VMware sells off vCloud Air to OVH

Hmm…. so that was an interesting announcement from VMware last week!….. although if I’m honest it makes perfect sense!

OVH Group announcing it’s intent to acquire the vCloud Air Business from VMware: https://www.vmware.com/radius/vmware-cloud-air-evolves/

Last year when VMware announced their tie up with AWS – vCloud on AWS – many had already started wondering what that partnership would do to VMware’s own cloud offering. The talking point was made more real when VMware also announced their Cross-Cloud Architecture which would allow a customer to choose which cloud platform to deploy their workloads onto – all from a single common operating environment. Then to make things worse, VMware announced VMware Cloud Foundation on IBM Cloud (or what was Softlayer)… an SDDC stack running VMware goodies on IBM Cloud compute!

That triple whammy pretty much made everyone think that vCloud Air’s time was up!!

I had a number of discussions at VMworld Europe last year where we talked about whether VMware would just shut down vCloud Air, or would they migrate it all onto AWS. Although the general consensus was that maybe they would sell off/spin off that part of their business – after all, VMware is a software business and vCloud Air was always seen as a ‘weird’ sibling…. not to mention that it competed against all it’s vCAN (VSPP) partners who were offering their own cloud services built on VMware technology!

I guess there’s no shame in what VMware are doing, Cisco, Dell and HP tried and failed to do what Amazon and Google are doing well at… although surprisingly Microsoft have managed to get Azure up and running well!

In a way, VMware are getting rid of what they probably saw as a hefty investment on infrastructure and hosting for little returns (I doubt there were many customers using vCloud Air to justify the expense of keeping it). Makes more sense to sell it to an existing cloud provider who knows how to sell Public Cloud services and IaaS! Although, I kind of have to wonder what OVH will do given VMware hosted vCloud Air in Equinix/Telstra data centres around the world….. guessing they’ll run down the contract with those providers and bring it all back in house!

In my opinion, selling off vCloud Air is probably a smart move….. VMware’s vision is to enable a customer to run “Any Application on Any Cloud, accessed by Any Device”, and it was going to be difficult to be Cloud-Agnostic if they owned a Public Cloud service! The whole Cross-Cloud Architecture would have produced a conflict of interest if they kept vCloud Air…. now that they’re shot of it, they can concentrate on pushing out their vCloud stack onto Azure and maybe even GCP given that they’re well on their way with the AWS partnership. Why try and beat them at their own game? It’s far easier to embrace them and partner!!

VMware are positioning themselves to be the broker of cloud services…. a single management point that allows end users to decide which public cloud is best for their workloads! In a way it’s a clever move, firstly because it puts the decision-making back with the end user, and secondly it now means that VMware can state that it’s the only virtualisation company that doesn’t tie you into a single cloud vendor (much like how Microsoft tries to ram Azure down the throat of Hyper-V customers).

Interesting times ahead……

VMworld 2016 US – Day 1 General Session Overview

So the replay of yesterdays Day 1 General Session is now online:

The biggest announcement is the tech preview of Cross-Cloud Architecture. This is obviously VMware’s next step in their “Any Cloud, Any Application, Any Device” vision.

According to VMware:
“This architecture extends VMware’s hybrid cloud strategy, enabling customers to run, manage, connect and secure their applications across clouds and devices in a common operating environment. VMware Cross-Cloud Architecture is delivered through VMware Cloud Foundation, a new set of Cross-Cloud Services VMware is developing, and VMware vRealize Cloud Management Platform.”

This new architecture gives customers a set of tools to manage their virtual estate both on-premise and off-premise across multiple clouds – a single pane of glass to manage VMs on the likes of AWS, Azure, Google, as well as vSphere clouds.

Most customers already utilise multiple clouds (unbeknownst to IT) and this new architecture will enable IT to resume control of what is out in the cloud – allowing network and security policies to be applied to workloads being deployed in the cloud. In addition to allowing migration between clouds!

Much like how vSphere ESXi was used to allow you to span multiple server hardware vendors (HP, Dell, IBM), and how NSX allows you to span multiple network hardware vendors (Cisco, Arista, Brocade), VMware Cross-Cloud Services will offer a common platform to overlay your cloud vendors to offer you the ability to deploy your applications across clouds without having to mess around with the underlying cloud services (which are inherently different depending on cloud vendor)!

