VMworld US 2014 – The Calm Before the vStorm

For several years I have been very fortunate to attend VMworld Europe either via my company paying for the trip or in the case of last year, being able to attend as part of the vBrownbag crew and I’m very pleased to say that I will be attending this years VMworld US via the welcomed sponsorships of the vBrownbag sponsors (VMTurbo , Cisco , Brocade ,Infinio and Coho Data) for the TechTalks. Due to going as part of the vBrownbag crew VMware were gracious enough to give me a bloggers pass to cover my conference entrance fee and when I am not helping with the TechTalks or the VMunderground Open Acts i plan to blogging and tweeting away. But I am not only looking forward to going just for these reasons (certainly they are amazing enough reasons) but for several others and so I thought I would put out the reasons I’m looking forward to VMworld US and why if you haven’t booked to attend yet then why I would HIGHLY encourage you to register.

Social

142679-spongebob-square-pants-sponge-nerd

I know what you are thinking and yes there certainly are some amazing parties and there are people who sadly take it as a jolly rather than experiencing the conference but the social I am referring to is social media as well as actual human interaction with like minded people. I am sure a number of people are like me where we sit behind a computer for countless hours,then sit on our phone or tablet tweeting away to people about the latest virtualisation or related technology but have never actually met these people. In fact most of the people you tweet with are actually on the opposite side of the world but their blog posting/communities response/book/podcast/webinar or twitter response to a question you posted saved you countless hours of work or helped you get that new role or certification. Well VMworld is the perfect place to meet these people and thank them for their help, get your book signed by the author or throw the book at them if they were wrong (physical violence no matter how funny it may be from afar isn’t the answer…most of the time). This also allows you to talk about how cool the new features in vSphere 6.0 are and not get that placating nod your wife/girlfriend (husband/boyfriend for those super vWoman in the community) gives you when you get excited about it. For me the interaction and friendships I have had and made from VMworld conferences have sometimes been the best part as being able to chat to the person who wrote the book on VSAN/PowerCLI/VMware Networking for example is worth the conference fee in itself.

Sessions/Labs

The sessions,labs and announcements are brilliant and the only reason I chose social first is due to it being something not that many people think about. The sessions and labs are amazing and even though you can watch almost all the sessions (breakouts aren’t recorded) and do all the labs now via  labs.hol.vmware.com ,being able to attend the sessions for the week and hear about all the great new features and how people have taken the solutions provided by VMware and met their companies or customers requirements with them without being bothered by home life or work is an amazing learning experience. The same applies to the Hands on Labs where you can take the labs and skill up on the most recent technologies or even older ones that you might not have had the time to learn up until now. There are sessions for everyone as there are sessions where they are entry level for those people just getting into VMware technologies to advanced sessions where it is VMware engineers or product teams talking about the knitty gritty of the solutions. There are also loads of panel sessions ranging from meet the vExpert bloggers panel sessions to VCDX panel sessions where you can ask questions and learn from top vBloggers and or ask all those questions about the VCDX or the pre-requisites exams from those who have done it. If you are working for a VMware partner there is a partner day where as you guessed it, it is exclusively for partners and VMware will do sessions covering all the technologies and how they are working to make it better for partners or those selling their solutions.

TechTalks

Ok I’m probably very biased but the vBrownbag crew along with the help of our sponsors run the TechTalks from the community area where people who may not have had their sessions accepted to present at VMworld (this is not a reflection on the quality I can assure you) present about numerous different topics (no sales pitches) for ten minutes and they are streamed as well as recorded. The TechTalks have been a major success with loads of people watching the live stream, a very large number of views of the recordings and we also have a very good amount of live audience watching them. The schedule for the TechTalks is due out imminently and from having seen some of the amazing names on the list it will not disappoint.

Solutions Exchange

The solutions exchange is where all the vendors including sponsors have their stalls/booths where you can talk to them about their latest release, speak to some of their top people around possibly solutions you are looking to implement or need help fixing and even go to the VMware Expert bar. The Expert bar allows you to talk to the best people for each VMware technology and hear and see what all the new solutions from VMware can do for your business. As you would expect there are loads of freebies and competitions from all the vendors and this is the place where you can hear about that new technology and then be able to drop it in a conversation with your boss to show how on the ball you really are.

vmworld12-solutions exchange.png

General

There are also numerous activities that fall under the general banner like the VMworld party which last year had Train and Imagine dragons performing at the AT&T Park and three years ago were the Killers. There are also a number of vendor parties, parties exclusively for VCDX/vExperts and vendor excursions (brewery tours etc.) . The parties and meet ups in the evenings are amazing and if you have some self restraint and make sure you answer your phone when the wife calls, you can have an amazing time and still get the most out of the conference during the day. These are also a really great place to make new friends and even speak to some of the top names in the industry and realise they are 9 out of ten times really humble and friendly people.

If your significant other wishes to join you then there is spousetivities run by Crystal Lowe where vWidows/ partners of conference attendees can do day excursions.

Register Now!

If you haven’t registered for VMworld then I would highly recommend doing so here as it is well worth attending and if you need to justify it to your boss then why not use the VMworld letter for that. If you are attending then I would love to meet you and have a beverage with you or just chat tech. I will most likely be wearing one of my vExpert shirts or hanging around with the vBrownbag crew.

I am also planning to blog about a number of the announcements from VMworld so keep an eye out on my blog for those Smile

Gregg

Posted in vBrownbag, Virtualisation, VMware | Tagged , , , , , , | Leave a comment

VCDX Spotlight: Magnus Andersson

Name: Magnus Andersson

Twitter Handle: @magander3

Blog URL: http://vcdx56.com

Current Employer : Nutanix

VCDX #: 56

How did you get into using VMware?

I start using VMware Workstation back in 2001 and the reason was to lower the number of physical desktops i had to use at the office. Worked for a service provider and different customers required different images when joining their network for administrative purposes.

I started with server virtualization about 10 years ago.

What made you decide to do the VCDX?

The reason for giving it a try all comes down to the personal challenge to see if i had what it takes to:

· Master the technical aspect of the VMware software, Virtual Infrastructure 3 at the time I started the VCDX journey.

· Putting my thoughts and decisions on paper in a structured way.

· Stand in front of a couple of very skilful persons and explain what i have done and why.

How long did it take you to complete the whole VCDX journey?

From the time I decided to give the VCDX certification a try it took 18 months before i completed the VCDX defence. I had already completed the VCP 3.0 so my first leg was the Enterprise-Level Systems Administration Exam, which is the VCAP-DCA these days. This was back in August 2009.

What advice would you give to people thinking of pursuing the VCDX accreditation?

Don’t rush and be prepared to put a lot a hours into this certification. In addition, take time to get experience in all the areas included in the VCDX path you’re interested in. Include as much customer facing activities as possible.

It’s not about creating the best design, it’s about showing you understand the customer needs and being able to explain why you chose one kind of component over another,”

Have fun!”

If you could do the whole VCDX journey again what would you do differently?

Don’t think I would change much in the actual process but obviously in the design choices because other alternatives are available today. I would try to connect with other VCDX candidates, which I didn’t back in 2010, and join study groups or at least find someone to discuss my design with. Now, VMware also offers a VCDX mentor program, which I would definitely sign up for.

Life after the VCDX?  How did your company respond?  Was it worth it?

The VCDX journey was totally worth it, no question about that.

I think I’m a better architect now and during the certification I improved my skills to document, present and defend my thoughts. The VCDX certification was not that known in Sweden back in 2010 when I completed my first VCDX so it actually didn’t impact my daily job that much in terms of customer assignments. My company benefited from my VCDX certification a couple of times when a potential customer requested it.

After my second VCDX (Cloud) certification there was a lot more recognition via social media e.g. twitter and I was also interviewed by VMware Certification regarding my double VCDX.

Posted in Certifications, VCAP, VCDX, VMware | Tagged , , , , | Leave a comment

VCDX Spotlight: Harsha Hosur

Name: Harsha Hosur

Twitter Handle: @harsha_hosur

Blog URL: harshahosur.com

Current Employer: VCE

VCDX #: 135

How did you get into using VMware?

I started using VMware back in 2004/5 when I was working for HP. My first vMotion experience was incredible. Started designing and managing VMware environments since 2008.

What made you decide to do the VCDX?

