CloudHealth by VMware – Reporting & Policies

Well, this blog post has been 3 months in the works – in fact a draft has been sitting in WordPress since September when I collaborated with Kim Bottu on his article about Integrating CloudHealth and vROps, the plan was for me to write a companion blog which show-cased the same capabilities in CloudHealth that he mentioned in his vROps blog.

2020 has been a profoundly difficult and odd year for everyone, and I found myself not wanting to do anything after a busy day of zoom meetings and home schooling. The motivation to write a blog just wasn’t there, and after a busy day all I just wanted to do was chill and relax in the evenings.
There’s been a fine-line in everyone’s work-life balance this year, and everyone needs to find that little bit of time each day to just shut off and unwind (usually when the kids are in bed)!

Anyways, the Christmas holidays and having time off work has given me the opportunity to sit back down and finish the blog (plus Kim was saying I should publish it in order to help my vExpert application for 2021… hahahahha… lol…. – btw, you have till the 9th January 2021 to submit!)

What is CloudHealth?

I guess the best place to start this blog is to give a quick overview of what CloudHealth actually is, so here’s the elevator pitch I always give….

“The more organisations invest in public cloud, the more important it is to have a cloud management strategy for their success, and this is where CloudHealth can assist.
CloudHealth is a multi-cloud management platform designed to provide full visibility into your cloud environment – helping you to identify opportunities for cost savings and usage optimisation. We help you to easily analyse and control cloud costs, security, performance and governance all from one single platform.
We give you insight into your data centre, hybrid and public cloud spend – aligning costs and usage to users, lines of business or even projects and business initiatives.We help make cloud management simple.”

Sooooo, what does that actually mean I hear you ask!?!

In a nutshell, CloudHealth takes your cloud billing and usage data, process and presents it in reports that help you visualise your costs and usage. In addition, one of their USPs is the ability to create perspectives to help you categorise and filter your data.

Currently CloudHealth supports Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI) and on-premise VMware environments. They also have a beta-program for VMware Cloud on AWS support.

CloudHealth is the clear leader in multi-cloud management, they’re the largest player in the market with 10,000+ customers and 230+ partners globally, managing over $11+bn in annual cloud spend.
CloudHealth has continued to be named a Leader in The Forrester Wave: Cloud Cost Management and Optimization Report.

What is a Perspective and How are They Used in Reports?

The most common way to describe a CloudHealth Perspective is that they are “lenses” through which you want to view your infrastructure. Each role within an organisation measures and evaluates the business from different viewpoints or ‘Perspectives’.
You can create Perspectives to view and group cloud assets together in order to align them with business objectives.
They provide a framework for categorising all the assets within your cloud infrastructure. For example, you could create a Perspective to group assets into Environment, Application, Department, Function, Project, or even Cost Centre.
You can build Perspectives dynamically using cloud tags or statically using the search capabilities.

For Example, the default view of a Cost History Report within CloudHealth is to show 13 months of cost data categorised by Service type (this is an example of an AWS report):

We can then take that default view and change the categorisation to a Perspective built to show Owners (this could help identify those users who spend all the company’s money on cloud!):

Or we can even change the view to categorise by a Perspective built to show Environment (IT Operation Managers are constantly looking for ways to show how much different Infrastructure Environments cost the business):

Finally, we can combine a number of Perspectives together to drill down further into our costs. In this example we’re filtering to look at just the Production Environment Perspective group, and categorising by the Owner Perspective (so helping to identify who spends the most in Production!):

Chart Types for a report can also be changed from Bar to Line – in this example we’re looking at the Cost History Report categorised by the Perspective ‘Line of Business’:

Another great Chart Type to use is the Pie Chart – as this is only 2 dimensional you will need to filter to a specific time period (eg. November 2020) and change the X-axis away from time interval (in this example I’ve used the ‘Line of Business’ Perspective):

Using CloudHealth to Generate Alerts.

Now the basics of Reporting and Perspectives are out of the way…. Let’s take a look at replicating within CloudHealth what Kim configured in vROps.

In Kim’s blog, he looked at how vROps can be configured to generate alerts based on Month to Date Cloud Spend for certain assets.
We’ll take look at how the Policy Engine works in CloudHealth to generate Alerts, and the actions that can be taken by a Policy.

Policies at its most basic is a set of rules that allow you to govern various aspects of your cloud infrastructure, such as cost, availability, security, performance, and usage.
The Policy Engine in CloudHealth is pretty powerful, it’s not just used to track cloud spend, for example:

  • you can track the launch of new resources
  • you can identify and terminate unused or underutilized assets
  • you can track unexpected cost spikes
  • you can track changes across the cloud infrastructure
  • you can identify resources that have been created out of compliance with specific rules (ie region location, OS type, etc)

At the core of each policy is a rule, which monitors for one or more conditions and, optionally, responds with an action. Actions could be to send an email to notify that a policy has been triggered, or to power off an EC2 instance or VM.

Creating a Policy to alert on Month to Date (MTD) Cloud Spend

One of the most common policies created by CloudHealth customers is a policy to identify increasing cloud costs over a set time period. When overall costs in your cloud environment increase suddenly, it could be an indicator of a larger problem – for example, a compromised cloud account where attackers have spun up a large number of EC2 instances and VMs.

You can create a policy that alerts someone via email whenever the Total Cost of your cloud bill increases by more than a certain percentage:

Or even by a fixed amount:

You even have the granularity to set the conditions to focus on a single Account (in this example ‘Test account name’):

Whilst these examples have a time interval of 1 day, this can be changed to 1 week or 1 month to suit your requirements.

Most Policies allow you to filter the rule condition to focus on a specific account (eg. Test Account name), a specific service/asset type (eg. EC2 Compute), a specific Region, or even by a Perspective you’ve created (eg. Environment = Production):

Alternatively, you can create a policy for a specific resource type you may want to focus on, in the following example we’re just looking at EC2 Instances and want to be alerted if the total costs increased by 10% over 1 month, we could then take a number of different actions – email, delete EC2 instance, stop EC2 instance, etc:

CloudHealth vs vRealize Operations

Having used both CloudHealth and vROps, I would say it’s far easier to create reports, policies and alerts within CloudHealth compared to vROps – but I might be a little biased here… =)

The Cost and Usage reports are far better in CloudHealth – the added feature of being able to use filters, categorisations and Perspectives to change the viewpoint of the report visualisation is something that stands us apart from other tools! Not to mention that changing the visualisation occurs instantly, there’s no need to wait for processing to occur to rebuild the graphical data.
Within CloudHealth you also have far greater granularity to customise the policy conditions by using the filter capabilities.

One thing I constantly get asked is whether CloudHealth and vRealize overlap each other and perform the same functions.
They’re actually complementary management solutions as they are two different products providing information for different use cases within an organisation!

vRealize offers operational efficiency and automation and CloudHealth brings collaboration, governance, and optimization. 

  • vRealize focuses on driving efficient operations (i.e., provisioning, troubleshooting, capacity planning, automation) in the private and hybrid clouds. Providing Consistent infrastructure and operations, from the data center to the cloud.
  • CloudHealth focuses on driving improved business outcomes (i.e., governance, optimization, visibility, chargeback) in the public and hybrid clouds. Breaking down public cloud silos and streamline cost, compliance and analytics operations.

It’s also worth noting that the starting point for the journey to multi-cloud can originate in the enterprise data centre or from the public cloud. Whether an enterprise is looking to expand its data centre to public or vice versa.

In the data centre, infrastructure/operation teams require tools for configuration, provisioning, automation, capacity planning and governance for all their data centre assets (ie Day 2 operations). It’s also very Capex-intensive and costs are somewhat stable and predictable. This is the perfect scenario for vRealize.

In the public and multi-cloud world, developers and lines-of-business users provision resources directly themselves. It’s very Opex-intensive and resource usage can be dynamic and unpredictable. The management disciplines needed for cloud-centric, de-centralized IT include ways to govern usage, optimise costs and deal with cloud security threats and vulnerabilities. This is where CloudHealth comes into the fore.

