Home Lab - vSphere and vCenter Installation and Configuration Guide

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

when it comes to enterprise hypervisors vsphere is probably one of the most common out there do you know how to get it set up and running if not this video is for you [Music] so welcome everybody what my goal is for this video is to show you how to get the enterprise vsphere hypervisor installed configured and kind of the fun things it can do now brings up a good point in that there's the free edition which is bound to say a few cpu cores it can't do things like storage vmotion or vmotion or distributed switches or net flow on the distributed switches and there's a decent amount of feature sets you can't do for free but there's also a decent amount you can and the install whether you're doing the paid enterprise plus or cloud editions versus the free edition is the same so if you want to say you have capabilities and you know about vsphere and how to install and configure it join it to vcenter and well that's my goal for this video now brings me up to a good point before we get started in that you can do the free edition you just have to register an account download the iso install you can also do trial for a few days to do the enterprise feature sets and what you might do is if you're a small business you could buy an essentials kit or if you're just trying to do this in a lab you can sign up and subscribe to a vmware user group and you can get a vmug lab license which is a low cost all enterprise capabilities license so regardless check into those if you're just trying to do this on a low budget just do the free version but let's go through this so what i want to show you is how to get vsphere installed and join it to a cluster assuming you have more than one with vcenter so first thing we need to do is we need to download the vsphere iso so step one so what i'm gonna do is i'm just gonna type vsphere download this will take me over here i'm gonna do the download vmware vsphere you could technically change this a little bit and do download uh vsphere free which will have a different download link where you can get the free edition basically it'll register you for a license so you would have to create an account if you don't have one and then log in and then you would download the iso here you could also try to download vcenter same thing download vcenter and you might have to get this on a trial but basically you're going to download an iso for vsphere the free edition if you want to do the free edition and vcenter if you're going to test that out vcenter there's not a free edition at least not to my knowledge there hasn't been one so it's just vsphere free if you're gonna do the free edition i already have these pre-downloaded so step one download isos complete step two i need to build an installation media a usb for vsphere so for this i tend to use rufus so if you download rufus rufus.ie there is an installable version this link or there's a portable version the link right below once that's on your box install it just like you would anything else and then launch it so i have rufus 3.14 on my box it does prompt for admin because you'll need that to format a usb drive and what i usually do is i don't yet have the usb plugged in because this will auto detect new usb storage devices so it kind of safely helps me find the right device in case you have more than one so i'm going to plug this in real quick there we go and now notice here in a second there goes it grab the drive a couple things here though i'm gonna i'm still doing an iso image i'm gonna hit select and i'm gonna select the vsphere iso i downloaded which is this one now when i hit open rufus will try to auto set some things when i first did this on my box it did gpt which means it has to be used on a biosystem that boots with ue uefi ufi for a lot of older hardware this won't work very well so what i would probably recommend you do is set this to mbr which should work for bios or uefi and when you select that if you first install rufus you might have a pop-up saying one of the config files is old and outdated in the iso that you selected can rufus reach out and download a newer one and you'll have to say yes it's fine it takes like two seconds and then from here i'm just going to hit start it's going to pop up and say hey you sure you want to wipe out this thumb drive and it's going to wipe the entire thumb drive out so make sure you don't have any pictures or anything on it and then hit ok this takes uh a minute or two and when it's done what we'll do is we'll move to whatever server workstation hardware you're having we'll plug it in and we'll try to boot to the vsphere installer and go from there just being honest there's a decent amount of hardware that's not going to work with vsphere i'm going to demo on an hp z620 i bought at the ebay that's what i use in my lab environment but if you're doing workstations you might have to find some modified isos to get like network drivers or storage drivers so there's a lot of hardware that it's just not going to work with these servers tend to work way better um workstations not so much so here we go i'm now ready i can go move and plug this into a box and i can boot to it and start the install process so step one we've got the iso downloaded step two we've got a bootable usb drive step three we're gonna install using that usb device so at this point what we're gonna do is boot to the usb drive and i'm gonna start the installer so here it's going through and it's booting to the vsphere installation media sometimes this can take an extremely long time others it seems like it boots very quickly so we'll give this a second let that boot up so from here i'm going to go ahead and start the installation wizard so i'm going to hit enter to continue and then from here i'm going to accept the end user license agreement this is going to scan for whatever local storage i have in this server i actually have multiple devices i'm just gonna select the first one which is a one terabyte ssd drive i have uh you can have some issues if you select specialty drives like sometimes the nvme doesn't work very well depending on the version you're installing but i'm just going to do the first since i previously had esx on this it's detecting it i'm going to select the blast box which will just delete everything i previously had and start over from here i'm going to go ahead and set my password not sharing that sorry i selected us default because i'm in english set a password and then from here i'm getting a warning of hey your hardware is not on the compatibility guide are you sure you want to do this now it still says it's still supported it's just in the next release it's not going to be it's because i'm using older hardware so i'm going to go ahead and click on ok well hit enter and then from here i just need to start the install that's pretty much it from installing vsphere the hard part is configuring it so now we'll give it a second to go ahead and complete all right so now at this point the installation is done when go ahead and hit enter to reboot the server and when this starts you do need to pull the usb drive out otherwise it'll boot right back into the installer depending on how you have your boot order so you can go ahead and safely unplug it at this point and reboot the box now it will take a second to boot up again so let's give it just a second and then we'll pick up configuration once it's booted up all right so now that the server's booted up i'm going to press f2 and i'm going to start configuring this what i initially want to do is get the networking set up so i'm going to log in and then from here i'm going to go over to configure management network because i need to get it configured i usually will select the network adapters because i want at least two for redundancy if you're only using one nic that's fine so i'll select whatever next you're using then hit enter then from here if you're doing tagged v-landing you'll need to set this i'm setting 300 assuming my switch has a tagged port of 300 and then i would recommend you set a static ip so i'm going to select that and i'm going to go ahead and enter one of 192 168 0 101 for my environment with a 255 255 2550 subnet mask and a gateway of 192.168.0.1 again this will have to be specific to your environment and then i like to turn off ipv6 because i don't use it and then if you're setting dns or suffix you would we'll set that later in the web interface so from here you'll hit escape and you'll say yes to save changes in reboot at this point you've got the main stuff configured that you need to be in front of the computer for the rest will start configuring through the web interface so if you have more than one server rinse and repeat what we just did so the next step what we're trying to do is configure vsphere for this i have three hosts i have https 192.1680101 i have 102 and 103. so i'm going to go ahead and connect to each one of those and then what we want to do is we want to start to configure these because by default there's things i i didn't yet set up like i didn't set up dns i didn't give each box its own hostname i didn't install license keys and i haven't configured the vm kernel to support any enterprise features assuming you add it to a vcenter box so let's do that so i'm going to log into each one of these so you're going to rinse and repeat a lot of this over and over in each box and let's first kind of knock some of this out first things first i want to give each one their own names notice up top each tab says local host still so for this i'm going to click on networking and you need to flip to the tcp ip stack this is where because i didn't set dns and hostname at the keyboard at the console i'm going to do it here so i'll click on the default tcp ip stack and i'm going to click edit so this box i'm just going to name i'll call it esx01 or vsphere1 i know technically esx has transitioned to vsphere but i still call it esx for the domain i'm just going to use a mock domain vsphere.local and i'm going to set my dns servers for now to cloudflare's dns servers i'll use vsphere.local hit save i'm going to rinse and repeat this on the other boxes as well tcp stack edit this would be esx02 vsphere.local one one one one one zero zero one vsphere dot local save same thing over here tcpi stack edit here we go this will be esx03 vsphere.local dsphere.local save now the other thing i like to do once i know i have dns in place is i want to make sure each of these servers is set up to do time synchronization because i want all my virtual machines and everything