Yellow Bricks

by Duncan Epping

cloud

How cool and useful is Storage DRS?!

· ·

I was just playing around in my lab and created a whole bunch of VMs when I needed to deploy to large virtual machines. Both of them had 500GB disks. The first one deployed without a hassle, but the second one was impossible to deploy, well not impossible for Storage DRS. Just imagine you had to figure this out yourself! Frank wrote a great article about the logic behind this and there is no reason for me to repeat this, just head over to Frank’s blog if you want to know more..

And the actually migrations being spawned:

Yes, this is the true value of Storage DRS… initial placement recommendations!

Enterprise social collaboration solutions

· ·

As most of you have noticed by now I am a heavy user of Social Media (Twitter, Google +, Facebook). VMware acquired, and is working on, some very interesting products which all have a common theme: Enterprise Collaboration. In this post I want to give an overview of products that I’m using and are available today or which have been announced.

These solutions allows me to communicate with my colleagues in a ways I have never been able to do before. They make my life easier, yes this sounds like I am exaggerating but I am not… I am sure I am not the only one who thinks long email threads are boring. On top of that they are difficult to control and knowledge gets lost (in the trash folder). Social collaboration solutions allow you to easily capture your companies most valuable asset: intellectual property. Start using it!

Socialcast
Socialcast is a true enterprise collaboration tool. It could be viewed as a social media solution for organizations, but that would be understating its value. Socialcast is something I use on a daily basis, if not on an hourly basis. I post work updates aka “worklogs”, ask questions on specific topics and mostly answer questions on any topic to which I feel I can contribute. It allows me to communicate with my team without flooding their mailboxes and it allows them to respond when they have the time and on any device. Cool thing about Socialcast is that everyone within our organization has adopted it, I can submit feedback to a KB article using Socialcast for instance. At the same time you will see communication from VP/CxO level passing by, not just generic posts but actively replying to questions as well! If you’re starting to get tired of those endless email threads floating around and you feel all valuable knowledge is being lost… sign up for Socialcast!

Sliderocket
Many of you have already seen this and probably looked at it. I’ve been so accustomed  to Powerpoint that it was difficult to use Sliderocket at first, not because it is difficult to learn but because I would click that “P” on my desktop without thinking about it. Two weeks ago I decided to remove the “P” from my desktop and to create all presentations I make from now on using Sliderocket. You might ask yourself why as Powerpoint is a great tool… If you find yourself sharing slidedecks on a daily basis or providing feedback to slidedecks I can promise you that Sliderocket opens up a whole new world for you. Sharing a Sliderocket presentation is simple. No need to sent out that 50MB PPT. Just share it using the Sliderocket and get notification when people have opened it / reviewed it. Sliderocket also provides statistics for each of your decks like unique views, views, imports etc. Start using it, I am sure you will enjoy it as much as I do.

Strides
Strides is currently in Beta and is what I would label as a “getting the job done” tool, but others may label it as a social project management tool. Either way, Strides is all about collaborating and working towards a common goal… successful completion of a project. Strides not only will keep track of objectives and associated tasks, it also allows you to attach deliverables and comment on these or even on tasks by it self. It is a simple way for teams who are not all located in the same room to work on a common project and keep track of objectives and deliverables, and keep all project communication contained. Definitely a tool worth exploring! Sign up for the Beta now!

VMware Octopus
Although VMware Octopus isn’t really similar to the above mentioned solutions it allows me to easily share documents with others. VMware Octopus was announced at VMworld and is a dropbox alternative aimed at the enterprise. I recently moved all my documents from dropbox over to VMware Octopus as a test and I must say that I am impressed. The version I am using is running in one of the VMware Datacenters and that is something which other solutions don’t offer today, on-premise, and is what I probably like the most. Especially for the people in charge of security (compliance) this is a big thing. It gives me everything dropbox provided me, but now I know my docs are safely stored within our organization and that by itself is worth a lot. I am using it on my iPad and Macbook right now… no more hassle juggling around files. I can’t wait to see what is coming up next. If you are interested, sign up for the beta.

Stop the endless boring email threads, dull unnecessary conference calls, get on-board the social collaboration train!

“Hacking” Site Recovery Manager (SRM) / a Storage Array Adapter

· ·

** Disclaimer: This is for educational purposes, please don’t implement this in your production environment as it is not supported! **

Last week I received a question and I figured I would dive in to it this week. The question was if it is possible to fail-over LUNs using VMware Site Recovery Manager (SRM) which are not part of the Cluster which SRM “manages”. In other words, can I fail-over a LUN which is attached to a physical Windows Server or to a completely separate VMware Cluster? Before we continue, I did not hack SRM itself, neither did I make any changes to the SRA.

Lets briefly explain what SRM does normally when you go through the process of of creating a DR plan. Now this is slimmed down with only focussing on the relevant stuff for this question:

  • First it will discover the devices using the Storage Replication Adapter (SRA)
  • It then discovers all LUNs using the SRA
  • It show the replicated LUNs containing VMs to the admin
  • Admin can use these in his plan and “protect” the VMs appropriately

I decided to install SRM in a nested environment using the Celerra Uber VSA. I installed the VNX SRA and configured it and went through some of the log files just to find a piece of evidence that my plan is even possible. For Windows 2008 you can find the SRM Log Files in this location by the way:

%ALLUSERSPROFILE%\VMware\VMware vCenter Site Recovery Manager\Logs\

Other locations are documented in this KB. When I created the environment I created multiple LUNs with different sizes to make them easily recognizable. The LUN which is replicated but not exposed to our vCenter/SRM environment is 25GB and the LUN which is exposed is 30GB. This is what the log files showed me when I did a quick find on the size:

(Production) fsid=14 size=30000MB alloc=0MB dense  read-write
path=/srm01/fs14_T1_LUN1_BB005056AE32800000/fs14_T1_LUN1_BB005056AE32800000 (snapped)
(Production) fsid=16 size=25000MB alloc=0MB dense read-write
path=/vc01/fs16_T1_LUN2_BB005056AE32800000/fs16_T1_LUN2_BB005056AE32800000 (snapped)

As you can see both my 25GB and my 30GB LUN is listed. I added a name to it which also allows me to quickly identify it “srm01” and “vc01”, where “vc01” is the one which is not managed by SRM.

So how does SRM get this information? Well it is actually pretty straight forward, SRM calls a script which is part of the SRA. SRM feeds this script XML. This XML code contains the commands / details required. I’ve written about this a long time ago when I was troubleshooting SRM and it is still applicable:

perl command.pl < file.xml

Now the XML file is of course key here… How does that need to be structured and can we use, or should I say abuse, it to do a fail-over of a LUN which is not “managed” by SRM/vCenter. Well I started digging and it turns out to be fairly straight forward. Keep in mind the disclaimer at the top though, this is not what the SRA’s were intended for… this is purely for educational purposes and far from supported. Again the logfiles exposed a lot of details here, but I stripped it down to make it readable. This is the response from the SRA when SRM asked for details on which devices are available:

2012-01-09T12:14:53.583-08:00 [05388 verbose 'SraCommand' opID=7D6C5634-00000023] discoverDevices responded with:
--> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
--> <SourceDevice state="read-write" id="1-1">
--> <Name>fs14_T1_LUN1_BB005056AE32800000</Name>
--> <Identity>
--> <Wwn>60:06:04:8c:ab:b2:88:c0:59:40:72:24:1b:5f:77:72</Wwn>
--> </Identity>
--> <TargetDevice key="fs14_T1_LUN1_BB005056AE32800000_fs10_T1_LUN1_BB005056AE32820000"/>
--> </SourceDevice>
--> <SourceDevice state="read-write" id="1-2">
--> <Name>fs16_T1_LUN2_BB005056AE32800000</Name>
--> <Identity>
--> <Wwn>60:06:04:8c:b8:50:22:96:0c:0b:bf:d8:59:0b:a1:75</Wwn>
--> </Identity>
--> <TargetDevice key="fs16_T1_LUN2_BB005056AE32800000_fs12_T1_LUN3_BB005056AE32820000"/>
--> </SourceDevice>
--> </SourceDevices>

Now if you look at SRM and try to make a Protection Group plan you will quickly discover that only those Datastores which have a VM hosted on there can be added. This is shown in the screenshot below.

As mentioned SRM filters out the “irrelevant LUNs”, to me this LUN wasn’t irrelevant however. So what’s next? I decided to initiated a fail-over and to look at the log files. When the fail-over is initiated the following is issued by SRM, again I stripped some details to make it more readable:

--> <FailoverParameters>
--> <ArrayId>BB005056AE32820000-server_2</ArrayId>
--> <AccessGroups>
--> <AccessGroup id="domain-c7">
--> <Initiator id="iqn.1998-01.com.vmware:localhost-11616041" type="iSCSI"/>
--> <Initiator id="iqn.1998-01.com.vmware:localhost-4a15366e" type="iSCSI"/>
--> <Initiator id="10.21.68.106" type="NFS"/>
--> <Initiator id="10.21.68.105" type="NFS"/>
--> </AccessGroup>
--> </AccessGroups>
--> <TargetDevices>
--> <TargetDevice key="fs14_T1_LUN1_BB005056AE32800000_fs10_T1_LUN1_BB005056AE32820000">
--> <AccessGroups>
--> <AccessGroup id="domain-c7"/>
--> </AccessGroups>
--> </TargetDevice>
--> </TargetDevices>
--> </FailoverParameters>

I guess we should be able to work with this! Using the “discoverdevices” information and combining it with the “Failover” information I should be able to construct my own custom XML file. After creating this XML file I should be able to fail-over any LUN which is part of the selected device… What is my plan? I am planning to change the following:

  • Initiator id
  • TargetDevice key

I wasn’t sure if I needed to change the AccessGroup so I figured I would just test it like this. I called the script as follows:

<path to perl>\bin\perl.exe command.pl < file.xml

I watched a whole bunch of messages pass by and then looked at the Celerra when then fail-over commend was completed and noticed the following:

And of course within the “unmanaged” vCenter you can see it:

Successful fail-over of a LUN which wasn’t part of an SRM Protection Group! Yes, when you replace the Initiator ID even the masking is correctly configured. The only thing left would be either resignaturing the volume or mounting the volume. This of course depends on the OS owning the volume and the desired end result. All in all, a nice little experiment… Once again, don’t try this in your own environment, it is far from supported!

VMware Partner Exchange 2012 – Las Vegas

· ·

A couple of weeks back I received the news that one of the sessions I submitted was accepted for VMware Partner Exchange 2012. PEX is held in Las Vegas from the 13th til the 16th of February. There’s an excellent program again. Make sure to check the full list here. If you haven’t signed up yet, do it quick as the early bird discount has been extended with a couple of weeks, it will save you $ 400,-.

This is the session that I submitted:

Session 1359: Architecting a Cloud Infrastructure
Abstract: This session will discuss the various design considerations when architecting the foundation for every solid cloud environment: vSphere 5.0. We will start with sizing and scaling and end with some operational guidance. Different examples will be used to show the impact design considerations can have on the availability of your services.

Presenters: Duncan Epping and David Hill

Just added:

Session 1262 (Wednesday 2/12 @ 12:30pm): DR of the Cloud and to the Cloud

This session will look at DR and the cloud. Two different DR scenarios will be presented in depth – DR of the cloud and DR to the cloud. DR to the cloud is how end consumers fail over resources to a cloud provider. DR of the cloud is how you fail over cloud resources from one site to another. This session will go in depth on the consumer and provider side of the architecture. We’ll look at how to replicate the data, what applications are primary targets, how to size environments, how to maintain multi-tenancy, and what to avoid when architecting these solutions. This session is a must for anyone considering tier 1 applications for the cloud.

Presenters: Chris Colotti and Duncan Epping

I glanced over the list of sessions at PEX and I definitely highly recommend adding the following to your schedule. I tried to keep the list limited by forcing my self to only list 15, too many great sessions at PEX.

  • Emad Benjamin – (1187) Virtualizing Latency Sensitive Workloads and vFabric GemFire
  • Thomas Kraus – (1206) vCloud Director 1.5 solution integration
  • Cormac Hogan – (1231) vSphere Storage Appliance Deep Dive
  • Rob Randell – (1248) Using vShield and vCenter Configuration Manager to Achieve Better Than Physical Security for Business Critical Applications
  • Mike DiPetrillo – (1260) Multi-Site Cloud Deployment How-To
  • Clive Wenman – (1265) SRM 5.0 & vSphere Replication – Understanding the Use cases and Implementation Options
  • Chris Colotti – (1269) Upgrading the vCloud Solution Stack in an End to End Environment
  • Kamau Wanguhu – (1276) vCloud Director Networking and where VXLAN fits in
  • Carter Shanklin – (1316) Using Elastic Memory for Java to pool application server memory, improve consolidation ratios, and increase app server reliability.
  • Kyle Gleed – (1328) Upgrading to vSphere 5.0
  • Grant Suzuki – (1349) VMware vShield App and Data Security Deep Dive
  • Ken Werneburg – (1363) SRM 5 Demo – New Features in Action and Q&A
  • Tom Stephens – (1374) The Last Mile in HA: Application Availability
  • Justin King – (1388) Up and Running with vSphere vCenter Server Appliance (VCSA)
  • Alex Fontana – (1466) Design, Deploy and Optimize Exchange 2010 on vSphere

See you in Las Vegas!

Using Storage IO Control and Network IO Control together?

· ·

I had a question today from someone who asked if there was any point in enabling SIOC (Storage IO Control) when you have NIOC (Network IO Control) enabled and configured. Lets start with the answer: Yes there is! NIOC controls traffic on a single NIC port level. In other words, when you have 10GbE NIC ports and vMotion, VMs and NFS (for instance) use the same NIC port it will prevent one of the streams from claiming all bandwidth while others need it. It basically is the police officer who controls a group of people getting too loud in a single room.

As not many people realize this lets repeat it… NIOC controls traffic on a NIC port level. Not on a NIC pair, not on a host level and not on a cluster wide level. On a NIC port level!

SIOC does IO control on a Datastore-VM layer. Meaning that when a certain threshold is reached it will determine on a datastore wide level which hosts and essentially which VMs get a specific chunk of the resources. SIOC prevents a single VM from claiming all IO resources for a datastore in a cluster. SIOC is cluster wide on a datastore level! It basically is the police officer who asks your neighbor to tone it down when as he is bothering the rest of the street.

Yes, enabling SIOC and NIOC together makes a lot of sense!