My PKI Certificate Lifecycle is based on the following schema:

You can find the original diagram on this Microsoft PKI Certificate Lifecycle article. So instead of having a Root CA that is valid for 20 years and an Issuing CA that is valid for 10 years, I went with smaller validity periods, like 8 years for the Root CA and 4 years with the Issuing CA.

I use two different set of Generation PKI Infrastructure. The G1 on which this article is written is using a Root CA with a RSA (4096 Bits) Public Key and a sha512RSA Signature Algorithm for my G1 tier and the same for my Issuing CA. The G2 that you will see on some of the screenshots is based on a Root CA with a Elliptic curve cryptography (ECC)P521 and a sha512ECDSA Signature Algorithm.

Since my infrastructure is now running since 2015, I’m now closing in to the half-time of the Issuing CA validity period. What I decided to do is the following renewal:

• At T+4years the Issuing CA certificate will be renewed with a new key pair. This action enforces the 4year lifetime of the RSA key pair as agreed to when designing the PKI and PKI security. This will create a new CA certificate with a new key pair. This will also force the CA to generate a new CRL file, since there is a new key pair. A CRL signed by the rsquo;oldrdquo; key pair will continue to be generated as long as the CA certificate associated with the rsquo;oldrdquo; key pair is still time valid.

When you do a certificate renewal, the new version has a (1) behind it. The certificate request would now be called Issuing CA G1(1).req

Let’s have a look at the original Issuing CA certificate on the Root CA.

And the Issuing CA detail is

This is now impacting me when I attempt to sign new certificates with a validity of over 24 months. Because those are now limited in their validity until the 4th December 2019.

The first step on the Issuing CA is to Stop Service of the PKI and launch the Renew CA Certificate process. I decided to generate a new public and private key, so my new Issuing CA request file is now named Issuing CA G1(1).Take the certificate request to the Root CA. On the Root CA, Revoke the current Issuing CA certificate as it’s Superseded and Submit new request of the Issuing CA(1) request file. Issue the new SubCA certificate. We now have a Issuing CA certificate with two fields.

I need to export the signed certificate (I used the PKCS #7 .p7b with certificate path format), move it to the Issuing CA and Import CA Certificate.

In the following steps I’m doing a few more operations on the Root CA. Now that I have Revoked (Yeah with insight I might better have not revoked the original Issuing CA… might need to update this article if I run into issues…) it’s time to do the annual publishing of the Certificate Revocation List (CRL).

I can see in my Root CA CRL now the old revoked Issuing CA certificate serial number.

Moving along on the Issuing CA in the Active Directory, I’m publishing the update Root CA CRL using certutil -dsPublish RootCA.crl RootCA

For the computers and operating systems that are not in the Active Directory and that cannot check the state of the Certificates from the AD, I have a Windows server with the IIS Web server running that publishes the CRLs. This server while having the FQDN of pki-web.bussink.org is also referred by the alias pki.bussink.org on my network. I copied the updated Issuing CA(1) certificate and the Root CA CRL on the directory mapped by the IIS server.

On the Issuing CA in the Enterprise PKI tab, you can ensure that all paths to the Certificates, Certificate Revocation List and Delta CRL work. As you in the first top part of the following screenshot I had not yet copied the Issuing CA(1) certificate. That is corrected in the bottom part of the screenshot.

Having the Issuing CA running again, I forced a Publishing of the Issuing CA CRLs. You can now see them below on the Web server in Purple. There are two sets of the CRL, the ones for the original Issuing CA certificate and the set for the updated Issuing CA(1) certificate.

The files in the red boxes are the ones I manually added to my PKI-WEB repository. They are the annual Root CA CRL and the new Issuing CA G1(1) certificate (Ad mentionned above, I might have been a bit premature in removing the original Issuing CA G1 certificate… I will update this article if I run into issues).

I wrote this blog article more for myself as a recap of the operations, as I will have to redo it before 2021. While this is only 4 years down the road, I have already I had the opportunity once in my career to setup a Root CA infrastructure in 2004 with Windows Server 2003 and have to renew it completly 10 years later in 2014. This was a lot more complicated as I had to change the PKI CryptoProvider from the old one only support SHA1 to one that supported SHA2.This is a reminder to all professionals, if you setup a PKI, you might have to work on it again a decade later.

vCenter Server appliance log file location is very important thing to be aware during troubleshooting your VMware vCenter appliance and your virtual infrastruture. As most of us are more familiar with the windows vCenter log file location but for windows based (GUI based) administrators may feel little bit difficulty in identifying the  vCenter Server appliance Log File Location.

As VMware is pushing to use vCenter server appliance  as compared to windows based vCenter server. It is must to learn all the possible option of troubleshooting vCenter server appliance, when issue occurs. So I would like to share the detailed information about vCenter Server appliance Log file location. I hope this post will make you an expert on identifying the log file location of vCSA 6.5.

vCenter Server appliance Log File Location

Most of the VMware vCenter Server Appliance 6.5 logs  file are located in the directory /var/log/vmware/ . Below are the list of  vCenter server appliance log file location and description of each log file. For better readability, I have created the below table  with each of the important vCenter server log folder location along with the description of each log files of vCenter server appliance.

I have logged into vCenter Server appliance using SSH and browse towards the directory “/var/log/vmware” to see the list of all logs files of vCenter server appliance 6.5. Below image shows the directory of vCenter server appliance log file location.

/vpxd is the main vCenter Server log, consisting of all vSphere Client  and WebServices connections, internal tasks and events, and communication with the vCenter Server Agent (vpxa) on managed ESXi/ESX hosts.

You can use “cat vpxd.log | more” to read the vpxd.log file to read the vCenter server logs.

I hope this is informative for you to quickly identify and understand the vCenter server appliance log file location and its description. Thanks for reading!!!. Be social and share it in social media, if you feel worth sharing it.

The post Become an Expert on vCenter Server appliance Log File Location in 120 seconds appeared first on VMware Arena.

You asked, we listened. Starting May 8, we are launching the first of our four strategic IT priorities campaigns, available for partners via the Partner Demand Center. These solutions-focused campaigns provide you with end-to-end marketing resources, content, and offers you will need to engage prospects, drive quality leads, and close more deals.

Register now to join the May 15 vmLIVE for an exclusive insight into the first campaign.

The post New Strategic IT Priorities Campaigns appeared first on Partner News.

VMware Unveils IoT Management Solution
–https://www.vmware.com/radius/vmware-unveils-iot-management-solution/
–https://blogs.vmware.com/pulseiot/2017/05/09/introducing-vmware-pulse-iot-center/

Dell EMC VDI Complete Solutions
–https://blogs.vmware.com/euc/2017/05/dell-emc-vdi-complete-horizon.html
–http://virtualgeek.typepad.com/virtual_geek/2017/05/dell-emc-world-2017-vdi-completeready-bundle.html

Delivering Developer-Ready Infrastructure for Modern Application Development
–https://www.vmware.com/radius/dell-emc-world-developer-ready-infrastructure/
–https://blogs.vmware.com/cloudnative/microservices-meets-micro-segmentation-delivering-developer-ready-infrastructure-modern-application-development/

VMware & Google Extend Partnership to Accelerate Adoption of Chromebooks
–https://blogs.vmware.com/euc/2017/05/google-chromebooks-workspace-one.html

Dell & VMware Extend PC Management to the Firmware and BIOS
–http://blogs.air-watch.com/2017/05/dell-vmware-pc-management/#

Multiple announcements/blogs from DellEMC:https://blog.dellemc.com/en-us

On-demand General Session Keynotes:http://dellemcworld.com/live.htm#main=ondemand

The post VMware highlights at Dell EMC World 2017 appeared first on VMTN Blog.

This guest post is byRyan ofVIRTUBYTES where you can find his back catalog of posts. Ryan writes about VMware products and a lot of related infrastructure technologies.

A few weeks back, wediscussedZertorsquo;s ability to perform point-in-time file level restores directly from the replication journal. However, what if the data you need from 30 minutes ago isnrsquo;t readily compiled into a file or requires manual intervention to produce; such as a database backup or a PST export of Exchange mailbox items? Introducing Zerto Failover Tests for data recovery.

AZerto Failover Test has the ability to spin up a virtual machine from a specific point-in-time to an isolated network. From there, data can be manually compiled and exported.

Although the failover test process is more step intensive than a File Restore, it still addresses a vital need for many organizations; having that ability to restore application data from a specific moment. When compared to traditional backups, the ability to restore data seconds before corruption or loss is critical.

In this walkthrough, we will focus on a database backup and recovery. To do so, we will perform a failover test to an isolated network, backup the database, and finally, extract the SQL database to our production location. As this particular test network is completely isolated, we will be using VMware PowerCLI to extract the backup file.

Initiate Failover Test

Log into the ZVM and navigate to the Failover actions in the bottom pane. Ensure the Failover toggle is in theTestposition and clickFailover.

The Failover Test wizard will now begin. Select the appropriateVPGwhere the database resides.

Select the desired execution parameters for the VPG. For this test, we will set the pertinentCheckpointto the required point in time.

Lastly, clickStart Failover Testto begin the process.

Monitor the test failover initiation from the ZVMMonitoringtab or vCenterrsquo;s Recent Tasks.

The test failover initiation will:

• Register the vm at the recovery site.
• Create a temporary scratch VMDK for changes made to the test vm.
• Connect the vm to the specified test network.
• Boot the vm for testing.
• Leave the production vm powered on and continue replicating changes.

Backup Database

As mentioned previously, this test failover is set up on an isolated network. Therefore, we will need to access the vm from the virtual machine console in vCenter.

To begin, log into the recovery side vCenter and locate the test vm. It will be registered in the format ofvmname-testing recovery.

Select theOpen Virtual Machine Consoleicon to access thevm.

Once the console has opened, log into the machine with the appropriate credentials. Next, navigate toSQL Server Management Studioand connect to the database server.

Once connected, browse to the specific database in the left pane of Management Studio.Right-clickthe database and underTasksselectBackup…

Next, configure the save location and options for the database backup. In this instance, the backup type isFullandDestinationlocation for the backup is in a temp directory. If you would like to change the directory, remove the existing location and add a new location.

To finish, set the Media and Backup options as desired. ClickOkto start the backup.

The below message appears after a successful backup.

Extract Database Backup

Now that we have a backup of our database, we can extract the file from the isolated vm utilizing VMware PowerCLI; specifically, theCopy-VMGuestFilecmdlet. TheCopy-VMGuestFilecmdlet enables administrators to copy a file to or from the guest OS of a vm using VMware Tools.

Connect to the recovery side vCenter through using theConnect-VIServercmdlet. Check outthisVMware article on the basics of connecting to vCenter.

C:\PS>Connect-VIServer -Server vcenter01 -User admin -Password pass

For our example, we will copy the .bak file from the test virtual machine to a folder on our local drive.

Copy-VMGuestFile -Source c:\Temp\Test.bak -Destination c:\temp\ -VM lsquo;testVM – testing recoveryrsquo; -GuestToLocal -GuestUser domain\user -GuestPassword password

With the backup extracted, restore the database as needed.

Stop Failover Test

Once you have completed the extraction, navigate back the ZVM. Go toTasksfrom theMonitoringtab and pressStopon the failover task.

The Stop Test window will appear and allow you to enter theResultand applicableNotes. SelectStopto stop the Test.

Zerto will now begin the stop tasks. The teardown process will:

• Remove failover test vm from recovery inventory.
• Delete scratch VMDKs used for testing.
• Keep replicated changes made in production during the failover test.

Thatrsquo;s it! Wersquo;ve now been able to grab a database backup seconds before data corruption occurred.

NOTE– During the failover test, all IO writes are written to the scratch volume. To ensure the volume does not fill up and cause associated issues, limit the duration of the failover test.

Today is a quick post on how to check or put Acropolis node into maintenance mode. How to check if Acropolis hosts is in maintenance mode. Log in to CVM over SSH and rget...

The post How to put Nutanix Acropolis host into maintenance mode appeared first on VMwaremine - Artur Krzywdzinski | Nutanix.

My ScaleIO design crosses the boundaries of three VMware vSphere Clusters, and is hosted across eight Tower case servers in the Home Datacenter. In a normal production ScaleIO cluster, the recommendation is to have a minimum of 6 disk drivers per ScaleIO Data Server (the servers shading the storage). As you will see, in my design I spread the SAS Enterprise disks across the eight servers.

I’m not going to cover the definition of Protection Domains or Storage Pools in this article, but for this design, I have a single Protection Domain (pd1) with a single Storage Pool which I named SAS_pool. I did device the Protection Domain into three separate Fault Sets (fs1, fs2 and fs3), so as to spread failures across the hosts based on the power phase use in my datacenter.

I’ve run ScaleIO across my cluster for 10months for some specific workloads that I just could not fit or did not want to fit on my VMware vSAN All-Flash environment.

Here is a large screenshot of my ScaleIO configuration as it’s re-balancing the workload across the hosts.

Each ScaleIO Data Server (SDS) was a CentOS 7 VM running on the ESXi and had two or three physical devices attached to it using RDM. Each SDS had a SSD device for the RFcache (Read Cache) and a single or dual SAS disk drive.

At the peak this deployment, the ScaleIO config had 41.8TB UsableStorage. Iset the Spare Capacity at 8TB, leaving 34.5TB usable storage. With the double parity on the storage objects, I could only store 17.2TB of data to my VMs and my vSphere hosts.

Over the past 10 month of using ScaleIO, I’ve found two main limitations.

1. The ScaleIO release cycle, and even more so for people using the Free & Frictionless version of ScaleIO. The release cycle is out of sync with the vSphere release. Some version are only released to Dell EMC customer with support contracts, and some version take between 6 and 8 weeks to move from the restricted access to a public access. At the end of March 2017, there was no version of ScaleIO that supports vSphere 6.5.
2. Maintenance & Operations. As I wanted or needed to upgrade an ESXi host with a patch, a driver change or install a new version of NSX-v, I had to plan the power off the SDS VM running on the ESXi host. You can only put a single SDS in a planned maintenance mode per Protection Domain. So only one ESXi could be patched at a time. A simple cluster upgrade process with a DRS backed network, would now take much longer requiremore manual steps, put the SDS VM in maintenance mode, shutdown the SDS VM (and take the time to patch the Linux in the SDS VM), putting the host in maintenance mode, patching ESXi, restarting ESXi, exit maintenance mode, restart the SDS VM, exit the ScaleIO Maintenance mode, wait for the ScaleIO to rebuild the redundancyand move to the next host.

I’ve now decommissioned the ScaleIO storage tier as I needed to migrate to vSphere 6.5 for some new product testing.

Just barely made my flight from Charlotte to Boston thanks to the TSA…. But I’m on my way! This will be my second Field Day eventwith the first being Cloud Field Day 1. Looks like we’ll be hearing from:

• NetApp
• Datrium
• ClearSky Data
• Turbonomic

Most of these I’m already pretty familiar with so it should be a good update as well as a chance to ak questions. The outlier for me is ClearSky and I’m anxious to hear what they have to say. Recently I looked in to them as I was inventorying the many cloud/storage companies out there so this is good timing.

Keep up with us on Twitter (#TFD14) as well as watch the live streams right on TechFieldDay.com.

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)

組態設定網路功能

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)

修改 SELinux 安全增強機制

• enforcing： 啟動模式 (預設值)，SELinux 安全增強機制啟動將會阻擋不當的存取行為。
• permissive： 寬容模式，當系統發生違反 SELinux 安全增強機制時僅僅顯示警告訊息而不會實際進行阻擋的動作，此模式很適合有心學習 SELinux 機制的學習者。
• disabled： 禁用模式，完全將 SELinux 安全增強機制禁用。

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)
• vim-enhanced.x86_64 2:7.4.629-5.el6_8.1

設定 VIM 編輯器操作環境

設定 Bash Shell 操作環境

By: Christian Fernando

When using SAP native tools such as SAP Solution Manager, it lacks visibility into the underlying virtualization layers, which can result in a blind spot in understanding the complete performance story. The virtualization layer includes the virtual machine, ESXi server, CPU, memory and storage. The ability to quickly see contention of infrastructure resources and find root causes in the application and data tier helps to keep users happy and access/uptime SLAs at a high level.

In this post, Irsquo;ll provide insight into how you can garner visibility into the layers below virtualization to help determine usage patterns in the business, as well as how you can dynamically respond to those changes without affecting SLAs. This blog post is the second in my series highlighting how to drive better performance for your SAP workloads. In case you missed it, check out the first: How to Pinpoint Storage Problems in Your SAP Environment.

Topology of a Virtualized SAP Environment

The following is an example topology of a virtualized environment in vROps:

1. EPP is the SAP System
2. SAP APP1 is the SAP Host
3. D00 is the ABAP Instance
4. SAP APP1 is the VMware VM

VMwarersquo;s vRealize Operations (vROps) can also show additional relationships that include all my SAP HANA and/or other database instances.

Real-World Scenario: CPU and Physical Contention

With Blue Medorarsquo;s SAP Management Pack for vRealize Operations, you can trace from the SAP application to the SAP host. Through the power of relationships, you can trace from the virtual machine running the application to the VMware ESXi server. In this case, there is a higher than normal spike in CPU and physical memory used.

With visibility to the application and data tiers, you can answer key questions as to why this may be happening:

1. Is the spike sudden and noticing it for the first time?
2. Is the spike now a known and periodic one? In this case what is the frequency and cycle time?
3. What do we know about any new business usage patterns?
4. Have there been any new usage policies and/or modules that have been launched?
5. Have the number of users on the platform increased?

Seeing both the IT and SAP admin views into the application and IT infrastructure helps us get to the source of higher levels of usage and the causes of those spikes. With this knowledge, you can quickly and efficiently respond to the business needs that are triggering the higher demand.

The deep alerting feature provides alerts when the disks, which host the SAP application and database instances, are running out of space. This prevents service interruption of the business critical SAP application environment, which allows us to take action before lights go out on application access.

Letrsquo;s take a look at a system with high load during a particular time, as shown below:

As you can see, we can garner key metrics from across the virtualization stack:

1. Datastore I/O | Reads – This is from the VMware layer and shows a high level of Read Operations during the scheduled transaction run time.
2. Performance | Block Reads– This is from the VNX SAN MP at the LUN level from Blue Medorarsquo;s EMC VNX Management Pack.
3. CPU | Ready (%)– This is a spike in the CPUrsquo;s utilization of the SAP HANA database server.

How to Extend Visibility into Storage for SAP

Understanding whether storage and capacity issues are causing performance problems simplifies the troubleshooting process — giving you immediate insight into what part of the IT stack may be causing issues. The Blue Medora SAP Management Pack gives you extended visibility so you can clearly drill down to the root cause of issues, reducing mean-time-to-innocence and eliminating alert storms.

The management pack includes more than 3,000 key performance metrics, including active session counts and system utilization. Combined with a series of out-of-the-box dashboards and reports, gain real-time access to understand issues as they arise instead of when they derail your performance.

To learn more about the SAP Management Pack from Blue Medora or to download a free trial, please visit the True Visibility Suite for VMware vRealize Operations page on Blue Medorarsquo;s website.

The post How to Drive Better SAP Performance with Virtualization Layer Visibility appeared first on VMware Cloud Management.

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)
• sudo-1.8.6p3-24.el6.x86_64

設定 sudo 管理員帳號管理機制

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)

禁止 root 管理帳號 SSH 遠端登入

• 主機將會增加了被入侵的機會。因為，在管理者帳號已知的情況下，剩下就是嘗試登入密碼了，如此一來很容易遭受暴力猜測密碼攻擊。
• 當一台主機有眾多管理者時大家皆使用 root 管理者帳號登入系統進行管理動作，則誰修改了某個檔案內容或執行了哪些動作均無法稽核，因為記錄的資料都是 root。
• 直接使用 root 管理者帳號登入系統進行管理，若是在操作過程中不慎下錯指令時有極大的可能會把系統給毀掉。例如原本是想刪除根目錄下的 test 資料夾 rm –rf /test 若不慎在操作時不小心多個空格 rm –rf / test，則對於作業系統來說是要刪除根目錄 （/） 及目前所在的 test 資料夾。

I attended a media and influencer session covering Dell EMC’s Cloud Strategy. Unfortunately I wasn’t able to stay for the entire session, but I thought these notes might be useful for folks out there interested in Dell EMC’s approach to this somewhat hot topic.

Cloud Strategy Overview

Jeremy Burtoncomes on stage.rsquo;Irsquo;m very much the warmup actrdquo;. Talks briefly about Dell’s application-centric view of the world:

• Mission-critical applications – IO intensive, requiring guarantees of resiliency
• General-purpose applications
• Cloud-native applications

It’s a short rehash of David Gouldenrsquo;s deck from yesterday – you can find my coverage of that here.

Cloud Strategy Discussion

There’s then a panel, moderated byMatt Baker (Senior Vice President, Strategy and Planning, Dell EMC), and comprised of:

• David Goulden (President, Dell EMC)
• Pat Gelsinger (CEO, VMware)
• Rodney Rogers(CEO, Virtustream)
• James Watters(Senior VP Product, Pivotal)

What have we learned from customers over the past decade?

DG: rsquo;Cloud isnrsquo;t a place, itrsquo;s where yoursquo;re doing things. ITaaS – thatrsquo;s the simple definition. Then the whole IT landscape is moving to a cloud operating model. Always have to marry it back to customersrsquo; applications. You need to have applications that enhance the business. Takecustomers on the journey.

PG: The pieces are really coming together. Virtualised compute, SDDC, CloudFoundation putting the pieces together. Converged and HCI. Validated designs and EHC. We have all the layers at a component level through to a complete integrated solution for private cloud that can be extended to the public cloud. University example where theyrsquo;re operating 50/50 public and private. Announced integration of vRealize with virtustream. Itrsquo;s now all realisable.
Developers are ultimately the end consumers of cloud.

JW: New set of workloads are happening. E.g. Bosch. IoT? NSX helped them, as did vSphere, EHC and PCF.
Rodney, you created a public cloud for demanding environments? How?

RR: Determined that the last thing the world needed was another sub-scale AWS. Solved a different engineering problem. Modernising the applications will happen eventually. No reason you canrsquo;t use automation and true cloud multi-tenancy for these applications. Break resources into highly granular components. Run higher utilisation per host, allowing pricing power of a public cloud. Still use throughput control providing latency guarantees.

What about the notion of locality? Flexible consumption options? Whatrsquo;s its role?

DG: Logical extension of cloud operating model. IT should be able to buy its infrastructure based on use too. Traditional models of acquisition and ownership are being challenged.

PG: NSX, heavily favoured subscription model. Huge bias that on-premises is perpetual. That is changing.
NSX is a perfect match for solving stumbling blocks to cloud adoption.Can I talk for an hour about this? We’ve seen an inflection point. Ability to move networking functions into software. Integral part of what theyrsquo;re doing.

JW: NSX integration is important in PCF. Figuring out this stuff is hard. NSX-T being integrated with PCF. Vital to application / platform approach.

PG: Cloud has been a leader in modern application development aspects.

JW: We thought we wanted cloud, what we really wanted was cloud applications.

What about the notion of community clouds. What role do verticals play in what yoursquo;re doing at virtustream?

RR: Mission-critical applications in cloud is relatively new space. Moniker associated with SAP, but run 1000s of applicationss. Starting to rsquo;verticaliserdquo; – introducing a healthcare vertical. rsquo;Hybrid-washing is the new cloud-washingrdquo;. Mission critical in the cloud will be a $25-30B segment. Federal, public sector …

[Questions from the floor]

Where does DevOps fit in?

JW: Continuous ops, deployment, update. Took an app-centric view of developers infrastructure.

PG: Developers wouldnrsquo;t go to a devops conference. Theyrsquo;re not motivated to be operations people. They want to automate stuff to get out of the business of ops. PCF is built for Day 2 operations. Developer to Operations is measured in minutes. Home Depot, Comcast operating at scale.

What are you thinking about public clouds? Yoursquo;re competing and working with them? Where do they really fit?

PG: Lead partners for Pivotal are AWS, IBM, Azure and Google. Cross-cloud strategy is helping them embrace the energy. The right answer is a hybrid, multi-cloud strategy moving forward. Are you going to bet on one cloud only?

Cost dynamics of that approach? Want to reduce the friction across those environments.

DG: Dell EMC will be the provider of the infrastructure. Be the company that solutions across Dell Technologies (e.g. EHC). On-premises marketplace is a huge opportunity. As much cooperative as it is competitive.

PG: No one else has these relationships with the big providers.

RR: We get this a lot. Itrsquo;s all about the use case. There are certain workloads that make the most sense to be placed in a hyper scale public cloud.

If Irsquo;m a developer for a new application today, I care about APIs and data, not infrastructure. Wersquo;re still playing with old technology – VMs / containers. Nothing like server less has emerged in the private space.

JW: The PCF paradigm – herersquo;s the code I want to run, the services I want to bind it to. Bringing Spring CloudFunction to the Pivotal stack.

PG: Our objective is to make infrastructure frictionless, regardless of location.
David was talking about differences between SMB and Enterprise. Given the differences, how are you guys approaching SMB from a cloud perspective. And how are they using it?

PG: Some SMB customers think theyrsquo;re just not at scale, so they donrsquo;t want to run infrastructure. Powerful GTM for Dell. Certain industries, itrsquo;s just not going to happen. Not one size fits all.

RR: Market segmentation will play significantly here.

People can be irrational. Enterprises are looking for a straightforward solution. What yoursquo;re collectively proposing may seem complex. What do you think?

PG: Initial uptake of public cloud was based on easy, not cost. Wersquo;ve now finished the easy stack in private. Whatrsquo;s my business model? Industry constraints? Cost options? Now you can pick the best of both.

RR: If yoursquo;re going to have a holistic solution, it is a challenge to simplify the message. Large business is where the technical idealist goes to die.

DG: Itrsquo;s not a terribly complicated matrix. You might just use Enterprise Hybrid Cloud and public cloud. In each of these segments, there are complete solutions.

MB: Itrsquo;s been much simplified, and we want to show you as an audience the complete solution. Partners and sales people make the choice a bit simpler when working with customers. Far simpler than it has been in the past.

Where do you think Boomi fits in this?

JW: PCF integration just announced.

DG: Havenrsquo;t met a customer who doesnrsquo;t need it.

RR: Working with Boomi to integrate with virtustream blueprint technologies and integrating into virtustream platform

And thatrsquo;s a wrap. I unfortunately missed the customer discussion betweenTom Roloff (Senior Vice President, Business & IT Transformation) andTed Newman (Head of Cloud Services, Royal Bank of Scotland) and the “Cloud Strategy Realized” panel with:

• Barb Robidoux(Senior Vice President, Dell EMC Services marketing)
• Chad Sakac(President, Converged Platforms, Dell EMC)
• Ashley Gorakhpurwalla(President, Server Solutions Division, Dell EMC)
• Steve Lalla(Senior Vice President, Commercial Client Software and Solutions, Dell)
• Ray Orsquo;Farrell(CTO and Chief Development Officer, VMware)

Conclusion

Everyone says cloud (of whatever type) is hard. And they’re right. A few people made a big point about the focus on private cloud by Dell EMC in one of the keynotes this week. I think they’re missing the point though. Amazon will always tell you that public is best. And probably by 2025 when most applications are cloud-native, this will absolutely be true. But in the meantime, there are a shedload of enterprises and small businesses running legacy applications that don’t necessarily translate well to public cloud infrastructure. Or they can be serviced more efficiently in a private cloud scenario. I don’t have a problem with this approach at all. Dell EMC aren’t stupid. They have virtustream, and they’re working mighty hard to make sure their hybrid story is a good one. People get this idea that vendors have to be everything to everyone and when that doesn’t happen, they seem to get a bit upset. Public cloud is clearly a solid way forward for a lot of companies and their applications, but it’s not the only one. Just like not everyone is going to be a hyperscaler, not everyone is going to go all in onpublic cloud. I’m okay with that. And Dell EMC may change their mind next year too. If you’re lookingan alternative viewpoint, you could have a look at this article on El Reg. In any case, the part of the session I attended was informative. 4 stars.

Saludos amigos, hoy os traigo una entrada corta, pero a la vez muy potente, ya os he contado muchas veces cómo instalar Zimbra Collaboration de forma manual:

• Zimbra: Instalando Zimbra 8.7.6 sobre Ubuntu 14.04 – ¡con Chat y Drive!
• Zimbra: Instalando Zimbra 8.7.1 sobre Ubuntu 16.04 LTS

Pero hoy os traigo, de nuevo, el script para instalar Zimbra de manera sencilla y automatizada, se trata de ZimbraEasyInstall actualizado para Zimbra Collaboration 8.7.7, que incluye Chat y Drive. Esto quiere decir que en menos de 5 minutos podéis tener todo el poder de Zimbra para Email, con Chat e integración con Nextcloud/Owncloud ¡increíble!

Requisitos de Hardware y Software

Para instalar Zimbra tenemos que tener los siguientes recursos recomendados de Hardware:

• CPU – Intel/AMD 64-bit CPU 1.5 GHz
• RAM – 8GB de RAM
• HDD – 5 GB de espacio para software y logs, para conocer el espacio en disco para Zimbra, usa la calculadora que tenéis aquí – https://jorgedelacruz.es/zimbraform/
• RAID-5 no es recomendado para instalaciones con más de 100 cuentas

Para Software, ZimbraEasyInstall está diseñado para Ubuntu 14.04 LTS o Ubuntu 16.04 LTS, elegir el que más os guste.

Instalación de Zimbra Collaboration 8.7.7 con Drive y Chat con un solo click

Si ya tenemos el servidor Linux instalado, es el momento de lanzar ZimbraEasyInstall, aquí los sencillos pasos, para instalar correctamente tenemos que saber algunos datos básicos:

• Dominio que queremos que Zimbra use, puede ser interno por ejemplo dominio.local, pero os recomiendo usar un dominio real, para que los usuarios que se crean sean usuario@dominio.es por ejemplo
• La IP local del server, se puede saber con ifconfig
• La password para el usuario admin, y otros lugares de Zimbra

wget https://github.com/jorgedlcruz/zimbra-automated-installation/raw/master/ZimbraEasyInstall-87chmod +x ZimbraEasyInstall-87./ZimbraEasyInstall-87 dominio.es 192.168.100.100 Zimbra2017

Veremos algo como lo siguiente una vez que el proceso ha terminado correctamente pasados unos minutos:

You can access now to your Zimbra Collaboration ServerAdmin Console: https://IPSERVER:7071Web Client: https://IPSERVER

Y si nos vamos al Web Client veremos que todo ha ido bien y tenemos ya Zimbra Collaboration, Chat y Drive, sin complicados pasos de instalación.

Links de interés

Me gustaría dejaros aquí algunos links que creo que pueden ser de interés para vosotros:

• https://github.com/jorgedlcruz/zimbra-automated-installation
• Zimbra: Amazon Lightsail para instalar Zimbra Collaboration 8.7.1, Parte I
• Zimbra: Amazon Lightsail para instalar Zimbra Collaboration 8.7.1, Parte II
• Zimbra: Instalando Zimbra Collaboration en Cloud (DigitalOcean)

Muchas gracias por la lectura

La entrada Zimbra: Instalando Zimbra 8.7.x con un solo comando, incluye Chat y Drive aparece primero en El Blog de Jorge de la Cruz.

前言

實作環境

• Windows Server 2016 Hyper-V
• CentOS 6.8 x86-64 (Kernel version 2.6.32-642.el6)

YUM 套件管理工具

• 樹德科技大學： http://ftp.stu.edu.tw/Linux/CentOS/
• 元智大學： http://ftp.yzu.edu.tw/Linux/CentOS/
• 義守大學： http://ftp.isu.edu.tw/pub/Linux/CentOS/
• 崑山科大： http://ftp.ksu.edu.tw/pub/CentOS/
• 國家高速網路與計算中心： http://ftp.twaren.net/Linux/CentOS/
• 南臺科大： http://ftp.stust.edu.tw/pub/Linux/CentOS/
• 臺中市政府教育局： http://ftp.tc.edu.tw/Linux/CentOS/
• 靜宜大學： http://ftp.cs.pu.edu.tw/Linux/CentOS/
• 中山大學： http://ftp.nsysu.edu.tw/CentOS/
• Hinet IDC： http://mirror01.idc.hinet.net/CentOS/
• 交通大學： http://centos.cs.nctu.edu.tw/

• yum check-update： 套件更新檢查，將目前系統上安裝的套件與 YUM 鏡像網站進行檢查比對後列出需要更新套件的清單。
• yum update：套件更新，檢查及比對系統需要套件更新的清單後詢問您是否要更新套件，您可以配合參數 –y 對所有詢問一律回答 yes 來允許所有套件更新。
• yum install ＜套件名稱＞：安裝套件，執行從 YUM 鏡像網站下載指定套件並進行安裝，收集相關資訊後會詢問您是否確定要安裝，您可以配合參數 –y 對所有詢問一律回答 yes 來安裝指定套件及其相依性套件。
• yum remove ＜套件名稱＞：移除套件，移除您指定的套件名稱，收集相關資訊後會詢問您是否確定要移除該套件，您可以配合參數 –y 對所有詢問一律回答 yes 來移除指定的套件及相依性套件。
• yum clean all：清除暫存資料，清除使用 YUM 套件管理工具下載 RPM 進行安裝時的暫存檔案。
• yum search ＜套件名稱或關鍵字＞：搜尋套件，您可使用已經知道的套件名稱或者有關於套件的關鍵字來進行搜尋的動作。
• yum list：顯示可安裝套件清單，顯示您指定的 YUM 鏡像網站中所支援安裝的所有套件名稱。
• yum info ＜套件名稱＞：套件資訊，顯示您指定的套件其詳細資訊，例如適用平台、套件版本、套件大小、套件功能描述、套件授權資訊、套件官方網址等資訊。
• yum grouplist：顯示可安裝的套件群組清單，顯示您指定的 YUM 鏡像網站中所支援安裝的所有套件群組名稱。
• yum groupinstall ＜套件群組名稱＞：安裝套件群組，執行從 YUM 鏡像網站下載指定套件群組中相關套件並進行安裝，收集套件群組相關資訊後會詢問您是否確定要安裝，您可以配合參數 –y對所有詢問一律回答 yes 來安裝指定套件及其相依性套件。
• yum groupremove ＜套件群組名稱＞：移除套件群組，移除您指定的套件群組，並且在系統收集相關資訊後，會詢問是否確定要移除該套件群組中所有套件，您可以配合參數 –y 對所有詢問一律回答 yes 來移除指定的套件群組。
• yum groupinfo ＜套件群組名稱＞：查詢套件群組資訊，查詢指定的套件群組資訊及功能描述，並且將顯示此套件群組中預設會安裝的套件清單 (Default Packages)、強制安裝的套件清單 (Mandatory Packages)、選擇安裝的套件清單 (Optional Packages)。