Category Archives: VMware

[Tutorial] Deploying VMware vCloud Director 5.5

Here are some notes on deploying VMware vCloud Director 5.5.  I fealt the process as a whole was very confusing as there really isn't a definitive guide out there for folks going from vCenter to a suite product such as vCloud Director.

Prerequisites / Tutorial To-Do List

  • Microsoft SQL Server 2008 R2
    • The SQL Server must use Mixed Mode authentication (cannot use Windows Authentication, must be a SQL account)  We'll go over configuring this in the guide.
  • Linux VM
    • Must run one of the following OSes (I'm using CentOS6 for this guide)
      • CentOS 6 (64-bit) Update 4
      • Red Hat Enterprise Linux 5 (64-bit) Update 4
      • Red Hat Enterprise Linux 5 (64-bit) Update 5
      • Red Hat Enterprise Linux 5 (64-bit) Update 6
      • Red Hat Enterprise Linux 5 (64-bit) Update 7
      • Red Hat Enterprise Linux 5 (64-bit) Update 8
      • Red Hat Enterprise Linux 5 (64-bit) Update 9
      • Red Hat Enterprise Linux 6 (64-bit) Update 1
      • Red Hat Enterprise Linux 6 (64-bit) Update 2
      • Red Hat Enterprise Linux 6 (64-bit) Update 3
      • Red Hat Enterprise Linux 6 (64-bit) Update 4
    • Two network adapters
    • At least 4 GB of memory
    • Hard drive space for the OS and an additional 2 GB of disk space for vmware installation and log files
  • Working ESXi environment with vCenter Server
  • VMware vCloud Networking and Security 5.5.x
  • VMware vCloud Director License Key

Best practicies article can be found here: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2059451

Deploy VMware vCloud Networking and Security 5.5.x 

Prior to installing vCloud Director, you must have the VMware vCloud Networking and Security 5.5.x appliance configured and running.  This product was formally called vShield, as is a required component of vCloud Director.  Instructions on how to deploy this can be found here: http://jackstromberg.com/2014/04/tutorial-deploying-vmware-vcloud-networking-and-security-5-5/

Linux VM Installation (CentOS 6)

  1. Grab a copy of the live CD iso to install the OS
    1. http://isoredirect.centos.org/centos/6/isos/x86_64/
  2. Next your way to victory through the install, substituting in your location and server info.
  3. Install VM tools once you have your OS up and running
    1. Tutorial on how to install VMtools on CentOS 6 can be found here: http://jackstromberg.com/2014/04/tutorial-how-to-install-vmtools-on-centos-6/
  4. Configure static IPs on each of your network cards
  5. Enable the firewall to allow inbound connections on port 443 (HTTPS)
    1. Tutorial on how to add firewall rules to CentOS 6 can be found here: http://jackstromberg.com/2014/04/tutorial-adding-firewall-rules-via-system-config-firewall-tui-on-centos-6/

Generate SSL certificates

We will need to generate some SSL certificates before running the vCloud Director installation.  Please follow the steps below to create a java keystore that vCloud director will use for SSL.  Below are two different methods of generating certificates.  Use the first if you don't want to sign your certificates, use the second if you want to sign your certificate with an internal or external certificate authority.  Note: Usually I create seperate keystores with for each service, in this case, VMware wants both certificates in the same keystore.  Additionally, make sure you change the default password in the commands below to something stronger (other VMware products want you to use a generic password, this one you can change as it will be prompted during the install process).

Creating Self-Signed Certificates

keytool -genkey -keyalg RSA -storetype JCEKS -alias http -keystore certificates.ks -storepass passwd -validity 360 -keysize 2048
Self-Signed vCloud Director Certificate - http

keytool -genkey -keyalg RSA -storetype JCEKS -alias consoleproxy -keystore certificates.ks -storepass passwd -validity 360 -keysize 2048
Self-Signed vCloud Director Certificate - consoleproxy

--Verify both certificates are in the same keystore--

keytool -list -keystore certificates.ks -storetype JCEKS -storepass "passwd"
Self-Signed vCloud Director Certificate - keystore

Creating Signed Certificate Requests (use this if you have an internal PKI, skip this step if you used self-signed certs above)

--Create the certificate requests--

  • HTTP Web Cert Request
    • keytool –certreq -keystore certificates.ks -storetype JCEKS -storepass passwd -alias http -file http.csr -validity 360 -keysize 2048
  • Console Proxy Cert Request
    • keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -certreq –alias consoleproxy -file consoleproxy.csr -validity 360 -keysize 2048

--Import CA Chain--

  • Root Certificate Authority
    • keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias root -file root.cer
  • Intermediate Certificate Authority (only needed if you have one)
    • keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias intermediate -file intermediate.cer

--Import Signed Cert--

  • HTTP Web Signed Cert
    • keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias http -file http.cer
  • Console Proxy Signed Cert
    • keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias consoleproxy -file consoleproxy.cer

Note: Official VMware KB article on generating SSL certificates for vCloud Director: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1026309

