vRealize Operations 7.5 Application Monitoring

Application Monitoring

These days there are a lot of different application monitoring solutions. I know cause I’m in the middle of looking through them for a good fit. The hardest thing for an IT operations engineer is having to be woken up at 3AM to fix a “Server Down” situation. However, it’s even more detrimental to for a company to have a customer or a critical application to be down and no one be alerted.

I always think about the old adage, “If a tree falls in the woods but no one hears it does it actually fall?” Well of course it does. The difference is no one knows or cares about said tree. Well if that tree is a tier 1 app. You better know whats going on.

I decided to write this cause I had a really hard time figuring out how to get things setup in vROPS. Yes disk monitoring and other basic management packs are available for vROPS, but I wanted to be able to do more. HTTP get requests, IIS, SQL, ETC.

I know this will probably all change with vROPS 8.0 coming out, but for now this is what I wanted to roll out to test. The process may change or it may stay the same. Once I get my dirty hands on it, I’ll update this post as needed.

Couple of Pre-Requisites

  1. vRealize Operations deployed into your environment
  2. Licensing for the Enterprise edition of vROPS. You can do some OS monitoring with Advanced, but for application monitoring, you will need Enterprise

Application Remote Collector

Here is a video by John Dias on what you need to do to set this up, I’ll go through it step by step as well, so you have some steps on top of the video.

John Dias Video

  1. Log into vROPS
  2. On the dashboard go to “Monitor Applications” and then select “Configure Application Monitoring”Screen Shot 2019-09-06 at 6.43.03 AM
  3. Next you will Select what type of application Monitoring you will use. Either vROPS or Wavefront. For this we’ll use vRealize Operations, and Click “Save” NOTE: This is an irreversible choice. So plan ahead and make sure that you will be using this monitoring through vROPS only for the selection you pick.Screen Shot 2019-09-06 at 6.44.41 AM
  4. This can take a while, but if you haven’t activate the vRealize Application Management Package in vROPS you will be notified to do so.Screen Shot 2019-09-06 at 6.45.41 AM
  5. Just click “Activate” and it will take you to the Administration Tab:Screen Shot 2019-09-06 at 6.46.28 AM
  6. Just click “Activate”, This will take some time depending on the size of your deployment.
  7. Now that it’s activated, On the same tab(Administration) go to “Configuration”, and “Application Remote Collector”. Click the green download arrow to download the OVA of the Remote Collector. This will need to be deployed into your environment.Screen Shot 2019-09-06 at 7.05.19 AM
  8. Once the OVA is downloaded, deploy it to your environment. Probably good to neighbor your vRealize Operations deployment, so that you wont have to deal with those Networking guys. I wont go over the OVA deployment as it’s pretty standard. I will note, that you need to make SURE you remember the password you set.
  9. Power up your Remote collector appliance.
  10. Set a DNS record for the Remote Collector IP.
  11. Once the Collector is up. Open the console
  12. Login with username: root, Password: “vmware”
  13. Create a new password
  14. run: vi /etc/ntp.conf
  15. Add a new line at the bottom pointing to an NTP server – Line will look like: “server time.google.com”
  16. Run the following
    1. enable NTP
      1. systemctl start ntpd
      2. systemctl enable ntpd
    2. enable start ssh
      1. systemctl enable sshd
      2. systemctl start sshd
  17. Return to vROPS and go to the “Administration” tab under “Configuration -> Application Remote Collector” Click the green “+”Screen Shot 2019-09-08 at 6.39.10 AM
  18. Here is where DNS comes in. I’ve had some issues with getting vROPS to see the collector. On the top line input the FQDN of the collector(IP works as well for setup) input your Username and Password that you set when you created the appliance.Screen Shot 2019-09-08 at 6.56.38 AM
  19. Under “Map vCenters” Select the vCenter from the drop-down and run “Test Connection”.Screen Shot 2019-09-08 at 6.56.53 AM
  20. Now after the Collector is loaded, click, “Configure Agents”. Select the VMs you want to install the agent on, and click the “Install” button (It’s the arrow pointing down). FunFact – You can use shift click to select multiple machines, and use the filter to allow a better selection.Screen Shot 2019-09-08 at 7.01.47 AM
  21. I use a “Common Password” and a service account for my agent deployments.Screen Shot 2019-09-08 at 7.06.29 AMScreen Shot 2019-09-08 at 7.06.47 AM
  22. It’s not very intuitive, but once the agent has finished connecting and has some built in service, you can create a custom built monitoring solution off the “Manage Service” button. It has some built in ports etc. Screen Shot 2019-09-08 at 7.14.03 AM
  23. Now you can setup some other monitoring, For instance some port probes, HTTP probes, or a simple ICMP check to verify the machine is up. These all have some different configurations settings, but you can explore from here.

Now that you have configured an application collector and agents have been deployed, you can go to the “Troubleshoot Application” dashboard and take a look! Here is an example of an ICMP checker when the server is down. Notice availability?Screen Shot 2019-09-08 at 7.30.39 AM On the other ICMP check the availability shows 100 percent. Now you have a metric to track, as well as a map to see all the connections.

For the built in services, be sure to add a display name on it to track the service on the VM in “Troubleshooting an Application” in “Dashboards”. Here is an example of the domain controller. Screen Shot 2019-09-08 at 7.43.26 AM

The Ad check is still collecting, at this point, but it shows the extensibility of the built in Monitoring Service.

I hope this helps get you started, I didn’t go very much over more than the video, but thats kinda the point. I really want to fill in spots that I had issues on, in case others have the same issues. Instead of calls over 3 days, I hope this is a good one stop config for the Applications collector on vRealize Operations 7.5

Thursday @VMworld

VMWorld Certification Experience

So I woke up at 6AM this morning, I had a lot of anxiety about the test so definitely wasn’t ready or well-rested for it. However, I was determined to get a good start into the foray of certifications after I talked with the education people yesterday. Its definitely intimidating to walk up and check-in for something that your hoping to turn out well.

Taking the test was very akin to my other certifications but the main difference that I absolutely loved was my immediate comfort with the test. I know this stuff. Maybe I don’t know it very well, but I do daily tasks within this product. I think  there will be many people out there that will find this same experience. I’d suggest, if possible, investing in a lab, or public cloud test, whatever, before you study for a certification. Don’t let the certification be your first foray into a field. That was my problem when IT became my 2nd career. I decided to just get some certifications, and maybe I could get somewhere. It was the hardest thing I did. Then when I started my first big boy IT job, they didn’t care that I had them. In fact, no one cared about what certifications I got. Let me put it this way.. Certifications is a checkbox for upper level positions, Not a checkbox for entry-level positions. At least this has been my experience.