to be in sync and it can cause issues when i later join vcenter if i don't have proper time that's under manage and i configure it under system tab time and date so i'm going to edit ntp and i'm going to set this to start and stop with the host and you can set this to an ip list comma separated i tend to use pool servers like zero.pool.ntp.org one.pool.ntp.org 2.pool.mtv.org and there's a third one as well so i'll go ahead and grab these you want usually at least three so you can have quorum so i'm going to save that and notice it still says it's stopped and it's kind of weird because i would assume i click on actions and start but you have to go to services find ntp in here then start it you can go back and let's see refresh running yay okay so we got ntp up and running i'm gonna do that on the other boxes as well so edit ntp start and stop with host paste my time servers service start do that in the first box as well edit start and stop with host there they are services ntp start the other thing we might do since we're over here is click on licensing and if you have a license key for like the free edition or one of the paid editions or vmug editions click assign and go ahead and assign it we can also do that later with vcenter if you're doing vcenter or if you're just going to run this in eval mode i have all the features currently enabled while i'm in evaluation mode another thing i need to do is i need to go back to networking under vm kernels and i need to edit my vm kernel this is kind of weird in the vmware's hypervisor there's this concept called a a vm kernel think of it as the virtual ip that can be used for things like management for vmotion like moving a system from one box to another for fault tolerance where it creates like a replicate clone for replication and a bunch of other feature sets by default you have one vm kernel and in a lab you probably only gonna have one you can change this but just let me show this for a second i'm gonna edit this and in a lab if i was just using you know say i have two nicks in each of my my systems but i'm only gonna have one vm kernel and i'm just going to say all the features the enterprise features i want you to use on this one virtual kernel i'm going to hit save and that virtual kernel is assigned to my management network port group which is on my single virtual switch it gets really confusing virtual switch is where i'm actually tying my physical adapters so i have two physical adapters currently assigned to vswitch zero let me show you this picture here oh not here let me see if i can drill down into this there we go oh come on and i'm gonna move my thing around here this kind of shows a nice picture right here v-switch topology i have two physical nicks that call them uplinks plugged into this virtual box this kind of gray scale box and from here i can have port groups which for the most part are just how we assign vlans and then you can have virtual machines or kernels attached to those port groups so earlier when i did the install i set it to vlan 300 but then i realized that i have a what's called a general mode switch meaning if i don't tag a vlan it's 300 in my environment everything else i have to tag i'll come back to that that's confusing let's stick to one concept at a time so what i'm doing here then is i have one vm kernel it's 192.1680.101 on a port group called management network i'm not setting a vlan id which means on my switch it's actually going to be 300 under the hood and that can be on any of these two nicks so i have redundancy and because i enabled all those additional feature sets i can connect to nfs shares i can do iscsi i can do vmotion off this vm kernel what you might do in a production environment though is you might have say let's say i had two more additional nicks so i had four in total what i might do there is create another virtual switch assign two nicks to it and have a vm kernel that's dedicated to say nfs or iscsi access why because then they can't physically cross from one virtual switch to another from those two adapters to these two adapters so it's more inherently secure and also because it's high bandwidth so now i can have like two 10 gig nics for iscsi they're load balanced they're redundant and so there might be causes where you'll have more than one vm kernel for that reason fact for iscsi you might actually have a virtual switch with two physical adapters and you might have two vm kernels two separate ips because of the way you can do load balancing with iscsi so you can get it can get advanced pretty quickly but it's cool you have lots of options which is also why it's confusing so from the lab again kind of what i would probably do is for your vm kernel i would go ahead and enable all the check boxes so you can do all the things with a simplified network okay so i've got that configured but in my environment in what i would kind of recommend if you have the hardware to do it is i don't want to have all my virtual machines on the same subnet i want to have multiple subnets and multiple vlans but as soon as you have multiple vlans it means whatever switch you're using better support it so i don't have virtual machines that use no vlan id all my virtual machines need to have vlans so for example i have a network i call infrastructure and it's on vlan 100 so i'm going