This week I’m brining you this article from my hotel in Shanghai, I’m in China to present Unix to VMware Migration workshops. Last week I made the treck to Las Vegas like around another 12,000 people for the annual HP Discover US Event (June 11th – 13th). This was my first time to HP Discover and I was very grateful to HP and Ivy Worldwide for making this opportunity possible. HP Discover is not like any other IT event that I’ve been to and HP certainly know how to put on a magnificent show. Almost all of the Sands Expo Center at the Venetian was taken up by the exhibition stands of different HP divisions with the remainder for Sponsors. In terms of number of attendees it’s around half the size of VMworld, but lacks nothing in terms of spectacle. The big themes of the event were aimed around creating a better enterprise and HP’s slogan for the event was “Build a Better Enterprise Together”. So the big themes in the order of my interest were Big Data, Software Defined Networking, Software Defined Storage, Converged Infrastructure and Moonshot. I will briefly cover the highlights in this article.
One of the most important documents for any vSphere administrator or architect has been released. The vSphere 5.1 Hardening Guide is now available. The guide was announced on the vSphere Blog by Mike Foley – vSphere 5.1 Hardening Guide – Official Release. I’d like to thank Mike and the rest of the VMware Security Team that was involved in putting this invaluable resource together. It has been reformatted from the previous version to make it easier to use. I think you’ll all like the new improvements.
I’ve been getting feedback and questions from a number of different places of people wanting to disable Single Sign-on in vSphere 5.1 for various reasons (with vCenter). This is mainly due to difficulties around implementation of SSO in combination with other VMware solutions, such as VMware View, vCloud Director. My response to the questions is very simple. DON’T DO IT! At least not with vCenter itself. vSphere 5.1 and vCenter was not designed to run without SSO and this is definitely not supported and will likely result in a broken environment. This brief article will give you some tips on how you can be successful with SSO.
I was upgrading my VMware View environment recently from 5.0 to 5.1 and wrote about some initial problems in my article Trouble Recomposing View 5.x Desktops After Upgrade to vSphere 5.0 U2. After I had resolved those initial problems I needed to load my internal Root CA certificate onto all my company’s iPhone’s and iPad’s. This is because one of the big changes or improvements in View 5.1 is with security and you now need trusted certificates in order to connect to any of the desktops. Fortunately there is no need to purchase expensive public certificates if you have an internal corporate PKI / CA’s already configured, unless you want to. This article will show you how you can easily get your iPhones or iPad’s to trust your corporate CA certificates for use with VMware View.
Microsoft recently issued a security advisory and a patch that blocks any certificates with a key length less than 1024 bits. This has impacted a wide variety of systems including VMware Site Recovery Manager 5.0 and below. This article will provide you a way to quickly regenerate the self-signed SRM certificates.
Recently I wrote about Updating CA SSL Certificates in vSphere 5.1 which applied to the Windows installable version of the vCenter 5.1 and it’s supporting components including SSO. VMware has now also released the instructions to update the CA SSL certificates in the vSphere 5.1 vCenter Virtual Appliance.
Over the past few weeks I have been working behind the scenes with a team of people at VMware spread around the globe on the process to successfully change out the self-signed certificates in vSphere 5.1. With the introduction of Single Sign-On in vSphere 5.1 the process is somewhat more complicated than vSphere 5 (ok quite a lot more complicated). But now I’m able to bring you some of the solutions you’ve all been waiting for.
The twitter wires and blogosphere were ablaze with news out of VMworld US 2012 (August 27 – 30th). This was my first ever VMworld (with hopefully many more to come), and I greatly enjoyed it and I also enjoyed meeting many of you. My direct flight home to Auckland from San Francisco on Air New Zealand was the best flight I’ve ever had, and I got a full 8 hours sleep so I didn’t have any jetlag (Thanks Air New Zealand). But this article is all about my take on the event, what I learned, and vSphere 5.1. I’ve decided to do something slightly different to others, to take it all in, and then write this roundup post VMworld. I’m also going to target this towards the relevance to production and business critical applications environments. I’ll also give you some insight into the sessions I presented, the results and my lessons learned. Read more…