I missed by 3 questions with 0 studying. That just tells me some studying and I’ll get her done. Regardless a very encouraging time for me, and well worth the money for my own personal growth.

Ask the Experts your Toughest Kubernetes Questions[MTE6161U]

So the Expert didn’t show up to our meet the expert discussion. So I decided to talk to the two guys that showed up and ask them what their exposure was with Kubernetes. My own knowledge is very limited, however, as engaged as I have been through VMworld and all the sessions I attended, I asked if it would help them if I shared what I had discussed with others, and my own experience.

I believe a lot in paying it forward when possible, but its not a great to try to take over something when your not an “expert” in it. However, I wanted to help as much as I could. I just went over some of the Kubernetes discussion I’ve had as well as some training I’ve done with AKS and Kubernetes.

It really helped me realize that maybe I should start doing some talks and start going through the white pages and create presentations. This was a good realization, that there are those out there that can benefit from the things I have learned, even though i’m not an expert.

Machine Learning in Less Than 1 Hour with Python [CODE3331U]

Dan Illson @danillson @cloudjourney Cloudjourney.io

VMworld Video

  • What is Machine Learning??
    • A subset of “Artificial intelligence”
    • “Learning based on experience”
    • a process of identifying patterns in data
    • building models which explain a set of data
    • prediction without explicit pre-programmed rules/models
    • closely related to computational statistics
    • NOT MAGIC
  • Breaking down machine learning
    • supervised learning
      • Classification and Regression
        • regression I have a theory and i’m trying to test to progress to the smallest integer
      • using existing data to help interpret new data
      • algorithms include:
        • decision trees
        • support-vector machine
        • native bayes classifier
        • k-nearest neighbors
        • linear regression
    •  unsupervised learning:
      • only received data is considered
      • Algorithm families:
        • clustering
        • association
  • Python why?
    • Python and R are what are normally used for Data Science
      • Its easy to start with
        • the syntax is easily human readable
        • available for many systems
        • its popular and easy to get help
      • all functions are presented
      • fast
      • has a comfortable interface
        • including the command line interpreter
      •  many standard libraries for it
  • Lets try some supervised learning
    • We’ll use the “iris” data set that comes packaged with the sklearn library
    • python via the command line interface
    • we’ll use the k-nearest neighbors algorithm:
      • a positive integer k is specified, along with a new sample
      • we select the k entries in our database which are closest to the new sample
      • we find the most common classification of these entries
      • this is the classification twe give to the new sample
  • DEMO!
    • scipy.org
    • numpy.org
    • matplotlib
    • pandas.pydata.org
    • scikit-learn.org
  • Mean accuracy model – how close it can be accurate with the model.
  • Code for today will be posted on codejourney.io within the next weeks time.

Other things to see is NL VMUG video by Jad Al-Zein on the topic, as well as machine learning on python, in Coursera

Machinelearningmastery.com great resource.

Using NSX-T to Modernize Your IT Infrastructure by IBM [CNET3380BU]

VMworld Video

  • Your either disruptive on the network or your disrupting.
  • Utilizing NSX-T allows less disruption
  • With the challenges of new business models, hybrid, multi-cloud reality presents new opportunities, as well as new challenges…
  • New tech and Containers are helping to support and address concrete business needs
  • Introducing new tech and clouds introduces challenges on integrating with existing technology
  • So how can IBM help?
  • IBM and VMware have been partners since 2014 in enabling NSX for vSphere.
  • NSX-T does not need VCenter

Ending VMworld

Well that’s another VMworld in the books. Man I’m tired. What a wonderful time with wonderful people. Its really weird on Thursday that you start feeling like this place is home. The repetition of going from one session to another. The constant insanity of walk/run/sit/type/type more/run/eat/run/sit/type, becomes just 2nd nature. You start seeing things around you as constant, but its not. Its just part of your life, that has now ended, and like a child who’s been told to stop playing at a friends house, its time to go home.

I’ve got some great Ideas for blogs, and I hope to go through those soon! Till then dear readers!

Wednesday @VMworld

VMworld Tips(AGAIN)

First remember that you are on your feet for almost the entire time you’re NOT in a session and in some cases a bit when you’re in there. The continual mantra that comfortable shoes need to be your first item to pack is totally true.

HOWEVER:

There are definitely other tips to give which I’ll endeavor to share here:

  • Continually verify your session list(Its subject to change)
  • Verify you are in the right place and where you’re going next. This is important when rooms are assigned to the schedule. Its a good idea to grab the sessions you want, but when the rooms are assigned, make sure you don’t have to run across campus to get into a session. Aka, Dont’ be like me
  • Talk to people! I’m going to bring this up almost every day that I can. Its important to recognize that you, YES YOU, are a part of this community. If you’re at VMworld you’re a part of US, and we’re glad to have you! So say hi!
  • Baggage! A lot of people have mental baggage but I’m talking actual luggage here. Check-in/Check-out at your hotel can be a pain. Utilize the bell-hop, or concierge, or whatever they call it at the hotel to hold your bags if the room isn’t ready, or hold them if you checkout on the last day of VMworld, and your flight is later that night.
  • Another word about Sessions. If you see a session you would rather be in, than the one you’re walking to. Go do it! Sure, you’re signed up for another session, but that doesn’t mean you’ll be shot for not showing up. One thing though, if you do this, remove the session from your schedule, as you will still get a survey to fill out. One way or the other, seats are released 10 minutes prior.
  • TWITTER! This little app has changed my life. Take pictures, Use Hashtags, follow people. This is a great resource for everyday growth, and importantly for the community. As I said previously, you’re already part of the community, so say Hi!

Ok imma hop off the soapbox.. Back to sessions…

Zero to App: Building Your First Application in Kubernetes [CODE1804U]

Bill Shetti @shetti @cloudjournei.io http://www.cloudjourney.io

VMworld Video

  • In 30 min we will…
  • VMware Tanzu… the “Obvious answer”
  • Building a cluster in PKS(Usable for the next couple months)
  • The app… Node.js app
  • App deployment is already built
    • Has index.jas
    • Has a dockerfile to show the build of the dockerfile
    • docker buld -t simpleapp was the command he ran and “-t” names the app
    • Tag the app using “docker tag simpleapp: *TAGINfo*)
    • Pushing it to google cloud register with “gcloud push”
    • Now we build the docker image, and pushed it to a container registry
    • Log into the kubernetes cluster
    • verify by using “kubectl –version” or “kubectl get pods”
    • If the pods aren’t coming up, you can always “kubectl describe *PODNAME*”
    • “vke  cluster show bob” shows the information of the kubernetes cluster in vke(pks)
    • PKS brings up a load balancer for you, so in Kubernetes you don’t have to run the node:LoadBalancer but you would run it as NodePort

Why should I use Virtual Volumes? A technical review. [HBI3416BUS]

Cody Hosterman @codyhosterman

VMworld Video

  • vVols are how pure storage was designed, and others.
  • with VMFS you are not protecting applications, you are protecting data stores
  • how VMDL restores VMs
  • as vms SCALE, Challenges arise.
  • what are vVols? Granular storage for VMs.
  • vVols – Every virtual machine has individual volumes on the array
    • every VM gets a config vVol – 4GB – holds the configuration information of the VM
    • Data vVol – for every virtual disk added to the virtual machine there is a new data vVol
    • Swap vVol – is for the vm swap file. sized according to the VM memory
    • memory vVol – if the snapshot is taken with the “snapshot memory” option.
  • What is a Data vVol?
    • A data vVol is essentially a RDM. Just a block volume with whatever file system your guest puts on it. There is no VMFS on them, there is no VMDK encapsulating them. A direct volume. A well-orchestrated one!
    • VMFS Virtual disks are not first class citizens, vVols make virtual Disks first class Citizens. It increases control of your storage.
  •  on the array AND in VMware
  • What about physical to virtual?
  • Move data to Cloud Native
  • The Data Plane
    • how does the host see a vVol? vVols are not connected to a host in the traditional way(Not enough SCSI slots)
    • Protocol Endpoint
  • The Management Plane
  • Provisioning
  • Storage capabilities
  • VMware-Created Snapshots
    • Traditionally, when you took a VMware snapshot of a VM a delta file was created, this hurt performance
    • Now when you take a VMware snapshot the array does the copy. no performance penalty with FlashArray volume copy!
  • vVols is Space Efficient, they are direct RDMs so you can get a lot of space back by going to vVols.
  • Virtual Machine Restore
    • when a VM is deleted or a virtual disk how do you recover? Recovery includes loss of RTO and RPO
    • With vVols you have 24 hours to instantly recover and deleted disk or VM data on the Array itself.
  • VM Cloning – 100% Offloaded
    • when cloning a VM, or deploying from a template –the process is a full volume copy!
    • One API call to the FlashArray = Instant Cloning
    • 50GB virtual Machine? Clone time is 5 seconds!
  • More Insight and More knowledge
    • Ransomware encrypts the data on a VM, With vVols if you see the data reduction go to 5>1 or 1>1 someone encrypted the data, you can respond quickly
  • Encryption and Reduction
    • Pure now encrypts the OS with a special key.
  • Replication
    • vVols and replication
    • there is a concept of a source replication group and a target group. VMs are put into a source and fail over is run against the target.
    • PowerCLI Cmdlets
  • Getting there…
    • Flash-array vSphere client plugin!
      • {Powershell}
      • Migration to vVols – Storage vMotion – Online Migration!
      • More info!

I blinked and was 3 slides behind. Cody goes fast and brings so many great points that I just cant keep up. Watch the video. Man this guy is good.

Is IT Ready to Enable Success in Your Multi-Cloud Environment? [MCO1687BU]

Jad El-Zein @virtualjad Keven Lees

VMworld Video

  • IT Mindset shift IS REQUIRED
  • Clouds are the new silos
  • The goal is blended teams, looking at Service Oriented approach
  • Processes? The good and the bad..
    • Governance or lack thereof is one of the biggest things with Shadow IT, and its needed to maintain the workloads and stay within policies.
    • Provisioning
    • Security and governance
  • Multi-cloud consumption
    • Aligning with Enterprise need
    • VMware Cloud Assembly – Build, Deploy, and iterate on applications
      • Setup your cloud accounts, and zones
      • configure your projects(business groups in vRA)
      • design your blueprints(IaC in CAS)
      • Cloud Assembly – Declarative provisioning and life cycle
      • IaC choice of UI or Yaml Editor
      • VMware Service Broker
      • Infra and App Pipelines
      • Content Marketplace
      • Multi-Cloud Extensibility
        • ABX on-prem with Powershell Support
    • Multi-cloud Operations
      • Self-Driving Operations
      • Intelligent Monitoring and root Cause Analysis(VROPS 8.0)
      • Apps-ops and wavefront are free trials, and cloud health is a trial or POC for testing

Kubernetes and Cloud Automation Services: A Primer [HBO2769BU]

CODE DE ARKLAND AND CHRIS McCLANAHAN The OG

VMworld video

  • vRealize Automation Cloud
  • Kubernetes in PKS
  • Kubernetes Profiles
    • Tag the profiles needed within a blueprint as a constraint for kubernetes within PKS
    • Use tags within the whole platform to define how things provision, Size, region, etc. the tags are everywhere.
  • PKS on the Design Canvas
    • Define the whole kubernetes cluster with an easy drag-drop blueprint
  • On-boarding Existing and External Clusters
    • If Kubernetes is already built you can bring that in so that you can manage kubernetes cluster within the application
    • Master would need to be exposed publicly to be able to manage an already built Kubernetes cluster.
  • Kubernetes in the Marketplace
    • Currently you can do a vsphere cloud.init template that has Kubernetes on ubuntu 16.
    • Don’t need PKS to do Kubernetes things
    • Cloud proxy to deploy on-prem for CAS(Maybe vRA 8 Cloud?)
    • Kubernetes Zones, allow you to bring into your PKS endpoint for Kubernetes
    • You can t-shirt size your deployments
    • You can setup the deployments and allow “Projects” to deploy the needed deployments
    • You can Gui’fy namespaces within Kubernetes, this allows you to hide namespaces from other users.
  • You deploy apps in this under Code Stream.
    • Setting up the pipeline in Code Stream is paramount as anything as Code is needed for specific run times. This includes the app, load balancer, and everything that needs to run for the app.
    • Code Stream works with Gitlab, hub, etc. and when you push a commit to your repo, Code Stream will see it and push that through Code Stream to perform the build and run.

