tutorial – Life is not Accumulation, it is about Contribution.

Consideration to Deploy Edge Cluster in vCloud Director. Also discussing about VSAN Architecture.

If we are using vCloud Director, then Edge Cluster can not be combined with the management cluster. It can only be combined with the resource/payload/workload cluster.

If we are using VSAN, there are several consideration too if we want to use it as management cluster.

Please read these references to explain detail of the technical stuffs:

Architecting a VMware vCloud Director Solution | Tomas Fojta | October 2015: http://www.vmware.com/files/pdf/vcloud-air/Architecting-a-VMware-vCloud-Director-Solution.pdf See page 32 6.3.2 NSX Edge Cluster
vCAT-SP: http://www.vmware.com/cloud-computing/cloud-architecture/vcat-sp
Architecting a VMware vSphere Compute Platform | Martin Hosken | February 2016: http://www.vmware.com/files/pdf/vcloud-air/Architecting-a-VMware-vSphere-Compute-Platform.pdf
Expanding on VSAN 2-node, 3-node and 4-node configuration considerations – http://cormachogan.com/2016/04/28/expanding-vsan-2-node-3-node-4-node-configuration-considerations/
Using VSAN in two or three-node clusters? You must read this: http://www.vifx.co.nz/blog/using-vsan-in-two-or-three-node-clusters
Leveraging VMware Virtual SAN for Highly Available Management Clusters | Danilo Feroce | March 2016
http://www.vmware.com/files/pdf/cloud/vmware-leveraging-virtual-san-for-ha-management-clusters.pdf
Architecting a VMware Virtual SAN for VMware vCloud Air Network | Derek Mitchell | February 2016
http://www.vmware.com/files/pdf/cloud/vmw-documentation-vcat-virtual-san.pdf
Architecting a VMware vSphere Compute Platform | Martin Hosken | February 2016
http://www.vmware.com/files/pdf/vcloud-air/Architecting-a-VMware-vSphere-Compute-Platform.pdf

Once again, thanks Bayu for the discussion.

Kind Regards,
Doddi Priyambodo

Bagaimana membuat agile Infrastructure untuk mendukung dunia Aplikasi yang agile

Berikut ini adalah beberapa slide presentasi lama yang saya buat (waktu saya masih kerja di IBM Indonesia), saya simpan di Slideshare (saat ini sudah diakusisisi oleh Linkedin sebesar US$119M!)

Materi dari presentasi ini adalah, untuk kebutuhan Software Development. Saat ini mekanisme untuk pembuatan aplikasi sudah menuju ke tahapan “Dev-Ops”, dimana kecepatan untuk melakukan release ke production dari tahapan development sudah sangat cepat. Sehingga dibutuhkan infrastruktur yang juga agile, tidak hanya metodologi development-nya saja yang agile.

Actually ada beberapa slide yang membutuhkan penjelasan via whiteboarding session, mungkin nanti kalau sempat akan saya jelaskan lebih lanjut di blog ini.

Agile Infrastructure to Support Software Development Life Cycle from Doddi Priyambodo

Selamat menikmati 🙂

High Level Best Practice Configuration yang perlu dicek untuk VMware vSphere Production Environment

Berikut ini ada beberapa konfigurasi best practice yang perlu dicek untuk mengetahui apakah environment VMware yang anda miliki saat ini sudah appropriate atau tidak untuk production level. Ini adalah guidance secara high level saja. Untuk detailnya perlu dijelaskan lebih lanjut, mudah2an dapat saya teruskan untuk beberapa komponen dibawah ini.

Component	Recommended Action Item
Compute	Configure firewall rules and ports according to best practices.
Compute	VMware vSphere ESXi Shell and SSH access should be configured per the customer security and manageability requirements.
Datacenter	Use vCenter Server roles, groups, and permissions to provide appropriate access and authorization to the VMware virtual infrastructure. Avoid using Windows built-in groups (Administrators).
Datacenter	Tasks and Events Retention Policy set in the environment.
Datacenter	Size with HA host failure considerations.
Datacenter	Set up redundancy for the management port (either using a separate vmnic or a separate uplink) and an alternate isolation response gateway address (if appropriate) for more reliability in HA isolation detection.
Datacenter	Maintain compatible and homogeneous (CPU and memory) hosts within a cluster to support the required functionality for vMotion, vSphere DRS, VMware vSphere Distributed Power Management (DPM), VMware vSphere HA, and vSphere FT.
Network	Verify that there is redundancy in networking paths and components to avoid single points of failure. For example, provide at least two paths to each network.
Network	Configure networking consistently across all hosts in a cluster.
Network	If jumbo frames are enabled, verify that jumbo frame support is enabled on all intermediate devices and that there is no MTU mismatch.
Network	Minimize differences in the number of active NICs across hosts within a cluster.
Network	Configure networks so that there is separation of traffic (physical or logical using VLANs).
Network	Use DV Port Groups to apply policies to traffic flow types and to provide Rx bandwidth controls through the use of Traffic Shaping.
Network	Use Load-Based Teaming (LBT) to balance virtual machine network traffic across multiple uplinks.
Network	Use Network I/O Control (NetIOC) to prioritize traffic on 10GbE network uplinks.
Network	Adjust load balancing settings from the default virtual port ID only if necessary.
Storage	Minimize differences in datastores visible across hosts within the same cluster or vMotion scope.
Storage	NFS and iSCSI storage traffic should be separated physically (for performance) and logically (for security).
Virtual Machines	Limit use of snapshots, and when using snapshots limit them to short-term use.
Virtual Machines	Verify that VMware Tools is installed, running, and up to date for running virtual machines.
Virtual Machines	Verify that virtual machines meet the requirements for vSphere vMotion.
Compute	Avoid unnecessary changes to advanced parameter settings.
Datacenter	Enable bidirectional CHAP authentication for iSCSI traffic so that CHAP authentication secrets are unique.
Datacenter	Disconnect vSphere Clients from the vCenter Server when they are no longer needed.
Datacenter	Maintain compatible virtual hardware versions for virtual machines to support vMotion.
Licensing	Verify that adequate licenses are available for vCenter Server instances.
Licensing	Verify that adequate CPU licenses are available for ESXi hosts.
Network	Distribute vmnics for a port group across different PCI buses for greater redundancy.
Network	Change port group security default settings for Forged Transmits, Promiscuous Mode, and MAC Address Changes to Reject unless the application requires the defaults.
Storage	Use shared storage for virtual machines instead of local storage.
Storage	Size datastores appropriately.
Storage	Allocate space on shared datastores for templates and media/ISOs separately from datastores for virtual machines.
Storage	Use Storage I/O Control (SIOC) to prioritize high importance virtual machine traffic.
Virtual Machines	As a security enhancement initiative, disable certain unexposed features.
Virtual Machines	Limit sharing console connections if there are security concerns.
Virtual Machines	Allocate only as much virtual hardware as required for each virtual machine. Disable any unused or unnecessary or unauthorized virtual hardware devices.
Virtual Machines	Consider using the latest virtual hardware version to take advantage of additional capabilities.
Virtual Machines	Use the latest version of VMXNET that is supported by the guest operating system.
Virtual Machines	Use reservations and limits selectively on virtual machines that need it. Don’t set reservations too high or limits too low.
Virtual Machines	Select the correct guest operating system type in the virtual machine configuration to match the guest operating system.

Kind Regards,
Doddi Priyambodo

Troubleshooting – Lokasi Log File dari VMware vRealize Automation 6.x

Berikut ini adalah informasi mengenai lokasi logs dari VMware vRealize Automation 6.x Suite (dahulu namanya adalah VMware vCloud Automation Center).

Troubleshooting dilakukan dengan membaca/menganalisa beberapa log yang terjadi dalam sebuah sistem. Lokasi dari file log ini tersebar di beberapa server berdasarkan keputusan arsitektur dari vRA pada saat instalasi/deployment, apakah menggunakan mekanisme distributed deployment atau simple deployment.

