07-07-15

Why Cloud Computing Is Like Gas And Electricity

Storm_clouds

(cjohnson7 – Flickr)

I happened to tweet a link to an article from The Register the other day regarding the price of cloud based resources in Microsoft Azure going up, which detailed price rises of 11% in the Eurozone countries and worse than that, 26% in Australia. As a result, I ended up having a brief but interesting Twitter conversation with a follower about pricing and “locked in” charges like energy companies offer here in the UK.

The over-reaching point being that cloud computing has an awful lot of variables that dictate the overall pricing. Perhaps we were all a little naive at first in the industry, thinking that Moore’s Law and such would mean a doubling of compute power at half the price at regular intervals and the pricing to continuously fall. Hell, Amazon even tell you (or they did) that the more cloud resources people buy (storage, compute, networking) then the cheaper it will get because of the economies of scale and their bulk purchasing power.

What we never really seemed to factor in back in those days was the volatility of global currencies. I think it’s a reasonable statement to say that most IT pricing is inextricably linked to the value of the US Dollar, and when this goes up and down, pricing around the world for licencing and components tends to change too. As I write this post, Greece’s economy is in the toilet with no sure way to know what will happen next. It may even be possible that other Eurozone countries are close behind, and although I have strong opinions on the Euro, let’s park those for now and concentrate on the topic in hand.

Back to the original point, gas and electricity prices are governed by the free market principles of supply and demand. As the market gets saturated, prices fall. As the market resources becomes more scarce, prices rise. Prices also rise depending on the volatility of exchange rates. Stick with me here, I will get to the point.

When cloud computing is pitched, it’s pitched as being “OK” because it’s now operational expense (OpEx) rather than a large up front capital expense (CapEx), the implication being that this will result in smaller, more predictable bite sized chunks of expenditure over a period of time. This news about Azure pricing going up 26% in the worst case means that any forward budgeting you made on prices remaining stable just got blown out of the water. 26% of anything is a lot of unbudgeted costs to find.

Where does that leave you then? Well it all depends on your business needs, but spreading the risk by using hybrid cloud solutions is one answer. Keep the “Crown Jewels” in your own DC if you can, farming off the less needy systems to cloud provider bit barns. What else can you do? Well if you’re going all in with a cloud provider, whether that’s VMware, Microsoft, Google, Amazon or anyone else, check what your escape route is. What does it cost to move your workloads? How long will it take to get out of the contract? How much time will I need to replicate workloads into the “new” cloud? Do I even have an escape clause?

I don’t profess to have the answers, and in many ways, I’m just thinking out loud. However, seeing this news has made me realise that there was a bigger picture about cloud computing I hadn’t seen before. Had you?

 

02-07-15

Networking for VMware Administrators – Book Review

download

Much to my surprise, I bought “Networking for VMware Administrators” back in April 2014 and it has been on my “to do” list to read it since then. Regular readers will know of my recent scrapes and japes with NSX, including passing the VCP-NV exam so there was a nice dovetail with what I’ve been learning in this area and this book.

For those familiar with the VMware curcuit, Chris Wahl is a well known presenter and author and amongst other things regularly appears at VMworld and records Pluralsight videos, which I always like to use as a jump start to anything new I learn. As I’m not a networking guy, I thought I would try and start at the bottom, get a refresher on basic concepts and then move it forward to how that applies in the vSphere world. Steve Pantol is a new name to me, but the two seem to have a nice flow to how they write.

This book certainly hits the mark where that is concerned. Starting off very simply, the basic concepts of how networking evolved from the simplest idea to be where it is now takes you from the first rung on the ladder and conceptualises each new addition to networking designs, such as hubs, repeaters and switches. This then moves along to things such as VLANs and broadcast domains.

Physical networking is covered at a decent level of detail, taking into account the OSI model, and subtle but important differences between layers 2, 3 and above. I found the authors’ easy and humorous style of delivery very easy to follow and not feeling like a dry subject being rammed down your throat. Networking isn’t necessarily the most intriguing subject you’ll ever cover, but we’d be nothing without it’s essential plumbing to get us connected.   I read the book in three sittings, which is pretty good for me, as I’ve got the attention span of a gnat.

Part II of the book concentrates on virtual networking and switching, moving the focus towards vSphere and it’s networking options. Obviously this falls into two camps – standard and distributed vSwitches. There is also some content on Nexus V1000 switches, but I pretty much skipped that as I’ve never seen it and currently don’t really care about it. That being said, it’s good to know the section is there for me to refer back to if need be.

One aspect I really liked about the book overall was how choices and requirements fed into the design of the networking infrastructure, both from a physical and virtual viewpoint. Chris is a dual VCDX and it’s useful to get inside of his head and understand how to translate these sorts of issues and choices into an overall design. Especially useful if I ever get my finger out and actually submit a VCDX design!

Part III covers storage traffic on the network, namely iSCSI and NFS. I was a little surprised to see this type of content in the book, but enjoyed reading about it none the less. I suppose storage traffic falls into the cracks a little bit as it’s not “pure” VM networking, but it’s just as essential to get this part right when designing an overall solution. Bad storage == bad performance!

Again, a good emphasis on design constraints, assumptions and choices is put into this section, giving you a good steer on what should be considered when using storage protocols over the physical network (items such as dedicated, non routed VLANs, for example). One good tip I picked up was how to configure NFS to give you more NICs by using multiple exports on the NFS server and establishing separate links. As with all other sections, single points of failure are discussed and mitigated with different design choices.

Another good titbit I picked up was using traffic shaping to throttle vMotion traffic on 10Gbps Ethernet – I’d never before actually come across a good use case for traffic shaping, I’d assumed NIOC was always the way to go.

Finally section IV covers off all other “miscellaneous” networking concerns for your design and/or environment, this includes vMotion as discussed above and how to design around multiple NICs and/or connections, exploding a few myths along the way.

At 368 pages, it’s not War and Peace but also it’s not a 100 page pamphlet that skims over the important details. Like I said, I read it in around three chunks over a couple of days without it feeling like a chore. I think for anyone pursuing the VCDX route, this book is an absolute must. Not only does it help crystallise some concepts around physical and virtual networking, but there is excellent detail on how to consider your networking design and how to justify particular design decisions.

NSX is out of the scope of this book, but is such a huge topic in and of itself that I’m sure we’ll see a release on this in the not too distant future. This is a book that helps you understand networking from the ground up and how this relates to a virtual world.

That being said, it’s a highly recommended addition to your library of resources as it helps you have a meaningful conversation with networking teams, which as we all know is not the easiest thing in the world ;-)

Remember if you have a VCP certification, you can buy this book from VMware Press with a 30% discount using the code you can obtain from the VCP portal. I also believe Chris donates all book profits to charity, so yet another excellent reason to add this to your collection. Other good stockists are also available!

01-07-15

Achievement Unlocked – VCP-NV

VMW-LGO-CERT-PRO-6-NETWK-VIRT

A little bit after the fact, but last Friday I sat and passed the VCP-NV exam to leave me the VCP-CMA short of a full house of VCPs (and that beta result is pending). Even though I have only had a few weeks getting hands on with NSX in the hands on labs, I think it’s a tribute to how simple the product is to pick up and run with that I found most aspects of it pretty straight forward to pick up and understand.

I went over the ICM course notes which I had and also watched Jason Nash’s excellent Pluralsight videos. Although not everything about the product is covered in these videos, it’s an excellent primer on some networking fundamental refreshers and also the building blocks to NSX and how to deploy them. There are still a couple of areas that I’m not totally sure about (SNAT and DNAT for example, and where to apply these rules) and I also seem to have a bit of a mental block around when MAC addresses change in transit, but I’m sure I’ll get there in the end.

As NSX is still fresh in my mind and we’re hoping to join a VMware Lighthouse program in the UK, I’ve already booked my VCIX-NV exam for early August, which should give me plenty of time to crystallise the problems I’ve had as listed above. I actually enjoy the Advanced exams more than the VCP type exams as it appeals to the way I work and I prefer being hands on with products, rather than answering conceptual questions about the product.

The exam itself is 125 questions over 125 minutes and as usual is very faithful to the blueprint. Even before I’d got to the end I felt confident that I’d done enough to pass even though I’d been probed on some of my problem areas. In the end I passed reasonably comfortably and I look forward to sitting the VCIX in August!

 

12-06-15

VCP6-CMA Beta Exam Experience

VCP6-CMA-sm-logo_120_108

I just got back from sitting the beta VCP6-CMA exam so I thought I would jot down a few thoughts in case it helps others out. Firstly, it was my first VCP exam for around 2.5 years, so I’d actually forgotten what kind of level the questions were pitched at! I’m used to VCAP level now, which usually means labbing the shit out of the blueprint so you can get to the exam and be able to hit the ground running with the practical and/or design canvas questions.

Although I’ve only really had dirty hands on vRealize Automation (I’m going to pronounce it as “Vera” I think in the future!) for about 6 weeks. You’d think that not really long enough to go ahead and sit a VCP, but even though the product scope is large, I’ve found it relatively easy to get up to speed with how it works. Enough to sit the exam anyway, and as it was at a special price until the end of the beta today (£36), I thought why not? As a partner we have big plans around the cloud space, so having the VCP can only help.

As for the exam itself, as usual it’s pretty faithful to the exam blueprint. There are 110 questions to be completed in 120 minutes, I believe non-native English speakers get a bit longer. I completed all the questions within about an hour. The exam itself was form based, multiple choice and exhibit based questions, as per most VCP exams I’ve ever sat. With 110 questions, VMware are able to very broadly go across all features of the product (including vRealize Business and App Director) and test you to a reasonable degree. Obviously not as testing as VCAP, but it’s not the same level.

I found myself falling back on my old exam technique of going with my gut response and when I wasn’t sure of an answer, I’d rule out the ones I knew were incorrect and then play the odds with the ones that were left.

There were only a couple of spelling mistakes and a couple of questions I didn’t think were worded too well, but the exam room was quite noisy which didn’t help my concentration, so it may be I was a bit distracted. I didn’t flag any answers for review and I didn’t add comments to any questions. It seems a pretty fair test of product knowledge and a good exam to pass.

Apparently I won’t know if I’ve passed for about 8-10 weeks as the beta exam process runs it’s course (hopefully it may be shorter as today is the last day), so I’ll have to forget about it for now and move on to the VCP-NV which I sit on the 30th. My gut feeling was I’d done enough to pass (around 3/4 correct by my estimation), so we’ll see when the time comes.

A totally different experience to a VCAP and not as intense, but I enjoyed it none the less. Fingers crossed now and onto VCP-NV!

 

11-06-15

VCP6-CMA Study Guide – Section 3: Create and Administer Cloud Networking

VCP6-CMA-sm-logo_120_108

Objective 3.1: Explain NSX Integration with vRealize Automation

Manage network services from within vRealize Automation

  • Network profiles are used to map networks in vRA to port groups in vSphere (for example)
  • Create a network profile from the vRealize Appliance, logged in as a fabric administrator
  • Go to Infrastructure -> Reservations -> Network profiles
  • Click New Network Profile and select the appropriate type (External, NAT, private, routed – all are created at time of provisioning except External which is a pre-existing vSphere port group)
  • Give the profile a name and configure the subnet mask (and optionally, DNS details and gateway)
  • Click IP Ranges tab and add a range of IP addresses for that profile to consume by using New Network Range button
  • Fill out a name and a start and end IP address for the range, click OK
  • A CSV file may also be used to define a large range of IP addresses

Configure NSX Integration

  • Prerequisites include an existing NSX Manager instance associated to a vCenter Server and a vSphere endpoint instance
  • Also credentials for the NSX Manager (Infrastructure -> Credentials -> New Credentials) and NSX plug-in into Orchestrator
  • Login to the vRealize Appliance as an IaaS administrator
  • Edit the vSphere endpoint in Infrastructure -> Endpoints
  • Select “Specify manager for network and security platform”
  • Add the IP address or DNS name of the NSX Manager appliance
  • Select the NSX Manager credential set previously added
  • Run a data collection from the Infrastructure -> Compute Resources section in vRealize Appliance (ensuring the network discovery is enabled)
  • Before you consume NSX services, you must run the Enable Security Policy Support for Overlapping Subnets Workflow in vRealize Orchestrator, using the NSX Manager endpoint previously used as the input parameter for the workflow.
  • After you run this workflow, the Distributed Firewall rules defined in the security policy are applied only on the vNICs of the security group members to which this security policy is applied

Configure IaaS for Network Integration

  • Configuration requires steps in this order:-
    • Configure the Orchestrator endpoint in IaaS
    • Create a vSphere instance integrated with NSX (see above)
    • Run the Enable Security Policy Support for Overlapping Subnets Workflow (see above)
    • Create a network profile (see above)
    • Add or amend an existing reservation, click on the Network tab
    • Select an external network in the Network Paths list
    • Select the transport zone, security group and routed gateway

Objective 3.2: Configure and Manage vRealize Automation Networking

Identify the available NSX for vSphere Edge network services

    • NSX Edge Services include:-
      • Dynamic Routing (Provides the necessary forwarding information between layer 2 broadcast domains, thereby allowing you to decrease layer 2 broadcast domains and improve network efficiency and scale. NSX extends this intelligence to where the workloads reside for doing East-West routing. This allows more direct virtual machine to virtual machine communication without the costly or timely need to extend hops. At the same time, NSX also provides North-South connectivity, thereby enabling tenants to access public networks.)
      • Firewall (Supported rules include IP 5-tuple configuration with IP and port ranges for stateful inspection for all protocols)
      • Network Address Translation (Separate controls for Source and Destination IP addresses, as well as port translation)
      • DHCP (Configuration of IP pools, gateways, DNS servers, and search domains)
      • Site-to-Site Virtual Private Network (VPN) (Uses standardized IPsec protocol settings to interoperate with all major VPN vendors)
      • L2 VPN (Provides the ability to stretch your L2 network)
      • SSL VPN-Plus (SSL VPN-Plus enables remote users to connect securely to private networks behind a NSX Edge gateway)
      • Load Balancing (Simple and dynamically configurable virtual IP addresses and server groups)
      • High Availability (High availability ensures an active NSX Edge on the network in case the primary NSX Edge virtual machine is unavailable)
      • Multi-Interface Edge

Configure DHCP/NAT/VPN/Load Balancer

  • Configuration of NSX is done from the vSphere Web Client
  • Uses a plugin under the Networking & Security button
  • Go to NSX Edges and create an Edge Gateway for the services
  • Provide CLI username and password for appliance
  • Enable SSH and HA if required
  • Pick datacenter, appliance size (compact, large, X-Large, Quad-large)
  • Choose cluster and datastore for Edge appliance deployment
  • Configure NIC and which VDS you want to attach the appliance to
  • Configure IP addresses and subnet, MTU size (1600 for VXLAN, remember)
  • Services are configured by double clicking on the Edge appliance and going to the Manage tab

Sub-allocate IP Pools

  • IP Pools are created and edited under the NSX Edge Gateway object in the vSphere Web Client. Look under the Manage tab, then click Pools and the add button. Configure the pool as appropriate

Add static IP addresses

  • Static IP addresses are created under the Edge Gateway Manage tab, the DHCP and bindings. Click the add button and add VM or MAC binding as needed.
  • Interface, VM Name, VM vNIC interface, Host name and IP address are required fields.

Configure syslog

  • The syslog server is configured by logging into the NSX Manager appliance management interface, Manage Appliance Settings button and fill out the Syslog server under General settings.
  • IP address, port number and protocol (TCP/UDP) are required

05-06-15

VCP6-CMA – Section 2: Administer vRealize Automation Users, Roles and Privileges

VCP6-CMA-sm-logo_120_108

Objective 2.1: Create Roles and Apply Privileges to Roles

Configure system-wide roles and responsibilities

  • There are three system wide roles, they are:-
    • System Administrator (create tenants, configure identity stores, assign IaaS and tenant administrator roles, configure Orchestrator, configure branding, notifications and monitor system logs)
    • IaaS Administrator (configure IaaS features and global properties, manage IaaS licences, create and manage fabric groups, create and manage endpoints and associated credentials, configure proxy agents, manage AWS instance types, monitor IaaS logs)
    • Fabric Administrator (manage build profiles, manage compute resources, manage cost profiles, manage network profiles, manage AWS EBS volumes and key pairs, manage machine prefixes, manage property dictionary, manage reservations and reservation policies)
    • Login as a tenant administrator and go to Administration > Users & Groups > Identity Store Users & Groups. Search for the required group, add the required roles from the list and click Update to save.

Assign user roles within tenants

    • There are seven tenant based roles, including:-
      • Tenant administrator (manage tenant identity stores, user and group roles, custom groups, tenant branding, notification providers and scenarios, create and manage approval policies, manage catalog services, item and actions, manage entitlements, monitor tenant machines and send reclamation requests, configure Orchestrator servers, plug-ins and workflows for use in the Advanced Service Designer, create and publish shared IaaS blueprints)
  • Service Architect (Define custom resource types, create and publish service blueprints with the ASD, create and publish custom actions)
  • Business Group Manager (create and publish business group specific blueprints from IaaS, catalog items and entitlements, monitor resource usage in a business group)
  • Support User (Request and manage items on behalf of other users within their business groups)
  • Business User (Request and manage services)
  • Approval Administrator (Create and manage approval policies)
  • Approver (Approve catalog requests, including provisioning requests or any resource actions)
  • Login as a tenant administrator and go to Administration > Users & Groups > Identity Store Users & Groups. Search for the required group, add the required roles from the list and click Update to save.

Configure tenant roles and responsibilities

  • Login to the vRealize Appliance as a tenant administrator
  • Select Administration > Groups
  • Click the Add icon
  • Select Identity Store Group
  • Type a group name in the Add existing Identity Store groups to this group search box
  • Select one or more roles from the Add Roles to this Group list (The Authorities Granted by Selected Roles list indicates the specific authorities you are granting)
  • Click Update.
  • Changes to user access rights are reflected immediately

 Add identity stores

    • Login to the vRealize Appliance as a tenant administrator
    • Select Administration > Identity Stores
    • Click the Add icon
    • Type a name in the Name text box
    • Select the type of the identity store from the Type drop-down menu
      • OpenLDAP
      • Active Directory
  •  Type the URL for the identity store in the URL text box. (For example, ldap://10.141.64.166:875)
  • Type the domain for the identity store in the Domain text box
  • (Optional) Type the domain alias in the Domain Alias text box
  • Type the login user Distinguished Name in the Login User DN text box (For example, cn=demoadmin,ou=demo,dc=dev,dc=mycompany,dc=com).
  • Type the password for the identity store login user in the Password text box.
  • Type the group search base Distinguished Name in the Group Search Base DN text box (For example, ou=demo,dc=dev,dc=mycompany,dc=com)
  • Type the user search base Distinguished Name in the User Search Base DN text box (For example, ou=demo,dc=dev,dc=mycompany,dc=com)
  • Click Test Connection
  • Click Add

Appoint tenant administrators

  • IaaS administrators cannot be added until IaaS components have been installed
  • You must first configure an identity store
  • Type the name of a user or group in the Tenant Administrators or Infrastructure Administrators search box and press Enter
  • Verify that the user or group name appears in Tenant Administrators or Infrastructure Administrators list
  • Click Update

