HP Server software affected by HeartBleed: OA, SUM & SMH

April 16th, 2014 2 comments

Heartbleed BugThe world has been scrambling to understand and mitigate the effects of the HeartBleed SSL vulnerability.

HP has released information about which of its server management products are affected by HeartBleed.

The good news is that the following products are NOT affected.

  • Virtual Connect
  • Integrated Lights Out (iLO) 2, 3, 4
  • HP Insight Control Server Provisioning
  • System Management Homepage (SMH) HP-UX
  • HP OneView
  • Systems Insight Manager
  • NonStop SSL
  • iTP WebServer for NonStop Servers
  • Onboard Administrator for NonStop Integrity Platforms
  • HP-UX
  • OpenVMS

The following products ARE affected and as yet there are no fixes.

Check back with the linked security bulletins or sign up to get HP Security Bulletin alerts at http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

HP System Management Homepage (SMH) Linux and Windows

HPSBMU02998

The following versions are affected: 7.1.2, 7.2, 7.2.1, 7.2.2, 7.3, 7.3.1

No fix as yet, no suggestion from HP as to what to do, best not to access it then unless on a secure and isolated private management network.

If you’ve deployed HP agents to all your servers and include the SMH as is the default, get ready, you’re going to have to update all of your servers, if you thought your impact was limited, think again!

HP Onboard Administrator (OA)

HPSBMU02994

Versions 4.11 and 4.20 are affected, there is no fix as yet, the only current option is to downgrade your version.

HP Smart Update Manager (HP SUM)

HPSBMU02997

Versions 6.0.0 through to 6.3.0 are affected, HP recommend limiting HP SUM usage to a secure and isolated private management network

 

Categories: HP Tags:

HP releases Virtual Connect 4.2, adds sFlow

April 14th, 2014 1 comment

HP has a minor but recommended update for its Virtual Connect firmware to 4.20 which adds sFlow monitoring support which didn’t make it into the final Virtual Connect 4.01 along with support for a new HP Virtual Connect FlexFabric-20/40 F8 Module.

Some of the older Virtual Connect switches are being retired from a software support perspective so be aware that beginning with VC 3.70, the HP 1/10Gb VC Enet Module (399593-B22) and the HP 1/10Gb-F VC Enet Module (447047-B21) are no longer supported. Beginning with VC 4.10, the HP 4Gb VC-FC Module (409513-B21) is no longer supported.

There are quite a few fixes in this release so make sure you read the Release Notes.

There is also a serious bug to do with file permissions which means the config may not be saved so ensure you have a look at OA Customer Advisory c02639172 to see if any changes you have made may not be kept.

If you have multiple enclosures linked together, you should NOT upgrade directly from VC 2.x but rather upgrade first to 3.7 or 4.1 and then on to 4.2. This is due to a big that can cause a network outage.

You will need to use the 1.9 Virtual Connect Support Utility update the firmware which was released last September.

Categories: Flex-10, HP Tags: , ,

VMware announces Horizon View 6 taking on Citrix XenApp with RDS Hosted Apps

April 9th, 2014 No comments

VMware has announced the latest version of their End User Computing product Horizon View.

There have been 5 major changes to Horizon View:

  • RDS Hosted Apps
  • Application Catalog Enhancements
  • Cloud Pod Architecture
  • Virtual SAN Support
  • vCOPS for View 6

RDS Hosted Apps

RDS Hosted apps will allow Horizon View clients to access applications and full desktops running on Windows Remote Desktop Services Hosts. This is big news as it gives VMware a competing product to Citrix XenApp.

image

For people who know about VDI, what is the difference? Well, VDI delivers an entire desktop to a particular user. This desktop is a whole virtual machine with an OS and applications. RDS (Remote Desktop Services) means using the capabilities of Microsoft RDS (previously Terminal Services) to allow multiple users to connect to a single OS but have separate private desktop instances and applications (the server doesn’t even have to be virtual but you’d be daft not to). With RDS you can display a full desktop but can also display just an application seamlessly without all the desktop stuff around it. You don’t need as many OS instances which means better resource utilisation as well as fewer Microsoft licenses.

Read more…

Categories: Citrix, View, VMware, XenDesktop Tags: , , ,

HP charging for firmware updates is shortsighted

February 20th, 2014 No comments

HP has decided that going forward it will only provide firmware updates to customers who have a valid warranty for their equipment which normally means purchasing a support agreement or HP Care Pack.

hpfw

The server market is a tough one with low margins. IBM has decided they can’t be bothered and have flogged their x86 business to Lenovo. HP has been going through a tough time recently with widespread redundencies and is obviously under pressure both to get a handle on costs and increase revenue so is looking to ensure it can extract maximum extra value from its hardware sales.

HP’s announcement says:

This decision reinforces our goal to provide access to the latest HP firmware, which is valuable intellectual property, for our customers who have chosen to maximize and protect their IT investments. We know this is a change from how we’ve done business in the past; however, this aligns with industry best practices and is the right decision for our customers and partners.

Our customers under warranty or support coverage will not need to pay for firmware access, and we are in no way trying to force customers into purchasing extended coverage. That is, and always will be, a customer’s choice.

This is a shortsighted and misguided change which will hurt HP and is certainly not the “right decision” for their customers and partners.

Read more…

Categories: Flex-10, HP Tags: , , ,

HP updates Virtual Connect to 4.10 and OA to 4.01, adds IPv6, SR-IOV, hiding FlexNics

October 28th, 2013 2 comments

Virtual Connect

HP has released a new version 4.10 of its Virtual Connect firmware for use in HP Blade Chassis. 4.10 is a minor update compared to the release of Virtual Connect 4.01 which added major functionality.

Virtual Connect 4.10 add IPv6 functionality which requires HP Service Pack for Proliant (SPP) 2013.09.0 (B), Onboard Administrator firmware 4.01 and minimum iLO firmware of 1.30.

The ability to hide unused FlexNics from the OS has been added which is very helpful. FlexNics that don’t have a mapping to any server profile connections are not presented to the OS. This means even if you have a full complement of 8 FlexNics defined in your profile but only map 4, your OS will only see 4 Nics rather than 8.

There is a new auto-deployment feature which allows you to configure a Virtual Connect domain from a centralised location using DHCP and TFTP.

SR-IOV support has also been added for direct VM access bypassing the vSwitch on certain FLBs and mezz cards for Gen 8 servers as well as BL620c G7 and BL680c G7.

There are a number of bug fixes as well including some Cisco DAC cables reporting as “Linked/Uncertified” when they should work.

Make sure to read the Release Notes in case there is anything else that may trip you up.

There is also an updated Virtual Connect Support Utility which can be used to update the firmware.

Onboard Administrator

HP has also released an update to the Onboard Administrator firmware to 4.01 which adds IPv6 support, a few new hardware models and a list of bug fixes.

There is a problem with Emulex firmware prior to version 4.1.450.7 that can result in SmartLink otherwise known as Device Control Channel (DCC) not working with a 10Gb physical link when you have full height blades. When you upgrade the OA, you may lose network connectivity. Update the NIC firmware and look at Customer Advisory c03600027 before upgrading the OA.

Categories: Flex-10, HP Tags: , ,

HP updates its customised images for VMware ESXi 5.5/5.1

October 25th, 2013 No comments

HP has updated its ESXi customised images to reflect the recent release of ESXi 5.5 as well as its September 2013 Service Pack for Proliant.

HP’s customised images are fully integrated sets of specific drivers and software that are tested to work together. You can see the list of Driver Versions in HP supplied VMware ESX/ESXi images.

I have done an extensive update of my HP Virtual Connect Flex-10 & VMware ESX(i) pre-requisites post which includes these new customised images.

HP Custom Image for VMware ESXi 5.5.0 GA – September 2013:

HP Custom Image for VMware ESXi 5.1 Update 1 – September 2013:

The new and updated features for the HP vSphere 5.5 /5.1 customised Images for September 2013 include:

  • Provider Features
    • Report Smart array driver name and version.
    • Report SAS driver name and version.
    • Report SCSI driver name and version
    • Report Firmware version of ‘System Programmable Logic Device’.
    • Report SPS/ME firmware.
    • Added SCSI HBA Provider.
    • Report IdentityInfoType and IdentityInfoValue for PowerControllerFirmware class.
    • IPv6 support for OA and iLO.
    • Report Memory DIMM part number for HP Smart Memory.
    • Added new ‘Test SNMP Trap’.
    • Updated reporting of memory configuration to align with iLO and health Driver.
  • AMS features
    • Report running SW processes to HP Insight Remote Support.
    • Report vSphere 5.5 SNMP agent management IP and enable VMware vSphere 5.5 SNMP
    • agent to report iLO4 management IP.
    • IML logging for NIC, and SAS traps.
    • Limit AMS log file size and support log redirection as defined by the ESXi host parameter:
    • ScratchConfig.ConfiguredScratchLocation
  • Utilities features
    • HPTESTEVENT – New utility to generate test WBEM indication and test SNMP trap.
    • HPSSACLI – New utility to replace hpacucli
    • HPONCFG – HPONCFG utility, displays the Server Serial Number along with the Server Name when using hponcfg –g switch, to extract the Host System Information.
Categories: ESX, Flex-10, HP, VMware Tags: , ,

