TheSaffaGeek

My ramblings about all things technical


Leave a comment

VCDX Spotlight: Eric Shanks

Name: Eric Shanks

Twitter Handle: @eric_shanks

Blog URL: theITHollow.com

Current Employer: Ahead

VCDX #: 195


How did you get into using VMware?

I was at a Chicago Microsoft Users Group and a company called Altiris was speaking about virtualizing applications with their solution. The whole idea was pretty eye opening to me so when my boss suggested some enhancements to our infrastructure the virtualization concept was brought up again. After some testing we decided that VMware was the clear leader in the space so we virtualized our infrastructure on 4.0.


What made you decide to do the VCDX?

The VCDX certification was a challenge I wasn’t convinced that I could achieve, but I had to know for sure. A few other co-workers already had the credentials and I decided it was the time to find out what I was capable of doing.


How long did it take you to complete the whole VCDX journey?

The whole process took me about six months to complete. I already had my VCAP-DCA and VCAP-DCD before I decided to try the VCDX so that helped, but I left myself plenty of time to work out my design before submitting it.


What advice would you give to people thinking of pursuing the VCDX accreditation?

Talk with your family first about the endeavour. The VCDX is challenging, but more than that time consuming. Expect to spend nights and weekends working on it. The VCDX journey is personal achievement but can’t be done without some support from family, friends and co-workers.

Aside from talking with your family first, the second piece of advice I’d give is don’t be afraid to fail. This isn’t an easy challenge and many really qualified people have stumbled on it. It doesn’t mean you’re not awesome, it just means you need to tweak your design or presentation skills a bit.


If you could do the whole VCDX journey again what would you do differently?

I would have made sure to understand the defense blueprint better from the start. I felt that there were specific sections of the blueprint where I didn’t have enough things in my design to present. Specifically my design didn’t have a lot of “Security” related items so I wasn’t able to talk in depth about it in my defense. If I could have done it over I would have added an additional security requirement and supported it with my design so that I could talk about it in the defense.


Life after the VCDX?  How did your company respond?  Was it worth it?

After the process was over I was recognized at our company’s Tech Summit and given a bonus for the achievement. The feeling of a sense of accomplishment from meeting a personal goal made the process worth it.


Leave a comment

VCDX Spotlight: Scott Norris

Name: Scott Norris

Twitter Handle: @auscottnorris

Blog URL: www.virtualiseme.net.au

Current Employer: VMware

VCDX #: 201


How did you get into using VMware?

After finally scoring a server role back in 2005 I was introduced to ESX 2.5 and GSX, right then while like some kind of black magic I saw the potential and tried to be actively involved when it came to installing, configuring and supporting the platform. Later in 2009 I was leading a team 100% dedicated to VMware technologies that supported local and global accounts right up until 12 months ago when I made the jump to work for VMware.


What made you decide to do the VCDX?

The VCDX for me was my own personal challenge which I set some time ago.


How long did it take you to complete the whole VCDX journey?

This question is a difficult one to answer technically I attempted to start the journey in 2011 but unfortunately was diagnosed with Non-Hodgkin’s Lymphoma which put the brakes on for some time.

But after everything I finally found the time to complete it and restarted the journey late 2014. I was ready for PEX defence where I was accepted but was unable to get time off work. So defended in June instead, this gave me a little more time to polish off some rough bits in the design.

All up about 6 months of solid work it took to get across the line.


What advice would you give to people thinking of pursuing the VCDX accreditation?

My advice is:

· Keep the design simple, it doesn’t have to be complicated

· When it comes to the presentation take advice from people but do it your way, do what flows well to you. Just because X worked for me doesn’t mean it will for you.

· Don’t over prepare if you feel yourself losing interest or just want it to end have a couple days off kick back relax and get back into it.


If you could do the whole VCDX journey again what would you do differently?

I don’t think I would have done anything differently as far as the preparation I did, I think if anything I would have dialled back the amount I did, towards the end it was becoming a chore where its meant to be fun and something I want to do. Also I don’t advise writing a book at the same time that didn’t help at all.

Life after the VCDX?  How did your company respond?  Was it worth it?

The response from family, friends, the VMware community and work was fantastic. And for me personally was worth it. Having something to show for all the time and effort was fantastic.

As for life after, nothing has changed but I have noticed at the engagements I’m on my word has more sway than it did before, or I’m just imagining it. Either way I think VCDX will definitely open up doors which would have been shut previously but for now I’m just catching up on sleep.


Leave a comment

VCDX Spotlight: Larus Hjartarson

Name: Larus Hjartarson

Twitter Handle: @lhjartarson

Blog URL: http://vmice.net

Current Employer: Nyherji hf.

VCDX #: 192


How did you get into using VMware?

In 2010 when I worked as an IT technician a co-worker showed me vSphere 4.0 and vMotion. I remember asking him repeatedly: “So you moved the server between hardware servers while it was running and it only missed a single ping?”. After that I was hooked. Soon after that I had a chance to finish installing a test environment running vSphere 4.0, and changed jobs to a Server/VMware technician for a large (on an Icelandic scale) IT Solution Provider (Nyherji).


What made you decide to do the VCDX?

As soon as I finished the VCAP-DCA in 2013 the plan was always to go for the VCDX eventually but with no planned date. In the end of 2014, my wife finished her law degree so I presented to her a detailed plan of work required to stick to the VCDX deadline and was accepted :) (might sound strange but I can’t emphasize enough on getting your spouse on board before starting)

But the main reason was to challenge myself and get better at a job I really love doing.


How long did it take you to complete the whole VCDX journey?

It depends on when the journey started; 20 months after the first VCAP, but 4.5 years from the first VCP. But the hard work started on the home straight, when doing the VCDX documentation and defence preparation, and that took 537.5 hours in a 6 months period.


What advice would you give to people thinking of pursuing the VCDX accreditation?

Several come into mind:

-Just do it. This journey is worth all the extra hours after work, all the weekends spent drawing design diagram, all the hundreds of blog posts and installation guides read. But this will have an impact on the time you spend with your spouse, kids, family and friends. But in the end you will end up a much better architect.

-Read the blueprint and make sure to have your documentation represent the subjects from the blueprint as best you can.

-Plan each day until the defence. Plan for at least 25-30% overhead. There will be days you will not be able to tell your brain to do diagrams or work on presentations. Make sure the time off is either spent with your loved ones or to decouple from the process.
-In the last 2-3 weeks before the defence start building confidence for the things you know and your defence and presentation.

-Do not stress going into the defence, the panellist are only architects like you and are there to help you.

-Form a study group. I wouldn’t have been able to do this without a study group. And start joining a study group one VCDX defence in advance. I joined a study group for October defences in 2014 before going for the June deadline in 2015. You will learn a lot just listening to mocks and talking to like-minded people.

-Find a mentor. They will probably differ, but their feedback is invaluable.

-Know your design. I mean everything, every decision, every justification, and all alternatives to each decision and reasoning why that wasn’t taken.


If you could do the whole VCDX journey again what would you do differently?

Absolutely nothing. Things somehow fit into place perfectly and went almost exactly to plan.

Life after the VCDX?  How did your company respond? Was it worth it?

Nothing really changed in the few weeks that have passed. A pat on the back from my company but they were also very supportive during the whole journey. Yes it was worth it. :)


Leave a comment

VCDX Spotlight: Nick Bowie

Name: Nick Bowie

Twitter Handle: @nickbowienz

Current Employer: ViFX Ltd.

VCDX #: 202


How did you get into using VMware?

I’d had exposure back in the earlier days with GSX and ESX Server through David Manconi (@dmanconi), when we worked together previously. I remember he was pretty excited about it, so I figured there must be something to it ;) But I didn’t really have the opportunity to pursue it professionally until late 2009 when I became involved in a large data centre migration project which included establishing an SRM enabled ESXi 3.5 infrastructure.


What made you decide to do the VCDX?

I had heard about it through my go-to places like Yellow-Bricks, as I tried to soak up as much as I could about virtualisation. It wasn’t until I was fortunate enough to spend some time with Michael Webster (@vcdxnz001), who had just achieved his and, later in 2011, Travis Wood (@vTravWood) who was so excited to be pursuing it that I started to understand the level it represented. When I joined ViFX I realised the calibre of people I was fortunate enough to be working with and felt I really needed to lift my game.


How long did it take you to complete the whole VCDX journey?

It’s been such a gradual, incremental process it’s hard to pinpoint exactly when it started in earnest. If I measure from obtaining the VCP5-DCV in September 2012, it took almost three years. It became a realistic goal after joining ViFX in August 2013 though.


What advice would you give to people thinking of pursuing the VCDX accreditation?

It’s not a race :) Each qualifying exam (VCP, VCAP DCA/DCD) are challenging in their own rights. Focus on the immediate, realistic goals and you’ll find your capabilities grow significantly through those achievements. When you’re at the point where you can submit the design: read the blueprint. Everyone says that, and I must admit I’d get a little frustrated at hearing it so often, but it’s true. Read it, understand it as best you can and make sure you touch on all the points.


If you could do the whole VCDX journey again what would you do differently?

I’m not sure I would do it too differently. The design I based it on was light on some components of the blueprint requirements, due to certain constraints and challenges, which meant some extra work was required on my own time. While working on that project I completed a few others in between that were more “blueprint-friendly”, in BC/DR and vBCA Oracle based engagements, but this was the one I had invested myself into with the goal in mind so I was determined to use it all the way through.


Life after the VCDX?  How did your company respond?  Was it worth it?

It’s only been a week, so it’s early days yet ;) ViFX are extremely proud to have the 2nd VCDX in New Zealand, and the only one in the VMware partner space. We definitely have more VCDX’s in progress – watch this space!


1 Comment

vRA Enterprise Level Distributed Installation

Recently I was fortunate enough to design and build an enterprise level distributed installation of the vRealize Automation suite of products and integrate it into an enterprise environment. I’ve done several vRA/vCAC deployments before but each time I do a new deployment I like to collate information, read all the latest articles and make sure what worked in the past for me hasn’t changed or more likely has been enhanced so I can provide an even better deployment.

 

For those unsure of what an enterprise distributed deployment comprises of I have added a logical diagram below (click on the picture to expand it as it is fairly large)

 

vRA Logical

 

For my current deployment it was based on vRealize Automation 6.1 due to it being part of an EMC Hybrid Cloud deployment but the architecture and layout are exactly the same for 6.2. (note this is defined after collecting customer requirements based on amount of workloads, NSX load balancing and the requirement of application services so make sure you have reasons for design decisions)

 

Resources

For the resources I used, some are ones I used in the past to learn how to do an enterprise deployment and some are ones I re-read prior to this deployment. I have listed them below to save me looking for them again but also to maybe help other people:

 

– The first place anyone should start is the vRA documentation centre which has a large portion of the vRA documentation you will need to have read and at some points follow along with to do your deployment.

 

– One of the most important documents to utilise is the Installation and Configuration document. As i mentioned, I was deploying vRA 6.1 so utilised the following document from page 43 onwards.

 

– One challenge when deploying an enterprise level deployment of vRA is that you should at a minimum use internally signed certificates. For vRA if you are changing one on the components then you need to change all of them or else you will have a plethora of problems (I have spent countless hours in the past helping companies who have tried their own PoC , have only changed a few certificates and then deployed workloads that they now want to keep). For this portion I like to follow Eiad Al-Aqqad’s resources as to me they seem really straight forward and have worked really well in the past

http://www.virtualizationteam.com/cloud/vcloud-automation-center-6-certificates-a-to-z.html

http://www.virtualizationteam.com/cloud/generating-certificates-for-vcac-6-iaas-web-server-manager-service.html

http://www.virtualizationteam.com/cloud/generating-certificates-for-the-identity-appliancevcac-appliance.html

 

NB: Make sure when importing the certificate into the appliances remember to remove the bag attributes at the beginning of the PEM file and start from —BEGIN CERTIFICATE—– until ——–END CERTIFICATE————-

 

– Once you have the certificates prepared then you can start the deployments. I used the identity appliance rather than the vCenter SSO due to the identity appliance following the same upgrade schedule as all the other vRA components and in the past I have hit a few problems due to people using vCenter SSO. There are positives and negatives of using SSO so make sure you look at both options and select the correct option for your deployment. The official documentation is good but I also used Emad and Grants blogs for the deployment of the identity appliance

http://emadyounis.com/vrealize-automation/vrealize-automation-6-1-formally-vcloud-automation-center-identity-appliance-deployment-configuration/

http://grantorchard.com/vcac/implementation/vcac-6-0-virtual-appliance-installation/

 

– Next portion is the configuration of the external vPostgres database and for this I used the vRA appliance and disabled the services that were not required. For this i used the official documentation. If you don’t know how to deploy the vRA appliances then go to the next step , follow that then come back to this step (Although I do worry if you don’t know how to deploy an appliance)

http://pubs.vmware.com/vra-62/topic/com.vmware.vra.install.doc/GUID-A57BEE9C-BC0D-42D3-9ACD-E2F003E6B8F2.html

NOTE: VMware no longer recommend using an external postgres database. The 6.2 documentation has been updated to reflect this.

– Now you need to deploy the vRA appliances. This is fairly straightforward and really shouldn’t cause you any issues.

http://www.virtxpert.com/deploy-vrealize-automation-appliance-vrealize-automation-series-part-2/

http://www.virtxpert.com/configure-vrealize-automation-appliance-vrealize-automation-series-part-3/

 

– Next are the IaaS components. This is SO MUCH easier than the vCAC 4.1 days now that there is the pre-req script. The script can be found here. Before installation of the IaaS components ensure you have ntrights.exe downloaded, a windows iso attached to the virtual machine (2012 requires this but 2008 never did) and java 7u75 downloaded in an easily searchable folder (java version is correct as of this posting). For these steps I was going to break it down into a few blog postings but fellow vBrownbag member, Jonathan Frappier has done such a cracking job I recommend you follow his:

http://www.virtxpert.com/install-vrealize-automation-iaas-components-vrealize-automation-series-part-4/

http://www.virtxpert.com/install-vrealize-automation-iaas-sql-installation-vrealize-automation-series-part-5/

http://www.virtxpert.com/install-vrealize-automation-iaas-installation-vrealize-automation-series-part-6/

 

– Now that the components are installed it is time to grant permissions, create the required tenant/s for your cloud workloads apart from the default tenant and create all the business groups. Again Jonathan has broken this down brilliantly and this is what I re-read prior to my deployments

http://www.virtxpert.com/configure-vrealize-permissions-vrealize-automation-series-part-7/

http://www.virtxpert.com/add-vcenter-endpoint-vrealize-automation-series-part-8/

http://www.virtxpert.com/configure-fabric-groups-vrealize-automation-series-part-9/

http://www.virtxpert.com/adding-business-groups-vrealize-automation-series-part-10/

http://www.virtxpert.com/creating-reservations-vrealize-automation-series-part-11/

 

– Now on to the application services, adding and preparing of vSphere templates and creating entitlements so that services can be requested. Again Jonathan has covered it perfectly ( as does the official documentation that you should be following alongside these)

http://www.virtxpert.com/deploying-application-services-vrealize-automation-series-part-12/

http://www.virtxpert.com/preparing-vsphere-templates-vrealize-automation-series-part-13/

http://www.virtxpert.com/adding-blueprints-vsphere-templates-vrealize-automation-series-part-14/

http://www.virtxpert.com/creating-entitlements-vrealize-automation-series-part-15/

 

– Now for the vRO deployment as well as including NSX into vRA and installing the NSX plug-in to the vRO server. For vRO I used the windows method rather than the appliance route due to us being unable to do multi-hop WinRM using the PowerShell plugin when we need to run PowerShell scripts locally on multiple servers rather than locally on the vRO server. For this I used Sid Smith’s articles as well as the standard VMware documentation:

http://pubs.vmware.com/vsphere-60/topic/com.vmware.vrealize.orchestrator-install-config.doc/GUID-64F03876-2EAB-4DB3-A95D-89842425FF7A.html

http://dailyhypervisor.com/vrealize-automation-vcac-6-1-adding-a-vco-endpoint/

http://dailyhypervisor.com/vmware-nsx-6-1-vcac-6-1-connecting-nsx-to-vcac/

 

Troubleshooting

 

Along the way I hit a few errors and spent a fair bit of time with VMware support also on a few of them. The main ones are listed below:

 

– Received a 401 error in the Infrastructure Tab of vRA

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2110207

 

– Received a 404 error when opening the vRA portal

http://www.virtualizationteam.com/cloud/vcac-6-service-unreachable-reference-error-repo404.html

 

– Received a “Failed to retrieve form from provider” when requesting a Application Service catalog item in vRA

http://kb.vmware.com/kb/2086649

 

– Received a “Failed to retrieve form from provider” when requesting a  catalog item in vRA (this is using multi-machine rather than application services). This error is one I still have a ticket with engineering open for as what is happening is that when we do a quiesced backup of the vRO database this at times causes one of the vRO nodes to stop due to a timeout in connectivity to the database. Currently the only way fix is to start the stopped node. I will update this if/when VMware engineering give a realistic solution.

 

If you are unsure about any of the portions mentioned or want to know more, you can ask VMware Professional Services for whom I did this design and deployment or Xtravirt who are a VMware partner, to come in and help you with the design/configuration of your environment.

 

Also let me know if you think i missed something or if it helped you.

 

Gregg


Leave a comment

Four Ways Implementing a BC/DR Solution Can Help Your Small/Midsized Business

About six months ago I was approached by VMware SMB asking if i would be interested in writing a blog posting about how implementing a business continuity and disaster recover solution could help small and midsized businesses from my experiences as a senior consultant for Xtravirt. I wrote up the posting and the SMB team liked it so much they asked me if I would do a four part blog posting from the original blog posting and so I created a four part posting and the final part of the series was published yesterday. So below are links to the four blog postings and I hope  they are informative and beneficial to people. If you are unsure about any of the portions mentioned or want to know more, you can ask VMware Professional Services or Xtravirt who are a VMware partner, to come in and help you with the design/configuration of your environment.

