NLVMUG2018 – Speaking on NSX microsegmentation and a community panel discussion #vexpert

March 15th, 2018

Its always exiting to speak publicly and this year I am setting my bar higher by participating in 2 sessions.

First up is a panel discussion that I was very happy to be invited to by Francisco Perez van der Oord, one of the directors of ITQ. We will have a 45 min flow of topics around SDDC, NSX, Cloud, etc, and the general trends of technology as they impact vSphere admins. We titled the session “vSphere – .. and then what next?”  Never participated in a panel discussion on stage before, so that will be an interesting experience. The other participants are, imo, giants in the dutch VMware community: Joep Piscaer of OGD/Jumbo and Viktor van den Berg of PQR, and I feel quite humbled being on stage with them.


My second session is my own talk, 20 minutes, on NSX Microsegmentation in practice. This is a condensed version of the talk I gave at the Infosecurity conference last year.
In it I cover some practical tips about using NSX Microsegmentation, do’s and dont’s, and common Gotcha’s
Its actually quite tough to get all the essentials into 20 mins or so, so it will be dense and fast-paced (as usual for me).

Nervous, but really looking forward to the day. I love the VMUG concept and I love networking and seeing all the community in the flesh again (as apposed to only on Slack/Twitter)

LinkedIn embeds:


ESX Update Failure because of lack of space in /core

February 28th, 2018

On ESX 6.5, ran into an issue where updates from vSphere Update Manager (VUM) where refusing to install, due to 2 different errors, both having the same root cause.

VUM will through an error 15 in the UI, but if you look at the /var/log.esxupdate.log on the esx host itself, you will see in more detail what is going on.

It should be noted that “The host returns esxupdate error code:15” is a highly generic error message you might get at remediation, and can be caused by a bunch of different causes, including a corrupt update manifest file, corrupt bootbank, currupt VIB file or corrupt local  temporary patch database.

In the screenshot below of esxupdate.log, you can see that the temporary patch database was unable to be created in /locker/package/var/db/locker

different way this problem may present, is as a ‘broken pipe’ error ( ‘{errno 32] Broken pipe’

Notice that in both cases, it is failing on the large, 200mb VMware_locker_tools-light bundle


Both /core and /locker symbolic link to one of the ESX partitions. In this case, the partitions are on a mirrored SDCard. These are of type vfat

If you cd into /core you will end up in these partitions

Using DF -h you can check how much free space there is. As you can see in our case, just a little over 200mb remains.

That is not much, especially of you consider that the vmwaretools locker light bundle is itself about 200mb

Check the /var and /packages directory tree in this partition for files that can be cleaned up.

In the screenshot above, you can see that there appears to be a 73mb hostd core dump file sitting in /store/var/core

Unless you really need these to send to GSS (global support) for example, they can be deleted.

Similarly, you can also delete the old VMware tools bundles, unless you need them


These bundles are only used if you choose to auto-install VMware tools directly to a VM, using the UI or API

In practice, with most environments, this feature is not used (or very rarely), because most people either use the Open VMware tools included in Linux OS, or include VMware tools in a template or golden image. Or auto-install it with config management like puppet, Ansible or vRO.
So to save some space in case you have large update packages that don’t fit in /core, you can consider deleting these files too, they are about 200mb in all, after all.

Be aware though, that updates to esx-base or specifically named vmware tools updates, will of course, reinstall these files.


1st Nov. I will be speaking on #NSX #micro-segmentation in practice at the Infosecurity Expo #vexpert

October 26th, 2017

1st of November at 13:00 I will be speaking at the SecurityInfo / Data & Cloud Expo about our experiences with NSX micro-segmentation

In this 45 min talk I will discuss  the details of managing micro-segmentation with the VMware NSX Distributed Firewall function.
Does it live up to the promise, what are the pitfalls and benefits, and what should you consider in regards to your planning and process? 2017 in combination with Data & Cloud Expo 2017 will be held on 1 & 2 November in the Jaarbeurs in Utrecht (The Netherlands). In the past years, proved to be the online meeting place and exhibition for IT managers and IT professionals in the field of IT security. In 2017 forms a new combination with the new event Data & Cloud Expo. 



I was interviewed for Scott Lowe’s Full Stack Journey podcast hosted by #packetpushers #vexpert

October 19th, 2017

Full Stack Journey tells personal stories about the ongoing quest to become a full stack engineer: an IT pro who can move among multiple silos and work across multiple layers of the modern data center.

Very cool to be asked, as I feel my personal IT transformation journey has only just begun.
I admire Scott greatly and his many vSphere books helped me get my first certifications.
His Blog is an amazing source of information, and his own shift toward cloud-native technologies is something I am very much hoping to emulate.

Robert and I talk about a few different topics during the episode:

  • The need for IT professionals to shift their mindset to become more of a facilitator, a mediator between silos

  • Embracing DevOps (it’s about more than a name change!)

  • Trying to find the balance between hands-on experience and broader architect-level knowledge

Listen to the podcast episode here:

Full Stack Journey 014: Robert Kloosterhuis

VMworld 2017 EU Day 1 (part 2)- #HACKATHON (awesome!!) #vexpert #vmwarecode

September 12th, 2017

So there where two things I knew for a few years.
– Everyone always seems to have an awesome time at Hackathons
– I am not a developer, not even a descent scripter, how could I contribute to something like this?

Well VMware{Code}, who organise the VMworld hackathon, don’t care all that much what you can do going in.
The point is to learn and to have fun

A bit difference for me this year was being in the vExpert community. And as you might imagine, there is quite a bit of overlap between vExperts, VMware{code} community and innovative scripters. Well they where all very encouraging. So I decided to just throw myself in there!

Quite a diverse lineup of teams. I have wanted to get into Ansible for a while, so I immediately saw my oppertunity in Team4


I ended up taking responsibility for the presentation of our teams results, so I made the powerpoint which summarizes what we tried to achieve:



Being both a Linux and Ansible noob, I spent most of my evening trying to get the VIC OVA copied onto my Ubuntu VM to test our deployment parameters.

Also, it took half an hour to deploy VIC each time we tried… this we called.. a constraint :p



However, I have to say that a lot of effort was put into providing us a cool deployment environment. They gave us the option to use the on-prem hardware they had set up in the Hackerspace where we at, OR.. to use VMware on AWS, which was of course very cool.
For practical reasons we ended up going on prem – mostly so it was easier to SSH in.



I partnered with @kev_johnson (of the @OpenTechCast podcast) to create the OVF deployment part. Kev ended up doing 99% of the work. I contributed mostly by googling some variables and pointing out irrelevant things and distracting him. :p 

While we didn’t really manage to test much of our solution, we did put all the Ansible roles and playbook in GIT. This was our main goal, to be able to contribute something to the community. And we succeeded in this. Its not finished, but its a great start!





The main goal was to learn, and that we all certainly did do. I now have a far better understanding of where all the moving parts go for Ansible, and am happy to see its actually not all that complicated. I also learnt how to use GIT which will be extremely useful going forward.



The main thing I could meaningfully contribute was my some powerpoint and the accompanying presentation of the teams results. Within 90 seconds!

Unfortunately, our ultimate gambit of bribing the judges with Belgium and Dutch chocolate products, did not succeed :p


I want to give a MASSIVE thank you to our teamleader and inspirator:  who really helped us get to grips with all this new stuff, and did a significant bit of preperation on his blog.

VMworld Europe Hackathon: Introducing team Automation for All

VMworld Europe Hackathon: Preparation

I want to thank our team, who really pulled together and took their tasks seriously:

Kev Johnson (@kev_johnson – beer connisseur, hoping to learn loads about Ansible as I know *literally* nothing… Not sure what I can bring to the party other than enthusiasm!)
Ozan Orcunus (@vOrcunus) – system architect with a high interest in devops mindset and infra as code concepts, random powercli scripter and virtualization guy.
Chris Lewis (@thecloudxpert) – vExpert, VCIX6, all things SDDC and vRealise Suite – Ansible n00b – merc that may switch teams before the day 😄
Orhan Biyiklioglu (@biyiklioglu) – ex-sysadm new cloud engineer.
Laurent Borgognon (@lbggn / @BruksL) – beer expert – Ansible n00b but want to learn – random Scripter
Nick Goldman (@nickgold) Interested in all Infrastructure automation. Looking to learn about ansible


And finally I want to thank the VMware{code} team and the judges for putting this all together and making this such a fun event!
Jake Robinson, Nikki Roda, Tim Bonneman, William Lam, Alan Renouf, Steve Trefethen and Ricky Trilago and everyone else involved. Great event! Hopefully see you next time!