TheSaffaGeek

My ramblings about all things technical


Leave a comment

VCAP6-CMA Design Objective 2.5 – Build Performance Requirements into the Logical Design

Knowledge

Evaluate logical performance considerations for a given vRealize Automation solution.

Performance considerations will be the number of virtual machines the solution has to provide sufficient resources for as well as future growth (20% growth over the next 3 years) . This is very much like vSphere sizing but now with the speed with which solutions can be created, modified and deleted especially if you are doing CDCI you need to also prepare for the number of continuous deployments and workflows at once. For example a DEM worker can only process 15 concurrent workflows at a time so if you are likely to be doing 60 workflows simultaneously due to the lifecycle of your machines then you are going to need at least four DEM workers to be deployed to handle this.

Performance also entails using mechanisms such as Storage DRS to automatically load balance provisioned workloads as they are requested, DRS to load balance the workloads across the hosts in the solution and performance of the vRA management components by isolating them in a management cluster, ensuring they are load balanced so one side isn’t always hit and the other is doing nothing. They don’t mention it in the tools but for this section and the exam as a whole I would recommend reading the latest vCAT documentation as well as the vRA 6.2 Reference Architecture document .

Differentiate infrastructure qualities related to performance.

Just like I have mentioned for the availability and management sections, the infrastructure quality for performance will need to be applied to certain requirements and designs decisions in the exam via drag and drop questions (I have done the exam so I am basing this on experience) . The performance infrastructure quality is defined as:

Indicates the effect of a design choice on the performance of the environment. This does not necessarily reflect the impact on other technologies within the infrastructure.

Key metrics:

  • Response time
  • Throughput

Analyze the current performance of an environment and address gaps when building a logical design.

So this is down to you deploying the vRA solution in an existing environment where there are workloads running and you need to analyse the performance of the environment to ascertain if the environment meets the performance requirements or if additional resources/another environment is required for the solution to work.

There are a number of methods to do this:

  • Get a VMware partner or VMware to run an analysis via VMware Capacity Planner to work out what your current environment is doing.
  • Use vRealize Operations Manager to give you a current state analysis as well as use historical data to work out trends and if there are month end increases in performance requirements or seasonal increases depending on the company’s business.
  • vSphere performance charts can also give you a not bad idea of what is happening if the above two aren’t possible as well as 3rd party tools.

Use a conceptual design to create a logical design that meets performance requirements.

In the conceptual design you will have defined and signed off the requirements. In these requirements there should be a number of them that apply to the performance infrastructure quality for example “The solution must be able to support the provisioning of 500 workloads a day” and “the solution must be able to service 5000 workloads with a 20% increase year on year for the next five years”

You will also have requirements where due to BC/DR requirements you will need spare capacity in the event of a failure so for example “The production workloads in Site A which makes up 20% of the 5000 workloads need to run on the secondary site in the event of a planned or emergency failover” .

Determine performance-related functional requirements based on given non-functional requirements and service dependencies.

Non-functional requirements are normally constraints imposed by the customer so for example the customer has defined you have to use existing networking in the datacentres and these are only 1GB switches which will severely impact what is possible from the solution. So if we keep to my example then having a service dependency that needs to talk to a physical SQL server where large amounts of data is transferred between the services to the database a single 1 GB link won’t be sufficient so either the service will have to be scaled down or the SQL database created as part of the service to allow inter virtual switch connectivity thereby allowing higher network throughputs.

Define capacity management practices and create a capacity plan.

For the exam they are looking for you to define this via the reservations on the compute resources to ensure capacity doesn’t run out. Fellow Xtravirt colleague Craig Gumbley has defined this nicely in relation to the VCP6-CMA blueprint

Incorporate scalability requirements into the logical design.

This has been covered above already but what they are looking for is for you to design for future growth of the environment as the number of workloads increases and/or the amount of workload requests increases. The vRealize Automation reference architecture document also gives great coverage of scalability

Determine a performance component for service level agreements and service level management processes.

I covered this in the availability section where you have done a business impact analysis and worked out what theirs RPO and RTO values are. Part of availability also ties into performance as if the solution is running so slowly that users can’t use it then the service is essentially down and SLA’s are possibly not being met.

Tools

 

 


Leave a comment

VCAP6-CMA Design Objective 2.4 – Build Manageability Requirements into the Logical Design

Knowledge

Evaluate which management services can be used with a given vRealize Automation Solution.

