Upgrade vSphere Supervisor

Sadaf

The vSphere Supervisor is the built-in control plane of vSphere that brings Kubernetes and modern application management directly into the hypervisor. It provides a consistent API and desired-state management model, allowing you to run and manage Kubernetes clusters, vSphere Pods, and virtual machines side by side on the same infrastructure.

With Supervisor, vSphere becomes an extensible platform — developers and operators can use vSphere Namespaces to define resource boundaries and enable self-service provisioning of modern infrastructure services in a secure and controlled way.

Keeping Supervisor up to date ensures compatibility with newer ESX and NSX versions as well as the latest API schemas used by Kubernetes clusters and DevOps tools.

Continue reading “Upgrade vSphere Supervisor”

VCF 9.0 to 9.0.1 Upgrade – Part 2

Sadaf

In the first part of the VCF 9.0 upgrade series, I walked through the process of upgrading the VCF Management Components — beginning with the Fleet Management Appliance and continuing through Aria Operations, Automation, Logs, and Network.
In this second part, we’ll shift focus to the core components of VMware Cloud Foundation, which form the backbone of every workload domain: vCenter Server, ESX hosts, NSX Managers, and Edge Clusters.

Since the core components have not yet been upgraded, the versions of the vCenter Server, NSX, and ESX hosts remain at 9.0.0, as shown in the screenshot below.

Continue reading “VCF 9.0 to 9.0.1 Upgrade – Part 2”

VCF 9.0 to 9.0.1 Upgrade – Part 1

Sadaf

Upgrading VMware Cloud Foundation (VCF) is not just about running the upgrade workflow — it’s about preparation. Before moving from version 9.0 to 9.0.1, several validation and readiness steps must be taken to ensure a smooth and error-free process. Before diving into the upgrade process, it’s essential to understand how lifecycle management in VCF is structured and the distinction between management components and core components.

VCF Operations serves as the central tool for managing the lifecycle of both Management and Core Infrastructure Components. It provides unified capabilities for downloading, staging, and applying patches or upgrades — whether you’re operating online or through an offline depot. While both component types can share the same depot, their upgrade scopes differ:

  • Management components (like SDDC Manager, Aria Suite, and NSX Managers) are maintained at the fleet level, allowing consistent operations across multiple VCF instances.
  • Core components (such as ESX hosts, vCenter, and NSX Edge Clusters) are managed per instance, ensuring control within each workload domain.

This separation allows administrators to plan and execute upgrades in a structured, non-disruptive way. However, it also raises an important question:

When performing an upgrade, which should be done first? The management components or the core components?

This article is part of a two-part series. In this first part, I’ll cover the upgrade of the VCF management components, and in the next one, I’ll focus on the core components. In both, we’ll outline what to verify, what to back up, and what dependencies to check before initiating your upgrade.

Continue reading “VCF 9.0 to 9.0.1 Upgrade – Part 1”

VCF 9.0 Bringup Error: Failed to retrieve compatibility matrix

Shahrouz

During the bring-up of VMware Cloud Foundation (VCF) 9.0 with the VCF installer, in the validation phase, you may encounter errors related to retrieving the compatibility matrix for VCF components. This issue occurs when using an online depot on the VCF installer to download the binaries required for VCF bring-up. First, ensure the VCF installer can download the vLCM compatibility data bundle from Broadcom’s VVS endpoint at vvs.broadcom.com. In our case, the VCF Installer can access the required URLs, but we still got the errors! Keep reading if you are in the same situation.

You can use a workaround on the VCF installer to solve this issue and continue the VCF bring-up.

Continue reading “VCF 9.0 Bringup Error: Failed to retrieve compatibility matrix”

Reset VCF 9.0 Installer Admin Password

Sadaf

During the deployment of the VMware Cloud Foundation 9.0 installer, you configure the password for both the root user and the local user. Usually, the wizard asks for specific users like root, admin, or audit, but in this case, it only asks for the “local user” password. When you look closer at the description of the local user password, you would realize that the password will be set for admin@local and vcf users. After installing the VCF Installer, the admin@local account will be used for logging into the web interface, and the vcf account will be used for SSH access to the VCF Installer.

