One of my readers sent me this question:
Other than using Excel (and of course an automation tool) any suggestions for a tool to create device config for some 200 customer VRFs from a standard template?
You need three things to get the job done:
Read more ...Podczas trwającej w Seattle konferencji Microsoft Build 2017, największego wydarzenia dedykowanego deweloperom, po otwierającym wystąpieniu Satyi Nadelli, swoją prelekcję rozpoczął Sam George z działu Partner Director Program Managment, który w oparciu o demonstrację urządzenia do obróbki metalu firmy Sandvik nakreślił koncepcje nowej technologii chmurowej Azure IoT Edge.
# yum search phpmyadmin
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: ftp.twaren.net
* extras: ftp.twaren.net
* updates: ftp.twaren.net
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
Warning: No matches found for: phpmyadmin
No Matches found# yum -y install epel-release
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: ftp.twaren.net
* extras: ftp.twaren.net
* updates: ftp.twaren.net
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:6-8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================
Package Arch Version Repository Size
====================================================================
Installing:
epel-release noarch 6-8 extras 14 k
Transaction Summary
====================================================================
Install 1 Package(s)
Total download size: 14 k
Installed size: 22 k
Downloading Packages:
epel-release-6-8.noarch.rpm | 14 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : epel-release-6-8.noarch 1/1
Verifying : epel-release-6-8.noarch 1/1
Installed:
epel-release.noarch 0:6-8
Complete!# yum search phpmyadmin
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/metalink | 6.3 kB 00:00
* base: ftp.twaren.net
* epel: mirror01.idc.hinet.net
* extras: ftp.twaren.net
* updates: ftp.twaren.net
epel | 4.3 kB 00:00
epel/primary_db | 5.9 MB 00:00
======================= N/S Matched: phpmyadmin ===============================
phpMyAdmin.noarch : Handle the administration of MySQL over the World Wide Web
Name and summary matches only, use "search all" for everything.# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.twaren.net
* epel: mirror01.idc.hinet.net
* extras: ftp.twaren.net
* updates: ftp.twaren.net
repo id repo name status
base CentOS-6 - Base 6,706
epel Extra Packages for Enterprise Linux 6 - x86_64 12,327
extras CentOS-6 - Extras 64
updates CentOS-6 - Updates 270
repolist: 19,367# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
# rpm -Uvh http://www.elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm
Retrieving http://www.elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm
Preparing... ########################################### [100%]
1:elrepo-release ########################################### [100%]
# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.twaren.net
* elrepo: ftp.yz.yamagata-u.ac.jp
* epel: ftp.riken.jp
* extras: ftp.twaren.net
* updates: ftp.twaren.net
repo id repo name status
base CentOS-6 - Base 6,706
elrepo ELRepo.org Community Enterprise Linux Repository - el6 259
epel Extra Packages for Enterprise Linux 6 - x86_64 12,327
extras CentOS-6 - Extras 64
updates CentOS-6 - Updates 270
repolist: 19,626If you are interested in joining me at a vRealize Install Configure and Manage [6.2] or vSphere Optimize and Scale [6.5] training course in Utrecht (the Netherlands), I've got two great oppertunities for you:
and
At Microsoft Build it was announced that a selected number of virtual machines sizes will support nested virtualization. This feature allows to install the Hyper-V feature inside Windows Server running on Azure.
This scenario can be usefull for training and demo purposes.
Azure VM sizesDv3 and Ev3 will support nested virtualization.
# grep id: /etc/inittab
id:3:initdefault:# chkconfig --list |grep 3:on
auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
blk-availability 0:off 1:on 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
hv_fcopy_daemon 0:off 1:off 2:off 3:on 4:off 5:on 6:off
hv_kvp_daemon 0:off 1:off 2:off 3:on 4:off 5:on 6:off
hv_vss_daemon 0:off 1:off 2:off 3:on 4:off 5:on 6:off
ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iscsi 0:off 1:off 2:off 3:on 4:on 5:on 6:off
iscsid 0:off 1:off 2:off 3:on 4:on 5:on 6:off
lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off
# chkconfig mdmonitor --list
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig mdmonitor off
# chkconfig mdmonitor --list
mdmonitor 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# chkconfig mdmonitor on
# chkconfig mdmonitor --list
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:offWe would like to quote an article from Josh Coen regarding the DockerCon in Austin.You can find Josh’s article here, or scroll down.
A few weeks ago I attended my second DockerCon, this year it was in Austin, TX. Last year there was some focus on the enterprise, but this year theyrsquo;ve stepped up their game. Microsoft was all over the place. Whether it was on the show floor, sponsoring the Hands-on Labs, or presenting in multiple sessions, you couldnrsquo;t walk 20ft without being reminded that Microsoft was there. On the contrary, you wouldnrsquo;t have even known AWS was there unless you happened upon their booth in the expo hall.
