IAAS is death (to reducing costs)

So I was having lunch with a ex work colleague last week who now works for one of the major cloud providers and we started chatting about companies who just don’t get a very major cloud related point….

Cloud is not about servers, but services.

It may seem a somewhat obvious statement but there is still a huge element of “I want to own everything I use.” The way to look at cloud beyond a quick VM here or there is that most cloud providers already provide the services for your application requirements already…. Database, check. Web services, check. Service x, check. Have you ever seen how many services Amazon has? A lot.

The point is recreating everything from on-premises in IAAS, standing up your own virtual servers is overkill, kills the value proposition and misses the point.

Sure there are some specific cases (Security, compliance, contractual obligations and such) where an administrator will need to keep everything on “infrastructure” they control and manage. If that’s not the case, your doing it wrong and in a very expensive, long winded, re-inventing the wheel fashion.

Why stand up a full SQL server when you can get a DB service for a fraction of the cost and without any of the management overhead but the same (or better performance).

It’s a no brainer really.

 

 

 

 

Workstation 14 first thoughts

Lab in a box (nested lab) nerds such as myself love VMWare workstation. It’s the base upon which we build our labs as it supports ESXi out the box. I decided to take the latest version for a spin.

In my opinion Workstation 14 is a iterative release. There are a few new features that may be useful depending on your requirements. VMware Workstation 14 brings:

  • New CPU support (Ryzen etc)
  • A new hardware version (14)
  • Secure boot for VMs
  • virtual NVMe support

In terms of software there are several new items. Aside from the support for new operating systems (Ubuntu 17, RHEL 7.4 etc).

One interesting new feature is native OVF deployment. I learned that it is now possible to deploy the vCenter/PSC directly as a VM on the local workstation.

This makes things interesting because it removes the need to install ESXi and configure it out. Essentially popping out a PSC/vCenter is as easy as answering a couple of questions and half an hour later, a brand new vCenter! Makes life easier as your dont have to spool up an ESXi server.

Other features support for virtual TPM (Limited use case scenario in my opinion but you can use it as you would for Windows encryption and such.) and VBS support (Vitualization Based Security). VBS is tagged to become the next big thing according to those in the know regarding security.  Support is dependent on the OS to be installed by the way!

Using TPM in VMware workstation

Lastly, and quite interestingly, it looks like when installing systems there are new options! Virtual NVMe  is supported. To quote from the VMware blog:

Virtual NVMe support Workstation 14 Pro introduces a new virtual NVMe storage controller for improved guest operating system performance on Host SSD drives and support for testing VMware vSAN.  NVMe devices require virtual hardware version 13 / ESXi 6.5 compatibility and later.

The testing VMware vSAN certainly looks interesting.

NVMe disks now supported

All in all the upgrade looks to be worth it depending on your usage scenario. Personally I am quite looking forward to experimenting with the NVMe component above all. It was possible previously but required some kludges to make it work.

NSX test drive course… excellent

So I was fortunate enough to be given the opportunity to attend the NSX test drive experience. It was very worthwhile. So what’s it all about?

Firstly, Dell/EMC/VMware looked after us very well. I certainly wasn’t expecting bacon and egg sarnies in the morning ;).  Anyhow… the course.

The class size was 16 (The maximum) and was delivered at EMC Manchester. Essentially it was quality as well as quantity 🙂

So it was described by several of the trainers as the ICM (Install, Configure & Manage)  without the fluff. To be sure, it truly is a techie course for techies. No marketing slides to be seen (Mr VMware, please don’t take that as a hint 😉 )

The whole point of the course is to help people understand NSX and the advantages it brings and how NSX works under the covers. There are too many advantages to list in this short shout out but the way the course was delivered it absolutely made sense.

Day one was how VXLAN works, how to install and configure NSX and the theory. It was almost identical to those courses that you beg management to send you on.

Day two delved even deeper into the whole security setup and how the whole security functionality in NSX works. It may seem simple on the surface but there is a huge hidden layer of complexity if you want to dive that deep.

Other items included touching on Orchestration and how to setup NSX in a multi-vcenter environment.

The layers that make up NSX

These courses are free. If you have a good account manager just ask. I went from knowing a little about NSX to understanding the vast majority of how a basic NSX setup works.

I found it provided an excellent opportunity to the question of “Where do I even start” with NSX.

For anyone that is interested in a course 101 tour of setting up NSX I will be be writing an article that will be appearing on SearchVMware  soon.

It would be remiss of me to not just say a big thanks to Mike, Phil and Kaela for making it happen. You guys rock!

Catch you all later,

Stuart

Physical data loss in a virtual world, who ya gonna call ?

Every IT admin has disaster stories of data loss. Most people have seen the picture of the IBM array that fell through the upper floor of the DC.

Unfortunately not every admin has good backups though. Admittedly, it is not something admins like to think about too much. Speaking to KrollOntrack revealed an interesting story about virtual data loss.

Burn baby burn – Disaster can happen anyware. Original photo Gizmodo.com

Whilst everything about virtualisation gets quicker, automated and more densely packed the risk of data loss increases.  It only takes one bad action, intentional or otherwise and its a case of “Dude, where’s my VM farm gone.”

Speaking to Ernesto @ Ontrack it is a common occurrence. Reasons for data loss include many different scenarios… human error, power loss, malicious deletions, floods and natural disaster, physical array failure… The list goes on.

“We are not here to sell you anything” was a true reflection on the reactive service that you only need when something bad has already happened.

Hopefully I will be writing an interesting new  in-depth article on this for those that are interested in the how, the where and they why but for now, if you want to hear some interesting stories I recommend you drop by their booth @VMworld.

And as a parting thought, to put it into context, shipping an entire array to the clean room for recovery is quite a normal occurrence! Feel you inner nerd.

 

New VMware virtual toys… Desktops, HCX and other thoughts

The big message from this VMworld is as to be expected, hyper mobility at both the client end and the server/cloud end.

Any solution, any device anywhere is already very well known for end user computing but VMware have put their money where their mouth is and added support for Chrome devices for Workspace one. It now means that all the major players are supported.

This whole any device scenario gels with something I had noticed in general as I attend various events… more people than ever are utilising tablets and similar devices rather than classic laptops. Some misguided people even had the Ipad Pro *JK

Moving to the cloud side, it delivers HCX technology. The HCX technology allows the migration of workloads between on-premises, cloud or other other solution. We have all been there, where we have to do a migration and the downtime whilst a server is migrated. HCX solves that solution. It provides a way to do away with that downtime. It isn’t available yet, but it’s coming and it will make life very intesting. It is part of VMware’s play to be the glue that connects all the clouds together.

This change (which I assume includes parts of NSX) has vast ramifications. Think about it this way.. If you have one network that expands to cover all your environments where the VM sits is no longer important. It could be on-site, on cloud. No one cares (except the beancounters!)

This also has huge ramifications for DR.  Normally DR, even virtual DR means that failing over requires some manual or automated configuration (ie IP addreses, host names, firewalls, applications etc.)

Reconfiguring that virtual machine, under pressure of a real DR could be a real pain. That pain is about to go away. With the new VMware stack it means that in a DR scenario bringing up the DR instance becomes a much simpler scenario. No having to re-ip or rename virtual machines and then hope for the best.

Interesting times indeed.

VMware on AWS… What’s your scenario

Last year we got teased about VMWare on AWS but now it is time to show about it. We all know the VMWare / AWS is the future. How to get on to it? Depends on your scenario:

  1. Maintain and expand
  2. Consolidate and migratie
  3. Expand capacity

vSphere can help with all those scenarios. Build your vSphere stack in less than 2.5 hours !

AWS is a full SDDC stack  (vSphere, vSAN, NSX) deployed on bare metal and vCenter as control plane. It  is that simple.

Hybrid link mode for single pane of glass, tick.  Everything just works as expected as it is just vSphere under the hood. As I alluded to recently in an interview about AWS and vSPhere, it is VMware cloud. Support, VMware, Billing. VMware. It is VMware (just to push the point home.)

AWS do get a look in too. AWS serfices such as RDS, S3, IAM can also be consumed by VMware on AWS cloud customers.

vSphere on AWS Nodes consist of:

  • Compute 72vcpups
  • 512 GB ram
  •  14 TB NVME storage, 10 usable.

Other new interesting features include elastic scale. There are also several consumption models including consumption based, ad hoc (credit cards, PO’s etc and lastly, and perhaps most importantly, Hybrid Loyalty program.

Oh and lastly, VMware take care of your patching. More on this later as I am sure a lot of people are interested in that (for better or for worse).

 

 

So it came to be, VMworld Europe 2017

After a bit of travel I have arrived. I am expecting many new and interesting things this year, not least AWS and VMware, all the items they teased us with last year should all be unleashed upon us.

For those returning from last year, the whole VMworld layout is completely different so it may take some getting used to! The new badges are useful though because the password for the wifi is on the back of the rather large attendee pass (as well as a map of all the locations!)

Don’t make the same mistake I made 😉

Need to find an AWS person to talk to and get some VMware on AWS exposure…

Preparing for VMworld 2017

VMware have been gracious enough (or brave enough, depending on your point of view) to invite me back for VMworld 2017. Flights and hotel is all booked but for those VMworld virgins I thought I should post back to my post of items to remember for the Next VMworld.

