Posts in this series
After a bit of a rocky start (missed my flight and the partner day due to tendonitis in my knee) I arrived in Barcelona for my 2nd VMworld Europe. I headed straight from the airport to the PernixData party and caught up with the rest of the Xtravirt guys.
Tuesday morning started as ever with a keynote address. It was a little disappointing, but not unexpected, that there were no real announcements or reveals in the keynote. It was essentially a repeat of the VMworld US keynote with a couple of new betas announced. Nothing really revolutionary, a new vCloud Air datacenter in Germany and some new partners for EVO:RAIL. It's interesting to see that the pace of traction for both cloud and hyperconverged is increasing for VMware's portfolio though.
My first session of the day was #MTG1969, vCloud Automation Center and NSX Integration Technical Deep Dive. This was a great session covering the integration of NSX and vCAC, two areas close to my heart Combining the two allows for repeatable on demand application delivery, from simple one tier to multi tier multiple blueprint applications. NSX really comes alive and shines when paired with automation. I was particularly pleased to see the vCenter Orchestrator plugin for NSX is fully featured in 6.1 and some significant improvements have been made.
After a quick lunch and some time in the hang space and solutions exchange I went to my second session of the day, #NET1743, VMware NSX Technical Deep Dive. I have been fortunate enough to have been on the VMware internal NSX training and actually done some real world deployments, so I have had a lot of exposure to NSX. Unfortunately this meant there was no new content for me, but the session was presented well and was well received.
To cap off a day of NSX focus, I also spent some time working through HOLSDC1425, VMware NSX Advanced. This is a great way to get some hands on experience with advanced NSX services (over and above the standard routing, switching and firewall functionality available in the basic NSX HOL). Subjects included DHCP relay, scale out L3 connectivity including configuring OSPF and ECMP (very cool!) and Layer 2 VPN. There are also some examples of 3rd party integration with Symantec and Riverbed.
In the evening we headed over to the solutions exchange for the drinks reception, then on to the vExpert/VCDX reception, and finally the vJamon event. By far my favourite was the vJamon event, which was hosted in a great venue with live music and good food, and overall a really good event sponsored by Cisco and Intel. These events are a fantastic opportunity to network with peers and meet up with colleagues and are one of the most valuable features of VMworld for me.
All in, a great first day, even on crutches! Looking forward to more tomorrow.
With the release of vCAC 6.1 there have been some great improvements in the setup of the clustered vCAC appliances - none of the previous copying of configuration files between appliances - just a simple wizard to do it all for you. In my opinion this is superb.
You'll need to have deployed a load balancer of some sort - vCAC 6.0 build-out to distributed model – Part 3.1: Configure Load Balancing with vCNS or vCAC 6.0 build-out to distributed model – Part 3.2: Configure load balancing with NSX
Deploy vCAC Appliances
Deploy three vCAC appliances by running through the OVF deployment wizard, two to be configured as vCAC Appliance nodes and one to be the external vPostgres database.
Posts in this series
- vCAC 6.0/6.1 build out to distributed model: Deploy the Identity Appliance
- VCAC 6.0 build-out to distributed model – Part 1: Certificates
- vCAC 6.0 build-out to distributed model – Part 2: vPostgres
- vCAC 6.0 build-out to distributed model – Part 3.1: Configure Load Balancing with vCNS
- vCAC 6.0 build-out to distributed model – Part 3.2: Configure load balancing with NSX
- vCAC 6.0 build-out to distributed model – Part 4: Deploying and clustering a secondary vCAC Appliance
SSO is a fundamental requirement when deploying vCAC, whether for a distributed or simple installation. This walk through goes through the deployment and configuration of the vCAC Identity Appliance, which provides a stand alone SSO instance for vCAC.
Some of the posts in this series are completed with vCAC 6.0.1, others will be with 6.1. Where there are differences I will aim to point them out!
Deploying the OVF
Deploying the OVF is very simple, just run through the wizard:
The appliance will perform a reverse lookup to get it's hostname - if you have pre-staged a DNS A and PTR record, and have a reservation set for the VM. If you statically assign an IP address, make sure you use the FQDN in the hostname field - not doing so will cause issues with the self-signed certificates and also when you join the Active Directory domain.
The NSX Edge Gateway comes pre-armed with the ability to provide an SSL VPN for remote access into your network. This isn't a new feature (SSL VPN was available in vCloud Networking and Security), but it's worth a run through. I'm configuring remote access to my Lab, since it's often useful to access it when on a client site, but traditional VPN connections are often blocked on corporate networks where HTTPS isn't.
So recently I came across an error in the vSphere windows "fat client" when trying to use the search field.
So a quick look at the VMware knowledge base brought up the following article
So I went ahead and followed the KB artricle and then tried to search again.. the following error was generated.
Also while logging into the vSphere web client the following error appears.
I had access to the SSO components etc.. but vCenter and related objects were null, now I have seen this issue before when the in use domain account has not been added to the vCenter as an admin so I re-logged with the [email protected] account (which had no errors when logging in) and browsed through to the vCenter server permissions tab and I could see all of the appropriate accounts listed with the correct permissions.