Category: News

The ability to encrypt a VM at the VM-level natively using vSphere has long been something that was not an option in vSphere but that may change soon. At VMworld this year there was a tech preview session of a new VM encryption technology that will be coming to a future release of vSphere. I had that session scheduled by missed it due to a conflict and unfortunately VMware chose not to include it in the session recordings that are available to registered attendees. The description of the session from the VMworld Content Catalog is below:

[important]

INF5339 – Protect your VM data with VM Encryption for vSphere and vCloud Air
All disks and metadata files associated with a Virtual Machine are the most important customers assets in on-premise and hybrid cloud scenarios. A “data at rest” encryption solution is essential to protect these assets against security threats to Virtual Machines. Get a better understanding of how VMware’s upcoming VM encryption solution will protect these assets!

Yuecel Karabulut – Product Line Manager, VMware
Swapneel Kekre – Sr. Engineering Manager, VMware Inc

[/important]

Why do we need encryption at all? Encryption of data is becoming more and more required due to a number of industry and governmental compliance mandates such as PCI, SOX and HIPAA that are designed to protect sensitive personal and financial data. In addition virtualization opens up whole new avenues of stealing data as servers (VMs) can now be transported out of a data center over a wire or in someone’s pocket. Encryption ensures that data cannot be read by someone who manages to get their hands on a VMDK file. I’ve previously written about the importance of securing your virtual world, encryption is another defensive tool you can use to protect VMs.

It’s possible to encrypt VMs right now in vSphere but its not that easy or straightforward and requires 3rd party hardware or software. Encryption can be done at the array level using hardware level solutions such as encrypted switches, drives or controllers, but these solutions are not granular to the VM-level. Other solutions such as HyTrust’s DataControl integrates with VMware to offer VM-level encryption but it requires the purchase and setup of a 3rd party solution. This blog post by VMware details this solution. You can also encrypt inside the VM at the guest OS-level but this complicates management of the VM and adds additional resource overhead.

Native encryption built right into vSphere would be an ideal solution as it would be much simpler and easy to setup and manage. I can see this integrated with VMware’s Storage Policy Based Management and possibly leverage the new vSphere APIs for I/O filtering that allows 3rd party vendors to integrate inline with a VMs storage I/O stream. VMware Workstation already supports VM-level encryption so VMware has already done some work to make this a reality. I also suspect VMware will make this available in both vSphere and vCloud Air so encrypted VMs have cloud mobility.

Beyond the VMworld tech preview session little other information is available on the new VM-level encryption in vSphere but I suspect it would be part of the next major release of vSphere. Let’s hope it doesn’t take as long as it took to support SMP Fault Tolerance which was a tech preview session at VMworld for several years before it finally made it into vSphere 6.0. So for now we’ll just have to wait or if you need something right away check with your SAN vendor or try one of the 3rd party solutions such as HyTrust DataControl.

You might get yourself thrown out of a physical VMUG if you showed up wearing just your underwear but you can wear anything you want or nothing at all when you attend a virtual VMUG. Well provided you’re at home you can, at your office you might get some funny looks. The 3rd Virtual VMUG event is Monday, November 9th from 9:30 a.m. – 5:10 p.m. CT so go sign up and attend so you can hear from great speakers like VMware’s CTO, Paul Strong and Pernix Data’s Chief Technologist and Master Blogger Frank Denneman. You’ll also hear from lots of great sponsors, can network with other VMUG users and even win great  prizes. You can view the full agenda here. So what are you waiting for, go register and wear whatever you want to enjoy the event.

Many SMBs and ROBO deployments using virtual storage desire 2-node configurations instead of the more typical 3-node configuration to help keep costs down. But understanding the pros and cons of 2-nodes versus 3-nodes is important as it can impact your resiliency and uptime. StarWind has a webinar this week (Nov. 10 at 2pm EST) on using 2-node or 3-node for hyperconverged deployments that explains the differences between these configurations so you can choose the model that works best for your requirements. Simply click the image below to sign up.

