vRealize Log Insight Internal Certificate Expiration and Vulnerabilities

A lot of vRLI customers, including me, were caught off guard in recent weeks that a certificate is expiring on April 30th. I figured taking care of this shouldn’t be a big hassle, but I was wrong. VMware provided a long list of instructions for applying a workaround, which are linked below. Seemed like a lot of trouble for an internal certificate.

https://kb.vmware.com/s/article/91441?lang=en_US
https://docs.vmware.com/en/vRealize-Log-Insight/8.10/com.vmware.log-insight.administration.doc/GUID-89D2FDFC-2869-43C0-B6D6-23146DB5E4FE.html

https://docs.vmware.com/en/vRealize-Log-Insight/8.10/com.vmware.log-insight.administration.doc/GUID-C5144813-F22A-4476-9E0E-BEC5B60417BF.html

I figured VMware wouldn’t leave us all hanging and I decided to wait to see if a patch would be released before the end of the month. I am glad I did because patch 8.12 was released on the 20th. Applying the patch resolves all of the vulnerabilities (CVE-2023-20864, CVE-2023-20865) and the upcoming expiration of the certificate. I upgraded from 8.10.2 and had no issues with the upgrade. Very fast and straightforward with taking a powered off snapshot and applying the update through the web UI. Check out the link below for the VMware KB on this update.

https://kb.vmware.com/s/article/91831

The patch also provides more. vRLI is now VMware Aria Operations for Logs within the product. Will everyone call it vAOL? I figured the name change will happen sometime soon, but I didn’t think it would on a small patch. There are also a few other updates. Check out the link below for the release notes.

https://docs.vmware.com/en/VMware-Aria-Operations-for-Logs/8.12/rn/vmware-aria-operations-for-logs-812-release-notes/index.html

vExpert 2023 and VMware Explore

I was selected as a vExpert this year, which is my sixth year in a row. I need to step up my game to get ready for next year. I will get back to my roots with writing articles about issues I have faced.

VMware Explore was announced. It will be at the Venetian in Las Vegas on August 21-24 and then Barcelona on November 6-9. I am really looking forward to this year’s Explore. I think it’s going to blow up with being back in Las Vegas and with how COVID is nowadays. I really hope I can make it.

VMware Explore US 2022 Experience

I had a blast at VMware Explore US. There was a lot to do in a few days, especially with the event being one day shorter compared to past events. Registration went smoothly and good that materials pickup was now located directly by registration. The welcome reception and hall crawl were fun. This allowed more time to be spent in the expo area. The official party was at the Chase Center with great food which was a huge step up for the venue and food compared to VMworld 2019. This was some of the fun parts and now let’s dive into the meat of the event.

vSphere 8 and vSAN 8 were announced. I was glad to see VMware’s core products had announcements on stage during the general session. It’s been years since this has happened. I will write another article that goes into these new product versions. VMware Aria was also announced on stage. The Aria family includes familiar names, such as CloudHealth, Operations, Log Insight, Network Insight, and Automation. This is more than a rebranding and will offer a unified platform for cloud management called Aria Hub. There are also new solutions with Aria: Guardrails, Migration, and Business Insights.

There were many informative sessions. I stuck to my plan that I did the previous event with attending TAM sessions, which are not recorded and under a NDA so I will note some other sessions. Ariel Sanchez delivered the best presentation I heard during the event. He covered upgrading from vSphere 6.7 to vSphere 7.0 U3 and it’s all detailed in a GitHub repository of his. Session ’10 New and Exciting Things About vSphere That You Absolutely Need to Know’ was scheduled right after the general session. Prior to the event I figured it had to be about announcements in regard to the next major version of vSphere and it was! This was the only session I ever attended that was completely full and had to deny people from entering. vSphere 8 is all about the DPUs (Data Processing Units), aka smart NICs, and referring to Project Monterey. There are a lot of sessions that I will be watching over the next few weeks as there was only so many that I could squeeze in during the event.

I attended a couple of the vRealize Hands-on Labs Expert-led Workshops and learned a lot from them. They quickly filled up registering a head of time, but both of my labs had open seats so worth stopping by if not registered for future reference. Keep in mind these labs are a bigger time commitment and can be done at home. Therefore, you have to make sure it’s something you really want to do at the event and come with questions to ask the experts leading the lab. Computers are provided for these labs. The Hands on Lab course numbers are displayed on the content catalog so you can look them up after the event.

I wanted to spend as much time as I could in the expo to check out the products offered by the various vendors. Be sure to click on the panoramic photo of the expo hall that I have below. There wasn’t as many extravagant booths are previous years, but the products were there to shine and also the swag was generously given out. Cohesity and NetApp were very good to vExperts. Lego sets were the main giveaway for a lot of vendors and Zerto had the biggest of them all with the AT-AT set pictured below and a Millennium Falcon set.

The food was extremely better than the 2019 event. In 2019, there were sandwiches pretty much everyday in huge plastic containers. This time it was a hearty bowl of food three of the four days. There was 2-4 meal options everyday. It was also a lot easier to eat for people with some specific food allergies and mostly served in a compostable bowl. Breakfast was a little better than the past.

I won’t be at VMware Explore Europe in November, but I am eagerly awaiting what VMware will announce next at this event. Then will be interesting to see if there will be any changes to next year’s event with the Broadcom acquisition of VMware. I am exited to see VMware continue to develop it’s multi-cloud strategy and Explore is the place to be to learn it all.

