vSpherer 8 Administration (Skillset Enhancement Series) Episode#5 | vCenter Server VAMI (VMware Appliance Management Interface)

 Briefing vCenter Server VAMI Interface

Appliance Interface

Appliance management interface is the way you interact with Appliance directly using GUI. So, the same is true for vCenter Server VAMI. you can obtain this Interface by specifying vCenter Server FQDN with port number "5480" using the address bar of the web browser as you can see below

Specify the same user name as you provide for authentication during logon of vCSA.

Summary Page

The very first "Landing" page come up with user logon is the "Summary" that shows basic health of the appliance either good or bad with some other necessary information like Version and build number, Domain joining info, SSO status and Service Health info as you can see below

Ribbon & Action 

On the top its a black ribbon as vsphere client got with some options available under "Action" Menu as you can see below

On the top left corner it says "vCenter Server Management" and on the top right corner it shows logged on user name and besides this there is an "Action" menu that shows options like reboot, shutdown the vCenter Server Appliance or to export logs relevant to the appliance for troubleshooting purposes or change the "root" password.

You can also change the theme of the appliance from light to dark mode.

Changing root password of the appliance will change local root account password of the appliance that you provided during the deployment of this appliance.

Network Page

Now, lets talk about Network tab, here you can modify configured network adapter card settings for the appliance as you did during deployment phase by providing IP / Subnet Mask , DNS and Gateway settings as you can see below

Monitor & Services Pages

Moreover, you can also setup proxy for vCenter server if required for VCSA to go online through proxy or to access download through FTP server not directly from the internet.

Incase, if you need to look into Health and montior resource utilization than you need to look into three important tabs/pages

1. Summary Page
2. Monitor Page
3. Services Page

Summary page already explained but in "Monitor" page you can see CPU/Mem utilization and also can see storage performance for this Appliance including Network bandwidth and database performance as well. Below is the snapshot of monitor page that you can easily observe.

Whereas in the "Services" page you can see whether the health of the service is ok and if it is set to automatic than is it running or not. If its not than you can restart the services or set its atart-up type to start with ESXi host as well.

Update Page

Briefing more, you can also setup (Schedule) or update vcenter server appliance through "Update" option as well if you have set-up NATED or proxied settings for updates. Moreover, you can also view the update history as well. But recommendation is to go through Life Cycle Manager to update the stuff.

Time Synch and Settings

You can also setup NTP server for synchronizing clocks for proper log management using "Time" options. For time source you can use Active Directory Domain Controller (PDC) or Router or Linux appliance etc. Just click "Edit" to modify the IP or settings (Time Zone etc).

Access Page

In-order to provide or enable more than just GUI interface access to vCSA, you can use "Access" page to enable or disable other interfaces like "SSH" or "Power CLI/DCUI" and can also set Bash shell timeout in minutes as well.

Syslog Forward Setting Page

You can set-up central log management as Syslog Collector and point vCenter Serve to that Syslog collector through below settings by specifying IP/FQDN of Syslog Collector server with Port number. By below given settings you can configure syslog setting for this vCSA to forward logs to Syslog collector server.

You can maximum configure upto 3 Syslog collector servers using VAMI Interface of vCenter Server Appliance.

Backup Page

You can do backup of vCSA Configurations and Logs which are sometimes collectively known as SEAT logs (Statistics, Evens, Alarms and Task Logs). This backup takes the backup of configurations in File backup structure instead of image based backup structure which is quite big in size whenever you want to restore where as File based backup can be restore even at granular level which means a single file can be restored instead of the whole image.

• You can take backup of only configuration of vCSA or can couple logs with the configuration as well.
• You can also schedule the backup on Daily, Weekly, Monthly basis or you can immidiately initiate the backup at any time.

Moreover, you can configure this backup depending on your backup location. I mean whether you want to store the backup on top of NFS, Web based or FTP based solutions so it also support.

So, people this was a breif introduction to VAMI interface of vCSA. I hope you enjoyed this article, soon I'll share a video demonstration through my youtube Channel. 

Please, do subscribe to my posts also. It will benefit you in future for the latest updates about my write-ups. I would really appreciate, if you add your valuable comments down here as well.

vSpherer 8 Administration (Skillset Enhancement Series) Episode#4

 Introduction to vCenter Server Appliance

vCenter server Appliance (vCSA) is the management tool that enhances the administration and management easy for the life cycle of 

1. ESXi hosts
2. Virtual Machines
3. Other Management Services (like NSX, vSAN, VMware Aria, vSphere 8 with Tanzu etc.)

Internal Architecture

vCenter Server Appliance was introduced back in (around) 2017 with the introduction to vSphere 6.0. when VMware Announced Photon OS (a flavored Linux owned by VMware) as container optimized OS. So this appliance is comprised of 3 Major parts, let's discuss this 

1. 
   OS (Photon OS)
2. Postgres SQL (vPostgres)
3. vCenter Server Services

It is understood that you cannot deploy vCenter server Appliance on a Bare metal (as you were able to do when vCenter server for Windows was there) but yes you can deploy it on ESXi host as a VM.  

