Category Archives: vCloud

What’s in a name? VSPP to vCAN to VCPP

Prior to VMworld there where rumours floating around that the vCloud Air Network was going to undergo a name change and sure enough at VMworld 2017 in the US, the vCAN was no more and that the VMware Cloud and Service Provider program would be renamed to the VMware Cloud Partner Program. There has been a number of announcements around the VCPP including the upcoming release of vCloud Director 9.0, a new verification program and also at VMworld Europe new cross cloud capabilities with VMware HCX.

VMware is continuing to make significant investments to expand and enhance our portfolio of cloud products and services. At the same time, we will continue to grow and refine our program to better address your needs as a partner and, as a result, enable you to provide even better cloud service options to our mutual customers around the globe.

The VMware Cloud Verified program is interesting and I’m still a little unsure what it delivers above and beyond non verified VMware Clouds…however it seems like a good logo opportunity for providers to aspire to.

This name change was expected given the wrapping up of vCloud Air, however from talking with a lot of people within the old vCloud Air Network, the name will be missed. To me it was the best thing to come out of the whole vCloud Air experiment but I understand why it had to be changed. This isn’t so much a fresh start for the program but more of a signal that it’s growing and improving and is looking to remain a key cornerstone of VMware multi/hybrid cloud strategy.

Even though I am out of the program and not working for a partner anymore, I am very much connected by way of my interactions with the Veeam Cloud and Service Provider program (VCSP) and the success of both is tied back to not only the individual companies remaining innovative and competitive against the large hyper-scalers. It’s also incumbent on VMware and Veeam to continue to offer the tools to be able to make our providers successful.

As a critical component of the Cloud Provider Platform, the recently-announced vCloud Director 9.0 (vCloud Director 9.0 announcement blog) enables simplified cloud consumption for tenants, a fast path to hybrid services, and rapid vSphere-to-cloud migrations for cloud providers worldwide. VMware continues to demonstrate its commitment to investing in the critical products, tools, and solutions that help cloud providers rapidly deploy and monetize highly scalable cloud environments with the least amount of risk.

The name doesn’t matter…but the technology and execution of service sure as hell does!

Note: Visit CloudProviders.VMware.com. Subscribe to the VMware Cloud Provider Blog, follow @vmwarecloudprvd on Twitter or ‘like’ VMware Cloud on Facebook for future updates.

VMworld 2017: vCloud Air Network Again Out in Force

Last year saw a resurgence in vCloud related sessions at VMworld and the trend has continued this year at the 2017 event. Looking through the sessions at Partner Exchange and VMworld proper the refocus on the vCloud Air Network that was announced at VMworld 2015 has gathered steam. This together with the subsequent release of vCloud Director SP 8.20 and the pending release of the next version of vCD, things are looking good for service providers that have built their platforms on VMware technologies.

If you are attending Partner Exchange there are a number of sessions that should be on your list for the Sunday. The sessions seem to be down on last year but that’s due to vCloud Air no longer being a going concern. I’ve listed down my top picks below added links to them for easy searchability in the VMworld Session Catalog. I’ve added a session on AWS and a session on vSAN as service providers should understand how both technologies fit into their strategy.

  • PAR4360BU – Cloud Service Provider Platform: Evolution and Future
  • PAR4358BU – How to Build a Hybrid Cloud Using NSX and vCloud Director-A Service Provider Perspective
  • PAR4383BU – Delivering Hybrid Cloud Architectures for Your Customers with VMware Cloud on AWS
  • PAR4382BU – Embracing VMware Cloud on AWS – How Can You Deliver Value to Your Customers
  • PAR4367BU – What’s New in vSAN 6.6 – A Deep Dive 

Looking through the breakout sessions there are 20 sessions directly relating to vCloud Director which is an excellent result. The rest that i’ve listed below tie in a mix of disaster recovery, hybrid cloud and NSX related networking sessions.

  • LHC1661BU—Getting Started with vCloud Air Network (Technical Tips and Tricks)
  • LHC1716BU—On-Ramp to the Cloud: Migration Tools and Strategies
  • LHC1753BU—Case Study: How VMware NSX Is Empowering a Service Provider to Help Customers Achieve and Maintain Industry Compliance
  • LHC1809BU—Use NSX to Deploy a Secure Virtual Network Bridging Multiple Locations for a True Hybrid Cloud
  • LHC1951BU—Automated Cloud Recovery for When You are Nuked from Orbit
  • LHC2424BU—200 to 40,000 VMs in 24 Months: Building Highly Scalable SDDC on Hybrid Cloud: Real-World Example
  • LHC2573BU—Achieving Hybrid Cloud Data Agility Securely with VMware NSX
  • LHC1739GU—Disaster Recovery to the Cloud: What Has Changed in the Past Year?
  • LHC3179GU—Choosing the Ideal Cloud Provider Partner
  • LHC3180GU—Effective DR Strategies
  • LHC1566PU—Ask the vCloud Air Network Cloud Experts
  • LHC3139SU— Achieving Success in a Multi-Cloud World
  • LHC2626BU—Build VMware Powered Hybrid Clouds: See How vCloud Director and NSX work together to build true Hybrid Clouds

There are also a number of vCloud Air Network partners on the exhibit floor.

  • CenturyLink
  • OVH
  • Faction
  • phoenixNAP
  • Fujitsu
  • Rackspace
  • IBM
  • SkyTap
  • iland
  • SwissCom
  • Navisite
  • Virtustream

Apart from what I have listed above there will also be a lot of vCAN talent hovering around the conference so make sure you make an effort to connect, network and share vCAN experiences. The vCloud Air Network is a symbiotic ecosystem and if the vCAN grows stronger…the ecosystem grows stronger.

#LongLivevCD

References:

Have You Signed Up for Your VMworld Cloud Provider Sessions?”

Reserve Your Seat Today to Learn How vCloud Air Network Partners Can Accelerate Your Success in the Cloud

CPU Overallocation and Poor Network Performance in vCD – Beware of Resource Pools

For the longest time all VMware administrators have been told that resource pools are not folders and that they should only be used under circumstances where the impact of applying the resource settings is fully understood. From my point of view I’ve been able to utilize resource pools for VM management without too much hassle since I first started working on VMware Managed Service platforms and from a managed services point of view they are a lot easier to use as organizational “folders” than vSphere folders themselves. For me, as long as the CPU and Memory Resources Unlimited checkbox was ticked nothing bad happened.

Working with vCloud Director however, resource pools are heavily utilized as the control mechanism for resource allocation, sharing and management. It’s still a topic that can cause confusion when trying to wrap ones head around the different allocation models vCD offers. I still reference blog posts from Duncan Epping and Frank Denneman written nearly seven years ago to refresh my memory every now and then.

Before moving onto an example of how overallocation or client undersizing in vCloud Director can cause serious performance issues it’s worth having a read of this post by Frank that goes through in typical Frank detail around what resource management looks like in vCloud Director.

Proper Resource management is very complicated in a Virtual Infrastructure or vCloud environment. Each allocation models uses a different combination of resource allocation settings on both Resource Pool and Virtual Machine level

Undersized vDCs Causing Network Throughput Issue:

The Allocation Pool model was the one that I worked with the most and it used to throw up a few client related issues when I worked at Zetttagrid. When using the Allocation Pool method which is the default model you are specifying the amount of resources for your Org vDC and also specifying how much of these resources are guaranteed. The guarantee means that a reservation will be set and that the amount of guaranteed resources is taken from the Provider vDC. The total amount of resources specified is the upper boundary, which is also the resource pool limit.

Because tenants where able to purchase Virtual Datacenters of any size there was a number of occasions where the tenants undersized their resources. Specifically, one tenant came to us complaining about poor network performance during a copy operation between VMs in their vDC. At first the operations team thought that is was the network causing issues…we where also running NSX and these VMs where also on a VXLAN segment so fingers where being pointed there as well.

Eventually, after a bit of troubleshooting we where able to replicate the problem…it was related to the resources that the tenant had purchased or lack thereof. In a nutshell because the allocation pool model allows the over provisioning or resources not enough vCPU was purchased. The vDC resource pool had 1000Mhz of vCPU with a 0% reservation but he had created 4 dual vCPU VMs. When the network copy job started it consumed CPU which in turn exhausted the vCD CPU allocation.

What happened next can be seen in the video below…

With the resource pool constrained ready time is introduced to throttle the CPU which in turn impacts the network throughput. As shown in the video when the resource pool has the the unlimited button checked the ready goes away and the network throughput returns to normal.

Conclusion:

Again, its worth checking out the impact on the network throughput in the video as it clearly shows what happens what tenants underprovision or overallocate their Virtual Datacenters in vCloud Director. Outside of vCloud Director it’s also handy to understand the impact of applying reservations on Resource Pools in terms of VM compute and networking performance.

It’s not always the network!

References:

http://www.vmware.com/resources/techresources/10325

http://frankdenneman.nl/2010/09/24/provider-vdc-cluster-or-resource-pool/

http://www.yellow-bricks.com/2012/02/28/resource-pool-shares-dont-make-sense-with-vcloud-director/

https://kb.vmware.com/kb/2006684

Allocation Pool Organization vDC Changes in vCloud Director 5.1

Worth a Repost: “VMware Doubles Down” vCloud Director 8.20

It seems that with the announcement last week that VMware was offloading vCloud Air to OVH people where again asking what is happening with vCloud Director….and the vCloud Air Network in general. While vCD is still not available for VMware’s enterprise customers, the vCloud Director platform has officially never been in a stronger position.

Those outside the vCAN inner circles probably are not aware of this and I still personally field a lot of questions about vCD and where it sits in regards to VMware’s plans. Apparently the vCloud Team has again sought to clear the air about vCloud Director’s future and posted this fairly emotive blog post overnight.

I’ve reposted part of the article below:

Blogger Blast: VMware vCloud Director 8.20

We are pleased to confirm that vCloud Director continues to be owned and developed by VMware’s Cloud Provider Software Business Unit and is the strategic cloud management platform for vCloud Air Network service providers. VMware has been and continues to be committed to its investment and innovation in vCloud Director.

With the recent release of vCloud Director 8.20 in February 2017 VMware has doubled down on its dedication to enhancing the product, and, in addition, is working to expand its training program to keep pace with the evolving needs of its users. In December 2016 we launched the Instructor Led Training for vCloud Director 8.10 (information and registration link) and in June 2017 we are pleased to be able to offer a Instructor Led Training program for vCloud Director 8.20.

Exciting progress is also occurring with vCloud Director’s expanding partner ecosystem. We are working to provide ISVs with streamlined access and certification to vCloud Director to provide service providers with access to more pre-certified capabilities with the ongoing new releases of vCloud Director. By extending our ecosystem service providers are able to more rapidly monetize services for their customers

Again, this is exciting times for those who are running vCloud Director SP and those looking to implement vCD into their IaaS offerings. It should be an interesting year and I look forward to VMware building on this renewed momentum for vCloud Director. There are many people blogging about vCD again which is awesome to see and it gives everyone in the vCloud Air Network an excellent content from which to leach from.

The vCloud Director Team also has a VMLive session that will provide a sneak peek at vCloud Director.Next roadmap. So if you are not a VMware Partner Central member and work for a vCloud Air Network provider wanting to know about where vCD is heading…sign up.

#LongLivevCD

vCloud Air Sold to OVH – Final Thoughts On Project Zephyr

I’ve just spent the last fifteen minutes looking back through all my posts on vCloud Air over the last four or five years and given yesterday’s announcement that VMware was selling what remains of vCloud Air to OVH Going over the content I thought it would be pertinent to write up one last piece on VMware’s attempt to build a public cloud that tried compete against the might of AWS, Azure, Google and the other well established hyper-scalers.