A big focus for Docker this year is what they call Modernizing Traditional Applications, or MTA. MTA is a terrible acronym btw, if the whale people are reading this, you might consider changing it as to not confuse people with local transportation systems. Before the conference officially started I was lucky enough to be a part of the Tech Field Day Extra event. We got an inside scoop on some of the things Docker was excited to be talking about (MTA) as well an awesome presentation from Portworx, which specializes in SDS specifically for containers. I highly recommend you check them out.
If you look at the different elements, you can easily conclude Docker is aiming for enterprise dollars:
The list goes on, but you get the idea. In this post I want to give you an overview of their (Docker) MTA strategy and how they are trying to help enterprises start using Docker today, without having to refactor their applications at the onset.
One of the first questions I always hear from customers and peers alike:
Why in the world would I want to put my legacy/traditional applications in a container?
Docker will give you a few different reasons as to Why, but the biggest benefit in my view is portability. Now, containerizing a legacy application doesnrsquo;t immediately allow you to move it anywhere you want without thinking about all the dependencies, it does help you maintain a base platform (think RHEL or Federoa) and internal dependencies without worrying about the underlying operating system. It does help to ensure that as you develop, test and QA code yoursquo;ll get predictable results in each of those environments, as well as when deploying to production. The four high level stages that Docker envisions for modernization are; Lift and Shift the app, Deploy and Manage via Docker Enterprise, Refactor or Revise (over time) and implement Containers as a Service, or CaaS.
Photo courtesy of Josh Coen
Lift and Shift
In my view, this is the most important step for this entire process. Even though the first step is listed as Lift and Shift, the thing you must do before that, or as part of that I suppose, is to identify the application. Donrsquo;t start with your business critical applications. Start with an application that can withstand some pain as you make this transition. Once you identify the app, the idea is to lift and shift that app. Most of you are probably familiar with lift and shift as it relates public cloud, this is similar. Docker has developed a tool called Image2Docker (Windows, Linux), which is open source. Image2Docker allows you to discover all the dependencies of your application, extract everything thatrsquo;s required and creates a docker compose file with all those dependencies. This works by pointing the tool at a virtual machine. Think about how we used to do P2Vs back in the day (and sadly, still today), very similar concept. Some things to think about:
Once yoursquo;ve identified the application, discovered the application and its dependencies, extracted said dependencies, yoursquo;ll get a docker compose file. This is what allows portability. You can take this docker compose file and deploy it in AWS, Azure, on-prem, and probably your refrigerator.
Deploy & Manager Docker Enterprise Edition (Docker EE)
Now that you have your docker compose file, yoursquo;ll need a place to run it. Of course you can run this with the community edition of Docker engine, but the target here is Docker Enterprise Edition, which consists of Docker engine, which is tested, certified and supported as well as certifying third-party plugins, includes Docker Datacenter, which provides things like multi-tenancy and full support for the Docker API, and includes Docker Trusted Registry (DTR), which allows you to have a private docker repository on your premises and ensure the images that are stored there are secure. The whole idea here is that Docker EE is the landing zone for all your containers, whether they be greenfield, or containers you are deploying via a docker compose file generated by image2Docker. Docker EE gives you that rsquo;single pane of glassrdquo; feeling for all your container management and orchestration needs.
Refactor & Revise
Once you have your traditional application containerized and running on an enterprise platform (Docker EE) now you have the opportunity, if you want it, to either refactor some or all of your application in a microservices fashion, or start adding functionality to this application in a rsquo;modernrdquo; way. The concept here is to get you up an running as soon as possible so that you start to gain advantages that Docker, and containers, provide. Now that yoursquo;re running, lets start to think about refactoring this application to take even more advantage of the platform. One way to accomplish this is to start breaking up that traditional application piece-by-piece and refactoring it into a microservices architecture. If you donrsquo;t want to refactor your existing app in this fashion, you can start adding functionality into the app by writing new code. Again, yoursquo;d want to do this in a microservices form-factor.
Containers as a Service (CaaS)
This is the Mecca for Docker, and really, from a container perspective. Being able to provide a platform for a microservices based application(s) and scale them exponentially is what Docker really wants to get the enterprises focused on. You canrsquo;t have CaaS without refactoring and revising your applications. CaaS can provide you with rapid scaling, faster deployment times and with less infrastructure. Not a ton of meat here, but CaaS is more of an operating model that Docker EE and modern application development techniques via CI/CD enable as you go through the different stages of application development, and eventually, to production.
Wrap-Up
At the end of the day MTA is a methodology. Dockerrsquo;s initiative around MTA is to get enterprises started using containers, container orchestration, and probably most importantly, Docker, sooner rather than later. To that last point, MTA isnrsquo;t about using Docker, or containers for that matter, just for the sake of using containers. There is real value in taking a traditional application and running that in a container framework. If therersquo;s one thing you take from this post, itrsquo;s start small. Donrsquo;t take your SAP environment, or your billing systems and use this as your starting point for MTA. Find something relevant, but not your revenue driving applications. Irsquo;ll be following along to see how this methodology matures, and where customers are using it successfully.
The post Modernizing Traditional Applications with Docker appeared first on opvizor.
Misja: musisz pilnie dostarczyć ekspertom nagrania z przesłuchań ofiar przemocy seksualnej. Jak to zrobisz? Wydział policji hrabstwa Greater Manchester wybrał list polecony. W efekcie niezaszyfrowane płyty DVD z zeznaniami zaginęły na poczcie, a funkcjonariusze już drugi raz zainkasowali 150 tys. funtów grzywny od brytyjskiego odpowiednika GIODO. To kolejna tego typu 'akcja' brytyjskiej policji w ciągu roku.
For IT pros, this might be the book of your choice as it brings some deep insights into Windows Server 2016 and W10 system architecture, processes, threads, memory. Check it out.Whether you are a developer or an IT professional, yoursquo;ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, yoursquo;ll experience its […]
Read the full post Windows Internals 7th Edition – New Book at ESX Virtualization.
Registrati ora al VMworld 2017 Europe!
Il countdown del VMworld 2017 Europe è iniziato.
Torneremo alla Fira Gran Via nella magnifica Barcellona dallrsquo;11 al 14 settembre, per quattro intere giornate dedicate allrsquo;innovazione tecnologica della cloud infrastructure e della business mobility.
Se non hai ancora acquistato il tuo biglietto, guarda questo video per avere unrsquo;anteprima di quello che stiamo preparando per te!
Ti è piaciuto? Acquista oggi stesso il tuo biglietto per prendere parte al più importante evento sulla cloud infrastructure e sul digital workspace.
E per essere sempre aggiornato, puoi seguire @VMware_IT su Twitter e partecipare alle conversazioni utilizzando lrsquo;hashtag #VMworld 2017 Europe
Il VMworld di questrsquo;anno sarà il più incredibile di sempre e noi abbiamo deciso di renderlo anche il più divertente! Pubblica anche tu una tua foto ricordo significativa di un VMworld passato e lancia la sfida ai tuoi colleghi utilizzando lrsquo;hashtag #VMworldMemories.
I have covered the changing tactics used by Exchange Online Protection (EOP) in its ongoing battle to combat malware several times recently. EOP runs in the background to analyze and block suspicious email, using techniques like Dynamic Delivery to make sure that end users only receive safe email.
Inevitably, although Microsoft has some of the best security experts in the world working on EOP, a small percentage of bad stuff gets through and arrives into user mailboxes. Now, Microsoft is making it easier to report when unwanted email arrives in the Inbox. Or conversely, to let them know when Exchange redirects messages to the Junk Email folder and those messages are perfectly good.
Microsoftrsquo;s solution is the rsquo;Report Messagerdquo; add-in for Outlook 2016 that they automatically publish to Exchange Online users. The add-in shows up in the menu bar and is available when any email folder is chosen (the add-in is deactivated when Outlook is positioned in a non-email folder, like one that stores an RSS feed).
Figure 1: The Report message add-in (image credit: Tony Redmond)
The intention is that people use the add-in to report bad messages that sneak into their Inbox to Microsoft. Messages can be reported as rsquo;Junkrdquo;, such as spam that you do not expect to see arrive into your Inbox, or rsquo;Phishingrdquo;, one of those dangerous messages that lure people into doing the wrong thing, like giving their credit card details to a friendly spammer. If a legitimate message ends up in Junk Email, you can tell Microsoft that something went wrong with their email screening.
You can also send a copy of massages marked as Junk or Phishing to Microsoft to help them understand the characteristics or rsquo;signaturerdquo; of the message and how it managed to evade EOP screening (Figure 2).
Figure 2: Junk Email Reporting Options (image credit: Tony Redmond)
The default is to ask before sending, which is a safeguard in case you select a message incorrectly. No one wants to accidently send copies of confidential emails to Microsoft. But the copies of reported messages are incredibly important to help Microsoftrsquo;s security researchers understand how attackers evolve their methods to avoid detection.
Therersquo;s nothing new in asking users to help improve the effectiveness of anti-malware technology by providing samples of messages that get through. In the past, Microsoft asked people to send copies or problem messages to them by email. Of course, everyone promptly forgot the email address or could not remember it when a problem message arrived. Building the functionality to report bad messages into Outlook is just sensible. Microsoft should probably have done this long ago. Some malware will always sneak through, but giving Microsoft examples of what does get through is a good way to help them close off the holes.
The add-in is available to preview customers now and is likely to be rolled out to all Office 365 tenants after Microsoft has had a chance to evaluate customer feedback. In line with Microsoftrsquo;s strategy to make Outlook a brand where all clients get the same functionality when it makes sense, I expect to see this feature eventually turn up in OWA and the Outlook mobile clients.
And if you donrsquo;t like the idea behind the add-in, you can easily remove it. Which is what I expect spammersrsquo; friends to do.
Follow Tony onTwitter @12Knocksinna.
Want to know more about how to manage Office 365? Find what you need to know in rsquo;Office 365 for IT Prosrdquo;, the most comprehensive eBook covering all aspects of Office 365. Availablein PDF and EPUB formats(suitable for iBooks) or forAmazon Kindle.
The post Microsoft Continues Battle Against Malware with Outlook Add-in appeared first on Petri.
Wer Red Hat Satellite 6 einsetzt, um virtualisierte Red Hat Enterprise Linux-Systeme zu verwalten, musszur LizenzzuweisungRed Hat Subscription Management (RHSM) verwenden. Gegenüber der vorher verwendeten Red Hat Network Classic-Lizenzsierung kommen hier signierte Manifest-Zertifikate zum Einsatz. In größeren Systemlandschaften ist es so auch einfacher,verwendete und benötigte Lizenzen aufzulisten, da sich RHSM in Hypervisor integrieren kann. Mithilfe einer auf dem Red Hat Satellite-Server ausgeführten Software werden ausgeführte RHEL-Instanzen und verwendete Hypervisor erkannt und an RHSM berichtet, um die korrekte Lizenzierung sicherzustellen. Es wird keine Fremdsoftware auf dem Hypervisor benötigt – ein Zugriff auf die Hypervisor-API ist ausreichend. Für das Auslesen der Laufzeitinformationen ist es ratsam einen read-only Service-Account einzurichten.
Die konventionelle Subskriptionsverwaltung steht übrigens ab dem 31. Juli 2017 nicht mehr zur Verfügung – auch nicht für Red Hat Satellite 5. Benutzer der älteren Management-Suite müssen ebenso auf RHSM migrieren.
Vorab sollte sichergestellt werden, dass sich diezu verwalteten Systeme mindestens auf denVersionsständen 5.7, 6.1 und 7.0 oder höher befinden. Wenn Red Hat Satellite 6 zum Einsatz kommt, muss das virt-who Paket auf diesem System installiert werden. Darüber hinaus ist es empfehlenswert, pro Hypervisor oder vCenter Server entsprechende Konfigurationsdateien zu erstellen – beispielsweise für eine vCenter-Instanz:
# cat /etc/virt-who.d/vcenter.conf[vcenter]type=esxserver=vcenter.stankowic.locusername=svc-readonly@vsphere.localencrypted_password=xxxxxxxxowner=RHSM_IDenv=LibrarySehr wichtig ist übrigens, den Benutzernamen im Format name@sso.tld und nicht sso.tld\name einzugeben! Wird letzteres angegeben, werden Benutzername und Passwort nicht korrekt übergeben und es kommt somit zu fehlerhaften Logins.
RHSM_ID muss durch die RHSM Organisations-ID ersetzt werden. Diese findet man einfachsten, wenn man das folgende Kommando auf dem Red Hat Satellite Server ausführt, da dieser ja im Idealfall bereits über RHSM registriert ist:
# subscription-manager identitysystem identity: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxname: satellite.stankowic.locorg name: xxxxxxxorg ID: xxxxxxxAn dieser Stelle ist die offizielle Dokumentation leider etwas dünn.Ich hattedemzufolge zuerst die interne Satellite Organisations-ID angegeben und war über die folgende Fehlermeldung im RHSM-Protokoll (/var/log/rhsm/rhsm.log) verwundert:
2017-05-11 09:13:55,657 [virtwho.main ERROR] MainProcess(6049):MainThread @executor.py:send:143 - Unable to send data: Communication with subscription manager failed with code 404: Organization with id 1 could not be found.
Auch das Verwenden des Namens funktionierte natürlich nicht:
2017-05-11 09:13:26,845 [virtwho.main ERROR] MainProcess(5809):MainThread @executor.py:send:143 - Unable to send data: Communication with subscription manager failed with code 404: Organization with id Stankowic could not be found.
Das Resultat war, dass verwaltete Systeme lediglich über eine temporäre Subskription verfügten:
# subscription-manager status+-------------------------------------------+ System Status Details+-------------------------------------------+Overall Status: InsufficientRed Hat Enterprise Linux for SAP applications, Premium (1-2 sockets)(Up to 4guests) with Smart Management:- Guest has not been reported on any host and is using a temporary unmapped guest subscription.
Temporär bedeutet, dass das betroffene System lediglich für maximal 24 Stunden Zugriff auf die Software-Pakete erhält.
Bei der ersten Einrichtung von virt-who ist es empfehlenswert, den Debug-Modus zu aktivieren:
# vi /etc/sysconfig/virt-whoVIRTWHO_BACKGROUND=1VIRTWHO_DEBUG=1VIRTWHO_SATELLITE6=1Sofern Benutzername und Passwort stimmen, kann das erfolgreiche Erkennen und Berichten der virtuellen RHEL-Instanzen im RHSM-Protokoll eingesehen werden:
2017-05-11 10:14:40,523 [virtwho.main DEBUG] MainProcess(15626):MainThread @executor.py:send_report:101 - Report for config "vcenter" sent
Auf dem temporär berechtigten RHEL-System wurden die folgenden zwei Befehle ausgeführt – anschließend war es vollständig berechtigt:
# subscription-manager attach# subscription-manager status+-------------------------------------------+ System Status Details+-------------------------------------------+Overall Status: Current
In this post, I will show you how to deploy an already deployed StorSimple appliance as a file server/NAS.
An interesting scenario with StorSimple is to use it as a file server. Your shares are created from the Azure Portal but managed locally. They are normal Windows shared folders that offer the usual features of SMB networking. They also potentially have great speed. There are a few scenarios that you can consider, including the small business and branch office.
Many small businesses, even those using cloud services such as Office 365, continue to run a domain controller, accounting application, and file server on servers. Hopefully, these are virtual machines. If all three roles are running on a single virtualization host, no matter what virtualization that was, it would normally require 3x the virtual licenses. This requires the host to be licensed twice for Windows Server Standard. You need 2x the virtual licenses per Standard license assigned to a physical machine. However, if the file server was a StorSimple appliance:
Larger businesses with branch offices can also benefit in a very similar way. The appliance can offer file services in each branch office and use the cloud for scale out, automatic backup, and a DR solution. This has a recovery time objective (RTO) of a couple of minutes. The deployment of a cloud-managed appliance will simplify and reduce the IT costs of branch office deployments.
After you deploy the virtual appliance, you will perform a number of steps, which were documented in a previous article. One of these steps is when you configure the StorSimple, either as a file server/NAS or as an iSCSI storage appliance. Make sure you choose the File Server option.
Configure StorSimple Device Settings and Domain Join [Image Credit: Aidan Finn]
It is advised that the appliance should be added to a domain. This will allow you to manage shares and security in a traditional method.
We will continue the process from when the appliance is configured in the Azure Portal and we can start to provision shares. Open the StorSimple Device Manager and browse to Shares. For this example, we will treat the StorSimple appliances as a block of storage, which is managed by a centralized view. You can always browse into the virtual appliance in StorSimple Device Manager and then into shares for that device.
Click + Add Share. You are asked to select a device in the Add Share blade. The rest of the options appear after you select an appliance to create the share in:
Adding a New Share to the StorSimple Virtual Appliance [Image Credit: Aidan Finn]
Click Create and Azure will provision appliance and cloud storage. It will also enable and permission the share. The creation only takes a few seconds.
The New Share Viewed in the Azure Portal [Image Credit: Aidan Finn]
You will perform all of your share and folder administration as you would have always done. Use Computer Management while connected to the StorSimple. Use File Explorer by browsing to the share from your PC.
The post Configuring StorSimple as a File Server/NAS appeared first on Petri.
Amadeus is a technology company dedicated to the global travel industry, with many customers relying on Amadeusrsquo; technology and services across the entire spectrum of the travel experience, covering bookings, pricing and managing reservations – all the way through to departure.
How does Amadeus shape the future of global travel? Using VMware Integrated OpenStack and NSX, Amadeus has built a platform that connects all its customers to deliver superior responsiveness and ultra-high availability of services. Discover how in our video below:
Looking to leverage network virtualization like Amadeus? Get started with our Network Virtualization for Dummies Guide– a crash course on how to move out of the hardwired past and into the era of the virtualized network with VMware.
Click here to download your free copy of rsquo;Network Virtualization for Dummiesrdquo;.
I was looking into some behavior recently to assist one of our partners. He described a situation that they observed during proof-of-concept testing and thought it would be of benefit to highlight this behavior in case you also observe the same, and you are curious as to why. Let’s begin with a description of the test. The customer has a 7-node vSAN, and have implemented RAID-6 erasure coding across the board. The isolated one host, and as expected, the VMs continued to run without issue. The customer was also able to clones virtual machine on vSAN and take snapshots on vSAN. No problems there. Next the customer introduced another issue, isolating another host. This now meant that there were only 5 ESXi hosts running in the cluster. Again, as expected, this did not impact the VMs. They continued to run fine, and remain accessible (RAID-6 erasure coding allows VMs to tolerate 2 failures on vSAN). However the customer next went ahead and tried to do some snapshots and clones. He encountered the following error on trying to do so:
"an error occurred while taking a snapshot: out of resources""There are currently 5 usable fault domains. The operation requires 1 more usable fault domains."
Let’s explain why this occurs:
Let’s start with snapshots as that is easy to explain. Snapshots always inherit the same policy as the parent VMDK. Since the parent VMDK in this situation has a RAID-6 configuration which requires 6 physical ESXi hosts (4 data + 2 parity segments), and there are now only 5 hosts remaining in the cluster, we are not able to create an object with a configuration which adheres to the policy requirement. That’s straight forward enough.
But what about clones. What if we cloned, but we selected a different policy which did not require the same number of physical hosts?
Unfortunately not. When we clone a running VM on vSAN, we snapshot the VMDKs on the source VM before cloning them to the destination VM. Once again, these snapshots inherit the same policy as the parent VMDK, and do not use the policy of the destination VMDK. For example, here is a VM with 2 VMDKs that I cloned. Both have the default vSAN default datastore policy, as well as the VM home namespace object. I’m using RVC, the Ruby vSphere Console, available on all vCenter server:
/vcsa-06/DC/computers>vsan.vm_object_info Cluster/resourcePool/vms/win-2012-2/VM win-2012-2: Namespace directory DOM Object: be71e758-6b8e-d700-23a0-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, proportionalCapacity = [0, 100], forceProvisioning = 0, CSN = 85, spbmProfileName = Virtual SAN Default Storage Policy, SCSN = 87, cacheReservation = 0, stripeWidth = 1, spbmProfileGenerationNumber = 0) RAID_1 Component: be71e758-260c-3201-35e6-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-j.rainpole.com, md: naa.500a07510f86d6ae, ssd: naa.55cd2e404c31f8f0, votes: 1, usage: 0.5 GB, proxy component: false) Component: be71e758-d9b0-3301-14b7-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-k.rainpole.com, md: naa.500a07510f86d6ca, ssd: naa.55cd2e404c31e2c7, votes: 1, usage: 0.5 GB, proxy component: false) Witness: 52e3ef58-f9db-bf03-5914-246e962f48f8 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false) Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2.vmdk DOM Object: c071e758-3862-0523-ea3c-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, proportionalCapacity = 0, forceProvisioning = 0, CSN = 86, spbmProfileName = Virtual SAN Default Storage Policy, SCSN = 85, cacheReservation = 0, stripeWidth = 1, spbmProfileGenerationNumber = 0) RAID_1 Component: c071e758-9c2e-bd23-b93b-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-j.rainpole.com, md: naa.500a07510f86d684, ssd: naa.55cd2e404c31f8f0, votes: 1, usage: 8.6 GB, proxy component: false) Component: c2d31259-be67-d9aa-9520-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-l.rainpole.com, md: naa.500a07510f86d6cf, ssd: naa.55cd2e404c31f9a9, votes: 1, usage: 8.6 GB, proxy component: false) Witness: 6fd41259-7ab9-59e0-ddf8-246e962c23f0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false) Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2_1.vmdk DOM Object: 2072e758-4dd9-ebef-1221-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, proportionalCapacity = 0, forceProvisioning = 0, CSN = 80, spbmProfileName = Virtual SAN Default Storage Policy, SCSN = 84, cacheReservation = 0, stripeWidth = 1, spbmProfileGenerationNumber = 0) RAID_1 Component: 2072e758-ce95-11f1-6ab2-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-l.rainpole.com, md: naa.500a07510f86d695, ssd: naa.55cd2e404c31f9a9, votes: 1, usage: 40.3 GB, proxy component: false) Component: 2072e758-d8e5-12f1-8d83-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-i.rainpole.com, md: naa.500a07510f86d6ab, ssd: naa.55cd2e404c31ef8d, votes: 1, usage: 40.3 GB, proxy component: false) Witness: 55e3ef58-41dc-6e77-c6d6-246e962f4ab0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false)
/vcsa-06/DC/computers>vsan.vm_object_info Cluster/resourcePool/vms/win-2012-2/VM win-2012-2: Namespace directory DOM Object: be71e758-6b8e-d700-23a0-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: CSN = 85, spbmProfileName = Virtual SAN Default Storage Policy, stripeWidth = 1, cacheReservation = 0, hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, SCSN = 87, forceProvisioning = 0, spbmProfileGenerationNumber = 0, proportionalCapacity = [0, 100]) RAID_1 Component: be71e758-260c-3201-35e6-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-j.rainpole.com, md: naa.500a07510f86d6ae, ssd: naa.55cd2e404c31f8f0, votes: 1, usage: 0.5 GB, proxy component: false) Component: be71e758-d9b0-3301-14b7-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-k.rainpole.com, md: naa.500a07510f86d6ca, ssd: naa.55cd2e404c31e2c7, votes: 1, usage: 0.5 GB, proxy component: false) Witness: 52e3ef58-f9db-bf03-5914-246e962f48f8 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false)Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2-000001.vmdk DOM Object: 22331459-f0b3-0049-e0dc-246e962c23f0 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: CSN = 1, spbmProfileName =Virtual SAN Default Storage Policy, stripeWidth = 1, cacheReservation = 0, hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, forceProvisioning = 0, spbmProfileGenerationNumber = 0, proportionalCapacity = [0, 100]) RAID_1 Component: 22331459-dfdc-5a49-6955-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-l.rainpole.com, md: naa.500a07510f86d6cf, ssd: naa.55cd2e404c31f9a9, votes: 1, usage: 0.3 GB, proxy component: false) Component: 22331459-423a-5c49-7f7c-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-i.rainpole.com, md: naa.500a07510f86d6ab, ssd: naa.55cd2e404c31ef8d, votes: 1, usage: 0.3 GB, proxy component: false) Witness: 22331459-c247-5d49-9389-246e962c23f0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false) Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2.vmdk DOM Object: c071e758-3862-0523-ea3c-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: CSN = 86, spbmProfileName = Virtual SAN Default Storage Policy, stripeWidth = 1, cacheReservation = 0, hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, SCSN = 85, forceProvisioning = 0, spbmProfileGenerationNumber = 0, proportionalCapacity = 0) RAID_1 Component: c071e758-9c2e-bd23-b93b-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-j.rainpole.com, md: naa.500a07510f86d684, ssd: naa.55cd2e404c31f8f0, votes: 1, usage: 8.6 GB, proxy component: false) Component: c2d31259-be67-d9aa-9520-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-l.rainpole.com, md: naa.500a07510f86d6cf, ssd: naa.55cd2e404c31f9a9, votes: 1, usage: 8.6 GB, proxy component: false) Witness: 6fd41259-7ab9-59e0-ddf8-246e962c23f0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false)Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2_1-000001.vmdk DOM Object: 22331459-117f-016b-0dae-246e962c23f0 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: CSN = 1, spbmProfileName =Virtual SAN Default Storage Policy, stripeWidth = 1, cacheReservation = 0, hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, forceProvisioning = 0, spbmProfileGenerationNumber = 0, proportionalCapacity = [0, 100]) RAID_1 Component: 22331459-b4d8-166d-04ac-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-k.rainpole.com, md: naa.500a07510f86d6b8, ssd: naa.55cd2e404c31e2c7, votes: 1, usage: 0.0 GB, proxy component: false) Component: 22331459-8b5b-186d-dd5e-246e962c23f0 (state: ACTIVE (5), host: esxi-dell-j.rainpole.com, md: naa.500a07510f86d6ae, ssd: naa.55cd2e404c31f8f0, votes: 1, usage: 0.0 GB, proxy component: false) Witness: 22331459-6887-196d-841b-246e962c23f0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false) Disk backing: [vsanDatastore (1)] be71e758-6b8e-d700-23a0-246e962f48f8/win-2012-2_1.vmdk DOM Object: 2072e758-4dd9-ebef-1221-246e962f48f8 (v5, owner: esxi-dell-k.rainpole.com, proxy owner: None, policy: CSN = 80, spbmProfileName = Virtual SAN Default Storage Policy, stripeWidth = 1, cacheReservation = 0, hostFailuresToTolerate = 1, spbmProfileId = aa6d5a82-1c88-45da-85d3-3d74b91a5bad, SCSN = 84, forceProvisioning = 0, spbmProfileGenerationNumber = 0, proportionalCapacity = 0) RAID_1 Component: 2072e758-ce95-11f1-6ab2-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-l.rainpole.com, md: naa.500a07510f86d695, ssd: naa.55cd2e404c31f9a9, votes: 1, usage: 40.3 GB, proxy component: false) Component: 2072e758-d8e5-12f1-8d83-246e962f48f8 (state: ACTIVE (5), host: esxi-dell-i.rainpole.com, md: naa.500a07510f86d6ab, ssd: naa.55cd2e404c31ef8d, votes: 1, usage: 40.3 GB, proxy component: false) Witness: 55e3ef58-41dc-6e77-c6d6-246e962f4ab0 (state: ACTIVE (5), host: witness-02.rainpole.com, md: mpx.vmhba1:C0:T1:L0, ssd: mpx.vmhba1:C0:T2:L0, votes: 1, usage: 0.0 GB, proxy component: false)
What this shows us is that there are two additional snapshot objects added to this VM for the duration of the clone operation, one for each VMDK. Once again, these inherit the same policy as the parent VMDK. So if the VMDKs were deployed as RAID-6 objects, these snapshots used for cloning would also be RAID-6. In the scenario described earlier, if this was a 7 node cluster, and there were 2 failures in the cluster, the virtual machines would continue to remain available, but the host failures in the vSAN cluster would mean that you would not be able to do a live clone of any of the virtual machines, since they rely on snapshots, and snapshots inherit the same policy as their parent VMDKs. Once the clone operation completes, these additional snapshot objects are automatically removed.
Hope this helps to explain the scenario if you also encounter it.
The post Cloning and Snapshots on vSAN when policy requirements cannot be met appeared first on CormacHogan.com.
In this Veeam Vault I am going to round up some of the blogging content around VeeamON 2017, briefly talk about Backup & Replication 9.5 Update, the RTM of the Agent for Microsoft Windows and finish with a Veeam Vanguard Blog Post roundup since the last Veeam Vault edition.
For those attending VeeamON next week, see you there!
New Logo:
Update 2 and Agent for Windows:
A couple of weeks ago we released RTM builds of Backup & Replication 9.5 Update 2 as well as Veeam Agent for Microsoft Windows. GA isn’t far away so if you are a Veeam Cloud and Service Provider and haven’t upgraded to the RTM build yet you are probably behind the eight ball in terms of being in a position to support VAW for when it does GA. Veeam Agent for Microsoft Windows represents a massive opportunity for our VCSPs to tap into a market that was previously not accessible…this being, physical severs and workstations, workstation endpoints and more significantly cloud based Windows instances…all of which can now be backed up to Cloud Connect Repositories.
VeeamOn 2017 Blog Roundup and Mobile App:
A number of my team mates have written veeam.com blog posts about what to expect at VeeamOn this year and they are well worth a read. I, myself wrote a post last week where I listed my top sessionsfor 2017. Check out the posts below to get even more info on happenings at VeeamON.
Speaking of sessions and session registration, if you haven’t downloaded the VeeamON app for IOS or Android, scan the QR codes below or search for VeeamON in the App Stores:
Veeam Vanguard Blog Post Roundup:
The post Veeam Vault #6: Pre VeeamON 2017 Edition! New Logo, Update 2, VAW and Vanguard Roundup appeared first on VIRTUALIZATION IS LIFE!.
When focusing on traditional mode IT, what can a Legacy Pro expect?
Following up on the last posting, regarding the quest for training, either from within or from without your organization, what about the other side of the coin? I have worked with many individuals, when I was at a vendor, channel reseller, and more importantly inside an organization, wherein training, or even job growth was not important.
These individuals were quite excellent at the jobs for which theyrsquo;d been tasked, but they were also satisfied with those jobs, and had no desire for more. Irsquo;ve really no issue with that. Certainly, Irsquo;d rather interact with a fantastic storage admin or route/switch engineer with no desire for career mobility than the engineer whorsquo;d been in the role for 2 months and had their sights set on the next role already. Irsquo;d be likely to get solid advice, and correct addressing of issues by the engineer whorsquo;d been doing that job for years.
But, and this is important, what would happen if the organization changed direction. The Route/Switch guy who knows Cisco inside and out may be left in the dust if he refused to learn Arista, (for example) when the infrastructure changes hands, and the organization changes platform. Some of these decisions are made with no regard to existing talent. Or, if as an enterprise, they moved from expansion on their on-premises VMware environment to a Cloud-First mentality? Those who refuse to learn will be left by the wayside.
Like a shark will die unless it moves forward, so will a legacy IT pro lose their status if they donrsquo;t move forward.
Irsquo;ve been in environments wherein people were siloed to the extent that they never needed to do anything outside their scope. Say, for example, a mainframe coder, and yet, for the life of the mainframe in that environment, they were going to stay valuable to the organization. These skills are not consistent with the growth in the industry. Who really is developing their mainframe skills today? But, that doesnrsquo;t mean that they intrinsically have no impetus to move forward. They actually do, and should. Because, while itrsquo;s hard to do away with a mainframe, itrsquo;s been known to happen.
Obviously, my advice is to grow your skills, by hook or by crook. To learn outside your standard scope is beneficial in all ways. Even if you donrsquo;t use the new tech that yoursquo;re learning, you may be able to benefit the older tech on which you currently work by leveraging some of your newly gained knowledge.
As usual, Irsquo;m an advocate for taking whatever training interests you. Irsquo;d go beyond that to saying that, and has been stated before, there are many ways to leverage free training portals, and programs to benefit yourself and your organization beyond those which have been sanctioned specifically by the organization. Spread your wings, seek out ways to better yourself, and in this, as in life, Irsquo;d pass on my advice: Always try to do something beneficial every day. At least one thing, which will place you on the moving forward path, and not let you die like a shark rendered stationary.