CloudArena

Issue details:-   Password remediation tasks on SDDC manager getting failed with below error. However, we are able to connect SSH with root password on the vROPS appliances, no issues with credentials. I checked Operations logs on SDDC manager and found below logs, indicating the SSH connectivity issues from SDDC to vROPS appliances. Tried to do SSH vROPS appliance from SDDC manager, getting below error... Seems some issue with ECDSA key.. Resolution:- SSH to vROPS appliance and retrieve the ECDSA ssh keys as below. Now, we have 2 options to update the correct SSH keys for vROPS appliance on SDDC manager known_Hosts files located at below location.   /root/.ssh/known_hosts   /etc/vmware/vcf/commonsvcs/known_hosts   /home/vcf/.ssh/known_hosts   /opt/vmware/vcf/commonsvcs/defaults/hosts/known_hosts First option is manually copy and paste the SSH key on all the known_hosts files and restart the SDDC manager services and then try to remediate the password again. it will be successful this

 Hello, As you all know that VMware NSX has native Load Balancing capabilities which provides Basic Load balancing to the virtualized environment.  But now VMware is planning to depreciate the native load balancing features and asking the VMware NSX customers to move to AVI Load Balancer product which will give advanced level of load balancing features which are supported by other third party LB vendors like F5, Cisco ACE etc... VMware NSX Advanced Load Balancer (Avi) is an API (Application Programming Interface) first, self-service Multi-Cloud Application Services Platform that ensures consistent application delivery, bringing software load balancers, web application firewall (WAF), and container Ingress for applications across data centers and clouds.    VMware’s Avi is a modern, software-defined elastic application delivery fabric. It is composed of a central control plane and a distributed data plane. VMware Avi Controller provides a centralized policy engine which delivers f

  Hello There, In this article, i am covering how to migrate the ESXi host switch from N-VDS to VDS 7.0 switch in NSX-T 3.2.x version. When using N-VDS as the host switch,  NSX-T  is represented as an opaque network in  vCenter Server . N-VDS owns one or more of the physical interfaces (pNICs) on the transport node, and port configuration is performed from  NSX-T Data Center . You can migrate your host switch to  vSphere  Distributed Switch (VDS) 7.0 for optimal pNIC usage and manage the networking for  NSX-T  hosts from  vCenter Server . When running  NSX-T  on a VDS switch, a segment is represented as an  NSX-T  Distributed Virtual Port Groups. Any changes to the segments on the  NSX-T  network are synchronized in  vCenter Server. We have an NSX-T environment running with NSX-T 3.2.2.1 version. this environment was designed and implemented with NSX-T 2.x version and that time we used the N-VDS as host switch configuration on the transport nodes bcuz VDS was not supported that time. 

  Hello There, Recently , we faced an issue in our NSX-T envrironment running with 3.2.x version. We saw below error message while running the pre-check for NSX upgrade to 4.x version.  " Edge node 31c2a0ba-e10a-48eb-940d-85f1e48c811f vmId is not found on NSX manager " So to fix this vmId issue for Edge Nodes, we need to edit the DeploymentUnitInstance and EdgeNodeExternalConfig in NSX Corfu DB tables. Steps to be done: 1) Login to NSX Manager UI . Start a backup by going to the NSX Manager UI System > Lifecycle Management > Backup and Restore and click on the START BACKUP button. 2) Log into any of NSX Manager node's CLI using the admin and switch to root account and stop the corfu service using the following command:    /etc/init.d/corfu-server stop 3) Stop the proton service    /etc/init.d/proton stop 4) Start the corfu service    /etc/init.d/corfu-server start 5) Execute the following DB commands to make the changes in  DeploymentUnitInstance an

VMware VDT- VCF Diagnostic Tool Overview VDT (developed and built by VMware Support) is a utility designed to run a series of comprehensive checks live on a target appliance. In its current state, VDT supports the vCenter Server and SDDC Manager appliances. The VCF Diagnostic Tool (VDT) is a diagnostic tool that is run directly on the SDDC Manager or vCenter server. It runs through a series of checks on the system configuration and reports user-friendly PASS/WARN/FAIL results for known configuration issues. It also provides information (INFO) messages from certain areas which we hope will make detecting inconsistencies easier. The goal of these tests is to provide live diagnostic information to the user about their environment which might otherwise be missed.   This tool is completely read-only for the entire environment. hence, it will not make any changes to the environment and no risks to use it. Another important thing about this tool that, it is completely offline and does not re

CVE-2023-48795 describes a vulnerability in OpenSSH v9.5 and earlier. This vulnerability, also known as the "Terrapin attack", could allow an attacker to downgrade the security of an SSH connection by manipulating information transferred during the the connection's initial handshake/negotiation sequence.  The attacker must have already gained access to the local network, and must be able to both intercept communications and assume the identity of both the recipient and the sender.   The CVSS 3.x rating of "Medium" reflects the difficulty in successfully exploiting this vulnerability. CVE-2023-48795 has since been resolved in OpenSSH v9.6. It's mitigation requires both client and server implementations to be upgraded to this fixed or later version. Additionally, this vulnerability can also be addressed by disabling use of the "ChaCha20-Poly1305" cipher in affected OpenSSH implementations.  This vulnerbility affects all systems having the openssh ins