Newsletter: June 15, 2014

Hello all,

I am a week in at the DG HQ and it has been a lot of fun, but also overwhelming.  Start-up life is hard, and busy.  As a result I did not blog a lot this week – except for yesterday and today that is.  My employer has provided a corporate apartment for me, and is that ever nice.  But it also means I am doing this newsletter and my laundry at the same time!  I have a number of things to share today, but be aware I have also published a report on the Log Insight 2.0 upgrade as well as a writeup on a malware defensive strategy and both are interesting.  I am very impressed with LI 2.0 so be sure to upgrade if you haven’t yet.

Don’t forget we will be at VMworld, and I want to meet as many of you as I can.  Our booth will have demo’s and I look forward to showing off what we have been working on!  For those of you who saw us at PEX, I promise we will not say we cannot tell you as an answer for all of your questions!!

Have a great week!


vCenter 5.5 Update 1b now GA
I first saw this here, but it is good that is out now.  This is the release that fixes the Heartbleed security issue.  It has a number of other security and non security fixes with it – (release notes and bits).  I have not tested this update, but I will as soon as I can.  It is important so you should consider updating soon.

vSphere 5.5 U1 NFS APD issue has a fix
I wrote about this patch here.  I have applied the patch with no issues, and no outage.  I have anecdotal evidence that this patch does in fact solve the issue for which it is intended!

vCenter – Windows or Appliance
Justin talks about the pro’s and con’s for the Windows or appliance version of vCenter.  For a good understanding of the differences Justin explains it well in this.  For what it is worth, in the new lab I am hopeful to build this week – I am definitely looking forward to that – I will be using the vCSA and not the Windows version.

Determine how an ESXi host booted?
This is something that would be nice to have in the UI, but if you want to find out the answer for sure it is an API thing – find out more here.

VSAN Ready node and Quick Reference Guide Update
Wade has an update on the VSAN Ready Node program as well as the QRG.  I do like the flexibility these programs offer.  In my PS days I had customers who were a buy something now that works, and ones who would rather build.  So this is nice.

Why queue depth matters!
Duncan has a nice article here that is good info about queue depth that most of us know at least something about.  Check out the spreadsheet he references and make sure it lists the info for YOUR controllers otherwise get the script and run it.  This is a great way for us to have hard facts about queue depth and that is not just good for VSAN environments.  Thanks for this Duncan!  BTW, here is the link to William’s article on this – great job William.

Want to learn more about snapshots?
You can check out this new site which has a short video on how VMware Snapshots work.  Nicely done.  He has another video here about monster VMs and the impact on vMotion.

vSphere ESXi and remote syslog – make sure to patch / update
Jon has an article that talks about how all flavors of current ESXi (5.0.x, 5.1.x, 5.5.x) have been patched to not have issues with remote syslog, and once you have upgraded to those levels you should use TCP or SSL to talk to your remote syslog so you do not lose any traffic – since if you lose traffic you may not know that you have since UDP doesn’t track packets.  Very good suggestion.

vCenter 5.5 Profile drive storage and Storage Monitoring Service failures
Michael has seen this issue and found a solution.  This was something I have seen before at various times – especially when working with alpha and beta vSphere when I was at VMware.  So it was interesting to see the solution that Michael found!

vCAC 6.0 – Installing the Linux Guest Agent
This is an important topic.  I have had troubles installing the Windows and Linux Guest Agent a number of times.  So I am quite happy to see this article since it will be a good one.  Sid is the guy for this sort of thing.

An Introduction to Zero Trust virtualization – centric Security
This is a very interesting read.  I never met the author while I was at VMware but that is too bad.  I think he would have been fun and interesting to chat with.  He talks about how you can exploit virtualization (and NSX as he is an NSX guy) to provide every virtual and physical machine a port in the firewall.  This is in fact a great idea.  We have been thinking and talking of this at VMware for a long time.  The idea of vCNS before NSX was this very idea, and VMware even bought a company to do this long ago.  Talking of it again with NSX however is a good idea as I think NSX is a better chance of doing this right.  NSX has made me a little reluctant or nervous however, as it was something that was so hidden from us at VMware.  The cost and complexity was high, and customers and partners complained to me that they could not get the cost or bits to play with for a long time.  Plus special sales guys and SE’s didn’t make sense to me and I thought this was all to hide something.  Turns out that is not quite true and more people are playing with NSX nowadays so that is good.  I have shared out lots on the subject – such as this series that Chris Wahl is doing and this great collection.

Want to migrate from Nexus 1000v to NSX? 
This is an interesting article if you are using the Nexus 1000v in vCD and want to move to using NSX.  It explains the concept and provides an overview before it starts with some actual steps.

NSX Support Center
I saw this recently and not sure how many of you are using or looking at NSX but I suspect there is a few.  So this should help.

vCloud Director now GA
This release simply updates the OpenSSL libraries to close some exploits.  So it is recommended to upgrade soonest if you can –  Release notes.

vCloud Director – vCenter SSO Troubleshooting
This is a most excellent collection of things to check when you are having issues with SSO in vCD.  Nicely done.

Stay vHealthy – a card a day can keep occupational hazards away!
Krishna has done a great article about using cards to keep aware of what is going on in your infrastructure and of course the CloudPhysics card system is great for that sort of thing.  I am a big fan and use their software frequently.  His suggestions of what to check are very good indeed.  I am thinking that if you are new to CloudPhysics, than maybe you should get it working using the 30 day eval, and then run through Krishna’s list and check out each of the cards.  You will be quite impressed.  BTW, I have not logged into CloudPhysics in the last week or so as I am consumed with start-up stuff, and so when I looked in it today, I could see they have updated a variety of things again – the benefit of Software as a Service thing they have going.  I do like the updates and am once again impressed!

30 days hands-on with VMTurbo OpsMan
A nice review of something I have not played with or seen much of, but lately, maybe in the last year, they have started to show up in a few places – supporting blogger web sites for example.  But this review sounds pretty interesting – check it out here.

Do you believe in the myths of virtualization?
Obviously you don’t since you are reading my blog!  But if you have someone who is new to virtualization and might believe some of the myths this might be useful.

The four step method of migrating from a Standard vSwitch to a Distributed vSwitch with LACP
This is pretty interesting.  Someone needed to move from a vSS to a vDS with little or no outage.  Chris Wahl figured out how to do it with the smallest outage.  Handy to know!

Don’t track my MAC!
This is an interesting read on a common practice today, that is becoming more common too, but for Apple changing behavior in iOS 8 will thwart it.  The author of this article is quite good, and I agree that this is something that opt-in is the right way to do it, and not the current method of tracking everyone all of the time without us knowing.

Converting sub-net mask to binary and back
This is not something I do – at all in fact, but it did remind me of things at school.  And the author of the blog did a real good job of explaining.  So if you want to be reminded of something you learned long ago, or if you are working on Cisco exams, check this out.

A practical introduction to Docker containers
You have likely seen a lot of tweets, and even some humans talking in actual auditory type speech about Docker and containers.  So thanks to Scott Lowe I found this.

No, you don’t need to change your passwords in response to the latest OpenSSL CCS bugs
This is an interesting, and deep technical explanation about why you do not need to change your passwords for these latest OpenSSL issues.  There is more information in this article around this area and it is very good info.  I do like the AgileBits guys a lot and do recommend their 1Password product as what I think is the best password management tool.

Thanks for reading or skimming this far!


=== END ===

Leave a Reply