NSX-v: understanding and overcoming DFW firewall rule maximums

In this blog I’m going into the deep down holes of the DFW firewall rule maximums of VMware NSX for vSphere. As the stated maximum on the configmax-website are soft-limits and not hard-limits. Let discuss what the hard limit of the amount of DFW rules is. Let’s start by talking about the Distributed Firewall (DFW). The Distributed Firewall The DFW is a firewall which operates … Lees verder NSX-v: understanding and overcoming DFW firewall rule maximums

Sticky berichten

PowerCLI: Enable VSAN on existing (stretched) vSphere clusters as autonomously as possible

Introduction During my career I’ve done quite some vSphere and VSAN implementations . The hardest part of implementing VSAN on a vSphere cluster is (usually) the network part. Especially in a stretched VSAN cluster configuration, there are some specific network requirements/best practices which should be followed, but because you don’t implement them on a daily basis you forgot some of the settings: you usually keep … Lees verder PowerCLI: Enable VSAN on existing (stretched) vSphere clusters as autonomously as possible

PowerCli: Creating VMK-if on the vmotion netstack on a DVS (with the correct gateway IP configured)

Good scripts are created out of frustration: And here’s a good example of this statement! I wasn’t able to find a script which was able to create a VMK-interface connected to a DVS, being a part of the vmotion netstack AND with a default gateway configured at the netstack-level (and not the VMK-if. The majority of the scripts (which I stole shameless from my collegeau … Lees verder PowerCli: Creating VMK-if on the vmotion netstack on a DVS (with the correct gateway IP configured)

PowerCLI: retrieve VMhost routes used for stretched VSAN clusters.

When configuring a stretched VSAN cluster, the VSAN VMkernel interface is connected to the “default” netstack and manual routes must be added which point to VSAN subnet gateways, which enables VSAN communication in a stretched cluster configuration. Without the additional routes add to the ESXi-hosts, communication to the witness appliance and the remote site is not working. This script below shows the manual added routes … Lees verder PowerCLI: retrieve VMhost routes used for stretched VSAN clusters.

PowerCli: bulk change ESXi root passwords with vCenter

sometimes you have to change the root password for all ESXi hosts.You can use the PowerCLI Set-VMHostAccount cmdlet. But this requires you to connect to each individual ESXi host, it cannot be run when connected to the vCenter server. So, I’ve created a (rather small) script which changes the root passwords for all (or a subset) of the ESXi hosts, which are connected to a … Lees verder PowerCli: bulk change ESXi root passwords with vCenter

Some Useful PowerCLI scripts for VVD DIY-deployments

This blog contains some useful PowerCLI script which make the deployment of a VVD (4.3) a lot easier. It’s not a complete deployment script, some adjustments are needed. for step Configure the Management Cluster in Region A for step Set SDDC Deployment Details on the Management vCenter Server in Region A for step Create a vSphere Distributed Switch for the Management Cluster in Region A … Lees verder Some Useful PowerCLI scripts for VVD DIY-deployments