vExpert 2019


Delighted to be named as a vExpert for 2019. Its an excellent group to be part of with many excellent benefits which include :

  • Inclusion in public vExpert directory
  • Access to a private vExpert community and vExpert parties
  • Award certificate Signed By PAT Gelsinger  and vmware Product NFR Licenses
  • Free subscription to conference session on
  • Access to exclusive online events and other opportunities to participate in activities
  • vExpert logo to display on website or email signature

VMware Cloud on Dell EMC

What is Project Dimension

Last year at VMworld, VMware announced a new offering they were working on called Project Dimension which is going to extend their  cloud offerings to customers on-premises locations. While the public cloud has been a huge success and a lot of companies now are utilizing it for some if not all of its workloads, its generally accepted that some workloads will never be suitable to be migrated to the public cloud . Reasons for this include security concerns (even if they may not be valid) and the fact that some conservative older companies will never be comfortable with financial, customer and / or employee data stored off premises. This is where Project Dimension comes in….

Project Dimension was created to bring a cloud solution to an on premises environment. For companies who couldn’t or didn’t want to move to the public cloud , VMware are bringing the cloud to them and the first solution within Project Dimension is VMware Cloud on Dell EMC. This is a fully managed on premises cloud solution built on the hugely successful VxRail hardware platform.

How does it work 

VMware have combined their SDDC platform which is built on VMware Cloud Foundation, (vSphere, NSX and vSAN) and combined it with Dell-EMC’s VxRail platform to provide a leading edge fully managed data-center as a service solution. The hardware will be customized in the factory after an order is placed and once  it is delivered to a customer site, an engineer will arrive and configure the solution for use on the customer network.

VMware will be the single point of contact for all support issues, ranging from the virtualization stack to the hardware underneath. VMware will proactively monitor the environment and dispatch a Dell EMC technician to resolve any hardware issues on site. VMware will also take care of the patching and upgrades which will be performed during a customer defined maintenance window thereby ensuring that all the components are operating at the latest recommended versions of software and firmware.

Project Dimension can also leverage NSX SD-WAN by velocloud which can be used to enable connectivity with other regions.

Benefits at a glance 

  • Fully managed cloud service solution with one point of contact
  • One monthly price which will include all monitoring , support and maintenance
  • Removes infrastructure management from the customer and enables them to focus on  higher value items in the stack
  • Allows customers to move from a capex to an opex environment even when remaining in an on premises environment
  • Built in security, encryption at rest and in transmit provided
  • Greatly simplifies on premises environment

This promises to be a very exciting innovative new solution from VMware and Dell – EMC –  if you are interested in testing a beta version then you can register your interest here :

Excellent course in Information Security

I recently qualified from CIT with a PgDip in Information Security with first class honors and wanted to share my experience of the course so others can also benefit from developing some skills that are very relevant in today’s marketplace.

I enrolled in the course as i wanted to gain some experience and exposure to information security as it is such a hot topic these  days. I also wanted to get that  formal qualification as opposed to just doing lots of online courses.

Here is a link to the course


CIT offered the course part time and online which enabled people from all over Europe to participate. All the lectures were recorded so you can listen and watch them in your own time if you missed the live lectures.

I gained invaluable knowledge in areas like :

  • Cloud Security
  • Cryptography
  • Forensics
  • Offensive security

The course also gives you the option of completing the two years and getting an Msc or else  exiting the course after 18 months like i did and obtaining a PgDip , the only difference is that the Msc contains a final year thesis / project whereas the PgDip doesnt, but its also possible to return at a later date and complete the project to upgrade your PgDip to an Msc.

All in all , it was an excellent course and im glad i pursued it. The standard of lecturing was very high and i strongly recommend anyone interested in developing some security skills to check it out.


Batchpatch for Managing Windows VM’s

I recently started using a new tool called batch-patch for performing windows updates on large amounts of Windows virtual servers. It is a very useful piece of software and makes tasks like installing windows patches , gathering different information on the servers and running things like scripts very simple and straight forward.

When installed and licensed you are presented with the following screen where you can add the required VM’s either from a list or from an Active Directory


The account that you are logged into the VM running batchpatch on must have the neccessary logon and execution rights on the target VM’s also. If these accounts differ then its possible to specify alternative logon credentials for the VMs by right clicking the VM


Right clicking the VM(s) , you can see all the various different actions you can take on the VM’s, one of the most useful is under “Get Information”, its possible to get all sorts of useful information like disk space, last boot time etc.


