ClearSky Data Are Here To Help

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

TFD-Extra-VMworld-300

clearsky_orange_blue

ClearSky Data presented recently at Tech Field Day Extra VMworld US 2016. You can see video from the presentation here. My rough notes on the session are here.

 

Overview

Lazarus Vekiarides, CTO and Co-founder, took us through an overview. “ClearSky’s Global Storage Network delivers enterprise storage, spanning the entire data lifecycle, as a fully-managed service”. Sounds good. I like when people talk about lifecycles, and fully managed. These things are hard to do though.

ClearSky are aiming to provide “the performance and availability of on-premises storage with the economics and scale of the cloud”. They do this with:

  • economics
  • scalability
  • reliability
  • security
  • performance

According to ClearSky, we’ve previously used a “Fragmented Hybrid” model when it comes to cloud storage.

tfdx-clearskydata-fragmented_hybrid

I must have been watching too much Better Off Ted with my eldest daughter, but when I heard of the Global Storage Network, it sounded a lot like something from a Veridian Dynamics advertisement. It’s not though, it’s cooler than that. With the Global Storage Network, ClearSky brings it all together.

tfdx-clearskydata_globalstoragenetwork

You can read a whitepaper from ClearSky here, and there’s a data sheet here.

 

These Pictures are Compelling, But What Is It?

ClearSky say they are changing how enterprises access data

  • eliminate storage silos
  • pay only for what you use – up to 100% useable storage only
  • guaranteed 100% uptime
  • multi-site data access without replication
  • maximum of 30minute response time for Sev 1 and 2 tickets

tfdx-clearsky_data_at_a_glance

This is all delivered via consumption-based model. The idea behind this is that you get charged for only the capacity you use, but your applications have all the performance they need. Like all good consumption models, if you delete data, you give back the space ClearSky and are no longer billed for any of it.

“Customers simply plug into the ClearSky service to get the storage they need, when and where they need it, with the security, scalability and resilience that a business depends on.”

 

I’m Still Not Sure

That’s because I’m bad at explaining things. There’s an edge appliance (2RU appliance / 24 slots – about 6TB of flash cache) that is used. Cache is available (on resilient storage), but not copied. ClearSky POPs then offer distributed and optimised storage, with multiple copies to the cloud. Maybe a picture will explain it a bit better.

tfdx-clearskydata-architecture

With this architecture, ClearSky manages the entire data lifecycle. Active data lives either next to your applications, or in the metro area near your applications. Any cold data, backup and DR stuff is stored as multiple copies of data geographically dispersed in the network.

There’s support for iSCSI or FC today and write back cache is processed every 10 minutes and pushed to the metro cache or cloud.

 

What Do I Use It For?

Data in the ClearSky network can be accessed from multiple locations without replication, offering mobility and availability.

Multi-site availability

  • Load balancing and disaster recovery

Workload mobility

  • In-metro and cross-metro
  • Application data can be accessed from other metros

And you can use it in all the ways you think you would, including DR, DC migration, and load balancing.

 

Make it Splunky

You probably know that companies use Splunk to analyse machine data. I’ve used it at home to munge squid logs when trying to track my daughter’s internet use. Splunk captures, indexes and correlates machine data in a searchable repository from which it can generate graphs, reports, alerts, and visualisations. Spunk demands high performance and agile storage, and ClearSky have some experience with this. There’s also a Splunk Reference Architecture. ClearSky say they’re a good fit for Splunk Enterprise. The indexers simply write to the ClearSky Edge Cache & ClearSky manages index migration through cache and storage layers – greatly simplifying the solution. They also offer “[h]ighly consistent ingest performance, cloud capacity, and integrated backup using ClearSky snapshot technology”.

 

Conclusion

This was the first time I’d encountered ClearSky Data, and I liked the sound of a lot of what I heard. They make some big claims on performance, but the architecture seems to support these, at least on the face of it. I’m a fan of people who are into fully-managed data lifecycles. I hope to have the opportunity to dig further into this technology at some stage to see if they’re the real deal. People use caching solutions because they have the ability to greatly improve the perceived (and actual) performance of infrastructure. And managed services are certainly popular with enterprises looking at alternatives to their current, asset-heavy, models of storage consumption. If ClearSky can do everything it says it can, they are worth looking into further.

Scality’s RING has a lot going on

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

TFD-Extra-VMworld-300

 

scality

Here are my notes from Scality’s presentation at Tech Field Day Extra VMworld US 2016 Edition. You can get a rough copy here. You can also view videos of the Scality presentation here.

 

The Ring?

Like the movie? No. The RING. The Scality RING is object-based software-defined storage for the cloud. It runs on standard x86 servers to create a giant pool of storage.

scality_architecture_ring

[image via Scality website]

It can also protect the data and provides 100% reliable, high performance access for any capacity-driven applications. While it can run on any x86 hardware, it was pointed out that “[s]ome servers are better than others”.

