VMware Archives - Page 16 of 60

VMware vSAN ESA – Your Storage Platform for VMware Cloud Foundation

At VMware Explore 2024, the session “VMware vSAN ESA: Your Storage Platform for VMware Cloud Foundation” provided a comprehensive look into how vSAN Express Storage Architecture (ESA) is transforming storage solutions for modern data centers. Led by Duncan Epping and Pete Koehler, this session highlighted the capabilities and benefits of vSAN ESA within VMware Cloud Foundation (VCF).

Key Features of vSAN ESA:

Next-Generation Storage Architecture:
- Designed to handle today’s and tomorrow’s workloads with efficiency and resilience.
- Offers both aggregated and disaggregated configurations for flexible deployment options.
Performance and Efficiency:
- Erasure Coding with RAID-5/6: Delivers the performance of RAID-1 with the space efficiency of RAID-5/6, optimizing capacity while maintaining performance.
- Granular Snapshotting: vSAN ESA integrates snapshots at the VM level without impacting performance, unlike traditional LUN-based snapshots.
Data Protection and Management:
- Integrated Data Protection: Includes scalable snapshots and simplified recovery options, making it easier to protect and recover VMs.
- Protection Groups: Offers flexible and easy-to-manage options for snapshot frequency, retention, and immutability, supporting dynamic VM assignments.
Flexible Deployment:
- vSAN Max: Enables disaggregated storage for independent scaling of compute and storage resources, enhancing cost efficiency and operational flexibility.

Demystifying Distributed Security in VMware Cloud Foundation

In today’s evolving IT landscape, securing distributed environments is crucial. VMware Cloud Foundation (VCF) addresses these challenges head-on with its Distributed Security model. During the VMware Explore EU 2024 session titled “Demystifying Distributed Security in VMware Cloud Foundation,” experts Chris McCain, Tim Burkard explored the nuances of enhancing security within VCF environments.

Key NOTES:

vDefend Distributed Protection:
- This is VMware’s approach to ensuring secure communication between virtual machines (VMs) by enforcing strict security rules. The Distributed Firewall (DFW) policies, integral to vDefend, apply a Zero Trust model, allowing only authorized traffic and rejecting any unauthorized attempts.
Granular Security Policies:
- VCF’s Distributed Firewall offers granular control over security policies, allowing IT teams to define rules at both policy and individual VM levels. This flexibility ensures that security is tightly integrated into every layer of the infrastructure.
Intrusion Detection and Prevention:
- VMware’s Distributed Intrusion Detection and Prevention (IDP) system proactively monitors and prevents unauthorized activities. The IDP uses an extensive signature database to alert or block threats, ensuring real-time protection across the data center.
Built-in Tools for Validation and Troubleshooting:
- Tools like Traceflow and Live Traffic Analysis are pivotal for monitoring and validating security rules. These tools help IT professionals ensure that the DFW is functioning as intended and that traffic flow complies with security policies.

ESXi Hosts: The Data Plane

ESXi hosts, where VMs reside, are integral to enforcing NSX DFW rules. The following CLI commands can be run on ESXi hosts to manage and troubleshoot DFW settings at the host level:

List All the VMs dvFilter Names: Use summarize-dvfilter to list all dvFilters associated with VMs. dvFilters are kernel modules that apply firewall rules to VMs’ network traffic.
View IP and MAC Addresses for a dvFilter: To see the IP and MAC addresses related to a specific dvFilter, the command is
vsipioctl getaddrsets -f <dvfilter-name>
List the Firewall Rules Applied on DvFilter: Retrieve the set of firewall rules applied to a dvFilter by executing
vsipioctl getrules -f <dvfilter-name>
View Firewall Configuration for a dvFilter: To inspect the firewall configuration for a specific dvFilter, the command is
vsipioctl getfwconfig -f <dvfilter-name>

NSX-T CLI on my blog.

Attend Sessions at VMware Explore 2024 – Plan Your Journey

VMware Explore 2024 is just around the corner, and it’s packed with insightful sessions and opportunities to learn from industry experts. With so much to explore, it’s crucial to plan your schedule, stay comfortable, and stay hydrated throughout the event. Here are my top session picks to make the most of your time at the conference.

Quick Tips for Attending:

Wear Comfortable Shoes: You’ll be walking a lot between sessions, so good shoes are a must.
Use the Event App: The VMware Explore app is a great tool for tracking your sessions, finding rooms, and staying updated with event news.
Plan Your Sessions: Take some time to map out the sessions you want to attend so you can maximize your learning.
Drink Plenty of Water: Keep yourself hydrated to stay energized throughout the day.

