vBlock upgrade: Cisco Nexus 1000v VSM upgrade guide – example target version 5.2(1)SV3(1.5a)

Cisco Nexus 1000v VSM upgrade

1.Download the necessary files from VCE portal based on your target RCM

2.Verify all the prerequisites on Cisco documentation:

(here’s the example for version we are upgrading to 5.2(1)SV3(1.5a)

3.Make sure there is sufficient space on active and standby VSM:

Log into active VSM
check active VSM disk space:
check the standby VSM disk space
– If needed delete old files using ‘delete’ command (always leave the current VSM version files just in case for the restore)
– repeat the same for standby VSM:

4.Copy the files onto active VSM.
In order to transfer the files, log onto active VSM and run:
– copy those onto the standby VSM

5.Copy running configuration to startup configuration

6.Power off standby VSM and clone to template:
After that power on the standby VSM and wait until it comes back up.

7.Backup and pre-checks
Log onto active VSM.
Copy running configuration to startup configuration:
Run pre-checks:
Looking above we can see that the impact state is non-disruptive, we can verify the current and new version as well as ESXi compatibility.
It’s crucial that ESX hosts are compatible at this stage as the VEMs are not upgraded yet.

8.Verify Cisco VSG is not present in configuration

9.Begin the install
This will show the pre-checks table again and will prompt if you would like to take a backup. Select N (if you select Y, the installer will quiet and the backups are to be taken manually via scp commands as done in step 7)
The installer will hang on “Switching over onto standby” : (SSH session may timeout here, it’s OK!)
At this point wait few minutes and log-in to VSM (which is the standby VSM which has now became the active VSM)
Once logged in run:

10. Post-Installation checks
Run show version command on both active and standby VSM:

This should return the target version in our case 5.2(1)SV3(1.5a)

Copy running configuration to startup configuration (IMPORTANT)

Upgrade completed!
WhatsAppTumblrEmailGoogle BookmarksPrint

vSphere 6u2 permissions vs perl SDK API calls.

Prior to upgrading to vSphere 6  (running 5.5) my user account had a read-only privileges on the vSphere object, Datacenter object, as well as some grater rights on clusters, vDS and datastore.

Using Perl SDK to deploy new VM’s – vmcreate.pl worked fine.

PowerCLI C:\Program Files (x86)\VMware\VMware vSphere CLI\Perl\apps\vm> perl .\vmcreate.pl –url https://vCenterServer.local:443/sdk/webService –filename C:\Sc
ripts\XMLVM.xml –schema C:\Scripts\Schema.xsd –username ad\test
Enter password:

Successfully deployed the VM. 

After the upgrade to vSphere 6u2 each time the script was run, it returned an error:

Moreover the VM could be easily created in that cluster / datastore etc using both Web Client and C#.


After ripping permissions top to bottom and bottom to top it looks like for some reason it requires administrator privileges on the data center object.

I’ve tried to narrow it down and create the custom role  (focusing on Inventory and Virtual machine privileges ) however there are some further issues.

C# client and API would work, but I was unable to deploy VM manually in the web client… ?!?

Leaving this permission as administrator on data center object non-propagating looks to do the job for now.

I’ll keep this post updated if I find time to drill down into it further.

WhatsAppTumblrEmailGoogle BookmarksPrint

vCloud Director RESTapi using powershell to disable org,orgvdc and poweroff vApps

Script written to automate vCD cancellation process using powershell and REST.

It takes vcd and organization as input and cancel that customer in multi tenant environments. By cancel I mean disable org,orgvcd and power off all existing vApps.

Any questions let me know!



WhatsAppTumblrEmailGoogle BookmarksPrint

Powershell & SSH-Module – automated ssh/sshd configuration changes for multiple nodes

This script uses powershell ssh module and provides a quick way for global configuration changes if puppet/chef etc is not available in your environment. Below is an example of ssh/sshd changes. Moreover using invoke-sshcommand can perform any  action / pass parameters to the shell.


WhatsAppTumblrEmailGoogle BookmarksPrint

Powershell,ovftool & powercli unattended deployment Tips

Typical vCC deployment command syntax is:

Here’s how to obtain some of those parameters (PowerCLI):

Get host from specific cluster:

Get datastore with most free space for specific cluster:

Get network with specific content/prefix:

Have fun!

WhatsAppTumblrEmailGoogle BookmarksPrint

ovftool syntax and escaping special characters

Came across an issue (what are the odds for that ?) where my password did not go along with ovftool syntax.

The syntax is vi://username:password@vcserveraddress

You could see having @ is a problem, as well as ad account having ‘ad\’ , found this blog by Steve Flanders which allow me to bypass this issue


Modified script in order to escape the special characters:

OLD script (doesn’t work)


Modified script (excluding LDAP part which remains the same):

Hope it helps.

WhatsAppTumblrEmailGoogle BookmarksPrint

Automated deployment of vCC Server/Node on biggest datastore/dmz network/LDAP auth using powershell and powerCLI

EDIT – Struggling with VAMI property key does not exist, here’s the workaround. Let the VM boot without applying network settings and use PowerCLI – Invoke-VMScript


Datastore calculations found on http://www.spug.co.uk/?p=185 @Thanks!