Customers are telling Scality that:

  • The “cloudification” of enterprise IT is accelerating
  • Enterprise wants “multiple clouds”
  • Object is the best for large capacity storage, and S3 is the standard API
  • Files are integral part of enterprise IT
  • DevOps influences infrastructure choices

Scality have 116 customers so far, spread across the globe (50% North America, 35% EMEA, 15% APAC). Scality are big on hardware alliances (being a software play, this makes sense), and have agreements in place with HPE, Dell, and Cisco.

 

(The) RING 6.0 – A better sequel than we’d hoped for

Paul Speciale,  VP of Products at Scality,  took us through some of the features of RING 6.0.

tfdx-scality-ring6-0

The focus for Scality with 6.0 has been on

  • “Enterprization” – I’m not sure it’s a real word, but I do like the connotation
  • S3 Connector – Enterprise Deployments
  • Easy deployment model
  • Secure multi-tenancy and data at rest
  • Directory services federation
  • Utilisation reporting and management

 

Easy Deployment Model

  • All services deployed uniformly as Docker containers
  • Full scale-out: Any S3 request can be handled by any S3 Connector (“any-to-any”), standard IP load balancing and failover

Vault Service

  • Implements IAM Multi-tenancy with Accounts, Users, Groups, Roles, Access Key/Secret Key pairs
  • IAM REST compatible managed via AWS CLI
  • Can be federated with Active Directory over ADFS/sAML 2.0

Metadata Service

  • S3 optimised service: fast, available, scale-out
  • Integral in RING layer – leveraged for Bucket & Vault metadata

 

Comprehensive IAM multi-tenancy and encryption

AWS Identity and Access Management (IAM)

  • S3 Connector implements all IAM multi-tenancy concepts: Accounts, Keys, Users, Groups, Roles
  • IAM policies for highly granular access control
  • AWS compatible: Management of IAM entities (Users, Groups) via standard AWS CLI and JSON policy language
  • Secure authentication via AWS Signature v4 and v2 HMAC schemes

Bucket-level Encryption

  • Pre-bucket encryption-at-rest of object data (specified through header on Bucket PUT)
  • Encryption via AES-256bit OpenSSL libraries
  • Integrates with customer-provided Key Management Service (KMS) via KMIP 1.1 API
  • KMS is invoked on PUT and GET operations

tfdx-scality-comprehensiveencryption

 

Federated Access SSO to S3

  • Requires a SAML 2.0 Compatible ldP
  • ldP provides mapping from Enterprise Direcoty Server (AD)
  • Vault enables SSO via SAML assertion

 

S3 Utilization Reporting and Management

Stats and management framework

  • Real-time and historical statistics and metrics collected in scalable repository

Published RESTful APIs for monitoring and management

  • S3 Connector publishes key utilisation metrics (capacity, bandwidth and operations) at four levels of granularity
  • REST APIs for custom tool integrations

Management tools

  • User and Group management via standard AWS commands (CLI) and REST API
  • Integrated tools for graphing, metrics, log visualisation and search: Elastic Search and Kibana, Grafana, Redis.

 

S3 Metadata – the scale-out engine of the connector

Metadata Service

  • Purpose-built for availability, resiliency, scale-out and fast performance for requirements of S3 operations
  • Key/value store replicated on SSDs (one per server)
  • Additional copy maintained as diff backup in RING for DR

The hard part: Distributed Consensus Algorithm

  • Leader with dynamic election and management of consistency (modified Raft protocol)
  • Can be distributed across DCs to enable multi-geo operations
  • By default, strict consistency rules enforced

High-availability and Performance

  • The cluster consists of multiple servers – odd number to provide majority quorum (5, 7 or 9)
  • As long as the majority (quorum) of servers is available, the service and Bucket remain available
  • Restarts failed servers with automated resynchronization

 

S3 Connector Scale-out at all levels

tfdx-scality-s3_connector_scale-out_at_all_levels

S3 as the best On-ramp to Object Storage

tfdx-scality-s3_on-ramp

  • Developers can install and develop S3-based apps locally
  • Enterprises can host a small, local object storage systems in production
  • Enterprise can host a local test/dev environment to learn about object storage

 

Scality Open Source S3 Server

S3 API Compatible with the S3 Connector

  • Single Docker Container for simplified deployment
  • Stores data in local Docker Volume (local storage)
  • Metadata managed in single key/value database
  • S3 compatible Bucket and Object operations, error and response codes

Downloadable on Docker Hub

  • Can be pulled via UI or Docker pull command as per instructions on s3.scality.com
  • Can be hosted on laptops and single servers
  • Seamless transition to scale-out solution on RING

ISV Certified with multiple solutions

  • Backup, archive, sync-n-share, surveillance, migration

 

Summary

So what do you get with Scality?

