vArchitect Newsletter 003

New vRealize Product Releases

VMware released new versions for a couple of vRealize products.  These are listed below with new features we think are relevant.

vRealize Automation 7.1
  • Silent installer
  • Migration tool to migrate data from vRA 6.2.x to a fresh vRA 7.1 while preserving the source environment.
  • IPAM integration framework although Sovereign System's  SovLabs Infoblox module does a great job with this already.
  • Manual horizontal scale in and out of vRA deployments.
vRealize Operations Manager 6.3
  • Enhanced workload placement and DRS integration.
  • Improved Log Insight integration (hopefully writing a blog on this soon).
  • Enhanced vSphere monitoring with new hardening policies.
  • Allows for multiple Advanced and Enterprise editions license in the same deployment which means you can mix single and suite licenses.  License counting for individual license keys is handled through licensing groups.
vRealize Orchestrator 7.1
  • Extending automation configuration.
  • Plugin improvements.
vRealize Business for Cloud 7.1
  • Support for newer and latest vRA.
  • Integration with external VMware Identity manager is probably the biggest one here since this now allows for a standalone installation with its own UI. I tested this earlier and you now have the option to register with either a vRA or vIDM instance.

  • If you register with vIDM, you get a new UI which is accessible through the FQDN of your vRB appliance.

  • New version of reference database
vRealize Network Insight 3.0
  • This is a really cool tool and something we are going to experiment with. It was born out of the Arkin acquisition and allows for analysis and visualization of network flows in your environment. Release notes here, installation blog post here.
  • Supports micro-segementation analysis.
  • Palo Alto support (in beta).
  • Multi-vendor switch support.
VMware Integrated OpenStack 3.0
  • Updated for the Mitaka build of OpenStack.
  • New compact deployment mode.
  • Supports import of vSphere VMs into OpenStack.
NSX Resource document

For those of you that are looking at NSX, running a POC or already have it installed, VMware provides a great public resource document for NSX which they update periodically.

Always grab the latest version here:

vRealize Automation Error Message

What I saw was random deletion of VMs within a larger deployment.  Some of the VMs in the large deployment would destroy properly and others would not go away.  Another thing I noticed was that day 2 actions were occasionally flakey.  What this came down to was that the service monitor had been disabled on the Load Balancer for all the VIPs in the vRA environment.  Since most of the components are active/active, you don’t notice anything obvious but for the Manager Service you see sporadic behavior due to the Manager Service being active/passive.

vCenter Windows to Appliance Migration Utility

VMware has officially released a productized version of the now-deprecated fling that can migrate your Windows vCenter 5.5 to the Linux-based appliance (vCSA) 6.0 U2. Here’s the official blog post announcement and here are the release notes to get you started. You download a separate ISO which has the migrator utility and the vCSA 6U2 baked in. An external SQL database is supported, so you can rest easy there. And the migration is totally reversible since all it does it copy the data and configuration to the appliance, then shuts down the source Windows vCenter. The appliance then assumes the same identity as the 5.5 Windows vCenter. Do note that this only works from version 5.5 and going to version 6.0U2. It does not support a horizontal migration from 6 to 6. Also important is the fact that an architectural change is not supported during the migration, so if you’re using an embedded SSO with 5.5, the 6.0U2 appliance will also be embedded. If you do need/want to change architectures, that will require a net new installation of the vCSA, which is what we recommend anyway unless you have a very compelling reason why that cannot be performed.

VMworld 2016 Update

We all attended VMworld this year, held in Las Vegas, and there are a number of updates we want to deliver back to you. But before we get to that, here are a few resources you can tap into (for free) which will allow you to experience some of what VMworld had to offer.

  1. Hands-On-Labs: HOLs are nothing new, but we’re surprised by how many people still don’t know about and/or use them. They’re completely free and offer you a real, live lab environment with all the VMware products installed and configured. This is really the best way to get exposure to the various products without having to own a lab and install them yourself. Many of the labs created for VMworld 2016 are now available.
  1. VMworld 2016 Breakout Session Recordings: All the recordings from (just about) all the various breakout sessions are available, for free, online. William Lam has done an excellent job of creating a direct link for playback or download of these sessions. Check out his GitHub page here for those links. You will still need to register on the VMworld site, but that’s free to anyone.

Ok, and here are our combined notes of the most interesting bits out of VMworld 2016.

