Monday, December 8, 2014

vcsa 5.5 with domain authentication

If you have joined the vcsa to a domain in the authentication tab of your vcsa administrative console, you do not need to add a STS SPN; you can use the machine account to add the identity source of that same domain.

What you do need is to go to your AD DNS and make sure the forward and reverse entries for the new VCSA and your AD have been created, and your VCSA has the proper DNS settings.

pics will come, but I have seen google lead me to believe I have to use a SPN, or that I have to add it as a AD LDAP source. None of these are needed if you already joined the VCSA to the domain; you could use them for additional domains.

Sunday, December 7, 2014

Nested ESXi in a physical ESXi quick sheet

First of all, hardware has to meet some minimum requirements

- your CPU should have VT (google the CPU, see the advanced technologies at the bottom, example:
- enable CPU VT option in BIOS (if you just did a BIOS update, check it again)
- this machine should have enough RAM for the physical ESXi and the nested ESXi (especially if you want to run more than one nested host to test all features of vcenter) and the VMs. I'd say 16GB is conservative, but definitely doable.

Recommendations so the VMs perform well
- SSD (if you have both SSD and spinning, move VMs you aren't using as much to the slower disk)
- at least 1 cabled gigabit
- plenty of ram

if the physical host is 5.0 and you are deploying nested 5.5

- choose rhel 5 x64 bit as OS when creating the nested ESXi VM
- I honestly only put a 1GB disk. if you need the logs, you can send them elsewhere using syslog.
- I choose vmxnet3 - intel should work too
- make sure you give it more ram (the default for rhel 5 is 1GB and the installer would fail)
- add the string vhv.allow = "TRUE"  to /etc/vmware/config in your Physical ESXi 5.0 host (with vi through SSH, for example)