Consideration to Deploy Edge Cluster in vCloud Director. Also discussing about VSAN Architecture.

If we are using vCloud Director, then Edge Cluster can not be combined with the management cluster. It can only be combined with the resource/payload/workload cluster.

If we are using VSAN, there are several consideration too if we want to use it as management cluster.

Please read these references to explain detail of the technical stuffs:

Once again, thanks Bayu for the discussion.

 

Kind Regards,
Doddi Priyambodo

VMware NSX Use Cases in Real World IT Production

NSX Overview

 


NSX Overview 3


These are some use cases for VMware NSX, detail of each use cases will be explained in another post thread.

Use Case 1 : Network Segmentation
Use Case 2 : Microsegmentation for Securing VDI Infrastructure
Use Case 3 : Intelligent Grouping for Unsupported Operating Systems
Use Case 4 : Automated Security in a Software Defined Data Center (ex: Quarantine zone)
Use Case 5 : Advanced Security (IDS/IPS) Insertion – Example: Palo Alto Networks NGFW
Use Case 6 : ‘Collapsed’ DMZ
Use Case 7 : Integrate Dev, Test and Prod environment into single infrastructure
Use Case 8 : Securing access to and from Jump Box servers
Use Case 9 : Multisite Networking and Security (Cross vCenter)
Use Case 10 : DC Consolidation/Migration – Mergers & Acquisitions
Use Case 11 : Hybrid/Public Clouds Integration
Use Case 12 : Disaster Recovery
Use Case 13 : Self Service IT
Use Case 14 : Fast Application Deployment of template
Use Case 15 : Islands of Unused Compute Capacity
Use Case 16 : Compute Asset Consolidation
Use Case 17 : Reducing capital outlay in expensive HW devices by NSX Edge Services

 

Kind Regards,
Doddi Priyambodo

VMware vRealize Operations Manager Dashboard Repository

This link is a post from my colleague at VMware (Sunny Dua).
This is a very good Custom Dashboard for VROps (vRealize Operation), can create your war room with this thing!
Also a very good video webinar about VROps.

http://vxpresss.blogspot.co.id/2015/11/vcenter-vrealize-operations-manager.html
http://vxpresss.blogspot.co.id/search/label/vROps%20Webinar%20Series%202016

Kind Regards,
Doddi Priyambodo

Berapa Lama untuk melakukan migrasi dari server Physical to Virtual (P2V)?

Pada saat kita memutuskan untuk melakukan konversi ke vSphere Virtual Machine, akan ada proses untuk melakukan konversi dari physical machine atau virtual machine yang sebelumnya.
Kita biasa sebut sebagai Pyhysical to Virtual (P2V) atau Virtual to Virtual (V2V).

Ketika kita ingin menggunakan P2V/V2V, maka metode konversi ini akan melalui jaringan data. Biasanya paling rendah antara source dan destination menggunakan 1Gbps koneksi.
Tetapi jika environment network ini di-share dan tidak dedicated, kemungkinan throughput yaitu antara 20GB s/d 50GB data yang bisa ditransfer dalam 1 jam (perlu dianalisa langsung pada environment customer).
Proses konversi hanya akan mengirim data yang ter-utilisasi saja, misal jika disk besarnya adalah 300 GB tetapi hanya terisi 100 GB, maka data yang dikirim hanya 100 GB saja.

Berikut ini adalah rumus transfer:
Jumlah Data yang ditransfer = Jumlah VM atau Server x Jumlah Besar Disk x Utilisasi Disk

Waktu yang dibutuhkan = Jumlah Data yang ditransfer / Estimasi Throughput

Contoh:
Jika data yang ditransfer besarnya adalah 10 TB, dan throughput adalah 50 GB/hour. Maka waktu yang dibutuhkan adalah 200 jam (8 jam). Dengan asumsi kecepatan pengiriman data stabil.

 

Kind Regards,
Doddi Priyambodo

vRealize Automation 7.0 List of Improvements and it is GA now!

I am really excited about this news, because I implemented Distributed VRA 6.1 one year ago in one of my customer. And it was really complex installation experience. One of the improvement here is the installation mechanism, that will simplify the installations! A lot of new cool features now and integration too. Really Cool!

Following is an incomplete highlight of new features:

Streamlined and Automated Wizard-based Installation

  • Introduces management agent to automate the installation of Windows components and to collect logs
  • Automates the deployment of all vRealize Automation components
  • Installation wizards based on deployment needs: Minimal (Express) and Enterprise (Distributed) Installations

Simplified Deployment Architecture and High Availability Configuration

  • Embedded authentication service by using VMware Identity Manager
  • Converged Application Services in vRealize Automation Appliance
  • Reduced minimal number of appliances for HA configuration
  • Automated embedded PostgreSQL clustering with manual failover
  • Automated embedded vRealize Orchestrator clustering

Enhanced Authentication Service

  • Integrated user interface providing a common look and feel
  • Enabled multiple features by new authentication service

Simplified Blueprint Authoring for Infrastructure and Applications

  • Single unified model for both machine and application blueprints and unified graphical canvas for designing machine and application blueprint with dependencies and network topology
  • Software component (formerly software service in Application Services) authoring on vSphere, vCloud Air, vCloud Director, and AWS endpoints)
  • Extend or define external integrations in the canvas by using XaaS (formerly Advanced Service Design)
  • Enable team collaboration and role segregation by enhancing and introducing fine-grain roles
  • Blueprint as code and human-readable which can be created in editor of choice and stored in source control or import and export in the same or multiple vRealize Automation 7.0 instances
  • Customer-requested machine and application blueprints provided
  • Additional blueprints available on the VMware Solutions Exchange

Simplified and Enhanced NSX Support for Blueprint Authoring and Deployment

  • Dynamically configure NSX Network and micro-segmentation unique for each application
  • Automated connectivity to existing or on-demand networks
  • Micro-segmentation for application stack isolation
  • Automated security policy enforcement by using NSX security policies, groups, and tags
  • On-demand dedicated NSX load balancer

Simplified vRealize Automation REST API

  • Simplified schema for API requests by switching to normal JSON model
  • Follow-on request URIs and templates exposed as links in response bodies (HATEOAS)
  • New APIs to support business group and reservation management
  • Improved documentation and samples

Enhanced Cloud Support for vCloud Air and AWS

  • Software component authoring for vCloud Air, vCloud Director, and Amazon AWS
  • Simplified blueprint authoring for vCloud Air and vCloud Director
  • Improved vCloud Air endpoint configuration
  • Optional proxy configuration

Event-Based Extensibility Provided by Event Broker

  • Use vRealize Orchestrator workflows to subscribe any events triggered by most events happen in the system or custom events
  • Support blocking and non-blocking subscriptions
  • Provide administrative user interface for extensibility configurations

Enhanced Integration with vRealize Business

  • Unified location in vRealize Business to define flexible pricing policies for infrastructure resource, machine and application blueprints, and all type of endpoints in vRealize Automation
  • Support operational cost, one time cost and cost on custom properties
  • Role-based showback reports and fully leverage new features in vRealize Business 7.0

CloudClient Update

  • Content management (import and export blueprints between instances or tenants in vRealize Automation 7.0)
  • Existing functionality updated for vRealize Automation 7.0 APIs

vRealize Orchestrator 7 New Features

  • Introduce vRealize Orchestrator Control Center for easy monitoring and troubleshooting
  • Significant Smart Client improvements including Workflow tagging UI, Client reconnect options and enhanced search capabilities
  • vSphere 6.X  vAPI endpoint support

Other Improvements

  • Enhanced management of tenant, business group, approval, and entitlements
  • Customizable columns in the table for a given type of custom resource defined in XaaS
  • Accept a mix of license input, including vRealize Suite, vCloud Suite, and vRealize Automation Standalone
  • Improved stability, quality, and performance

 

The complete detail of the improvements can be read in here: http://pubs.vmware.com/Release_Notes/en/vra/vrealize-automation-70-release-notes.html

KUDOS! Great enhancement and innovations for VMware R&D Team!

 

Kind Regards,
Doddi Priyambodo

 

Pertanyaan Teknis yang diajukan saat vSphere Design during Requirement Analysis

Saya coba merangkum sekilas saja mengenai beberapa pertanyaan teknis dasar yang biasa diajukan saat kita melakukan Requirement Analysis / Design Workshop engagement dengan customer.

Berikut ini adalah beberapa high level questions yang biasa saya ajukan, dan melakukan penggalian lebih dalam berdasarkan pertanyaan tersebut. (Note: ini adalah pertanyaan2 teknis, jadi bukan diajukan ke business person or C level. So, to find the correct audience is important)

  • Compute: To gather information regarding the planned target Compute infrastructure
  • Storage: To understand the current and expected storage landscape
  • vCenter: To describe the state of vCenter to manage the ESXi environment
  • Network: To gather information around current and target network infrastructure
  • Backup & Patching: To understand the current backup and patching methodology.
  • Monitor: To analyze current and expected the Monitoring processes
  • VM Workloads: To analyzie the details of the current physical workloads to be virtualized and consolidated
  • Security: To understand detail the current security practices.
  • Processes & Operations: To understand the current operation procedures and processes
  • Availlaibility & Disaster Recovery: to gather information on Business Continuity Processes

Breakdown lebih detail dari pertanyaan tersebut diatas, bisa saja dilakukan lebih detail, contohnya sebagai berikut:

  • Compute: tipe hardware, network, disk, merk, redundancy, processor, koneksi storage, booting, automation, scalability, dll
  • Storage: SAN/NAS/iSCSI/NFS/VSAN, IOps, Latency, storage technology, cloning/snapshot, replication, dll
  • vCenter: linked mode, appliance, database decision, disk size, cpu memory size, pre-requirements, dll
  • Network: leaf spine, backbone technology, bandwith, VLAN, VXLAN, teaming, VPC, link aggregation, distributed switch, vendors, dll
  • Backup and Patching: storage backup, 3rd party backup, VDP, VADP, Update Manager, dll
  • Monitor: items to monitor, centralized log server, performance, capacity, usage, tresshold, alert, placement, dll
  • VM Workloads: user growth, IOps, Tier1/Tier2/Tier3, mission critical, OS clustering, Java/Oracle/SQL Server/SAP, dll
  • Security: firewall ports, virus protection, distributed firewall, hardening system, lockdown mode, access, dll
  • Processes and Operations: SLA agreements, private/public/hybrid strategy, budget/scope constraint, unique processes, dll
  • Availability & DR: RPO, RTO, VMware HA, Fault Tolerance, Active-Active DC. Bandwith and Hops, priority protected VMs, dll

Semoga bermanfaat.

Kind Regards,
Doddi Priyambodo

Urutan dalam melakukan Backup untuk VMware vRealize Suite

Untuk sistem skala Enterprise, urutan backup adalah sesuatu yang penting untuk menjaga data consistency. Kita perlu menjamin bahwa dependency antara VM satu dengan yang lain selalu terjaga, sehingga pada saat recovery tidak ada data yang missing.

Jika anda mengimplementasikan backup secara otomatis, maka urutan backup ini dapat diatur di backup tools yang anda gunakan (ex: Symantec NetBackup)

Berikut ini adalah urutan backup yang direkomendasikan untuk dijalankan satu persatu pada saat  backup berlangsung:

  1. 1). vRealize Business
  2. 2). vRealize Log Insight
  3. 3). vRealize Operations Manager
  4. 4). vRealize Orchestrator
  5. 5). vRealize Automation (jika VRA arsitekturnya distributed, backup juga perlu berurutan)
    1. a). Proxy Agents
    2. b). DEM Workers
    3. c). DEM Orchestrator
    4. d). Manager Services (backup yang passive dulu, baru aktif)
    5. e). Websites (backup node1, node2, dst)
    6. f). vRealize Automation Appliance (backup secondary node, baru primary)
    7. g). SSO (Identity Appliance)
    8. h). PostgreSQL
    9. i). MS SQL
    10. j). Backup Load Balancers

Bagaimana? Cukup rumit bukan? Enggak ah, simple enough kok 🙂

Sekarang, setelah dibackup. Pasti akan direstore dan Power On the VM. Urutannya tinggal dibalik saja dari urutan backup keatas. Jadi tinggal dibaca dari bawah ke atas.

