Thursday, August 30, 2012

Configuration Management for Your Cloud using vCenter Operations Suite

A high level of automation is required to lower OpEx and CapEx in the cloud. Cloud infrastructures are unique as the rate of change is extremely high. Because of this rate of change how can you ensure complete visibility? How can you maintain compliance as you virtualize your Tier 1 applications?

It is possible to have a single pane of glass for your entire virtual infrastructure using vCenter Operations Suite. You can deal with compliance and introduce a high level of automation to simplify operations, provisioning and business management using these tools.

The goal of vCenter operations suite is to provide simplified operational management. In developing these products, VMware realized just integrating into the vCloud stack is not enough to add significant value.

vCenter Configuration Manager allows you to track changes, and compliance for all levels of the private cloud stack. The same policies can be used to manage both your private and public cloud. In addition as a service provider you can generate reports to your customers to demonstrate compliance.

1000's of settings and configurations are collected for all things including Virtual Network and Storage settings, Host profiles, vShield, vCD configurations and all the underlying vSphere components. Dashboards are used to present the information visually.

A Change Management Dashboard keeps track of all changes in the environment. You can also do bulk changes across all vCenters and ESXi servers at once. Once you have made changes you should configure a policy to enforce this configuration. This ensures that you tell whether or not your current configuration is revised so that it deviates from the policy.

The solution comes with many out of the Box templates for compliance. To build these VMware has an entire team that takes the policy and compliance standards and translates them into policy rule sets. In addition you can define exceptions and expire certain policies to ensure flexibility in how the rules are applied.

It is possible to run compliance reports and when things are out of compliance roll them back using the click of a button. The degree of automation can also assist with performance as well as configuration issues. From a single view you can see performance degradations. You can also see what changes where made leading up the the performance problems. Using configuration manager you can role back any changes that may have led to performance issues as well.

There is a rich set of extensibility features that are provided: APIs, workflows and SDKs. In addition the product ties into vCenter Orchestrator.

- Posted using BlogPress from my iPad

VMworld 2012: Cisco Virtual Networking and Security Announcement

CISCO has aggressively virtualized their product line which they refer to as the vStack. They have introduced new Nexus 1000v products at the show. These will be supported on Hyper-V and Opensource hypervisors like KVM. The products are:

ASA 1000v - a virtual Adaptive Security Appliance
Nexus CSR - a virtualized Nexus router
vWAAS - a virtual appliance for providing WAN acceleration
VSG - Virtual Security Gateway

CISCO is promoting VXLAN which allows you to overlay a layer 2 (L2) network over a layer 3 network (L3). CISCO developed the technology and shared it with their partners like VMware and Citrix. This made setting the standard easier as there was widespread support for VXLAN. It is based on providing a tunnel through the network so it requires gateways. This has some implications on the underlying network.

The L2 frame is encapsulated in UDP. It uses a 24-bit VXLAN identifier so it is possible to provide 16 million networks. The virtual machine is unaware that they are actually passing between L3 networks. It believes it is on the same L2 network.

VXLAN uses IP multicast to understand the network. The underlying physical hosts join multicast groups. Multicast groups can be shared for VXLANs so the networks (16 million) are not limited by the number of multicast groups. Packets are filtered to prevent sharing multicast groups from becoming similar to one large broadcast network (example: one multicast group being used for all potential 16 million networks). In addition learning is done by multicast but packets are sent by unicast.

On the physical switches you need to have IP Multicast turned on and Proxy ARP. From a Layer 2 perspective you have to turn on IGMP Snooping (the default on Cisco switches). You also need to ensure UDP port based load distribution is enabled.

In vCloud Director 5.1 the integration of Nexus 1000v is available natively in the GUI once you enable the feature.

- Posted using BlogPress from my iPad

Wednesday, August 29, 2012

VMworld 2012: VMware Horizon: Deep Dive and Best Practises

The problem that Horizon attempts to solve is changing from managing devices vs. managing user content. The problem is that the days of telling users what to do are over. We are entering the Post-PC Era. To be clear this does not exclude Windows but it is now a piece of a larger requirement vs. the only way to access content.

We have hit a crossover point in 2011 in which the underlying operating system is nolonger a limiting component restricting applications to pure windows platforms. Now we have iOS, Android, Macs and Windows. We have to come up with a mechanism to service all of these. The market has provided point solutions to provide services to all these environments however this gets complex and costly. This complexity has been compounded by the Bring Your Own Device (BYOD) phenomena.

This is where Horizon is targetted. The idea is to have one management point to entitle, build policy and report on accessing applications. Horizon was launched in spring of 2011 to deal with the external SaaS integration challenges. In fall of 2011 VMware integrated ThinApp to deal with Windows applications. In Summer 2012 VMware built an on-premise offering as customers complained about using a SaaS application to manage SaaS.

Horizon is made up a Horizon Application Manager and a Horizon Connector virtual appliance. The connector takes metadata and sends it to the manager to control. There are three roles defined; Administrator, User and a Super Administrator role. As Horizon is multi-tenant friendly the Super Administrator role manages multiple environments or workspaces.

The Horizon Application Manager appliance scales to 100,000 users because it is a true broker. The Horizon Connector support 30,000 users per appliance. RSA is supported and you can also separate connectors for internal and external usage.

There is no LB built in but HA and Cloning are supported. Cloning is recommended because it allows the certificates to be copied. The functional components do not change with the introduction of the Horizon Suite. Competitively, the deployment and integration is very easy compared to other solutions.

In the Horizon Suite VMware now supports Mobile Apps, VMware View, Project Octopus and Citrix Published Applications. VMware constructed it as a vApp to enclose all the pieces and simplify deployment. A Configurator VM manages all the VAs (Virtual Appliances). You simply enable the components you want through the configuration wizard and the Configurator VM spins up and configures the VA. There is a Gateway VA to allow files to be transferred in and out of the environment. There is a rich set of Class of Service rules to ensure what happens in the Horizon is controlled by the policy engine.

VMware Mobile is fully supported to ensure smart phones are a fully integrated and managed client in Horizon. VMware manages the entire catalogue of Horizon Apps through entitlement. It has RabbitMQ built in to provide a message queue or bus. This allows you to automate using things like Remedy and Orchestrator to ensure you can integrate Horizon and leverage your existing workflow tools.

Horizon has built in Reporting and Analytics to track users, resources and files.

- Posted using BlogPress from my iPad

Tuesday, August 28, 2012

VMworld 2012: Steve Herrod, End User Keynote

Steve will introduce the new suites from VMware. The session will discuss how VMware has combined their products to solve key business problems with a focus on the end user space. Steve opens with a few buzz words to highlight growing trends in the consumerization of IT, BYOD (Bring Your Own Device) or the IT of consumerization (which describes how technically savvy users are becoming).

Steve talks about how difficult these trends have made things for IT. The disparity in solutions has led to more tools and more point products. This complexity has led to cost increases.

Last year they talked about the transformation from legacy approach of IT into a new services approach. The second challenge that was alluded to is how you broker these new services and tailor them to a user vs a device.

Transformation has not really meant the death of the PC but the move to a multi-device environment. Gartner reports only 30% of business have migrated to Windows 7.

Steve reviews the release of View 5.1. View 5.1 has reduced the aquisition costs and improved the end user experience. Steve also mentions new products that are appliance based and allow you to build out desktops quickly. CISCO has a new device called the ISR G2 that allows you to deploy View in a branch and integrates a number of technology enhancements including VoIP.

Even with all the work done on View you still need to deal with the offline mode. Steve talks about Winova software and specifically the Mirage product. Mirage will decompose a desktop image into layers such as hardware OS, applications and user data. Once you have done this it enables you to quickly change out components of the stack. Mirage enables you to keep these Mirage desktop images synchronized when deployed to the end device. This allows you to keep these images current in near realtime. Mirage enables you to run the View desktop locally but trickle the changes back to the datacenter.

This keys up a demo that takes a user from Windows XP to 7 while online and using their laptop. A reboot completes the migration. The next scenario presented is when the laptop is 'stolen' access is enabled through a thin client to demonstrate that the virtual desktop follows the user. The final piece is the redeployment of the View desktop using Fusion to integrate it into a new Apple iOS laptop.

VMware also introduces the concept of User Interface Virtualization - to allow legacy apps to be tablet friendly. It takes apps and makes them work through gesture. The demo showed movement between applications using a album cover approach. The demo also showed clipboard functionality using gestures.