In the beginning, vCSA was with 2 GUI interfaces 

1. vSphere Web Client 
2. vSphere Client

But with the introduction to vSphere 7 and above only vSphere Client left behind which is simpler and more independent than "Web Client" which was dependent on "Adobe Flash Plugin". 

So, Now, Let's talk about vCenter Server Appliance Application services and their capabilities. vCenter Server Appliance is now a single VM having multiple services and some config changes to its architecture as well. 

We discuss these updates and changes in more details one by one. So, let's start with 

SSO

vCenter Server Single Sign-On (SSO) is a crucial component of VMware's vSphere (vCenter Server), providing authentication services to various VMware products within the vSphere environment. Here are the primary capabilities and features of vCenter Server SSO

1. Single Authentication source for VMware products
2. Integration with LDAP Servers (AD) or Open LDAP using SAML
3. Role based access and control of vSphere environment.
4. Upto 15 vCenter Server Instances using Single SSO domain can be managed

This is the AAA that is aligned with Internal vCenter Server Directory service "vmDIR" and that's the reason we always mention not to use common name as of Active Directory domain while defining SSO domain during the installation of vCenter Server.

VMDIR is a service that acts similarly as of Microsoft Active Directory technique of multi-master replication if you use Enhanced Linked Mode or ELM for vCSA instances.

ELM configuration can only be achieved during the installation of the new instance of vCSA. At the time when you are installing the second instance of vCSA it will ask you to go with new "SSO Domain" or choose an "Existing" one. So, you need to choose an existing one as shown below

Once this replication happens in between the two instances then ELM establishes connecting to vCSA instances with one another to share inventory objects based on RBAC.

Certificate Authority (VMCA)

In-order to be more independent and use VMware own certification authority for providing certificates for VMware platform-based products, now we don't need to have or maintain 3rd party CA(s) at all. vCenter Server itself can be used a certification Authority to produce, renew certificates for VMware platform products like ESXi host, VMware Aria family, vCSA iteself etc.

Web Services

vCenter server Appliance is equipped with GUI (vSphere Client) to access its Interfaces. There are 2 different types of Interfaces offered by vCenter server Appliance 

1. vSphere Client - for datacenter Administration (Default port: 443) - can be changed using General settings of vCenter server.
2. VMware Appliance Management Interface (VAMI) - for Appliance (itself) management (Port: 5480)

We use Admin Interface by providing vCSA URL ("https://vcsa-fqdn:443/ui") and we use VAMI interface through ("https://vcsa-fqdn:5480"). both of the interfaces have got their own significance. It solely depends, what actually you want to do. 

For example, if you want to do day-2 administration of the ESXi hosts and or VMs in the datacenter then you always go with Admin interface. But, if you want to do configurational changes like changing Appliance Password, IP address etc then you need Appliance Own interface which is known as VAMI.

License Service

This service is used to hold information about installed and assigned licenses for ESXi host and other solutions like NSX, vSAN and vCenter Server itself. This service provides common license inventory and management capabilities to all vCenter Server systems within the Single Sign-On domain.

Postgres DB

A bundled version of the VMware distribution of PostgreSQL database for vSphere and vCloud Hybrid Services. It is used to hold SEAT logs and vCenter Server Configuration. SEAT stands for Statistics, Events, Alarms and Tasks logs whereas vCenter Server Configuration covers Cluster, vDS, ESXi hosts and other inventory and configurational information within it.

When you do the back of your vCSA than it asks you to backup SEAT and Config or only Config information. So at this point this is the configurational information that you backup and restore when it is needed.

Its maximum capacity as per vSphere version 8 is upto 62 TB which is quite good and big for logs to retain for longer time period.

Lifecycle Manager (vCLM)

vCenter Server Life-cycle Manager previously known as Update Manager is a service that takes care of ESXi host and VMware Tools life-cycle management to maintain compliance and software patch management not only limited to ESXi host but Hardware Drivers can also be updated or deployed through this service as well.

Administrators can not only update existing ESXi host by downloading updates directly from VMware or In-directly from VMware through manual updates using FTP (File servers) but also can build ESXi host bundled images to push these images to bare metal servers.

vCenter Server Services

This is the collection of various distributed services that vCSA has to offer like

1. DRS
2. vMotion
3. Cluster Services
4. vSphere HA
5. vCSA HA

Other services

There are some other services most of these are by default disabled but you need to enable these. These are like

Dump collector Service

The vCenter Server support tool. You can configure ESXi to save the VMkernel memory to a network server, rather than to a disk, when the system encounters a critical failure. The vSphere ESXi Dump Collector collects such memory dumps over the network.

Auto-Deploy Service

The vCenter Server support tool that can provision hundreds of physical hosts with ESXi software. You can specify the image to deploy and the hosts to provision with the image. Optionally, you can specify host profiles to apply to the hosts, and a vCenter Server location (folder or cluster) for each host.

Syslog Collector Service

A central location for all the logs collected from ESXi host and vCSA or other VMware products to be retained for longer time period. You can have a dedicated vCSA as Syslog collector server for a centralized repository for logs depending on the company compliance policies. Example over here could be banks or telcos etc.

From version 8 and above this service is enabled by default but you need to configure it and can be integrated for troubleshooting Purpose with vRealize Log Insight new name VMware Aria for Logs or for monitoring/analytics purpose with vRealize Operations new name VMware Aria Operations.

You can configure Syslog Collector using VAMI Interface and then you need to configure other apps to send the logs.

So, this was a little introduction to vCenter Server Appliance but this is not all. We shall continue and dig deeper to understand the role of vCSA in combination to ESXi host as a hypervisor. Stay tuned...

For detailed explanation with demonstration please visit my Channel as well 😊

or you can directly watch the relevant video here

vSpherer 8 Administration (Skillset Enhancement Series) Episode#3

 Hi Everyone!

This post is in the continuation of my Skill Enhancement Series Episode#3 which now explains a high-level to detailed overview of ESXi Host Client (A Graphical User Interface - GUI).

A GUI is always eye catching and easy to use but somehow it always come to end when we talk about Administration level limitations for automation or the way an administrator tend to or pose do the work. This is a separate debate if we talk about the comparison in between CLI and GUI so CLI always wins because of its nature of infinity.

Having said so, there is an other limitation that we are actually focusing on right now. This limitation is known as 1:1 interaction with ESXi host for day-2 administration. What do i mean by that, For example, if you want to manage 10 ESXi host through GUI then you need to open up 10 browsers or 10 Tabs in a browser to open up GUI for each ESXi host.

Below picture will explain easily

So there comes the need to have a single pane of glass for administration and thats how we got vCSA (vCenter Server Appliance) in picture. 

1 vCSA connects with and manages upto 2500 ESXi host using same GUI which is known as vSphere Client. In my Next post, we shall go through vSphere client capabilities and vCSA various features and capabilites.

So now, lets focus on the point we discussed above which is vSphere-Host Client that by default listens on port 443 followed by either IP or FQDN of ESXi host. 

Unlike vSphere client you need to login by providing "root" user account and password you specified during the installation of ESXi host and you will be provided with basic infterface of web baese GUI as shown below:

This interface will be provided with all basic options to create, modify, run and delete a VM but you cannot do advanced operations of virtualization like

1. vSphere HA creation and modification
2. vMotion
3. Storage vMotion
4. Distributed Resource Scheduling
5. Backing up of your environment configuration
6. Content Library 
7. vSAN
8. Cluster level operations
9. Advanced Switching capabilities (NiOC / Outbound Traffic Shaping/ PvLAN/ Port level management)

and many more that you can only have it through "vCSA based vSphere Client"

There is a brief demo we prepared for you that is available through our youtube channel "Knowledge Speaks" you can click the link down there to watch the video directly. This is actually the part of our vSphere 8 Administration (Skillset Enhancement Series) based on various "Episodes" and its an ongoing activity the adds practical demonstration for beginners and refresher for advanced users as well. So, stay tuned ! 

Conclusion!

As vSphere host client is not as useful as vCSA provided "vSphere Client". Most of its capabilities you can see mentioned above in bullets points. In our upcoming lessons and series of blogs we shall provide you the conceptual and practical details about it. What are the reasons that "Host Client" is not as good as "vSphere Client"

1. Lack of options and capabilities 
2. Each host need to be managed by its separate GUI interface

Above 2 points are sufficient and enough to explain the difference in between the 2 interfaces provided by 

ESXi host (vSphere Host Client)

vCenter Server (vSphere Client)

Stay Tuned for next write-up 😊 

Happy Learning!

vSpherer 8 Administration (Skillset Enhancement Series) Episode#2

ESXi host different Interfaces and their usecases.

In this skillup series, we are now talking about the other advanced options that you may need to know about DCUI options in an ESXi host like you can see as of below picture "Troubleshooting Mode options"

So you can either enable or disable local ESXi Shell or SSH shell with Shell timeout settings that you can configure in Minutes. Maximum minutes you can go for is "1440" and "0" means disabled settings.