VMware NSX-T Data Center Security 2022 Exam Preparation and Experience

I passed the VMware NSX-T Data Center 3.1 Security Skills Exam (5V0-41.21) in April and finally writing an article on it. I honestly cannot find what was my score. I don’t think I scored much over 300. Keep in mind this is a skill badge and not a certification. The only requirement for the badge is passing this exam. It is the only exam I have taken in the security track. This exam really does cover a lot of good day to day skills in NSX, such as DFW rules, IDS/IPS, URL analysis, the Intelligence Appliance, etc. It does not cover the plumbing of NSX. The exam guide is a very fair representation of what is on the exam. There isn’t a lot of distinct topics so that means you need to hyperfocus on what is on the guide. I couldn’t find a lot of study material for this exam. The best I found is Daniël Zuthof’s exam guide article. He did an excellent job of going over the exam objectives. I recommend completing the two Hands on Labs below. I had about 6 months of NSX experience going into the exam so some labs helped.

NSX SecOps – Foundation: Self-guided Workshop
NSX SecOps – Advanced

VMware Explore US Tips and Info

VMware Explore US is a little over a week away. I am excited to be flying out Sunday the 28th and registration is open on-site from 12p-7p that day. Then the event kicks off the next day. A few more parties have been announced so be sure to check out the party list again. The official event app has been released. Search your phone’s app store for ‘VMware Explore’. The food was not good at previous events and difficult for people with allergies to have a good meal. I found out that this year VMware has worked hard to enhance options for specials meals, which are available at the back of Moscone West, level 1. On top of that, if that isn’t good enough, they have vouchers that can be used at Trader Joe’s, which is a few minutes away from Moscone West. The vouchers can be picked up at the info desk. Last bit of info I have is that the Hands-on Labs Expert-led Workshop is providing computers to use. It’s tiring enough to talk around all day so great that you don’t need to lug around a laptop. See you in San Fran!

Use Your Own Domain with a S3 Static Website

At first, I couldn’t figure out why I couldn’t create a DNS record in Route 53 to my static website in S3. I saw that I needed to created an S3 bucket with the name of my domain. I thought I should be able to create a new record in Route 53 with an alias. For example, my S3 bucket is named allergeyfreejourney, but there was no S3 endpoint to select.

Then I realized what I did wrong. I read the documentation, but it didn’t hit me at first that the domain name needed to be the exact same. The bucket name needed to include the top level domain. Therefore, I created a new S3 bucket and added the .com this time. For example, my S3 bucket is named allergeyfreejourney.com. Bam! Now I was able to select my S3 endpoint.

Fun and Learning at VMware Explore 2022

VMware Explore US is this month! I am excited to be at an in person VMware event for the first time in three years. I have been planning out my schedule and it’s jammed packed as always. There are a lot of great sessions to chose from during the day and a lot of entertainment at night (party list).

Content catalog has 814 sessions, at the moment, spread across the four days and a VCDX workshop on Monday. Hard to do it, but I narrowed down what I could squeeze into my schedule. Keep in mind only up to three ‘Meet the Expert’ sessions can be added. I like to focus on sessions that I can apply what I learn as soon as I get back to work. Below is what I have on my schedule.

A First Look at Building Your Own Management Pack without Writing Code
Advanced Troubleshooting of ESXi Server 7.x for vSphere Gurus
Networking and Security Analytics, and the Evolution of the NSX Platform
Advanced Topics in VMware vRealize Operations
Automated VM Rightsizing with Ease
Advanced Topics in VMware vRealize Log Insight
PowerCLI and REST APIs – A New Beginning

The sessions I am most looking forward to are the VMware Code sessions that involve a NUC. The sessions are similar to what they did in 2019 with the Raspberry Pi sessions. You get to work on a NUC focusing on two different topics. There is limited availability for each session so register soon. If you are waitlisted, still show up. Worse case is you sit on the side line and listen to the presentation. If you are a vExpert and answered the program survey on attending, you will be given a NUC to take home.

VMware {code} Intel NUC Home Lab with Smart Sensors
VMware {code} VMware Tanzu on Intel NUC Lab Environment Setup and Application Building

The online events over the past two years were good filler, but it’s hard to match the networking that is done at this event. I am looking forward to learning from and hanging out with the best in the industry. I am sure the expo area will be full with vendors and a great party on Wednesday night hosted by VMware. I wonder what big announcements will be made and what artists will be at the official party.

VMware Skyline Advisor Pro Technologist Badge

VMware is offering free Skyline training and a Skyline badge. There are training modules and questions after each module. I spent around three hours to get through it all. Score at least 80% on the questions and you will earn the VMware Skyline Advisor Pro badge. The offical article for it called it a certification, but it’s deiniftely a badge. It took 6 days after I completed the course for it to show up on my Credly account. The course showed up on my course transcript summary in Customer Connect Learning. However, the badge did not display there and did not on myTransript at mylearn.vmware.com. All of my other certificates and badges are there.

Should receive a check mark after each module is completed.
Completed.

The first three modules are unnecessarily repetitive. The last three modules dive into more areas: API, security, and vROps intergration. I got the most out of the vROps intergration module since I did not know this was possible. vROps can display a dashboard with a subset of Skyline data. Though, this module doesn’t go deep enough to be able to implement this intergration and the documentation I found is spotty. I will do a separate article on this topic.

I recommend all VMware users to go through this course. It’s definitely worth the time. I am sure everyone will get something out of it and receive a new, shiny badge.