VmWare vSphere Administration Lab: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
 
Line 16: Line 16:


=Instructions=
=Instructions=
# Boot your ESXi Server systems (the two hv systems)
# VMs are located on the https://ihcc-netlab.campus.ihitc.net Netlab system, be sure you are connected to the ITCnet VPN before attempting to access this system
#* NOTE: You will need to make a reservation for the Proxmox Labs in this class before you are able to access the VMs. Changes will be saved between your reservations so you will be able to make multiple reservations over several days as needed to complete labs.
#* NOTE: If you need to split your work up across multiple reservations be sure to safely shutdown your Proxmox VMs before ending your Netlab reservation. Otherwise when your reservation ends Netlab will simply power off your VMs (without shutting them down first) which could cause data corruption.
#* NOTE: If you make a mistake and need to have one or both of your HV VMs erased so you can re-install Proxmox you will need to contact your instructor or the ITC lab assistant to have them reset.
# Boot your ESXi Server systems (the two HV systems)
# Boot your VCSA VM Appliance using the ESXi web interface on the ESXi system hosting VCSA.
# Boot your VCSA VM Appliance using the ESXi web interface on the ESXi system hosting VCSA.
# Use the VCSA web interface to create a new VM which is running on an ESXi server OTHER than the one running VCSA (so more RAM is available) to install Windows Server 2019. You will need a VM with 2GB RAM and a 50GB hard drive minimum.
# Use the VCSA web interface to create a new VM which is running on an ESXi server OTHER than the one running VCSA (so more RAM is available) to install Windows Server 2019. You will need a VM with 2GB RAM and a 50GB hard drive minimum.
# Complete the installation of Windows Server 2019 into the new VM.
# Complete the installation of Windows Server 2019 into the new VM.
#* '''NOTE:''' Click the link that you do not have a key and install the standard version of Server 2016, this will give you a trial license.
#* '''NOTE:''' Click the link that you do not have a key and install the standard version of Server 2019, this will give you a trial license.
#* '''NOTE:''' You will need to upload the ISOs to the datastore on the ESXi system which you are creating the VM on before you can install the systems. This uploading can be done through VCSA from your remote pod PC.
#* '''NOTE:''' You will need to upload the ISOs to the datastore on the ESXi system which you are creating the VM on before you can install the systems. This uploading can be done through VCSA from PC-C.
#* The Windows Server 2019 installation ISO files can be found on the Windows SMB share "\\san1.campus.ihitc.net\Student Files\ITC2300" which you can access from your remote desktop VM. Use your VPN login credentials but with @campus.ihitc.net on the end like username@campus.ihitc.net to access the files.
#* The Windows Server 2019 installation ISO files can be found on the Windows SMB fileshare "\\172.17.139.70\Student Files\ITC2300" which you can access from PC-C. Use your VPN login credentials but with @campus.ihitc.net on the end like username@campus.ihitc.net to access the files.
# Add the Active Directory Domain Services role to the server. Use "podX-ad.local" (where X is your pod number) as the root domain name and "podX-ad" as the NetBIOS domain name.
# Add the Active Directory Domain Services role to the server. Use "podX-ad.local" (where X is your pod letter) as the root domain name and "podX-ad" as the NetBIOS domain name.
# While the Active Directory role is installed and the domain controller promotion script is running (these will take some time to complete) continue through this lab.
# While the Active Directory role is installed and the domain controller promotion script is running (these will take some time to complete) continue through this lab.
# It's sometimes the case that you may have a malfunctioning web interface and need to start some critical VMs such as VCSA and some Active Directory servers only through the host command line interface. We'll simulate this setup by checking the status and powering on one of your previously installed Linux or Windows VMs through this host console.
# It's sometimes the case that you may have a malfunctioning web interface and need to start some critical VMs such as VCSA and some Active Directory servers only through the host command line interface. We'll simulate this setup by checking the status and powering on one of your previously installed Linux or Windows VMs through this host console.
Line 44: Line 48:
#* NOTE: You will need to know the Base DN for the users and groups in your Active Directory. A Base DN is a path to the location in Active Directory where something is stored (in this case user accounts and groups). You may need to do some research online and make some inferences to figure out what your Base DNs are.
#* NOTE: You will need to know the Base DN for the users and groups in your Active Directory. A Base DN is a path to the location in Active Directory where something is stored (in this case user accounts and groups). You may need to do some research online and make some inferences to figure out what your Base DNs are.
# You are going to want to setup Active Directory as an LDAP server so that you don't need to join your VCSA system to your domain. [https://www.virten.net/2017/01/how-to-add-ad-authentication-in-vcenter-6-5/ Instructions for setting that up can be found here].
# You are going to want to setup Active Directory as an LDAP server so that you don't need to join your VCSA system to your domain. [https://www.virten.net/2017/01/how-to-add-ad-authentication-in-vcenter-6-5/ Instructions for setting that up can be found here].
#* NOTE: If you instead want to try joining your VCSA system to the domain and using Integrated Windows Authentiction see https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-880E-2B63ACC962F3.html how to join the vCenter Server Appliance to an Active Directory Domain].
#* NOTE: If you instead want to try joining your VCSA system to the domain and using Integrated Windows Authentication see https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vcsa.doc/GUID-08EA2F92-78A7-4EFF-880E-2B63ACC962F3.html how to join the vCenter Server Appliance to an Active Directory Domain].
# Create a new user account in AD and then try adding it as an administrator in vCenter Server.
# Create a new user account in AD and then try adding it as an administrator in vCenter Server.
# Try logging in with the new account to your vCenter Server web interface.
# Try logging in with the new account to your vCenter Server web interface.
Line 51: Line 55:
# Safely shutdown all ESXi hosts
# Safely shutdown all ESXi hosts
# Disconnect from the VPN
# Disconnect from the VPN
# End your Netlab Reservation

Latest revision as of 22:38, 15 September 2021

IP Addressing

You will be assigning static IPs to your systems in this lab. Please use these settings:

  • Subnet Mask: 255.255.255.0
  • Default Gateway: 192.168.1.1
  • DNS Server 192.168.1.1
System IP
HV-A 192.168.1.20
HV-B 192.168.1.21
VCSA 192.168.1.22

Instructions

  1. VMs are located on the https://ihcc-netlab.campus.ihitc.net Netlab system, be sure you are connected to the ITCnet VPN before attempting to access this system
    • NOTE: You will need to make a reservation for the Proxmox Labs in this class before you are able to access the VMs. Changes will be saved between your reservations so you will be able to make multiple reservations over several days as needed to complete labs.
    • NOTE: If you need to split your work up across multiple reservations be sure to safely shutdown your Proxmox VMs before ending your Netlab reservation. Otherwise when your reservation ends Netlab will simply power off your VMs (without shutting them down first) which could cause data corruption.
    • NOTE: If you make a mistake and need to have one or both of your HV VMs erased so you can re-install Proxmox you will need to contact your instructor or the ITC lab assistant to have them reset.
  2. Boot your ESXi Server systems (the two HV systems)
  3. Boot your VCSA VM Appliance using the ESXi web interface on the ESXi system hosting VCSA.
  4. Use the VCSA web interface to create a new VM which is running on an ESXi server OTHER than the one running VCSA (so more RAM is available) to install Windows Server 2019. You will need a VM with 2GB RAM and a 50GB hard drive minimum.
  5. Complete the installation of Windows Server 2019 into the new VM.
    • NOTE: Click the link that you do not have a key and install the standard version of Server 2019, this will give you a trial license.
    • NOTE: You will need to upload the ISOs to the datastore on the ESXi system which you are creating the VM on before you can install the systems. This uploading can be done through VCSA from PC-C.
    • The Windows Server 2019 installation ISO files can be found on the Windows SMB fileshare "\\172.17.139.70\Student Files\ITC2300" which you can access from PC-C. Use your VPN login credentials but with @campus.ihitc.net on the end like username@campus.ihitc.net to access the files.
  6. Add the Active Directory Domain Services role to the server. Use "podX-ad.local" (where X is your pod letter) as the root domain name and "podX-ad" as the NetBIOS domain name.
  7. While the Active Directory role is installed and the domain controller promotion script is running (these will take some time to complete) continue through this lab.
  8. It's sometimes the case that you may have a malfunctioning web interface and need to start some critical VMs such as VCSA and some Active Directory servers only through the host command line interface. We'll simulate this setup by checking the status and powering on one of your previously installed Linux or Windows VMs through this host console.
  9. Use the host command line console on your ESXi machines to get a list of the VMs registered at each host.
  10. Use the host command line console on your ESXi machines to check the power status of one of your previously installed Linux or Windows VMs (they should be off)
  11. Verify the VMs are off in the vCenter Server web client
  12. Use the host command line console on your ESXi machines to power on one of your previously installed Linux or Windows VMs.
  13. Verify the VM is powering on through both the host command line console on your ESXi machine as well as through the vCenter web interface.
  14. Another useful virtual machine task is to set certain VMs to automatically power on when the ESXi server powers on. Read the VMware documentation on the topic.
  15. Set the VCSA VM to automatically power on with the ESXi host.
  16. One benefit of the vCenter Server system is that you can migrate VMs from one ESXi host to another. First let's try this with a powered off virtual machine.
  17. Choose one of the powered off VMs on one of your hosts in the VCSA Web Client. On the summary tab check to see which host the VM currently resides on.
  18. Right click on it and choose migrate to open the migration wizard. You want to move both the compute (CPU/RAM) and storage (disk images) to a new host so make that selection.
  19. Select a different ESXi server and a datastore attached to that server and begin the migration.
  20. Once the migration is complete check that the VM shows it is on a different host and verify that it still powers up and works.
  21. An even more powerful tool is to be able to migrate VMs while they are running, VMware calls this feature vMotion. Take the same VM and try the migration process again (back to the original host) while the machine is powered on.
  22. This may take quite a bit longer to complete so let's go back to our Windows Server setup while the vMotion magic is happening.
  23. It would be nice to have a single sign on for VMware vCenter Server users which is backed by our Active Directory domain so let's see if we can get that running.
  24. Follow the VMware instructions for adding a vCenter Server Single Sign-On identity source. You may also need to read the Active Directory Identity Source Settings.
    • NOTE: You will need to know the Base DN for the users and groups in your Active Directory. A Base DN is a path to the location in Active Directory where something is stored (in this case user accounts and groups). You may need to do some research online and make some inferences to figure out what your Base DNs are.
  25. You are going to want to setup Active Directory as an LDAP server so that you don't need to join your VCSA system to your domain. Instructions for setting that up can be found here.
  26. Create a new user account in AD and then try adding it as an administrator in vCenter Server.
  27. Try logging in with the new account to your vCenter Server web interface.
  28. Safely shutdown all running VMs except VCSA
  29. Safely shutdown the VCSA appliance
  30. Safely shutdown all ESXi hosts
  31. Disconnect from the VPN
  32. End your Netlab Reservation