Gör skillnad – Med NetClean och VMware

Barnporr. Bara ett ord på skärmen när du läser det men innebörden av ordet är avgrundsdjup. Blir du arg när du tänker på det? Blir du illa till mods? Upprörd? Känner du något överhuvudtaget så vill du förmodligen hjälpa till att sätta stopp för det på alla sätt du kan. Det är långt vanligare än man kan tro att vuxna män – för det är onekligen män som är överrepresenterade här – innehar barnporr.

1 av 500 individer har tillgång till och konsumerar barnporr via sin arbetsdator.

Som företag – som ledare – som anställd – som människa – har vi ett ansvar att försöka stoppa det!

Vi på Arrow ECS har många leverantörer i vår portfölj, de flest är viktiga. En del till och med företagskritiska. Jag har tillexempel haft jobb i snart 20 år eftersom jag för länge sedan insåg potentialen som fanns i det där med virtualiering. Så för mig har VMware som leverantör varit viktig personligen, jag har kunnat livnära mig på den kunskap om de tekniker och funktioner som VMware genom åren släppt ut på marknaden. Jag kommer oerhört väl ihåg när jag upplevde vMotion för första gången – och imponeras fortfarande idag av hur otroligt det egentligen är att flytta en arbetslast från en fysisk server till en annan. Jag förstår att VMware har hjälpt till att transformera en hel bransch under 20 års tid med att först virtualisera servrar, sedan nätverk och dessutom storage – och resan är långt ifrån slut!

Men jag vill också tro att vi som människor, som råkar arbeta inom IT branschen, kan hjälpa till att göra världen lite bättre än den var igår. ”A force for good”. Det är därför jag som anställd är väldigt stolt att Arrow har tagit in en ny leverantör i vår portfölj. Det låter affärsmässigt, nya leverantörer får vi in hela tiden. Men hur ofta får vi in en leverantör som har en potential att hjälpa barn i utsatta positioner?  Att påverka vår omvärld långt utanför IT-branschen? NetClean, som jag pratar om här, är ett svenskt företag vars vision är att vara en given del i kampen mot sexuella övergrepp mot barn. Företaget startade 2003 och har sitt huvudsäte i Göteborg.

När man går in på NetCleans hemsida möts man av budskapet ”Protect what matters!” – Tre små ord som i sammanhanget får så oerhört stor betydelse. Även om det varit utbrett tidigare så har barnporr och övergrepp mot barn ökat i en skrämmande takt under pandemin, därför blir jag så glad när man kan kombinera nytt och gammalt på ett sätt som faktiskt gör skillnad. NetClean har nämligen samarbete med VMware där NetClean kan komplettera och integrera i två viktiga VMware-område: Carbon Black och Workspace ONE.

Med integreringen i dessa två område sitter NetClean verkligen i bästa position för att upptäcka och rapportera oönskade aktiviteter. NetClean har två produkter, en som skyddar datorer och en som skyddar mobiltelefoner. Infrastrukturen för att hantera NetClean är väldigt enkel att sätta upp och licensiering är enkel att förstå – per device.

Med NetClean och VMware kan vi alltså göra en konkret skillnad – här och nu!

Kontakta Arrow ECS eller NetClean idag för att komma vidare

  • VMware Carbon Black Cloud är en SaaS-lösning (Software as a Service) som omfattar nästa generations anti-virus (NGAV), endpoint detection and response (EDR), avancerad hothantering och sårbarhetshantering i en enda konsol med hjälp av en enda sensor
  • VMware Workspace ONE är en företagsplattform som tillhandahåller moduler som stöder identitetshantering, programpaketering och distribution samt hantering av mobila enheter.

VMworld 2021

Nya Cross-Cloud tjänster
Det var mycket nyheter runt hantering av multi-cloud miljöer, allt från managering och säkerhet till kostnadskontroll.
Men en av de största lanseringarna på VMworld 2021 var VMwares Cross-Cloud Services. Cross-Cloud Services är en samling integrerade tjänster som gör det möjligt för kunder att bygga, köra och säkra upp applikationer oavsett vilket moln de körs i.
Det finns fem grundläggande byggblock i Cross-Cloud Services:

  • Bygga och rulla ut cloud native applications
  • Cloud infrastruktur för att hantera och köra enterprise apps
  • Cloud management mellan olika moln
  • Säkerhet och nätverk
  • Digital Workspace för hantering av användare som är utspridda

Man lyfte också på vad som är på gång i form av Project Arctic som är en plattform för hantering av vSphere fast i molnet. Man integrerar koppling till molnet direkt i vSphere vilket innebär att vSphere blir “Cloud-aware” och hybrid cloud blir den nya operating model som används.

Mycket Tanzu
VMware släppte en gratisversion av Tanzu, VMware Tanzu Community Edition, som låter kunder testa och lära sig om applikationer i containers. Tanzu Community edition kan enkelt installeras på en laptop på några minuter. Kunder kan sen snabbt komma igång med sitt kubernetescluster.


Man annonserade även Tanzu Service Mesh som för samman hur man kopplar samman och hanterar säkerhet och monitorering över flera molnmiljöer.

VMware Tanzu Kubernetes Grid supporterar nu NVIDIA GPUs i Amazon Web Services och Azure

VMware Tanzu Mission Control Starter – Tanzu Mission Control släpptes i en gratis instegsvariant

Och dessutom släpptes vSphere 7.0 update 3 till allmänheten samt VMware Cloud Director 10.3 (som släpptes lite tidigare än VMworld)

PowerShell function for menu creation revisited

Sometimes when creating blog posts you just get excited to publish a post as soon as it’s finished, but then you realize you can do something better. So yesterday I published a post on how to use a function in PowerShell to create an interactive dynamic menu but in hindsight it could have been more “generic” – so today I’m back with a new post on how you can create that generic function by providing the query in a separate string instead as part of the function itself. This allows you to merely change the query (the input for creating the menu) without having to change anything inside the function. Now it’s a “real” function! 🙂

I’ve added two mandatory parameters to the function, the first is the query to retrieve data and the second parameter is the task that you’d like to perform on the selected object. I’m calling the parameters -ListItem and -GetItem but the actual query is set in the $MyQuery and $MyTask string and they are then passed on to the function to perform the task. So if I’d like to get a list of VMs I just change the $MyQuery to something like “(Get-VM | Sort-Object)” and if I’d like to get a list of Datastores I set $MyQuery = “(Get-Datastore | Where {$_.Type -eq ‘VMFS’} | Sort-Object -Descending FreeSpaceGB)”. Once the list is presented and you select an object you then pass on what’s going to happen with it with the $MyTask – so if I want to retrieve a specific VM I set it to “Get-VM” but it could be anything (like Remove-VM but there’s no warning so be careful!)

Get a list of VMs
Get a list of VMFS datastores and sort them based on free space

Calling the function is then done using this syntax:
Set-Menu -ListItem $MyQuery -GetItem $MyTask

$VIServer = "vcsa.mydomain.com"
$VIUsername = "administrator@vsphere.local"
$VIPassword = "MyPassword"

Connect-VIServer $VIServer -User $VIUsername -Password $VIPassword -WarningAction SilentlyContinue

$MyQuery = (Get-Datastore | Where {$_.Type -eq 'VMFS'} |Sort-Object -Descending FreeSpaceGB)
$MyTask = "Get-Datastore"

Function Set-Menu {
    Param (
        [Parameter(Mandatory)]
        [ValidateNotNullOrEmpty()]
        $ListItem,

        [Parameter(Mandatory)]
        [ValidateNotNullOrEmpty()]
        $GetItem
    )

    Try {
    $menu = @{}
    For ($i=1;$i -le $ListItem.count; $i++)
        { Write-Host "$i. $($ListItem[$i-1].Name)"
        $menu.Add($i,($ListItem[$i-1].Name)) }
    [int]$ans = if(($ans = Read-Host "Select item or press enter to accept default value [1]") -eq '') {"1"} else {$ans}
    $Selection = $menu.Item($ans); Invoke-Expression $($GetItem +  " " + $Selection)
    }

    Catch {
    Write-Host "The selection you made is unavailable, please make a valid selection between 1 and $($i-1)..."
    }
}

cls

Set-Menu -ListItem $MyQuery -GetItem $MyTask

Disconnect-VIServer $VIServer -Confirm:$false
Set-Menu waiting for user input
Set-Menu has executed the task defined in $MyTask

The way you can use the function is up to you but I use it in William Lams vghetto-vsphere-automated-lab-deployment script

Whiteboard: VMware vSAN

And yet another series, I’d like to call it – Whiteboard. It’s about me trying to give a little deeper  dive into a specific subject in the format of whiteboarding. So the first session will be a closer look at VMware vSAN.

Swedish only.

In 5 minutes: VMware AppDefense

The latest addition to VMwares security portfolio is called AppDefense, let’s have a look at it in 5 minutes.

Swedish only.

In 5 minutes: VMware vSAN

“In 5 minutes”-series, we’ll discuss VMware vSAN.

Swedish only.

In 5 minutes: VMware ROBO

Continuing the “In 5 minutes”-series with a discussion relating more to licenses than technology. A talk about licensing remote offices and branch offices for use with vSphere, vSAN and NSX.

Swedish only.

 

A new series: “In 5 minutes” starting with VMware NSX

I introduced a series a while back called “How and why”, the premise of the series was to provide input on specific functions or features from products I love to use – starting with a short powerpoint presentation followed by a hands-on  part showing how to use or enable the function/feature. Each video is roughly 30 minutes long.

In contrast, the new series is really all about showing the 10 000 meter view in about 5 minutes or so. Short and snappy. So it’s by no means intended to be exhaustive, the be all end all, describing every single feature and function or benefit of the product but enough information for you to at least get a sense of the product and it’s capabilities.

So the episode I’ll start off the new series with is called “VMware NSX in 5 minutes” or is it’s actually called “VMware NSX på 5 minuter” since it’s in swedish.  And the format is sort of a whiteboard (or rather notebook) session.

Sorry, swedish only:

VMware vSAN 2017 Specialist exam experience

A few days ago VMware Education released a brand new series of exams with the badge name “Specialist”. Currently there are two exams available, vSAN 2017 (called 2VB-601 in official certification lingo) and vRealize Operations 2017 (2VB-602). I do like a good challenge so I scheduled the exam basically as soon as I heard about the exam and started preparing for it immediately – I basically only had a days worth of preparation due to the fact I wanted it done before heading out to Las Vegas and VMworld 2017 (but I’ve been using, talking and writing about vSAN for quite a while) . You can read more on what’s expected of you before scheduling the exam here.  But in short, if you hold a valid VCP6 for any solution track you can just schedule the exam.

So how did I prepare for the exam?  Well, as I already mentioned I’ve been using vSAN for a long time but more recently I attended the instructor lead vSAN class in April without knowing that there would be a certification introduced just a few months later. The class I attended was called VMware Virtual SAN: Deploy and Manage [V6.2] and as you probably guessed already based on the name was focused on vSAN version 6.2. So now I have access to the official “Student Lecture Manual” that goes along with the class, obviously that’s a good starting point as far as studying goes.

To get up to speed on the latest version of vSAN I really recommend heading over to #vBrownBag and catch the episode called VMware vSAN 6.6 Deep Dive with Jase McCarty.

And for some hands on experience I’d recommend the VMware Hands On Labs (free of charge – thats just fantastic, thanks VMware!) where you can  find lots of labs and a few vSAN related labs as well. Or if you have a home lab I would really recommend William Lams automated vSphere Lab Deployment – I use it all the time and it’s nothing short of amazing!

Another great resource is of course the VMware SABU (Storage and Availability Business Unit) team’s resource page for technical documentation called storage hub. Two documents I found useful were called “VMware vSAN 6.5 Technical Overview” and also the latest version “VMware vSAN 6.6 Technical Overview”.

Don’t forget to read through the exam prep guide either. It’s the exam blue print stating all the topics that will be covered on the exam. Quite important.

The exam itself consist of 60 multiple choice type of questions. You’re allotted 105 minutes to complete the exam with an automatic 30 minute language extension, and that should be more than enough time to complete the exam. I tend to do exams rather fast, but I spent roughly 45-50 minutes on the test including reviews.

And as always, when you click to end the test it takes a few seconds to understand and have it sink in if you passed the test or not. And I did, so now I’m officially not only a vExpert vSAN but also a VMware vSAN 2017 Specialist. Woho me!

VMware vSAN iSCSI use case?

In a previous post I went through a list of my personal favorite features in vSphere 6.5. VMware vSAN is on of them, it’s a storage solution that handles your virtual machines – amongst others as we shall see today.

One of the nicest features introduced for vSAN in vSphere 6.5 is the ability to attach physical servers to the vSAN cluster. By letting the vSAN handle the iSCSI volume, since it’s just another object in the vSAN, you can apply the same policies on that volume as you do on the vSAN datastore used for you virtual machines. And that means you’re able to manage the performance and/or availability, not just when initially setting up the volume but any time the requirements change for the volume you’re able to adapt.

So is it hard setting up vSAN with iSCSI targets and attaching physical servers to it? Not at all, it’s quite easy actually. Let me show you how easy it is. But first we have to create a vSphere cluster with vSAN enabled and configured. Now, I’m a big fan of PowerCLI and automating a lab environment set-up is thanks to William Lam a breeze. I’ve adjusted his script slightly to allow me to select 3 different sizes of the ESXi hosts to choose from: small, medium or large. This allows me within 30 minutes to have a lab consisting of 3 ESXi hosts and a vCenter appliance up and running, configured with a cluster and vSAN enabled. The medium and large size configurations would normally be used for VMware NSX labs and demos.

It might not be the intended use case, but wouldn’t it be fun to host virtual machines from a Hyper-v environment on a vSAN? “Why?” I hear you say, no reason, just because we can!

PowerCLI

So first thing is to execute the PowerCLI script to bring my lab environment online:

Logging on to vCenter will now show the three hosts in a cluster with a new datastore created, a vSAN datastore.

Next, we need to enable the iSCSI functionality, which is a simple process:

Enabling the Virtual SAN iSCSI target service requires some input, specifically

  • Default iSCSI network to use – in a production environment you’d probably want to set up a dedicated VMkernel iSCSI interface for this.
  • Default TCP port – usually no need to change this
  • Default authentication – If you’d like you can set up the connection to use either None, CHAP or Mutual CHAP
  • Storage Policy for the home object – Using the predefined storage policies you can have the home object that stores metadata for the iSCSI target protected for host failures

If you want, you can create a new policy with specific settings for iSCSI Targets and Home object:

The default vSAN storage policy is used.

It protects you against one host failure, to do that it will have the object placed on two different hosts. This means it will use twice the space assigned to an object/VMDK file from the vSAN datastore.

Next up, creating a target and LUN:

You create both the Target IQN (with the desired settings and policies) and a LUN. Depending on the LUN Storage Policy you are using you will consume space from the vSAN datastore accordingly:

Now the set-up of the Target and the LUN is done. It’s that simple! After this point you can attach any physical server using iSCSI to the vSAN datastore and use the resources. In my lab though, I’m going to use a virtual machine from another host to emulate a physical machine.

You probably don’t want just any old server being able to attach to the LUN, so you can configure which initiators are allowed to connect. Either use individual IQNs or create a group of IQNs.

Let’s take a look what has happened on the vSAN Datastore:

We can now clearly see that there’s a new VMDK file that we can handle just as any other VMDK file, inflate it, move it or delete it:

Next up: Creating a Windows Server 2016 VM (emulating a physical machine) that will connect and use the new vSAN LUN we created. 

Setting up the VM is pretty straight forward.

Select the desired OS:

Here’s where we need to make changes, first assign at least two CPUs to the VM and secondly tick the box for hardware virtualization (otherwise the role Hyper-V won’t be able to start or be installed).

The summary page shows us what settings we’ve selected for the VM

We run through the installation of the operating system. Configure everything we need, a static IP address, updating windows and so on:

OK, Windows Server 2016 is ready to be used, let’s configure the iSCSI connection:

Yes, we’d like to start the iSCSI service:

Again, in a production environment you’d probably want to have som fancy stuff set up such as MPIO and so on but for this test we’ll just do a quick connect to the iSCSI target:

Oh, but what IP address should I use? The host that is responsible for the I/O to the LUN can be found on the configuration page of the iSCSI Target:

We connect Windows to the I/O Owner host:

We have a connection, all is well:

Open up the disk management tool and a new disk should be available (if not, try a rescan). Bring the disk online, initialize it and format it:

Give the volume a name:

Now the volume is ready to be used:

Hyper-v will now be installed on the Windows Server 2016 machine:

Add the required features and tools

Configure a virtual switch for Hyper-V

Now we can actually leverage the newly created vSAN volume and use that as the target for our Hyper-V virtual machines:

A simple test to confirm that it actually works, creating a virtual machine for Hyper-V running off of the vSAN volume:

Go through the wizard, give the VM a name and so on.

Choose what generation the VM should be created as:

Select a network connection if needed

Set the size of the virtual hard disk.

Select an iso-file to be used when installing the OS in the Hyper-V virtual machine

Done, just hit finish

The VM is created, start it and connect to it to get the console view

Install the operating system and update it, configure it the way you want it

Now we’re running a virtual machine in Hyper-V with it’s disk being handled by VMware vSAN! Pretty cool.

Now we can go back to see what impact, if any, installing the operating system had on consumed space on the vSAN volume:

As you can see, the VMDK file containing the Hyper-V volume has grown that’s just as we expected.

There you have it! It’s very, very easy to set up vSAN to use iSCSI – why not give it a try yourself?