My Software Defined Data Center

So, this is VMworld 2018 and allthough it is just starting today for the Keynote and a lot of sessions, we have already done a lot. This blog will cover the general session, but also a smal recap of the day before.

Yesterday we started of early with an NSX Executive Breakfast. In a small session, with some nice food, we were informed of all things Virtual Cloud Network.

On stage were:

– Chris Hill ( from the PSO organization)
– Tom Corn (the AppDefense man)
– Sanjay Uppal (the man who started Velocloud)
– Shawn Toldo (Vice President, WW Solution Partners at VMware)
– Tom Gillis (Head of the NSBU)

We have heard a lot of information about how NSX is booming and that the developments on all products in the portfolio are being developed in a great way. Good discussions about how we, as partners, can leverage VMware to further spread the NSX-word.

After the NSX breakfast we had a meeting with Madhura Limaye (Senior Product Marketing Manager at VMware) and Francis Chow (Sr. Director, Strategy, Planning & Operations, Storage and Availability Business Unit) about developments with vSAN and to have a discussion about positioning vSAN at our customers.

The afternoon was filled with an NSX-T workshop where we were treated to a four hour session with content that is usually delivered in 5 days. Very interesting stuff!

After the day, we had a great dinner with all PQR customers, before we head to the Rubrik party at Ocana.

Today it’s Keynote day and I am really excited about that.

Opening was Jean-Pierre Brulard, the General Manager for VMware EMEA saying happy 20th birthday. After some nice words from Jean-Pierre about the community it was time for him to introduce VMware’s CEO Pat Gelsinger.

Pat talked about the history of ESX, being able to provisioned new servers in minutes in stead of weeks, through compute virtualization. “Bridging Accross” as a theme to VMware’s development during the years, where workspace and networking were virtualized as well.

Pat announced the fact that VMware is a carbon neutral company, two years ahead of schedule. Impressive!

He also discussed the Tech Superpowers

• Cloud
• Mobile
• AI/MI
• Edge/IoT

As separate entities they are great, but combined they become faboulous.

The VMware Vision hasn’t changed in the last couple of years and that might seem like a bad thing, but it is the absolute opposite. It is impressive that the company had the vision 5 years ago and has gone to fill this with products and thus creating their vision.

Security is broken, chasing bad is not a good way to secure your data. Turn it around and ensure that your applications are behaving the way they should. Ensuring Good!

Announcments in this area:

• vCloud Suite Platinum, combining vSphere and AppDefense and the vCloud Suite. Like burgers and fries, burgers being compute virtualization and the fries are security.
• Adaptive Microsegmentation, learn the behaviour, lock the application and adapt the security to this behaviour. Learn-Lock-Adapt!

Pat then announced Ray O’Farrel, the Chief Talking/Technology Officer to get a demonstration of vSphere Platinum. Using Machine Learning to secure the application. One button security through vSphere Platinum.

Every company is on a cloud journey. Being it private, hybrid or public, but VMware is at the heart of this, for all building blocks in there.

VMware Cloud Foundation is the combination of the Software Defined Infrastructure ánd the needed management and deployment of these building blocks.

VCF 3.5 is announced.

IBM Cloud has been around for two years. One of IBM’s executive is asked on stage to discuss this and to talk about the Red Hat acquisition.

IBM announcing: Mission Critical Cloud. Fully managed within multi availability zones.

After this Pat takes is to the on-premises and public options for the native AWS services. This is really cool, the location of the service is irrelant.

Cloud is no longer a place, but an operating model.

Project Dimension delivers cloud simplicity to Data Center and Edge.  Beta program is available as of today!

CloudHealth has been acquired by VMware and within PQR we are already looking at this for our new Cloud Brokering Service. Very cool stuff!

Now the cool stuff begins 😉 with Virtual Cloud Networking. VMware is used for 80 million switch-ports, 10 times more than the number 2.

A couple of demo’s being performed by Certified Smart Guy: Ray O’Farrell, starting of with showing IBM Cloud’s combination of Watson and NSX, where microsegmentation is used to secure workloads. Second demo is utilizing NSX to recover from a disaster in the on-premises data center and using VMC for this.

New feature on VMC: Elastic vSAN, expanding storage using native public cloud functionality.

Next demo: CloudHealth where you can get a nice view of where your Cloud-spend is going, with a lot of insight and detail in there. Also the ability to get recommendations for cost savings. Impressive stuff.

And furthermore the announcement that VMware has acquired Heptio.

 

Na het succes van de vEUC TechCon, ontstond het idee om een vergelijkbaar evenement te houden over “Networking & Security” én over “Management & Automation” op het gebied van de VMware portfolio.

Een aantal collega’s van vooraanstaande partners op deze gebieden is dan ook, in samenwerking met VMware gestart met de organisatie van twee technische conferenties om deze onderwerpen te belichten.

En zodoende houden we op 25 september een vNS TechCon en op 26 september een vMA TechCon. Beide evenementen worden gehouden in Inn Style in Maarssen en deelname is gratis! Voor vervoer vanaf het station in Maarssen wordt gezorgd, voor de deelnemers die met het openbaar vervoer komen.

vNS TechCon

Samen met Martijn Smit (lostdomain.org), Marco van Baggum (vmbaggum.nl) en Robert Kloosterhuis (thefluffyadmin.net) ben ik betrokken bij de inhoudelijke organisatie van de vNS TechCon en ik moet zeggen, ik ben bijzonder enthousiast over het programma wat we hebben opgesteld.

Er is voor elk wat wils. Voor de mensen die nieuw zijn op het gebied van Networking & Security, wordt er begonnen met een overzicht van Virtual Cloud Network. Een nieuwe VMware bundeling van producten en oplossingen die end-to-end networking naar het volgende niveau brengt. Maar ook voor doorgewinterde specialisten is het interessant om geïnformeerd te raken over de koers en visie van VMware op het gebied van Networking & Security.

Er wordt daarnaast aandacht besteed aan een relatief nieuwe acquisitie van VMware, namelijk NSX SD-WAN by VeloCloud (ook onderdeel van Virtual Cloud Network). Een interessante nieuwe propositie, in de tijd dat goedkope internet verbindingen snel en stabiel zijn en een serieuze vervanger (of aanvulling) kunnen zijn voor traditionele WAN-verbindingen. Daarnaast biedt NSX SD-WAN de mogelijkheid om veilige en snelle verbindingen te maken naar Cloud-providers.

Eén van de grootste uitdagingen in een implementatie van NSX Data Center (de nieuwe naam voor wat vroeger enkel NSX heette), is de wijze waarop microsegmentatie moet worden toegepast. Hoe bepaal je welke datastromen er in je omgeving bestaan en hoe maak je op de beste manier regels om er voor te zorgen dat enkel de benodigde datastromen worden toegestaan. Hier wordt een sessie aan gewijd, met ervaringen uit de praktijk.

Om inzicht te geven in de manier waarop virtuele switching en routing “onder de motorkap” functioneert, hebben we een sessie toegevoegd waar een deep dive wordt gegeven op dit gebied. Erg interessant, ook voor mensen die vooral in de “fysieke” netwerk-wereld actief zijn. Hoe zorgt NSX er nou voor dat een pakketje op de meest optimale wijze van A naar B wordt getransporteerd en hoe werkt de virtuele wereld samen met de fysieke.

En als laatste sessie van de dag, vlak voor we aan de borrel gaan, gaan mijn collega Viktor van den Berg en ikzelf in op de manier waarop Networking & Security kan worden aangestuurd met behulp van automation. Zeker in de huidige tijd een bijna onmisbare schakel om organisaties snel te kunnen laten reageren op de markt.

Oh ja en dan was ik nog bijna vergeten (nee, niet echt natuurlijk ;)) om te vermelden dat ook de keynote spreker er zeker één is die je eigenlijk niet mag (wil) missen. Joe Baguley (Vice President en CTO EMEA bij VMware) is een inspirerende en charismatische spreker. Ik heb een aantal van zijn sessies mee mogen maken en ik kijk er nu al naar uit om hem als keynote-spreker op de vNSTechCon te mogen aanschouwen.

Ik denk dat we een programma hebben neergezet wat voor elk wat wils biedt. Ik nodig je dan ook graag uit om te kijken op www.vnstechcon.nl voor meer informatie of om je te registeren.

vMA TechCon

Voor vMA TechCon zijn Olivier Bootsma (automate-it.today), Dimitri de Swart, Erik Scholten (beiden actief op vmguru.com) en Viktor van den Berg (viktorious.nl) betrokken bij de inhoudelijke organisatie. En ook zij hebben een zeer interessante agenda opgesteld.

Ook op de vMA TechCon hebben we te maken met een keynote-spreker die zijn naam en faam op het gebied van Management & Automation ruimschoots verdiend heeft. Jad El-Zein (virtualjad.com, CMBU Office of the CTO bij VMware), is iemand die op het gebied van Automation eigenlijk geen nadere introductie behoeft. Het is dan ook een voorrecht dat hij komt om de keynote-sessie te verzorgen op de vMA TechCon.

Ook op de vMA Techcon is er voor elk wat wils. Er wordt ook hier gestart met een overzicht van de mogelijkheden van Automation. Voor mensen die inzicht willen krijgen in de manier waarop de verschillende componenten met elkaar samenwerken, maar ook voor mensen die al wat meer ervaring op dit gebied hebben, om in zicht te krijgen in de verdere mogelijkheden van automation.

Voor de “next step” op het gebied van automatisering van de automatisering, wordt er gekeken naar “Infrastructure as Code”. Een relatief nieuwe, maar zeer interessante ontwikkeling waarin alle componenten in een infrastructuur op een programmatische wijze kunnen worden aangestuurd en geconfigureerd. De interoperabiliteit met verschillende platformen is hierbij zeer belangrijk. Zeker een sessie om niet te missen.

Een aantal andere sessies worden nog nader ingevuld, maar ook hier belooft de agenda boordevol te zitten met interessante onderwerpen. En ook hier eindigen we de dag met een borrel.

Al met al genoeg redenen om beide events te bezoeken. Kijk voor meer informatie en om je in te schrijven op vNS TechCon en vMA TechCon en hopelijk zie ik je op (een van) beide dagen!

 

Okay, so normally this is a place for private contemplation and technical content, but the news that PQR has been awarded the EMEA ánd Global Solution Provider of the Year award by VMware, is something I would like to share as well.

About two weeks ago, my colleague Viktor van den Berg (www.viktorious.nl) was present at the VMware Partner Leadership Summit in Arizona and accepted the awards on behalf of PQR:

The awards were given to PQR for our company wide focus on strategic VMware solutions, like NSX, vSAN, vRealize Suite and Workspace One.

As a consultant with a focus on the SDDC, I am very proud that we, as a team, were given these awards:

Our logo was just made for such a slide ;).

So, now it is time to work towards achieving the same and more, for next year!

So after the availability of NSX 6.4.1, with support for vSphere 6.7, it was time to update my Ravello lab to the latest versions. Last Friday I updated NSX, through the use of the Upgrade Manager (blog can be found here: Update of NSX).

In the late afternoon, early evening, I thought let’s update the rest to version 6.7.

The update of vCenter was pretty straightforward, as might be expected, because VMware has taken a lot of effort in making this a very workable solution.

When I tried updating the hosts to ESXi 6.7, through Update Manager, however, I got an error message saying that the hardware was unsupported:

So I decided to restart from scatch and create a completely new cluster, based on new VM’s.

When creating the VM’s, I used the same base VM I used earlier to install ESXi. When I started the VM, connected to the ISO file, which contained ESXi 6.7, I didn’t get any screen shown. I tried the same VM, but this time with the ESXi 6.5 ISO and than I got an installation screen (but not for the right version ;)). So I thought there must be someone out there, who came accross the same issue and yes, there was. In this blog is explained how to configure the Ravello VM’s, in order to run ESXi 6.7: https://www.snurf.co.uk/oracle/ravello/quick-and-dirty-settings-to-make-esxi-6-7-work-on-oracle-ravello/

After reading this blog I first decided to change the configuration of my current hosts to match the config as described in the blog, and lo and behold… That worked. So changed the configuration of all hosts to SandyBridge and remediated them, leading to a 6.7 cluster:

Last step is to update the vSAN File Format from 5 to 6 (basically a one-click upgrade, especially since I allowed for reduced availability) and the cluster is completely upgraded for all SDDC components.

That was very easy and I must say I like the HTML5 interface very much. There are still some things missing (like the Update Manager options, you get in the Flex client).

Haven’t used the HTML5 client frequently until now, because of the Networking & Security tab, but since more and more is becoming available in HTML5, I’ll soon use this as my new default.

 

This morning, I woke a little early, because of the heat, so I went to my home office in the attick, and immediately saw the news I was waiting for, for some time, NSX 6.4.1 was released. Thanks to Martijn Smit, I could read all about it at http://lostdomain.org/2018/05/25/nsx-v-6-4-1-released-html5-vsphere-6-7-support-more/.

So now, “finally”, the version of NSX that supports vSphere 6.7 has arrived, which means, time to update the lab. The benefit of waking early, so to say ;).

The update process of NSX has been described many times already and the method of upgrading, especially with Upgrade Manager, is very easy and straightforward. So I won’t waste time with capturing screens that can be found on multiple sites already

I did find a little typ-o, which I am kind-of sensitive about ;):

(of course, the SSO connection was corrected, before proceeding ;))

So upgrading NSX is easy. Basically, the following steps are taken:

• Log in to the NSX Manager appliance
• Upload the upgrade file to the NSX Manager UI
• Upgrade the NSX Manager and reboot.
• Go to Installation and Upgrade Manager within Networking and Security (either through the HTML5 of Flash client) and upgrade

This is the first time I have used the Upgrade tool from within NSX (since this is the first new version since the tool became available) and I must say, it is very easy. Although upgrading NSX for a small environment wasn’t very hard, doing it manual, I can imagine that using the Upgrade tool for a large environment has major benefits.

