Category

SEV Ops

SEV Ops

VMworld 2018 Recap

September 13, 2018

 

I may have not been to VMworld (Yeah… I get it… Not a good look), but a large crew from SHI absolutely made it out to the event in full force.

Since we at SHI cover products and manufacturers all across every spectrum of the industry we attend A LOT of conferences. This years VMworld was HUGE, but unfortunately not everyone gets to go, so we always get a group of people who did attend to do a bit of a write-up for the rest of us who did not get the opportunity. So in addition to the SEV Ops Video Recap, we have a written one coming straight from some of the Advanced Solutions Group best and brightest members. All credit to: Josh Morrison, John Martin, and Simon Chun. Thanks you for all that you do and your hard work on the below write-up!

VMworld 2018 Updates

vSphere 6.7 Update 1 Enhancements (Tech Preview, GA Fall 2018)

Full-Featured HTML5 vSphere Client

VMware admins have been challenged in the past with having to switch back and forth between the vSphere Web Client and the traditional vSphere Client for full administrative feature support. Beginning in 6.7 U1, this new vSphere Client will become the tool for managing vCenter Server with not only fully integrated management, but also updated and simplified tasks and workflows. Some additional or modified features include:

  • Feedback tool to annotate and submit screenshots
  • Cluster-level storage overview page
  • Download / Upload multiple files from datastore file management page
  • Guest OS customization for cloned VM (IP Address, Gateway, etc)
  • Guest OS customization for template VMs (IP Address, Gateway, etc)
  • Live Refresh and live state of objects across sessions
  • Performance enhancements for plug-ins, charts, etc
  • Native browser feature support (bookmarks, navigation, zoom)
  • and much more…

vMotion for NVIDIA GRID v-GPU Powered VMs

Virtual Machines leveraging NVIDIA GRID vGPUs can now be migrated to another server without end-user disruption or data loss using vMotion. In past versions, all VDI desktops had to be powered off to perform patching and updates thereby disrupting user productivity. This new feature will enable VMware administrators to perform needed infrastructure services and maintenance without interrupting end-users. Additional supported features include workload balancing with DRS, Suspend, Resume, and Snapshots.

vCenter Server Converge Tool

The Platform Services Controller (PSC) is going to be embedded within vCenter moving forward. Announced in 6.7.0, Enhanced Linked Mode with the embedded PSC dramatically simplified vCenter Server management by eliminating the complexities of the external PSC.  This includes reducing the number of virtual machines running to support the vCenter architecture, eliminating the need for load balancers for HA, and complex multi-site replication topologies. Up to 15 vCenter instances may be connected via Enhanced Link Mode under this new architecture.

The Converge tool now makes it very simple to migrate external PSCs to the embedded version rather than be forced to rebuild them. This tool is only supported for vSphere 6.7 U1 at this time, so customers will need to upgrade to this version before leveraging the new feature.

Finally, the tool will enable users to move (repoint) a vCenter Server with embedded PSC from one vSphere SSO Domain to another. Now users have the flexibility to combine, merge, or separate vSphere SSO Domains to optimize their organization’s architecture without time consuming and challenging rebuilds or migrations.

 Enhancements for HCI and vSAN

A new workflow wizard called “Cluster Quickstart” has been created for vSphere. Administrators who leverage this tool will be able to quickly and efficiently create and configure clusters, add hosts, and ensure those hosts are identical. The configuration includes HA, DRS, Enhanced vMotion Compatibility (EVC), a vSAN datastore, and networking – including Virtual Distributed Switch (VDS).  The wizard integrates with known best practices to enable setup of a fully functioning and validated cluster within minutes.

Additionally, I/O controller firmware updates have now been integrated with vSphere Update Manager (VUM). This enables administrators to remediate both software and firmware in one maintenance cycle under a single VUM UI, which is safer and more efficient.

Enhanced Content Library

Customers are now able to import .OVA templates from both HTTPS and local storage. They may also sync content from OVA templates to other vCenter Servers. Content Library (CL) now natively supports .VMTX templates and associated operations such as deploying a VM directly from the CL. Syncing of VM templates to another vCenter Server is not yet supported in 6.7 U1.

 

vSphere Platinum Edition (GA Fall 2018)

 vSphere Platinum in its simplest terms is about driving security down to the applications. Platinum edition will take all of the features and functionality of vSphere Enterprise Plus and layer an emerging product called VMware AppDefense on top leveraging some purpose built vCenter plugins.

VMware Appdefense is a cloud-based AI SaaS service that works in concert with on-prem components to detect the known good state of an application. Not only is the known good state of the application analyzed, but the cloud-based AI is able to leverage its knowledge of other identical applications to make its determinations. With this information, Appdefense is able to detect deviations in behavior from this known good state that may indicate a threat or malicious attack. In addition to being alerted to this deviation, administrators will also have the capability to automate the remediation of that activity by leveraging some of the native capabilities of vSphere and NSX. The remediation process may include (but is not limited to) quarantining the VM, snapshotting the VM (for analysis), sending out an alert, or blocking the detected activity in real time and sending out an alert. NSX is not required to use Appdefense, but it will provide more options for remediation.

Once Appdefense determines the “intentional State” of the workload, the “Principle of Least Privilege” is applied to determine the least privilege security posture the application needs to perform its job. It can also adapt to updates and new code releases over time and leverages integrations with netflow, policy changes, automation engines, developer workflow processes, Ansible, Jenkins, Puppet and more. The goal is to reduce the potential attack surface in the enterprise. VMware calls this “adaptive microsegmentation.”

Check out this video for more information

Under the Hood: vSphere Platinum – VMware Blog

 

Amazon RDS on VMware (Tech Preview)

Amazon Relational Database Service (RDS) is a cloud service that takes the setup, operation, and scale of relational databases and adds an easy button. Amazon RDS manages many tedious tasks including database provisioning, OS and DB patching, backups, point-in-time restore, resource scaling, health monitoring, and HA. These RDS features allow administrators to focus on what’s truly important: development and tuning of the application.

Amazon RDS on VMware has been announced and is currently in tech preview. This will bring the full functionality and simplicity of RDS on-prem to VMware based datacenters. It will enable migration to AWS or VMware Cloud on AWS with just a few clicks and the service will continue to operate on-prem even in the event of network disruption to the AWS cloud. Currently, supported databases include Microsoft SQL Server, Oracle, PostgreSQL, MySQL, and MariaDB.

Registrations for the tech preview can be submitted at the link below.

Official Amazon.com link

 

Project Dimension (Tech Preview)

Probably the largest benefit VMware Cloud customers realize is the ability to quickly spin up cloud resources while leveraging a familiar VMware software suite. The icing on the cake is that VMware does all of the deployment, patching, upgrades, monitoring, and troubleshooting of those systems. In fact, this maintenance-free experience is what many customers find so attractive about cloud-based services.

Project Dimension is essentially a VMware Cloud deployment, but on-prem. VMware will work with its hardware partners to scope and customize a solution stack at the factory, which is then followed by a plug-and-play experience on-prem. Once Project Dimension servers are plugged in, they will automatically connect to the VMware Cloud and self-configure. All patching, upgrades, monitoring, and troubleshooting will be performed by VMware using the tools and systems currently used to support the VMware Cloud.  This enables customers to consume VMware’s Cloud Foundation stack (vSphere, vSAN, and NSX) without having to wrestle with tedious deployments and day two management tasks. Project Dimension also leverages NSX SD-WAN by Velocloud to enable connectivity with other regions, whether they be edge, on-prem datacenter, or cloud.

Introducing Project Dimension – VMware Blog

 

Project Magna (Early Development)

During his keynote on the first day of VMworld, Pat Gelsinger commented that as our technology continues to advance, the Software Defined Data Center (SDDC) is going to morph into the Self Driving Data Center. Project Magna is that early-stage effort to bring AI and machine learning to the datacenter and enable it to essentially drive itself. The goal of Project Magna is to leverage machine learning to drive greater performance and efficiency without administrator intervention.

A brief product demonstration illustrated how Project Magna could model, test, and then reconfigure the network to a different frame size thereby optimizing application performance in real time.

 

Virtualizing the Edge – ESXi on ARM64 (Tech Preview)

VMware showed a tech preview of ESXi with vMotion and fault tolerance capabilities during the VMworld general session. It was vanilla vSphere, but running on a Marvell Armada 8040 with a 64-bit ARM Cortex A72 processor. The device was said to be sitting in a wind turbine generator, had been up for 184 days, and was running 4 virtual machines. The general use case here is in IoT and Edge computing. VMware has no plans to displace x86 or support 64-bit ARM in the datacenter, but instead will work with select embedded OEMs to evaluate possible use cases for virtualization on ARM.

 

Project Concord (Tech Preview)

Project Concord is an open-source, scalable, energy efficient, decentralized trust infrastructure for digital consensus and contract execution. In short, VMware is dipping its toe into blockchain. In a decentralized trust infrastructure, consensus protocols validate transactions, meaning all nodes in the blockchain must reach agreement for transactions in order for them to be committed. Use cases for Project Concord could include the guaranteed dissemination and verification of information such as in document distribution, asset and product tracking such as deeds or loans, asset transfer, and certified claims. Check out the link below for more information.

Meet Project Concord: VMware Blog

 

VMware Cloud Updates (Tech Preview)

  • VMware Cloud on AWS is expanding to Asia-Pacific and opening new availability zones worldwide
  • VMware Cloud on AWS will be available worldwide in all AWS regions by the end of 2019, including AWS GovCloud

 

Cheers!

Russ

0 Comments
SEV Ops

SEV Ops Writes: VMWare Cloud on AWS

November 19, 2017

On-Prem, Off-Prem, Public Cloud, Private Cloud, Hybrid Cloud… which one is the best? The winner is… THE APPLICATION!

That’s a joke, well not really, but you get it. Unfortunately, I am not here to answer what the best of those pillars is for you today. Sorry about that! No, what I want to talk about today is that of a new service from VMWare and Amazon Web Services called VMWare Cloud on AWS, which we just highlighted in our new SEV Ops video!

So… what in the world is this whole VMWare Cloud on AWS thing?

The first thing that we need to understand is that this is an ever expanding offering, and this post will be used to run through the highlights of the offering as it stands today. Expect that there will be further deep dives later on into the individual components discussed here, and those added in the future.

At the base layer, VMWare on AWS (VMWonAWS) is taking VMWare’s Cloud Foundation (VMWCF) with vRealize and deploying them on bare metal inside of the AWS data centers around the world. A key point to understand is that this is a service sold, operated, and supported by VMWare and its partners as an on-demand service with flexible consumption models. All of this, while also retaining access to NATIVE AWS services where needed or desired!

Breaking down the VMWare Hybrid Cloud (VMWHC) offering further to its individual components and we have the core virtual infrastructure components that we know and love from our friends over at VMWare. The core building blocks lay out like this: vSphere to handle the compute functions, NSX for the networking layer, and vSAN to manage the storage. Those three core pieces are then wrapped around in a management layer known as VMWare’s SDDC Manager (Software Defined Data Center), and finally take VMCF a step further with another wrapper in the form of vRealize. Essentially, do what many of us wish to do in a greenfield (read: never going to happen) environment and wrap all of VMWare’s products in a nice pretty bow and we have VMWHC.

That is what we have going on way up in the clouds, but what about back on-prem? I have a pretty strong core belief that we tend to over rotate in our industry. We have done so with many different trends like containers, cloud, flash technology, networking, hyper-converged infrastructure, etc.. the list goes on and on. This isn’t really an issue, but more of a statement of reality in that even if the hype meter never drains fully, we do tend to work together to bring things back into perspective for a given situation. In this spirit I believe that long term most of us will end up largely in a virtualized on-prem/off-prem hybrid world. That is one of the many reasons why this partnership is huge, and what brings me back to… what about on-prem?

Essentially take those same core technologies, and deploy them on-prem on our own with a DIY approach perhaps over time like using building blocks, or with a turn key product set like VxRack SDDC from DellEMC (& SHI), externally stretch the network, and go! We now have the exact same virtual infrastructure running on-prem as we do in the private cloud offering in AWS that paints a picture like this:

The benefits of this approach are nothing short of astounding. AWS and other public clouds require vastly different skill sets than those that most of our guys in the data center possess today. There are TONS of ways to go out and get education for those skills, but wouldn’t it be amazing if we could take our existing VMWare skills, tools, and resources that we have invested years and years into and leverage them in our hybrid-cloud environment? Not to mention the over 4500 third party application partners coming along with the VMWare ecosystem. THAT is what we are talking about here! No product, solution, or offering is more important than the people running it or the organization it is powering.

Enabling existing resources to facilitate change in an organization is THE KEY to agility and flexibility in today’s fast paced, technology driven world. Being able to extend a data center on-demand for seasonal upswings or get rid of an existing data center all together and leverage DR in the cloud for seamless workload portability/hybrid operations are only a few of the exciting possibilities.

Extending the SDDC benefits to the cloud could be the first step towards application modernization, test, and development with a single, logical global view and operations. A first step, if you will, to getting to the cloud for the workloads that make sense or that need the multi availability zone and multi region application availability. After all, the cloud is just another tool in the ever expanding toolbox that is infrastructure technology. If resiliency has been built up the stack to the application level with design schemes that leverage loosely coupled application dependencies and queuing systems then we might be cloud ready. If not then we may not be, but that doesn’t mean we aren’t in a spot where our competition may be pulling away, and the elastic nature of the cloud may help us bridge the gap. Combine VMWare tools with those native AWS services mentioned above and VMWonAWS may just be the edge we need to stay in the game!

Now, VMWare wasn’t able to just take their technology, install it on some servers, plug in some cables and walk away. No, no, no… they put a significant amount of effort into this from an engineering perspective, and will continue to do so as time goes on. Running through the finer details regarding the technical changes necessary to make this work is out of my intended scope for this post, but I do want to highlight one in particular which is the change from multicast to unicast networking under the covers in vSAN. This is a hard and fast requirement for networking inside of the public clouds, and really illustrates VMWare’s commitment to this endeavor in my opinion.

VMWare is not going to the big players in the market like AWS and trying to show them how to do things, or have them change to meet VMWare’s requirements. No, VMWare is learning and adapting to the market conditions after taking a cold, hard, and long look in the mirror asking what they need to do in order to best serve their 500,000 plus customers. Then they went and did it, which is HUGE!!!

The sort of agility on display here, as obvious as it may seem, is not easily achieved in a company as large and successful as VMWare. Pat Gelsinger is effectively disrupting his own business in order to make this shift, which is quite a gamble, but also a tremendous showing of strength and leadership. My hat is off to Pat and everyone else involved with bringing this offering to market.

VMWare and AWS customers alike have been asking for this for a while. For many years, VMWare has been nothing short of an obvious choice for most customers on-premises data center virtualization needs, and AWS the same for nearly any public cloud needs. There are a slew of different technologies (the 4500 plus strong mentioned earlier) that have been trying to help us bridge the gap between the two. Trust me when I say that those tools for things like DevOps, Security, and Data Protection aren’t going anywhere, but this partnership between the most trusted infrastructure provider and the world’s largest public cloud/best data center operations company on the planet is a massive step towards us fully realizing the potential of the hybrid cloud future.

We are at an interesting crossroads in the industry with massive consolidation and big time partnerships taking place. DellEMC is in full swing, HPE seems to be buying up a bunch of major players as they try to reinvent themselves (no pun intended), Nutanix is building their own cloud services alongside Google who also just announced a partnership with Cisco. Lastly… Microsoft is landing on-premises with their own unique flavor of convergence and hybridity that is Azure Stack. It seems we are heading down a road where the clouds we choose are defining the infrastructure silos that we thought we were getting away from…

…Hmm, perhaps VMWare has some answers to that as well? 😉 Until next time!

Best,

Russ

0 Comments