 

Part4:  Virtual Machine Migration

 

I have also written a whitepaper for VMware SMB around the need for SMBs to rethink their virtualization infrastructure and to elaborate on a number of the features and solutions that are now available to SMB customers. Download the whitepaper to learn how these solutions can help your business and your customers.

 

Gregg


Leave a comment

VMware Introduces New Open Source Projects to Accelerate Enterprise Adoption of Cloud-Native Applications

Last week I was fortunate enough to be part of a blogger early access program covering VMware’s  announcement around two new open source projects built to enable enterprise adoption of cloud-native applications

 

– Project Lightwave, an identity and access management project that will extend enterprise-scale and security to cloud-native applications

– Project Photon, a lightweight Linux operating system optimized for cloud-native applications.

 

Below is more information about the two projects and the awesome abilities they are opening to VMware customers and the ability for cloud native applications:

 

Project Lightwave will be the industry’s first container identity and access management technology that extends enterprise-ready security capabilities to cloud-native applications. The distributed nature of these applications, which can feature complex networks of microservices and hundreds or thousands instances of applications, will require enterprises to maintain the identity and access of all interrelated components and users. Project Lightwave will add a new layer of container security beyond container isolation by enabling companies to enforce access control and identity management capabilities across the entire infrastructure and application stack, including all stages of the application development lifecycle. In addition, the technology will enable enterprises to manage access control so that only authorized users will be capable of running authorized containers on authorized hosts through integration with a container host runtime such as Project Photon. Features and capabilities will include:

  • Centralized Identity Management – Project Lightwave will deliver single sign-on, authentication, and authorization using name and passwords, tokens and certificates to provide enterprises with a single solution for securing cloud-native applications.
  • Multi-tenancy – Project Lightwave’s multi-tenancy support will enable an enterprise’s infrastructure to be used by a variety of applications and teams.
  • Open Standards Support – Project Lightwave will incorporate multiple open standards such as Kerberos, LDAP v3, SAML, X.509 and WS-Trust, and is designed to interoperate with other standards-based technologies in the data center.
  • Enterprise-ready scalability – Project Lightwave is being built with a simple, extensible multi-master replication model allowing horizontal scalability while delivering high performance.
  • Certificate authority and key management – Project Lightwave will simplify certificate-based operations and key management across the infrastructure.

 

Project Photon, a natural complement to Project Lightwave, is a lightweight Linux operating system for containerized applications. Optimized for VMware vSphere® and VMware vCloud® Air™ environments, Project Photon will enable enterprises to run both containers and virtual machines natively on a single platform, and deliver container isolation when containers run within virtual machines. Future enhancements to this project will enable seamless portability of containerized applications from a developer’s desktop to dev/test environments. Features and capabilities include:

  • Broad Container Solutions Support – Project Photon supports Docker, rkt and Garden (Pivotal) container solutions enabling customers to choose the container solution that best suits their needs.
  • Container Security – Project Photon offers containerized applications increased security and isolation in conjunction with virtual machines as well as authentication and authorization through integration with Project Lightwave enabling customers to further secure their applications to the container layer.
  • Flexible Versioning and Extensibility – An industry-first, Project Photon provides administrators and enterprise developers with extensibility and flexibility over how to best update their container host runtime by supporting both rpm for image-based system versioning, and a yum-compatible, package-based lifecycle management system, allowing for fine-grained package management.

Today, Pivotal also announced Lattice which packages open source components from Cloud Foundry for deploying, managing and running containerized workloads on a scalable cluster. Together, VMware and Pivotal will provide end-to-end cloud-native solutions from infrastructure to applications. VMware’s resilient infrastructure for cloud-native applications complements Pivotal’s Cloud Foundry application platform solutions.

To encourage broad feedback and testing from customers, partners, prospects, and the community at large, Project Photon and Project Lightwave will be released as open source projects. By open sourcing the software, developers will be able to contribute directly to the projects to help drive increased product interoperability and new features. Project Photon is available for download today through GitHub. Project Photon has been packaged as a Vagrant box so users can easily test its capabilities on any platform. The Photon Vagrant box is available for download through HashiCorp’s Atlas here. Project Lightwave is expected be made available for download later in 2015.

 

I’m really looking forward to learning more about these projects and trying them out once they are released. With the popularity of docker it’s no wonder VMware decided they needed to start integrating with the technologies.

 

Gregg

Follow

Get every new post delivered to your Inbox.

Join 75 other followers