Configure the Microsoft SQL (MSSQL) Server Database

  1. Login to your SQL Server/Cluster
  2. Right click on your SQL Server and select Properties
    msSQL - Server Properties
  3. Select the Security page and ensure SQL Server and Windows Authentication mode is checked
    1. Per VMware's documentation, Windows Authentication is not supported when using Microsoft SQL with vCloud Director.
      Server Properties - SQL Server and Windows Authentication Mode
  4. Click OK
  5. Click on the New Query button and Execute the following query (make sure you change the path to the database and log files). This command will create the database instance and log files, specifying the proper collation sequence:
    USE [master]
    GO
    CREATE DATABASE [vcloud] ON PRIMARY
    (NAME = N'vcloud', FILENAME = N'C:\vcloud.mdf', SIZE = 100MB, FILEGROWTH = 10% )
    LOG ON
    (NAME = N'vcdb_log', FILENAME = N'C:\vcloud.ldf', SIZE = 1MB, FILEGROWTH = 10%)
    COLLATE Latin1_General_CS_AS
    GO
    msSQL - vCloud Director - Database Creation
  6. Use VMware's recommended transaction isolation level.  Click the New Query button again and then Execute the following query:
    USE [vcloud]
    GO
    ALTER DATABASE [vcloud] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;
    ALTER DATABASE [vcloud] SET ALLOW_SNAPSHOT_ISOLATION ON;
    ALTER DATABASE [vcloud] SET READ_COMMITTED_SNAPSHOT ON WITH NO_WAIT;
    ALTER DATABASE [vcloud] SET MULTI_USER;
    GO
    msSQL - vCloud Director - Transaction Isolation Level
  7. Next, create the SQL User to connect to the database (we will use vcloud as the username, you can change this if you would like).  Click the New Query button again and then Execute the following query (amke sure to change the default password):
    USE [vcloud]
    GO
    CREATE LOGIN [vcloud] WITH PASSWORD = 'vcloudpass', DEFAULT_DATABASE =[vcloud],
    DEFAULT_LANGUAGE =[us_english], CHECK_POLICY=OFF
    GO
    CREATE USER [vcloud] for LOGIN [vcloud]
    GO
    msSQL - vCloud Director - Create User Account
  8. Last, assign the proper permissions to the SQL user.  We will need the user to have db_owner permissions for the install.  Click the New Query button again and then Execute the following query:
    USE [vcloud]
    GO
    sp_addrolemember [db_owner], [vcloud]
    GO
    msSQL - vCloud Director - db_owner privileges

The official VMware KB article on configuring MSSQL Server (and oracle) can be found here: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2034540

Install vCloud Director

  1. Copy the certificates.ks keystore over to the vCloud Director VM if you didn't generate them on it.
    1. I placed my ssl certificates in the following directory (VMware doesn't recommend a location, so I just picked this one): /opt/vmware/
  2. Download a copy of VMware vCloud Director 5.5.X from myvmware.com
  3. Open up Terminal
    CentOS6 - Terminal
  4. Execute the following command to install one of the prerequisites for the vcloud director installer (CentOS should come preinstalled with the others)
    1. yum install redhat-lsb
      yum install redhat-lsb
  5. Enter y and then press enter to continue the install
    yum install redhat-lsb - Download Packages
  6. Enter y and then press enter to continue the install
    yum install redhat-lsb - Install Packages
  7. Navigate to the folder where you downloaded the vmware-vcloud-director bin file and execute the following command to allow the bin file to be executed
    1. chmod u+x vmware-vcloud-director-5.5 (tab to the end of the file)
      chmod vmware-vcloud-director
  8. Execute the following command to begin the installation
    1. ./vmware-vcloud-director (tab to the end of the file)
      Install vmware-vcloud-director-5.5
  9. Enter y to run the script after the installer verifies prerequisites
    Install vmware-vcloud-director-5.5 - Run the script
  10. Select which adapter you would like to assign the HTTP service to and press enter (this will be for the web management interface)
    Install vmware-vcloud-director-5.5 - HTTP service adapter
  11. Select which adapter you would like to assign the console proxy IP address to and press enter
    Install vmware-vcloud-director-5.5 - Remote console proxy adapter
  12. Enter in the path to your certificates.ks file and press enter (in this tutorial, I used /opt/vmware/certificates.ks for example)
    Install vmware-vcloud-director-5.5 - Java keystore - SSL Certificates
  13. Enter in the password to the keystore when prompted and press enter
    Install vmware-vcloud-director-5.5 - Java keystore - SSL Certificates - Password
  14. If you have a syslog server enter in the IP to it, otherwise press enter to skip it
    Install vmware-vcloud-director-5.5 - Syslog host name
  15. Type 2 to use Microsoft SQL Server and press enter
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server
  16. Enter in the hostname or IP address to your MSSQL server and press enter
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - host
  17. Press enter to use the default SQL server port
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - port
  18. Enter in the name of your sql database (using the default database name vcloud for this guide) and press enter
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - database name
  19. Press enter to use the default database instance
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - database instance
  20. Enter your database user (vcloud is what we have been using for this tutorial) and press enter
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - database user
  21. Enter the password to your sql user and press enter
    Install vmware-vcloud-director-5.5 - Microsoft SQL Server - database password
  22. Type y and press enter to start the service
    Install vmware-vcloud-director-5.5 - Start Service

