The Life of a Home Lab…Rookie

Normally my blogs are more technical and at least get the information accross about how to do different things within VMware’s toolbox. Today, I’m starting a series(ish) on doing a homelab. Yes this is new for me and i’m working through some basic things i havn’t had to do since ESXI 5.5. SO there is some learning to do. Thoughts so far

  1. Distributed switches… where did they go??
  2. Oh man supermicro boot delay is killing me…
  3. Cable management… this is why i got into coding…
  4. Networking… should the edge go to the router to the system or a different way?

These are all thoughts that went through my brain. Not very helpful i know, but maybe some of this can help those like me, who spend all their time in already built enterprise solutions, has a rack/stack team that bring the server up, then a networking team to add the needed networking.

But, thats the annoying, The good is I’ve got some great stuff to dig into and to worth through. I’m going to be slamming through this now and getting this done. First though..

The Setup

Current List of assets:

  1. 3 Supermicro E200s
  2. 1 Ubiquity edge switch
  3. 3 Samsung nvme SSDs for storage
  4. Alot of cables


So first things first, I put the SSD into M2 slot on each of the machines. There was two philips screws on the back, then an overhead plate covering the ram/SSD slot etc. Once i removed that i was able to access the screw that would hold the SSD in place.

Cabling the three with the switch wasn’t too bad, I purchased a miniature server case to put everything in from amazon. It doesn’t look too bad, I pulled a 1×6 from the garage and built a table with no topper to allow cables to come up from the bottom. Pictures incoming!!

This slideshow requires JavaScript.

So cabling is completed, and everything is “racked”… lol

ESXI 6.7

YUP, Lets get to imaging.

For those that did anything with Supermicro the pain of that 1 ms default boot screen is rough. Immediately save yourself the pain and change that to 10000 once you get through the bios.

I wont go through the settings etc for imaging ESXI because its pretty well documented and not too difficult.

However, Imaging for VCSA has been a bit of a sludge for me, but again, there is alot of already written documentation. Heres a good youtube vid that will lead you the right way.

Which leads us to where we are currently… I’m trying to figure out how to setup networking and get it setup properly.



VRealize Deployments: Part Two – The Network

So this is FAR overdue.. Sorry about that. In Part one we basically looked through setting up an AD structure for the computer object and setting the machine to install and join domain. Basic stuff really, but going from a purely manual build to this process pretty sweet. Here is the next part. IPAM, and the Network.


There are a lot of solutions out there for IPAMs, from Solarwinds, to Infoblox the IPAM space has a lot of prospect. Some even use an excel spreadsheet right out of the 90s. Well, In all these prospects the built in Network Profiles of VRealize Automation can definitely make your life easier.

The research

The first thing you need to do is get a block of IP’s. Lots of different ways to do this. If your IPAM solution is extremely trusted you would go through that solution and reserve a block(depending on your resources for the VLAN, would determine the size of the block). From here you would need to go to VRealize portal to create your profile.

  1. From the login of the portal you will go to “Infrastructure” -> “Reservations” -> “Network Profiles” and click “New” -> “External”network1
  2. From here you will create a Name for the profile(this will be used later). Description. IPAM endpoint for this will just be the internal IPAM. Select the proper Subnet mask from the drop-down and input the Gateway.network2
  3. On the DNS tab you will input the Primary  and  Secondary DNS, DNS suffix, DNS Search Suffices and any appropriate WINS inputs.network3
  4. Finally you will input you IP block. Inputting the Name, Description, Start IP and End IP.
  5. Next you will need to set this in the Reservations.
  6. On the Infrastructure tab go to Reservations, and select the reservation that will be using that profile. On the Network tab of the Reservation click the drop-down to select the newly created profile.                                    network4
  7. Now Save your settings.
  8. Now you can go to Design and create a new blueprint to take advantage of your profile.                                                                                                        network5
  9. On the blueprint Canvas to the left, select Network & Security and drag over Existing Network. This will put a new item on the canvas to go with your machine type.                                 network6
  10. Click the “…” and select the profile that should be utilized for the machine.network7
  11. Now Click on the Machine Item and go to the Network Tabnetwork8
  12. Select the same profile on the machine, and click OKNetwork9
  13. You should now see a link on the machine, and that machine will not pull from that IP block for its IP settings.