 

Kind Regards,
Doddi Priyambodo

Oracle Real Application Cluster Pros-Cons Analysis on vSphere

There are several considerations, whether we want  to implement Oracle Real Application Cluster or not in vSphere environment. These are some simple writings of the Pros and Cons analysis.

 

Pros Analysis – Oracle RAC on vSphere Cons Analysis – Oracle RAC on vSphere
Availability perspective: It will create zero downtime of availability (but VMware already has VMware HA features) if customer thinks that the VMware HA feature is good enough (approximately 5 minutes RTO) then no need to consider RAC for availability option. Cost perspective: customer need to purchase additional licenses for Oracle RAC capabilities for each cores of the servers in the database cluster.
Performance perspective: it “might” help the database performance if needed. But, some DBs can have better performance with RAC, some don’t (ex: batch processing intensive application). It depends on the architecture of the application itself (need to be tested). Manageability perspective: It will create additional complex things to manage (such as oracle clusterware, ASM disks, and additional RAC processes).
Recoverability perspective: it will create zero downtime experience, if the failure is happening on the host. But, if the failure is happening on the shared storage connection then recovery process need to be conducted from backup or disaster recovery mechanism. Resource perspective: customer will need to create min 2 VMs for each DB in different ESXi hosts for full capability of RAC, anti-affinity should be configured so the VMs won’t start in the same host.

So, basically the decision will be on your hand. Whether you are willing to “pay the price” for the features that you “need”. Ask the question again: do you really need the features?

 

Kind Regards,
Doddi Priyambodo

Key Factors to create Perfect Design for VMware vSphere Infrastructure

If you are doing vSphere Design right now. Please remember this AMPRS rule for your design document.

Always think your design decision based on these key factors. Availability, Manageability, Performance, Recoverability, and Security.

Especially if it is for Business Critical Application, then you MUST consider all these factors.

 

Design Quality Description
Availability Indicates the effect of a design choice on the ability of a technology and the related infrastructure to achieve highly available operation.

Key metrics: percent of uptime.

Manageability Indicates the effect of a design choice on the flexibility of an environment and the ease of operations in its management. Sub-qualities might include scalability and flexibility. Higher ratios are considered better indicators.

Key metrics:

·         Servers per administrator.

·         Clients per IT personnel.

·         Time to deploy new technology.

Performance Indicates the effect of a design choice on the performance of the environment. This does not necessarily reflect the impact on other technologies within the infrastructure.

·         Key metrics:

·         Response time.

·         Throughput.

Recoverability Indicates the effect of a design choice on the ability to recover from an unexpected incident which affects the availability of an environment.

Key metrics:

·         RTO – Recovery time objective.

·         RPO – Recovery point objective.

Security Indicates the ability of a design choice to have a positive or negative impact on overall infrastructure security. Can also indicate whether a quality has an impact on the ability of a business to demonstrate or achieve compliance with certain regulatory policies.

Key metrics:

·         Unauthorized access prevention.

·         Data integrity and confidentiality.

·         Forensic capabilities in case of a compromise.

 

Kind Regards,

Doddi Priyambodo

How to Execute External Guest OS Script from VRO and VRA

These two posts explain the mechanism really well to extend VRA (VMware vRealize Automation) with VRO (VMware vRealize Orchestrator) to execute external script that is located in the External Guest Operating System folders (either Windows or Linux).

It is really useful if you want to execute one of these use cases :
– Silent Installation of Database/Apps platform (ex: SQL Server, Oracle DB, MySQL, PostgreSQL  Apache, etc after the VM is deployed)
– Configure parameters in Apps, DB, Middleware, agents (ex: NetBackup agent, Oracle DB, Tomcat, Weblogic, etc) after the VM is deployed)
– Execute other external scripts that is located in Guest OS

Please note that you also can use it with VRO only, if you don’t want to automate the process from VRA.

Can find the posts from these links :

http://www.vmtocloud.com/how-to-extend-vcac-with-vco-part-1-installation/
http://www.vmtocloud.com/how-to-extend-vcac-with-vco-part-2-hello-world-script-in-guest/

 

Kind Regards,
Doddi Priyambodo