Breaking: VMware Board Names Raghu Raghuram as CEO

Breaking: VMware Board Names Raghu Raghuram as CEO

VMware today announced that its Board of Directors has appointed Rangarajan (Raghu) Raghuram as Chief Executive Officer effective June 1, 2021. Raghuram is a strategic business leader who currently holds the position of Executive Vice President and COO, Products and Cloud Services at VMware.

VMware Social Media Advocacy

How to check CPU microcode revision in ESXi

Occasionally ESXi users want to check CPU microcode. You can check CPU microcode revision on running ESXi host this easy way.

[root@tanzu-esxi-1:~] vsish -e cat /hardware/cpu/cpuList/0 | grep -i -E 'family|model|stepping|microcode|revision'
   Family:0x06
   Model:0x25
   Stepping:0x01
   Number of microcode updates:0
   Original Revision:0x0000001f
   Current Revision:0x0000001f

More info: Using the ESXi 6.0 CPU Microcode Loading Feature

What’s New with vSAN 7 Update 2

What’s New with vSAN 7 Update 2

With more than 30,000 customers, vSAN continues to innovate. We’re excited to announce vSAN 7 Update 2, which delivers flexible, resilient, and future ready infrastructure that allows our customers to meet dynamic business and workload demands without compromising on efficiency, performance, or resiliency. We have enhanced the usability of vSAN deployed in various physical topologies, … Continued The post What’s New with vSAN 7 Update 2 appeared first on VMware vSAN Virtual Blocks Blog.

VMware Social Media Advocacy

vExpert 2021 Award Announcement

vExpert 2021 Award Announcement

vExpert 2021 Award Announcement

Tweet Thank you to everyone who applied for vExpert and to the vExpert PROs for managing the voting process, it’s a lot of work! We are pleased to announce the list of 2021 vExperts. You can visit the vExpert Directory to see the list and profiles of each vExpert. All of the new and returning … Continued The post vExpert 2021 Award Announcement appeared first on VMware vExpert Blog.

VMware Social Media Advocacy

New ESXCLI Commands in vSphere 7.0

In ESXi 7 / vSphere 7.0 the command line interface esxcli has been extended with new features.

For reference ESXCLI full commands list for ESXi 7.0.

Here is list with new and extended namespaces:

NEW ESXi 7.0 ESXCLI Command Reference

Command groupsCMDDescription
daemon controlrestart Restart the daemons for the specified solution ID.
daemon controlstart Start the daemons for the specified solution ID.
daemon controlstop Stop the daemons for the specified DSDK built solution.
daemon infoget Get running daemon status for the specified solution ID.
daemon infolist List the installed DSDK built daemons.
hardware pci pcipassthrulist Display PCI device passthru configuration.
hardware pci pcipassthruset Configure PCI device for passthrough.
network nic attachmentadd Attach one uplink as a branch to a trunk uplink with specified VLAN ID.
network nic attachmentlist Show uplink attachment information.
network nic attachmentremove Detach a branch uplink from its trunk.
network nic dcb statusget Get the DCB information for a NIC.
network nic hwCap activatedlist List activated hardware capabilities of physical NICs.
network nic hwCap supportedlist List supported hardware capabilities of physical NICs.
nvme adapterlist List all NVMe adapters.
nvme controlleridentify Get NVMe Identify Controller data.
nvme controllerlist List all NVMe controllers.
nvme fabricsconnect Connect to an NVMe controller on a specified target through an adapter.
nvme fabrics connectiondelete Delete persistent NVMe over Fabrics connection entries. Reboot required for settings to take effect.
nvme fabrics connectionlist List all persistent NVMe over Fabrics connection entries.
nvme fabricsdisable Disable NVMe over Fabrics for a transport protocol.
nvme fabricsdisconnect Disconnect a specified NVMe controller on the specified NVMe adapter.
nvme fabricsdiscover Discover NVMe controllers on the specified target port through the specified NVMe adapter and list all of them.
nvme fabricsenable Enable NVMe over Fabrics for a transport protocol.
nvme infoget Get NVMe host information.
nvme namespaceidentify Get NVMe Identify Namespace data.
nvme namespacelist List all NVMe namespaces.
rdma iser paramsset Change iSER kernel driver settings.
software addonget Display the installed Addon on the host.
softwareapply Applies a complete image with a software spec that specifies base image, addon and components to install on the host.
software baseimageget Display the installed baseimage on the host.
software componentapply Installs Component packages from a depot. Components may be installed, upgraded. WARNING: If your installation requires a reboot, you need to disable HA first.
software componentget Displays detailed information about one or more installed Components
software componentlist Lists the installed Component packages
software componentremove Removes components from the host. WARNING: If your installation requires a reboot, you need to disable HA first.
software component signatureverify Verifies the signatures of installed Components and displays the name, version, vendor, acceptance level and the result of signature verification for each of them.
software component viblist List VIBs in an installed Component.
software sources addonget Display details about Addons in the depots.
software sources addonlist List all Addons in the depots.
software sources baseimageget Display details about a Base Image from the depot.
software sources baseimagelist List all the Base Images in a depot.
software sources componentget Displays detailed information about one or more Components in the depot
software sources componentlist List all the Components from depots.
software sources component viblist List VIB packages in the specified Component in a depot.
storage core device smart daemonstart Enable smartd.
storage core device smart daemon statusget Get status of smartd.
storage core device smart daemonstop Disable smartd.
storage core device smart statusget Get status of SMART stats on a device.
storage core device smart statusset Enable or disable SMART stats gathering on a device.
system ntp configget Display Network Time Protocol configuration.
system ntpget Display Network Time Protocol configuration
system ntpset Configures the ESX Network Time Protocol agent.
system ptpget Display Precision Time Protocol configuration
system ptpset Configures the ESX Precision Time Protocol agent.
system ptp statsget Report operational state of Precision Time Protocol Daemon
vm appinfoget Get the state of appinfo component on the ESXi host.
vm appinfoset Modify the appinfo component on the ESXi host.
vsan network securityget Get vSAN network security configurations.
vsan network securityset Configure vSAN network security settings.
The ESXCLI command set allows you to run common system administration commands against vSphere systems from an administration server of your choice. The actual list of commands depends on the system that you are running on. Run esxcli --help for a list of commands on your system.

For reference ESXCLI full commands list for ESXi 6.x.

vRops – Data Retriever is not initialized yet. Please wait … -> Replace expired internal certificate in vRealize Operations (71018)

Data Retriever is not initialized yet. Please wait … What is WRONG?

OK, I tries to login with vRops admin login but another message “Incorrect user name/password”.

No luck with How to reset the admin password in vRealize Operations (2078313)

My problem was with expired internal certificate in vRealize Operations.

# /bin/grep -E --color=always -B1 'java.security.cert.CertPathValidatorException: validity check failed|java.security.cert.CertificateExpiredException' $ALIVE_BASE/user/log/*.log | /usr/bin/tail -20

/usr/lib/vmware-vcops/user/log/web.log- at java.lang.Thread.run(Thread.java:748)
/usr/lib/vmware-vcops/user/log/web.log:Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
--
/usr/lib/vmware-vcops/user/log/web.log- ... 27 more
/usr/lib/vmware-vcops/user/log/web.log:Caused by: java.security.cert.CertPathValidatorException: validity check failed
--
/usr/lib/vmware-vcops/user/log/web.log- ... 35 more
/usr/lib/vmware-vcops/user/log/web.log:Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sun Jan 1 10:42:20 EET 2021
--
/usr/lib/vmware-vcops/user/log/web.log-2021-01-10 14:45:19,988 ERROR [pool-2-thread-1] com.vmware.vcops.util.admin.HTTPSRequester.doHttpRequest - Sending 'GET' request to URL : https://vrops/casa/deployment/slice failed
/usr/lib/vmware-vcops/user/log/web.log:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
--
/usr/lib/vmware-vcops/user/log/web.log- at java.lang.Thread.run(Thread.java:748)
/usr/lib/vmware-vcops/user/log/web.log:Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
--
/usr/lib/vmware-vcops/user/log/web.log- ... 27 more
/usr/lib/vmware-vcops/user/log/web.log:Caused by: java.security.cert.CertPathValidatorException: validity check failed
--
/usr/lib/vmware-vcops/user/log/web.log- ... 35 more
/usr/lib/vmware-vcops/user/log/web.log:Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sun Jan 1 10:42:20 EET 2021

How to fix it? Internal Certificate Expired

  1. Snapshot the vRealize Operations nodes
  2. Download the Certificate Renewal PAK file for your version of vRealize Operations:

vRealize Operations 6.3 – 8.1.1
vRealize Operations 8.2 and later

Note: The file name indicates 8.0.0 but will work for vRealize Operations 6.x and 7.x.

  1. Copy the vRealize Operations Certificate Renewal PAK file to the /tmp/ directory on all nodes in the vRealize Operations cluster using an SCP utility.
  2. Log into all nodes in the vRealize Operations cluster as root via SSH or Console.
  3. Run the following command on all nodes in the vRealize Operations cluster to make the necessary directories:
mkdir -p /data/db/pakRepoLocal/vRealize_Operations_Manager_Enterprise_Certificate_Renewal/extracted
  1. Unzip the vRealize Operations Certificate Renewal PAK file by running the following command on all nodes in the vRealize Operations cluster:
unzip /tmp/vRealize_Operations_Manager_Enterprise_Certificate_Renewal-8.0.0.15217416.pak -d /data/db/pakRepoLocal/vRealize_Operations_Manager_Enterprise_Certificate_Renewal/extracted
  1. The following command needs to be run in a particular order.  Follow each sub-step carefully.
$VMWARE_PYTHON_BIN /data/db/pakRepoLocal/vRealize_Operations_Manager_Enterprise_Certificate_Renewal/extracted/updateCoordinator.py EXPIRED
  • First, run the command on all Remote Collector nodes (if present) in the cluster, and wait for the task to complete.  Continue to step 7.2.
  • Next, run the command on all Data nodes, the Witness node (if present), and the Primary Replica node (if present) in the cluster; do not wait for each node to complete, just start the command on all nodes.  Once Waiting for certificate generation to complete appears on the last node, wait roughly 60 seconds, and continue to step 7.3.
  • Finally, run the command on the Primary node.

The expected behavior is for the command to finish, then shortly afterwards the pending tasks on the Data nodes and Primary Replica node (if present) will complete. To ensure that the command completes successfully check:

ls -l /var/vmware/_cert_generation_completed
  1. Run the following commands on all nodes in the vRealize Operations cluster:
chown admin:admin -R /storage/vcops/user/conf/ssl/ /storage/vcops/user/conf/ssl_bak/ /storage/db/casa/webapp/hsqldb/
chmod guo+r -R /storage/vcops/user/conf/ssl/
service vmware-casa restart
service vmware-vcops stop
sed -i 's/sliceonline\ \=\ true/sliceonline\ \=\ false/g' /usr/lib/vmware-vcopssuite/utilities/sliceConfiguration/data/roleState.properties
  1. Run the following commands on the Primary node, and Primary Replica node (if present):
service vmware-casa stop
sed -i -e 's/\"onlineState\"\:\"GOING\_OFFLINE\"/\"onlineState\"\:\"OFFLINE\"/g' -e 's/\"online\_state\"\:\"GOING\_OFFLINE\"/\"online\_state\"\:\"OFFLINE\"/g' -e 's/\"onlineState\"\:\"GOING\_ONLINE\"/\"onlineState\"\:\"OFFLINE\"/g' -e 's/\"online\_state\"\:\"GOING\_ONLINE\"/\"online\_state\"\:\"OFFLINE\"/g' -e 's/\"onlineState\"\:\"ONLINE\"/\"onlineState\"\:\"OFFLINE\"/g' -e 's/\"online\_state\"\:\"ONLINE\"/\"online\_state\"\:\"OFFLINE\"/g' -e 's/\"onlineState\"\:\"FAILURE\"/\"onlineState\"\:\"OFFLINE\"/g' -e 's/\"online\_state\"\:\"FAILURE\"/\"online\_state\"\:\"OFFLINE\"/g' /data/db/casa/webapp/hsqldb/casa.db.script
service vmware-casa start
service vmware-vcops-web restart
/etc/init.d/apache2 restart
  1. Log into the vRealize Operations Admin UI as the local admin user.
  2. Click Bring Online under Cluster Status.

Summary:

When I can see message “Data Retriever is not initialized yet. Please wait …” or “Incorrect user name/password”.

Try to check and fix for expired internal certificate in vRealize Operations.

Fast check command is here:

/bin/grep -E --color=always -B1 'java.security.cert.CertPathValidatorException: validity check failed|java.security.cert.CertificateExpiredException' $ALIVE_BASE/user/log/*.log | /usr/bin/tail -20

More info: