These are top 16 Common/Killer Use Cases from VMware NSX for You!

Whenever I pitch about NSX to customer, I always start with the use cases. On-target questioning and in-depth listening to customer’s pain points are important, so we can collaborate together to solve their issues and going beyond that to enhance their innovations.

For me, it is not relevant right now to describe the byte per-byte features and bit per-bit capabilities for first/second meeting. We can go with those approach “later on” of course if customer would like to know in-depth, or we are in the stage of proofing the technology as long as we already understand their goal and pain points.

But, to understand customer’s expectation and give them “BEYOND” than their expectation is always been our goal when doing a professional consultation with them.

Anyway, these are some common use cases that we can use to do collaborative discussion with customers that we can put a “laser focus” later on. There are around ~16 use cases that VMware NSX (Network Virtualization) can bring new benefits or additional capabilities to customers and make their life simpler.

  1. Security Use Cases
    1. Network Segmentation
    2. Microsegmentation for Securing VDI Infraastructure
    3. Intelligent Grouping for Unsupported Operating System
    4. Automated Security in a Software Defined Data Center
    5. Advanced Security (IDS/IPS) Insertion (ex: Palo Alto Network NGFW)
    6. Collapsed DMZ
    7. Integrate Dev, Test, and Prod environment into single infrastructure
    8. Securing access to and from Jump Box servers
  2. Application Continuity Use Cases
    1. Multisite Networking and Security
    2. Data Center Consolidation/Migration (Merger & Acquisition)
    3. Hybrid/Public Cloud Integration
    4. Disaster Recovery
  3. Automation Use Cases
    1. Self Service IT
    2. Fast Application Deployment of Template
  4. Business Values deriving Use Cases
    1. Island of Unused Compute Capacity by leveraging Stretch and Bridge
    2. Reducing Capital Outlay in expensive Hardware Devices

Those are 16 new use cases or additional use cases that we can discuss with customers if we would like to talk how VMware NSX can make their life easier now. I will leverage on the use cases later on, or you can contact VMware Inc. or their partners to help you solve your issues and put a small and easy step to modernize your data center!

 

Kind Regards,
Doddi Priyambodo

Amazon and the nature of Leadership within this influential organization

14 Leadership Principles from Amazon that they use every day, whether they’re discussing ideas for new projects or deciding on the best approach to solving a problem. It is just one of the things that makes Amazon peculiar.

#1: Customer Obsession – Leaders start with the customer and work backwards. They work vigorously to earn and keep customer trust. Although leaders pay attention to competitors, they obsess over customers.

This comes from the top, so if you are after that job at Amazon and you remember nothing else, remember this first principle. Jeff Bezos, Amazon founder and CEO (pictured left), famously drove the product development of the Kindle to satisfy what he felt was what customers needed and directly against the advice of designers and engineers. Bezos is quoted as saying:

We’re not competitor obsessed, we’re customer obsessed. We start with what the customer needs and we work backwards.

#2: Ownership – Leaders are owners. They think long term and don’t sacrifice long-term value for short-term results. They act on behalf of the entire company, beyond just their own team. They never say, “that’s not my job.”

Sacrificing long-term value for short-term gain is certainly something that Amazon could never be accused of doing. Since it was founded in 1996, under Bezos’s leadership Amazon has never declared a profit, instead ploughing billions back into the business. As the Wall Street Journal explained, for the full financial year in 2014, Amazon recorded a loss of $241 million, with operating expenses rising to $88.8 billion, which was up 20% on the year and effectively wiped out sales of $89 billion. Amazon shareholders have been very patient!

#3: Invent and Simplify – Leaders expect and require innovation and invention from their teams and always find ways to simplify. They are externally aware, look for new ideas from everywhere, and are not limited by “not invented here.” As we do new things, we accept that we may be misunderstood for long periods of time.

This shows itself very clearly in the the make-up of their ‘2-pizza teams’, or 2PTs, as they are called. Bezos believes that many teams are simply too big, which stifles innovation. And so, they need to be the right size to ensure accountability, autonomy, and to deliver innovation, rather than become mired in bureaucracy.  Bezos has said about the ideal team size:

If you can’t feed a team with two pizzas, it’s too large

#4: Are Right, A Lot – Leaders are right a lot. They have strong business judgement and good instincts.

Amazon expects a lot from its leaders. This fourth principle, however, echoes the words of Peter Drucker (pictured right), the legendary management guru and thinker, who, in an often-quoted phrase, said: Management is doing things right; leadership is doing the right things.

Bezos famously and publicly roasted a team leader for lacking what he saw as good business judgement:

This document was clearly written by the B team. Can someone get me the A team document? I don’t want to waste my time with the B team document.

#5: Hire and Develop the Best – Leaders raise the performance bar with every hire and promotion. They recognize exceptional talent, and willingly move them throughout the organization. Leaders develop leaders and take seriously their role in coaching others.

Whilst Amazon has been accused of sucking up all of the available talent in and around Seattle, a recent article in the New Yorker provided some cutting insight into the recruitment policy of Amazon:

The key to understanding Amazon is the hiring process,” one former employee said. “You’re not hired to do a particular job—you’re hired to be an Amazonian. Lots of managers had to take the Myers-Briggs personality tests. Eighty per cent of them came in two or three similar categories, and Bezos is the same: introverted, detail-oriented, engineer-type personality. Not musicians, designers, salesmen. The vast majority fall within the same personality type—people who graduate at the top of their class at M.I.T. and have no idea what to say to a woman in a bar.

#6: Insist on the Highest Standards – Leaders have relentlessly high standards – many people may think these standards are unreasonably high. Leaders are continually raising the bar and driving their teams to deliver high quality products, services and processes. Leaders ensure that defects do not get sent down the line and that problems are fixed so they stay fixed.

In December 2011, Bezos declared his pride that Amazon had managed to get 99.9% of packages to its customers before Christmas. Whilst this was an amazing feat, he also went on to state that this still wasn’t good enough, as he declared that, “We’re not satisfied until it’s 100%.” Thus, the demands on leaders, even for a stand-out performance, are relentless.

#7: Think Big – Thinking small is a self-fulfilling prophecy. Leaders create and communicate a bold direction that inspires results. They think differently and look around corners for ways to serve customers.

Something that has certainly informed the Bezos vision for the company from its earliest days to the current time. Amazon didn’t come to dominate its various markets without the breadth of vision needed to drive that growth.  Bezos was attracted to developing an online store precisely because of the growth potential he saw in the market.  When working for D.E. Shaw & Co, Bezos saw a statistic that suggested that world wide web usage was rising at an astonishing 2.300% per month. He immediately saw the potential for growing and becoming big online and this, it is suggested, was the moment that he saw the potential for building an online business and started him on the path to becoming a successful entrepreneur.

#8: Bias for Action – Speed matters in business. Many decisions and actions are reversible and do not need extensive study. We value calculated risk taking.

When Amazon first announced that they were proposing to start deliveries using drones, many dismissed it as a joke and others saw it as highly impractical, not just from a technical standpoint, but significantly from a regulatory perspective too. But few would now doubt that drone deliveries may be coming to a doorstep near you some time soon.  In a recent interview, Bezos declared that his job was to encourage his teams to make ‘bold bets’ and that a few big successes, such as KIndle and Prime, compensate for the dozens of things that didn’t work. He said:

I’ve made billions of dollars of failures at Amazon.com. Literally billions. … Companies that don’t embrace failure and continue to experiment eventually get in the desperate position where the only thing they can do is make a Hail Mary bet at the end of their corporate existence.

#9: Frugality – We try not to spend money on things that don’t matter to customers. Frugality breeds resourcefulness, self-sufficiency, and invention. There are no extra points for headcount, budget size, or fixed expense.

Frugality goes to the heart of the company culture that Bezos started from his garage back in 1994. Bezos famously made desks from old doors and the door-desk remained a feature of the company even after the business went public. The idea lives on in the regular “Door-Desk Award”, which is given to the employee who comes up with the best idea that creates savings for the company and delivers lower prices to their customers. Bezos has said of frugality:

Frugality drives innovation, just like other constraints do. One of the only ways to get out of a tight box is to invent your way out.

#10: Vocally Self Critical – Leaders do not believe their or their team’s body odor smells of perfume. Leaders come forward with problems or information, even when doing so is awkward or embarrassing. Leaders benchmark themselves and their teams against the best.

A somewhat strangely-worded principle and slightly contradictory when you consider the way in which we are anecdotally led to believe that Bezos has roasted managers who he feels haven’t lived up to expectations. Nevertheless, by his own admission, Bezos is not ashamed to point to the many failures that the company has had, because they are by far outweighed by the outstanding successes that sustain the innovation and development of Amazon. As a general leadership principle this is a solid example of how a good servant-leader should behave and benchmarking against the best also helps to show where the organization can deliver outstanding performance.

#11: Earn Trust of Others – Leaders are sincerely open-minded, genuinely listen, and are willing to examine their strongest convictions with humility.

No leader can expect to provide vision and direction to their team without the all-important ingredient of trust. Bezos believes that business works best when you know that everyone is relying upon you and trust stems from each member of their team knowing their job and trusting them to do what they are good at:

I think one thing I find very motivating — and I think this is probably a very common form of motivation or cause of motivation — is… I love people counting on me, and so, you know, today it’s so easy to be motivated, because we have millions of customers counting on us at Amazon.com. We’ve got thousands of investors counting on us. And we’re a team of thousands of employees all counting on each other. That’s fun.

#12: Dive Deep – Leaders operate at all levels, stay connected to the details, and audit frequently. No task is beneath them.

More influences from the ideas of servant-leadership here in terms of ‘no task is beneath them’, whereas the idea of managing the details is important in terms of really understanding what is going on in the business. This principle brings to mind that famous dictum for the effective management of any business or team: What gets measured gets managed.

#13: Have Backbone; Disagree and Commit – Leaders are obligated to respectfully challenge decisions when they disagree, even when doing so is uncomfortable or exhausting. Leaders have conviction and are tenacious. They do not compromise for the sake of social cohesion. Once a decision is determined, they commit wholly.

While this is an admirable facet of an innovative business, we also have a window on Bezos’s own approach to employees who disagree with him and challenge him on issues that he feels strongly about. It is suggested that Bezos is not above ‘pulling rank’, when the need arises:

Do I need to go down and get the certificate that says I’m CEO of the company to get you to stop challenging me on this?

#14: Deliver Results – Leaders focus on the key inputs for their business and deliver them with the right quality and in a timely fashion. Despite setbacks, they rise to the occasion and never settle.

By principle 14 some of these have got a little repetitive, but the delivery of results very much ties into the idea of the effectiveness of the 2-pizza teams from the third principle and the importance of measurement from the 12th. The Amazon culture is pervaded by innovation and frugality and the effective Amazonian is constantly challenged to see how things can be done better and more cost-effectively in order to deliver better prices to the customer and an improved service.

Article Source: https://www.linkedin.com/pulse/so-you-want-work-amazon-heres-what-need-know-will/

Penjelasan Detail mengenai my INTEL-NUC based VMware Home-Lab untuk ngoprek vSphere 6.5, NSX, VIO, Kubernetes, dan PKS – #IntelNucSkull #i7

This time, saya ingin melanjutkan posting saya sebelumnya yang ada disini mengenai Home Lab. Berikut ini adalah postingan2 saya sebelumnya yang menjelaskan mengenai Home Lab yang saya miliki dan juga beberapa tutorial yg saya coba di Home Lab saya:

Anyway, saya akan menjelaskan beberapa hal mengenai instalasi INTEL-NUC yang saya miliki sebagai Home Lab aktif yang saya gunakan untuk mengoprek VMware products seperti NSX, VIO, VIC, VRNI, dan nantinya PKS.

Saya sangat ingin menggunakan mini server ini sebagai portable mini lab yang bisa dibawa2 untuk memenuhi hobby “ngoprek” saya.

Hobby ini bisa saya salurkan dan dapatkan di INTEL-NUC yang saya pegang saat ini. Beberapa alasan sudah saya jelaskan di postingan saya sebelumnya (baca link diatas, red). Selain instalasi yang telah saya lakukan diatas VMware Workstation on my laptop dan my home PC sebagai nested installation sebelumnya. Berhubung instalasi NSX membutuhkan resource yang cukup besar, jadi I think this would be better to use dedicated hardware untuk melakukan instalasi ini. Inilah salah satu alasan kenapa memilih INTEL-NUC selain melakukan instalasi di laptop saya.

Strategi yang akan kita gunakan adalah membuat INTEL-NUC ini sebagai parent host dari beberapa Nested ESXi yang akan kita gunakan. In summary:

  • Use Intel NUC as Parent Host = 192.168.106.50
  • Create beberapa administrasi VMs, seperti NTP, DNS, AD, PSC, vCenter, dll.
  • Create Nested ESXi sebagai datacenter 1 = 192.168.106.51
  • Create Nested ESXi sebagai datacenter 2 = 192.168.106.52

Berikut ini adalah capture dari Intel NUC yang akan dikonfigurasi untuk VMware SDDC:

Spesifikasi dari Intel NUC ini sudah diupgrade sampai kapasitas maksimum yg bisa dihandle oleh server ini. Berikut ini adalah screenshot DCUI-nya untuk menggambarkan spesifikasi-nya: (in summary, processor: 4 physical CPU cores with multithread capability, memory:32 GB RAM, disk:480 GB SSD).

Berikut ini adalah spesifikasi detail untuk mini server ini:

  • Processor: 6th generation Intel Core i7-6770HQ processor (2.6 to 3.5 GHz turbo, Quad Core, 6 MB Cache, 45W TDP)
  • System Memory: 32GB (Kingston DDR4 2133)
  • Storage: Intel M.2 480GB 540 series (spare M.2 slot for additional capacity)
  • Peripheral Connectivity:
    • Intel Gigabit LAN
    • One Thunderbolt 3 port with USB 3.1
    • Four Super Hi-Speed USB 3.0 ports
    • One HDMI 2.0 port and One Mini DisplayPort

Screen Shot 2017-12-07 at 14.42.26

Sebelumnya, kita perlu melakukan Design dari Data Center yang akan kita bangun. Secara garis besar design-nya akan berbentuk seperti ini:

Dengan detail sebagai berikut:

  • Management Cluster
Type Name Hostname IP Address Username Password Remarks
Host p-esxi50 p-esxi50.
corp.local
192.168.106.50 root VMware1! ESXi
VM dns-ntp dns-ntp.
corp.local
192.168.106.10 root VMware1!
VM vcsa vcsa-106.
corp.local
192.168.106.22 root VMware1! vCenter Server
VM nsxmgr nsxmgr-106.
corp.local
192.168.106.23 root VMware1! NSX Manager
VM psc psc-106.
corp.local
192.168.106.21 root VMware1!

 

  • Compute Cluster
Type Name Hostname IP Address Username Password Remarks
Host n-esxi51 n-esxi51.
corp.local
192.168.106.51 root VMware1! Nested ESXi
Host n-esxi52 n-esxi52.
corp.local
192.168.106.52 root VMware1! Nested ESXi
VM nsx-esg 192.168.106.1,

192.168.106.5

root VMware1!
VMware1!
NSX Edge
VM nsx-dlr root VMware1!
VMware1!
NSX Edge
VM nsx-controller 192.168.106.61 NSX Controller
VM web01 172.16.10.11 root VMware1! 3-Tier App (Web)
VM web02 172.16.10.12 root VMware1! 3-Tier App (Web)
VM app01 172.16.20.11 root VMware1! 3-Tier App (App)
VM db01 172.16.30.11 root VMware1! 3-Tier App (Db)
  • Other additional information (please ignore this, as this is only for my personal note)
    • VIC, VIO, vROps, Log Insight, VRNI

Langkah-langkah instalasi yang perlu dilakukan adalah sebagai berikut:

  1. Lakukan instalasi vSphere ESXi di Intel NUC menggunakan USB Flash Drive
    1. Baca dulu beberapa notes dari sini (http://www.virtuallyghetto.com/2016/05/heads-up-esxi-not-working-on-the-new-intel-nuc-skull-canyon.html), karena ada beberapa parameter yang perlu di-disable di BIOS agar instalasi di Intel NUC dapat berjalan dengan baik.
    2. Lakukan instalasi ESXi di Intel NUC, sebelumnya kita perlu buat bootable USB flash drive for ESXi installation dengan Rufus (silahkan download dari sini: https://rufus.akeo.ie/ – dan ikuti guidance dari sini: http://www.virten.net/2014/12/howto-create-a-bootable-esxi-installer-usb-flash-drive/). Lalu lakukan instalasi vSphere ESXi dengan mengikuti guidance ini: (feature walkthrough)
  1. Lakukan instalasi untuk VMware vSphere (ESXi & vCenter) + NSX (NSX Manager & NSX Controller)

Download component dari sini: https://my.vmware.com/group/vmware/get-download?downloadGroup=VSMDS15

Untuk mempercepat proses instalasi dan konfigurasi, karena ini akan digunakan untuk demo & development purpose maka daripada harus satu persatu melakukan instalasi dengan GUI wizard (seperti yang saya lakukan sebelumnya untuk menyiapkan personal lab saya di laptop, please read ….), kita juga bisa menggunakan automation script yang dibuat oleh rekan saya (Wen Bin Tay, Nick Bradford, William Lam) dari VMware.

Berikut ini adalah Step by Step-nya:

  1. vSphere Installation: https://mobilesddc.wordpress.com/mobile-sddc-guide-part-2-vsphere-deployment/ 
  2. NSX Installation: https://mobilesddc.wordpress.com/mobile-sddc-guide-part-3-nsx-deployment/

Script ini dibuat menggunakan PowerCLI yang merupakan Windows PowerShell interface yang digunakan untuk me-manage VMware vSphere environment (https://blogs.vmware.com/PowerCLI/)

Secara umum, script ini akan men-deploy VMware’s virtualization platform termasuk vCenter Server Appliance (VCSA), Nested ESXi, NSX components dan contoh aplikasiThree-Tier Web Application. Tapi perlu diingat, bahwa instalasi menggunakan automated script Nested ESXi ini hanya direkomendasikan di environment Development saja. Tidak direkomendasikan untuk dipasang di environment production.

  1. Lihat hasilnya:

Virtual Machines yang ada di Parent Host:

All IP Address Overview:

vCenter Overview:

Screen Shot 2017-12-07 at 15.44.02

  1. DONE

 

Best Regards,
Doddi Priyambodo

Troubleshooting slow performance on application di atas VMware virtualization

Setelah kita masuk ke dunia IT operation, akan banyak hal-hal operasional yang membutuhkan troubleshooting. Biasanya disebabkan karena slow performance dari sebuah aplikasi. Jika ini terjadi di virtualization environment, maka kita perlu memastikan bahwa infrastructure yang ditangani mampu memberikan jaminan SLA yang sudah kita sepakati sebelumnya.

Berikut ini adalah beberapa key area yang perlu diperhatikan untuk melakukan troubleshooting sebuah VM, secara high level:
1. Ensure bahwa ini bukan dari sisi aplikasi by working together juga dgn tim apps – logic of apps, memory leak, efficient I/O commands, etc.
2. Coba pastikan di sisi infra dari VM dan infra di belakangnya (compute, storage, network)

Berikut ini adalah hal yang bisa kita lakukan pada saat troubleshooting:

1. Cek kesehatan dari Virtual Machines

Capacity Issues (Example) Non Capacity Issues (Example)
•CPU Demand > 90%

•CPU Run Queue > 3 per vCPU

•CPU Swap Wait high, CPU IO Wait high

•RAM Free < 250 MB

•RAM Committed > 70%

•Page-In Rate is high

•Disk Queue Length > ___

•Disk IOPS or Throughput or OIO is high

•Low disk space

•Network Usage is high

•Wrong driver (storage driver, network driver) or its settings

•Too many snapshots or large snapshots

•Tools not running

•VM vCPU Usage unbalanced

•App configured wrongly, not-indexed

•Memory Leak

•Network Latency is high or TCP retransmit

•VM too big, process ping-pong, high context switch

•NUMA effect

•Guest OS power setting

2. Cek kesehatan dari Infrastructure layer

 Infra is unable to Cope (Example) Other Issues (Example)
•ESXi CPU insufficient: Demand > 90%, VM CPU Co-Stop >1%, CPU Ready >5%, no of cores to small for VM

•ESXi RAM insufficient: VM Balloon active, VM RAM Swap-in is high, NUMA migration

•ESXi Disk IOPS or Throughput is high

•ESXi vmkernel queue or latency is high

•Datastore latency is high

•ESXi vmnic usage is high

•VM was vMotion

•ESXi vmnic dropped packets or generate errors

•ESXi wrong configuration: power management, multi-pathing, driver version, queue depth setting

•Hardware fault: disk soft error, bad sector, RAM error,

Next question adalah how to check those parameters as fast you can, and as easy as you can to do the troubleshooting and solve the issues that you are facing right now. Well, jawaban yang paling cepat adalah dengan merujuk pada alat  bantu yang saya bahas di posting saya sebelumnya, yaitu dengan menggunakan VMware vRealize Operations Manager.

 

Kind Regards,
Doddi Priyambodo

 

Launching of VMware vROps 6.6 dengan enhancement yang significant for troubleshooting and monitoring

FYI, for latest info about VMware, regarding vRealize Operations Manager tool yang baru launch last month version 6.6. Improvement-nya sangat bagus sekali, user interface berubah karena menggunakan framework Clarity HTML5 yang baru (open source by VMware).
 
By default, banyak sekali dashboard yang bisa digunakan untuk monitoring – yang sebelumnya perlu dibuat dengan custom dashboard. Terutama bisa digunakan oleh tim operational untuk performance troubleshooting dan capacity management.
 
Overview bisa dilihat disini: 
vRealize operations 6.6 getting started dashboard vrealize operations 6.6 hardening and compliance
Atau complete video untuk live action bisa dilihat disini: https://www.youtube.com/channel/UCKON30YeSGIeqsueMYgEa9A/videos

 

Beberapa contoh fungsionalitas yg menarik adalah: (saya ambil beberapa saja dari contoh link youtube diatas)
Some screenshots:
Image result for vrops 6.6Image result for vrops 6.6
Saya sangat sarankan untuk dapat melakukan upgrade version tersebut sehingga troubleshooting dan monitoring akan jauh lebih mudah.
 
 
Kind Regards,
Doddi Priyambodo
 

Dokumen Terbaik untuk menjelaskan mengenai VMware NSX Design Guidelines

Berikut ini adalah dua buah dokument resmi dari VMware yang sangat detail, dapat menjelaskan mengenai hal-hal yang perlu diperhatikan untuk men-design solusi NSX:

Dapat di download resmi dari website VMware:

Jika anda ingin do NSX Hands-On, dan secara live ingin mengetahui Step by Step penggunaan-nya, maka bisa dibaca dari sini: http://docs.hol.vmware.com/catalog/  (search for “NSX”)

Hope it is useful.

 

Kind Regards,
Doddi Priyambodo

Best Practice Guide untuk menjalankan JAVA di atas VMware vSphere

vSphere saat ini sudah sangat bisa diandalkan untuk dapat menjalankan berbagai macam Business Critical Applications, dari berbagai macam programming language seperti Java, .NET, dan lain-lain. Database system dengan load yang tinggi seperti Billing, Analytics, dan lain-lain juga dapat didukung dengan sangat baik di vSphere baik menggunakan Oracle Database, SQL Server, dan lain-lain. Selain dapat memberikan performance yang baik, benefits terbesarnya yaitu mekanisme High Availability, dan mekanisme Operational serta Management yang lebih advanced untuk monitor kesehatan dari aplikasi ini. Best practice guide khusus untuk Java ada beberapa hal yang perlu diperhatikan secara umum, diantaranya adalah penggunaan memory pada Java Virtual Machine.

