VMware vExpert Community – Get Involved…

I’m proud to say I’ve been re-accepted as a VMware vExpert again this year – my 5th consecutive year! =)
(yes… I’m 5-stars baby…..!)

https://blogs.vmware.com/vexpert/2019/03/07/vexpert-2019-award-announcement/

Congratulations to all who have be chosen as vExperts for 2019!

I have to say that this years’ application was the toughest yet! Previously you could submit your details and hope to be accepted… this year you had to submit your details, explain what you’ve been doing within the vCommunity and post up information about your blog and stuff (and then pray that the vExpert team look favourably on  you)!! I guess with the vExpert community growing rapidly every year, the vExpert team have decided to put a few more stringent checks in place to ensure that the right people are accepted and recognised as vExperts!
That said, this years’ application caused quite a bit of consternation with my fellow vExpert friends in the WhatsApp group I’m in, I don’t think any of us were certain of being re-approved until the “You’re In” email dropped this week!

One thing’s for sure, I’ve made it a point to try and blog a lot more this year and show more active engagement with VMUG and the wider community! (Not just to justify my vExpert status…. hehe…)

This time round, I’ve decided not to just post up my obligatory “I’m in… thank you vExpert Team for accepting me back!” post. Instead I thought I’d write something that explains what the vExpert community is about, how you can join, and talk a little about my journey! So where shall I start?

Once upon a time…….

 

Who….?

Who are the VMware vExperts? Well, each vExpert has been accepted because they’ve demonstrated significant contributions to the vCommunity! There’s a mistaken view that you must have a blog in order to be accepted, in reality people contribute in various different ways, yes blogging is probably the most effective medium of sharing your expertise with others, but there are other means of ‘evangelising’….

  • Participating in LinkedIn groups (like the VCP group)
  • Tweeting (or using other social media sites) to share experiences about VMware
  • Public Speaking (at local VMUGs, or running marketing campaigns at work)
  • Authoring books
  • Writing scripts that are shared online, or producing your own tool that helps others
  • VMUG participation (either as a leader or a speaker)
  • VMTN Community moderators and also people who help to answer questions on the forum.


What….?

What is the VMware vExpert Program? vExpert is not a technical certification or badge that you need to study for, or pass an exam to join! In fact there are vExperts who don’t even have a VCP…. and then there are some who have multiple VCDXs (I bow down to those guys).

The VMware vExpert program is VMware’s global evangelism and advocacy program. It recognises people who have gone out of their way to evangelise about VMware. The awards are for individuals, not companies, and last for one year – each year you have to reapply!


Where…?

The VMware vExpert Program is a global community, there are vExperts from every continent in the world! It’s difficult to try and get a community together, so we all live virtually within the vExpert Slack Channel (some more than others). The main website for vExperts is https://vexpert.vmware.com

If you’re interested in joining the community, then reach out to your local vExpert Pro – this is a network of vExperts around the world who are willing to identify and recruit new vExperts in their local communities and be mentors for these new vExperts. A directory of vExpert Pros can be found here: https://blogs.vmware.com/vexpert/meet-the-vexpert-pro/

Within the UK there are two vExpert Pros, both are really great guys who live and breath the VMware community:


When…?

Applications are open twice a year – once in November/December with results announced in February for the 1st half of the new calendar year. They then reopen again in June with an August announcement for the 2nd half of the year. Every vExpert as well as any new applicants must apply at least once per year.

For more information visit https://vexpert.vmware.com


Why…?

Why would you want to apply? If you have a passion for VMware technology… if you actively ‘give back’ to the community in some way or form (see above), then you should apply! The vExpert program is recognition for the work you do in the community!!

And the benefits:

  • Invite to a private #Slack channel for vExperts
  • vExpert certificate signed by VMware’s CEO Pat Gelsinger.
  • Private forums on communities.vmware.com.
  • Permission to use the vExpert logo on cards, website, etc for one year
  • Access to a private directory for networking, etc.
  • Exclusive gifts from various VMware partners.
  • Private webinars with VMware partners as well as NFRs.
  • Access to private betas (subject to admission by beta teams).
  • 365-day eval licenses for most products for home lab / cloud providers.
  • Private pre-launch briefings via blogger briefing pre-VMworld (subject to admission by product teams)
  • Blogger early access program for vSphere and some other products.
  • Featured in a public vExpert online directory.
  • Access to vetted VMware & Virtualization content for your social channels.
  • Yearly vExpert parties at both VMworld US and VMworld Europe events.
  • Identification as a vExpert at both VMworld US and VMworld EU.

Me personally, I find the access to NDA webinars and the eval licenses to be worth their weight in gold! But most of all, I value the friends I’ve made within the vExpert communities…. everyone is super friendly, even more so when you bump into each other for the first time at VMworld or other VMware events!!

I’m also lucky to be in a WhatsApp group of vExperts where we can talk shop (technical discussions of VMware products), food (especially our mutual love of nandos), weather (UK seems to have the grimmest weather!), craft beer (or scotch/whiskey/alcohol) and even moan about other technology and vendors…. ;oP


How…?

So how did I end up being a vExpert? It kind of happened by accident… much like my blog! Back in 2012 my wife’s siblings were all avid bloggers about fashion, lifestyle, food and travel (links to their blogs on the bottom right frame), in a passing conversation about blogging they said I should think about starting a blog on technology and gadgets – to be honest I didn’t really think much about it…. then in the summer of 2012 I was involved in a large VMware solution and I got talking to one of the VMware admins at the customer site…. he and a few others suggested that maybe I should blog about my experiences with VMware since I was always coming up with answers to their questions and problems – and so at the start of 2013 I decided to have a go at writing a blog, and “The Virtual Unknown” was born!

Fast forward a year and I was starting to do a lot more within the VMware Partner community, a few people at VMware and at other Partners had found out that I write a blog and since it was quite a rare thing within the UK Partner community that maybe I should try and apply for vExpert status as a “Partner Evangelist”… in all honesty I didn’t think I actually wrote enough articles or even did enough within the community – but I applied and amazingly was accepted (I guess back in 2014/15 the criteria was less stringent – thankfully!).

However, becoming a vExpert opened a lot of doors for me…. you do get recognition as a vExpert and companies seem to respect that (when I meet new people and they see I’m a vExpert, they always seem impressed and ask about the program – similarly when applying for jobs)! The NDA sessions have given me insight before the rest of the market with regards to product roadmaps – and this fuels my thirst for learning about new technologies and solutions (and led me to joining the vSAN vExpert sub group). I’ve enjoyed the opportunity to network with fellow vExperts on slack and at VMworld. Finally it’s pushed me on to try and do more blogging and give back more to the community! =)

 

So…. if this post hasn’t encouraged you to think about joining the vExpert community, then I’m a failed advocate for the program…. ;oP

Joking aside, if you’re interested in joining the vExpert community then your first port of call is to reach out to a vExpert Pro… alternatively feel free to drop me a tweet or message me via LinkedIn!

Advertisements

My Big Bets for 2019 – CloudHealth – Part 2

Yesterday’s article tried to set the scene and discuss why I think CloudHealth is such a great product, today’s article will be about 3 features that caught my eye that I’ve found to be pretty cool.

Policies

In the adapted words of Beyonce…. “Who Run the Cloud… Policies!!”

Policies should be used to run the cloud infrastructure where your workloads reside. But in order for policies to be effective you need an understanding of your cloud workloads, how their components work together and also a policy management system that makes it easy to define and configure policies according to different rulesets and actions. Policies can be configured to control costs, optimise performance, and enhance security and compliance – think of them as you cloud platform rule book!

CloudHealth allows you to automate your cloud policy management – this means the platform will continuously monitor your workloads to ensure they stay in compliance with any policies you set, and when it discovers a workload has violated a policy it can remediate following a set of pre-defined actions. In any environment, IT admins spend a lot of their time on BAU and keeping the lights on. Being able to use automation means you can spend less time monitoring and managing your environment and more time focusing on more business-critical issues or new innovative projects.

When an event occurs that triggers a policy, the CloudHealth policy management system can be configured to apply a number of different actions to suit the circumstances of the policy triggered, such as:

  • Send a notification to the Cloud Admin if the projected monthly spend is going to be greater than 100% of the budget allocated.
  • Take a snapshot and delete a block storage volume if it’s been unattached for a week.
  • Monitor workload utilisation and expand resources if the workload is underprovisioned.
  • Archive and delete virtual machines that have been idle for a month.
  • Stop workloads being deployed if the user has consumed their monthly allocation of resources.
  • And so on….

Policies and actions help to automate the governance of your cloud environment! If policies are the rule book, think of CloudHealth as Judge, Jury and Executioner!! =P

JD

Perspectives

Within CloudHealth, “Perspectives” is a great way for the end user to view and group cloud components together in order to align them with a business objective – for example grouping workloads across multiple cloud instances to a line of business, or to a user, or to a specific type of cloud instance (say an EC2 instance), in fact you can tag components in AWS and use them to help build Perspectives.

Perspectives enable precision reporting, showing you unique ‘point-of-views’ to your cloud environment for the given group. They are rule-based, allowing you to report from both an operational (e.g. applications, roles) and a business standpoint (e.g. departments, product lines). Best of all you can create dynamic groups that automatically update as changes occur!

The platform will allow line of businesses to visualise and analyse infrastructure assets and services, and the corresponding data in ways that are most meaningful to them. As a result, they can fully understand what’s happening in their infrastructures, pinpoint the root causes of issues, and mitigate risks to optimise infrastructure performance, availability, and security

Reporting

And that leads me straight into Reporting! Perspectives are used throughout the CloudHealth platform to help build out dashboard views and reports – and there are vast amounts of dashboard views that look into consumption or cost trends. Each view typically allows you to drill down into individual users or virtual machines or lines of business!

The Cross-Cloud Cost dashboard is a very useful reporting tool for customers who run multiple clouds, showing on one single page what the cost and consumption are like, and even showing you cost history by owner – which means you can quickly identify which users are racking up those huge cloud bills!

One of the features I really like on CloudHealth is the simple Health Check report than can be generated after 24hrs of collecting metrics – reporting on cost consumption and possible optimisation scenarios with potential cost savings (for example reclaiming under-utilised instances or unused storage volumes). There’s also a recommendation on Reservation Management – determining how much could be saved using Reserved Instances rather than PAYG pricing and the ROI that can be achieved.

healthcheck

Another interesting tool is the Reserved Instances Optimizer which can offer recommendations on cost saving opportunities by analysing the utilisation across the whole cloud environment and then determine the optimum buy point for RIs (assuming you have unlimited budget). However, if you don’t have unlimited budget to buy a huge chunk of RIs up front, then you can set your budget using the slide bar and re-run the optimizer tool which will then work out the best assets to place into the RI given your budget, and the potential cost savings and ROI in doing so!

Optimizer also allows you to filter the report to only the assets you care about – for example the recommendations with regards to your production environment.

optimiser

 

Conclusion

CloudHealth is a great tool that allows organisations the capability to gain insights into their cloud costs and manage the utilisation of cloud resources. In addition it grants organisations the ability to address security issues of cloud workloads and align a set of corporate policies across multi-cloud workloads to ensure compliancy. It also allows organisations the flexibility of determining how data is analysed, organised and reported by using Perspectives – correlating data with business goals to aid decision making. Finally, CloudHealth offers the ability to automate workflows by creating custom policies and guidelines that define how automated actions and tasks are executed.

If you want to find out more information on CloudHealth and its additional features and functions, then head along to their website or get in touch with your VMware Account Manager!

My Big Bets for 2019 – CloudHealth – Part 1

Originally I wanted to write a single article about CloudHealth, but over time I ended up adding so much content to the article that it was more an essay than a blog! I’ve decided to split it into two and cut out a lot of feature reviews – so todays’ article is more about scene-setting and my thoughts on CloudHealth, and tomorrow’s article will be about 3 features I’ve found pretty cool.

The Market

Cloud has been talked about for years, but many organisations have been uncertain about closing down their data centres and taking that giant leap to public cloud. In reality, many businesses have taken a multi-cloud approach – I’ve seen customers who have Azure instances for storage and archive, with AWS instances for DevOps and web applications, in addition to the vast array of infrastructure that they still currently run within their own data centres for all those legacy applications they can’t quite get rid off!

But the issue with this multi-cloud approach (and I include on-prem/private cloud here), is that management becomes a complete nightmare! It’s the lack of visibility that puts people off… then there are the huge bills that typically occur due to unmanaged consumption… or the pain of migrating across workloads!
I’ve lost count how many customers I’ve spoken to who have said that moving to the cloud has been a costly nightmare, mainly due to being under-prepared and over-provisioned!
Or the number of customers who tell me they only consume Azure, only for an audit to show up pockets of AWS instances where the lines of business have gone direct to public cloud because IT were unable to provide the same agile services.

The Challenge

The challenge is how do organisations deal with operational complexity as they scale their cloud environments? How do they ensure that they have visibility whilst consuming multiple clouds? How do they manage security and compliance of cloud workloads, whilst ensuring governance across multiple disparate clouds? And more importantly how can they accurately report to the business the costs of consumption on these clouds or even predict future costs? These are all well known issues with going to public cloud!

If I had a pound for every time I hear IT/Cloud Admins moaning that they’re just seen by the business as a blackhole that sucks in money, then I still wouldn’t be very rich (think thousands rather than millions). =)

However, the statement is pretty true! The business typically sees the huge bills with no real justification behind it! Having the right cloud management and operations platform is critical to an organisations’ cloud strategy. In fact giving the business visibility into costs and operational aspects will help control the risk across multi-cloud without reducing agility – it may even accelerate the effort of multi-cloud adoption! You need a tool that helps provide tangible data to show how IT supports the business initiatives – aligning the cost of cloud consumption to a project or line of business, or even helping to identify the culprits who rack up those large cloud charges and the workloads they run!

cloud

The Answer

At VMworld 2018 US, an announcement was made by Pat Gelsinger that VMware were acquiring CloudHealth Technologies (for an undisclosed sum – Reuters reported it to be close to $500mil, now that’s a hefty piece of cheese!). The acquisition of CloudHealth makes a lot of sense, as here we have a SaaS solution which offers multi-cloud management across AWS, Azure and GCP, giving customers a way to manage cloud costs, usage and performance, security and governance, all from a single dashboard!

One aspect that was always missing from VMware’s Cloud Management Platform was a product that could manage multiple clouds from a single-pane-of-glass. VMware tried to do it with the vRealize Suite but people quickly realised it didn’t have the native integration needed in order to successfully monitor, manage and analyse public cloud workloads – VMware were using existing products and trying to retro-fit them as a CMP. You pretty much had 3 separate products – vRealize Operations to monitor workloads and utilisation, vRealize Business for Cloud for cost analysis, and vRealize Automation for managing workflows and self-service. CloudHealth has been purposely-built from the ground up to be a Cloud Management & Operations Platform!

In the short time I’ve read and watched demos of the product in action, my opinion is that CloudHealth will become ‘the’ Cloud Operations Platform of choice for the industry (assuming VMware gets their pricing correct!) – no other product offers customers such granular visibility and insight to cloud costs and consumption and provides such ease of aligning them to lines-of-business for reporting. Day 2 operations such as control and optimisation of cloud consumption, and ensuring compliance and performance of the environments is easily done by setting policies and actions (more on this tomorrow). The direction is to obviously make this a tool where people can manage and monitor every public and private cloud, and I wouldn’t be surprised if at some point in the future roadmap there would be some sort of workload automation that gets rolled out – for example you setup a policy to monitor consumption costs for a web app and the cost comparison of running that workload across the different public cloud providers, the remediation action would be to migrate the workload to the cheapest cloud every billing cycle (maybe quarterly)!

At the moment there’s no news as to whether CloudHealth will replace vRealize Suite, I can only assume that vRealize Business for Cloud will merge into CloudHealth as they do pretty similar things. Similarly I think VMware Secure State (real-time configuration of security and compliance of cloud workloads) will be merged into CloudHealth, as again they both offer the same type of services.

It’s also interesting to hear that they’re potentially looking to integrate VMware’s Cloud Automation Services and Wavefront products into the CloudHealth Platform – maybe offering a future look into how CloudHealth could integrate into the continuous delivery of DevOps and take remediation actions? The Wavefront integration would expand CloudHealth’s reach into the cloud native apps itself (rather than just looking at the underlying infrastructure components).

