So I just had to renew my letsencrypt certificate for my VCSA and ran into a few issues and I wanted to write them down here, so I will go through creating the cert and adding it to your VCSA in the below blog post. I will assume you have certbot only installed on your machine Let’s create our cert certbot certonly -d myservice.domain.com --manual --preferred-challenges dns --agree-tos -m mail@mail.com Of course make changes as needed from the above command, then follow the instructions to add a TXT record to your DNS provider Now comes the tricky bit of assemblying the certificate in a way that your VCSA will accept it and not choke, the below blog helped out quite a bit.

So I ran into an interesting issue today, I had provisioned a new k8s cluster using kubeADM but I replaced docker with containerD, everything was smooth and then I deployed prometheus and grafana using helm, and I noticed that I couldn’t connect grafana to prometheus I had installed istio so I thought that was the issue, maybe by default istio was messing with the pods network communication, but I also noticed that when I tried to install a dashboard from grafana I received an error, so the container couldn’t reach grafana.

I just wanted to write a post on the differences between VMware’s Linux based UMDS 6.7 vs 6.5, one big change is that postgres is no longer required in 6.7. So here is a quick walkthrough in installing UMDS 6.7.x I will be using CentOS 7 minimal, mount your VCSA 6.7 DVD inside your cent VM and copy the VMware-UMDS-6.7.0-10164201.tar.gz from the umds directory to anywhere you desire /tmp is a good place.

So I wanted to enable Syslog on my PSC’s, VCSA’s, and on my Esxi servers and while enabling Syslog on the PSC’s and VCSA’s are pretty straight forward I did run into a bit of an issue enabling it on Esxi. The big gotcha is make certain the service is running, and that the firewall rule is enabled to allow UDP 514 or TCP 514 “Outbound” just like the pics below.

So in my home lab I had to shutdown my server so I could add some memory and when I started everything back up I noticed that I few of my VM’s in my nested vSAN cluster had inaccessible next to them, so I started Googling around and I found the solution below: SSH into the vCenter that hosts your vSAN cluster(s) and then execute the below commands: rvc administrator@vsphere.local@localhost vsan.

So I had an issue trying to upgrade from ESXi 5.5 to 6.0, for some reason the upgrade process would not recognize the RAID 1 that ESXi was installed, after looking around I realized that the HP Smart Array firmware was on 3.x so I loaded the HP SPP which upgraded the firmware to 6.x, and viola, drive showed up during the upgrade process. Lesson here, keep your servers firmware up to date.

Ran into an issue today in which our gitlab server running in a docker container using VMware’s photonOS 1.x ran out of disk space on the /root partition by default this partition is only ~15GB; while the container was still running and I could log into gitlab I couldn’t clone any repos. The solution, simply add space to the disk in vCenter and boot the VM into GParted live an extend /dev/sda1 in my case, reboot, and all was good Thank goodness for GParted Live.

So I had to call VMware support today because I noticed on all of our Esxi 6.5 hosts when I attempted to run services.sh restart I received the following message “Errors: Invalid operation requested: This ruleset is required and cannot be disabled” which made no sense to me as I am accustomed to seeing all services restart when I entered that command. But after a brief communication with VMware support they informed me that that was the new expected behavior for that command, and in order to see the services restart, I need to run the following command " services.

So here is my home lab config while I’ve seen others use servers built from SuperMicro or Intel NUC’s I wanted to build a lab as cheap as possible, so I went to eBay and got old enterprise gear, and they are as follows: HP DL380 G5 server(1) HP DL360 G5 server(1) Cisco 3750-E switch(1)(24 1Gb ports + 2 10Gb ports) I am currently running Esxi 6.0 with 2 external PSC’s and 2 VCSA’s in enhanced linked mode, I am currently rebuilding my lab and the new config will be 1 external PSC and 1 VCSA running 6.

Hello All, over the next few weeks I will be adding some posts here around my home lab config and my move to 10Gb networking—I will lay out some of the pitfalls and lessons learned, and I will lay out my config. So let’s get started…