Recommended Sessions

New ESXi-Arm Fling based on 8.0 Update 3b

I am very happy to share that the ESXi-Arm team has just released a brand new version of the popular ESXi-Arm Fling (v2.0), which is now based on ESXi 8.x codebase and specifically using the latest ESXi-x86 8.0 Update 3b release! This is a very exciting update, as the original release of […]

Broadcom Social Media Advocacy

Workarounds for AVX-512 vSAN 8.0 Data…

In some older releases of vSAN there is an issue where if applications are using AVX-512 CPU instructions data corruption can occur. This was first reported by customers using DB2 but can occur with other applications as well. Here is the KB describing the problem: […]

Broadcom Social Media Advocacy

Monitoring VMware vSphere with Zabbix – vMattroman

Zabbix is an open-source monitoring tool designed to oversee various components of IT infrastructure, including networks, servers, virtual machines, and cloud services. In this post, I will show you how setup Zabbix monitoring with VMware vSpehre infrastructure.

Broadcom Social Media Advocacy

Recovering ESXi 7.x & 8.x host after forgetting…

The general guidance and quickest way to recover an ESXi host if you have forgotten or lost the root password is to reset using vSphere Host Profiles if it was managed by vCenter Server or simply reinstall ESXi which would allow you to preserve the existing VMFS volumes along with any workloads [..]

Broadcom Social Media Advocacy

Critical Security Alert: Update to Fixed Version 8.0 U3d Immediately

Urgent Notice from VMware by Broadcom

VMware has announced that the security patches released on September 17, 2024, intended to address CVE-2024-38812, did not fully mitigate the vulnerability. As a result, all customers are strongly advised to update to the latest version, 8.0 U3d, immediately. Patches for the 8.0 U2 line are also available to address this issue.

This urgent advisory applies to all vCenter Server users, as the newly identified vulnerabilities pose a significant security risk. Notably, two critical vulnerabilities were reported in vCenter Server, including a heap-overflow vulnerability and a privilege escalation vulnerability. These have been responsibly reported to VMware, which has now provided updates to address them.

Key Vulnerability: Heap-Overflow in vCenter Server (CVE-2024-38812)

Vulnerability Description:

A critical heap-overflow vulnerability was discovered in vCenter Server, specifically in its implementation of the DCERPC protocol. The issue has been assigned CVE-2024-38812 and carries a CVSSv3 base score of 9.8, placing it in the Critical severity range.

Known Attack Vectors:

This vulnerability can be exploited by a malicious actor who has network access to the vCenter Server. By sending a specially crafted network packet, the attacker could trigger the heap-overflow, potentially leading to remote code execution (RCE) on the affected system.

Why You Should Patch Now

This vulnerability could allow attackers to gain control over your vCenter Server environment, putting your infrastructure at risk for unauthorized access, data breaches, or service disruptions. Given the widespread use of vCenter Server for managing virtual environments, this threat is extremely serious, especially for businesses relying on VMware for critical operations.

Patch Availability

The new patches, which can be found in the Response Matrix, have been made available for both the 8.0 U3, 8.0 U2 and 7.0 U3 versions of vCenter Server. Customers should apply the new patches immediately to ensure their systems are protected.

What to Do:

Check your version: Identify if your vCenter Server version is affected.
Apply the patches: Use the Response Matrix provided by VMware to download and install the necessary updates.
Follow VMware’s best practices: Regularly update your systems, review security advisories, and apply patches as soon as they are released to minimize security risks.

Mount VMware-vCenter-Server-Appliance-8.0.3.00400-24322831-patch-FP.iso to VCSA VM. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:

# To stage the ISO:
software-packages stage --iso

# To see the staged content:
software-packages list --staged

# To install the staged rpms:
software-packages install --staged

ESXi on ASUS NUC 14 Performance (Scorpion Canyon)

In addition to the ASUS NUC 14 Pro (which I recently reviewed), ASUS has also released the ASUS NUC 14 Performance (formally known as Scorpion Canyon) as part of their Intel 14th Generation (Meteor Lake) lineup. Compared to the ASUS NUC 14 Pro and Pro+, the ASUS NUC 14 Performance offers […]

Broadcom Social Media Advocacy

Updated Dashboard for VMware Community Homelabs…

While working on some data analysis for an internal project, I was looking for a better way to summarize and provide some visualizations of the raw data for better consumption. I also wanted to automate this process, so that I could easily build reports or dashboards regardless of the […]

Broadcom Social Media Advocacy