Unfortunately, upgrading the first host, resulted in a PSOD, but after kicking it, the upgrade of that host and the other hosts, completed without issue.

Also the upgrade of the Edges went through, smoothly. Although I do not use HA of ECMP in my lab-enviroment, so a small outage was to be expected, but apart from that, the upgrade went fine.

Good job @VMware!

 

So another Sunday to add some stuff to my Ravello Lab. Last time I wrote about the basics, like vSphere, vSAN and NSX. I also added vRealize Log Insight at that point, configuring all the components to write their syslog entries to the appliance.

Something not all of the vSphere and NSX customers know is that with both products comes the right to use vRealize Log Insight for free. For each vCenter server licensed, a 25 OSI-license for vRealize Log Insight is automatically available. With NSX all NSX licensed hosts can write to Log Insight and also all the NSX-components, like the NSX Manager, the NSX Controllers and the ESG’s.

Important to know is that when using both products, the license key of vCenter needs to be the first to add to the Log Insight appliance. If the NSX license is registered first, it is not possible to add the vCenter license.

Also, with the vCenter license, it is only possible to have one vCenter server logging to the Log Insight appliance. If you have more vCenter licenses it is of course possible to deploy multiple Log Insight appliance and forward events to different appliance, for the different vCenter Servers.

After deploying the Log Insight appliance, it is pretty easy to configure the vSphere environment to start sending events to the appliance.

First it is necessary to select and install the required Content Packs:

The following screen gives the options that can be installed. If you use vRLI to collect logging information for these products, it might be usefull to install the content packs, to get specific insight into issues with these products:

(and the list goes on, pretty extensive).

After installation of the correct Content Packs, it is necessary to configure them.

When you browse to Administration | Integration | vSphere, it is possible to add the vCenter server and also to configure all selected hosts to send their events:

Clicking on “View Details” gives some additional information about the configured hosts:

So all my hosts are sending their events to the Log Insight appliance.

Configuring the different NSX components is a little bit harder, but apart from the Controller-Cluster still pretty straightforward. The NSX Manager admin-web-page contains an easy configuration for syslogging:

The NSX ESG’s (as well as the DLR Control VM, which in itself is also an ESG), can be configured from within NSX:

I like my syslogging to use UDP, so on the ESG’s I changed it from the default which is TCP.

The NSX Controllers are (currently) still a little bit more difficult, since it is not possible to configure them through a GUI. For this we need to use the REST API.

First we have to find out the ID of the controllers. We can view this in the GUI within the vSphere Web Client:

or (of course) by using the REST API:

After that, we can set the syslog-server, with the REST API:

Repeat for the other two controllers, and all components within my LAB environment are configured to send their events to the vRealize Log Insight server:

vROPS

The following management product I added to the environment is vRealize Operation Manager, or vROPS for short. The deployment of the OVA is pretty straightforward. Name the VM, choose the correct storage and network-connectivity and of you go:

After deployment is complete, it is necessary to configure the server. I choose the Express Installation path, since that best covers my needs. After filling in the credentials, it is necessary to configure the vCenter Server(s) with which the vROPS appliance needs to connect to.

After a couple of minutes (in my lab environment close to half an hour), vROPS is ready to be used.

First of all we need to connect vROPS to all the relevant components in the environment. For my Lab, that means connecting it to the vCenter Server:

Also it is possible to change the monitoring goals, in this setup:

The second connection we create, is for vSAN:

And the last one (for now) is the connection to vRealize Log Insight:

Then it is possible (dependent on the version of vROPS that is used), to add Management Packs. For my Lab environment I would like to get the vROPS insight into NSX, so I added the NSX for vSphere Management Pack:

After the installation of the management pack, we need to configure it and connect it to the LAB environment as well:

When all is configured as it should be, data is being collected, as we can see in the Solutions tab:

vRealize Business is something I will look into, next time. Then I will also dive into vRNI. But for now, this is the management environment for my LAB. And when data is collected, we get some quick insights, from vROPS:

 

While in the process of deploying some management functionality to my Ravello LAB (see:  New virtual LAB on Ravello (part 1) and the second part coming), I ran into some issues with disk space. I had created a vSAN with approximately 800 GB of total space:

When trying to deploy vRealize Operation Manager, I was told that there was not enough space.

But fortunately the Ravello platform gives me the option to easily expand my vSAN. One node at a time, I entered maintenance mode, added 50 GB for caching and 1000 GB for capacity:

After adding the disks and updating the application within Ravello, I restarted the host and had to mark my 50 GB disk as Flash-device:

Within vSAN I added a second disk group to all hosts:

And on to the next host.

Important to first let all hosts resync all components, before proceeding to the next host:

and voila, room to grow:

Easy as that… Thanks to Ravello for the vExpert-package, which allows me to do this!