For the time being I guess the advice to customers would be to continue to use vRealize to manage on-prem private cloud with CloudHealth managing public cloud – although that said, there’s still not much information available with regards to whether CloudHealth can currently work with on-prem vSphere deployments and with VMware Cloud on AWS – but I guess this integration is more than likely being worked on feverishly and I wouldn’t be surprised if there isn’t something launched before VMworld this year! How cool would that be?

spongebob

The obvious low-hanging fruit for VMware is to go after all the MSPs within their VCPP stream to roll out CloudHealth, it’s going to be interesting to see which direction VMware focuses on first – MSP or resale.

For now, it seems that VMware has a complete story to tell to customers in regards to their cloud strategy – “A cloud solution must be able to support the development and delivery of any application, on to any cloud, and accessible by any device, whilst maintaining enterprise requirements around security and compliance, and being able to simplify Day 2 operations for management of multi-clouds….”
(bit of a mouthful)

My Big Bets for 2019 – Intro

Over the Christmas period I started to plan out what I wanted to blog about at the start of 2019. I realised during my vExpert application (damn, it’s so much more stringent now!!) that I haven’t blogged as much as I used to – and that’s mainly because I didn’t want to just post meaningless blogs about how to install/configure the next iteration of vSphere or vSAN. I find there’s been a huge uptake in new bloggers just posting how to “install, configure, manage” certain VMware products and I really didn’t want to take my blog back down that path… especially since it’s very easy to just google “how to install/configure vSAN” – not to mention that VMware have now made the installations so damn easy that my 8 year old nephew could do it!! (Which kind of makes me wonder why people would want to blog about it?!?)

I decided that I wanted to take my blog in a different direction and make it more ‘advisory’ by posting my thoughts on VMware’s vision, what products are new to the market and their benefits, what are they being used for, etc. At the start of the new year I was planning on writing a blog article about products I see taking off in 2019, but due to other events that occurred in my life (like getting made redundant) my blog got put on the back burner for a while.

Now that I have a bit more time on my hands (being freshly unemployed) I’ve decided to resurrect the idea and expand it into several posts.

I decided to look over the VMware portfolio and pick out products that I think are going to make big waves in 2019 – much like how vSAN and HCI did in 2018.

So without further ado….. My Three Big Bets for 2019 are:

  1. CloudHealth
  2. VMware Cloud Foundation
  3. VMware Cloud on AWS

Why have I chosen these 3 products? Well if you look at the general market and what businesses are exploring, there’s a big sense of urgency to do something in the ‘cloud’… but many businesses have failed to execute their cloud strategy due to the problems they encounter with migrating over workloads and managing their public cloud alongside their existing on-premise infrastructure. These 3 products in my opinion now form the vision VMware has with regards to hybrid cloud… a public cloud platform, a private cloud platform, all built on the same software stack giving consistent infrastructure and now with a cloud management tool that provides consistent operations across multiple clouds!

Over the next couple of weeks (or depending on how quickly I can write the articles given my wife has a long list of chores for me to do) I’ll be blogging about each solution, what it’s used for and why I believe it will succeed in 2019.

Stay tuned! =)

vSAN vExpert

Honoured to once again be accepted back into the vSAN vExpert sub-programme, this will be the 4th year in a row I’ve been a vSAN vExpert – ever since it was established back in 2016!

It’s been an amazing 4 years… vSAN has come so far and I’ve been proud to be an advocate/evangelist for the product ever since I first sat eyes on it from reading Yellow-Bricks and CormacHogan.com)

Here’s to an exciting 2019 for vSAN…. hoping the beta services are released to market this year!

vexpert

vSphere-Land Top vBlog 2018

Once again vSphere-Land are running their Top vBlogs for 2018….

http://vsphere-land.com/uncategorized/introducing-top-vblog-2018.html

This is where the general public can vote for their favourite vBlog of 2018!

I’m again listed, so if you feel that what I write isn’t a pile of crud and you fine some of the stuff interesting, then feel free to vote away…

I think I ranked 177 last year, although if I’m honest there are so many good blogs out there that I think I’ll end up outside the top 200 this year!

Still surprised that there are some great blogs missing (to name a few):

  • Emad Younis, who writes so much good stuff on vCSA and now more recently on VMware Cloud on AWS!
  • Chanaka Ekanayake, great blogger from a VMware partner.
  • My good friends at vMusketeers who write on a variety of VMware content!
  • Mike Foley, a blog site I’ve used a lot this year with regards to security on vSphere.
  • Paul Wynne, great guy from Dell EMC who loves VxRail & vSAN as much as I do!!

 

Anyways, head over to vSphere-Land and give out some love to the community!

As One Chapter Closes…..

…. another opens!

After 5 amazing years at MTI Technology, I’ve decided that it’s time I moved on in order to progress my career….. this has been one of the hardest decisions I’ve had to make because I’m leaving behind a great bunch of folks and a team that’s helped me get to where I am today!

5 years ago I was one of the unfortunate ones who got caught up in the train-crash that was 2e2…. a huge reseller that was badly managed, borrowed too heavily for acquisitions and pretty much went bust over night when their banks refused to restructure their debt! Coming from a large reseller where I was under-valued and just one of a thousand employees to a much smaller reseller where everyone knew you by name was an eye-opener! All of a sudden I was valued for my input, trusted to get on with my job and given the opportunity to pro-actively pursue my own thirst for knowledge. I quickly picked up Dell EMC and Cisco knowledge, and was encouraged to continue expanding my VMware skills…..

In the 5 years at MTI, I started my blog, got recognised as a VMware vExpert (4th year now), became a Dell EMC VxRail Xpert, grown my network within VMware and Dell EMC, and helped to drive the VMware business within MTI… I even got to propose a marketing campaign (MTI Secure HCI) and pull together the content that led to MTI winning Best Marketing Campaign of the year at the recent CRN Sales & Marketing Awards!

So a lot has been achieved in a short period of time! As the VMworld tagline this year says…. “Possible Begins with You!”

So where am I off to….. well to those who know me it’s not going to be a big surprise…. I’m joining VMware!! =)

TBH, I’ve had opportunities to join VMware (and even Dell EMC) in the past but the roles haven’t really been enticing enough for me to leave MTI… I was happy with my role and also with the team around me! I even had opportunities to join other VARs, but I’ve always valued my work-life balance more than chasing a bigger paycheck so a sideways career move makes no sense to me!

About 5 months ago, I stumbled across a new role that was being advertised – Partner Solutions Architect – it was a role within a team focused on driving VMware’s partner engagement model. VMware have always valued the channel, and they’ve quickly realised that it’s the channel that’s going to drive any increase in their revenue!
My role is to help with the technical enablement of partners, as well as working alongside the Practise Development Managers to help the next set of partners along their VMware journey – most importantly to help them increase their VMware revenue!
It’s a very different role than what I’m used to…. a channel-focused role that’s moving me away from end-users and customers. Ironic thing is, MTI are one of those partners and I may even end up back looking after them! =P

Working for a Solutions Provider or VAR (Value-Added Reseller) like MTI has given me huge exposure to new technologies (recently that’s been Rubrik and Cohesity), and in a way I’m going to miss that wide-spectrum of exposure! However, having worked with VMware products for nearly 12+ years I finally decided it was time to join the V-mothership!

If anyone reading this blog is at an end-user or unsure of what to do with their careers, then if you want a challenge and quickly pick up skills from multiple vendors you need to join a VAR!

 

Finally before I end, I have to admit that I am very grateful to the management at MTI for allowing me to go to VMworld next week as part of the MTI team, even though I’m leaving. It just goes to show the respect and appreciation that the management have shown me over the years!

So those of you heading out to VMworld next week, I hope to see you there whilst still wearing the MTI badge…. and a week later I’ll be wearing the VMware badge! =)

 

I’m going to miss the team at MTI… they’re a great bunch of guys to work with and the future looks very interesting and rosy! I’m also going to miss the customers that I’ve worked with (yup – surprisingly).

The only regret I have is not being able to find a replacement during my notice period (can’t believe the marketplace is so short of decent pre-sales consultants!!). So as I sign off…. I’ll leave by advertising that there’s still a role at MTI for a VMware pre-sales consultant if anyone reading this blog is interested! =)

Intel L1 Terminal Fault Vulnerabilities – VxRail fix

So Dell EMC have finally released an update to VxRail that fixes the Intel vulnerability which Intel disclosed last month…. Software version 4.0.520 and 4.5.218….

