It's that time again, to begin the process, that probably should have been started a while ago, which is upgrading your virtual infrastructure to vSphere 6.7.
The end of general support for vSphere 6.0 is March 12, 2020, and if you are on an earlier version of vSphere, then you are currently running an unsupported version of vSphere and may also need to purchase to new hardware to support the latest version.
I would like to begin this blog with some of the stated benefits to upgrading your environment.
The new vSphere 6.7, vCenter appliance delivers major performance improvements from previous versions. First, vCenter Server has 2x faster performance in operations per second. This means better response times for the daily tasks you perform.
There is a 3x reduction in memory usage and also 3x faster operations relating to VMware vSphere Distributed Resource Scheduler. If you would like more detail on these improvements, you can find the details in this blog by VMware.
New Features and Enhancements
There are a lot of great new features and enhancements in the latest version of vSphere and if you are still on and older version than vSphere 6, then there are even more that came with vSphere 6.7. Below is a list of new features relating to vSphere 6.7.
vSphere Quick Boot
vSphere Quick Boot innovation restarts the ESXi hypervisor without rebooting the physical host, skipping time-consuming hardware initialization.
Trusted Platform Module (TPM) 2.0
vSphere 6.7 adds support for Trusted Platform Module (TPM) 2.0 hardware devices for ESXi hosts and also introduces virtual TPM (vTPM) 2.0 for VMs, significantly enhancing protection and ensuring integrity for both the hypervisor and the guest operating system (OS). This capability helps prevent VMs and hosts from being tampered with. For virtual machines, vTPM 2.0 gives VMs the ability to use enhanced guest OS security features sought by security teams.
vSphere 6.7 also improves protection for data in motion by enabling Encrypted vMotion across various vCenter Server instances as well as versions. This makes it easy to securely conduct data center migrations or to move data across a hybrid cloud environment—that is, between on-premises and public cloud—or across geographically distributed data centers.
Microsoft Virtualization-Based Security (VBS)
vSphere 6.7 introduces support for the entire range of Microsoft virtualization-based security technologies introduced in Windows 10 and Windows Server 2016. In 2015, Microsoft introduced virtualization-based security (VBS). We have worked very closely with Microsoft to provide support for these features in vSphere 6.7.
vSphere Persistent Memory
vSphere Persistent Memory, administrators using supported hardware modules such as those available from Dell EMC and Hewlett Packard Enterprise can leverage them either as super-fast storage with high IOPS or expose them to the guest OS as nonvolatile memory (NVM).
vCenter Server Hybrid Linked Mode
vSphere 6.7 introduces vCenter Server Hybrid Linked Mode, which enables users to have unified visibility and manageability across an on-premises vSphere environment running on one version and a public cloud environment based on the vSphere platform, such as VMware Cloud on AWS, running on a different vSphere version.
Per-VM Enhanced vMotion Compatibility (EVC)
vSphere 6.7 introduces per-VM Enhanced vMotion Compatibility (EVC), a key capability for the hybrid cloud that enables the EVC mode to become an attribute of the VM rather than of the specific processor generation it is booted on in the cluster.
Simplification of the architecture
One significant change to vCenter Server Appliance 6.7 is a simplification of the architecture and a reversion to running all vCenter Server services on a single instance. With the introduction of vCenter Server with embedded Platform Services Controller instance with Enhanced Linked Mode.
This blog is an exploration of the Ansible Tower interface, but before I dive in, let's begin with an overview of what Ansible is.
Ansible is a software provisioning, configuration management, and application deployments tool that is also open-source from Red Hat. Ansible assists IT with the major challenge of enabling continuous deployment (CI/CD) with no downtime.
With Ansible IT organizations can automate the provisioning of applications, manage systems, and reduce the complexities that come with trying to automate IT. With Ansible we can break down silos and create a culture around automation. My thought has always been that if you need to preform a task more than once then it should be automated.
Ansible integrates with the technologies you have already made investments within your organization, from infrastructure, to networks, security, cloud, containers, and applications. We all have infrastructure whether it be physical bare metal environments like networking with Cisco, Juniper, and Arista, to storage with products like Net App, and Pure Storage.
Virtual infrastructure with VMware is also supported along with Red Hat Virtualization(RHV), and Xenserver. Through Ansible organization can easily provision, destroy, take inventory, and manage across all virtual environments.
Regardless of of platform, Ansible can help organizations with managing the installation of software, system updates, configuration, and managing system features.
Ansible Tower brings a web-based UI to Ansible which makes it a little easier for IT to perform the above mentioned tasks. Ansible Tower is the hub, of sorts, that gives IT a role-based access control, including control over the use of securely stored credentials for SSH and other services.
Let's take a few minutes to look at the Ansible Tower interface.
Ansible Tower Interface
On the left hand side of the Dashboard, you can see the resources menu and the objects that you can create.
Let us dive a little more into each section beginning with Credentials. In this section, you create a credential that Ansible can use to authenticate to the target hosts.
I wrote a blog about this subject before, which can be found here. The information contained in that blog is still relevant to this conversation and walks you through the challenges for traditional three-tier architecture and how the industry, specifically VMware, has addressed those challenges.
In this blog, I will be updating the vision that VMware has laid out for the hybrid-cloud, which is comprised of VMware Cloud on AWS and VMware Cloud Foundations.
To better understand this journey and how we have arrived at this vision of Any Device, Any Application, and Any Cloud, take a look back at the previous blog.
Let's begin with an overview of VMware Cloud on AWS.
Quick Overview of VMware Cloud on AWS
VMware Cloud on AWS is a jointly engineered and integrated cloud offering developed by VMware and AWS. Through this hybrid-cloud service, organizations can deliver a stable and secure solution to migrate and extend their on-premises VMware vSphere-based environments to the AWS cloud running on bare metal Amazon Elastic Compute Cloud (EC2) infrastructure.
VMware Cloud on AWS has several use case buckets that most customers find themselves falling into some overlap. The first of these use cases is for organizations looking to migrate their on-premises vSphere-based workloads and to extend their capacities to the cloud with the data center extension use case.
The next, is for organizations looking to modernize their recovery options, new disaster recovery implementations, or organizations looking to replace existing DR infrastructure.
The last one that I will mention, is for organizations looking to evacuate their data centers or consolidate data centers through cloud-migrations. This is great for organizations looking at data center refreshes.
VMware Cloud on AWS is delivered, sold, and supported by VMware and its partners like Sirius Computer Solutions, a Managed Service Partner. Available in many AWS Regions which can be found here and growing.
Through this offering organizations can build their hybrid solutions based on the same underlying infrastructure that runs on VMware Cloud on AWS, VMware Cloud Foundations.
Day 1 began with the general session, which was a lot different than the previous year where the VMware Executives laid out their vision for the partner community. This general session was focused more correctly on the audience in attendance.
Back in October of 2016, VMware announced vSphere 6.5. This introduced a lot of changes to their flagship hyper-visor; you can see an earlier blog I wrote about that here. Now it is that time again for a new vSphere to be announced. The announcement of vSphere 6.7 came with a lot of new features and I will go over each of them in this blog. Let's take a look at these new features:
Let's quickly discuss migration paths. The new version supports upgrades and migrations from vSphere 6.0 or 6.5 only and the current supported migration paths to version 6.7 are as follows:
Day 1 began with the general session, where VMware Executives presented to the partner community and reinforced the importance of the partner as the unsung heroes helping to drive the VMware business and most importantly driving value for their customers.
The movement toward a hybrid cloud, software defined data center, has been on-going for years now. We have seen the virtualization of compute, storage, and now networking. In this blog, I will be discussing this journey: where we started, where we are going, and why you want to be on this journey.
Traditional data center models are still very prevalent and accepted by organizations as the defacto model for their data center(s). If you have ever managed a traditional data center model, then you know the surmounting challenges we face within this model.
What comprises the traditional data center model? A traditional data center model can be described as heterogeneous compute, physical storage, and networking managed by disperse teams all with a very unique set of skills. Applications are typically hosted in their own physical storage, networking, and compute. All these entities-physical storage, networking, and compute- increase with the growth in size and number of applications. With growth, complexity increases, agility decreases, security complexities increase, and assurance of a predictable and repeatable production environment, decrease.