VMware Cross-Cloud Services will centralize management, operations, networking, security and data management.

Cross-CloudServices

It looks like the common Network & Security piece will be handled by NSX – which will include a forthcoming feature called Distributed Network Encryption (DNE).

The Management and Visibility piece will be SaaS based (a cloud service) and allows you to connect your existing public cloud accounts to ingest those workloads into the management platform, it will then show you cost and utilisation across your clouds and allow you to deploy applications across clouds.

The other major announcement was the new VMware Cloud Foundation offering which basically bundles vSphere, VSAN and NSX into a single, fully integrated, SDDC stack that can be provisioned on premise or be run as a service in the cloud.

To quote VMware:
“VMware Cloud Foundation is a next-generation hyper-converged infrastructure for building private clouds that for the first time combines VMware’s highly scalable hyper-converged software (VMware vSphere and VMware Virtual SAN) with the world’s leading network virtualization platform, NSX. Cloud Foundation provides a consistent multi-cloud IaaS that is simple to deploy, operate, and maintain, and gives applications a consistent, scalable and highly available infrastructure services, regardless of where they run”

“The goal of Cloud Foundation is to be able to provision cloud infrastructure like you provision VMs.”

CloudFoundation

In addition to this announcement was the partnership with IBM Cloud to offer VMware Cloud Foundation as a service.

The key to the Cloud Foundation is the SDDC Manager which will be the tool for IT admins to build and maintain their cloud (making use of a lot automation policies to build the cloud and deploy workloads)

Other announcements include vCloud Availability for vCloud Director, which enables customers to leverage the vCloud Air Network ecosystem (ie VMware Partner cloud solutions) for simple, automated disaster recovery as a service (DRaaS) – much like the offering from vCloud Air DR.

VMware vCloud Air Hybrid Cloud Manager has added several major enhancements, including zero-downtime, bi-directional application migrations in and out of vCloud Air. This includes the migration of NSX security policies, providing simple migration of workloads to vCloud Air with no need for any network or security reconfiguration once the migration completes.

 

It seems that the main takeaway from yesterdays general session was that now it’s time to take back control of your cloud.

NSX 6.2.3 Released – support for vShield Endpoint Management

As most people are aware, VMware pulled their support for vCloud Network & Security (and with that vShield Manager) earlier this year and a lot of my customers have been wondering what’s going to happen to their vShield Endpoint deployments (for agentless AV). It was strange that VMware announced the EoA for vCNS without really announcing it’s successor – although that said, most of us already had an inkling that NSX Manager would probably pick up the management of vShield Endpoint.

NSX 6.2.3 was released in June (as always to limited/no fanfare) and with this release was the announcement that NSX now supports the management of vShield Endpoint (now renamed NSX Guest Introspection). Customers who purchased vSphere with vShield Endpoint (pretty much all versions, Essentials Plus and above) are now able to download NSX Manager from their My VMware portal, under the vSphere product – download site. The license that comes embedded in NSX Manager 6.2.3 includes an unlimited capacity NSX for vShield Endpoint license key. To ensure customers do not use any other unlicensed NSX features (For example VXLAN, DFW, Edge services), the license key will have hard enforcement to prevent NSX host preparation and block Edge creation.

VMware NSX for vSphere provides NSX Guest Introspection, which provides all features of vShield Endpoint and support for additional service categories like vulnerability management, IDS/IPS using the in-guest thin agent.

vCloud Networking and Security Manager version 5.5 is supported until September 2016 after which customers will need to upgrade to NSX Manager in order to continue with vShield Endpoint support (Technical Guidance will still be available for vCNS till March 2017).

More information on the procedures for upgrading from vCNS 5.5.x to NSX 6.2.x can be found here: http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.upgrade.doc/GUID-D2CDB014-39D8-48CC-9733-981308249F52.html or at this VMware KB: https://kb.vmware.com/kb/2144620

The process of upgrading can be summarised as follows:

  1. Upgrade vShield Manager to NSX Manager.
  2. Deploy NSX Controller cluster (update Transport Zones and Logical Switches).
  3. Install the new VIBs on ESXi hosts in the cluster (virtual wires are renamed as logical switches).
  4. Upgrade vShield App to NSX Distributed Firewall – configuration is migrated across.
  5. Upgrade vShield Edge devices to NSX Edge devices – configuration is migrated across.
  6. Upgrade vShield Endpoint to NSX Guest Introspection

Note that for upgrade to work, each function must be on version 5.5.

NSX 6.2.3 Release Notes: http://pubs.vmware.com/Release_Notes/en/nsx/6.2.3/releasenotes_nsx_vsphere_623.html

Installing vShield Endpoint (vCNS Mgr 5.5.4-3)

Very quick blog entry as I’m busy tying up loose ends before jetting off on my summer hols….

It’s pretty easy to install vShield Endpoint as it’s a wizard-based OVA deployment. I’m not going to step through the process as it’s very simple (plus the install guide explains it very well). Once that’s done log into the console and run ‘setup’ to configure the IP address and DNS information.

After that, it’s a case of logging into vShield Manager and connecting to vCenter Server.

Once connected to the vCenter, you should see your datacenter and hosts in a hierarchical tree on the left menu. Select each host and installed vShield Endpoint.

vShield Installation guide: http://www.vmware.com/pdf/vshield_55_install.pdf

However, I did encounter a few issues (due to prior deployments which hadn’t been cleaned up properly).

Error 1: VMKernel Portgroup present on incorrect vSwitchvcns1
This occurred because the hosts had a previous vSwitch labelled vmservice-vswitch, but the VMkernel port vmservice-vmknic-pg resided on a different vSwitch (previous deployment). To correct this I had to delete the old VMkernel port and recreate it on the correct vmservice-vswitch.

Error 2: VirtualMachine Portgroup present on incorrect vSwitch

vcns2Again this was due to a mis-configuration on a previous deployment! What should happen is once you’ve setup the vmservice-vswitch and created the vmservice-vmknic-pg portgroup and VMkernel port, the installer will create a new portgroup on that vSwitch called vmservice-vshield-pg. Like before, this was residing on the wrong vSwitch.

In the end I just deleted the wrong vSwitch and started again by creating the vmservice-vswitch and the vmservice-vmknic-pg. After that the installation of vShield Endpoint went swimmingly!

vcns3

Which goes to show that cleaning up an old deployment within your demo environment can sometimes be very handy! =)

 

Improvements to vCloud Air Disaster Recovery as a Service (DRaaS)

When DRaaS was launched by VMware the backend of last year, everyone was pretty excited about the ability to ‘get rid’ off their secondary/DR site and offload it all into the cloud – A subscription based DR solution which would allow customers to decrease their Capex and offset it with an Opex model.

It kind of boils down to the old accounting argument regarding whether Capex or Opex is a better spending model for IT Infrastructure. Now I’m not an accountant, nor am I pretending to understand the ins-and-outs of tax-deductible benefits, but from my understanding an Opex model is more tax efficient – especially on the P&L balance sheet. (Obviously correct me if I’m wrong!)

Usually a Capex model means:

  1. You require a large amount of cash outlay to purchase all the goods
  2. You have to make an ‘educated’ guess to estimate future capacity needs
  3. Once you’ve purchased the goods, you’re pretty much stuck with it, despite advancements in technology of company growth

However, some CFOs still think that Opex is more expensive as they only consider the cost of the physical server required for the applications.
Whenever you have to do any sort of capex/opex comparison, you have to take the direct costs such as power, cooling, floor space, storage and IT resources to manage the physical hardware.
Plus then there’s all the indirect costs – network and storage, procurement and accounting costs, transportation/logistics, etc. Once all these other costs that accompany the physical tin are considered, it becomes a different argument!

Anyways, I digress…..

So When VMware launched vCloud Air DR, I thought it would become a viable solution for customers looking to get rid of their DR site….. but upon closer inspection there were some flaws in the solution – namely trying to automate your DR (like SRM) and the process of failback once your primary site comes back online (the vCloud Connector process was clunky and required VMs to be powered off before a full data copy occurs back to the primary site – not a viable solution as who would switch off their VMs in order to copy them back over? And we’re talking hours offline if you’re copying a 100GB VM over a 100Mb link!!).

Quick overview of the benefits:

  • RPO configured on individual VMs from 15mins to 24hrs.
  • DR protection is per VM (allowing individual VMs to be failed over)
  • Secure asynchronous replication of VMs (using vSphere replication)
  • Self-service DR testing of VMs (up to 2 tests per 12mth period with a 7 day testing period)
  • Guaranteed resource availability (especially during DR failover)
  • Monitoring and management via Web Client
  • Integrates seamlessly with vSphere environments
  • VMs can run for up to 30 days in a failover scenario without incurring additional costs
  • Ability to transition out of the DRaaS into vCloud Air Private or Dedicated Cloud
  • SLA of 4hrs or less

DRaaS

I’m happy to say that the current release now offers Native Failback using vSphere Replication to reverse the replication from vCloud Air DR into your on-premise environment. Unlike vCloud Connector, this does not require the VMs to be powered off during the reverse replication. It can also be managed from your Web Client – similar to how you originally setup the replication process to vCloud Air.

In addition to this, VMware are now offering Multiple Point-in-Time Recovery using the ability of vSphere replication to retain multiple recovery points, up to a total of 24! Great if you need to recover to an earlier point in time if the latest replication set is corrupt or the VM experiences errors.

Finally, Automation is now possible with full integration with vRealize Orchestrator via a plug-in. This will allow you to create multiple VM recovery plans and automate the failover process – similar to what SRM can do.

For more information about the new version of vCloud Air DR, head along to VMware’s blog announcement: What’s new with vCloud Air DR?

For more information about the vCloud Air offerings, point your browsers here: vCloud Air

vCloud Air Tutorials

Want to know more about the VMware vCloud Air services? Well pop along to the tutorial page in the vCloud portal! =)

http://vcloud.vmware.com/uk/using-vcloud-air/tutorials

Excellent material for how to use the vCloud Air services, how to setup and deploy VMs if you purchase a Dedicated or Virtual Private Cloud….. and most importantly how the vCloud Air Disaster Recovery works (which was what I was after).

We’ve had a huge number of customers interested in DRaaS and vCloud Air DR seems a very viable solution!

VMworld 2013 Europe – Day 1 Round Up

So those of you who read my VMworld 2013 US round up will already have read about all the juicy bits that was announced in San Fran….. basically vSphere/vCloud 5.5…..

The keynote session by Pat Gelsinger pretty much repeated a lot of what was announced in the US, with a little bit of juicy extras (see below)…… Pat did a good job engaging the audience, the dialogue flowed and it certainly kept my attention on what was being announced!
I don’t know why, but I tend to find some of the speakers from the US more interesting than those from the UK….. Not sure if it’s the accent or the way they’re more animated, or maybe it’s the way they deliver their presentations…..? Anyways, if you’re a speaker and you find me falling asleep – it’s because you’re not interesting….. ;oP
IMG_0001

First up was the announcement of VMware’s acquisition of Desktone!
IMG_0009
I first read about Desktone after VMworld US as there were a lot of discussions regarding vCHS and possible Desktop-as-a-Service (DaaS) offerings… rumours were awash about Desktone being a ‘good fit’ for VMware…… guess those rumours turned out to be true!

One of the key points about the Desktone acquisition is that it brings the added advantage for on-premise VDI customers to burst out into the cloud (like a vCHS provider) if they suddenly require the need to spin up more desktops then they have resources for. From what I could gather speaking to the people at the Desktone booth, they have a piece of software, very similar to vCloud connector, that manages the connection of on-premise and off-premise VDIs, including the ability to transfer between the two….. interesting!
And obviously to bean-counters, the idea of DaaS gives them the opportunity to move all the outlay from CAPEX into a more “easy-to-budget” OPEX…. afterall, you’ll know how much it would cost to spin up and consume a desktop in the cloud. It would also save time and money because it allows remote users to spin up desktops on any device (tablet, laptop, smartphone, thin clients, etc).
IMG_0011

The next main announcement was that vCloud Hybrid Service was coming to Europe, with Sungard being the first vCHS provider. (No photo here because some bozo in front of me decided to stand up and block my shot).

Whilst we’re talking about Cloud, updates to some products were also announced to enhance Cloud Management: vCAC 6.0, vCOPs 5.8, vCenter Log Insight 1.5 and vITBM.

