Monthly Archives: June 2016

vCD SP 8.10 New Features Part 2 – Affinity Rules and New API Functions

vCloud Director SP 8.10 has been out for about a month now and the general buzz around this release has been extremely positive. The decision to expose the previously API only features has been warmly welcomed by most vCloud Air Network Service Providers and I have heard of quiet a few looking to deploy or plan deployment of vCD SP 8.10 into their hosting platforms.

In Part One I went through the new NSX supportability improvements and for Part Two I am going to focus on a couple of Virtual Datacentre improvements that Organisational Clients can take advantage off with the upgrade. One of the key features now exposed directly to tenants is the ability to configure VM affinity and anti-affinity rules. I’ll also mention a couple of non UI exposed features like more granular vDC permissions, and being able to import running VM.

Virtual Machine Affinity Rules:

Support has been added for creation of affinity and anti-affinity rules for VMs. This is available via the vCD UI or the vCD API to create affinity rules that allow you to spread a group of virtual machines across different hosts or keep a group of virtual machines on a particular host. This is welcomed feature as it’s been a common question from customers who have asked us to keep or split VMs from the backend. I believe it’s also something that’s unique in the IaaS space and allows tenants greater control of VM placement that allows them to configure for certain applications or services requirements.

To configure this as a tenant head to the Administration Menu of the vCD UI and double-click on the Virtual Datacenter. From there you should see the Affinity Rules Tab as shown below.

Once there you have two sections where you can configure Affinity or Anti-Affinity Rules.

To configure the Rules, click on the + button, enter in a Rule Name and select the VMs you want to keep together or split up.

Note that it will error out if a VM is part of an existing rule as shown below.

You can not have the same VM of the same type in more than one rule. If you attempt this you will get a fairly unhelpful error complain talking about an incorrect or missing values.

Taking a look at vCenter, under the Clusters DRS Rules you will see the System created rules as shown below.

What I found interesting looking at the vCenter while the initial rules where create from the vCD UI was that a tiny drsShellVM (1 vCPU, 4MB RAM, No HDD, No Network) gets created during the process. At this stage I have not found out what this does or it’s purpose, but I was intrigued by it’s creation…if anyone can shed some light please comment below.

Overall this is an excellent feature and again…one that tenants will welcome.

vDC Permissions and Live VM Migrations:

I am not going to go dig deep into these features as Tom Fojta has already put through a couple of awesome posts around these and given some examples about how to make the API calls to configure them, but they are worth listing out and mentioning as they do extend the granularity of control in vDC permissions and allow for the importing of a running VM into vDC which had previously been an offline only thing.

Organization VDC Permissions in vCloud Director

Import Running VM to vCloud Director

The implication of the live running import is that together with xVC-vMotion you could think about doing cross VC imports either between IaaS providers or from a customers on-premises site…given the right networking is in place.

References:

https://fojta.wordpress.com/ 

http://www.virtuallyghetto.com/2015/02/did-you-know-of-an-additional-cool-vmotion-capability-in-vsphere-6-0.html 

http://pubs.vmware.com/Release_Notes/en/vcd/8-10/rel_notes_vcloud_director_8-10.html

VSAN Permanent Disk Failure Detection – Health Status vs Hardware Status

A month or so ago I had one of our VSAN Management Clusters Health Status flag that there was a failed disk in one of the hosts disk groups. VSAN worked quickly and very efficiently to start an evacuation of the data on the impacted host by triggering a resync operation. Once the data was resynced I checked to see the status of the disk that had flagged with the error…Interestingly enough the disk wasn’t being flagged under the ESXi hardware status or in the DELL iDRAC as shown below:

Searching through the vmkernel.log for the affected disk I came across:

The status is being returned from the device and indicates a hardware failure despite the iDRAC not reporting any issues. On top of that the ESXi Host Client status of the disk looked normal.

Initially the sense error was being reporting as being be due to a parity error but not a hardware error on the disk meaning that the disk wasn’t going to be replaced. DELL support couldn’t see anything wrong with the disk from the point of view of the FX2s Chassis, Storage Controller or from the ESXi hardware status. DELL got me to install and run the ESXi PERC command line onto the hosts (which I found to be a handy utility in it’s own right) which also reporting no physical issues.

PERCCLI: http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=XY978

As a temporary measure I removed the disk from the disk group and brought the host back out of maintenance mode to allow me to retain cluster resiliency. Later on I updated the Storage Controller Driver and Firmware to the current supported version and after that I added the disk back into the VSAN Disk Group and then cloned a VM onto that host ensuring that data was placed on the hosts disk groups. About 5 minutes after copy the host has flagged and this time the disk has been marked with a permanent disk failure.



This was different behavior to what I first experienced before the firmware and driver update, however the iDRAC and ESXI Hardware status was still showing the disk as being good. This time however the evidence above was enough to get DELL to replace the disk and once replaced I tested a clone operation onto that host again and there where no more issues.

So make sure that you are keeping tabs of the VSAN Health Status as it seems to be a little better or sensitive at flagging troublesome disks than what ESXi is and even the hardware controllers. Better to be overcautious when dealing with data!

References:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2109874

http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=XY978

NSX Bytes: 6.1.x General Support Extended and 6.2.3 Edge Upgrade Issues

A while ago VMware announced that NSX-v general support would come to an end on this October to pave the way for current 6.1.x users to upgrade to 6.2.x. A problem has arisen in that people who patched NSX-v to the latest patch release 6.1.7 to cover a security venerability are left being unable to upgrade to 6.2.3 which also covers the same venerability in the 6.2.x release.

NSX Bytes: Critical Update for NSX-v and vCNS

As of June 9, 2016 with the release of NSX for vSphere 6.1.7, the EOGS date has been extended by 3 months, to January 15th, 2017. This is to allow customers to have time to upgrade from NSX for vSphere 6.1.7,  which contains an important security patch improving input validation of the system, to the latest 6.2.x release. For recommended upgrade paths, refer to the latest NSX for vSphere 6.2
.
It’s not the first time that current releases of NSX-v have blocked upgrades to future releases, and in this case NSX-v 6.2.3 also includes this security patch and along with 6.2.2, remains the suggested release for NSX-v. Repeating that upgrades from NSX 6.1.7 to 6.2.3 are not supported. Once VMware release the patch version beyond 6.1.7 upgrading to 6.2.x will be possible. That said it’s great of VMware to extend the end of support by three months to give themselves time to get the patch out.
.
6.2.3 ESG Catch-22:

For those than can upgrade to NSX-v 6.2.3 there is a current issue around the upgrading of NSX and existing edges possibly becoming unmanageable. This issue occurs when the load balancer is configured for serverSsl or clientSsl but ciphers value is set as NULL in the previous version. NSX-v 6.2.3 introduces a new approved cipher list in NSX Manager and does not allow the ciphers to be NULL when configuring the load balancer…as was the previous default option.

Since the ciphers value defaults to NULL in the earlier version, if this is not set NSX Manager 6.2.3 considers this ciphers value as invalid the Edges in turn become unmanageable. There should be a fix coming and there is a workaround as described in the VMwareKB here.

 

References:

Veeam Update: Community Podcast from VeeamOn London + Agent for Linux

A couple of weeks ago I was lucky enough to be in London attending the Veeam Vanguard Symposium organised and hosted by the Veeam Evangelist Team headed by Rick Vanover. The week was book-ended by the VeeamOn Forum at which I was invited to be part of a panel with other Vanguards hosted by Rick. The discussion was varied and the panel discussed a number of topics relating to backups, cloud, certification and all things Veeam covering multiple technologies ranging from VMware, Microsoft to Hyper-Scale clouds and certifications.

The session was recorded and is now available as a podcast which is embedded below.

Thanks to @Cragdoo @DaveKawula @SuperCristal1@Lost_Signal for making the panel fun and engaging.

Veeam Agent for Linux:

Big news also this week with Veeam releasing the eagerly anticipated public beta for their Linux backup product. This was first announced at VeeamOn in Las Vegas last year and the Vanguards got the low down on the product during the London week..including information about the change of name from Endpoint to Agent. It’s exciting for Veeam to have this as an offering as it acts to complete their existing product set to include native physical or virtual Linux platforms.

Veeam Agent for Linux is a solution that is able to perform image-based backups from inside the guest, both at the file level and the volume level. True incremental backup is enabled by Veeam’s proprietary CBT (change block tracking) driver, a dynamically loadable kernel module

I literally just downloaded and installed in the last five minutes and already have it running on one of my Lab Ubuntu VMs. There are some great applications of this agent when you think about futures around extending the backup repository out to Cloud Connect Backup endpoints. You can’t backup to a Veeam Backup & Repository Server just yet in this beta.

For more information head to the Veeam Blog Post here. And head here to join the public beta.

References:

https://www.veeam.com/blog/veeam-backup-for-linux-beta-is-available.html

https://go.veeam.com/linux

NSX Bytes: NSX 6.2.3 and vShield Endpoint Clarification

NSX-v 6.2.3 has been out for a couple of weeks now and besides the new features and bug fixes there was a significant change to the licensing structure for NSX. Previously there really wasn’t any concept of NSX editions…however 6.2.3 introduced four new tiers. As was announced early May NSX-v comes in Standard, Enterprise and Enterprise Plus. At the time there was still no public mention of what was to happen to existing vCloud Network and Security customers utilizing vShield Endpoint…more so given that vCNS is to be end of lifed in September.

Looking through the release notes for NSX-v 6.2.3 there is a section that talks about the licensing and in addition to the three editions there is a default license which allows use of the vShield Endpoint feature…which is called Guest Introspection under NSX.

Change in default license & evaluation key distribution: default license upon install is “NSX for vShield Endpoint”, which enables use of NSX for deploying and managing vShield Endpoint for anti-virus offload capability only. Evaluation license keys can be requested through VMware sales.

Everyone who is entitled to the vSphere vCloud suits will now download NSX instead of vCNS. Depending on your use case, that will dictate which license you decide to apply, therefore unlocking different features of NSX…People will truly be running NSX everywhere…remembering that as of the current 6.1.x and 6.2.x releases the NSX Manager is a beefed up version of the vShield Manager. The good news for people who are running vShield Endpoint services for Antivirus and other guest introspection tasks will be able to manage this through the Web Client.

In terms of what NSX parts need installing/upgrading from the vCNS bits, you only need to perform a Host Preparation and Guest Introspection install. There is no need to run NSX Controllers or configure VXLAN in order to run Endpoint services…if you want to be able to run those NSX features you will need to request specific NSX edition keys to suit your requirements.

For a complete rundown on NSX-v Licensing Edition features click here.

References:

http://pubs.vmware.com/Release_Notes/en/nsx/6.2.3/releasenotes_nsx_vsphere_623.html

CBT Bugs – VMware Can’t Keep Letting This Happen!

[UPDATE] – VMware have released an official KB for the CBT issue.

Sadly if you recognize the title of this post it’s because this isn’t the first time I’ve felt compelled to write about the continued industry frustration with some repeat ESXi bugs. In February I wrote in general around the recent history of bugs slipping through VMware QA. Four months later and there has been another CBT bug slip through the net…just to reaffirm the core message of my last post I talked about the fact:

There are a number of competing vendors (and industry watchers) waiting to capitalize on any weakness shown in the VMware stack and with the recent number of QA issues leading to a significant bugs popping up not abating, I wonder how much longer VMware can afford to continue to slip up before it genuinely hurts its standing

The one area of absolute concern is the amount of Change Blog Tracking bugs that seems to slip into new builds of ESXi. This time it’s Express Patch 6 for ESXi 6 (Build 3825889) that contains an apparently new symptom of our old friend the CBT Bug. The patch it’s self is a fairly critical one for those running VSAN and VMXNET3 NICs as it addresses some core issues around them but if you use quiesced snapshots duing a VM Backup may have issues with CBT. The vmware.log of a VM being backed up will contain:

vcpu-0| xxxx: SNAPSHOT:SnapshotBranchDisk: Failed to acquire current epoch for disk /vmfs/volumes/
vmdk : Change tracking is not active for this disk xxx.

For a detailed explanation of the issue go to: http://www.running-system.com/take-care-express-patch-6-esxi-6-can-break-backup-cbt-bug/ 

[UPDATE]

VMware Support is aware of this issue and are currently working on it.
This KB article will be updated once the fix for this issue is released.

To work around this issue, apply one of these options:

Again as a Service Provider the CBT bugs are the most worrying because they fundamentally threaten the integrity of backup data which is not something that IT Operation staff or end users who’s data is put at risk should have to worry about and most backup vendor’s use CBT to make backups more efficient. In this case…specifically if you use Veeam the lack of CBT will extend backup windows and increase the chances of VMs not being backed up as expected.

VMware need to continue to nail ESXi (and vCenter) as well as keeping focus on the new products. VSAN, NSX and everything that VMware offers runs on or off of ESXi and though hypervisors are not as front of mind anymore, everything that VMware does relies on ESXi and VMware partners who create products to work with ESXi need it to be stable…especially around backups. Everyone needs to backup with absolute confidence…the more these CBT bugs appear the less confident pundits become…I already hear of people not wanting to go to ESXi 6.0 because of issues like such as this latest one.

That’s not a good place for VMware to be.

Note: I had sat on this post since Friday, but reading through Anton’s Veeam Community Forums Digest this morning where he lamented the lack of QC and repeat issues. He suggest’s that this is the new normal…and that maybe the thing to do is wait and hope for vSphere 6.5…not a good situation. However, like me he also believes that this can be fixed…but it needs to happen before the next release.

References:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2144685

 

 

My Top Ten Albums of All Time

Music for most of us is a passionate and emotional experience…When we listen to great albums and great bands we have the ability to be taken back to key moments in our lives. Music has the power to trigger emotive feelings that are generally buried deep down inside of us. Like most things in my life I am passionate about my music and I tend to stick to the bands and musicians that helped me through my teenage and early adult life.

last week Christian Mohn and Duncan Epping posted a blog listing out their top 10 Albums of all time. I had been discussing this very topic recently so the timing was right to add my contribution to this #vTop10 blogging series. As you will see below my musical passion was forged in the early 90s and I have remained true to the music that got me through my teenage years…Angst filled, heavy rock with a touch of ballad and melody dominated by messy riffs and heavy vocal power.

10 – Nirvana: In Utero

While others would (and have) chosen Nevermind as their top Nirvana album there is something about In Utero that spoke to the 16 year old me. In Utero came after the lesser known, critically hammered Insecticide and was released not long before Kurt Cobain took his own life. To me Heart Shaped Box is such a strong song I hold it higher than Teen Spirit and In Bloom. Beyond Heart Shaped Box, All Apologies and Very Ape standing though the whole album is just raw and angry and you can tell that Kurt was struggling with life and the angst and pain he felt shines through in all the songs. The guitar riffs are a lot thicker in the album and the distortion is on high…put that together with Kurts controlled screaming vocals…That rawness is what made me supersede Nevermind as the only Nirvana album in my top 10.

9 – Weezer: Make Believe

This is probably the softest album in my list but its certainly not short of emotion, passion and great lyrics. Weezer are an interesting band who recently have released albums that probably are best forgotten however they also have some other gems. I saw Weezer a couple of years ago for the 20th Anniversary tour where they played the Blue Album end to end…However Make Believe makes my top 10 because it’s emotional and powerful and contains two amazing songs, Hold Me and Peace. If you haven’t listened to this album I highly suggest giving it a go.

 

8 – Foo Fighters: Color and The Shape Special Edition

For a long time the Foo Fighters where my go to band. I remember downloading There is Nothing Left to Loose via ICQ and playing partially downloaded songs before they completed. Before that, The Color and the Shape announced the arrival of Dave Grohl and the band as a force. To me this album is special because it’s the story of Dave’s relationship with an ex wife. All the songs tell a story and they follow each other in mood and meaning. Monkey Wrench and My Hero are the more well songs from the set however February Stars is by far my favorite song…so much so that it was the song I choose for my first dance with my wife at my wedding.

I choose the Special Edition because it contains some additional songs from Dave’s b-sides and rarities collection including the Theme Song from the X-Files soundtrack, Down in The Park, a brilliant cover of Baker Street and one of Dave’s best b-sides, Dear Lover.

7 – Papa Roach: The Paramour Sessions

If the Foo Fighter where my go to band in the 90’ Papa Roach was that during the 2000s. Not too many people know them past their initial nu-rap/metal releases Infest. I could have probably listed any of the subsequent albums they have released over the past 16 years however The Paramour Session is the standout for me as its represented a shift in Papa Roach’s music from angry rap/metal to more ballad like songs that still contain all the raw pain of the earlier releases but treated that with maturity. Forever, I Devise my own Demise and My Heart is a Fist and Blanket of Fear standout.

 

6 – Foo Fighters: Foo Fighters

Dave Grohl is just talented…in fact he is probably one of of the most important rock musicians of the past 20 years. All through his Nirvana days Dave was creating B-Sides and rarities that where pretty damned good. When Nirvana ended he spent some time in his home studio and put together a bunch of songs that would become the first Foo Fighters Album. Dave played every single instrument for all songs. That’s something that you can tell as the songs are fairly basic and not overly complex but there this doesn’t mean they aren’t brilliant. Alone and Easy Target is my stand with Exhausted close behind it but this is the Album that started it all and it’s been quality release after quality release since then for the past 21 years.

5 – Tool: Ænima

Ænima is by far the hardest sounding album in this list and at first I wasn’t drawn to the Tool sound having come from more grunge based riffs. However this album defined my transition from High School into University. During 1997 I would have played this on high rotation and even had it playing during Uni Lectures and Tutorials. The Tool sound is unique and they don’t pay much attention to melody or beat pattern. They use offbeats to create highly charged music with powerful lyrics. Maynard Keenan is a genius and his vocals are outstanding. The music may be hard but Maynard never looses control and songs like Stinkfist and Ænima are brilliant emotional roller coasters. By far my standout track is Eulogy which clocks in a 8:28 seconds and is almost haunting to listen to until it builds and builds into an powerful climax.

4 – Alice in Chains:  Unplugged

Yes Nirvana has a great Unplugged but Alice in Chains set in my opinion was as special as they come. Not withstanding the fact that it was the first time the band had played in a number of years following lead singer Layne Staley’s substance abuse but it was pretty much the last time the band played in public before Layne overdosed in 2002. There is something about Layne’s voice that’s just different to any other that was around at the time and together with Jerry Cantrell’s backing the two produced some incredible melodies put together with Jerry’s talent for creating riffs that can come out of no where and blow you away. The fact they where able to translate their music to an acoustic set shows the talent this band had. What makes this set even more amazing was that Layne was clearly not all there and certainly under the influence.

I spent many late nights listening to this album but be warned…it’s not one that fills you with joy and happiness. It hurts and is more an album to help you drown sorrows…I know it helped myself and my close friends get through some tough times. Nutshell, Brother, No Excuses and Got me Wrong are the most powerful songs in the set. Actually…they are all brilliant!

3 – Jerry Cantrell: Degradation Trip Volume 1 & 2

Jerry Cantrell recorded two solo albums in between Alice In Chains hiatus and the death of Layne. If you, like me are a 90s grunge fan then do yourself a favor and listen to Boggy Depot (that contained Jerry’s my famous solo releases My Song and Cut You In) and Degradation Trip. I generally combine these two albums together when listening but I choose Degradation Trip Volumes 1& 2 in this list specifically because it’s a double record of haunting, heavy, powerful music. There are no weak songs and if you let yourself listen to the music that Jerry created while locked up in a basement for an undisclosed period of time you will understand the genius behind it.  Siddhartha has some of the best understated solo riffs I’ve ever heard and is a brilliantly constructed song. Other standouts are Pig Charmer, Solitude and Feel the Void…in fact they are all brilliant…even the instrumental Hurts Don’t It?.

Give this album a go…appreciate it and absorb it.

2 – Smashing Pumpkins: Siamese Dream

While I haven’t listened to the Smashing Pumpkins recently I often tell people that Siamese Dream is the greatest of all the 90s grunge/rock albums simply because end to end is hits the mark. Billy Corgan is one strange cat and it shows through his music…while I loved some songs on Mellon Collie and the Infinite Sadness overall it was too experimental (as was subsequent albums) but Siamese Dream is near perfect. Starting off with the power Cherub Rock, through to Disarm and then my standout track Soma. Soma is a masterpiece…starting off low and slow and building to an amazingly powerful crescendo. And just when you think the album can’t get any better, Geek USA comes off and finishes things hard. I can’t say enough about Siamese Dream and it was tough not having it as my #1…not withstanding that I still have memories of keeping the CD in my pencil case at school…guarding it with my life…it meant that much to me.

1 – Stone Temple Pilots: Core

Core takes my #1 spot not only because it’s a masterpiece of rock it was the song (Plush) and the album that changed my musical taste from 90s pop/rap (which is still don’t mind) to the guitar heavy, distorted goodness of grunge/rock. I will never forget my school mate when I was 14 handing me this CD telling me to give it a go. When I got home I played it for the first time and when I clicked play on Dead and Bloated something changed inside me.

Que Scott:

I AM SMELLING LIKE THE ROSES SOMEBODY GAVE ME ON MY BIRTHDAY DEATHBED!…

I AM SMELLING LIKE THE ROSES SOMEBODY GAVE ME ON MY BIRTHDAY DEATHBED!…

I AM SMELLING LIKE THE ROSES SOMEBODY GAVE ME ME CAUSE I’M DEAD AND BLOATED!

Enter drums and a heavy riff…and that’s it…the rest is history for me. The rest of the songs are powerful but what I love about STP is that they do the power ballad so well…(not in a Nickleback kinda way)…I’m talking power grunge/rock ballad.

I do believe that Scott Weiland has the best voice of all 90’s bands in this genre…yes, even better than Eddie Vedder’s. Many called him a clone of Vedder but he was a lot more…mainly because he obviously had a lot more demons to deal with and again…raw emotion and pain shine through in Core and subsequent STP Albums…they are all brilliant and I was cut down a little last year when Weiland finally succumbed to his substance abuse.

Core should go down as one of the greatest of all time!

Conclusion:

So that’s it…it took a little longer than expected to put this together and I would encourage others out there to continue this series as the just writing about the albums and songs brings back memories and emotions and feelings that your had probably locked away for safe keeping. This is what music does…this is why it’s so powerful.

Veeam 9.5: Beefed Up Support for vCloud Director

Veeam have only announced two features of their upcoming v9.5 release of Backup & Replication but it’s exciting to announce that they have chosen to release details of a new enhancement of their vCloud Director support as their third reveal. Veeam Backup & Replication v9.5 will give vCloud Air Network Service Providers the ability to tap into a new set of RESTful APIs that adds tenanted, self service capabilities from which to offer Veeam based backup and restores with. These new features can be consumed by SPs either by integrating the features into existing portals or by way of a new Self Service Web Portal that muti-tenanted that is provided by the Veeam Enterprise Manager.

I was lucky to get a sneak peak at this last week at a Veeam Vanguard event in London and Luca Dell’Oca gave us a demo of some pre beta code of the solution. Suffice to say the SPs in the room where delighted and I was certainly not expecting this from Veeam. Veeam have always had strong vCloud Director support and this certainly adds to it’s feature set and solves a significant source of time wastage by Service Provider Help Desk teams in having to deal with restores of VMs, Server Applications and files. Thinking about what that means…SPs that use Veeam Backup & Replication together with vCloud Director will have arguably the best most feature rich backup and restore options of any cloud platform in existence today.

For a more detailed look at some of it’s features visit the link to the Veeam Blog below:

https://www.veeam.com/blog/enhanced-vmware-vcloud-director-support.html

Great to see Veeam supporting vCloud Director on the back of the re-commitment from VMware over the platform late last year. I applaud Veeam for continuing to support Service Provider features in their Backup & Replication suite and this new vCD Self Service Portal goes nicely with Cloud Connect and Cloud Connect Replication.

Well done to the team and can’t wait to be able to offer this to our customers!