Characterizations of a Traditional Data Center:
Challenges around supporting these complex infrastructures can include things like slow time to resolution when an issue arises due to the complexities of a multi-vendor solution. Think about the last time you had to troubleshoot a production issue. In a typical scenario, you are opening multiple tickets with multiple vendors. A ticket with the network vendor, a ticket with the hyper-visor vendor, a ticket with the compute vendor, a ticket with the storage vendor, and so on and so on. Typically, all pointing fingers at each other when we all know that fault always lies with the database admins.
The challenges aren't just around the complexities of design, day to day support, or administration, but also include challenges around lifecycle management. When it comes to lifecycle management, we are looking at the complexities around publishing updates and patches. If you are doing your due diligence, then you are gathering and documenting all the firmware, bios, and software from all the hardware involved for the update/patch and comparing that information against Hardware Compatibility Lists and Interoperability Lists to ensure that they are in a supported matrix. If not, then you have to update before going any further. This can be extremely time consuming and we are typically tasked with testing in a lab that doesn't match our production environment(s) ensuring we don't bring any production systems down during the maintenance window.
It's that time again and I highly suggest joining in. Not only will you be a part of a great community learning new products but you'll get the chance to offer your input into the direction.
This beta program is different from the past programs in that it is not tied to a specific version or release. This is a new beta program that includes a new beta community. The beta program will continue through multiple releases of vSphere. Participants can expect to see new functionalities and capabilities added on as the program continues on. Participant are expect to:
This program enables participants to help define the direction of the most widely adopted industry-leading virtualization platform. The vSphere team will grant access to the program to selected candidates in stages. This vSphere Beta Program leverages a private Beta community to download software and share information. VMware will provide discussion forums, webinars, and service requests to enable you to share your feedback.
You can expect to download, install, and test vSphere Beta software in your environment or get invited to try new features in a VMware hosted environment. All testing is free-form and you are encouraged to use the software in ways that interest you. This will provide VMware with valuable insight into how you use vSphere in real-world conditions and with real-world test cases, enabling them to better align with your business needs.
Some of the many reasons to participate in this beta opportunity:
You can register for the Beta Program Here!
Security these days can be more of that traditional, needle in a haystack approach, than a true centric security approach to include analytics and alerting. VMware is again shifting to a new paradigm, and that was evident from all the products and messaging that came out of VMworld 2017.
Security is on the forefront of all of our minds and VMware, as the leader in data center technologies, wants to lead the conversation and be the foundation that you are laying down to protect your data, along with adding significant value to you with their partnerships in the security space, like the new partnership announced with IBM around their security products like QRadar.
With increasing attacks on our data centers, take Equifax for example, we must first look at one of our most significant portions of our security foundation, ESXi and work to secure that. We typically start with securing the physical and the edge, throw in some anti-virus and call it secure, but are we secure?
When it comes to data center security, we must start with our foundation, ensure that we have designed it to follow recommended best practices, then evaluate the gaps, and add in products to get us the rest of the way there. This also includes following best practices for end-user access of the environments and not being "lazy" admins just to skip a few steps. We have to lean on trusted partners like Sirius that have developed a security practice that can help us navigate the waters of security because the landscape of security products is immense, as you can see from the picture below.
I have been a VMUG Leader in Rochester NY for 5 years, and recently became a leader of two other groups, Syracuse, and Capital District which collectively covers a large portion of Upstate New York. Did I mention that I love being involved in my local communities?
At its basics, VMUG leaders coordinate the activities for their local VMUG communities and being a leader is an amazing opportunity to give back, build awareness of VMware products, while building your resume and sharing your knowledge. The requirement to become a VMUG leader is that you must be a VMUG member and serve in a technical role with a VMware Customer Company. VMUG is a global organization as you will see from this blog.
Being in this role for sometime now, I decided to reach out and talk with leaders from around the globe to get an idea of what they thought it means to be a VMUG leader and gain some insights into how they run their groups. If you are a current VMUG member looking to become a leader and are wondering what is involved, I hope to answer any questions you may have within this blog.