Also William Lam’s post http://www.virtuallyghetto.com/2011/11/unattended-deployment-of-vcloud.html – Thanks!

WhatsAppTumblrEmailGoogle BookmarksPrint

VCAP5-DCA Objective 1.2 Configure and Administer storage based profile / policies

Quick and easy post on VCAP objective with regards to vSphere storage profiles.

Profile driven storage is a great way to efficiently manage storage capabilities, its usage and associated cost. In a simple words: Let’s say customer’s on-premis or cloud-based VDC contains some LUN from cheap SAN that uses 2TB 7k drives (inexpensive and average performance) and another LUN from Enterprise grade SAN that uses SSDs. (expensive – high performance). Without storage profiles, Administrator (or someone who deploys VM’s) would need to remember which datastore belong to specific LUN, and it gets even more complicated in the multi tenant environment with loads of datastores.

Defining storage profiles enables more efficient management of virtual data centres, saves cost and simplifies administration. Moreover products such as vCloud Director seamlessly integrates and allow the use of storage profiles when creating customers VDCs.

Lab presents creating 2 different storage profiles (‘BigDaddy’ and ‘SlowlybutSurely’) and associating one with VM. I find it much quicker to configure using fat client but vSphere web client can be used instead.

Step1. Create User defined storage capabilities

In vSphere client navigate to Home -> VM Storage Profiles, select Manage Storage Capabilities Here I create couple of user defined capabilities – bronze (slow cheap storage) and gold (fast SSD-backed storage)capabilities

Step2. Assign user-defined storage capabilities.

Navigate to Storage View and select datastore (for fast storage) -> right click and select Assign user-defined storage capability, on the pop up screen select the capability. In my case Gold profile has been assigned to Datastore A & B, Bronze to Datastore C.

Bronze and Gold


Step 3. Enable profile driven storage on the cluster. 

Navigate to Home -> VM Storage Profiles -> Select Enable VM storage profiles on the top bar menu.

enable storage profiles


Wait until the status changes to Enabled.


Step 4. Create VM storage profiles.

Navigate to Home -> VM Storage Profiles -> Select Create VM storage profile.

Here’s where profiles are created and capabilities are assigned to those.

Created ‘BigDaddy‘ for Gold capability (fast SSD-backed storage) :

Screen Shot 2015-09-03 at 10.05.17



and ‘SlowlybutSurely’ for Bronze capability (cheaper storage):

Screen Shot 2015-09-03 at 10.07.04


Step 5. Associate the storage profile with Virtual machine


Select Virtual Machine, right client -> VM Storage Profile -> Manage storage profiles

Select the appropriate profile and click on -> propagate to disks.


Step 6. Check VM storage policy compliance 

Navigate to VM which has associated storage profile and click on Summary tab,

Find panel ‘VM Storage Profiles’

If the VM is currently on datastore which has none or different profile associated,  the Non-Compliant error will be displayed.

If that’s the case, use Storage vMotion to move it’s data onto compliant datastore, once that’s done check the summary page again.



New options are now available when deploying new VM’s during storage selection allowing storage profile to be selected.

Moreover vCloud Director also allows to use of the same storage profiles.

Hope that helps!

WhatsAppTumblrEmailGoogle BookmarksPrint

VCAP5-DCA Objective 1.2 Identify and tag SSD and local devices

Quick blog post how to make sure your device is being seen as SSD (even if it doesn’t necessarily is! – tricking ESXi).

Looking at the datastore I can verify their status as NON-SSD.


In some cases it may be a SSD datastore which is not detected correctly.

Diving into esxcli we can find out more information about the device:

We can tell that:

Both: is SSD and is Local values are set to false,

When the device isn’t tag correctly , this can be done manually by obtaining Device display name and Path Selection Policy:

In our case the details are as follows:

– Device display name:


– Path Selection Policy:


We can use both of those values to enable SDD (or/and enable local) by creating a rule (similar to LUN MASKING objective 1.1)

unclaim the device:

load claim rules:

execute claim rules:

check the device again and grep SDD value:

Verify in GUI: Screen Shot 2015-08-27 at 14.14.26



Hope that helps!

WhatsAppTumblrEmailGoogle BookmarksPrint

VMFS UUID components

I thought this one is quite interesting to blog about. Obviously for VMware guru’s that just old common knowledge.

Let’s start with defining what’s is the UUID made up from:

The UUID is comprised of four components :

  •  System Time
  • CPU Timestamp
  • Random Number
  • MAC Address – Management Port uplink of the host used to resignature or create the datastore


~ # esxcfg-scsidevs -m

You can notice each datastore UUID ending with -00c2956461b as based on the management uplink:

uplinkThe start of the UUID uses system time and CPU timestamp + random number to guarantee the uniqueness.

WhatsAppTumblrEmailGoogle BookmarksPrint