November 2015 archive

VMware releases Photon Controller

Today VMware released Photon Controller another component in their new container architecture that was announced months ago. I really haven’t been up to speed on all the container stuff but I attended a blogger briefing on this latest piece last week so I have a little better understanding of it now. I’ll try and summarize what I learned:

  • There are several components to VMware’s container architecture, Lightwave (identity and access management), Photon Machine (stripped down ESXi), Photon Controller (management, kind of like vCenter) and Photon OS (container runtime environment).

Photon-blog2

  • All components are open-sourced, Lightwave and Photon OS already launched, Photon Controller is the last piece to launch.
  • Below is a figure depicting VMware’s long-term architecture for the Photon Controller, you can see that integration into traditional vSphere tools like vROPs and Log Insight is planned along with 3rd party integration:

Photon-blog3

  • Below is a figure depicting the Photon Platform architecture, got to love how VMware is still using the term ESX (maybe they are bringing it back):

Photon-blog4

  • vSphere Integrated Containers is a separate infrastructure to Photon Platform and runs on traditional vSphere. Here’s VMware’s comparison of the two:

Photon-blog1

  • Photon Platform does run on a stripped down ESXi hypervisor with a container runtime environment based on Photon OS. VMware wouldn’t say exactly what all was stripped out but some features that don’t fit into supporting containers were removed (i.e. HA, FT, DRS, integration APIs).
  • I saw a demo of Photon Controller in action (below), most of the management and deployment is all CLI right now and it’s completely different from vSphere and very developer focused. To me it seemed like a pretty steep learning curve if you are used to traditional vSphere. Note Photon uses “Flavors” for resource policy management.

photon-16

photon-15

  • Photon Machine has no support for any of the current vSphere Storage APIs (VAAI/VASA), that may come later.
  • Photon Machine only supports VMFS, no VVols support, that may come later.
  • There is currently no management plug-in integration like there is in vCenter for 3rd party vendors to add-on to it.
  • You can run Photon Controller as a VM in VMware Fusion or Workstation so you can have a whole container development environment on a desktop or laptop.

There is still a lot that I need to learn and understand about this new architecture. It will be interesting to see how VMware continues to develop and evolve this and how they position it against vSphere integrated containers. Here are some additional resources to help you learn more about it:

Share This:

Rage Against the Virtual Machine

In a play on the rap/metal band Rage Against the Machine, SolarWinds has launched their own version call Rage Against the Virtual Machine to promote awareness of the challenges that Sys Admins face dealing with virtual environments. Here’s some information on their latest Thwack monthly mission:

1510_thwack_November-Mission_Banner_728x90[important]When your shin finds a drawer that is out of position, it might put a strain on your disposition. A flat tire in the driveway when you try to leave, might make you start feeling a little bit peeved. But when all your VMs have escaped from their cage, you’re sure to start thinking that it’s time for some rage! Rage against the virtual machine that is. This month’s thwack mission, “Rage Against the Virtual Machine,” puts you deep in the heart of your virtualized environment. Solve the riddles, earn bonus points, and possibly walk away with the grand prize: a PlayStation® 4 Limited Edition Star Wars® Battlefront® 500GB Bundle. May you emerge victorious and regain your sovereignty over those mutinous virtualized assets.[/important]

In addition to the awesome prizes and thwack points up for grabs this month, they have also created a mission “shortcut” to earn the way cool Rage Against the Virtual Machine t-shirt by simply downloading SolarWinds Virtualization Manager and then uploading a screenshot of the “Storage” tab.

RageTShirtAnd now you do what they told ya and go check out their contest, maybe win some great stuff and go virtualizing in the name of…

Share This:

I reckon that you should check out TechReckoning

My good friend and community guy extraordinaire John Troyer finally has a website up and running to support his TechReckoning endeavour. If you hadn’t heard, after many years of building up VMware’s social media communities John left to launch his own business helping companies with social media challenges and to try and build out a vendor independent tech community.

His newsletter has been up and running for almost a year and is always full of good and interesting information along with viewpoints from members of the community. Now he is actively blogging on his newly launched website as well. In addition he he has also started a podcast that you might give a listen to. I’ve known John for almost 10 years and I think you’ll find his viewpoints and industry perspectives based on his experience from his many years in the trenches at VMware both interesting and entertaining.

So what are you waiting for, I reckon that you mozy on over to check out the website, signup for the newsletter and give his podcast  a listen.

Share This:

VM-level encryption is finally coming to vSphere

The ability to encrypt a VM at the VM-level natively using vSphere has long been something that was not an option in vSphere but that may change soon. At VMworld this year there was a tech preview session of a new VM encryption technology that will be coming to a future release of vSphere. I had that session scheduled by missed it due to a conflict and unfortunately VMware chose not to include it in the session recordings that are available to registered attendees. The description of the session from the VMworld Content Catalog is below:

[important]

INF5339 – Protect your VM data with VM Encryption for vSphere and vCloud Air
All disks and metadata files associated with a Virtual Machine are the most important customers assets in on-premise and hybrid cloud scenarios. A “data at rest” encryption solution is essential to protect these assets against security threats to Virtual Machines. Get a better understanding of how VMware’s upcoming VM encryption solution will protect these assets!