.

In this blog post, I explain how to reset the password of the admin@local user account on the VCF 9.0 Installer.

Continue reading “Reset VCF 9.0 Installer Admin Password”

VCF Operations Fleet Management: What You Need to Know

Sadaf

In my previous blog post, we explored VCF Operations and its key components, a foundational topic for understanding the future of VMware Cloud Foundation (VCF). Now, as we continue preparing for the upcoming VCF release, let’s dive into VCF Operations Fleet Management—a new concept that many are still getting familiar with, as it was introduced only a few months ago!

.

Continue reading “VCF Operations Fleet Management: What You Need to Know”

Introduction to VMware Cloud Foundation (VCF) Operations

Shahrouz

VMware Cloud Foundation Operations is the next generation of Aria Operations and tightly integrated with VMware VCF-based private cloud infrastructure. At its core, VCF Operations is an Ops Management tool, but with the next release of VMware Cloud Foundation, VCF Operations will be the focal point for managing and operating the VMware VCF environment. VCF Operations will integrate single sign-on, certificate, password, and lifecycle management(LCM) capabilities. Simply put, it will be the centralized point for configuring the VCF private cloud and will be mainly used, but not limited to, for VCF day-2 operations. In this blog post, we’ll go through the components and architecture of VCF Operations.

If you have experience working with Aria Operations or Aria Operations, then understanding the components and architecture of VCF Operations won’t be hard for you! But don’t worry if you don’t have experience with vROps or Aria Ops! Keep reading this blog post, and you’ll get a better idea.

Continue reading “Introduction to VMware Cloud Foundation (VCF) Operations”

Configure a Microsoft Certificate Authority in SDDC Manager

Shahrouz

In the previous two blog posts, we installed and configured the Microsoft Certificate Service, prepared a certificate template, and configured a service account to follow the least privilege policy. In this blog post, we will bring everything together by integrating the Microsoft CA with VCF’s SDDC Manager and requesting a certificate from the CA for the VCF components.

Connect to the SDDC Manager UI, log in with a privileged user account, and choose the Certificate Authority option on the left panel. Then click on Edit to open the configuration page.

Continue reading “Configure a Microsoft Certificate Authority in SDDC Manager”

Prepare Certificate Authority for VCF Certificate Replacement

Shahrouz

In the previous blog post, we discussed the installation and initial configuration of Microsoft Certificate Service on a Windows Server and enabled Certificate Web Enrollment on that server. The second step to replacing the default self-signed certificate in VCF is to prepare the Certificate Authority with a new certificate template and assign a service account so that an alternative user can request the certificates instead of the default administrative accounts. With that said, let’s move forward with creating the customized certificate template.

When you request a certificate from a Certificate Authority(CA), the CA lets you choose from its templates store. We must create a template and publish it in the certificate store to create a customized certificate. Open the Certificate Authority snap-in from the CA server’s Administrative Tools to create the customized certificate. If you click Certificate Templates under your CA, you’ll see all the valid certificates in the certificate store.

Continue reading “Prepare Certificate Authority for VCF Certificate Replacement”

Installing and Configuring Active Directory Certificate Services (AD CS)

Shahrouz

One standard method of issuing valid certificates to infrastructure software solutions like VMware Cloud Foundation(VCF) is through an internal Microsoft Certificate Authority(CA). Most organizations that use Active Directory(AD) as a directory service also use AD Certificate Services to issue certificates when replacing the self-signed, auto-generated certificates. Even though this service might be installed and running in your infrastructure, this blog post explains how to install and configure it on a Windows Server machine to integrate with VCF infrastructure. After installing and configuring Certificate Authority, we should create a Certificates Template, integrate VCF with this CA, and finally request certificates and replace them through SDDC Manager,

In this post, we will install AD CS on a Windows Server 2022 joined to an Active Directory domain and configure Web Enrollment to allow users to request and retrieve certificates via a web interface.

Continue reading “Installing and Configuring Active Directory Certificate Services (AD CS)”