VMware Tools 10.3.0 recalled, check you’re vSphere environment!

Yesterday VMware released a Knowledge Base article that VMware Tools version 10.3.0 is recalled because issues with the VMXNET3 network driver for Windows on ESXi 6.5. The issues can cause a Purple Diagnostic Screen (PSOD) or guest network connectivity loss. Because of these issues, VMware Tools 10.3.0 is recalled and no longer available.

Update: September 12, 2018: VMware Tools 10.3.2. is released that fixes the VMXNET3 issue. More information can be found here, link.

Action is required if VMware Tools 10.3.0 is deployed and the following is true:

  • vSphere ESXi 6.5 hosts
  • VM Hardware Version 13
  • Windows 8/Windows Server 2012 or higher guest OSes

If this is the case uninstall VMware Tools 10.3.0 and reinstall VMware Tools 10.2.5 from the VMware Downloads page, link. For other configurations, no immediate action is required.

I created a simple PowerCLI script to identify VMware Tools version 10.3.0 and display the Hardware Version and Operating System. With this script you can do quick check if you’re vSphere 6.5 environment contains VMware Tools 10.3.0 with Hardware Version 13  and Windows 8/Windows 2012 or higher VMs.

The script ‘”identVMwaretools.ps1″ can be found on my GitHub repository, link. The KB can be found here, link.

New enhancements in Runecast Analyzer 2.0

Runecast Analyzer provides proactive management for VMware environments. It discovers potential risks in the VMware environment before they can cause a major outage. In 90% of the outages with VMware environments, the root cause is based on a known issue that is already available in the VMware knowledge base. Runecast Analyzer uses information from the VMware knowledge base, security hardening guides (VMware, DISA STG and PCI-DSS), and best practices to proactively identify problems or outages before they occur.

In my last review of Runecast Analyzer I tested version 1.7 (link) with vSphere and vSAN support. The next version (1.8) included NSX-V support and a couple of weeks ago version 2.0 is of Runecast Analyzer is released. This version includes the following new enhancements.

New User Interface (UI)

Runecast Analyzer 2.0 has a complete redesigned User Interface(UI) that includes new widgets such as:

  • Historical Trending
  • Host with Most Issues

History trending

It includes historical trending for at least 3 months of vSphere, vSAN and NSX-V scan results. By default every day (this can be changed) a scan is performed against one of more vCenter environment(s). The scans contains the description, IP address and why the issues was detected. The trending information is showed in widgets in the UI.

With this functionality you can keep track how compliant you are and what progress you made to solve issues. All the detected issues are summarized in the “Issue History” widget per day or weeks.

Hosts with Most Issues

Another new widget in the UI is the “Hosts with Most Issues”. It shows which ESXi host that has the most issues and deserves the most priority to investigate.

History Analysis

History Analysis is a new functionality that helps with isolating the root cause of the reported incident as quick as possible.

The first section shows a chart with a trend of detected and fixed issues over time. There are interactive dots in the chart trend that shows  issues and details of the scan. The second section shows a table with detailed descriptions of the issues.

Within the history analysis there can be filtered on:

  • Severity (Critical, Major, Medium or Low)
  • Source ( PCIDSS, SH, BP or KB)
  • Applies to (Network, Compute, vCenter, Management or VM)
  • Products (NSX-V or vSphere)

The issue results can be compared with previous scan results and the differences are showed.

This makes the new history analysis very powerful for finding issues in the vSphere environment for example after a maintenance window when performing configuration changes.

vSphere 6.7 with vSphere HTML5 client support

Runecast Analyzer supports vSphere 6.7 and has a HTML5 web-plugin for the vSphere Client and even integrates in the NSX dashboard.

PCI-DSS compliance 

Runecast Analyzer 2.0 includes a new profile with 226 different checks for the Payment Card Industry Data Securiy Standard (PCI-DSS). The profile can be enabled and automatically checks if you are compliant with the PCI-DSS profile (Runecast Analyzer supports PCI DSS 3.2.1).

This helps with becoming PCI-DSS compliant and very helpful for companies in the financial space.

The PCI-DSS results can be easily filtered and exported in different formats (PDF, CSV or clipboard copy). This can be useful when having for example an audit.

Latest VMware Knowledge Base updates

When there are new knowledge definitions available the definition database can be (automated) updated. For example with the Spectre, Meltdown and L1TF vulnerabilities, Runecast Analyzer can quickly identify those vulnerabilities when VMware releases the KB articles.

