Page 5 of 6

vRealize Log Insight Logo

VMware vRealize Log Insight: Part 1 – Install & Configuration

If, like most of us, you forward vCenter and ESXi host Syslog data to centralised Syslog targets (and if you don’t, then I’d advise you do), then you’ll be pleased to hear that (as long as you have a valid vCenter Server license) you’ll be able to utilise the power of VMware vRealize Log Insight to interrogate this data.

This article will be the first in a two part VMware vRealize Log Insight series, the first of which will detail the simple installation and configuration process, with the second article focusing on advanced configuration and integration with VMware NSX via vRealize Log Insight Content Packs (vRealize Log Insight add-ins enabling further integration with both VMware and 3rd party products).

Continue reading → VMware vRealize Log Insight: Part 1 – Install & Configuration

Computer World Define Tomorrow Huddle

Last Friday I had the privilege of attending the exclusive, and first ever Define Tomorrow Huddle, hosted at the amazing Aerospace Bristol (home of the historic last flight Concorde) by the fantastic team at Computer World Group. The Huddle featured demos from three brilliant sponsors, including Rubrik, Bitdefender and Zerto, all of whom gave a true deep dive of fantastic technologies and solutions.

First up, Mark Shaw (SE Manager Western Europe) and Ed Morgan (SE Western Europe) gave a fantastic overview of Rubrik and their thoughts around the main IT trends for 2018 (that of multi-cloud mobility, how to improve security therein, compliance via policy driven automation, and cost management); a brilliant demo of both the current flagship backup/restore solution, as well as the very exciting and upcoming Polaris SaaS platform, the latter which will see the introduction of a true ‘Unified System of Record’, bringing together all business apps and data, from across multiple clouds, into one common platform. Truly exciting stuff, and something to keep tuned to for future announcements.

What sets Rubrik aside from the more traditional backup and restore products is their SLA-based platform; essentially, allowing administrators to ‘configure and forget’. Automation of said backups is highly adaptive via their REST API driven solution. A great looking solution and one certainly worth exploring.

Up second was Bitdefender‘s Liam Puelo. Now this is a great looking product. Not only do Bitdefender offer layered, next-gen endpoint security for laptops and workstations, mobile devices, physical servers, software defined instances, and virtual desktops (with upcoming support for hypervisor protection), but they also provide centralised BitLocker management and reporting, VMware NSX integration via NSX’s Guest Introspection, and third party patch management for 95 vendors. Truly awesome stuff!

Last (but by no means least) was Steve Blow, Senior Solution Engineer at Zerto, detailing protection, recovery, replication, DR automation and validation for mission-critical workloads. Of course, hardcore VMware fans will be well versed in Site Recovery Manager, however, as architects we need to be aware of all offerings and alternatives, and Zerto has turned some heads in the last few years. Again, their change from the ‘norm’ is quite refreshing, and their protection of VMs via Virtual Protection Groups (VPGs), as well as the compliancy testing (think GDPR, PCI, ISO, SOX, etc.), is quite refreshing.

Zerto

Zerto Scot Blow

Zerto Consistent Protection and Recovery

As always, an amazing event thanks to the guys at Computer World. These events really are exclusive and bring together technical professionals from throughout the UK. If you’re interested in attending a future event, get in touch with the CW team (as soon as you can!) via the Computer World Define Tomorrow Huddle page. Thanks again guys, and I’ll look forward to catching up with you soon!

VMware NSX Presentation

2017, The Final Quarter

It’s been a busy few weeks (when does ‘busy’ stop being ‘busy’ and just become ‘BAU’?), and with the final quarter upon us, I’m working to complete the last of our projects and implementations, and there aren’t many on my list bigger than a major data centre migration.

One item from the list I’m excited about is our in-house training. Compared with other projects, technical designs, or R&D, internal training can sometimes be seen as a secondary concern, however, rather than simply handing over a solution to an operational support team, I’m a huge fan of getting every member of the team around a table to discuss, challenge, and question the solution, the designs, and the technology. Specifically, myself and colleagues within our Technical Operations team (made up of both Infrastructure and Network Architects) will regularly provide internal training and/or overview sessions to both business owners and technical teams, as well as deep dives into the technologies we either have in development or the designs and implementations we are transitioning into live service.

At this time of year, it’s nice to step back and try not to take things for granted. It’s a real privilege to be able to work with such great partners, technologies (VMware NSX, Horizon, Pure Storage), our colleagues, and being part of a team that’s so passionate about the solutions we design and deploy; ultimately enabling the business to support both our users and members. Thanks to such projects and technologies we have been able to enhance security and automation within the SDDC, provide micro segmentation of critical workloads, and deliver anything services and applications wherever the’re located.

VMware NSX Presentation

VMUG USERCON

UK VMUG USERCON 2017

VMUG USERCON

It’s that time of year folks, with the United Kingdom VMUG UserCon 2017 taking place on Thursday 16th November at the National Conference Centre, Birmingham.

This year will see Vice President & Chief Technology Officer, EMEA at VMware, Joe Baguley presenting the opening keynote, followed by an astounding list of technology breakout sessions and speakers, as well as the much coveted VMware Hands On Labs. This truly is an event not to be missed!

Having designed and deployed VMware NSX in 2017, I’m personally looking forward to the NSX sessions, as well as those covering the recent integration of VMware Cloud and AWS, and I look forward to catching up with the old faces, as well as meeting any new ones.

For information on this year’s UK VMUG UserCon, and to follow the agenda as it’s released, simply visit www.vmug.com, or to register click here.

 

VMware Horizon Logo

Customising the VMware Horizon Web Portal – Part 1

Following a recent VMware Horizon 7 upgrade, we had a few issues whereby users were unable to download the VMware Horizon Client via the Web Portal. Specifically, clicking the Install VMware Horizon Client link simply resulted in a 404 error. So, where had the installation media gone?

On closer inspection, it appears VMware Horizon 7 handles this configuration slightly differently than in previous versions, but the issue can be easily remedied.

Customising the VMware Horizon Web Portal
Installing the VMware Horizon Client via the Web Portal
Customising the VMware Horizon Web Portal
Attempts to download the VMware Horizon Client result in a 404 error

1. First of all, we’ll need to download all clients relevant to your environment (Windows, Linux, Mac, iOS, Android, etc.) via www.vmware.com/go/viewclients. These will need to be saved to C:\Program Files\VMware\VMware View\Server\broker\webapps\downloads on each of your Connection servers.Customising the VMware Horizon Web Portal

2. The URL utilised in the Web Portal is defined in the portal-links-html-access.properties configuration file (available at C:\ProgramData\VMware\VDM\portal\). Amend each of the links (or rather the filenames) accordingly to your required platforms:

32-bit Windows installer:
link.win32=https://Server-FQDN/downloads/VMware-Horizon-Client-x86-build#.exe

64-bit Windows installer:
link.win64=https://Server-FQDN/downloads/VMware-Horizon-Client-x86_64-build#.exe

Windows Phone installer:
link.winmobile=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.appx

32-bit Linux installer:
link.linux32=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.x86.bundle

64-bit Linux installer:
link.linux64=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.x64.bundle

Mac OS X installer:
link.mac=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.dmg

iOS installer:
link.ios=https://Server-FQDN/downloads/VMware-Horizon-Client-iPhoneOS-build#.ipa

Android installer:
link.android=https://Server-FQDN/downloads/VMware-Horizon-Client-AndroidOS-build#.apk

Chrome OS installer:
link.chromeos=https://Server-FQDN/downloads/VMware-Horizon-Client-ChromeOS-build#.apk

Following the amendments, your portal-links-html-access.properties file should resemble something like the below. Please note, I mention ‘https://ConnectionServerFQDN/ below. In my instance, and as this utilises multiple this is the load-balanced address. When complete, save and close.

# Configure whether download page is accessible
enable.download=true

# Configure whether web client page is accessible
enable.webclient=true

# Configure the download page's URL address
link.download=https://www.vmware.com/go/viewclients

# Configure the help page's URL address
link.help=https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html

# Links of view clients installers on different platforms
link.win32=https://ConnectionServerFQDN/downloads/VMware-Horizon-Client-4.6.1-6748947.exe
link.win64=https://ConnectionServerFQDN/downloads/VMware-Horizon-Client-4.6.1-6748947.exe
link.linux32=https://ConnectionServerFQDN/downloads/VMware-Horizon-Client-4.6.0-6617224.x86.bundle
link.linux64=https://ConnectionServerFQDN/downloads/VMware-Horizon-Client-4.6.0-6617224.x64.bundle
link.mac=https://ConnectionServerFQDN/downloads/VMware-Horizon-Client-4.6.0-6607320.dmg

3. Lastly, restart the VMware Horizon View Web Component service.Customising the VMware Horizon Web Portal

4. Revisit the Web Portal and all should now be well.Customising the VMware Horizon Web Portal

VMware NSX Guides

VMware NSX Guides

VMware NSX Guides

If you’ve somehow managed to miss these brilliant (and free) VMware NSX guides, then worry not, as here are the links in all their glory. I cannot praise these books enough. Simply brilliant (and free!)

VMware NSX Micro-segmentation Day 1, by Wade Holmes

In Day 1, Wade Holmes details the migration away from a perimeter-orientated approach, to that of a micro-segmented architecture. VMware NSX enables organisations to utilise enhanced security functionality, whilst visualising traffic within the software-defined data centre.

VMware NSX Micro-segmentation Day 1, by Wade HolmesVMware NSX Micro-segmentation Day 1, by Wade Holmes

VMware NSX Micro-segmentation Day 2, by Geoff Wilmington

In Day 2, Geoff Wilmington complements the first guide by delving deeper into micro-segmentation, and details the process of both building and planning an architecture best suited to your applications. Also touched on are the additional tools such as VMware Log Insight, Application Rule Manager, and vRealize Network Insight.

From a personal point of view, the process of planning the migration of applications into NSX was a little daunting during my own implementation, and this guide has been simply invaluable.

VMware NSX Micro-segmentation Day 2, by Geoff WilmingtonVMware NSX Micro-segmentation Day 2, by Geoff Wilmington

Operationalizing VMware NSX, by Kevin Lees

In Operationalizing VMware NSX, Kevin Lees discusses how best to bring VMware NSX into ‘business as usual’. Both monitoring and troubleshooting are covered, and insights into team structures and cultures, team roles and responsibilities, etc., are provided. Unlike the ‘how-to’ style of the first two books, this third guide provides a fantastic insight into how NSX can be brought into service.

Operationalizing VMware NSX, by Kevin LeesOperationalizing VMware NSX, by Kevin Lees

Automating NSX for vSphere with PowerNSX, by Anthony Burke

Lastly, Automating NSX for vSphere with PowerNSX by Anthony Burke will be a firm favourite for all PowerShell fans wanting to get down and dirty with NSX.

Automating NSX for vSphere with PowerNSX, by Anthony BurkeAutomating NSX for vSphere with PowerNSX, by Anthony Burke

vSphere vCenter Server Migration Featured

VMware vSphere 6.5: Migration from Windows vCenter to vCenter Server Appliance

Following on from my previous posts (What’s New in vSphere 6.5 and VMware VCSA 6.5: Installation & Configuration), a major area for discussion (and excitement) is the VMware Migration Assistant which, should you wish, is able to easily migrate you away from the Windows-based vCenter Server to the Linux-based vCenter Server Appliance (VCSA).

There are pros and cons to the vCenter appliance of course, as well as a healthy number of supporters in each camp, but if you fancy shaving some licensing costs (Windows Server and SQL Server), would like to enjoy a faster vSphere experience (since 6.0), or would just like to be able to take a quick backup of vCenter without having to either snapshot both Windows and SQL Servers elements, or by utilising your backup product of choice to take a full image of your environment, you might just want to take VCSA for a spin.

Continue reading → VMware vSphere 6.5: Migration from Windows vCenter to vCenter Server Appliance

VMware vCNS 5.5.4 to NSX 6.2.5 Upgrade

VMware vCNS to NSX Upgrade

I’m a fan of upgrades that ‘just work’, but rarely do they run without a few unforeseens jumping out at you. Reading the VMware Upgrading VMware vCNS 5.5.x to NSX 6.2.x (2144620), I was surprised to see just five upgrade areas. Five? Really?? As this is a business critical system (and one with the potential of being able to turn a long day into an even longer day were things to go awry), I was a little sceptical, however, the vCNS to NSX upgrade process really is that easy.

VMware recommend the below implementation path when upgrading to NSX from vCNS, and if you’re not utilising any advanced features such as the vCNS Edges, you can cut this process down to just the first three steps.

  1. vCNS/NSX Manager
  2. Host Clusters and Virtual switches/wires
  3. vShield App (replaced by NSX Distributed Firewall)
  4. vShield Edge
  5. vShield Endpoint

Stick with me, I know you think I’m lying…

Scenario

So, a requirement exists whereby I need to replace a VMware vCNS 5.5.4 environment with VMware NSX 6.2.5 due to the former going end-of-life in Q4 2016. As I see it, I have two options; a) install NSX and migrate the vCNS workload to the new compute hardware, or b) upgrade vCNS in-place. As there aren’t any spare hosts lying around, the option will see us progressing with the in-place upgrade.

Note, configuration of NSX, as well as integration with AD Security Groups, will be covered in a future post.

Prerequisites

Okay, so there are some prerequisites (when would there not be?) Before initiating the upgrade process, you will need to ensure the below checklist has been completed:

  1. Physical network must be configured with a minimum MTU of 1600 due to the VXLAN overlay.
  2. As the NSX vSwitch is based upon vSphere Distributed Switches (vDS), if you’re currently running standard virtual switches, you’ll need to migrate to vDS first.
  3. Your backups have run successfully
  4. Snapshots of both vCenter and vCNS Manager have been taken
  5. vCNS Manager – e1000 network adapter replaced with a VMXNET3 adapter
  6. vCNS Manager – configured with at least 16GB RAM
  7. vCNS Manager – Tech Support Bundle created
  8. Download the relevant vCNS to NSX Upgrade Bundle

Upgrade vCNS 5.5.4 to NSX 6.2.5

1. First of all, we will need to download the Upgrade Bundle from VMware. Login to your MyVMware account and download.

2. Next, log into vCNS Manager, and browse to Settings & Reports > Updates.

3. Click Upload Upgrade Bundle, and upload the bundle we downloaded in Step 1.

4. Once uploaded, review the version details, and click Install.

5. When requested, click Confirm Install, and monitor the progress as per the below screenshots.

6. Monitor the reboot process via the appliance’s console and, once complete, we can proceed.

7. Following the reboot, browse to the previous vCNS Manager FQDN (https://server_name.domain.local), and you will be presented with the new NSX Manager. Note, the default admin credentials will have changed as part of the upgrade process:

  • Username – admin
  • Password – default

8. Login using the new credentials and ensure the NSX Management Service is running before proceeding. Note, this is a lab environment, hence the 4GB RAM.

9. Browse to Manage > NSX Management Service. In the Lookup Server URL section, configure by clicking Edit.

10. For this lab environment, I am configuring the lookup service to utilise vSphere SSO which, in this instance, integrates with my vCenter Server.

11. When prompted, accept the SSL certificate.

12. Ensure the Status for both Lookup Server URL and vCenter Server shows Connected.

13. After logging in to the vSphere Web Client as administrator@vsphere.local (we’ll configure NSX users and groups via Active Directory in a later post), you’ll now be able to see the new Networking & Security tab.

14. As this procedure details the upgrade process of vCNS to NSX, browsing to Networking & Security > Firewall, you will happily see that all vCNS Firewall rules have been retained.

At this point we will need to apply licensing, upgrade the ESXi host VIBs, and upgrade the vCNS Firewall to the new NSX Distributed Firewall. Until this takes place, any/all firewall amendments will not be seen by the ESXi hosts.

Licensing

1. Using the vSphere Web Client, browse to Administration > Licensing > Licenses, click Add (+).

2. When prompted, enter your license keys, and click Next. 

3. Confirm your license key information, amend the names where required, click Next.

4. Review your license information and click Finish.

5. Browse to Administration > Licenses > Assets > Solutions, and assign the new license by clicking the Assign icon.

6. Select the newly added license, and click OK.

Host Preparation

1. Browse to Networking & Security > Installation > Host Preparation.

2. Select the cluster you wish to upgrade, and click Actions > Upgrade.

3. As part of the upgrade process, note the below tasks as hosts and VMs are reconfigured.

4. Once the Host Preparation is complete, you will be requested to finalise the upgrade from vShield App Firewall to NSX Distributed Firewall. When prompted, click Upgrade.

5. After the migration has finished, browse to Networking & Security > Service Definitions, and remove the now legacy vShield-App-Service.

6. If you have any Edges in play, simply browse to NSX Edges, right-click the Edge in question, and choose Upgrade Version.

This concludes the upgrade of VMware vCloud Networking & Security 5.5.4 to VMware NSX 6.2.5. In a future post, we will cover the configuration of NSX itself, as well as the management of NSX via AD Groups.

VMware Product Walkthroughs

VMware Product Walkthroughs

VMware Product Walkthroughs

A great new range of informational overviews is available via the VMware Product Walkthroughs website. Covering a range of product overviews (from vSphere 6.5vRealize Network Insight, and more), to the specifics of vSphere 6.5 Encrypted vMotionNSX VXLAN Configuration, Virtual SAN Fault Domains. Great on so many levels, enabling us to up-skill and dry-run new products, demonstrate solutions to management and technical teams, etc.

Visit the parent website at https://featurewalkthrough.vmware.com.

Good job VMware.