EDU-EN-VSAA8-LAB-IE

VMware vSphere:
Advanced Administration [v8]

Lab Manual
VMware® Education Services

VMware, Inc.
www.vmware.com/education
VMware vSphere: Advanced Administration [v8]
Lab Manual
Part Number EDU-EN-VSAA8-LAB (22-DEC-2023)
Copyright © 2023 VMware, Inc. All rights reserved. This manual and its accompanying
materials are protected by U.S. and international copyright and intellectual property laws.
VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of
VMware, Inc. in the United States and/or other jurisdictions. All other marks and names
mentioned herein may be trademarks of their respective companies. Enhanced vMotion
Compatibility, Project Photon OS , vCenter Linked Mode, VMware ESXi , VMware Go ,
VMware Horizon® View , VMware Host Client , VMware Photon , VMware PowerCLI ,
VMware Tools , VMware vCenter Server®, VMware vCenter® Server Appliance , VMware
Verify , VMware View®, VMware vSAN , VMware vSphere®, VMware vSphere® Client ,
VMware vSphere® Distributed Resource Scheduler , VMware vSphere® ESXi Shell,
VMware vSphere® High Availability, VMware vSphere® Lifecycle Manager , VMware
vSphere® Native Key Provider , VMware vSphere® Standard Edition , VMware vSphere®
VMFS, and VMware vSphere® vMotion® are registered trademarks or trademarks of
VMware, Inc. in the United States and/or other jurisdictions. All other marks and names
mentioned herein may be trademarks of their respective companies.
and warranties, including any implied warranty of merchantability, fitness for a particular
purpose or noninfringement, are disclaimed, even if VMware, Inc., has been advised of the
possibility of such claims. This material is designed to be used for reference purposes in
conjunction with a training course.
The training material is not a standalone training tool. Use of the training material for self-
study without class attendance is not recommended. These materials and the computer
programs to which it relates are the property of, and embody trade secrets and confidential
information proprietary to, VMware, Inc., and may not be reproduced, copied, disclosed,
transferred, adapted, or modified without the express written approval of VMware, Inc.
Typographical Conventions
The following typographical conventions are used in this course.
Conventions Usage and Examples
Monospace Identifies command names, command options, parameters, code

fragments, error messages, filenames, folder names, directory names,
and path names:
• Run the esxtop command.
• ... found in the /var/log/messages file.
Monospace Identifies user inputs:

Bold
• Enter ipconfig /release.
Boldface Identifies user interface controls:
• Click the Configuration tab.
Italic Identifies book titles:
• vSphere Virtual Machine Administration
<> Indicates placeholder variables:
• <ESXi_host_name>
• ... the Settings/<Your_Name>.txt file
Contents
Lab 1 Accessing the Lab Environment ................................................................................... 1

Task 1: Access the Lab Environment ......................................................................................................................... 2
Lab 2 Configuring a Management Cluster ............................................................................ 3
Task 1: Configure a Cluster for Management Workloads................................................................................... 4
Lab 3 Configuring Standard Virtual Switch Networks ..................................................... 5
Task 1: Configure Standard Virtual Switches........................................................................................................... 6
Lab 4 Configuring vSphere Datastores ................................................................................ 8
Task 1: Configure Access to iSCSI Storage............................................................................................................. 9
Task 2: Create VMFS Datastores ............................................................................................................................. 10
Task 3: Configure an NFS Datastore ....................................................................................................................... 10
Lab 5 Configuring ESXi Host Settings .................................................................................. 11
Task 1: Configure ESXi Host Settings ...................................................................................................................... 12
Lab 6 Using vSphere Configuration Profiles ..................................................................... 13
Task 1: Use vSphere Configuration Profiles to Configure an ESXi Host..................................................... 14
Lab 7 Configuring a Production Cluster .............................................................................. 16
Task 1: Configure a Cluster for Production Workloads ......................................................................................17
Lab 8 Configuring Advanced vSphere HA Settings....................................................... 19
Task 1: Enable VM Monitoring .................................................................................................................................... 20
Task 2: Add a Second Isolation Address .............................................................................................................. 20
Lab 9 (Simulation) Configuring the Identity Provider ..................................................... 21
Task 1: Lab Simulation ................................................................................................................................................... 22
Lab 10 Configuring Enhanced vMotion Compatibility ................................................... 23
iii
Task 1: Enable Enhanced vMotion Compatibility on a Cluster ....................................................................... 24
Task 2: Configure Per-VM Enhanced vMotion Compatibility ......................................................................... 24
Lab 11 Migrating Virtual Machines ......................................................................................... 25
Task 1: Test Connectivity ............................................................................................................................................ 26
Task 2: Migrate Virtual Machines .............................................................................................................................. 26
Lab 12 Working with Content Libraries.............................................................................. 27
Task 1: Create a Subscribed Content Library ...................................................................................................... 28
Task 2: Create a Subscription for VM Templates .............................................................................................. 29
Task 3: Clone a VM to the Local Library ............................................................................................................... 30
Task 4: Deploy a VM from the Subscribed Content Library ........................................................................... 31
Task 5: Update a VM Template in the Content Library ................................................................................... 32
Lab 13 Configuring DRS Resource Pools and Rules ...................................................... 33
Task 1: Create Two Resource Pools ....................................................................................................................... 34
Task 2: Configure DRS Virtual Machine Distribution.......................................................................................... 35
Task 3: Configure Scalable Shares ........................................................................................................................... 36
Lab 14 Generating Log Bundles ............................................................................................ 37
Task 1: Use the vSphere Client to Generate a vCenter Log Bundle ........................................................... 38
Task 2: Generate an ESXi Host Log Bundle from the Command Line ....................................................... 39
Lab 15 Troubleshooting a Host That Is Not Responding .............................................40
Task 1: Identify the Solution to the Host Problem .............................................................................................. 41
Lab 16 Troubleshooting a Storage Problem..................................................................... 42
Task 1: Determine the Solution to the Storage Problem ................................................................................. 43
Lab 17 Modifying the vSphere HA Configuration ........................................................... 44
Task 1: Update the Configuration Settings for vSphere HA .......................................................................... 45
Lab 18 Troubleshooting Virtual Machine Resource Issues........................................... 46
Task 1: Change the Resource Settings in the Sales Resource Pool ............................................................ 47
Lab 19 Troubleshooting PowerCLI Scripts ....................................................................... 48
Task 1: Identify and Resolve Issues with the vm-report.ps1 Script .............................................................. 49
Task 2: Identify and Resolve Issues with the vm-powercycle.ps1 Script .................................................. 50
Lab 20 Generating a vCenter Profile ................................................................................... 51
Task 1: Generate a vCenter Profile .......................................................................................................................... 52
Lab 21 Creating a vCenter File-Based Backup ................................................................ 53
iv
Task 1: Create a Backup Schedule ........................................................................................................................... 54
Task 2: Perform a Manual File-Based Backup ..................................................................................................... 55
Lab 22 Troubleshooting vCenter Resource Issues ........................................................ 56
Task 1: Investigate and Resolve a Problem with Space Consumption ........................................................57
Lab 23 Configuring vCenter Settings ................................................................................. 58
Task 1: Set a Message of the Day ............................................................................................................................ 59
Task 2: Configure Statistic Collection and Logging Levels............................................................................. 60
Task 3: Configure a Syslog Server ........................................................................................................................... 61
Lab 24 Configuring a VMware Tools Repository ........................................................... 62
Task 1: Configure the Product Locker on the ESXi Hosts .............................................................................. 63
Lab 25 Troubleshooting a VM Power-On Issue .............................................................. 64
Task 1: Troubleshoot the VM and Power It On ................................................................................................... 65
Lab 26 Updating vSphere Components in Site-A .......................................................... 66
Task 1: Use a Custom Repository to Update vCenter in Site-A ................................................................... 67
Task 2: Use vSphere Lifecycle Manager to Update ESXi Hosts .................................................................. 68
Task 3: Update VM Hardware ................................................................................................................................... 69
Lab 27 Configuring a Default Key Provider...................................................................... 70
Task 1: Configure the Native Key Provider ............................................................................................................71
Task 2: Encrypt a Virtual Machine Using the Default Key Provider..............................................................72
Lab 28 Working with Encrypted Virtual Machines ........................................................ 73
Task 1: Clone an Encrypted Virtual Machine ......................................................................................................... 74
Task 2: Migrate an Encrypted Virtual Machine .....................................................................................................75
Lab 29 Modifying the ESXi Host CPU Scheduler ........................................................... 76
Task 1: Modify the CPU Scheduler to Meet Security Requirements ............................................................77
Lab 30 Implementing Security Hardening......................................................................... 78
Task 1: Configure Host Settings to Implement Security Hardening ............................................................. 79
Lab 31 Updating a vCenter Certificate ............................................................................... 80
Task 1: Replace a Machine SSL Certificate with a Pre-Generated CA Certificate.................................. 81
Task 2: Generate a Certificate Signing Request ................................................................................................. 82
Lab 32 Reconfiguring the Primary Network Identifier .................................................. 83
Task 1: Reconfigure the Primary Network Identifier.......................................................................................... 84
v
Lab 1 Accessing the Lab Environment
Objective and Tasks