There are lots of tips in there and it will save you time and hassle if you haven’t done it before!

Really looking forward to it and I am expecting some really good announcements to come out of this years VMworld. It will be especially interesting to see what, if anything, has changed re: VMware IOT offering.

Anyhow, Public service annoucement over!

Privacy As A Service, what might it look like

Privacy has become a valuable asset in today’s world and therefore the technology to protect it has become a very marketable product. When online privacy is mentioned most people automatically think about their Internet web browsing history and social media footprint.

“Every day young adults will call me up and tell me that they can’t get a job due to an ill advised tweet or Facebook issue…Education is key.” – Tony McChrystal, reputation.com

Unfortunately, the more high profile people are, the more people will make use of their online footprint and rarely for good.

The meaning of privacy

According to Dave King, CEO of Digitalis reputation management, all major recent high profile hacks including the Sony hack originated from strategically valuable individuals compromised by highly targeted attacks. The TalkTalk hack is the sole exception to this.

Your browsing history and online profile is only a tiny fraction of a much larger data picture. Publicly available data include the land registry and voter registration databases that a large proportion of us are recorded on.

A quick search of 192.com will tell anyone who has your name and postcode with full name, address, age, neighbours and property price.

Many online retailers use this publicly available data combined with users browsing history to make decisions about what items will influence their purchasing decision.

Each visit is carefully customised to provide a “frictionless” experience in data engineering terms. The more a specific site is visited the more information about the users habits are gathered.

If someone have a Google, Yahoo or Facebook account they are not the consumer, they are the product. Put simply, the more information these companies have on users the more accurately they can target them with highly tuned adverts.

Neterix, a company that specialises in privacy compliance for business commented:

“People are more aware of the value of their personal information, yet so many are willing to trade some of it for “free” services. People have to choose if that service is worth the potential privacy cost.” – Les Pritchard, Neterix.

As an individual people have limited recourse to have such information removed. Privately held databases are allowed to hold information on people as long as they abide by the data protection act (If it applies.) As long as the information is correct and used in a fair manner companies are not compelled to remove it.

The breadth of data detailed above barely scratch the surface. Several private information brokers provide even more detailed information on individuals for a fee. These companies include Experian, Equifax and many large financial organisations.

There are such a huge number of data vendors that trying to take back control of data using opt outs could become a full time undertaking and you can be sure these providers will not want anyone to have an easy ride removing the information as doing so is not in their interest.

Although there are not yet many products on the market for  “Privacy As A Service” they are starting to appear although predominantly targeted to the American market at present

Speaking to several experts on the subject of what privacy as a service looks like there was a common theme about what privacy as to what it might look like.

When asked what such an all-encompassing privacy service might look like King puts it this way:

“A service that manages my services long term and looks to manage my data as a whole, who may have access to it and for what purpose. It should have an educational component as well.  Ideally it would automatically search and monitor for my potential privacy issues.”

Common consensus across all the experts interviewed is that privacy as a service would take the form of a web based portal that will integrate privacy controls alongside a more conventional ad and tracking blocking technology.

Such a service would essentially provide a one-stop shop for management of your online profile and implement privacy controls in a consistent and controlled way. This would allow everyone to avoid online tracking

Some companies will attempt to remove  information from as many online services as possible, for a fee. All these services come with a caveat that they cannot control all the information, all the time. No matter what someone wishes for some records will inevitably stay on the web, especially where required by law.

Interestingly on a similar vein the recent “right to be forgotten” has had a mixed effect since its inception. Google’s own data would suggest that as of July 2015 Google had received requests to remove 1.25 million URLs based on 353,484 requests.

Google has also revealed that the ten most common removal requests represent a mere nine percent of all requests received. Somewhat unsurprisingly the top website for removal requests is Facebook. The second most popular site however is a profile search engine utility. This fact underscores how important it is to pause for thought before putting information on publicly available websites.

“You have to try and understand how your data is going to be used in the future and what it will be used for in the future and be aware of the changes in technology may render it useful in unforeseen ways” – Jim Killock, Open Rights Group

Peoples data is valuable and unfortunately many sites are built around the premise of collecting and mining user submitted data so those using the service essentially become the product and users data is sold on to third parties, none of whom the end user gets to know about.

Until such services are widely available anyone wanting to protect their data should look at what information they give to whom and for what reason. When using online social media familiarise yourself with the privacy tools the vendor provides. At the end of the day it is up to the individual to think before giving away valuable data.

Catch you later!