Archive

Archive for the ‘VMware’ Category

VMworld: Juggling and jousting, VMware’s battles for the future

August 28th, 2015 No comments

VMware’s annual love fest that is VMworld kicks off in a few days time. VMworld isn’t just any vendor conference, it has become THE central meeting place to network and trade. Due to VMware technology being ubiquitous at the heart of the data center, nearly every vendor selling to the SMB, government or enterprise partners or interoperates with VMware meaning attendees can not only gorge themselves on VMware goodies but meet and catch-up with all the other vendors they also use, a very useful one-stop-shop conference.
VMware’s community has been the social gathering ground for much of the industry so getting up to date with technology is only half the fun, catching up with Twitter friends and meeting people from across the world is often the real reason people attend. Speaking to peers often teaches you more about the real world of IT compared to any amount of vendor marketing.

The world of IT doesn’t hang around, there’s constant change in how we do things and VMware is a prime target for change as everyone wants a piece of their pie. Nowadays there are options, VMware’s hypervisor isn’t the only viable one any more, Microsoft’s Hyper-V is good enough but without the bells and whistles and KVM, based on code you can change yourself is being rejigged and added to by many companies eager to fill in its shortcomings. Speaking of bells and whistles and shortcomings, these are the things that VMware’s hypervisor excel at which has made them rich but the bells and whisles are now no longer mandatory. New apps don’t need to rely on available infrastructure, you dont HAVE to have vMotion.

VMware is seen as rich pickings on so many fronts it must feel it is fighting battles in every corner it operates but that’s a sign of healthy competition which ultimately benefits customers. The fight is not just on the private infrastructure front but every type of cloud possible and also new ways of application development. There’s a lot going on in the IT world and much to infer by what is said or even not said at VMworld!

The People Juggling

Read more…

Categories: VMware, VMworld Tags: ,

SpiceWorld presentation: vSphere 6, Big, Better, Should You Be Bovvered?

May 13th, 2015 No comments

SpiceWorld_LogoI have just had the pleasure of presenting at SpiceWorld, the conference for IT Pros put on by SpiceWorks. SpiceWorks provide software for managing your IT environment and is targeted mainly at SMBs. The software is free to use and is funded with advertising and other hook-ins from vendors so you can for example inventory your PCs and then link to HP to get warranty information or purchase more RAM. They also run a very good community forum for IT Pros to help each other with any of their issues or get recommendations on how to manage their environment.
Back to the conference, plenty of sessions on the SpiceWorks software itself but also many other sessions on other technology that IT pros use on a daily basis as well as some cool presentations on the TOR Network, Malware and the Enigma Machine.

I was asked to talk about vSphere and so of course presented on the new vSphere 6.

I went through some of the editions particularly looking at what would be interesting for SMBs, highlighting the free ESXi version to be able to get started with virtualisation for free. I went through some of the new features, everywhere vMotion, SMT-FT, Enhanced Linked Mode, new stuff with vCenter, the PSC, the VCSA and then spent some more time on Virtual Volumes, then onto install and upgrades.

The session was recorded, I will post the recording when it is available, here are the slides.

Categories: ESX, Update Manager, vCenter, VMware Tags:

London VMUG presentation: Hands on with vSphere 6.0

April 23rd, 2015 No comments

vmug-logoI had the great pleasure today of presenting at the London VMware User Group. I did a presentation called “Hands on with vSphere 6.0” where I briefly covered what’s new and then went into some of the architectural changes with the new vCenter and Platform Services Controller (PSC) and Enhanced Linked Mode.

I warned about the vast amount of incorrect information currently on the interwebs as the architecture and recommended layout changed from the Beta to the released product so make sure what you are reading is up to date. This particularly relates to VMware not recommending you run an embedded PSC if you need to link even two vCenters together but rather have an external one which requires a load balancer for true continuous availability.

I went through some of the install and upgrade steps which may mean you need to split out your vSphere 5.x SSO to an external one before upgrading to the vSphere 6 PSC. I then covered some new things related to security and how certificates are now handled with the new VMware Certificate Authority in the PSC.

Here’s a copy of the presentation.:

What’s New in vSphere 6.0: Enhanced Linked Mode

February 2nd, 2015 No comments

VMware has finally officially announced what is to be included in vSphere 6.0 after lifting the lid on parts of the update during VMworld 2014 keynotes and sessions. 

See my introductory post: What’s New in vSphere 6.0: Finally Announced (about time!) for details of all the components.

vCenter Linked Mode provides a single management overview of multiple vCenter instances.

Linked Mode also provides a single login for multiple vCenter Servers and then shows you a common inventory view and allows you to search for objects across vCenters. Licenses, roles and permissions are replicated between vCenter instances.

Linked mode has always been only available for Windows vCenters (ADAM is used as the replication engine) so you couldn’t share licenses, roles and permissions with any vCenter appliances you had.

With the release of the new Platform Services Controller in vSphere 6.0, some of the Linked Mode functionality is changing and its been given a new same.

vSphere will also now include an Enhanced Linked Mode which will require and work in conjunction with the Platform Services Controller.

image

This will not rely on ADAM but have its own replication system which is a multi-master replication technology also called VMDir based on Open LDAP which means replication now works across Windows vCenter as well as vCenter appliances.

Replication will be expanded to include Policies and Tags along with Roles and Permissions. In fact the replication engine will allow VMware to sync any kind of information between Platform Services Controllers which can then be used by vCenters and other management products. Bye bye ADAM, you won’t be missed.

What’s New in vSphere 6.0: Networking

February 2nd, 2015 No comments

VMware has finally officially announced what is to be included in vSphere 6.0 after lifting the lid on parts of the update during VMworld 2014 keynotes and sessions. 

See my introductory post: What’s New in vSphere 6.0: Finally Announced (about time!) for details of all the components.

vSphere networking hasn’t had any huge additions in this release. This is partly to be expected as VMware’s networking messaging is mainly revolved around NSX for now.

Network I/O Control (NIOC) has however had a very useful addition, you can now have Per VM and Distributed Switch bandwidth reservations. You can therefore guarantee compute as well as network resources for your critical VMs.

IPv6 has also been beefed up but this is mainly for new greenfield deployments. It’s not easy to transition from IPv4 to IPv6 so I think VMware sees IPv6 for only new deployments. You will be able to manage ESXi purely with IPv6 and iSCSI and NFS will also be supported. In the future, VMware is looking to move to IPv6 only for vSphere management but that’s a few years out, dual stack IPv4 and IPv6 will be around for a while.

Here’s what the Install for vCenter would look like with IPv6

image

What’s New in vSphere 6.0: Certificate Management

February 2nd, 2015 No comments

VMware has finally officially announced what is to be included in vSphere 6.0 after lifting the lid on parts of the update during VMworld 2014 keynotes and sessions. 

See my introductory post: What’s New in vSphere 6.0: Finally Announced (about time!) for details of all the components.

VMware is at last tackling the nightmware of managing vSphere certificates in a more holistic way. Things were relatively simple until VMware started splitting up the compoments of vSphere into multiple components each requiring their own certificate with very particular settings. VMware had released the SSL Certificate Automation Tool which at least attempted to make the installation of the certificates a little easier but it took the perseverance and excellent scripting of Derek Seaman with his certificate series to make the actual process usable.
Customer feedback regarding certificate management has repeatedly highlighted the convoluted process so VMware has finally come up with a solution they believe reduces the operational overhead of managing certificates.

VMware is included two components into the new Platform Services Controller:
The VMware Certificate Authority (VMCA). This is not just a certificate management tool but actually a full blown Certificate Authority in itself. It can provision each ESXi host and each vCenter Server and its associated services with certificates that it signs.
The VMware Endpoint Certificate Service (VECS). This is a service that will store all certificates and private keys for vCenter Server and its associated services.

This means you will no longer have to manually update each separate vCenter component, you can just store all the certs in the VECS and get vCenter to use them.
ESXi host certificates will still be stored locally on each host but can be provisioned from the VMCA.
You don’t have to use the VMCA as a certificate authority or have it in your certificate chain and can choose to use your Enterprise CA or roll your own but you will need to use the VECS to store certs and keys for vCenter.

VMware is also simplifying the number of certificates it requires for vCenter internally. vCenter 5.5 needed separate certificates for at least the following:

 6.0cert1
With vSphere 6.0 there are more components but these components are now being grouped together into what’s being called Solution Users (SU). SUs now hold the certificate for the group rather than each component.
6.0cert2
This is what it looks like in the PSC
 6.0cert3
All the certificate management will be done from a CLI. If you upgrade vCenter or hosts from ESXi 5.x, they will keep their existing certificates.
There are also a number of deployment options:
VMCA Root CA
This is where the VMCA acts as your entire certificate authority and is therefore the simplest deployment. This is the default installation. You will need to trust the VMCA in your browsers to avoid pesky certificate warnings.
Subordinate VMCA
After installation you can make the VMCA a subordinate CA to your Enterprise CA. The VMCA will then mint your certificates which makes the process simpler and itself would be trusted by your enterprise CA.
External CA
After installation, all certificates are replaced from yout Enterprise CA. VMCA will still manage the certificates but it allows you to use your existing Enterprise PKI solution.
Hybrid (VMCA & External)
You can use a hybrid model where the VMCA is created during installation and your vCenter certificates are replaced. YOu can then choose which certificates to replace from your external CA and which to have the VMCA generater. You could for example have all externally facing certificates generated from your Enterprise CA and all the internal hidden from view VMware vCenter service certificates generated by the VMCA.
At last VMware is making certificate management a little easier, to be honest it should have been there when they decided you needed a million very particular certificates for vCenter but I suppose with a rather large development organisation working on different components, common certificates wasn’t high on the priority list, I’m glad it is now.

 

Categories: ESX, vCenter, VMware Tags: , ,

What’s New in vSphere 6.0: NFS Client

February 2nd, 2015 No comments

VMware has finally officially announced what is to be included in vSphere 6.0 after lifting the lid on parts of the update during VMworld 2014 keynotes and sessions. 

See my introductory post: What’s New in vSphere 6.0: Finally Announced (about time!) for all details of all the components.

NFS has been available as a storage protocol since 2006 with ESX 3.0 and vSphere has been using NFS version 3 for all this time. There’s been no update to how NFS works.

I’ve been a massive fan of NFS since it was released. No LUNs, much bigger datastores and far simpler management. Being able to move around, back up and restore VM disk files natively from the storage array is extremely powerful. NFS datastores are by default thin-provisioned which allows you your VM admin and storage admin to agree on actual storage space utilisation.

However, good old NFSv3 has a number of limitations, there is no multi-pathing support, limited security and performance is limited by the single server head.

vSphere 6.0 introduces NFS version v4.1 to solve many of these limitations.

NFS 4.1 introduces multi-pathing by supporting session trunking using multiple remote IPs to a single session. Not all vendors will support this so best to check. You can now have increased performance from load-balanced and parallel access, with it comes better availability from path failover.

image

imageThere is improved security using Kerberos authentication. You need to add your ESXi hosts to AD and specify a Kerberos user before creating any NFSv4.1 datastores with Kerberos enabled . You then use this Kerberos username and password to authenticate against the NFS mount. All files stored in all Kerberos enabled datastore will be accessed using this single user’s credentials. You should always use the same user on all hosts otherwise vMotion and other features might fail if two hosts use different Kerberos users. NTP is also a requirement as usual when using Kerberos. This configuration can be automated with Host Profiles.

 

NFSv4.1 now allows you to use a non-root user to access files. RPC header authentication has also been added to boost security, it only supports DES-CBC-MD5 which is universal rather than the stronger AES-HMAC which is not supported by all vendors. Locking has been improved with in-band mandatory locks using share reservations as a locking mechanism. There is also better error recovery.

There are some caveats however with using NFS v4.1. NFSv4.1 is not compatible with SDRS, SIOC, SRM and VVols but you can continue to use NFSv3 datastores for these.

NFSv3 locking is not compatible with NFSv4.1. You must not mount an NFS share as NFSv3 on one ESXi host and mount the same share as NFSv4.1 on another host, best to configure your array to use one NFS protocol, either NFS v3 or v4.1, but not both.

The protocol has also been made more efficient by being less chatty by compounding operations, removing the file lock heartbeat and session lease.

All paths down handling is now different with multi-pathing support. The clock skew issue that caused an all path down issue in vSphere 5.1 and 5.5 has been fixed in vSphere 6.0 for both NFSv3 and NFSv4.1. With multi-pathing, IO can failover to other paths if one path goes down, there is no longer any single point of failure.

No support for pNFS will be available for ESXi 6.0. This has caused some confusion, best to have a look at Hans de Leenheer’s post: VSPHERE 6 NFS4.1 DOES NOT INCLUDE PARALLEL STRIPING!

Very happy to see NFSv4.1 see the light of day with vSphere for at least the multi-pathing as this caused many people to go down the block protocol route with the added complexity of LUNs, however, its a pity NFSv4.1 is not supported with VVols. I’m sure VMware must be working on this.

What’s New in vSphere 6.0: Finally Announced (at last!)

February 2nd, 2015 No comments

Series:

  1. What’s New in vSphere 6.0: Finally Announced (at last!)
  2. What’s New in vSphere 6.0: vCenter and ESXi
  3. What’s New in vSphere 6.0: Enhanced Link Mode
  4. What’s New in vSphere 6.0: Virtual Volumes
  5. What’s New in vSphere 6.0: Content Library
  6. What’s New in vSphere 6.0: Virtual Datacenter (removed from release)
  7. What’s New in vSphere 6.0: Fault Tolerance
  8. What’s New in vSphere 6.0: Cross vCenter and Long Distance vMotion
  9. What’s New in vSphere 6.0: Networking
  10. What’s New in vSphere 6.0: NFS Client
  11. What’s New in vSphere 6.0: Certificate Management

Finally, the time has come for VMware to publicly announce its latest update to version 6.0 of its ever growing virtualisation platform, vSphere.

It’s been a rather strange and somewhat convoluted journey to get to the actual announcement.

For the first time ever for VMware (kudos!), there was a very large public Beta (more than 10,000 people) but participants had to sign an NDA to join which meant they couldn’t talk about it. VMware itself then outed many of the features during keynotes and sessions at VMworld San Francisco 2014 (to the consternation and surprise of some product managers!) but still had to call the beta a Tech Preview. Pat Gelsinger himself called out the name during his keynote despite everyone else at VMware trying to keep quiet on the official name. All this left many people unsure what they could and couldn’t talk about. The apparent legal reason for not being able to officially announce vSphere 6.0 is all to do with financials. VMware didn’t want to announce a future product in 2014 as they would then be obliged to account for future earnings. So, the whole song and dance is nothing to do with technology and all to do with financial reporting, isn’t life fun!

Personally, I don’t think this was handled in the best way, fantastic to have a public beta but no point trying to strictly control the messaging with an NDA with so many people involved. Even Microsoft and Apple have more open public betas nowadays.

As of today, that’s now officially water under the bridge (although I hope they learn some things for next time). The covers have finally been lifted and VMware has officially announced vSphere 6.0

imageVMware says there are three focus areas for this vSphere release:

  1. Continue to be the best and most widely used virtualisation platform
  2. Be able to virtualise all x86 workloads. Run all today’s traditional datacenter apps however big they are such as Oracle, SAP, Microsoft Dynamics and Java and build on that foundation to run the next generation of cloud applications as part of a Software Defined Datacenter such as NodeJS, Rails, Spring, Pivotal and Hadoop
  3. Create operational efficiency at scale by reducing manual steps with mre automation

Although numbered 6.0 I would say as with vSphere 5.5, this is another evolutionary rather than revolutionary update and other than VMware’s recent cadence of a major update every two years could have been part of the vSphere 5 family. VSAN and NSX were the major new product announcements at VMworld 2013 and VMware decided to leave the big announcement infrastructure wise for VMworld 2014 to EVO:RAIL and its vCloud Air and vRealize rebranding.

As for vSphere 6.0, VMware has called this release the foundation for the Software Defined Datacenter.

image

The major new highlight as everyone knows is Virtual Volumes (VVols) which VMware has been talking about publicly since VMworld 2011 (I called vVols VMware’s revolutionary approach to storage) and  is a very significant update. VVols completely change the way storage is presented, managed and consumed and certainly for the better. Most storage vendors are on board as their software needs to be able to support VVols and they’ve been champing at the bit for VVols to be released. Talk was it was technically ready for vSphere 5.5 but VMware decided to keep it back, perhaps to let VSAN have its year in the sun and to give vSphere 6.0 something big.

image_thumb[8]

VVols may be the headliner but there’s plenty else VMware has been working on:

  • Hosts up to 480 pCPUs, 12TB RAM, 64TB data stores and 1000 VMs
  • VMs up to 128 vCPUS and 4TB RAM
  • 64 nodes in a cluster and up to 6000 VMs.
  • Per VM Storage I/O Control
  • VVols
  • NFS 4.1 with Kerberos
  • vMotion across vCenter Servers, virtual switches, and long distance
  • Fault Tolerance for Multi-Processor VMs
  • vSphere Web Client enhancements
  • Certificate Lifecycle Management via a command line interface
  • New abilities to replicate and backup to the vCHS (vCloud Air) cloud
  • Better vSphere Replication RPOs to 5 mins
  • Network IO Control VM and distributed switch bandwidth reservations
  • Multi-Site replicated content library to store VM templates, vApps, ISO Images and scripts
  • AppHA expanded support for more applications

 

Virtualisation Field Day 4 Preview: CommVault

January 8th, 2015 No comments

Virtualisation Field Day 4 is happening in Austin, Texas from 14th-16th January and I’m very lucky to be invited as a delegate.

I’ve been previewing the companies attending, have a look at my introductory post: Virtualisation Field Day 4 Preview.

CommVault

Commvault is a data company (what backup companies also now call themselves) and has previously presented at Virtualization Field Day 3 and Tech Field Day 9.

Calling Commvault just a backup company isn’t a little disparaging as their software aims to do a lot more and rather like to think of themselves as providing information management. Sure, backing up and restoring data is important but there are a lot more reasons why you need to keep a copy of your data. You may need to keep an email archive for compliance reasons, journal instant messages from your traders for legal reasons so your lawyers have evidence to sift through or securely store x-rays for a long period of time. Archives, journaling, backups, reporting, legal discovery all rolled into one. It can suck in a whole bunch of stuff from end point laptops to mobile devices across physical, virtual, cloud, database, file, email, unix, Mac and windows. It has broad reach without the dreary and clunky legacy of TSM and NetBackup and although not as sexy, simple or targeted as Veeam, can do a lot more.

Their product is called Simpana and their trick is to have a single code base for integrating the backup and information management so you only need to store one deduplicated copy to be able to do a whole lot with it. This data repository is called the Content Store. Obviously backups need multiple copies to be spread around for protection and you can do that.

Read more…

Virtualisation Field Day 4 Preview: StorMagic

January 8th, 2015 No comments

Virtualisation Field Day 4 is happening in Austin, Texas from 14th-16th January and I’m very lucky to be invited as a delegate.

I’ve been previewing the companies attending, have a look at my introductory post: Virtualisation Field Day 4 Preview.

 

StorMagic_Monogram_Black_CMYK

StorMagic has an interesting product called SvSAN which is a SAN specifically designed for remote offices which require local IT infrastructure that can’t be delivered remotely. StorMagic has previously presented at Storage Field Day 6.

Many companies need to run critical applications at what StorMagic call edge sites yet still require high availability. Think retail with PoS everywhere, manufacturing with numerous distributed sites, oil rigs, ships, manufacturing, in fact any company with a distributed geographic footprint. SvSAN can be managed centrally at scale with typically 10-10000 edge sites.

Their software runs as a VSA on vSphere or Hyper-V using local disks and can be clustered with synchronous mirroring using as little as two hosts to provide shared storage to VMs giving them HA/vMotion. You can also use it with stretched clusters. It presents an iSCSI LUN to the hypervisor and can use SSD for cache and target it to particular workloads.

Centralised management is at the cornerstone of StorMagic which you would need for the scale they support. You can deploy SvSAN across multiple sites fairly easily and quickly. The nodes can then continue to be easily managed centrally so you don’t need any local IT staff.

StorMagic doesn’t look like its going to take over the world but it has a solid use case along with a market opportunity and is price competitive. I think it needs some sort of snapshotting and could benefit from a way to replicate data back to head office for backup with some clever deduping. Interested to hear what they have to say.

Gestalt IT is paying for travel, accommodation and things to eat to attend Virtualisation Field Day but aren’t paying a penny for me to write anything good or bad about anyone.