Newsletter: October 5, 2014

Hi all,

I have missed the last couple of these things.  Life interrupted!   I had a nice trip with my wife to Niagara Falls – on the Canadian side.  Very much fun.  But I now have a big collection of things to share so lets get to it.

The last week of this month I will be spending the week in Austin, Texas.  I would love to meet anyone who reads this!

BTW, one of my articles is considered a security issue by Mimecast and is blocked by them.  This is completely bogus but also frustrating.  I have only heard this once but I am investigating.  If this happens to anyone else please let me know.

Michael

Shellshock – what you need to know!
By now you have likely heard a lot about Shellshock.  This article is one of the better ones that explains what and how it works but also where it is being used and is definitely well done.  If you want one that is more for system administrators and helps you test in a smooth and clearly described method check this one out.  To round things out here is another article that is very well done.  In short, it is a bad situation.  If you notice how fast VMware rev’ed a bunch of their products you know it is bad indeed.  I had a number of things to update yesterday as a result of this vulnerability and report on that below.  You do need to update(s) and make sure you are not vulnerable.  Here is a different type of article that talks about changes that are needed and how SELinux might be able to help.

Deep Security: Protecting against Shellshock
I quite like Deep Security and in this article we see how easy it is to use it to protect your environment and virtual machines against Shellshock.  Nice.  This sort of thing means you have time to plan your upgrades or mitigation instead of rushing to do the upgrades like I did.

vSphere 5.5: working with traffic filtering in the vNetwork Distributed Switch
This is a nice into to the subject so if you want to know more about traffic filtering using the dVS this article will help.  I think this is one of the features that is not often used so it is nice to read about it.

Gigabyte BRIX and vSphere 5.5 U2
This is a good article for reminding you how to build a custom ISO that you can add to VUM and use as if it was done by VMware!  Easy and useful.

Primer on Monitoring 2.0 + CPU Ready
This is a short and interesting article about CPU %Ready but it also talks about doing things a little different.  It has a nice breakdown on %Ready.

Updating vSphere Replication for Shellshock
I am not sharing this link because of Shellshock but because it is a good breakdown of the different ways to upgrade vSphere Replication.  I am very found of VUM and have used it a lot of the years and so it was nice to see this article and have VUM used in it for the VR updates.

vCenter Operations Manager – Custom Monitoring portal
This is a nice article that will help you get started with making customer screens in vC Ops.  Unrelated but he has a very cool way to display screenshots.  Click on one of his screenshots and you will see what I mean.

Understanding vC Ops badges
Someone needed a reminder on the vC Ops badges today and I used this.  Nice explanation of the badges by David Davis.

Log Insight alerts: system notifications
Steve does a great job of not only talking about the possible system notifications that LI can do but also gives great examples in logs of what might cause them.  Very useful and quite well done!  Thanks Steve!  I also like this one about alerts and email.

Licensing VDPA for Replication
Jeff has a nice article here that explains when you do, and do not, need a VDPA license.  Pretty good info and well thought out license scheme too.

VDPA and License Issue
I wanted to get VDPA going in my lab and I had an issue where the NFR license we get from VMware as part of the TAP program is too small for my cluster.  I thought I would do only a few VMs that would run only on the licensed hosts.  I was trying to get it all working so I could blog about making it work but the bug means if your cluster is not completely licensed you are considered not licensed. BTW, trying to get more licenses but it its turning out to be hard so you may not see the article.

vCAC 6.0.1 Upgrade to 6.1 – database upgrade script error
This is an interesting problem and solution.  I expect it to impact lots of people.  Good thing someone figured it out and shared the info.

vCAC 6.1 gotcha: IaaS installation fails with password >8 characters
This is pretty surprising.  If your administrator@vsphere.local account has a password that is greater then 8 characters your vCAC 6.1 IaaS install will fail.  I can assure you that in all of my labs everywhere – only 2 now I guess – I have a password on that account that is bigger then 8 characters.  Howe many of you too?

Generating and troubleshoot SSL certificates in View
This is a short blurb from Support Insider about how you can avoid issues when generating SSL certificates for View.  Definitely something to be aware of.

VMware View – top 20 KB articles
This is always something good to check out if you install / configure / mange View.  The first one on the list is trending issues by version which is interesting.  But useful info if you work with View.  Stuff to avoid or help troubleshooting for the most part.

PowerActions – the PowerCLI Plugin for vSphere Web Client with UNMAP
I shared a while back the Lab Fling that would allow you to add PowerCLI commands to the vSphere Web Client, but here is a use of it that is very cool.  Currently using UNMAP is a CLI feature and it can be tiresome doing it manually frequently.  So there is a nice way to do it!  Check it out here.

Deploy 1000 virtual machines using PowerCLI?
This is handy, and I hope to use it one day soon – not for 1000 virtual machines for 100 and with real drives.  Should be fun and it is a nice script!

VM Security Best Practices – list of the settings
If you are following the best practices for VM security you will end up with a lot of settings in the .vmx file.  Sort of a hassle actually but now you can copy them all from here and copy and paste rules.

PernixData FVP 2.0 now GA
This is pretty interesting release.  It really makes me regret not having more time to play in the lab as I think this software is amazing and I would love to play with it!  This new release brings a number of new features but I was very happy to see NFS support, but also the user defined fault domains.  Very handy.  See Frank’s article here and note that it is the start of a series on the new stuff.

Control Windows Defender with PowerShell?
Someone was wondering about this recently and I found this.  It is in fact possible and it seems fairly easy.  I think Microsoft has done quite well on supporting PowerShell.  That is much harder then it seems but I am glad they have.

VMworld 2014: VAIO vSphere API for IO
This is a new API that VMware announced at VMworld and did a little talking about it.  It sounds interesting but I have not heard much about it until I found this.  Sounds like many other things in IT – marvelous opportunity to do great, or do bad.  While working on the newsletter I also found this article that has more great info on this new set of API.

Has VMworld Jumped the Shark?
This is an interesting read and one I quite agree with.  VMworld should not be in San Francisco any longer.  I think back in Vegas would be way nicer for customers and partners.  I know that VMware has a contract to keep in place but not sure how much is left to run.  But as soon as they can it should be moved.

Simplifying VM provisioning with PowerCLI and SQL
The SQL part of the title is what caught my attention first.  It was interesting and of course the article is too.  This is a better way to do things as compared to Custom Specifications in the vSphere client world.  A database of information for doing provisioning is much more powerful and useful too.  See how this is done in this article.  Pretty cool.

Testing your IPS – should you? – and how
The obvious answer is correct – yes, in fact heck yes, you should test your security defenses.  That is critical in fact and I don’t mean just testing it after you install it, but on a regular basis after that too.  Hugo has a great article on how he tests his IPS.

VMware Player 7 Pro and Workstation 11 announced
Important to note that this is an announcement and not GA.  That will happen in December.  But find what details are available here.  I love how Workstation can upload VMs to vCloud Air!  As well, Player has come a long way!

My own Shellshock related upgrades
I upgraded using the .pak both Log Insight (2.0 U1) and vC Ops (5.8.3 2076729) with no issue.  I updated vCSA (vCSA 2170515, vC 2001466) and VIN (2170967) with no issues using the VAMI download.  However, vSphere Replication found nothing to download in the VAMI download so I used attach the VR ISO to it and used the CD method (2170514).  Worked fine.  Probably should have used VUM!  But all ended well.  Wait, not true.  VR is not working.  In fact when accessing the VR icon from the home page it says it is not installed!  I restarted the VR appliance with no change, and it turns out I had to close my browser sessions, and log into vC again to solve the issue.  Odd.  BTW, here is the master article to track for VMware related Shellshock info.  Also has links to patches so that is sort of handy.

Shellshock is bad, unique passwords are good
This is a good reminder about why Shellshock is an issue but also that you really should be using unique passwords everywhere – not hard when you have 1Password to remember things for you.  Plus it reminds 1Password users to check out the Security Audit feature and be surprised!

Building out a new network design for the Lab
This is a very nice read on Chris Wahl redoing his lab network.  Both the article and comments are worth reading.  I think I will need to do the same thing soon!

Info on the Ebola situation
I heard various comments recently about Ebola and they did not quite make sense.  Then I heard yesterday Canada was sending a second mobile lab to Liberia to help out with the situation.  Canada has never sent two mobile labs to the same place.  So that made me realize things must be worse then I realized.  I found this article – which is pretty well done and explains well.  Ignore the ‘Prepper’ part of it, and you can get a really good idea of what is going on.

iOS 8 user guide – just in case
I am a big fan of iOS 8, but here is the user guide if you need it.  Pretty interesting actually.

OS X Mavericks 10.9.5 Upgrade
This upgrade went fine for me with one exception.  It broke Sonos and that is a big problem in my house.  I have three separate areas that no longer had music.  One of them was my office!  This has happened before so I knew what to do.  Or thought I did.  I removed the music source and added it back but it did not work.  I actually had to uninstall Sonos and install it again.  When in Sonos, under the Apple menu there is an uninstall option.  Once it was installed again everything was fine.  I believe that others will see this issue.  Other then this issue the upgrade was with no issues.

iOS 8 Upgrade
I did not have some of the issues – in 8.0 or 8.01 that other people had – like needing X amount of space since I do upgrades using iTunes.  I was on the road so missed the 8.0.1 and went to 8.02 from 8.0 so also missed those issues (lost cell service and Touch ID not working).  All very smooth for me although I did not upgrade the day I wanted too for 8.0 as it took a very long time – maybe 12 hours – to download the bits with iTunes so I think that maybe Apple was busier then normal but I also heard that this time they had their own CDN in place so that might be related.  I am very happy with 8.0 and I look forward to using Apple Pay.  I also like Health – even with nothing connected to it yet, and I really like the Medical ID which is where you can have emergency info like blood type and allergies that can be seen on your lock screen in an emergency.  See this for 9 new things in iOS 8 that are cool, and here for a before and after look.  And yes, I did buy an iPhone 6, and I have had it for a while and I like it a lot.  BTW, here is a little info on the photo migration situation.

Thanks for reading – or skimming this far!

Michael

=== END ===

Tagged with: , , , , , , , , , , , , , ,
Posted in Newsletter

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 1,499 other followers

%d bloggers like this: