Browse Category


VMware products

How to forcibly delete an NSX-T 3 Segment

I recently ran in to a problem where i couldnt delete an NSX segment so i went exploring the API. The API guide can be found here

The method used is delete policy/api/v1/infra/segments/{segment-id}?force=true

It would look like this in Postman:

To list the segments we can use a get request towards /policy/api/v1/infra/segments/

Creating a customized Snapshot as a Day 2 Action in vRA 8.2

I wanted to give my users the capability to create a snapshot but limit them to only 1 snapshot and have a predefined description from the snapshot so i can know that it was taken from vRA.

For the purpose of this i will be using a customer workflow in Orchestrator and Resource Actions and in Cloud Assembly.

Since Orchestrator comes with a number of pre defined workflows in always like to jump start by find something thats similar with what im trying to do. For the purpose of this we will be using the Create Snapshot Workflow.

To get started we can go to Orchestrator -> Workflows -> search for Create a snapshot. Once found we can click on Actions -> Duplicate

We can see that a Copy has been created. We will modify this so it can fit the custom specifications required.

Click on Open on the Copy:

Change the name to something more meaningful like VM Snapshot

Click on Variables, select all the variables and click Delete

Click on New, give it a title like errMachineHasSnapshot and a value thatw ill displayed if a VM has an existing snapshot like The virtual machine already has a snaphost. Please delete this snapshot before trying this action again. Click Create

Click on the Schema tab and delete the existing items by clicking on the red x on the top right corner

Drag and drop from the left a Decision, throw exception and a workflow element in to the canvas

I named the first step VM Has Snapshot?. Under inputs i added vm. It would look like the screenshot below

Under the javascript we will be using this code

    var snapshots = System.getModule("").getAllSnapshotsOfVM(vm) ;  
    if (snapshots == null || snapshots.length == 0) {  
      // No snapshots found; proceed with creating a new one  
      return true;  
    } else {  
      // Found at least one snapshot; end the workflow  
      return false;  

The error handling Exception Handling we will be using the previously created errMachineHasSnapshot

The workflow element should look like this after selecting the Workflow Create a snapshot

The next step is to fix the inputs. We will be removing the Choose the VM tab by clicking on the x

We will be replacing the first item with vm and the display type

It should look like this:

In the end we should have the following:

Next go to Actions and click on New Action

Give it a Name and a Module name

Under Script type in

var allVms = VcPlugin.getAllVirtualMachines();
for (var I in allVms) {
    if (allVms[I].name === name) {
        return allVms[I];
return null;

Under the Return type enter VC:VirtualMachine. Under the Inputs type in name and click Create on the bottom left

Once were done we can save it and move on to Cloud assembly to create the resource action

Go to Cloud Assembly -> Design -> Resource Actions click on new resource action

In the name field type something like CustomSnapshot, Display name VM Snapshot, give a description and toggle the activate switch to on

Under Resource type click on add pick Cloud.vSphere.Machine

Under Workflow click Add and pick VM Snapshot

In the Property Binding pick getVmByName action and under string enter ${properties.resourceName}

On the bottom click on edit request parameters

click on vm and change the Label to Reason and Display type to DropDown

Under Values Type in the options that you want to have shown Separated by , ex: Patching,New Release

Under Constraints make it as required by Picking Yes in the required field

The other fields and options can be modified as needed

Once everything is saved we can test out the Day 2 action by going to an existing deployment and trying to create a snapshot. We can see in the menu an additional option all the way to the bottom:

When choosing the option we can see the custom form that we filled in earlier

Adding events from vCenter to Operations Manager

I recently ran in to a situation where one of the events in vCenter wasn’t showing up in Operations Manager

Doing some research and i found this kb article: 65106

Basically theres a file called eventlist.txt under /usr/lib/vmware-vcops/user/plugins/inbound/vmwarevi_adapter3/conf/ on the master node so i logged on to master node via ssh and did

vi /usr/lib/vmware-vcops/user/plugins/inbound/vmwarevi_adapter3/conf/eventlist.txt

Comment out the event that we want to get alerts for and restart the service by running

service vmware-vcops restart collector

Removing NSX stale packages from ESXi host

I recently ran in to a problem where i wanted to perform a clean configuration of one of my ESXi hosts from an NSX perspective, however i ran in to a problem where NSX was reporting that the packages are already installed. To fix the issue i had to run the following to list the packages installed:

esxcli software vib list | grep -i nsx

Once i had the list all i had to do is uninstall them using:

esxcli software vib remove -n packagename1 -n packagename2 ...