to create that i'm getting rid of the default vm network i have a security vlan i'm going to go ahead and create a new one here i'm going to click on let's see here i'm gonna go to port groups here add port group i have one called uh security this is where i'll put like my ids and things like that that's on vlan 101 i have a port group called logging where i tend to use my sim components and my analytics that's on vlan 700 and so what i'll do is i'll start creating these vlans as port groups and then i make sure they show up on my virtual switch so virtual switch zero there's logging security infrastructure but watch this this is something that i'll all usually do i'm gonna go back to my port groups and notice security i have is vlan 101 i'm going to create another port group that is also in the same vlan id 101 but i'm going to call this one ids okay um and actually i'm not going to do that um i'll come back to why i was even thinking that i'm going to actually change this to 4095 which in vsphere non-distributed switches means every vlan i'm also going to expand security this is inheriting the security settings for my virtual switch and i'm going to override them and say for my ids network which is all vlan traffic you can enter promiscuous mode so you can see everybody's traffic you could technically send packets that have in mac addresses that didn't come from the hypervisor or that are completely forged and so you can change mac addresses all that i'm going to allow the ids to do whatever it wants i'm going to hit add and then on the virtual switch i'm going to make sure my default policy is what i want it to be so i'm going to go to edit and under security i want them all to be set to rejected meaning a virtual machine you can enter you can't enter promiscuous mode you might think you are but you're not allowed to see other traffic this is helping locking down i can't forge mac addresses and use mac addresses that didn't come from the hypervisor which is added security will break virtual machines that need to do like virtual mac addresses like for load balancing or other like clusters so you might intentionally need to create a duplicate port group same vlan id but allow say mac address changes or forged transmits but only for special use cases so i'm going to go ahead and i didn't make any changes so i'm just gonna hit cancel here and now i've got these the problem is i don't have them on my other boxes so we did uh 100 101 740.95 i need to go do the same things over here vm kernel edit settings i'm going to check these boxes so i can use any of the feature sets i'm going to go to my virtual switch and we're going to make some changes i'm actually going to just go to networking port groups vm network i'm going to rename the infrastructure because i don't want to have a default network called vm network if i was doing distributed switching you would wait and do all this later within vcenter because it would handle all this for you uh i'm just showing you this way so 100 i'm going to add we had security 101 and we had logging 700 and then i had ids i technically have a lot more than that but i'm just going to do the what i need to do to show you this video ids 4095. again 4095 means all vlans so i can see everything on a standard switch do the same thing over here go to networking and do the vm kernel before i forget edit settings check all the boxes save and port groups edit this would be infrastructure 100. the naming is actually important because if i was to move virtual machines between hosts and the names didn't match it could cause issues so you do need to make sure you don't have typos here again while distribute why distributed switches through vcenter is cleaner we're just going to keep going with it this way and one more so at this point once i make this last change i'm actually going to set this to 40 96 for a second to see if it marks it okay good yeah i was making sure it's 40.95 at this point i'm actually ready to start deploying virtual machines now i didn't set dns initially and that mine's currently set to cloudflare because usually what i want to do is deploy active directory domain on top of these systems and then i'll use vcenter and point at those systems and so there's kind of a chicken and egg problem and that dns i can't point to those yet because they don't exist yet and so what you might do is actually install active directory first then set up vcenter because in your home lab you're probably virtualizing everything i'm going to do it backwards i'm going to install vcenter and then later on in a different video i'll install active directory but that means my vcenter i'm not going to join it initially to active directory so i'm going to use local accounts and that's fine for me for my lab so i'm done with vsphere what i need to do in my final step is actually deploy vcenter and then configure all my boxes to be joined under that vcenter so let's move on then to step 5 deploying vcenter i have vcenter downloaded so i'm going to go to my downloads folder and i have vcsa and hopefully i downloaded the right one we'll see here in a second i'm going to double click on this which will mount it because i'm on windows 10 and i'm going to find the installer i'm going to use the ui installer which is the gui i'll just do the windows one you technically should be able to do this on a mac or linux just do it on windows because i'm on windows and i'm going to run the installer i'll give that a second to pop up there we go and this is kind of a wizard you just kind of walk through so i'm going to hit install i'm going to go ahead and deploy i'm going to accept the terms and the end user license agreement and i'm just going to point this at my first box in a production environment i would definitely recommend you do this with the fully qualified domain name again i don't have dns servers i don't have anything because i'm starting with hypervisors so i can't do that so i'm going to point at an ip address in a production environment you should have a dns already the problem is this is kind of once you deploy it for the most part you don't change this which is why it really should have been a name first for a lab this is fine i'm gonna hard code it via ip i'm gonna use the root account that i set during installation there we go it's gonna say hey there's a untrusted cert because that's not a trusted cert i mean even up top you can see all these say they're not secure it's because they're self-signed i'm gonna hit yes and what do i want to call it i'm just gonna leave the default name of vmware vcenter server i'm going to set a password for it make sure you remember your passwords here it's going to ask me how big will my environment get to with being a home lab your most of you are probably going to be tiny's fine i often set mine to at least small because i i can get over 100 vms but you're probably going to do tiny or small select them according to the table below i'm not going to have a hundred hosts but i can have over a hundred virtual machines which is why i set it to small and we'll go storage how much disk do you think you want to use i just tend to leave that at default where do i want this to go well i only set up one data store so it's going right there the difference is do i want vcenter to pre-allocate all the disk which is the default and i i don't want it to do that or do i want a thin disk meaning only consume storage as it actually needs the space so the difference here is it might use you know a hundred like if you had a hundred viet 100 gigabyte vm it would use all 100 gig by default if i say thin disk it starts at zero and as it uses space it grows up to a hundred gig i'm going to enable thin disk mode there can be performance implications if the disk constantly grows but for our lab that shouldn't really be the case and i have fast enough disks anyway so go if you're doing vsan which allows you to take the local disks of multiple hosts and create a cluster like hyper converge storage which is a lot of fun you can try to get that set up from scratch right during this install i wouldn't recommend that necessarily usually what i would do is go ahead and start the install and do vcn later and then migrate the disks so i'm just going to proceed it's going to ask me to get a ip or name to vcenter i'm going to place this on my infrastructure vlan i'm going to set it as a static ip and i'm not going to give it a name for right now i'm going to give it 192 168 104 zero default gateway of one and i'm gonna use cloudflare for right now because i'm just gonna use local accounts when i'm connecting to vcenter and then i'm gonna hit finish if you want to watch this this gui will kind of show you the status you technically can also go to the first box and you'll see it down here importing the app and you'll kind of see a few tasks popping in down here so i'm going to kind of put this up here and we can also kind of watch it over here this is a fairly big application so we'll give it just a second to deploy all right so now the center is it deployed needs configured so that's what we're going to do next we're going to connect to the ip for that box and i'm just going to hit continue which will actually connect over to it and this is going to kind of finish the deployment so i'm going to next i do want time synchronization you can do with ntp or esxi it really doesn't matter so long as your esxi is also doing ntp i'm going to just i'm gonna use with esx for production usually we don't enable ssh i'm gonna go ahead and enable it just because it's in my lab and i want access so next give this a second there we go i'm going to set up a password for accessing vcenter the sso configuration again i'm just using all local accounts for now oh that's because i didn't put the i saw there thought it was there it was not all right there we go and here we go and finish the deployment please go now we'll give this a second and when it's done we should be able to connect to vcenter's ip or name if you did an fqdn and you could start to manage all your hosts from there which will be able to finish the this guide pretty quickly from there so we'll give this a second fingers crossed right we'll be able to connect to it and start using it so let's let's give it a shot let's try connecting to one nine two one six eight zero 104 is what i have it in my environment oh that's a good sign continue launch vsphere client and let's see if i can authenticate in here so this will be i believe i called mine administrator at dot local and yay all right looks like it's gonna work so at this point we have three vsphere boxes we have vcenter installed now