How to hide a Virtual Machine

This post explains how you can hide a VMware based Virtual Machine from designated users or the entire vCenter Server infrastructure. I’am explaining different scenarios where you can hide Virtual Machines including:

  • Hide Virtual Machines from Groups or Users in vCenter
  • Hide Virtual Machines from the entire vCenter Server
  • Hide Virtual Machines from root on Single ESXi instances
  • Find hidden Virtual Machines

To clarify, this post does not cover techniques to cloak that the Guest OS is running on a virtual machine, instead of bare metal.

Read more »

VCSA6 Bash and SSH Key Authentication

The Linux Version of the vCenter Server is not new anymore but with vSphere 6.0 the vCenter Server Appliance (VCSA) has overtaken the Windows Version in many aspects. The completely rewritten linked mode removes the need for a Windows-based vCenter and the scalability of both appliances are identical.

VCSA6 is delivered as appliance based on openSUSE. Nevertheless its a Linux, VMware want’s you to use the GUI. Unless you are in a testing environment I would highly recommend to limit shell usage to the following usage scenarios:

  • During Service Requests under advice of VMware GSS
  • For advanced troubleshooting
  • When required for complex deployments (eg. PSC 6.0 High Availability)

Read more »

More Information on CVE-2015-5177 (ESXi OpenSLP Remote Code Execution)

You might be aware of the 3 critical security issues that VMware has published and fixed a couple of days ago in VMSA-2015-0007. The information provided in the security advisory regarding the first issue, CVE-2015-5177 (ESXi OpenSLP Remote Code Execution), are:

VMware ESXi contains a double free flaw in OpenSLP’s SLPDProcessMessage() function. Exploitation of this issue may allow an unauthenticated attacker to remotely execute code on the ESXi host.

Relevant Releases
VMware ESXi 5.5 without patch ESXi550-201509101
VMware ESXi 5.1 without patch ESXi510-201510101
VMware ESXi 5.0 without patch ESXi500-201510101

In this post I am trying to give a better understanding of the vulnerability and its consequences. Please note that the information in this post are my personal opinions. I cannot guarantee that these information are accurate. The main fact is that VMware has published a fix and you should install the patch to be on the safe side. In the real world, you might have something like a “change process” where you can’t rollout the patch for hundreds of systems immediately. Or you have a single ESXi that you don’t want to reboot at the moment. In this situation, this post tries to help…

Read more »

ESXi 6.0 October 2015 “NETDEV WATCHDOG” Patch (Build 3073146)

VMware has published a patch for ESXi 6.0

Product: VMware ESXi 6.0
Release date: October 6, 2015
Patch: ESXi600-201510001
Build: 3073146
Links: KB2132152 | Download

The ESXi Installable has also been replaced with ESXi 6.0 Update 1a:

The update resolves a critical network issue with the following symptoms: Read more »

ESXi 5.5 October 2015 “Snapshot Bug” Patch (Build 3116895)

VMware has published a patch for ESXi 5.5

Product: VMware ESXi 5.5
Release date: October 6, 2015
Patch: ESXi550-201510001
Build: 3116895
Links: KB2133824 | Download

The patch resolves the Snapshot Bug in 5.5 Update 3 that has been documented by VMware in KB: KB2133118

The ESXi Installable has also been replaced with ESXi 5.5 Update 3a (ESXi 5.5 Update 3 is gone):

Read more »

VMware: Thrilling Start to October 2015

VMware has started October 2015 with a bunch of patches, a security advisory and a major bug in their latest ESXi 5.5 release. Read more »

VMware ESXi 5.5 Update 3 Snapshot Bug

[UPDATE 6. Oct] The Snapshot Bug has been fixed!

VMware has a major bug in their latest ESXi 5.5 Patch, released on September 16, 2015.

Affected Product:
VMware ESXi 5.5 Update 3 (build number: 3029944)

VMware KB: KB2133118

After upgrading to VMware ESXi 5.5 Update 3 an unexpected virtual machine failure might occur after snapshot consolidation. This issues occurs due to a segmentation fault when changing the snapshot tree data-structure. Read more »

Adding a second NIC to a 5th Gen Intel NUC (Or other PCIe Cards)

NUC5i5MYHE-with-external-nic-squareIntel NUCs with ESXi are being used as home servers and in many home labs. If you are generally interested in running ESXi on Intel NUCs, read this post first. One major drawback is that they only have a single network port. There are USB NICs in the market, but for ESXi hosts they only work in path through mode. That means that USB NICs can only be used inside VMs and not for the hypervisor itself as vmnic.

The slightly older 4th Gen NUCs had a Mini PCIe slot that allowed an additional NIC to be installed. With that port it was possible to install a Syba Mini PCIe NIC for example. Nevertheless the adapter is unsupported with ESXi and did not fit into the NUC chassis, there are solutions.

Unfortunately, the 5th Gen NUC does no longer have a Mini PCIe slot. Instead it has M.2 slots. An easy solution would be a M.2 NIC, but until today there are no such cards available. In this post I will explain the possibilities to use PCIe cards with the M.2 slot to upgrade the 5th Gen NUC with additional NICs or other cards like Fibre Channel HBAs.

Read more »

vSphere Release History PDF – September 2015 Update

The download of my vSphere Release History in PDF Format is now available. It includes the latest vSphere updates. The document is a printable Version of my VMware ESXi Release and Build Number History.


I’ve also updated the VMware ESX History Diagram to reflect the latest updates for vSphere 5.5 and 6.0.



VCP6 Delta Part 8 – Storage Enhancements

This is part 8 of the VCP6-DCV Delta Study Guide. It covers storage enahncements in vSphere 6.0 including the NFS 4.1 and Virtual Volumes. After this section you should be able to configure NFS 4.1 based datastores and Virtual Volumes with Storage Policies.

Read more »