Project Zephyr:

Project Zephyr was first rumoured during 2012 and later launched as VMware Cloud Hybrid Services or vCHS…and while VMware pushed the cloud platform as a competitor to the hyper-scalers, the fact that it was built upon vCloud Director was probably one of it’s biggest downfalls. That might come as a shock to a lot of you reading this to hear me talk bad about vCD, however it wasn’t so much the fact that vCD was used as the backend, it was more what the consumer saw at the frontend that for me posed a significant problem for it’s initial uptake.

VMworld – Where is the Zephyr?

It was the perfect opportunity for VMware to deliver a completely new and modern UI for vCD and even though they did front the legacy vCD UI will a new frontend it wasn’t game changing enough to draw people in. It was utilitarian at best, but given that you only had to provision VMs it didn’t do enough to show that the service was cutting edge.  Obviously the UI wasn’t the only reason why it failed to take off…using vCD meant that vCloud Air was limited by the fact that vCD wasn’t built for hyper-scale operations such as individual VM instance management or for platform as a service offerings. The lack of PaaS offerings in effect meant it was a glorified extension of existing vCloud Air Network provider clouds…which in fact was some of the key messaging VMware used in the early days.

The use of vCD did deliver benefits to the vCloud Air Network and in truth might have saved vCD from being put on the scrapheap before VMware renewed their commitment to develop the SP version which has resulted in a new UI being introduced for Advanced Networking in 8.20.

vCloud Air Struggles:

There was no hiding the fact that vCloud Air was struggling to gain traction world wide and even as other zones where opening around the world it seemed like VMware where always playing catchup with the hyper-scalers…but the reality of what the platform was meant that there never a chance vCloud Air would grow to rival AWS, Azure and others.

By late 2015 there was a joint venture between EMC’s Virtustream and VMware vCloud Air that looked to join the best of both offerings under the Virtustream banner where they looked to form a new hybrid cloud services business but the DELL/EMC merger looked to get in the way of that deal and by December 2015 the idea has been squashed.

vCloud Air and Virtustream – Just kill vCloud Air Already?!?

vCloud Air and Virtustream – Ok…So This Might Not Happen!

It appeared from the outside that vCloud Air never recovered from that missed opportunity and through 2016 there where a number of announcements that started in March when it was reported that vCloud Air Japan was to be sold to the company that was effectively funding the zone and effectively closed down.

HOTP: vCloud Air Japan to be Shutdown!

Then in June VMware announced that Credit Card payments would no longer be accepted for any vCloud Air online transactions and that the service had to be bought with pre purchased credits through partners. For me this was the final nail in the coffin in terms of vCloud Air being able to compete in the Public Cloud space.

vCloud Air – Pulling Back Credit Card Payments

From this point forward the messaging for the use case of vCloud Air had shifted to Disaster Recovery services via the Hybrid Cloud Manager and vSphere Replication services that where built to work directly from vSphere to vCloud Air endpoints.

vCloud Air Network:

Stepping back, just before VMworld 2014, VMware announced the rebranding of vCHS to what is now called vCloud Air and also launched the vCloud Air Network. Myself and others where pretty happy at the time that VMware looked to reconnect with their service provider partners.

With the announcement around the full rebranding of vCHS to vCloud Air and Transforming the VSPP and vCloud Powered programs to the vCloud Air Network it would appear that VMware has in fact gone the other way and recommitted their support to all vCloud Server Providers and has even sort out to make the partner relationship stronger. The premise being that together, there is a ready made network (Including vCloud Air) of providers around the world ready to take on the greater uptake of Hybrid Cloud that’s expected over the next couple of years.

So while vCloud Air existed VMware acknowledged that more success was possible through support the vCloud Air Network ecosystem as the enabler of hybrid cloud services.

Final Final Thoughts:

To say that I’ve had a love hate relationship with the idea of VMware having a public cloud is reflected in my posts over the years. In truth myself and others who formed part of the vCloud Air Network of VMware based service providers where never really thrilled about the idea of VMware competing directly against their own partners.

vCHS vs. vCloud Providers: The Elephant in the Cloud

I would now say that many would be glad to see it handed over to OVH…because now VMware does not compete against it’s vCAN Service Providers directly, but can continue to hopefully focus on enabling them with the best tools to power their own cloud or provider platforms and help the network grow successfully as what the likes of OVH, iLand, Zettagrid and others have been able to so.

