Running your Docker in Production Environment using VMware vSphere Integrated Containers – (Part 2)

Following our tutorial, now we will continue to do the installation and configuration for those components.

So, rephrasing previous blog post. By utilising vSphere Integrated Containers, now Developers can use their docker commands to manage the development environments, also functionalities are enriched with specific container management portal (VMware Admiral) and enterprise features container registry (VMware Harbor). System administrator can still use their favourite management tool to manage the infrastructure, such as vCenter and also vRealize Operations plus Log Insight to manage the virtual infrastructure in a whole holistic view. Shown in the diagram below:

A traditional container environment use the host/server to handle several containers. Docker has the ability to import images into the host, but the resource is tied to that host. The challenge is sometime that host has a very limited set of resources. To expand resource on that host, then we need to shutdown the host and then the containers. Then we need to add resource for that physical/virtual machine before more containers can be powered deployed. Another challenge is the container is not portable as it can not be moved to another host since it is very tight to the OS kernel of the container host.

Another concerns other than resources, already explained in my earlier post regarding some enterprise features if we would like to run docker in production environment such as security, manageability, availability, diagnosis and monitoring, high availability, disaster recovery, etc. VIC (vSphere Integrated Containers) can give the solution for all those concerns by using resource pool as the container host and virtual machines as the containers. Plus with new features of vSphere 6 about Instant Clone now VIC can deliver “instant on” container experience alongside the security, portability, and isolation of Virtual Machine. Adding extra hosts in the resource pool to dynamically increase infra resources, initiate live migration/vMotion, auto placement/Distributed Resource Scheduler, dedicated placement/affinity, self healing/High Availability, QoS/weight, quota/limit, guarantee/reservation, etc will add a lot of benefits to the docker environment.

So, these are our steps to prepare the environments for vSphere Integrated Containers (VIC).

  1. Installation and configuration of vSphere Integrated Containers
  2. Installation and configuration of Harbor
  3. Installation and configuration of Admiral

So, let’s start the tutorial now.

Checking the Virtual Infrastructure Environments

  • I am running my virtualisation infrastructure in my Mac laptop using VMware Fusion Professional 8.5.1.
  • Currently I am using vSphere ESXi Enterprise Plus version 6 update 2, and vCenter Standard version 6 update 2.
  • I have NFS storage as my centralised storage, NTP, DNS and DHCP also configured in another VM.

    screen-shot-2016-11-03-at-15-32-42
    screen-shot-2016-11-04-at-15-11-52

Installation of vSphere Integrated Containers (VIC)

There are two approach to install VIC. This is the first one: (I use this to install on my laptop)

  1. Download the installation source from github = https://github.com/vmware/vic
  2. You will download the vic from the pull command using git. First install the git components from here = https://git-scm.com/downloads
  3. Run this command = $ git clone https://github.com/vmware/vicscreen-shot-2016-11-03-at-18-17-01
  4. After downloaded go to the directory = $ cd vic
  5. Now, build the binaries using this command =
    docker run -v $(pwd):/go/src/github.com/vmware/vic -w /go/src/github.com/vmware/vic golang make all
     screen-shot-2016-11-03-at-18-42-34

OR, you can do the second approach: (I use this to install on my VM)

  1. Download binary file from here = https://bintray.com/vmware/vic-repo/build
  2. In this personal lab, I am using this binary = https://bintray.com/vmware/vic-repo/build/6511#files
  3. Download that binary to the Virtual Machine that you will be used for VIC Management Host.
  4. Extract the file using = $ tar -zxvf vic_6511.tar.gz.  NOTE:You will see the latest build as shown here. The build number “6511” will be different as this is an active project and new builds are uploaded constantly.

Okay, you already installed the installer now. In those steps above, there are three primary components generated by a full build, found in the ./bin directory by defaul). The make targets used are the following:

  1. vic-machine – make vic-machine
  2. appliance.iso – make appliance
  3. bootstrap.iso – make bootstrap

Okay, after this we will Deploy our Virtual Container Host in VMware environments (I am using vCenter with ESXi as explained earlier). The installation can run on dedicated ESXi host too (without vCenter) if needed.


Now, continue to create the Virtual Container Host in the vCenter. Since I am using Mac, I will use command prompt for mac.

$ ./vic-machine-darwin create --target 172.16.159.150/dc1.lab.bicarait.com --compute-resource cls01.dc01.lab.bicarait.com --user administrator@vsphere.local --password VMware1! --image-store ds_fusion_01 --no-tlsverify --name virtualcontainerhost01 --bridge-network dvPgContainer01 --force

screen-shot-2016-11-06-at-21-37-13

After that command above, let’s check the condition of our virtual infrastructure from vCenter now. Currently we will see that we have a new resource pool as the virtual container host, and a vm as an endpoint vm as a target of the container host.

screen-shot-2016-11-06-at-21-45-38


Okay, installation is completed. Let’s try to deploy a docker machine into the VIC now.

docker -H 172.16.159.153:2376 --tls info

screen-shot-2016-11-06-at-22-24-09

After that, let’s do the pull and run command for the docker as normal operation same as my previous posts.
$ docker -H 172.16.159.153:2376 --tls \
--tlscert='./docker-appliance-cert.pem' \
--tlskey='./docker-appliance-key.pem' pull vmwarecna/nginx

$ docker -H 172.16.159.153:2376 --tls \
--tlscert='./docker-appliance-cert.pem' \
--tlskey='./docker-appliance-key.pem' run -d -p 80:80 vmwarecna/nginx

Note: for production, we must use the *.pem key to connect to the environment. Since this is my development environment, so I will skip that.

 

Okay, now finally… this is a video to explain the operational of vSphere Integrated Container, VMware Admiral, and VMware Harbor (I already explained about Admiral and Harbor in my previous blog post in here):

 

Kind Regards,
Doddi Priyambodo

 

Running your Docker in Production Environment using VMware vSphere Integrated Containers – (Part 1)

In this tutorial, after explaining about running Docker in my Mac. Now, it’s time to move those dockers on your laptop to production environment. In VMware, we will utilise vSphere ESXi as the production grade virtualisation technology as the foundation of the infrastructure.

In production environment, lot of things need to be considered. From availability, manageability, performance, reliability, scalability, security (AMPRSS). This AMPRSS considerations can be easily achieved by implementing docker container from your development environment (laptop) to the production environment (vSphere ESXi). One of the concern of docker technology is the containers share the same kernel and are therefore less isolated than real VMs. A bug in the kernel affects every container.

vSphere Integrated Containers Engine will allow developers familiar with Docker to develop in containers and deploy them alongside traditional VM-based workloads on vSphere clusters, and allowing for these workloads to be managed through the vSphere UI in a way familiar to existing vSphere admins.

Docker itself is far less capable than actual hypervisor. It doesn’t come with HA, live migration, hardware virtualization security, etc. VIC (VMware Integrated Containers) brings the container paradigm directly to the hypervisor, allowing you to deploy containers as first-class citizens. The net result is that containers inherit all of the benefits of VMs, because they are VMs. The Docker image, once instantiated, becomes a VM inside vSphere. This solves security as well as operational concerns at the same time.

But these are NOT traditional VMs that require for example 2TB and take 2 minutes to boot. These are usually as big as the Docker image itself and take a few seconds to instantiate. They boot from a minimal ISO which contains a stripped-out Linux kernel (based on Photon OS), and the container images and volumes are attached as disks.

The ContainerVMs are provisioned into a “Virtual Container Host” which is just like a Swarm cluster, but implemented as logical distributed capacity in a vSphere Resource Pool. You don’t need to add or remove physical nodes to increase or decrease the VCH capacity, you simply re-configure its resource limits and let vSphere clustering and DRS (Distributed Resource Scheduler) handle the details.

The biggest benefit of VIC is that it helps to draw a clear line between the infrastructure provider (IT admin) and the consumer (developer/ops). The consumer wins because they don’t have deal with managing container hosts, patching, configuring, etc. The provider wins because they can leverage the operational model they are already using today (including NSX and VSAN).

Developers will continue to develop dockers and IT admin will keep managing VMs. The best of both worlds.

It also can be combined with other enterprise tool to manage the Enterprise environment, such as vRealize Operations, vRealize Log Insight, Virtual SAN, VMware NSX, vRealize Automations.

In this post, I will utilise these technologies from VMware:

  • vSphere ESXi 6 U2 as the number one, well-known and stable production grade Virtualisation Technology.
  • vCenter 6 U2 as the Virtualisation central management and operation tool.
  • vSphere Integrated Containers as the Enterprise Production Ready container runtime for vSphere, allowing developers familiar with Docker to develop in containers and deploy them alongside traditional VM-based workloads on vSphere clusters. Download from here: The vSphere Integrated Containers Engine
  • VMware Admiral as the Container Management platform for deploying and managing container based applications. Provides a UI for developers and app teams to provision and manage containers, including retrieving stats and info about container instances. Cloud administrators will be able to manage container hosts and apply governance to its usage, including capacity quotas and approval workflows. Download from here: Harbor
  • VMware Harbor as an enterprise-class registry server that stores and distributes Docker images. Have a UI and functionalities usually required by an enterprise, such as security, identity, replication, and management. Download from here: Admiral

This is the diagram block for those components:

As you can see in the diagram above vSphere Integrated Containers is comprised of three main components, all of which are available as open source on github. With these three capabilities, vSphere Integrated Containers will enable VMware customers to deliver a production-ready container solution to their developers and app teams.

 

*to be continued in part 2.

Kind Regards,
Doddi Priyambodo

Running your First Cloud Native Applications using Docker Container in Mac

As previous post, I will elaborate about Cloud Native Applications. But before that, I will post some basic concepts about Docker as the Container technology for Cloud Native Applications approach.

Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.

If you are still confused about description of Docker, Microservices, Cloud Native Applications technology means. You can read it in here: http://bicarait.com/2016/05/31/microservices-cloud-native-applications/ 

In this post, I will start with the basic on how to run your first application in Docker that will be provisioned in your Mac laptop. Then, I will do that also in vSphere Integrated Container and also VMware Photon Platform.


Let’s Start the first Chapter: INSTALLATION 

  1. Download your Docker Engine from this URL (stable version): Get Docker for Mac (stable)
  2. Actually there are two approach to run docker on your Mac. The 1st one is to utilise Docker for Mac (which we will do this), and the second one is to utilise Docker Toolbox. The difference is in Docker for Mac approach, we will utilise HyperKit as lightweight virtualisation technology to run the container. Docker Toolbox will utilise Virtualbox as the virtualisation technology.
  3. Actually you can run both Docker for Mac and Docker Toolbox approach at the same time in your MacOS, but there are several things that you need to do, such as create different environment (set and unset command). I will not elaborate that in this post.
  4. Assume that your machine is empty for Docker engine.Docker Tutorial
  5. Install and Run Docker. Double click Docker.img that you have downloaded earlier to start the installation.screen-shot-2016-10-31-at-15-29-46
  6. Check Docker version that is now running on your Mac after the installation is completed.screen-shot-2016-10-31-at-15-34-06
  7. Let’s start with your basic application. Let’s do nginx web server using docker.
  8. Check your http://localhost first to check the status.screen-shot-2016-10-31-at-15-54-28
  9. Basically, docker will try to run the source of your application locally. But if docker can not find it, then it will search through the public repository (default configuration is docker hub).screen-shot-2016-10-31-at-15-55-21
  10. Check your http://localhost now to check the status.screen-shot-2016-10-31-at-15-56-03
  11.  Check the status of the docker using  docker ps command. If you want to stop the web server, do docker stop webserver and start the web by docker start webserver
  12. If you want to stop and remove the container, use the command docker rm -f webserver. If you want to delete the local images do the command docker rmi nginx. But before that, you can list the local images using docker images.screen-shot-2016-10-31-at-16-00-14
  13. If you want to use another docker repository other than https://hub.docker.com or do a file sharing from your Mac to your docker engine, you can also configure that in the Docker for Mac menu.screen-shot-2016-10-31-at-16-17-40

Let’s Continue with the second Chapter: BOARDING YOUR APPS 

For this example we will utilise Docker Compose to run WordPress in an isolated environment. Compose is a docker tool for running multi containers environment. We will create a compose file, and then execute the YAML file using docker-compose command.

  1. Create a directory for the project in your Mac.
  2. screen-shot-2016-11-01-at-18-51-10Create a docker compose file. This will include wordpress and mysql to create a simple blog website.screen-shot-2016-11-01-at-18-53-49
  3. Now, build the project using the command $ docker-compose up -d
  4. screen-shot-2016-11-01-at-18-56-35Check whether the images already installed and run. Using docker images and docker ps command.
  5. screen-shot-2016-11-01-at-19-02-49Finally, test to open the wordpress in your browser. Because we put the configuration in port 8000, then we will open http://localhost:8000
  6. Do the installations of wordpress using the UI wizard, then finally open the created site.screen-shot-2016-11-01-at-19-01-32

 

Kind Regards,
Doddi Priyambodo

VMware Photon Platform or vSphere Integrated Container

Cloud Native Applications implementation using container technology is hardly to ignore if you want to keep up with this culture of agile and fast innovations. VMware have two approaches to support for this initiative. Either to use vSphere Integrated Container approach or VMware Photon Platform approach.

So, what are the differences? In Summary:

  • If you want to run both containerized and traditional workloads in production side by side on your existing infrastructure, VIC is the ideal choice. VIC extends all the enterprise capabilities of vSphere without requiring additional investment in retooling or re-architecting your existing infrastructure.
  • If you are looking at building an on-prem, green field infrastructure stack for only running containerized workloads, and also would like a highly available and scalable control plane, an API-driven, automated DevOps environment, plus multi-tenancy for creation and isolation resources, Photon Platform is the way to go.

In this couple of weeks, I will elaborate more about this cloud native applications. Please wait for my next posts.

So, these are the plan:
1. Run Docker Apps in the laptop (for my case, I will use Mac)
We will utilise: Mac OS, Docker, Swarm.
2. Run Docker Apps in vSphere Integrated Container
We will utilise: VMware vSphere, vCenter, Photon OS, Harbor, Admiral.
3. Run Docker Apps in VMware Photon Platform
We will utilise: VMware vSphere, Photon Controller, Photon OS, Kubernetes

 

Kind Regards,
Doddi Priyambodo

Pertanyaan Teknis yang diajukan saat vSphere Design during Requirement Analysis

Saya coba merangkum sekilas saja mengenai beberapa pertanyaan teknis dasar yang biasa diajukan saat kita melakukan Requirement Analysis / Design Workshop engagement dengan customer.

Berikut ini adalah beberapa high level questions yang biasa saya ajukan, dan melakukan penggalian lebih dalam berdasarkan pertanyaan tersebut. (Note: ini adalah pertanyaan2 teknis, jadi bukan diajukan ke business person or C level. So, to find the correct audience is important)

  • Compute: To gather information regarding the planned target Compute infrastructure
  • Storage: To understand the current and expected storage landscape
  • vCenter: To describe the state of vCenter to manage the ESXi environment
  • Network: To gather information around current and target network infrastructure
  • Backup & Patching: To understand the current backup and patching methodology.
  • Monitor: To analyze current and expected the Monitoring processes
  • VM Workloads: To analyzie the details of the current physical workloads to be virtualized and consolidated
  • Security: To understand detail the current security practices.
  • Processes & Operations: To understand the current operation procedures and processes
  • Availlaibility & Disaster Recovery: to gather information on Business Continuity Processes

Breakdown lebih detail dari pertanyaan tersebut diatas, bisa saja dilakukan lebih detail, contohnya sebagai berikut:

  • Compute: tipe hardware, network, disk, merk, redundancy, processor, koneksi storage, booting, automation, scalability, dll
  • Storage: SAN/NAS/iSCSI/NFS/VSAN, IOps, Latency, storage technology, cloning/snapshot, replication, dll
  • vCenter: linked mode, appliance, database decision, disk size, cpu memory size, pre-requirements, dll
  • Network: leaf spine, backbone technology, bandwith, VLAN, VXLAN, teaming, VPC, link aggregation, distributed switch, vendors, dll
  • Backup and Patching: storage backup, 3rd party backup, VDP, VADP, Update Manager, dll
  • Monitor: items to monitor, centralized log server, performance, capacity, usage, tresshold, alert, placement, dll
  • VM Workloads: user growth, IOps, Tier1/Tier2/Tier3, mission critical, OS clustering, Java/Oracle/SQL Server/SAP, dll
  • Security: firewall ports, virus protection, distributed firewall, hardening system, lockdown mode, access, dll
  • Processes and Operations: SLA agreements, private/public/hybrid strategy, budget/scope constraint, unique processes, dll
  • Availability & DR: RPO, RTO, VMware HA, Fault Tolerance, Active-Active DC. Bandwith and Hops, priority protected VMs, dll

Semoga bermanfaat.

Kind Regards,
Doddi Priyambodo

Key Factors to create Perfect Design for VMware vSphere Infrastructure

If you are doing vSphere Design right now. Please remember this AMPRS rule for your design document.

Always think your design decision based on these key factors. Availability, Manageability, Performance, Recoverability, and Security.

Especially if it is for Business Critical Application, then you MUST consider all these factors.

 

Design Quality Description
Availability Indicates the effect of a design choice on the ability of a technology and the related infrastructure to achieve highly available operation.

Key metrics: percent of uptime.

Manageability Indicates the effect of a design choice on the flexibility of an environment and the ease of operations in its management. Sub-qualities might include scalability and flexibility. Higher ratios are considered better indicators.

Key metrics:

·         Servers per administrator.

·         Clients per IT personnel.

·         Time to deploy new technology.

Performance Indicates the effect of a design choice on the performance of the environment. This does not necessarily reflect the impact on other technologies within the infrastructure.

·         Key metrics:

·         Response time.

·         Throughput.

Recoverability Indicates the effect of a design choice on the ability to recover from an unexpected incident which affects the availability of an environment.

Key metrics:

·         RTO – Recovery time objective.

·         RPO – Recovery point objective.

Security Indicates the ability of a design choice to have a positive or negative impact on overall infrastructure security. Can also indicate whether a quality has an impact on the ability of a business to demonstrate or achieve compliance with certain regulatory policies.

Key metrics:

·         Unauthorized access prevention.

·         Data integrity and confidentiality.

·         Forensic capabilities in case of a compromise.

 

Kind Regards,

Doddi Priyambodo

How to Execute External Guest OS Script from VRO and VRA

These two posts explain the mechanism really well to extend VRA (VMware vRealize Automation) with VRO (VMware vRealize Orchestrator) to execute external script that is located in the External Guest Operating System folders (either Windows or Linux).

It is really useful if you want to execute one of these use cases :
– Silent Installation of Database/Apps platform (ex: SQL Server, Oracle DB, MySQL, PostgreSQL  Apache, etc after the VM is deployed)
– Configure parameters in Apps, DB, Middleware, agents (ex: NetBackup agent, Oracle DB, Tomcat, Weblogic, etc) after the VM is deployed)
– Execute other external scripts that is located in Guest OS

Please note that you also can use it with VRO only, if you don’t want to automate the process from VRA.

Can find the posts from these links :

http://www.vmtocloud.com/how-to-extend-vcac-with-vco-part-1-installation/
http://www.vmtocloud.com/how-to-extend-vcac-with-vco-part-2-hello-world-script-in-guest/

 

Kind Regards,
Doddi Priyambodo

 

Koleksi Useful Links / Booklet untuk VMware

 

Berikut ini saya lampirkan koleksi links yang bagus untuk dibaca-baca mengenai VMware.

 

USEFUL URLS :

  •  VMware Products Feature Walkthrough
    http://featurewalkthrough.vmware.com/
  •  VMware Knowledgebase:
    http://kb.vmware.com/selfservice/microsites/microsite.do
  •  VMware Documentation:
    https://www.vmware.com/support/pubs/
  •  Security Hardening Guide:
    https://www.vmware.com/security/hardening-guides
  •  VMware Compatibility Guide:
    http://www.vmware.com/resources/compatibility/search.php
  •  VMware Product Interoperability Matrixes:
    http://www.vmware.com/resources/compatibility/sim/interop_matrix.php
  •  Guest Operating System Installation Guide:
    http://partnerweb.vmware.com/GOSIG/home.html
  •  Technical White Papers:
    http://www.vmware.com/vmtn/resources/
  •  VMware Security Advisories:
    http://www.vmware.com/security/advisories/
  •  VMware Community:
    https://communities.vmware.com/community/vmtn/vmug/forums/asia_pacific
  •  VMware Blog:
    http://blogs.vmware.com/
  •  VMware Education:
    http://mylearn.vmware.com/mgrreg/index.cfm
  •  My Learn Portal for Education and certification
    https://mylearn.vmware.com/
  •  Hands on Lab (HOL)
    http://hol.vmware.com
  •  My VMware Portal
    https://my.vmware.com/web/vmware/login
  •  Technical Publication Glossary
    https://www.vmware.com/pdf/master_glossary.pdf

 

USEFUL TECHNICAL WHITEPAPER

  •  VMware Software-Defined Data Center
    https://www.vmware.com/resources/techresources/10471
  •  What’s New in VMware vSphere 6 – Performance
    https://www.vmware.com/resources/techresources/10485
  •  Performance Best Practices for VMware vSphere 6.0
    https://www.vmware.com/resources/techresources/10480
  •  vSphere Upgrade Center:
    https://www.vmware.com/products/vsphere/upgrade-center/overview
  •  vCenter 6.0 Deployment Guide
    https://www.vmware.com/files/pdf/techpaper/vmware-vcenter-server6-deployment-guide.pdf
  •  vCenter Server 6 Deployment Topologies and High Availability
    http://blogs.vmware.com/vsphere/2015/03/vcenter-server-6-topology-ha.html
  •  vCenter Single Sign-On and Platform Services Controller High Availability Compatibility Matrix (2112736)
    http://kb.vmware.com/kb/2112736
  •  vCenter Platform Controller Service FAQs
    http://kb.vmware.com/kb/2113115
  •  Configuring PSC 6.0 High Availability for vSphere 6.0 using vCenter Server 6.0 Appliance (2113315)
    http://kb.vmware.com/kb/2113315
  •  vCenter Server 6.0 Availability Guide
    http://www.vmware.com/files/pdf/techpaper/VMware-vCenter-Server6-Availability-Guide.pdf
  •  Security of the VMware vSphere Hypervisor
    http://www.vmware.com/files/pdf/techpaper/vmw-wp-secrty-vsphr-hyprvsr-uslet-101.pdf
  •  Microsoft SQL Server and VMware Virtual Infrastructure
    https://www.vmware.com/resources/techresources/10002
  •  Best Practices for Performance Tuning of Telco and NFV Workloads in vSphere
    https://www.vmware.com/resources/techresources/10479
  •  Using “esxtop” to Troubleshoot Performance Problems
    https://www.vmware.com/resources/techresources/436
  •  VMware Horizon View and All Flash Virtual SAN Reference Architecture
    https://www.vmware.com/resources/techresources/10484
  •  Virtualizing Microsoft Applications on VMware Virtual SAN
    https://www.vmware.com/resources/techresources/10478

 

Business Critical Application Virtualization Guides

  •  Microsoft SQL
    https://www.vmware.com/business-critical-apps/sql-virtualization/microsoft-support.html
  •  Microsoft Exchange
    https://www.vmware.com/business-critical-apps/exchange/index.html
  •  Microsoft Sharepoint
    https://www.vmware.com/business-critical-apps/sharepoint-virtualization/index.html
  •  SAP
    https://www.vmware.com/business-critical-apps/sap-virtualization/index.html
  •  Oracle
    https://www.vmware.com/business-critical-apps/oracle-virtualization/resources.html
  •  Java
    https://www.vmware.com/business-critical-apps/enterprise-java-app/resources.html

 

VREALIZE OPERATIONS INSIGHT

  1.  Official enterprise management blogs
    http://blogs.vmware.com/management/
  2.  Official video
    https://www.youtube.com/channel/UCKON30YeSGIeqsueMYgEa9A
  3.  Useful resources
    http://www.vmware.com/products/vrealize-suite/resources.html
  4.  Solution Exchange
    https://solutionexchange.vmware.com/store/category_groups/cloud-management
  5.  Hands-on Lab for Management products
    http://labs.hol.vmware.com/HOL/catalogs/catalog/128
  6.  Technical blogs by VMware or customers
    o http://sflanders.net/ is world #1 blog for Log Insight. Steven is the Product Architect for Log Insight.
    o http://virtual10.com/ by Manny Sidhu, a Virtualization architect working for a global bank.
    o http://vxpresss.blogspot.sg/ by Sunny Dua, VMware PSO Consultant and CTO Ambassador.
    o http://virtual-red-dot.info by Iwan Rahabok, VMware SE and CTO Ambassador.

