Today was a big day for VMware and VMware Cloud Services with their global Cloud Briefing. The briefing concentrated around their two mantra’s: Any Application, Any Cloud, Any Device and Consistent Infrastructure, Consistent Operations. Both of which resonate with what I am seeing customers are looking for.
The Highlights
During the briefing there were multiple announcements were made and demo’s given, including:
VMware Cloud on AWS
- General Availability of VMware Cloud on AWS in **EU West (London) **- Frankfurt coming soon!
- Introducing High Availability using VMware Stretched Clusters across AWS Availability Zones (Tech Preview) #MindBlown
- VMConAWS now supports native **vSAN Deduplication and Compression (DD&C) **for space efficiency.
- Support for AWS Cloud Formation on VMConAWS.
VMware Cloud Management Services
- Hybrid Cloud Extension (HCE) - Now enhanced to work OOTB with VMConAWS so workloads from an on-premises vSphere can be moved directly into the vSphere based-cloud.
- HCE Enterprise for moving on-premises workloads to/from cloud or to other on-premises vSphere Cloud.
- HCE Cloud for moving VMs between VMConAWS, IBM Cloud and OVH.
- VMware Cost Insight - Enhancements to support VMConAWS to allow companies to understand the relative cost of migrating to the cloud.
- VMware Cost Insight now integrates with VMware Network Insight to enable accurate identification of Network Ingress costs.
- VMware Log Intelligence a new VMware Cloud Service
- Use Machine Learning to analyse cloud based logs.
- Wavefront enhanced with 45+ OOTB integrations to Cloud Native Apps (including Cassandra, MongoDB, etc).
- Introducing Wavefront for vROPs so you can get a full Application view across the hybrid cloud.
Partner Program Enhancements
- Solution Provider and Cloud Provider MSP models will be expanded to include VMConAWS.
- Introducing the VMware Cloud on AWS Competency for VMware Partners
Other noteworthy mentions
- Fujitsu have become a Global Systems Integration provider.
- The ability to use Site Recovery Manager 8 to 1-click recover from On Premises into VMConAWS.
Final Thoughts
If you have 50 minutes then I can think of worse ways to spend that time, check it out at https://cloud.vmware.com/cloudbriefing .
Written by Christopher Lewis on March 8, 2018.
AWS Cloud Cost Insight Log Intelligence VMConAWS VMware VMware Cloud Services VMware vSAN VSAN Wavefront
I realise I am a little late to the party with 2017 reflection posts, but I am going to do one anyway.
What an end to 2017!
As those who follow me on twitter will know, I had an eventful Christmas this year. Don’t get me wrong, I’m sure there were a heck a lot of people who had worse Christmas for many different reasons.
I got a rather ill very quickly the weekend before Christmas with both Pneumonia and Sepsis, my chest x-ray showed my lungs covered in snow, inflammation blood count was sky high and I spent 5 days in hospital being pumped full of multiple different antibiotics. I finally got out on Boxing Day and I have spent the last 4 weeks resting and recuperating (purposefully) with minimal technology interactions (the xbox doesn’t count).
Written by Christopher Lewis on January 22, 2018.
This is the fourth in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle steps required to update the embedded vRealize Orchestrator certificate following the replacement of the vRealize Automation Appliance certificate.
This post is based on the VMware procedure and this is documented within the VMware Documentation Site here .
According to the VMware, the reason for completing this additional step is that if you replace or update vRealize Automation certificates without completing this procedure, the vRealize Orchestrator Control Center may become inaccessible, and errors may appear in the vco-server and vco-configurator log files.
Written by Christopher Lewis on December 12, 2017.
Certificates VMware vRealize Automation vRealize Orchestrator
This is the third in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle replacing the vRealize Automation IaaS Manager Service Certificate.
This post is based on the VMware procedure and this is documented here .
Prerequisites
The following are expected prerequisites for this walkthrough:
- A fully deployed and working vRealize Automation solution.
- A set of certificate files:
- The RSA Private Key used to encrypt the vRA IaaS Manager certificate.
- The Root CA Certificate file.
- The vRA IaaS Manager Certificate file.
- The Root CA Certificate and any Subordinate/Intermediate CA Certificates are installed within the appropriate Certificate store on the local machine (normally the Trusted Root Certification Authorities and the Intermediate Certification Authority respectively).
Identifying the “Issue”
If you log into any vRA IaaS DEM or Agent server and navigate to https://vra7-man.fqdn/VMPS you will see the screen below:
Written by Christopher Lewis on December 11, 2017.
Certificates VMware vRealize Automation vRealize Orchestrator
This is the second post in a series of posts covering the replacement of vRealize Automation SSL Certificates. In this post, we will tackle replacing the vRealize Automation IaaS Web Server Certificate.
This post is based on the VMware procedure and this is documented here .
Prerequisites
The following are expected prerequisites for this walkthrough:
- A fully deployed and working vRealize Automation solution.
- A set of certificate files:
- The RSA Private Key used to encrypt the vRA IaaS Web certificate.
- The Root CA Certificate file.
- The vRA IaaS Web Certificate file.
- The Root CA Certificate and any Subordinate/Intermediate CA Certificates are installed within the appropriate Certificate store on the local machine (normally the Trusted Root Certification Authorities and the Intermediate Certification Authority respectively).
Replacing the Infrastructure as a Service Web Certificate
Navigate to the vRealize Automation Appliances Virtual Appliance Management Infrastructure (VAMI) interface, https://vra.fqdn:5480.
Written by Christopher Lewis on December 11, 2017.
Certificates VMware vRealize Automation vRealize Orchestrator
In this series of posts we will walk through the process of upgrading all of the vRealize Automation Certificates. We’ll be moving from self-signed certificates that were deployed during the installation, to certificates that have been provided by an Enterprise Certificate Authority (CA). It is worth noting that the same process can be used to replace expiring SSL certificates as well.
Amongst other reasons, the purpose of doing this is to update the certificates so that communications between components is secured via a CA and for the following sites within the vRealize Automation deployment to be secured and trusted:
Written by Christopher Lewis on December 11, 2017.
Certificates VMware vRealize Automation vRealize Orchestrator
This is the first in a series of posts covering the replacement of vRealize Automation SSL Certificates. For the purpose of these posts, I have deployed vRealize Automation 7.3 environment with self signed certificates. This means that when you navigate to https://vra7.fqdn/vcac , the site is not secure nor trusted. Therefore, you will be presented with something like the following in your browser (I mostly use Chrome):
We’re looking to achieve the following in the browser URL bar after the certificate has been replaced.
Written by Christopher Lewis on December 11, 2017.
Certificates VMware vRealize Automation vRealize Orchestrator
Skills and Abilities
Objective 4.1 - Configure and Manage Logical Firewall Services
- Configure Edge and Distributed Firewall rules according to a deployment plan:
- Create/configure Firewall rule sections for specific departments
- Create/configure Identity-based firewall (IDFW) for specific users/groups
- Configure SpoofGuard policies to enhance security
- Filter firewall rules to narrow a scope
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Create a Distributed Firewall Rule
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on November 27, 2017.
Skills and Abilities
Objective 6.3 - Configure and Manage Universal Logical Security Objects
- Configure Universal MAC Sets
- Configure Universal IP Sets
- Configure Universal Security Groups
- Configure Universal Services and Service Groups
- Configure Universal Firewall Rules
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment with 2 vCenter Servers and 2 Platform Services linked in ELM.
- A working VMware NSX 6.x environment configured for cross-vCenter NSX.
Objective Breakdown
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on November 20, 2017.
The VMware vExpert Cloud 2017 announcement has been released, and I am humbled to be recognised for community contributions in the VMware Cloud space.
See the full vExpert announcement here .
Written by Christopher Lewis on October 27, 2017.
- Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
- Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
- Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 5
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 4