I attended a VMUG session, which was spearheaded by Andrew Mitchell (#30) back in 2009 about VCDX. He spoke about this certification I never knew about and how there were only (at that point) 50 people in the world that had it. I wanted to be one of those who have this certification. One could call it an aspiration to be one. Like when you look at a pilot when young and think “I want to be one”.

Andrew Mitchell, Josh Odgers, Scott Lowe, Duncan Epping, Frank Denneman, Michael Webster and all the other VCDXs are the inspiration to “prove to myself” that I have what it takes to achieve this.

How long did it take you to complete the whole VCDX journey?

I did my VCP 4 in early 2009. Did my VCAPs in 2010 and again in 2012. I started working very seriously on VCDX only in 2013. I would say it was done over a year. VCDX is only the start of the journey to excellence. You never stop learning.

What advice would you give to people thinking of pursuing the VCDX accreditation?

Plan your certifications. It’s a big investment in time and effort. Don’t rush. Form a study group. Ask current VCDXs for help with mock panels. Without help from Josh Odgers and others I wouldn’t have been able to do it. Do lots of mock defence panels including design and TS scenarios. Be open to feedback. Learn from your mistakes. Be prepared to spend a lot of nights studying. I mean a lot of nights J.

Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better.

If you could do the whole VCDX journey again what would you do differently?

Injure my leg and have a head full of painkillers during my first defence J. On a serious note, I would do nothing differently. I should probably have done this a lot sooner.

Life after the VCDX?  How did your company respond?  Was it worth it?

Life hasn’t changed much, except I get to sleep a lot earlier now. And have a few new followers on twitter. My company responded well. Haven’t changed what I am doing yet. It was worth doing VCDX as it’s now given me a solid platform to learn more. VCDX is only the beginning of the journey not the destination.

Posted in Certifications, VCAP, VCDX, VMware | Tagged , , , | Leave a comment

VCAP-CID Objective 1.5 – Determine Security and Compliance Requirements for a Conceptual Design

Knowledge

Identify relevant industry security standards.

  • For security standards there are a few and for these they are normally for government,finance,military and telecommunications. There are a few standards each of these keep to and they largely overlap into the next point of compliancy. For example here in the United Kingdom there are a few cloud vendors who run community clouds where they assure they meet business impact levels and each of these levels determines the requirements for protection. A really good article straight from the UK government is here where information security is defined based on a number of criteria. A lot of government and military companies keep data in IL2 or IL3 and vSphere 4.0 and 4.1 were actually verified to meet IL3 compliancy. Recently they are still EAL4+ and FISMA certified.
  • For your conceptual design you will need to know what abstraction is required based on whatever the relevant security standard is and most likely have to sit down with the compliancy officer and determine what they feel is required for them to approve your solution meets their security standards.

Identify relevant industry compliance standards.

  • There are a number of compliance standards that are used  from various companies who process credit cards, hospitals who keep peoples personal data to companies who have to keep to specific regulations. There are a number of these and some are only applicable in specific countries but the ones I think are the most likely to be seen in a vCloud environment are:
    • Sarbanes-Oxley
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Federal Financial Institutions Examination Council (FFIEC)
    • Payment Card Industry Data Security Standard (PCI DSS)
    • International Organization for Standardization (ISO) 17799
    • National Institute of Standards and Technology (NIST)
    • International Organization for Standardization (ISO) 27001
  • A really great example of this is the Architecture Design Guide for Payment Card Industry (PCI) document by VMware. This is PERFECT in showing the kinds of things you need to keep in mind and the varying mechanisms to achieve this. The document goes much deeper than conceptual but seeing as you will have to go from conceptual to logical and then to physical it makes sense to learn it now.
  • Another great document by VMware that is mentioned on the blueprint is the Infrastructure Security: Getting to the Bottom of Compliance in the Cloud document.

Explain vCloud security capabilities.

  • This along with the two points above are covered  perfectly in appendix B of the vCAT Architecting a VMware vCloud pdf. For the conceptual design this is more around isolation and multi-tenancy but the whole of appendix B gives a great break down of the kinds of security that is possible within vCloud and the mechanisms and products that can be used to achieve this.

Identify the auditing capabilities of vCloud technologies.