Configuring vCloud Director

  1. Open up your web browser and navigate over to your vCloud instance
  2. Optionally, install the VMware Remote Console Plug-in if prompted and then click Next
    1. The VMware Remote Console plug-in is used to manage your VMs through the web.  It is not needed during the installation process.
      vCloud Director - Setup Wizard - Welcome
  3. "Read" and check Yes, I accept the terms in the license agreement and click Next
    vCloud Director - Setup Wizard - License Agreement
  4. Enter your vCloud Director license key (can be obtained my myvmware.com) and click Next
    vCloud Director - Setup Wizard - Licensing
  5. Enter in an administrator account used to manage vCloud Director and then click Next
    vCloud Director - Setup Wizard - Create an Administrator Account
  6. Enter a system name (I used vCloudDirector) that gets added to vSphere.  This is where all the vCloud Director VMs will go when they are provisioned.  Click Next
    vCloud Director - Setup Wizard - System Settings
  7. Click Finish
    vCloud Director - Setup Wizard - Ready to Complete
  8. Login using your Administrator account once redirected
  9. Click on Attach a vCenter undernetth provision your Cloud resources...
    vCloud Director - Attach a vCenter
  10. Enter in your vCenter info and click Next
    vCloud Director - Attach a vCenter - Name this vCenter
  11. Enter in the username and password to your vShield Manager instance and click Next
    vCloud Director - Connect to vShield Manager
  12. Verify your settings and click Finish
    vCloud Director - Connect to vShield Manager - Ready to Complete
  13. Click on Step 2, Create a Provider VDC
    vCloud Director - Create Provider VDC
  14. If you have different resource pools with different configurations, I would create a similar name for your vDC.  In this example, I only have one resource pool containing all the resources in my environment, so I am going to name my vDC (Virtual Data Center) My Company.  Click Next when ready to proceed.
    1. Additionally, you can select what supported hardware version you wish to use.  As I have no ESX 4.x hosts, I am going to select Hardware version 9 as I have a newer environment.
    2. Note: Per VMware's website, here is the definition of a Provider vDC: A Provider vDC is a collection of compute, memory, and storage resources from one vCenter. A Provider vDC provides resources to organization vDCs.
      vCloud Director - Create Provider VDC - Name this Provider VDC
  15. Select a resource pool you wish to deploy the VMs to and click Next
    vCloud Director - Create Provider VDC - Select a Resource Pool
  16. If you have a specific datastore or storage policy you wish to use for this vDC, select the Storage Policy/Datastore, click the Add button, and then click Next.
    vCloud Director - Create Provider VDC - Select a Resource Pool - Add
  17. Enter in the credentials to each of the hosts to deploy the vCloud Director agent.  Once completed, click Next.
    vCloud Director - Create Provider VDC - Prepare Hosts
  18. Click Finish if the provided information looks correct
    vCloud Director - Create Provider VDC - Ready to Complete
  19. Now, depending on your configuration, if you had other VMs deployed to this resource pool, you may receive an error stating that the machines cannot enter maintennace mode.  The reason behind this is that DRS is preventing the hosts from entering maintnenace mode because DRS cannot move the VMs around to achieve High Availablity.
    vCloud Director - vCenter - Operation timed out - Prepare Host

    1. If you see this behavior, you will have to manually deploy the vCloud Director agents to the hosts.  To do this, click on the Manage & Monitor tab inside of vCloud Director.
      vCloud Director - Manage & Monitor
    2. Select Hosts
    3. Right click on one of the hosts and select Prepare Host...
      vCloud Director - Manage & Monitor - Prepare Host
    4. Enter the username and password to the host and click OK
      vCloud Director - Manage & Monitor - Prepare Host - Credentials
    5. Repeat this process for the other hosts in your cluster (you can select multiple hosts at a time. Now that we have at least one host available, we can failover a few VMs via)
      vCloud Director - Manage & Monitor - Prepare Host - Success
      vCloud Director - Manage & Monitor - Prepare Host - Success All Hosts
  20. Click on the Home tab and then click on the Create a new organization link
    vCloud Director - Create a new organization
  21. Enter in your organization information and click Next
    1. The Organization name is simply a code used to generate a short url to identify the organization.  Only letters and numbers are accepted in this field.
      vCloud Director - Create a new organization - Name this Organization
  22. Optionally select whether you want to use LDAP to provide access to vCloud Director and then click Next.
    vCloud Director - Create a new organization - LDAP Options
  23. On the Add Local Users page, click Add to add virtual vCloud Users (non-ldap).  Click Next once you have added the users of your choice or click Next if you want to add users later.
    vCloud Director - Create a new organization - Add Local Users
  24. On the Catalog page, select whether or not you want to allow sharing/publishing between organizations.  In this case, just click Next.
    (oops, no picture for this one 🙁 )
  25. On the Email Preferences page, click Next
    vCloud Director - Create a new organization - Email Preferences
  26. Configure the policies to your liking.  In this case I am going to leave things with their default settings and click Next
    (Oops, no picture for this one 🙁 )
  27. Click Finish
    vCloud Director - Create a new organization - Ready to Complete
  28. Click on Step 6 Allocate resources to an organization
    vCloud Director - Allocate resources to an organization
  29. Select the Organization you created and click Next
    vCloud Director - Allocate resources to an organization - Select Organization
  30. Select your Provider VDC and click Next
    vCloud Director - Allocate resources to an organization - Select Provider VDC
  31. Select the allocation model you choose to best fit your organization.  In this case, I am going to use Pay-As-You-Go to only allocate used resources.  Click Next.
    vCloud Director - Allocate resources to an organization - Select Allocation Model
  32. Choose you you want to configure your allocation model from the previous step and click Next.
    vCloud Director - Allocate resources to an organization - Configure Pay-As-You-Go Model
  33. Select the storage you want to use, click Add, and then click Next
    vCloud Director - Allocate resources to an organization - Allocate Storage
  34. Click Next on the Select Network Pool & Services page
    vCloud Director - Allocate resources to an organization - Select Network and Services
  35. Click Next if you don't need an edge gateway to an external network
    1. An edge gateway is needed to provide access to other internal and external (internet) networks.
      vCloud Director - Allocate resources to an organization - Create a new edge gateway
  36. Enter a name for the new Organization VDC and click Next
    vCloud Director - Allocate resources to an organization - Name this Organization VDC
  37. Click Finish
    vCloud Director - Allocate resources to an organization - Ready to Complete

