My focus on a day-to-day basis for most of the last five years has been on cloud automation and orchestration, more specifically with VMware vRealize Automation (vRA) and VMware vRealize Orchestrator (vRO). I’ve worked with a variety of customers in different verticals (government, finance, service provider) to help them design and deploy an automation platform and create services to automate many use-cases, both common and unique.
So naturally, my interest in a software-as-a-service (SaaS) platform that does the job too was always going to manifest itself. The day has arrived though that VMware are officially launching that service. Yesterday, January 15th 2019, VMware Cloud Automation Services became generally available.
vSphere 6.7 was released several months ago, and I’ve been meaning to upgrade my homelab for a while now. vSphere 6.5 has been pretty rock-solid, but it’s time for me to keep up with the Joneses. This post covers my upgrade process and experiences.
My original vCenter server was built straight on to version 6.5 when that first launched, way back when. In theory there was nothing wrong with it, except for a deployment decision that I was no longer happy with. When I deployed my vCenter previously, I configured it with an external Platform Services Controller (PSC) as I wanted to mess about with load balancing PSCs at the time. The messing around didn’t take long and I moved on to other things. Problem is, you cannot (currently) go from an external PSC to an embedded one and the external PSC was an extra piece of complexity that I just didn’t need anymore.
That pretty much left me with one option: migrate to a new vCenter.
Deploying vCenter is a doddle, and I won’t cover how that works. What I will mention though is how I moved my hosts and VMs across. The first step was to liberate one of my 6.5 ESXi hosts from the original cluster and add it to the new vCenter. At this time, I didn’t upgrade the host itself to 6.7 for reasons that will be apparent in a minute or two.
Secondly, I went through the VMs that I had registered in my original vCenter and weighed up whether or not I still needed them. Things like old distributed vRA deployments to a quick trip to the virtual bin, other things like AD, jumphosts, remote access solutions etc were powered down and removed from the inventory before being re-added to the new vCenter.
Before long, there wasn’t much left and what little is left will probably be left idle for a couple of weeks before I bin it completely.
So far, so good. Continue Reading
Having upgraded my vRA instance in my HomeLab to 7.4 not long after it GA’d, I recently decided to create some nice, new templates as well. You know, latest patches, hardware, basic config etc.
I won’t bore you with exactly how I installed Windows, patched it or configured it. The relevant part of the process to this article was the installation of the vRA Guest Agent and subsequent testing of it.
I already had my vRA blueprint configured; just a simple Windows Server 2012 R2 template that has the vRealize LogInsight agent installed and configured on it automatically as part of the provision process:
Installing the vRA Guest Agent
This is a documented process to install the software agent on a Virtual Machine that is then subsequently turned in to a template. For vRA 7.4, the documentation can be found on VMware’s site:
This worked without issue. I shutdown the machine, turned it in to a template and update my blueprint.
Testing the new template
This is where I ran in to an issue. Continue Reading
If you’re working for an Enterprise with your workloads based purely on VMware vSphere, then there’s a new launch from Unitrends that you may be interested in looking at for your virtual backup / business continuity solution that I have learned about.
vBE (short for VM Backup Essentials), converges enterprise-grade backup software, ransomware detection, and cloud continuity into a powerful, easy-to-use, all-in-one platform boasting the following features:
- Total Protection – No limits on the number of virtual machines that can be protected on a host
- No License Tiering – No tiering of licenses based on the number of cores in the CPU socket.
- Only License what you need! – Only occupied sockets require a license, but ALL occupied sockets of the host must be licensed to protect its virtual machines.
- Infinite retention!– Retention is directly proportional to the amount of storage that can be provided by the customer for backup. The license has no limits on retention.
- Replication to the Cloud – Site-to-site replication is not supported at this time. vBE does support replication to the cloud – both hyperscale clouds such as AWS, Google and Rackspace as well as clouds purpose-built for DRaaS services.
- Advanced Ransomware Protection– New ransomware variants are emerging every day and your ransomware protection needs to evolve to keep up.
Unitrends are billing vBE as an “all-in-one solution” that provides a disruptive approach to backup. It offers complete vertical integration (including the cloud), fast time to value and an all-in-one solution provided by a single vendor with industry-leading customer service. vBE includes all the software and features you would find in an enterprise-level data protection and recovery solution. vBE includes operating system, security, backup software, WAN acceleration, replication, cloud integration, and archiving. Continue Reading
A colleague of mine was working with a customer recently on some changes to their automated VM provisioning process (they’re not vRA customers… yet). He got stuck trying to get around a particular challenge with the automatic naming of network interfaces in certain Linux distributions.
The customer in question is using vRealize Orchestrator (vRO) to create (not clone) their Virtual Machines from a JSON structure that is supplied by an external system. In that structure there are definitions for the hardware, OS network identity (name, IP etc) and OS installation sources (ISO file for installation and floppy image for a ks.cfg (KickStart) file).
Once the JSON object is provided to the vRO workflow, the VM is created, booted and automatically starts to install and configure itself.
Customer’s Simple VM
Simple VMs have a number of disks defined (for root, opt, var, swap etc partitions) that are attached to a single ParaVirtual SCSI adapter. The VM is also equipped with a single VMXNET3 network adapter.
In this configuration, there is no problem. The installation of the OS runs through to completion and the VM is handed off to Puppet and eventually goes in to service.
Customer’s Complex VM
For the provision of Linux-based Oracle servers however, the customer wanted to be able to specify not only extra disks and partitions, but extra SCSI controllers too. Continue Reading
If you’re looking at taking one of the VMware Advanced Professional exams listed below, you might want to get your skates on as they’re being retired at the end of September:
- VCAP6 – Data Centre Virtualization Design (VCAP6-DCV Design)
- VCAP6 – Cloud Management and Automation Design (VCAP6-CMA Design)
- VCAP6 – Desktop and Mobility Design (VCAP6-DTM Design)
Slots for these exams will start to run out in the next few weeks, so book up now if you want to take them.
All available exams and certifications are detailed on VMware’s certification page. If you want to check the list of retired or retiring exams, the document detailing those can be found here.
A customer that I’m working with at present asked this week if the minimum privileges required for vRA to access a vSphere Endpoint could be documented. As someone who isn’t a fan of unnecessary wheel re-invention, my initial response was to direct them to the relevant VMware documentation (vRA 7.3 vSphere Agent Requirements).
Then they explained why that wouldn’t quite cover their requirement. I won’t explain exactly why, but they wanted a matrix that showed exactly what privileges each of the vRealize products (and associated management packs) needed in vCenter to provide to their security team. Somewhere in the dark and dusty reaches of my mind, a lightbulb flicked on…
Wait, I’ve done this before!
Like a number of other bloggers in my industry, I started this as a place to record some of things that I was doing in the hope that they might be useful to someone else, or even useful for myself in the future. Continue Reading
I was lucky enough last year to be invited to the inaugural UK vRetreat, organised by fellow vExpert Patrick Redknap. If you’ve not encountered a vRetreat before, or are wondering what it is, it’s an event with a small delegation of bloggers invited to pick apart some presentations by the event’s sponsors.
Following on from Silverstone in 2017 I had assumed that I’d had my shot and that other bloggers would get their chance at the next event. Fast-foward to February 2018 and I again found myself sitting down with a number of quality vCommunity members to exchange stories and, most importantly for vRetreat, listen to some detailed presentations by a select delegation of IT vendors.
One key difference between the two events (I think that Barry Coombs and myself are the only two attendees of both events) was the venue and the “extra-curricular activity”. Instead of the Porsche driving experience from last year, we would all be entering the Crystal Maze. (Great fun, especially if you remember the TV game show, although the team I was on had two people carrying injuries and, to be honest, we sucked!)
The venue for the daytime, technical part of the day was familiar to me too from the numerous times that I’ve been to CloudCamp in London. Ominously named “The Crypt”, it is in fact a Church near Farringdon.
Back to the purpose of the vRetreat. Although I mentioned presentations before, the idea is that it starts out that way but, with a smaller audience, it gets a bit more interactive as the attendees ask lots of detailed questions that you might not get in a larger setting. On this particular occasion, we had the pleasure of hearing from Zerto and Cohesity. With the room divided between the two, I have the pleasure of covering Zerto. Continue Reading
A new vRA / vRO Extensibility course is scheduled to be held in the UK in February 2018. It will provide detailed information on how to leverage the power of vRealize Automation and vRealize Orchestrator.
I should point out that it’s a beta course, so it may not be 100% polished and pristine. However, the course is focussed on version 7.3 of both products (the latest at the time of writing) so it will be bang up-to-date and help you learn the “art of the possible”.
The course runs for a full week from Monday 19th February at VMware’s UK office in Staines. If you’re new to vRA and vRO, or you want to take your automation beyond simple virtual machine deployment then this course will likely benefit you. If you don’t manage to get on it, I’m sure there will be further opportunities throughout the year.
Extensibility Topics Covered
The topics covered by the course include:
- The basics of vRO workflows
- Design considerations for vRO workflows
- Development of vRO workflows
- Extending vRA using the Event Broker
- Using vRO workflows with vRA’s Event Broker
- Using vRO workflows to provide XaaS catalog items and resource actions
- Working with REST APIs using vRO
You can register for the course via VMware’s myLearn website.
I thought I’d update my homelab’s primary vCenter to the latest and greatest (6.5 update 1d), when I encountered an issue with the root password. The update showed up ok in the appliance’s VAMI interface and I selected to install it but an error quickly showed up:
Not ready, huh? When I clicked on the “Show Details” button, I saw a message informing me that the root password had expired or expiring soon:
Well ok, I’ll go and reset it and turn off the expiry I thought. (That process is covered in the vCenter documentation.) But noooo, permission denied! The password couldn’t be set and the expiry settings could not be changed. Continue Reading