English

Reset to Standard vSwitch from Distributed vSwitch on homelab Intel NUC

by

I just had to reset my homelab Intel NUC’s ESXi 6.0 network configuration because I wanted to test a specific setting in vSphere Integrated Containers. Unfortunately, the Intel NUC only has one physical uplink and that uplink (and VMkernel Portgroup) was configured on a Distributed vSwitch – I needed it on a Standard vSwitch for the test. Migrating the VMkernel Portgroup from the Distributed to a Standard vSwitch was a little challenging and I didn’t want to set up an external monitor to use the Direct Console User Interface (DCUI). But with the help of William’s ESXi virtual appliance and some hints in the vSphere documentation, I was able to reproduce the necessary keyboard inputs and perform it with only a USB keyboard attached to the NUC. Instead of summarizing it only for myself, I though I’ll share it here as I couldn’t find similar instructions on google.

Please don’t do this in a production environment, blindly configuring a system isn’t a good idea.

tl;dr: the steps are: F2 – TAB – <root_password> – ENTER – DOWN – DOWN – DOWN – DOWN – ENTER – DOWN – ENTER – F11

 

What is actually going on if you could view DCUI? First, you need to use/press F2 (and potentially “fn” or similar) to get into ESXi’s DCUI system management:

Bildschirmfoto 2016-08-01 um 07.58.16

It will ask you to authenticate first (pressing TAB – <root_password> – ENTER):

Bildschirmfoto 2016-08-01 um 08.15.31

Then, you need to go to “Network Restore Options” in the System Customization menu (pressing DOWN – DOWN – DOWN – DOWN – ENTER):

Bildschirmfoto 2016-08-01 um 07.58.48

And in the “Network Restore Options”, you’ll have the option to “Restore Standard Switch” (pressing DOWN – ENTER – F11):

Bildschirmfoto 2016-08-01 um 07.59.11

After selecting “Standard Switch”, you’ll need to confirm a new dialog with “F11” and then a new vSwitch will be created on your host. Mine worked like a charm, I found a new Standard vSwitch with vmk0 using my “old” management IP address for ESXi.

Horizon Workspace behind a DMZ loadbalancer

by

During the implementation of Horizon Workspace at a customer I’ve experienced a quite challenging situation last week. While the installation was a pretty straight forward process if you stick to our install guide we weren’t able to reach Horizon from outside the company network.  After typing the external web address in the browser it always went to the internal address which of course wasn’t reachable from outside. The setup was exactly our reference architecture shown in the picture below with a loadbalancer in the DMZ that points to the Horizon Gateway appliance on the internal network.

Horizon Workspace
(Source: https://www.vmware.com/files/pdf/techpaper/vmware-horizon-workspace-reference-architecture.pdf)

After some troubleshooting we found a very easy solution, but it was not that obvious or very well documented. When the OVA has been deployed you have to check the DNS resolution for all internal and external names and make sure the PTR record (reverse resolution) is working. It’s critical that no aliases for the names are configured, the reverse resolution is working fine and no other records (MX,etc.) are configured. Now comes the important part: while completing the console-based configurator menu after starting the vApp it’s absolutely important to enter – when asked by the wizard – the EXTERNAL name, i.e. horizon.yourcompany.com as the Horizon FQDN and NOT the internal name, i.e. horizon.justforinternal.local. In other words enter the name which points to the loadbalancer and not the name of the Horizon gateway-ca.

Once that configuration was done, it worked like a charm!