HP refreshes server management with HP OneView

September 30th, 2013 No comments

HP has announced a new product to manage HP BladeSystem and ProLiant G7/Gen 8 infrastructure called HP OneView which is due to be released in October.

HP thinks the existing way of deploying and managing servers is built on models from 20 years ago and is in need of an update. This is certainly true particularly with HP servers despite HP having a number of tools such as HP Systems Insight Manager (HP SIM), HP Virtual Connect Enterprise Manager (VCEM), HP Insight Control and HP Intelligent Provisioning.

HP OneView has been built from the ground up to simplify and speed up the server deployment and management process for servers, networking and storage. OneView runs as a self contained virtual appliance and you connect via a web browser.

HP says the user interface is a “consumer-inspired user experience” built on a “software-defined architecture” with an “open extensible platform”. HP says it has been four years in the making and has been built with the input of more than 150 of HPs biggest customers.

OneView will be a licensed product per physical server it manages starting at about £571 for a single license including three years support and updates. There will be an upgrade available from iLO Advanced, Insight Control and VCEM.

Read more…

Join me in a Google Hangout with VMware’s Joe Baguley and futurologist Paul Saffo discussing technology past, present and future

September 25th, 2013 No comments

hangoutI’ll be taking part in a Google Hangout with VMware EMEA CTO Joe Baguley and futurologist Paul Saffo tomorrow for a special VMware Google Hangout Q&A.

Joe is VMware’s EMEA CTO and a great speaker who took part in the VMworld US Day 2 keynote.

Paul is a Silicon Valley based futurologist (isn’t that a great title!) who forecasts long term change in IT. Paul moderated a panel discussion at VMworld US talking about the future of IT.

Joe and Paul will be fielding questions from a number of bloggers including myself:

With VMware recently turning 15 and with their US and EU VMworld 2013 conferences titled Defy Convention we will be discussing technology past, present and future.

We will all be live on the Hangout and would love you to join us tomorrow, Thursday 26th September at 14:30 BST / 15:30 CEST, on VMware EMEA’s Google+ page.

To join in, visit the Google+ page at this time and click on the video to start watching. You don’t need a Google account. If you’re not able to join live, the video will be available on VMware EMEA’s YouTube channel and on the VMware EMEA blog once the Hangout is over.

If you have any questions you want me to ask around IT innovation and the future of technology, leave a comment or get in touch via Twitter and I’ll try and include them.

Categories: VMware Tags:

VMworld US 2013: The Day 4 Buzz

August 29th, 2013 No comments

VMworld’s final day started a little later than the previous days to give everyone a little lie in after last night’s VMworld party at AT&T Park which was brilliant.

Today’s General Session isn’t the usual VMware announcement session but named Makers and Shakers featuring three innovators unlocking new ways to create and build.

Jay Silver was up first. Jay is a crazy innovator who is founder and director of JoyLabz and Maker Research Scientist at Intel Labs. His idea is the whole world can be made meaningfully interactive. He adds electricity to everyday objects to make fun stuff.  There is absolutely no way this can be explained in text so here is Jay doing a similar talk at TED.

 

Next up was Keller Rinaudo who is CEO of Romotive, these are the guys that make Tomo, a cheap $150 personal robot which uses a smart phone for its processing. Romo showed some new software. Again, he’s done a TED talk so you can see what he does.

 

IMG_2306 Last up was Bre Pettis, CEO of MakerBot who is a inventor, builder and open source guru. He was the guy who built MakerBot’s 3D printers and is keen on what he calls personal manufacturing. He shoed all number of home 3D printed things that can be made including amazing prosthetic robotic hands, architectural models

The Solutions Exchange wasn’t open today. I appreciate vendors and attendees are by now suffering from conference fatigue but this is also the time when people have been to their preferred sessions and labs and have some time to reflect on everything they’ve learned and can then look through the Solutions Exchange a little wiser than at the beginning of the week. I think it would be useful to still keep it open, maybe that’s something that will be looked at for future years.

