Written by Christopher Lewis on December 12, 2017 .

This is the fourth in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle steps required to update the embedded vRealize Orchestrator certificate following the replacement of the vRealize Automation Appliance certificate. This post is based on the VMware procedure and this is documented within the VMware Documentation Site here. According to the VMware, the reason for completing this additional step is that if you replace or update vRealize Automation certificates without completing this procedure, the vRealize Orchestrator Control Center may become inaccessible, and errors may appear in the vco-server and vco-configurator log files.

Certificates VMware vRealize Automation vRealize Orchestrator

Written by Christopher Lewis on December 11, 2017 .

This is the third in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle replacing the vRealize Automation IaaS Manager Service Certificate. This post is based on the VMware procedure and this is documented here. Prerequisites The following are expected prerequisites for this walkthrough: A fully deployed and working vRealize Automation solution. A set of certificate files: The RSA Private Key used to encrypt the vRA IaaS Manager certificate.

Certificates VMware vRealize Automation vRealize Orchestrator

Written by Christopher Lewis on December 11, 2017 .

This is the second post in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle replacing the vRealize Automation IaaS Web Server Certificate. This post is based on the VMware procedure and this is documented here. Prerequisites The following are expected prerequisites for this walkthrough: A fully deployed and working vRealize Automation solution. A set of certificate files: The RSA Private Key used to encrypt the vRA IaaS Web certificate.

Certificates VMware vRealize Automation vRealize Orchestrator

Written by Christopher Lewis on December 11, 2017 .

In this series of posts we will walk through the process of upgrading all of the vRealize Automation Certificates. We’ll be moving from self-signed certificates that were deployed during the installation, to certificates that have been provided by an Enterprise Certificate Authority (CA). It is worth noting that the same process can be used to replace expiring SSL certificates as well. Amongst other reasons, the purpose of doing this is to update the certificates so that communications between components is secured via a CA and for the following sites within the vRealize Automation deployment to be secured and trusted:

Certificates VMware vRealize Automation vRealize Orchestrator

Written by Christopher Lewis on December 11, 2017 .

This is the first in a series of posts covering the replacement of vRealize Automation SSL Certificates. For the purpose of these posts, I have deployed vRealize Automation 7.3 environment with self signed certificates. This means that when you navigate to https://vra7.fqdn/vcac, the site is not secure nor trusted. Therefore, you will be presented with something like the following in your browser (I mostly use Chrome): We’re looking to achieve the following in the browser URL bar after the certificate has been replaced.

Certificates VMware vRealize Automation vRealize Orchestrator

Written by Christopher Lewis on November 27, 2017 .

Skills and Abilities Objective 4.1 - Configure and Manage Logical Firewall Services Configure Edge and Distributed Firewall rules according to a deployment plan: Create/configure Firewall rule sections for specific departments Create/configure Identity-based firewall (IDFW) for specific users/groups Configure SpoofGuard policies to enhance security Filter firewall rules to narrow a scope Objective Prerequisites The following prerequisites are assumed for this Objective: * A working VMware vSphere 6.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on November 20, 2017 .

Skills and Abilities Objective 6.3 - Configure and Manage Universal Logical Security Objects Configure Universal MAC Sets Configure Universal IP Sets Configure Universal Security Groups Configure Universal Services and Service Groups Configure Universal Firewall Rules Objective Prerequisites The following prerequisites are assumed for this Objective: A working VMware vSphere 6.x environment with 2 vCenter Servers and 2 Platform Services linked in ELM. A working VMware NSX 6.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 27, 2017 .

The VMware vExpert Cloud 2017 announcement has been released, and I am humbled to be recognised for community contributions in the VMware Cloud space. See the full vExpert announcement here.

Cloud vExpert vExpert Cloud

Written by Christopher Lewis on October 17, 2017 .

Just a short one for this post. Read all about my views on VMware Cloud on AWS (VMConAWS) in this new article here. TL:DR Version VMConAWS is an #awesome joint proposition from VMware and AWS but like with most Public Cloud Platforms/Services, it isn’t without its barriers to adoption. However, we have to remember that the service is in initial availability so therefore it is expected that the service may have some limitations and options that are not available right now.

VMConAWS VMware VMware Cloud

Written by Christopher Lewis on October 13, 2017 .

Skills and Abilities Objective 6.2 - Configure and Manage Universal Logical Network Objects Create/configure Universal Logical Switches Create/configure Universal Distributed Logical Routers Configure local egress Objective Prerequisites The following prerequisites are assumed for this Objective: A working VMware vSphere 6.x environment. A working VMware NSX 6.x environment configured for Cross-vCenter NSX Objective Breakdown Create Universal Logical Switches This is essentially the same as the creation of NSX Logical Switches (which is covered in Objective 2.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 12, 2017 .

Skills and Abilities Objective 6.1 - Configure Cross vCenter VMware NSX infrastructure components Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment plan: Assign Primary role to specified NSX Manager Assign Secondary role to specified NSX Manager(s) Deploy/Configure Universal Controller Cluster Configure Universal segment ID pools Create/Manage Universal transport zones Objective Prerequisites The following prerequisites are assumed for this Objective: A working VMware vSphere 6.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 9, 2017 .

The following post is a part of my unofficial study guide for the VMware Specialist: vSAN Digital Badge. The full study guide can be found here. Objective 2.1 - Provide a high-level description of vSAN VMware vSANā„¢ aggregates local or direct-attached data storage devices to create a single storage pool shared across all hosts in the vSAN cluster. vSAN eliminates the need for external shared storage, and simplifies storage configuration and virtual machine provisioning.

vExpertVSAN VMware VSAN vSphere