Archive for General

Anthony Spiteri | 05/29/2013
No comments

vExpert 2013

vmw_logo_vmware-expert_250x100_01

Almost exactly 12 months ago to the day I kicked off this site with this article describing my journey in virtualization leading up to my first vExpert 2012 Award. 27 posts and 1 year later I’m humbled again to be awarded with vExpert status for 2013.

The VMware community is unbelievably strong and it’s safe to say that over the past 12 months I’ve made a lot of new friends and been involved in lots of special forums and events as well as being continually amazed by the power of virutalization by way of delivering VMware products and services to clients and being able to get hands on with upcoming product releases.

This is a community award… and in that most of the people awarded the vExpert badge are people that go over and above to share their passion and love of the technology they work with on a daily basis…for the most part the sharing and evangalisation of that knowledge is done in addition to their day jobs…the title of my blog is “Hosting is Life” and in many ways that exemplifies the dedication that this kinda of award entails.

Special thanks to John Troyer for putting this together and VMware for the award…and a special mention to the Australian vExpert list that has more than tripled from last year.

Full List Here: http://t.co/QGZtGudVol

UPDATE:There has been debate/confusion on the credibility of the vExpert class of 2013…the numbers have swelled by about 100 from the 2012 class and with that a couple people are questioning the value of the award. From reading in between the Tweet’s being fired off yesterday it seems that there where about 850 applicants for this years awards so the question of everyone being accepted isn’t valid…however there is danger in the credibility of the award being diluted in the future if tighter selection criteria is not put into place…one the one hand, it’s great to see the numbers swelling because it means that there are more people active in support of VMware in the community, but VMware may need to put a greater emphasis around keeping the numbers tight.


Category: General, VMware | Tags:
Anthony Spiteri | 05/19/2013
No comments

First Look: CloudPhysics Card Designer

The boys at CloudPhysics are working hard behind the scenes at adding new features to their current stable of Analytic Cards based on data collected from their Probe VA’s hooked into vCenter environments.

Check out this post on their DataStore Contention Card:

For a general overview, go here: I am a massive fan of analytics and trend metrics and I use a number of systems to gain a wide overview of the performance and monitoring of our Hosting and Cloud Platform.

A few weeks ago, the CloudPhysics team released to a limited number of users a Custom Card Designer. This pretty much lets you construct custom cards based on a huge number of metrics presented via a builder wizard.

cp_cd

Cards you design and save are listed on the page above. From here you can view your custom cards and edit them if they require tweaking. Once you click the Create Card + button you are presented with a list of property data metrics from which to construct your card.

cp_cd3

Properties fall under four main categories and there are a large number of available metrics under each category. The wizard lets you drag and drop items into the builder window. From there you can preview and then save your custom card for future use.

As a quick example I needed a quick way to see which datastores where connected to their respective hosts in each cluster so that consistency in datastore availability was maintained. It was as simple as dragging across Host:Name and Host:Datastore, putting in a filter to only view hosts of a certain name it was ready to go.

cp_cd4

You have the option to preview and continue editing, or saving to the Card Designer main page. From that page you can execute the query. The results of my quick test card are shown below.

cp_cd5

One thing I would like to see is an option to export the results to a csv or excel document…but other than that it’s a great example of what CloudPhysics is all about…data and how to get the most out of it as efficiently as possible.

Category: General, VMware | Tags: , , ,
Anthony Spiteri | 05/03/2013
No comments

VMware PEX ANZ 2013 Thoughts – Software Defined Storage

I was luckey to attend PEX at Australia Technology Park this week and thought I would share some of my take always. The venue was a little different to what you would come to expect from a tech event in Sydney… Usually we are in and around Darling Harbour at the Convention Centre… And even if there where whispers of VMware being late to book the event in the city the surroundings of the old rail works in Redfern refurbished and transformed into a spectacular Centre for technology and innovation fits.

There is a fundamental shift happening in how we consume IT and pretty much all leading technology vendors are in the process of embracing that change. VMware have chosen to focus on three key areas and after a few years of letting the dust settle they have three main pillars of focus.

Software Defined Datacenter
Hybrid Cloud
End User Computing

I’ve written about EUC and their Hybrid Cloud Offerings in the past so I’m not going to focus on that in this post…but the one thing I will say is that VMware still have a material understanding of where their partners sit in the ecosystem and still see them being central to their offerings… As a Service Provider guy working for a vCloud Powered provider there is some concern around the vHPC platform that will be deployed globally over the next few years… But we need to understand that there has to something significant in the Public Cloud space in order to compete with AWS and Google … And maybe Microsofts Azure. AWS is a massive beast and will only be slowed by its own success…will it get too big and product heavy… therefore loosing focus on the basics. There has been the evidence in recent weeks about increasing issues with instance performance due to capacity issues.