VMworldTV has been out and about:

VMworld TV Exclusive Interview with VMware R&Ds Susan Gudenkauf

VMworld TV Meets VMware CTO Global Field Paul Strong

VMworldTV Checks out the Software-Defined Data Center at VMworld 2013

That’s all Folks!

Wow, what an amazing week! To attend a gathering of such interesting, passionate and engaged people is really inspiring. Sure, there are cynical people, jaded and bored by what they do. What I can see however is how IT can really be a force of change and good in the world. Sure, I appreciate that sounds wishy-washy and could easily be a quote from a politicians campaign speech but IT really is one of life’s great enablers, being able to bring real, tangible solutions to pressing problems all over the world. I’m super excited by NSX and VSAN.

Yes, we may get fed up of vendor FUD, cloud-washing, overzealous marketing people, know-it-all architects, internal company politics and rubbish procedures holding back progress but stepping back and seeing what is possible when we all get together and share is truly inspiring.

Even though we work with technology, remember, this is still very much a people business, putting together IT solutions to help people with things.

I’ve met and reconnected with an incredible bunch of people this week, too many people to mention but a whole bunch of engaging, caring, interesting and interested people so willing so share their expertise for us all to learn. Thanks to those who worked out who I was and came over to say hi. The community is truly alive!

Well, that’s the end of VMworld for me in San Francisco. Way too much to see, do and experience in way too little time but what a week!

I’m off on two weeks holiday so hopefully time to reflect and rest! See you all soon!

Categories: VMware, VMworld Tags: ,

VMworld US 2013: The Day 3 Buzz

August 29th, 2013 No comments

VMworld continues into day 3 with a noticeable slowing down of the average attendee walking pace after the festivities of the nights before! There was no keynote today with sessions starting at 8am.

I attended VMware Horizon Suite, Innovations for Storage Scalability, Performance and Data Protection by Christopher Wells and Chris Gebhardt from NetApp.

Christopher started by saying he doesn’t like load generation tools as they don’t represent reality. Vendors talk about IOPS with massive, seemingly impressive 1,000,000 IOPS figures but that doesn’t represent workloads in the real world.

All VDI decisions have implications for storage, using automated or manual pools, floating or  dedicated user assignments, linked clones, full clones, NetApp VSC clones along with all the user profile and workloads data. All these ways to create VMs and handle user data have an impact on storage and these need to factored into sizing and performance decisions. Cloning can hurt you if you don’t understand what is happening. hypervisor clones (snapshots) are the least efficient as it is 2 reads for every request as you need to read from two files and for writes, it is three writes including the metadata. All this lands up being a lot of writes and reads, 10 guest IOPS = 28 IOPS to storage. This must be considered for linked clones, its not a 1 to 1 relationship between guest IO and storage. More efficient to not copy any data and provision with storage VAAI.

Most IOPS generated are often actually user workloads and user profiles rather than the VDI image itself.

View Storage Accelerator from VMware is a host based memory cache for all types of desktops and is works transparently to the users and applications.

Christopher then went on to talk about the NetApp Virtual Storage Tier which alleviates boot and login storms. This uses a hardware Flash Cache or Flash Pools for platforms that don’t support Flash Cache.

NetApp suggest using separate volumes or Storage Virtual Machines (SVM) to separate the storage for VMs, corporate apps and user data. Use different storage capabilities and possibly disk types for each, such as not de-duping temporary data. All these SVMs for separate IOPS, capacity and availability can be managed under Cluster ONTAP.

Assessments and sizing are important for Horizon View, PoCs may not scale linearly. An example is the unexpected “lunch storm” which is when users start doing personal things during lunch and watching YouTube videos which isn’t likely captured during a PoC or with standard load testing tools. NetApp does partner with Liquidware Labs for a sizing tool.

Chris Wells then talked about User Data in Horizon Workspace. He said NetApp is a good fit for user data as it allows more users than competitors storage due to de-dupe, non disruptive operations and backup and recovery which all fits very well with Horizon Data.

NetApp will shortly have a beta coming out for SnapCreator for Horizon Workspace. I was hoping for more information about how Horizon Data integrated with NetApp for backups, recoveries & DR so will need to do some reading to work this out. Horizon Data runs as a virtual appliance which stores its data on local VM disks so it is going to be interesting to work out how this VM disk file can be managed but in a way to recover file level data.

Here’s a view of the outside chill out area.

005 004

Read more…

Categories: VMware, VMworld Tags: ,