New Licensing for vSphere and vSOM

So one of the advantages of being a partner is getting hold of information about product launches, promotions and license restructures a few weeks before the official public announcement.

Anyways, now that it’s been announced it’s interesting what VMware have done with vSphere and vSphere with Operations Management.

  • VMware have dropped the Enterprise License from vSphere
  • VMware have dropped both Standard and Enterprise from vSOM
  • vSphere Standard now comes with APIs for Array Integration and Multipathing. But in order to get DRS and DPM customers are now forced to buy Enterprise Plus! (All previously available with Enterprise)
  • vCenter Server Standard will come with 25x OSI licenses for vRealize Log Insight
  • Price increase of vSOM Enterprise Plus from $4,245 per CPU to $4,395.
  • Price increase of vCenter Server Standard from $4,995 per instance to $5,995

Interesting times……

With the dropping of vSOM Std and vROps only packaged with Ent Plus, does that mean they now consider Operations Management as an ‘Enterprise Play’?

And whilst there’s a promotion for 50% discount on upgrades, a lot of customers are going to be pretty peeved at this change in licensing!

I’m not going to say more on this topic as I’ve been asked to write an article for SearchVMware on these price and license changes so stay tuned for that article…. =)

 

vSphere 6.0 update 1 and Virtual SAN 6.1 released (plus other goodies)

…. and so just a week after VMworld 2015 US, VMware have released vSphere 6.0 update 1 and a number of other product updates….. without ANY fanfare….. it was such a silent release that the first I heard about it was when all the community bloggers started posting up announcements!

Anyways, here are the products released today:

vSphere ESXi & vCenter Server 6.0 update 1 Download
vSphere ESXi 6.0 update 1 Release Notes
vCenter Server 6.0 update 1 Release Notes

Note: There has already been a KB released regarding the upgrade:
https://blogs.vmware.com/kb/2015/09/alert-important-information-before-upgrading-to-vsphere-6-0-update-1.html

In addition to vSphere and vCenter Server, all the other components of vSphere/vCenter received an update:
vSphere Update Manager 6.0 update 1
vSphere Replication 6.1

vSphere Data Protection 6.1
vRealize Orchestrator Appliance 6.0.3

The good news is that VUM is now integrated into the Web Client!! =)

SRM got an update as well:
Site Recovery Manager 6.1 Download
Site Recovery Manager 6.1 Release Notes

This brings some cool stuff to SRM like:

  • Policy-based management – offering New protection groups using vSphere storage policies for protection of VMs.
  • Support for Auto-mapping of stretched NSX networks (using Universal Logical Switches).
  • Support for stretched storage (like EMC VPLEX), that now includes the ability to use vMotion to move VMs from Site A to Site B.

Although no news on whether Site Recovery Manager Air (for vCloud Air DR) has been launched yet….. =(

Most importantly is the launch of Virtual SAN 6.1:
Virtual SAN 6.1 Download
Virtual SAN 6.1 Release Notes

This new update now:

  • Supports stretched VSAN clusters that span two geographic locations to protect data from site failures or loss of network connection (using the feature of Fault Domains).
  • Support for 2 node ROBO configurations.
  • Enhanced Replication (RPO of 5mins with vSphere Replication)
  • Support for SMP-FT
  • New hardware options (such as support for the new flash devices: Intel NVMe, Diablo UltraDIMM)

Also loads of updates to the vRealize Suite of products:
vRealize Operations Manager 6.1.0 Download
vRealize Operations Manager 6.1.0 Release Notes
vRealize Log Insight 3.0 Download
vRealize Log Insight 3.0 Release Notes
vRealize Automation 6.2.3 Download
vRealize Automation 6.2.3 Release Notes
vRealize Code Stream 1.2.0 Download
vRealize Code Stream 1.2.0 Release Notes
vRealize Business Standard 6.2.3 & vRealize Business Advanced/Enterprise 8.2.3 Download
vRealize Business 6.2.3 Release Notes
vRealize Business Advanced/Enterprise 8.2.3 Release Notes

In addition, the new version of vCloud Director was released for Service Providers (no long available for end-users) which offers vSphere 6.0 and NSX 6.1.4 support, there are also some minor Org vDC template and vApp Enhancements.
VMware vCloud Director 8.0 for Service Providers Download
VMware vCloud Director 8.0 Release Notes

Horizon also got a minor update earlier this month:
Horizon 6 version 6.2 Download
Horizon 6 version 6.2 Release Notes

