VMware HCX now included with VMware Cloud on AWS

Hybrid Cloud Extension is the VMware technology used to connect to, and facilitate the bulk migration and vMotion of virtual machines between a customers on-premises data center and their VMware data center running in AWS. (VMware Cloud on AWS)

Until today, HCX was considered an add-on component to a VMware Cloud on AWS subscription. HCX had it’s own pricing and consumption model which was largely determined by the particular customer use case.

VMware announced this morning that HCX will now be included with the core VMware Cloud on AWS offering at no additional cost. This move serves to simplify the adoption of the service and to aid customers in the migration of desired workloads to the public cloud.

Posted in Cloud, VMC on AWS | Leave a comment

Upgrading to vSphere 6.5?

Upgrading. It’s inevitable!

At some point, this is a bridge that all vSphere admins will need to jump off.

As with the capabilities of each release of vSphere (6.5 included), the upgrade process has evolved to become a more refined and simplified process. I’m not saying that an upgrade is a walk in the park, there are simply to many variables to make that statement. What I am saying is that the documentation around the upgrade process, along with the migration and upgrade tools that are available, have led to fewer sleepless nights by those that are tasked with caring for the environment.

If your company is still running a version of vSphere older than 6.0, now would probably be a good time to start thinking about jumping off the proverbial bridge. As you can see from the table below, vSphere 5.5 is end of support in September of this year with 5.1 and earlier nothing more than a fond but distant memory.

Planning a vSphere upgrade or deployment takes a certain amount of time and a fair amount of knowledge, especially if it is to be executed with a successful outcome in mind. The larger and more complex the environment, the more time and experience required by those working on the project.

With the operational stability of potentially the entire data center resting on the outcome of this kind of project, there should be no substitute for thoroughly documenting the environment and the planning of the migration or upgrade process.

Over the years I’ve had my fair share of conversations with customers who prefer to go it alone instead of enlisting the help and guidance of VMware Professional Services or one of our Certified Delivery Partners. For some this route might be feasible.

Personally I’d rather have a seasoned veteran, a VMware Partner that does this kind of thing every day, assisting me with the project to ensure that no step, regardless of how minor or seemingly insignificant, has been over looked.

Regardless of the route you take, here are a few things to start thinking about as you begin planning your upgrade and or migration.

  1. What version of vSphere are you currently running?
    1. If the environment is on a version lower than 5.5, you will need to perform an intermediary upgrade, or upgrades, to get to 5.5. KB2053132 provides some best practice guidelines when upgrading to vCenter 5.5.
    2. If the environment is already at the 5.5 version you can proceed without any additional steps.
  2. Are you currently running the Windows-based deployment of vCenter or the vCenter Server Virtual Appliance (VCSA)?
    1. If the Windows-based vCenter is what you are currently using, you have 2 options available.
      1. You can continue with the Windows version of vCenter and perform an in place upgrade. In this case you lose out on a number of new capabilities introduced in 6.5 that are only available with the vCenter appliance.
      2. Or you could perform a migration of your Windows vCenter and external database server (Oracle or SQL) to the vCenter Server Virtual Appliance with its embedded Postgres database. This route also allows for some cost savings in the form of reducing the number of Windows OS and Oracle or SQL database licenses needed.
    2. If you are already using the vCenter Server Appliance version 5.5 or 6.0, you can perform an in place upgrade to the 6.5 version.
  3. The next step involves upgrading your ESXi hosts to 6.5. There are numerous different ways to achieve this including the old burn the ISO to cd-rom method, using vSphere Update Manager or my personal favorite, via the command line using esxcli.
  4. The final step is to update VMware Tools on all your guest virtual machines to the latest version and update the virtual hardware version for those same virtual machines so that they can take advantage of the new capabilities in the 6.5 version of the hypervisor.

Another web-based tool that I use is the vSphere 6.5 Topology and Upgrade Planning tool. (Output in the image below) It allows you to input certain information about the source environment as well as what the desired architectural state of the completed environment should look like (moving from embedded to external PSC etc). Using this information, the tool will visually and textually map out the process for you to follow to get to the desired outcome.

I’ll leave you with one last thought. vCenter and ESXi are not the only software components in the typical data center. Think about management and automation components. What about network virtualization and security software? What about other non-VMware software such as backup and recovery software that has a dependency on vCenter and ESXi and the version they are running?

Posted in SDDC, vSphere | Leave a comment

vSphere Patch Validation script for Spectre

One of our tech guys wrote a very neat little PowerCLI script to inspect the vCenter and ESXi hosts within a vSphere environment to determine the status of the current build version against the Spectre vulnerability.

I take no credit in any way for the script. All credit goes to Vikas.  Here is a high level overview of what the script does.

  1. Validates vCenter current build against patched build.
  2. Connects to the hosts within the specified cluster.
  3. A small VM is created on each host and powered on and off to determine the host build status.
  4. Output is written to a .csv file for analysis.

The script itself can be downloaded from Vikas’ blog or from his GitHub repository.

Edit: VMware have also released another Security Advisory VMSA-2018-004 that details the patches required for the environment along with additional requirements that need to be met to mitigate the guest OS vulnerability. (apart from the obvious guest OS patches)

One point I’d like to call out is that in all instances, the vCenter server, if used, should be patched first, followed by the ESXi hosts and then the VM hardware version. For details on how to update the VM hardware version please see KB article KB1010675.

Below is a short video of the script in action.

*Please note, this script is provided as is and without support. Use at your own risk.

Posted in Security, vSphere | Leave a comment