vCenter Server Appliance Tips and Tricks

I have done multiple installations of the vCenter Virtual Appliance. Every time I run into the same issue and get the same question from customers. So I though to make a post with all my tips and tricks. This post will be updated when I have a new trick. So check back often.

Change default IP setting before running SSO config

When your vCenter starts for the first time. SSH to the temporary IP address and configure the correct IP settings through Yast. How? Read on.

Change the vCenter name localhost to server name

By default your vCenter name is localhost. In order to change this, login in the vSphere Web Client and goto the vCenter Servers view.

  1. Select your vCenter named localhost.
  2. Select the manage tab.
  3. Select General.
  4. Click Edit.
  5. Select Runtime settings.
  6. At the vCenter Server name change localhost to whatever you want.

Disable IPv6

Don’t disable IPv6. Your vCenter server won’t work anymore after a reboot.

Setting the correct IP settings for the appliance

In the vCenter Virtual Appliance web interface you can alter the IP setting for the vCenter appliance. This is not enough.

  1. Login with SSH on your vCenter Appliance server.
  2. Start yast.
  3. Goto Network Devices | Network Settings
  4. Goto Hostname/DNS
  5. Set the correct Hostname and Domain Name
  6. Reboot host

Replace default SSL certificates

This one is easy. Look at this KB article.

Active Directory authentication

With vCenter 5.1 VMware introduced Single Sign On (SSO). This is a service on vCenter where you can configure multiple authentication sources. 2 of them are default.

  • Localos (where the user root comes from)
  • System-domain (here you can create vCenter users)

Most of you would like to configure Active Directory authentication. This can be done in 2 ways.

  1. Active Directory intergration
    Login in on the vCenter Appliance with HTTPS at port 5480 and goto to the tab vCenter Server | Authentication. Place a mark at Active Directory Enabled and provide the Domain name with the corresponding credentials.
  2.  LDAP connection
    Login with the vSphere web client on your vCenter server. On the home page goto Administration | Sing-On and Discovery | Configuration. At the tab Identity Sources click the + sing. Select Active Directory and provide the Identity source settings.

No domain.localusername in vSphere client

If you have a Active Directory Identity Source configured you have to login as follow: domain.localusername. This is no problem if you have multiple domains who contain the same usernames. But if you have only one domain configured this can be annoying. If you configure this Identity Source as Default Domain you don’t have the provide the domain name any more.

Login with the vSphere client on you vCenter server. On the home page goto Administration | Sing-On and Discovery | Configuration. At the tab Identity Sources select your Identity Source and click Add to Default Domain button at the top. Your domain will appear in the lower section of the screen. There you can select the domain and use the arrow key’s to change the search order. The on that is on top is searched first.

NTP time synchronization

Of course you want time synchronization for your vCenter server and what better way to do this with NTP.

  1. Login with SSH on your vCenter Appliance
  2. Start yast and goto Network Services | NTP Configuration
  3. Make sure that the Start NTP Daemon is set to Now and on Boot
  4. Select Add and provide the IP or DNS name of you NTP server.

After you save the configuration NTP is started. You can check the time synchronization with the command: watch “ntpq -p”.

The watch command will execute the ntpq command every 2 second. You can stop this whit Ctrl-C.

Using Firefox on Mac won’t show all the available tabs in the vCenter Virtual Appliance web interface.

This is a bug (still with build Build 880472). Use a older Firefox.

Change SSH host keys after changing the hostname and IP settings

After you changed the hostname and the IP settings of you vCenter server, you have to regenerate the SSH host keys. “Why?” I hear you asking yourself, “everything works?”. Yes everything is working, and it’s secure. But the host keys are generate with the wrong (temporary) values.

  1. Delete the ssh_host_* files in /etc/sshd/
  2. Restart SSHD by entering the command rcsshd restart.

You will see that the host key’s a regenerated.

About Michael
Michael Wilmsen is a experienced VMware Architect with more than 20 years in the IT industry. Main focus is VMware vSphere, Horizon View and Hyper Converged with a deep interest into performance and architecture. Michael is VCDX 210 certified, has been rewarded with the vExpert title from 2011, Nutanix Tech Champion and a Nutanix Platform Professional.

RSS feed for comments on this post.

Leave a Reply

You must be logged in to post a comment.