Friday, July 11, 2014

VMware vCAC IaaS Optimization Guide

VMware's vCloud Automation Center (vCAC) can transform how an enterprise delivers IT. It's out-of-the-box functionality will help IT deliver Infrastructure-as-a-Service (IaaS) along with X-as-a-Service (XaaS / Everything-a-a-S) in a matter of clicks. Once extended into the datacenter's ecosystem with vCAC's extensibility engine, it will help integrate, orchestrate, and automate native and 3rd-party tools, services, and infrastructure, thrusting the enterprise into a new level of self-serviced IT efficiency. Whether empowering the sys admins or enabling end-users and tenants, vCAC has undoubtedly changed how enterprises deliver and manage applications and services.

With all that considered, there are always opportunities for improvement (as is the case with all software). I've had the opportunity to speak to many VMware customers, partners, and peers about the overall user experience after deploying vCAC. I get to hear how vCAC has helped improve application provisioning time from weeks to less than a day, how providing new services using the Advanced Service Designer (ASD) has paved the way for a Software-Defined Enterprise, and how relatively easy vCAC was to roll out (there's a guide for that!). When it comes to opportunities for improvement, there tends to be a common theme: improve UI response time. That's a fair request and precisely what this post is about. But before we jump in to the “how-to", I'd like to cover a little background for review (plus, I like to drag things out a bit).

vCAC High-Level Components
The vCAC we know and love today (6.0.x) has had it's own transformation since the acquisition of DynamicOps and subsequent VMware-branded releases of versions 5.1 and 5.2. In December 2013, vCAC 6.0 was released to deliver the next generation of cloud management and automation capabilities. The 6.0(.x) release was a re-platform, which converged a new SUSE-based virtual appliance (core services, primary UI, ASD, governance and approval engine, etc) with the Windows-based .net “legacy” code (IaaS engine). In the mix is an optional stand-alone Identity Manager to provide multi-tenanted SSO (or, optionally, customers can choose to use an existing vCenter 5.5b+ SSO instance).

Monday, June 16, 2014

NSX Uncovered - Part 1, Introduction

VMware's Network Virtualization Platform, NSX, is an immensely powerful technology that can transform a datacenter’s infrastructure and streamline network service delivery across the enterprise. NSX’s scope, scale, and capability will easily impress techies, CCIE’s, and IT stakeholders alike. NSX changes the topology of a traditional hardware-bound network by eliminating the dependency on all that “intelligence” baked into proprietary hardware. Instead, the logic and associated services are delivered through a software control plane. Separating the control and data planes effectively reduces the physical network to a glorified IP packet forwarder.

With that said, it is also important to understand that NSX is not a re-write of your network and the fundamental concepts it is built upon. The abstraction of the logic from the physical underpinnings is a modern approach to designing, building, and servicing network architectures, but the fundamentals — the protocols, tools, concepts, etc. — are still at play. And for that reason, i’m often baffled when I enter into a debate with a “traditional" network engineer about the ins-and-outs of physical vs. virtual networking technologies like NSX. What I quickly realize is they are not defending the concepts or technology, they are defending their skill set. It’s a fear or reluctance of straying from what they know best. Does this sound familiar? Remember the all-out fights that had to occur before server virtualization became mainstream? Back then there were always a few individuals pushing to try something new. It was these sys admins that knew there was a better way to provision and manage servers — whether one at a time or at massive scale. It was about learning knew technologies, expanding their skill set and scope, but still applying all the fundamentals. It was a new way of doing things — and everyone on that bandwagon excelled and continues to do so. There were those who waited for the top-down mandate and had to play catch-up, and the others who took the bull by the horns and became the go-to talent. It’s no surprise that server virtualization became the de-facto for x86 compute…nor should it be a surprise when network virtualization follows suite.

This is history repeating itself.

Wednesday, April 23, 2014

Resetting vCloud Automation Center 6.x Service Account Passwords

VMware vCloud Automation Center uses Active Directory service accounts to run several internal services and processes. In many environments it is required to reset the passwords for these service accounts at various intervals. As you can imagine, resetting the password for a given service account will cause the associated services to stop functioning until they are updated with the new password. A customer recently pointed out that there is no official documentation that provides guidance for updating the services used by vCAC to prevent a service outage. So, naturally, I figured I'd put this out there until such documentation is provided...

Before proceeding, determine exactly which service accounts are mapped to which services to prevent a misconfiguration. Follow these steps after changing the service account password and during a maintenance window…. 

Sunday, March 23, 2014

Using VSAN Storage Policies in vCloud Automation Center

VMware vCloud Automation Center is the center piece of VMware's Software-Defined Enterprise vision. It is also the primary user and admin interface for enterprise and application services, and therefore it makes a lot of sense for vCAC to be the core integration point for the SDDC.