Yuecel Karabulut – Product Line Manager, VMware
Swapneel Kekre – Sr. Engineering Manager, VMware Inc

[/important]

Why do we need encryption at all? Encryption of data is becoming more and more required due to a number of industry and governmental compliance mandates such as PCI, SOX and HIPAA that are designed to protect sensitive personal and financial data. In addition virtualization opens up whole new avenues of stealing data as servers (VMs) can now be transported out of a data center over a wire or in someone’s pocket. Encryption ensures that data cannot be read by someone who manages to get their hands on a VMDK file. I’ve previously written about the importance of securing your virtual world, encryption is another defensive tool you can use to protect VMs.

vm-thief3It’s possible to encrypt VMs right now in vSphere but its not that easy or straightforward and requires 3rd party hardware or software. Encryption can be done at the array level using hardware level solutions such as encrypted switches, drives or controllers, but these solutions are not granular to the VM-level. Other solutions such as HyTrust’s DataControl integrates with VMware to offer VM-level encryption but it requires the purchase and setup of a 3rd party solution. This blog post by VMware details this solution. You can also encrypt inside the VM at the guest OS-level but this complicates management of the VM and adds additional resource overhead.

Native encryption built right into vSphere would be an ideal solution as it would be much simpler and easy to setup and manage. I can see this integrated with VMware’s Storage Policy Based Management and possibly leverage the new vSphere APIs for I/O filtering that allows 3rd party vendors to integrate inline with a VMs storage I/O stream. VMware Workstation already supports VM-level encryption so VMware has already done some work to make this a reality. I also suspect VMware will make this available in both vSphere and vCloud Air so encrypted VMs have cloud mobility.

Beyond the VMworld tech preview session little other information is available on the new VM-level encryption in vSphere but I suspect it would be part of the next major release of vSphere. Let’s hope it doesn’t take as long as it took to support SMP Fault Tolerance which was a tech preview session at VMworld for several years before it finally made it into vSphere 6.0. So for now we’ll just have to wait or if you need something right away check with your SAN vendor or try one of the 3rd party solutions such as HyTrust DataControl.

Share This:

Attend a VMUG wearing just your underwear

You might get yourself thrown out of a physical VMUG if you showed up wearing just your underwear but you can wear anything you want or nothing at all when you attend a virtual VMUG. Well provided you’re at home you can, at your office you might get some funny looks. The 3rd Virtual VMUG event is Monday, November 9th from 9:30 a.m. – 5:10 p.m. CT so go sign up and attend so you can hear from great speakers like VMware’s CTO, Paul Strong and Pernix Data’s Chief Technologist and Master Blogger Frank Denneman. You’ll also hear from lots of great sponsors, can network with other VMUG users and even win great  prizes. You can view the full agenda here. So what are you waiting for, go register and wear whatever you want to enjoy the event.

vVMUG3

Share This:

Upcoming webinar on using 2-node or 3-node for hyperconverged

Many SMBs and ROBO deployments using virtual storage desire 2-node configurations instead of the more typical 3-node configuration to help keep costs down. But understanding the pros and cons of 2-nodes versus 3-nodes is important as it can impact your resiliency and uptime. StarWind has a webinar this week (Nov. 10 at 2pm EST) on using 2-node or 3-node for hyperconverged deployments that explains the differences between these configurations so you can choose the model that works best for your requirements. Simply click the image below to sign up.

starwind-webinar

Share This:

Top vBlog 2016 coming soon

It’s almost that time of year again, some quick notes about this year’s voting:

  • If you haven’t received last years coin, let me know, I haven’t heard from some people and I think there are a few others that contacted me that I need to send. Drop me an email at esiebert7625 at yahoo dot com.
  • Thank you to this year’s sponsor VMTurbo that helps make all this possible, give them a big shout out for doing this.
  • Last year I had excluded anyone that had not blogged in a year. This year there will be a 8 post minimum in 2015 to be eligible to be on the ballot, this will help weed out many of the non-active bloggers and give the bloggers that are active a better chance. Thank you to Andreas Lesslhumer for all his work counting blog posts.
  • A new year brings a new coin design so every year is unique, I’ve found the coin company I use isn’t all that creative and basically just prints what you tell them to. Last year I hired a designer on fiverr to try and get a good design but I wasn’t too happy with their creativity either. If anyone has any ideas and suggestions for this year or wants to mock up a sketch please let me know. I’ll be using the same metals this year, shiny gold for top 10, antique silver for top 25 and antique copper for top 50. Last year I did a diamond edge on the coin this year I was thinking of doing an hour glass or pleated edge. You can see all the different coin options here. Here’s my rough mock-up so far:

design1-cropLook for posts with more details in the upcoming weeks as we start to kick things off in January.

Share This:

New free server health monitoring tool from SolarWinds

SolarWinds has just released a new free tool to monitor the health, status and availability of your server hardware. It looks like a stripped down and limited version of their Server & Application Monitor tool. Server Health Monitor provides visibility into the status and performance of critical server hardware components such as fan speed, temperature, power supply, CPU, battery and more. With it you can monitor the status and hardware health metrics of Dell, HP, IBM servers, and VMware ESX/ESXi hypervisors. As it only supports monitoring of up to five servers it’s best for very small environments,  home labs or for monitoring a few key servers. You can download this new free tool here.

server-health-monitor-962x682

Share This: