vToolbelt – July 2021
I know many are looking to upgrade to vSphere 7.0 Update 2. If your hosts use USB Boot Media (SD-Cards, USB Sticks, etc) there is some important information you need to read and action you should take before you upgrade.
Read on in this newsletter for the details you need to know…
VMworld 2021 will be from October 5-7 and is on-line. You can register for free on VMworld.com.
- July 20th – The Content Catalog becomes available – This allows you to start figuring out which sessions you want to attend
- September 14th – Schedule Builder launches – This is when you can actually register for sessions. Some popular sessions fill early, so don’t delay!
In addition to the General pass (which is free), a Tech+ Pass is available for $299/individual. If you are curious as to the differences, a comparison of the General and Tech+ passes is available.
vSphere 7 Upgrade Notes
I am hearing of two different issues that customers are running into with vSphere 7 upgrades and wanted to pass the info along.
VMFS Corruption after Boot Device cloning – Some customers have been closing boot LUNs to speed up their deployment of new hosts. This is not supported as each ESXi install has a Universal Unique Identifier (UUID) which is used in VMFS operations to allow for multiple hosts to share a datastore safely. When a boot device is cloned the UUID is cloned as well and can lead to corruption in VMFS datastores. See KB 84349 for the full details.
USB-Based boot Devices & vSphere 7.0 U2 – Before you upgrade to vSphere 7.0 U2 take a moment and verify how your ESX hosts boot. If your hosts are using USB-based boot devices (SD cards, flash drives), you will want to review the following information before upgrading. If your hosts are booting from some type of disk (hard disk/nvme/ssd) – this does not apply.
In short, vSphere 7.0 U2 changes how ESXi writes to the operating system partitions of the boot device and customers may run into issues with storage devices that are not high endurance. If you have hosts that boot from SD cards or USB sticks, I recommend you contact your hardware manufacturer to verify they are high-endurance devices. Customers with lower endurance devices, or devices that are nearing the end of their lifecycle have run into host PSOD issues.
For the full details, you will need to read up on the changes in ESXi System Storage. The vSphere 7.0 Update 2 VMware ESXi Installation and Setup Guide, page 12, specifies that the ESX-OSData partition “must be created on high-endurance storage devices”.
I know many customers use USB-based devices (thumb drives or SD cards) to boot their hosts and some are finding out the devices they have are either old (and nearly worn out) or not truly high-endurance.
Currently, information about the internal SD cards can’t be checked on the VMware Compatibility Guide, as they are not listed separately from their servers. Please be aware that the hardware vendors are responsible for managing and updating their information listed in the compatibility guide.
KB 83376 – discusses the issue some customers are seeing
https://blogs.vmware.com/vsphere/2020/05/vsphere-7-esxi-system-storage-changes.html – This article details the changes and provides links to information on the new boot device requirements (goes along with the ESXi Installation and setup guide link above).
Product Support Watch
Horizon View / Workspace ONE
- Dynamic Environment Manager 9.9 – 9/17/21
- Dynamic Environment Manager 9.10 – 12/12/21
- Horizon 7.10 ESB – 9/17/21
- Identity Manager 3.3.2- 10/17/2021
- Workspace ONE Access 20.01 – 7/30/21
- Workspace ONE UEM Console 2001 – 8/26/21
- Workspace ONE UEM Console 2003 (SaaS Only) -9/6/21
- Workspace ONE UEM Console 2004 (SaaS Only) – 10/3/21
- Workspace ONE UEM Console 2005 (SaaS Only) – 12/10/21
- Workspace ONE UEM Console 2006 (SaaS Only) – 12/17/21
- NSX Advanced Load Balancer 18.2 – 8/31/21
- NSX-T Data Center 2.5 – 9/19/21
- HCX 3.5.3 – 10/30/21
- Lifecycle Manger 8.0, 8.1, 8.2 – 10/17/21
- Log Insight 4.8 – 10/31/21
- Log Insight 8.0, 8.1 – 10/17/21
- vRealize Operations Manager 7.5 – 10/31/21
- vRealize Operations Manager 8.0.1, 8.1 – 10/17/21
- vRealize Network Insight 5.0-5.3 – 10/31/21
- vRealize Orchestrator 8.0-8.2 – 10/17/21
- Fusion 12 – 12/14/21
- Workstation 16 – 12/14/21
- Site Recovery Manager 6.5, 8.1, 8.2 – 11/15/21
- vSphere Replication 6.5, 8.1, 8.2 – 11/15/21
Notes from the Field
vCenter Vulnerability from June
In case you missed this news from my June newsletter, VMware has released information on a critical issue affecting Plug-ins on vCenter Server. VMware recommends that customers patch or implement the workaround as soon as possible. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in multiple plug-ins in vCenter (some of which are enabled by default). VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. The full notice (including list of plug-ins) can be read at https://www.vmware.com/security/advisories/VMSA-2021-0010.htmlThis affects certain versions of vCenter Server (Windows and the VCSA alike). The work around is to disable the affected plug-ins in vCenter – KB 83829. This does impact management and is considered a short-term stop gap.
If your environment is configured with external Platform Service Controllers (PSCs), you will need to consolidate those to the embedded configuration before you upgrade to vCenter Server 7. This process is known as Convergence. VMware has a recording of a webinar that discusses Converging External PSCs.
For those using vRealize Operations, there is a free dashboard you can download which will identify hardware and configuration issues in your environment.
If you run Horizon (or are thinking about it), you may want to check out this Free VDI Design Guide E-book.
Looking for other ways to stop phishing and malware attacks? Check out this Technical Deep Dive on VMware Carbon Black.
Free Training Courses: