Software is Always Broken

I’m sitting here watching my iPhone update to iOS 11.0.1. Apple says that there are just a couple of fixes: some security updates and a fix for the Exchange email problems. The update is sure taking a while, though. That’s consistent with my knowledge of how software development works. Color me skeptical that the first point release of a new iOS only has a couple of changes. My bet is that there are hundreds of fixes for all sorts of problems reported during the beta, but weren’t large enough to stop the release. Development of software like Apple’s iOS or VMware’s vCenter never stops. At a certain point someone takes a snapshot of the way it looks and decides that …

Read More

Install the vCenter Server Appliance (VCSA) Without Ephemeral Port Groups

Trying to install VMware vCenter in appliance/VCSA form straight to a new ESXi host? Having a problem where it isn’t listing any networks, and it’s telling you that “Non-ephemeral distributed virtual port groups are not supported”┬áin the little informational bubble next to it? Thinking this is Chicken & Egg 101, because you can’t have an ephemeral port group without a Distributed vSwitch, and you can’t have a dvSwitch without a vCenter, so how do you install vCenter when you need something that only vCenter can create? Yeah, me too. Here’s the secret, though: don’t remove the default “VM Network” port group, or if you did, put it back, and restart the installer (or just back up to select the host …

Read More

VMware vCenter Server Appliance 5.5.0 Has An Insecure NTP Server

Update: I have updated this article to reflect some new information provided by VMware. I have also published new notes and discussion as a separate blog post. On January 10, 2014 a vulnerability in ntpd, the Network Time Protocol daemon, was made public (US CERT VU#348126): UDP protocols such as NTP can be abused to amplify denial-of-service attack traffic. Servers running the network time protocol (NTP) based on implementations of ntpd prior to version 4.2.7p26 that use the default unrestricted query configuration are susceptible to a reflected denial-of-service (DRDoS) attack. Other proprietary NTP implementations may also be affected. I have encountered several vCenter Server Appliances, version 5.5.0 build 1476327 and older, that were exposed to the general Internet, and have …

Read More

VMware vCenter Server Appliance & NTP

If you’re trying to configure NTP on the VMware vCenter Server Appliance (vCSA) 5.1 builds 799730, 880472, or 947940 according to the official documentation you might be seeing what I’m seeing: vcenter:~ # yast2 ntp-client add server=0.us.pool.ntp.org Error: Cannot update the dynamic configuration policy. vcenter:~ # yast2 ntp-client enable Error: Cannot update the dynamic configuration policy. This appears to be a SuSE bug. Seems serious but it isn’t, the commands actually do complete correctly. If you want to check the work just use the command: cat /etc/ntp.conf to check for lines starting with “server” near the bottom. /sbin/chkconfig ntp on will enable the service at boot, and /etc/rc.d/ntp start will start it immediately if it isn’t started. /usr/sbin/ntpq -p will …

Read More

vSphere 5 Update 1 and vCenter Agent Upgrades

We applied vCenter 5 Update 1 on Sunday in my environment, which is earlier than we often do because there’s some bugs we needed fixed (namely the issues with Fault Domain Manager/HA and SSL certificate replacement). We’ve been running Update 1 in our test environment since its release, and it looked solid. But as any experienced IT person will tell you, production isn’t test. Ever. After the upgrade none of the hosts were connected to vCenter, and there was a task for each cluster entitled “Upgrade vCenter agents on cluster hosts” that did not proceed, did not terminate, and was uncancellable. The hosts themselves had a warning message on the summary tab indicating that a manual upgrade of the agent …

Read More

vCenter Hardware Status Stops Polling After 1 Hour

(Update, 1/19/2012, 1130 CST: The product manager for this feature, commenting below, has indicated this is actually a bug, and I’ve emailed her the details of my case so she can help track down where the information I was told came from, and fix my problem, too) —————— For what seems like an eternity I’ve had a support case open with VMware because the hardware status functionality in vCenter (4.1 and 5) stops updating. I was told today by my support guy that, for a variety of reasons that cannot be known by me, VMware has decided that the hardware status polling should stop after 1 hour. So my bug isn’t a bug, it’s a feature, case closed. I am …

Read More

How to Install Microsoft SQL Server 2008 R2 for VMware vCenter 5

My venerable post on installing MS SQL Server 2008 for vCenter 4 was getting old, so I thought I’d update it, if only because I have a new admin helping me and I’m going to stick him with doing a bunch of installs. Ha! I thank the VMware folks who have incorporated a lot of the tweaks from my original document into the defaults for vCenter 5. They were probably obvious, and not taken from my work, but it’s content I don’t need anymore. Awesome. While I don’t mean this page to become a general support site for vCenter SQL Server installations please leave a comment if something needs to be clarified or corrected, or if I’m doing something dumb …

Read More