VCF Upgrade Precheck Error “vSphere SHA-1 validation failed”

Shahrouz

Before upgrading VMware Cloud Foundation (VCF) to a newer release, you should first run an upgrade pre-check to ensure there are no issues that could arise during the upgrade. Recently, I helped one of our customers plan and execute the VCF upgrade from VCF 5.2.2 to 9.0.2, and we completed the Upgrade Precheck to ensure everything was in order! There are some expected errors, such as updating the vSAN HCL and the VCF LCM Manifest file, which are straightforward to resolve.

Besides the usual errors, we also faced “ERROR vSphere SHA-1 validation failed” and without addressing this issue, we shouldn’t continue the upgrade. This issue came up because the SHA-1 hashing algorithm was used to sign vCenter Server SSL certificates. VCF requires stronger algorithms, like SHA-256, for certificate signing.

Continue reading “VCF Upgrade Precheck Error “vSphere SHA-1 validation failed””

Where Did Host Commissioning Go in VCF 9.0?

Sadaf

If you’ve worked with earlier versions of VMware Cloud Foundation, you probably remember that host commissioning was handled directly within SDDC Manager. It was straightforward, centralized, and exactly where you expected it to be. With VCF 9.x, that’s no longer the case.

The Initial Confusion

When approaching host commissioning in VCF 9.0 for the first time, it’s easy to assume the functionality has moved to VCF Operations, since it’s a pane-of-glass management for almost 90% of tasks. But that’s not where it lives.

The New Reality: It’s in vSphere

After a bit of digging, you’ll discover that host commissioning has actually moved into vSphere, specifically within the management domain’s vCenter.


Here’s how to find it:

Continue reading “Where Did Host Commissioning Go in VCF 9.0?”

Upgrade vSphere Supervisor

Sadaf

The vSphere Supervisor is the built-in control plane of vSphere that brings Kubernetes and modern application management directly into the hypervisor. It provides a consistent API and desired-state management model, allowing you to run and manage Kubernetes clusters, vSphere Pods, and virtual machines side by side on the same infrastructure.

With Supervisor, vSphere becomes an extensible platform — developers and operators can use vSphere Namespaces to define resource boundaries and enable self-service provisioning of modern infrastructure services in a secure and controlled way.

Keeping Supervisor up to date ensures compatibility with newer ESX and NSX versions as well as the latest API schemas used by Kubernetes clusters and DevOps tools.

Continue reading “Upgrade vSphere Supervisor”

VCF 9.0 to 9.0.1 Upgrade – Part 2

Sadaf

In the first part of the VCF 9.0 upgrade series, I walked through the process of upgrading the VCF Management Components — beginning with the Fleet Management Appliance and continuing through Aria Operations, Automation, Logs, and Network.
In this second part, we’ll shift focus to the core components of VMware Cloud Foundation, which form the backbone of every workload domain: vCenter Server, ESX hosts, NSX Managers, and Edge Clusters.

Since the core components have not yet been upgraded, the versions of the vCenter Server, NSX, and ESX hosts remain at 9.0.0, as shown in the screenshot below.

Continue reading “VCF 9.0 to 9.0.1 Upgrade – Part 2”

VCF 9.0 to 9.0.1 Upgrade – Part 1

Sadaf

Upgrading VMware Cloud Foundation (VCF) is not just about running the upgrade workflow — it’s about preparation. Before moving from version 9.0 to 9.0.1, several validation and readiness steps must be taken to ensure a smooth and error-free process. Before diving into the upgrade process, it’s essential to understand how lifecycle management in VCF is structured and the distinction between management components and core components.

VCF Operations serves as the central tool for managing the lifecycle of both Management and Core Infrastructure Components. It provides unified capabilities for downloading, staging, and applying patches or upgrades — whether you’re operating online or through an offline depot. While both component types can share the same depot, their upgrade scopes differ:

  • Management components (like SDDC Manager, Aria Suite, and NSX Managers) are maintained at the fleet level, allowing consistent operations across multiple VCF instances.
  • Core components (such as ESX hosts, vCenter, and NSX Edge Clusters) are managed per instance, ensuring control within each workload domain.

This separation allows administrators to plan and execute upgrades in a structured, non-disruptive way. However, it also raises an important question:

When performing an upgrade, which should be done first? The management components or the core components?

This article is part of a two-part series. In this first part, I’ll cover the upgrade of the VCF management components, and in the next one, I’ll focus on the core components. In both, we’ll outline what to verify, what to back up, and what dependencies to check before initiating your upgrade.

Continue reading “VCF 9.0 to 9.0.1 Upgrade – Part 1”

VCF 9.0 Bringup Error: Failed to retrieve compatibility matrix

Shahrouz

During the bring-up of VMware Cloud Foundation (VCF) 9.0 with the VCF installer, in the validation phase, you may encounter errors related to retrieving the compatibility matrix for VCF components. This issue occurs when using an online depot on the VCF installer to download the binaries required for VCF bring-up. First, ensure the VCF installer can download the vLCM compatibility data bundle from Broadcom’s VVS endpoint at vvs.broadcom.com. In our case, the VCF Installer can access the required URLs, but we still got the errors! Keep reading if you are in the same situation.

You can use a workaround on the VCF installer to solve this issue and continue the VCF bring-up.

Continue reading “VCF 9.0 Bringup Error: Failed to retrieve compatibility matrix”

Reset VCF 9 Installer Admin Password

Shahrouz

During the deployment of the VMware Cloud Foundation 9 installer, you configure the password for both the root user and the local user. Usually, the wizard asks for specific users like root, admin, or audit, but in this case, it only asks for the “local user” password. When you look more closely at the description of the local user password, you will realize that the password will be set for the admin@local and vcf users. After installing the VCF Installer, the admin@local account will be used to log in to the web interface, and the vcf account will be used for SSH access to the VCF Installer.

.

In this blog post, I explain how to reset the password of the admin@local user account on the VCF 9.0 Installer.

Continue reading “Reset VCF 9 Installer Admin Password”

VCF Operations Fleet Management: What You Need to Know

Shahrouz

In my previous blog post, we explored VCF Operations and its key components, a foundational topic for understanding the future of VMware Cloud Foundation (VCF). Now, as we continue preparing for the upcoming VCF release, let’s dive into VCF Operations Fleet Management—a new concept that many are still getting familiar with, as it was introduced only a few months ago!

.

Continue reading “VCF Operations Fleet Management: What You Need to Know”

Introduction to VMware Cloud Foundation (VCF) Operations

Shahrouz

VMware Cloud Foundation Operations is the next generation of Aria Operations and tightly integrated with VMware VCF-based private cloud infrastructure. At its core, VCF Operations is an Ops Management tool, but with the next release of VMware Cloud Foundation, VCF Operations will be the focal point for managing and operating the VMware VCF environment. VCF Operations will integrate single sign-on, certificate, password, and lifecycle management(LCM) capabilities. Simply put, it will be the centralized point for configuring the VCF private cloud and will be mainly used, but not limited to, for VCF day-2 operations. In this blog post, we’ll go through the components and architecture of VCF Operations.

If you have experience working with Aria Operations or Aria Operations, then understanding the components and architecture of VCF Operations won’t be hard for you! But don’t worry if you don’t have experience with vROps or Aria Ops! Keep reading this blog post, and you’ll get a better idea.

Continue reading “Introduction to VMware Cloud Foundation (VCF) Operations”

Configure a Microsoft Certificate Authority in SDDC Manager

Shahrouz

In the previous two blog posts, we installed and configured the Microsoft Certificate Service, prepared a certificate template, and configured a service account to follow the least privilege policy. In this blog post, we will bring everything together by integrating the Microsoft CA with VCF’s SDDC Manager and requesting a certificate from the CA for the VCF components.

Connect to the SDDC Manager UI, log in with a privileged user account, and choose the Certificate Authority option on the left panel. Then click on Edit to open the configuration page.

Continue reading “Configure a Microsoft Certificate Authority in SDDC Manager”