Tuesday, December 4, 2012

The Summary tab of the ESXi 5.0 host reports the warning: System logging not Configured on host hostname

VMware KB: The Summary tab of the ESXi 5.0 host reports the warning: System logging not Configured on host hostname

  • After upgrading from ESXi 4.x to 5.0, the Summary tab of the host reports the warning:

    System logging not Configured on host <hostname>
Resolution

To resolve this issue, configure the default logging location in the ESXi host.
To configure the default logging location in the ESXi host:
  1. Navigate to Configuration > Software > Advanced Settings > Syslog > Global
  2. Set the type of the Syslog.global.logDir parameter to []/scratch/log. In this case, the logs reside on the local disk.

    Note: If you want to send the logs to a different datastore, set the type of the Syslog.global.logDir parameter to the complete path where you want to store the log files. For example,
    [Datastore1]/logs. The location of the datastore should be unique to each ESXi host. Do not specify the same log directory to multiple hosts, doing so may result in a crash or kernel panic.

vCenter Upgrade 5.0 Error 25004.Setup failed ...

Error 25004. Setup failed to create the vCenter Server repository.

After some initial attempts to search the web and the vmware KB site to try and rectify the problem, I decided to start from scratch. I restored the vCenter Database (SQL 2005) from the SQL backup taken prior to attempting the upgrade and restarted the install. This time around the install completed successfully!

Note: I tried re-running the vCenter upgrade, multiple times after previous failed attempts, without restoring the original SQL database and I kept getting the same error.



The only thing I could think of as to why the initial install failed was the aborted install which did not rollback the database changes, even though it said it did successfully. I also noticed that after the "Successful?" rollback there were no longer any vCenter services running (which should have been running before I attempted the upgrade), they were all gone even after the reboot which lead me to believe that the rollback didn't complete correctly.

The solution that worked for me:

1) Backed out of the current install (Which failed and was supposed to rollback anyway)
  2) Rebooted the system
   3) Restored the vCenter Database (SQL 2005) from the SQL backup taken prior to attempting the  upgrade (Very Important and any good System Administrator should know to backup prior to any upgrade)
    4) Restarted the install.
    5) This time around the setup should complete successfully.

Friday, November 30, 2012

Replacing vCenter server default (self signed) certificate

Replacing VMware vCenter server default (self signed) certificate

 

Note : I personally recommend creating and importing certificates before installing View 5.1 , you can save yourself plenty of heart aches trying to get everything to work after you've installed View and nothing works. If you create and import certs first, then during the install you can choose the signed certificate instead of creating a self signed default one.

What you will need :

1 - A CA Server, in my case I installed the following role on a Windows 2008 R2 AD controller :
  • Certification Authority
  • Certification Authority Web Enrollment


2 – OpenSSL to create certificates, you can download Win32 OpenSSL 1.0.1c or Win64 OpenSSL.

Once everything is ready  :
3 – We generate the private key and the .csr file: (first set the environment variable in a command prompt window, use the following command :  
SET OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg)

4 - Then create the cert request file

# openssl.exe req -newkey rsa:2048 -keyout <hostname>.key -nodes -days 3650 -out <hostname>.csr

Example :

Note: I didn’t set anything for « Challenge password » or for « An optional company name » and be careful to put the fqdn of View Connection Server to the « Common Name »

5 -After editing the file <hostname>.csr and making a « copy » of its contents, connect to the server certificate using IE or Firefox (or what ever you want):


6- Select : « Advanced certificate request »



7 - Select: « Submit a certificate request ….. »


8 - Paste the content of the .csr file  and select « Web Server » as template.



9 - Retrieve the signed certificate and name it <hostname>.crt (Select Base 64 encoded) :


10 - Copy the file to C:\OpenSSL-Win32\bin\
Execute the following command :

openssl.exe pkcs12 -export -in <hostname>.crt -inkey <hostname>.key -name vdm -passout pass:testpassword -out <hostname>.pfx

Example :



11 - Now copy the generated  <hostname>.pfx file onto the View Connection Server, any folder on desktop but remember where the location of the file is, and :
Start mmc:


12 - Add Snap-In « Certification »



13 - Choose « Computer account » then « Local Computer »



14 - Import <hostname>.pfx certificate :




15 - Type password (testpassword)


And then rename the « Friendly Name » of the previous certificate to what you want (vdmold in my case)


Now restart the « VMwareVDMDS » (Restarting this services will restart all View Services).
Now do the same thing for all View Connection Server, View Security Server, Composer (for this one there is no « Friendly Name »).