Skip navigation
All People > SungHoon_Kim > Sung Hoon Kim's Blog > 2015 > August
2015

The free version of vSphere Hypervisor and Stand-alone vCenter does not allow you to create template base images.

Still there is a very good option to deploy standard images by creating OVF image which can be done from the VMWare Workstation.

This will demonstrate how to create VMWare image and export to OVF.

 

First of all, you need to create a VM Image using VMWare Workstation.

Once you have made all necessary configurations in the VMWare Image, you can shut it down.

Then at the "File" select "Export to OVF..." menu.

ScreenHunter_119.jpg

 

Then it will take some time for it to convert the whole image to OVF format.

It generates 3 files as below.

ovf1.PNG

 

In case if your VMware Image was mounting an ISO file, that ISO file will also be part of the OVF.

In that case, you will find "RHEL6.5(x64)-iso1.iso" file in this folder.

Also, the .mf file will have one more entry line with the hash of that ISO file too.

 

 

1. vmdk file. This is the virtual HDD image.

2. mf file. This contains the SHA1 hash of the vmdk and ovf file (and iso file if it was part of the image) to ensure its integrity when copied.

    SHA1(RHEL6.5(x64).ovf)= 5bb013552f6c2c85f8f73c8b060912622a018dee

    SHA1(RHEL6.5(x64)-disk1.vmdk)= bfe5286469c3cc515699fae41c22234279e3de11

3. ovf file. This is an XML file describing the virtual machine and its devices.

     <?xml version="1.0" encoding="UTF-8"?>

     <!--Generated by VMware ovftool 4.0.0 (build-2670985), UTC time: 2015-08-24T04:58:59.998504Z-->

     <Envelope vmw:buildId="build-2670985" xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:cim="http://schemas.dmtf.org/wbem/wscim/1/common" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

       <References>

         <File ovf:href="RHEL6.5(x64)-disk1.vmdk" ovf:id="file1" ovf:size="5033223168"/>

       </References>

       <DiskSection>

         <Info>Virtual disk information</Info>

         <Disk ovf:capacity="120" ovf:capacityAllocationUnits="byte * 2^30" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" ovf:populatedSize="7540899840"/>

       </DiskSection>

    ...

    ...

 

You have successfully exported your VM Image in OVF format.

 

In case if you make any changes to the ovf file, you must get the SHA1 hash and upate the .mf file.

I installed vSphere Hypervisor 6.0 on my Desktop and found that I do not see any internal HDDs.

Looking at the Storage Adapters, I found that internal SATA controller did not appear in the list so I got to realize that my SATA controller is probably not supported.

sata_controller.PNG

 

After doing some research, I found this website that gave instruction and the generic driver.

http://www.v-front.de/2013/11/how-to-make-your-unsupported-sata-ahci.html

 

The instruction was the following.

 

1. esxcli software acceptance set --level=CommunitySupported

2. esxcli network firewall ruleset set -e true -r httpClient

3. esxcli software vib install -d http://vibsdepot.v-front.de -n sata-xahci

 

In order to run these commands, I first need to enable SSH from the vSphere Hypervisor.

At the physical console, "<F2> Customize System/View Logs".

Enter the root credential for access.

Then at the "Troubleshooting Options".

Press [ENTER} key at "Enable ESXi Shell".

You will need to "Restart Management Agents" or reboot if it does not recognize the changes.

 

Then use putty to SSH to the Hypervisor to confirm it works.

hypervisor.PNG

Run the 1st command.

It should return the following.

 

[root@mydesktop:~] esxcli software acceptance set --level=CommunitySupported

Host acceptance level changed to 'CommunitySupported'.

[root@mydesktop:~]

 

The 2nd and 3rd command is to open the firewall and download the "sata-xahci" driver from the website but this may not work when you are behind a corporate proxy server requiring authentication.

So, to workaround it, I had to download this driver to my desktop and then use WinSCP to upload it to the vSphere Hypervisor machine.

Visit https://vibsdepot.v-front.de/wiki/index.php/List_of_currently_available_ESXi_packages and you will find the driver below.

drivermap.PNG

It will bring you to https://vibsdepot.v-front.de/wiki/index.php/Sata-xahci and you can find at the very bottom of the page the drivers to download.

You can download either one.

directdownload.PNG

Download the "Offline Bundle of version 1.3.2" and transferred it to /tmp folder.

Run the 3rd command as below.

 

[root@mydesktop:/tmp] esxcli software vib install -d /tmp/sata-xahci-1.32-1-offline_bundle.zip

Installation Result

   Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.

   Reboot Required: true

   VIBs Installed: VFrontDe_bootbank_sata-xahci_1.32-1

   VIBs Removed:

   VIBs Skipped:

[root@mydesktop:/tmp]

 

Now, reboot the machine.

 

Connect and verify the SATA controllers are now recognized.

recognized_sata.PNG

This is the 2nd virtual machine in my virtual enterprise.

It has the same hardware as the 1st virtual machine(AD2012R2-02).

 

OS : Windows Server 2012 R2 Standard

HDD: 40GB

RAM: 1GB

NIC: 2 (1 x "SECURE.LAB BACKEND", 1 x "VM Network")

 

Install the OS.

Install VMWare Tools.

Activate the Windows.

Manually specify the fixed IP on the "SECURE.LAB BACKEND" NIC.

 

I am setting up the following.

IP: 172.17.8.1

Subnet: 255.255.252.0

DNS: 172.17.8.2

          172.17.8.1

 

(The reason why it is pointing to DNS 172.17.8.2 as primary is because this server 172.17.8.1 does not yet have a DNS to resolve the SECURE.LAB and need to rely on 172.17.8.2 to resolve it.)

ScreenHunter_143.jpg

 

It also has the Active Directory Domain Services role installed (same as the AD2012R2-02).

 

Following is the steps to configure after the steps above has been performed.

 

 

1. Rename the host to "AD2012R2-01" and register to SECURE.LAB at the same time.

ScreenHunter_144.jpg

ScreenHunter_145.jpg

ScreenHunter_146.jpg

For some reason, I am getting the following error.

(I will cover this part later at the bottom of this article).

I clicked "OK" and continue.

ScreenHunter_147.jpg

2. Reboot the machine

3. Promote the server to a domain controller.

ScreenHunter_148.jpg

Unlike the first domain controller, what we are doing here is to add an additional domain controller to an existing domain.

ScreenHunter_149.jpg

In the above, the credential to perform this task is "AD2012R2-01\Administrator" which will not have permission to do this.

Local Administrator only has local privilege, not domain level privilege, so you will need to select a domain administrator.

ScreenHunter_150.jpg

ScreenHunter_151.jpg

ScreenHunter_152.jpg

Ignore the warning and continue.

ScreenHunter_153.jpg

Accept the default and continue. (You have the option to choose from which AD you want to replicate from, but default is alright).

ScreenHunter_154.jpg

ScreenHunter_155.jpgScreenHunter_156.jpg

 

This got stuck after I clicked on "Install".

It seems to have performed everything but did not finish.

Looking at the event log at the AD2012R2-02, it was complaining about duplicate SPN for this AD2012R2-01.

 

After doing some research, I found the following article.

https://support.microsoft.com/en-us/kb/3070083

 

MS site tells me that there is a new feature introduced in 2008 R2 to prevent duplicate SPN from registering.

It is curious why my 2 machines will have same SPN when they were installed fresh separately.

But there is a patch above so I will need to apply it on both servers and see if the issue goes away.


After you apply this patch, it will ask you to reboot.

After reboot, the AD2012R2-01 was recognized as Domain Controller.

 

This is not a pleasant experience and still not really comfortable whether this AD2012R2-01 would work well as a domain controller.

I will monitor and update this article if anything happens.ScreenHunter_157.jpg

On 14/August/2015, the team members under Yvette Essen has awarded her a trophy as a small token of appreciation for all that she does.

This is not an award from CA, it is from "us".

IMG_1052a.jpg

We have a person who has been leading our APJ Security team who we think is the best in the world.

Following is us inviting him(Samuel Yii, Support Delivery Manager) to a meeting room pretending to be a presentation for something else and it's me reading a tribute speech.

Tribute speech:

Tribute Speech for Samuel Yii
True Leader

In every successful organization, there are leaders.

Not a commander like leader who give instruction and demands absolute compliance.

But I am talking about a true leader, a person who sees your true potential and brings out the best in you.

A person who
is humble,
is honest to us,
trusts us,
unites us,
understands where we are coming from,
supports what we are trying to achieve,
inspires us,
makes us innovative,
and does not take credit for himself.

A person who we can talk what is in our mind.
A person who puts pure heart on the table instead of policies.

If we are a successful team, we cannot deny this man is a big part of it.

We've been asked many times, what makes our team so successful.
We cannot deny this man stood right behind us, on every success we had.

We have a true leader that made us an outstanding team.

It is now our turn to let him know that we are proud of him and would like to say Thank you.
We gather here today, to celebrate our true leader and offer a token of our appreciation.

This may be the very first time in CA history where an award is given from bottom up.

I introduce to you our true leader, Samuel Yii.

IMG_1024a.jpg

IMG_1025a.jpg

IMG_1028a.jpg

IMG_1030a.jpg

IMG_1035a.jpg

IMG_1037a.jpg

This is the first virtual machine in my virtual enterprise.