I know a lot of customers have been asking why it’s taken so long, but they have to understand that the VxRail is a turnkey appliance which means Dell EMC and VMware do a whole bunch of testing and validation to ensure any patches/upgrades do not impact the end-user. VxRail’s update process is fully automated and the validation ensures that end-users can be reassured that when they upload the update file and hit ‘install’ that they will go from one good known state to another!

Anyways…..

VxRail Appliance software 4.0.520 contains vSphere 6.0 Express Patch 15 / Upgrade
3h which addresses the L1 Terminal Fault vulnerability.

VxRail 4.5.218 contains vSphere 6.5 EP8/U2c which addresses the L1 Terminal Fault vulnerability.

Refer to VMware KB reference 55636 for a centralized source of information. A high-level introduction follows:

  • CVE-2018-3646 (L1 Terminal Fault – VMM), requires Hypervisor-Specific Mitigations for hosts running on Intel hardware.
    • Sequential-Context attack vector: mitigated through a vSphere update process including vCenter and ESXi. Mitigation enabled by default and does not impose a significant performance impact.
    • Concurrent-context attack vector: mitigated by enabling a new advanced configuration option hyperthreading Mitigation included in the update. This option also known as the ESXi Side-Channel-Aware Scheduler. The initial version of this feature will only schedule the hypervisor and VMs on one logical process of an Intel Hyperthreading-enabled core. This feature may impose a non-trivial performance impact and is not enabled by default. Please take time to analyze your environment’s capacity prior to enabling the mitigation.
    • For technical details please see VMware KB reference 55806.
  • CVE-2018-3620 (L1 Terminal Fault – OS)
    • Local privilege escalation, requires Operating System-Specific Mitigations. vCSA (and PSC) 6.x are impacted, workaround is available.
    • For technical details please see VMware Security Bulletin VMSA-2018-0021, VMware KB reference 55807 and 52312.
  • CVE-2018-3615 (L1 Terminal Fault – SGX)
    • Does not affect VxRail and VMware products. See VMware KB reference 54913.

 

Upgrades should be available to download and run…. Alternatively speak to your Dell EMC representative (or contact me or my company: MTI)

VMworld 2018 US – Day 1 General Session Round Up

So the great thing about VMworld US is that they live stream the General Session for the rest of us who can’t make it over to Vegas… whilst you can’t get the whole VMworld US experience just by watching the GS live stream, at least you get to hear the same news as those in Vegas.

Pat Gelsinger opened up the GS by showing the world his bad-ass “VMware” tattoo… not quite sure if it’s real – many commenting on VMware’s tweet that the tattoo gun doesn’t look like it has ink in it… =P
https://twitter.com/vmwarenews/status/1034109813129535488

A nice little montage to celebrate the 20th anniversary of VMware… 1998… long time… From Server Virtualisation to EUC to Network Virtualisation to Cloud and now Hybrid/Multi-Cloud.

VMware’s Vision is still the same – Any Device, Any App, Any Cloud… and we’re told businesses are still on a multi-cloud journey! The thing is, so many companies have a ‘cloud’ strategy, but many just can’t execute that cloud adoption because they are stuck trying to migrate workloads off their traditional DC into the public cloud!
This is where VMware stands apart with their partnership with AWS and their Cloud Foundations solution! Move your on-prem DC to a SDDC and then “ruthlessly automate everything!!” =)

Project Dimension was quickly mentioned as a Tech Preview that will extend VMware Cloud to the data center, ROBO and edge. It combines VMware Cloud Foundations with HCI and a VMware Cloud managed service to deliver an SDDC solution, end-to-end, operated and supported by VMware. The solution will simplify cloud deployments handling all aspects of configuration, security, and management – leaving customers to worry-less about infrastructure and focus more on their business innovations!

Dimension

There were a few nice VMC on AWS announcements…

  • firstly the rollout of its services in Sydney to serve APJ
  • secondly that vSAN will be using Amazon Elastic Block Storage (EBS) allowing customers to independently scale compute and storage requirements (and effectively allowing users to deploy storage-dense workloads)
  • thirdly Amazon Relational Database Service (RDS) on VMware making it easy for customers to set up, operate, scale and migrate Relational DBs on-prem and in VMC on AWS.

