Archive for the ‘vmware’ Category

NLVMUG2018 – Speaking on NSX microsegmentation and a community panel discussion #vexpert

Thursday, March 15th, 2018

Its always exiting to speak publicly and this year I am setting my bar higher by participating in 2 sessions.

First up is a panel discussion that I was very happy to be invited to by Francisco Perez van der Oord, one of the directors of ITQ. We will have a 45 min flow of topics around SDDC, NSX, Cloud, etc, and the general trends of technology as they impact vSphere admins. We titled the session “vSphere – .. and then what next?”  Never participated in a panel discussion on stage before, so that will be an interesting experience. The other participants are, imo, giants in the dutch VMware community: Joep Piscaer of OGD/Jumbo and Viktor van den Berg of PQR, and I feel quite humbled being on stage with them.
https://nlvmugusercon2018.sched.com/event/E1wh/sddc-cmp-and-nsx-discussions-with-the-community

 

My second session is my own talk, 20 minutes, on NSX Microsegmentation in practice. This is a condensed version of the talk I gave at the Infosecurity conference last year.
In it I cover some practical tips about using NSX Microsegmentation, do’s and dont’s, and common Gotcha’s
Its actually quite tough to get all the essentials into 20 mins or so, so it will be dense and fast-paced (as usual for me).

https://nlvmugusercon2018.sched.com/event/E1wy/micro-segmentatie-in-de-praktijk

Nervous, but really looking forward to the day. I love the VMUG concept and I love networking and seeing all the community in the flesh again (as apposed to only on Slack/Twitter)

LinkedIn embeds:

 

ESX Update Failure because of lack of space in /core

Wednesday, February 28th, 2018

On ESX 6.5, ran into an issue where updates from vSphere Update Manager (VUM) where refusing to install, due to 2 different errors, both having the same root cause.

VUM will through an error 15 in the UI, but if you look at the /var/log.esxupdate.log on the esx host itself, you will see in more detail what is going on.

It should be noted that “The host returns esxupdate error code:15” is a highly generic error message you might get at remediation, and can be caused by a bunch of different causes, including a corrupt update manifest file, corrupt bootbank, currupt VIB file or corrupt local  temporary patch database.

In the screenshot below of esxupdate.log, you can see that the temporary patch database was unable to be created in /locker/package/var/db/locker

different way this problem may present, is as a ‘broken pipe’ error ( ‘{errno 32] Broken pipe’

Notice that in both cases, it is failing on the large, 200mb VMware_locker_tools-light bundle

 

Both /core and /locker symbolic link to one of the ESX partitions. In this case, the partitions are on a mirrored SDCard. These are of type vfat

If you cd into /core you will end up in these partitions

Using DF -h you can check how much free space there is. As you can see in our case, just a little over 200mb remains.

That is not much, especially of you consider that the vmwaretools locker light bundle is itself about 200mb

Check the /var and /packages directory tree in this partition for files that can be cleaned up.

In the screenshot above, you can see that there appears to be a 73mb hostd core dump file sitting in /store/var/core

Unless you really need these to send to GSS (global support) for example, they can be deleted.

Similarly, you can also delete the old VMware tools bundles, unless you need them

/locker/packages/6.5.0/vmtools/

These bundles are only used if you choose to auto-install VMware tools directly to a VM, using the UI or API

In practice, with most environments, this feature is not used (or very rarely), because most people either use the Open VMware tools included in Linux OS, or include VMware tools in a template or golden image. Or auto-install it with config management like puppet, Ansible or vRO.
So to save some space in case you have large update packages that don’t fit in /core, you can consider deleting these files too, they are about 200mb in all, after all.

Be aware though, that updates to esx-base or specifically named vmware tools updates, will of course, reinstall these files.

 

1st Nov. I will be speaking on #NSX #micro-segmentation in practice at the Infosecurity Expo #vexpert

Thursday, October 26th, 2017

1st of November at 13:00 I will be speaking at the SecurityInfo / Data & Cloud Expo about our experiences with NSX micro-segmentation

https://www.infosecurity.nl/seminar/X103
https://www.dncexpo.nl/seminar/X103

In this 45 min talk I will discuss  the details of managing micro-segmentation with the VMware NSX Distributed Firewall function.
Does it live up to the promise, what are the pitfalls and benefits, and what should you consider in regards to your planning and process?

https://www.infosecurity.nl/?lang=EN

Infosecurity.nl 2017 in combination with Data & Cloud Expo
Infosecurity.nl 2017 will be held on 1 & 2 November in the Jaarbeurs in Utrecht (The Netherlands). In the past years, Infosecurity.nl proved to be the online meeting place and exhibition for IT managers and IT professionals in the field of IT security. In 2017 Infosecurity.nl forms a new combination with the new event Data & Cloud Expo. 

 

 

VMworld 2017 EU Day 1 (part 2)- #HACKATHON (awesome!!) #vexpert #vmwarecode

Tuesday, September 12th, 2017

So there where two things I knew for a few years.
– Everyone always seems to have an awesome time at Hackathons
– I am not a developer, not even a descent scripter, how could I contribute to something like this?

Well VMware{Code}, who organise the VMworld hackathon, don’t care all that much what you can do going in.
The point is to learn and to have fun

A bit difference for me this year was being in the vExpert community. And as you might imagine, there is quite a bit of overlap between vExperts, VMware{code} community and innovative scripters. Well they where all very encouraging. So I decided to just throw myself in there!

Quite a diverse lineup of teams. I have wanted to get into Ansible for a while, so I immediately saw my oppertunity in Team4

https://docs.google.com/spreadsheets/d/1kAjZD5Y8ayz6OT7idrymREc9Y4E3BZhE63mfUVCbuO8/edit#gid=0

 

I ended up taking responsibility for the presentation of our teams results, so I made the powerpoint which summarizes what we tried to achieve:

 

 


Being both a Linux and Ansible noob, I spent most of my evening trying to get the VIC OVA copied onto my Ubuntu VM to test our deployment parameters.

Also, it took half an hour to deploy VIC each time we tried… this we called.. a constraint :p

 

 

However, I have to say that a lot of effort was put into providing us a cool deployment environment. They gave us the option to use the on-prem hardware they had set up in the Hackerspace where we at, OR.. to use VMware on AWS, which was of course very cool.
For practical reasons we ended up going on prem – mostly so it was easier to SSH in.

 

 

I partnered with @kev_johnson (of the @OpenTechCast podcast) to create the OVF deployment part. Kev ended up doing 99% of the work. I contributed mostly by googling some variables and pointing out irrelevant things and distracting him. :p 

While we didn’t really manage to test much of our solution, we did put all the Ansible roles and playbook in GIT. This was our main goal, to be able to contribute something to the community. And we succeeded in this. Its not finished, but its a great start!

https://github.com/pdellaert/automation-for-all

 

 

 

 

The main goal was to learn, and that we all certainly did do. I now have a far better understanding of where all the moving parts go for Ansible, and am happy to see its actually not all that complicated. I also learnt how to use GIT which will be extremely useful going forward.

 

 

The main thing I could meaningfully contribute was my some powerpoint and the accompanying presentation of the teams results. Within 90 seconds!

Unfortunately, our ultimate gambit of bribing the judges with Belgium and Dutch chocolate products, did not succeed :p

 

I want to give a MASSIVE thank you to our teamleader and inspirator:  who really helped us get to grips with all this new stuff, and did a significant bit of preperation on his blog.

VMworld Europe Hackathon: Introducing team Automation for All

VMworld Europe Hackathon: Preparation

I want to thank our team, who really pulled together and took their tasks seriously:

Kev Johnson (@kev_johnson – beer connisseur, hoping to learn loads about Ansible as I know *literally* nothing… Not sure what I can bring to the party other than enthusiasm!)
Ozan Orcunus (@vOrcunus) – system architect with a high interest in devops mindset and infra as code concepts, random powercli scripter and virtualization guy.
Chris Lewis (@thecloudxpert) – vExpert, VCIX6, all things SDDC and vRealise Suite – Ansible n00b – merc that may switch teams before the day 😄
Orhan Biyiklioglu (@biyiklioglu) – ex-sysadm new cloud engineer.
Laurent Borgognon (@lbggn / @BruksL) – beer expert – Ansible n00b but want to learn – random Scripter
Nick Goldman (@nickgold) Interested in all Infrastructure automation. Looking to learn about ansible

 

And finally I want to thank the VMware{code} team and the judges for putting this all together and making this such a fun event!
Jake Robinson, Nikki Roda, Tim Bonneman, William Lam, Alan Renouf, Steve Trefethen and Ricky Trilago and everyone else involved. Great event! Hopefully see you next time!

 

VMworld 2017 EU Day 1 (part 1) #vexpert

Tuesday, September 12th, 2017

Had a super productive first day at VMworld!
The Partner day is typically a bit quieter than the rest of the week, and more sales-oriented in the breakout-sessions. But I only got 1 session in anyway, as the rest of the day was focused on, imo, more valuable private sessions with various VMware groups.

UX Design Session VMware on AWS

First up was the a VMware User Experience design session based around VMware on AWS.  We only had an hour and that barely touched on all feedback we could give. We ended up going only through the initial first setup wizzard and discussing a lot about how and where it integrates with Amazon AWS structures.  Extremely useful to also get a first impression of VMware on AWS, but I think I will go for the Hands-On Lab here at VMworld, to get a more general overview.

A User Experience design session can be a strange experience if you don’t know what to expect.  Its the session leaders responsibility t mostly listen and observe how people experience the product, strongly from a user-interface perspective.  They will ask you specific questions such as “what is the first thing on this screen your eyes are drawn to?”, “when I click on this button, what is your expectation of what will happen” , “Does this popup meet your expectations?”.  It was a surprising amount of fun.

 


Participation is rewarded with swag! You can expect some unique gifts for getting involved on the day. We don’t do it for the swag, but its of course appreciated 😉

GSS Leadership Session

At Redlogic, through our engagement with our main customer, we have enjoyed a very close working relationship with VMware GSS in Cork. We have weekly meetings to discuss open SR’s, and have even been toured around personally by the Director of GSS in Cork.  So every year at VMworld, its a pleasure to meet up with the GSS team in person and talk about the past year of support, the roadmap for our customer going forward, and any areas things can improve.  While previous years might have spent talking about issues about NSX, we where pleased to talk about all the stuff that has now been fixed and how stable the VMware software stack is overall. Even if you have nothing to complain about, its good to give feedback and to emphasize and celebrate success together.

NSX Product UI Feedback and Preview session

There are not many companies who have claimed to have worked with NSX for over 3 years. So our feedback is valued and this is noticeable. I gave detailed and deep feedback over aspects of the distributed firewall UI and about management of NSX Edge appliances, which we do a lot with.

Also got a preview of upcoming changes and ideas about the NSX UI, which was very cool.

The ability to give direct feedback, to talk one-on-one with product managers about the product and the roadmap, is in my opinion far more valuable that visiting breakout sessions (that you can watch later online anyway).  I take giving feedback seriously and enjoy it, and VMware has an absolutely healthy attitude about feedback.

 

Lego

😉