Pat Gelsinger statement in regards to the sale to OVH are very postive for the vCloud Air Network and I believe for VMware hybrid cloud vision that it revealed at VMworld last year can now proceed without this lingering in the corner.

“We remain committed to delivering our broader cross-cloud architecture that extends our hybrid cloud strategy, enabling customers to run, manage, connect, and secure their applications across clouds and devices in a common operating environment”

The VMware vCloud blog here talks about what OVH will bring to the table for the customers that remain on vCloud Air. Overall it’s extremely positive for those customers and they can take advantage of the technical ability and execution of the vCloud Air Networks leading service provider. Overall I think this is a great move by VMware and will hopefully lead to the vCloud Air Network becoming stronger…not weaker.

vCloud Director SP 8.20 – NSX Advanced Networking Overview

Many, including myself thought that the day would never come where we would be talking about a new UI for vCloud Director…but a a month on from the 8.20 release of vCloud Director SP (which was the 8th major release of vCD) I’m happy to be writing about the new Advanced Networking features of 8.20 based on NSX-v. Full NSX compatibility and interoperability has been a long time coming, however the wait has been worthwhile as the vCloud Director team opted to fully integrate the network management into the vCD Cloud Cells over the initial approach that had a seperate appliance acting as a proxy between the NSX Manager and vCD Cells.

But before I dive into the new HTML5 goodness, I thought it would be good to recap the Advanced Networking Services of vCD and how we got to where we are today…

No More vShield…Sort Of:

As everyone should know by now, the vCloud Networking & Security was made end of life late last year and from the release of vCD SP 8.10 vShield Edges should have been upgraded to their NSX equivalents. These Edges will remain as basic Edges within vCloud Director and even though at the backend they would be on NSX-v versioning, no extra features or functionality beyond what was available in the existing vCD portal would be available to tenants.

  • DHCP
  • NAT
  • Firewall
  • Static Routing
  • IPSec VPN
  • Basic Load Balancer

The version of NSX-v deployed dictates the build number of the NSX Edge, however as can be seen below it’s still listed as a vShield Edge in vCenter.

As anyone who has worked closely would know, NSX-v has a lot of vShield DNA in it and in truth it’s more vShield than NSX when talking about the features that pertain to vCloud Director. However the power of NSX-v can be taken advantage of once an basic edge is upgraded to an Advanced Edge.

Advanced Edge Services:

Before the major UI additions that came with vCD SP 8.20 the previous 8.10 version did give us a taste of what was to come with the introduction of a new menu option when you right clicked on an Edge Gateway.

This option was greyed out unless you where running the initial beta of the Advanced Networking Services or ANS. The option can be executed by anyone with the rights to upgrade the edge gateway, but by default this can only be done by a System Administrator or the Org Admin. So it’s worthwhile double checking the roles you have allocated to your tenant’s to ensure that these upgrades can be controlled.

Once you click on the Convert to Advanced Gateway option you get a warning referring to a VMwareKB that warns you about an API change that may make previous calling methods obsolete. Something to take note of for anyone automating this process. On execution of this conversion there is no physical change to the Virtual Machine, however if you now click on the Edge Gateway Services option of the Edge Gateway you will be taken to the new HTML5 Web Interface for NSX Advanced Networking Services to access all the advanced features:

  • Firewall
  • DHCP
  • NAT
  • Routing (Dynamic)
  • Load Balancer (Advanced)
  • SSL VPN Plus
  • Certificates
  • Grouping Objects
  • Statistics
  • Edge Settings

All new Advanced Networking features are configured from the new HTML5 web interface which retains the base vCD URL but now adds:

/tenant/network-edges/{ID}?org=ORGNAME

Everything is self contained the tenant doesn’t have to authenticate again to get to the new user interface. However, if you just upgrade the Edge and go to configure the Advanced Network Services out of the box you will only see a couple of the items listed above.