Now Steve moves to a discussion on brokers. Steve introduces the Horizon Suite. It can broker Applications, Data and Desktops. Project Octopus is integrated into the suite. Steve mentions that this can all be administered from a single place. The Alpha product is shown. When you login you get a dashboard of current use of all the pieces including traditional, thin and mobile applications. You can manage mobile Apps in addition to Web Applications, Thin Apps and low and behold Citrix. The Apple AppStore and Google Apps have also been integrated. Deployment is done through the completion of Class of Service policies. Applications can be self activated by the user provided the administrator allows it.

Steve now introduces Horizon mobile which manages a virtual container for your smart phone allowing personal and business segregation. Currently they support iPhone and Android. Horizon Apps are managed in a separate container on the mobile phone.

- Posted using BlogPress from my iPad

VMworld 2012: Opening Keynote: Paul Maritz and Pat Gelsinger

A number of announcements were made including the attendance and diamond sponsors. The numbers this year are 20,000 attendees and 10,000 watching the keynote online. The diamond sponsors this year are CISCO, Dell EMC HP and NetApp.

Paul Maritz was introduced and begins with a look back to when he did his first keynote at VMworld in 2008. Paul talks to the numbers on virtualization based on Gartner. In 2008 25% of workloads were vitual and in 2012 it is 60%. It is now the default way of running applications. In 2008 there were 25,000 VCPs and in 2012 there are 125,000. 13k attendees in 08 and 20 k in 2012.

Paul talks about the mindset "In 2008 we asked what was cloud in 2012 we are asking how do we implement Cloud?". How does the Cloud effect people and processes? VMware has developed a deep body of how to information on virtualization and Cloud. Paul asks In 4 years how do things look?

Paul believes that a strong set of forces are at work to automate most of the people processes. From physical process to computer based process. Every business is expected to be able to do this. what is happening now is not just the presentation of static information but the tailoring of experiences based on the audience in real time. This has profound implications on what happens underneath to the infra This cannot happen on todays infrastructure. Providing information is not innovative but providing relevance is. How can we take IT more efficient an agile to deliver on these challenges.

We will see an transformation in IT. It will happen in three broad categories: Infrastructure, Applications (real-time demand at exceptional scale) and Access (from a PC dominated world to mobile devices).

Paul introduces Pat Gelsinger to talk about the future (the new CEO Almost)

Pat would like to begin talking about the infrastructure layer. Pat is targeting moving businesses from 60% virtualization to 90% virtualization. We need to continue to make progress on provisioning down to minutes and seconds. To much complexity is involved in deployment. For example the complexity of networking security; can we automate these as wells? The promise is the software-defined datacenter. All infrastructure is virtualized and delivered as a service and the automation is entirely done by software.

Pat mentions that there is strong push from vendors, database (read Oracle) to make it more proprietary and separated. This is not the approach that VMware will take. The challenge is to do to the rest of the datacenter what was done for servers with virtualization. Can it be done?

Introducing vCloud Suite

vCloud is based on vSphere and layered vShield, SRM and vCloud Director with plugins for operations suite and vfabric. It includes APIs for extensibility, Connector for interoperability and Orchestrator for automation.

It is based on the unmatched, comprehensive and highest performance virtualization product on the market vSphere 5.1.

Pat says that VMware has done a good job of having a yearly cadence of major software releases. VMware is proven. 80% of the 60% of workloads virtualized are running on VMware.

Pat then makes the announcement that many have been waiting for. Pat announces "Today we are striking vRAM from VMware's dictionary. Licensing will be based on CPU/Socket with no core limits.

Pat also mentions a new set of role-based certifications. VMware will provide the tools and services to help you navigate of this change to Cloud computing.

VMware realizes It is a multi-cloud world and explains that Cloud Foundry supports other vendor clouds. In addition VMware aquired Dynamic Ops to support other clouds.

VMware also mentions the opensource Network acquisition Nicira which was completed on Thursday of last week.

What about the Applications in the era of Cloud? Pat mentions the major updates to vFabric this year. Cloud Foundry is the one and only open PaaS platform.

Pat also mentions Wanova and Mirage product. VMware is making Horizon is the broker for the cloud era. In summary VMware has the transformation to Cloud well covered and is here to enable customers.

- Posted using BlogPress from my iPad