It’s almost that time of year again, some quick notes about this year’s voting:

• If you haven’t received last years coin, let me know, I haven’t heard from some people and I think there are a few others that contacted me that I need to send. Drop me an email at esiebert7625 at yahoo dot com.
• Thank you to this year’s sponsor VMTurbo that helps make all this possible, give them a big shout out for doing this.
• Last year I had excluded anyone that had not blogged in a year. This year there will be a 8 post minimum in 2015 to be eligible to be on the ballot, this will help weed out many of the non-active bloggers and give the bloggers that are active a better chance. Thank you to Andreas Lesslhumer for all his work counting blog posts.
• A new year brings a new coin design so every year is unique, I’ve found the coin company I use isn’t all that creative and basically just prints what you tell them to. Last year I hired a designer on fiverr to try and get a good design but I wasn’t too happy with their creativity either. If anyone has any ideas and suggestions for this year or wants to mock up a sketch please let me know. I’ll be using the same metals this year, shiny gold for top 10, antique silver for top 25 and antique copper for top 50. Last year I did a diamond edge on the coin this year I was thinking of doing an hour glass or pleated edge. You can see all the different coin options here. Here’s my rough mock-up so far:

Look for posts with more details in the upcoming weeks as we start to kick things off in January.

SolarWinds has just released a new free tool to monitor the health, status and availability of your server hardware. It looks like a stripped down and limited version of their Server & Application Monitor tool. Server Health Monitor provides visibility into the status and performance of critical server hardware components such as fan speed, temperature, power supply, CPU, battery and more. With it you can monitor the status and hardware health metrics of Dell, HP, IBM servers, and VMware ESX/ESXi hypervisors. As it only supports monitoring of up to five servers it’s best for very small environments,  home labs or for monitoring a few key servers. You can download this new free tool here.

The VMworld TV crew featuring the notorious blogger Eric Sloof along with his sidekick Jeremy van Doorn were notably missing this year from VMworld in the US. I always enjoyed watching Mr. Sloof in action at VMworld recording video footage and interviews all over the event and producing daily wrap-up videos, so it was disappointing that VMware didn’t bring them to the US event this year. However they were back in action at VMworld EMEA and if you want to get a great summary of what went on over there along with some good interviews be sure and check out the videos on the VMworld YouTube channel. I’ve listed some of them below along with some additional videos from VMworld EMEA that seemed interesting.

• VMworld Daily Wrap – Tuesday
• VMworld 2015 Daily Wrap – Wednesday
• VMworld 2015 – Daily Wrap – Thursday
• After VMworld, the parties begin!
• VMworld TV at the Benelux Party
• Eric Sloof, King of the Bloggers, meets some more Bloggers! Bloggers!
• Corey Romero talks about what it takes to be a vExpert
• Mike Laverick and the EVO:RAIL at VMworld 2015

VMware has released approximately 50 VMworld 2015 sessions for free but you’re still missing out on tons of other great sessions that are only available to paid attendees. Well now you can get access to all those great recordings for the relatively low price of $200 by purchasing a VMUG Advantage membership. The price of $200 is way cheaper than attending VMworld plus you get a lot of other great benefits that come with VMUG Advantage which include:

• VMware EVALExperience – 365-day evaluation licenses for personal use in a non-production environment
• vCloud Air OnDemand Service Credit – $600 in service credit per year which provides access to a cloud-based VMware environment
• VMware Lab Connect – a self-paced, technical training lab designed to enhance your learning experience
• $100 USD Discount on VMworld Admission
• 50% off VMware Fusion Pro and VMware Workstation Software Licenses
• 20% off VMware Certification Exams
• 20% off VMware On-Demand, a robust, self-paced learning solution delivering modular training combined with hands-on practice labs, giving you a powerful alternative to traditional classroom training
• 20% off VMware-Delivered Classes
• 35% off VMware Lab Connect, a self-paced, technical training lab designed to enhance your learning experience

and of course: access to VMworld 2015 Online Content – a $699 value

All for $200 which is a damn good deal considering the cost of going to VMworld which is thousands of dollars, combined with all the other great stuff you getting it would probably total over $5000.

So head on over and sign-up so you can get started listening to all the great VMworld 2015 session content that is available,

Primary Data conducted a survey of VMworld attendees to find out the level of interest in VMware Virtual Volumes (VVols) as well as what are the challenges and concerns that are keeping people from adopting it. The survey had 355 responses which is a good sampling that  probably represents the viewpoints of the majority of VMware customers. The overall results of the survey show strong interest in VVols but also the key challenges that are holding people back from using it.

When asked about the level of involvement of VVols, 41% of respondents were discussing it but 28% had never heard of it. In addition, 12% were not pursuing VVols and had no plans to but 7% have already implemented it and 4% are in the process of implementing it. The remaining 4% were testing VVols.

So lets look at these numbers and what they could mean:

• 41% discussing VVols – this is a good amount which shows definite interest in VVols, but I believe this group is largely comprised of people that are trying to better understand VVols which includes what are the differences, benefits, use cases, requirements and limitations of VVols.
• 28% have never heard of it – not surprising as VMware has not really gone out of their way to promote VVols that much. If you look at VMworld you constantly hear about VSAN but VVols receives little recognition in keynotes and other activities, the same is true outside of VMworld, you mainly hear about VSAN from VMware.
• 12% are not pursuing VVols – this group may include SMB customers and those with smaller environments that feel that they don’t need VVols and what they are already using works just fine for them. It may also include people that use DAS or software defined storage such as VSAN or VSA as well as customers who arrays do not support VVols.
• 7% have implemented it already – I’m a little surprised that this is that high given the limited support from array vendors for VVols and with EMC still not supporting it and 57% of the survey respondents were using EMC storage. I’d bet that these people are mainly testing it out with some non-critical VMs, I’d be more interested in knowing how much this group has implemented it in their environment.
• 4% are in the process of implementing it – Given that VVols is fairly easy to implement I’m guessing that this group is either waiting for their array vendor to support VVols, waiting to upgrade to vSphere 6 or to upgrade their array to the firmware that supports VVols.
• 4% are testing VVols – I thought this number would be higher as you can run VVols alongside VMFS, I can see the people that have implemented VVols already or that are in the process as also being the ones that are testing VVols.

These numbers are pretty much in line with what I’ve seen and heard. When I’ve presented at VMUGs and VMworld this year I always ask how many people have heard of VVols and I see more than half the hands go up, when I ask who understands VVols I see much less hands and when I ask who has implemented I see very few hands.

I previously did a long detailed post on my thoughts around VVols adoption and reasons why people should adopt now and why they should wait. I think the biggest barriers right now are VVols being a 1.0 release, lack of replication support, lack of understanding what it is, the vSphere 6 requirement and lack of array support. If you look at the 1.0 release of VSAN it was the same way, because of limitations, lack of understanding and what not there was not large scale adoption, this is pretty much true of any 1.0 product. I don’t expect to see the implementing percentage for VVols go a lot higher for at least a year until it matures and the SAN vendors catch up.

Now lets look at the challenges around VVols adoption that were highlighted in the survey and what they could mean:

• 63% said lack of VVols expertise – this is understandable, it takes time to get experience and knowledge and VVols is fundamentally a lot different than VMFS. This is a fairly easy challenge to overcome though, I’ve seen a lot of documentation from vendors and VMware to help people with this, check out my huge link collection on VVols for more info and resources.
• 56% said performance issues – say what, I’m not sure what people are thinking here, VVols will not cause performance issues and performs on par with VMFS, however VVols will also not fix existing performance issues either. It sounds like a great number of people have storage performance issues already and want to focus on fixing that before looking at VVols.
• 54% said migration issues – OK, migrating existing VMs to VVols is a slow and painful process using Storage vMotion but you can run VVols alongside VMFS and do it over time. I don’t see this being an issue just a slow process, this might be focused on underlying implementation issues such as migrating to vSphere 6 and migrating to array firmware that supports VVols.
• 52% said organization roadblocks – I can see several things here, push back from SAN admins that don’t like VVols because they lose some control, change control processes, data center politics, refresh cycles that are pushing it out, lack of selling it to upper management, etc. Again this shouldn’t be too difficult to overcome but it will probably take time to do so.
• 51% said reliability issues – again, huh? VVols aren’t really any less or more reliable than VMFS and there really haven’t been any major issues that I’ve seen related to implementing them. Once again I think this one points back to underlying existing reliability issues with storage which VVols isn’t going to solve and customers unwilling to deploy VVols until they fix reliability issues.
• 46% said cost – I sure hope these people know that VVols isn’t a product or feature that you have to license, it’s a new storage architecture that is built into vSphere and is included in all editions. Other than that the only reasons I can think of that someone would say cost is if they have to pay to upgrade to vSphere 6 or buy storage that supports VVols.
• 43% said lack of vendor support – given that 57% of the survey respondents had EMC storage which does not yet support VVols this percentage perfectly aligns with that. Today there are only 10 storage vendors that do support VVols with the biggest ones being HP, IBM, Dell, NetApp and HDS. This will simply take time for vendors to catch up and deliver mature VVol implementations.

You can see most of the challenges seem to focus more on existing storage issues in customer environments not related to VVols. The survey does a good job of highlighting the many issues that customers have with storage in their environments, particularly around performance and availability. Lack of expertise and lack of array support seem to be the biggest VVol challenges related to adoption which will simply take time to overcome. You can see the full survey results and raw data at this link.