 

Thanks. Semoga berguna.

 

Kind Regards,

Doddi Priyambodo.

Apa itu / definisi dari Virtualisasi dan Cloud Computing?

Walaupun saat ini sudah tahun 2015, dari pengalaman interaksi saya dengan teman-teman lainnya; ternyata masih ada beberapa IT profesional yang menanyakan apa itu “Virtualisasi” dan ujungnya nanti ke pertanyaan apa itu “Cloud Computing”? Dan pertanyaan yang paling mendasar: “Apa untungnya bagi perusahaan untuk mengimplementasikan dua hal tersebut?

Jika kita tanya ke beberapa orang, browsing ke beberapa site, kemungkinan jawaban akan bermacam-macam dengan beberapa definisi yang masing-masing pasti ada benarnya juga. Tapi prinsip jawabannya kemungkinan adalah sama. Menurut saya, definisi virtualisasi dan cloud computing adalah sebagai berikut :

Saya mendefinisikan Virtualisasi sebagai abstraction/pemecahan dari sebuah computing resource dari computing resource lainnya. Yup, se-simple itu (lihat gambar di samping). Contoh: server virtualization maksudnya kita mengabstraksi/memecah operating system dari sebuah server.

Saat ini dengan adanya teknologi virtualisasi, perusahaan dapat menjalankan beberapa operating system dan beberapa aplikasi diatas hardware milik mereka saat ini, dan kebutuhan pembelian hardware baru hanya benar-benar dilakukan jija kapasitasnya memang membutuhkan untuk itu. Sudah tidak jamannya lagi perusahaan membeli server baru jika ada aplikasi baru yang harus di-deploy.

Dengan melakukan penumpukan workloads bersama-sama menggunakan teknologi virtualisasi, maka perusahaan bisa mendapatkan value yang lebih besar dari investasi hardware yang dilakukan oleh mereka. Selain dapat mengurangi biaya pembelian hardware baru (CAPEX/Capital Expenditure). Perusahaan kini juga dapat mengurangi biaya operasional (OPEX/Operational Expenditure) karena jumlah server dan jumlah hardware lainnya (ex: storage, router, etc) yang berkurang secara drastis di datacenter; dan akhirnya juga berefek ke penggunaan listrik, penggunaan pendingin ruangan, atau besarnya datacenter yang dibutuhkan. Pengurangan operational cost akan sangat signifikan. Cara ini yang biasanya disebut sebagai mekanisme “konsolidasi” resources.

Selain manfaat konsolidasi diatas, jika kita menerapkan teknologi virtualisasi, maka perusahaan juga dapat merasakan kenikmatan meningkatnya kualitas “uptime/high-availability” dari layanan anda, mekanisme disaster-recovery yang jauh lebih terencana, mekanisme monitoring asset anda yang lebih terintegrasi, pembuatan beberapa mekanisme otomasi untuk pembuatan server/layanan lain, dan belum lagi peningkatan security yang jauh lebih meningkat. Ujungnya, virtualisasi akan dapat membuat pondasi untuk mencapai konsep “Cloud Computing“.

Cloud Computing sendiri adalah sebuah konsep yang dibangun diatas filosofi dari akses network yang sangat luas, memiliki konsep resource pooling (pengumpulan resouce), memiliki kemampuan untuk memberikan layanan yang langsung bisa diakses oleh penggunanya (bukan administrator) secara langsung, layanan yang bisa diukur kualitasnya (dan bisa juga dikenai biaya berdasarkan itu), dan layanan yang sangat elastis untuk dapat mengikuti kebutuhan pengguna dengan cepat (menambah atau mengurangi resouce dengan cepat).

Implementasi teknologi virtualisasi adalah pondasi yang akan dapat membentuk konsep operasional model baru tersebut (“cloud computing”) dengan jauh lebih efektif dan efisien.

 

Kind Regards,
Doddi Priyambodo

Review: Puppet vs. Chef vs. Ansible vs. Salt

Once again, I am taking this article from another website (http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308). It is a very good article that I would like to remember. So, that is the reason why I re-post it again in my blog.

Review: Puppet vs. Chef vs. Ansible vs. Salt

The leading configuration management and orchestration tools take different paths to server automation

 

The proliferation of virtualization coupled with the increasing power of industry-standard servers and the availability of cloud computing has led to a significant uptick in the number of servers that need to be managed within and without an organization. Where we once made do with racks of physical servers that we could access in the data center down the hall, we now have to manage many more servers that could be spread all over the globe.

This is where data center orchestration and configuration management tools come into play. In many cases, we’re managing groups of identical servers, running identical applications and services. They’re deployed on virtualization frameworks within the organization, or they’re running as cloud or hosted instances in remote data centers. In some cases, we may be talking about large installations that exist only to support very large applications or large installations that support myriad smaller services. In either case, the ability to wave a wand and cause them all to bend to the will of the admin cannot be discounted. It’s the only way to manage these large and growing infrastructures.

[ Read the individual reviews: Puppet • Chef • Ansible • Salt | Puppet or Chef: The configuration management dilemma | Subscribe to InfoWorld’s Data Center newsletter to stay on top of the latest developments. ]

PuppetChefAnsible, and Salt were all built with that very goal in mind: to make it much easier to configure and maintain dozens, hundreds, or even thousands of servers. That’s not to say that smaller shops won’t benefit from these tools, as automation and orchestration generally make life easier in an infrastructure of any size.

I looked at each of these four tools in depth, explored their design and function, and determined that, while some scored higher than others, there’s a place for each to fit in, depending on the goals of the deployment. Here, I summarize my findings.

Puppet Enterprise
Puppet arguably enjoys the biggest mind share of the four. It’s the most complete in terms of available actions, modules, and user interfaces. Puppet represents the whole picture of data center orchestration, encompassing just about every operating system and offering deep tools for the main OSes. Initial setup is relatively simple, requiring the installation of a master server and client agents on each system that is to be managed.

From there, the CLI (command-line interface) is straightforward, allowing module downloads and installation via the puppet command. Then, changes to the configuration files are required to tailor the module for the required task, and the clients that should receive the instructions will do so when they check in with the master or via a push that will trigger the modifications immediately.

There are also modules that can provision and configure cloud server instances and virtual server instances. All modules and configurations are built with a Puppet-specific language based on Ruby, or Ruby itself, and thus will require programmatic expertise in addition to system administration skills.

 

Test Center Scorecard
20% 20% 20% 20% 10% 10%
AnsibleWorks Ansible 1.3 9 7 8 8 9 9
8.2
VERY GOOD
20% 20% 20% 20% 10% 10%
Enterprise Chef 11.4 9 8 7 9 8 9
8.3
VERY GOOD
20% 20% 20% 20% 10% 10%
Puppet Enterprise 3.0 9 9 9 9 9 9
9.0
EXCELLENT
20% 20% 20% 20% 10% 10%
SaltStack Enterprise 0.17.0 9 8 9 9 9 9
8.8
VERY GOOD

Puppet Enterprise has the most complete Web UI of the bunch, allowing for real-time control of managed nodes using prebuilt modules and cookbooks present on the master servers. The Web UI works well for management, but does not allow for much configuration of modules. The reporting tools are well developed, providing deep details on how agents are behaving and what changes have been made.

Enterprise Chef
Chef is similar to Puppet in terms of overall concept, in that there’s a master server and agents installed on managed nodes, but it differs in actual deployment. In addition to a master server, a Chef installation also requires a workstation to control the master. The agents can be installed from the workstation using the knife tool that uses SSH for deployment, easing the installation burden. Thereafter, managed nodes authenticate with the master through the use of certificates.

Continue reading Review: Puppet vs. Chef vs. Ansible vs. Salt