Appliance Update

In version 2.0 of Runecast Analyzer the internal components of the appliance are updated to the latest versions (such as Ubuntu, 14.04.05 LTS, PostgreSQL 10, Apache Tomcat  9.0.10 and TLS 1.2 is used). The appliance meets the latest security compliance. The appliance and knowledge definitions can be easily updated when a new version is available.

For new users deploying a new appliance (OVF) is a piece of cake. Runecast Analyzer is installed en operational within a couple of minutes. A free Runecast Analyzer trail or demo can be requested by using the following link.

Version 2.0 of Runecast Analyzer adds great new enhancements that helps better to proactively identify problems or outages before they occur and easily check the compliance of the VMware vSphere, vSAN en NSX-V environment.

What’s announced at VMworld 2018

This blog post will be updated with the latest and greatest VMworld 2018 US announcements. At VMworld, VMware is celebrating there 20th anniversary! Congrats for this awesome journey! VMworld 2018 US (Las Vegas) is the biggest (over 21000 attendees) event of the year for VMware. In November there is a VMworld in Barcelona (Europe). But for now we focuses on the announcements made at VMworld 2018 US.

Besides announcements, links to the general and breakout sessions are listed below and some vendor updates.

Day 1, August 27, 2018

  • vSphere Platinum. vSphere Platinum is a new offering that includes VMware vSphere Enterprise plus and VMware AppDefense. VMware AppDefense is a data center endpoint security product that protects applications running in virtualized environments. This bundle comes with a own AppDefense vCenter plugin that is built for the Platinum version. More information can be found here link.

  • vSphere 6.7 Update 1. With this update it is possible to upgrade from vSphere 6.5 U2 to vSphere 6.7 U1. The General Availability is planned later this year! So what are they enhancements:
    • vMotion for NVIDIA Quadro vDWS and Intel FPGA Support. NVIDIA demonstrated this last year at VMworld. In vSphere 6.7 the suspend and resume options were introduced.With vSphere 6.7U1 it is possible to perform maintenance operations on the underlying GPU accelerated VDI or VMs with a vMotion. So no downtime is involved. I have a lot NVIDIA GPU customers who will be very happy with this. More information can be found here, link.
    • Fully Featured HTML5-based vSphere Client. The Sphere Client (HTML5) will include all administrative functions!  No more switching between the vSphere Web Client and vSphere Client. One fast client that does the job. Hooray!
    • vCenter Server Converge Tool. Allows you to migrate from an external Platform Services Controller (PSC) to an embedded PSC architecture.
    • Enhancements for HCI and vSAN. Includes workflow based configuration wizard called “Cluster Quickstart”. With “Cluster Quickstart” it’s possible to create a fully functional vSAN cluster in minutes. Another improvement is that vSphere Update Manager (VUM) can perform I/O controller firmware updates. This version will be called vSAN 6.7U1.
    • Enhanced Content Library. Importing of OVA templates from a HTTPS endpoint and local storage, as well as syncing content from OVA templates to other vCenter Servers.

More information can be found here link.

  • vSAN Private Beta. You can subscribe to the vSAN Private Beta by signing a NDA.  This beta will include Data Protection by using snapshots, file services and persistent storage for containers. Subscribe here link.
  • ESXi  on 64-bit Arm. Bring the power of ESXi  virtualization to 64-bit Arm devices. For example run ESXi on a Raspberry Pi (don’t know if VMware is supporting the PI). Great for IoT devices. ESXi on 64-bit ARM will be available as Tech Preview.

  • vRealize Operations (vROps) 7.0. More information can be found here link.
  • vRealize Automation 7.5. More information can be found here link.
  • VMware vCloud Director 9.5. More information can be found here link.
  • VMware Cloud on AWS (VMWonAWS). Today it’s the 1 year anniversary of the VMware Cloud on AWS  with the following enhancements:
    • New Regional Expansion.  With Australia and New Zealand. Below is an overview of available regions:

  • 50% lower entry-level price. A 3-host SDDC minimum is now possible as starting point (instead of the original 4-host). VMware is currently offering the 3-Host SDDC environment for the cost of a two-host configuration. In addition, for a limited time period, customer could take advantage of a new promotion that offers three hosts at the price of two. For the start, duration and terms and conditions of the promotion. More information about the costs can be found here link.
  • Custom CPU core counts: Customers can now configure their environments with the number of physical cores per host they want to be enable in a cluster. This is useful for applications that are licensed per physical core (for example Oracle).
  • VMware NSX with AWS Direct Connect integration. This integration eliminates the need for using separate VPN tunnels when using applications that needs to be migrate or operate in a hybrid manner.
  • VMware NSX Hybrid Connect.  Migrate VMs live without downtime using vMotion and vSphere replication technology. It’s now possible to perform bulk VM migrations.
  • Real-time log management.

