The twitter wires and blogosphere were ablaze with news out of VMworld US 2012 (August 27 – 30th). This was my first ever VMworld (with hopefully many more to come), and I greatly enjoyed it and I also enjoyed meeting many of you. My direct flight home to Auckland from San Francisco on Air New Zealand was the best flight I’ve ever had, and I got a full 8 hours sleep so I didn’t have any jetlag (Thanks Air New Zealand). But this article is all about my take on the event, what I learned, and vSphere 5.1. I’ve decided to do something slightly different to others, to take it all in, and then write this roundup post VMworld. I’m also going to target this towards the relevance to production and business critical applications environments. I’ll also give you some insight into the sessions I presented, the results and my lessons learned.
vRAM and Cloud Suites: Ding Dong! The Witch is dead. Which old Witch? The vRAM Witch! (The movie this is from is well before my time – Can you guess which movie?) Yes the vRAM Witch is now definitively dead. VMware Announced in the first Keynote on Monday 27th August that vRAM licensing is no more and they will instead be introducing vCloud Suites containing a bundle of products based on per CPU Socket, unlimited cores, unlimited RAM, and unlimited VM entitlement per licensed socket. Although the suite is a collection of products right now over time will become ever more integrated, and the licenses can’t be broken apart into their individual components. This is all very good news for VMware customers. The vRAM announcement was made in the context of vSphere 5.1, but it also applies to vSphere 5. So even if you’re running a vSphere 5 environment vRAM is no longer relevant. Personally I didn’t have a problem with the concept of vRAM as everything is moving towards a consumption based model, but it did cause a lot of extra things to consider during design, especially when every customer I ever engaged with had no impact as a result of vRAM. The free VMware vSphere Hypervisor will still be limited to running on hosts with 32GB physical RAM, but there are no longer any vRAM limitations (think configured memory / overcommitment is unlimited). Everyone with vSphere Enterprise Plus will get entitlement to vCloud Suite Standard, and VMware will be running promotions to get customers to upgrade to the other editions, so watch out for those. Information and comparisons between the vCloud Suites. This is great news for all environments, especially those with Monster VM’s. So now you don’t have to worry about VMware vRAM licensing for your business critical applications you can go back to only worrying about your ISV licensing and the best solution to meet all your other requirements.
vSphere 5.1 and the Mega Monster VM: 64 vCPU, 1TB RAM, 1M IOPs per VM, less network jitter, lower latency, Zero-downtime upgrade for VMware Tools (from 5.1 onwards), Dump Collector works with vDS. These are just some of the highlights of vSphere 5.1. VMware has taken the Monster VM and turned it into a more Mega Monster VM. Best of all the efficiency is still what you come to expect form VMware. So if you can configure 64 vCPU’s you know you can get within a few percentage points of native. IMHO it’s not good saying your architecture supports a huge number of vCPU’s if you can’t utilize them efficiently. VMware does a lot of work to ensure they optimize their architecture to get best efficiency as well as scalability. 1 Million IOPS per VM is great if you have a single VM that you can run off an entire fully FLASH array. But realistically this is just to eliminate any possible thoughts that the hypervisor is the bottleneck when it comes to storage. The test was conducted with 4k IO size and produced very low latency. The IO Size and Latency being important factors as I outlined in Storage Sizing Considerations when Virtualizing Business Critical Applications. See What’s New in VMware vSphere 5.1 – Platform and What’s New in VMware vSphere 5.1 – Performance.
VMware vSphere Distributed Switch: Config Backup/Restore, Rollback and Recovery, Network Healthcheck, BPDU Filter. There is now no reason to run a mixed vSS / vDS environment. With the config backup / restore and automatic rollback and recovery you can be confident that the vSphere Distributed Switch (note name change) will be reliable and available, and easy to recover when things go wrong. The Rollback and Recovery will revert any change that has the consequence of disconnecting the hosts from vCenter or vice versa. Network Healthcheck will periodically check the network for configuration errors such as incorrect VLAN trunking, incorrect MTU, uplink erros etc and alert you to these issues before they become a major problem. This should greatly reduce the effort required in quality assurance when provisioning new hosts and operating hosts as the environment changes. The new vDS also supports Netflow v10 (IPFIX), LACP (IP Hash Only), and also RSPAN/ERSPAN. BPDU Filter is important as it stops the accidental or malicious configuration of a bridged VM from causing a physical host port down event and cascading failure across the cluster. BPDU filter will filter out any BPDU packets. As mentioned above the Network Dump Collector, which collects Purple Screen of Death (PSOD) Core dumps from ESXi hosts now works with vDS. In vSphere 5 this only worked with the standard vSwitch. See What’s New in VMware vSphere 5.1 – Networking.
VMware vSphere Storage Enhancements: All Paths Down (APD), Permanent Device Loss (PDL), Storage IO Control Enhancements, Parallel Storage vMotion, Combined vMotion / Storage vMotion without Shared Disks. The APD and PDL behaviour has been again enhanced in vSphere 5.1, which will see far more predictable behaviour under what should be very rare storage failures. Storage IO Control has been enhanced to be more self tuning. Storage vMotion now supports up to 4 parallel disk copies per VM. See What’s New in VMware vSphere 5.1 – Storage. With the combined vMotion / Storage vMotion and no need to have shared storage we can say goodbye to the concept of a swing datastore or jump datastore. Duncan Epping does a great job of covering this in his article “Say Goodbye to the Transfer LUN aka Swing LUN aka Stepping Stone“.
vCloud Networking and Security: HA, SSL VPN, Load Balancer, 10 NIC’s per Edge, VXLAN Gateway, Endpoint included with vSphere 5.1. All of the new features of vCloud Networking and Security are a major leap forward from the previous version of vShield, which this supersedes. The HA functionality for vShield Edge combined with support for 10 NIC’s, which are user configurable between internal / external means that you can realistically replace a large number of enterprise firewalls very cost effectively. This also means you can very cheaply set up realistic testing and validation environments to test multi-tier applications and their firewall rules before you apply the firewall rules to production physical firewalls. With HA if one host with the primary Edge device fails the firewall state will failover to stand by Edge, this is a real active / passive firewall cluster. Load balancing has been greatly improved to include health checks and can now support HTTPS pass through and any custom TCP ports. SSL VPN is a very convenient way of allowing end user access to the vApps and infrastructure protected by the Edge or for management of the infrastructure. The admin user interface has been greatly enhanced and so has it’s capability, including the logging functionality. Many will be pleased that rules now have a rule ID and this flows through into syslogs. The interface is much more intuitive when it comes to App Firewall also and is simplified removing the rule precedence that existed in the previous version. Flow monitoring is improved and you can now get statistics per rule to determine which rules are being used in addition to the top rules that are used. With Endpoint now included with the Hypervisor I predict that most organizations will start moving to VMware’s Endpoint protection and partner integrated solutions. Service Insertion now allows parters to integrate virtual editions and physical editions of their components with vCloud Networking and Security and also vCloud Director. This will allow many organizations to further differenciate their services and offerings. The automation capabilities that are possible through vCloud Director, vCloud Connector and the REST API’s mean that vCloud Networking and Security is a major step forward with capabilities that really deliver on the software defined datacenter and software defined networking and security. See VMware vCloud Networking and Security Overview.
vCloud Director: SDRS Integration, Storage Profiles / Storage Tiering, Elastic VDC, Linked clones on VMFS across 32 hosts, vApp Snapshots, HA Edge Devices. See What’s New in VMware vCloud Director 5.1. There are so many improvements in vCloud Director 5.1 that I’m only going to cover a few very briefly. Storage DRS and Storage Profile integration is a big one. You will no longer require a separate Provider VDC just to support a different tier of storage. For smaller environments this made the design very tricky as you might in a single 2 or 3 node cluster have to support 2 tiers of storage. This forced you to break with some best practices and use resource pools instead of clusters as the demarcation for the Provider VDC compute resources. This will help greatly improve resource utilisation efficiency in vCloud Director environments. It will be interesting to see the new designs incorporating this and how they are now differentiating their service offerings. With vCloud Director 1.5 you could configure an Elastic VDC across multiple clusters only with the PAYG resource model, but all the vShield Edge devices stayed in the original cluster. With 5.1 you can now do this also with the Allocation Pool resource model and vShield Edge and system resource pools will be split across clusters. With the addition of VXLAN it is now also easier to stretch VDC’s across clusters and this adds improved performance to the isolation networks.
New Certifications: VMware launched a number of new certifications for the Desktop and Cloud tracks. We now see certification paths right up to VCDX-Cloud and VCDX-Desktop. The existing VCP and VCDX have been renamed slightly to VCP-DV and VCDX-DV to designate Datacenter Virtualization. The actual path to VCDX-Cloud and VCDX-Desktop is not quite clear yet and neither is the migration path for existing VCDX qualified individuals. But it is great to see these two new certification paths that will allow everyone to demonstrate their mastery of these technology areas in addition to Datacenter Virtualization. See VMware Certification Roadmap. If you think this looks similar to how Cisco’s certification works you’re right. This is intentional and it just happens the man who designed Cisco’s certification tracks is now in charge of doing that at VMware.
Oracle Virtualization Architecture and Performance Deep Dive: I presented two sessions at VMworld US regarding Oracle Virtualization. The first one APP-BCA1432 – Virtualizing Oracle Across the World — Success Stories from University of Auckland and Indiana University covered the process of how to go about virtualizing Oracle when migrating from traditional Unix platforms and how to engage the DBA’s and keep them happy. My content was based on a large project that I had delivered on behalf of VMware Professional Services. I had Don Sullivan (Oracle Certified Master) from VMware and Dan Young from Indiana University as co-presenters. In my second session APP-BCA1624 Virtualizing Oracle: An Architectural and Performance Deep Dive we really drilled into how to architect Oracle databases for maximum performance and how the hypervisor helped. In this session I had Mark Achtemichuk from VMware (Performance Technical Marketing) and Don Sullivan again. I took the same project as my previous session but this time really drilled down in the technical details of how we delivered 5x performance improvement from the source systems and as such a high ROI. Both would give you a very good understanding of how you really can virtualize Oracle Databases in large organizations successfully and ensure you meet the business requirements and performance requirements.
I received some pretty good ratings (4.39 and 4.3 respectively) for these sessions so a big thank you to all of the people that attended these sessions. You all thought we hit the mark with the content. This is very encouraging and I’ll try and do even better next year if I get a session selected. Based on the feedback a lot of people thought the sessions weren’t long enough. We could have talked for a lot longer and gone a lot deeper. This is the challenge when the sessions are only 60 minutes.
Automating Security and Compliance with DR: I presented this session INF-SEC1282 Automating Security and Compliance with Disaster Recovery Using VCM, vCOps, vShield, VIN and SRM along side Gargi Keeling who is the Product Manager for Security at VMware. This presentation was loosely based on a customer project I had been involved with where we had designed automated security and compliance processes along with DR. In addition to the learning from the actual customer project we enhanced the presentation with a partner solution (Catbird) that allows for automated syncing of vShield polices across multiple datacenters. The presentation covers all of the process and technology steps you need to take and gave an example of a technical architecture that would allow you to implement this, all using out of the box functionality from vShield, vCenter Configuration Manager, vCenter Operations, Virtual Infrastructure Navigator, and vCenter Site Recovery Manager, and supplemented if required with the Catbird solution. This presentation was also the worldwide premier of the SSL Management Solution mentioned below vCert Manager, which was very well received.
I received pretty good rating for this session of 4.15. Not quite as good as my Oracle sessions, so I will try and do better next time. This one was pitched as just a technical session not advanced technical. I also received a lot of feedback that the session wasn’t long enough and it would have been good to have the time to go deeper. What I’ve learned from the presentations I gave is that I probably need to narrow the scope and go a lot deeper. This will allow a lot more to get into a 60 minute presentation. Feel free to comment on this article and let me know your thoughts on this.
SSL Management – vCert Manager: My demo of the vCert Manager prototype was very well received and everyone in the audience of the Automating Security and Compliance with DR session agreed it would greatly simplify the process of managing SSL Certificates in VMware environments. I have published the Demo online and written about it in article vCert Manager – Changing VMware SSL Certs Made Easy.
Top Sessions I Attended:
The below sessions I highly recommend you review. I attended these sessions and thought they were a real highlight. Note I only had very limited time so I wasn’t able to attend many great sessions. I would have liked to have gone to the vCenter Technical Deep Dive and also Jason Nash’s vSphere Distributed Switch Deep Dive also. Jason got the top session of VMworld this year. I think it might be the first year a non-VMware employee has had the top spot.
Virtualizing SQL 2012: APP-BCA1516 Virtualizing SQL 2012 : Doing It Right. Jeff Szastak of VMware and Michael Corey of Ntirety managed to get through 160 slides of a very entertaining and deep technical presentation in just 60 minutes. I think they finished on time to the minute even with questions. I was very flattered that Jeff and Michael borrowed a quote from my Oracle Virtualization Architecture and Performance Deep Dive – “Your database is just an extension of your storage”. It is definitely relevant to SQL just as it is to Oracle or any other database. Optimizing storage performance is critically important and Jeff and Michael covered it well in the context of SQL Server 2012 and the relevant best practices.
SMP FT a.k.a. Multi-vCPU Fault Tolerance: INF-BCO2655 VMware vSphere Fault Tolerance for Multiprocessor Virtual Machines—Technical Preview and Best Practices. Presented by Jim Chow, Shrinand Javadekar, Srinivas Kotamraju, all from VMware. There was no timeframe or commitment given on when or if this might actually make it into the product given given how good it was I really hope it’s sooner rather than later. One of the attendees said this technology would literally save peoples lives as he worked in the 911 system as a systems admin and they could not leverage VMware FT currently due to it’s limitations. I can see many and varied applications for this. I can’t wait to get it into my lab environment when if it gets released.
Stretched Metro Clusters: INF-BCO1159 Architecting and Operating a VMware vSphere Metro Storage Cluster. Duncan Epping and Lee Dilworth did a great job of covering all the key points of architecting and operating a vSphere Metro Cluster environment. This is becoming a very popular solution for many environments these days, but it is not without its challenges.
Storage DRS Datastore Clusters: INF-STO1545 Architecting Storage DRS Datastore Clusters. Frank Denneman and Valentin Hamburger highlighted a number of key considerations when architecting Storage DRS datastore clusters, including some important limitations and considerations around storage IO control and array auto tiering. I wouldn’t operate a Storage DRS Datastore Cluster environment without reviewing this session first.
Oracle RAC Cluster Build Automation: APP-BCA1333 Virtualizing Oracle RAC. Rick Lindberg, Don Sullivan and Bryan Wood of VMware took the audience through the ins and outs of successfully virtualizing Oracle RAC on vSphere. Including the fully automated deployment of a new Oracle RAC Cluster in under 30 minutes (cut down demo recording was 7 minutes). The automation, which is available via a VMware Professional Services engagement allows not only new Oracle RAC Cluster creation but also node addition and node removal from existing clusters that have been created through this process. This will be especially valuable in Test and Development environments. The session also covered what VMware IT is doing in the process of virtualizing all their Oracle RAC systems and the necessary best practices to ensure the process is successful.
It was great to see Oracle actually had an official presence at VMworld this year. They had a booth in the Solutions Exchange, which I stopped by for a chat and they gave me a nice T-shirt, and also had taxis and branded cars taking customers from their hotels to VMworld. This is another great show of support for VMware, which is a great place to run Oracle databases and applications. Oracle also confirmed at VMworld that running their applications and databases in a large cluster and using DRS Must Affinity Rules is a perfectly acceptable solution, provided the rules are not violated and the Oracle software is not installed and/or run on an unlicensed host. They also completely clarified the support situation with VMware vSphere. I think all of this is absolutely great news for Oracle and VMware customers. Now if you don’t believe that this actually happend why not just review the video, which is in an article on the License Consulting blog – VMworld TV – Richard Garsthagen Oracle Licensing and Support in VMware Virtualized Environments.
This was my first ever VMworld and it will definitely not be my last. I had a great time presenting to over 650 people and got great feedback. I met so many great people and was able to hang out with some of the VMware virtualization royalty. The only problem I had with VMworld was that it went way too fast. Mind you it was really hard work getting up at 6am every day and not getting to bed until after midnight most days. I would like to once again thank everyone that attended my sessions and gave feedback through the surveys, it was greatly appreciated. I’m looking forward to seeing some of the great people again in a couple of weeks at VMworld Barcelona, which I will be presenting a session titled APP-BCA1751 – Oracle Virtualization: Caging the Licensing Dragon with a great lineup of co-presenters. I hope to see some of you there. I also hope to meet a lot more new people.
This post first appeared on the Long White Virtual Clouds blog at longwhiteclouds.com, by Michael Webster +. Copyright © 2012 – IT Solutions 2000 Ltd and Michael Webster +. All rights reserved. Not to be reproduced for commercial purposes without written permission.
Do you feel there is a very distinct difference between a VCDX-DV and a VCDX-Cloud?
IMHO there is a very distinct difference between VCDX-DV and VCDX-Cloud. VCDX-Cloud requires a detailed understanding of Cloud architecture and all of the components that go into making that up, including an understanding of the foundation of vSphere. So you need to understand vSphere (and storage, networking, security), vCloud Director, vCloud Networking and Security, Chargeback, vCloud Connector and also the operational, consumption and applications aspects and the different type of clouds. I sort of see VCDX-DV as the foundation VCDX and then you can choose to specialise from there into either Cloud or End User Computing/Desktop.