j a m i e

Updating your VSphere VCenter SSO password.

If I had a penny for everytime this happened to me..

Anyways, resetting it isn’t that bad. Login to vcenter appliance management admin and enable SSH access.

Go ahead and SSH in with the appliance management password and follow these steps;

Enable shell shell.set --enabled true.
Type shell and hit enter.
Next, /usr/lib/vmware-vmdir/bin/vdcadmintool

This will popup an options list, select 3 for reset password.
Input your vcenter username, might be something like ‘[email protected]
It will give you a temporary password, copy and paste that back to vcenter to get logged in, then set a new password.

Back in shell, type 0 to exit the options and exit again to surprise, close out your session.
Go back to vcenter appliance management and disable SSH access, all done.

Updating the FQDN of ESXi vCenter server.

I made the mistake of skipping the FQDN when setting this up thinking I could just set it afterwards, was too lazy to update my dnsmasq entries. On the bright side, updating it isn’t so bad.

Login to vCenter, hop to access and click ‘Edit’ up in the top right hand side.

Login via SSH, type shell to open a new bash screen.

/opt/vmware/share/vami/vami_config_net

Hit 3 for hostname, type in the new value you want and hit enter, then 1 to exit.

This does not require a reboot or anything either, nice!

Ensure your internal DNS reflects the new settings and you're good to go.

ESXi CVE-2018-3646 (55806) and how to mitigate it.

I updated my servers before grabbing a screenshot of the message in ESXi, it’s something like this,

Your host may be susceptible to Intel CPU CVE-2018-3646 (55806) - See https://kb.vmware.com/s/article/55806 for more details. 

The fix I ran with was enabling shell on the hypervisors and

esxcli system settings kernel list -o hyperthreadingMitigation

If it comes back as False, you'll want to do this,

esxcli system settings kernel set -s hyperthreadingMitigation -v TRUE

Disable secure SSH for all hosts, and reboot and you're all done.

GPU passthrough to VMware ESXI 6.5

So 3-4 months ago I bought an Nvidia GT710 to muck about with GPU passthrough on a spare ESXI host but I ran into issues at basically every step. Was working on it again today and managed to get it working so time for another blog post!

Before we do, this is the issue I had the most trouble with

Windows has stopped this device because it has reported problems. (Code 43)


This is with the hypervisor updated, and after manually installing the NVIDIA vib, along with ensuring the memory for the VM is reserved like so.

To reserve the memory, Right click the VM, Edit, then click the arrow to the left of 'memory'.

So how to fix it then?

I had to add a new parameter to the VM;

1. Login to ESXi
2. Right click your VM > Edit Settings > VM Options > Advanced > Edit Configuration
3. Add Parameter;
hypervisor.cpuid.v0 in the key column.
FALSE in the value column.

And lo and behold;

The easy way to update Dell servers.

If you’re reading this post you’ve likely been through the same battles I have;

Use the dell lifecycle controller to just update via FTP.
Use a flash drive inside the lifecycle controller or network shares.
Use Dell repo manager to do it yourself.

Bollocks to all that, none of it ever works properly. The FTP never works at all and anything else is just making stuff too complicated so here’s what you do.

Go here, in fairness to Dell they do give multiple workarounds but it would be nice to just have one port of call. Click on the model you need to update and download the newest update ISO they have – they should all have isos located at dell.box.com.

Download Rufus, and burn the ISO to a new flash drive.

Take down your hypervisor, or whatever you’re running and reboot, hit f11 to check boot options then boot from the new flash drive.

All going well, this will work just fine for you. However, usually this doesn’t go just fine and indeed has never worked for me, apply_bundles.sh is invalid.

If you get that error message hit alt +f2 to open a new shell and lets get started.

lsblk to show all drives, find the one that resembles your flash drive – check the storage sizes. It will likely be sdb1, sdc1 etc

mount /dev/yourdevice /opt/dell/toolkit/systems
cd /opt/dell/toolkit/systems/drm_files
./apply_bundles.sh

You might have to reboot and run it 2-3 times, usually it updates everything for me first time. If the screen goes black - don't do anything - just wait, it just takes a while.

Enjoy.