For example, vRealize can be used to help perform capacity planning assessments and ‘What If’ scenario modelling. CloudHealth can be used to model the cost of migrations from private to public cloud.

Anyways, I’ve realised that this has been a super long post so I’m going to end here. I hope it’s been useful reading…. I’m also hoping that I’ll get the chance to blog more often on CloudHealth and its features in the coming year! =)

For now, I hope you all have a Happy New Year! Let’s pray that 2021 will bring back some normality to the world!

VMware vSphere 6.7 & 6.5 update 2 – Resources

Just over a fortnight ago VMware released their latest version of vSphere and vSAN – 6.7…. unfortunately for me, I was neck-deep in a tender response and was in Paris for a number of days for a meeting – so spent most of my travels looking at a small mobile phone screen trying to read up on what’s new… (mental note: time for a new phone with a bigger screen – must be getting old as my eyesight isn’t as good as it was).

When I finally got back online and started thinking about what to write about, I realised that the net was already inundated with bloggers writing about “What’s new in vSphere 6.7”. I quickly realised that I didn’t just want to regurgitate the same thing as a lot of the ‘newer’ bloggers were doing, so I decided to spend some time pulling together all the good resources that I have read over the last few weeks and write a blog about where people should go to learn about vSphere/vCenter and vSAN 6.7.

Note: This blog article has actually been in draft mode for 2 weeks as I’ve been waiting for the vSphere 6.7 lightboards to be re-released by VMware marketing – if you didn’t already know, it was posted onto VMware’s YouTube channel a week before launch and then quickly disappeared!! I’ve been waiting for them to turn up again before posting this article but for some reason they haven’t re-appeared (makes me wonder if marketing deleted the only copy they had of the lightboards… lol).
https://www.theregister.co.uk/2018/04/09/vsphere_6_7_vids_vanish/

 

The Knowledge Journey

The most obvious place to start your knowledge journey is none other than VMware’s own vSphere Blog and Virtual Blocks blog, the best blogs are:
https://blogs.vmware.com/vsphere/2018/04/introducing-vmware-vsphere-6-7.html
https://blogs.vmware.com/vsphere/2018/04/introducing-vcenter-server-6-7.html
https://blogs.vmware.com/virtualblocks/2018/04/17/whats-new-vmware-vsan-6-7/

These were the first blog posts I read to understand what new features were in the latest release, and they’re very good summaries.

As always, Duncan Epping was one of the first to release his articles on “What’s new” and they were very concise articles going over some of the more interesting features:
http://www.yellow-bricks.com/2018/04/17/whats-new-vsan-6-7/
http://www.yellow-bricks.com/2018/04/17/vsphere-6-7-announced/

I then started reading around the other products released as well:
What’s New with SRM and vSphere Replication 8.1 – https://blogs.vmware.com/virtualblocks/2018/04/17/srm-vr-81-whats-new/
What’s New in vRealize Automation 7.4 – https://blogs.vmware.com/management/2018/03/whats-new-vrealize-automation-7-4.html

If you want a deep-dive into all things vSphere/vCenter, then head over to Emad Younis’s blog: http://emadyounis.com.

For a deeper-dive into all things related to security, head over to Mike Foley’s blog: https://www.yelof.com.

All finally, there’s the vSphere Blog: https://blogs.vmware.com/vsphere/launch

 

KB article on Update sequence for vSphere 6.7 and compatible products – https://kb.vmware.com/s/article/53710
KB article on Important information before upgrading to vSphere 6.7 – https://kb.vmware.com/s/article/53704
Blog article on upgrading vCenter Appliance from 6.5 to 6.7 – https://blogs.vmware.com/vsphere/2018/05/upgrading-vcenter-server-appliance-6-5-6-7.html

Note: Upgrades from vCenter Server 6.0 and later to vCenter Server 6.7 is supported. To upgrade from vCenter Server 5.0, 5.1 or 5.5, you must first upgrade the vCenter Server instance to version 6.0 or later releases, and then upgrade to vCenter Server 6.7.

These products are not compatible with vSphere 6.7 at this time:

  • VMware NSX
  • VMware Integrated OpenStack (VIO)
  • VMware vSphere Integrated Containers (VIC)

 

Some YouTube videos:
vSAN 6.7 Technical Overview Video – https://youtu.be/Ss5KWAtGvXo
vSAN 6.7 What’s New Technical – https://youtu.be/YzurWX5m4m8
Faster Host Upgrades to vSphere 6.7 – https://youtu.be/8fqE5zsnkTQ

So here’s a list of all new product releases:

  • vSphere ESXi & vCenter Server 6.7
  • vSAN 6.7
  • vSphere Replication 8.1
  • Site Recovery Manager 8.1
  • vRealize Operations Manager 6.7
  • vRealize Automation 7.4.0
  • vRealize Orchestrator Appliance 7.4.0
  • vRealize Log Insight 4.6.0
  • vRealize Business for Cloud 7.4.0
  • vRealize Suite Lifecycle Manager 1.2
  • vRealize Code Stream 2.4
  • NSX SD-WAN Edge by VeloCloud 3.2.0
  • Horizon 7.4.1 Enterprise

Finally here’s list of all the documentations:

 

It’s worth noting that last week VMware also released vSphere 6.5 update 2 which back-ports a few of the new features in 6.7 into 6.5. For more information point your browsers here: https://blogs.vmware.com/vsphere/2018/05/vsphere-6-5-update-2-now-available.html

Additional updates:

Upgrading vRealize Operations to 6.2

Now that vRealize Ops 6.2 has been released, it’s time to upgrade your Ops Manager virtual appliance. So how do you do that? Well, it’s pretty simple actually!

Nearly all of VMware’s virtual appliances have a simple upgrade process where you download an upgrade PAK file and upload it to the admin page of the appliance – and once uploaded it’s just a simple “click and install”….!

  1. First up, download the 6.2 upgrade PAK file from the My VMware Portal. You will required TWO upgrade PAK files, one to upgrade the vApps OS, the other to upgrade the vROps product.
    vrop01
    For an OS upgrade, the file is: vRealize_Operations_Manager-VA-OS-xxx.pak
    For the product upgrade of virtual appliance clusters, the file is: vRealize_Operations_Manager-VA-xxx.pak
  2. Before starting the upgrade it’s probably best to either take a backup or a snapshot of your entire vRealize Operations cluster as a precaution.
    Note: The cluster can be online or offline when running the upgrade.
    Log into the master node administrator interface via your web browser:
    https://<master-node-FQDN-or-IP-address>/admin
  3. On the left navigation menu, click Software Update. Note the version that vROps is currently at (for me it was 6.1). Click Install a Software Update.
    vrop02
  4. Firstly perform the OS upgrade. This updates the OS on the virtual appliance and restarts each virtual machine. Follow the wizard to locate and install the OS PAK file.
    vrop04
    Note: If you have customised the content that vROps provides – such as alerts, symptoms, recommendations, and policies – and you want to install content updates, a best practice is to clone the content before performing the upgrade. You can then select the option to reset out-of-the-box content when you install the software update, and the update will provide new content without overwriting any customised content.
    vrop03
  5. Click Upload to stage the upgrade files.
    vrop05
  6. Once upload has completed, a summary of what the PAK file contains is listed. Click Next and accept the EULA, then click Finish to start the upgrade process.
    vrop06
  7. Once the upgrade is complete, vROps will restart and you need to log back into the admin page. Navigate to Software Update and you will see a message stating what previous software update was installed.
    vrop07
  8. Now repeat the upload and installation process for the Product upgrade PAK file.
    vrop08
  9. Once again, vROps will reboot after the Product upgrade PAK file has been installed. Log back in and navigate to Software Update, you should now see that vROps has been upgraded.
    vrop09

 

There you go… nice and simple!

If you encounter any issues, then head over to the vROps 6.2 Release Notes: http://pubs.vmware.com/Release_Notes/en/vrops/62/vrops-62-release-notes.html