Rawlinson Rivera (@PunchingClouds) recently posted a blog post titled "VMware Virtual SAN Interoperability: vCloud Automation Center", where he highlights the use of vCloud Automation Center (vCAC) 6.0 to deploy applications directly to a VSAN Datastore while also leveraging a VM Storage Policy. In short, the desired storage policy is applied to the template backing the vCAC Blueprint. Once provisioned, the resulting machine adopts the associated storage policy and the rest is glorious, app-centric VSAN storage consumption. I recommend reviewing that post to get a better idea of what we're doing here...

vCAC + VSAN,  VMware vSphere Blog

The integration between vCAC and VSAN can greatly enhance how applications are provisioned.  Since storage policies can be configured per-application or VM, you can specify varying policies based on the use case, tier, application criticality, SLA, etc...all backed by a common VSAN Datastore. If you are not familiar with VM Storage Policies, I highly recommend gaining an understanding of when/why/how to use them before continuing.

Wednesday, February 19, 2014

vCloud Automation Center 6.0 POC and Detailed Implementation Guide

In keeping up with my extracurricular doc-building activities, I am happy to release the latest iteration of my vCAC implementation guide for the deployment and configuration of vCAC 6.0. This unofficial Proof of Concept and Detailed Implementation guide is provided, with no guarantees (or support), to assist with the end-to-end implementation of vCloud Automation Center 6.0 in a pre-configured vSphere 5.x environment.

The guide walks through – in plenty of detail – vCAC 6.0’s deployment, concepts, technologies, and features as they would be used in a real-world implementation. This document can also double as an unofficial hands-on training guide which covers:

- New Features in vCAC 6.0
- Deployment Architecture
- Implementation on VMware platforms (vSphere)
- IaaS and XaaS Configuration
- Usage and Navigation
- Advanced Concepts and Use Cases

vCAC 6.0 Implementation Workflow

Click to Download

Update (06/20/14): this is v1.1 of the guide, which includes some minor updates and fixes.  Be sure to be on the lookout for updates here or on my twitter feed.

DISCLAIMER: This guide is intended for use in a test/dev or sandbox environment and NOT for a production build and comes with no guarantees, support, etc.

Happy Installing!


Thursday, January 30, 2014

Scaling VSAN: Adding a New VSAN Host

In my previous post, VMware VSAN Meets EZLAB, I highlighted the implementation of VSAN into my vCloud lab. At the time of writing, 1 of 4 my vSphere hosts was down for maintenance and was not added to the VSAN cluster. Now that it's back online, I thought I would share the experience of adding a new VSAN host...and another 2.25TB of capacity.

Here's a "before" shot -- 3 hosts configured with 6.13TB total capacity...

Sunday, January 26, 2014

VMware VSAN meets EZLAB

Let me just get this out of the way - I'm a HUGE fan of VSAN (aka VMware Virtual SAN). I was first in line to drink the kool-aid when VSAN was nothing but a "what if...?". Fast forward to the present -- VSAN beta (refresh) is backing my entire lab. I'm tweaking, testing, breaking (learning), and sharing my thoughts on VSAN's capabilities, performance, and benefits ahead of the official launch. This is all in good order because even the beta has exceeded my expectations in what VMware would ship as a 1.0 product.

I can write page after page about the ins-and-outs of VSAN, but fortunately several very respected individuals have already done so. For starters, Duncan Epping at not only is a massive contributor to the cause, but has also put together a nice list of VSAN resources from around the web that is a must-see. But lets face it, if you're tracking VSAN you've probably already been there, done that :-)  So for this post, I'm going to focus instead on my VSAN home lab build and experiences thus far. I've shared several preliminary stats on twitter (here, here, and here) ahead of any tweaking and will be sure to post additional results as I play with things a bit more.

EZLAB ("EZ" after El-Zein in case you were wondering) has been through somewhat of an overhaul. My original lab was mostly whitebox and was everything I needed at the time, but to play in the home lab big leagues I needed to make some modest investments.

Friday, January 3, 2014

VMware SDDC / vCloud Suite Whiteboard

I recently had the opportunity to brief several dozen VMware Public Sector (US-Fed / SLED) partners in anticipation of the vCloud Automation Center (vCAC) 6.0 GA release. While most of the day focused on vCAC, I spent about an hour or so delivering an updated version of my SDDC Whiteboard brief to help set the stage for vCAC.

The whiteboard provides an overview of VMware's SDDC / vCloud vision -- starting from the foundation (i.e. vSphere) and capped off by the cloud automation layer (vCAC)...and all the loveliness in between.

This is a presentation I do often, but no two are the same. If you've got 45ish minutes to spare, please do and feel free to provide some feedback!

VMware vCloud Suite / vCAC Whiteboard from @virtualjad on Vimeo.