Hi all,
Another week at home. Nice! My lab is still getting fixed up after the adventures - but now my Cisco firewall died. So had to bring up rather suddenly a new one - UniFi Security Gateway, and it was a little different that my previous firewall experience. It is not like other firewalls I am familiar with, but fortunately David Stamen in the Slack vExpert community was able to help. I did not buy it because it was a great firewall, but because it was good enough and it fit into the UniFi management framework that I quite like. It certain provides more information than my past firewall for certain!
BTW, one of my two storage arrays died as part of the water adventures. But my second has continued to work great through it all - and it even has a bad boot disk. So I am very impressed - and it is Nexenta. Rock solid stuff, and a great UI. I have had a wide range of storage in my home lab or work labs over the years. I think Nexenta is one of the best. I recommend it strongly.
One of my co-workers asked me to check out Veeam PN, and I was able to do that this week so produced this article on it. Very cool stuff. A very nice way to have your iPad or Mac (or Windows too for that matter) connect back to your lab securely and easily.
I used the vDocumentation PowerCLI code recently after I updated to PowerCLI 10.1 and it all worked fine. I also updated my article to reflect that and fixed some spelling and grammar issues too.
Anton in his last weekend’s newsletter mentioned an issue in vSphere that was fixed with VMware Tools of a specific version (10.2.5). Upgrades would not re-enable the settings that were disabled in the past by VMware. New installs of VMware Tools would in fact have the settings enabled. This is important as the setting (RSS) is what allows multiple processors to help with network traffic. So very nice to be enabled on busy servers like backup servers. There is NO UI with VMware Tools any longer, so you need to use PowerShell to enable but I have not figured that out yet. But you can also use netsh int tcp show global (at the CLI level) and look at Receive-Side Scaling State and make sure it is enabled. If it is disabled, it can have a serious performance penalty if the server is network busy. If I figure out a script, or find one, I will be sure to share it out. I have checked all my network busy servers and this feature is enabled so I am good.
But some interesting stuff to share, so lets get started.
Michael
vSphere 6.5 Update 2 now available
You can see the release notes, and an article about it. Important note is that you cannot upgrade - at this time - from vSphere 6.5 Update 2 to vSphere 6.7. That will be possible at some point in the future. This is not really a surprise but I can image more than a few people will miss it - thus why I mention it. It looks like some vSphere 6.7 stuff is being backported - like enhanced link mode - to 6.5. Very nice to see. I see how vMotion and cold migration across vCenter versions includes VMware Cloud on AWS which is nice. I am hopeful that View and Veeam will have release’s soon that I can upgrade to and let me upgrade to 6.7 so I will not be doing Update 2 at this time.
vCenter performance improvements from vSphere 6.5 to 6.7: What does 2x mean?
You have heard that vSphere 6.7 is faster than 6.5 but what does that means specifically? Find out in this article - lots of details! This article should definitely incite some of you to upgrade!
vSphere 6.7 - Virtual Trusted Platform Modules
Mike has another article on vSphere 6.7 - this one on virtual TPM and again quite interesting.
vSphere 6.7 - Security FAQ’s now available
Mike has an article that talks about three new security related FAQ’s - which are in fact quite interesting and useful. There is a lot of new security stuff in 6.7 and these FAQ can help you learn more. I also expect those FAQ’s to grow too. Nice job Mike!
Introducing support for Virtualization based security and Credential guard in vSphere 6.7
Mike has an interesting article about VBS that is available in vSphere 6.7. Interesting stuff.
vSphere 6.7 - ESXi and TPM 2.0
Another very good security article on TPM 20 and vSphere 6.7 . I so wish my servers had TPM, I would love to work with this.
vSphere 6.7 Security - media resources
You can find in this article all of the inks to video, or articles, or whatever that Mike has done on vSphere 6.7. Great collection of things. If you learn better via video, or whiteboards Mike has you covered.
vCenter Service Appliance 6.7 Tips and Tricks
A nice list of things to know about the VCSA and that can help you out. I particularly like the one that helps you avoid the extra clicks when accessing the VCSA.
Instant Clone in vSphere 6.7 rocks!
Duncan has a nice article on Instant Clone in vSphere 6.7. Very cool functionality. BTW, William has an article that goes into deep technical details on this subject.
Odd Content Library Issues I suffered through
So I wanted to get vSphere 6.7 working in my lab as nested so I could play with it. The easy way to do that is connect William Lam’s Content Library to my vSphere. But when I did that, I could not see anything inside of it when I did a deploy from content library. So what I did to get around this was to copy the vSphere 6.7 ESXi image out of Williams CL and into my CL and then I could deploy it from content library. This looks like an issue with the Web Client and the deploy from CL wizard. But an easy workaround got me through it. And it was very fun playing in vSphere 6.7.
Homelab - Will ESXi 6.7 run on Intel NUC?
If you have NUC’s in your lab you should check out this article.
vSphere 6.7 - What’s in it for service providers Part 1
Anthony has a good article that is for service providers and what in vSphere 6.7 that is good for them.
vRealize Operations 6.7 - What’s new in Views
vROps 6.7 is really quite a significant release, and so it is good to have another article on some of the new functionality.
vRealize Automation with Infrastructure Blueprint - Configuring Multi-developer Environment
In this article you can learn more about adding multi - developer support and I see that as pretty handy!
The Virtual Cloud Network
This came out recently but I don’t have a nice technical blog on it but I have this article and this article. Hopefully I can find a technical article on this soon.
Spectre Next Generation vulnerabilities affect Intel processors
I saw this article recently and it talks of more Spectre type issues - now called Spectre NG. This is not much of a surprise as I was expecting to hear about more issues. I figured as people worked on patches, they would learn more and likely find other issues. Here is the article that VMware is using to track impact to VMware customers.
VMware ESXi 6.7 - hardware not yet certified for upgrade
You can see the particularly long list of gear not yet certified in this article. Some of it is newer than I expected but hopefully the list will get smaller over time.
Designing vSAN Disk groups - All Flash Cache Ration Update
The contents of this article were discussed recently in the vExpert slack when suggested that I should share out the article as more people should be aware of it. If you are designing vSAN implementations, or if you are building one, this article is a nice reminder.
New HCI Assessment powered by Live Optics
This tool will help you understand the workload metrics of your current environment which VMware hopes you will use to design an HCI solution. It is in fact a pretty powerful tool, formerly known for a fair number of years as DPACK.
Introducing the vRealize Orchestrator Management Pack for vRealize Operations
This article describes something very cool, this management pack will support you tying vRO actions to things that happen in vROps. This means more remediation actions! Test them, but once you are confident about them, and automate their execution, it makes you more proactive in your IT battles!
VMware Education releases new training classes
These new classes are just what you expect - for all the new release. See more info here.
Azure AD and ADFS best practices: Defending against password spray attacks
You can learn about a common attack against passwords and some info on mitigation too - see this article for more info.
Overview and alphabetical list of all Windows command line commands
In this 948 page PDF all of the command line commands from the recent versions of server and desktop Microsoft OS’s can be found. Great detail on many things I do not need any longer, but also on some things I do. A great resource.
Optimize your restores to Microsoft Azure with PowerShell
Michael has an interesting article about how you can use PowerShell to restore to Azure. Interesting stuff.
Deploying Veeam Powered Network into a AWS VPC
Anthony has a nice article on how to use Veeam PN to work with AWS and in a VPC. Cool stuff and another nice use case for Veeam PN.
VeeamON 2018
Michael has an article about VeeamON which is Veeam’s big event - this year in Chicago. I was very much looking forward to it - so much I could learn and I had two killer sessions prepared but nope. Won’t be there.
Pure Storage Plug-in and Integration with Veeam
Vaughn has an article about Pure and Veeam which is about our new storage integration.
What’s New in Turbonomic 6.1?
You can learn more about this release in this article. Amazing stuff really.
See what’s new with Puppet Enterprise 2018.1
I am very fond of Puppet. I have not used it at or with customers but only in the lab, and I have spent time visiting with Puppet in their Portland office, and it was all most excellent. If the days were longer I would use it to help manage my lab. Here is an article about the most recent release.
Unusual Ransomware Strain Encrypts Cloud Email Real-time Video
It has been true for quite some time you should not click on things you don’t know or recognize. But here is an interesting story about a new ransomware strain.
Introducing Watchtower 2.0: The turret becomes a castle
This is quite useful functionality in 1Password and so it is good to see it has been improved. This functionality warns you when something happens to your vendor that you have credentials with. So it would warn you about the password issue with twitter for example, and likely before you knew about it. Find out more in this article.
The military paid for a study on sea level rise. The results were scary.
Interesting article about some research the US Military commissioned. They have a number of bases around the world on islands and they were curious about how much or even if, the level of the sea might change over the years. It is most surprising research, and will impact a lot of people.
Racoon delays Air Canada flight out of Saskatoon
Only in Canada could a Racoon get caught up in the Air Conditioning conduits of an airplane, and confound 15 staff, and yet get away on its own. See this article for more info. But pretty funny I think. I am glad the Racoon got away too - this is Canada after-all.
Thanks for reading or skimming this far,
Michael
=== END ===