Create a Windows Server 2012 server using the default template and assign the following resources.

 

1. HDD : 40GB

2. RAM : 1GB

3. NIC : 2 (1 x "SECURE.LAB BACKEND", 1 x "VM Network")

 

Mount the ISO file from datastore(VMHDD1/ISO/) and boot up the machine.

In case if the iso file is not mounted to the optical drive, it may try to boot from network. In that case, manually mount the ISO file to the optical drive and reboot the virtual machine to boot from optical drive.

 

Perform the installation.

I have installed "Windows Server 2012 R2 Standard" with GUI.

Install VMTools.

Activate the Windows.

Manually specify the fixed IP on the "SECURE.LAB BACKEND" NIC.

 

I am setting up the following network.

 

IP Range: 172.17.8.1 ~ 172.17.11.256

Subnet mask: 255.255.252.0

 

17.17.8.1 and 172.17.8.2 will be 2 Domain Controllers.

 

Following are the steps to setup a Domain Controller.

 

1. Install Windows Server 2012 R2.

ScreenHunter_086.jpg

2. Activate Windows

3. Install VMTools (reboot)

4. Configured fixed IP for "SECURE.LAB BACKEND" NIC.

ScreenHunter_088.jpg

5. At the "Server Manager ==> Dashboard", click "Add roles and features"

ScreenHunter_090.jpg

ScreenHunter_091.jpg

ScreenHunter_092.jpg

6. Select "Active Directory Domain Services" and Add Features.

ScreenHunter_094.jpg

ScreenHunter_095.jpg

ScreenHunter_096.jpg

ScreenHunter_097.jpg

ScreenHunter_098.jpg

ScreenHunter_099.jpg

ScreenHunter_101.jpg

7. Once the Role/Features are deployed you need to perform Post-deployment configuration.

ScreenHunter_102.jpg

ScreenHunter_104.jpg

8. Select "Add a new forest" and enter "SECURE.LAB" as the Root domain name.

ScreenHunter_106.jpg

9. Select the Domain Controller Options and enter "DSRM password". I will select "Forest functional level" to "Windows Server 2008 R2" because then I can still add additional domain controllers on Windows 2008 R2.

ScreenHunter_108.jpg

ScreenHunter_109.jpg

10. Enter NetBIOS domain name. This usually is the first part of the domain name thus by default mine is "SECURE". It does not have to match and you can enter different NetBIOS name of your choice.

ScreenHunter_110.jpg

ScreenHunter_111.jpg

 

ScreenHunter_112.jpg

ScreenHunter_113.jpg

ScreenHunter_114.jpg

ScreenHunter_115.jpg

11. Login and rename the hostname to "AD2012R2-02". (Will change hostname first on other machines but this is usually not a problem unless you have Certificate Authority installed)

ScreenHunter_116.jpg

ScreenHunter_118.jpg

This is another learning project for myself and others who are interested.

 

I usually setup a virtual enterprise once in a while to tighten up my hands-on experience.

Now, this is easy when you do that on a VMWare Workstation.

I had separate networks for DMZ and backend.

Separated into 2 data centers.

Monitor all of those machines using spectrum.

my_precioussss.jpg

 

I have installed vSphere 6.0 on my laptop and will be setting up the same.

As I get into issues, I would be recording them here and how it is being resolved, or if I had to give up and take different path.

 

 

2015-08-12 (This is an accumulation of actions I performed last week)

vSphere 6 can be installed on an USB HDD and boot from it.

As I did not have an empty DVD to burn, I created a VMWare image and connect the USB HDD(I actually have a 120GB SSD in it) to it.

Load the vSphere ISO file to boot from it then installed onto the detected USB HDD.

Then move this USB HDD to my laptop, and it was able to boot up successfully.

 

There is a limitation on the NIC on the host machine that need to be supported otherwise the installation would not work.

Even after successful installation and boot, if vSphere does not detect supported NIC then it will be useless.

 

The network card on my host laptop was Intel I217-V and was recognized just fine.

 

I had internal SSD of 512GB and recognized fine and registered as a DataStore(VMSSD1).

I had esata HDD of 640GB and was recognized fine and registered as a DataStore(VMHDD1)

 

Being first time user, I did not know how to upload existing VMWare images.

Found out that VMware vCenter allows me to convert the VMWare Workstation images and directly upload to the vSphere server.

This takes a very long time to convert and upload. Several hours were needed to upload a single image(but the image itself was pretty big).

Uploaded VMWare image worked well.

I had to manually register the VMWare Image by "Right click on the DataStore ==> Browse Datastore ==> navigate the folders and select the *.vmx file to register as Inventory"

ScreenHunter_076.jpg

ScreenHunter_077.jpg

 

To automatically startup this Image after rebooting the host, select "Host ==> Configuration ==> Software ==> Virtual Machine Startup/Shutdown"

At the right end there is "Properties...", click on it.

ScreenHunter_079.jpg

 

Check "Allow virtual machines to start and stop automatically with the system". It is not checked by default.

Then select the Virtual Machine that you want to startup automatically and move it up to "Automatic Startup" section.

ScreenHunter_080.jpg

 

I created a lot of Virtual Machines on my SSD and HDD.

Later the HDD crashed. Maybe I pushed it too hard.

Learned that I need to configure the swapfile to be created on my SSD so I do not burden the HDD too much.

In fact, I should place all my Virtual Machines on the HDD and use my SSD for all the swapfiles.

 

Goto "Host ==> Configuration ==> Software ==> Virtual Machine Swapfile Location"

Click "Edit..." button at the right end and select the SSD drive which is registered as datastore.

ScreenHunter_081.jpg

 

What I observe is that, if you placed a Virtual Machine on HDD, allocated 6GB Ram for this Virtual Machine, the 6GB swapfile will be created on this SSD when the Virtual Machine boot up.

There were some other swap files as well, it seemed (I am guessing) as if it was to reduce the IO activities on the HDD and let it happen on the SSD, then synchronize the result to the HDD.

 

After losing the VMHDD1, I decided to replace it with a USB 3.0 HDD.

I have 5TB and 1TB USB 3.0 HDD from Seagate.

Interestingly, they are not being recognized.

ScreenHunter_082.jpg

 

It is actually detected as a USB device though.

ScreenHunter_083.jpg

And for some reason, the 5TB drive is recognized as 2TB.

But "fdisk -l" does not list this drive.

ScreenHunter_084.jpg

 

Need to research further how to get this drive mounted and also recognize the full 5TB.

The 1TB also shows the same behavior, but good thing is that it is only 1TB so I should not have using its max capacity.

 

Next is to try booting it from a 32GB USB Thumbdrive(ordered one and getting it probably this week) so I can make use of the USB 3.0 120GB which I am currently booting from.

This basically will wipe out everything from my current testing setup. Until then, I have time to try exploring more things.

 

DataStore: This is where Virtual Machines, swapfiles and etc get stored. I can also store iso files to mount from Virtual Machines. There were no encryption involved here, meaning that I can install vSphere Hypervisor on another USB and if I boot from it I can still mount these datastores and launch the VM images from there.is appears to be signed by a Host key for security reasons.

 

 

2015-08-13

=============================

USB Thumb drive arrived.

Used VMWare Workstation to install vSphere Hypervisor 6.0 to the USB Thumb drive and replaced it with the USB SSD which I was using for booting up.

It worked very well. I had to scan for the datastores and both VMHDD1 and VMSSD1 were detected.

After exploring the datastores and adding the Virtual Machines to the Inventory, they all started up just fine.

Applied vSphere Hypervisor permanent license.

Configured SwapFile to be stored in VMSSD1.

 

All USB HDD are removed as they are not accessible as datastore.

 

Researched how to mount the USB 3.0 HDD as Datastore. Device is detected but invisible when trying to add a DataStore.

     Research shows USB disks are not to be recognized by design except for passthrough to the Virtual Machines (although vSphere can boot from the USB HDD):

                      link :        hardware - How to mount an USB drive under VMWare ESXi 5.5? - Server Fault

     Then I will not be able to mount these USB HDD. It has to be esata.

                      Another option could be that I setup a NAS on Virtual Machine and passthrough the USB HDD to it and use it as NFS. And have vSphere recognize it. But it appears this would be going too beyond

   * Going to order a caddy and sacrifice the optical drive for an internal HDD.

 

How to upload/download files to the datastore?

Browse datastore and there is a button to upload or download file.

ScreenHunter_085.jpg

 

How to move VirtualMachine from VMSSD1 datastore to VMHDD1 datastore?

Right next to the upload/download button from above screenshot, there is one to move the folders to different datastores.

 

Setup vSwitch to isolate networks.

"VM Network" by default is bridged to the physical NIC and has network access.

I created "ISOLATED" to run a Virtual Machine that does not require network connectivity.

As such, it can only be accessed via vSphere Client.

 

I also created "SECURE.LAB BACKEND" which is also not connected to vmnic0.

But I will have machines that attaches to both the "VM Network" and "SECURE.LAB BACKEND".

This will allow me to run virtual machines that are not directly accessible from vmnic0 network but can be accessed via proxy servers running on "VM Network".

ScreenHunter_103.jpg

 

2015-09-03

=============================

Caddy has arrived and I have put in a 640GB HDD as VMHDD2.

 

This concludes this article of setting up vSphere Hypervisor v6.0 on my Dell m4800 laptop.