  • S3 Server & S3 Connector
  • Provides a seamless transition from “free” test/dev single-server trial to full scale-out deployments (note that the trial is not available to robots).
  • Small to large deployments from local storage to full RING
  • Simple to deploy via Docker containers
  • Comprehensive Enterprise Deployment Features
  • Multi-tenancy
  • Active Directory SSO/federation

 

Further Reading and Thoughts

Justin did a comprehensive write-up on Scality here. Sure, I could have saved you a lot of time and sent you there in the first place, but that’s not how I roll. I admit I’m not super familiar with Scality and have yet to get cracking with the RING trial. That said, with version 6.0 they seem to included a lot of features that enterprises are interested in when looking at object storage with cloudy tendencies. There’s decent support for file protocols such as NFS and SMB, just no block. I covered some of the other enterprise features above, and they’ve been around for a little while now. But that’s not what the kids are into these days in any case. If you’re looking into rolling your own object solution, I recommend giving Scality a spin.

Dell – Dell EMC World 2016 – See you in Austin

dellemc_masthead_transform

This is a quick post to let you all know that I’ll be heading to Dell’s annual conference (now known as Dell EMC World) this year in Austin, TX. This will be my first Dell World and first time in Austin. I’m looking forward to catching up with some old friends and meeting some new ones. If you haven’t registered yet but feel like that’s something you might want to do – the registration page is here. To get a feel for what’s on offer, you can check out the agenda here. I’m excited to hear about how Dell EMC will be transforming and this will be their first public shot at putting on a show since the acquisition completed.

Massive thanks to Mark Browne at Dell EMC for organising the “influencer” pass via the EMC Elect programme. Keep an eye out for me at the conference and surrounding events and don’t be afraid to come and say hi (if you need a visual – I look like Wolverine would do if he let himself go).

So NooBaa, eh?

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

TFD-Extra-VMworld-300

noobaa_logo

I had the opportunity to speak with NooBaa about six months ago. At the time they were still developing their product, but I thought it looked pretty cool. At Tech Field Day Extra,  they demoed their cloud services engine. The company was founded by Yuval Dimnik (Co-founder and CEO) and Guy Margalit (Co-founder and CTO). If you’re familiar with Exanet or Dell FluidFS, you’ll be familiar with some of their capabilities. NooBaa was founded in 2014, with a product launch in September 2016, and a current headcount of 14 (they tell us have a strong security/storage DNA).

“Customers don’t care how you do your tech, they care how it fixes their problems”

 

So NooBaa, eh?

They have thought about the name. A lot. It’s a pure software product enabling folks to create and provision cloud services

  • Storage (like AWS S3) – First!
  • Serverless compute (like AWS Lambda) – Future

The key is that the customer owns the service, with

  • Full control of who accesses what, and what stays on-premises
  • No cloud vendor lock-in

The services use

  • Heterogeneous resources – cloud resources and servers
  • In the cloud, on-premises, and spanned

So, take all the spare storage you have lying about on Windows and Linux VMs, bang it all in a single namespace and present it back to your object-friendly apps. Replicate it to the cloud if you like. Or use all your spare clouds. Sounds like a cool idea.
Design Considerations (once bitten, twice shy)

They wanted to design a product that behaves like the cloud, but gives you the choice to consume from on-premises or cloud.

But can you predict the unpredictable?

  • Cloud strategy? Everyone has one of those, they’re just not sure what it really means.
  • Growth rate? Oh, it grows a lot.
  • Hardware technologies? Yep, software still needs hardware.
  • Vendors? Who can really work out what they do?
  • Organisational changes?
  • Security issues and lurking “heart bleeds”?

Stuff is hard. Along with this, NooBaa were looking to add the following capabilities

  • On-premises, multi-cloud, and supporting cloud migration
  • P2P scalable capacity
  • Monitor hardware and adapt
  • Agnostic to the machine
  • Allowed to grow, allowed to shrink
  • User space as a religion – when you need to fix that you can do it right away

Architecture

NooBaa is all about a hybrid approach to resources, supporting multiple cloud providers and on-premises resources. It also has support for multiple sites.

tfdx-noobaa-architecture1

The key to NooBaa’s storage performance in what might seem to be non-performant environments is the way it stores data, as you can see in the below diagram.

tfdx-noobaa-architecture2

 

Note that they’re not targeting low-latency workloads. At this stage they’re cloud agnostic and hoping to keep things that way. Heterogeneous resources are key for NooBaa. You can also sign up for the Community Edition – limited to 20TB aggregate object size.
Final Thoughts and Reading

 

The name doesn’t roll off the tongue, and the colour-scheme is very pretty. But I think this belies the thought that’s gone into this product. Yuval and his team have a strong background in scalable object storage, and I’m excited to see them finally come out of stealth. The concept of treating storage nodes as second class citizens is interesting, and I’m looking forward to taking the Community Edition for a spin when I get my act together in the near future. In the meantime, head over to Alastair’s blog for a more succinct write-up on what we saw. John White also did a great post here. You can grab a copy of my raw notes here, and watch NooBaa’s TFDx presentations here.

 

VMware – VMworld 2016 – TAM Activities

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

I’ve been working with VMware technologies for over 10 years now. Some of that has been as a partner and some as a customer. When I was on the customer side of the fence I was fortunate enough to work in a number of organisations that had a VMware Technical Account Manager (TAM). I was happy to reconnect with him at VMworld recently, and it prompted me to write this post about TAM activities at VMworld.

