TheSaffaGeek

My ramblings about all things technical


Leave a comment

Why do you want the #VCDX accreditation?

A recent twitter comment or should I say declaration by Craig Kilborn reminded me that I wanted to write a posting about doing the VCDX for the right reasons (Disclaimer: this is my opinion and if you disagree then that is perfectly fine). Also I am really looking forward to the posting Craig is going to put out as he was and still is one of the most prepped people I know for the VCDX defences yet sadly failed it.

image

When people come up to me at conferences or VMUG’s and chat to me about my VCDX journey and my achieving the VCDX accreditation and state they are looking to start the journey towards getting a VCDX number I always ask them one initial question: Why do you want the VCDX accreditation? The VCDX and path has been an amazing experience and learning curve for me and I know many many others and I personally feel you should do it for the cliché reason of “for the journey and not the destination” as the amount you need to learn and the breadth of not just technical skills but also public speaking, white boarding skills, stress management skills and the biggest one I had – realising how little you actually know and still need to learn is the best reason to do it. I know I ruffled a few VCDX feathers on a Geek Whisperers podcast appearance I did where I stated that getting the VCDX won’t always mean you will get a top role at VMware or get that six figure salary or automatically get that promotion. But the skills you have learnt and perfected along the way to obtaining your VCDX might bring some of those. I still believe this and if you do it for those reasons you might be disappointed once you get your number.

I use certifications to force myself to learn new technologies and for me the VCDX track was something that was going to push me to learn VMware technologies to a level only a certain amount of people globally had “proven”  this level of knowledge. What I didn’t realise was that the VCDX was going to force me to not just know VMware technologies to an expert level but also all the supporting technologies around it and how the VCDX requires people to have a very strong holistic understanding of all the technologies in a solution and how differing decisions can/would have impacts on the success of the design/solution. So even though this might sound a level that is daunting to you (it was certainly for me and to be honest it still is a work in  progress due to the ever changing landscape of IT) the amount you learn about all the supporting technologies, from people also aiming for the certification as well as the community around it is priceless and for me has been the main “prize” of doing the VCDX.

Last year October I defended a vRealize Automation design I had done in my spare time for a real world customer along with the infamous Rene van den Bedem and Andrea Siviero to hopefully obtained my VCDX6-CMA. I was ultimately unsuccessful in this attempt but gained an untold amount of experience not just from building a VCDX level design for vRA along with the required supporting documentation but again realising where there were gaps in my knowledge that needed to be filled. One of these was NSX where I knew a certain working level but in hindsight I naively  should have realised the amount NSX played a part in our solution and even though the defence was about vRA the impacts on the decisions and design we had made for NSX was a direct influencer on if the solution succeeded or failed. From this I have been up skilling on NSX and last week Friday I passed the first step in this by obtaining my VCP6-NV. I will also most likely resubmit for my VCDX6-CMA in the future because 1. I seem to be a masochist and 2. I fully believe a quote from a video I used to watch in prep for my VCDX-DCV second defence of “Pain is temporary, it may last for a minute, or an hour, or a day or even a year but it will subside, if you quit however the pain will last forever” and I can’t help myself but want to complete what I started or else I am accepting the failure. From needing to better my knowledge of NSX I have seen a direct impact and benefit to my role as a Solution Lead in Dell EMC’s Cloud Practice and the methods I learnt and used for my DCV and CMA submissions have proven untold benefit on the deliveries I have had to produce on projects I have worked on.

I’ve possibly been as clear as mud in this posting but my main personal thoughts and opinions about wanting to go for the VCDX are:

  1. Do it as it has been an amazing learning experience and continues to be for me.
  2. Don’t be afraid to fail it as for me it has been the best way to truly show me where I need to be better.
  3. Do it to be a better architect and have a more well rounded knowledge as the IT landscape is forever changing and you never know when one of those supporting technology skills will maybe get your foot in the door to a new exciting opportunity
  4. The community around the VCDX is amazing and 98% of VCDX’s are more than willing to help you along your journey but you have to take the initiative as no one is going to carry you. As Rebecca Fitzhugh a relatively recent VCDX wrote about, a good mentor never coaches you but challenges, encourages and provides “wisdom” when needed.
  5. There is a fair likelihood that once you achieve the VCDX your company and/or boss will have no idea what it really means and most recruiters are more excited about someone being a vExpert than a VCDX but the skills you learnt in the journey towards VCDX will be what might get you that new role or promotion but don’t do the certification for those reasons as you might be disappointed that not much changes initially if possibly at all once you get a VCDX number. It’s actually one of the reasons I ask “ Life after the VCDX?  How did your company respond?  Was it worth it?” in my VCDX Spotlight postings as for most the change is minor and might only happen a fair time later.
  6. There is a substantial amount of personal time and effort that goes into the journey and if you don’t use it for all the lessons along the way then once you achieve it you might be saddened by what is behind the Wizard of VCDX’s curtain.

If you are realistically aiming for the VCDX(You have the VCAp’s/VCIX in your chosen track or are on the cusp of having them) then I run a VCDXPrepGroup slack channel where people also aiming for the VCDX can work together and where we have almost a dozen VCDX mentors covering all four of the tracks. Message me and I’ll add you to the group but be warned the group won’t give you anything that will break the NDA’s and you won’t be supplied people’s VCDX submissions so you will have to put in the work, the group just provides the platform to get some valuable feedback and link you to fellow VCDX Wannabe’s.

Lastly good luck to those that defended VCDX this week (a fair few from the slack group) and for those aiming for future defences good luck on the journey.

Gregg


Leave a comment

VCAP6-CMA Design achievement unlocked

yeahbuddy

This morning on my second attempt I passed the VCAP6-CMA Design exam. For those that aren’t sure what the exam is it is the VMware Certified Advance Professional –Cloud Management & Automation Design exam. The exam is a 3 hour exam where you have to answer 23 questions consisting of a variable number of drag and drop as well as Visio style question all around vRA 6.2 design.

I’m not going to break any NDA’s around the exam so please don’t ask. What I will do however is list here what resources I found helped me the best to pass the exam this time around and will add these resources if they are not there already to my VCAP6-CMA Design study resources page and also give advice keeping to the NDA that I feel would have possibly helped me pass the first time.

  • The VMware Cloud Automation: Design and Deploy Fast Track course is really great and certainly fills in any gaps in your knowledge that you might have. I was fortunate to be able to do it due to having access from my work white labelled as VMware PSO. The course is good but if you have been doing enterprise level vRA designs for a number of years like I have it can be very slow at points!!
  • The the vRealize Automation Reference Architecture from VMware was brilliant when i started learning vRA and it is still true. One word of advice is to not only spend time learning vRA components which are obviously important but also what supporting technologies are required for certain functions and capabilities to be possible (NSX, vRB, Endpoints, vSphere etc etc) .
  • Remember the exam is currently based on vRA 6.2 so all those fancy features you get in vRA 7.x aren’t possible during the exam so you need to know how it was done previous to those features if possible at all. A great resource I used to remind myself how it was done in vRA 6.2 was to  read the reference architecture i listed above.
  • This ones a biggie and i used two different resources for it, it is the various roles in vRA and what permissions each gives you. Sam McGeown’s mindmaps were the first I used as well as Grant Orchards mindmaps. Knowing what each role does and what permissions it gives is extremely important and maps directly to VCAP6-CMA objective 4.2. Remember a good design is all about giving the least privileges possible.
  • This one I didn’t expect to have to learn as much about and ties into point number two, I read the NSX Design Guide as design objective 3.5 mentions NSX but the amount of NSX knowledge needed for the exam was certainly much more than I expected so for my second attempt i made sure I was prepared.
  • This is part of the study resources for the exam but the amount of application services weightage amazed me so make sure you have read and fully understand all the capabilities and requirements of vRealize Application Services.
  • Last one that is weighted more than I expected is machine extensibility which ties in objective 8.2.

The exam is certainly worded strangely and one bit of advice that i stumbled across during my second exam is that if the text in the question seems to be a repeat of an earlier one and the options to build it don’t match then try click the wide option for the question text and it might bring up the correct text for the question. Good luck if you are planning to take the exam and for me it’s now onto prep for my VCDX6-CMA defence in just over a week.