  • Cloud foundations

It’s a software-defined solution that integrates vSphere, VSAN and NSX into a single platform.

It provides a common foundation across clouds with flexible deployment options and primary focus is on simplifying deployment and operations. Cloud foundation can run in private and public cloud. Current offering will be with IBM SoftLayer for cloud and VMware vCloud Air Network and vCloud air schedule for availability at later time.  Integrated stack with EMC VxRACK 1000 SDDC and ready systems will be Dell, QCT and HP with VSAN ready nodes.

  • vCloud availability for vCloud director

Leverages vCloud Air Network and vCloud air for simple, automated DRaaS. Uses vSphere Replication which is very limited with 15min – 24min RPO and is using VSAN on both sites then RPO = 5min.  Up to 24 previous restore points. Includes encryption components and managed through vCenter server. VMware vCloud Air Hybrid Cloud Manager, which extends your on-premise datacenter into vCloud air added enhancements such as zero-downtime, bi-directional application migration in an out of vCloud Air.  Only available to VCAN service providers.

  • Cross-cloud Architecture

This extends VMware hybrid cloud with capabilities to run, manage, connect and secure applications across different cloud infrastructures. Architecture is delivered through Cloud foundations as well as Cross-Cloud services (tech previewed showed at VMworld) which will centralize management, operations, networking (NSX), security (Distributed network encryption (DNE)) and data management.  Key functions VMware will focus on for this SaaS service are SLA/availability dashboards, Policy-based placement/optimization, UI and API-driven cloud service broker, Automated discovery, Centralized multi-cloud cost accounting, workload migration.

  • vRealize Networking insight

3 main use cases (virtual, physical or cloud). Plan micro-segmentation deployment and audit security compliance. 360 visibility and analytics (optimized network performance). Offers best practices, health and availability of NSX deployment. Requires vSphere 5.5U2 or 6.0U1b as well as VDS (virtual distributed switch), does not work with Standard switches. Requires port forwarding which is automatically configured. Shows results instantly but recommended to leave for 1 to 3 days for better analysis. Minimum 1 day.

  • VMware Validated Designs

Set of blueprints with instructions on how to build a full SDDC stack and integrate all the pieces. Different from a reference architecture in that VMware actually tests this design to accommodate very high scale and churn, and provides an upgrade path for all the components in future designs. Additionally, partners can submit their designs if it differs from VMware’s and get a “VMware Ready” –type stamp of approval on the design. EMC is working towards adopting the VVD in future EHCs so they conform to a known good and tested architecture.

  • vSphere Integrated Containers

Brings containers into vSphere under vCenter’s control. 1:1 relationship—1 container in 1 VM. Free and open source, but not GA yet. Designed for shops that are experimenting with containers, or doing containers alongside traditional apps for a specific piece of the stack. Pros that admins don’t have to re-skill or tool their infrastructure, and can be put into a brownfield environment, can use vSphere technologies like HA and DRS, and adopt security. Cons that it isn’t design for huge scale and container instantiation time is slower.

  • Photon Platform

A new platform for running containers in a greenfield environment. Does not require vCenter and can work with free ESXi. Photon controller provides distributed control plane and pools multiple ESXi hosts into groups, then container hosts (1:many relationship—1 VM container host, multiple containers) carved into tenants and then reservations similar to vRA. Also free and open source, and also not GA. Designed for dedicated, greenfield container environment. Pros that it is designed for extremely high scale and high churn rate. Cons that it is a totally new platform type and requires specialized tooling and knowledge sets. Support for NSX and VSAN coming at a later time. Still a very new and primitive frontier that is being cultivated, so not very advanced yet. All sets of monitoring, management, and security, up to you.

  • Pivotal-VMware Cloud-Native Stack

A new product offering purchased from VMware, supported entirely by Pivotal. Combines Pivotal Cloud Foundry with Photon Platform for a complete PaaS solution with containers. EMC will be delivering in 2017 via VxRack Neutrino.

  • vRA 7.1 and containers

Right now, has some facility built-in, but in beta for native container endpoint. Will be able to interact with a container registry (like VMware’s Project Harbor) and add containers to a blueprint via the unified design canvas, so deployments can have mix of traditional VMs and containers. Still very early in the phases and being actively developed. Will have ability to provision to Photon Platform.