VMware KB: Registering NSX Manager to vCenter Server or configuring the SSO Lookup Service fails with the error: nested exception is java.net.UnknownHostException

VMware KB: Registering NSX Manager to vCenter Server or configuring the SSO Lookup Service fails with the error: nested exception is java.net.UnknownHostException.
I have seen this error with customer installations. Even if you don’t run across the error, this KB contains very succinct instructions for troubleshooting basic infrastructure requirements for NSX Manager.

VMware KB: Creating an NSX logical switch fails with the error: Unable to allocate an available resource

VMware KB: Creating an NSX logical switch fails with the error: Unable to allocate an available resource.

A couple of students mentioned this error during a lab in the VMware NSX: Install, Configure and Manage class this week.

The issue is simple to create and remedy. Logical switches are assigned VNI (VXLAN Number Identifier) from a Segment ID Pool. If the Segment ID Pool is not configured before you try to provision a logical switch then you will get the “Unable to allocate an available resource” error. The resolution is to configure the Segment ID Pool before attempting to create Logical Switches.

VMware NSX Links from Sacramento VMUG

Recently I was one of the presenters at the Sacramento VMUG. The topic of the night was Networking and VMware NSX. At the end of my time, I promised a list of web links to VMware NSX resources. Here we go:

VMware Walkthrough for NSX: http://featurewalkthrough.vmware.com/NSX/ – If you are not familiar with the VMware Walkthroughs; this is essentially a guided tour of the products and features.

VMware Hands-on Labs for NSX:
http://blogs.vmware.com/networkvirtualization/2014/09/new-vmworld-2014-hands-labs-vmware-nsx-goodness.html – This is an introductory Blog Post that describes each of the new labs from VMworld 2014.

Here are links to the individual labs:
HOL-SDC-1403 – VMware NSX Introduction: http://labs.hol.vmware.com/HOL/catalogs/lab/1483
HOL-SDC-1425 – VMware NSX Advanced: http://labs.hol.vmware.com/HOL/catalogs/lab/1485
HOL-SDC-1424 – VMware NSX in the SDDC: http://labs.hol.vmware.com/HOL/catalogs/lab/1484
HOL-PRT-1462 – Virtualized Data Center Security: VMware NSX and Palo Alto Networks Next Generation Virtual Firewall: http://labs.hol.vmware.com/HOL/catalogs/lab/1514
HOL-SDC-1420 – Openstack with VMware vSphere and NSX: http://labs.hol.vmware.com/HOL/catalogs/lab/1478

VMware NSX product page: http://www.vmware.com/products/nsx/

VMware NSX 6 Documentation Center: http://pubs.vmware.com/NSX-6/index.jsp

VMware Education: VMware NSX Training and Certification

Pluralsight Video Training: VMware NSX for vSphere Introduction and Installation by Jason Nash

Technical Papers:
VMware NSX Network Virtualization Platform Whitepaper: http://www.vmware.com/files/pdf/products/nsx/VMware-NSX-Network-Virtualization-Platform-WP.pdf
VMware® NSX for vSphere (NSX-V) Network Virtualization Design Guide: https://communities.vmware.com/docs/DOC-27683 – This design guide has recently been updated. Check this link and download the latest version.

VMware NSX YouTube Channel: https://www.youtube.com/user/vmwarensx

VMware NSX on Twitter: https://twitter.com/vmwarensx

VMware NSX Community: https://communities.vmware.com/community/vmtn/nsx

Blogs:
VMware’s Network Virtualization Blog: http://blogs.vmware.com/networkvirtualization
Network Heresy: http://networkheresy.com/ – This is the Who’s Who for network virtualization – Check out contributors!
Brad Hedlund: http://bradhedlund.com/category/network-virtualization/
Chris Wahl’s Wahlnetwork blog: http://wahlnetwork.com/tag/nsx/
Hany Michael’s Hypervizor blog: http://www.hypervizor.com/nsx/
DailyHypervisor: http://dailyhypervisor.com/ – Complete SDDC and integration!
Roie9876: http://roie9876.wordpress.com/
NSX Tech: http://nsxtech.net/
Virtualization Warrior: http://www.m80arm.co.uk/
Data Center Notes: http://www.dcnotes.net/

I am certain there are many more blogs/links for NSX. If you have a favorite that I haven’t included, leave a comment and I will add them.

VMware KB: Unable to open a virtual machine console using the vSphere Web client in VMware vCenter Server 5.5 update 2

VMware KB: Unable to open a virtual machine console using the vSphere Web client in VMware vCenter Server 5.5 update 2.

This KB article restates an item from the vCenter 5.5 Update 2 release notes:

Virtual machines with HTML 5 console in vSphere 5.5 open connections with http:// instead of https://
When the HTML 5 console is launched on a virtual machine, it uses connections like http:// and web sockets like ws:// instead of secure connections like https:// and wss://.

This release resolves the issue by launching the virtual machine console with secure connection over port 7343 instead of the connection over port 7331.

This was a welcome change, but it introduces a potential connectivity issue for those who don’t read the release notes!

Here is a link to the release notes:  https://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-55u2-release-notes.html#networkingissues

Here is the top level KB article for required TCP and UDP ports for vSphere products. Notice the left hand column where the version numbers are listed!
TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, and other network components

 

VMware KB: Configuring syslog server for VMware NSX for vSphere 6.x controllers

VMware KB: Configuring syslog server for VMware NSX for vSphere 6.x controllers.

This is an interesting KB article. Please notice that the method for configuration is an API call! This is built for automation!

FYI, You configure the NSX Manager appliance to use a syslog server with a web browser.

NSX-manager-settings

Select “Manage Appliance Settings”

nsx-mgr-syslog-config

On the Settings > General page, click the edit button in the Syslog Server portion of the page.

NSX-Manager-syslog-dialog

Enter the DNS name or IP address of your Syslog server, then click OK.

 

Working with Linux based virtual appliances

Recently I have been getting ready for upgrades and deployments of vSphere 5.1/vCloud Suite 5.1 in my lab abd at client sites. I have used the ESX Deployment Appliance for several years and have had good luck with it. This time I ran into an issue that caused me to remove and reinstall the virtual nic on the EDA appliance. I noticed that the ifconfig output looked odd and remembered that I should make sure that /etc/udev/rules.d/70-persistent-net.rules doesn’t have any entries with “old” MAC addresses, particularly for “eth0.”

As I was troubleshooting the “network is unreachable” error, I did a search and found a reference to documentation I used to regularly provide to customers that were deploying Linux VM’s from templates…

Remove network configuration
The MAC address of the VM’s virtual nic is written into the udev persistent rules and needs to be cleaned out as the cloned vm will have a different MAC address.
/etc/udev/rules.d/70-persistent-net.rules
Remove entries containing “eth0”

It had been a while since I wrote that and I am glad I still had it.

As soon as I cleaned out the old entries and restarted the VM, the networking came to life and I am now back to work!

New VMware network technical papers published

Network Segmentation in Virtualized Environments

As virtualization becomes the standard infrastructure for server deployments, a growing number of organizations want to consolidate servers that belong to different trust zones. The demand is increasing for information to help network security professionals understand and mitigate the risks associated with this practice. This paper provides detailed descriptions of three different virtualized trust zone configurations and identifies best practice approaches that enable secure deployment.

DMZ Virtualization Using VMware vSphere 4 and the Cisco Nexus 1000V Virtual Switch

This paper tackles the subject of DMZ security and virtualization. It covers a number of DMZ security requirements and scenarios, presenting how vSphere users can implement the Cisco Nexus 1000V virtual switch in a DMZ.