Once the uninstall was complete i was able to redeploy NSX from the NSX Manager

Patching\Upgrading ESXi 7 to ESXi7U1 via esxcli

With the latest release of ESXi7U1 i wanted to get my lab up to date. I dont have enough resources in my lab to migrate the vCenter to another ESXi server so i want to perform the upgrade via cli. More details about the release can found here

The first step was to open the firewall for outgoing traffic for http

esxcli network firewall ruleset set -e true -r httpClient

Second step was to list the updates by executing

esxcli software sources profile list -d | grep -i ESXi-7

This returned a list of updates that were available:

I reviewed the downloads website here to double check the version. Based on the information i found the ESXi-7.0.1-16850804-standard is the latest release

The next step was to run the update by executing

esxcli software profile update -p ESXi-7.0.1-16850804-standard -d

If you run in to the below error follow my other post here:

Once the upgrade was complete i was presented with this output:

The installation reports that a reboot is not required however the new version wasnt reflected in my vcenter so i went ahead and rebooted the server

After the server was back up, checking in vCenter, the server reports build 16850804

ESXi No space left on device error when upgrading

While i was trying to perform an upgrade to my ESXi installation i ran in to the below error:

The fix was pretty simple. The hypervisor doesnt have enough space to download and install the package so we need to enable one of the available datastores for the function.

For vCenter go to the host in question to Configure -> System -> System Swap

While reviewing the configuration i noticed that i had 2 options enabled

Clicking on the edit button on the right corner i noticed that i can add one of the datastores

After i Clicked ok i was able to continue with my upgrade

Upgrading VCF to

With the release of of VCF 4.1 i wanted to get my lab upgraded. The release blog can be found here and the release notes are here

In my case i pre downloaded the VMware Cloud Foundation Update by going to Repository -> Bundle management -> Download now

The next step is to upgrade VCF by going to Inventory -> Workload Domains -> Select the workload domain -> Update/Patches -> Update Now

Next we are taken to the Upgrade page where we can follow the upgrade for each one of the components

Once the upgrade is complete we can click Finish to be returned back to the main screen

Because we are changing the SDDC-Manager version i would strongly recommend to clear cache and log back in before going forward.

The next update is the configuration drift bundle. We can go to nventory -> Workload Domains -> Select the workload domain -> Update/Patches -> Download now

Once the download is complete click on update now

Once the upgrade started i got redirected tot he Update status page. Considering the update is only 204 MB the upgrade went through pretty quickly. Once its completed we can click finish to get back to the main sddc manager page

Next step is to upgrade NSX-T installation to NSX-T 3.0.2. Click on Download now from the same page as above

Once the download is complete click on Update Now

We can view the status and the steps by clicking on View Status. Once the upgrade is complete we are redirected back to the available upates page showing that the vCenter server is next

Click on Download now and wait for the download to complete. Once the download is complete click on update now

We can view the task by clicking on View Status

Once the upgrade is complete we are taken back to the previous page where we can see that the ESXi servers are next. Click on Download Now

Once the download is complete we can click on Update now

If we have multiple clusters we can enable Cluster-level selection and select the specific luster(s) we want to upgrade.

We can also enable sequential cluster upgrade as well as quick boot

We get to review the options once again before we click finish to to submit the task

Once submitted we can view the status by clicking on View Status

And with that we are finished with the workload domain. We can get back to the Update/Patches page to see that there are no more updates available

Next is the Workload domains where we can follow the same instructions as above. The process will be allot quicker because the upgrades are already downloaded

Unable to Sync Lifecycle Manager ‘integrity.fault.HostPatchInvalidVendorCode’

After upgrading my vCenter Server to the latest vSphere 7.0 Update 1, I was unable to see ESXi 7.0 Update 1 Image. When I attempted to sync the updates I got the error “Download patch definitions task failed while syncing depots. Error: ‘integrity.fault.HostPatchInvalidVendorCode’.”

Seeing as the error mentioned the depots, navigate to Menu->Lifecycle Manager and then select the Settings tab and then Patch Setup.

Select the radio button for Partner provided Addons for ESXi and click Disable. Proceed to click on Action and then Sync Updates. The sync should now complete successfully.

vCLS not starting with Insufficient resources message

With the release of vCenter 7 Update 1, VMware introuced the vCLS (vSphere Clustering Service). More information can be found here.

Looking at the error details it looks like it is looking for a feature called cpuid.mwait

Reviewing the VMX file it seems like EVC is enabled on the vCLS VMs. I didnt want to enable EVC on the whole cluster so i wanted to do it only on the specific VMs.

Doing some research i found that the VMs need to be at version 14. After upgrading the VM i was able to disable EVC on the specific VMs by following these steps:

In the vSphere Client, navigate to the virtual machine

Under the Actions -> Compatibility -> Upgrade VM compatibility

We can disable EVC on per VM level on version 14 and above, so in my case i chose ESXi 6.7 and later

Next go to the Configure Tab

Pick VMware EVC and click on Edit

Click on Yes

Click on Disable EVC and Click OK

The next time it tries to power on the VM it should go through.

Once the first VM starts up it will most likely deploy a few additional ones, follow the same steps as above again on the new VMs

Extracting SSL Thumbprint

I recently ran in to an issue where i had to re-register my NSX server with vIDM.

The ask was to extract the Thumbprint from vIDM. The command i ran to extract it was:

echo -n | openssl s_client -connect hostname:443 2>/dev/null | openssl x509 -noout -fingerprint -sha256

This can be used across multiple products where the Thumbprint needs to be extracted