Next up was the announcement of the General Availability of VMware NSX!
Network has always been an issue with virtualisation, you spin up a VM in minutes yet always have to rely on some sort of configuration to be carried out on your physical network device….. NSX was launched to bring the Network layer into the virtualisation stack as a ‘Software Defined’ device.
Think of it as a Network Hypervisor….. what ESX did for Compute, NSX will do for Networks! NSX abstracts network operations and configurations from they underlying hardware into a distributed virtualisation layer. It will allow you to define switches, firewalls, loadbalancers, routers, plus other networking elements.
It’s vendor-agnostic…. supporting most hypervisors and physical network devices.
An interesting slide (and one I didn’t get a photo of) was the ability to define network policies that had the switch configuration, the firewall configuration and other network elements and then just simply ‘assign’ it to a VM…. bobs your uncle, your VM is now fully configured!
IMG_0026

The slides below were from a technical breakout session that introduced NSX and delved into it a bit more then what was presented at the keynote session…. This slide shows the various components of NSX:
IMG_0028

We then saw a list of partners that had already been engaged by VMware to work on integrating products with NSX.
IMG_0038  

What’s very interesting from the partner slides we saw was that Cisco was missing as a partner!! It’s quite obvious that the relationship between Cisco and VMware have gone off the boil again…… and I’ve heard a rumour that Cisco maybe announcing something big in the SDN arena sometime soon!

The last thing I’m going to talk about was the announcement of the GA of vDP 5.5 Advanced (vDP 5.5 std was announced at VMworld US).
The key items to note about this product is that it now integrates with both EMC Data Domain and EMC Avamar!
IMG_0047

The integration with Data Domain allows you to use VDP as the front-end scheduler and back off to a Data Domain as the target. VDP will store all the Meta-data whilst DD stores all the backup data. This will be great as you’ll be backing off all your data onto a DD which means you will get global dedupe as your data is all in one location!
IMG_0048

The following slide was very interesting as it shows you what targets you can use to replicate your vDP to:
IMG_0052

Finally the last take-away point from the vDP advanced announcement was the fact that it will allow you to consider Backup-as-a-Service by replicating your backup from the vDP appliance to a service provider who may be running something like Avamar!IMG_0053

So hopefully that has rounded up the key points that I got out of Day 1’s general session and announcements!

To be honest, there’s probably a lot more I could waffle on about, but given it’s now 2am and I’ve had a very long day followed by a stint at the EMC party… I’m quite mentally exhausted!

I doubt there’ll be much for me to blog about for the remaining 2 days as I’ve gone over the key announcements in this post… and if I’m honest, the technical sessions I’ve booked myself onto are more for me to enhance my knowledge of existing products and solutions.

Time for bed……!

VMware vSphere 5.5 launched

Typical Sod’s law…..
I’ve been eagerly waiting to get my hands on vSphere 5.5 ever since VMworld 2013 US – unfortunately I’m not one of the lucky ones who had Beta access or pre-launch access (like some of the more renown VMware bloggers) – and the week that I decide to head off on holiday to Northern Cyprus, VMware decide to release everything 5.5!!
Dammit……

I could say that I was having sleepless nights dreaming about installing all the goodness of the newly released products, but that would be lying…… instead I was enjoying the Sun, Sea and Sand! =)
Image

I’ve already written about what was announced in VMworld 2013 and the new features in vSphere/vCloud 5.5, so won’t repeat myself….. have a look here if you missed that post:
https://thevirtualunknown.wordpress.com/2013/08/30/vmworld-2013-us-ends-so-heres-my-round-up/

Rather than regurgitate everything about vSphere 5.5 that every-man-and-his-blog has already done (whilst I was in Cyprus catching the sun), there’s a good blog by VMware which practically groups all the ‘need to know’ stuff in one handy webpage that I definitely recommend you bookmarking!

http://blogs.vmware.com/kb/2013/09/vsphere-5-5-is-here-kbs-you-need-to-know-about.html

So as I complete this blog, I’m glad to say that all the new products have finished downloading….. let the fun begin! =)

I’ll leave you with one of my underwater pictures, goes to show there’s still plenty of fish in the sea! <groan>Image

Retaining Resource Pools using Webclient

So a few days ago I posted up an article about what happens if you disable DRS in a vCD environment…..

