VIRTUALIZATION, IN COMPUTING, REFERS TO THE ACT OF CREATING A VIRTUAL VERSION OF SOMETHING, INCLUDING BUT NOT LIMITED TO A VIRTUAL COMPUTER HARDWARE PLATFORM, OPERATING SYSTEM (OS), STORAGE DEVICE, OR COMPUTER NETWORK RESOURCES.
Back in July of 2016, VMware issued a Field Advisory, announcing bugs for the release of NSX for vSphere 6.2.3. VMware urged its user community, not to upgrade to this version and if you had they came out with a 6.2.3.a release to resolve the issues. The issues that VMware found were that both primary and secondary HA nodes would be placed into Active State, causing network disruption and issues related to the DFW rules causing traffic disruptions.
VMware has now released, back in August, the new version 6.2.4 for GA. This release includes some critical bug fixes previously identified which includes a critical input validation vulnerability for sites that use NSX SSL VPN. You can see the full list what's new in the release notes.
Most of the new features were already discussed by me in a previous post you can find here. In this new version the only thing listed as new is a new feature around "Firewall Status API".
VMware also has announced the End of Availability (EOA) and End of General Support (EOGS) for Cloud Networking and Security 5.5.x. The date is September 19, 2016 for both.
You can see a list of NSX trending issues here.
VMware announced on June 9th, 2016 the new version of the NSX platform version 6.2.3. A minor release to their network virtualization platform.
The NSX solution is an innovative approach to solving long-standing network provisioning bottlenecks within the data center, and it allows for the integration of switching, routing and upper-layer services into an integrated application and network orchestration platform. With an overlay solution that may not require hardware upgrades, NSX offers customers a potentially quicker way of taking advantage of SDN capabilities by decoupling the network from hardware into a software abstraction layer allowing the end-user to programmatically create, provision and manage networks.
Networking and Edge Services
The release notes for NSX for vSphere 6.2.3 can be found here.
Disruptive innovation, is a term coined by Clayton Christensen. The term describes a process by which a product or service takes root initially in simple applications at the bottom of a market and then relentlessly moves up market, eventually displacing established competitors.
For example, take a look at what a company like Uber has done to the taxi service in San Francisco. They don't hire drivers like Yellow Cab. They don't own a fleet of cars. They built an application. An application that has been very disruptive to the taxi industry and is changing the landscape of ride-hailing services.
Thanks to Uber, San Francisco's largest yellow cab company is filing for bankruptcy. Yellow Cab Co-op President Pamela Martinez was quoted saying that some of the financial setbacks "are due to business challenges beyond our control and others are of our own making." Yellow Cab's drivers are flocking to Uber, an app-based enterprise, lured by the promise of more riders and better schedules.
Yellow Cab has been turned on its head by a disruptive innovation. Uber has disrupted the ride-hailing service industry with a lasting impact which is now moving across the county.
Why do I point this out? Because, you are either being disrupted or are the disrupter. Think about that for a second. Ask Yellow Cab how it feels to be disrupted in an industry they felt very secure in before an application took over.
Look at companies like Blockbuster. I bet you can tell me who disrupted them? Got it in your mind?
Blockbuster in its peak in 2004 consisted of nearly 60,000 employees and over 9,000 store locations. In 2000 a fledgling company came on the seen slowly changing the landscape of the movie rental industry and eventually bankrupting Blockbuster in 2010.
If you were thinking of Netflix then you are correct. Now a $28 billion dollar company, about ten times what Blockbuster was worth. Blockbuster has been greatly disrupted and is reinventing itself.
You can either be disrupted or be the disrupter as with VMware. They have been a disruptive force in the technology industry from their entry with vSphere to their latest creations like SDDC, vSAN and NSX. VMware's vSphere changed the landscape of compute forever, moving cpu, memory, etc. into software, removing the dependency on hardware and has now become the most popular infrastructure management API in use today.
Disruption doesn't happen overnight; Disruption happens gradually. Remember, the term "Disruptive Innovation," is taking root and relentlessly moving up the market. Uber didn't overtake Yellow Cab overnight just as with Blockbuster. A disruptor was introduced and slowly moved to overtake the industry.
The same is true for vSphere. Industry leaders were hesitant to adopt such a drastically different technology but now this tried, tested and proven technology is the leader in x86 server virtualization infrastructure.
VMware continues to be a disruptive force in the technology industry. Look at the movement to hyper-converged. Hyper-converged is about software, not hardware. Hyper-converged derive from being able to support all infrastructure in software, and without the need for separate dedicated hardware, such as a storage array or fibre channel switch. And, what is the core software technology in just about every hyper-converged product available today? VMware vSphere and the Software Defined Data Center.
VMware is disrupting the way that we have traditionally approached the data center. Fully virtualized infrastructure, delivered on a flexible mix of private and hybrid clouds. I'm sure you have all heard the mantra, "One Cloud, Any application, Any Device." This is the next evolution in data center technology and VMware continues to lead disruptive change with products like NSX for Software Defined Networking (SDN).
NSX like vSphere has had a slow adoption. I find myself having the same conversations with customers that I had when vSphere was introduced. You don't have to convince customers of the value of vSphere anymore. The speed of adoption is picking up and VMware saw an increase of threefold in the number of paying customers for its NSX network virtualization product and in Q4 of 2015 9 out of 10 VMware deals included NSX.
The NSX solution is an innovative approach to solving long-standing network provisioning bottlenecks within the data center, and it allows for the integration of switching, routing and upper-layer services into an integrated application and network orchestration platform. With an overlay solution that may not require hardware upgrades, NSX offers customers a potentially quicker way of taking advantage of SDN capabilities.
NSX is that disruptor in the networking industry bringing agility to existing network deployments with limited impact to existing network hardware and offering all of this without vendor lock-in. VMware NSX works across many IP-based network installations and in virtual environments running mainstream hypervisors and has established relationships with a broad set of IT vendor partners to provide integration of security and optimization solutions, as well as key network hardware players, such as Palo Alto, Arista Networks, Brocade, Dell, HP and Juniper Networks.
Remember back in the beginning of this blog where I quoted President Pamela Martinez as saying that some of the financial setbacks "are due to business challenges beyond our control and others are of our own making." Some challenges were of their own making. Remember too that disruptive innovation happens over a period of time. It took 10 years for Netflix to overtake Blockbuster. Could Blockbuster have moved quicker to insue their spot as the leader in the online movie rental industry? The same is true with VMware and vSphere. This disruptive innovation took time to take hold and now it is still a driving force to change the industry with SDDC.
VMware NSX is picking up steam and is in the heart of every hyper-converged to hybrid-cloud solution that companies are moving toward. The question is will you be disrupted or be part of the disruption? I want to be part of the disruption and drive change in an exciting time to be a part of this industry. Will you be disrupted or will you help disrupt? It's a call to action; To be the disruptive force that your company doesn't even know it needs because NSX will do for networking what vSphere did for compute.
Disrupt or be disrupted.
I just recently passed my VCP6-NV and wanted to take some time to blog about the experience and to gather together some resources for those that are looking to pursue this certification.
For those you that may not know much about NSX I will start with a brief introduction and explain why I feel that you should pursue this certification for your company.
What is NSX? VMware NSX is the next evolution in software defined everything. It is VMware's network virtualization and security software platform that came from an acquisition of Nicira back in 2012.
What does NSX do? NSX de-couples the network functions from the physical network devices in your data center, in a way that analogous to decoupling virtual servers from the physical. NSX natively creates the traditional network constructs in the virtual realm. These include ports, switches, routers, firewalls, load balancers, etc.
I could write an entire blog just on the features of NSX and the integrations with other third party vendors, such as Palo Alto Networks and Trend Micro; oh wait I did. You can read that in my blog here. But, that is not what this blog is about so let's move on.
The VMware Certified Professional Network Virtualization exam, tests candidates on their knowledge and abilities to demonstrate basic virtualization networking skills such as vSwitch, vDistributed Switches, installation & configuration of NSX, and finally administration of NSX. In order to pass the exam you will need to have in depth understanding of these areas. Hands on with both NSX and vSphere are highly recommended. In fact, I believe that VMware recommends at least 6 months of hands-on.
I would recommend setting aside dedicated time to go over the following resources along with practicing packet walks and architecture design.
These are the resources that I used to study for the exam over a period of 6 months.
Section 1 – Define VMware NSX Technology and Architecture
The test consists of 80+ questions in which you have approximately 1 minute per question, which doesn't seem like a lot of time but it is plenty. You can also mark questions for review.. I found that once I completed the exam I had enough time to go back through all the questions once more to check for anything I missed.
So, now that I have reviewed what NSX is and discussed the exam the next question is why should you take the exam? Besides certifications being a great way to show value to your company more importantly is that NSX is the next big wave in the virtual realm.
I chose to take this exam because I believe that NSX is the next step in virtualizing the datacenter and I wanted to be on the forefront to help lead the direction for my company and our customers. I have the same excitement with NSX that I felt when I first became engaged with ESX.
Since taking the exam, I have been between Buffalo and Albany NY, speaking to customers and white boarding their environments. This has lead to better engagements with customers and within VMUG (VMware User Group) where I lead three groups, Albany now Capital District, Syracuse and Rochester.
NSX will change the face of networking just as vSphere did for physical servers. If you want to help drive the future direction of your company and help them become more secure, agile and flexible or if your company, like many others, are in the process of developing their cloud strategy then NSX can play a large role in that.
Bringing VMware NSX and Horizon together
Virtual desktop infrastructure (VDI) has become an even more popular virtualization option for many organizations and VMware customers.
VMware continues to work with partners to advance the protection of VDI deployments. Most recently the focus has been on introducing advanced security controls with VMware NSX (network virtualization platform) and Horizon 6 (VDI) environment. VDI in combination with NSX offers organizations the chance to make huge leaps forward in the security and management of their virtualized desktop deployments.
Two big challenges that have slowed the adoption of large-scale desktop virtualization in the past are:
NSX addresses these concerns and much more.
Security for VDI deployments is more critical because of the need to limit “east-west traffic,” the internal traffic in the data center. However, “east-west traffic” isn’t monitored well, if at all, by traditional perimeter defenses. For example a basic surfing or email mistake by a trusted end user could bring a threat right past those defenses into your data center resulting in a breach.
VMware NSX with Horizon enables micro-segmentation and automates the deployment and provisioning processes. This allows for the insertion of advanced security services from third parties that includes:
This provides instant, automated protection as soon as a new virtual desktop is spun up.
NSX brings security inside the data center with automated fine-grained policies tied to the virtual machines, while its network virtualization capabilities let you create entire networks in software, without touching the underlying physical infrastructure
To learn more about NSX and Horizon see the VMware Deep-dive video below.
mobility management (EMM) from VMware AirWatch, the recently introduced VMware Identity Manager and the new cloud management service in VMware Horizon Air.
Workspace One includes self-service access, choice of device, conditional access, automation and productivity tools along with several major updates to the VMware End-User Computing portfolio.
Updates to the VMware End-User Computing product portfolio include:
So What does Workspace One do for you?
Self-Service Access to Cloud, Mobile & Windows Apps
Once authenticated through the VMware Workspace ONE app, employees can instantly access their personalized enterprise app catalog where they can subscribe to virtually any mobile, cloud or Windows application.
With the built-in VMware Identity Manager, access to applications is only a touch away as single sign-on authentication is already established through the device.
VMware Workspace ONE with adaptive enrollment puts the device choice in employees’ hands for the level of convenience, access, security and management that makes sense for their workstyle providing friction-free adoption of BYOD programs while getting IT out of the device business.
Workspace One will include consumer-style email, calendar, contacts, documents, chat, and enterprise social that employees want to use while invisible security measures protect the organization from data leakage by restricting how attachments and files can be edited and shared.
Employees, devices, apps and data increasingly live beyond the physical walls of the workplace, the data center, or the network. VMware Workspace ONE combines identity and device management to enforce access decisions based on a range of conditions from strength of authentication, network, location and device compliance. For sensitive information, Workspace One will combine identity and device management with ComplianceCheck Conditional Access to enforce access decisions across any application or device.
The AirWatch policy engine automates device compliance through customizable warnings and full or selective device wipe and secures information by protecting the data stored in applications and limiting data leakage through cut, copy, paste or export controls.
Single-Sign On access, for example, leverages Secure App Token Systems for authentication. Once authenticated, employees gain instant self-service access to a personalized enterprise application store where they can subscribe to virtually any mobile, cloud or Windows application.
Application Delivery & Automation
Workspace One will combine VMware AirWatch mobile management and VMware Horizon along with VMware App Volumes application-delivery technology.
It will also take full advantage of the new capabilities of Windows and leverages VMware AirWatch mobile management system to allow desktop administrators to automate application distribution and updates on the fly. Combined with Horizon virtualization technology, automating the application delivery process enables better security and compliance.
The new platform is expected to be generally available this quarter in standard, advanced and enterprise editions. Prices will start at $8 per user per month for cloud subscriptions and $150 per user for on-premises perpetual licenses.
In the video below, Sumit Dhawan, Senior Vice President and General Manager of desktop products in the End-User Computing group at VMware, introduces Workspace One.
VMware this year has decided to make changes to their licensing in order to better address the needs of their customers. These new packages are tailored to the top use cases from VMware customers in both SDDC and Hybrid Cloud.
You should see increased value with more features in the product editions like log insight being included with vSphere now and added portability of your licenses.
New product line up for VMware vSphere and vSphere with Operations Management (vSOM) editions:
vCloud Suite (vCS) = vRealize Suite (vRS) + vSphere Enterprise Plus for vCloud Suite:
New vSphere and vSphere with Operations Management
See the VMware pricing page for further information.
vRealize Suite (vRS) and vCloud Suite (vCS) Update for Changes in 2016:
VMware has vastly simplified the packaging of their cloud management and compute virtualization product portfolio.
See the VMware Blog for indepth information.
It's that time again and I highly suggest joining in. Not only will you be a part of a great community learning new products but you'll get the chance to offer your input into the direction.
The target audience are customers who have deployed vSphere 5.5 and 6.0 in a portion of their environment. Participants are expected to:
vSphere Beta Program Overview
We are excited to announce the upcoming VMware vSphere Beta Program. This program enables participants to help define the direction of the most widely adopted industry-leading virtualization platform. Folks who want to participate in the program can now indicate their interest by filling out this simple form. The vSphere team will grant access to the program to selected candidates in stages. This vSphere Beta Program leverages a private Beta community to download software and share information. We will provide discussion forums, webinars, and service requests to enable you to share your feedback with us.
You can expect to download, install, and test vSphere Beta software in your environment or get invited to try new features in a VMware hosted environment. All testing is free-form and we encourage you to use our software in ways that interest you. This will provide us with valuable insight into how you use vSphere in real-world conditions and with real-world test cases, enabling us to better align our product with your business needs.
Some of the many reasons to participate in this beta opportunity:
You can register here!
With the advent of vSphere 6.0 Update 1 I knew it would be a matter of time until I was engaged to upgrade an environment. My customer had a small size vSphere 5.0 production environment that they wanted upgraded to 6.0. I met with them and helped to educate them on new features of 6.0 and designed an upgrade plan.
The customer, due to the new features of the vCenter, wanted to migrate to the vCenter Appliance and if you are not aware, the vCenter Appliance now supports the same infrastructure as the Windows based vCenter.
Some initial challenges I came across with migrating their infrastructure came around the design decisions that were made prior to the migration. Their vCenter server had the vCenter Database installed with the Windows based vCenter server which meant that I would not be able to migrate using the VCS to VCVA Converter. If you are not familiar with the product take a look at it here.
The product makes migrating a Windows based vCenter with an external database very simple. You deploy a new vCenter Appliance with the same name and IP as the current vCenter. Then you deploy the Migration Appliance. The Appliance will gather setting from the Windows vCenter. This is is then shut down and you point the appliance to the external vCenter Database. The security profiles, etc. are migrating into the new vCenter Appliance.
What I Learned
This was not my first upgrade and considering that the customer wanted to migrate to the vCenter Appliance I needed to make sure that all settings were brought over correctly.
Lesson 1 - Interoperability & Planning
One of the main areas I have seen get missed during the planning stage is performing the interoperability matrix's with vendors and VMware in order to make sure that the hardware you are upgrading is supported. Vendors have created some great online tools to perform this task although it can be time consuming it will save you troubleshooting the environment after upgrade.
Lesson 2 - VMware Supported Sign Off
Once you have your plan in place open a case with VMware to review the steps with you. They will take the time to review the environment and your upgrade plan to insure that you did not miss any steps.
Lesson 3 - Virtual Distributed Switches
Migrating the vDS from 5.0 to 6.0 will present challenges when migrating from a Windows based vCenter to an appliance. This can be accomplished in stages if you first upgrade to 5.5 and then export the vDS configuration and import it into the new appliance. (See KB2034602)
This process obviously adds to the complexities of an upgrade of this type and depending on the size of the environment it may be the direction to go if you really feel the need to migrate to the appliance.
With this particular environment being so small and no vDS in use due to license limitations I luckily didn’t have to deal with that scenario.
Lesson 4 - Easy Upgrade
Once the new appliance had been deployed the migration of the hosts and vms was pretty straight forward. Disconnect the hosts from the 5.0 Windows vCenter, add the hosts to the newly created vCenter 6.0 Appliance and place them in the new cluster.
At this point it’s just a matter of upgrading hosts and vms. I created a new upgrade baseline using the ESXi 6.0 Update 1 iso and attached that to the host that required the upgrade. This is only one of many upgrade paths to 6.0.
Don’t forget that you will need to have deployed the Update Manager. This is not supported on the same vm as the appliance so this will need to be installed on a separate vm. Note: The VCSA iso does not have the installer so you will need to download the the vCenter iso alongside the VCSA iso.
Here we are in the future that Back to the Future predicted and I find myself contemplating what the past really looked like compared to now for IT.
For those of you that live under a rock and have not seen the movies I will give a brief summarization of the second movie from the trilogy. In "Back to the Future Part II," Marty McFly travels to October 21, 2015, to save his children, yet to be born in "Back to the Future's" 1985.
The movie plot is tangled by fixing one thing, McFly, Doc Brown and the villainous Biff Tannen create a number of new mishaps but what remains is the film's vision of a year that was still more than a quarter-century away when the movie was shot and released in 1989.
In the IT realm of things I found myself reminiscing of what the data center looked like back in 1989 when the movie was released not to mention 1985 when the movie itself takes place. So, hold onto your hats, "Great Scott!!", we are going back to the past to revisit the data center before VMware's inception in 1998 and the impact we see today.
In order to bore my reader thoroughly I will give a brief history lesson on computing but don't worry I have added plenty of pictures to stimulate your brains. So, let's fire this blog up to 88 miles per hour and get to the past.
Arriving in the 1980s we find mainframe computers, whose components would take up the whole room had been joined by mini computers, where the components had been developed to such an extent everything could be housed in a single cabinet, even if these were still the size of commercial freezers.
During the 1980s, computer components were developed that were smaller and more powerful until eventually the microcomputer or desktop PC came to be developed. The early ones were sold in kit form mainly to home enthusiasts. Eventually, though, these became more reliable and software was developed that meant they found their way into businesses. Eventually the ‘dumb’ terminals connected to a mainframe computer were replaced with microcomputers, each with their own processors and hard drives. However, since this segmented information, issues of data integrity and duplication soon led to the development of networks of server and client microcomputers, and the servers often ended up housed in the computer rooms either alongside or instead of the mainframes and minicomputers, often in 19” rack mounts that resemble rows of lockers.
In 1985, IBM provided more than $30 million in products and support over the course of 5 years to a supercomputer facility established at Cornell University in Ithaca, New York.
This is what the data center looked like in the 1980's and in the immortal words of Doc Brown, "Great Scott!".
Jumping back into the delorean and taking a quick trip forward to 1990's we find the data center is still evolving and microcomputers are now called “servers”. Companies started putting up server rooms inside their company walls with the availability of inexpensive networking equipment.
The biggest change in the nature of data centers comes as a result of the lifting of restrictions on the commercial use of the Internet.
Companies needed fast Internet connectivity and nonstop operation to deploy systems and establish a presence on the Internet and many companies started building very large facilities to provide businesses with a range of solutions for systems deployment and operation.
Enter the time of virtualization development. In 1998 VMware comes onto the scene with a patent for their virtualization platform and on February 8, 1999, VMware introduces the first x86 virtualization product, VMware Virtual Platform, based on earlier research by its founders at Stanford University.
The impact of this is not fully realized at the time but this event will change the future of data centers for ever, (see the timeline below).
The solution was a combination of binary translation and direct execution on the processor that allowed multiple guest OS's to run in full isolation on the same computer with readily affordable virtualization overhead.
Now let's hop back into that delorean and take one last trip to where we find ourselves today.
VMware started this revolution nearly 17 years ago, and is continuing to lead the industry in building out an operating system agnostic virtualization ecosystem to help companies transform their IT environments. Today there is no alternative that compares to VMware's performance, stability, ease of management, security, support, features and vast partner ecosystem.
I guess the big question now is what will the future hold for us in IT? The data center is now moving into the "cloud" with again VMware leading the charge with the idea of One Cloud, Any Application.
We have seen the data center shrink its footprint, hosting multiple virtual servers on an x86 platform. We have seen the transformation of the business computer or workstation with VDI. We have seen the virtualization of the storage with VSAN and VVOLs. We have seen the virtualization of the network with NSX and are seeing the transformation of companies into the cloud with vSphere Hybrid Cloud. We have also, see the transformation of applications and application mobility with containerization and virtualization of the applications.
What will the future hold for those of us lucky enough to bare witness to it? Only time will tell and I for one am off for one last adventure in the delorean to visit the future where Dell owns the world of computing.
I'll let everyone know how the stock does when they go public. See you all in the future.