At this point you should be able to publish a catalog or create a new VM from scratch in a completely isolated environment.  You can add an external network or utilize a VXLAN with additional configurations to begin to connect your network to an outside world.

Hope this helps!

[Tutorial] Deploying VMware vCloud Networking and Security 5.5

Here is a tutorial on deploying VMware vCloud Networking and Security 5.5 (formerlly called vShield).  Unlike other VMware products, this product must be installed as an appliance.  VMware provides you an OVA file that contains the entire virtual appliance, so minimal configuration is needed.  Here is a good overview of the product and how it works: http://vmwarelearning.com/vcloud_net_sec/

Before beginning, here are the following hardware prerequisites.  These prerequisites can be found from the official VMware deployment guide: http://www.vmware.com/pdf/vshield_51_quickstart.pdf

  • Memory
    • vShield Manager: 8GB allocated, 3GB reserved
    • vShield App: 1GB allocated, 1 GB reserved
    • vShield Edge compact: 256 MB, large: 1 GB, x-large: 8 GB
    • vShield Data Security: 512 MB
  • Disk Space
    • vShield Manager: 60 GB
    • vShield App: 5 GB per vShield App per ESX host
    • vShield Edge compact and large: 320 MB, lx-Large: 4.4 GB (with 4 GB swap file)
    • vShield Data Security: 6GB per ESX host
  • vCPU
    • vShield Manager: 2
    • vShield App: 2
    • vShield Edge compact: 1, large and x-Large: 2
    • vShield Data Security: 1

Installing VMware vCloud Networking and Security 5.5 Appliance

  1. Download the VMware vCloud Networking and Security 5.5 OVA file from myvmware.com
  2. Login to vCenter
  3. Select File->Deploy OVF Template...
    Deploy OVF Template...
  4. Click Browse...
    Deploy OVF Template - Browse
  5. Select the VMware-vShield-Manager-5.5.x-xxxxxxx.ova file you downloaded and click OK
    Deploy OVF Template - VMware vShield Manager Appliance
  6. Select Next >
    Deploy OVF Template - Browse - vShield Appliance
  7. Select Next >
    Deploy OVF Template - vShield Manager
  8. Select Accept and then click Next >
    Deploy OVF Template - vShield Manager - Accept EULA
  9. Enter a name for the VM and click Next >
    Deploy OVF Template - vShield Manager - Name and Location
  10. Select a datastore to place the VM on storage and click Next >
    Deploy OVF Template - vShield Manager - Deploy OVF Template
  11. Select how you want to provision the VM and click Next >
    Deploy OVF Template - vShield Manager - Disk Format
  12. Select the destination network and click Next >
    Deploy OVF Template - vShield Manager - Network Mapping
  13. Enter in a password for the default admin user and for privileged CLI access and click Next >
    Deploy OVF Template - vShield Manager - Properties - User Accounts
  14. Click Finish
    Deploy OVF Template - vShield Manager - Finish Deployment
  15. Power on the VM
    Power On vShield Appliance
  16. Open up a console the VM
  17. Login to the VM using the username admin and the "user password" you specified in step 13.
    Login vShield Appliance - CLI
  18. Type enable and hit enter (use the "privileged user password" you specified in step 13).
    Login vShield Appliance - CLI - Privileged
  19. Type setup and hit enter to launch the network configuration wizard
    Enter in the static IP Address you wish to assign to the appliance and hit enter
    Enter in the Subnet Mask for your network and hit enter
    Enter in the Default gateway for your network and hit enter
    Enter in your Primary DNS server's IP address and hit enter
    Enter in your Secondary DNS server's IP addres and hit enter
    Enter in your domain search list (DNS Suffix if you host your own internal DNS) and hit enter
    Login vShield Appliance - CLI - Network Setup
  20. Type y to confirm your changes and hit enter
    Login vShield Appliance - CLI - Network Setup - Confirm
  21. Press control+alt+insert to send the control+alt+delete command to the VM to restart the guest.
    Note: Logging out like the wizard tells you didn't work for me.  Had to do the reboot.
    Login vShield Appliance - CLI - Network Setup - Logout
  22. Open up your webbrowser and head over to the static IP address you gave your appliance
    VMware vShield Manager - Login
  23. Enter in the username admin and the password default to login
    VMware vShield Manager - Login - Default Credentials

Configuring VMware vCloud Networking and Security 5.5 for vCenter

  1. Click on the Edit button next to Lookup Service
    vShield Manager
  2. Check Configure Lookup Service and enter in the information to your vCenter's Lookup Service instance:
    Lookup Service Host
    Lookup Service Port
    SSO Administrator Username (should be admin@System-Domain or [email protected] if you used the default installation options)
    SSO Administrator Password.
    Click OK once configured.
    vShield Manager - Edit - Lookup Service
  3. Click Yes to trust the server's SSL certificate
    vShield Manager - Edit - Lookup Service - Verify SSL
  4. Click Edit next to vCenter Server
    vShield Manager - vCenter Server
  5. Enter in your vCenter info and click OK
    vCenter Server
    Administrator Username
    Administrator Password
    vShield Manager - Edit - vCenter Server
  6. Select Yes to trust the vCenter SSL certificate
    vShield Manager - Edit - vCenter Server - Verify SSL
  7. Check Install this certificate and do not display any security warnings and then click the Ignore button when prompted
    VMware Security Warning - SSL Certificate
  8. Click the Edit button next to NTP Server
    vShield Manager - NTP Server
  9. Specify the IP address of the NTP server you wish to sync to and click OK
    vShield Manager - Edit - NTP Server
  10. Click the Change Password link at the top to change the default admin password.  Click OK when you are done.
    vShield Manager - Edit - Admin Password

At this point, you can begin to install the vShield App, vShield Endpoint, and vShield Data Security services by selecting one of your hosts and clicking the Install links.  However, configuration of these options is outside the scope of this tutorial.

vShield Manager - vShield Host Prepartion Status

Note: One thing that I did notice that is different from vShield 5.1 is that once vShield Manager 5.5 is synchronized with vCenter, the management plugin will automatically be registered to vCenter and you can access vShield Manager from the vSphere Client.

[Tutorial] How-to install VMTools on CentOS 6

Here is a quick tutorial on how to get VMware Tools up and running on a CentOS 6 Linux machine.  Although the instructions are shown with the GUI, we'll use terminal so the guide works with both gui and non-gui based installs.

  1. Mount the VM tools installer to your VM
    Install-Upgrade VMware Tools
  2. Open up Terminal
    CentOS6 - Terminal
  3. Execute the following command (this will create a mount point for our CD drive)
    1. mkdir /cdrom
      CentOS6 - VMware Tools - New Mount Point
  4. Execute the following command (this will map the CD drive to our cdrom mount point)
    1. mount /dev/cdrom /cdrom
      CentOS6 - VMware Tools - Map Mount Point cdrom
  5. Execute the following command to move to your temporary files folder
    1. cd /tmp
      CentOS6 - VMware Tools - Temporary Files
  6. Execute the following command to extract the VMware Tools tarball
    1. tar -xvf /cdrom/VMwareTools (tab to autofill the rest of the package)
      CentOS6 - VMware Tools - Extract VMware Tools
  7. Execute the following command to run the VMware Tools installer
    1.  ./vmware-tools-distrib/vmware-install.pl
      CentOS6 - VMware Tools - Install VMware Tools
  8. Press Enter/Return through each of the questions, using their defaults
    CentOS6 - VMware Tools - Install Default Values
    CentOS6 - VMware Tools - Install Default Values Continued
    CentOS6 - VMware Tools - Install Default Values Continued Continued
  9. Verify VMtools is running by looking at the client status in vSphere
    CentOS6 - VMware Tools - vSphere Status

[How-To] ThinApp Internet Explorer 9 for Windows 7 x64

Here is a comprehensive guide on how to ThinApp or virtualizate Internet Explorer 9 so you can run it in tandom with other Internet Explorer versions.

