Skyline required permissions have changed

I just noticed that the required permissions of the Skyline user for vCenters have changed based on KB 59661.

Old permissions:

vCenter Server Read-Only Role.

Global.Diagnostics

Global.Health

Global.Licenses

Global.Settings

New permissions:

vCenter Server Read-Only Role.

Global.Diagnostics

Global.Health

Global.Licenses

Global.Settings

Host profile.View…

Build Photon OS appliance using packer.io

I found a great article from William Lam about how to build an Photon OS virtual appliance which includes OVF settings for configuration. During my initial tests I faced some issues like the virtual machine network did not connect properly and others. First I had changed the existing scripts to work with the vmware-iso builder which was in the end working but the performance was pretty bad. So I decided to convert the existing template from vmware-iso to vsphere-iso.

The base code is really good an most of it can be re-used. My changes can be found in my fork of his repo.

https://github.com/mdhemmi/photonos-appliance

And here a video of a build run.

Source:

https://www.virtuallyghetto.com/2019/11/packer-reference-for-building-photonos-virtual-appliance-using-ovf-properties.html

Quick tip: How to query CPU microcode revision on a ESXi

SSH to the ESXi host and execute the following command:


vsish -e cat /hardware/cpu/cpuList/0 | grep -i -E 'family|model|stepping|microcode|revision'

Output:


[root@esxi:~] vsish -e cat /hardware/cpu/cpuList/0 | grep -i -E 'family|model|stepping|microcode|revision'
Family:6
Model:60
Stepping:3
Number of microcode updates:1
Original Revision:0x0000001c
Current Revision:0x00000027
[root@esxi:~]

VMware Skyline: Hostname verification

If you do SSL inspection in your company you can run into issues when using Skyline as the collector does Hostname verification. This will ensure the collector is connecting to the appropriate server by looking at the certificate’s “dnsName” or “subjectAltName” fields against the host in the URL of the connection.

As SSL inspection can be required by your IT Security the newest version of the Skyline collector contains the option to disable hostname verification so the connection with SSL inspection providing non valid certificates will work.

VMware Skyline: Reset Root or Admin credentials

Reset Root Password

To reset the root password:

Restart the Skyline appliance.
From the Console screen of the appliance when you see the PhotonOS splash screen press "e".
At the end of the PhotonOS boot command add "rw init=/bin/bash"
Press F10 to access to the command prompt
Type "passwd" to set the root password
Type "reboot -f" to reboot the appliance

Unlock root account

To reset the root password:

Restart the Skyline appliance.
From the Console screen of the appliance when you see the PhotonOS splash screen press "e".
At the end of the PhotonOS boot command add "rw init=/bin/bash"
Press F10 to access to the command prompt

pam_tally2
pam_tally2 --reset

Type "reboot -f" to reboot the appliance

VMware KB: https://kb.vmware.com/s/article/52652