VMware Cloud Foundation

VMware Validated Solutions – May 2023 Update

Welcome to the May 2023 update for VMware Validated Solutions. Highlights for this update include:

Cloud-Based Network Visibility for VMware Cloud Foundation

The Cloud-Based Network Visibility for VMware Cloud Foundation validated solution provides cloud-based intelligent network analytics and reporting for VMware Cloud Foundation infrastructure components using VMware Aria Operations for Networks (SaaS).

Added Support for VMware Cloud Foundation 4.5.1

Delighted to announce support for VMware Cloud Foundation 4.5.1.

Intelligent Logging and Analytics for VMware Cloud Foundation

Detailed Design

Updates to the following design decisions:

Design Decisions on Password Policies

  • ILA-VRLI-SEC-005 – Configure the password expiration policy for the vRealize Log Insight appliance. (NEW)
  • ILA-VRLI-SEC-006 – Configure the password complexity policy for the vRealize Log Insight appliance. (NEW)
  • ILA-VRLI-SEC-007 – Configure the account lockout policy for the vRealize Log Insight appliance. (NEW)

Implementation

Added the following procedure:

* Implementation of Intelligent Logging and Analytics for an Additional VMware Cloud Foundation Instance

Operational Guidance

Added the following procedures:

  • Configure the Local User Password Expiration Policy for Intelligent Logging and Analytics for VMware Cloud Foundation
  • Configure the Local User Password Complexity Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation
  • Configure the Local User Account Lockout Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation
  • Schedule Password Rotation for Intelligent Logging and Analytics for VMware Cloud Foundation
  • Rotate an Account Password Using SDDC Manager for Intelligent Logging and Analytics for VMware Cloud Foundation
  • Update an Account Password Using SDDC Manager for Intelligent Logging and Analytics for VMware Cloud Foundation
  • Password Remediation for the Intelligent Logging and Analytics for VMware Cloud Foundation

Health Reporting and Monitoring for VMware Cloud Foundation

Implementation

  • Added support for pip installation under Install and Configure the Python Module for VMware Cloud Foundation Health Monitoring in vRealize Operations.
  • Removes the use of the SDDC Manager appliance root account with an update to the PowerShell Module for VMware Cloud Foundation Reporting version.

Cloud-Based Intelligent Operations for VMware Cloud Foundation

Implementation

Added the following procedure:

  • Activate the VMware Cloud Foundation Integration for Cloud-Based Intelligent Operations for VMware Cloud Foundation
  • Implementation of Cloud-Based Intelligent Operations for an Additional VMware Cloud Foundation Instance

Operational Guidance

Added the following procedure:

  • Verify the Status of the VMware Aria Operations Service for Cloud-Based Intelligent Operations for VMware Cloud Foundation

Updates for re-branding from VMware vRealize to VMware Aria

Applied branding updates for the following solutions:

General Availability of VMware.CloudFoundation.CertificateManager v1.0.0

Excited to announce the release of a brand new open-source PowerShell module that has been written to support the ability to manage ESXi host certificates across your VMware Cloud Foundation instance. Check it out [VMware.CloudFoundation.CertificateManagement v1.0.0](https://www.powershellgallery.com/packages/VMware.CloudFoundation.CertificateManagement/1.0.0).

General Availability of VMware.CloudFoundation.Reporting v2.1.0

A PowerShell module that has been written to support the ability to provide insight to the operational state of VMware Cloud Foundation using PowerShell cmdlets. These cmdlets provide quick access to information from the PowerShell console as well as the ability to publish pre-defined HTML reports.

  • Updates Publish-NsxtTier0BgpStatus to correctly format the HTML output if the NSX Tier-0 is not configured for BGP.
  • Added Publish-HardwareCompatibilityHealth to return the hardware compatibility health from the SoS Health Summary JSON data.
  • Updated Invoke-VcfHealthReport to include the hardware compatibility health using the Publish-HardwareCompatibilityHealth cmdlet.
  • Added component size checks for vCenter Server instances and NSX Local Manager clusters to the overview report.
  • Added Publish-PingConnectivityHealth to return the ping connectivity health from the SoS Health Summary JSON data.
  • Updated Publish-ComponentConnectivityHealth to include the ping connectivity health using the Publish-PingConnectivityHealth cmdlet.
  • Updated Request-VcenterAuthentication to support isolated workload domains.
  • Updated Request-DatastoreStorageCapacity to support isolated workload domains.
  • Updated the NSX product name and terms.
  • Added documentation for functions in the GitHub project.

General Availability of VMware.CloudFoundation.PasswordManagement v1.1.0

A PowerShell module that has been written to support the ability to report and configure the password policy settings across your VMware Cloud Foundation instance.