Well I stumbled across this article in VMware’s knowledgebase:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032893

“Great”…… I thought….. “I can use the snapshot functionality within Webclient to capture the resource pools!”……the only problem is, upon deeper digging I stumbled across a blog entry by Frank Denneman:
http://frankdenneman.nl/2013/04/08/saving-a-resource-pool-structure-web-client-feature-not-suitable-for-vcd-environments/

Turns out that VMware knowledgebase article is great for standard vSphere environments, but it won’t work with vCloud environments….. >_<”
And this is all down to the old MoRef IDs I mentioned in my previous article about using SRM to protect your vCloud!
https://thevirtualunknown.wordpress.com/2013/07/02/protecting-your-cloud-vcloud-srm/

Unfortunately it seems that the ‘RP snapshot’ feature just captures the old tree structure of your resource pools and rebuilds a new tree structure, it doesn’t capture the old MoRef IDs which are so important as they are used to correlate objects between vCD and the underlying vSphere/vCenter layer… change the MoRef IDs and vCD won’t recognise the object as it won’t exist in the vCD DB.

Man…. VMware really need to sort out this MoRef issue! ;oP

Protecting your Cloud (vCloud & SRM)

So one of the BIG problems at the moment is that SRM does not fully support protecting your vCloud environment.
http://www.vmware.com/support/srm/srm-releasenotes-5-1-1.html#caveats

It supports protecting your management cluster (so the vCenter servers, vCD cells, vCNS manager, vCM, DBs, etc), but it doesn’t yet protect your resource cluster….. so all those VMs you’ve deployed in your organisations under vCD – well they’re not protected by SRM!

Definitely NOT COOL if your primary site goes tits up!!

From what I can gather, this is mainly due to the way SRM work….. When you setup SRM for DR, you have to ‘pre-create’ resources at the recovery site in order to map the resources from the protected site to them (stuff like resource pools, folders, network, placeholder VMs). Unfortunately vCD likes to have full control of a resource cluster and manages all the resource itself – this basically means that the vCD cells are not aware of the objects that have been created in the recovery site for SRM. It doesn’t matter if the names are the same, what matters is the Management object Reference IDs (MoRef ID) have changed and this is what vCD uses to construct its environment…..

MoRef IDs are used to correlate objects between vCD and the underlying vSphere/vCenter layer. Any changes to these identifiers will result in the loss of functionality because vCD will not be able to manage these objects as it will not be aware of them (ie the MoRef IDs will not exist inside the vCD DB).
The use of SRM would result in a change of the MoRef ID on the vCenter Server layer, resulting in an incorrect reference in the vCD database – and so leaving the object (eg. a VM) unmanageable from a vCD perspective. I believe SRM also re-signatures the storage volumes which will also confuse vCD.

About a year ago Chris Colotti and Duncan Epping wrote an article on how vCloud DR could be achieved, this involved the clever idea of putting the resource ESXi hosts at the recovery site into the same resource cluster as the resource ESXi hosts at the protected site (but in maintenance mode as obviously it won’t see the storage located at the protected site so can’t be used by vCD). Then using vSphere HA to take the ESXi hosts out of maintenance mode to handle the recovered workloads…. However, this solution did involved manual intervention to fail over the vCD resources correctly:
http://www.yellow-bricks.com/2012/02/13/vcloud-director-infrastructure-resiliency-solution/
http://www.vmware.com/files/pdf/techpaper/vcloud-director-infrastructure-resiliency.pdf

Earlier this year, another white paper was released which described how the majority of this manual process (ie the VMware bits) could be automated using PowerCLI:
http://www.vmware.com/files/pdf/techpaper/VMware-vCloud-Directore-Infrastructure-resiliency-whitepaper.pdf

However, what’s missing is the automation of the whole storage piece – breaking the replication and making the volumes read/write….. but then I guess this is really more storage-vendor dependent! =)
I guess if the storage vendor has exposed the array to VMware using VASA then it could be possible to script the storage steps as well….! =)

Anyways, it’s been an interesting read…… and definitely a problem I see VMware sorting out for the next release of SRM!

Given how powerful PowerCLI is, I really need to find some time to learn how to use it!!