Moreover, you can also setup DCUI idel timout in minutes as of the same frequency as mentioned above.

Otherthan above options you can go for Restart Management Agents which are locally available in all ESXi hosts locally. These Agents / Services are "Hostd" and "vpxa". But be very careful, if you are using SSH or remote shell or vCenter Server then ESXi host can be disconnected. 

Otherthan DCUI there are some more connectivity interfaces that you can use to access ESXi host either in the form of command line or through graphical user interface. Like 

1. ESXi Shell (Local command line shell)
2. SSH (Remote command line shell)
3. PowerCLI (using Powershell capability of vCSA)
4. vSphere Host Client (GUI offered by ESXi host individually)
5. vSphere Client (GUI offered by vCenter Server)

Below picture explains some of above interfaces and their connectivity easily.

Some of the points mentioned above have been explained in our demonstration in a video that you should watch to understand this topic quite easily.

Just click the below thumbnail or link below

Stay tuned for more in-depth topics and a steady way to equip yourself with vSphere 8 day-2 administration.

vSphere 8.0 Administration (Skillset Enhancement Series) Episode#1

 Understanding and Installing ESXi Host (vSphere Version 8.0)

What is ESXi?

VMware ESXi is a type-1 hypervisor that enables you to run multiple virtual machines (VMs) on a single physical server. As part of VMware's vSphere suite, ESXi is known for its efficiency and minimal footprint, making it a popular choice for enterprise virtualization.

Key Features of ESXi 8

• Improved Performance and Scalability: Enhanced support for modern hardware with increased resource limits.
• Security Enhancements: Improved security features, including secure boot and TPM 2.0 support.
• Simplified Management: Streamlined management interfaces and improved automation capabilities.
• Enhanced Networking: Advanced networking features to support modern data center needs.

Prerequisites for Installing ESXi 8

• Hardware Compatibility: Ensure your hardware is on the VMware Compatibility Guide (VCG).
• BIOS/UEFI Settings: Enable virtualization technology (VT-x/AMD-V) and Data Execution Prevention (DEP).
• Storage Requirements: At least 8 GB of storage for the ESXi installation.
• Network: A compatible network interface card (NIC) is required.

Steps to Install ESXi 8

1. Download the ESXi 8 ISO

•  Go to the [VMware Downloads page](https://my.vmware.com/web/vmware/downloads) and log in with your VMware account.
• Navigate to the ESXi 8 download section and download the ISO image.

 2. Create a Bootable USB Drive

• Use software like Rufus (Windows) or UNetbootin (Linux/Mac) to create a bootable USB drive from the ISO image.

3. Boot from the USB Drive

• Insert the bootable USB drive into your server and power it on.
• Access the BIOS/UEFI settings (usually by pressing a key like F2, F10, DEL during startup) and set the USB drive as the primary boot device.
• Save changes and reboot.

4. Begin Installation

• Once the server boots from the USB drive, the ESXi installer will start.
• Follow the on-screen instructions:
• Press **Enter** to begin the installation.
• Read and accept the End User License Agreement (EULA).
• Select the disk to install ESXi (ensure this is the correct disk as it will be formatted).

 5. Configure ESXi

• After selecting the disk, the installer will scan for available network adapters.
• Set a root password when prompted.

 6. Complete the Installation

• Review the installation settings and press **F11** to start the installation.
• Once the installation is complete, remove the USB drive and reboot the server.

7. Initial Setup and Configuration

• After rebooting, you will see the Direct Console User Interface (DCUI).
• Press **F2** to customize the system and log in with the root password.
• Configure network settings (IP address, DNS, hostname) as required.

Post-Installation Steps

1. Accessing the ESXi Host via Web Client

• Open a web browser and navigate to `https://<ESXi_host_IP>/ui`.
• Log in with the root credentials.

2. Configuring Datastores

• In the web client, go to **Storage** and configure datastores as needed.

3. Setting Up Virtual Machines

• Navigate to the **Virtual Machines** section and follow the wizard to create new VMs.

Common Issues and Troubleshooting

• Network Connectivity Issues**: Ensure that the NIC is compatible and correctly configured.
• Storage Problems**: Verify that the storage device is recognized and supported by ESXi.
• Performance Issues**: Check resource allocation and ensure that the server hardware meets the requirements for ESXi 8.

Additional Resources

• Do check Detailed lecture on this topic with hands-on demo on youtube.

 

By following these steps, you should be able to successfully install and configure ESXi 8 on your server, allowing you to take full advantage of its virtualization capabilities.