Cloning a Machine in Azure

The problem

Coming from my own vSphere engineering standpoint the public cloud makes things which I thought was easy difficult. After looking through some steps in order to basically “clone” a machine, I finally found a way to do this that is a bit easier though it does break some needed rules, and probably isn’t the safest process, but if your like me, it actually clones the machine

The process

To start out you need to snapshot the drive from a machine

From the portal go to the Virtual Machine you want to snapshot, and click “Disks”
From Disks click the OS disk for the machine
Now at the top click, “Create Snapshot”
Make sure to note the name and resource group as that’s the next steps. Click “Create”

Now that you have a snapshot you need to create a disk from that snapshot

From the portal home you will click on the “See all” from the Azure Services
From here go to “Disks”
Click ” + Add”
Select the Resource Group
Input the name
Click the “Source type” and select “Snapshot”
Select your snapshot
For the drive make it the same size as the snapshot, and a “Standard HDD”
Create whatever tags you need
Create the drive

Now you should have the drive you need to create the machine.

From the portal home you will click on the “See all” from the Azure Services
From here go to “Disks”
Select the Disk and near the top select “Create VM”
From here on out create all the other needed options and create the VM. Dont change anything on the “Disk” field as its pulling the disk your deploying from.

Now the VM should build, and once done the drive is connected to the VM so it cannot be used again.

Log into the machine with your username/password from the origional machine(probably a good idea to change the password)

Enjoy!

Life

DFW VMUG Usercon (my experience)

Usercon is an amazing event. Thanks to some of the leaders I was able to volunteer this year and be part of the team. This came with some discussion with the speakers, Talks with friends, hearing good speaker, and some good meetings with vendors in the solutions exchange. The great thing about usercon is that it comes accross as basically a min-VMworld (which it should!). Some of the sessions were almost identical to VMworld, in fact, our keynote was also a talk that was presented there. All of these things are what lead to some amazing talks with community, help with career development, and assist in basic IT needs. These are some of the many things that make this community so great.

The Keynote

@AmandaBlev rocking the keynote at @DFWVMUG @MyVMUG love the #vCommunity pic.twitter.com/ZLUrsX4S1t

— Nathan Bennett (@vNerdyNate) October 4, 2019

Amanda Blevins did our keynote this year. it was focused on building your brand, but even more importantly building yourself as your brand. This was an interesting thought to me, as I had always thought that your brand is how people view you. However, I never truly gave time to think about what building that entailed. Yeah, sure, a Twitter handle and a blog helps, but digging in deep on the idea of “brand” reveals it as basically the perception of you.

Amanda’s talk was pretty eye opening, as I had spent my days busily fighting to prove that I was worth something at work, while at the same time, also selling my house. The endless hours of work tied up with the stress and fear of where am I going, what house will I be in etc. made her talk incredibly timely for my personal situation, and words I was ready to heed. One of the many take-aways I had was to create a sort of “budget” of your own needs and desires. We do this financially (I’ve been doing it daily since I’m buying a house), but we barely ever do this for our mental, spiritual, and physical well-being. To put it in short terms,

Sit down in a quiet room and center yourself (or meditate, pray, whatever to quiet the things around you in your life)
Now where do you want to go in your career?
How do you want to get to that point?
How do you want others to see you?
What makes you happy? – This point is critical, as it drives us to achieve the other goals, but we also toss happiness aside for the others. So don’t forget this one
What makes you healthy?

I’m the sort of guy that goes all in at projects and issues. “You want my attention, well you got it bubba, Lets do this!!” tends to be my mindset. I’ll take the analogy of Captain Kirk – “leap before you look”. Its gotten me in trouble sometimes, but it is my nature to dive in to resolve issues. This made the idea that your “brand” is linked to your personal “budget” a new thought, but one I’ll be utilizing from now on. I’ll condense whole talk down to its most important take-aways for myself. #BeHappyBeHealthy

vCOMMUNITY!

I love these people. Some of the best and most wonderful folks to talk to are always around during a usercon. Al Rasheed was the one I was attached to the hip with, as he and I met on the Twitterverse and found him to be a very kindred spirit. We both believe fervently in this community, in the idea of practicing kindness, and the importance of giving back. It was great hanging out with him and talking to him about all the things that he was up to both professionally and personally. Great guy to know.

It’s #UserCon Day in Dallas, and I ran into @vNerdyNate and the one and only @al_rasheed. We’re missing @vJourneyman today. @DFWVMUG pic.twitter.com/xWqxEIjX2H

— Nick Korte (@Networknerd_) October 4, 2019

Paul Bryant is also one of my go-to guys to talk to. I’m sure most everyone knows Paul, hes commonly known as “The NSX Guy!” but one thing a lot of people don’t really know about, is that Paul is a solid, genuine guy who looks out for others, and is a great friend. Even on this day, Paul was pulled aside on an NSX issue and realized the problem and fixed it within minutes. Very impressive… TEACH ME SENPAI!

While at the @DellTechForum today i was fortunate enough to spend some time with the great @MichaelDell
You truly have to appreciate how down to earth he is & how much he appreciates his customers.#DellTechForum @DellTech @DellEMC pic.twitter.com/SL5URxDWRH

— Paul Bryant (@emcpebryant) October 8, 2019

I actually got to give back a little bit when talking to another person at the show about creating your brand, telling my experience, that was stumbling through setting up a blog, twitter, and then going through a whole ton of stuff where I basically vomited information on devops, kubernetes, containers, etc. Sometimes I guess just having a soundboard helps.

Other people shout outs to this awesome community are to @indylindy22 @KCDAUTOMATE (We will talk about vRA someday!), I got to talk to them at the dinner before the usercon, but not hang out at the event. These two got a vLadies panel together to go over women in the field. I don’t remember the title, which I hate myself for not writing down, but these are two people to know, as they are genuine people, know their stuff, and wonderful to talk to.

Great crew for a great session! Love being able to see my #vLadies in action! #DFWVMUG pic.twitter.com/mazxVAiiYg

— Caitlin Allison (@CaitVmug) October 4, 2019

Basically, if you can go to a usercon or VMUG get involved and go. These are amazing people with great skills who would love to help you improve, grown, and enjoy life together. Come be part of the party.

@DFWVMUG speaker dinner party about to start! #UserCon #dfwvmug #dfwusercon #vmware @MyVMUG pic.twitter.com/HTWzVymvtc

— Wences Michel (@wmichel) October 3, 2019

vRealize Operations, vROPS

vRealize Operations 7.5 Application Monitoring

Application Monitoring

These days there are a lot of different application monitoring solutions. I know cause I’m in the middle of looking through them for a good fit. The hardest thing for an IT operations engineer is having to be woken up at 3AM to fix a “Server Down” situation. However, it’s even more detrimental to for a company to have a customer or a critical application to be down and no one be alerted.

I always think about the old adage, “If a tree falls in the woods but no one hears it does it actually fall?” Well of course it does. The difference is no one knows or cares about said tree. Well if that tree is a tier 1 app. You better know whats going on.

I decided to write this cause I had a really hard time figuring out how to get things setup in vROPS. Yes disk monitoring and other basic management packs are available for vROPS, but I wanted to be able to do more. HTTP get requests, IIS, SQL, ETC.

I know this will probably all change with vROPS 8.0 coming out, but for now this is what I wanted to roll out to test. The process may change or it may stay the same. Once I get my dirty hands on it, I’ll update this post as needed.

Couple of Pre-Requisites

vRealize Operations deployed into your environment
Licensing for the Enterprise edition of vROPS. You can do some OS monitoring with Advanced, but for application monitoring, you will need Enterprise

Application Remote Collector

Here is a video by John Dias on what you need to do to set this up, I’ll go through it step by step as well, so you have some steps on top of the video.

John Dias Video

Log into vROPS
On the dashboard go to “Monitor Applications” and then select “Configure Application Monitoring”
Next you will Select what type of application Monitoring you will use. Either vROPS or Wavefront. For this we’ll use vRealize Operations, and Click “Save” NOTE: This is an irreversible choice. So plan ahead and make sure that you will be using this monitoring through vROPS only for the selection you pick.
This can take a while, but if you haven’t activate the vRealize Application Management Package in vROPS you will be notified to do so.
Just click “Activate” and it will take you to the Administration Tab:
Just click “Activate”, This will take some time depending on the size of your deployment.
Now that it’s activated, On the same tab(Administration) go to “Configuration”, and “Application Remote Collector”. Click the green download arrow to download the OVA of the Remote Collector. This will need to be deployed into your environment.
Once the OVA is downloaded, deploy it to your environment. Probably good to neighbor your vRealize Operations deployment, so that you wont have to deal with those Networking guys. I wont go over the OVA deployment as it’s pretty standard. I will note, that you need to make SURE you remember the password you set.
Power up your Remote collector appliance.
Set a DNS record for the Remote Collector IP.
Once the Collector is up. Open the console
Login with username: root, Password: “vmware”
Create a new password
run: vi /etc/ntp.conf
Add a new line at the bottom pointing to an NTP server – Line will look like: “server time.google.com”
Run the following
1. enable NTP
  1. systemctl start ntpd
  2. systemctl enable ntpd
2. enable start ssh
  1. systemctl enable sshd
  2. systemctl start sshd
Return to vROPS and go to the “Administration” tab under “Configuration -> Application Remote Collector” Click the green “+”
Here is where DNS comes in. I’ve had some issues with getting vROPS to see the collector. On the top line input the FQDN of the collector(IP works as well for setup) input your Username and Password that you set when you created the appliance.
Under “Map vCenters” Select the vCenter from the drop-down and run “Test Connection”.
Now after the Collector is loaded, click, “Configure Agents”. Select the VMs you want to install the agent on, and click the “Install” button (It’s the arrow pointing down). FunFact – You can use shift click to select multiple machines, and use the filter to allow a better selection.
I use a “Common Password” and a service account for my agent deployments.
It’s not very intuitive, but once the agent has finished connecting and has some built in service, you can create a custom built monitoring solution off the “Manage Service” button. It has some built in ports etc.
Now you can setup some other monitoring, For instance some port probes, HTTP probes, or a simple ICMP check to verify the machine is up. These all have some different configurations settings, but you can explore from here.

Now that you have configured an application collector and agents have been deployed, you can go to the “Troubleshoot Application” dashboard and take a look! Here is an example of an ICMP checker when the server is down. Notice availability? On the other ICMP check the availability shows 100 percent. Now you have a metric to track, as well as a map to see all the connections.

For the built in services, be sure to add a display name on it to track the service on the VM in “Troubleshooting an Application” in “Dashboards”. Here is an example of the domain controller.

The Ad check is still collecting, at this point, but it shows the extensibility of the built in Monitoring Service.

I hope this helps get you started, I didn’t go very much over more than the video, but thats kinda the point. I really want to fill in spots that I had issues on, in case others have the same issues. Instead of calls over 3 days, I hope this is a good one stop config for the Applications collector on vRealize Operations 7.5

vmworld2019

Thursday @VMworld

VMWorld Certification Experience

So I woke up at 6AM this morning, I had a lot of anxiety about the test so definitely wasn’t ready or well-rested for it. However, I was determined to get a good start into the foray of certifications after I talked with the education people yesterday. Its definitely intimidating to walk up and check-in for something that your hoping to turn out well.

Taking the test was very akin to my other certifications but the main difference that I absolutely loved was my immediate comfort with the test. I know this stuff. Maybe I don’t know it very well, but I do daily tasks within this product. I think there will be many people out there that will find this same experience. I’d suggest, if possible, investing in a lab, or public cloud test, whatever, before you study for a certification. Don’t let the certification be your first foray into a field. That was my problem when IT became my 2nd career. I decided to just get some certifications, and maybe I could get somewhere. It was the hardest thing I did. Then when I started my first big boy IT job, they didn’t care that I had them. In fact, no one cared about what certifications I got. Let me put it this way.. Certifications is a checkbox for upper level positions, Not a checkbox for entry-level positions. At least this has been my experience.

I missed by 3 questions with 0 studying. That just tells me some studying and I’ll get her done. Regardless a very encouraging time for me, and well worth the money for my own personal growth.

Ask the Experts your Toughest Kubernetes Questions[MTE6161U]

So the Expert didn’t show up to our meet the expert discussion. So I decided to talk to the two guys that showed up and ask them what their exposure was with Kubernetes. My own knowledge is very limited, however, as engaged as I have been through VMworld and all the sessions I attended, I asked if it would help them if I shared what I had discussed with others, and my own experience.

I believe a lot in paying it forward when possible, but its not a great to try to take over something when your not an “expert” in it. However, I wanted to help as much as I could. I just went over some of the Kubernetes discussion I’ve had as well as some training I’ve done with AKS and Kubernetes.

It really helped me realize that maybe I should start doing some talks and start going through the white pages and create presentations. This was a good realization, that there are those out there that can benefit from the things I have learned, even though i’m not an expert.

Machine Learning in Less Than 1 Hour with Python [CODE3331U]

Dan Illson @danillson @cloudjourney Cloudjourney.io

VMworld Video

What is Machine Learning??
- A subset of “Artificial intelligence”
- “Learning based on experience”
- a process of identifying patterns in data
- building models which explain a set of data
- prediction without explicit pre-programmed rules/models
- closely related to computational statistics
- NOT MAGIC
Breaking down machine learning
- supervised learning
  - Classification and Regression
    - regression I have a theory and i’m trying to test to progress to the smallest integer
  - using existing data to help interpret new data
  - algorithms include:
    - decision trees
    - support-vector machine
    - native bayes classifier
    - k-nearest neighbors
    - linear regression
- unsupervised learning:
  - only received data is considered
  - Algorithm families:
    - clustering
    - association
Python why?
- Python and R are what are normally used for Data Science
  - Its easy to start with
    - the syntax is easily human readable
    - available for many systems
    - its popular and easy to get help
  - all functions are presented
  - fast
  - has a comfortable interface
    - including the command line interpreter
  - many standard libraries for it
Lets try some supervised learning
- We’ll use the “iris” data set that comes packaged with the sklearn library
- python via the command line interface
- we’ll use the k-nearest neighbors algorithm:
  - a positive integer k is specified, along with a new sample
  - we select the k entries in our database which are closest to the new sample
  - we find the most common classification of these entries
  - this is the classification twe give to the new sample
DEMO!
- scipy.org
- numpy.org
- matplotlib
- pandas.pydata.org
- scikit-learn.org
Mean accuracy model – how close it can be accurate with the model.
Code for today will be posted on codejourney.io within the next weeks time.

Other things to see is NL VMUG video by Jad Al-Zein on the topic, as well as machine learning on python, in Coursera

Machinelearningmastery.com great resource.

Using NSX-T to Modernize Your IT Infrastructure by IBM [CNET3380BU]

VMworld Video

Your either disruptive on the network or your disrupting.
Utilizing NSX-T allows less disruption
With the challenges of new business models, hybrid, multi-cloud reality presents new opportunities, as well as new challenges…
New tech and Containers are helping to support and address concrete business needs
Introducing new tech and clouds introduces challenges on integrating with existing technology
So how can IBM help?
IBM and VMware have been partners since 2014 in enabling NSX for vSphere.
NSX-T does not need VCenter

Ending VMworld

Well that’s another VMworld in the books. Man I’m tired. What a wonderful time with wonderful people. Its really weird on Thursday that you start feeling like this place is home. The repetition of going from one session to another. The constant insanity of walk/run/sit/type/type more/run/eat/run/sit/type, becomes just 2nd nature. You start seeing things around you as constant, but its not. Its just part of your life, that has now ended, and like a child who’s been told to stop playing at a friends house, its time to go home.

All surveys in and that’s a wrap @VMworld last day blog will be posted tomorrow. To the #vCommunity safe travels home! pic.twitter.com/22i49KPFrw

— Nathan Bennett (@vNerdyNate) August 29, 2019

I’ve got some great Ideas for blogs, and I hope to go through those soon! Till then dear readers!

vmworld2019

Wednesday @VMworld

VMworld Tips(AGAIN)

First remember that you are on your feet for almost the entire time you’re NOT in a session and in some cases a bit when you’re in there. The continual mantra that comfortable shoes need to be your first item to pack is totally true.

HOWEVER:

There are definitely other tips to give which I’ll endeavor to share here:

Continually verify your session list(Its subject to change)
Verify you are in the right place and where you’re going next. This is important when rooms are assigned to the schedule. Its a good idea to grab the sessions you want, but when the rooms are assigned, make sure you don’t have to run across campus to get into a session. Aka, Dont’ be like me
Talk to people! I’m going to bring this up almost every day that I can. Its important to recognize that you, YES YOU, are a part of this community. If you’re at VMworld you’re a part of US, and we’re glad to have you! So say hi!
Baggage! A lot of people have mental baggage but I’m talking actual luggage here. Check-in/Check-out at your hotel can be a pain. Utilize the bell-hop, or concierge, or whatever they call it at the hotel to hold your bags if the room isn’t ready, or hold them if you checkout on the last day of VMworld, and your flight is later that night.
Another word about Sessions. If you see a session you would rather be in, than the one you’re walking to. Go do it! Sure, you’re signed up for another session, but that doesn’t mean you’ll be shot for not showing up. One thing though, if you do this, remove the session from your schedule, as you will still get a survey to fill out. One way or the other, seats are released 10 minutes prior.
TWITTER! This little app has changed my life. Take pictures, Use Hashtags, follow people. This is a great resource for everyday growth, and importantly for the community. As I said previously, you’re already part of the community, so say Hi!

Ok imma hop off the soapbox.. Back to sessions…

Zero to App: Building Your First Application in Kubernetes [CODE1804U]

Bill Shetti @shetti @cloudjournei.io http://www.cloudjourney.io

VMworld Video

In 30 min we will…
VMware Tanzu… the “Obvious answer”
Building a cluster in PKS(Usable for the next couple months)
The app… Node.js app
App deployment is already built
- Has index.jas
- Has a dockerfile to show the build of the dockerfile
- docker buld -t simpleapp was the command he ran and “-t” names the app
- Tag the app using “docker tag simpleapp: *TAGINfo*)
- Pushing it to google cloud register with “gcloud push”
- Now we build the docker image, and pushed it to a container registry
- Log into the kubernetes cluster
- verify by using “kubectl –version” or “kubectl get pods”
- If the pods aren’t coming up, you can always “kubectl describe *PODNAME*”
- “vke cluster show bob” shows the information of the kubernetes cluster in vke(pks)
- PKS brings up a load balancer for you, so in Kubernetes you don’t have to run the node:LoadBalancer but you would run it as NodePort

Why should I use Virtual Volumes? A technical review. [HBI3416BUS]

Cody Hosterman @codyhosterman

VMworld Video

vVols are how pure storage was designed, and others.
with VMFS you are not protecting applications, you are protecting data stores
how VMDL restores VMs
as vms SCALE, Challenges arise.
what are vVols? Granular storage for VMs.
vVols – Every virtual machine has individual volumes on the array
- every VM gets a config vVol – 4GB – holds the configuration information of the VM
- Data vVol – for every virtual disk added to the virtual machine there is a new data vVol
- Swap vVol – is for the vm swap file. sized according to the VM memory
- memory vVol – if the snapshot is taken with the “snapshot memory” option.
What is a Data vVol?
- A data vVol is essentially a RDM. Just a block volume with whatever file system your guest puts on it. There is no VMFS on them, there is no VMDK encapsulating them. A direct volume. A well-orchestrated one!
- VMFS Virtual disks are not first class citizens, vVols make virtual Disks first class Citizens. It increases control of your storage.
on the array AND in VMware
What about physical to virtual?
Move data to Cloud Native
The Data Plane
- how does the host see a vVol? vVols are not connected to a host in the traditional way(Not enough SCSI slots)
- Protocol Endpoint
The Management Plane
Provisioning
Storage capabilities
VMware-Created Snapshots
- Traditionally, when you took a VMware snapshot of a VM a delta file was created, this hurt performance
- Now when you take a VMware snapshot the array does the copy. no performance penalty with FlashArray volume copy!
vVols is Space Efficient, they are direct RDMs so you can get a lot of space back by going to vVols.
Virtual Machine Restore
- when a VM is deleted or a virtual disk how do you recover? Recovery includes loss of RTO and RPO
- With vVols you have 24 hours to instantly recover and deleted disk or VM data on the Array itself.
VM Cloning – 100% Offloaded
- when cloning a VM, or deploying from a template –the process is a full volume copy!
- One API call to the FlashArray = Instant Cloning
- 50GB virtual Machine? Clone time is 5 seconds!
More Insight and More knowledge
- Ransomware encrypts the data on a VM, With vVols if you see the data reduction go to 5>1 or 1>1 someone encrypted the data, you can respond quickly
Encryption and Reduction
- Pure now encrypts the OS with a special key.
Replication
- vVols and replication
- there is a concept of a source replication group and a target group. VMs are put into a source and fail over is run against the target.
- PowerCLI Cmdlets
Getting there…
- Flash-array vSphere client plugin!
  - {Powershell}
  - Migration to vVols – Storage vMotion – Online Migration!
  - More info!

I blinked and was 3 slides behind. Cody goes fast and brings so many great points that I just cant keep up. Watch the video. Man this guy is good.

Is IT Ready to Enable Success in Your Multi-Cloud Environment? [MCO1687BU]

Jad El-Zein @virtualjad Keven Lees

VMworld Video

IT Mindset shift IS REQUIRED
Clouds are the new silos
The goal is blended teams, looking at Service Oriented approach
Processes? The good and the bad..
- Governance or lack thereof is one of the biggest things with Shadow IT, and its needed to maintain the workloads and stay within policies.
- Provisioning
- Security and governance
Multi-cloud consumption
- Aligning with Enterprise need
- VMware Cloud Assembly – Build, Deploy, and iterate on applications
  - Setup your cloud accounts, and zones
  - configure your projects(business groups in vRA)
  - design your blueprints(IaC in CAS)
  - Cloud Assembly – Declarative provisioning and life cycle
  - IaC choice of UI or Yaml Editor
  - VMware Service Broker
  - Infra and App Pipelines
  - Content Marketplace
  - Multi-Cloud Extensibility
    - ABX on-prem with Powershell Support
- Multi-cloud Operations
  - Self-Driving Operations
  - Intelligent Monitoring and root Cause Analysis(VROPS 8.0)
  - Apps-ops and wavefront are free trials, and cloud health is a trial or POC for testing

Kubernetes and Cloud Automation Services: A Primer [HBO2769BU]

CODE DE ARKLAND AND CHRIS McCLANAHAN The OG

@Codydearkland and @virtual_crazo rockin it!! pic.twitter.com/YcekXR28bC

— Nathan Bennett (@vNerdyNate) August 28, 2019

VMworld video

vRealize Automation Cloud
Kubernetes in PKS
Kubernetes Profiles
- Tag the profiles needed within a blueprint as a constraint for kubernetes within PKS
- Use tags within the whole platform to define how things provision, Size, region, etc. the tags are everywhere.
PKS on the Design Canvas
- Define the whole kubernetes cluster with an easy drag-drop blueprint
On-boarding Existing and External Clusters
- If Kubernetes is already built you can bring that in so that you can manage kubernetes cluster within the application
- Master would need to be exposed publicly to be able to manage an already built Kubernetes cluster.
Kubernetes in the Marketplace
- Currently you can do a vsphere cloud.init template that has Kubernetes on ubuntu 16.
- Don’t need PKS to do Kubernetes things
- Cloud proxy to deploy on-prem for CAS(Maybe vRA 8 Cloud?)
- Kubernetes Zones, allow you to bring into your PKS endpoint for Kubernetes
- You can t-shirt size your deployments
- You can setup the deployments and allow “Projects” to deploy the needed deployments
- You can Gui’fy namespaces within Kubernetes, this allows you to hide namespaces from other users.
You deploy apps in this under Code Stream.
- Setting up the pipeline in Code Stream is paramount as anything as Code is needed for specific run times. This includes the app, load balancer, and everything that needs to run for the app.
- Code Stream works with Gitlab, hub, etc. and when you push a commit to your repo, Code Stream will see it and push that through Code Stream to perform the build and run.

How to not go broke with CI/CD deployments [CODE3452U]

Tim Davis @vTimd

VMworld video

I got to his talk late(*bladder, and sessions were too stacked .. See pointers above*), but wanted to share his talk as its been shared on podcasts and other places.

Deep Dive – Kubernetes Resource Management for vSphere Admins [KUB1208BU]

Michael Gasch and Pranshu Jain

VMworld video

Putting Kubernetes on vSphere.
- Not covering Tanzu or project pacific basically just vSphere
- Its a good idea to put the kubernetes nodes in Ha as they are not Ha setup.
Kubernetes 101
Pod is the atomic element of Kubernetes
Resource management is the allocation of resources from resource provider to resource consumers
https://k8s.af – to help with postmortems and outages, 9 out of 10 related to resource management.
But why should I care?(other than most outages are from resources)
- Best Practices doesn’t always transfer to best practices from a higher level
Specifying the pod specialization and resources
Resource management in the life of a POD
- Important to utilize namespaces and then refer to those tenants with what resources are available to the tenant
- By setting the validation in the Yaml with the namespaces it allows us to know the quota of the VMs and we don’t over commit or under commit our nodes.
Best Practice for Kubernetes #1
- vSphere HA is good for Kubernetes clusters.
- Define an admission policy for HA that will help understand the normal group and the critical(high cpu etc) group
- Finally DRS using anti-affinity VM monitoring and host issues
Placement with Kube-Scheduler
Assisting kube-scheduler how???
Enforcement
- Setting resource limits on the linux kernel VMs is critical to maintaining the cluster. So each deployment in yaml as declarative or an imperative command should have the cpu/ram statements in order to change that information

Very dense talk but well worth it. Basically run on VMs, Enable HA, Use resource limitation switches, and watch your clusters.

Prove Your Skills and Validate Your Value with VMware Certification [EDU3684U]

I know this is a more personal session, but its worth mentioning that we all need to “prove our worth” too many times. Its worth having a sign or symbol to raise when someone challenges you and wont listen. We all have those people who will argue and argue. Also as we move into higher and higher positions, this is a needed step in our growth.

Karl Childs @karlchilds

There are quantifiable results that show that individuals get benefits other than employer benefits
VCDX – FREE POLO
VMware Certification Tracks
Good analogy is boulders across a river and you’re trying to get across the river by those boulders
What if you miss the exam? or how do you prevent that?
Run a Skills Gap-Analysis
Download an exam-prep-guide

Things I learned about the Certificate process:

Foundations exam is taken online, and is open book. Still have to pay for it.
The class can be any class. Whether it be for vRA, NSX etc. But it is a REQUIREMENT for the VCP. You can pass all the exams but you will get nothing till you do the class training.
There are lower cost options for the class part. You don’t have to do a 4500$ spend just to get your cert. This is part of the whole #vCommunity mill, but there are those that have done this part much cheaper. Not saying the actual courses aren’t worth it, they definitely are. There are just other options. If you’re a part of VMUG ask your Leader, I’m sure they know.
I’m going to take my vRA VCP tomorrow and take advantage of the 50% off. However, with VMworld fest happening tonight and all the other things, I wont study at all before its there. But it’ll be good to know whats out there, and what the last couple years have taught me.

VMFest

Taking a huge line of buses to the party was insane. I definitely didn’t want to roll with that. Thankfully a friend shelled out on an uber and we got there while Billy Idol was rockin’. Yes Billy F’ng Idol…

I have to admit he had to rely on the audience for some parts, but the dude is still killin’ it at 60 #LifeGoals. He’s still the drunk rocker persona on the stage, and he’s still crass, and swearing… but we love him anyway cause its rock n’ roll baby.

Next on stage was One Direction…… I mean, One Republic… Man I’m old.. #InsideJoke

The first song I heard of One Republic was “Secrets” which was the end credits song after “The Magicians Apprentice” movie with Nick Cage… Yup, That movie. Regardless that song holds a specific feeling in my life and whenever I hear it I’m transported to that place. However, my highlight of the night was when we got to hear “Halo” which was written by One Republic front man Ryan Tedder, and Beyonce performed and made popular. Hearing it from a male voice like his was incredibly impressive.

Twitter Life!

I met William Lam! This guy has been a huge part of the community and has always been a force for good to the groups. Thanks man for all you do!

@lamw good to meet you and discuss the importance of #vcommunity #PayItForward pic.twitter.com/oB4tmhd1Sv

— Nathan Bennett (@vNerdyNate) August 29, 2019

Also PEDRO ARROW, also known as Pete Fletcha, of Virtually Speaking Podcast!

@vPedroArrow the one and only!! So stoked I got to meet you man! pic.twitter.com/Yh7MKKKzpJ

— Nathan Bennett (@vNerdyNate) August 28, 2019

FINALLY met an amazing tech guru, and another leader in the community wether he likes it or not the one and only Jad Al-Zein. His blogs and videos on vRA 7.x saved my hide multiple times. Great guy to talk to, and hes SO EASY to talk to as well!!

Look who I found!!! @virtualjad this dude still rockin some great content and even his older stuff is still relevant!! #LifeGoals pic.twitter.com/L53lZG4yoy

— Nathan Bennett (@vNerdyNate) August 28, 2019

Now for bed, lets hope the test tomorrow will come out better than I expect, would be nice to pass, but I’m going to try not to hope for it a ton… even though I know it’ll be hard to sleep knowing I’ll be doing that in the morning.

vmworld2019

Tuesday @VMworld

San Fransisco!

