Building a VMware SelfService Portal with PowerShell and Azure

Last month I tried to build a SelfService Portal for VMware vCenter as an alternative to a full automation platform. The goal was to let users provision VMs in minutes, without the overhead that comes with running a full platform. The whole thing runs on Azure services for under $15 per month.

I wanted to see how far I could get using GitHub Copilot and Claude Code to generate most of the code, while still building something I understand and can maintain myself.

A Start on Dante - A journey into the world of Digital AV

For over 15 years I have been using analog audio equipment and last month i made the move to Dante. Learning Dante has been a journey, and I wanted to share my experience with you. I will go through the setup, the issues I faced, and the good things about Dante.

New year, new place

For a while i wanted to change where my blog was placed, as i just used some expsensive webhotel as i was in need for something very reliable years years ago.

Over time the solution got more and more expensive, while my requirements went more and more down. For web i only need static web-files now on this domain, so therefore my options was more open than ever before.

What?

I decided due to my new job, looking into Static Web Apps from Microsoft/Azure, which i highly recommend. They have a free tier, which seems good enough for most people. It also supports Hugo in that regard that if you map it to Github it will automatically build in Git and push it to the Static Web App, when you make a change something. Without the need to write a Pipeline yourself.

NSX Troubleshooting, what changed in the firewall?

I found a neat feature that I didn't know in the NSX Manager during a late night. Every publish/change makes a configuration point, that you can see what changed from then -> now.

This can be good for troubleshooting, something that stops working, that might be due to a DFW Configuration issue.

Go to the DFW, over the categories click "Actions" -> Under Drafts click "View" You will be presented with the saved configurations:

So lets go into troubleshooting mode, and lets say something stopped working at 10:32. I can find the date in the above screenshot and point at the dots and see the timestamps - look below:

NSX-T 4.0.0.1 - Whats new?

In NSX-T 4.0.0.1, VMware changed their naming scheme (again, would some say), to just be NSX. One of the biggest features, and long overdue is IPv6 support for management. There is also a new feature for Blocking Malicious IPs, which we will look at below.

Here are the Release Notes: https://docs.vmware.com/en/VMware-NSX/4.0/rn/vmware-nsx-4001-release-notes/index.html

Block Malicious IPs:

In the Release Notes the following is written:

• Block Malicious IPs in Distributed Firewall is a new capability that allows the ability to block traffic to and from Malicious IPs.
• Block Malicious IPs in Distributed Firewall is a new capability that allows the ability to block traffic to and from Malicious IPs. This is achieved by ingesting a feed of Malicious IPs provided by Vmware Contexa. This feed is automatically updated multiple times a day so that the environment is protected with the latest malicious IPs. For existing environments the feature will need to be turned on explicitly. For new environments, the feature will be default enabled

My LAB enviorment is a existing installation, so it will need to be turned off explicitly as the release notes says. Luckily thats quite easy in NSX-T.

We also know its a part of VMware Contexa, that is VMwares take on a cloud security platform. I actually didnt know about Contexa before this update, it looks cool. We might see more of Contexa in later NSX-Releases, maybe within NSX-Intelligence where more of the Contexa looks to be already.

Lets setup auto update:

As you can see below, you will right away after upgrading the NSX-T Manager to 4.x the warnings telling you: Auto Update Malicious IPs is turned off. All rules containing groups with malicious IPs might not work at all or work with outdated data if available.

My Homelab (2022 edition)

I thought I would give an updated look at my HomeLab where i obviously lab most of my stuff.

Why?

My Homelab started as I think it does for many, a curiousity and passion to know more. For me it started way back when I was very young, and wanted to learn the enterprise stuff. It have made me get jobs where i havent had professional experiences, so I think it has paid off multiple times. Now its more of a playground, and to learn and try new stuff, beta releases and more.

What?

I work as a VMware and Datacenter Administrator in my daily work, so it helps me learn: Routing, VLANS, Switching (even L3 Switching), Datacenter management, VMware and more. I LAB many things, but primarily most of the VMware stack, with licenses from VMUG.

High latency for VMs in NSX-T (VLAN)

NSX-T Version: 4.0.0.1.0.20159689

I was experiencing a high latency in NSX-T for all my VMs, and i couldnt figure out why. VMs on the same host, that wasnt on a NSX-T segment had +90ms in latency. I was pinging from a VM on VLAN 10 to a VM thats part of my NSX environment on VLAN 20. Both VMs was on the same host, and I dont have any NSX-T Overlay routing, so it was kinda weird.

Let me first show you how the latency was fluctuating:

As you can see above the latency was in the low end at 8ms and to the very high end of 150+ ms per ping. Thats not acceptable, and especially not when the VMs are on the same host, and there is only 1 router between the VLANs.