Pretty awesome in my opinion and far superior to 5 custom properties. VMware has really done a lot to help engineers get the best out of their solution.

Now the next step follows what needs to be adjusted in your IPAM solution, weather that is to set the IP to a specific setting or call it and adjust some notes. This is specific to your environment and to your solution. I would suggest an extensibility subscription that runs on deployment/Destroy and adjusts as needed. Both Infoblox, and Solarwinds have good plugins for vRO along with custom API calls that can be utilized to solve these issues.

Thanks for reading! Hope this helps!

Docker runs on Windows 2016 Core

So I’ve read alot of blogs out there for getting ready for containers, but since I’ve hated anything dealing with fruit and tech for so long, I’ve disregarded a whole side of scripting. This is something I’m remediating in further blogs, but for this one, lets focus on Windows 2016 non-desktop experience containers…. And throw in some vRA because its fun…


So first you need to get your hands on a Windows 2016 iso. From my research the nonn-desktop experience is built-in to the basic ISO(HUZZAH).

Go through the normal Setup for your environment to setup a new machine in vSphere or whatever IAAS your using.

Once you can Console in you’ll be greeted with a familiar friend:docker1Thats right friends, its OLD SCHOOL TIME!

So set a password thats totes legit, and get to work. Once your in the cmd prompt its time to whip up an old friend:


YUP, Sconfig will setup everything from here on out in terms of firewall, domain, ip, etc. For this purpose I’ll just set the ip on the machine.

The Docker

Now run the following
Install-Module DockerMsftProvider -Force

This will ask for confirmation so hit the ‘Y’.docker2
Now run the next command:
Install-Package Docker -ProviderName DockerMsftProvider -Force

This will finish up the docker install and you will probably want to reboot the machine.

GREAT Docker is now installed and your ready to go! not really…

For people like me, you want to get Docker within a centralized management(VRA would be nice). So for this you need to continue some setup.

The Management

First you would create the docker config file otherwise known as “daemon.json”.

Run the following to create the file:
CD C:\Programdata\docker\config
New-Item -ItemType 'file' -name daemon.json

This creates the blank file. Now to populate it. First stop Docker service…
Stop-Service docker

Now run “notepad” and open the file. Insert the following
"hosts": ["tcp://", "npipe://"]

Where = your Ip address.

Finally run,
docker trust key generate role

Where role = the role of the public key. Once created open the key (the command should show you where) in “notepad” and copy from “—-” to “—–“. Now login to vRA.

On the “Containers” tab go to “Identity Management” and click on the “+CREDENTIAL”docker6Create a name for the creds(this will be used later) and paste the public Key that you copied from creation in the text field.

Now on the “Containers” tab go to “Container Host Clusters” and click on the “+CLUSTER”docker7This should create your Docker Container Master.Docker8

From here you can pull from the registry to build a “hello-world” container and deploy it from vRA


Installing a core OS can be difficult for those that don’t remember those days(i had to google myself). Installing VMtools can be difficult… Mount the Tools on the OS and run the following on the disk drive:
.\setup64.exe /s /v "/qn reboot-r"

Happy containering!

Custom Forms = Custom Naming?


So the code I used has a bit of a bug. When going from 1 digit length up to 2 it adds the 0 to it still. I believe its based off the default “inum” in the code. I’ve updated the code below. Notice, I went a different route, so that I can run if/else clauses per length as needed(depending on how many digits you want to go). I’m ok with just 2, so I’m running the following:
if(type == null)
return ""
name = app + "-" + env + "-" + type
var inum = ""
sSearchPattern = name + inum
// Get a list of computers matching the pattern in strComputer
var computers = ActiveDirectory.getComputerADRecursively(sSearchPattern,defaultADServer);
if(computers[0] != null)
for each (computer in computers)
inum = Math.max(inum,;
var snum=String(inum)
if(snum.length == "1") {snum = "0" + snum;}
//build the new name
var newName = sSearchPattern+snum
// Validate the newly minted name, to make sure it doesn't exist
var computers = ActiveDirectory.getComputerADRecursively(newName,defaultADServer);
if(computers[0] == null)
newComputerName = newName;
return newName;

Original blog below:

So, the white whale for me in automation has been custom naming. VRA allows for specific naming with some numerical iteration, but that’s not always fit the bill. Besides, why can’t I use the naming convention as a dynamic field within custom forms? IS ANYONE READING THIS?