Connect to the lab environment and access the vSphere Client from the student desktop:
1. Access the Lab Environment
Lab Scenario:
The labs in this course are based on a scenario about a fictitious coffee company called
VMBeans.
At VMBeans, the vSphere environment consists of a management cluster and a production

cluster in a location called Site-A. These clusters are managed by vCenter sa-vcsa-01.
VMBeans is expanding its vSphere infrastructure and creates a second site, Site-B, to host the
new infrastructure. vCenter sb-vcsa-01 is installed and configured in Enhanced Linked Mode and
works at the new site like the existing vCenter instance (sa-vcsa-01) at Site-A.
The vSphere administration team installs ESXi hosts with vSphere 8.0 U1 and configures the
management network. As a vSphere administrator for VMBeans, you are assigned to complete
the required tasks for deploying and configuring the new vSphere infrastructure in Site-B.
You must also investigate and resolve configuration issues in Site-A.
Your goals throughout the labs in this course are as follows:
• Deploy and configure a new vSphere infrastructure
• Migrate workloads from Site-A to Site-B
• Manage the existing infrastructure, resolving problems that occur
• Meet the requirements of VMBeans

• Follow VMware best practices
1
Task 1: Access the Lab Environment
You access the vCenter instances and ESXi host.
1. To connect to the vCenter instances, select the bookmarks sa-vcsa-01 and sb-vcsa-01 in
the Firefox browser and enter the credentials to log in.
• User name: administrator@vsphere.local
• Password: VMware1!
2. Connect to sa-esxi-01 by using the bookmarks in the Firefox browser.
• User name: root
NOTE
When you log in to vCenter, you observe that several alarms are triggered, and the ESXi
host appears in a Not responding state. You must investigate and resolve these issues
in later labs.
3. Verify that you can access the other ESXi hosts by using the bookmarks in the Firefox
browser and entering the credentials provided.
4. Verify that the vCenter instances and ESXi hosts are licensed correctly.
If any license has expired, obtain new licenses from

https://vmware.bravais.com/s/SrIP0iQ3KXpyWg8pWmBy.
2
Lab 2 Configuring a Management
Cluster
Objective and Tasks

Create and configure a management cluster for Site-B:
1. Configure a Cluster for Management Workloads
Lab Scenario:
You must distribute management workloads across both sites at VMBeans and ensure maximum
uptime for the virtual machines. You create a management cluster in Site-B to achieve the
following goals:
• Automate distribution of VMs across all the hosts in the management cluster for best
performance and utilization
• Protect VMs against host, network, and storage failures
• Configure default admission control for vSphere availability
3
Task 1: Configure a Cluster for Management Workloads
You create a management cluster and configure it with vSphere HA and vSphere DRS to meet
resource and availability requirements.
For information about configuring vSphere HA and DRS on a cluster, see the following references
in the vSphere product documentation. Use this information, as necessary, to perform the lab
steps:
• Creating a vSphere HA Cluster in vSphere Resource Management at

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-availability/GUID-E90B8A4A-
BAE1-4094-8D92-8C5570FE5D8C.html
• Creating a DRS Cluster in vSphere Availability at https://docs.vmware.com/en/VMware-

vSphere/8.0/vsphere-resource-management/GUID-8ACF3502-5314-469F-8CC9-
4A9BD5925BC2.html
1. For vCenter sb-vcsa-01 in Site-B, create a data center called SB-Datacenter.
2. Create a cluster called SB-Management-01 in SB-Datacenter.
3. Add the hosts sb-esxi-01.vclass.local and sb-esxi-02.vclass.local to the SB-Management-01

cluster.
4. Configure the cluster to meet the VMBeans resource and availability requirements as
outlined in the lab scenario goals.
a. Configure vSphere DRS automation.
b. Configure vSphere HA.
5. Ensure that sb-esxi-01.vclass.local and sb-esxi-02.vclass.local remain in maintenance mode

until the configuration is complete.
6. When configuration is complete, take the ESXi hosts out of maintenance mode.
4
Lab 3 Configuring Standard Virtual
Switch Networks
Objective and Tasks

Configure standard virtual switches on the ESXi hosts in the management cluster:
1. Configure Standard Virtual Switches
Lab Scenario:
You configure the networking of the ESXi hosts in Site-B to meet VMBeans requirements and
VMware best practices for isolating network traffic. You must create separate standard virtual
switches for each type of traffic on the network (vMotion, VMs, management, and storage). The
network configurations are as follows:
• The ESXi host uses a standard virtual switch for management traffic.
• The ESXi hosts require a Production-VMs network for VM traffic.
• The vMotion traffic is configured on a separate virtual switch.
• The ESXi host requires two VMkernel port groups for iSCSI traffic.
5
Task 1: Configure Standard Virtual Switches
You configure standard virtual switches on sb-esxi-01.vclass.local.
See the section on how to set up networking with vSphere standard switches in vSphere
Networking at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-networking/GUID-
E198C88A-F82C-4FF3-96C9-E3DF0056AD0C.html. Use this information, if necessary, to help
you complete this task.
NOTE
In this lab, you configure only sb-esxi-01.vclass.local. In a later lab, you configure sb-esxi-
02.vclass.local.
Network Configuration for sb-esxi-01.vclass.local
Standard Switch Traffic IPv4 address 1 IPv4 address 2 Uplinks
vSwitch0 Management 172.20.110.51/24 vmnic0,

vmnic3
vSwitch1 vMotion 172.20.12.151/24 vmnic1
vSwitch2 iSCSI 172.20.115.51/24 172.20.115.61/24 vmnic4,

vmnic5
vSwitch3 Virtual Machine vmnic6
1. Update the configuration for the management network.
The management network has a default gateway of 172.20.110.2. The DNS is at

172.20.110.10.
a. Confirm the management network is configured to provide redundancy with an active-

standby configuration.
b. Deactivate failback on the management network.
2. Configure a vMotion network.
vSwitch1 vMotion 172.20.12.151/24 vmnic1
6
a. Use the details in the table to create the vMotion network.
b. Configure the VMkernel to use the vMotion TCP/IP stack.
c. Test connectivity.
To get to the command line for sb-esxi-01.vclass.local, use the Remmina app in the Linux
taskbar. The Remmina app lets you open an SSH connection.
3. Configure an iSCSI network that allows two paths to the iSCSI target.
vSwitch2 iSCSI 172.20.115.51/24 172.20.115.61/24 vmnic4, vmnic5
a. Create two VMkernel port groups for vSwitch2.
b. Assign the IPv4 address and uplink as per the table.
4. For VM traffic, create a standard virtual switch with a virtual machine port group called
Production-VMs.
vSwitch3 Virtual Machine vmnic6
7
Lab 4 Configuring vSphere Datastores
Objective and Tasks

Configure vSphere datastores for Site-B:
1. Configure Access to iSCSI Storage
2. Create VMFS Datastores
3. Configure an NFS Datastore
Lab Scenario:
At VMBeans, the new ESXi hosts in Site-B must be able to access the existing iSCSI and NFS
storage at Site-A. How do you configure datastores to achieve this goal?
8
Task 1: Configure Access to iSCSI Storage
You configure the sb-esxi-01.vclass.local ESXi host to mount existing shared datastores so that
the iSCSI storage can host the VMs in Site-B.
See the section on configuring iSCSI and iSER adapters and storage with ESXi in vSphere
Storage at https://docs.vmware.com/en/VMware-vSphere/index.html. Use this information, if
necessary, to help you complete this task.
NOTE
You configure sb-esxi-01.vclass.local in this lab. You configure the sb-esxi-02.vclass.local ESXi
host in a later lab.
1. Configure the iSCSI software adapter on sb-esxi-01.vclass.local.
2. Configure the iSCSI target: 172.20.115.15.
3. Use the configured ESXi networks as the transport layer for the iSCSI SAN.
You use the standard virtual switch that you configured in an earlier lab.
4. Verify that LUNs 0 to 2 and 4 to 8 appear in the Devices list.
5. Ensure that the shared datastore Shared-iSCSI-01, located on LUN 5, is available.
9
Task 2: Create VMFS Datastores
You create a VMFS datastore on an iSCSI-based storage device to be used as a repository for
virtual machines.
When a new 12 GB LUN (8) is presented, you must claim the LUN and create a VMFS volume
that consumes 50% of the space.
See the chapter on working with datastores in a vSphere storage environment in vSphere
1. Create a VMFS6 datastore using LUN 8.
The datastore must follow VMBeans naming conventions.
Task 3: Configure an NFS Datastore

You mount an NFS share on the NFS server to the sb-esxi-01.vclass.local ESXi host. You
configure the NFS share because the new ESXi hosts require access to corporate ISOs and
media.
See the chapter on working with datastores in a vSphere storage environment in vSphere
1. Configure an NFS v3 datastore called NFS-01 on sb-esxi-01.vclass.local.
2. Mount /mnt/NFS-Pool from 172.20.10.15.
10
Lab 5 Configuring ESXi Host Settings
Objective and Tasks

Configure ESXi host settings to align with security and management requirements:
1. Configure ESXi Host Settings
Lab Scenario:
To simplify management and monitoring in the VMBeans environment, all logs are stored in a
central location. You must configure sb-esxi-01.vclass.local to send logs to the 172.20.10.171
Syslog server. You must also configure the host so that all logs have the correct time stamps.
The domain controller dc.vclass.local with a network address of 172.20.110.10 is used as the time
source.
Active Directory (AD) administrators log in to hosts using VMware Host Client. You must
configure the ESXi hosts to talk to AD so that AD administrators can access the hosts. The
domain is vclass.local, the user name is administrator@vclass.local, and VMware1! is the password.
At VMBeans, the security requirements state that the Authorized Access Only message
must display in the ESXi direct console user interface (DCUI), and an idle timeout of 300 seconds
must be set for the DCUI. To meet these requirements, you must limit SSH access to the ESXi
hosts by ensuring that SSH is available only when required and by setting a timer so that sessions
are not left open and insecure.
11
Task 1: Configure ESXi Host Settings
Using the vSphere Client, you configure the sb-esxi-01.vclass.local ESXi host.
For more information about host settings for security, see the section on securing ESXi hosts in
vSphere Security at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-
security/GUID-A706C6C6-DF07-455B-99B9-5B8F8580F1EB.html.
1. Configure the Syslog service and time synchronization on sb-esxi-01.vclass.local.
2. Configure access for AD users on sb-esxi-01.vclass.local.
3. Configure SSH access on sb-esxi-01.vclass.local.
4. Configure a timeout of 300 seconds for idle ESXi shell sessions.
5. Configure the DCUI security message and idle time-out on sb-esxi-01.vclass.local.
12
Lab 6 Using vSphere Configuration
Profiles
Objective and Tasks

Use vSphere Configuration Profiles to configure an ESXi host and verify that the host is
compliant:
1. Configure a Cluster to Use vSphere Configuration Profiles
2. Create a Draft Configuration and Include the Standard Virtual Switch Configurations
3. Modify the Draft to Include the VMkernel Port Group Configurations
4. Modify the Draft to Include the Storage Configuration
5. Modify the Draft to Include Other Configuration Settings
6. Run a Precheck on the Draft Configuration and Apply Changes to the Cluster
Lab Scenario:
Active Directory (AD) administrators log in to hosts using VMware Host Client. You must
configure the ESXi hosts to talk to AD so that AD administrators can access the hosts. The
domain is vclass.local, the user name is administrator@vclass.local, and VMware1! is the password.
With consistent host configurations, VM workloads can move seamlessly between hosts. At
VMBeans, you use vSphere configuration profiles to create consistent configurations that meet
company requirements. Using vSphere configuration profiles, you can apply the settings of one
host to other hosts.
You implement vSphere configuration profiles to configure the sb-esxi-02.vclass.local ESXi host.
Doing so saves you time by automating the configuration process.
13
Task 1: Use vSphere Configuration Profiles to Configure an ESXi Host
You use vSphere configuration profiles to define the reference host sb-esxi-01.vclass.local. The
reference host settings are used to configure sb-esxi-02.vclass.local.
For more information about vSphere Configuration Profiles, see the section on using vSphere
configuration profiles to manage host configuration at a cluster level in Managing Host and
Cluster Lifecycle at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-lifecycle-
manager/GUID-F54C875A-E9EE-44E9-81BB-2E157B1C462A.html. Use this reference, as
necessary, to perform the lab steps.
1. Configure the SB-Management-01 cluster to use vSphere configuration profiles.
Use sb-esxi-01.vclass.local as the reference host. The configuration settings of sb-esxi-

01.vclass.local define the desired configuration of the cluster.
2. Create a draft of the desired configuration and make host-specific changes for sb-esxi-
02.vclass.local
a. Create a draft configuration using the current settings.
b. Modify the draft to include the standard virtual switch configurations to sb-esxi-
02.vclass.local.
c. Modify the draft to include the VMkernel port group configurations to sb-esxi-
02.vclass.local.
d. Because the vMotion VMkernel port uses the vMotion TCP/IP stack, modify the draft to
include the TCP/IP stack configuration to sb-esxi-02.vclass.local.
e. Configure vmk0, vmk1, vmk2, and vmk3 with the correct IP address and subnet mask
settings for sb-esxi-02.vclass.local.
vmknic Name IP Address Subnet Mask
vmk0 172.20.110.52 255.255.255.0
vmk1 172.20.12.152 255.255.255.0
vmk2 172.20.115.52 255.255.255.0
vmk3 172.20.115.62 255.255.255.0
f. Modify the draft to include the vMotion TCP/IP stack in the configuration for sb-esxi-
02.vclass.local.
g. Modify the draft to include the iSCSI software adapter configuration for sb-esxi-
02.vclass.local.
14
h. Modify the draft to include the NFS configuration for sb-esxi-02.vclass.local.
i. Modify the draft to include the NTP configuration, the syslog service configuration, and
the advanced options configuration.
3. Run a precheck on the draft configuration.
4. Apply the draft configuration to sb-esxi-02.vclass.local.
In this step, the remediation process takes place.
5. Verify that sb-esxi-02.vclass.local is configured properly.
15
Lab 7 Configuring a Production
Cluster
Objective and Tasks

Create a production cluster for Site-B that meets availability and mobility requirements, achieves
the best performance, and most efficiently uses resources:
1. Configure a Cluster for Production Workloads
Lab Scenario:
VMBeans wants to distribute its production workloads across both Site-A and Site-B. You decide
to use the Cluster Quickstart feature to create and configure a production cluster in Site-B. The
new hosts contain SSD local devices, which you want to use in production:
• How do you ensure that VMs are automatically distributed across all the hosts in the cluster
to achieve the best performance and use of resources?
• How can you protect VMs against host, network, and storage failures?
16
Task 1: Configure a Cluster for Production Workloads
You configure a production cluster in Site-B that meets availability and mobility requirements.
For information about configuring a cluster, see the following references in the vSphere product
documentation:
• Creating a vSphere HA Cluster in vSphere Availability at

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-availability/GUID-E90B8A4A-
BAE1-4094-8D92-8C5570FE5D8C.html
• Creating a DRS Cluster in vSphere Resource Management at

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-resource-management/GUID-
8ACF3502-5314-469F-8CC9-4A9BD5925BC2.html
• Using Quickstart to Configure and Expand a vSAN Cluster in vSAN Planning and
Deployment at https://docs.vmware.com/en/VMware-vSphere/8.0/vsan-planning/GUID-
CF9767B6-B3F5-4787-9AF3-D661987AE525.html
1. Create a cluster called SB-Production-01 in the Site-B vCenter instance (sb-vcsa-

01.vclass.local).
• Enable vSphere DRS and vSAN on the cluster. Do not configure a vSAN Express
Storage Architecture (ESA) cluster. You configure a vSAN Original Storage Architecture
(OSA) cluster.
• Manage all hosts in the cluster with a single image. Do not choose the image now. You
choose the image in a later lab.
2. Using Cluster Quickstart, add hosts to the SB-Production-01 cluster.
You add the following hosts:
• sb-esxi-04.vclass.local
3. Using Cluster Quickstart, create a vSphere distributed switch called SB-DVS-01 and assign
vmnic1, vmnic2, and vmnic6 to the uplink port group.
17
4. Configure the ESXi hosts for vSphere vMotion traffic and vSAN traffic.
In all cases, you leave the Default Gateway blank.
Host vSphere vMotion IP Address vSAN IP Address
sb-esxi-04 172.20.12.154/24 172.20.13.54/24
sb-esxi-05 172.20.12.155/24 172.20.13.55/24
sb-esxi-06 172.20.12.156/24 172.20.13.56/24
5. Leave the default settings for the Claim disks page.
6. Verify that the hosts are taken out of maintenance mode.
NOTE
One or more vSAN warnings appear on the cluster. The warnings come from the virtualized
lab environment and can be ignored.
7. Verify that the Production-VM port group is automatically migrated and has the correct
VLAN settings.
8. Activate vSphere HA on the cluster and ensure it meets the availability requirements.
18
Lab 8 Configuring Advanced vSphere
HA Settings
Objective and Tasks

Configure vSphere HA settings to help prevent outages and improve the resiliency of the
production cluster:
1. Enable VM Monitoring
2. Add a Second Isolation Address
Lab Scenario:
In its production environment, VMBeans wants to avoid problems that lock or shut down
operating systems unexpectedly. VMBeans also wants to avoid intermittent network outages.
You decide to configure advanced high availability settings to help improve the resiliency of the
production cluster. The advanced vSphere HA features are deactivated by default.
19
Task 1: Enable VM Monitoring
You enable VM monitoring on the SB-Production-01 cluster.
With VM monitoring, VMs are restarted when they stop sending VMware Tools heartbeats
because this event indicates either a crashed or hung OS.
For information about VM monitoring, see the following references in vSphere Availability:
• VM and Application Monitoring in vSphere Availability at

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-availability/GUID-62B80D7A-
C764-40CB-AE59-752DA6AD78E7.html
• Activate VM Monitoring https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-

availability/GUID-4F623D19-814B-4799-B01D-A52CD8C692DB.html
1. Enable VM Monitoring.
2. Set the heartbeat monitoring to VM Monitoring Only.
3. Use the Preset option and set the VM monitoring sensitivity to Low.
Task 2: Add a Second Isolation Address

You configure a second vSphere HA isolation address to provide further redundancy.
See vSphere HA Advanced Options in vSphere Availability at

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-availability/GUID-E0161CB5-
BD3F-425F-A7E0-BF83B005FECA.html.
1. Using the VMware Photon OS server with the IP address 172.20.10.20 (Photon-01),
configure another isolation address for the SB-Production-01 cluster and set the isolation
delay to 60 seconds.
20
Lab 9 (Simulation) Configuring the
Identity Provider
Objectives and Tasks

Configure Active Directory Federation Services as the identity provider:
1. Configure vCenter Identity Provider Federation
2. Log In to vCenter Using an Active Directory Account
Lab Scenario:
VMBeans decides to use federated authentication to increase its system security. With this type
of configuration, you do not provide credentials to vCenter directly. Instead, the credentials are
provided to the external identity provider. After configuring Active Directory Federation Services
(AD FS), you must assign permissions for team members who have Active Directory (AD)
accounts.
21
Task 1: Lab Simulation
You configure the AD FS identity source and add permissions to vCenter for a user from the AD
FS identity source. You then log in to vCenter as the user authenticated from AD FS.
1. In your local desktop, open a web browser.
2. Go to https://core-vmware.bravais.com/s/dfx0wDotmsZvWT6R9aiK to open the

simulation.
3. Perform the simulation.
a. Click Start Simulation.
An overview of the task appears in the right pane.
b. Perform each step located at the bottom of the screen.
4. After you complete the simulation, close the simulation browser tab.
22
Lab 10 Configuring Enhanced vMotion
Compatibility
Objective and Tasks

Configure a VM to improve its mobility:
1. Enable Enhanced vMotion Compatibility on a Cluster
2. Configure Per-VM Enhanced vMotion Compatibility
Lab Scenario:
As a VMBeans administrator, you want to future-proof Site-B so that when you add hardware to
the SB-Management-01 cluster, administrators can perform live migrations of VMs between all
the hosts in the cluster.
In this lab, you must migrate the Photon-06 and Photon-07 VMs off-premises. The VMs are on
the SA-Management-01 cluster. Before you migrate the VMs, you configure the VMs to improve
mobility.
23
Task 1: Enable Enhanced vMotion Compatibility on a Cluster
You enable the highest compatible mode of Enhanced vMotion Compatibility on a cluster.
For more information, see the section on enabling Enhanced vMotion Compatibility on an existing
cluster in vCenter Server and Host Management at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-E3F5BAFE-EB14-408D-999A-
590D4337D59C.html.
1. Enable Enhanced vMotion Compatibility on the SB-Management-01 cluster.
2. Select the highest baseline that is compatible with all hosts.
Task 2: Configure Per-VM Enhanced vMotion Compatibility

You configure per-VM Enhanced vMotion Compatibility on the Photon-06 and Photon-07 VMs.
For information about activating, deactivating, and changing the Enhanced vMotion Compatibility
mode, see the section on configuring the Enhanced vMotion Compatibility mode of a virtual
machine in vSphere Virtual Machine Administration at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-A1C095EF-1B0F-4C10-9190-
CFDD07193B2B.html.
1. Enable per-VM Enhanced vMotion Compatibility on the Photon-06 and Photon-07 VMs.
2. Select the most suitable CPU mode for compatibility with the hosts.
24
Lab 11 Migrating Virtual Machines
Objective and Tasks

Migrate VMs from Site-A to Site-B:
1. Test Connectivity
2. Migrate Virtual Machines
Lab Scenario:
VMBeans wants to distribute the VM load more evenly across each of the vCenter instances. To
achieve this goal, you are asked to move some VMs from Site-A to Site-B. As you migrate the
VMs, you want to avoid VM downtime.
25
Task 1: Test Connectivity
Before performing a long-distance VM migration between vCenter instances, you test the
connectivity of the vMotion network and the management default gateway.
For information about testing network connectivity, see VMware knowledge base article
1003728 at https://kb.vmware.com/s/article/1003728. Use this information, as necessary, to
help you complete the task.
1. Test the connectivity of the vMotion network and the management default gateway from
the hosts in SA-Management-01 to the hosts in SB-Management-01.
Task 2: Migrate Virtual Machines

You migrate VMs from Site-A to Site-B to distribute the VM load more evenly across each of the
vCenter instances.
For information that can help in completing this task, see the section on migrating virtual machines
between vCenter systems in vCenter Server and Host Management at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vcenter-esxi-management/GUID-
59C7D7FF-D17E-45BC-9145-06B2993880A2.html.
1. Migrate the Photon-06 and Photon-07 VMs from vCenter sa-vcsa-01 to sb-esxi-01 in
vCenter sb-vcsa-01 and place them under SB-Datacenter.
2. Verify that the VM is stored on the Shared-iSCSI-01 datastore.
26
Lab 12 Working with Content Libraries
Objective and Tasks

Use content libraries to decrease administrative overhead:
1. Create a Subscribed Content Library
2. Create a Subscription for VM Templates
3. Clone a VM to the Local Library
4. Deploy a VM from the Subscribed Content Library
5. Update a VM Template in the Content Library
Lab Scenario:
VMBeans wants to make extensive use of VM templates in the environment. However, it does
not want the overhead of managing separate VM templates for multiple sites because this
situation can lead to differences in VM templates and deployed VMs between the sites.
To help resolve this problem, you use content libraries to share a single VM template between
both vCenter instances. Sharing VM templates and files results in consistency and efficiency
across the two systems.
27
Task 1: Create a Subscribed Content Library
You create a subscribed content library in vCenter sb-vcsa-01 to consume the contents of a
published content library in vCenter sa-vcsa-01.
To help you with this task, see the section on creating a library in vSphere Virtual Machine
Administration at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-2A0F1C13-7336-45CE-B211-
610D39A6E1F4.html.
1. On sb-vcsa-01, create a subscribed content library from SA-ContentLibrary-01.
a. Use SB-ContentLibrary-01 as the name for the new library.
b. Enter the password VMware1! to enable authentication.
c. Configure the library so that content is downloaded only when needed.
d. Select Shared-iSCSI-01 to store the library contents.
2. View the contents of the subscribed content library.
28
Task 2: Create a Subscription for VM Templates
You create a subscription for the VMs in SB-ContentLibrary-01 so that they can be accessed and
used in sb-vcsa-01.vclass.local.
To help you with this task, see the section on creating a subscription for a local library in vSphere
Virtual Machine Administration at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-1EBD511B-775B-4B94-9BB1-
70125F73E6E3.html.
1. Create a subscription for VM Templates in the content library SA-ContentLibrary-01 so that

the VM templates synchronize to the subscribed library SB-ContentLibrary-01.
2. Set the target location to SB-Datacenter.
3. Set SB-Management-01 as the compute resource.
4. Set Production-VMs as the network.
29
Task 3: Clone a VM to the Local Library
You clone an existing VM to the Site-A content library.
For information that can help you with this task, see the section on cloning a VM or a VM
template to a template in a content library in vSphere Virtual Machine Administration at
https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-AC1545F0-F8BA-4CD2-96EB-
21B3DFAA1DC1.html.
1. Clone Photon-02 as a VM Template to SA-ContentLibrary-01.
a. Use Photon-02-Library as the name for the VM Template.
b. Set sa-esxi-04.vclass.local as the compute resource.
c. Set Shared-ISCSI-01 as the storage.
2. View the VM template list in the Site-A library.
30
Task 4: Deploy a VM from the Subscribed Content Library
You deploy a new VM from a template that is managed by SB-ContentLibrary-01.
To help you with this task, see the following references in vSphere Virtual Machine
Administration:
• Publish a Single Template to a Subscription in vSphere Virtual Machine Administration at

vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-B0242684-2501-44E3-8790-
19655F7B81EB.html
• Deploy a Virtual Machine from a Template at https://docs.vmware.com/en/VMware-

vSphere/8.0/vsphere-vm-administration/GUID-8F7F6533-C7DB-4800-A8D2-
DF7016016A80.html
1. Publish the Photon-02-Library VM template from SA-ContentLibrary-01 to SB-

ContentLibrary-01.
2. Verify that SB-ContentLibrary-01 includes the Photon-02-Library VM template.
3. Deploy a VM called Photon-E-01 from the Photon-02-Library template in SB-ContentLibrary-

01 to the vsanDatastore on sb-esxi-04.vclass.local.
No customization is required. When you finish this step, you leave the VM powered off.
31
Task 5: Update a VM Template in the Content Library
You check out a template to update it.
For information that can help you with this task, see the section on checking out a VM from a
template in vSphere Virtual Machine Administration at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-0F4D55EF-B45C-43D6-8C8F-
580D8B4B5009.html.
1. Check out the Photon-02-Library VM template in the vCenter content library.
a. Set the name to Photon-02-Library-Update.
b. Place the VM in the Discovered virtual machine folder.
c. Set the compute resource to sa-esxi-04.vclass.local.
2. Increase the VM template CPU count to 2 and increase the memory amount to 4 GB.
3. Check in the Photon-02-Library VM template to the vCenter content library.
32
Lab 13 Configuring DRS Resource
Pools and Rules
Objective and Tasks

Configure DRS resource pools and rules to balance workloads:
1. Create Two Resource Pools
2. Configure DRS Virtual Machine Distribution
3. Configure Scalable Shares
Lab Scenario:
As VMBeans expands, its data centers start to experience resource contention. During times of
peak use, the demand for CPU and memory resources is more than the current environment can
meet. The long-term goal is to add additional resources, but the budget is already assigned for
the quarter so your team cannot yet access these additional resources.
The agreed solution is to use resource pools to meet quality-of-service requirements. Your goal
is to configure the resource pools so that the back end gets twice as many resources as the front
end. In addition, you must configure affinity rules to keep VMs that work closely with one another
on the same host and to separate other VMs.
33
Task 1: Create Two Resource Pools
You create vSphere DRS resource pools to allocate resources in the SB-Production-01 cluster.
For information that can help you to complete this task, see the section on creating a resource
pool in vSphere Resource Management at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-0F6C6709-A5DA-4D38-BE08-
6CB1002DD13D.html.
1. Create a resource pool called Web in the SB-Production-01 cluster.
2. Create a resource pool called DB in the SB-Production-01 cluster.
3. Deploy four new VMs from the Photon-CL template, with two in each of the resource pools.
VM Name Resource Pool Storage Network
Photon-15 DB vsanDatastore SB-DVS-01-Production-

VMs
Photon-16 DB vsanDatastore SB-DVS-01-Production-

VMs
Photon-17 Web vsanDatastore SB-DVS-01-Production-

VMs
Photon-18 Web vsanDatastore SB-DVS-01-Production-

VMs
34
Task 2: Configure DRS Virtual Machine Distribution
You create vSphere DRS affinity and anti-affinity rules and update the DRS setting to manage
virtual machine distribution in the SB-Production-01 cluster.
For information that can help you to complete this task, see the section on editing cluster settings
in vSphere Resource Management at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-755AB944-F3D0-43DD-82CD-
8CDDDF8674E8.html.
1. Activate VM Distribution on the SB-Production-01 cluster.
2. Activate scalable shares on the SB-Production-01 cluster.
3. Create a DRS rule to keep the two VMs in the Web resource pool together.
4. Create a DRS rule to separate the two VMs in the DB resource pool.
5. After the VMs are powered on, verify that the rules work as expected.
35
Task 3: Configure Scalable Shares
You configure shares on the resource pools in the SB-Production-01 cluster so that the DB
resource pool gets twice as many shares as the Web resource pool.
For information that can help you to complete this task, see the following references vSphere
Resource Management:
• Edit Cluster Settings at https://docs.vmware.com/en/VMware-

vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-755AB944-F3D0-43DD-82CD-
8CDDDF8674E8.html
• Edit a Resource Pool at https://docs.vmware.com/en/VMware-

vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-B99CC2F1-B303-4C35-ABA3-
ACB77EB97846.html
1. Edit the DB resource pool.
2. Set the CPU and Memory shares to High.
3. Deploy two additional VMs (Photon-21 and Photon-22) from the Photon-CL template into
the DB resource pool and power them on.
4. Review the worst case allocation for each VM in the DB and Web resource pools.
NOTE
Even as VMs are added to the DB resource pool, the worst case allocation for these VMs is
still twice that of the VMs in the Web resource pool. The VMs in the DB resource pool are
scaled correctly, according to the share assignments.
5. Power off all VMs in the Web and DB resource pools to conserve resources in the lab
environment.
36
Lab 14 Generating Log Bundles
Objective and Tasks

Generate vCenter and ESXi host log bundles:
1. Use the vSphere Client to Generate a vCenter Log Bundle
2. Generate an ESXi Host Log Bundle from the Command Line
Lab Scenario:
As part of the deployment process, you capture vCenter and ESXi host log bundles, which you
can use to perform health checks. One of the hosts in Site-A, sa-esxi-01, is occasionally reported
as not responding. You collect logs for host sa-esxi-01 using the vSphere Client.
Another host in Site-A, sa-esxi-02, is also reporting issues. You collect logs for host sa-esxi-02
using the vSphere ESXi Shell.
37
Task 1: Use the vSphere Client to Generate a vCenter Log Bundle
Using the vSphere Client, you generate a system diagnostic bundle from Site-A and store the
output to the VMBeans folder on the Console desktop.
For information about generating a log bundle in the vSphere Client, see the section on exporting
system log files in vSphere Monitoring and Performance at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-monitoring-performance/GUID-
29CD95DD-3652-4CEB-9E03-958CF2750A0A.html.
1. Connect to vCenter sa-vcsa-01.vclass.local as an administrator.
2. Export system logs from sa-vcsa-01.vclass.local, including the host logs from sa-esxi-
01.vclass.local.
a. In the wizard, select the appropriate options.
NOTE
Log generation takes some time to complete. Check the Downloads folder
periodically for the presence of the log bundle file. You can continue with the lab while
this task runs in the background.
3. Save the log bundle to the student01/Desktop/VMBeans-Operations/Logs

folder.
38
Task 2: Generate an ESXi Host Log Bundle from the Command Line
You use Remmina to establish an SSH connection to sa-esxi-02.vclass.local and generate a log
bundle.
You are connected to the ESXi host as the root user.
For information about generating a log bundle from the command line, see VMware knowledge
base article 1010705 at https://kb.vmware.com/s/article/1010705.
1. Run the vm-support command to generate the log bundle.
The ESXi host log bundle is saved to the path that you indicate. The log bundle filename
ends in .tgz.
2. Download the log bundle from the shared datastore to the

student01/Desktop/VMBeans-Operations/Logs folder on the Console VM.
39
Lab 15 Troubleshooting a Host That Is
Not Responding
Objective and Tasks

Review logs to identify the root cause of a problem and then determine a solution:
1. Identify the Solution to the Host Problem
Lab Scenario:
A VMBeans administrator reports a fault with sa-esxi-02.vclass.local in Site-A. The host

intermittently enters an unresponsive state and generates an event in the vCenter Task and
Events pane. You reconnect the host to vCenter, but vCenter continues to report that the host is
not responding in the events for the host.
You must review the logs from vCenter and the ESXi host, identify the root cause of the
problem, and then determine a solution. When you review the logs, you notice that missing
vCenter agent heartbeats are reported. How do you resolve this issue?
40
Task 1: Identify the Solution to the Host Problem
Using the vSphere Client, VMware Host Client, and Remmina, you determine a solution for ESXi
host sa-esxi-02, which is not responding in Site-A.
The ESXi must not be rebooted.
For information about network troubleshooting on an ESXi host, see the section on
troubleshooting vSphere networking in vSphere Networking at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-networking/GUID-217384C2-
B361-471D-90C8-BC2676A0ECA6.html.
1. Using VMware Host Client, log in to sa-esxi-02.vclass.local.
2. Review the ESXi host configuration and update accordingly to resolve the problem.
41
Lab 16 Troubleshooting a Storage
Problem
Objective and Tasks

Review ESXi host configurations and logs to resolve a problem with the iSCSI storage:
1. Determine the Solution to the Storage Problem
Lab Scenario:
While trying to create a VM named Photon-08 in the SA-Management-01 cluster, a VMBeans

administrator discovers that the shared iSCSI datastores are not available on sa-esxi-
01.vclass.local. You are asked to troubleshoot the issue by reviewing the ESXi host logs and
configurations.
42
Task 1: Determine the Solution to the Storage Problem
You resolve the iSCSI configuration issues on sa-esxi-01.vclass.local.
For information about configuring vSphere HA and DRS on a cluster, see the section on
configuring iSCSI and iSER adapters and storage with ESXi in vSphere Storage at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-storage/GUID-C476065E-C02F-
47FA-A5F7-3B3F2FD40EA8.html.
1. Using the vSphere Client, log in to sa-vcsa-01.vclass.local.
2. Select the sa-esxi-01.vclass.local ESXi host.
3. Find the datastores that are attached to the host.
4. Review the ESXi host networking configuration and fix any errors.
5. Review the ESXi host storage configuration and fix any errors.
6. Mount the datastores presented from the iSCSI server 172.20.15.15.
7. Deploy a new VM called Photon-08 from the template Photon-CL and place it on one of the
shared datastores.
NOTE
Do not customize or power on this VM.
43
Lab 17 Modifying the vSphere HA
Configuration
Objective and Tasks

Update the cluster vSphere HA configuration so that a virtual machine in the cluster can power
on:
1. Update the Configuration Settings for vSphere HA
Lab Scenario:
The Photon-05 VM in the SA-Production-01 cluster does not power on. You discover that
admission control in the cluster prevents this VM from starting. You must investigate the issue
and adjust the cluster configuration so that the VM can power on. You must adhere to the
following guidelines:
• Do not modify the settings of other virtual machines in the cluster.
• Use slot policy admission control for the cluster.
• Do not power off or migrate any virtual machines.
• Do not remove any virtual machine's reservation.
44
Task 1: Update the Configuration Settings for vSphere HA
You update the vSphere HA admission control settings for the SA-Production-01 cluster.
For information that can help you in completing this lab, see the section on configuring admission
control in vSphere Availability at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-
availability/GUID-C4059DB9-D673-45CB-918C-68C87FEB060A.html.
1. Verify that the VM called Photon-05 fails to power on and record the messages for the
failed task.
2. Adjust the vSphere Availability cluster settings.
3. Power on the VM to verify that your changes fixed the issue.
4. When you complete these steps successfully, power off Photon-05.
45
Lab 18 Troubleshooting Virtual
Machine Resource Issues
Objective and Tasks

Update the cluster resource configuration in the SA-Production-01 cluster to fix a VM resource
problem:
1. Change the Resource Settings in the Sales Resource Pool
Lab Scenario:
At VMBeans, the VMs in the Sales resource pool must run without contention. An administrator
adjusts the resources of the Photon-03 and Photon-04 VMs to guarantee a fixed amount of
memory. The VMs are powered off during the adjustments.
When you try to power on the VMs again, one VM fails to start. What went wrong? As you
resolve the issue, you must follow these guidelines:
• Do not modify the VM settings.
• Do not migrate the VMs out of the Sales resource pool.
46
Task 1: Change the Resource Settings in the Sales Resource Pool
You configure the resource settings of the Sales resource pool in the SA-Production-01 cluster
so that both Photon-03 and Photon-04 VMs can power on successfully.
For information that can help you to complete this task, see the section on resource pool
admission control in vSphere Resource Management at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-8D813BB8-CE07-40F2-B2CA-
269C1FB39475.html.
1. Select the Sales resource pool in the SA-Production-01 cluster.
2. Modify the resource pool settings to fix the resource issue while also ensuring that memory is
reserved only when needed.
3. Power on both VMs in the Sales resource pool.
4. Power off Photon-03 and Photon-04 after completing this task.
47
Lab 19 Troubleshooting PowerCLI
Scripts
Objective and Tasks

Resolve issues with the VMBeans PowerShell scripts:
1. Identify and Resolve Issues with the vm-report.ps1 Script
2. Identify and Resolve Issues with the vm-powercycle.ps1 Script
Lab Scenario:
As an administrator at VMBeans, you run various scripts daily to support your environment:
• The vm-report.ps1 script lists all the virtual machines in the SA-Production-01 cluster.
This script also lists the resources assigned to the VMs, including the number of virtual CPUs
and the assigned memory.
The script generates a file with the resource information to the student desktop.
• A second script, vm-powercycle.ps1, restarts or resets Photon-02 and is run

automatically after backups are performed each day.
After updating the scripts, you notice that these two scripts are not working as expected. Your
goal is to resolve the issues with the scripts and verify that they run without errors.
For information about PowerCLI cmdlets, see Cmdlet Reference at

https://code.vmware.com/docs/11794/cmdlet-reference. Use this information, as necessary, to
perform the lab tasks.
48
Task 1: Identify and Resolve Issues with the vm-report.ps1 Script
You modify the vm-report.ps1 script so that it correctly generates the virtual machine
report.
1. On the task bar, click the Terminal icon.
2. From the command prompt, navigate to the folder containing the PowerCLI scripts.
a. Run the pwd command.
You are currently in the /home/student01 folder.
b. Run the cd Desktop/VMBeans-Operations/PowerCLI Scripts

command.
c. Run the ls command.
You should see the vm-powercycle.ps1 and vm-report.ps1 scripts.
3. Start PowerShell by entering pwsh at the command prompt.
4. Run the vm-report.ps1 script and identify the problems.
The script is in the student01/Desktop/VMBeans-Operations/PowerCli

Scripts folder.
5. Update the script using Text Editor.
6. Run the script and ensure that the report is stored in the
student01/Desktop/VMBeans-Operations/Reports folder.
49
Task 2: Identify and Resolve Issues with the vm-powercycle.ps1
Script
You modify the vm-powercycle.ps1 script to resolve the issues that prevent it from
running.
1. In the vSphere Client, power on the Photon-02 VM.
2. From the student desktop, start the PowerShell command prompt.
a. Open a Terminal window.
b. Enter pwsh at the command prompt.
3. Run the vm-powercycle.ps1 script to identify the problems.
The script is in the student01/Desktop/VMBeans-Operations/PowerCli

Scripts folder.
4. Update the script using Text Editor.
5. Run the script and verify that the VM restarted.
6. Power off the Photon-02 VM.
50
Lab 20 Generating a vCenter Profile
Objective and Tasks

Create a vCenter profile to help standardize configurations in the environment:
1. Generate a vCenter Profile
Lab Scenario:
You want all vCenter instances in the VMBeans environment to have a standard configuration. To
achieve this goal, you create a vCenter profile from sa-vcsa-01.vclass.local. A profile can help you
standardize the configuration for all vCenter instances and monitor those systems to protect
against configuration drift. The profile can also be applied to future deployments.
51
Task 1: Generate a vCenter Profile
You generate a vCenter profile and save the output to the student desktop.
For information about vCenter Server profiles, see Appliance REST APIs at
https://developer.vmware.com/docs/vsphere-automation/latest/appliance/. Use this
information, as necessary, to perform the lab steps.
1. From the vSphere Client, open the Developer Center.
2. Select the correct API type on the API Explorer tab.
3. Run the required POST command to export the profile.
4. Save the JSON file to the student01/Desktop/VMBeans-

Operations/vCenter Server Profiles folder on your student desktop.
52
Lab 21 Creating a vCenter File-Based
Backup
Objective and Tasks

Create file-level backups for two vCenter instances:
1. Create a Backup Schedule
2. Perform a Manual File-Based Backup
Lab Scenario:
According to VMBeans policy, you must create daily backups for vCenter. To achieve this goal,
you create a backup schedule for the vCenter instances in Site-A and Site-B.
For information about vCenter file-based backups, see the section on scheduling a file-based
backup in vCenter Server Installation and Setup at https://docs.vmware.com/en/VMware-
vSphere/index.html. Use this information, as necessary, to perform the lab tasks.
53
Task 1: Create a Backup Schedule
You create a file-based backup schedule for two vCenter instances. You decide that a nightly
backup of the vCenter instances must occur at 10:00 PM.
1. Access the vCenter Server Management Interface for vCenter sa-vcsa-01.vclass.local.
2. In the left navigation pane, click Backup.
3. Enter the details for the scheduled backup of Site-A.
a. Use the FTP server on 172.20.10.10 as the backup location.
Use FTP, not FTPS.
b. Enter the credentials for the FTP server.
• User name: ftpuser
c. Ensure that three copies of the backup are retained.
d. Ensure that the backups are encrypted at rest.
e. Ensure that vCenter tasks and events are backed up for auditing.
4. Verify that the backup schedule is created.
5. Repeat these steps for Site-B, using the FTP server on 172.20.110.10 as the backup location.
54
Task 2: Perform a Manual File-Based Backup
You perform a manual file-based backup of vCenter sa-vcsa-01.vclass.local to verify the settings
in the schedule.
1. Access the vCenter Server Management Interface.
2. Perform a manual backup of sa-vcsa-01.vclass.local using the details for the scheduled
backup.
3. Verify that the backup completes.
55
Lab 22 Troubleshooting vCenter
Resource Issues
Objective and Tasks

Resolve a space consumption problem on vCenter Server Appliance:
1. Investigate and Resolve a Problem with Space Consumption
Lab Scenario:
In Site-A, vCenter is running low on disk space on one or more partitions. You are asked to
investigate the problem and resolve it before it impacts the upgrade of vCenter.
Hint: You use the vSphere Client, vCenter Server Management Interface, and Remmina to
identify and resolve the problem.
56
Task 1: Investigate and Resolve a Problem with Space Consumption
You identify the files on the vCenter Server Appliance that are consuming the disk space.
For information about monitoring vCenter Server disk space, see the section on using the
vCenter Server Management Interface to configure vCenter in vCenter Server Configuration at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vcenter-configuration/GUID-
B259B969-3E5D-4576-8256-D3BED54B89AF.html.
1. Use the vCenter Server Management Interface to identify the disk that is almost full.
2. Connect to the Site-A vCenter instance using Remmina and identify the root cause of the
problem.
3. Resolve the space consumption problem and verify the free space.
57
Lab 23 Configuring vCenter Settings
Objective and Tasks

Configure a maintenance reminder and advanced logging settings on vCenter so that you can
perform key administrative tasks:
1. Set a Message of the Day
2. Configure Statistic Collection and Logging Levels
3. Configure a Syslog Server
Lab Scenario:
At VMBeans, vCenter sa-vcsa-01.vclass.local is scheduled for an upgrade. During the upgrade, sa-
vcsa-01.vclass.local will not be available. You want to remind users and administrators of this
upcoming downtime, so you decide to set a message of the day on the server.
You also want to gather information about an ongoing but intermittent networking issue in the
environment. To achieve this goal, you increase the logging levels on vCenter to capture log files
related to the issue as it happens. Having more detail in the logs can help you to resolve the issue.
58
Task 1: Set a Message of the Day
You set the message of the day on vCenter sa-vcsa-01.vclass.local to remind users and
administrators of upcoming maintenance and downtime.
For information that can help you complete this task, see the section on sending a message to
other logged in users in vCenter Server Configuration at https://docs.vmware.com/en/VMware-
vSphere/8.0/vsphere-vcenter-configuration/GUID-9E988389-5911-4F78-AEE4-
362E59958E67.html.
1. Set Reminder: Planned maintenance is scheduled for this week as

the message of the day.
59
Task 2: Configure Statistic Collection and Logging Levels
You set the statistic collection and logging levels on sa-vcsa-01.vclass.local.
For information that can help you complete this task, see the following references in vCenter
Server Configuration:
• Configuring Statistics Settings at https://docs.vmware.com/en/VMware-

vSphere/8.0/vsphere-vcenter-configuration/GUID-B2F91FDE-F7FC-46C4-91D0-
7AD7E4CC87FC.html.
• Configure Logging Options at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-

vcenter-configuration/GUID-0439D577-66F7-4584-AF05-5EB41A761873.html.
1. Set the statistics levels for each interval duration.
Interval Duration Statistics Level
5 minutes Level 2
30 minutes Level 2
2 hours Level 2
1 day Level 1
2. Increase the vCenter logging level to verbose.
60
Task 3: Configure a Syslog Server
You configure a Syslog server on sa-vcsa-01.vclass.local to send logs to a remote server.
For information that can help in completing this task, see the section on forwarding vCenter log
files to remote Syslog servers in vCenter Server Configuration at
9633A961-A5C3-4658-B099-B81E0512DC21.html.
1. Configure sa-vcsa-01.vclass.local to stream logging to a remote log server.
Server Address Protocol Port
172.20.10.171 TCP 514
61
Lab 24 Configuring a VMware Tools
Repository
Objective and Tasks

Configure a product locker on the ESXi hosts in the SA-Management-01 cluster to serve as a
repository for VMware Tools:
1. Configure the Product Locker on the ESXi Hosts
Lab Scenario:
To prepare the VMBeans ESXi hosts for an upgrade, you want to create a central VMware Tools
location for the ESXi hosts in the SA-Management-01 cluster.
This centralized location helps to ensure that all VMs in the management cluster run the same
version. Having a central location for VMware Tools also reduces management overhead, and
VMware Tools can be updated independently of the host.
62
Task 1: Configure the Product Locker on the ESXi Hosts
You configure the product locker on the ESXi hosts in the SA-Management-01 cluster.
For information that can help you complete this lab, see "Configuring a VMware Tools Repository
in vSphere 6.7U1" at https://blogs.vmware.com/vsphere/2019/01/configure-a-vmware-tools-
repo-in-vsphere-6-7u1.html and VMware knowledge base article 2129825 at
https://kb.vmware.com/kb/2129825.
1. Using Remmina, establish a connection to an ESXi host in SA-Management-01.
2. From the command prompt, create a folder on a shared iSCSI datastore.
3. Copy the contents of the host's local product locker to the shared datastore.
4. Update the ESXi host configuration so that it uses the product locker location.
5. Enter maintenance mode and reboot the host.
6. After reboot, verify the configuration using the vSphere Client and repeat the previous steps
on the remaining host in the SA-Management-01 cluster.
63
Lab 25 Troubleshooting a VM Power-
On Issue
Objective and Tasks

Resolve a VM power-on issue:
1. Troubleshoot the VM and Power It On
Lab Scenario:
At VMBeans, a junior administrator migrated the Photon-20 VM, located in the SA-Production-01
cluster, from one datastore to another during a maintenance window. After the migration, the VM
fails to power on. Extending the maintenance window will cause further service disruption and
potential financial impact to the organization. You are asked to investigate the cause of the issue
and ensure that the VM is powered on successfully.
64
Task 1: Troubleshoot the VM and Power It On
You analyze the warning and error messages that are generated in the vSphere Client and log
files as a result of the VM power-on failure.
1. Attempt to power on the Photon-20 VM.
2. Find information that might help you to identify the cause of the Photon-20 VM's failure to
power on.
3. Identify the cause of the problem.
4. Resolve the problem.
5. Verify that the Photon-20 VM powers on successfully.
6. Power off the VM to conserve lab resources.
65
Lab 26 Updating vSphere
Components in Site-A
Objective and Tasks

Update vCenter, ESXi hosts, and VM hardware using the appropriate tools:
1. Use a Custom Repository to Update vCenter in Site-A
2. Use vSphere Lifecycle Manager Images to Update ESXi Hosts
3. Update VM Hardware
Lab Scenario:
To enhance security in its data center, VMBeans uses a custom internal repository for vCenter
updates. VMBeans also wants to update ESXi hosts to the latest version to access new features
and bug fixes. The older vSphere 7.0 hosts must be upgraded using an image through vSphere
Lifecycle Manager. The virtual hardware of the Photon-01 VM must be upgraded to the latest
version.
66
Task 1: Use a Custom Repository to Update vCenter in Site-A
You update sa-vcsa-01.vclass.local to vSphere 8.0 Update 2 by using a custom repository. The
repository has been pre-populated with the vCenter update files for you to use.
For information that can help you complete the steps in this task, see the following references in
vCenter Server Upgrade:
• Configure the Repository for URL-Based Patching at

vSphere/7.0/com.vmware.vcenter.upgrade.doc/GUID-CC0FAB44-E7F1-41C8-9313-
DC7D90417039.html
• Check for and Stage Patches to the vCenter Server Appliance at

vSphere/7.0/com.vmware.vcenter.upgrade.doc/GUID-FF533442-66F0-4797-976D-
1DA99102DD0A.html
• Install vCenter Server Patches at https://docs.vmware.com/en/VMware-

vSphere/7.0/com.vmware.vcenter.upgrade.doc/GUID-E5E78149-4AC8-4DD7-BBA8-
19CC17711D40.html
1. Using vCenter Server Management Interface, configure vCenter with

https://172.20.10.10/vc_update_repo/ as a custom patch repository.
The repository has already been populated with vCenter update files for you to use.
2. Using the vCenter Server Management Interface, stage and install the update and ensure
that you run the prechecks.
NOTE
The upgrade takes some time.
67
Task 2: Use vSphere Lifecycle Manager to Update ESXi Hosts
You use vSphere Lifecycle Manager images to update the ESXi hosts in the SA-Production-01
cluster from vSphere 7 Update 1 to vSphere 8 Update 2.
For information that can help in completing this task, see the following references in Managing
Host and Cluster Lifecycle:
• Set Up a New Image at https://docs.vmware.com/en/VMware-

vSphere/7.0/com.vmware.vsphere-lifecycle-manager.doc/GUID-CF244196-5398-4139-
B712-90B49CEADE36.html
• Remediate a Cluster Against a Single Image at https://docs.vmware.com/en/VMware-

vSphere/7.0/com.vmware.vsphere-lifecycle-manager.doc/GUID-FC88E816-90AC-437F-
82D1-77332E41958C.html
1. Define a new ESXi image for the SA-Production-01 cluster.
Option Action
ESXi Version Select 8.0 U2 - 22380479.
Vendor Addon None.
Firmware and Drivers Addon None.
Components No additional components.
2. Remediate the cluster against the image.
68
Task 3: Update VM Hardware
You use the vSphere Client to update the hardware compatibility of the Photon-01 VM.
For help performing the steps in this task, see the section on upgrading the VM hardware
compatibility of virtual machines in Managing Host and Cluster Lifecycle at
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere-lifecycle-
manager.doc/GUID-BE02FDB4-8C09-4EEF-93F0-E0519D19FE70.html.
1. Update VM hardware compatibility on Photon-01.
2. After the VM Hardware compatibility is updated, power off the VM to conserve resources in
the lab environment.
69
Lab 27 Configuring a Default Key
Provider
Objective and Tasks

Configure the native key provider and encrypt a virtual machine to meet security requirements:
1. Configure the Native Key Provider
2. Encrypt a Virtual Machine Using the Default Key Provider
Lab Scenario:
Because of the sensitive nature of some of the information stored in the Photon-E-01 VM, the
VMBeans security policy requires that this VM be encrypted. To help achieve this goal, you
configure the vSphere native key provider. You must configure a single vSphere Native Key
Provider that is shareable across vCenter instances in an Enhanced Linked Mode configuration.
That way, both vCenter instances can manage encrypted VMs.
70
Task 1: Configure the Native Key Provider
You configure a vSphere native key provider on sa-vcsa-01.vclass.local, back up the
configuration, then restore the native key provider configuration to sb-vcsa-01.vclass.local.
For information that can help you complete this task, see the section on configuring and
managing vSphere Native Key Provider in vSphere Security at
https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-2F18E7A0-707F-
4739-A0B4-9A363F1C3213.html.
1. Select sa-vcsa-01.vclass.local.
2. Add a native key provider.
3. Back up the native key provider configuration.
4. Restore the native key provider configuration on sb-vcsa-01.vclass.local.
5. Make the native key provider the default key management server (KMS) on sb-vcsa-
01.vclass.local.
71
Task 2: Encrypt a Virtual Machine Using the Default Key Provider
You encrypt the virtual machine Photon-E-01 using the virtual machine encryption policy.
For information that can help you complete this task, see the section on encrypting an existing
VM or virtual disk in vSphere Security at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.security.doc/GUID-5E2C3F74-38C1-44C3-ABC5-
C2C9353B9DC4.html.
1. Update the configuration of Photon-E-01 to use the VM Encryption Policy to encrypt the
virtual machine files.
2. Verify that the VM is encrypted by the VM Encryption Policy by accessing the Summary tab
for Photon-E-01.
72
Lab 28 Working with Encrypted
Virtual Machines
Objective and Tasks

Clone and migrate encrypted virtual machines:
1. Clone an Encrypted Virtual Machine
2. Migrate an Encrypted Virtual Machine
Lab Scenario:
At VMBeans, you must clone and migrate the encrypted Photon-E-01 VM. You require an
identical copy of the VM to test changes before you place the VM into the production
environment.
You perform vSphere operations on encrypted VMs, just as you do on nonencrypted VMs.
Before performing any operations, you verify that the Photon-E-01 VM is powered on, and you
verify its encryption status.
For information that can help you to complete this lab, see the section on virtual machine
encryption in vSphere Security at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-
security/GUID-E6C5CE29-CD1D-4555-859C-A0492E7CB45D.html.
73
Task 1: Clone an Encrypted Virtual Machine
You clone the virtual machine Photon-E-01 and create an identical copy called Photon-E-02.
1. Create an identical clone of virtual machine Photon-E-01.
a. Enter Photon-E-02 as the name of the cloned copy.
b. Place the Photon-E-02 VM in the Discovered virtual machines folder.
c. Select sb-esxi-04.vclass.local as the compute resource.
d. Place it on the vsanDatastore.
e. Leave the other options unchanged.
2. Verify that Photon-E-02 is encrypted.
74
Task 2: Migrate an Encrypted Virtual Machine
You perform a live migration of Photon-E-01, ensuring that the vSphere vMotion traffic is
encrypted.
1. In the settings for Photon-E-01, verify that Encrypted vMotion is set to Required.
2. Verify that Photon-E-01 is powered on.
3. If Photon-E-01 is not powered on, power on the VM.
4. Perform the migration of Photon-E-01.
5. Verify that the virtual machine migrates successfully.
75
Lab 29 Modifying the ESXi Host CPU
Scheduler
Objective and Tasks

Change the default scheduler on hosts in two clusters in Site-B:
1. Modify the CPU Scheduler to Meet Security Requirements
Lab Scenario:
The VMBeans security team requires the highest level of isolation between virtual machines. As a
result, you must implement more secure ESXi CPU schedulers on all the hosts in the SB-
Management-01 and SB-Production-01 clusters.
External contractors can access VMs running on the SB-Production-01 cluster. Several
contractors might be logged in to the same VMs at the same time. The VMs on the SB-
Management-01 cluster can be accessed only by VMBeans employees.
Your goal is to implement a CPU scheduler in the SB-Production-01 cluster that is the most
secure and a scheduler in the SB-Management-01 cluster that maintains the separation of VMs.
76
Task 1: Modify the CPU Scheduler to Meet Security Requirements
You change the default scheduler on hosts in the SB-Management-01 and SB-Production-01
clusters. You configure the ESXi host CPU scheduler for VM isolation and balanced performance
in the SB-Management-01 cluster. You configure the most secure ESXi host CPU scheduler in the
SB-Production-01 cluster.
For information about modifying the scheduler, see "Which vSphere CPU Scheduler to Choose"
at https://blogs.vmware.com/vsphere/2019/05/which-vsphere-cpu-scheduler-to-choose.html.
1. In the vSphere Client, configure advanced CPU scheduler settings for sb-esxi-01.vclass.local
to meet security requirements.
2. Configure the same settings for the sb-esxi-02.vclass.local ESXi host.
3. Select sb-esxi-04.vclass.local in the vSphere Client.
4. Set advanced CPU scheduler settings for the sb-esxi-04.vclass.local ESXi host to meet
security requirements.
5. Configure the same settings for the sb-esxi-05.vclass.local and sb-esxi-06.vclass.local ESXi
hosts.
77
Lab 30 Implementing Security
Hardening
Objective and Tasks

Secure an encrypted VM to meet security policies:
1. Configure Host Settings to Implement Security Hardening
Lab Scenario:
The VMBeans security team wants to implement security hardening in the SB-Production-01
cluster. How do you help to meet this security requirement?
You take the following actions:
• You restrict access to all ESXi hosts so that they can be managed only through vCenter or
the direct console user interface (DCUI).
• You configure the ESXi password policy to trigger a password change every 30 days.
• You deactivate the console for Photon-E-01.
78
Task 1: Configure Host Settings to Implement Security Hardening
You configure settings to implement security hardening on the ESXi hosts and virtual machines in
the SB-Production-01 cluster.
For information that can help you to complete this task, see the section on securing ESXi hosts in
vSphere Security at https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-
security/GUID-A706C6C6-DF07-455B-99B9-5B8F8580F1EB.html.
1. Select sb-esxi-04.vclass.local to modify the host access settings.
2. Restrict access to sb-esxi-04.vclass.local by enabling lockdown mode.
3. Repeat the steps for the other ESXi hosts in the SB-Production-01 cluster.
4. Change the ESXi host password policy on sb-esxi-04.vclass.local to meet the security
requirements.
5. Repeat the previous step for the other ESXi hosts in the SB-Production-01 cluster.
6. Deactivate the console for the Photon-E-01 VM.
79
Lab 31 Updating a vCenter Certificate
Objective and Tasks

Replace a machine certificate and generate a certificate-signing request:
1. Replace a Machine SSL Certificate with a Pre-Generated CA Certificate
2. Generate a Certificate Signing Request
Lab Scenario:
According to VMBeans policy, all SSL certificates must be generated from their own internal
certificate authority (CA).
VMBeans security administrators issue a new certificate for vCenter sa-vcsa-01.vclass.local. You
replace the existing certificate with the new one. You also change the certificate for vCenter sb-
vcsa-01.vclass.local. To do so, you generate a certificate-signing request (CSR) from vCenter.
The CSR is used by the CA.
80
Task 1: Replace a Machine SSL Certificate with a Pre-Generated CA
Certificate
After a VMBeans administrator provides a new CA-signed certificate for vCenter sa-vcsa-
01.vclass.local, you replace the old machine certificate with the pre-generated CA certificate.
For information about replacing vCenter certificates using the vSphere Client, see the section on
adding custom certificates in vSphere Authentication at https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-15A4FD99-37E2-41E5-8A35-
247B8FDB019D.html.
1. Navigate to the Certificate Management page for vCenter sa-vcsa-01.vclass.local.
2. Replace the vCenter machine certificate with the files located in the
student01/Desktop/VMBeans-Operations/vCenter Certificates
folder.
3. Monitor the task and wait for it to complete.
Your vSphere session expires, and you must log back in to vCenter.
81
Task 2: Generate a Certificate Signing Request
You generate a CSR from vCenter sb-vcsa-01.vclass.local.
The CSR can then be given to the VMBeans certificate authority.
For information that can help you to complete this task, see the section on generating a CSR for
the machine SSL certificate using the vSphere Client in vSphere Authentication at
vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-2F83112B-961A-4ECB-B23F-
63758E34106B.html.
1. Navigate to the Certificate Management page and ensure that sb-vcsa-01.vclass.local is

selected from the drop-down menu in the upper-right corner of the page.
2. Under Machine SSL Certificate, select ACTIONS > Generate Certificate Signing Request
(CSR).
3. On the Enter Info page, configure the required values.
Option Value
Common name sb-vcsa-01.vclass.local
Organization VMBeans
Organizational Unit VMBeans IT
Country United States
State/Province California
Locality Palo Alto
Email Address administrator@vclass.local
Host sb-vcsa-01.vclass.local
Subject Alternative Name (Optional) sb-vcsa-01, 172.20.110.95
Key Size 3072
4. Download the certificate file to the student01/Desktop/VMBeans-

Operations/vCenter Certificates folder on the student desktop.
82
Lab 32 Reconfiguring the Primary
Network Identifier
Objective and Tasks

Change the primary network identifier of vCenter to meet naming conventions:
1. Reconfigure the Primary Network Identifier
Lab Scenario:
The recently deployed vCenter sb-vcenter-02.vclass.local does not match the naming
conventions that are used by VMBeans. Although the difference in naming convention does not
impact the functionality of vCenter, you are asked to change the vCenter name to sb-vcsa-
02.vclass.local.
An entry for the vCenter instance has already been added to the DNS server, and the vCenter
instance retains its current IPv4 network address.
83
Task 1: Reconfigure the Primary Network Identifier
You change the vCenter primary network identifier.
For information that can help you to complete this task, see the section on reconfiguring the
primary network identifier in vCenter Server Configuration at
F46DBE63-F04E-42A1-B940-63A8F5B86ACF.html.
1. If you have not already done so, power on sb-vcenter-02.vclass.local.
The sb-vcenter-02 vCenter instance is located on the sa-esxi-00.vclass.local ESXi host.
a. Log in to the ESXi Host Client for sa-esxi-00.vclass.local.
• User name: root
b. Power on sb-vcenter-02.
2. Open a command prompt window and run an nslookup command on the FQDN of the
new host name for the vCenter instance.
nslookup sb-vcsa-02.vclass.local
3. Verify that the sb-vcsa-02.vclass.local FQDN resolves to the 172.20.110.96 IP address.
4. Log in to the vCenter Management Interface for sb-vcenter-02.vclass.local.
• User name: root
5. Navigate to the networking page.
6. Update the networking information for NIC 0 of the vCenter instance.
7. Wait for the vCenter services to restart.
The vCenter services can take up to 20 minutes to restart.
8. While waiting for the vCenter services to restart, enter service-control --status
--all at the shell command prompt to monitor the startup of the vCenter services.
9. After the vCenter services restart, view the Network Settings pane in the vCenter
Management Interface.
10. Verify that the host name is sb-vcsa-02.vclass.local and that the IPv4 address is
172.20.110.96/24.
84
85
86

EDU-EN-VSAA8-LAB-IE

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EDU-EN-VSAA8-LAB-IE

Uploaded by

Copyright:

Available Formats

VMware vSphere:

Advanced Administration [v8]

VMware® Education Services

Conventions Usage and Examples

Monospace Identifies command names, command options, parameters, code

• Run the esxtop command.

• ... found in the /var/log/messages file.

Monospace Identifies user inputs:

Boldface Identifies user interface controls:

• Click the Configuration tab.

Italic Identifies book titles:

• vSphere Virtual Machine Administration

<> Indicates placeholder variables:

• ... the Settings/<Your_Name>.txt file

Lab 1 Accessing the Lab Environment ................................................................................... 1

Objective and Tasks

1. Access the Lab Environment

At VMBeans, the vSphere environment consists of a management cluster and a production

You must also investigate and resolve configuration issues in Site-A.

Your goals throughout the labs in this course are as follows:

• Deploy and configure a new vSphere infrastructure

• Migrate workloads from Site-A to Site-B

• Manage the existing infrastructure, resolving problems that occur

• Meet the requirements of VMBeans

• User name: administrator@vsphere.local

2. Connect to sa-esxi-01 by using the bookmarks in the Firefox browser.

• User name: root

If any license has expired, obtain new licenses from

Objective and Tasks

1. Configure a Cluster for Management Workloads

• Configure default admission control for vSphere availability

• Creating a vSphere HA Cluster in vSphere Resource Management at

• Creating a DRS Cluster in vSphere Availability at https://docs.vmware.com/en/VMware-

1. For vCenter sb-vcsa-01 in Site-B, create a data center called SB-Datacenter.

2. Create a cluster called SB-Management-01 in SB-Datacenter.

3. Add the hosts sb-esxi-01.vclass.local and sb-esxi-02.vclass.local to the SB-Management-01

a. Configure vSphere DRS automation.

b. Configure vSphere HA.

5. Ensure that sb-esxi-01.vclass.local and sb-esxi-02.vclass.local remain in maintenance mode

Objective and Tasks

1. Configure Standard Virtual Switches

• The vMotion traffic is configured on a separate virtual switch.

Network Configuration for sb-esxi-01.vclass.local

Standard Switch Traffic IPv4 address 1 IPv4 address 2 Uplinks

vSwitch0 Management 172.20.110.51/24 vmnic0,

vSwitch1 vMotion 172.20.12.151/24 vmnic1

vSwitch2 iSCSI 172.20.115.51/24 172.20.115.61/24 vmnic4,

vSwitch3 Virtual Machine vmnic6

1. Update the configuration for the management network.

The management network has a default gateway of 172.20.110.2. The DNS is at

a. Confirm the management network is configured to provide redundancy with an active-

b. Deactivate failback on the management network.

2. Configure a vMotion network.

Standard Switch Traffic IPv4 address 1 IPv4 address 2 Uplinks

vSwitch1 vMotion 172.20.12.151/24 vmnic1

b. Configure the VMkernel to use the vMotion TCP/IP stack.

Standard Switch Traffic IPv4 address 1 IPv4 address 2 Uplinks

vSwitch2 iSCSI 172.20.115.51/24 172.20.115.61/24 vmnic4, vmnic5

a. Create two VMkernel port groups for vSwitch2.

b. Assign the IPv4 address and uplink as per the table.

Standard Switch Traffic IPv4 address 1 IPv4 address 2 Uplinks

vSwitch3 Virtual Machine vmnic6

Objective and Tasks

1. Configure Access to iSCSI Storage