  • Sizing ukuran dari Memory yang ada di Virtual Machine untuk mencukupi konfigurasi dari Java Heap, dan memory yang dibuhkan oleh code dari JVM, serta beberapa memory lain yang sedan diproses oleh Guest Operating System tersebut.
  • Set  ukuran dari Memory Reservation di Virtual Machine tersebut sebesar memory yang dibutuhkan sesuai perhitungan diatas, atau set keseluruhan reservation dari size virtual machine tersebut (selama melebihi dari point diatas tadi). Ini disebabkan jika terjadi memory swapping, maka performance JVM heap akan turun terutama pada proses Garbage Collection.
  • Tentukan jumlah yang optimal dari virtual CPU pada virtual machine tersebut  dengan melakukan pengetesan dengan beberapa konfigurasi vCPU menggunakan load yang sama.
  • Jika menggunakan beberapa threads dalam proses Garbage Collector di JVM, maka pastikan bahwa jumlah thread tersebut adalah sejumlah besaran virtual CPU yang dikonfigurasikan di virtual machine.
  • Untuk mempermudah monitoring dan maintenance, sebaiknya gunakan satu buah JVM process per- virtual machine.
  • Selalu nyalakan Balloon Driver, karena jika terjadi overcommitment maka virtual machine dapat mengatur memory-nya dengan mekanisme ini.

Secara summary, tuntunan best practice guide ini dapat didownload dari link ini:

PS:
– Pada posting saya sebelumnya, saya sempat mengulas mengenai Best Practice untuk menjalankan Oracle Database diatas vSphere. >> http://bicarait.com/?s=oracle+database

Tutorial Instalasi Server DNS, NTP, NFS, iSCSI, VMware vSphere 6.5 (ESXi dan vCenter) di VMware Fusion for Mac atau VMware Workstation for Windows/Linux untuk Virtualization Home Lab.

Melanjutkan posting sebelumnya, kali ini saya akan menulis dalam bahasa Indonesia. Karena saya rasa sudah banyak yang menulis artikel seperti ini dalam bahasa Inggris, tapi jarang dalam bahasa Indonesia. Merayakan launching terbaru dari vSphere 6.5, maka kali ini saya akan melakukan instalasi dan konfigurasi dari komponen tersebut di VMware Fusion MacBook Pro milik saya. Tulisan ini sebenarnya untuk melengkapi tulisan dari posting2 saya sebelumnya mengenai fasilitas Home Lab yang saya miliki untuk bereksplorasi mengenai VMware teknologi yang saya miliki:

Let’s go straight to the point. Berikut ini adalah langkah2nya untuk menyiapkan VMware Home Lab di laptop MacBook Pro menggunakan Nested Virtualization dengan VMware Fusion untuk teknologi virtualisasinya. (bisa juga digunakan untuk melakukan instalasi di VMware Workstation pada Windows OS atau Linux OS, atau bahkan juga kalau mau di-install diatas vSphere ESXi).

  1. Siapkan DNS Server, NTP Server (saya menggunakan CentOS)
  2. Siapkan LDAP Server atau Active Directory (saya menggunakan OpenLDAP) – optional
  3. Siapkan centralized storage server (saya menggunakan NFS dan iSCSI dari OpenFiler)
  4. Instalasi ESXi 6.5 – yuk kita langsung rasakan fitur2 terbarunya!
  5. Install and Configure vCenter 6.5 dengan embedded PSC (saya akan melakukan instalasi di Fusion, bukan di ESXi)
  6. (other post) Instalasi dan Konfigurasi vSphere Integrated Container 1.0 & Harbor – I already did this earlier, please read my previous post in [here]
  7. (other post) Instalasi dan Konfigurasi vRealize Operations 6.4
  8. (other post) Instalasi dan Konfigurasi Log Insight 4.0
  9. (other post) Instalasi dan Konfigurasi vRealize Automation 7.2
  10. (other post) Instalasi dan Konfigurasi NSX and vRealize Network Insight! – currently not supported for vSphere version 6.5
  11. (other post) Install and Configure vCloud Director for SP 8.10 and vSphere Integrated Openstack 3 – currently not supported for vSphere version 6.5

Berikut ini adalah CPU and Memory Dimensioning, IP address & Credentials yang akan digunakan: (mohon diingat bahwa dimensioning ini tanya saya gunakan di home-lab, jika ingin di-deploy di production maka lakukan dimensioning cpu, memory, dan storage dengan lebih proper)

screen-shot-2016-12-31-at-02-28-47

Okay, let’s do this tutorial step by step.

1. Instalasi dan Konfigurasi DNS Server, NTP Server, dan OpenLDAP

Kali ini kita akan melakukan tutorial  langkah demi langkah untuk membuat DNS server menggunakan paket BIND di CentOS 7, lalu dilanjutkan menggunakan NTP Daemon untuk NTP server. CentOS 7 yang saya gunakan adalah versi linux dengan paket yang minimalist, karena hanya digunakan sebagai server pendukung saja yaitu untuk DNS dan NTP. Karena vSphere dan komponen VMware lainnya seperti NSX sangat bergantung pada service DNS dan NTP, serta Active Directory (OpenLDAP) as an optional requirement. Ikuti langkahnya sebagai berikut.