I spoke to VMware about their TAM presence at VMworld, and they told me “[o]ur goal was to deliver a high-value, content rich experience for our current TAM Customers as well as drive business for potential new customers”.  As part of this, they ran three programs at VMworld , including:

  • TAM Customer Day
    • Executive Chat – Pat Gelsinger and Michael Dell
    • Opening Keynote – Ray O’Farrell and ICD Analyst, Matt Eastwood
    • CTO Panel – Paul Strong, Chris Wolf, Shawn Bass, Kit Colbert and Christos Karamanolis
  • TAM Customer Central (TCC)
    • Over 50 sessions
    • 1680 attendees
    • IT Expert Office Hours
  • TAM Services Lounge
    • Close to 800 attendees
    • 3 theatre presentations daily
    • 2 Daily Contest Winners

 

These events proved popular with attendees, with the following positive survey results being recorded.

  • Snapshot of Our Survey Results from TAM Customer Day
    • Please rate the overall value you received from attending TAM Customer Day: 4.0
    • The information presented at TAM Customer Day is relevant to your business/role: 4.3
    • TAM Customer Day activities strengthen my relationship with VMware: 4.25
  • Snapshot of Our Survey Results from TCC
    • TCC enhanced your overall experience at VMworld: 4.65
    • The session provided practical knowledge that I can apply to my job: 4.38
    • Based on your expectations for this session, how would you rate the technical level: Just Right-88%

I’ve been a fan of the TAM program for some time – and it was great to see they had such a visible presence at VMworld this year. If you’re working in a big environment I suggest you look into getting a TAM – they’re a good investment. And if you’ve already got a TAM, buy them a coffee next time they’re in the office.

EMC – naviseccli – checking your iSCSI ports are running at the correct speed

It’s been a while since I wrote about naviseccli and I admit I’ve missed it. I once wrote about using naviseccli to identify MirrorView ports on a CLARiiON array. Normally the MirrorView port is consistently located, but in that example we’d upgraded from a CX3-80 to a Cx4-960 and it was in a different spot. Oh how we laughed when we realised what the problem was. Anyway, we’ve been doing some work on an ever so slightly more modern VNX5300 and needed to confirm that some newly installed iSCSI SLICs were operating at the correct speed. (Note that these commands were run from the Control Station).

The first step is to list the ports

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2016.09.07 08:59:37 =~=~=~=~=~=~=~=~=~=~=~=
[nasadmin@NAS001 ~]$ navicli -h A_VNXSP connection -getport

SP:  A
Port ID:  8
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.a8
iSCSI Alias:  0017.a8
IP Address:  192.168.0.13
Subnet Mask:  255.255.255.0
Gateway Address:  192.168.0.254
Initiator Authentication:  false

SP:  A
Port ID:  9
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.a9
iSCSI Alias:  0017.a9

SP:  A
Port ID:  10
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.a10
iSCSI Alias:  017.a10

SP:  A
Port ID:  11
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.a11
iSCSI Alias:  017.a11

SP:  B
Port ID:  8
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.b8
iSCSI Alias:  0017.b8
IP Address:  192.168.0.14
Subnet Mask:  255.255.255.0
Gateway Address:  192.168.0.254
Initiator Authentication:  false

SP:  B
Port ID:  9
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.b9
iSCSI Alias:  0017.b9

SP:  B
Port ID:  10
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.b10
iSCSI Alias:  017.b10

SP:  B
Port ID:  11
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.b11
iSCSI Alias:  017.b11

Once you’ve done that, you can list the port speed for a particular port

[nasadmin@NAS001 ~]$ navicli -h A_VNXSP connection -getport -sp a -portid 8 -speed
SP:  A
Port ID:  8
Port WWN:  iqn.1992-04.com.emc:cx.cetv2223700017.a8
iSCSI Alias:  0017.a8
IP Address:  192.168.0.13
Subnet Mask:  255.255.255.0
Gateway Address:  192.168.0.254
Initiator Authentication:  false
Port Speed:  1000 Mb
Auto-Negotiate:  Yes
Available Speeds:  10 Mb
-               :  100 Mb
-               :  1000 Mb
-               :  Auto

If you have a lot of ports to check this may not be the most efficient way to do it (ioportconfig may be more sensible), but if your network team are reporting on one particular port being an issue – this is a great way to narrow it down.

VMware – VMworld 2016 – Wrap-up and Link-o-rama

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

vmworld-2016-hero-US_950

A quick post to provide some closing thoughts on VMworld 2016 and link to the posts I did during the event. Not in that order. I’ll add to this as I come across interesting posts.

 

Link-o-rama

Here’s my stuff.