  • This is the vast mechanisms such as logging,log retention, syslog shipping and firewall logging via vCNS to name but a few that are possible via vCloud. Appendix B of the vCAT covers these off really well and the retention policies mentioned in the Architecture Design Guide for Payment Card Industry (PCI) document cover off the kinds of auditing you may be requested to do. For conceptual this isn’t very applicable and I’m amazed it is actually mentioned here.

Skills and Abilities

Based on customer requirements, determine auditing requirements for a vCloud conceptual design.

  • These would be determined in design workshops and discussions with different subject matter experts within the customer around what they are looking to audit/log and if there are any compliancy standards they needs to meet. If they are a service provider who provides public cloud to the general public then there is a very good chance they have to meet PCI compliancy for example and so retain logs and do auditing to ensure security and allow retrospective inspection. For a conceptual design auditing isn’t something you would put in your “napkin” design but knowing if you need additional auditing does mean you have to design to be prepared for this in the logical and physical designs.

Based on customer requirements, determine security requirements for a vCloud conceptual design.

  • A large portion of this is the same as above as with security requirements around compliancy includes auditing also.  For example if it is a private cloud that is being designed but it is for a hospital, then HIPAA standards need to be met and so certain security measures need to be applied. For conceptual this is mainly around separation, defence in depth and usage of two factor authentication to name a few off my head. How different zones within the cloud offering are separated and secured also need to be planned for and conceptually designed.

Based on customer requirements and vShield Edge security capabilities, determine the impact to a vCloud conceptual design.

  • For this you need to know what vShield Edge is capable of doing and in what use cases each of these would be used. A perfect document that describes this is the vShield Edge Design Guide Whitepaper. The actual impact to a conceptual design is mainly that vShield Edge allows isolated virtual datacentre’s hosted on a common physical infrastructure instead of needing siloed physical infrastructures. The separation via the vShield Edge firewall is in most cases more than sufficient but knowing where physical separation is required (PCI for example) is also very important.
  • vShield Edge also provides IPSec VPN capabilities which are very important for the security of your cloud infrastructure. Knowing that the vShield edge can provide this along with NAT,Load balancing and most importantly for this section firewall capabilities via one device means you don’t need multiple devices like in a traditional multitenant design.

Explain the logging capabilities of the various VMware products.

If you feel I have covered something incorrectly please let me know as I’m learning like everyone else and I certainly don’t claim to be perfect (near it but not perfect Winking smile ). Also the vBrownbag covered the whole of objective 1 here.

Gregg

Posted in Certifications, vBrownbag, vCAC, VCAP, vCloud, Virtualisation, VMware | Tagged , , , , , , , , | Leave a comment

VCAP-CID Objective 1.4 – Determine Availability Requirements for a Conceptual Design

Knowledge

Identify availability options for management components.

  • Availability can achieved within the vCloud architecture in a number of different ways and via differing methods. I’m going to break them up into different categories and i’m not going to cover each one but if you understand the different methods I think when you are reading the vCAT or any other kind of design book you’ll be able to identify them with ease.
    • Redundancy: This is simply creating multiple instances of an important service to ensure that if one or more fail that the solution isn’t impacted by this. There are multiple examples of this but the most simple but one of the most important in my opinion is the creation and usage of multiple vCloud cells to ensure load balancing but more importantly redundancy in the event of a loss of a vCloud cell. You can also cover this further down the stack with Heartbeat in the vSphere layer(even though this has now been made end of life) ,multiple network cards from the physical networking and multiple redundant switches to multiple redundant storage processors.
    • Disaster Recovery/Failover: This is covered in a whole section in the vCAT which goes over methods of utilising products like SRM to configure disaster recovery of the management layer. For conceptual this is more about knowing what is and isn’t possible but also taking the availability requirements of the customer from a business impact analysis where it is deemed the amount of money a customer is willing to lose due to downtime and then equate this to a number of nines. The table below gives an example of the number of times compared to amount of downtime and with the larger the number of nines this will then mean more expensive solutions which you will need to advise your customer about (99.9 can be met by HA for example but 99.99 will require heartbeat and synchronise replication with QoS). For conceptual you don’t cover specific products but knowing that you will need a DR site with fast links between will cover this for example.

HA

Differentiate between management components and resource components.

