I’ve heard it said that you should start with why. I’ll get to that, but first I have to set the scene.

vRealize Automation Cloud and vRA 8.x introduced the ability to add Cloud-Init commands / configuration to Cloud Templates and have them executed / applied in the guest operating system after provisioning. Cloud-Init has been around for a number of years and is the defacto standard for customising workloads in most of the public cloud platforms. As vRealize Automation can manage workloads on multiple cloud platforms, it made sense that it support Cloud-Init.

As an example, the following could…

Today I learned that there’s a documented performance study that was published in August 2020 about tagging in vSphere.

I found it because I was working on a tagging strategy for a customer and wanted to reference something in VMware’s documentation. Google found it for me.

I’ve been using Packer to build vSphere templates in my lab for a while now. One problem I had for ages was that I wanted my Packer builds and scripts to be in a public repository as I don’t want to hoard my knowledge and experience. What I didn’t want to share, however, were the license keys from my MSDN subscription or my commonly used passwords etc.

I created a system of text replacements using sed to automate the process a bit. …

I’m going to try and post one of these retrospectives every month and look back at what I’ve been doing (this being the first it does include some January stuff as well). I’ve taken the name from one of the ceremonies of the agile / scrum methodology. The goals are fairly similar:

  • I want to understand where I’ve spent my time and how I can use it better going forwards
  • I’d like to have a way of looking back at 2021 and knowing that I’ve done something meeaningful…

A good thing about working with customers on a regular basis is that they provide you with plenty of opportunities to learn something new or find something out. Personally, I relish that sort of problem solving.

While I was given a demonstration to one of my recent customers, they asked about the deployment name setting in vRA 8.x. If you’re not familiar with it, a deployment is like a building. It’s created using resources in a defined manner based on a template (or blueprint). …

Read the release notes for any application or piece of software and at some point you’ll notice a reference to some “security updates”. In some cases you’ll even see references to specific, documented security vulnerabilities.

Sometimes we’re too focussed on the new and improved features to think about security updates. We’ve been conditioned by modern technology to think that it all happens automatically…

Automatic App Updates configured on an iPhone

…or we’re too distracted by the hundreds of things clammouring for our attention that we don’t have the headspace to give security a thought.

Of course, there’s a difference between your favourite social media app being unavailable…

Late last night was the GA (general availability) of vRA 8.3. As it’s in my wheelhouse it’s probably one of the few GA announcements that I tend to write about.

In this brief post I’ll mention a couple of the changes that interest me the most. For the full list of what’s new or updated, it’s probably best to go read the release notes and try it out in your lab. Here’s a couple of links:

vRealize Automation 8.3 Release Notes

Keep up with what’s new, changed, and fixed in vRealize Automation 8.3 by reading the release notes!

VMware Logoltringali

This will be brief, as it’s really easy! What follows are the steps required to migrate an existing HashiCorp Vault server from being sealed manually using Shamir keys (the default) to using auto-unseal with an AWS KMS key.

In the previous post I covered how to configure the AWS KMS and create a key that could be used by Vault. Now we’re ready to use it.


Gather the following information before beginning:

  1. The AccessKeyId for the IAM user Vault will use…

When I started using HashiCorp Vault in anger in my lab last year, I did what a lot of people probably did:

  1. Create a Consul cluster for storage, still using a single Vault host
  2. Add another Vault host and stick a load-balancer in front of them

It’s no accident that one of VMware’s core cultural values is “Community”. It may sound twee, but I try to embody it every day in my working week as well as when I’m away from the keyboard.

It’s that sense of community, of sharing and of learning that drew me in to technology user groups over a decade ago. I’ve benefitted greatly from them and I’ve always sought to give back. Sometimes that comes in the form of amplifying or sharing messages, other times it’s sharing knowledge and experience. …


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store