Intro

VMware – VMworld 2016 – See you in Vegas

 

Session Notes

VMware – VMworld 2016 – Monday General Session Notes

VMware – VMworld 2016 – Tuesday General Session Notes

VMware – VMworld 2016 – STO7875 – A Day in the Life of a VSAN I/O

VMware – VMworld 2016 – STO7914 – Revamped vSphere Storage DRS and SIOC for automating the Data Centers

VMware – VMworld 2016 – INF8260 – Automated Deployment and Configuration of the vCenter Server Appliance

VMware – VMworld 2016 – STO7549 – Achieving Agility, Flexibility , Scalability and Performance with VMware SDS and VVOLs for Business critical databases

VMware – VMworld 2016 – STO7903 – An Industry Roadmap: From storage to data management

VMware – VMworld 2016 – CTO7516 – Ask the Experts – Titans of Tech

VMware – VMworld 2016 – STO8718-SPO – Building Next-Gen Data Protection for VMware Environments with Rubrik

VMware – VMworld 2016 – STO7973 – Architecting Site Recovery Manager to Meet Your Recovery Goals

VMware – VMworld 2016 – Thursday General Session Notes

VMware – VMworld 2016 – INF8631 – VMware Certificate Management for Mere Mortals

 

Disclosure

VMware – VMworld 2016 – (Fairly) Full Disclosure

 

Here’s some stuff from other people and press (hey, they’re people too)

VMworld 2016: Is It Still A Thing?

My thoughts on VMworld 2016

VMworld 2016: Announcements on track with A/NZ strategy

VMworld 2016, Day 1 and 2 keynotes

An Industry Roadmap: From storage to data management #STO7903 by @xtosk

#STO7904 VSAN Management Current and Futures by @cdickmann

5 major product releases from VMworld 2016

VMworld 2016: Dell ups the ante on converged infrastructure and cloud with new system

VMworld 2016: VMware pushes hybrid cloud and SDDC with new Cross-Cloud Architecture

Here’s the relevant bits from VMworld, sliced and diced just for you

VMworld 2016: Top Session Pick Videos Right Here!

 

Wrap-up

A lot of people I spoke to seemed a little underwhelmed by the announcements VMware made during the event. It should be noted that most of these people were bloggers or press with prior access to briefings on what was coming. I wonder sometimes if it’s just because we’ve heard some of this stuff before and so it doesn’t feel as exciting. That said, I think VMware are at a reasonably critical point in their existence, and need to do a lot of work to catch some of the more nimble startups who are eating their lunch in some cases. Notwithstanding this I think we need to keep in mind that comparing the 800lb gorilla with the upstart startups is not always a useful exercise. VMware is a lot of things to a lot of people, and some of the criticism I hear seems to be coming from people who are heavily invested in customers moving away from VMware.

It remains to be seen just how VMware reacts in the marketplace to being pulled in a multitude of directions at once. As well as this, everyone is keen to see just how the Dell acquisition will impact VMware’s go to market positioning and their forward strategy. I think it would be naïve to assume that Dell are really just going to let VMware do whatever they want. Walking in to the Solutions Exchange it was pretty obvious that Dell had been involved heavily in planning for this event.

In any case, I had a great time at VMworld. This was primarily thanks to the community in attendance. It was a real pleasure to catch up with some old friends and make some new ones. I finally had the opportunity to meet fellow vChampion Anthony Spiteri in real life, and it seems like VMworld is the only place Justin Warren and I have time to catch up. Big thanks also to Corey at VMware for organising the blogger pass. Thanks also to Stephen and the Tech Field Day team for having me along to “Tech Field Day Extra VMworld US 2016” and for covering my accommodation costs. Top event. 4.5 stars.

 

 

VMware – VMworld 2016 – INF8631 – VMware Certificate Management for Mere Mortals

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

vmworld-2016-hero-US_950

Here are my notes on “INF8631 – VMware Certificate Management for Mere Mortals” presented by Adam Eckerle and Ryan Johnson. I didn’t get as many notes as I would have liked as I had some battery issues with my laptop. Things are a little different with certificate management in vSphere 6 so I was happy to be able to get along to this session.

INF8631
Certificate replacement options for vCenter

VMCA Default

  • VMCA provides the Root certificate
  • All vSphere certificates chain to VMCA
  • Regenerate certificates on demand easily

VMCA Enterprise

  • Replace VMCA CA certificate with a subordinate CA certificate from the Enterprise PKI
  • Upon removal of the old VMCA CA certificate, all old certificates will be regenerated

Custom

  • Disable VMCA as CA
  • Provision your own custom certificates for each solution user and endpoint
  • More complicated. For highly security conscious customers only

Hybrid (Recommended)

  • Replacement of the Machine_SSL certificates
  • VMCA for Hosts and Solution Users
  • Very popular with high security customers

Appliance Deployment

/usr/lib/vmware-vmca/bin
./certificate-manager

Windows Deployment

<Drive>:\Program Files\VMware\vCenter Server\vmcad\certficate-manager

VMware KB 2108294 – download trusted root CA certificates
VMCA as Enterprise CA Subordinate

Creating certificates for other things from VMCA is NOT supported and not recommended
Hybrid Approach Concepts

  • Security – Custom certificates for the Web Client
  • Operations – VMCA for everything else (User Solutions, ESX hosts)

And that’s all I got … but here are some links that may be useful.