Objective 2.2: Configure AD/LDAP Integration

Configure identity stores

  • Login to the vRealize Appliance as a tenant administrator
  • Procedure is much the same as in the “Add Identity Stores” listed above.
  • Changes can be made to search DNs, LDAP bind user and LDAP URL/port if required
  • Each tenant must have at least one identity store

Link an identity store to a tenant

  • Login to the vRealize Appliance as the system administrator
  • Click Add Tenant and fill in the details
  • Procedure is much the same as in the “Add Identity Stores” listed above

Configure a Native Active Directory Identity Store

  • Native Active Directory identity store is only available on the default tenant
  • Login to the vRealize Appliance as a system administrator
  • Join your Identity Appliance to Active Directory to enable Native Mode
  • When in the tenants view, select the default tenant (vsphere.local)
  • Click the Identity Stores tab, click Add and type in the name of the joined AD domain
  • Click Add and Update

04-06-15

North West England VMUG – Meeting Report

Yesterday was the summer get together of the North West England VMUG chapter at Rosylee in Manchester. A somewhat quirky venue, it offers an intimacy you don’t really get with other conference venues. We even had vRockstar Duncan Epping with us for the first time to cover off the latest and greatest in Virtual SAN. He seemed to like the venue too!

Although the event was planned as a vSphere 6.0 themed meeting, it seemed to err more towards the storage side of things. As well as event sponsors Pure Storage and Tegile, there were the usual sessions on “What’s New” and vNews. A new addition to the agenda was an “Ask the Experts” panel which seemed to work really well. Lots of questions about licencing! Anyway, without further ado..

VMware What’s  New – Ashley Davies

vmug-ashley

Long time chapter contributor Ashley Davies took us through the usual start of what’s new in the VMware world:-

– IT is in transition, stage 3 after mainframe and client/server
– New type apps coming to market like Uber etc
– How to bridge the two worlds between mobile and client server?
– VMware working on Cloud Native applications (docker, containerisation etc.)
– Photon and Lightwave are the first steps on the container engine development track
– Lightwave is the SSO solution, SAML, Kerberos, LDAP, OAuth, scalable architecture, multi tenant
– Open sourced both items
– Increased scalability in vSphere 6, at least x2 on everything
– Windows vCenter now same scalability as the appliance, VCSA supports Postgres and external Oracle
– Long distance vMotion, up to 150ms latency – migrations, disaster avoidance, multi site load balancing
– Fault Tolerance now up to 4 vCPU, requires 10Gbps networking
– Instant Clone – rapid cloning, Horizon View integration coming
– Data Protection based on Avamar and included from Essentials Plus and above
– Content Library – store and sync VMs, ISOs, templates
– NVIDIA GRID vGPU integration
– Enterprise Plus customers get Integrated OpenStack for free, but support is a paid option

Tegile Systems – Aaron Bell

vmug-tegile

We then had a session with Tegile, who are a storage startup with a presence in the UK.  Main points of the presentation were:-

– All Flash or Hybrid solution – Same O/S using IntelliFlash
– NAS and SAN protocols out of the box, block and file from the same system
– De dupe and compression (inline)
– Hybrid storage array for price per gig, all flash for performance
– Founded in 2010, launched Feb 2012
– 800+ mid-range enterprise customers
– 1900+ systems deployed
– Privately owned – Sandisk and Hitachi backed
– Best of VMworld 2012, Cisco, Citrix and VMware certified
– Partner with Microsoft, Oracle, Veeam and Zerto
– Citrix develop on Tegile, Apple develop iWorld on the platform
– Ferrari and McLaren
– 85% data reduction in VDI deployments, 10x performance improvement
– Boot and login storm mitigation
– Databases 33% data reduction
– Server virtualisation 50% data reduction, 5x 7 x performance improvement
– Hot data cached into top two layers of storage
– 5-10x less cooling
– 5-10x less power
– WAN efficient replication, just replicating new and changed blocks
– Set up ad hoc or automatic replication
– Web UI management
– REST API for automation, no Orchestrator plugin right now
– SCVMM support for Hyper-V (coming in next few weeks in new OS release)
– vCenter plugins available
– Call home alerts
– Opt in cloud analytics reports back twice daily and customer can access performance trends. Tipping point analysis not jusy yet
– VVol support on the way, September time. Native support, not an appliance
– IntelliCare Flash 5 guarantee

An interesting takeaway from the session was that the support/maintenance costs are flat across the five year term, making budgeting a whole lot easier. I’ve seen it previously where this figure can vary a great deal and really squeeze budgets. There is also an offer to replace the controllers in the array at the end of the five year term should you renew further past that. I didn’t note the full details, but I’d be happy to make any corrections where I’ve missed something off.

vRealize Operations 6.01- Matthew Steiner, VMware

Next up was Matthew Steiner with a session on what’s new with vRealize Operations Manager 6.01 (the product formerly known as vCenter Operations Manager). Although I’ve only had a quick play with it, it seems my assumption that it wouldn’t be a big change from 5.x was quite a common mistake. Even Matt admitted it took him a little time to get used to some of the differences.

Key points from the session:-

– vROPs 6 major change from 5.x series
– Don’t stand it up against a lab environment, can’t see the value. Needs to see “real world” examples
– Analytics, adapters, management packs and collections still the same
– Badges still the same (Health, Workload, Risk), numbers gone
– Dashboards and widgets still the same, super metrics
– Linux appliance or Windows
– Completely rewritten and re-architected from the ground up, 2 years development
– Single VM deployment, no longer Analytics and GUI VM
– Gemfire – in memory database
– Clustering – scale up, out, in, HA
– Scales to 64K VMs
– Use VCM to harden your hosts against hardening guidelines
– Improved reporting engine (major complaint of the 5.x product, apparently)
– Capacity modelling across all objects
– Capacity projects can forward plan resources needed for a deployment
– Action Framework – Symptoms, Recommendations, Action

 

VSANs and VVols – “Goodbye SAN Huggers” – Duncan Epping, VMware

vmug-duncan

Next was the session from VCDX and all round vRockstar Duncan Epping. He took us through the current status of the Virtual SAN product, it’s capabilities and use cases. There were also some important notes from the field around ensuring the hardware you use is HCL certified and you don’t just cobble together any old junk and expect it to fly like an eagle. To the sea, presumably. (My words, not his. Well, Peter Frampton’s words. Well, you get the idea.)

– Disk I/O has to go through the through kernel anyway, so why not position Virtual SAN within the hypervisor?
– Enables workload awareness
– Storage policy based management (SPBM)
– PowerCLI, perl, python can be complex, policy driven via vCenter much easier, lower learning curve
– VVols provides a framework for third party vendors to use
– Policy based framework means engine knows best place to put VM based on features of VVol enabled storage (dedupe, compress, striped etc)
– Virtual SAN fully integrated with vSphere stack – DRS, HA, etc
– Brings data closer to compute
– Granular elastic scale out. More resource needed, add more Virtual SAN nodes
– Virtual SAN needs a minimum of three hosts, all three must contribute storage
– 10Gbps Ethernet preferred, dedicated VLAN for Virtual SAN traffic. 1Gbps works, but should you?
– Theoretical max of 9 PB per cluster based on current sizing
– Up to 90K IOPS per host, sub milli second latency
– Linear scaling across nodes, predictable performance gains as cluster scales out
– All flash or hybrid model with vSphere 6.0
– Zero data loss in the event of hardware failure – VM copies placed elsewhere in the cluster – If you build Virtual SAN node from HCL components, SKU list is big – Virtual SAN ready nodes from partners, pre-built and tested, single SKU
– EVO RAIL pre built hardware appliance, EVO RACK not yet available
– Always pick components from HCL, picking a good disk controller is key
– Dell FX 2 and IBM flex being certified
– Impact of any Virtual SAN changes shown in vSphere Web Client
– Virtual SAN is object based product. VM is an object and VMDK is a component
– Most customers using SAS drives
– 60 minute wait on failure before recopying component to another host
– Virtual SAN is maintenance mode aware
– Fault domains introduced in Virtual SAN 6.0 to make it rack aware
– Better performance on snapshot using Virsto technology
– Content based read cache (View Storage Accelerator) coming for server workloads
– Compression and dedupe on the way but issue is overhead on host in doing this
– Virtual SAN monitoring available in vCenter. VSAN observer? Management pack for vRealize Operations Manager on the way
– VDI is a good use case for Virtual SAN

Pure Storage – Adrian Clarke

vmug-adrian

First up my sincere apologies to Pure Storage. I didn’t capture many notes about the company and the product as I had to take a phone call and missed the vast chunk of your session. If anyone wants to provide a brief summary or a link to the slide deck, I’d be happy to post it on this blog. As much as I got was the following:-

– All flash storage solution
– Gartner magic quadrant leader
– All Flash Array with consumer SSDs, always on encryption and dedupe from 2011
– FlashArray M is the new product. 6 watts per TB, reduced number of cables
– 100TB in 3U – Product designed and manufactured from the ground up, so Pure control not only the software but the hardware also which is unique with this type of solution

VMware Certification Roadmap – Community Session

Next up was me! I was asked by Steve and Nathan (VMUG leaders) to do a presentation last year, but due to having to take a contract at short notice I had to let them down and I hated doing it. I was asked back a second time yesterday and delivered a session on VMware certification and the roadmap for version 6 of products. I hadn’t presented for a couple of years, and although a little apprehensive at the start, within a couple of minutes I got into my stride and actually felt fine. I think it probably helped that it wasn’t a presentation on storage!

A quick straw poll at the start of the session was really interesting. I asked for shows of hands as to who had VCA, VCP and VCAP. VCA had a few hands, VCP had lots of hands and VCAP had no hands! I was very surprised at this, I was expecting at least a couple! It seemed Duncan and I were the only two in the room that I could see.

Key takeaways from the session:-

– VCP certification has been going since 2003, there are now more than 100,000 worldwide
– VCAP introduced in 2010
– VCDX introduced in 2010, around 200 worldwide (of which Duncan is 007!)
– Traditionally, VCP requires one exam to pass the certification, but this requires the ICM course to be sat first
– As you rise up the “Pyramid of Power”, the bar goes higher and there are fewer candidates
– Differentiate yourself in the market by achieving higher levels of certification, pimp your LinkedIn profile – you have a 10 second window of opportunity to impress people looking at your profile!
– Traditionally, VCAP track has multiple skills (Cloud, DCV, Desktop) and design or admin tracks, this being simplified to Implementation Expert (VCIX). Two exams, one certification. Multiple VCIX grants “Elite Implementer” status which sadly current multiple VCAP holders can’t have!
– VCDX requires a panel defence of a design document, can result in hundreds of hours of work and can be expensive to get (£1500+)
– Achieving VCAP status helped me feel less intimidated about working with vRockstars at top partners such as Xtravirt, helps validate your skills to others
– VCP-NV (network virtualisation) exam is half price until the end of June
– If you plan on sitting an exam or two at VMworld, don’t bite off more than you can chew and leave yourself exhausted. VCAP exams are 3 hours plus

To finish off we had some vNews from Ashley Davies and a new addition to the agenda, “Ask the Experts” panel. There was a lot of good interaction between the panel and the audience, a few questions on licencing but a lot on Virtual SAN. Thanks to the VMware guys for doing this, and oiling them with a beer during the session obviously helped!

vmug-experts

The next meeting is planned for Wednesday 9th September back at Rosylee, keep an eye on the chapter Twitter feed for further information.