  1. Start your VM
    1. For this tutorial, I am using a blank Windows 7 64-bit instance (not with SP1) using ThinApp Setup Capture 5.0.
  2. Make sure you have the Internet Explorer 9 pre-requisites package installed.  The prerequisites can be found in this KB article: http://support.microsoft.com/kb/2399238
    Use Windows6.1-KB2454826-v2-x64.msi or  Windows6.1-KB2454826-v2-x32.msi depending on your machine (one is 32-bit the other is 64-bit)
    Internet Explorer 9 Prereqs
  3. Run the MSI
  4. Click Yes when it asks to install
    Update for Windows KB2454826
  5. Restart your machine when prompted
    Windows Updates - Installation complete - Restart Now
  6. Copy the IE9 offline installer to your machine
    http://windows.microsoft.com/en-us/internet-explorer/ie-9-worldwide-languages
    Internet Explorer 9 Installer
  7. Run the VMware->ThinApp Setup Capture program
    ThinApp Setup Capture - Start Menu
  8. Click Yes on the UAC Setup Capture dialog
    UAC - Setup Capture
  9. Click Next on the Setup Capture - Welcome screen
    Setup Capture - Welcome
  10. Click the Prescan > button
    Setup Capture - Prescan
  11. Run the installer IE9-Windows7-x64-enu.exe when you get to the Install the Application Now! screen
    Setup Capture - Install Application IE9
  12. Click Yes on the UAC screen
    UAC - Internet Explorer 9
  13. Click Install
    Install Internet Explorer 9
  14. Click Restart now when prompted
    Internet Explorer 9 Install - Restart Now
  15. Click Yes on the UAC popup to launch the Setup Capture process again
    UAC - Setup Capture
  16. Click Next on the Continue installation process window
    Setup Capture - Welcome - Continue installation process
  17. Launch the Internet Explorer 9 program
    Internet Explorer 9 - Clean Install
  18. Customize Internet Explorer how you want it on your main machine.  You can set security settings, default homepage, etc. (I like to set my homepage to about:blank since the ThinApps I have usually get deployed in virtual environments).  Close Internet Explorer when you have things the way you want.
    Internet Explorer 9 - Thinapp - Customize
  19. Click Postscan > when you have finished customing Internet Explorer 9
    Setup Capture - Install Application - Postscan
  20. Click OK on the Setup Capture screen
    Setup Capture - OK Button
  21. Uncheck the desktop.exe and inetcpl.exe Entry Points and click Next >
    (I suppose you could leave the inetcpl.exe, but I feel leaving it unchecked is a cleaner solution).
    Setup Capture - Entry Points - Internet Explorer 9
  22. Click Next >
    Setup Capture - Manage with Horizon Workspace
  23. Click Next >
    Setup Capture - Groups
  24. Click Next >
    Setup Capture - Isolation - Full write access to non-system directories
  25. Click Next >
    (you can select No if you want to)
    Setup Capture - Quality Assurance Statistics
  26. Click Next >
    Setup Capture - Native Browser Redirection
  27. Change the Inventory name to Internet Explorer 9 and click Next >
    Setup Capture - Project Settings - Internet Explorer 9
  28. Ensure Use seperate .DAT file is checked, check Generate MSI package if you want to deploy this as an installer, click Save >
    Setup Capture - Package Settings - Internet Explorer 9
  29. Click Next if you receive some capture warnings provided they look like they aren't Internet Explorer related.
    Note: Your warnings could look a little different than mine, that is ok.
    Setup Capture - Save Warnings
  30. Optional Step: Deploying a desktop icon
    1. Click Edit Package.ini
      Setup Capture - Ready to Build - Edit Package.ini
    2. Scroll down to Internet Explorer.exe and change the Shortcuts line to contain %Desktop%;%Programs% and change [Internet Explorer.exe] to [Internet Explorer 9.exe].  Save and exit notepad.
    3. Click on Open Project Folder
      Setup Capture - Ready to Build - Open Project Folder
    4. Click New Folder
      Create a new folder
    5. Click Continue on the UAC popup
    6. Enter %Common Desktop% on the new folder name
      Create a new folder - Common Desktop
    7. Drag the Internet Explorer icon from your start menu into your new %Common Desktop% folder
      Thinapp Drag Shortcut
    8. Click Continue on the UAC popup
      Destination Folder Access Denied - Common Desktop - Thinapp
    9. Rename the icon to Internet Explorer 9
      Rename Internet Explorer 9 Shortcut
    10. Click Continue on the UAC popup
      File Access Denied - Internet Explorer
    11. Right click on the icon and select Properties
      Internet Explorer 9 Shortcut - Properties
    12. Change the Start in path from %HOMEDRIVE%%HOMEPATH% to "C:\Program Files (x86)\Internet Explorer\" and click OK
      Internet Explorer 9 Shortcut Properties
  31. Click Build >
    Setup Capture - Ready to Build - Build
  32. Click Finish
    Setup Capture - Build Project - Finish
  33. Test your Internet Explorer 9 Thinapp on another machine! 🙂
    IE11 and IE9

VMware Horizon View Guest Error - SvmException occured The volume is not mounted

Symptom(s): The VMware Horizon View Administration console shows a VM stuck on the "customizing" state and the VMware View Composer Guest Agent Server service stops when trying to start it on the deployed VM.  Additionally, inside of the c:\windows\temp\viewcomposer-ga.log file you see the stack trace in red below.

For reference, at the time of writing this article, I was running I was running 5.3.0 build-1427647 of the View Composer Guest Agent on a Windows 7 SP1 x64 VM.