Anyway. There are SO MANY WAYS to do this, it seems silly to add another, but, since I learned from so many people out there, I figured giving back may help someone else.

So your going to first create an action in vRO. Once you login set the dropdown to “Design” – Right-Click on the folder you want to create the action and click “Add action…”



name = location + "-" + domain + "-" + app
var inum = 0
sSearchPattern = name + inum
// Get a list of computers matching the pattern in strComputer
var computers = ActiveDirectory.getComputerADRecursively(sSearchPattern,defaultADServer);
if(computers[0] != null)
foreach(computer in computers)
inum = Math.max(inum,;
var snum=String(inum)
while (snum.length < (2)) {snum = "0" + snum;}
var newName = sSearchPattern+snum
var computers = ActiveDirectory.getComputerADRecursively(newName,defaultADServer);
if(computers[0] == null)
newComputerName = newName;
return newName;

NOTE!! It is assumed each input will be static and have a set default (i.e. Never null). So make sure each input has a default setting…

Basic theory here is that our naming convention is AA-BBB-CCC001(you can change this to anything, it’s not really the crux of this). But what your looking for is the “Math.max”; it’s just delightful. The inputs I used are as follows:


1. location–string
2. domain–string
3. app–string
4. defaultADServer–AD:AdHost

With this as an action, you can do some awesome stuff with custom forms.
For instance, you can set a deployment per app, or environment, create those inputs as static, and type as a dynamic dropdown.
Pretty simple.

    1. Create the Action with the code above and the inputs, and give it a pretty cool name(like edgar)
    2. Create Custom Properties for each input needed BUT the Ad:host (we’ll discuss that later.)
    3. Use custom forms! Activate it, and get a beer… you deserve it, you smart person you.
    4. Bring each input over that you need to use (if the are static only bring over the ones needed for dynamic).
    5. customnaming1For “Hostname”, use external source, and under action, type in the name of your action: (edgar)
    6. For the inputs select “FIELD”, then select the proper custom  property input you created. Then for “defaultADServer” use “Constant”. This will pull the AD Endpoints you have created. Point it to the AD you intend to use (if you want this dynamic you can use it as a field dropdown).
    7. For whatever you wish to create dynamic, set the field to a dropdown, and set the values to “Value|Label,Value|Label”.

Now the external Action will populate the Hostname, and wonderful custom naming “should” be yours.


Good job, get beer.

VRealize Deployments: Part One, Active Directory Policy

So this is a blog series on how to setup and create quick deployments for self-service users in vRealize Automation. This is mostly built-in automation with minimal custom creations. This is pretty basic, but I wanted to start there and grow. I guess in that light I need to go over licensing and the architecture of building the automation as well. but for now, lets just say you have advanced licensing(at least) and your running a minimum to medium enterprise deployment this should work for you.

Should be fun, and maybe it will help someone out there.

*I’m going to assume the following.

  1. Endpoint agents are configured
  2. Resources are granted to specific business groups
  3. Entitlements are granted to said groups for appropriate services/catalog

That being said, here we go.

Deployment Step 1. AD Endpoint

First thing you will want to configure is your Active directory Endpoint. For this you will go to Administration -> vRO Configuration -> Endpoints. From here click “New” and on plugin you will select Active Directory policy.


From here you will input the Name and Description of the endpoint, then the following details for the server. For now, we’ll use ldap connection. Input the host/ip at the top, baseDN, Default Domain, username/password. If failover, round-robin, or Single-server drop-down and add the DC’s to the array below. Finally add the Name for vRO and the final two options aren’t too needed for adjustment. Below is an example of how it should look.


Active-Directory Policy

This is specifically for users who need the computer to drop to a specific OU. To find this on vRA you would go to Administration->Active Directory Policies (If the option does not exist you may be missing some roles on your vRA account). From there you can click “New” which will open up your settings. Here you select the ID(Remember for later),endpoint, domain, and OU you wish the policy to put the Policy.


Now you have an endpoint, and a policy. How do you add it to the blueprint?

The custom property is your go to there. Below is a screenshot that will explain how to associate the policy with the blueprint.


This will create the computer object before the deployment starts and will remove it upon destruction. Nice Self-Service.

Now how do I verify the computer name doesn’t exist?

Create an Action in vRO to find it!

Action in vRO for Checking Computer Name

Set you vRO to Design, and on the cog, you can create an action.

Return type = String


  1. strComputer – string
  2. defaultADServer – AD:AdHost

var computers = ActiveDirectory.getComputerADRecursively(strComputer,defaultADServer);
if(computers[0] == null){
return "This name is available"
return "This name is unavailable"

Place this as a external action on the blueprint against the “Hostname” Custom property(basically the name that the VM will take). This return “This name is unavailable” if it finds anything close to the name, However, this does not stop the request going through. For that you can do a Match field with another Text Field of “This name is unavailable”. Which should only let the request go through if it states “This name is unavailable”

Hope this helps someone get things rolling! I’ll do a blog on Network Profiles next.

The One About Tagging..

So with the future of datacenter segmentation looking like tagging in IT we have seen a major push towards VMtagging around the cubes. Well at least I have.

Lets not mix words. I hated tags. It was basically like putting a sticky note on a machine with no management to make sure things ARE tagged, and no way to easily do tag assignment in bulk. Sound familiar… maybe like a naming convention? Here was the RUB for me. A naming convention is right in front of everyone’s face and it puts the devs in line. Tagging, however, is 100% infrastructure team(or virtual team depending on your organization size).  Well, by the end of this post I should think better of tags… and maybe you will too?


Get PowerCLI

Lets be real. If your not using PowerCLI for automated management of your vCenter your doing yourself a disservice. For one, its a really good resource to pull information across the entire vCenter and dump it in front of yourself in different formats(.csv, .xml etc.). Another is that PowerCLI allows assignment and adjustment across multiple VMs. So for tags of course PowerCLI would be your go-to for assignment, adjustment, and removal.

There are multiple code sources out there for tag assignment. Here are a couple excerpts. NOTE: always remember to assign to the proper vCenter for the tags, Assigning to vCenter b to assign a tag to a VM in vCenter A will not work even if the IDs are identical.

Connect-viserver vcenter1 -user vcenteruser -pass vcenterpassword

This connects the your client machine to the needed vCenter. Though tag ID is now the same across linked vCenters PowerCLI needs you to assign to the VM’s vCenter to assign the tag. We’ll get more into this later.

From here you can run your gets, removal, and assignments of tags by NAME. so

get-tag -name ‘tagname’

This can be set to a variable like: $tag = get-tag -name ‘tagname’ which can then be assigned to a VM. So lets just see a simple VM get and tag assignment.

$vms = Get-VM vmname*
$tag = Get-Tag -name "TheCoolestTag"
$vms | New-TagAssignment -Tag $tag

NOTE: the astrisk after “vmname” is a wildcard, it it actually pulls a group of VMs starting with “vmname”. If you want to do one at a time(and why would you) remove the * and put the full VM name.

Just a simple get and assign of tags through powerCLI. Now lets look at the same thing via vRO

vRealize Orchestrator

Now in vRA deployments you want to tag all VMs properly so that they have the proper tags needed for management. The built in library has several tag based workflows out of the box, but first you need to run through some setup.

First create a vapi endpoint to your vCenter(Wokflow is found in the library -> VAPI -> “Import VAPI Metamodel”(the VAPI endpoint will be added as well)


You want to use Secure Protocol Connection so that the endpoint is used for future orchestration. Input the name of the vCenter (plus /api), so Input a username/Password combination that will not change(service account if possible), and Select to add the vAPI endpoint.

This will create the connection for you for tagging. Now, lets talk about that tagging assignment, and gets; this is where it can get a little tricky. The library for tagging is found in library -> VAPI -> Examples -> Tags. This includes creating category’s, tags, and assigning tags.  In the “examples” folder you will find some “Get” workflows, but, if you run you get a csv string for all IDs of the tags. I don’t know about you, but I don’t remember tags by IDs.

So, how do we do a pull by name? Well, there is an action in vRO for findTagByName in com.vmware.vapi.tags. This takes an input of the vAPI endpoint(metamodule is needed so it should be there if you followed above), name, and whether you want to run it as case sensitive(boolean). Now, you can take this workflow and run a system.log after the action for the needed information. Here is what my workflow looks like:


This should return the information you need to tag VMs with the specific tag. You should be all set using the built in workflow “Associate vSphere tag to VM”. This workflow needs the API, the ID of the tag(tagid) and the VM :


But lets make a quick change to that workflow’s “Scriptable task”. Currently the built-in workflow(as of 7.5) shows this:

if (vapiEndpoint == null) {
throw "'endpoint' parameter should not be null";
if (tagId == null) {
throw "'tagId' parameter should not be null";
var i = 0;
while (i<5)

try {
var client = vapiEndpoint.client();
var tagging = new com_vmware_cis_tagging_tag__association(client);
var enumerationId = new com_vmware_vapi_std_dynamic__ID() ; =;
enumerationId.type = vcVm.vimType;
tagging.attach(tagId, enumerationId);
System.debug("Tag ID " + tagId + " assigned to VC VM " +;

} catch(e) {
System.debug("Associating " + tagId + " failed. Retrying " + i + " of 5 attempts");
if (i=4) { System.error(e.message); }

There are some opportunities for this workflow. First, if you use this out of the box and put in an incorrect tag it will continually cycle, 2nd if you fix the cycle, it will never fail. So here is the code with my adjustments to ensure it only tries 5x, fails on the 5th, and sends the exception.

if (vapiEndpoint == null) {
throw "'endpoint' parameter should not be null";
if (tagId == null) {
throw "'tagId' parameter should not be null";

var i = 0;
while (i<6){

try {
var client = vapiEndpoint.client();
var tagging = new com_vmware_cis_tagging_tag__association(client);
var enumerationId = new com_vmware_vapi_std_dynamic__ID() ; =;
enumerationId.type = vcVm.vimType;
tagging.attach(tagId, enumerationId);
System.debug("Tag ID " + tagId + " assigned to VC VM " +;

} catch(e) {
System.debug("Associating " + tagId + " failed. Retrying " + i + " of 5 attempts");
if (i==6) {
throw e.message}

Lets go through the changes:

  1. To try “5 out of 5”. The end catch should be 6 not 4…
  2. Change the “while” clause to 6 so that the catch runs at 6 and it doesn’t just end successfully.
  3. Finally “throw e.message” will make the workflow actually fail. If you just want the log, but want the workflow to continue, you can remove this.

**NOTE** You can attach multiple tags this way, just duplicate the workflow and add attributes for each tag ID, adjusting the script to use the proper attribute variables one at a time, per vAPI.

Now, with this workflow and inputs you should be able to add tags to your VMs, with property assignment, and subscriptions. That’s for another time I suppose.

Home Lab @lamW: Getting Started

I’m a big fan of Virtually Ghetto, and I’ve used his blog for a lot of things. He has some great stuff for home labs and I’m going to see if i can join up with this group buy. If you’re interested, and serious about a home lab. Sign-up!

This site has all the specs and some good information on the group buy. Also if you look at previous links (supermicro-e300-9d)has some good review on the box itself. I want the E300-9D myself for the whole vRealize suite, so its a bit of a challenge but if i can get it rolling it would be quite awesome.

Follow William Lam @lamw on twitter and read up on him at virtually ghetto

Hes got some great stuff, and is totally worth the read.

Certifications in 2019

The Goal

So I already mapped out what my plan was for 2019. These included a personal lab, learning infra as code, and moving into more automation specialization over more tools.

Well lets add certifications to that! I’m not a big certification guy. I thought I’d need them to get my foot in the door but it turned out I didn’t. So this is a basic plan for me in 2019 for certifications:



From this I’m planning on the “Cloud Management and Automation” roadmap. This by itself should keep me busy. I’ve built my own lab before and it was… ok… (I learned very quickly that a 4 core 16GB ram desktop will only get you so far). I’ll have more posts about that, but my point here is that I’ve setup a whole vcenter environment so I’m not starting from absolute scratch.


I’ll be working on “Cloud Practitioner” certification as well. This is relatively simple but helpful to expand and robust my resume'(I hope). I can always move ahead in another direction afterwards but this is a good starting point.

This is all I’m going to focus on for 2019, and lets be honest, I may not get that far into it. Here it is day 2 of January and I havn’t started the process. Though I have started connecting vRA to an SDDC in VMC(More on that later).

’till next time folks.

Template management 101

So what does vRealize really utilize for automation. Well in 7.4(I believe) things got a lot easier with their guest agent. Utilizing the agent page from the appliance will now show an actual PowerShell or bash command for installing the agent(pretty awesome).

Here is the thing. Though the automated installer will remove the already installed guest agent, it doesn’t do it very cleanly. So some old commands are still very useful.

Goal of this blog:

Template management is key for success. Especially when running multiple vRA instances across the US and abroad. Making sure the template is pointed to the proper appliance(or VIP for HA), and IAAS Manager(Or VIP for HA) is CRUCIAL. Without the proper setup you will probably run into timeouts or issues with your deployments and the “customization”. If you’ve worked with vRealize you know how annoying the “Error during customization” message can be.


(Solution for removal pulled from Jim Griffiths @  Hes a great blogger with some good stuff, so check him out! )

Here are the steps to uninstall it;

From a command prompt on the machine which has the agent installed, type;
net stop vcacguestagentservice
sc delete vcacguestagentservice

If you do not want to install the vRAS\vCAD agent after this, then you can use the below command to remove the folder;
rmdir c:\vrmguestagent /s /q

I suggest running all three commands before installing the agent again.

Steps to run the installation of the gugent agent

  1. Download the gugent agent off your primary vRA appliance(if HA this can be any appliance).download guest agent1download guest agent2
  2. Move the .zip to the Machine that will be templatized.
  3. Extract the folder. There will be a folder within the extracted folder. I hate that so i just move the final folder to a c:\temp directory normally.
    1. Now open an command prompt runas admin and run PowerShell -NoProfile -ExecutionPolicy Bypass -Command C:\temp\**FOLDERNAME**\prepare_vra_template.ps1(if your like me and put it in c:\temp. **FOLDERNAME** is what vRA names the folder or if you rename it(default is currently prepare_vra_template_windows)*NOTE* To me this is the cleanest install, but for those that prefer .bat files…
    2. You can also run this by simply opening the prepare_vra_template_windows folder and running prepare_vra_template.bat as Administrator.
    3. Both of these solutions will get you a prompt asking for additional information
  4. First it will ask for you FQDN/Ip for the vRA Appliance(VIP if HA). *I find that if your using multiple domains the IP is better than the FQDN so DNS doesn’t bite you in the butt. However, If you didn’t put the IP in the appliance certificate(and shame on you if you did). This will not function properly.*download guest agent3
  5. It should find the appliance if the template can hit it and pull the certificate. Type “Yes” if the SHA1 matches(and if you really want to check that)
  6. Next is the manager. So type in the FQDN/Ip for the vRA IAAS Manager(VIP if HA)*I find that if your using multiple domains the IP is better than the FQDN so DNS doesn’t bite you in the butt. However, If you didn’t put the IP in the appliance certificate(and shame on you if you did). This will not work.*download guest agent4
  7. The rest is dependant on how your setting up the agent and where the template is (EC2, vsphere, etc) and the account you want to use on the machine for administration(local, or domain).download guest agent5
  8. After all information is completed the install will run and when complete, you should see a message that states “INSTALL COMPLETE Ready for shutdown”(or something like that…). Dont shut it down yet..
  9. Here is when your run your sdelete, or whatever cleanup solution you have(dont forget to delete the agent install!! )
  10. Now shut it down…

The GuestAgent log should now show proper calls, and responses including the full payload when the template is deployed. Pretty cool stuff…

Now never touch the template again…


Automation Software Starting in 2019

So, as I’m a VMware tech, specializing in automation, this blog will be very focused on “How-To’s” in terms of administration of the different software solutions.

Probably not a great idea to write this since my kids, and wife have all had the flu in the past 72 hours… so caffeine source blogging ftw?

Software administration is going to be mostly focused on vRealize Automation and vRealize Orchestration. As those are the main focus that I currently have. I’m going to look into Open Stack later, but as most corporations shy away from non-enterprise solutions it’ll just be a personal lab solution(which I’m still working on).

Just to give a heads up on where this should be going within the next year. Goal is to update with weekly blogs, but hopefully there will be more to share.

Fun stuff… Lets hope…