Management of vRealize Automation is achieved via various methods and solutions. You have management of the underlying vSphere infrastructure via the vSphere client and web client, management and monitoring of both vSphere and vRA via vRealize Operations with management packs for vRA, logging via vRealize LogInsight, change management via third part CMDB tools as well as VMware tools such as vRealize Configuration Manager and Hyperic.

There is also the standard vRA management via the vRA portal and the VAMI portals for management of the vRealize Appliances. I haven’t done the exam but based on previous exam experience I would make sure you know what tabs and options there are for all the vRA VAMI portals.

Differentiate infrastructure qualities related to management.

I partly covered this in the previous 2.3 posting, what they are likely to do from previous experience ( I have not done the exam nor the beta) is to give you a whole bunch of infrastructure qualities and you have to match them up. Manageability is all about ease of management and having the most optimal amount of manageability without impacting other infrastructure qualities or any of the requirements.

Build interfaces into the logical design for existing operations practices.

My take on what they are looking for here is that the customer you are doing the design for has existing operations practices and solutions and you need to take these into account and then design the solution to meet these. So for example if the customer has a CMDB and every time a machine is requested, built, edited and destroyed CI’s need to be passed to the CMDB to track these changes. Another example is syslogging and setting up syslog’s to go to a customer existing logging solution. Reading through the reference architecture and getting an understanding of what kinds of external solutions and services you might need to plug in to is great prep for this. Also adding the vRA management to AD,NTP,SNMP and DNS is very applicable and is required for all deployments (maybe not SNMP for every one)

Address operational readiness deficiencies.

This is where either the customers IT team who are going to look after the solution when you leave aren’t skilled up enough or they don’t have anyone to manage it at all (I’ve seen both in my experience). To fix this knowledge transfer workshops are required, or to link to the manageability infrastructure quality you simplify management as much as possible and try use their existing management mechanisms if they fit so allow easier management of the solution building on existing knowledge. You can also put it as a constraint the lack of existing knowledge to manage the solution and the risk mitigation is training of the team via formal training or learning from yourself and/or the person deploying the solution. You should also read the recommended Operational Readiness Assessment document from VMware.

Define Event, Incident and Problem Management practices.

These are where the logging of the solution and the management of the solution by tools such as vROps, LogInsight, vSphere alarms and event management via 3rd party tools such as Arcsight. The use of LogInsight and vROps is a great combination as they integrate brilliantly together and with the use of the management packs for vRA and LogInsight give amazing manageability of events, incident and problems with intelligent alarms. These can also be tracked by tools such as Service Now which is a fairly popular option for large enterprises in my experience and VMware have even written blogs about the integration http://blogs.vmware.com/management/2015/01/integrating-vrealize-automation-servicenow.html

Design a log management solution.

As mentioned above log management can be done via VMware solutions or 3rd part solutions. LogInsight is most likely the one they are going to reference in the exam seeing as it is VMware’s solution and you can get a vRA management pack for it to allow it to alert on vRA specific alerts https://solutionexchange.vmware.com/store/products/vra-6-1-log-insight-content-pack .

Determine request fulfilment and release management processes.

Request fulfilment I am taking as the fulfilment of all the required parameters to provision as service from the vRA catalogue. You would do this via the service design that you have done for each service where you have defined what parameters need to be fed in and that incorrect values aren’t inserted to ensure service requests are successful. In regards to ASD this is where you make sure the request form is using optimal selection boxes to make sure letters aren’t used where only number should be inserted and drop down lists are used so that only applicable options can be selected.

Release management would also be done in the service design document although it might be the same across all the service offerings or might differ per service offering based on the lifecycles. This would be the definition of when new blueprints are published, where they are published, who they are published to and version control.

Define change management processes based on business requirements.

Change management can be done via logging to ensure if any changes are made they are tracked, this can also be done via the Service Now method I mentioned earlier as well as change management via vRealize Configuration Manager. During design workshops you should ascertain what change management processes they need to follow and then make sure those are met via usage of API’s to the CMDB solution or logging to LogInsight or Arcsight for example.

Based on customer requirements, identify required reporting assets and processes.

Very much like above the customer will define what kind of reporting they are looking for or what you think they should be getting and then producing these reports via tools such as vROps or LogInsight. For the exam I think they are going to have certain reporting requirements given to you such as the Infrastructure manager wants to get a daily report around any alerts that were found in vRA for the past day or sent an email if an alarm is triggered in vRA.

Tools

If you think I have something wrong then please let me know as I don’t claim to know everything by any stretch.

Gregg


Leave a comment

VCAP6-CMA Design Objective 2.3 – Build Availability Requirements into the Logical Design

Knowledge

Evaluate which logical availability services can be used with a given vRealize Automation solution.

For logical availability services this comes down to making sure there are multiple instances of a component if possible and that it is load balanced either via a physical load balancer like F5 or a virtual one like NSX and it is protect via HA and DRS rules are configured for anti-affinity for hosts placement and storage placement. I did a blog posting about designing an enterprise level distributed VRA . As you can see from the diagram I have split out the vRA appliances, IaaS Managers, IaaS Web servers, DEM workers and vSphere Agents and load balanced all the management components via NSX load balancers. The exam is supposedly based on vRA 6.2 so the postgres database is now clusterable between the vRA appliances so it being on an external vRA appliance instance isn’t required anymore.

Differentiate infrastructure qualities related to availability.

This is being able to tell what things apply to what infrastructure quality. If you dn;t know what the infrastructure qualities are then they are Availability, Manageability, Performance, Recoverability and Security. A great definition and break down of what availability is has been done in a blog posting by Rene van den Bedem. This will most likely be drag and drop where you take certain pieces and place them under the different qualities.

Analyze a vRealize Automation design and determine possible single points of failure.

I think this is really self-explanatory as you need to understand how a highly available design is achieved and then pick up on any SPOF. For example if the vRA databases are on a SQL installation that isn’t clustered or protected by HA then this is a SPOF.

Determine potential availability solutions for a logical design based on customer requirements.

Availability can be achieved either via separation of components to allow resiliency in the event of one of the components failing, load balancing components to ensure services aren’t lost if one portion goes down and protection via HA or BC/DR to allow a quick MTD. Look at the vRA reference architecture for a good overview of how to design for resiliency and high availability. Also my blog posting I mentioned earlier covers it nicely if I do say so myself. There is also the two VMware articles around Configuring VMware- vRealize Automation High Availability Using an F5 Load Balancer and Configuring VMware- vCenter SSO High Availability for VMware vRealize Automation

Create an availability plan, including maintenance processes.

Here is where in an ideal world you have done a Business Impact Analysis and determined what their RTO and RPO values are and then started to work out how various design methods and solutions can ensure these SLA’s are maintained as well as maintenance windows where these SLA’s don’t apply. Rene’s posting I mentioned earlier gives a brilliant amount of ideas of what to think about to ensure availability of a solution.

Balance availability requirements with other infrastructure qualities.

This is a part of an design where you need to holistically look at the design and ensure if one decision is made it doesn’t cause impacts to requirements or other decisions and if so if it is worth keeping that method or changing the other one. For example if you are requested to provide 99.999% of availability then this is going to cost the customer a serious amount but also some high level solutions are going to be required to ensure this is met which can impact manageability if the current team don’t have the skill set to manage it once you walk out the door.

Tools

If you think I have something wrong then please let me know as I don’t claim to know everything by any stretch.

Gregg


Leave a comment

VCAP6-CMA Design Objective 1.4 – Identify Existing Business Practices and Organizational Structure

Due to my decision to aim for my VCDX6-CMA this year and thereby to get it in in time for the only VCDX-CMA defence of the year (so far) I have signed up for the VCAP6-CMA Design beta exam. I’ve been working on a very large-scale vRA 6.2 project for the past 14 months and so I hope this experience of designing and building it as well as my preparations via these objectives breakdown (plus my study resources) and using some of my VCDX5-DCV knowledge will help me. So I thought I would slowly post up each objective for my own benefit but also hopefully help other people looking to pass the VCAP6-CMA Design exam (beta or GA).I will be consolidating all the objectives on my blog page here.

Knowledge

Evaluate the customer-s current capacity requirements.

Categorize existing workloads.

  • Again this can be done via vROps and via the usage of dashboards or just via the built in categories provided by vROps. Apart from this I personally can’t see any other ways to cover this piece so if you think of anything then please do let me know.

Recognize organizational structure and governance requirements.

  • Governance for companies is a major design challenge but is also one of the biggest requirements you have to meet during a project. There are a wide range of governance policies out there from PCI to security hardening to HIPAA. For this piece I am taking it that during a design scenario the customer will mention some kind of governance they need to keep to and this decision will obviously impact how the solution is designed.
  • Organisational structure is understanding different departments and their possible requirments for separation and seeing as vRealize Business is mentioned in the study tools in the exam blueprint then the ability of vRB to do show-back and chargeback on different departments/Business Groups within vRA.

Analyze application architecture.

  • This is a lot like a previous sections requirements where you need to understand how an application is architected to meet the requirements of the application. As I mentioned this can be done via your design workshops with the application owners and via vRealize Infrastructure Navigator. Once you have an understanding this can then be mapped out in Application services or via the usage of multi-machine blueprints to name but two options. What they are going to test you on here is most likely diagrams of applications and then understanding how they are configured. Or possibly even a Visio style diagram where you have to take their text information and design the applications architecture in “AS”. Practicing doing this kind of design in Visio is a great way of practicing this skill.

VMware Recommended Tools

The VMware recommended study tools for this objective are:

If you disagree with anything I’ve said above then please let me know and if I agree (I’m always open to learning) then I will update the posting. Now onto objective 2.1.

Gregg


1 Comment

VCP6-CMA track on the EMEA #vBrownbag

Now that my VCDX defence is over and hopefully I’ve done enough to be awarded an illustrious number I can pick up my old responsibilities for the EMEA vBrownbag of which I am one of the hosts and decided that the VCP6-CMA track would be a great one to do.

african children dancing - Lets learn Some vRA goodness

We are going to be going through the blueprint in order so that it is easy to follow and watch as well if you are subscribed to the iTunes feed. So starting next week Tuesday at 7pm GMT (Clocks have changed in Europe so this is GMT not BST) we will be doing objective 1 and it is being covered by one of the co-hosts of the vBrownbag, Frank Buechsel. You can register for the series and future vBrownbag EMEA sessions via the following link https://attendee.gotowebinar.com/register/8540909933274906113 and can also subscribe to the vBrownbag YouTube channel.

 

If you are interested in covering an objective on the vBrownbag then please get touch as we are always looking for presenters.

 

Gregg


2 Comments

vRA Enterprise Level Distributed Installation

Recently I was fortunate enough to design and build an enterprise level distributed installation of the vRealize Automation suite of products and integrate it into an enterprise environment. I’ve done several vRA/vCAC deployments before but each time I do a new deployment I like to collate information, read all the latest articles and make sure what worked in the past for me hasn’t changed or more likely has been enhanced so I can provide an even better deployment.

For those unsure of what an enterprise distributed deployment comprises of I have added a logical diagram below (click on the picture to expand it as it is fairly large)

 

vRA Logical

 

For my current deployment it was based on vRealize Automation 6.1 due to it being part of an EMC Hybrid Cloud deployment but the architecture and layout are exactly the same for 6.2. (note this is defined after collecting customer requirements based on amount of workloads, NSX load balancing and the requirement of application services so make sure you have reasons for design decisions)

Resources

For the resources I used, some are ones I used in the past to learn how to do an enterprise deployment and some are ones I re-read prior to this deployment. I have listed them below to save me looking for them again but also to maybe help other people:

 NB: Make sure when importing the certificate into the appliances remember to remove the bag attributes at the beginning of the PEM file and start from —BEGIN CERTIFICATE—– until ——–END CERTIFICATE————-

NOTE: VMware no longer recommend using an external postgres database. The 6.2 documentation has been updated to reflect this.

Troubleshooting

Along the way I hit a few errors and spent a fair bit of time with VMware support also on a few of them. The main ones are listed below:

If you are unsure about any of the portions mentioned or want to know more, you can ask VMware Professional Services for whom I did this design and deployment or Xtravirt who are a VMware partner, to come in and help you with the design/configuration of your environment.

Also let me know if you think I missed something or if it helped you.

Gregg


1 Comment

Firewall Ports For Distributed vRealize Automation Deployment

On the current project I am working on for a major bank, the bank requested a list of all the firewalls ports required between all of the vRealize Automation components even if the components are part of the same VLAN and did not require any firewall rules. I looked through the  vRealize Automation Reference Architecture document but this had far less than what I had hoped for but was certainly a good starting point. I spoke to a few fellow VMware PSO and systems engineering people I know (current project I working on is as VMware PSO) and it seems there was a clear definitive list of these readily available. So I created one with the help of the consulting architect on my project Arnim van Lieshout, fellow VMware PSO consultants Greg Davis and Phil Monk and vRealize guru Grant Orchard. The solution has additional components such as IPAM,Puppet,SCOM and SCCM which I left the entries in for but are obviously not applicable to every environment.

The list is contained below in pdf format due to tables and my blog theme not liking each other and have broken them down into vRealize Automation Suite headings:

vRealize Orchestrator

TheSaffaGeek vRO Firewall ports

vRealize Automation

TheSaffaGeek vRA Firewall ports

vRealize Business

TheSaffaGeek vRB Firewall ports

I hope these help people looking to implement these solutions and if you need any professional services help then please don’t hesitate to get in contact.

Gregg