  • This is simply determining what should be part of your management cluster and what should be part of your resource cluster. I think this is really straight forward as anything in your management cluster is used to provide services to you the vCloud administrator and the resource cluster/s are for your customers to provision to and is the pools of resources you configure as your provider virtual datacentres. The below image is a great example of a conceptual diagram of the management and resource clusters.

conceptual

Skills and Abilities

Explain compatibility of various vSphere high availability features with a vCloud design.

  • This is covered perfectly in appendix A of the vCAT Architecting a VMware vCloud pdf so I don’t see the need to explain it here and i think it is better if you go through that instead. The link to the online documentation centre is here 

Given customer requirements and constraints, determine appropriate customer Service Level Agreements (SLAs) for the conceptual design.

  • This is covered in more depth within objective 1.6 so we will cover this in that section.

Determine how given SLAs impact availability design decisions.

  • This is covered in more depth within objective 1.6 so we will cover this in that section.

Given customer requirements and constraints, determine how to achieve desired availability.

  • From the design workshops and requirements collecting you will have worked out what the customers requirements and constraints are and will then have to work with these to try meet them all. For this it is their availability requirements which will be as I mentioned above their permitted amount of downtime per year along with their RPO’s ,RTO’s , MTD’s and WRT’s. From this you will have to work with their constraints to design a solution that meets their requirements so for example if they have an RPO of 5 minutes for critical systems within the management cluster in the event of a site failure this cannot be achieved via SRM with vSphere replication. For the conceptual design my example isn’t applicable but knowing this kind of limitation will then mean you know conceptually what needs to be created (multiple sites with fast links that have near zero latency for multiple data service providers and storage that can achieve this)

Given customer requirements and VMware technologies, determine availability impact to the conceptual design.

  • I feel this is largely what i have mentioned above but now you are including VMware technologies limitations/capabilities into your thinking which I actually did above. You will need to know what is and isn’t possible with HA for example and how it’s can only provide a certain level of availability and is limited by the amount of restarts it can achieve at once whilst being possibly limited by priority groups.

If you feel I have covered something incorrectly please let me know as I’m learning like everyone else and I certainly don’t claim to be perfect (near it but not perfect Winking smile ). Also the vBrownbag covered the whole of objective 1 here.

Gregg

Posted in Certifications, VCAP, vCloud, Virtualisation, VMware | Tagged , , , , , , , , | Leave a comment

vCAC System Exception Error

A colleague of mine at Xtravirt, Richard Renardson was experiencing an ambiguous “System Exception” error on the requests page in the vCAC 6.0.1 portal at a very high profile customer. Upon checking the server side log it was showing an error stating that “cat_request”  does not exist. We tried a few things and looked through quite a few VMware KB articles but were unable to find anything that matched our problem.

After some troubleshooting we were able to determine what the problem was and a fix so he graciously allowed me to blog it to hopefully save someone else the time especially with vCAC becoming so popular recently. The problem seems to happen when an external database has been configured and the hstore extension is missing/has not been created and this extension is required by vCAC for the creation of tables. What we had to do in the end is to create the hstore extension in the vCAC database. The steps we followed to create the hstore extension was to :

  1. Log in to the external DB using the pgAdmin tool.
  2. Within the pgAdmin console we had to run this SQL statement to connect to the vCAC DB:
    1. \connect "YOURDBNAME";
  3. Within the pgAdmin tool we needed to create the hstore extension by running the following statement:
    1. create extension hstore;
  4. Now you just need to restart the vCAC Appliance.
  5. After a bit of a wait for it to restart fully the problem was fixed Smile

Hopefully this saves someone the time we spent on the problem

Gregg

Posted in Automation, vCAC, vCloud, VMware | Tagged , , , , , , | 1 Comment

VCDX Preparation Special

On Thursday the 22nd May the EMEA #vBrownbag which I co-host weekly, ran a VCDX Special with Rene Van Den Bedem (VCDX 133) , Craig KilbornBobby Stampfle and I. The special was an expansion of the London VMUG lightning talk that both Craig and I did on the 15th of May. The #vBrownbag session was recorded (after some early audio problems which meant we had to restart it) and the recording of the session is embedded below.

The session proved a major success and we may run another one as the amount of questions we received during and have been receiving post the session is really positive.

Gregg

Posted in Certifications, EMEA vBrownbag, vBrownbag, VCAP, VCDX, Virtualisation, VMware | Tagged , , , , | 1 Comment