If you are using the tool to perform windows updates, you can click tools – settings and then windows update. In here you can select what package filtering you want to do and enable / disable cached mode


Once you have configured the settings you can right click the vm(s) and click, windows updates and then choose what you want to do , e.g. download updates, download and install updates, download / install and reboot VM if required etc


Another very useful feature of batchpatch is the ability to run scripts / programs on the vm(s) very easily . Right clicking the VM(s) and selecting “Deploy software” shows the following dialog box where you can just select a .exe / msi / cmd file to execute


These are only some of the features of batchpatch , it is a very easy tool to use and i recommend checking it out if you manage a large number of VMs

More Information can be found here

VMware Cloud Foundation 3.0


It has been a while since i have written about one of my favorite products VMware Cloud Foundation so i decided to provide an update on what is new with the most recent version of the software which is vCF 3.0 (just announced at VMworld 2018)

There are some amazing new features , which include :

Builder VM :  The VIA appliance is no longer used to image the system , instead a brand new builder VM is used to perform the bring up process. This VM is a photon based OVA which includes all the binaries needed to complete the bring up process.

Workload Domains with multiple clusters : It is now possible to create multiple clusters within a workload domain.

Physical Hardware changes : It is now allowed to use different vendor and model ESXi hosts in the same rack. It is also possible to use any switching infrastructure that the customer chooses to use and is not bound by the vCF HCL. Note however that the customers network team need to setup the switches in this situation (the switches will not be imaged and configured by vCF)

Software Versions : The new component software versions include the following :

  • vCenter / ESXi /PSC / vSAN6.5 U2b
  • NSX 6.4.1
  • Log Insight 4.6.1
  • vRealize Operations 6.7
  • vRealize Automation 7.4
  • vRealize Suite Lifecycle Management 1.2

Network Pools : vCF 3.0 uses a pre-defined set of IP pools for vmkernel addresses for vSAN and vMotion which SDDC manager uses in configuring the esxi hosts.

NSX Hybrid Connect : Using NSX Hybrid Connect, the process of migrating large workloads into a vCF workload domain has been simplified. This feature creates seamless connectivity between sites and allows the customer to migrate workloads from legacy environments, private and public clouds into a VMware Cloud Foundation environment.

These are all very cool new features which make a great product even better!

Dell-EMC continue to provide an awesome fully engineered rack based system that is powered by vCF – check it out here :


Script to get VM information

Recently i wanted to get the following information for VM’s in my environment :

  1. VM Name
  2. IP Address
  3. DNS1
  4. DNS2

The script below helped me to get that information by requesting a resource pool name and entering the location where you want to resulting csv file to be saved to .

The script uses the invoke-vmscript cmdlet and a powershell block to get the required information and then saves the information neatly in a csv file.

$rp = Read-Host -Prompt “What Resource Pool do you want to gather information for”
$csv = Read-Host -Prompt “Please give the full path where you want the csv file to be saved”

$vms = get-resourcepool -Name $rp | get-vm | where {$_.Powerstate -eq ‘Poweredon’}

$shownet = @’
$net = get-wmiobject win32_networkadapterconfiguration
“{0}|{1}|{2}” -f @(($net | where{$_.IPaddress} | select -expandproperty IPaddress | where{$_ -notmatch ‘:’}),
@($net | where{$_.dnsserversearchorder} | select -expandproperty dnsserversearchorder)[0],
@($net | where{$_.dnsserversearchorder} | select -expandproperty dnsserversearchorder)[1])

$report = foreach ($vm in $vms){

$result = invoke-vmscript -vm $vm -ScriptText $shownet -ScriptType powershell | select -ExpandProperty scriptoutput
$resultarray = $result.Trimend(“`r`n”).Split(‘|’)
new-object PSObject -Property @{
vm = $
IP = $resultarray[0]
DNS1 = $resultarray[1]
DNS2 = $resultarray[2]


$report | export-csv -Path $csv\report.csv -NoTypeInformation -UseCulture


Data drive missing after OS upgrade

I came across an interesting issue recently that i thought might be useful to share.

When we upgraded some Windows server 2008 VM’s to Windows 2012 the data drive (D:) was missing after the upgrade. The data drive was interestingly attached to a Paravirtual SCSI controller whereas the C: drive was attached to a standard LSI Logic SAS storage adapter.

