an SD flash storage device.

Main Resource

https://core.vmware.com/resource/esxi-system-storage-changes

How Enable SSH on ESXi SSH

Hi, Today i decided enable SSH on my ESXi.

I have 2 options for achive this goal:

1- Through Access to ESXi UI (vSphere Web Client)

2- Through Access to ESXi DCUI (Direct Console User Interface)

Let’s see how i can configure it:

1- Through Access to ESXi UI (vSphere Web Client)

Login to your ESXi web address, Enter your username and password.

Then Choose Manage From Navigator, And select Services tab

Find and select TSM service’s and press Start button.

2- Through Access to ESXi DCUI (Direct Console User Interface)

Procedure

  • From the Direct Console User Interface, press F2 to access the System Customization menu.
  • Select Troubleshooting Options and press Enter.
  • From the Troubleshooting Mode Options menu, select a service to enable.
  • Enable SSH
  • Press Enter to enable the service.
  • Press Esc until you return to the main menu of the Direct Console User Interface.

End 🙂

TShoot

Today I updated my ESXi environemt, after that when i want migrate my VM’s from host”X” to host”Y”, I got this error:

“No guest OS heartbeats are being received error even when the VMware Tools service is correctly installed and is running on the guest VM”.

VMware knowledge base tells :

1- Ensure that the VMware Tools are installed in the virtual machine before performing a migration
2- Ensure that the virtual machine has been running long enough for the operating system to be completely started before performing a migration
3- If VMware Tools are already installed, reinstall the VMware Tools to ensure that you are on the latest version and that there is no corruption in the configuration.
4- However if VMware Tools is up and running when checking the vCenter and the VM, that’s all very well.
5- If you restart your vCenter server it can also trigger this behaviour!

There are two ways to fix this:

1- In your vSphere Client which is connected to your vCenter server, just open a Console window to the VM and then immediately close it again. You don’t even need to login to the VM!
2- Another way to correct this is to STOP and then RESTART the VMware Tools Service process on the VM.