With regards to the SDDC push … Last year was the year of network virtualisation but what excites me more at this point is the upcoming features around software defined storage. There has been an explosion of software based storage solutions coming on the market over the past 18 months and VMware have seen this as a key piece to the SDDC.

vVOLs and vSANs represent a massive shift in how vSphere/vCloud environments are architected and engineered. Storage is the biggest pain point for most providers and traditional SANs might have well run their race. There is no doubt that storage arrays are still relevant but with the new technology behind virtual sans on the horizon direct access storage will start to feature… Where we had limitations around availability and redundancy previously the introduction of technology that can take DAS and create a distributed virtual San across multiple hosts excites me.

Why tier and put performance on a device that’s removed from the compute resource? It’s logical to start bringing it back closer to the compute.

Not only to you solve the HA/DRS issue but, given the right choices in DAS/flash/embedded storage there is potential to offer service levels based on low latency/high IOP data store design that takes away the common issue with shared LUNs presented as VMFS or NFS mounts for data stores. Traditional SANs can certainly still exist and this set and in fact will still be critical to act as lower tier high volume storage options.

For a technical overview of VMware Distributed Storage check out Duncan Eppings (@DuncanYB) Post here: There is also a slightly dated VMwareKB overview by Cormac Hogan (@VMwareStorage) that I have embedded below…note that it’s only the tech preview, but if it’s any indication of what’s coming later in the year…it can’t come soon enough.

Being able to control the max/min number of IOPs garunteed to VM/VMDK similar to the way in which you can select the IOP performance on AWS instances is worth the price of admission and solves the current limitations of vSphere in that you can only set max values to block out noisy neighbors.

Vendors that are already pushing out solutions around storage virtualization continue the great work…anything that sits on top of this technology and complements/improves/enhances it can only be a good thing.

It’s the year of storage virtualization…

Additional Reading:

http://www.yellow-bricks.com/2013/03/06/why-the-world-needs-software-defined-storage/
http://www.yellow-bricks.com/2013/04/05/software-defined-storage-just-some-random-thought/
http://www.nexenta.com/corp/products/what-is-openstorage/what-is-software-defined-storage
http://cto.vmware.com/2013-predictions-the-year-of-software-defined-storage/
http://virsto.com/blog/the-missing-link-in-software-defined-storage
http://www.nutanix.com/evolution-of-the-data-center/

Category: General, VMware | Tags: , , , , ,
Anthony Spiteri | 04/10/2013
No comments

Passion

During last weeks #APACVirtual Podcast (Episode 70 – Engineers Anonymous pt1 – Engineer2PreSales) the panelists (of which, I was one) where discussing what it took to become a successful candidate in transitioning from a technical engineering role to a pre-sales/architecture role. It was universally agreed upon that passion is a much sort after trait in those roles. Someone who is passionate about what they are doing can overcome almost any professional deficiency and succeed where others might fail. It was discussed that someone who is seen to be passionate is a more sort after asset than someone who is simply technically brilliant.

I’m a passionate guy…those that know me generally would describe me as such. When I find something I love I tend to embrace it with all that I have and it becomes a driving force in life…I wear my heart on my sleeve in most aspects of life…be it family, playing cricket or work, and for each of those…passion manifests it’s self in different ways.

I’ve mulled over this post for about a week now…it’s been written and re-written a number of times as I try to best represent and explain passion and how it can contribute to a successful and rewarding career in IT. At the end of the day I can’t explain passion with any great level of verbal prowess…it’s too much of a basic raw emotion!

Passion is something you have, or don’t have…it’s a driving force that makes you strive to better yourself and it fuels the fire within to drives you to succeed and excel in anything you attempt in life.

Passion has the ability to lay down the foundation of a lasting legacy…

I posses a driving force when it comes to my work…I truly believe in the technology I work with…When talking with colleagues and clients alike, I am always passionate in my evangalization of those products and technologies.

My current passion lies within Hosting and Cloud technologies and i’m a big believer in what VMware is doing in the market at the moment. Previously I was (still am to a lessor extent) passionate around Hosted Exchange services and other Microsoft technologies…in that, the driver of passion can change depending on current circumstance and in my case, the agent of change was directly related to the way Microsoft started treating their partners…that and I was consumed by the vSphere, ESX, vCloud Virtualization stack and the power of transformational change it can offer clients…look no further than the EUC push for evidence of this change.

Not everyone possess passion, and I see examples of people without passion everyday…I can’t comprehend this…I can’t understand people that work without anything truly driving them…

One person with passion is better than forty people merely interested.

— E. M. Forste

Again, it’s almost impossible to represent what drives me…but I know i’d rather be passionate in life than not.


Category: General | Tags: , , ,
Anthony Spiteri | 03/04/2013
One comment

DDoS Annihilation – What Can Service Providers Do?

Recently we have experienced a series of DDoS attacks against client hosted sites that resulted in varying level of service outages to hosted services across a section of our hosting platform. In my 10+ years of working in the hosting industry this series of attacks was by far the most intense I’ve experienced and certainly was the most successful in terms of achieving the core goal of a DDoS.

On the one hand, as a collective you might think “…we had been lucky to avoid an attack up to this point” while on the other hand you are dealing with the misguided expectations of clients that you are protected against such attacks and when you explain the realities of a DDoS to a customer who is expecting 100% up-time the responses generally encountered is along the lines of “…I thought you said your service will never go down?” or “…I thought you have full redundancy?”

The absolute reality (that I have no problem in explaining to clients) is that most, if not all service providers are pretty helpless against a DDoS dependent on the size and scale of the attack. In our case we where able to mitigate the service disruption by re-routing all traffic to the affected IP to a NULL route at our carrier edge which reduced the load under which the firewall had been placed under which in turn caused the CPU to spike…making the DDoS successful in it’s end game.

So what can be done to mitigate the risk a DDoS presents? Service Providers can look at spending money by purchasing extremely expensive IDS systems and/or larger capacity routing and firewall devices that might only shield against and attack a little more effectively than less expensive options. An example there is that if a firewall device is capable of 10,000 connections per second and 100,000 total connections a DDoS will look to saturate it’s capability to a point where it’s memory and/or CPU resources are consumed trying to process the attack traffic…upgrading to a device capable of 20,000 connections per second and 200,000 total connections will only serve to buffer the resources that little bit longer which might give you more time to mitigate the attack…but the point that’s made here is that…

…service provider resources will always come off second best if an attack is large enough.

And this is the really scary thing for service providers…if someone (individual or organisation) wants to maliciously target your network and/or a client service hosted on your network and they want to inflict maximum service disruption…the best thing that can be done is attempt to mitigate where possible and ride it out.

There are a number of sites that track and list current and trending DDoS attack frequency and origin…one of the better ones I’ve come across is Prolexic’s real time Attack Tracker linked below.

Companies such as Prolexic generally provide services and physical devices that are linked to global networks that act to shield client networks from attacks similar to ways in which SenderBase.org shields email users from obvious SPAM. In discussions with Steven Crockett (Anittel CTO) he described a service which effectively re-routes traffic at the upstream providers end to route through overseas carrier networks who’s connectivity throughput allows otherwise crippling DDoS traffic to be filtered and cleaned before being sent onto it’s destination. This service isn’t site or service specific but involved routing entire subnets…so at this level it’s much more expensive and holistic than reverse proxy content delivery networks.

Working with a CDN will add protection in the form of a value-add service to current service offerings.

So what alternative measures can service providers take to add some level of protection to their key client/internal services. Unless the SP is loaded with more cash than it knows what to do with (at which point there is a case to scale out/upgrade the hosting platform itsself) the only option is to utilize the services of bigger companies that run dedicated Content Delivery Networks.

CDN companies are popping up all over internet, and while a company like Akamai have dominated the website caching market for many years, CDN’s are becoming more the norm whereby caching of static site content is making way for reverse proxy DNS redirection. In wake of the DDoS attacks experienced recently I’ve been testing a couple of the better known CDN providers. One of the those is CloudFlare. The way that a CloudFlare, or Amazon Web Services CloudFront works is by taking over a websites DNS records and use geo-routing to distribute visitors through their CDN network which also filters for potential DDoS or other malicious traffic that would otherwise hit the origin web server.

CDN services are charged generally on a usage basis which commoditizes the service, however CloudFlare charge per site, with their business plans going around the $200 per month mark. For a service providers customer after added insurance against a DDoS or even to generally attempt to increase site responsiveness and performance I believe it’s a no brainier in the age of increasingly brutal DDoS attacks to offer these services as a value-add. At the end of the day the more sites a Service Provider fronts with CDN’s the better able their own hosting network will be able to deal with the inevitability of a DDoS.

One final point to make on going down the CDN path is to ensure that customers understand that their sites are still subject to downtime…this is best illustrated by CloudFlare’s recent outage on the 3rd of March 2013, due to a router bug propagated into their network during a routine DDoS prevention exercise. To their credit, they where very open and transparent of the Root Cause while sites where offline for a period of time, there where options available to re-route the site DNS records back to the origin such is the flexibility of offering a service such as this to service provider clients.

A Hypothetical…

So what’s the title all about? DDoS Annihilation? In my opinion we are getting closer to DDoS events on such large scales that they will have the potential to take down the majority of all service provider and carrier networks which, in turn will have huge social and economic impact around the globe. We don’t have to wait for a Coronal Mass Ejection to blackout the planet…a massive DDoS has the ability to inflict severe damage.

Near on 1 Billion internet hosts used against us in an global DDoS?? No network has the ability to handle that!

Category: General | Tags: , ,
« Older Entries