VMware – VMworld 2016 – STO7549 – Achieving Agility, Flexibility , Scalability and Performance with VMware SDS and VVOLs for Business critical databases

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

vmworld-2016-hero-US_950

Here are my notes on “STO7549 – Achieving Agility, Flexibility , Scalability and Performance with VMware Software-Defined Storage (SDS) and VVOLs for Business critical databases” presented by Sudhir Balasubramanian and Potheri Mohan, with support from Zeehan Khan.

STO7549

This was the third-last session of the week for me, and the first one talking about VVOLs. Possibly also the longest title of any session I’ve attended this week.

 

Key takeaways

Primary Day 1 Operation Challenges for Oracle workloads

  • Provisioning storage – how VMware Storage Policy Based Management (SPBM) helps storage provisioning

Primary Day 2 Operation Challenges for Oracle databases

  • Backup and recovery, cloning and data refresh from production
    • Oracle backup & cloning process at different levels – pros and cons of each approach
  • How VMware Virtual Volumes helps overcome those challenges
  • Use case – Backup and recovery with VVOLs

 

Check out Oracle in a Virtual World.

How many of you have heard of EMC Unity? How many of you are using or evaluating it? Not so many.

Download the UnityVSA

 

Traditional challenges for virtualised business critical databases

Common concerns

  • Day 1 operations of DB has to meet business SLAs
    • provisioning new production DBs to meet performance
    • different DBs have different IO characteristics and capability/criticality
  • Day 2 Operations of production DB has to meet business SLA
    • production backup has to complete in set window
    • cloning needs to complete fast with affecting production performance
    • DB refresh from production has to complete in set window

 

Provisioning storage for an Oracle DB – A detailed view

To meet DB performance demands, you

  • need to understand DB requirements
    • understand DB workload IO profile / characteristics
    • criticality of the application accessing the DB (SLAs)
  • need to understand current infrastructure constraints
    • do the data stores have the capability to sustain current workload?
    • are the data stores able to support the workload if the IO demand scales up?
    • are there storage policies that can be leveraged to meet DB storage requirements? (storage capabilities based on array features and data services)
  • not feasible to do all that in a short time
    • study all data stores’ storage policies
    • choose the right one for placement

 

VMDK vs RDM – the battle rages on :)

 

Oracle backup – Day 2 Operations

  • Requirement of DB backup and recovery
    • Short backup windows – with least production impact, and recoverable and repeatable
  • 3 levels of triggering DB backup on vSphere
    • application level backup (Oracle RMAN / Data pump)
    • vSphere level backup via VMware snapshots
    • storage level backup (storage snapshots)
  • For large DBs, DBAs traditionally prefer
    • DB level backup
    • storage based snapshots

 

Backup methods – Pros and Cons

  • For multi-TB DBs with a high rate of change
    • Oracle RMAN offers a fine level of granularity but is not always the fastest
    • VM level snapshot would be ideal but KB1002836 (a snapshot removal can stop a VM for a long time) and VM level snapshots can stun a VM for a long time.
    • Storage based snapshots would be the fastest at the LUN / data store level but no VMDK level granularity (VMDKs of other apps are also part of the backup thus the time for backup increases)

 

What if we could?

  • Trigger backups / clones from a VM level with VMDK level granularity (ideal)
  • Do a storage based snapshot / clone at the VM level (fastest way of all 3 ways)

 

Introducing VVOLs

Challenges in Legacy Shared Storage Architectures

  • Create fixed-size, uniform LUNs
  • Lack of granular control
  • Complex provisioning cycles
  • LUN-centric storage configurations
  • Extensive manual bookkeeping to match VMs to LUNs
  • LUN granularity hinders per-VM SLAs
  • Over provisioning (better safe than sorry)
  • Wasted resources, wasted time, high costs
  • Frequent data migration
  • Every tier requires a different array
  • Providing multiple levels of service is hard

 

Instead – an app-centric model drives agility and QoS

  • Dynamic delivery of storage service levels when needed
  • Fine control of data services at the VM level
  • Common management across heterogeneous devices
  • Rapid provisioning
  • No over provisioning of resources
  • QoS automation
  • Simple change management

 

The SDS Model

  • Goal is to leverage SDS architecture to bring about storage efficiencies
  • Storage services are dynamically created and delivered on a per VM basis
  • Aligns storage requirements with those of the DB
  • Storage policies are leveraged to precisely meet application requirements
  • Reduces storage over provisioning, IT management cycles, and cost

 

The Policy Driven Control Plane

  • New management layer for SDS
  • Provides orchestration and automation of storage consumption
  • SPBM is VMware’s implementation of the control plane
  • SPBM maps application requirements dynamically to storage services

 

VMware vSphere Virtual Volumes – Integration framework for VM-aware storage

  • Virtual disks are natively represented on arrays
  • Enables VM granular storage operations using array-based data services
  • Extends vSphere SPBM to the storage ecosystem
  • Supports existing storage IO protocols (FC, iSCSI, NFS)
  • Based on T10 industry standards
  • industry-wide initiative supported by major storage vendors
  • included with vSphere