Tech Radar Pro Article and MTI VMware Partner Status

So the article I wrote a few months ago for MTI Times/MTI Bytes was shorten and submitted by our marketing team to Tech Radar Pro as part of an agreement to submit several articles regarding MTI’s insight of the IT Industry….. after what has seem like several months, my article has finally been published on their website! Yay…. ^_^
Funny thing is during the time between me submitting the article and TRP publishing it online VMware have rebranded vCenter Operations Manager as vRealize Operations… lol… =P
So the article is now a bit out-of-date…. =)

Anyways, you can find it here: http://www.techradar.com/news/software/business-software/what-next-for-virtualisation-in-midmarket-companies–1270546

Suffice to say that this is my only claim to fame within my IT career (so far)! =)

On another note, MTI have been invited to become a Premier Partner with VMware, which is a great honour as there are only a select few companies in the UK who have the highest Solution Provider partner status with VMware!
Interesting to see small-little MTI listed alongside the big-hitters like CC, SCC, Softcat, Kelway, Insight, etc….
To be honest, there are quite a number of bigger companies in the UK who are only Enterprise Partners, so it goes to show how much exposure within VMware we have gained in order to be bestowed with a Premier status!

I guess it’s just rewards for the amount of effort myself and my team have put into driving the VMware message to our customers and driving up our VMware business!

Although the downside to all this is that as Premier Partners we need to hold more VMware competencies, which means more training and certifications to do! >_<”
At last count MTI has achieved 6 out of 9 VMware competencies which is pretty good going!

Finally MTI’s VMworld update session will be held on Thursday 20th November 2014, our marketing team is just finalising the central London venue as I post this entry!
Hope to see you there!

vCenter Operations Manager – SSL Certificate issues

So during a recent deployment of vCenter Operations Manager (5.8.2) at a customer site I encountered the following error whilst trying to pair the vCOPs vApp to their vCenter Server.

vcops ssl cert

“Unable to get vCenter Server certificate chain”

This was the first time I had encountered this issue deploying vCOPs, fortunately given how much exposure I got to SSL certifications during a previous project I knew it could be down to one of 2 things….. either the SSL certificate had expired, or that it was not generated with the correct parameters.

Note: Quickest way to look at a vCenter Server’s SSL certificate is to just open a browser and point it at the vCenter’s IP address, then view the certificate…..
vcops ssl 1 vcops ssl 2
(Left – IE, Right – Chrome)

or if it’s a Windows deployment of vCenter 4.1 or later, you can find the certificate here: C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt (Note that c:\ProgramData is a hidden folder!).

 

It seemed that the SSL certificate was valid (expiry date was 2022), however I noticed that the public key certificate was weak as the key length was only 512 bits!!
What had happened was a previous partner had upgraded them from VI3.5 to vSphere 4.0 to vSphere 5.0 and had forgotten to re-generate the SSL certificates!
Prior to vCenter Server 4.1, by default VMware self-signed their SSL certificates with a public key length of 512 bits! So when they upgraded they kept the same SSL certificates.

Post vCenter Server 4.1, if you installed from scratch the public key length is set to RSA 2048 bits by default.
vcops ssl 3
So because the public key length was only 512 bits, vCOPs could not authenticate the vCenter Servers’ certificate (I believe it has to be a minimum of 1024 bits)!
More info from VMware’s KB here: http://kb.vmware.com/kb/2037082 and Microsoft’s KB here: http://support.microsoft.com/kb/2661254

 

As it was a production environment and they couldn’t afford to regenerate their SSL certificates, I had to ‘inject’ the vCenter Server certificate into the vCOPs VMs keystores as follows:

  1. Copy the rui.crt file (the SSL certificate) on the vCenter Server into the tmp drive of the vCOPs UI VM. (This can be easily achieved using WinSCP).
  2. Login to the console of the UI VM as root.
  3. Change to the directory where the certificate keystore is located: /usr/lib/vmware-vcops/user/conf
  4. Issue this command to add the vCenter Server certificate to the certificate store: keytool -importcert -file /tmp/rui.crt -alias https://<VC FQDN or IP>/sdk -keystore truststore -storepass oxygen
  5. Issue this command to verify that the certificate is in the certificate store: keytool -list -keystore truststore -storepass oxygen
  6. Issue this command to copy the truststore file from the UI virtual machine and paste it to the Analytics virtual machine: scp truststore secondvm-external:/usr/lib/vmware-vcops/user/conf/
  7. Restart all services with the su – admin -c “vcops-admin restart” command, or reboot the vApp from the vCOPs admin page.

Once the SSL certificate was injected into the vCOPs VMs keystore it was plain sailing and we could continue with the setup wizard.

 

Ideally if you still have weak certificates in your environment, you should really be replacing them by generating new SSL certs! =)