I decided to write a bit about the town, I came from a 105 degree Texas over to the west coast. Considering the only “West Coast” thing I knew was a swing dancing step known as the West Coast 3-step(I met my wife Swing Dancing).

ITS COLD. Yeah ok so lows in the 50s is not something I was prepared for, but man the thin hoodie I brought is just not up to snuff for this kind of weather. The highs are really nice, walking .5 miles just to Mascone and an ungodly amount afterwards is really nice here.

THE FOG! OK, so if you’ve seen as many horror films as me you know that the fog is not a good thing. That’s when the monsters come and when we all subsequently die. I’ve never seen fog like this, the thickness, the smell, its something different.

THE HOMELESS. Ok, coming from Texas almost everyone had a snide comment for me, “Don’t step in the poop!”, “Check the poop map daily!”, and basically a lot of snickering about poop and the homeless people. For one, the homeless people are subsequent to our human nature. Not everyone goes to VMworld and not everyone can do what we do daily, but ANYONE can be homeless. To me the statement, “Homeless are just people without homes” is a real statement. I used to preach to homeless shelters aeons ago, and that feeling of men/women needing shelter, food, and to be treated like actual people is still instilled in me.

Also to everyone that asked, I haven’t seen one poop on the sidewalk OK. GET OVER IT.

The real VMworld

I’d be remiss if I didn’t take a time to state what the best thing about VMworld is. Its the people around you. If you’re at VMworld alone, talk. Find a table with one seat open, and sit in that chair, and talk to them. I’m pretty sure we’re all people, and we all want to help, grow, and befriend new people starting a journey or maybe finding people who are already well past our journey. This is one of the greatest communitites out there and one of my favorites!

General Session with Steve Young and Lindsay Vonn and Ray O’Farrell

Started with a video about the future. Very Walt Disney Epcot “City of the Future” Stuff or Spaceship Earth
Digital Transformation and Digital infrastructure
Tanzu Tees being used as a question for the three keys, Build, Run, Manage for the apps.
DellEMC VMware Cloud Partnership and Project. (Previously Project Dimension)

- Showing project PACIFIC Holy cow! They are writing the private cloud to be Dev-Centric allowing developers to deploy and utilize the software for quick build/run
- vSphere itself is branded to join Kubernetes itself. Amazing.
- Tanzu Mission control, Showing clusters in the multi-cloud. The hype is real
- Basically setting a binding in Tanzu Mission control it can run the fleet cluster in the multi-cloud
- Unified controller for a unified management platform. IF everything is running on vmware

pic.twitter.com/173MoBKO9Y

— Jake Robinson (@jakerobinson) August 27, 2019

Moving to Connect and protect(Marcos Hernandez)
- Looking at Tanzu Mission Control Running in NSX Service Mesh
- NSX-T within Tanzu Mission Control works much like Network Insight and utilized the full force of VMware apps, to show the mapping, the flow, and then uses data analytics to create a list of needed rules.
- SIMULATION MODE(Totes cool bruh)
- Now only protected flows work on the wire… BOOM
- Now utilizing App Defense, and Carbon Black to fix vulnerabilities. VMware has taken no time to integrate their new partners into their products
Wavefront
- Utilizing Wavefront to manage the issues within your multi-cloud environment.
- Traces showing Distrib Tracing.
- Now from Wavefront you can connect directly to the component thats having issues
- Project Magna to fix VSAN issues.
- Now after we have secured, and fixed our environment, we utilize Cloud Health in the background, and yet again get to it in Tanzu Mission Control.
- Cloud Health is now used to reclaim unused VM’s and alert when approaching or over budget.
Zuora – a Customer story
Now we’re moving to the Experience
- - Horizon Desktop as a service (DAAS??)
  - This allows deployment to many different locations, applications, etc. Basically full setup for the employee that just joined, as a virtual machine.
  - Workspace ONE – Employee experience dashboard showing issues, and sets rules via automation to create the ticket run the automation.
  - Workspace
.@WorkspaceONE allows you to stay proactive with app issues. pic.twitter.com/tevAU54IL6

— VMworld (@VMworld) August 27, 2019
Emerging Tech
- HCX enterprise will allow migrations from one VMC to another accross the nation, The change rate is obviously key here in how it runs but it will be amazing.
- ESXi on ARM
SanJay Poonen, Steve Young, and Lindsay Vonn
- the sick burns from Lindsay Vonn are worth every penny of the VMworld ticket. AWESOME

Peanut Butter and Jelly: Why Virtual Machines and Containers Go Together [KUB1133BU]

Kenny Coleman @kendrickcoleman and Tristan Todd @tristantodd

VMworld Video

Myths about Containers and VM’s co-habitating
- 5 reasons you should run containers on bare metal, not vms(Diamanti)
- Myth: Each vm consumes storage plus cpu for a full virtual machine before you spin up a containerized workflow, so the vm ties up resources whether its using it or not
  - A good argument, but you dont need to have specialized hardware to run a specific task.
  - Hardware capability – abstracted vs hard requirement. VMware has done a great job of abstracting the layer so that the hardware abstraction doesn’t run resources when needed.
Myth: Individual containers are stateless and ephemeral. Rather than moving a running container from one host to another as you would with a VM, you just start a new instance on another host
- Higher availability doesn’t mean that it works against the Kubernetes orchestrator. Kubernetes doesn’t take into account the resources issues or problems like DRS in vSphere.
- vSphere with Kubernetes provides dual layer scheduling for maximum resource utilization with DRS
- Bare Metal requires Kubernetes management services to enact cloud native mechanisms in event of maintenance or failures. Expect etcd to rebuild and replicate databases.
- Kuberenetes master is like vCenter it is your central hub and master, if you lose it bad times. Making that more resilient is great.
Because containers are lightweight, one of their advantages is the ability to run a greater number of containers per server, than VMs
- Scale, All machines can fail, so scaling the repopulation of that machine upon failure is key. Especially on the kubernetes master. If this drops having it built on a VM allows faster response and rebuild.
The people using and managing the container environments are likely not the same ones managing the vm environment.
- This is a dumb statement. This basically is backwards thinking against DevOps stating that no ops and Dev can talk to each other. The whole Beauty of containers is the connection between Dev and Ops together.
- Its not always a failure in communication as much as you’re speaking a different language than the other. You need to find a common ground and talk to each other.
The bare-metal contianer benchmarks demonstrated a 25-30% advantage over VM-based containers in both I/O and CPU processes.
- Actual VM Benefits vs Theoretical Performace Advantage
- Off course with #runkennyrun – He was the guy pushing bare metal for so long but now had changed his thought process especially with CSI (Container Storage Interface) that allows different solutions with vSphere. Now if you run this on bare metal you will need to verify that the CSI driver will run on bare metal. in VMware thats already built in(Not GA yet)
No mention of security… So lets talk about that
- VM’s already come with security!
- Heartbleed, spectre, meltdown and more require OS and firmware updates. How fast can you patch with bare metal automation???
Kubernetes on bare metal
Kubernetes on VMs(Linux VMs)

How PowerCLI Makes vSphere Configuration Management Easy [CODE2214U]

Kyle Ruddy @kmruddy kmruddy.com github.com/kmruddy podcast vbrownbag.com etc, etc… aka DA man

VMworld Video

Configuration Management
Runing a declarative IAC to verify a “indempotent” (repeatable) outcome
Why configuration Management Matters! SOURCE CONTROL DANGIT
Configuration Management Breakdown…
- Central Node(and repo)
- Yaml, JSON config file(whatever)
- Endpoint node
- Central Node pushes the config file to the endpoint and runs the config to setup whatever config is set.
You can use many different configuration managers
Ansible Example
PowerShell Definition
PowerCLI Definition
PowerShell Desired State Configuration
- MOF = Manage Object Files
- LCM = Local Control Manager
PowerCLI DSC = VMware.vSphereDSC
DSC for VMware
Sample configuration file setting NTPServer
DEMO = {Video will be posted once up.}
One More Thing…
- vSphere configuration management exists in other configuration managers. Ansible, Chef, Puppet etc..
- Ansible sample code.

Automating Hybrid Clouds with VMware Cloud Automation Services [MTE6051U]

Great talk with @virtual_crazo about vRA 8.0 and vRA cloud. Some amazing stuff out there coming out in the next couple of months.

Got to meet and talk some automation goodness with this guy! Good time!! @virtual_crazo pic.twitter.com/pxYTdEVEHR

— Nathan Bennett (@vNerdyNate) August 27, 2019

Modern Apps Showcase with Kubernetes

VMworld Video

Showcase leaders:

Kubernetes is too interesting, and should be boring.
Modern Apps Framework
Tanzu initiative trying to modernize apps.
Build with Pivotal!
- With the new stack utilizing pivotal, customers have been able to go from code rolls from every 6 months, to 3 times a week. Also it leads to self healing for the customers
- Tanzu will lead to building modern applications:
- 3rd party apps that can run in Tanzu – HASHICORP!! also Pure, and CloudBees
RUN
- Project Pacific – Kubernetes on vSphere!
- We live in a world where we demand modern and specific infrastructure
- Verizon model after amazon flywheel to drive faster time to the market, and more capacity for innovation.
- Articulating the value
- Strategy for espansion
Manage
- Manage kubernetes for developers AND IT
  - Tanzy Mission control is the central hub that runs and manages the solution
  - The control pane elements bind together to be a solid management platform for the managers of the resource.
DEMO.
- Running a demo on Tanzu mission control First screen shows individual tags, multipls public/private clouds, and resources
- k8s.vmware.com/vmworld-us

THE DAY!

I got my Al Rasheed selfy, An amazingly friendly, and wonderful human being:

Finally got my selfy with a wonderful wonderful human being @al_rasheed pic.twitter.com/l2BXjRbW9i

— Nathan Bennett (@vNerdyNate) August 27, 2019

Met and Selfied with @lost_signal the one and only John Nicholson!

Awesome to meet awesome people! @virtspeaking @Lost_Signal pic.twitter.com/YPaudl1ubO

— Nathan Bennett (@vNerdyNate) August 27, 2019

This is what happens when vmworld says, “Quantity is limited” on a free t-shirt:

#TanzuTees business is BOOMING!! @VMworld #VMworld3Word pic.twitter.com/wLbOupghwE

— Nathan Bennett (@vNerdyNate) August 27, 2019

And I mean Pat… THE PAT

Well this happened. Met an amazing man and person. Thanks @PGelsinger pic.twitter.com/EvTO2ex03R

— Nathan Bennett (@vNerdyNate) August 28, 2019

vExpert Party

Finally get to go to a party I’ve been looking forward too for a long time! So many great people to follow on twitter and to talk to. This party didn’t have huge artists or crazy loud music just good people and good discussion. From discussing all the different carreer paths to the new solutions they are playing with. These guys are always around and willing to help. If you use twitter, please setup a follow on the #vExpert tag so that we can all share in our experience, problems, and life. Thats what we are here for as the human condition!

On to the next day.

vmworld2019

Monday @VMworld

Note: For the sessions I’ll embed the videos once they are released. Similar to the general session.

General Session

Big announcements

Acquisition of Pivotal and Carbon Black
Project Tenzu with Project Pacific bringing native Kubernetes into the vSphere space running Kubernetes on ESXi and stating that it can run over 8% faster than bare metal and 30% faster than a linux VM.
Some other announcements but my mind was already blown.

Build Your First Kubernetes Cluster on vSphere with Kubeadm [CODE1151UR]

Kenny Coleman @kendrickcoleman

VMworld Video

Packed house makes it hard to type, but obviously. Kubernetes is a main interest point for all of the attendees of VMware. Also gotta shout out to VMware Code as they booths are pretty slick and awesome at the same time.

Kubeadm – De-facto under the covers use of creating your Kubernetes cluster.
Checkout the Kuberenetes the hard way in git
what is your distribution server(what OS)
make your distribution configurable as a template.
Important to find the pipeline to build it.
Now time to look through all the ways to install Kubernetes.
Networking! How do you inter-pod networking setup?(calicok, canal, kube-router,romana)
Are you ready to install? Nope gotta figure out storage. Persistent storage is a needed process that needs to be done. Especially moving that storage to CSI(container storage interface)
blah.cloud to setup the install. Now you can install Kubernetes.
Resource pool with no resources in vSphere??? Use Clustername/resources in the file to utilize the cluster.
Kubeadm runs upgrades for you for clusters. Documentation on what can and cant be done and the pre-reqs
Project Tanzu still part of the whole solution.
kubeadm normally runs with one master, now in Beta it can look into multi-master setup.
KubeADM is in alpha for Windows in 1.16
How to get started – https://kubernetes.academy/
Go check out blah.cloud.
Free HOL on PKS – goto: https://labs.hol.vmware.com/HOL/catalogs/catalog/1212 and search PKS

Cloud Native Fundamentals: Containers and Kubernetes 101 for the VI Admin [KUB1126BU]

Nathan Ness @nvpnathan & Scottie Ray @H2Only

VMworld Video

Basically starting off right where the previous session talking about all the components of Kubernetes
But it all starts on a dockerfile(if running on Docker)
One beauty of Kubernetes and Containers in general, is that once you have the template, file, w/e to setup your app. it can be run on whatever DLL you have.
Kubernetes terms
Node = Conainer host w/agent called “kubelet”
Application Deployment File = configuration file of desired state
Container Image = runs in a pod
Replicas = copies of pods that must be running
Moving from a Container to a pod, a Pod is the concept of a side-car idea as a container is one microservice whereas the pod has multiple microservices.
Labels help, do that….
Type:LoadBalancer is Key to the Kubernetes service as it takes the application and turns it into HA with its replicas.

A lot of Q and A time after the session. It seems like a lot of people are looking for Kunernetes answers to questions they haven’t really defined. There are a lot of great training out there for Kubernetes, but I’m definitely going to write up some stuff to go over and help define those answers. Gotta get home though… and remember to do it while renovating our house to sell..

Continuous Application Delivery with Code Stream: A customer journey [HBO1080BU]

With Juan Hernandez, and Deepak Kallakuri

[No Link]

Trying to get code into a CI/CD pipeline is the hardest part of most companies. Figuring out how to create this process is paramount to keeping the process running well.
Two different pipelines sets, one for infrastructure as code utilizing Terraform, Cloud Formation, Cloud Foundations, CAS, ETC. and Application Pipelines pushing code to an app(Using azure devops, Jenkins, spinnaker, etc.)
Code Stream is integrated with Cloud Assembly in CAS so it makes sense that the combination of vRA and CAS flows.
Northern Grumman went to 250 feature branch merges a day. That’s awesome.
CD pipeline for code stream

Once I get the video up or this its worth a watch for the demo itself. The co-joining between CAS and vRealize is a bit easier to understand when they talk through it. Though I’ll admit I’m not a fan at what Code Stream looks like. Perhaps the gui, and I need to dig in more with the code.

Building and Controlling Modern REST APIs with OpenAPI and Kong [CODE3326U]

With Dan Illson @dan_illson http://www.cloudjourney.io

VMworld Video

Kong is a usable API gateway other things like ambassador
API = application programming interface
APIs bring multiple machines into one, as previously engineers didn’t care where the APIs were because normally they were all on the same machine, now they are all over the place.
APIs have built ins like get and post to utilize information
CRUD = Create, Read, Update, Delete
Lets talk about REST API
Key unit of measure of REST is a resource
REST is a good process of push pull information from one place to another.
OpenAPI Specification(Swagger 3.0)
- https://swagger.io/specification
OpenAPI definition is created via a Yaml file.
What is an API gateway? An element which coordinates and orchestrates how requests are processed.
- It routes requests to services
Most commonly used as “front end” for sets of services/microservices
May also be “internally” between the components of an application
Kong – A popular open source API gateway implementation
- Written on nginx
- API driven configuration
- Modular via plugins

The Genius of Kubernetes [CODE1172UR]

Richard Lander

VMworld Video

Ingredients of Success
API Driven System
Kubernetes API is THE interface!
Control Loops
Reconciling State
Kubernetes Control Plane
Extensibility – Stacking building blocks
Community – Compounding the success
The Benefits of Kubernetes – Boost Productivity, Improve Reliability
Links

Automating Builds and Deployments, aka CI/CD for Dummies [CODE3330U]

Tim Davis @vtimd http://www.cloudjourney.io

VMworld Video

This is focusing on Software development and what those tools are like
Why automate
- You can know whats out there but you need to standardize and create policy around it.
- Also the manual process is bad… very bad…
What is CI/CD
- CI = Continuous Integration
  - Your Code base when updated is deployed and set into a repo, and pushed into production via CD
- CD = Continuous Deployment(Delivery) – Sending that code repo into production
  - Taking the code thats been built and sent into the production servers for actual use.
How does it work?(Demo)
- Basically starting with a GitLab repository(because not a fan of GitHub).
- Once the code is local, you can run the docker build and then push it to the docker repository(docker.io)
- The build yml file indicates stages such as Scanning for claire scanning to run and find CDEs on any files they are using.
- Performance scanning with Locust performance to check the application
- One thing is a variable that can be piped into the yaml via the secrets stored in GitLab
- How do you get all this into the pipeline? Automate one piece at a time, one stage at a time. Automation the build stage, if that works Automate the next stage etc. until you have a good and repeatable CI/CD pipeline.
Make it up as we go along.

Things that happened today!

vBeards with my VMug Leader!! I had to faux it… 😦

#vBeardsRockSFO @wmichel and @vNerdyNate pic.twitter.com/dCyc7iw4U8

— Wences Michel (@wmichel) August 27, 2019

I found CODY!!

Found @Codydearkland!!! He looks like he gives the best hugs… pic.twitter.com/7RMaOsxn8c

— Nathan Bennett (@vNerdyNate) August 26, 2019