Gregg


Leave a comment

VCAP6-CMA Design Objective 2.5 – Build Performance Requirements into the Logical Design

Knowledge

Evaluate logical performance considerations for a given vRealize Automation solution.

Performance considerations will be the number of virtual machines the solution has to provide sufficient resources for as well as future growth (20% growth over the next 3 years) . This is very much like vSphere sizing but now with the speed with which solutions can be created, modified and deleted especially if you are doing CDCI you need to also prepare for the number of continuous deployments and workflows at once. For example a DEM worker can only process 15 concurrent workflows at a time so if you are likely to be doing 60 workflows simultaneously due to the lifecycle of your machines then you are going to need at least four DEM workers to be deployed to handle this.

Performance also entails using mechanisms such as Storage DRS to automatically load balance provisioned workloads as they are requested, DRS to load balance the workloads across the hosts in the solution and performance of the vRA management components by isolating them in a management cluster, ensuring they are load balanced so one side isn’t always hit and the other is doing nothing. They don’t mention it in the tools but for this section and the exam as a whole I would recommend reading the latest vCAT documentation as well as the vRA 6.2 Reference Architecture document .

Differentiate infrastructure qualities related to performance.

Just like I have mentioned for the availability and management sections, the infrastructure quality for performance will need to be applied to certain requirements and designs decisions in the exam via drag and drop questions (I have done the exam so I am basing this on experience) . The performance infrastructure quality is defined as:

Indicates the effect of a design choice on the performance of the environment. This does not necessarily reflect the impact on other technologies within the infrastructure.

Key metrics:

  • Response time
  • Throughput

Analyze the current performance of an environment and address gaps when building a logical design.

So this is down to you deploying the vRA solution in an existing environment where there are workloads running and you need to analyse the performance of the environment to ascertain if the environment meets the performance requirements or if additional resources/another environment is required for the solution to work.

There are a number of methods to do this:

  • Get a VMware partner or VMware to run an analysis via VMware Capacity Planner to work out what your current environment is doing.
  • Use vRealize Operations Manager to give you a current state analysis as well as use historical data to work out trends and if there are month end increases in performance requirements or seasonal increases depending on the company’s business.
  • vSphere performance charts can also give you a not bad idea of what is happening if the above two aren’t possible as well as 3rd party tools.

Use a conceptual design to create a logical design that meets performance requirements.

In the conceptual design you will have defined and signed off the requirements. In these requirements there should be a number of them that apply to the performance infrastructure quality for example “The solution must be able to support the provisioning of 500 workloads a day” and “the solution must be able to service 5000 workloads with a 20% increase year on year for the next five years”

You will also have requirements where due to BC/DR requirements you will need spare capacity in the event of a failure so for example “The production workloads in Site A which makes up 20% of the 5000 workloads need to run on the secondary site in the event of a planned or emergency failover” .

Determine performance-related functional requirements based on given non-functional requirements and service dependencies.

Non-functional requirements are normally constraints imposed by the customer so for example the customer has defined you have to use existing networking in the datacentres and these are only 1GB switches which will severely impact what is possible from the solution. So if we keep to my example then having a service dependency that needs to talk to a physical SQL server where large amounts of data is transferred between the services to the database a single 1 GB link won’t be sufficient so either the service will have to be scaled down or the SQL database created as part of the service to allow inter virtual switch connectivity thereby allowing higher network throughputs.

Define capacity management practices and create a capacity plan.

For the exam they are looking for you to define this via the reservations on the compute resources to ensure capacity doesn’t run out. Fellow Xtravirt colleague Craig Gumbley has defined this nicely in relation to the VCP6-CMA blueprint

Incorporate scalability requirements into the logical design.

This has been covered above already but what they are looking for is for you to design for future growth of the environment as the number of workloads increases and/or the amount of workload requests increases. The vRealize Automation reference architecture document also gives great coverage of scalability

Determine a performance component for service level agreements and service level management processes.