It’s amazing how far the partnership has come in a single year!

Roadmap for further rollouts:
vmconaws.png

More here: https://cloud.vmware.com/community/2018/08/26/vmware-cloud-aws-charging-ahead/

Finally there was an announcement of the acquisition of CloudHealth Technologies… From what I can see, CloudHealth Tech delivers a SAAS platform that offers Cloud Operations across AWS, Azure and GCP – it helps customers to analyze, manage cloud costs, usage and monitor performance across multi-clouds. This looks like a CMP on steroids and should complement VMware’s existing CMP and SAAS offerings (vRealize/Cloud Automation Services and Wavefront). CloudHealth will become ‘the’ Cloud Operations Platform of choice for the industry…. allowing customers to control, analyze the costs, compliance and performance of their compute environments across on-prem and public clouds!

To end it all, VMware’s CTO – Ray O’Farrell – came on stage to demo several of the new announcements and new products:

  • Migrating workloads from on-prem to the cloud – demo’ing bulk migration of an entire data centre using vSphere replication and then vMotion – with no downtime!
  • Project Dimension showing how cloud services can be ‘stretched’ between VMC on AWS and a customers on-prem DC. Also how both on-prem and edge infrastructure can be monitored as part of VMware’s managed service.
  • Short Amazon RDS demo showing the service running on-prem and in AWS.
  • A mention of something called Project Magna which leverages AI and Machine Learning to self-optimize a virtual environment…. changing the SD in SDDC from Software-Defined to Self-Driving!
  • A demo of VMware PKS showing the integration of NSX with PKS and how you can automate security of kubernetes.
  • A nice demo showing vROPs monitoring workloads requiring GPUs and the new feature of vMotion for GPU enabled VMs (a limitation previously of Horizon/vSphere)
  • Blockchain is everywhere!! Project Concord is an open source infrastructure for Enterprise Blockchains focusing on performance and scalability.
  • Dell EMC’s new factory-provisioning service for VMware Workspace ONE, where devices will ship ready for integration as end-points.
  • Workspace ONE intelligence, advising IT operations of problems with incompatible applications and patches (automate patch testing to predict whether a new patch will work).
  • A demo to show the support of ESXi on 64-bit ARM platforms.

And to close the GS, two major annoucements around security, one for compute and one for Network…

  • Firstly – vSphere Platinum, packaging AppDefense with vSphere ESXi. This new offering will have AppDefense built in which uses machine learning and a variety of other inputs to baseline known good states of a VM. AppDefense can then act on deviations of that baseline, executing automated actions – such as changing firewall settings, alerting, offloading for deeper network packet inspection.
  • Secondly – Adaptive Micro-Segmentation, integrating AppDefense and NSX. Security solutions should “Learn, Lock and Adapt” to threats… AppDefense will offer the dynamic learning and adaption looking into the VM and applications, NSX will offer the Lock.

 

And with that…. I end my summary of the first day’s GS…. =)

 

EDIT: Day 1 General Session is now available for replay: https://www.vmworld.com/en/us/learning/general-sessions.html

VMware vExpert vSAN 2018 Announced

Phew…. *sigh of relief* ….. thankfully this year I’ve made the cut again for the vExpert vSAN track! =)

Almost didn’t make it as I was on holiday during the application process and missed the original deadline. Thankfully the application was still live so I sneaked in an application and sent my apologies to the vExpert admin team.

Anyways, congrats to all returning vExpert vSAN members and welcome to all new members joining for the 1st time!

https://blogs.vmware.com/vmtn/2018/06/vexpert-vsan-2018-announcement.html

Let’s keep evangelising about vSAN and drive that customer demand…… as VMware announced recently, there are now over 14,000 vSAN and VxRail customers (as of the end of Q1)! That’s impressive for a product that was only launched in 2014!

I’m a big big advocate of VxRail and love talking about the HCI solution to my customers… I’m also proud that MTI are one of the leading partners in the UK for VxRail (and also one of the very first partners to sell/deploy VxRail when it launched)!