vRealize Automation veterans may still remember the migrations from vRA 5.x to 6.x and 6.x to 7.x. However, for many enterprises utilizing vRealize Automation, the migration from vRA 7.x to vRA 8.x will be your first major vRA migration. In an ideal world these migrations would only take a few clicks of the mouse. Migrating from vRA7.x to vRA8.x is going to be a lot like switching banks. Trying to figure out all the services that have your bank card on file for automatic billing and moving over automatic bill payments is tedious and time consuming. Which payments are monthly, quarterly, annually, and for how much? Wouldn’t it be nice if there were a simple tool to identify and update all the services that you have on auto-pay?
vRealize Automation is a lot like that. Whether it’s frequently deployed common workloads, special purpose blueprints that are used a few times a month, quarterly, or a handful or fewer times a year, or software customizations specific to vRA, you have to identify everything that will require hand-holding when you begin the migration from vRA7 to vRA8. The good news is that, unlike your bank, VMware does offer a migration assessment tool to help you determine if your blueprints are ready to be migrated from vRA7 to vRA8. As of this writing, we have not yet learned if the migration assessment tool will determine if your customizations and workloads are ready for migration.
If you were at VMworld and caught the Day 1 General Session you may have heard Pat Gelsinger say “The rule of the cloud – Ruthlessly Automate Everything”. This should be a wakeup call for anyone who has not begun or has done very little with automation.
Many of you may have noticed over the last few weeks that Dailyhypervisor has had some ongoing issues. It all started around the same time my 2 year old son went into the hospital I had gotten an message from a friend letting me know that google had flagged dailyhypervisor.com as a malware site. Sure enough it had been flagged and malware was indeed present. With no time to properly resolve the issue I did the only I could do to prevent anyone from coming to my site from being impacted by the malware. I took the site down.
For me it was a quick temporary fix until I could find the time and focus to get it back up and fixed. Of course it wasn’t until 11 days later when my son was finally released from the hospital that I got to fixing the site. My fix was to perform a complete restore from a known good backup. Luckily I do subscribe to a cloud based backup solution that takes nightly backups and I was able to determine when was the best time to restore the site to. However I knew this wasn’t going to need to be the only step I took.
After the restore was completed I then needed to try and figure out how they got in and try to lock it down to prevent further incidents. After hours spend reviewing the security I already had in place, file permissions, firewall rules, and updating all components of the site I got to a point where I felt I had done all the things I needed to and everything should be ok. Well I recently just found out that was not the case. These lechers of the internet that exploit any sites they can with vulnerability’s in order to turn them into petri dishes for spreading malware and other malicious code once again gained access to dailyhypervisor.
After doing yet another restore and and exhaustive review of the site again I decided to dig deeper into the plugins that I was using on the site. I believe the download manager plugin to be the culprit but also discovered other plugins I was running that haven’t seemed to be maintained in a long time. I ended up removing all the plugins that I felt were insecure, outdated and posed a security risk to the site and my readers. With the removal of my download manager I will have go to through the entire site and update all the links to all the downloads to point them to the external sources where our downloads are located. In the meantime if you need to download any of the packages we have shared you can find them on github or VMware Sample Exchange.
I would however like to take this time to apologize to all of my readers for the ignorance of these hackers that hide behind their keyboards in the darkness and prey on those of us trying to be productive and helpful. The craziest part is in the last year my blog has probably been the most secure it has been since I started it in 2009 and I’ve never had these issues before in the past. The good news is they have not hacked or gotten access to the database, just the file system of the site.
I would like to ask all of you that if you see something, please say something. Please send me a tweet to @vmmeup if you notice anything off. I have up’d my game a little I now have a solution that monitors all my files and notifies me of any changes, but this isn’t bullet proof and I can’t look out for it ever minute of every day, so please if you notice anything strange with the site moving forward please let me know. Thank you all for your patience and I resolved this issue and for being loyal readers.
We have just launched our DailyHypervisor Forum located at http://www.dailyhypervisor.com/forum. Stop by, contribute and be a part of our community. The DH Forum is intended to be for all things cloud. Currently we have forums created for vCAC, vCD, vCO, Cloud General, and Openstack. More forum categories will be coming based on demand. If you have a category you would like to see shoot us a note and let us know.
Our goal is to create a common place where anyone can come to learn, get help, share ideas, or just about anything that will help foster knowledge regarding cloud computing. Considering this very blog is the announcement of our forum you could image there isn’t a whole lot happening yet so what are you waiting for, be the first. Go ask a question, post an issue, share a thought and let’s get things rolling.
HP is taking cloud computing to the next level with their MoonShot servers. Cloud isn’t just software anymore.
Now I don’t know if HP MoonShot can solve all of today’s datacenter issues, but it surely is a start. Moonshot is an interesting concept HP is taking Intel Atom S1260 processors, on a bunch of micro PC sized cards and put them all in one chassis. One MoonShot chassis is capable of housing 45 servers, that’s just incredible. HP is claiming that the MoonShot servers consume 89% less energy than a traditional servers. Considering each of the 45 servers in the chassis are pulling straight DC from the chassis and each individual server is not running an 800W power supply that is only 60% efficient I would think it’s possible. In fact the Moonshot chassis takes 2-4 1200W power supplies that are 94% efficient. Not only are you powering 45 servers with these power supplies, but the chassis also houses two Ethernet switch modules and two uplinks with SFPs. Continue reading “HP MoonShot – Hardware is catching up with the cloud”
If you are in a “24/7/365” shop then the applications running in your private cloud should currently be in virtual data centers (vDC) that are contained in DRS/HA clusters and the migration can be completed with no downtime to the applications. However, there are still other systems, such as development and test systems or possibly some minor infrastructure services applications that may not benefit from vSphere’s availability features. I know many people have scheduled outages, shutdowns, etc. during the upcoming holidays. It may the best time to migrate to ESXi.
Since everyone else in the world is heralding the release of vSphere 4.1, I figured I would post some bad news. The stuff you may want to know BEFORE you jump into upgrading to vSphere 4.1. Before I start, I want to make it clear that vSphere 4.1 is a great product overall. And I have already been leaning to ESXi, so the announcement that this will be the last release with the “traditional” ESX has been expected. I will talk about ESXi and its improvements in a later post. I just want you to be aware of these rather significant Gotchas.
OK..I’ll admit it: I am spoiled by the capabilities of vSphere. What other platform lets you schedule system updates that will occur unattended and without outages of the applications being used? I don’t mean the winders patches, they require a monthly reboot. I am talking about the hypervisor updates. VMware Update Manager coordinates all of this for you. Then along comes vShield Zones to break it all.
First, let me explain what I am trying to do. To simplify things, vShield Zones is a firewall for vSphere Virtual Machines. Rather than regurgitate how it works, take a look at Rodney’s excellent post. A customer has decided to use vShield Zones to help with PCI Compliance. The desire is that only certain VMs will be allowed to communicate with certain other VMs using specific network ports, and to audit that traffic. ’nuff said.
vShield Zones seems to be the perfect solution for this. It works almost seamlessly with vCenter and the underlying ESXi hosts. It provides hardened Linux Virtual Appliances (vShield Agents) to provide the firewalling. It provides a fairly nice management interface to create the firewall rules and distribute them to the vShield Agents. Best of all, IT’S FREE! At least for vSphere Advanced versions and above. Keep in mind, that this is still considered a 1.x release and some things need to be worked out.
Back in April I wrote a blog aimed and the differences between ESX and ESXi. The original post was written for ESX 3.5 and with the introduction of vSphere I think it’s about time i have revisited this topic and looked at the pros and cons of ESX4 and ESX4i. Now before we dig into the technical details there is one big thing you should all be aware of. The FAQ page published by VMware states “VMware ESXi is the recommended platform for both new and existing customers. Future hypervisor releases will solely be based on this architecture.”
For most that should be enough said. After reading that I would seriously start rolling out ESXi in a lab and start figuring out how I could maintain my needs without the service console most of us have become to know and love. I would also start brushing up on the RCLI as well as the PowerCLI if you are currently dependent on scripts that run in the service console. The good news is almost everything you do today in the service console can be achieved one way or another with ESXi as well. OK with that said lets talk about some of the other limitations.