In order to use the new features a System Administrator must use the vCloud API to grant the new rights that the organisation requires. This process has been explained very well by my good friend Giuliano Bertello here. This process uses the vCloud API to Grant Distributed Firewall and Advanced Networking Services Rights to roles in vCloud Director 8.20 using the new granular role based access control mechanisms that where introduced in 8.20. Once configured your tenant’s can now see all the services listed above to configure the Edge Gateway.

Organisational Distributed Firewall:

Something that is very much new in the 8.20 release is the ability to take advantage of mircosegmentation using the NSX-v Distributed Firewall service. The ability to configure organisation wide rules logically, without the need for a virtual Edge Gateway is a significant step forward for vCD tenants and I hope that this feature enhancement is exposed by service providers and it’s value sold to their tenants. To access the Distributed Firewall, in the Virtual Datacenters windows of the Administration tab, right click on the Virtual Datacenter name and select Manage Firewall.

Once again you will be taken to the new HTML5 user interface and once the correct permissions have been applied to the user you can enable the Distributed Firewall and start configuring your rules. The URL is slightly different to the Edge Gateway URL:

/tenant/dwf/{ID}?org=ORGNAME

But the look and feel is familiar.

Conclusion:

vCloud Director SP 8.20 has finally delivered on the what most members of the vCloud Air Network had wanted for some time…that is, full NSX interoperability and feature set access as well as a new user interface. Over the next few weeks, I am going to expand on all the features of the Advanced and Distributed Networking features of vCD and NSX and walk through how to configure elements through the UI and API as well as give a looks into what’s happening at the backend in terms of how NSX stores rules and policy items for vCD tenant use.

Compatibility with vSphere 6.5 and NSX-v 6.3.x:

vCloud Director SP 8.20 is compatible with vSphere 6.5 and NSX 6.3.0 and supports full interoperability with other versions as shown in the VMware Product Interoperability Matrix. As of vCD 8.20 GA, vCD 8.20 passed the functional interoperability test and limited scale testing for these versions:

  • vCD 8.20 with vSphere 6.0 and NSX 6.3.0
  • vCD 8.20 with vSphere 6.5 and NSX 6.3.0

References:

https://kb.vmware.com/kb/2149042
https://kb.vmware.com/kb/2147625

Quick Fix: vCloud Director SP None of the Cells have a vCenter Proxy Service Running. SSL Protocol Fix

vCloud Director SP 8.20 was released a few weeks ago and I wanted to highlight an issue I ran into while testing of the BETA. I hadn’t come across this issue in previous versions of vCD and even though it relates to the fact I had a vCenter 5.5 I thought it worth a post now that 8.20 has GA’ed.

After I upgraded my cells I got the fairly common error message under the Cloud Cells section of the Manage & Monitor menu telling me that I didn’t have a vCenter Proxy service running. It’s something all vCD administrators would have seen over the years, so I did the usual troubleshooting step of going of reconnecting the vCenter under vSphere Resources. This didn’t work, so I did what comes naturally and cleared the Quartz Tables in the vCD database without any success.

Failed to connect to the vCenter. Please check if this is a valid vCenter server and the credentials are correct.

The NestedESXi lab was running vCenter 5.5 U3b and after a bit of searching I came across a post in the vCloud BETA forums relating to this issue:

Starting with VDC 8.20, the SSL protocol ‘TLSv1’ is no longer supported by default in the product for security reasons (as a server to serve the REST API request, but also as a client when talking to vCenter).
The version of vCenter you are running (please confirm which version), is older and probably only supports TLSv1.

Which explains the errors I also had been observing. Note that from 5.5 Update 3e and 6.0 Update 3 and later TLS v1.0 has been disabled and should be disabled.

Due to security concerns in the TLSv1.0 protocol, both Payment Card Industry (PCI) and BSI organizations have suggested to implement and enable TLSv1.1 or TLSv1.2, and move away from the use of TLSv1.0 as soon as possible

Even though it’s not suggested I needed to enable TLS v1 so that vCD SP 8.20 could connect to the vCenter. The following steps where done to enable TLSv1 which was based off this VMwareKB outlining why cells no longer enable SSL v3 by default and talks about a cell management tool command that configures the allowed SSL Protocols vCD uses during the handshake process with vCenter.

The SSL V3 protocol has serious vulnerability, described in CVE-2014-3566. As of vCloud Director 5.5.3, cells no longer enable SSL V3 by default for internal and external HTTPS connections. The vCloud Director cell management tool has been updated with a new subcommand that enables the system administrator to configure the set of SSL protocols that the cell offers to use during the SSL handshake process. This new subcommand has been made available in vCloud Director 5.5.3

Run the following command on the vCD cell in /opt/vmware/vcloud/bin/

./cell-management-tool ssl-protocols -d SSLv3,SSLv2Hello

After that is done restart the cell and check to make sure you have a listener and that vCenter is connected. If you run the ssl-protocols command with a -l flag it will show you what ssl-protocols are allowed. By default you should now only have TLS v1.1 and 1.2 enabled, but in my case I also needed v1.

Finally, it’s worth repeating that TLS v1 shouldn’t be used in production, but if you are still running older versions of 5.5 and 6.0 in your labs then this will help.

References:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2112282

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145796

Looking Beyond the Hyper-Scaler Clouds – Don’t Forget the Little Guys!

I’ve been on the road over the past couple of weeks presenting to Veeam’s VCSP partners and prospective partners here in Australia and New Zealand on Veeam’s Cloud Business. Apart from the great feedback in response to what Veeam is doing by way of our cloud story I’ve had good conversations around public cloud and infrastructure providers verses the likes of Azure or AWS. Coming from my background working for smaller, but very successful service providers I found it almost astonishing that smaller resellers and MSPs seem to be leveraging the hyper-scale clouds without giving the smaller providers a look in.

On the one hand, I understand why people would choose to look to Azure, AWS and alike to run their client services…while on the other hand I believe that the marketing power of the hyper-scalers has left the capabilities and reputation of smaller providers short changed. You only need to look at last week’s AWS outage and previous Azure outages to understand that no cloud is immune to outages and it’s misjudged to assume that the hyper-scalers offer any better reliability or uptime than the likes of providers in the vCloud Air Network or other IaaS providers out there.

That said, there is no doubt that the scale and brain power that sits behind the hyper-scalers ensures a level of service and reliability that some smaller providers will struggle to match, but as was the case last week…the bigger they are, the harder they fall. The other things that comes with scale is the ability to drive down prices and again, there seems to be a misconception that the hyper-scalers are cheaper than smaller service providers. In fact most of the conversations I had last week as to why Azure or AWS was chosen was down to pricing and kickbacks. Certainly in Azure’s case, Microsoft has thrown a lot into ensuring customers on EAs have enough free service credits to ensure uptake and there are apparently nice sign-up bonuses that they offer to partners.

During that conversation, I asked the reseller why they hadn’t looked at some of the local VCSP/vCAN providers as options for hosting their Veeam infrastructure for clients to backup workloads to. Their response was, that it was never a consideration due to Microsoft being…well…Microsoft. The marketing juggernaut was too strong…the kickbacks too attractive. After talking to him for a few minutes I convinced him to take a look at the local providers who offer, in my opinion more flexible and more diverse service offerings for the use case.

Not surprisingly, in most cases money is the number one factor in a lot of these decisions with service uptime and reliability coming in as an important afterthought…but an afterthought non-the less. I’ve already written about service uptime and reliability in regards to cloud outages before but the main point of this post is to highlight that resellers and MSP’s can make as much money…if not more, with smaller service providers. It’s common now for service providers to offer partner reseller or channel programs that ensure the partner gets decent recurring revenue streams from the services consumed and the more consumed the more you make by way of program level incentives.

