VMware Cloud Community
JamesJon
Contributor
Contributor
Jump to solution

VSphere VCenter Server Appliance install issue

Hi,

After welcome help from you guys I have managed to set up my isolated home lab with an evaluation version of VMware 6.5 ESXi.. The Server 2008 R2 PDC (10.0.0.1) acts as an AD/DNS/DHCP server and it and the windows 7 client (10.0.0.100) ping both ways with no issues. The client joined the domain also with no errors.

However I'm having problems installing the VCSA appliance in that it completes the first part (the install) but wont allow the second part (configuration) to start.

I get the following error saying it cant talk to the appliance.

"Unable to proceed with stage 2 of the deployment process. Click close to exit the installer.

You may attempt to continue with stage 2 by logging in to the appliance at https://vcenter.lab.local:5480/ "

Installer log files are located at C:\Users\LASERL~1\AppData\Local\Temp\vcsaUiInstaller"

When i use that url to login it doesn't connect

I think it may be something to do my isolated network but I cannot work out what, so I was wondering please if someone could look at my 'configure network settings' area of the install to advise?

The network is Isolated

IP version is ipv4

IP assignment is static

System name is vcenter.lab.local

IP address is 10.0.0.101 (reserved)

Subnet mask is  255.255.255.0

Gateway is 10.0.0.1 ( i don't have a gateway as the network is isolated but I have to put an entry in to continue)

DNS Server is 10.0.0.1

Any advice or suggestions would be gratefully received Smiley Happy

Also, the install seems huge (239GB) Is that normal?

Cheers

James

Reply
0 Kudos
1 Solution

Accepted Solutions
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

Hi James,


In my view, the install order should be as follows:

  • Configure ISP ROuter to do DHCP on 192.168.200-254 (you may need to reboot any device that is getting dhcp from the router if the IP address isn't in that range or give it a static IP)
  • Install & Configure ESXi with static 192.168.0.2 address - lets call it esxi01.cool.local
  • Create a Windows VM let's call it ad01 with a IP= 192.168.0.10 / SUBNET = 255.255.255.0 GW = 192.168.0.1
  • Promote/Install Feature so that  ad01 to be AD DC & Create DNS (probably AD integrated would be easiest), create an AD called cool.local
  • Confirm Primary Reverse Lookup zone is in DNS for 192.168.0.x (this can be one through powershell using

              Add-DnsServerPrimaryZone -NetworkID "192.168.0.0/24" -ReplicationScope "Forest" -PassThru

  • Create DNS A  (and DNS PTR) Record for the VCSA (so vcenter.cool.local or whatever you're using for the AD)

               Add-DnsServerResourceRecordA -Name "esxi01" -ZoneName "cool.local" -IPv4Address "192.168.0.2" -CreatePtr

               Add-DnsServerResourceRecordA -Name "vcsa01" -ZoneName "cool.local" -IPv4Address "192.168.0.10" -CreatePtr

  • Deploy and Configure vCenter VCSA using the FQDN
  • (if required/desired) Add the DHCP Role to the Windows AD Server and configure the DHCP Scope.
  • Add Host entries for vcsa01, esxi01 and ad01 onto your admin laptop to point to vcenter.cool.local so that you can browse to it via name in the web browser (otherwise it will be ip lookup only).

     The host file can be found in C:\Windows\System32\Drivers\etc and the format is ip address <tab space> fqdn, so esxi01 <tab space> 192.168.0.2 <enter> etc etc

Note: I have only tested the above powershell on Windows 2012 and Windows 2016 but it should work.

Hope that Helps

View solution in original post

Reply
0 Kudos
26 Replies
Stanley_
Enthusiast
Enthusiast
Jump to solution

Hi,

- what about NTP (time sync)? are all VM's/servers synced?(use same time).

- DNS PTR (reverse DNS) is working?   for example ... ping -a 10.0.0.101

and yes 239GB is "normal"

pastedImage_0.png

Stan.