Paravirtual SCSI controllers are high performance storage adapters which can result in greater throughput and are suitable for applications that require high I/O.

More information on these can be found here :


After further investigation , device manager showed some problems :


The VMware Paravirtual SCSI was also missing from the storage controllers


The fix for this issue was the following :

  1. Refresh / upgrade VMware tools on the affected VM’s. This procedure reinstalled the Paravirtual SCSI controller driver on the windows 2012 OS.


2. Bring the disk online using disk management or diskpart


The disk then showed up in my computer


Brandon Lee also has an interesting post here on how to install the Paravirtual SCSI adapter driver when installing Windows Server 2016

VxRack SDDC bringup failing on “Backup bootbank of hosts” -vCF 2.2

I was recently re-imaging my VxRack SDDC a few days ago and came across an issue where the second phase bring up was failing . The error message was saying that the task that backs up the ESXi bootbanks  was failing


After digging further, i realized that was the IP address of the SDDC manager Utility VM and not a particular ESXi host.

I then examined the bringup log on the SDDC controller VM which is located at /opt/vmware/bringup/logs/evosddc-bringup.log and noticed that the original ssh connection from the SDDC manager controller VM to the utility VM was succeeding but was then throwing a password expiration error afterwards


It turns out that the SDDC controller VM performs its original connection to the SDDC utility VM using the root account but then uses a different account (backupuser) to perform the backup of the ESXi hosts bootbanks and it turns out that this backupuser account had expired.

I had to log into the SDDC manager utility VM and set the backupuser account to never expire using the command below


Once this change was performed, i retried the bringup procedure and it completed successfully

vCF 2.2 is generally available


VMware Cloud Foundation is now generally available and here are some of the  new enhancements :

Software updates 

vCF 2.2 now includes vSphere 6.5 Update 1, vSAN 6.6.1, NSX 6.3.3 and Horizon 7.0.2, it also includes Log Insight 4.3.0 as an optional component.  Note that vROPS has been removed from this version of vCF. This is a temporary measure and will be reversed in the future



Management Workload Domain updates

It it now possible to create a single management workload domain per vCF instance. You need a minimum of 4 servers (1 rack) for this configuration and it expands up to a maximum of 256 servers (8 racks). This means that you only have to allocate the first 4 servers in rack 1 for the management domain and the rest of the servers available in rack 1-8 are available for workload domains. This is a marked improvement over vCF 2.1.x where the first four nodes in each rack were allocated for a management domain

Deployment Types

Another new feature of vCF 2.2 is the ability to have compute workloads residing in the management domain. Workload domain isolation is provided by resource pools. This feature is targeted at smaller deployments , typically comprising of less than 32 servers. If you require more than 32 nodes, its recommended to adopt the traditional architecture of separate management and compute workload domains

Optimised SDDC Manager 

SDDC manager now only comprises of two VM’s, the SDDC manager controller and SDDC Manager Utility.  SDDC manager continues to provide NTP and DNS services to the vCF environment and DNS is provided in a HA fashion between the controller and the utility VMs



The HMS (hardware management service) is now taken off the management switch and moved to the SDDC manager controller VM

Log Insight

Log Insight is now configured as a 3 VM cluster, containing one master node and two worker nodes. The system bring up workflow will configure logging for the management domain but if you require logging for your workload domains then you will need to enable this via the SDDC manager GUI and procure a license. Content packs available include vCF / vSPhere / vSAN / NSX and Horizon


New features available in the SDDC manager GUI

It is now possible to add hosts and perform password rotation of all the components via the SDDC manager GUI. This is a significant improvement on previous versions as it was quite complex to perform these activities


Hardware updates 

The VMware Compability guide has been updated with server support for vendors like Lenovo / HDS and Fujitsu

Signed Certificate Support

It is now possible to use custom signed certificates on the SDDC deployed components (vCenter , PSC, NSX Manager , SDDC manage and Log insight). This is done using an automated cli tool located in /opt/vmware/cert-mgmt/ It is possible to use custom certificates on both the management domain and any workload domains

A step by step procedure on replacing these certificates can be found in the vCF 2.2 admin guide

Note : vCF 2.2 is targeted at greenfield sites only. If you need to upgrade from vCF 2.1.x to 2.2 then contact VMware Support for assistance

VxRack SDDC will be shipping with vCF 2.2 on 29th September 2017. If you want to upgrade your VxRack SDDC from 2.1.x then contact Dell – EMC support for assistance

All the documentation can be found here :