Author: javirodz

What’s New: vSphere 6.5

We have an announcement from VMware about vSphere 6.5. I will check this on VMware’s hand on labs (labs.hol.vmware.com) and try to synthesize it here. These labs a are sleek way to experience VMware products without the hassle of setting up everything in your personal lab.

vCenter Server Appliance Native Protection

This is one of the most awaited vCenter features. The previous method included manual re-configuration and/or a load balancer, the new way seems to simplify this by creating an HA Cluster

Another neat improvement is that now the user interface is entirely HTML, with no dependencies on flash or having a Windows VM handy to run the vSphere C# client. I am not sure I would ever stop using it, I am an old UNIX engineer that uses df -k instead of -h.

The VUM (VMware Update Manager) is integrated with the vCenter Server Appliance, again removing the need for an extra Windows Server. The VUM enables centralized, automated patch and version management for vSphere.

The Content Library (check my post here) added the capability of mounting an ISO to the VM directly from the library. I will have to re-visit my Content Library post because I’ve had more requests from clients to use this feature. You could even create a new VM from a template in the Content Library. It can also be synchronized between vCenter servers over HTTP.

The SIOC (Storage IO Control) can be configured in the storage policies and applied to the VM. With this, you can define IO limits, reservations, and shares that can be assign to VMs through the storage policy.

The HTML5 Host Client is a new product designed to replace the functionality of the C# client. You can monitor resources and review logs with it.

And last but not least you can set up a KM (Key Management) server in the vCenter to use it to encrypt your VMs. I know I know, everything involving certificates is more complicated, but lately, it’s just a necessity if you don’t want to fall victim to vulture groups looking to make a quick buck encrypting your data.

November 14, 2016
UCS Manager – Create a VLAN

In this post, we are going to create a VLAN in the UCS Manager, but we are going to use the latest HTML5 version. So let’s get started bu logging into the UCS Manager URL. Once there browse to the LAN tab, in the case of the new GUI shown here, the third icon on the left (counting from the top).

Then browse to the VLANs section inside the LAN cloud. Remember to stay on the general LAN cloud instead that on inside the Fabric A or B.

Now click the Add button in the top-right pane. The Create VLANs pop-up windows appeared, then choose a name (VLAN_704 in this case) and set the VLAN ID (704 in this case). Click OK

That is all for this post, the VLANs are used within the vNIC templates to pass the network communication from outside the UCS environment. Next time I will show you how to create Policies.

November 14, 2016
Quick Reference to FC Zoning on MDS

This is a quick reference to the commands used to configure the zoning in NX-OS. This is an existing setup, the switches should be initialized and at the recommended NX-OS level. Connect to the FC Switch using PuTTY and configure it using the following examples. Here I am using fcalias, but devalias is an option too. There are a couple of differences, fcalias is VSAN specific while devalias are not.

show fcalias
show zone
show zoneset active

show flogi database
show fcns database

FCALIAS
conf t
fcalias name <alias name> vsan 1
member pwwn <wwpn>
end

ZONE
conf t
zone name <zonename> vsan 1
member fcalias <fcaliasname>
member fcalias <fcaliasname>
end

ZONESET
conf t
zoneset name <name> vsan 1
member <zonename>

end

ACTIVATE ZONESET
conf t
zoneset activate name <active zoneset name> vsan 1
end

SAVE
copy running-config startup-config

November 2, 2016
VMworld Day 1 – PEX
VMworld Partner Exchange 2016 is in the books. I can only say one thing, it was outstanding. The sessions were top notch, the presenters could not be of higher caliber. The general session and keynotes were incredible, so much new technology is coming out this week. My first stop was the EUC and NSX Technical Deep dive session with Gabriel Maciel (@gmaciel_ca). The main idea here is that most solutions and applications (if not all) can take be paired with the three main use cases for NSX.
- Security via micro-segmentation
  - One of the main characteristics of a virtual desktop is mobility. Desktops come and go and move around. It is really an intuitive approach to have a security policy follow that desktop everywhere it goes during its whole lifecycle.
- Edge services like load balancers and distributed routing.
- Network Virtualization
The last two just apply to most cases. Better performance with the Edge services and even more mobility with Network Virtualization.

My second stop was a follow up with a Horizon 7 Deep Dive session with Graeme Gordon. Reviewing the new features, what captured my attention was the Instant Clone capabilities, these reduce significantly the time to deploy the desktops using the Instant clone technology (vmFork). It is not the best option for every case, like when using vGPUs, but great if you hate recomposing pools.

From there it was the PEX General Session, and there we heard the news that the Dell-EMC deal is progressing, that we can have control and freedom and that during this week we will have great news with the new announcements.

The next stop was HCI in the Healthcare market, and there I felt better because I found out that the Windows Server 2003 problem from the medical devices is everywhere. After that, I’ve been eating, drinking and breathing NSX. I just realized in these two days that resistance is futile, if we don’t start solving our client problems using NSX, they will go to the cloud and NSX will catch them there anyway. I was joking earlier today about how VMware should change the name of Cloud Foundation and the Cross Cloud service to Skynet. Watch out Pat (@PGelsinger), a Terminator may be coming this way to get you!
August 29, 2016
VMworld General Session

We are the tomorrow, people not customers. It is an intriguing way to get this general session started, nice performance. Pat inform us that Digital Transformation is the top tech buzz word. What does it mean to you? The digital transformation we are having now is all about the cloud. By 2020 the ratio of workloads on the cloud to traditional IT will be 50/50, by 2030 the public cloud will pass the 50% mark. How do we prepare? We can say with some certainty that less and less business are going to be investing in their own hardware and start using more XaaS.

This is why the be_tomorrow is us and is now. And to support this revolution VMware is a leader in the SDDC (software Defined Data Center) field. Pat introduces the cross-cloud architecture to provide freedom and control with the VMware Cloud Foundation.

IBM is the first partner offering the Cloud Foundation as a service. They mentioned that they already have 500 customers using these services. the main idea of the cloud Foundation is to make the cloud simple.

Going back to my first post yesterday morning about my Datacenter wishes, it seems that VMware is my genie. Now switching gears to the Cross-Cloud services from VMware. Is nice to see that VMware is not pretending to run any app, on any device, on their cloud, but the last part of that catch phrase really becomes any cloud.

It is not possible to go back to our clients and tell them to stop using AWS or Azure, it is better to embrace their diversity and wrap the solution around those external services.

We now have a layer that can move workloads between AWS, Azure, and Google. Micro-segmentation and network virtualization for the public cloud. This is huge! Any application, any device, and now for real any cloud!

be_tomorrow together!

August 29, 2016
be_here

I am back at VMworld Las Vegas, and once again I am surrounded by the most creative group of people in my line of work. Last year we were ready for any, this year we’ll be_here. What is it that you want to be_? From the customer point of view, I want to have access to my applications from anywhere and all the time. From the engineering point of view, I want to design a system that can accomplish that in the most efficient and simple way possible. I am hearing wonderful things already, most involving NSX.

One of the buzz phrases that I like the most this year is be_free, we want to be free to move our workloads with no borders, on-prem and off. We are getting there. What is your Datacenter wish list? I know mine is to have one logical Datacenter span across multiple physical locations seamlessly. I know that is already possible, some people are doing it. I also know that a huge number of users are not prepared for disasters, and sometimes they are not protected for even the most simple of events. I want to offer a solution that solves all the business continuity challenges in an implicit way. A turned key solution without a thousand parts glued by chewing gum, easy to scale both up and out, and one that can be upgraded with no downtime.

All this is possible, and this week I will be on the lookout for this new set of mind, don’t talk to me about old iron, and like an ex-coworker of mine used to say “don’t put lipstick on a pig”. I want to be_tomorrow.

August 28, 2016
Create WWNN and WWPN pools in UCS Manager

This is part of a series of posts on how to initially configure you UCS B-Series system using UCS manager. With the information in this post, you will be able to configure the vHBAs needed for FC connectivity. Check the other posts under the Cisco section in my blog. If you are using iSCSI you can skip this step of the UCS B-Series configuration.

To start login into your UCS Manager, select the SAN Tab and Navigate to the Pool section. Right click on WWNN and click Create WWNN Pool

Give it a name, select Sequential and clock Next.

Now add the value for the WWNN, first click add then fill the quantity (in this case 16) and cick Ok and Finish.

The WWPN pool creation process is analog to the one just described, but chage one of the its on the WWN window (see below)

That’s it for this post, I am trying to keep them short to keep them coming. On the next post, I will show how to create a VLAN.

July 15, 2016
UCS B-Series Start to Finish – Part 3
Now that we have our system up to date with the latest software, we can start configuring the different templates, pools, and policies. The UCS is a stateless system, meaning that you will be able to abstract all the usual properties (UUID, MAC Address, etc…) into a Service Profile and apply those to any compatible hardware.
- Create a Sub-Organization: this step is recommended for multitenant implementations, it doesn’t hurt to make it the standard installation procedure. Right-Click on Sub-Organization to open the Create Organization window.
- Create the UUID Pool: select the Server Tab, select Pools from the drop down menu, expand the Sub-Organizations and expand the new Sub-Organization (in this case Sub-Org-01). Select the UUID Suffix Pools and click Add.
- Type in a name and select Sequential, then click Next
- Click Add to define the value
- Change one digit to make it unique and add in a decent size to configure it once and forget about it. the click Finish and click OK in the resulting pop-up window.
- Create an IP address pool: this pool will be used to connect to the KVM for console access. First, navigate to the LAN tab and select Pools from the drop down menu, then under the Sub-Organization (Sub-Org-01 in this case) right click and select Create IP Pool.
- Give at name, select Sequential and click Next
- Click Add to define the IP address block.
- Setup the IP address block information, you can do as many as you want, you can always add later, I usually configure one for each blade at the very beginning ad forget about it.
- As a final step, click Next and then click Finish (assuming you won’t use IPv6).
- Create a Server Pool: from the Servers tab, navigate to the Sub-Organization and with a right-click select Create Server Pool. Once there type in a name for the pool and click Next.
- Select the blades and servers from the left pane and add them to the Pooled Servers pane, and click Finish.
- Create the MAC Address Pools: We could use the default pool, or we can get very creative with this, especially if you are using VMware or any other host with multiple vNICs. The trick here is to Identify the FI, chassis, site, etc.
```
The MAC address is going to be of the format 00:25:B5:00:00:00, the first part
(00:25:B5) is the Organizationally Unique Identifier (OUI) and the second part
(00:00:00) id the Device ID, and the second part is the one that we customize.
```
Is with the second part that we will get creative. Use it to identify the site and FI, and I go even further and if the deployment is small I also identify the vSwitch. For example 00:25:B5:1A:00:00 could be Site 1, FI A, vSwitch 0, and the last three places are for sequential values. Check the following image with a few MAC Pools.

In the previous image, you can see separate sets for management, vMotion, iSCSI, and VM traffic. You don’t have to do it exactly as I have it there, maybe you want to use the same vSwitch for management and vMotion, then you could designate one place as the vmk# for example. The next slideshow has the MAC Pool creation process.

I am going to submit this post the way I have it up to this point and then release the next steps including:

Create WWNN and WWPN pools (if you are using FC).

Create VLANs.

Create Policies.

Create vNIC and vHBA templates.

Create a Service Profile Template.

Deploy Service Profiles from the Service Profile Template.

Configure Especial Cases like Layer-2 Disjoint Networks
July 15, 2016

How to Use GitHub and Atom

I’ve decided to learn a little bit more about how to use GitHub because I want to start writing some automation code for the UCS B-Series configuration. I did some research on which editor to use (I’ve only used vi, that was the last time I coded) and I found that Atom (www.atom.io) is really sleek and that it integrates with programming languages and you can git directly from it. I will try to present my findings in the next few paragraphs.

In Summary:

Go to http://www.github.com and create an account by clicking the ‘Sign up‘ button on the top right.

This slideshow requires JavaScript.

Create a Repository (project): You can Read the guide or Start a project directly:

Copy the Clone/Download URL

git clone the URL (If you don’t have git installed, check this post from Chris Chernoff explaining how to go about it).

Mac:~ prmadness$ pwd
/Users/prmadness
Mac:~ prmadness$ which git
/usr/bin/git
Mac:~ prmadness$ git clone https://github.com/prmadness/new_project.git
Cloning into 'new_project'...
remote: Counting objects: 3, done.
remote: Total 3 (delta 0), reused 3 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), done.
Mac:~ prmadness$  ls -ld new_project
drwxr-xr-x  4 prmadness  staff  136 Feb  8 15:06 new_project/
Mac:~ prmadness$ cd new_project/
Mac:new_project prmadness$ pwd
/Users/prmadness/new_project

With the previous section, I demonstrated how to download or clone the project or repository into your computer. Now let’s move on to the Atom editor:

Download the Atom editor from www.Atom.io, then install and start the application.

Open the Atom editor and under the File menu click on “Add Project Folder”, Then select the project folder that came down from the git clone.

In the Atom editor, write your python code and save the file to the repository folder using a .py extension. In this example, we will use the filename “ucs-config.py“
If the atom-runner package is installed, you could execute the code directly from Atom pressing CTRL-R on your keyboard.
Go back to the command line (Terminal) and execute the following commands:

Mac:$cd new_project/
Mac:ucs-config prmadness$ pwd
/Users/prmadness/new_project
Mac:ucs-config prmadness$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
Untracked files:
  (use "git add ..." to include in what will be committed)

    ucs-config.py

nothing added to commit but untracked files present (use "git add" to track)

Execute “git add ucs-config.py” and “git status” again

git add ucs-config.py 
Mac:ucs-config prmadness$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
Changes to be committed:
  (use "git reset HEAD ..." to unstage)

    new file:   ucs-config.py

Execute “git commit -m “message” “

Mac:ucs-config prmadness$ git commit -m "first commited file"
[master c04a7ac] first commited file
 1 file changed, 6 insertions(+)
 create mode 100644 ucs-config.py

At this point, the new file is committed to the project in my laptop, but not synced up.
Execute “git push“

Mac:ucs-config prmadness$ git push
warning: push.default is unset; its implicit value has changed in
Git 2.0 from 'matching' to 'simple'. To squelch this message
and maintain the traditional behavior, use:

  git config --global push.default matching

To squelch this message and adopt the new behavior now, use:

  git config --global push.default simple

When push.default is set to 'matching', git will push local branches
to the remote branches that already exist with the same name.

Since Git 2.0, Git defaults to the more conservative 'simple'
behavior, which only pushes the current branch to the corresponding
remote branch that 'git pull' uses to update the current branch.

See 'git help config' and search for 'push.default' for further information.
(the 'simple' mode was introduced in Git 1.7.11. Use the similar mode
'current' instead of 'simple' if you sometimes use older versions of Git)

Username for 'https://github.com': prmadness
Password for 'https://prmadness@github.com': 
Counting objects: 3, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 346 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To https://github.com/prmadness/ucs-config.git
   fab300a..c04a7ac  master -> master

If this was your first time pushing a file, execute “git config –global push.default simple” to get rid of the legacy message.
Everyone else who wants to have the latest revision of your project must execute a “git pull” if they already cloned the project or the “git clone URL” command to download the whole project.
All these git commands work when you are in the repository path/folder of your laptop, use the “pwd” command to check your current path.
Execute git with no arguments to display the Help:

Mac:ucs-config prmadness$ git
usage: git [--version] [--help] [-C <path>] [-c name=value]
           [--exec-path[=<path>]] [--html-path] [--man-path] [--info-path]
           [-p | --paginate | --no-pager] [--no-replace-objects] [--bare]
           [--git-dir=<path>] [--work-tree=<path>] [--namespace=<name>]
           <command> [<args>]

These are common Git commands used in various situations:

start a working area (see also: git help tutorial)
   clone      Clone a repository into a new directory
   init       Create an empty Git repository or reinitialize an existing one

work on the current change (see also: git help everyday)
   add        Add file contents to the index
   mv         Move or rename a file, a directory, or a symlink
   reset      Reset current HEAD to the specified state
   rm         Remove files from the working tree and from the index

examine the history and state (see also: git help revisions)
   bisect     Use binary search to find the commit that introduced a bug
   grep       Print lines matching a pattern
   log        Show commit logs
   show       Show various types of objects
   status     Show the working tree status

grow, mark and tweak your common history
   branch     List, create, or delete branches
   checkout   Switch branches or restore working tree files
   commit     Record changes to the repository
   diff       Show changes between commits, commit and working tree, etc
   merge      Join two or more development histories together
   rebase     Reapply commits on top of another base tip
   tag        Create, list, delete or verify a tag object signed with GPG

collaborate (see also: git help workflows)
   fetch      Download objects and refs from another repository
   pull       Fetch from and integrate with another repository or a local branch
   push       Update remote refs along with associated objects

'git help -a' and 'git help -g' list available subcommands and some
concept guides. See 'git help <command>' or 'git help <concept>'
to read about a specific subcommand or concept.

The preceding steps came from these two videos:

Two things I learned after watching those videos:

Add the terminal-plus package to Atom to open a terminal on you current repository and execute the git commands directly from the Atom editor.
As an alternative to the command line add the git-plus package to use git directly from the Atom editor, after it is installed press “Command+Shift+P” to add, commit and push. To learn how to use git from atom check this video:

As always, excuse my grammar and lack of details, I mostly write these blogs to be able to remember the things I use once a month.

May 26, 2016

Data Migration Using Nimble Replication

As part of the service portfolio at ABS Technology, we offer Data Center migrations. There are multiple technologies to achieve the data replication necessary in a migration. There are two main levels, host-level replication, and array level replication. With host replication, the granularity is a single operating system instance, it can be physical or virtual. You can use technologies like the vSphere Replication Appliance, Recoverpoint for VM’s, VEEAM, ZERTO, or Double-Take. All of these differ and the use of one vs the other will depend on a number of factors like RPO/RTO, budget, standardization policy, etc.

When it comes to array replication, you will have as many flavors as array vendors, but the two types are Asynchronous and Synchronous, again the selection of technology will depend on the requirements.

In this post, I will summarize what is needed for a migration from one Data Center to another of an environment using a UCS B-Series, a Nimble Storage Array, and vSphere.

In the Nimble storage array, the replication can be done over the Data subnet or the management subnet. If the array has a free NIC, you can configure it for data, but use it only for replication. this last case is the one I will be documenting here.

The first step is to configure the subnet in the Nimble Storage. I will user the network 10.10.10.0/24 as an example, with a discovery IP of 10.10.10.50 and an IP address of 10.10.10.51. The discovery IP will not be used because we will only use this subnet for replication purposes.

Figure 1. From the Administration main menu, select Network Configuration.

Figure 2. Click on Active Settings

Figure 3. Click the Subnets tab and then click the Edit button.

Figure 4. Then click the Add button

Figure 5. Click Done to finish.

As a final step, you can save the new configuration in the active settings by clicking the Update button, or save it as a draft to be applied later by selecting the Save as Draft button.

The next step is to configure the replication partner. You will need the nimble Group Name of each storage array, the hostname or IP address and a password to use as a shared secret.

In the next four images, we will navigate through the process of setting the replication partner. First, log in the Nimble and from the menu select Manage->Protection->Replication Partners.

Figure 6. From the menu select Manage->Protection->Replication Partners.

Figure 7. Click on the New Replication Partner button.

Figure 8. Input the information, in our case select the newly created network from the drop down menu as a Replication Network (see Figure 5 above).

Figure 9. Create an optional QoS policy and click Finish.

In the following slideshow, I configure the Volume Collection. The Volume Collection contains all the volumes that will replicate at the same time. At the end, you can see the way I would monitor the replication.

This slideshow requires JavaScript.

Now that everything is replicating, wait for it to be synchronized and it’s time to migrate. There can be multiple ways to do this, you could clone a replica and chose the VM’s you want to migrate, or you could “Handover” the complete volume collection.

Option one: Create clone of the replica.

In this case, the pre-requisite is to stop I/O on the source VM, Datastore, or Volume collection. Do this to have a crash consistent copy of the source. After you stop the I/O, wait for the last replica to happen and now in the destination array, clone the volume replica snapshot and put it online. Then configure the cloned Volume for Host access. If you are satisfied with your VM, I would suggest a storage vMotion of that VM to another DS not involved in the replication and remove the clone. Just to keep things clean.

Option two: Handover the Volume Collection.

Before you click on that Handover button, make sure you shutdown your VMs and unmount the Datastores (don’t delete them!). In the case of a migration to a new set of hosts without replication back, remove the old hosts access to the volumes and rescan to remove dead paths.

May 24, 2016