Horizon Cloud on Azure – GA

Interesting tie up between VMware and Microsoft…. is this the beginning of a new relationship? Have Microsoft woken up (post-VMworld) to the awesome VMware Cloud on AWS and realised they also want in on the party? (although if i’m honest this partnership has been bubbling in the background for a while now).

Anyways, after a round of beta testing in the US, Horizon Cloud has now gone GA on Azure: https://blogs.vmware.com/euc/2017/10/vmware-horizon-cloud-on-microsoft-azure-now-available.html

When Horizon Cloud was launched earlier this year, the concept of enabling end-user organisations the ability to deploy feature-rich VDIs and applications across multiple deployment options was very promising. From a single management console, end users are able to deploy virtual desktops onto on-premise infrastructure, to the Cloud, or a hybrid combination of both. TBH, some of this concept was already available in Horizon Air (which came out of the Desktone acquisition), but this is an evolution of that product.

Horizon Cloud is a cross-cloud architecture for VDI – much like how Cloud Foundation is for SDDC – however, in the case of Horizon Cloud, the Portal which acts as the control/management plane resides solely in the cloud (you get a choice with Cloud Foundation’s SDDC Manager), administrators log into this portal to deploy and manage their VDI sessions – whether on prem or cloud.

3 offerings currently:

  1. Horizon Cloud Hosted – so VDI infrastructure provided by VMware (IBM Cloud is currently the only provider), where you just choose the type of desktop and apps to deploy via the portal – DaaS. Infrastructure management/maintenance/SLAs are fully undertaken by VMware.
  2. Horizon Cloud On-Premise – based on HCI technology and acts like a stepping stone to Cloud VDI. VDI stored locally on prem, but management is all from the Cloud, perfect for data-residency issues, for end-users who require high performance VDI, and for IT admins who wish to have greater control over their VDI infrastructure.
  3. Horizon Cloud on Microsoft Azure – delivering RDS VDI and apps hosted in Azure datacentres. Connecting a customers Azure IaaS subscription to Horizon Cloud. So VMware manages the VDI aspects and Microsoft the underlying infrastructure. Also worth noting that currently only Azure deployments support vGPU-accelerated infrastructure.

Whatever the deployment option, customers will get a VDI infrastructure that’s easily scalable (whether cloud or on-prem) and easy to deploy. The best part is you get the flexibility of subscription based pricing.

With Horizon Cloud on Azure, you can import gold images from Azure marketplace which will then be configured and deployed for Horizon.

One key element of the Horizon Cloud technology is justin-time (JIT) provisioning of virtual desktops and applications. Using the configurations made in the cloud-control
plane, Horizon Cloud leverages VMware App Volumes, User Environment Manager, and VMware Instant Clone technologies to assemble personalised virtual desktop and application environments when an end user logs in, giving IT administrators high flexibility in leveraging the infrastructure.

I like the idea that if I have a persistent VDI deployed in Horizon Cloud, then I can access that VDI or hosted apps whether I’m in the office or on the move (as long as there is data connectivity). I can start writing a document in the office, then leave it open mid-sentence as I leave the office, or jump on a train – I can even power off my endpoint device – then I can re-establish the session and carry on without any interruption… an Always On desktop!

I also like the idea that with Azure, I could deploy a VDI session to the datacentre in the UK, then as I jump on a flight to the US I can re-deploy that VDI session to an Azure datacentre in the US. Although, I’m not quite sure you can migrate live VDI sessions between datacentres yet – I haven’t seen any articles that say you can live-migrate VDIs (but one would think this would be the ideal end-goal).

 

Hopefully this new VMware-Microsoft partnership will lead onto Microsoft accepting to run Cloud Foundation on Azure (VMware Cloud on Azure) which will then give end users the freedom to move their workloads from on prem to either AWS or Azure!! Almost Cross-Cloud (just need GCP to step up).

Advertisements

VMworld 2017 Europe Wrap Up….

So this blog post has been a bit late coming, mainly due to me coming back from Barcelona with a heavy chest infection and cold… and when you’re sick, you tend to procrastinate alot… =)
Looks like all the excessive late nights, early morning starts, long days, freezing cold breakout rooms (was anyone else cold??) and lack of sleep really took it’s toll on me…. not to mention having to entertain all the customers MTI took out to VMworld this year! Such a hard life I live…. =)

We had a mad 1st day as Monday 11th Sept was Catalonia day and a huge demonstration was planned with demonstrators forming a large X along Carrer de Arago and Passeig de Gracia! The big problem was our hotel was smack bang in the middle of the intersection of the X…. nightmare getting to the hotel, our taxi dropped us off 2km away as there was a huge cordon around the demonstration! What an experience!

It’s a bit strange to be in Barcelona in September when it’s still warm outside… we had some really lovely sunny days…. but to be honest I think the weather was lost on most VMworld attendees as we were all too busy running around the conference centre trying to squeeze in lunch, trips to the solution exchange and all our breakout sessions!

As usual, the layout of the conference centre was annoying…. breakout sessions in hall 8 are miles away from where the solution exchange and VMVillage/Hangspace/HOLs are! I was clocking over 15000 steps a day just walking back and forth between hall 6, 7 and 8! This year they moved Registration over to hall 6 rather than have it by hall 8… totally confusing every VMworld Europe Alumni! =)

I wonder why they don’t use Hall 5 for breakout sessions? I guess maybe it’s because Hall 8 is the only hall that can be split into several rooms??

One thing I did like was the “Expert Bar” where attendees were able to have roundtable sessions with some VMware experts… it was very well laid out, much better than previous years!

This year was the 10th VMworld being held in Europe and we were told during the 1st day general session by Pat Gelsinger that it was the biggest VMworld yet – over 11,000 people attending. This may explain why the conference was laid out as it was…. the solution exchange definitely looked a lot bigger!

Before I go into my wrap up, I have to give a shout out to the new VMTN community programs and especially to Katie Bradley (VMTN Community Manager) and Elsa Mayer, (VMware Blog Program Manager)…. they were kind enough to pass me my VMware vSphere vExpert goodie bag and also explain about the new BlogBeats Program and help me register my blog on the VMTN community! I actually think this is a great initiative for the VMware community, it will also help drive traffic to bloggers who might be a bit on the lazy side (ie…. me!)…. keep up the good work ladies!! =)

It was also nice (if a bit awkward at times) to be recognised as a blogger by a number of attendees as well as vendors within the Solution Exchange… first time that’s happened to me since I started blogging! It’s a shame I was unable to make it to the vExpert party, unfortunately I had too much happening on Tuesday, what with my company sponsoring the Trend Micro Party… Hopefully next year – although maybe there should be more vExpert gatherings organised for UK/London!

20170911_132724.jpg

The Wrap Up

I’m not really going to say much about the General Sessions, mainly because as per usual it was a repeat of the US ones but with a little European twist to it (see my 2 previous blogs on the US General Sessions)…. Pat did mention the dreadful “GDPR” word and that companies can’t just rely on technology to make them GDPR compliant!
GDPR is one beast of a legal mandate…. nearly every customer I’ve spoken to has heard of GDPR but don’t know what it means! I’m not going to pretend I know everything about GDPR… to be honest I typically just refer people to my colleague – Andy Tang – who’s a GDPR Practitioner! =)
Anyways, VMware Radius has a decent article that talks about GDPR and Addressing Data Security Gaps with VMware…. go have a read!

The whole VR demo looked really cool…. imagine being able to manage your VMware datacentre via VR… picking up workloads and throwing them into different hosts or even into the cloud!! Anyways, it looks like Pat was having fun – and to think the hackathon guys built it in a matter of days… impressive!
It’s amazing what some of the community gets up to… like writing API calls to integrate Amazon’s Alexa with vCenter – William Lam and Cody De Arkland have some great blog articles and demos available (Cody even did a recent vBrownBag podcast on it)!

There was a few new announcements though… An improved Cloud Provider Program was announced to help VMware Cloud Provider partners expand their service offerings, enable simplistic workload migration, more efficient operations and improved automation. Of the 3 announcements, VMware HCX looked the most promising…. in summary:

  1. VMware HCX (more about that in a moment)
  2. New VMware Cloud Provider Platform – allowing partners to rapidly deploy and scale up their cloud infrastructure. It’s a complete stack of VMware’s cloud infrastructure products, including certified reference designs. All built around vSphere, vCloud Director and NSX.
  3. VMware Cloud Verified Partner – this is a new ‘trustmark’ which shows that a cloud provider partner has made a significant investment in VMware cloud infrastructure and offers their own ‘value-add’ services that differentiates them from the rest of the crowd. TBH, at the moment only the really big Cloud players have been given this seal of approval from VMware – CenturyLink, Fujitsu, IBM Cloud, OVH and Rackspace. It will be interesting to see whether smaller cloud providers will gain this new trustmark.

VMware HCX looks like a promising piece of tech…. An integrated solution that helps customers to migrate workloads to the cloud – allowing seamless portability of applications and data between different versions of ESXi, whether on premise or between Clouds (as long as they run VMware)!
Customers have been telling VMware that it’s not just about building the infrastructure, but more importantly how  they can gain increased application mobility across multiple clouds. Businesses frequently struggle with the complexity of migrating old workloads, such as old versions of ESXi, to modern environments, be they internal or cloud-based – and this the problem that HCX is going to help solve. It’s like Cross-vCenter vMotion on Steroids, using the network overlay (NSX) to help connect on-premise, old environments to modern environments or to cloud!

At the moment only IBM Cloud and OVH have access to HCX, but I’m sure VMware will end up rolling it out to the rest of their VMware cloud partners!

TBH, I’m still waiting for the announcement of some super-duper CMP solution from VMware that will let me migrate my workloads between AWS, Azure, GCP or my on-prem datacentre… seamlessly…. now that would truly be “Cross-Cloud”…. I guess we’re still a few years away from such a cloud-agnostic solution!

 

The only other announcement was a new version of the vRealize Suite – vRealize Suite 2017. The new version of VMware’s CMP offers a more comprehensive platform to manage hybrid clouds… nothing excitingly new, just some minor updates to speed up deployment and lifecycle management of workloads. vRA gets support for Admiral – VMware’s Container management platform.

 

I’m not going to breakdown all the sessions I attended, as previous years I got a slight slap on the wrist for posting up photos of slides which had “confidential” marked all over them… oops…. Plus so many key sessions are now available for playback on the VMworld website or via the Content Catalog: https://www.vmworld.com/en/europe/video/vmworld-on-demand.html
There’s even a load of videos on the VMworld TV youtube channel:
https://www.youtube.com/user/VMworldTV

 

The other obvious highlight from VMworld was winning the Mobile App Game and getting the opportunity to go backstage to meet and greet the Kaiser Chiefs… =)

It’s funny, but all the people who went back stage due to either winning the VMUG competition or the VMware Inclusion draw were all from the UK… How ironic!

TBH, I’m not a big Kaiser Chiefs fan…. but my colleague Andy was, so I brought him along as my plus one…. surprisingly they’re quite down-to-earth guys!

2.png

I do have to admit that this year’s VMworld party was one of the better ones I’ve been to (on par with 2015s party band – Fearless)… it was far busier and people actually stayed around and watched the performance… and many enjoyed it too!!

20170913_204234.jpg20170913_211544.jpg

 

So to conclude…. it was another great VMworld…. the customers we took out all enjoyed themselves and learnt loads, and whilst the geek inside of me was hoping for more announcements I was satisfied with what I got out of the conference.

There’s a clear message coming out of VMware now, Hybrid Cloud is mainstream… it’s now possible to migrate workloads easily between clouds… containers are how the next generation of applications will be deployed (Cloud Native Apps/PKS)… It seems that the vision VMware started 2 years ago of “Any Device, Any Application, Any Cloud” is finally coming into fruition (albeit limited to just VMware or AWS Cloud at the moment).

Roll on VMworld 2018… with Europe back in Fira Grand Via Barcelona, but this time on the 5th-8th November 2018 (I’m told the date was moved due to a change in VMware’s financial year end). VMworld 2018 US will again be in Las Vegas on the 26th-30th August 2018.

VMworld 2017 US General Session Day 2

….. This update is a bit late going up because Tuesday evenings is 5-a-side footie for me…. =)

So what was the General Session on Day 2 all about… well it kicked off with a fireside chat between Pat Gelsinger and Michael Dell, answering a few questions that were submitted the previous evening from attendees. In my opinion there wasn’t any major revelations or probing questions asked/answered, what we do know is that Michael Dell likes Peanut Butter & Chocolate… =P

It’s interesting that Dell thinks that we’re in for some exciting times with AI and machine learning…. although he didn’t quite pin his flag like Zuckerberg and Musk recently… =)
The amount of data created from IoT is stupendous, and the possibilities of using that data are endless – however, companies need to start thinking about how to use the vast amounts of data they have to try and improve processes, products and services – if they don’t then they could be left behind (Just like Elastic Sky Pizza were)!

However, one of the more memorable quotes from Pat was that “Today is the slowest day of technological evolution of the rest of your life!” Great quote, and how true it is…. In IT we live in an ever-changing world!

One thing I did pick up on was VMware Skyline – a new and innovative support technology which will offer pro-active support for VMware solutions. It will consist of a Collector appliance that end-users deploy, it then sits there securely collecting environmental-data from different VMware components (such as configuration, performance, and product usage) whilst performing machine-learning analytics to ensure the overall solution functions correctly. If it detects any changes, events or patterns that will cause a deviation from best practices or validate designs then it will alert the customer. Skyline is aimed at improving support experience through data analytics.

Both Pat and Dell were then joined on stage by Rob Mee (CEO of Pivotal) – it was really interesting to hear that Pivotal Cloud Foundry was being used in over 50% of the Fortune 500 – I wonder what the percentage is in the UK FTSE? Pivotal has be “pivotal” (excuse the pun) in helping enterprises and their digital transformation – how to run legacy production workloads alongside developing new cloud-native applications, yet still providing the availability and security whilst also reducing cost! Pivotal Cloud Foundry addresses all these issues.

The biggest announcement of the day was the unveiling of Pivotal Container Services (PKS) – a partnership between VMware, Pivotal and Google Cloud. Pivotal has been working with Google for a while – Project Kubo – and now with the partnership with VMware, PKS will enable enterprises to deliver production-ready Kubernetes on VMware vSphere and Google Cloud Platform (GCP), with compatibility to Google Container Engine (GKE) – all secured by – yup you guessed it – NSX. Pat went on to say that they’re not stopping there and will start to integrate other VMware products such as vRealize Automation and Operations, along with Wavefront (who VMware acquired in May – it’s a “real-time metrics monitoring and streaming analytics platform designed for developers to optimize their clouds and modern applications that rely on containers and microservices”)

PKS-Image

Pat, Dell and Rob were joined on stage by Google’s Sam Ramji (VP of Product Management – Developer Platforms). It’s interesting how Google are pouring in vast amounts of their knowledge on containers into Kubernetes – a way of giving back to the community! Sam also announced that Pivotal and VMware were to become as Platinum Members of the Cloud Native Computing Foundation – home of Kubernetes.

The rest of the General Session involved a fictitious company called “Elastic Sky Pizza” which was stuck in the past and needed assistance in transforming their business. Loads of demos and presentations showing how VMware’s suite of Cloud products work – including PKS, AppDefense, NSX, Pulse IoT (Edge LIOTA).

 

PKS looks amazing, but I do still think that containers is an enterprise play – which kind of goes against one of the questions during the fireside chat about looking after the SMB market… this is probably going to be priced above what SMBs can afford!

VMworld 2017 US General Session Day 1

If like me, you’re stuck in a sweltering London enjoying the bank holiday and watching the Game of Thrones season 7 finale, you may have forgotten that over in Vegas the city is just getting over the big fight of Mayweather vs McGregor and is now inundated with people looking to attend VMworld 2017 US.

It’s great that VMware live stream their keynotes, as it gives everyone an opportunity to hear first hand what VMworld will be about this year and also what is being announced!

And it’s of no surprise that VMware have continued to strengthen their vision on “Any Device, Any Application, Any Cloud” with the keynote by Pat Gelsinger. Whilst heterogeneous is a great thing that leads to the consumerisation of IT, it plays havoc with IT admins who’s key focus is to contain and secure a company’s data – and it’s worth noting how much emphasis is being placed on security within VMware – NSX is intrinsic to every solution that was mentioned during the keynote!

Vision

The first thing that was covered was how the digital transformation is affecting end users – the goal for any company is to ensure that their employees are well connected, yet the challenge is a complex one when you realise how many different technologies an end user has access to – smartphones, tablets, laptops – even smartwatches and cars now! So how do you deliver an unified workspace securely across multiple technologies?

Simple – Workspace ONE – piecing it all together to give companies a “consumer simple but enterprise secure” solution. Delivered in 3 areas:

  1. Apps and Identity – applications with a consistent feel across multiple devices. Secured by a common identity framework with a simple Single Sign-on experience.
  2. Management and Security – IT in control, delivering consistent management & security. Drastically improving  tasks that were previously costly, time consuming, and resource intensive, whilst still in control of data by combining identity and device management to enforce Data Security and Endpoint Compliance.
  3. Desktop and Mobile – Device Management and Compliance provided by AirWatch Unified Endpoint Management, protecting sensitive data as well as conditional access to how that data can be consumed by end-users.

workspaceone

Next Pat went on to explain that virtualisation has led to end-users deploying a private cloud within their own data centres, yet making such a transition is not an easy step – deployment isn’t straight forward, lifecycle management and day 2 operations isn’t always easy, and trying to secure different technologies of a private cloud is painful!

VMware’s goal is to “make Private Cloud Easy and that’s where Cloud Foundation comes along – a fully integrated SDDC stack that ‘just works’…. simple… agile… secure! version 2.2 was announced and is now GA.

Pat was then joined by Andy Jassy, CEO of AWS, to announce the General Availability of VMware Cloud on AWS. Announced as a tech preview at last years VMworld, it should be noted that it’s currently only available today in the US West Coast region Availability Zone, it will then be rolled out across the East Coast AZ before rolling out to the rest of the AWS global AZs by the end of 2018. So I guess we’re going to expect it in the UK late 2017/early 2018!

VMware Cloud on AWS allows you to seamlessly take a workload running on vSphere in your data centre and migrate it to AWS Public Cloud running a VMware stack – using the same tools (vCenter Server) to manage both your private and your public cloud workloads from a single pane of glass! A consistent feel no matter where your workload resides. What Andy Jassy said was correct – in the past customers hated the fact that if they wanted to consume public cloud, there was no easy way of migrating workloads across without some form of translation occurring. It was also painful and costly to manage as you couldn’t use a single tool to manage both private and public cloud.

VMware’s Cloud Strategy is as follows:

cloud

The first 7 VMware Cloud Services were announced as available for consumption.

VMware Cloud Services

NSX Cloud is an interesting service that addresses networking and security operational challenges inherent with using multiple public clouds. Unfortunately at launch it’s only available on AWS to protect EC2 workloads (ie native AWS workloads – not vSphere workloads which is what VMware Cloud on AWS gives). It differs from on-premise NSX as it is delivered as a service and managed by VMware.

As I previously said, NSX is a key foundation to every solution at VMware currently:

nsx

Security is hugely important… and Pat breaks it down into 3 components:

  1. the need to build it into the infrastructure
  2. the need to integrate with the current security vendor ecosystem
  3. the need to ensure good cyber hygiene and ensure security policies are in place. The 5 pillars of Cyber Hygiene are:
    • Least Privilege
    • Micro-segmentation
    • Encryption
    • Multi-factor authentication
    • Patching

Two years ago, VMware first began talking about the concept of the “Goldilocks Zone” where the hypervisor sits at the ideal location in the network to improve security. During the keynote VMware announced a new product named AppDefense which looks to be the fruition of Project Goldilocks.