vRealize Automation Virtual Appliance Locations	Description
/var/log/vcac/catalina.out	tc Server Runtime logs, vRealize Automation webapp logs
/var/log/vco/app-server/catalina.out	vRealize Automation’s built-in vRealize Orchectrator logs
/var/log/apache2/access_log	Apache Access logs
/var/log/apache2/error_log	Apache GET/POST Error logs
/var/log/apache2/ssl_request_log	Apache SSL troubleshooting logs
vRealize Automation Infrastructure as a Service Locations	Description
C:Program Files (x86)VMwarevCACAgentsagent_namelogsfile	Plug-in logs example: CPI61, nsx, VC50, VC51Agent, VC51TPM, vc51withTPM, VC55Agent, vc55u, VDIAgent
C:Program Files (x86)VMwarevCACDistributed Execution ManagerDEMORLogsDEMOR_All	Distributed Execution Manager logs
C:Program Files (x86)VMwarevCACDistributed Execution ManagerDEMWRLogsDEMWR_All	Distributed Execution Worker logs
C:Program Files (x86)VMwarevCACServerLogs	Manager Service logs
C:Program Files (x86)VMwarevCACServerConfigToolLogvCACConfiguration-date	Repository Configuration logs
C:Program Files (x86)VMwarevCACServerModel Manager DataLogsnothing_today	IIS Access logs (usually empty, but can be expected)
C:Program Files (x86)VMwarevCACServerModel Manager WebLogsRepository	Repository logs
C:Program Files (x86)VMwarevCACServerWebsiteLogsWeb_Admin_All	Web Admin logs
C:inetpublogs	IIS logs
Identity Virtual Appliance Locations	Description
/var/log/vmware/sso/catalina.out	ID VA tc Server Runtime logs
/var/log/vmware/sso/ssoAdminServer.log	SSO Admin Server logsNote: Not applicable to vRealize Automation.
/var/log/vmware/sso/vmware-identity-sts-perf.log	STS performance logs
/var/log/vmware/sso/vmware-identity-sts.log	STS logs
/var/log/vmware/sso/vmware-sts-idmd-perf.log	Identity service performance logs
/var/log/vmware/sso/vmware-sts-idmd.err	Identity service error logs
/var/log/vmware/sso/vmware-sts-idmd.log	Identity service logs
/var/log/vmware/vmafd/vmafdd.log	Identity VA logs
/var/log/vmware/vmdir/vdcsetupldu.log	Initial setup logs
/var/log/vmware/vmdir/vmafdvmdirclient.log	VMware SSO LDAP initial configuration logs
/var/log/vmware/vmkdc/vmkdcd.log	VMware SSO LDAP initial configuration logs
vRealize Application Services Location	Description
/home/darwin/tcserver/darwin/logs/catalina.out	Application Services tc Server Runtime logs
vMware vRealize Business Standard	Description
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/catalina.out	vRealize Business Advanced and Enterprise tc Server Runtime logs
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/auditFile.log	REST API requests
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/itfm-external-api.log	API logs
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/itfm-reflib-update.log	vRealize Business standard reference library related changes.
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/itfm-vc-dc.log	Data collector logs
/usr/local/tcserver/vfabric-tc-server-standard/tcinstance1/logs/itfm.log	vRealize Business Advanced and Enterprise logs
vCenter Server Appliance (VCSA) 5.5.x Locations	Description
/var/log/vmware/vpx/vpxd.log	vCenter VPXD logs
/var/log/vmware/vpx/vpxd-alert.log	vCenter VPXD alert logs
/var/log/vmware/vpx/vws.log	Management Web Service logs
/var/log/vmware/vpx/vmware-vpxd.log	vCenter VPXD status change logs
/var/log/vmware/vpx/inventoryservice/ds.log	vCenter Inventory Service logs
/var/log/vmware/vsphere-client/logs/vsphere_client_virgo.log	vSphere Client logs
/var/log/vmware/vsphere-client/logs/virgo-server/log.log	vSphere Client logs
/var/log/vmware/vsphere-client/eventlogs/eventlog.log	vSphere Client event logs
vCenter SSO Locations	Description
/var/log/vmware/sso/catalina.out	SSO tc Server Runtime logs
/var/log/vmware/sso/ssoAdminServer.log	SSO Admin Server logs (only in 5.5.x version)
/var/log/vmware/sso/vmware-identity-sts-perf.log	STS performance logs
/var/log/vmware/sso/vmware-identity-sts.log	STS logs
/var/log/vmware/sso/vmware-sts-idmd-perf.log	Identity service performance logs

Kind Regards,

Doddi Priyambodo

S	M	T	W	T	F	S
« Apr
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30