vExpert 2018 and AWS Certified SysOps Administrator

I have two personal announcements that I am excited to share. I was selected as a VMware vExpert for 2018. One of my goals with this blog was it to assist in being recognized as a vExpert. I am happy I reached that my first year. There’s other contributions I made to the community that helped, such as the VMTN forums and VCAP Google+ community. Hopefully, I can be more active and achieve this status two years in a row.

vExpert-2018-badge

I passed the AWS Certified SysOps Administrator – Associate exam. One challenging aspect of AWS exams is the passing score changes without warning and the passing score to reach. I took the exam the last day the specific version was available and fortunately passed with a 91%.

Capture

Failed to retrieve pairs from SRM Server

I recently had a strange problem with SRM 6.5 when I tried to open it in the flash or HTML5 client.  Error said, “Failed to retrieve pairs from Site Recovery Manager Server at https://SRMaddress:9086/vcdr/vmoni/sdk. Cannot complete login due to an incorrect user name or password”. No service account passwords were recently changed. The error did not specify what user name failed.

SRMuser

I checked out SRM’s logs, which are located in C:\ProgramData\VMware\VMware vCenter Site Recovery Manager\Logs. I found only found one set of errors in the log. The message displayed another administrator, but nothing that SRM should be trying to use. A few messages in it were, “AuthorizeManager::AddCOnnection returned false for user…” and “Failed to login session…Insufficient privileges for user…”.

I could not find any information on any of the errors, except for a VMTM community post that saved me. The answer was so simple that I did not believe it would work until I tried it for myself. Daniel Soltau had a comment to login to vCenter at both sites in separate clients at the same time. It worked! SRM opened fine. I wanted to post this solution in hope that this reaches more people that have this strange SRM problem.

 

Passed VCAP6-DCV Design Exam

I finally passed the VCAP6-DCV Design Exam after about 4 months of studying. This makes me a VCIX since I passed the VCAP5-DCA last year. I do not recommend anyone to take this exam.

I thought I could be different than the many others that failed the test their first and second attempts. However, I was like a lot of other people. This exam is extremely difficult and has many flaws.

My biggest complaint was on a drag and drop question. I was frustrated because I studied a lot and from many different sources. I was surprised to not be familiar enough to even attempt to answer one question. I eventually figured out why I was not ready for the question. It was based on a 5.5 objective; Describe layered security considerations, including but not limited to Trust Zones. That objective is not on the 6 exam objectives. I used many different sources when studying and no one mentioned this topic. VMware should base the exam off of the objectives they list on their site for the respective version of the exam.

I have a smaller example of another flaw. A host is referred to by different words on various questions. Sometimes a host was called a server or node. One questions used the word server to refer a host and also for a virtual machine from what I gathered by the context of the question.

On the other hand, the deploy exam was straight forward and a rewarding experience. I gained a lot from it and knew where I stood when studying and taking the exam. The design exam is the complete opposite.

I see why many others, including VMware employees, recommend to not even take the VCAP6-DCV design exam. I completely agree. I highly recommend to take the VCP 6.5 and then take the VCAP on 6.5 if that’s what it takes to avoid the VCAP6 design exam.

vmware-certified-implementation-expert-6-data-center-virtualization

Cannot repoint vCenter to new PSC

VMware’s KB 2113917 for repointing vCenter to a new PSC within the same site on vSphere 6 is straightforward. Only requires one command to run on the vCenter Server. However, the repoint will not work if the proxy setting is enabled on the vCenter Server. This is a bug and hopefully will be fixed in a future patch.

Below is the error message after running the repoint command with the proxy enabled.

Validating Provided Configuration …

Failed to open connection https://FQDN_PSC:443/websso/ Error:

Please check the configuration and retry

Using curl to test the port connectivity was fine for port 443 on the PSC. I could even access the page that is in the error message. tcpdump between the vCenter Server and PSC showed information on the proxy. That is odd since the repoint shouldn’t need a proxy. The proxy is there so the vCenter Server can get out for updates.

The proxy can be disabled on the vCenter Server’s Appliance Management UI; https://:5480 Then go to Networking…Proxy Settings…Edit and uncheck ‘Use a proxy server’. Restart the vCenter Server and run the repoint command again.

Preparation for VCAP6-DCV Design Exam

I am studying for the VMware Certified Advanced Professional 6 – Data Center Virtualization Design Exam. I started to prepare for the exam this month and plan to take it in December. I had to hunt for good study material because VMware does not offer much. Only a blueprint, which is not even in a PDF. I contacted VMware education and was told the certification page with the blueprint is it. However, vMusketeers has made a spreadsheet with the blueprint. It includes the links that makes keeping track of studying easier because there are a lot of white papers to read. Also, check out the certification tab on the vMusketeers blog. There is additional information such as a practice quiz and useful links.

An absolute necessity is reading two articles on Jordan’s Roth’s blog; Scoring for VCAP6 Design Exams and VCAP6 Design Tips, Tricks and New Features. Read the comments on those two articles too. Jordan use to work for VMware on a team that created this exam. I think the information in those articles should be on VMware’s site so everyone has easy access to it. Here’s something funny Jordan said in one of his comments when someone questioned him. Jordan, “Well, since I designed the VCAP6 design exams myself, you can take my word for it or what you read somewhere else 🙂”

I highly recommend to watch the VCAP6-DCV Design Series on YouTube hosted by vBrowBag. They have a video for 11 of the 16 exam objectives. The videos are hosted by many VMware veterans and even some VCDXs. The few I watched so far have offered good, deep explanations.

There are two Google Communities to monitor; VCAP-DCD Study Group and VCAP6-DCV Design. The latter is more current. I recommend to spend as much time as possible to read every post, even if it goes back over a year ago when the VCAP6 was not yet leased. A lot of the 5.5 content is still every relevant.

Virtualtiers.net has a simulator, multiple choice questions, and drag/drop questions. I think it is based on the 5.5 objectives, but its worth going through to get a feel for the simulator and drag/drop questions. VMware has their official VCAP Datacenter Design Simulation, which is a Flash based walk through.

This should help someone get started on studying for the VCAP6-DCV Deploy exam. I will make an additional post after I take the exam. For now, I have plenty of content to keep myself busy for the next couple of months.

VMware vCenter SSO 5.5 Migration to PSC 6.0 Error

I am in the process of upgrading three vCenter Servers on 5.5 to 6. SSO was embedded on all three and SSO has been recently externalized to Windows Servers. The next step is to use the vCenter Server Migration Tool to migrate each SSO 5.5 server to PSC 6 appliance.

I went through the migration wizard and the migration was on its way. The PSC was deployed and the progress bar on the migration was moving along. However, when I opened the console for the PSC, there was an error; Upgrade EXPORT failed. Then the migration never finished.

UpgradeExportFailed

I ran the migration again with VMware support since they did not know what could be causing the issue. I opened up the console for the PSC as soon as it was deployed and there was a quick message to look at UpgradeRunner.log. However, there was nothing useful in that log. Then checked out upgrade-export.log.

There were network related errors in upgrade-export.log. I knew I inputted everything correctly into the migration wizard and there was nothing that would block communication between anything involved. The IPv6 address in the log stuck out to me. The SSO Windows Server had a IPv6 address, but the wizard never asked for anything IPv6 related. I disabled IPv6 on the SSO server, ran the migration again, and everything went well.

UpgradeExportFailed_Shell2

Here’s one way to view the PSC’s logs. At the PSC’s console, hit Alt+F1. Then type the commands below.

shell.set –enabled True
shell
cd /var/log/vmware/upgrade
less upgrade-export.log

Moral of the story is to disable IPv6 on all VMware related servers before using the vCenter Server Migration Tool. Then enable it after everything is on 6. This is just to be safe in case any other of the upgrades or migrations have similar issues. VMware support said they will have a knowledge base article on this issue. When they do, I will edit this article with a link so everyone can check out the latest directly from VMware.

VMware Certifications

I have not been a fan of VMware certifications since they decided to make the VCP expire after only two years of holding the certification. To top it off, the policy was even for past certification holders. Everyone had two years before they had to pass another exam! If not, an expensive class would be required again before taking an exam.

After that being said, I have kept up with the game and took my VMware skill set to the next level last year by passing the VCAP5-DCA. I studied more for that exam than I have ever done for any other exam. I learned a lot from the entire experience. I took the exam on the 5.5 objectives so I’m not sure how relevant my advice would be now. However, I decided to post what I said on the VCAP-DCA Study Group in case it may help others.

I passed with a score of 347. I took the exam on Saturday and received my results in about 3 hours.

I, of course, ran out of time during the exam. I worked nonstop. I don’t know what would have happened if I stepped away to use the bathroom. I completed everything I knew and went back to the few labs I wasn’t sure about.

I obtained a lot of great information in this group. I went back to the beginning of the group and read everything. Other places I learned from was the VMware Press VCAP book, Jason Nash’s Plural Sight videos, Paul Grevink’s study guide, Josh’s lab, and other various blogs. I spent about 4 months preparing for the exam going over all that material and practicing in my lab.

I’m so happy to pass the exam. I learned so much from the experience. I’m looking forward to taking a break for a while. Then take the design exam on 6.

The next VMware certification I go for will be the VCAP6-DCV Design. That will earn me the VCIX-DCV because my first VCAP basically counts as the deploy requirement. I may try to squeeze in upgrading my MCSA 2012 to 2016 before my next VCAP.

 

 

VMware’s Cloud Strategy Finally Shaping Up

VMware has dominated on-premise virtualization for years, but has struggled in the cloud. Everyone knew vCloud Air was way behind AWS and Azure. I barely heard much about vCloud Air lately and not even a mention at the recent VMUG I attend.

First let me go over a couple sell offs in the past year. VMware sold its vCloud government service on August 31 to QTS. Then this month OVH announced it would like to buy vCloud air. Bye bye vCloud Air!

VMware has pivoted, which I think they have a better chance of being successful. That is with leveraging NSX in the cloud  and piggybacking off of already large, established cloud providers. They made the announcement during VMware world last year about their partnership with Amazon. Seemed like a rushed announcement since they didn’t have anything to show for a while. However, more technical information has been shared this year. Also, VMware has already been working with IBM Cloud and I heard plans for them to do the same with Azure.

I’m very interested in seeing how VMware will do with offering cross cloud architecture. Perhaps the cloud will not be siloed between vendors in the future. Check out The Fluffy Admin’s article on VMware Cloud on AWS for more information.

Review – Potomac Regional VMUG UserCon 2017

I always enjoy going to the VMUG UserCons. This year was no different. I attended my 5th UserCon on March 22. The Potomac Regional VMUG UserCon 2017 was at the Marriott Wardman Park in Washington, DC. This UserCon seemed smaller than previous years. Perhaps it was due to email notifications for the event only going out about 2 weeks prior to the event.

The keynote speakers were the best that I remember of all the Potomac Regional UseCons I’ve been to. Scott Lowe had a more serious speech in the morning compared to Chris Wahl’s jovial speech at the end of the event. Scott went into the ever changing IT profession and how the term DevOps is often missed used. DevOps is not a postion. It’s a collaboration between developers and operations/infrastructure professionals. Chris’s keynote seemed more like a motivational speech, which I appreciated and honestly needed to hear myself. He went into his journey on how and he started in IT and how got where he is today. Sometimes it’s hard to make that jump to the next level. He was advocating for everyone to get involved with GitHub in some way. Even if it is to point out a spelling/grammar error like he did with Docker.

On a lighter side, the food is always great at these events. Impossible to go home hungry. Started off with a standard breakfast. Lunch had many options and a couple desserts. Can always count on cookies in the afternoon too. They even had milk this time to go along with the cookies this time. Finally the open bar and hors d’oeuvres at the end was a nice finishing touch.

There were a few breakout sessions that I enjoyed. Usually vendors are of course doing most of the presenting and it’s geared towards their products. However, once in a while, there’s a presentation hosted by a vendor that is not specific to any product they offer. This year Rubrik’s session titled Auditing and Enforcing a Consistent vSphere Configuration using PowerShell and Pester. This fits what I just described. On top of doing a keynote, Chris Wahl hosted that session. The title of the session describes the project well and you can check it out further on GitHub.

I also enjoyed the two VMware host sessions. The first one I attended was VMware Cloud on AWS. I was happy to finally receive more details on the AWS and VMware Cloud collaboration. I haven’t seen more information until the past couple weeks. I should do a separate article to dive more into this topic. Josh Townsend presented the last VMware session I attended which was on VMware Cloud Foundation. Not really a product I would use, but interesting to see how far it was come. Definitely a much easier way for a company to get into virtualization. Can have vCenter, vSAN, and NSX up and running in a day without too much effort. Comparably speaking to someone setting up and configuring all that in a traditional way.

The VMUG leaders hosted another great event. Many thanks to all that are involved in organizing the event and to all the sponsors. Always great to network with my peers, see what vendor’s are offering, and have a change at winning a raffle prize. Speaking of the latter, I was not as lucky as I have been in the past, but there was a lot of cool stuff being given away. As always, everyone walked away with a bag full of swag. I absolutely enjoyed my time at the Potomac Regional VMUG UserCon and looking forward to the next event.