More information can be found here link.

  • Amazon Relational Database Service (RDS) on VMware. Amazon Relational Database Service (RDS) on VMware makes it easy for you to set up, operate, and scale databases in on-premises and hybrid environments, and to migrate them to AWS. Supported database are for example Microsoft SQL Server, Oracle, PostgreSQL and MySQL.Are there coming more awesome AWS services available on-premises? RDS on VMware will be available as Tech Preview.
    • More information can be found here link.
    • For a Tech Preview register here link.
  • Project Magna. This Tech Preview is about the self-driving Data Center using machine learning.  Products that are used in Project Magna are for example: Wavefront, AppDefense and Workspace ONE Intelligence. Project Magna will make managing the data center infrastructure much easier.
  • Project Dimension. Project Dimension will extend VMware Cloud to deliver SDDC infrastructure and hardware as-a-service to on-premises locations. Because this is will be a service, it means that VMware can take care of managing the infrastructure, troubleshooting issues, and performing patching and maintenance. This in turn means customers can focus on differentiating their business building innovative applications rather than spending time on day-to-day infrastructure management.  So Project Dimension delivers VMware Cloud simplicity (such as VMware Cloud on AWS) to the data center and edge with:
    • VMware-Operated End-to-End
    • Hybrid Cloud Control Plane
    • VMware Cloud Foundation in a Hyper-Converged Appliance (DellEMC and Lenovo)

More information can be found here link.

  • Three new cloud services are announced:
    • Cloud Assembly. This is a multi cloud provisioning service. More information can be found here link.
    • Service Broker. Aggregate native content from multiple clouds and platforms into a single catalog with role-based policies. More information can be found here link.
    • Code Stream. Speed software delivery and streamline troubleshooting with release pipelines and analytics. More information can be found here link.
  • Intent to Acquire CloudHealth Technologies to provide Multi-Cloud Operations at Global Scale. More information can be found here link.

Day 2, August 28, 2018

  • Pulse IoT Center 2.0 announced.  Pulse IoT center offers infrastructure management for the device Edge. More information can be found here link.
  • VMware Cloud Foundation (VCF) 3.0. VMware Cloud Foundation brings together the different virtualization technologies – compute, storage, networking and management – to enable customers to build and operate a private or hybrid cloud as a single entity in an automated fashion. More information can be found here link.

  • WorkSpace ONE:
    • WorkSpace ONE Unified Endpoint Management (UEM) enhancements. More information can be found here link.
    • Workspace ONE Intelligent Hub. More information can be found here link.
  • Horizon announcements. The innovations are at the VDI management and cloud delivery level. More information can be found here link.

Streams  and breakout sessions overview

  • VMworld General Session “Technology Superpowers” day 1 replay, link.
  • VMworld General Session “Pioneers of the Possible” day 2 replay, link.
  • VMware VMworld YouTube videos, link.
  • Lamw VMworld 2018 breakout sessions Github, link.
  • vBrownBag Techtalks stream link.
  • VMworld 2018 US (breakout) session videos, link.
  • VMware Code Power sessions, link.
  • theCUBE VMworld 2018 Las Vegas talks, link.

Vendor updates

  • NAKIVO Backup & Replication version 8.  Today version 8 of NAKIVO Backup & Replication is Generally Available (GA). This version includes the Business Continuity and Site Recovery Orchestration Solution.  With v8 can automate and orchestrate the entire site recovery process. Perform scheduled non-disruptive disaster recovery testing, planned failover, emergency failover, failback, and datacenter migration.  More information can be found here link.
  • RuneCast Analyzer 2.0. I will dedicate a blog about version 2.0 soon. More information can be found here link.
  • Veeam Hyper-Availability Platform on Cisco HyperFlex. More information can be found here link.