I covered this in the availability section where you have done a business impact analysis and worked out what theirs RPO and RTO values are. Part of availability also ties into performance as if the solution is running so slowly that users can’t use it then the service is essentially down and SLA’s are possibly not being met.

Tools

 

 


Leave a comment

VCAP6-CMA Design Objective 2.4 – Build Manageability Requirements into the Logical Design

Knowledge

Evaluate which management services can be used with a given vRealize Automation Solution.

Management of vRealize Automation is achieved via various methods and solutions. You have management of the underlying vSphere infrastructure via the vSphere client and web client, management and monitoring of both vSphere and vRA via vRealize Operations with management packs for vRA, logging via vRealize LogInsight, change management via third part CMDB tools as well as VMware tools such as vRealize Configuration Manager and Hyperic.

There is also the standard vRA management via the vRA portal and the VAMI portals for management of the vRealize Appliances. I haven’t done the exam but based on previous exam experience I would make sure you know what tabs and options there are for all the vRA VAMI portals.

Differentiate infrastructure qualities related to management.

I partly covered this in the previous 2.3 posting, what they are likely to do from previous experience ( I have not done the exam nor the beta) is to give you a whole bunch of infrastructure qualities and you have to match them up. Manageability is all about ease of management and having the most optimal amount of manageability without impacting other infrastructure qualities or any of the requirements.

Build interfaces into the logical design for existing operations practices.

My take on what they are looking for here is that the customer you are doing the design for has existing operations practices and solutions and you need to take these into account and then design the solution to meet these. So for example if the customer has a CMDB and every time a machine is requested, built, edited and destroyed CI’s need to be passed to the CMDB to track these changes. Another example is syslogging and setting up syslog’s to go to a customer existing logging solution. Reading through the reference architecture and getting an understanding of what kinds of external solutions and services you might need to plug in to is great prep for this. Also adding the vRA management to AD,NTP,SNMP and DNS is very applicable and is required for all deployments (maybe not SNMP for every one)

Address operational readiness deficiencies.

This is where either the customers IT team who are going to look after the solution when you leave aren’t skilled up enough or they don’t have anyone to manage it at all (I’ve seen both in my experience). To fix this knowledge transfer workshops are required, or to link to the manageability infrastructure quality you simplify management as much as possible and try use their existing management mechanisms if they fit so allow easier management of the solution building on existing knowledge. You can also put it as a constraint the lack of existing knowledge to manage the solution and the risk mitigation is training of the team via formal training or learning from yourself and/or the person deploying the solution. You should also read the recommended Operational Readiness Assessment document from VMware.

Define Event, Incident and Problem Management practices.

These are where the logging of the solution and the management of the solution by tools such as vROps, LogInsight, vSphere alarms and event management via 3rd party tools such as Arcsight. The use of LogInsight and vROps is a great combination as they integrate brilliantly together and with the use of the management packs for vRA and LogInsight give amazing manageability of events, incident and problems with intelligent alarms. These can also be tracked by tools such as Service Now which is a fairly popular option for large enterprises in my experience and VMware have even written blogs about the integration http://blogs.vmware.com/management/2015/01/integrating-vrealize-automation-servicenow.html

Design a log management solution.

As mentioned above log management can be done via VMware solutions or 3rd part solutions. LogInsight is most likely the one they are going to reference in the exam seeing as it is VMware’s solution and you can get a vRA management pack for it to allow it to alert on vRA specific alerts https://solutionexchange.vmware.com/store/products/vra-6-1-log-insight-content-pack .

Determine request fulfilment and release management processes.

Request fulfilment I am taking as the fulfilment of all the required parameters to provision as service from the vRA catalogue. You would do this via the service design that you have done for each service where you have defined what parameters need to be fed in and that incorrect values aren’t inserted to ensure service requests are successful. In regards to ASD this is where you make sure the request form is using optimal selection boxes to make sure letters aren’t used where only number should be inserted and drop down lists are used so that only applicable options can be selected.

Release management would also be done in the service design document although it might be the same across all the service offerings or might differ per service offering based on the lifecycles. This would be the definition of when new blueprints are published, where they are published, who they are published to and version control.

Define change management processes based on business requirements.

Change management can be done via logging to ensure if any changes are made they are tracked, this can also be done via the Service Now method I mentioned earlier as well as change management via vRealize Configuration Manager. During design workshops you should ascertain what change management processes they need to follow and then make sure those are met via usage of API’s to the CMDB solution or logging to LogInsight or Arcsight for example.

Based on customer requirements, identify required reporting assets and processes.

Very much like above the customer will define what kind of reporting they are looking for or what you think they should be getting and then producing these reports via tools such as vROps or LogInsight. For the exam I think they are going to have certain reporting requirements given to you such as the Infrastructure manager wants to get a daily report around any alerts that were found in vRA for the past day or sent an email if an alarm is triggered in vRA.

Tools

If you think I have something wrong then please let me know as I don’t claim to know everything by any stretch.

Gregg


Leave a comment

VCAP6-CMA Design Objective 2.2 – Map Service Dependencies

Knowledge

Evaluate dependencies for infrastructure and application services that will be included in a vRealize Automation design.

One of vRealize Automations biggest selling points is its ability to provision various services and applications be they single tier services or multi-tier services including load balancers and network isolation via NSX. When you are creating a vRealize Automation design for your customers they will have a number of services and applications in mind that they want to make available for consumption via vRA. You job and the point of this section is that you need to discovery and evaluate all of the required infrastructure and application services required.

This can either be existing infrastructure needed by the applications or due to company policies so for example if you are provisioning multiple machines to test code and then commit it back depending on the success or failure then that existing infrastructure might be something like GIT. Or it might need to be tracked via a CMDB so an existing CMDB needs to be available and able to be communicated with via the infrastructure so that it can be logged and tracked. The infrastructure may also be something that needs to be created as part of the service so something like an NSX edge to isolate a service from existing services every time they are deployed would then need to be created as part of the service.

There are various ways to do this and from my experience doing a few normally allows you to cover it pretty well. These are:

· Interviews with existing service owners to understand how it is done at present (if it is being done at present that is)

· Existing documentation around service design if available.

· Design workshops with the current users of a service offering as well as the companies IT team and project sponsors to understand what they want the vRA offering to offer.

· Via usage of VMware vCenter™ Application Discovery Manager which monitors the existing environments, applications and infrastructure and gives you an overview of what the existing services are actually connected to and using for the service. This is a brilliant tool if you have it at your disposal and can also be used in conjunction with vRealize Infrastructure Navigator.

Create Entity Relationship Diagrams that map service relationships and dependencies.

These diagrams are normally created as part of the service design document you should be creating for each service offering you are planning to make available within vRA and so that it is easier to understand what all the interdependencies are between the various components that make up the service.

Don Ward has done a brilliant blog posting all about creating these relationship diagrams and has even given examples of ones.

For the exam they are most likely going to want you to do some drag and drop or even visio style questions for these diagrams so I would make sure you practice creating these kinds of diagrams in visio or paint for applications within your own environment

Analyze interfaces to be used with new and existing business processes.

This is vRealize Infrastructure Navigator work where VIN scans the environment and gives you a mapping of all interfaces that current services are using. There’s a BRILLIANT YouTube video by VMware that covers not just this heading but also the first heading https://www.youtube.com/watch?v=Uu0bGB7bc4A

Determine service dependencies for logical components.

For service dependencies you can use VIN again as the tool to determine this. The video mentioned above gives a great example of exchange dependencies.

Include service dependencies in a vRealize Automation logical design.

Personally I like to create separate design document for each service design rather than stick it into the vRA logical design but these can be portrayed either via the relationship diagrams or via flow charts showing the dependencies along with definitions of all the required components that make up the service offering.

Analyze services to identify upstream and downstream dependencies.

Again this can be done via VIN and Application Discovery Manager where you can ascertain what is required in what order so for example you will need a SQL database instance up and running before you can deploy a web services web servers and application servers.

Navigate logical components and their interdependencies and make decisions based upon all service relationships.

I take it they are looking for you to see a whole bunch of logical components and are told of their interdependencies and for you to then put them in the correct order to ensure it is built correctly.

Tools

If you think I have something wrong then please let me know as I don’t claim to know everything by any stretch

Gregg


Leave a comment

VCAP6-CMA Design Objective 2.3 – Build Availability Requirements into the Logical Design

Knowledge

Evaluate which logical availability services can be used with a given vRealize Automation solution.

For logical availability services this comes down to making sure there are multiple instances of a component if possible and that it is load balanced either via a physical load balancer like F5 or a virtual one like NSX and it is protect via HA and DRS rules are configured for anti-affinity for hosts placement and storage placement. I did a blog posting about designing an enterprise level distributed VRA . As you can see from the diagram I have split out the vRA appliances, IaaS Managers, IaaS Web servers, DEM workers and vSphere Agents and load balanced all the management components via NSX load balancers. The exam is supposedly based on vRA 6.2 so the postgres database is now clusterable between the vRA appliances so it being on an external vRA appliance instance isn’t required anymore.

Differentiate infrastructure qualities related to availability.

This is being able to tell what things apply to what infrastructure quality. If you dn;t know what the infrastructure qualities are then they are Availability, Manageability, Performance, Recoverability and Security. A great definition and break down of what availability is has been done in a blog posting by Rene van den Bedem. This will most likely be drag and drop where you take certain pieces and place them under the different qualities.

Analyze a vRealize Automation design and determine possible single points of failure.

I think this is really self-explanatory as you need to understand how a highly available design is achieved and then pick up on any SPOF. For example if the vRA databases are on a SQL installation that isn’t clustered or protected by HA then this is a SPOF.

Determine potential availability solutions for a logical design based on customer requirements.

Availability can be achieved either via separation of components to allow resiliency in the event of one of the components failing, load balancing components to ensure services aren’t lost if one portion goes down and protection via HA or BC/DR to allow a quick MTD. Look at the vRA reference architecture for a good overview of how to design for resiliency and high availability. Also my blog posting I mentioned earlier covers it nicely if I do say so myself. There is also the two VMware articles around Configuring VMware- vRealize Automation High Availability Using an F5 Load Balancer and Configuring VMware- vCenter SSO High Availability for VMware vRealize Automation

Create an availability plan, including maintenance processes.

Here is where in an ideal world you have done a Business Impact Analysis and determined what their RTO and RPO values are and then started to work out how various design methods and solutions can ensure these SLA’s are maintained as well as maintenance windows where these SLA’s don’t apply. Rene’s posting I mentioned earlier gives a brilliant amount of ideas of what to think about to ensure availability of a solution.

Balance availability requirements with other infrastructure qualities.

This is a part of an design where you need to holistically look at the design and ensure if one decision is made it doesn’t cause impacts to requirements or other decisions and if so if it is worth keeping that method or changing the other one. For example if you are requested to provide 99.999% of availability then this is going to cost the customer a serious amount but also some high level solutions are going to be required to ensure this is met which can impact manageability if the current team don’t have the skill set to manage it once you walk out the door.

Tools

If you think I have something wrong then please let me know as I don’t claim to know everything by any stretch.

Gregg


Leave a comment

VCP6-CMA

A number of weeks ago I sat my VCP6-CMA exam (I’ve been working on my VCDX6-CMA submission hence the delay in posting this) after being told that passing one of the hopefully soon to be released VCAP6-CMA exams doesn’t automatically get you the underlying VCP6.

So with three days to go before the exam I managed to sit down and study for the exam. Now this isn’t something  would recommend and it wasn’t something I had planned but with my having been working on a very large scale vRA 6 design and deployment for the last 18 months I took a chance. The blueprint covers everything you need to know just like all the other exams and there are no tricks where things aren’t on the blueprint but in the exam.

For study resources I used everything mentioned on my VCP6-CMA page to prepare. The resources available are perfect and the Pluralsight courses as well as the ICM on demand course were integral in my preparations (albeit i had watched these quite a while ago so didn’t re-watch them due to time constraints).

The exam is extremely fair and if you have used vRA for a while either in production, test or in your lab and you learn all the parts on the blueprint around vRA and vRB then you should have no issues passing the exam.

I finished the exam with 20 minutes to spare and got a reasonable 420 out of 500. 🙂

image