How to not go broke with CI/CD deployments [CODE3452U]

Tim Davis @vTimd

VMworld video

I got to his talk late(*bladder, and sessions were too stacked .. See pointers above*), but wanted to share his talk as its been shared on podcasts and other places.

Deep Dive – Kubernetes Resource Management for vSphere Admins [KUB1208BU]

Michael Gasch and Pranshu Jain

VMworld video

  • Putting Kubernetes on vSphere.
    • Not covering Tanzu or project pacific basically just vSphere
    • Its a good idea to put the kubernetes nodes in Ha as they are not Ha setup.
  • Kubernetes 101
  • Pod is the atomic element of Kubernetes
  • Resource management is the allocation of resources from resource provider to resource consumers
  • https://k8s.af – to help with postmortems and outages, 9 out of 10 related to resource management.
  • But why should I care?(other than most outages are from resources)
    • Best Practices doesn’t always transfer to best practices from a higher level
  • Specifying the pod specialization and resources
  • Resource management in the life of a POD
    • Important to utilize namespaces and then refer to those tenants with what resources are available to the tenant
    • By setting the validation in the Yaml with the namespaces it allows us to know the quota of the VMs and we don’t over commit or under commit our nodes.
  • Best Practice for Kubernetes #1
    • vSphere HA is good for Kubernetes clusters.
    • Define an admission policy for HA that will help understand the normal group and the critical(high cpu etc) group
    • Finally DRS using anti-affinity VM monitoring and host issues
  • Placement with Kube-Scheduler
  • Assisting kube-scheduler how???
  • Enforcement
    • Setting resource limits on the linux kernel VMs is critical to maintaining the cluster. So each deployment in yaml as declarative or an imperative command should have the cpu/ram statements in order to change that information

Very dense talk but well worth it. Basically run on VMs, Enable HA, Use resource limitation switches, and watch your clusters.

Prove Your Skills and Validate Your Value with VMware Certification [EDU3684U]

I know this is a more personal session, but its worth mentioning that we all need to “prove our worth” too many times. Its worth having a sign or symbol to raise when someone challenges you and wont listen. We all have those people who will argue and argue. Also as we move into higher and higher positions, this is a needed step in our growth.

Karl Childs @karlchilds

  • There are quantifiable results that show that individuals get benefits other than employer benefits
  • VCDX – FREE POLO
  • VMware Certification Tracks
  • Good analogy is boulders across a river and you’re trying to get across the river by those boulders
  • What if you miss the exam? or how do you prevent that?
  • Run a Skills Gap-Analysis
  • Download an exam-prep-guide

Things I learned about the Certificate process:

  1. Foundations exam is taken online, and is open book. Still have to pay for it.
  2. The class can be any class. Whether it be for vRA, NSX etc. But it is a REQUIREMENT for the VCP. You can pass all the exams but you will get nothing till you do the class training.
  3. There are lower cost options for the class part. You don’t have to do a 4500$ spend just to get your cert. This is part of the whole #vCommunity mill, but there are those that have done this part much cheaper. Not saying the actual courses aren’t worth it, they definitely are. There are just other options. If you’re a part of VMUG ask your Leader, I’m sure they know.
  4. I’m going to take my vRA VCP tomorrow and take advantage of the 50% off. However, with VMworld fest happening tonight and all the other things, I wont study at all before its there. But it’ll be good to know whats out there, and what the last couple years have taught me.

VMFest

Taking a huge line of buses to the party was insane. I definitely didn’t want to roll with that. Thankfully a friend shelled out on an uber and we got there while Billy Idol was rockin’. Yes Billy F’ng Idol…zot876z5QyiNSnCqzNyWSg

L25A%m0HQoOySFg+Q2iDmw58874062288__619FCAE6-E031-403D-AE6C-F194369B3435

I have to admit he had to rely on the audience for some parts, but the dude is still killin’ it at 60 #LifeGoals. He’s still the drunk rocker persona on the stage, and he’s still crass, and swearing… but we love him anyway cause its rock n’ roll baby.

Next on stage was One Direction…… I mean, One Republic… Man I’m old.. #InsideJoke

The first song I heard of One Republic was “Secrets” which was the end credits song after “The Magicians Apprentice” movie with Nick Cage… Yup, That movie. Regardless that song holds a specific feeling in my life and whenever I hear it I’m transported to that place. However, my highlight of the night was when we got to hear “Halo” which was written by One Republic front man Ryan Tedder, and Beyonce performed and made popular. Hearing it from a male voice like his was incredibly impressive.

Twitter Life!

I met William Lam! This guy has been a huge part of the community and has always been a force for good to the groups. Thanks man for all you do!

Also PEDRO ARROW, also known as Pete Fletcha, of Virtually Speaking Podcast!

FINALLY met an amazing tech guru, and another leader in the community wether he likes it or not the one and only Jad Al-Zein. His blogs and videos on vRA 7.x saved my hide multiple times. Great guy to talk to, and hes SO EASY to talk to as well!!

Now for bed, lets hope the test tomorrow will come out better than I expect, would be nice to pass, but I’m going to try not to hope for it a ton… even though I know it’ll be hard to sleep knowing I’ll be doing that in the morning.

Tuesday @VMworld

San Fransisco!

I decided to write a bit about the town, I came from a 105 degree Texas over to the west coast. Considering the only “West Coast” thing I knew was a swing dancing step known as the West Coast 3-step(I met my wife Swing Dancing).

ITS COLD. Yeah ok so lows in the 50s is not something I was prepared for, but man the thin hoodie I brought is just not up to snuff for this kind of weather. The highs are really nice, walking .5 miles just to Mascone and an ungodly amount afterwards is really nice here.

THE FOG! OK, so if you’ve seen as many horror films as me you know that the fog is not  a good thing. That’s when the monsters come and when we all subsequently die. I’ve never seen fog like this, the thickness, the smell, its something different.

