Deploy an OVA/OVF fails with certificate error

When trying to deploy an OVA/OVF with the vSphere Web Client the following error is displayed:

The operation failed for an undetermined reason. Typically this problem occurs due to certificates that the browser does not trust. If you are using self-signed or custom certificates, open the URL below in a new browser tab and accept the certificate, then retry the operation.

This error occurs with vSphere 6.5 because the certificates are not trusted. The self-signed certificates are used and are not added to the trusted root certification store.

To deploy a OVF/OVA to the vCenter Server appliance trusted root CA must be added to the certificate store. The following steps will work with Chrome and Internet Explorer:

  • Open the vCenter URL: https://vcenter-FQDN

  • Select the “Download trusted root CA certificates” and save the archive(ZIP) file
  • Extract the archive (ZIP)

  • Start – Run – MMC
  • File – Add Snap-ins – Certificates – Computer Account – Local  computer
  • Open Trusted Root Certification Authories – Certificates
  • Import the two *.crt certificates

  • Close the browser and re-open the browser and navigate to the vCenter Server using the FQDN.
  • Now the URL is marked as secure (green lock) and you’re able to import the OVA/OVF

 

What to know about VMware Cloud on AWS

At VMworld 2017 in Las Vegas VMware Cloud on AWS (VMConAWS) is announced. This partnership between VMware and AWS makes it possible to create a VMware Software Defined Datacenter (SDDC) in Amazon Web Services (AWS). In this blogpost  I highlight some information on “What is the VMware Cloud on AWS”.

  • VMware Cloud on AWS is a cloud service that is fully configured and will be provisioned, operated and maintained directly by VMware. VMware handles all patching and updates. As customer you manage the VMs, not the platform.

  • The following VMware products are included in VMware Cloud on AWS offering (compute, storage and networking):
    • vSphere ESXi on dedicated bare-metal hardware with support for VMs and containers
    • vCenter Server for management
    • vSAN All Flash storage
    • NSX for spanning on-premises and Cloud, advanced networking and security
    • vRealize products are NOT included in this offering but can integrated
  • In order for the on-boarding process to complete successfully there is a strict requirement that every organization be linked to an AWS account. Any services consumed within AWS will be billed through this Amazon account, while SDDC consumption will be billed through VMware.
  • The minimal purchase is cluster of 4 ESXi hosts. The maximum cluster size is 16 hosts.
  • It’s a dedicated platform that is not shared with other customers.
  • You can add additional on-demand hosts and also remove hosts on-demand down to 4 ESXi hosts.
  • Each ESXi host is has:
    • 2 pCPU sockets, 18 cores per socket = 36 cores total  and 72 with hyper-treading
    • 512 GB RAM
    • 14 TB NVMe RAW capacity storage (around 10 TB  of usable storage per host). In a 4 node cluster 21 TB of usable storage is available with FTT=1 (RAID=1) protection
    • The vSAN datastore is configured as a single datastore
    • 10 Gbps+ (ENA)
  • To extend storage you need to add extra ESXi hosts
  • The following VMware features are enabled:
    • vSphere HA,
    • vMotion,
    • DRS
    • Elastic DRS
  • Cluster functions are configured by VMware

  • It’s possible to connect the on-premises VMware datacenter with VMware Cloud on AWS by using for example  a L3 IPsec VPN and enable Hybrid Link Mode (HLM) between the two vCenter servers for single pane of glass hybrid cloud management.
  • In the future a Amazon direct connect is supported (1 Gbps or more)
  • There no need for NSX and vSAN in the on-premises datacenter.
  • Some use cases are:
    • Disaster Recovery (DR) and Backup.
    • Test and Development
    • Extend the on-premises data centers to the cloud with a consistent operational model, retaining your familiar VMware tools, policies and management.
    • New application development and test that access native AWS services
    • Burst capacity
  • On the moment the are two consumption models available:
    • On-demand/hourly consumption model
    • 1 or 3 years reserved model.
    • More on pricing can be found here, link
  • The initial release has support for cold migration. Cross cloud vMotion will be available in a future release
  • VMware Cloud on AWS is based on open API’s.
  • Currently VMware Cloud on AWS is only available in AWS US West (Oregon) region. Other regions will follow in 2018.
  • You can bring your own licenses because it’s a dedicated platform.

More information:

  • VMware Cloud on AWS website, link
  • VMware Cloud on AWS: Live End to End Demo, link
  • VMware on AWS from a Veeam perspective, link
  • VMware Cloud on AWS pricing versus on-premises vSphere, link

What to know about vSphere 6.5 Update 1 before upgrading

vSphere 6.5 Update 1 is the first major update after the GA release of vSphere 6.5. Besides great new improvements such as vSAN 6.6.1 some nasty bugs are fixed. Here’s a short list you want to know before upgrading to vSphere 6.5 Update 1:

  • Upgrade from vSphere 6.0 Update 3 is now a supported upgrade path to vSphere 6.5.
  • Customers who are still on vSphere 5.5 will need to be on at least vSphere 5.5 Update 3b, build 3252642 in order to upgrade to vSphere 6.5 Update 1.
  • Discontinuation of third party vSwitch. Customers using 3rd patry switches such as Cisco Nexus 1000V, Cisco VM-FEX, , HPE 5900v and IBM DVS 5000v will need to migrate off those switches after vSphere 6.5 Update 1. So  vSphere 6.5 Update 1 is the final release that support these 3rd party switches!
  • General Support has been extended. This means that support for vSphere 6.5 will now end November 15, 2021.
  • vCenter Server Foundation will support from 3 host to 4.
  • With the vSphere 6.5 Update 1 you are prepared for the VMware Cloud on AWS (hybrid cloud) solution.
  • The vCenter Server needs to be running 6.5 U1 before upgrading your hosts to 6.5 U1.
  • The vSphere Client (HTML5) supports content library and OVF deployment operations (it’s still grayed out at the moment), as well as operations on roles and permissions, basic customization of the Guest OS, and additions to virtual machine, host, datastore, and network management.
  • A new version of vSAN 6.6.1 is added with new capabilities such as vSphere Update Manager (VUM) support. Manage vSAN software upgrades through integration with vSphere Update Manager.
  • vSAN Performance Diagnostic. This new feature is all about analyzing benchmarks and give recommendations.
  • New vSAN Licensing for ROBO and VDI. The vSAN licensing editions are expanded with an Enterprise model that allows encryption and stretched clusters.
  • Scalability improvements of vCenter Server:
    • Maximum vCenter Servers per vSphere Domain: 15 (increased from 10)
    • Maximum ESXi Hosts per vSphere Domain: 5000 (increased from 4000)
    • Maximum Powered On VMs per vSphere Domain: 50,000 (increased from 30,000)
    • Maximum Registered VMs per vSphere Domain: 70,000 (increased from 50,000)
  • vSphere 6.5 no longer supports the following processors:
    • Intel Xeon 51xx series
    • Intel Xeon 30xx series
    • Intel core 2 duo 6xxx series
    • Intel Xeon 32xx series
    • Intel core 2 quad 6xxx series
    • Intel Xeon 53xx series
    • Intel Xeon 72xx/73xx series

More information:

  • VMware ESXi 6.5 Update 1 Release Notes, link
  • VMware vCenter Server 6.5 Update 1 Release Notes, link