yet another tech blog
11月29日日本VMUG(VMware User Group)ミーティングでプレゼンしました。タイトルは:”塩漬け OS を如何に保護するか、VMware Cloud on AWS の仮想マシンのセキュリティを高めるには – Jonas Werner”でした。録画は以下になります。
他のセッションもいっぱいありました。もし興味ありましたらそこのレコーディングもご覧ください:https://github.com/gowatana/japan-vmug-vexpert-talks/blob/main/README.md#21-2022%E5%B9%B411%E6%9C%8829%E6%97%A5%E7%81%AB1800—2000-recording-playlist
Exporting the details from a vSphere installation can be extremely useful prior to a migration to VMware Cloud on AWS. Alternatively it can be a useful way to gather a point-in-time snapshot of a VMware environment for documentation or planning purposes. It may even provide details and insights you didn’t even know were there 🙂
Starting / stopping of a vSphere environment over SSH can be a quick and easy way to manage a lab or test environment which needs to be powered off most of the time but used sometimes for testing.
Creating an SSH key
ssh-keygen -t rsaStoring the public part of the SSH key on the ESXi hosts using SCP
scp ~/ENV/KEYS/mykey.pub root@esxi7n3:/etc/ssh/keys-root/authorized_keysFinding out the vCenter ID
for i in {1..3}; do echo "esxi7n$i ##############"; sshi root@esxi7n$i "vim-cmd vmsvc/getallvms"; done | egrep "esx|vCenter" | awk {'print$1 $2 $3$4'}Powering on the vCenter VM
sshi root@esxi7n1 "vim-cmd vmsvc/power.on 469"Entering maintenance mode (with vSAN)
for i in {1..3}; do echo "esxi7n$i ##############"; sshi root@esxi7n$i "esxcli system maintenanceMode set -e true -m noAction &"; echo ""; doneFinding vCLS VMs
for i in {1..3}; do echo "esxi7n$i ##############"; sshi root@esxi7n$i "vim-cmd vmsvc/getallvms"; done | egrep "esx|vCLS" | awk {'print$1'}Power off vCLS VM with id
sshi root@esxi7n2 "vim-cmd vmsvc/power.off 471"Shut down ESXi hosts
for i in {1..3}; do echo "esxi7n$i ##############"; sshi root@esxi7n$i "esxcli system shutdown poweroff -r=\"Work done for today\""; echo ""; doneDeploying HCX (VMware Hybrid Cloud Extensions) is considered to be complex and difficult by most. It doesn’t help that it’s usually one of those things you’d only do once so it doesn’t pay to spend a lot of effort to learn. However, as with everything it’s not hard once you know how to do it. This video aims to show how to deploy HCX both in VMC (VMware Cloud on AWS) and in the on-premises DC or lab.
It uses both the method of creating the service mesh over the internet as well as how to create it over a private connection, like DX (AWS Direct Connect) or a VPN.
A VPN cannot be used for L2 Extension if it is terminated on the VMC SDDC. In this tutorial I’ll use a VPN which is terminated on an AWS TGW which is in turn peered with a VTGW connected to the SDDC we’re attaching to.
There are many cool custom keyboard builds and I wanted to give it a go. This will document the process, parts and steps.
Some parts can be purchased and some are 3D printed. I printed these at home but there are places to order 3D printed parts from as well
The STL files for 3D printing the body and covers underneath can be found on Thingiverse here: https://www.thingiverse.com/thing:2666676
I printed in white PLA using the 0.2mm quality preset on a Prusa i3 MK3s
Trying out the fit of a few silver cherry compatible switches after having painted purple using Tamiya TS-24 model paint
For the wiring I used the diagram by Nick Green shown here.
For each row I use the diodes own wires as connectors between the keys. Solder the brown side of the diode to the key and use the black-side wire to hook up to the next key.
To connect the keys on the vertical side I use AWG22 copper wire with different colors to keep them separate more easily. AWG24 might have been better but this is what I had available at home.
I start by laying out the wire over the keys and then using a permanent marker to mark where they should have the insulation removed
Then I use a wire stripper to remove the insulation where the wire is marked. That way we can connect the same wire to multiple keys without having to cut the wire. The exposed part of the wire can also be pushed down over the key pin to get it to stay put while being soldered into place
Soldering largely done! Having some helping “hands” is highly recommended
To make soldering of the pins easier I simply push them into a breadboard for support
To avoid the hassle of soldering each Arduino pin to the keyboard wires, and also to make it easy to replace the Arduino / wires if required, I use a crimping tool and some XH connectors.
Once the wires are attached to the XH connectors they can easily be connected to the pins of the Arduino. Some velcro keeps everything nice and tidy.
I solder VCC and GND wires to the black 3.5mm audio module and attach them to the corresponding pins on the Arduino using another XH connector. The data pin attaches to D3.
The two halves can now be connected using the 3.5mm audio cable (gray in the picture)
QMK is used for the programming. The getting started guide can be found here: https://docs.qmk.fm/#/newbs_getting_started
The QMK firmware can be cloned from GitHub here: https://github.com/qmk/qmk_firmware
Keyboard layout: This is a handwired Dactyl Manuform 5×6, so the files for modifying the key layout and function can be found here: https://github.com/qmk/qmk_firmware/tree/master/keyboards/handwired/dactyl_manuform/5×6
Please adjust to the model of keyboard you are building if different from this.
After having created a custom layout (or if you just use one of the pre-existing ones), attach the keyboard over the micro-USB to USB-A cable to the computer and program it with:
qmk flash -kb <path-to-your-kbd-type> -km <your-kbd-layout>For example
qmk flash -kb handwired/dactyl_manuform/5x6 -km jwrQMK will compile and then flash your Arduino. When prompted, reset the Arduino by by shortcutting the RST and GND pins.
After having programmed the left side of the keyboard, just attach the other side and repeat the process.
LED lighting: Adding background lighting is likely the next thing I’ll do. There is good documentation for this here: https://github.com/samhocevar-forks/qmk-firmware/blob/master/docs/feature_rgblight.md
All done! Hope that was helpful and will assist with your own build!
