Author: <span>Chris</span>

Speakers: Sanjay Aiyagari (VMware), Simon Hamilton-Wilkes (F5)

Journey of IT Transformation: Accelerate and Amplify
– moving from server consolidation to being able to monitor and manage your applications
– and from there to hosting multiple instances of your application in the cloud provisioned independently for varied users

The Journey: Stage 1 – Infrastructure Focus
+ shared resource pools
+ elastic capacity
– no business continuity

The Journey: Stage 2 – Application Focus
+ zero-touch infrastructure
+ increased control and service assurance
– possible downtime
– idle infrastructures
– infrastructure dependencies

The Journey: Stage 3 – Business Focus
+ service definition
+ self-service
+ chargeback
– isolation between instances
– application configuration updates reflect infrastructure

Networking Technology Virtualization

Technology Virtualization

In what I believe to be a VERY wise revision, the IETF (Internet Engineering Task Force) has issued RFC 6177 to change the recommendation of indiscriminate issuing of /48 IPv6…

Networking Technology

It’s been a while since I’ve been truly excited about a service pack, but I definitely am when it comes to Service Pack 1 for Windows Server 2008 R2! For literally years now, I’ve watched SNMP (mis)behave erratically on our Windows servers. Originally, we used ipMonitor (before SolarWinds purchased it) and then last year, we moved up to SolarWinds Orion NPM. Love the graphs. Love the traffic stats. ‘Get really frustrated when servers just flake out and stop answering SNMP’s calls…

So, quite ironically, I finally open a case with SolarWinds…last week (a.k.a. five days before we deployed SP1 network-wide). Nothing pops out to us, so we start capturing traffic with Wireshark and Microsoft Network Monitor at various points. Then on Sunday, we push SP1, which unbeknownst to us includes the hotfix described in KB980259.

Yesterday, merely 12 hours after installing it, several servers start flagging in NPM as not responding to SNMP, and I decide to dig in the event logs, hoping to see something I might have missed before. The event below was there twice and perfectly coincided with the cessation of SNMP service. In other places it showed up once or not at all, but the failing nodes had it twice…

Microsoft Technology

If you regularly SSH into your ESX hosts, this may be old news to you. But if you’re like me and mostly manage your ESX hosts via vSphere Client, you might have a surprise waiting for you when you upgrade to ESX & ESXi 4.1. With the advent of ESX Active Directory integration, VMware kindly decided to impose some new changes and requirements for local user accounts. What does this mean to you?

For me, it meant that when I tried to SSH into my ESX host, I ran into “Access is denied.” And with only one non-root user account on the system, this meant no remote access (on the host itself). Root is restricted to interactive access, so that wasn’t any help. Thankfully the Dell Remote Access Card (DRAC) put me on the console, so to speak, and let me poke around as root.

The solution, though, came from a Google search, a somewhat unhelpful VMware KB article (1024235), and a little connecting of the dots. AD integration places a new dependency on the local “Administrators” role. If local user accounts aren’t in that role, they can’t get in.

Oddly enough, vSphere Client has to be targeted directly at the ESX host (not vCenter) to edit the role and local users. Looking while connected through vCenter won’t get you anywhere. So, here we go:

Security Technology Virtualization

Addressing. Routing. DHCP. EIGRP. HSRP. Mobility. After consuming Cisco’s 706-page IOS IPv6 Configuration Guide, these are just a few of the areas we’re processing as the deployment plan starts coming…

Networking Technology

IPv6, for those unfamiliar, is the Internet Protocol version 6, the next evolution of network addressing and the internet. Just like Bill Gates’ famous statement about 640KB being all that we’d ever need in computing, so the designers of IPv4 (Internet Protocol version 4) thought of the 4.3 billion addresses in the 32 bits of IPv4. Surely that’s enough! Nearly one per every person on earth?!? But how many of us have a smart phone (iPhone, Android, BlackBerry, etc), a home computer, an Xbox or PS3…not to mention any internet-connected devices at your place of employment?

Those 4.3B quickly disappear, especially when a lot of blocks were eliminated from distribution from day 1 (10.x.x.x, 172.16.x.x-172.31.x.x, 192.168.x.x, and all the multicast and experimental chunks). Add to that the Class A’s (16 million address blocks) wastefully given to large corporations, and you can see where the addresses went. Two weeks ago, the last Class A and thus, the last allotment from the centralized addressing authority, IANA, was dispensed. In technical terms, IPv4 is officially spent. Sure, ISPs still have supplies, but those are now a non-replenishable¬† resource.

Enter IPv6. 128 bits of addressing glory. The IETF (Internet Engineering Task Force) decided that once was enough with regards to running out of space (at least until we expand to other worlds). How many addresses is that, you ask?

Networking Technology

Are you familiar with VCE? If not, add it to your IT acronym dictionary, but it’ll be something you hear more about in the future if virtualization, shared storage, converged networks, and/or server infrastructure are in your purview. VCE stands for “Virtual Computing Environment” and is a consortium of Cisco, EMC, VMware, and Intel (funny…if you take three of those initials, you get V-C-E). The goal and objective, which they seem to be realizing, is to deliver a “datacenter in a box” (or multiple boxes, if your environment is large), and in a lot of ways, I think they have something going…

The highlights for quick consumption:

  • a VCE Vblock is an encapsulated, manufactured product (SAN, servers, network fully assembled at the VCE factory)
  • a Vblock solution is designed to be sized to your environment based on profiling of 200,000+ virtual environments
  • one of the top VCE marketed advantages is a single support contact and services center for all components (no more finger pointing)
  • because a Vblock follows “recipes” for performance needs and profiles, upgrades also come/require fixed increments
  • Cisco UCS blade increments are in “packs” of four (4) blades; EMC disks come in five (5) RAID group “packs”
  • Vblock-0 is good for 300-800 VMs; Vblock-1 is for 800-3000 VMs; Vblock-2 supports 3000-6000 VMs
  • when crossing the VM threshold for a Vblock size, Vblocks can be aggregated

Those are the general facts. So what does all that mean for interested organizations? Is it a good fit for you? Here are some takeaways I drew from the points above as well as the rest of the briefing by our VCE, EMC, and Cisco reps…

Storage Technology Virtualization

We recently performed some upgrade our Cisco MDS 9509 and thought we’d share the steps with you. You’re welcome to hop on as well and grab the user guide, but if you’re running a 9500 with redundant Sup-2’s, this should be all you need to hop between SAN-OS 3.x versions and all the way up to NX-OS 5.x…

Networking Technology

If you’re running a VMware vSphere cluster on a two-tier (or greater) Cisco network, you might be in a situation like I was. You see, we built in redundancy when we planned our core and access switches, but the design had one significant flaw (see the simplified diagram to the right). Pretend all of those lines are redundant paths. Looks good so far, right? If CoreA goes down, ESX(i) can still send traffic up through AccessB to CoreB. The reverse applies if -B is down, and likewise for either of the Access- switches.

The catch comes for VMs on ESX(i) when one of the Core- switches goes down. ESX(i) balances VMs across the ports in the Virtual Machine port group(s). If a port goes down, it will smartly move the VM(s) to another port that is up. If an “upstream” hop like CoreB goes down, though, ESX(i) doesn’t know about that event, so it keeps its VMs in place, oblivious to the fact that the VMs on AccessB ports are as good as dead to the world. [Enter Link-State Tracking]

Networking Technology Virtualization