Author Archive

News Flash: Redwood is GA

A Quick Introduction:

I'm not going to talk about VMware vCloud Director (vCD), or how it's a true game changer in the evolving world of Cloud Computing. I urge you to watch the VMworld 2010 opening keynote (a great presentation/demo by Paul Maritz and Steve Herrod) or check out the product page for high level information.

The first time I got my hands on the beta binaries of vCD, it took me one week (i repeat: one week) to get this beast up and running. I didn't have at that time a hardware lab or even any guide to help me with the task. My idea was simple: I had a brand new 8GB memory laptop from VMware and I was so excited to run redwood on this PC (yes it was not a Mac and don't ask me why!). This task took that long not because of the vCD software itself, in fact, and as you will see in this post, installing vCD takes less than 1 min! The task took so long with me because of the other dependencies for that software, to be more specific the Oracle DB (which I had absolutely no experience with it) and the SSL certificates generation!

With all that said, I'm going to be very practical in this post and help you experience this incredible product with the least requirements, whether it's hardware or software.

Motivation!

By the end of this post you should have a virtual private cloud running on your laptop/desktop, and you should see the following screens on your monitor!

__

__

Lab Overview:

As you see in the diagram below, we will utilize here the VMware Workstation 7 for running our cloud. I prefer to use the Workstation "Team" here to organize things better and to have this one whole container should I choose to move, or share the VMs with someone else. As you see also, we have 4 base VMs running Win2k3 AD+DNS, Win2k3 64bit running Oracle 11G and vCenter 4.1 Server, CentOS5.5 64bit running the vCD, and last but not least the vESX 4.1.

The vESX host will run vShield Manager (vSM) as a nested VM. It will also run the nested cloud computers when you finish configuring your vCD.

What You Will Need?

Here are the downloads that you need to start with right away:

• VMware vCloud Director – [200MB]
• vShield Manager – [500MB]
• CentOS 64bit DVD ISO – [3.9GB]
• Oracle 11G 64bit Enterprise – [2.1GB]
• Java Development Kit – [78MB]
• vSphere 4.1 Enterprise-Plus (vCenter & ESXi) – [2.5GB]
• VMware Workstation 7.1 – [568MB]

Before We Start: DNS, DNS, DNS!!

To avoid any issues during your installation and configuration, please make sure that your DNS server is up and running with all the entries for the VMs set in advance. This includes: vCD, vSM and the ESXi host. I can't stress enough on this point!

Step1: Installing the Oracle DB (VIDEO)

First thing first. You need a backend database for all you apps. I chose to install here Oracle 11G on Windows rather than Linux for two reasons:

1 – It's easier and there is no shame from that! Installing Oracle on Windows requires no tweaking, optimization or prerequisites. All what you need is to download the binaries and set it up. If for any reason you think that you really need to run Oracle on Linux, then I won't leave you in the dark. Here is an excellent article detailing step by step how to do it if you are a newbie. (click here)

2 – We need to save memory. I'm assuming all the way through this article that you are having a maximum of 8GB memory on your laptop/desktop. By installing Oracle on Windows you will save a new VM because we will install vCenter on the same VM. It's not just that, we will actually leverage that same Oracle server to host the vCenter DB. Bingo! No need for MS-SQL Express.

Now let's install Oracle in this video and set it up to be ready for our vCloud Director and vCenter Server.

Click here for an iPod/iPad version of this video

The commands used in this video:

• sqlplus system/oracle@localhost/cloud
• create user cloud identified by oracle;
• grant "RESOURCE", "DBA", "CONNECT" to cloud;

Step 2: Configuring vSphere 4.1 in Workstation

It's never been easier. Workstation 7 now supports running vESX 4.x out of the box. All what you need is to download the ESXi 4.1 iso from vmware.com and then create a new VM and choose your GOS to be (VMware ESX) as shown in the screenshot below. After that you will need to install the vCenter Server 4.1 on top of the Oracle DB VM as described above. OF course you will need to setup before that the ODBC connection to the Oracle DB which is quite straight forward.

Step 3: Preparing the SSL Certificates

You will need to download the Java Development Kit (JDK) from the link provided above to your Guest OS (e.g XP or W7), and then generate the self-signed SSL certificates using the following commands:

• "C:\Program Files (x86)\Java\jdk1.6.0_20\bin\keytool" -keystore certificates.ks -storetype JCEKS -storepass hypervizor -genkey -keyalg RSA -alias http
• "C:\Program Files (x86)\Java\jdk1.6.0_20\bin\keytool" -keystore certificates.ks -storetype JCEKS -storepass hypervizor -genkey -keyalg RSA -alias consoleproxy
• "C:\Program Files (x86)\Java\jdk1.6.0_20\bin\keytool" -storetype JCEKS -storepass hypervizor -keystore certificates.ks -list

Please note that the password in the example above is "hypervizor" and the output file is "certificates.ks".

Step 4: Installing vShield Manager (VIDEO)

This is a fairly simple task and needs nothing but deploying the vShield Manager OVF package.

IMPORTANT NOTE: After Installing the vShield Manager there is one more step. You need to apply your vSM licenses to the vCenter Server. Without doing this step you will not be able to leverage the vSM in deploying the new edge devices for the different networking options in vCD.

Step 5: Installing CentOS Linux

I was going to record a video for installing CentOS linux but then i thought that it might be an overkill for this post. It's pretty straight forward with the famous Anaconda GUI, so I expect no issues even for the Linux newbie. A few notes here:

• I'm using here CentOS because it's the closest distribution to RHEL. I knew later on that some of the SE in VMware are using the same for doing the labs and testing. Needless to say that this distribution is not officially supported by vCD and that everything you see in this post is *NOT* meant for production.
• I recommend installing the complete packages to avoid downloading a lot of RPMs and going through the dependencies mess. This could be quite difficult for people new to Linux.
• You have to install the CentOS VM with two network cards. The first will be used for the Web UI access, and the other one will be used for the vCenter proxy access.
• After installing the CentOS i recommend disabling the embedded firewalls because it could affect some of the communications with vCenter Server and the Oracle DB. Don't worry, you will see this option to disable the firewall at your first login.
• You will need to upload some files to the CentOS before and after the vCD installation, this includes: the certificates.ks that we generated in the previous step. The vCD .bin package you downloaded from vmware.com. The sysprep files needed for the vApp customizations later on. Now, you can either do this the traditional way by enabling the FTP daemon (service vsftpd start) and then upload the files with your favorite client, or, on the other hand, you can use the Shared Folder in Workstation as shown in the screenshot below. I'm an old school so I always prefer using FTP and command line, but it's your choice.

Please also note that you will need to install the VMware Tools for the CentOS to use the Shared Folder option. It's always a good practice to install VMware Tools on all your VMs.

Step6: Installing VMware vCloud Director (VIDEO)

Are you ready to unleash the beast? Let's do it:

Click here for an iPod/iPad version of this video

You will notice in the video that I had an issue with the path to the certificate. I'm not quite sure why this was happening, but I realized that if you put the file (certificates.ks in my case) to the vCD home folder (/opt/vmware/vcloud-director/) and then just type the file name with no leading path, the installer will accept it.

UPDATE: (Thanks to Kyle Smith, Sr.MTS @ VMware, for the following explanation)
For the certificates and any response file you need to make sure that they are in a directory that the vcloud user (created by the VCD installer) can read and the files themselves need to be readable by the vcloud user.

This means the files need to be outside of any user's home directory (since they typically have a mode of 700).

Here is the command for "tailing" the log file for the application startup:

tail -f /opt/vmware/cloud-director/logs/vcloud-container-info.log | grep "Application Initialization"

What's next?

Now you need to start exploring this incredible product and see if you can get your first vApp up and running in the cloud. You won't be left alone. The front-page wizard will take you through the process step by step, starting from allocating your vCenter resources, all the way to creating your first service catalog. You can use the vCD evaluator's guide as well to walk you through the process, but remember that this whole "cloud in a box" thing is limited by its nature and meant only for having a working vCD installation on the go with you!

I have a couple of ideas and I might be coming back soon with something like a demo-script to show you (on a deferent physical lab) a real-life example how you can leverage vCD in your private cloud journey.

Until then, Happy Clouding!

Yes, finally! It's been like what? Five months?! Well, the delay in publishing this part was mainly because of the delay in certifying the new IBM HX5 blades on vSphere. It's a quite long process that you can read about it here, but the good news is that the hardware is finally on VMware's HCL, and that I can comfortably blog about the subject now without causing any confusions to the readers.

Before we dig deep into the new designs, I'd like to mention some minor changes in the diagram.

Updated Diagram

I've included the old configurations along with the new ones in one updated PDF. The main difference now is that I'm using normal pages for showing each configuration. In the old version I used the layers to show and hide the configurations as you select them. I thought now that using separate pages for different diagrams would ease the process of browsing through the configurations, and to tell you the truth, to reduce also the high complexity of designing the diagram. It's a crazy process to keep track of all these layers in Visio especially when we are talking about more than 7,000 shapes floating on the same design area!

Now let's get down to business.

Configuration (5) – HX5:

This is the Big Blue's latest two-node blade technology. I emphasized on the "two-node" here because it's the only configuration certified to run with vSphere as of the time of writing these lines. Please note that you can use up to 4 nodes with the HX5 but this won't be supported by VMware. When we talk about two nodes here we mean the following:

• Having the base blade (CPU + Mem + HDD) (+Plus+) the MAX5 expansion try to scale up more memory for the blade.
• Having the base blade (again CPU + Mem + HDD) (+Plus+) another similar expansion board to scale all the blade components, that's 4 x CPUs + 2 x Memory modules + 2 x IO expansion cards.

As you will see in the diagram, I chose the second option to talk about.

Now, what do we have here? it's simply the redundancy at its best! We can place our networks here freely with full redundancy as you see in the layout of the vNICs. For example, if we have a failure in the CFFh expansion card on any of the two nodes, we will still be able to flow the traffic without any issues on the other CFFh card. Same thing holds true for the on-board ports, if for any reason one of these posts fail, the traffic will flow on the other node's board.

Apart from that, I'm introducing here the DMZ networks for the first time. Most of the enterprises prefer to separate the DMZ networks/servers on different chassis for security reasons. While this is a valid decision, we can have with this blade configuration a workaround for organizations that are less paranoid about the DMZ security, yet with good isolation. Let's see how this is done in details:

• For the networks, we have two dedicated blade switches that will be uplinking *only* to the corp DMZ switches (in this case Bay 9 & 10). This means we will have no traffic following from either the internal networks or the VMkernel networks. Same thing for the blade ports, you will always have the NICs 4, 5, 10 and 11 dedicated for the DMZ networks and running in full performance and redundancy.
• For the SAN, we can also ensure that we have a dedicated HBAs as well as an isolation. The uplinks to the SAN switches will be segmented across the two bays 3 and 4, and connected directly/physically to the appropriate SAN fabrics.

Configuration (6) – Virtual Fabric:

Before we start with this configuration, I would like to state that I am not quite sure whether these Emulex Virtual Fabric Adapters (VFA) are supported by VMware or not. While I can't see them clearly on the HCL with the name VFA, I can see some Emulex documents saying that they are. Of course the reference here should be always the VMware HCL itlself, not anything else, but I will double check on that and update this post later. With that said, please refer to this configuration carefully and make sure to confirm this point before engaging with any vSphere design around it.

Now let's dig deep into this cool technology. IBM simply has this Virtual Fabric concept of slicing your CFFh expansion card into 8 different ports. This doesn't only mean that you have the flexibility to adjust the speed, but also the protocol. For example, you can choose to use either Ethernet, Fibrechannel, FCoE or even iSCSI with hardware initiators.

In our case here I used only Ethernet as the protocol for these ports, and then sliced them into 8 different vNICs with various link speeds. Perhaps a screenshot from the diagram would make things more clear.

As you see, we set the bandwidth for the SC to 1GB since we normally don't require high BW for management, while we set 3GB and 5GB link speed for the Fault Tolerance and VM Networks respectively. By default these ports are set to 2.5GB ( 4 x 2.5GB = 10GbE into two ports), but you have the full flexibility to change that as you see.

Configuration (7) – CNA:

A very simple design to wrap up this series with. It's the traditional CNA (oh yeah, it's a common and traditional technology now!). As you see in the diagram, we have here a CFFh expansion card, and it has got four ports:

• Ethernet ports: that's 2 x 10GbE Ethernet ports for the networking traffic. We will treat them here normally as we treat any 10GbE port. We will slice them via the vNetwork traffic shaping in vSphere to achieve the bandwidth that we want.
• FibreChannel ports: that's 2 x HBA ports for SAN traffic. Instead of going into the traditional Bay 3 & 4 as we've see across the whole series and configurations, this time the traffic is multiplexed and pushed to the Nexus 4000 blade switches.

Did I just say Nexus 4000?! yep, that's a specially developed Nexus switches by Cisco to be used only/currently with the IBM BladeCenter H/HT. But here is the catch, you will still need to have the Nexus 5000 switches to segregate the FCoE traffic coming from the Nexus 4000 and then forward the network and FC traffic to the existing LAN and SAN respectively. Of course we should have redundancy here at all layers. In the BCH we have two Nexus 4000 sitting in bays 7 and 9, while we have two Nexus 5000 switches in the back end.

Now what?

Well, as much as I worked really hard in this series to come up with different kind of configurations and design scenarios, as much as I enjoyed it! Now I need to move on to another vendor, but without all these mad options. I initially was planning to jump straight to the HP realm, however, i found myself involved in two different Cisco UCS vSphere designs lately, so it would make much sense to me if I blogged about this platform now. Don't take my word for it though, I might surprise with a Dell or Fujitsu series, who knows?!

We are expanding in our Middle east and North Africa region (MENA) and hiring for multiple positions. At the time of writing these lines there are five openings:

• Senior Consultant – Professional Services – Saudi Arabia
• Enterprise Account Manager – Sales – Saudi Arabia
• Engagement Manager – Professional Services – Dubai
• Partner Business Manager – Sales – Dubai
• Senior Systems Engineer – Sales – Dubai

You can click on each link to get more information, and you can also apply from there. If you are looking for technical positions and you think you are good enough, don't hesitate to contact me directly and I'd be happy to forward your CV along. Please note that I have no influence in the recruitment process, but I can put a good word for you if I felt that you are qualified and passionate about the position.

My email: hany [AT] vmware [DOT] com
LinkedIn: linkedin.com/in/hanymichael

My second newsletter in a row. Can't believe it's been 2 weeks already. Time seems to fly these days!

The VM Crowd in the wild

I was really happy with the feedback I received regarding this crazy idea. I didn't expect that much of attention especially that the first episode is simply a bunch of inside jokes. You literally have to be on twitter day and night to get these jokes and know what on earth I'm talking about. As just an example, the "underwear saga" (as Massimo like to call it) actually happened to me and the latter in London. We were literally stranded in the UK due to this ash cloud, and we did go out together to shop for underwear. I can't believe I've mentioned that twice on my blog! Okay, before I jump to the next point I'd like to thank you for the positive feedback. Stay tuned for more.

Two cool new courses from VMware Education

VMware Education Services lunched two new cool courses:
1 – Transitioning to ESXi: I really like this course, and from what i've seen in the course material it has a quite valuable content. I highly recommend this to any one starting fresh on ESXi or planning for the transition. Even if you are quite happy with your classic ESX and its service console, this course will make you change your mind.

2 – vSphere 4.1: Install, Configure and Manage: The course title is self explanatory. We all know about the cool new features of vSphere 4.1 and it's all in there.

"Virtual Roads. Actual Clouds."

Yes, VMworld 2010 is approaching and this is the official motto of the event. The sessions and labs catalog are now available online also for your to start exploring the great subjects covered in this event. Some vendors started to talk about their activity in the event, don't miss the EMC and the IBM ones.

The first end-to-end FCoE solution certified by VMware

This is the industry's first end-to-end solution by Cisco (datacenter switches) and NetApp (storage) that is certified and supported by VMware. Pretty exciting stuff to the all the FCoE enthusiasts out there. Vaughn Stewart has nice blog post talking about this with a big screenshots from the VMware HCL.

Free Book from NetApp

Still with NetApp and Vaughn, they are giving away free copies from the "vSphere on NetApp Best Practices". Last word from twitter: the books are flying and only 150 copies are left. You have to have a shipping address in the US to get your copy. Thanks to Aramex.com, i will get my copy

TrainSignal's vSphere Pro Series Volume 2!

Landed in Doha yesterday after a week of travel to see a very nice surprise in my mail. It's the TrainSignal second volume of the vSphere Pro Series and It's featuring some very cool products like SRM, Veeam (Monitor, Reporter and Backup) as well as VDR! I can't wait to start watching these videos especially the SRM ones!

Cisco UCS Visio Stencils Hidden Secret

I'm working these days on a vSphere design on UCS and of course I had to use Visio in the architecture. I was surprised to see a very few stencils in the official Visio pack from Cisco, and that all of these shapes were just showing the front view of the devices. After "tweeting" out to the community and knowing that it's not just me who's frustrated about that, I received the simple answer from Cisco Dubai! you need to right click on the shapes (after placing them in your work area and then you will get the option whether to use the font view or rear one! Doh!

New VMware Releases:

A lot of new releases from VMware in the past few weeks among which: vCenter SRM 4.1, vCenter Orchestrator 4.1, vCenter Server Heartbeat 6.3

It's an idea that I had for a quite long time, and yet I managed to get it out in the busiest time of my life. Love it or hate it – it's just for fun, guys!