Hi Luc,
i have been trying to implement vsphere best practices and new features on vmware environment using powercli .
i am in process of checking following and thought of discussing with you if we can add additional features in following list.
1:content Library
2:vcenter high availability
3:virtual machines encryption (that need KMS server i think that incur cost to customer)
4:file based backup(needs location of ftp server)
5:per vm evc
6:enhanced link mode
7:i am planning to do this with powercli 11.5 and posh ssh module .
See Install and configure an FTP server with PowerShell
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I would also consult these
It's obvious that these are all collections of guidelines and best practices.
I would suggest taking from these what can easily be defined in a simple rule and translated to a PowerCLI script (verification & setting)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
thnaks Luc ,
i am checking what yu suggested .
just thought of asking if you happen to know any free community solution that work as a KMS server for virtual machine encryption .
Several implementations used PyKMIP, but that, as they state themselves, is not intended for production.
In fact, I'm currently reading an interesting, recent thesis, named Secure handling of encryption keys for small businesses
I haven't finished it yet, but Vault, by HashiCorp, seems to be the most promising.
It is marked as 'freemium' SW.
Basic version is free, and there are paid versions available.
Another point I haven't looked at yet is which prereqs vSphere encryption has, and how a package like Vault complies with these prereqs.
Perhaps something to ask in the Security community on VMTN?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
thnaks Luc ,
i am checking this ...
If you want a KMS that is verified by VMware check this https://www.vmware.com/resources/compatibility/pdf/vi_kms_guide.pdf
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks Luc,
i am going to check this.
However just found that vcenter high Avalaibility can only be configured on vcenter appliance not on windows.
Yes, that is correct.
But then again, vCenter on Windows is in any way on the way out.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
yes it is ...
is it fine with you if leave this thread open for further discussion on the of above mentioned features ...
it will help me to get all info in one place for this topic .
Sure
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thnaks Luc .
currently i m in process of developing powercli script to implement below features .
however i am checking some environemt where vcenter appilance is installed so that i can include vcenter high availabilty and file based backup ...
will share with you to check and modification .
1:content Library
2:vcenter high availability
3:virtual machines encryption (that need KMS server i think that incur cost to customer)
4:file based backup(needs location of ftp server)
5:per vm evc
6:enhanced link mode
7:i am planning to do this with powercli 11.5 and posh ssh module
if you know the vsphere HOL lab for implementing file vcenter(appliance) file based backup feature .
just thought of configuring it on vmware lab .
That's a good idea, but be aware that these HoL do not always have the most up-to-date PowerShell and PowerCLI version installed.
And there is no Internet connection, so you can't update.
That shouldn't be a problem in most cases though
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
i did it on one lab tested content library .
what i wanted to ask is are you aware of lab number which has file based backup discussed as i need ftp location and i think it will be in that specific lab.
You can set up an FTP server on the W2K12R2 server in the HOL-2012-01-SDC - VMware vSphere Automation - PowerCLI lab.
Just add the IIS - FTP Server (see for example How to Install FTP on Windows Server 2012 R2 for instructions).
Now you have a local FTP server.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
if you could suggest me on following two points on file based backup for vcsa
1:iam unable to login to cis server and im unsing administrator@vsphere.local
2:if you can tell me about the best way to configure ftp server for storing backup of vcsa in prod environment.
1. If the VCSA credentials don't work for the Connect-CisServer, they probably configured the permissions differently.
Haven't tried that in that lab.
2. It's a straight-forward FTP server.
Configure the permissions on the folders correctly, and that should be about it.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks Luc,
1:i will check on different lab .hope its not at all related to execution policy .
2:thanks for suggestion on ftp server it will be extra configuration if does not exist in environment .
HI Luc ,
for some reasons there is no option to do ftp publishing though webserver and ftp server role is installed .
if you can provide the required powershell code for doing this.
On which Windows Server version are you trying to set up an FTP server?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference