I got this question on the VMTN forum this week, does the Native Key Provider require a host to have a TPM? (Trusted Platform Module) The documentation does discuss the use of TPM 2.0 when you enable the Native Key Provider. Let’s be clear, the vCenter Server Native Key Provider does not require a TPM! If a TPM is available on each host then it will be used by the Native Key Provider to store a secret on, which enables us to encrypt and decrypt the ESXi configuration. Again, as stated, it is not a requirement to use a TPM. I have asked to get the documentation appended so that it is officially documented as well, just posting it here so that it indexed by google.
vSphere
Unexplored Territory #010: Terraform and declarative automation with Kyle Ruddy
In episode #010 of the Unexplored Territory Podcast we talk to Kyle Ruddy, Tech Marketing guru at Hashicorp. Kyle explains how Hashicorp got started, what the difference is between imperative and declarative automation, and why Terraform (and other Hashicorp products/services) should be included in every multi-cloud architecture. Listen now via Apple (https://apple.co/34H5OcV), Spotify (https://spoti.fi/3J5MPrl), any other podcast app of your choice, or simply use the embedded player below!
Changing the vSAN Skyline Health Interval
On the VMTN forum Lars asked a great question, how do you change the vSAN Skyline Health interval. This used to be an option in the UI pre vSphere 7.0 but now seems to have disappeared. I never really touched it, so I had completely forgotten it was even an option at first. As vSAN also has an extensive CLI through “RVC”, and I used RVC before to disable a particular health check I figured this may also be a configurable setting, and indeed it is. It is rather straightforward:
SSH to your vCenter Server instance and open RVC. I use the following command to open an RVC session:
rvc administrator@vsphere.local@localhost
I then “cd” into my vSAN cluster object. Simply do an “ls” after you “cd” into a directory. My complete tree looks like this:
/localhost/Datacenter/computers/Cluster
When you are at the cluster level simply check the current configured interval:
vsan.health.health_check_interval_status .
Next you can configure the new internal, default setting is 60 minutes, but you can change it anywhere between 15 minutes and 1 day, I am configuring it to 15 minnutes:
vsan.health.health_check_interval_configure -i 15 .
Unexplored Territory #007: Tanzu/Kubernetes with Cormac Hogan
Episode 007 of the Unexplored Territory podcast is available! In this episode we spoke with Cormac Hogan about the VMware Tanzu portfolio, and Kubernetes in general. Listen to it via Spotify (https://spoti.fi/3GcjaM9), Apple (https://apple.co/3Gc6Efn), or anywhere else you get your podcast!
Unexplored Territory #006: Event-driven automation (VEBA) with William Lam!
In this sixth episode, we talk to William Lam, Senior Staff Architect in the Cloud Infrastructure Business Group at VMware about event-driven automation. William explains what event-driven automation is, how customers are using it today, and why you should also consider trying out the VMware Event Broker Appliance! (https://flings.vmware.com/vmware-event-broker-appliance) Enjoy the episode, and if you haven’t done so yet, make sure to subscribe! You can also listen via your podcast apps of course for Apple: apple.co/3pxet9P Spotify: spoti.fi/3mW19dt Google: bit.ly/3pDoUJ3