NSX Bytes: Trend Deep Security 9.6 DSVA Deployment Gotchya

This week I’ve been working with Trend Deep Security 9.6 to get a Proof of Concept up and running to protect some internal management virtual machines with Trends agentless protection feature. Trend now integrates with NSX and In an NSX enabled environment, the Deep Security Virtual Appliance (DSVA) provides Anti-Malware, Integrity Monitoring, Web Reputation Service, Firewall, and Intrusion Prevention for your virtual machines, without requiring an Agent.

After following the Install Guide and having installed the Deep Security Manager and connected the vCenter and NSX Managers through the DSM Web Console I installed the NSX Guest Introspection ESX Agents under Service Deployments and got to the part to deploy the Trend Micro Deep Security Service from the same location in the Web Client I got the following error.

Checking the Service Definitions menu under Trend Micro I saw that the Deployment settings looked correct as per the install guide. Heading to the URL provided I got an error from the DSM saying that there was a database error and the file was not found…matching the error above.

After a little digging I checked to see what was listed in the DSM Local Software repository and couldn’t see the ESX Agent in the list. This needs to be imported first before you can use the Service Deployment section to deploy the Trend Micro DSVAs (Download Link). Under > Updates > Software > Local page and click Import. Once imported you should see the following.

Once that has been done you can click on the Resolve Button in the System Alarm window of the NSX Service Deployment section and the appliances will be deployed as version 9.5 as shown below.

Important Note:
EDIT: Trend has responded in the comments:

As mentioned on the download page:

If you are implementing Agentless protection, install the 9.5 version of the DSVA and import the Agent Software for Red Hat Enterprise Linux 6 64-bit package. Afterward, the DSVA will be able to upgrade to the version 9.6…but DONT! 

Upgrade Notice: Version 9.6 of the DSVA is limited to providing Anti-Malware and Integrity Monitoring protection for your virtual machines. If you need pure Agentless protection with Anti-Malware, Firewall, Intrusion Prevention and Integrity Monitoring, do not activate the Deep Security Agent on the VMs and do not upgrade your DSVA to 9.6.

So if you want that agentless protection for all Trend Deep Security features as listed above do not upgrade to the 9.6 version of the DSVA. I’m not sure why this is the case, but I will chase this up and update this post when I know more.

References:

http://docs.trendmicro.com/all/ent/ds/v9.6/en-us/Deep_Security_96_Install_Guide_nsx_EN.pdf

http://downloadcenter.trendmicro.com/index.php?regs=NABU&clk=latest&clkval=4856&lang_loc=1

Released: PernixData FVP 3.5 and Architect 1.1

PernixData has released version 3.5 of their FVP acceleration platform as well as version 1.1 of their Architect storage intelligence platform. Compared to previous releases the list of new features is relatively small however there are a few new features that are worth the upgrade from previous versions.

Architect 1.1:

Probably the biggest addition in this release is the introduction of a standalone PernixData Management Server Appliance that can be used an an alternative to the installed management service that previously only run on Windows. This had been a common request by PernixData clients so its good to see that they have responded and released the VSA. The Management Appliance contains a built-in PostgresDB though it does have the option to connect to an external MSSQL in order to preserve a current config.

Along with the new VSA there have been some improvements to the PDF Reporting and that reporting will now ignore blacklisted VMs that are ignored in the working set calculations. There are also some improvements to the clickability of the VM Performance graphs that take through through to VM performance data when clicked.

FVP 3.5:

For FVP the biggest addition is support for both physical and virtual RDMs though there are limits in that all hosts must be on the latest version of FVP, MSCS and Oracle Clusters are not supported and there are conditions around the use or third part backup applications. Along with that there is increased search functionality for large environments and some better metrics for read and write operations.

Apart from the new features there are a number of general bug fixes and platform improvements as contained in the Release Notes. FVP is an amazingly simple and elegant solution for those wanting to get more out of their existing backend storage or looking to add new levels of performance via SSD or PCI Based Flash…FVP 3.5 and Architect 101 software, along with documentation, is available on the PernixData support portal at http://support.pernixdata.com.  

« Older Entries