Download dan Deploy latest version of CentOS minimal package (636 MB, CentOS-7-x86_64-Minimal-1503-01.iso)

Install BIND as DNS server

Check the hostname configuration in your DNS machine

# hostnamectl status
# hostnamectl set-hostname domain01.lab.bicarait.com

Update the repository in your linux OS lalu install paket BIND

# yum update -y
# yum install bind

Buka dengan  editor, and change the configuration file

# vim /etc/named.conf
options {
listen-on port 53 { any; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
allow-query { any; };
recursion yes;
dnssec-enable no;
dnssec-validation no;
}

Tambahkan baris ini di file konfigurasi BIND /etc/named.conf tersebut

zone "lab.bicarait.com" IN {
type master;
file "forward.lab.bicarait";
allow-update { none; };
};

zone "159.16.172.in-addr.arpa" IN {
type master;
file "reverse.lab.bicarait";
allow-update { none; };
};
  • Buat file baru untuk file forward dari konfigurasi DNS kita.
# vim /var/named/forward.lab.bicarait.com
$TTL 604800
@   IN  SOA     domain01.lab.bicarait.com. root.lab.bicarait.com. (
2011071001  ; Serial
3600        ; Refresh
1800        ; Retry
604800      ; Expire
86400       ; Minimum TTL
)
@       IN  NS          domain01.lab.bicarait.com.
@       IN  A           172.16.159.2
domain01        IN      A       172.16.159.2
nas01           IN      A       172.16.159.3
ldap01          IN      A       172.16.159.4
esxi01          IN      A       172.16.159.11
esxi02          IN      A       172.16.159.12
esxi03          IN      A       172.16.159.13
vc01            IN      A       172.16.159.21
vrops01         IN      A       172.16.159.31
vrlog01         IN      A       172.16.159.32
  • Buat file baru untuk file reverse dari konfigurasi DNS kita.
# vim /var/named/reverse.lab.bicarait.com
$TTL 86400
@   IN  SOA     domain01.lab.bicarait.com. root.lab.bicarait.com. (
2011071001  ;Serial
3600        ;Refresh
1800        ;Retry
604800      ;Expire
86400       ;Minimum TTL
)
@       IN      NS      domain01.lab.bicarait.com.
@       IN      PTR     lab.bicarait.com.
domain01        IN      A       172.16.159.2
nas01           IN      A       172.16.159.3
esxi01          IN      A       172.16.159.11
esxi02          IN      A       172.16.159.12
esxi03          IN      A       172.16.159.13
vc01            IN      A       172.16.159.21
vrops01         IN      A       172.16.159.31
vrlog01         IN      A       172.16.159.32
vrni01          IN      A       172.16.159.33
2       IN      PTR     domain01.lab.bicarait.com.
3       IN      PTR     nas01.lab.bicarait.com.
11      IN      PTR     esxi01.lab.bicarait.com.
12      IN      PTR     esxi02.lab.bicarait.com.
13      IN      PTR     esxi03.lab.bicarait.com.
21      IN      PTR     vc01.lab.bicarait.com.
31      IN      PTR     vrops01.lab.bicarait.com.
32      IN      PTR     vrlog01.lab.bicarait.com.
33      IN      PTR     vrni01.lab.bicarait.com.
  • Check to verify the configuration
# named-checkconf /etc/named.conf
# named-checkzone /var/named/forward.lab.bicarait.com
# named-checkzone /var/named/reverse.lab.bicarait.com
  •  Nyalakan service dari DNS BIND
# systemctl enable named
# systemctl start named
# systemctl status named
  •  Ijinkan DNS port 53 in the system
# firewall-cmd --permanent --add-service=dns
# firewall-cmd --permanent --add-port=53/tcp
# firewall-cmd --permanent --add-port=53/udp
# firewall-cmd --reload
  •  Lakukan perubahan untuk permission di file
# chgrp named -R /var/named
# chown -v root:named /etc/named.conf
# restorecon -rv /var/named
# restorecon /etc/named.conf
  •  Check file konfigurasi dari client dengan cara rubah dulu file /etc/resolv.conf dan tambahkan parameter nameserver untuk menuju IP DNS yang baru saja kita konfigurasi diatas. Setelah itu lakukan perintah # dig atau # nslookup.
# nslookup domain01.lab.bicarait.com 172.16.159.2

 

2. Instalasi dan Konfigurasi NTPD as NTP server

  • Install paket NTP daemon
# yum install ntp
  •  Rubah file konfigurasi dari NTP
# vim /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict 172.16.159.0 mask 255.255.255.0 nomodify notrap
server 1.id.pool.ntp.org iburst
server 3.asia.pool.ntp.org iburst
server 0.asia.pool.ntp.org iburst
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor
logfile /var/log/ntp.log
  • Jalankan perintah ini untuk setting permission dan automation-nya, serta pengetesan
# firewall-cmd --add-service=ntp --permanent
# firewall-cmd --reload
# systemctl start ntpd
# systemctl enable ntpd
# systemctl status ntpd
# ntpq -p atau # date -R atau # ntpdate namaserver

 

3. Siapkan LDAP Server sebagai Single Sign On database User Directories anda

Lakukan instalasi untuk OpenLDAP, kali ini saya menggunakan TurnKey LDAP. (optional)

  • Download dan Deploy TurnKey LDAP OVA package.
  • Masukkan password untuk root dan openldap user.
  • Masukkan domain dari LDAP = lab.bicarait.com
  • Configure IP address, Gateway, dan DNS

screen-shot-2016-12-29-at-20-23-07

  • Buka https://172.16.159.4/ lalu masukkan user login cn=admin,dc=lab,dc=bicarait,dc=com
  • Tambahkan beberapa user untuk active directory organisasi anda

screen-shot-2016-12-29-at-20-28-09

4. Siapkan NFS Server dan iSCSI Server untuk Shared Storage

Untuk dapat menggunakan features VMware vMotion, DRS, High Availability maka kita perlu memiliki shared storage yang dapat diakses oleh semua ESXi servers. Berikut ini adalah tutorial untuk melakukan instalasi dan konfigurasi NFS dan iSCSI sebagai Shared Storage. Parameter yang saya gunakan disini adalah sesuai dengan environment home lab yang saya miliki.

  • Download dan deploy latest version of Openfiler ke Fusion
  • Setelah selesai, buka https://172.16.159.3:446 login dengan user default yaitu openfiler/password (jika belum diganti)
  • Enable service untuk NFS Server dan iSCSI Target di Openfiler: Menu – Services

screen-shot-2016-12-23-at-16-25-59

  • Ijinkan akses untuk sistem ini dari mana saja: Menu – Systems – Network Access Configuration

screen-shot-2016-12-23-at-16-36-24

  • Tambahkan virtual harddisk di Fusion untuk tempat penyimpanan NFS atau iSCSI.
  • Tambah New Harddisk dari Fusion, tambahkan 1 harddisk untuk NFS dan 1 harddisk untuk iSCSI
  • Di menu Openfiler, masuk ke: Menu – Volumes – Block Devices – click hyperlink dari /dev/sdb dan /dev/sdc

screen-shot-2016-12-23-at-16-58-09

Lanjutkan enable konfigurasi untuk NFS file system:

  • Klik menu volumes-volume group, masukkan nama volume (nfs) lalu centang /dev/sdb1.
    Then klik tombol add volume group.

screen-shot-2016-12-23-at-17-16-39

  • Klik menu add volume, pilih volume nfs. lalu isi deskripsi volume name, size, dan file system.

screen-shot-2016-12-29-at-15-50-39

  • Klik menu shares di atas, lalu klik folder terakhir dan masukkan nama subfolder.

screen-shot-2016-12-29-at-15-51-52

  • Klik folder yang baru dibuat tadi, lalu klik tombol Make Share. Berhubung ini adalah home-lab, kita bisa set public access. Lalu pilih RW untuk host akses buat NFS.

screen-shot-2016-12-29-at-15-56-36

  • Selanjutnya NFS ini dapat diakses dari ESXi. Dengan alamat sebagai berikut:
    IP=172.16.159.3, Folder=/mnt/nfs/vol1/data

Lanjutkan konfigurasi untuk iSCSI file system:

  • Klik menu Volumes-Volume Group. Masukkan nama volume (iscsi) lalu centang /dev/sdc1. Lalu klik tombol add volume group.

screen-shot-2016-12-29-at-16-01-59

  • Pilih menu add volume di menu kanan, lalu pilih combobox iscsi dan klik tombol change. Isi deskripsi volume name, size, dan file system pilih untuk Block version

screen-shot-2016-12-29-at-16-04-59

  • Klik link add iscsi target di menu kanan. hanya ada satu pilihan tersedia, lalu pilih add.

screen-shot-2016-12-29-at-16-06-34

  • Klik menu LUN mapping, lalu klik tombol Map

screen-shot-2016-12-29-at-16-13-53

  • Klik menu Natwork ACL lalu klik tombol Allow untuk mengijinkan akses

screen-shot-2016-12-29-at-16-14-24

  • Selanjutnya konfigurasi iSCSI adapter dari ESXi dari menu Configuration-tab – Storage Adapters – Add. Pilih Target di iSCSI Software Adapter lalu masukkan IP=172.16.159.3 dan default port 3260

 

5. Siapkan vSphere ESXi Server sebagai Nested Virtualization diatas Mac Fusion

  • Cara instalasi ESXi diatas Fusion ini sama persis dengan cara instalasi diatas x86 Servers
  • Siapkan ESXi, saya menggunakan latest version yaitu versi 6.5.
  • Tutorial untuk melakukan instalasi ini ada banyak sekali material yang beredar di internet, silahkan dicari di http://kb.vmware.com
  • Installer-nya silahkan didownload di http://my.vmware.com.

screen-shot-2016-12-29-at-16-52-47

  • Saya akan skip penjelasan untuk tutorial instalasi ini. Langsung akan masuk ke bagian konfigurasi saja dari vCenter. Saya hanya akan masukkan beberapa screenshots saja disini untuk hasil instalasinya.

screen-shot-2016-12-29-at-17-23-06

  • Ada hal baru di versi 6.5 ini, yaitu kita bisa mengakses langsung ESXi tanpa melalui vSphere Client C# desktop supertitles versi sebelumnya. Tapi bisa diakses langsung dari URL web page.

screen-shot-2016-12-31-at-02-43-40

 

6. Siapkan vSphere vCenter Server sebagai Centralized Management 

Kali ini saya akan melakukan instalasi di vCenter di Fusion bukan langsung di ESXi, jika ingin melakukan instalasi di atas ESXi maka lakukan sesuai guidance yang ada di http://kb.vmware.com (silahkan dicari di google, cukup simple kok). Anyway, untuk dapat melakukan instalasi vCenter di Fusion, maka ada beberapa hal yang perlu dilakukan/di tweak secara manual jadi agak sedikit berbeda jika instalasi langsung dilakukan diatas ESXi. Begini step by step-nya:

  • Download dan extract file ISO (VMware-VCSA-all-6.5.0-4602587.iso) dari vCenter 6.5 di MacBook. Silahkan download dari http://my.vmware.com
  • Import file di dalam directory vcsa/ yaitu vmware-vcenter-server-appliance-xxxxx.ova ke Fusion. Tapi jangan klik Finish dulu setelah selesai instalasinya agar Virtual Machine-nya tidak menyala.
  • Rubah file *.vmx di dalam Folder virtual machine hasil deployment tadi. Tambahkan baris ini:
guestinfo.cis.deployment.node.type = "embedded"
guestinfo.cis.vmdir.domain-name = "vsphere.local"
guestinfo.cis.vmdir.site-name = "Default-First-Site"
guestinfo.cis.vmdir.password = "VMware1!"
guestinfo.cis.appliance.net.addr.family = "ipv4"
guestinfo.cis.appliance.net.addr = "172.16.159.21"
guestinfo.cis.appliance.net.pnid = "172.16.159.21"
guestinfo.cis.appliance.net.prefix = "24"
guestinfo.cis.appliance.net.mode = "static"
guestinfo.cis.appliance.net.dns.servers = "172.16.159.2"
guestinfo.cis.appliance.net.gateway = "172.16.159.1"
guestinfo.cis.appliance.root.passwd = "VMware1!"
guestinfo.cis.appliance.ssh.enabled = "true"
hard-disk.hostBuffer = "disabled"
prefvmx.minVmMemPct = 25

Notes: Perhatikan jangan sampai tanda ini ” berubah menjadi ini “ – karena ini akan menyebabkan error “Dictionary Problem” ketika VM akan dinyalakan (saya sempat mengalami ini).

  • Okay, sekarang klik Finish dan VM akan menyala. Anda akan disambut oleh logo Linux Photon sebagai based dari VMware appliance ini. Rubah IP address bisa dilakukan lagi jika diinginkan di bagian Customize System (Klik F2) di menu DCUI.
  • Lanjutkan konfigurasi vCenter dengan membuka halaman https://172.16.159.21:5480

screen-shot-2016-12-29-at-21-46-37

  • Oiya sebelumnya, lakukan pengecekan DNS terlebih dahulu untuk memastikan bahwa record telah tersimpan dan bisa di-resolve oleh vCenter. Masuk via SSH ke vCenter, lakukan nslookup checking ke DNS server.
# ssh-keygen -R 172.16.159.21
# ssh root@172.16.159.21

# nslookup vc01.lab.bicarait.com 172.16.159.2
# nslookup 172.16.159.21 172.16.159.2

Berikut ini adalah beberapa screenshots untuk konfigurasi vCenter:

  • Summary Installation vCenter:

screen-shot-2016-12-29-at-21-49-29

Berikut ini adalah beberapa hasil setelah kita melakukan konfigurasi dari vCenter:

  • Appliance Administration Web Page.

screen-shot-2016-12-31-at-00-46-04

  • vCenter Web Page

screen-shot-2016-12-31-at-00-44-43

Let’s continue postingan ini di lain waktu untuk memasukkan ESXi ke vCenter dan melakukan konfigurasi shared storage yang sudah kita buat tadi di ESXi. Lalu melakukan konfigurasi untuk virtual machines, dan lain-lain. Dan tentunya bagaimana melakukan design yang proper untuk instalasi dan konfigurasi vSphere di production. Karena men-design di Home Lab sangat jauh berbeda dengan cara kita men-design di production environment! (ex: cluster design, HA design, security design, performance design, etc)

 

Kind Regards,
Doddi Priyambodo

Mengenal release terbaru dari VMware vSphere versi 6.5

Pada bulan October 2016 kemarin VMware mengenalkan vSphere seri terbaru yaitu versi 6.5. Pada tanggal 16 November 2016 software tersebut sudah bisa di-download publicly. Well, seperti biasa banyak sekali enhancements yang dilakukan pada software virtualisasi ini pada setiap versi terbarunya yang sangat sulit dikejar oleh competitors. Beberapa diantaranya adalah:

  1. Sangat mudah dan simple untuk digunakan (ex: enhancement dari vCenter)
  2. Fitur security yang “Built-In” langsung dari vSphere (ex: fitur baru VM & vMotion Encryption)
  3. Platform aplikasi yang universal (ex: optimise untuk vSphere Integrated Container)
  4. Operasi yang jauh lebih reliable (ex: enhancement dari HA, DRS, vROPS)

Para posting selanjutnya saya akan drill down lebih mendalam dan screenshots dari tampilan versi terbaru ini langsung dari my personal lab environment.

Kind Regards,
Doddi Priyambodo

Oracle Database Standard Edition 2 Compare to other Editions

If you read this blog, I also have specific part talking about Oracle Database. Several years ago actually I was also an Oracle Database Administrator for Oracle 9i, 10gR2, and 11gR2 doing operational such as architecture design, deployment, performance tuning, backup, replication, clustering, and PL/SQL programming. But, currently I found cloud technology is more interesting than on-premise database technology. So, that’s one of the reason why I move my focus to Cloud Technology (read, VMware). Anyway, now the current version of Oracle Database available is 12.1.0.2 (12cR1).

In this post I would like to elaborate more regarding new licensing scheme from Oracle since 12.1.0.2 version came. The introduction of Oracle Standard Edition 2 version. This is a brief explanation from Oracle’s license document:

Oracle Database Standard Edition 2 may only be licensed on servers that have a maximum capacity of 2 sockets. When used with Oracle Real Application Clusters, Oracle Database Standard Edition 2 may only be licensed on a maximum of 2 one-socket servers. In addition, notwithstanding any provision in Your Oracle license agreement to the contrary, each Oracle Database Standard Edition 2 database may use a maximum of 16 CPU threads at any time. When used with Oracle Real Application Clusters, each Oracle Database Standard Edition 2 database may use a maximum of 8 CPU threads per instance at any time. The minimums when licensing by Named User Plus (NUP) metric are 10 NUP licenses per server.

These are some notes for the customer after reading the statement above, and other notes:

  • Oracle Database Standard Edition 2 (SE2) will replace SE and SE1 from version 12.1.0.2
  • SE2 will have a limitation of maximum 2 socket systems and a total of 16 CPU threads*
    • *note not cores!
    • SE2 is hard coded in Resource Manager to use no more than 16 CPU threads.
  • RAC is till included with SE2 but is restricted to 2 sockets across the cluster. Therefore, each server must be single socket.
  • SE One and SE will no longer be available to purchase from 10th November 2015.
  • If you need to purchase additional DB SE and SE One Licenses you must purchase SE2 instead and install the version of 11g as required from here. Note – you must still comply with the license rules for SE2.
  • Oracle is offering a FREE license migration from SE One* and SE to SE2.
    • *SE One customers will have to pay a 20% increase in support as part of the migration.
    • SE customers face no other cost increases for license or support, subject to Named User minimums being met.
  • Named user minimums for SE2 are now 10 per server
  • 12.1.0.1 was the last SE and SE1 release
  • 12.1.0.1 SE and SE1 customers will have 6 months of patching support once SE2 12.1.0.2 is released with quarterly patches still being available in Oct 2015 and Jan 2016.

Now, compare to other versions. These are the features that is available in SE2 compare to Oracle Database Enterprise Edition:

Continue reading Oracle Database Standard Edition 2 Compare to other Editions