  • Fixed the placement for the use of Disconnect-SSOserver.
  • Fixed drift option error for Request-VcenterAccountLockout.
  • Exported Get-PasswordPolicyConfig.
  • Fixed drift option error for Publish-VcenterLocalAccountLockout.
  • Fixed drift option error for Publish-VcenterLocalPasswordExpiration.
  • Fixed drift option error for Publish-VcenterLocalPasswordComplexity.
  • Handled empty email string values and “0” value for WSADirectory feilds coming from JSON file Test-PasswordPolicyConfig.
  • Corrected Description in Start-PasswordPolicyConfig.
  • Updated Update-SDDCManagerPasswordComplexity to handle all structural changes of the common-password file on SDDC Manager.
  • Updated Update-VcenterAccountLockout to handle isolated VI Workload Domains.
  • Updated Request-VcenterPasswordComplexity to handle isolated VI Workload Domains.
  • Updated Request-VcenterAccountLockout to handle isolated VI Workload Domains.
  • Updated Update-VcenterPasswordComplexity to handle isolated VI Workload Domains.
  • Updated Update-SsoPasswordComplexity to handle isolated VI Workload Domains.
  • Updated Update-SsoAccountLockout to handle isolated VI Workload Domains.
  • Updated Update-SsoPasswordExpiration to handle isolated VI Workload Domains.
  • Updated Request-SsoAccountLockout to handle isolated VI Workload Domains.
  • Updated Request-SsoPasswordComplexity to handle isolated VI Workload Domains.
  • Updated Request-SsoPasswordExpiration to handle isolated VI Workload Domains.
  • Added documentation for functions in the GitHub project.

General Availability of PowerValidatedSolutions v2.3.0

Release of PowerValidatedSolutions v2.3.0, to not only accelerate the implementation of Validated Solutions, but ensure consistency and robustness. Here is a list of what is changed in this release:

  • Breaking Change – Updated Add-vCenterGlobalPermission cmdlet to require the -sddcDomain parameter to support isolated workload domains.
  • Breaking Change – Updated Undo-vCenterGlobalPermission cmdlet to require the -sddcDomain parameter to support isolated workload domains.
  • Fixed New-vROPSDeployment license check in vRealize Suite Lifecycle Manager locker.
  • Fixed New-vRADeployment license check in vRealize Suite Lifecycle Manager locker.
  • Enhanced Export-vRLIJsonSpec with a new switch to define a custom version of vRealize Log Insight to deploy.
  • Enhanced New-vRLIDeployment with a new switch to define a custom version of vRealize Log Insight to deploy.
  • Enhanced Export-vROPSJsonSpec with a new switch to define a custom version of vRealize Operations to deploy.
  • Enhanced New-vROPSDeployment with a new switch to define a custom version of vRealize Operations to deploy.
  • Enhanced Export-vRAJsonSpec with a new switch to define a custom version of vRealize Automation to deploy.
  • Enhanced New-vRADeployment with a new switch to define a custom version of vRealize Automation to deploy.
  • Enhanced Export-WSAJsonSpec with a new switch to define a custom version of Workspace ONE Access to deploy.
  • Enhanced New-WSADeployment with a new switch to define a custom version of Workspace ONE Access to deploy.
  • Added operations-for-networks-vsphere-integration.role file for Aria Operations for Networks to vSphere Integration.
  • Updated cbo-vsphere-integration.role to operations-vsphere-integration.role so that its more closely aligned to the product.
  • Updated cbl-vsphere-integration.role to operations-for-logs-vsphere-integration.role so that its more closely aligned to the product.
  • Updated Export-WsaJsonSpec to support VMware Cloud Foundation v4.5.1 and Workspace ONE Access
  • Updated Export-vRLIJsonSpec to support VMware Cloud Foundation v4.5.1.
  • Updated Export-vROPSJsonSpec to support VMware Cloud Foundation v4.5.1.
  • Updated Export-vRAJsonSpec to support VMware Cloud Foundation v4.5.1.

General Availability of Python Module for VMware Cloud Foundation Health Monitoring in vRealize Operations v1.1.0


This Python module supports the Health Reporting and Monitoring for VMware Cloud Foundation validated solution which enables the user to monitor the operational state of your VMware Cloud Foundation environment through custom dashboards, alerts, and notifications. These custom dashboards are intended to serve as an extension to native vRealize Operations (on-premises) dashboards and dashboards that are enabled via the respective management packs.

  • Updated the module to require a minimum of VMware.CloudFoundation.Reporting v2.0.1.
  • Removed SDDC Manager root password from module.
  • Updated the project structure to host the module on PyPI.
  • Updated the date on the Backups and Snapshot dashboard.
  • Updated the views for backup and snapshots.

Gary Blake

Senior Staff Solutions Architect. Focused on Solution Engineering for VMware Cloud Foundation and technical lead for VMware Validated Solutions within the VCF Division at VMware by Broadcom. Follow Gary on…

Related Articles