we just we just gotta combine them all together you should have licenses in production i'm again i'm just gonna move forward here what i'm gonna do is i'm gonna do right click on the vcenter over here i'm going to do a new data center i'm just going to call this test and then i'm going to right click on that and i'm going to do a new cluster i'll just call this cluster for now and if i was going to enable distributed resource scheduling which would auto v motion machines around i would check drs if i want high availability which would be if i have a virtual machine running and for some reason the host can't be found it's not heartbeating it'll relaunch it on a different machine you would enable that and if you're doing vsan if you have the local disk to support vsan you could check that as well so that as you add your hosts vcn gets enabled i'm going to leave that one unchecked for now so do next finish and now i can start adding my host to it add hosts i'm going to do 192.1680101 root put my password in i'm going to go ahead and just do all of them oh and i'm going to say use the same credentials because i did set them the same and let's see if this works 103 next okay oh check okay next finish and so what should start happening is they should start getting added into this cluster you'll see this status is down below and as long as this all works notice they just migrated into the cluster two of them show up as in maintenance one will not because vcenter is on it and so you'll see it's getting all the agents and stuff deployed on here and we'll see if we get any errors we might get one on 101 because vcenter is there and it wants to go into maintenance mode for this but we'll see definitely makes it challenging trying to get vcenter on the same box if there's an error we can still deal with this later though we'll wait for this and let it finish its tasks but at this point as long as this finishes and there's not a huge red flag i'm ready to start deploying virtual machines as i see fit and you now have vcenter up that means you can go through start setting up things like patch policies i usually will start installing like windows operating systems and linux operating systems to get templates so that you can deploy from template rather than fresh installing all the time looks like we're good i can tell these to exit out of maintenance mode exit exit those will come out notice it's going to start installing the agents on those as well and then from here we're good vcenter is installed i'm ready to deploy virtual machines i'm just going to show one quick deployment real quick i'm going to do um let's switch to virtual machine view for a second on my test i'm just going to do a new folder we'll call this a virtual machine folder normally what i would first do is probably create a template folder and i would do something like deploy a new virtual machine brand new let's say i'll call this ubuntu 2004 next next select the data store this is gonna hard lock it to one box because my disks are local currently until i do vsan or set up like an nfs share that's fine this would be a linux box ubuntu 64-bit i can start to set my cpus like i might do two with 4 gig of ram a 40 gig hard drive you configure this make sure you specify whether it's thick or thin you probably want thin but the default is thick remember that's whether hard allocates the size or not and then what network you want to drop it on so we'll browse i'm going to do infrastructure next if you had an iso you could point out the iso i'm just gonna do next finish now this is intended for me to install ubuntu 2004 it doesn't have it yet but what you would do from here is you would power it on and launch you can do the remote console which you might have to install or the web console and just do the web console for now and it's trying to boot up but there's nothing there so from here this is where you would either mount an iso over the remote console or you would upload it to one of the disks and you would do you would do edit settings and for the cd-rom you could actually point out to a datastore iso and then install ubuntu and when you're done you would nicely power this off i'm just going to forcibly shut it down yes and had ubuntu been installed in here i could say right click template convert to template and notice the icon image changes a little bit and now i can deploy from template which is one of the powers of vcenter so hopefully this video helped you get started there's still a whole bunch of stuff i can cover at a later date like distributed switching how to do things like uh mirroring whether it's port mirroring things like netflow you name it there's a whole bunch of additional capabilities within vcenter especially so but this will at least get you started see how those components link up deploy cluster add host and now you can start managing everything centrally with vcenter so if you like this video please subscribe and stay tuned for more also don't forget in the comments that if you want to see something specific or have questions let me know let's do this

Info

Channel: H & A Security Solutions

Views: 9,807

Rating: undefined out of 5

Keywords: configuration, hypervisor, install, vcenter, vsphere

Id: xDnYyXjH3WA

Channel Id: undefined

Length: 41min 50sec (2510 seconds)

Published: Wed May 05 2021