 

High Level Architecture

STO7549_vvol-architecture

  • storage containers
  • protocol endpoint
  • VASA provider

 

Storage Container

  • Logical storage constructs for grouping of VVOLs
  • Typically defined & setup by storage administrators in order to define storage capacity allocations and restrictions
  • capacity based on physical storage capacity
  • logically partition or isolate VMs with diverse storage needs and requirements
  • storage policy settings based on data service capabilities
  • minimum one storage container per array
  • maximum depends on the array

 

Protocol Endpoints (PE)

Access point that enables communication between ESXi hosts and storage array systems

  • part of the physical storage fabric
  • created by storage administrators

 

Scope of PEs

  • Compatible with all SAN and NAS protocols (iSCSI, NFS v3, FC and FCoE)
  • Can support any one of the above protocols at a given time
  • Existing multi-path policies and NFS topology requirements can be applied to the PE

 

VASA Provider (VP)

  • Software component developed by storage array vendors
  • ESX and vCenter Server connect to VASA provider
  • Provides storage awareness services
  • Single VASA provider can manage multiple arrays
  • Supports VASA APIs exported by ESX
  • VASA Provider can be implemented within the array’s management server or firmware
  • Responsible for creating VVOLs

 

VVOLs created for a VM VMDKs

For any VM on a VVOL-enabled data store

There are 5 differnet types of recognised VVOLs (KB2113013)

  • Config-VVOL – Metadata (includes VM home, vmx file, descriptor files for virtual disks, log files, etc)
  • Data-VVOL – VMDKs
  • Mem-VVOL – Swap files
  • Snap-VVOL – Snapshots
  • Other-VVOL – Vendor solution specific

 

Storage Policy Based Management (SPBM) – Array Capabilities

  • Publish capabilities
    Array-based features and data services
    Defines what an array can offer
    Advertised to ESX through VASA APIs

 

Example vCenter storage policy

 

SPBM Rule set 2

  • Tags
  • Policy based on storage tiering
  • datastore choice based on storage policy

 

Provision VM from templates using VMware level storage policies. 39 partners in the program

 

Yet another deep dive on VVOL?

  • A while since vSphere 6 and VVOLs were released
  • But customers still have questions
    • How do the various VVOL components interact?
    • What does the storage containrer look like?
    • How are VM files stored on a VVOL enabled data store?

 

OLTP DB Workload requirements – Example Use case

 

EMC UnityVSA 4.0 VM Setup (Import OVA)

  • VM UnityVSA
  • 2 vCPU / 12GB RAM
  • 6 NICs
  • 9 VMDKs (3 internal and 6 VMDKs for 4 different pools of 100GB each)

 

VSA VVOL – high level steps

  1. Add vCenter to UnityVSA to discover ESXi hosts
  2. Create VASA provider in vSphere
  3. Create Pools with Capability Profile
  4. Add software iSCSI interface to UnityVSA and ESXi hosts
  5. Add NAS server for NFS to UnityVSA
  6. Create iSCSI Storage container (DS-VVOL-Performance, DS-VVOL-ExPerformance, DS-VVOL-MultiTier)
  7. Create NFS Storage Container (DS-VVOL-Capacity)
  8. Check Protocol Endpoints (iSCSI & NFS)
  9. Create iSCSI and NFS data stores on vSphere
  10. Create VVOL enabled VMDK for Oracle DB

 

  • EMC Unity VVOL Deployment Guide
  • VASA Provider details
  • Create pools with capability profile
  • UnityVSA – storage container map to a vSphere VVOL Datastore
  • PE are IO access points from ESXi host to Unity system

 

Oracle DB VM setup

  • VM Name – Oracle-Unity-VVOL
  • OS – Oracle Enterprise Linux 7.2
  • 8 vCPUs / 16GB RAM
  • DB Name – ORAVVOL
  • Oracle 12.1.0.2.0 single instance DB with Grid Infrastructure
  • Install vCLI package on GOS

 

No VMDK is set to independent-persisted (disallows snapshot)

 

Anatomy of a VM (files)

  • Check this link for a good overview.
  • The VMDK is stored on the VM datastore, other files stored on the VVOL datastore

 

Oracle on VVOLs – Use cases

  • Use case 1 – scenario
    • Application is business critical – major application code change
    • QA team want to perform complete system testing
    • Unfortunately production DB size 5TB and rising – lot of time taken to perorm DB cloning
  • Use case here
    • Clone the DB to test application code change, DB software patch, OS patch

 

Backup and recovery – DB Consistent Backup Snapshot

Step 1

  • Create script “hot_backup”
  • Script places DB in Begin Backup Mode
  • Create a VMware snapshot
  • End backup mode for Oracle DB

Step 2

  • Run cloning script “New-VMFromSnapshot.ps1”
  • Clones a VM from the DB-consistent snapshot

Step 3

  • Startup cloned DB VM via script “db_consistent_recovery”
  • Perform DB recovery manually using “recover database” command

 

Check out this whitepaper.

 

Conclusion

  • Oracle VVOL – A game changer for virtualised DBs and applications
  • Trustworthy and seamless backup and recovery
  • Simplified cloning and refresh operations
  • Effective and consistent storage based policy management

 

Some more info about Unity

 

Useful VVOLs links

 

Informative session. 4 stars.

VMware – VMworld 2016 – (Fairly) Full Disclosure

Disclaimer: I recently attended VMworld 2016 – US.  My flights were paid for by myself, VMware provided me with a free pass to the conference and various bits of swag, and Tech Field Day picked up my hotel costs. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

vmworld-2016-hero-US_950

Here are my notes on gifts, etc, that I received as a conference attendee at Intel Storage Builders Summit, VMworld 2016 and Tech Field Day Extra. This is by no stretch an interesting post from a technical perspective, but it’s a way for me to track and publicly disclose what I get and how it looks when I write about various things. I’m going to do this in chronological order, as that was the easiest way for me to take notes during the week. While everyone’s situation is different, I took 5 days of training / work time to be at this event (thanks to my employer for being on board).

 

Saturday

I caught a Qantas flight from BNE -> LAX and then had a 6 hour layover before travelling on to LAS. I consumed plane food on the long flight over. It was sustaining and notable for its lack of taste. I had a Mexican breakfast at LAX, paid for by my employer.

Once I’d checked into my hotel, I made my way over to Mandalay Bay. Registration had opened early for VMworld so I picked up my VMworld backpack, t-shirt, notepad and ScienceLogic water bottle.

I also attended the Intel Storage Builders Summit (or, at least, the very end of it). I was given a gym tote, a pen, a notepad, a 4GB USB stick and a phone cardholder thing. At the cocktail reception I had some Coronas and helped myself to a nice selection of dim sum. Jet lag kicked in around 8:30 and I turned in for the night.

 

Sunday

I paid for a ticket to Opening Acts, vBrisket and the #VMunderground parties. Gabe Maentz kindly gave me a commemorative vBrisket t-shirt and pointed out on the map on the back of the t-shirt just where the bus broke down. I had dinner with Stephen Foskett, Tom Hollingsworth, Arjan Timmerman, Gina Minks and a few other folks at Grimaldi’s. Nice pizza! I also had two Peronis. This was paid for by Tech Field Day.

 

Monday

Breakfast was what seemed to be the VMworld standard for the week – classic continental (see the photo). I had some fruit, juice and a conference coffee. Incidentally, the scale of logistics required to feed 20000+ conference attendees always impresses me. While the breakfast wasn’t super exciting, it did the job and everyone seemed to get fed. I imagine someone is presenting at “CatererCon 2017” (or whatever) about the challenges associated with scaling out the “Classic Continental” to previously unforeseen levels.

VMworld_Breakfast

For lunch I had fruit, salad, and some BBQ brisket. It was okay. Yes, I’ve clearly missed my calling as a food critic.

I then did a whip around the Solutions Exchange, and grabbed some stuff, including:

I had dinner at Holsteins, this was paid for by a friend from VMware. I had a burger and a Trumer Pils.

 

Tuesday

Breakfast was the VMworld standard continental. I had fruit, juice and coffee.

Lunch was provided courtesy of Tech Field Day. It was fajitas. I was well pleased with this.

Paessler gave us a cloth shopping bag after their TFDx session.

I went to dinner at Lotus of Siam, paid for by Scale Computing. I had some beer and some garlic prawns and one or two other appetisers. Thanks @bocanuts!

 

Wednesday

Breakfast was the VMworld standard continental. I had fruit, juice and coffee.

Lunch was lasagne and salad.

I also grabbed some Pringles (a third of a normal can?) between sessions in the afternoon.

I then did a final tour around the Solutions Exchange to collect more tchotchkes. I picked up:

Dinner was at Lotus of Siam again and paid for by a number of very generous people, including SolidFire/Netapp, Turbonomic, Datto, Scale Computing, and Tech Field Day. Thanks again to Howard for organising it.

 

Thursday

Breakfast was the VMworld standard continental. I had fruit, juice and coffee.

Scott Lowe left some excess Spousetivities t-shirts at the bloggers’ table so I nabbed one for my wife.

Lunch was a nice salad and shrimp. Like I said before, catering at this scale seems like it would be insane.

VMworld_Food

I had dinner at Cucina by Wolfgang Puck with Matt Leib, Keith Townsend and his wife Melissa. We split the bill. It was a great way to unwind after a pretty busy week.

 

Friday

I did some shopping in the morning, had lunch at a Mexican restaurant in my hotel (paid for by my employer) and then made my way to the airport in a cab (also paid for by my employer). As my flight was delayed by 4 hours Qantas gave me a $25 US voucher to spend on dinner. I bought a Cuban sandwich and a few bottles of water. At the time I didn’t realise the significance of the delay or I may have bought something more substantial. A good friend from VCE bought me a few Sapporos as all of our Qantas flights were delayed.