7/4/2023 0 Comments Vsphere license key txtThis, as you could imagine, would be very bad, and lock you out of your own VMs. It’s important to note that the ESXi Host doing the encryption only request keys during certain actions, such as Host reboot, VM reboot, etc. If not, your ESXi Host will not be able to get it’s keys needed to unlock VMs, and since your KMS VM would be on that actual ESXi Host using encryption, it would not be able to get the needed keys to unlock itself. That way, if you have a power outage or any other issue that would cause your ESXi host to be unavailable, your KMS VM can boot, and supply the ESXi Host with the needed keys. When deploying a KMS solution, you always want to have the KMS setup using HA, and have redundancy by ensuring your KMS VM is on a separate cluster than your ESXi host that is doing the encryption. To give a little bit of background, my Home Lab consists of a SuperMicro Server, and an Intel NUC. You may ask, why did powering off your Home Lab accidentally cause a Virtual Machine to display a Locked Alarm? Simple, because KMS was deployed, and it was doing its job. This proved to be a very good learning experience since I was able to learn a lot during my resolution of the issue. When I did this several of my VMs were locked, even though I had powered everything back up, and my KMS was up and running. Everything was working great until I accidentally powered off my entire Home Lab. Previously I deployed a KMS solution within my VMware Home Lab.
0 Comments
Leave a Reply. |