[01/28/14 14:53:05] Status: (svmGa:195) Got kernel32 dll handle.
[01/28/14 14:53:05] Status: (svmGa:206) Obtained func for enabling process DEP.
[01/28/14 14:53:05] Status: (svmGa:212) Enabled process DEP.
[01/28/14 14:53:05] Status: (svmGa:419) VMware View Composer Guest Agent service started 5.3.0 build-1427647
[01/28/14 14:53:06] Status: (svmGa:439) SvmException occured
[01/28/14 14:53:06] Error: (svmGa:444) SvmException occured The volume is not mounted: 
StackTrace: 
----Backtrace using dbghelp.dll----
Module path: C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe
Module directory: C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\
backtrace[00] ebp 0x0117ee4c eip 0x0046304e params 0x0117ef74 0x00c50b28 0x0117ef4c 0x0117f200 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x0006204e] (no symbol information)
backtrace[01] ebp 0x0117ee6c eip 0x0040924e params 0x0117efd4 0x0117f394 0x00c50b28 0x00c50b44 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x0000824e] (no symbol information)
backtrace[02] ebp 0x0117f20c eip 0x00433bf2 params 0x0117f34c 0x002b7cf8 0x00c50b28 0x00000002 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x00032bf2] (no symbol information)
backtrace[03] ebp 0x0117f37c eip 0x004341f0 params 0x00c50b70 0x0117f394 0x0065e6d0 0x00000012 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x000331f0] (no symbol information)
backtrace[04] ebp 0x0117f3e0 eip 0x00417c53 params 0x0117fa48 0x7c3a1ce3 0x00c50e78 0x0065e6d0 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x00016c53] (no symbol information)
backtrace[05] ebp 0x0117faf0 eip 0x00419be5 params 0x0117fd98 0x00000001 0x0117fe38 0x004c1914 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x00018be5] (no symbol information)
backtrace[06] ebp 0x0117fe10 eip 0x0041b139 params 0x00400000 0x00000010 0x00000002 0x00000085 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x0001a139] (no symbol information)
backtrace[07] ebp 0x0117ff24 eip 0x00401e23 params 0000000000 0x002af6e0 0x002af6e0 0000000000 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x00000e23] (no symbol information)
backtrace[08] ebp 0x0117ff74 eip 0x00403e75 params 0x00000001 0x002af6f0 0000000000 0x0117ff94 [C:\Program Files (x86)\Common Files\VMware\View Composer Guest Agent\vmware-svi-ga.exe base 0x00400000 0x0001:0x00002e75] (no symbol information)
backtrace[09] ebp 0x0117ff88 eip 0x76f575a8 params 0x002af6e0 0x0117ffd4 0x77769f72 0x002af6e0 [C:\Windows\SysWOW64\sechost.dll base 0x76f50000 0x0001:0x000065a8] (I_ScIsSecurityProcess + 0x0269)
backtrace[10] ebp 0x0117ff94 eip 0x7654336a params 0x002af6e0 0x768af8a4 0000000000 0000000000 [C:\Windows\syswow64\kernel32.dll base 0x76530000 0x0001:0x0000336a] (BaseThreadInitThunk + 0x0012)
backtrace[11] ebp 0x0117ffd4 eip 0x77769f72 params 0x76f57587 0x002af6e0 0000000000 0000000000 [C:\Windows\SysWOW64\ntdll.dll base 0x77730000 0x0001:0x00029f72] (RtlInitializeExceptionChain + 0x0063)
backtrace[12] ebp 0x0117ffec eip 0x77769f45 params 0x76f57587 0x002af6e0 0000000000 0000000000 [C:\Windows\SysWOW64\ntdll.dll base 0x77730000 0x0001:0x00029f45] (RtlInitializeExceptionChain + 0x0036)
----End of backtrace----

Troubleshooting: Tried uninstalling all VMware products, and reinstalling the following in the following order: VMware Tools, VMware View Agent, VMware Horizon View Feature Pack.

Additionally, tried applying the appropriate guest customization script provided in the following VMware article: http://www.vmware.com/files/pdf/VMware-View-OptimizationGuideWindows7-EN.pdf

Solution: I called VMware's support line and they have had no reports of this issue, nor an answer for solving this issue.  Unfortunately, the only solution was to recreate the VM from scratch.

Veeam Backup and Replication 6.5 for VMware- CHMOD mask [0] error

Symptom:
When running a backup, you receive the following message:

5/20/2013 1:43:48 PM :: Error: Client error: File does not exist. File: [E:\Backups\VMs\VM2013-05-20T010122.vib].
Failed to restore file from local backup. VFS link: [summary.xml]. Target file: [MemFs://Tar2Text]. CHMOD mask: [0].

Solution:
From what I gather, this error is generated when you do not have a full backup completed.  For example, lets say you have an external hard drive you backup to and your next scheduled backup is an incremental.  Now when your incremental backup runs, since a full backup does not exist, the incremental backup cannot be made and you result with the above error.

To allow your backup to complete successfully, you will need to manually create full backups for each of the "problem VMs", so the incremental can backup properly.  To do so, you can right click on your Veeam Backup Job and select "Active Full".  This will create a full backup and then let your scheduled incremental jobs run as intended.

Enabling use of the VMware Horizon View 5.2 HTML5 Portal

Today I tried upgrading VMware's View Connection and Security servers from 5.1 to 5.2.  All went well, but when I browsed out to our security server, I noticed that the web client did not exist.

Solution:
Turns out that VMware View 5.2 itself doesn't contain the HTML5 interface to control your desktop through the browser.  In order to enable this feature, you must download the VMware Horizon View Feature Pack on the connection server as well as install the Remote Experience Agent with the HTML Access component on the virtual desktops.  All of these can be obtained from the "My VMware" center.

First, I navigated to the VMware Horizon View 5.2 Feature Pack downloads and downloaded the VMware-Horizon-View-HTML-Access_x64-1.0.0-1049726.exe (Click here to go to the VMware download portal).  Once downloaded, I installed this on my Connection Servers.  This can be installed while the Connection server is running, no downtime neccessary.

Next, I downloaded the Remote Experience Agent for 64-bit desktops (VMware-Horizon-View-5.2-Remote-Experience-Agent-x64-1.0-1046150.msi) file (Same download portal as mentioned above) and installed that on the client machines I wanted to be accessible via the HTML5 page.

Next, I opened up the VMware Horizon View Administrator web GUI and navigated to View Configuration -> Servers -> Connection Servers.  Right click on the connection server and ensure the Blast Server URL has been configured properly.

Next, still inside of the VMware Horizon View Administrator web GUI, I navigated to Pools, selected the Pool I wanted to allow HTML5 Web Access to, hit Edit..., selected the Pools Settings tab, and checked HTML Access.

VMware Horizon View - VM Pool - HTML Access

Last, you need to open port 8443 (or whatever External Blast URL port number you used) on your security server (when installing the Security Server, by default the rules are added to Windows Firewall but are not enabled).  To do enable the rules, remote to your security server, open up your firewall (in my example, Windows Firewall with Advanced Security), and enable the VMware View Connection Server (Blast-In) rules.

VMware Horizon View - Security Server - Windows Firewall

 

 

Some errors you may come across

Problem: When you try to login to your desktop via the HTML5 GUI, you receive the following error:

You are not entitled to use the system.

Solution: You need to make sure you entitle the user to the pool or make sure you have checked the HTML Access checkbox for the pool as mentioned above.

-------------------------------------------------------------------------------------------------------------------------

Problem: When connecting to the View Desktop you receive the following error message:

The display protocol for this desktop is currently not available.  Please contact your system administrator.

Solution: Make sure the VMware Blast service is running on your virtual desktop/you have installed the Remote Experience Agent as mentioned above.

-------------------------------------------------------------------------------------------------------------------------

Problem: When connecting to the View Desktop you receive the following error message:

All available desktop sources for this desktop are currently busy. Please try connecting to this desktop again later, contact your system administrator.

Solution: Log out of the Web GUI and log back in.

-------------------------------------------------------------------------------------------------------------------------

Problem: When connecting to the View Desktop you receive the following error message:

Unable to connect to desktop: There is no available gateway for the display protocol. Try again, or contact your administrator if this problem persists.

Solution: Log out of the Web GUI and log back in.

-------------------------------------------------------------------------------------------------------------------------

Problem: When connecting to the View Desktop, you are redirected to a page and are given a 404 page cannot be displayed.

Solution: Make sure you have enabled the ports on your external firewall for the Security Servers as well as the firewall on the host running the security server (Windows Firewall as mentioned above).

-------------------------------------------------------------------------------------------------------------------------

Known Issues

Please note, there is a list of published Known Issues by VMware.  I would recommend giving the following article a peruse to be familiar with those issues: http://www.vmware.com/support/viewclients/doc/horizon-view-html-access-release-notes.html

 

VMware View Composer agent initialization state error (16)

Symtom:

When trying to deploy a desktop using VMware View (Horizon), you receive the following error in your connection server:

Mar 31, 2013 1:41:45 PM CDT: View Composer agent initialization state error (16): Failed to activate license (waited 1215 seconds)
View Composer Agent Error 16

Solution:

This error is caused by Windows not being activated.  To solve this error, make sure you have Windows Activated or that Windows can properly reach your KMS server to activate Windows.  Once the OS is activated, simply restart the VMware Agent service or reboot the machine to have your vconnect server set the desktop to available.

VMware vCenter Inventory Service Hang 5.1B

Today while installing VMware vCenter Inventory Service, I noticed that the installer would "hang" after I clicked the Next button on the page where you enter in the vCenter SSO service's URL (vCenter Signle Sign On Information page). First, I opened up the vminst.log file and noticed things were stopping on the following line:
VMware VirtualCenter-build-947673: 03/06/13 09:12:35 Attempting to launch ["C:\Users\ADMINI~1\AppData\Local\Temp\3\{946581B4-C0B9-4A86-9207-E64448CBA66B}\openssl.exe" x509 -noout -checkend 0 -in "C:\ProgramData\VMware\Infrastructure\Inventory Service\ssl\rui.crt" ]

Solution:
The reason I was receiving this issue was due to the way I had prestaged my SSL certificates. For whatever reason, I had missed setting up my VMware SSL directory (C:\ProgramData\VMware\SSL) and thus did not have the ca_certificates.crt and the whatever.0 hash file. Once I had placed those files inside of the C:\ProgramData\VMware\SSL directory, the installer was able to continue on.

VMware vSphere - Can't install VMware Tools

Are you running into the issue where you click VM->Guest->Install/Upgrade VMware tools? I have found that if I try creating a VM with the VMXNETv3 adapter and am using an older version of Windows, the DVD drivers aren't picked up properly and VMware tools won't install.

That being said, the only way I have found to get things working is to manually install VMware tools... yep! You VMware does offer the ability to download any version of VMware tool's ISO files.
Head on over to http://packages.vmware.com/tools/esx/index.html and download the version you would like and simply mount the tools as you would with any other disk. For whatever reason, mounting the disk manually by clicking on the "Disk with a wrench icon" and selecting an ISO connected to my local machine, seems to work and gets me back in business.

Hope this helps!