AppDefense allows a virtual machine to learn its manifest and understand what is a good and secure process, it’s then able to determine whether the runtime behaviour of a VM or application deviates from its intended state. Finally it’s able to trigger an automated/orchestrated response to remediate or quarantine any detected anomalies.

appdefense

 

Strange that searching the VMworld Europe Content Catalog for AppDefense doesn’t bring up any sessions…. which is a shame as I was hoping to schedule a session after hearing the keynote and reading about it.

Roll on Day 2….

 

Goodbye vCenter Server for Windows and Flash-based vSphere web client!

Hmm…. it’s not even VMworld yet and VMware decide to make 2 big-ish announcements.

Although tbh, since vSphere 6.5 was released these 2 announcements have long been coming!

Finally, after loads of speculation, VMware had announced that vCenter Server for Windows and the Flash-based vSphere web client is to be deprecated with the launch of the next version of vSphere. Updates to 6.5 will continue supporting the 2 features, but come vSphere 7.0 it will be no more….

https://blogs.vmware.com/vsphere/2017/08/farewell-vcenter-server-windows.html

 

“vCSA-exclusive capabilities such as file-based backup and restore, unified update and patching, native vCenter High Availability, and a significant performance advantage mean that the VCSA has become the platform of choice for vCenter Server.  Additionally, due to the integrated nature of appliance packaging, VMware is able to both better optimize and innovate vCenter Server at an accelerated pace.  Finally, with the VCSA, VMware can provide support for the entire vCenter Server stack including the vCenter Server application, the underlying operating system (Photon OS), and the database (vPostgres). By doing so, VMware can ensure that customers can focus on what matters most while having a single source for updates, security patches, and support.  The VCSA model is simply a better model for vCenter Server deployment and lifecycle management.”

That pretty much sums up why VMware are 100% behind the vCSA, although they miss out the whole “screw you Microsoft licensing!!” part! Plus given that 6.5 ships with a migration tool that helps you move/upgrade from a Windows vCenter to an Appliance vCenter, it’s no surprised that more and more people are moving over when it comes round to upgrade time!

In fact ever since 6.5 was released, I’ve not even deployed a single Windows vCenter Server – all my customers have been moved over to the vCSA.

https://blogs.vmware.com/vsphere/2017/08/goodbye-vsphere-web-client.html

With regards to the vSphere Web Client, loads of people found the flash-based version was frustratingly difficult to use – it was slow, it was notoriously prone to crashing and frankly it was based on in-secure Flash technology (not to mention that Adobe themselves are dropping flash). HTML5 is the way to go baby!

So with those announcements in mind….. I may think about changing some of my VMworld sessions to jump on the vCSA and Web Client update sessions!!

 

RIP…..

vExpert 2017 Announcements

Congratulations to those who have been recognised as vExperts and will be joining the group for the 2nd half of 2017!

https://blogs.vmware.com/vmtn/2017/08/vexpert-2017-second-half-announcement.html

Also congratulations to existing vExperts who have been recognised as experts in the 2 sub categories – NSX and vSAN!

https://blogs.vmware.com/vmtn/2017/08/vexpert-nsx-2017-award-announcement.html

https://blogs.vmware.com/vmtn/2017/08/vexpert-2017-vsan-announcement.html

 

I’m fortunate enough to be once again considered as a vSAN vExpert for this year! =)

HCIBench 1.6.2 – Testing vSAN performance

Over the past month or so I’ve been running a number of performance tests on VxRail and vSAN solutions.

HCIBench is a brilliant tool to help end-users understand the type of performance that they can achieve with their vSAN solution.

It’s essentially an automation wrapper around the popular Vdbench tool. Vdbench is an utility specifically created to help engineers and customers generate disk I/O workloads to use for validating storage performance and storage data integrity. Vdbench is a complex beast to run, with lots of different variables that can be configured via CLI… so the HCIBench wrapper helps simplify workload profiles and makes it so much easier to run benchmark tests!!

Please note, HCIBench is a VMware Labs Fling and so there’s limited support available and it shouldn’t be used in production environments (although the latter is just to cover themselves). If I’m honest, the creators of HCIBench are pretty good at replying to comments and feedback!

https://labs.vmware.com/flings/hcibench

It’s definitely worth remembering that as a benchmark tool, it can’t quite simulate real-world workloads! However, if you understand how your workload behaves (ie block size, read/write ratio, etc) then you can get pretty close to creating a workload profile that matches your workload (albeit running a test at max. workrate rather than the bursty rate we see in real-life).

 

HCIbench was updated 2 days ago in response to the recent release of vSphere 6.5u1, and in my opinion is even cooler now that it can utilise the new vSAN Performance Diagnostic feature of vSAN 6.6.1 (API integration with the new Performance Diagnostics part of vSAN Cloud Analytics).

You can now run an HCIBench test and view detailed results of the test in Performance Diagnostics with supporting graphs – you’re able to select a goal for the test based on “Max IOPS”, “Max Throughput” or “Min Latency”, and then get details on potential issues found in the analysed data which you can then use to improve the workload profile you’re using in HCIBench.

Point your browser here for more info:
https://blogs.vmware.com/virtualblocks/2017/07/31/what-to-expect-from-hcibench-1-6-2/

Note: You need to have Customer Experience Improvement Program(CEIP) and vSAN Performance Service turned on to get this feature enabled

More on vSAN Encryption

So not long after my article was published on SearchVMware, the guys at Virtual Blocks (VMware’s own storage blog) released 2 articles which went into vSAN encryption in a bit more detail.

https://blogs.vmware.com/virtualblocks/2017/06/24/vsan-encryption-1/
https://blogs.vmware.com/virtualblocks/2017/06/24/vsan-encryption-2/

It’s definitely worth noting that using hardware encryption does have an overhead whenever you need to rekey (eg when you need to rekey every drive), obviously because vSAN encryption is within the hypervisor this overhead is significantly reduced.

The First article simply goes over what vSAN encryption is all about, the second dives into more detail on how it’s setup, the trust model of the KMS, and also how the disk format is changed when vSAN encryption is enabled. I find this 2nd article very informative in trying to understand how vSAN encryption works.

There’s also a new KB that briefly goes over the different between vSAN encryption and VM encryption: Understanding vSAN Datastore Encryption vs. VMcrypt Encryption

Enjoy…. =)

Voting now open for Top vBlog 2017!

top-vblog-2017

It’s that time of year again when the VMware community starts to cast their votes as to which blog should be crowned “Top vBlog” for 2017…!

This year Duncan Epping (http://www.yellow-bricks.com/) and Frank Denneman (http://frankdenneman.nl) have decided to withdraw their blogs from the voting, which is admirable as they both always feature in the top 5 (or #1 for the past 8 years in the case of Duncan!!). From what I’ve read, both wish that other people get the recognition as sometimes the voting is based on popularity rather than content.

Maybe there should be a hall of fame that the likes of Duncan and Frank could be inducted into?!? =)

Last year, much to my surprise, I ended up ranked #161.. if I’m honest I didn’t even think I would rank! Anyways, thanks to those who voted for me…. hopefully I’ll rank again this year… it’s always nice to be recognised by your peers, but blogging for me is a hobby as I’ve got a hectic work and family life (a 20mth baby takes up alot of time…).

Anyways, head along to vSphere-land to read more about the voting rules:
http://vsphere-land.com/news/voting-now-open-for-top-vblog-2017.html

If you’re looking for a list of all vBlogs, then head over to vLaunchPad:
http://thevpad.com/

Once you’re ready to cast your vote, head over to the voting site:
http://topvblog2017.questionpro.com/

And if you’re interested in last years results, then here they are:
http://vsphere-land.com/news/top-vblog-2016-full-results.html

Voting runs until the 30th June.

… and lastly, thanks again to Eric Siebert (http://vsphere-land.com) for running and managing the voting process and to Turbonomic (https://turbonomic.com) for once again sponsoring the whole event.

Yes, I know I’m a bit late with this announcement as voting opened on the 1st June… Unfortunately I’m on holiday and it’s been difficult trying to find decent network reception on the canals of Wales – it seems you can only get 4G network when you’re near a town… =(

20170603_093337