SDDC in pocket – virtualization, cloud, networking, storage, devops, cloudops
VMware technologies
The GMKtec NucBox has been growing in popularity amongst the VMware community as a modern AMD Ryzen-based alternative to the Intel/ASUS NUC, offering many of the same advantages while avoiding some of the drawbacks of Intel’s Hybrid CPU architecture. In preparation for my upcoming session at […]
Looking for your Home Lab Licenses to run either vSphere Standard Edition or VCF? This article should give you what you need to know to make this happen. VCP-VCF with VMUG Advantage now ready to unlock vSphere Standard Edition or VCF!
Looking for your Home Lab Licenses to run either vSphere Standard Edition or VCF? This article should give you what you need to know to make this happen. VCP-VCF with VMUG Advantage now ready to unlock vSphere Standard Edition or VCF!
TPM is an industry-wide standard for secure cryptoprocessors. Since vSphere 6.7 VMware has supported TPM v2.0 A Trusted Platform Module (TPM) is a specialized microcontroller designed to secure hardware through integrated cryptographic keys. It is embedded […]
In this post, we’ll walk through the step-by-step process of deploying of the vSAN Witness Appliance for my Homelab’s 2-node vSAN cluster. Before we dive into the deployment, let’s quickly recap how a 2-node vSAN cluster works. Unlike larger vSAN clusters that require a minimum of three vSAN […]
The long awaited 64GB DDR5 SODIMM memory modules from Crucial was just released this week! 😁 I was so excited about the news, I quickly splurged on a pair of these brand new modules, which are currently priced at $364 USD on Amazon! 😅💰 As of publishing this blog post, there is currently no […]
Unlock mini PCs with 128 GB RAM. The new Crucial 128 GB SODIMM RAM modules have officially been released and you can find them now online
VCF is a powerful platform designed to simplify the deployment of vSphere, NSX and the Aria product family. This is both a blessing and a curse. On the one hand, the Cloudbuilder and SDDC Manager significantly simplify deployment, but this also takes away a certain […]
Managing encryption across multiple ESXi hosts can be a bit of a hassle. But don’t worry. I’ve got a simple PowerCLI script that’ll save you time and headaches by quickly retrieving encryption status and recovery keys from your VMware environment.
Ensuring your ESXi hosts are correctly encrypted is essential for security. Regular checks help prevent surprises later, especially during troubleshooting or audits.
First, make sure you’re connected to your vCenter:
Connect-VIServer -ServerReplace with your vCenter IP or FQDN.
Here’s a quick rundown of the PowerCLI script to verify encryption settings across all ESXi hosts and who Recovery key for each ESXi host. (link to GitHub repository and file tpm_recovery_key_backup.ps1):
# Connect to your vCenter server (if not already connected)
# Connect-VIServer -Server <VCENTER_IP_OR_FQDN>
$esxis = get-vmhost | Sort-Object
foreach ($esx in $esxis) {
$key= @()
$enc = @()
if ($esx.ConnectionState -ne "Connected" -and $esx.ConnectionState -ne "Maintenance") {
Write-Host ""
Write-Host "================================================================================" -ForegroundColor Yellow
Write-Host "🚫 SKIPPED HOST" -ForegroundColor Yellow
Write-Host "Host : $($esx.Name)" -ForegroundColor DarkYellow
Write-Host "Reason : Not powered on or disconnected." -ForegroundColor DarkYellow
Write-Host "================================================================================" -ForegroundColor Yellow
Write-Host ""
continue
}
$esxcli = Get-EsxCli -VMHost $esx -V2
try {
$key = $esxcli.system.settings.encryption.recovery.list.Invoke()
$enc = $esxcli.system.settings.encryption.get.Invoke()
Write-Host "================================================================================" -ForegroundColor DarkCyan
Write-Host "🔹 ESXi Host : $($esx.Name)" -ForegroundColor Cyan
Write-Host "🔐 Recovery ID : $($key.RecoveryID)" -ForegroundColor Green
Write-Host "🗝️ Recovery Key : $($key.Key)" -ForegroundColor Yellow
Write-Host "🔒 Encryption Mode : $($enc.Mode)" -ForegroundColor Magenta
Write-Host "================================================================================" -ForegroundColor DarkCyan
Write-Host ""
}
catch {
Write-Host ""
Write-Host "================================================================================" -ForegroundColor DarkGray
Write-Host "❌ ERROR for host : $($esx.Name)" -ForegroundColor Red
Write-Host "⚠️ Failed to get encryption key for $($esx.Name) ."
Write-Host "🧨 Error details : $_"
Write-Host "================================================================================" -ForegroundColor DarkGray
Write-Host ""
}
}
This quick script helps you stay on top of ESXi encryption keys effortlessly. Just copy, adjust if needed, and run. Happy scripting!
See how Docker NFS Mount can provide shared storage for your Docker containers in home lab environments.
Join Leonid FR, 3/14, for a @VMware{code} CMTY Call. 101 on using vRO tool, at 11am Pacific. Register here – Come one, come all! https://broadcom.zoom.us/meeting/register/ilVI-dH3TSCSRp6BSp6t9A#/registration