I have a passion for technology, and for VMware technologies to be more specific. Joining VMUG as a leader has been a great opportunity for me to take my love for VMware products, and have a platform to evangelize within my communities along with the social aspect of it.
I love bringing technologists together to build a strong technical community, and I always think about the collective knowledge we have as a community, and how we can utilize that to help us through the projects we find ourselves working on.
Think about it, you attend a VMUG on a subject like VDI, because you are working on a VDI initiative at work, and now have an opportunity to gain some knowledge along with making local connections with other technologists that are working on the same project or have completed their own project. That is what's great about attending local meetings, you can learn from others or step up to assist others within your community. Of course, this is only one aspect of the benefits of joining VMUG as a member or a local leader.
One of my colleagues at Rolta Advizex runs a very successful VMUG in Cleveland, Ohio. Patrick Stasko works as a Solutions Architect and like me has a passion for technology. I decided to reach out to him to discuss being a VMUG leader.
I started out asking him about why he became a VMUG leader and his response was similar to my own. Patrick said, "I wasn’t filling fulfilled or challenged in my current role at the time. I recently moved back to Cleveland for a new opportunity and I was trying to determine which way can I make an impact. In my quest to wrap my arms around the Cleveland’s IT Community, it lead me to the Cleveland VMUG community which was going through some troubles. I’m passionate about people and technology. This is a perfect platform for both of those."
That passion for technology and community seems to be a resounding theme that I found when talking with leaders for this interview and really hit home with my own experience too. This was also true for another leader I interviewed, Valdecir Carvalho from São Paulo, Brazil.
When I asked him the same question Valdecir responded, "First of all, VMUG it's all about community and I’m a community lover. I'm from São Paulo, Brazil and when I first heard about VMUG I've rushed to vmug.com to look for a São Paulo chapter and that place was dead. Then I start to talk to some other friends and vendors to find out why, but long story short I sent a mail to VMUG HQ and applied. And I'm really glad I did!"
There are some great benefits to becoming a VMUG leader and for me, one of those benefits is exposure to the communities I lead, as a thought leader within the industry.
I also spoke with the New Jersey VMUG Leader, Ben Liebowitz and he mentioned that, "It has gotten me many more contacts in the community, all over the world!" That is so true and I have also experienced this. As stated above, VMUG is a global community and because of that you can meet other technologists from around the globe.
VMUG has many opportunities to connect with and get to know other leaders from around the globe, like through the VMUG site. Each group has its own community page where we can come together to share knowledge and discuss VMUG, along with other opportunities. VMUG also has online event meet-ups and opportunities, along with events like the annual VMworld members party, and Leaders meet-ups at VMworld. VMworld is also a great place to gain knowledge and meet our local leaders at the VMUG booths located throughout VMworld.
As mentioned there are many benefits to becoming a VMUG leader. I asked Patrick what he thought was the benefit and he said, "The biggest impact is the rapid ability to connect and network within the local community and other VMUG circles across the world. I especially enjoy and look forward to the VMUG activities at VMworld. " As mentioned already, connecting at VMworld is another great benefit not only to leaders but to all members. Some other advantages or benefits are things like, receiving a VMUG Advantage subscription.
VMUG Advantage is the best way to gain the technical skills to accelerate your success with exclusive access to VMware applications and discounts on training, certifications, VMworld registration and more! You are also given access to the EVALExperience, which gives you exclusive access to 365-day evaluation licenses for a selection of VMware solutions, for personal use in a non-production environment and includes these products:
This leads me to how we run our local groups. I have found that most leaders run their groups in very similar fashions but that we all learn from each other. When I asked the leaders how they run their local groups, Valdecir replied, "I do not run it alone. I'm happy to have other leader who is a great partner and together we are doing our best to make VMUG more and more relevant to our members. VMUG São Paulo, is a new group, we have "revamped" the group 8 months ago, so we are still learning from others Leaders, from VMUG HQ and most of the time, discovery things by ourselves by trying and error. Also, our focus is our members, so we try to hear what they want, what they need and they feedback, so we can improve our chapter more and more."
Of course talking wth Patrick, he has taken is skills as a Solution Architect and really formalized how his group is run as you can see from the layout he created below.