Skip to content

Deploy High Available Firewall Appliances in VMware Cloud Director

When customers are deploying their services to a Cloud Datacenter delivered with VMware Cloud Director they quite often want to use their own virtual Firewall Appliance rather than the Edge and Distributed firewall that is built into the NSX infrastructure. Many Administrators prefer to use their well-known CheckPoint, Fortinet, or pfSense for seamless configuration management. While using standalone virtual Firewall Appliances is not an issue in general, there are some caveats with HA deployments, which can be addressed with features implemented in recent versions of VMware Cloud Director.

This article explains how to deploy High-Available Firewall Appliances in VMware Cloud Director 10.5

Read More »Deploy High Available Firewall Appliances in VMware Cloud Director

How to Update ESXi 8.0 with USB NIC Fling

The USB Network Native Driver Fling is a popular driver for ESXi to allow the usage of USB-based Network cards. When you downloadaing the driver, you might notice that there are separate versions for each ESXi Update release (eg.  8.0 and 8.0U1).  Both versions are only compatible with their corresponding ESXi version, which makes direct updates a little bit more complex.

This article explains two options to upgrade ESXi hosts with USB-based network adapters.

Read More »How to Update ESXi 8.0 with USB NIC Fling

ESXi on Minisforum Venus Series NPB7 with Intel 13th Gen Raptor Lake CPU

Even before Intel's announcement to drop the NUC Mini-Computer line, having an eye on its alternatives reveals great options for running VMware ESXi. Minisforum is a relatively new vendor that aims to become a top-tier innovator, manufacturer, and supplier of mini PCs. Their Venus Series is very similar to the well-known Intel NUC Series that VMware folks are running in their labs for years. One of the most promising features is that they offer two 2.5Gbit network adapters that are running out of the box with ESXi 8.0 for a very fair price.

SFF systems (also known as Barebone, Nettop, SoC, or Mini-PC) like Miniforums Venus Series or Intel's NUC are not officially supported by VMware but they are very widespread in the home lab community. They are small, silent, transportable, and have very low power consumption, making them great servers in your home lab. The Minisforum Venus Series is currently available with 13th Gen i5/i7 and 12th Gen i7 CPU, supports up to 64GB of Memory, and has two 2.5Gbit Network Adapters.

  • Minisforum NPB7 (13th Gen Intel Core i7-13700H - 6 x up to 5 GHz / 8 x up to 3.70 GHz)
  • Minisforum NPB5 (13th Gen Intel Core i5-13500H - 4 x up to 4.7 GHz / 8 x up to 3.50 GHz)
  • Minisforum NAB6 (12th Gen Intel Core i7-12650H - 6 x up to 4.70 GHz / 8 x up to 3.50 GHz)

Read More »ESXi on Minisforum Venus Series NPB7 with Intel 13th Gen Raptor Lake CPU

Terraform vcd_network_routed_v2 with cidrhost() Calculated IPv6 Address Format Issue - "forces replacement"

After a long time of missing IPv6 Support in the Terraform Provider for VMware Cloud Director, with the release of v3.10.0 IPv6 Dual-Stack support for routed networks is finally there. Unfortunately, when you want to use the Terraform native cidrhost() function, you might run into an issue that is caused by the different formats in which you can write IPv6 addresses. The format in which the IP Address is calculated differs from the format that the VCD API returns which forces Terraform to replace the resource.

Read More »Terraform vcd_network_routed_v2 with cidrhost() Calculated IPv6 Address Format Issue - "forces replacement"

Goodbye to INTEL NUC - What are the Alternatives?

In the VMware Homelab Community, the Intel NUC (Next Unit of Computing) has been a prominent player for several years. They are small, silent, transportable, and have very low power consumption, making them a great server for your home lab. With the recently announced deprecation of their NUC Plattform, many homelabbers need an affordable and reliable alternative option for their VMware Homelab.

Luckily, Many vendors jumped on the Small-Form Factor market and there are plenty of great alternatives available. This article takes a quick look at the best alternatives to Intel's NUC.

Read More »Goodbye to INTEL NUC - What are the Alternatives?

Enabling Active Directory / LDAP / LDAPS Authentication In vCenter 8.0

This article describes how to integrate VMware vCenter Server into your authentication infrastructure. Identity sources can be Microsoft Active Directory installations or OpenLDAP.

Bundled with the vCenter Servers is an internal user database that allows you to add and manage Users from the vCenter UI. Users management and Single Sign-On are provided by the embedded Platform Service Controller. In a large environment, you might want to connect your virtualization infrastructure to a centrally managed identity provider.

Read More »Enabling Active Directory / LDAP / LDAPS Authentication In vCenter 8.0

Regenerate Standalone ESXi Host Certificate

On a freshly installed ESXi host, the following error is displayed:

The certificate assigned to this host is not valid yet. You should install a valid certificate.

The issue is caused by a system time that is set to the future during ESXi installation. Having not configured the correct time can also cause issues when trying to add the ESXi host to vCenter Server. To solve the issue, set the correct time (Best practice is to use an NTP server) and regenerate the certificate.

Read More »Regenerate Standalone ESXi Host Certificate

NOT_AUTHENTICATED Error with PowerCLI 13.1 - Cloud Director Authentication Changes

After updating PowerCLI to version 13.1, which has been released in April 2023, a couple of scripts that are using the Session Token provided by Connect-CIServer fail to work with the following error:

Invoke-WebRequest: {"minorErrorCode":"NOT_AUTHENTICATED","message":"[] This operation is denied.","stackTrace":null}

According to the official announcement, there have been changes to the authentication mechanism of Connect-CIServer. This change does not affect any functions that come with PowerCLI, but many community functions and scripts that include custom API calls.

In previous versions, you could simply snatch the authentication token that is stored in the $global:DefaultCIServers.SessionId global variable and use with an x-vcloud-authorization header in your custom API calls. Since PowerCLI 13.1, you now get a Bearer Token as SessionId/SessionSecret.

Read More »NOT_AUTHENTICATED Error with PowerCLI 13.1 - Cloud Director Authentication Changes