THE HOMELESS. Ok, coming from Texas almost everyone had a snide comment for me, “Don’t step in the poop!”, “Check the poop map daily!”, and basically a lot of snickering about poop and the homeless people. For one, the homeless people are subsequent to our human nature. Not everyone goes to VMworld and not everyone can do what we do daily, but ANYONE can be homeless. To me the statement, “Homeless are just people without homes” is a real statement. I used to preach to homeless shelters aeons ago, and that feeling of men/women needing shelter, food, and to be treated like actual people is still instilled in me.

Also to everyone that asked, I haven’t seen one poop on the sidewalk OK. GET OVER IT.

The real VMworld

I’d be remiss if I didn’t take a time to state what the best thing about VMworld is. Its the people around you. If you’re at VMworld alone, talk. Find a table with one seat open, and sit in that chair, and talk to them. I’m pretty sure we’re all people, and we all want to help, grow, and befriend new people starting a journey or maybe finding people who are already well past our journey. This is one of the greatest communitites out there and one of my favorites!

General Session with Steve Young and Lindsay Vonn and Ray O’Farrell

  • Started with a video about the future. Very Walt Disney Epcot “City of the Future” Stuff or Spaceship Earth
  • Digital Transformation and Digital infrastructure
  • Tanzu Tees being used as a question for the three keys, Build, Run, Manage for the apps.
  • DellEMC VMware Cloud Partnership and Project. (Previously Project Dimension)
    • Showing project PACIFIC Holy cow! They are writing the private cloud to be Dev-Centric allowing developers to deploy and utilize the software for quick build/run
    • vSphere itself is branded to join Kubernetes itself. Amazing.
    • Tanzu Mission control, Showing clusters in the multi-cloud. The hype is real
    • Basically setting a binding in Tanzu Mission control it can run the fleet cluster in the multi-cloud
    • Unified controller for a unified management platform. IF everything is running on vmware
  • Moving to Connect and protect(Marcos Hernandez)
    • Looking at Tanzu Mission Control Running in NSX Service Mesh
    • NSX-T within Tanzu Mission Control works much like Network Insight and utilized the full force of VMware apps, to show the mapping, the flow, and then uses data analytics to create a list of needed rules.
    • SIMULATION MODE(Totes cool bruh)
    • Now only protected flows work on the wire… BOOM
    • Now utilizing App Defense, and Carbon Black to fix vulnerabilities. VMware has taken no time to integrate their new partners into their productsgP1eUBwHQaChClLuKVS22g
  • Wavefront
    • Utilizing Wavefront to  manage the issues within your multi-cloud environment.
    • Traces showing Distrib Tracing.
    • Now from Wavefront you can connect directly to the component thats having issues
    • Project Magna to fix VSAN issues.
    • Now after we have secured, and fixed our environment, we utilize Cloud Health in the background, and yet again get to it in Tanzu Mission Control.
    • Cloud Health is now used to reclaim unused VM’s and alert when approaching or over budget.
  • Zuora – a Customer story
  • Now we’re moving to the Experience
      • Horizon Desktop as a service (DAAS??)
      • This allows deployment to many different locations, applications, etc. Basically full setup for the employee that just joined, as a virtual machine.
      • Workspace ONE – Employee experience dashboard showing issues, and sets rules via automation to create the ticket run the automation.
      • Workspace
  • Emerging Tech
    • HCX enterprise will allow migrations from one VMC to another accross the nation, The change rate is obviously key here in how it runs but it will be amazing.
    • ESXi on ARM
  • SanJay Poonen, Steve Young, and Lindsay Vonn
    • the sick burns from Lindsay Vonn are worth every penny of the VMworld ticket. AWESOME

Peanut Butter and Jelly: Why Virtual Machines and Containers Go Together [KUB1133BU]

Kenny Coleman @kendrickcoleman and Tristan Todd @tristantodd

VMworld Video

  • Myths about Containers and VM’s co-habitating
    • 5 reasons you should run containers on bare metal, not vms(Diamanti)
    • Myth: Each vm consumes storage plus cpu for a full virtual machine before you spin up a containerized workflow, so the vm ties up resources whether its using it or not
      • A good argument, but you dont need to have specialized hardware to run a specific task.
      • Hardware capability – abstracted vs hard requirement. VMware has done a great job of abstracting the layer so that the hardware abstraction doesn’t run resources when needed.
  • Myth:  Individual containers are stateless and ephemeral. Rather than moving a running container from one host to another as you would with a VM, you just start a new instance on another host
    • Higher availability doesn’t mean that it works against the Kubernetes orchestrator. Kubernetes doesn’t take into account the resources issues or problems like DRS in vSphere.
    • vSphere with Kubernetes provides dual layer scheduling for maximum resource utilization with DRS
    • Bare Metal requires Kubernetes management services to enact cloud native mechanisms in event of maintenance or failures. Expect etcd to rebuild and replicate databases.
    • Kuberenetes master is like vCenter it is your central hub and master, if you lose it bad times. Making that more resilient is great.
  • Because containers are lightweight, one of their advantages is the ability to run a greater number of containers per server, than VMs
    • Scale, All machines can fail, so scaling the repopulation of that machine upon failure is key. Especially on the kubernetes master. If this drops having it built on a VM allows faster response and rebuild.
  • The people using and managing the container environments are likely not the same ones managing the vm environment.
    • This is a dumb statement. This basically is backwards thinking against DevOps stating that no ops and Dev can talk to each other. The whole Beauty of containers is the connection between Dev and Ops together.
    • Its not always a failure in communication as much as you’re speaking a different language than the other. You need to find a common ground and talk to each other.
  • The bare-metal contianer benchmarks demonstrated a 25-30% advantage over VM-based containers in both I/O and CPU processes.
    • Actual VM Benefits vs Theoretical Performace Advantage
    • Off course with #runkennyrun – He was the guy pushing bare metal for so long but now had changed his thought process especially with CSI (Container Storage Interface) that allows different solutions with vSphere. Now if you run this on bare metal you will need to verify that the CSI driver will run on bare metal. in VMware thats already built in(Not GA yet)
  • No mention of security… So lets talk about that
    • VM’s already come with security!
    • Heartbleed, spectre, meltdown and more require OS and firmware updates. How fast can you patch with bare metal automation???
  • Kubernetes on bare metal
  • Kubernetes on VMs(Linux VMs)

How PowerCLI Makes vSphere Configuration Management Easy [CODE2214U]

Kyle Ruddy @kmruddy kmruddy.com github.com/kmruddy podcast vbrownbag.com etc, etc… aka DA man

VMworld Video

  • Configuration Management
  • Runing a declarative IAC to verify a “indempotent” (repeatable) outcome
  • Why configuration Management Matters! SOURCE CONTROL DANGIT
  • Configuration Management Breakdown…
    • Central Node(and repo)
    • Yaml, JSON config file(whatever)
    • Endpoint node
    • Central Node pushes the config file to the endpoint and runs the config to setup whatever config is set.
  • You can use many different configuration managers
  • Ansible Example
  • PowerShell Definition
  • PowerCLI Definition
  • PowerShell Desired State Configuration
    • MOF = Manage Object Files
    • LCM = Local Control Manager
  • PowerCLI DSC = VMware.vSphereDSC
  • DSC for VMware
  • Sample configuration file setting NTPServer
  • DEMO = {Video will be posted once up.}
  • One More Thing…
    • vSphere configuration management exists in other configuration managers. Ansible, Chef, Puppet etc..
    • Ansible sample code.

Automating Hybrid Clouds with VMware Cloud Automation Services [MTE6051U]

Great talk with @virtual_crazo about vRA 8.0 and vRA cloud. Some amazing stuff out there coming out in the next couple of months.

 

Modern Apps Showcase with Kubernetes

VMworld Video

Showcase leaders:

  • Kubernetes is too interesting, and should be boring.
  • Modern Apps Framework
  • Tanzu initiative trying to modernize apps.
  • Build with Pivotal!
    • With the new stack utilizing pivotal, customers have been able to go from code rolls from every 6 months, to 3 times a week. Also it leads to self healing for the customers
    • Tanzu will lead to building modern applications:
    • 3rd party apps that can run in Tanzu – HASHICORP!! also Pure, and CloudBees
  • RUN
    • Project Pacific – Kubernetes on vSphere!
    • We live in a world where we demand modern and specific infrastructure
    • Verizon model after amazon flywheel to drive faster time to the market, and more capacity for innovation.
    • Articulating the value
    • Strategy for espansion
  • Manage
    • Manage kubernetes for developers AND IT
      • Tanzy Mission control is the central hub that runs and manages the solution
      • The control pane elements bind together to be a solid management platform for the managers of the resource.
  • DEMO.
    • Running a demo on Tanzu mission control First screen shows individual tags, multipls public/private clouds, and resources
    • k8s.vmware.com/vmworld-us

THE DAY!

I got my Al Rasheed selfy, An amazingly friendly, and wonderful human being:

Met and Selfied with @lost_signal the one and only John Nicholson!

This is what happens when vmworld says, “Quantity is limited” on a free t-shirt:

And I mean Pat… THE PAT

vExpert Party

Finally get to go to a party I’ve been looking forward too for a long time! So many great people to follow on twitter and to talk to. This party didn’t have huge artists or crazy loud music just good people and good discussion. From discussing all the different carreer paths to the new solutions they are playing with. These guys are always around and willing to help. If you use twitter, please setup a follow on the #vExpert tag so that we can all share in our experience, problems, and life. Thats what we are here for as the human condition!

On to the next day.

Monday @VMworld

Note: For the sessions I’ll embed the videos once they are released. Similar to the general session.

General Session

Big announcements

  • Acquisition of Pivotal and Carbon Black
  • Project Tenzu with Project Pacific bringing native Kubernetes into the vSphere space running Kubernetes on ESXi and stating that it can run over 8% faster than bare metal and 30% faster than a linux VM.
  • Some other announcements but my mind was already blown.

Build Your First Kubernetes Cluster on vSphere with Kubeadm [CODE1151UR]

Kenny Coleman @kendrickcoleman

VMworld Video

Packed house makes it hard to type, but obviously. Kubernetes is a main interest point for all of the attendees of VMware. Also gotta shout out to VMware Code as they booths are pretty slick and awesome at the same time.

  • Kubeadm – De-facto under the covers use of creating your Kubernetes cluster.
  • Checkout the Kuberenetes the hard way in git
  • what is your distribution server(what OS)
  • make your distribution configurable as a template.
  • Important to find the pipeline to build it.
  • Now time to look through all the ways to install Kubernetes.
  • Networking! How do you inter-pod networking setup?(calicok, canal, kube-router,romana)
  • Are you ready to install? Nope gotta figure out storage. Persistent storage is a needed process that needs to be done. Especially moving that storage to CSI(container storage interface)
  • blah.cloud to setup the install. Now you can install Kubernetes.
  • Resource pool with no resources in vSphere??? Use Clustername/resources in the file to utilize the cluster.
  • Kubeadm runs upgrades for you for clusters. Documentation on what can and cant be done and the pre-reqs
  • Project Tanzu still part of the whole solution.
  • kubeadm normally runs with one master, now in Beta it can look into multi-master setup.
  • KubeADM is in alpha for Windows in 1.16
  • How to get started – https://kubernetes.academy/
  • Go check out blah.cloud.
  • Free HOL on PKS – goto: https://labs.hol.vmware.com/HOL/catalogs/catalog/1212 and search PKS

Cloud Native Fundamentals: Containers and Kubernetes 101 for the VI Admin [KUB1126BU]

Nathan Ness @nvpnathan & Scottie Ray @H2Only

VMworld Video

  • Basically starting off right where the previous session talking about all the components of Kubernetes
  • But it all starts on a dockerfile(if running on Docker)
  • One beauty of Kubernetes and Containers in general, is that once you have the template, file, w/e to setup your app. it can be run on whatever DLL you have.
  • Kubernetes terms
  • Node = Conainer host w/agent called “kubelet”
  • Application Deployment File = configuration file of desired state
  • Container Image = runs in a pod
  • Replicas = copies of pods that must be running
  • Moving from a Container to a pod, a Pod is the concept of a side-car idea as a container is one microservice whereas the pod has multiple microservices.
  • Labels help, do that….
  • Type:LoadBalancer is Key to the Kubernetes service as it takes the application and turns it into HA with its replicas.

A lot of Q and A time after the session. It seems like a lot of people are looking for Kunernetes answers to questions they haven’t really defined. There are a lot of great training out there for Kubernetes, but I’m definitely going to write up some stuff to go over and help define those answers. Gotta get home though… and remember to do it while renovating our house to sell..

Continuous Application Delivery with Code Stream: A customer journey [HBO1080BU]

With Juan Hernandez, and Deepak Kallakuri

[No Link]

  • Trying to get code into a CI/CD pipeline is the hardest part of most companies. Figuring out how to create this process is paramount to keeping the process running well.
  • Two different pipelines sets, one for infrastructure as code utilizing Terraform, Cloud Formation, Cloud Foundations, CAS, ETC.  and Application Pipelines pushing code to an app(Using azure devops, Jenkins, spinnaker, etc.)
  • Code Stream is integrated with Cloud Assembly in CAS so it makes sense that the combination of vRA and CAS flows.
  • Northern Grumman went to 250 feature branch merges a day. That’s awesome.
  • CD pipeline for code stream

Once I get the video up or this its worth a watch for the demo itself. The co-joining between CAS and vRealize is a bit easier to understand when they talk through it. Though I’ll admit I’m not a fan at what Code Stream looks like. Perhaps the gui, and I need to dig in more with the code.

Building and Controlling Modern REST APIs with OpenAPI and Kong [CODE3326U]

With Dan Illson @dan_illson  http://www.cloudjourney.io

VMworld Video

  • Kong is a usable API gateway other things like ambassador
  • API = application programming interface
  • APIs bring multiple machines into one, as previously engineers didn’t care where the APIs were because normally they were all on the same machine, now they are all over the place.
  • APIs have built ins like get and post to utilize information
  • CRUD = Create, Read, Update, Delete
  • Lets talk about REST API
  • Key unit of measure of REST is a resource
  • REST is a good process of push pull information from one place to another.
  • OpenAPI Specification(Swagger 3.0)
  • OpenAPI definition is created via a Yaml file.
  • What is an API gateway? An element which coordinates and orchestrates how requests are processed.
    • It routes requests to services
  • Most commonly used as “front end” for sets of services/microservices
  • May also be “internally” between the components of an application
  • Kong – A popular open source API gateway implementation
    • Written on nginx
    • API driven configuration
    • Modular via plugins

The Genius of Kubernetes [CODE1172UR]

Richard Lander

VMworld Video

Automating Builds and Deployments, aka CI/CD for Dummies [CODE3330U]

Tim Davis @vtimd http://www.cloudjourney.io

VMworld Video

  • This is focusing on Software development and what those tools are like
  • Why automate
    • You can know whats out there but you need to standardize and create policy around it.
    • Also the manual process is bad… very bad…
  • What is CI/CD
    • CI = Continuous Integration
      • Your Code base when updated is deployed and set into a repo, and pushed into production via CD
    • CD = Continuous Deployment(Delivery) – Sending that code repo into production
      • Taking the code thats been built and sent into the production servers for actual use.
  • How does it work?(Demo)
    • Basically starting with a GitLab repository(because not a fan of GitHub).
    • Once the code is local, you can run the docker build and then push it to the docker repository(docker.io)
    • The build yml file indicates stages such as Scanning for claire scanning to run and find CDEs on any files they are using.
    • Performance scanning with Locust performance to check the application
    • One thing is a variable that can be piped into the yaml via the secrets stored in GitLab
    • How do you get all this into the pipeline? Automate one piece at a time, one stage at a time. Automation the build stage, if that works Automate the next stage etc. until you have a good and repeatable CI/CD pipeline.
  • Make it up as we go along.

Things that happened today!

vBeards with my VMug Leader!! I had to faux it… 😦

I found CODY!!

Sunday OTW and @ VMworld 2019

The Trip

Sitting here in a quiet terminal is slightly surreal. I’m not used to silence or the singular sound of roller bags one at a time going through. Its peaceful… too peaceful. I got here too early.

I’m a stickler for rules. I don’t know why, but if I’m told to be at the airport two hours early I don’t ask questions I just do. However, since waking up at 3AM and being unable to get back to sleep, getting to this point has been paramount. I should explain that the last time I flew out of DFW Airport I was late for my flight. I’m more a Love field guy. Suffice it to say I had a lot of anxiety about today.

One thing people don’t tell you about much is time management with VMworld. Oh sure the #1 thing people say to prepare you is “COMFY SHOES” its almost something on a t-shirt or a bumper sticker, but time management is paramount. Which is also something I’m not great with.

Lets see, I fly out and arrive a little after 11, and have 2 hours before my first session it get to the hotel, check-in, register at VMworld, and hopefully get something to eat along the way. Lots of places for things to go wrong. But one place to go right. to inform you, dear reader, that flying out on Saturday, isn’t a bad way to do it. Sure, its one extra night, and meals, but the free thought and peace of knowing you’re not crunched is definitely worth it.

Lets see If I get to Run Kubernetes on VMware. Which is paramount to my going to VMworld, since I’m being a deciding factor on where we should run out Kube cluster(AWS, Azure, on-prem, IBM, etc.)

TIM DAVIS WHAT UP! I normally catch up on twitter when I can, and the airport definitely affords that. While scrolling and responding back and forth in twitter I found out my friend Tim Davis was at the same airport on the same flight, but was chilling in the admirals lounge! He got me in so we could catch up and prep some more for the oncoming VMworld enjoyment. Thanks TIM!

Not much to state about the flight, it wa pretty non-eventful. I don’t normally fly American, so it was nice to see all the great stuff that they had. What I get Movies?! cool…

Run Kubernetes on VMware

@Boskey, and @morellatosimone

Well as a first session goes, this is impressive. A full house made right at the kickoff. Really excited. As this is a Workshop there isn’t much to discuss or talk about. This will supposedly be an intro into kubernetes and a great warm up for VMworld. Here.We.Go…

  • Definition of Devops in this session is “Improving the pipeline to deploy code.”
  • its time to abstract the Operating system. (Heck yes it is. This is the main response to containers in our environment)
  • Kubernetes is a container orchestration layer that maintains desired state, distribute containerized workloads, decouple app from infrastructure.
  • Focusing on the removal of the App from the Infrastructure, normally when building an application you need the binary, configs, resources, storage, replication, load balancer(if needed), security(ACL) and Upgrades(CI/CD)
  • The same app in Kubernetes speak turns int pods, Secrets, deployment, PV(Persistant Volume) Claims, Replica Sets, services, Network Policies, Labels, and Services.JKBk72RNS2a3YFXCDX8MSw
  • The infrastructure layer would be either vSphere, AWS, GCP, or Azure.
  • Kubernetes Workloads: Pods, Jobs, Cron Jobs, Daemon Sets, Deployments, Replica Sets, Stateful Sets, CRDs8uvwa8ErStW0k2kkSgMRQw
  • p0nWwEMKSHGOwE2cOM3%TA
  • XEYikXi7QV6GDLpSZhtdOQ
  • Normally Kubernetes is stateless applications, but here we define StatefulSet in action:
  • v4mS2YoUSd2S1sKtyj7Tow
  • LabelsdI50KvjtSv2ePVHILw2fdg.jpg
  • Deployments, Replica Sets and ServiceIfL43QceSiyf8it7KpbLLw
  • Map of Kubernetes and Load balancingxY7LcSO4SlaM+glqFXuFcA
  • Map of PODS(How it looks)NkHwQ9GkTkKBHM9gmvRTTQ
  • Now the good stuff. Persistent Volumes. This is definitely a confusing discussion and caused a lot of questions. Here are the slides to hopefully show what it looks like.PoXPDMVtTcmHXg3ttmaj3AKXUzbgnPQpCjcUzfH%dgbQ
  • Slide on Config Maps/Secrets. This is something that I don’t really know enough about and need to review but hey, thats what Google is for right?APqiEQZiF5arlBuFBPA
  • Good summary of the SessionfOisSMr7TieT3Hb5%fVNow
  • Here is the link to alot of the PODS. Unfortunately, this requires PKS deployed and a pod available. Perhaps you can spin up a PKS HOL and have time to go through this as the YAMLs and information is all in a public Github.
  • Labs here: https://github.com/Boskey/run_kubernetes_with_vmware/wiki

The main difficulty for me was getting the VKE and Kubernetes cli in the /usr/bin. Its worth noting that if you have El Capitan installed on your Macbook /usr/bin is now a system folder and you can’t move or copy files there. I got around this by putting it in /usr/local/bin and then setting the PATH variable there.

All in All an amazing session. Give @Boskey, and @morellatosimone a follow!

Opening the Solutions Exchange

HASHICORP IS HERE! Getting face to face with people for the application is probably as good if not better than any session at VMworld. I only did about 4 to 5 booths, but was able to hit up Hashicorp, Git, Puppet, and cloudbolt. So many more vendors to talk to, with the bigger companies like Cohesity, Rubrik, Dell, AWS, GCP, Pure, etc.

Obviously these are great conversations here but I’m extending an already extended blog, so lets just call it a great time had by all 🙂

Parties

With Jet Lag and everything I didn’t make any parties to talk about. I tried to get to the VMUG and the VMunderground, but didn’t make either. So sad… Now to bed… I’m really tired…

Automation: Getting Started with vRealize Automation (Part 3)

So at this point you should have the following:

  1. Endpoint connection with your VCenter
  2. Fabric Group allowing the resources to be granted
  3. Business Groups allowing specific group of users access to..
  4. Reservations setup to grant resources to business groups
  5. Reservation policies to allow specific Reservations to be called
  6. Network Policy to allow specific IP pools to be pulled/pushed from
  7. Active directory policy to place computer objects in specific OUs

You should have All this from the following blogs:

It sounds insane to say it but now that you have all these building blocks completed. Now you can setup your blueprints and start your deployments.

The Design

Before you start your blueprint plot out on paper or your mind or whatever how you want the end goal of the deployment. Do you want a SAAS solution tacked on? Are you using Enterprise vRA or Advanced? All of these questions lead up to how you deploy your instances. For this purpose we’ll assume the following

  1. You read my blog, and you did the stuff
  2. You use Customization specifications for vSphere deployments
  3. You utilize Templates for your deployment

With the following assumed I’m just going to walk through a basic setup for a basic deployment. The goal here isn’t to get fancy. Its really just to get your feet wet so that the next steps will be to custom build the server from there on.

The Canvas

Once your logged back into vRA you will go to design, and then click the green + for a new blueprint. Here is the screen you will see:Screen Shot 2019-07-19 at 10.53.29 PM

So this is pretty basic,

  • Name is the name of the blueprint your creating
  • Id is the name of the blueprint as well, but no spaces
  • Description is pretty much what it is
  • Deployment limit, This limits the number of the deployments per request. This will allow users to build multiples of the same machine, However, you will need to have your naming statically set.
  • Lease Days – For this you can set the minimum of a lease, at the end of that lease if the user does not extend within the last two days it’ll shut down the machine and then the user can extend. If he doesn’t extend it will just stay shutdown. Once it gets to Archive day(s) it will shutdown the machine and delete it(So be careful). The deployment limit lease and archive are optional and do not need to be set.

Now lets look at the design canvas:Screen Shot 2019-07-19 at 11.14.51 PM

On the left you see your different categories and the assets you can deploy, From machines, Software components(ONLY IN ENTERPRISE LICENSE. Advanced will still see the option but not have the ability to change add one). Blueprints for nested deployment, Networks, XAAS, Containers, Config Management, and Other Components. These are all fun and great things to work with, but for this we’re going to keep it simple.

  • Machine Type – For now drag a VMware machine type onto the canvas and have that stick. This consists of the majority of properties, and is the central hub for the additional assets. Once you add the machine type into the canvas it’ll open up alot of other properties that we’ll get into.
  • Software Components – This is setup in Enterprise Licensed vRA and then can be attached to machine types in the canvas.
  • Blueprints – If you want to place an already setup blueprint in the canvas and attach multiple pre-built machines to a deployment.
  • Network & Security – Here is where a lot of you NSX automatons come in. For now we are just going to use the external network and connect it to our network profile.
  • Xaas – This attaches an automation for basically anything to a machine deployment
  • Containers – Deploys a container app into a cluster. However, there are pre-reqs there that are needed to be deployed properly.
  • Configuration Management – This deploys built in Ansible and Puppet workflows(I believe this started in 7.5 but perhaps 7.6)
  • Other Components – This is any other resource component or solution published for the deployment workflows

Videos:

Instead of giving a written write-up on how to do this, I figured its WAY easier to just see some of the pros do this in a video. @virtualJad has some amazing stuff thats older but still useful to get your feet wet, and if you’ve followed this blog the pre-reqs should still be there:

HOLs

Along with Videos, There are hands on labs that VMware uses to teach you how to create a deployment. Here are the labs:

 

I think these videos and HOL’s are a great way to pick up where this leaves off and get you going.

I hope this series has been a help to get you started using vRealize Automation.