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Stan, thanks for replying

Yes, my PDC and windows 7 VM are both showing exactly the same time, and I can do a reverse lookup from the PDC to the installed VCSA VM as you suggested

I didn't realise the VCSA install was so large - my total datastore size is 600Gb so I've used half of that already. eek

Do you think i should do away with an isolated network, and use a 192.x.x.x address from my home router instead? I'm loathe to do this really though as the whole object of my lab was to have it running in isolation.

I've deleted the vm and am trying to install VCSA again, but have noticed, which I didn't before, that I get a warning (see attached) saying FQDN of system name is not resolvable to IP? (my lab domain is called cool.local)


I am installing the VCSA via my laptop (with a 192.x.x.x address) just as I did the VServer client.

Is the VCSA install failing because my esxi host is using a 192.168.x.x ip address from the router  (it is installed on a bare metal server)  whereas my appliance is being installed in the isolated 10.0.x.x range do you think?

If that's the case though how can I install it in my isolated network? I've tried mounting it as the CD and running from my PDC, but I get the reverse problem in that it cant see my ESXI host itself to start the install (as its on a 192.168.x.x range)

Cheers

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

Hi,

I have a similar setup although not completely isolated.

Is your AD/DNS server on the isolated VLAN (10.0.0.x) or on the 192.x.x.x of your router?  It can't be isolated and will still need an appropriate Gateway even if it is not going to use it.  A DNS server on .1 is not a good idea because that is normally reserved for gateway (or .254).

You need to have created a DNS entry in your DNS server for your VCSA server and you need to be able to forward and reserve resolve the IP address to the DNS server.

What i personally did with my Draytek Router was configure a route between the two VLANs on the router so 1 port connects to a switch with all my home stuff on it and the other port connects to my homelab network via another switch.  All my AD and DNS are in the homelab network.

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi,

My AD/DNS server is indeed on the isolated VLAN

If i create a new server purely for DHCP/DNS and place that on .6 instead would that help do you think? I would then have just AD on .1 and use that ip as my gateway..

I did put a DNS entry in my DNS server for my VCSA server but I'm unsure how i'd be able to forward and reversve resolve the IP address to the DNS server.when the VCSA hasn't been created yet?

I have a very locked down router from my ISP so I doubt I'd be able to configure a route between the two VLANs on the router as you did. I also don't have any switches, just a server, a laptop and my router.

Cheers,

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

James,

Is there a reason for the environment to be isolated?

Have you configured a Gateway address on the Windows AD Server?  If so what is it?

Is the AD Server a Virtual Machine on the ESXi Server? Is the WIndows 7 Desktop a Virtual Machine on the ESXi host or is it the Laptop connected to the switch?

Personally given the limited equipment you have I would put everything into the 192.168.x.x address space, changed the ISP router's DHCP scope to exclude (lets say) 50 addresses, then statically assign those 50 addresses to anything you need in your home lab and then use the ISP Router as the gateway.  Just because they in the same address space doesn't mean you will have any issues.

Also did you try to connect to https://10.0.0.101:5480/ because if name resolution isn't working you should still be able to get it via IP.

However if your machine is on the 192.168.x.x network not sure how your going to route to and off of that network.

Chris

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris,,

The reason for the environment to be isolated is that I wanted to setup a DHCP server in my lab. I was unsure of the complications of having my router acting as a DHCP server as well in that circumstance.

I hadn't configured an address as the gateway on my PDC because I thought I'd have no need to if the lab were isolated. Is that a wrong assumption to make?

The AD Server is indeed a Virtual Machine on the ESXi Server, as is the WIndows 7 Desktop . My admin laptop is connected directly to the router, as is my physical esxi server (Dell T310)

Are there any security implications with having all my lab and home equipment using 192.168..x.x addresses at all?

I didn't try and connect to https://10.0.0.101:5480/ (I should have thought of that really thinking about it)

Thankyou for your time with this, much appreciated.

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

Hi James,

Obviously it's not ideal, but I know lots of people that do it because they don't have a switch. 

I assume the ISP router/modem also contains some rudimentary firewall so you're protected from the outside world.

The biggest benefit of having it on the 192.168.x.x network like your laptop would be the ability to connect the VMs to the internet to get updates for AV and Windows, keeping them as up to date as possible.  (albeit this could be not required on an isolated network)

From a DHCP perspective, most ISP routers will allow you to choose the address range so you could have your ISP router dish out DHCP for 192.168.1.5 -> 192.168.1.100 for your home devices (if you have more than 95 devices then you really need better wifi or a serious amount of switches).

Then have your physical ESXi Host(s) on 192.168.1.101 - 192.168.1.110 (with some space for expansion of the homelab/storage etc), Leave 192.168.1.111 - 192.168.1.150 for statically assigned VMs (i.e. put your AD Server on 192.168.1.111).  Then get your AD/DHCP/DNS server to dish out a scope of 192.168.1.x /24 then exclude the first 150 addresses to automatically assign 151-254 for anything you want to build/destroy like the Windows Desktop.

You're right Gateway isn't always required, the issue would be how do you get your admin laptop in the 192.168.1.x network to and from the 10.0.0.x network.

Assuming you can ping from your Admin Laptop to the address space on the 10.0.0.x network in maybe just a case of adding static host entries on your admin laptop, so vcenter.lab.local 10.0.0.101 for example becuase DNS wouldn't be working in the 192.168.1.x network as the AD server doesn't know about it.

Chris

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris,

Sadly in my instance the below are the only settings my IPS's router lets me change

LAN IP

255.255.255.

DHCP

Check to enable or uncheck to disable DHCP

192.168.0.to254
http://192.168.0.1/VmRgDhcp.html1 Day

So it looks like i'm pretty stuck for having a few ip ranges for devices as you suggest unfortunately as the .254 end ip is burned in.
I can reserve addresses in DHCP reservation so at least that aspect might work going forward.

I had no idea setting up a home lab could be so complicated Smiley Happy The reasoning for my lab is to practice SCCM software distribution and I've not installed that server yet. lol

Cheers,


James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

Hi James

So turn my recommendation on its head and use 200 -254 for home kit and everything else for homelab

Chris

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris,


Today I recreated my lab from scratch using my router as the DNS server and using a solely 192.168.x.x ip range.

I used the DHCP option in my routers settings to reserve an ip address for the ESXi host of 192.168.0.1. I then installed the VSphere VCenter Server Appliance successfully using the DHCP option rather than static, and using it's ip address rather than FQDN. I then reserved the VCSA's ip address also inside my router's DHCP settings.(192.168.0.4)


This unfortunately has given the VCSA vm a name of 'localhost.localdom in it's DNS setting in ESXI, , which isnt ideal but it's working.

I will next create a PDC but just install AD, not DHCP/DNS. I'll then let my router continue to act as a DHCP server and a hosts file to act as DNS, as creating a DHCP/DNS server in my lab will complicate things for my skill set I think.

I hope the above wont cause issues for my SCCM deployments later on......

Cheers,

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

James,

It is very likely that the router IP address is 192.168.0.1 so that shouldnt be used for the esxi host.

All you had to do for the DHCP on your router was enter 192.168.0.200 to 254 on the screen previously shown and then 192.168.0.1->192.168.0.199 would be available for the home lab.

Create your ESXi host with a static IP address (dont need to reserve it in DHCP) of 192.168.0.2, build your VCSA on the host and give it an IP address of 192.168.0.10, once that's configured build your AD Server and give it 192.168.1.11.  Create a DHCP scope on your AD Server and set the scope to 192.168.1.0/24 and then excluded the 192.168.0.200->192.168.0.254 on windows DHCP.

Then point your servers/workstations to 192.168.0.11 to get DHCP (if thats what you want to do).

You can have two DHCP scopes on the same network as long as the scopes dont overlap (i.e. by excluding part of the range on the Windows DHCP Server).

Chris

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris,

Many thanks for explaining this. I will change the ESXi ip to 192.168.02 as you suggest, and will delete the VCSA vm and recreate it this evening.

One question though, if I choose a static address on the install screens i'll need to add a valid fqdn name which i dont have - (only cool.local which i will create after creating a PDC later on)

Would you choose the DHCP option to install instead?

Sorry for all the questions,

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

Hi James,


In my view, the install order should be as follows:

  • Configure ISP ROuter to do DHCP on 192.168.200-254 (you may need to reboot any device that is getting dhcp from the router if the IP address isn't in that range or give it a static IP)
  • Install & Configure ESXi with static 192.168.0.2 address - lets call it esxi01.cool.local
  • Create a Windows VM let's call it ad01 with a IP= 192.168.0.10 / SUBNET = 255.255.255.0 GW = 192.168.0.1
  • Promote/Install Feature so that  ad01 to be AD DC & Create DNS (probably AD integrated would be easiest), create an AD called cool.local
  • Confirm Primary Reverse Lookup zone is in DNS for 192.168.0.x (this can be one through powershell using

              Add-DnsServerPrimaryZone -NetworkID "192.168.0.0/24" -ReplicationScope "Forest" -PassThru

  • Create DNS A  (and DNS PTR) Record for the VCSA (so vcenter.cool.local or whatever you're using for the AD)

               Add-DnsServerResourceRecordA -Name "esxi01" -ZoneName "cool.local" -IPv4Address "192.168.0.2" -CreatePtr

               Add-DnsServerResourceRecordA -Name "vcsa01" -ZoneName "cool.local" -IPv4Address "192.168.0.10" -CreatePtr

  • Deploy and Configure vCenter VCSA using the FQDN
  • (if required/desired) Add the DHCP Role to the Windows AD Server and configure the DHCP Scope.
  • Add Host entries for vcsa01, esxi01 and ad01 onto your admin laptop to point to vcenter.cool.local so that you can browse to it via name in the web browser (otherwise it will be ip lookup only).

     The host file can be found in C:\Windows\System32\Drivers\etc and the format is ip address <tab space> fqdn, so esxi01 <tab space> 192.168.0.2 <enter> etc etc

Note: I have only tested the above powershell on Windows 2012 and Windows 2016 but it should work.

Hope that Helps

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris.

Wow, thankyou very much for this guide, I will follow this in the morning from scratch and will let you know how it goes

Thanks again,

James

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

‌hi James - how did it go? Saw a notification about a problem with the power she'll but then went to look and nothing on the post.

Chris

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris, thanks for your message.

I got as far as the powershell commands and posted a comment here, but then after googling the error it transpired that the Add-DnsServerPrimaryZone commandlet does not work in server 2008 R2 so I deleted the question.

I've been away from home this afternoon so have just switched everything back on and will try and do the reverse lookups and pointers via the DNS gui.

Cheers,

James

PS have just created the DNS records but noticed you advised to give AD01 an IP of 192.168.0.10, but then the A Record gives vcsa01 that same ip address of 192.168.0.10?

Is that intended?


PPS I'm getting the FQDN of system name is not resolvable to IP on the install screen again of the appliance Smiley Sad

I will attach screenshots in a few seconds to show you

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

‌hi James

sorry that should have said 192.168.1.9 (or basically anything other than .10, .1 or .2)

Chris

Reply
0 Kudos
thecloudxpert
Enthusiast
Enthusiast
Jump to solution

sorry 192.168.0.9‌

Reply
0 Kudos
JamesJon
Contributor
Contributor
Jump to solution

Hi Chris,

I think I may have to give up on installing VCSA with an FQDN and static ip address as I've been trying all evening unfortunately to no avail.

I keep getting the FQDN of system name is not resolvable to IP error,, and then the install fails when it gets to the configuration stage.. This happens even though the install is pointing DNS to my AD01 server and my reverse lookups are created.

It's very frustrating but I suppose if I install VCSA with DHCP then at least I know it should install for me

Cheers

Simon

Reply
0 Kudos