I’m not going to do the sums, because there is so much variation in the different programs but those reading who have not considered using smaller providers over the likes of Azure or AWS I would encourage to look through the VCSP Service Provider directory and the vCloud Air Network directory and locate local providers. From there, enquire about their partner reseller or channel programs…there is money to be made. Veeam (and VMware with the vCAN) put a lot of trust and effort into our VCSPs and having worked for some of the best and know of a lot of other service provider offerings I can tell you that if you are not looking at them as a viable option for your cloud services then you are not doing yourself justice.

The cloud hyper-scalers are far from the panacea they claim to be…if anything, it’s worthwhile spreading your workloads across multiple clouds to ensure the best availability experience for your clients…however, don’t forget the little guys!

Released: vCloud Director SP 8.20 with HTML5 Goodness!

This week, VMware released vCloud Director SP version 8.20 (build 5070630) which marks the 8th Major Release for vCloud Director since 1.0 was released in 2010. Ever since 2010 the user interface give or take a few minor modifications and additions has been the same. It also required flash and java which has been a pain point for a long time and in someways unfairly contributed towards a negative perception around vCD on a whole.  It’s been a long time coming but vCloud Director finally has a new web UI built on HTML5 however this new UI is only exposed when accessing the new NSX integration which is by far and away the biggest addition in this release.

This NSX integration has been in the works for a while now and has gone through a couple of iterations within the vCloud product team. Initially announced as Advanced Networking Services which was a decoupled implementation of NSX integration we now have a fully integrated solution that’s part of the vCloud Director installer. And while the UI additions only extend to NSX for the moment it’s brilliant to see what the development team have done with the Clarity UI (tbc). I’m going to take a closer look at the new NSX features in another post, but for the moment here are the release highlights of vCD SP 8.20.

New Features:

  • Advanced Edge Gateway and Distributed Firewall Configuration – This release introduces the vCloud Director Tenant Portal with an initial set of controls that you can use to configure Edge Gateways and NSX Distributed Firewalls in your organization.
  • New vCloud Director API for NSX – There is a new a proxy API that enables vCloud API clients to make requests to the NSX API. The vCloud Director API for NSX is designed to address NSX objects within the scope of a vCloud Director tenant organization.
  • Role Administration at the Organization Level – From this release role objects exist in each organization. System administrators can use the vCloud Director Web Console or the vCloud API to create roles in any organization. Organization administrators can use the vCloud API to create roles that are local to their organization.
  • Automatic Discovery and Import of vCenter VMs – Organization VDCs automatically discover vCenter VMs that exist in any resource pool that backs the vDC. A system administrator can use the vCloud API to specify vCetner resource pools for the vDC to adopt. vCenter VMs that exist in an adopted resource pool become available as discovered vApps in the new vDC.
  • Virtual Machine Host Affinity – A system administrator can create groups of VMs in a resource pool, then use VM-Host affinity rules to specify whether members of a VM group should be deployed on members of a vSphere host DRS Group.
  • Multi-Cell Upgrade – The upgrade utility now supports upgrading all the cells in your server group with a single operation.

You can see above that this release has some major new features that are more focused on tenant usability and allow more granular and segmented controls of networks, user access and VM discovery. The Automatic VM discovery and Import is a significant feature that goes along with the 8.10 feature of live VM imports and helps administrators import VM work loads into vCD from vCenter.

“VMware vCloud Director 8.20 is a significant release that adds enhanced functionality.  Fully integrating VMware NSX into the platform allows edge gateways and distributed firewalls to be easily configured via the new HTML5 interface.  Additional enhancements such as seamless cell upgrades and vCenter mapping illustrate VMware is committed to the platform and to vCloud Air Network partners.”

A list of known issues can be found in the release notes and i’d like to highlight the note around Virtual Machine memory for the vCD Cells…I had my NestedESXi lab instances crash due to memory pressures due to the fact the VMs where configured with only 5GB of RAM. vCloud Director SP 8.20 needs at least 6GB so ensure your cells are modified before you upgrade.

Well done the the vCloud Director Product and Development team for this significant release and I’ll look to dig into some of the new feature in detail in upcoming posts. You can also read the offical vCloud Blog release post here. I’m looking forward to what’s coming in the next release now…hopefully more functionality placed into the HTML5 UI and maybe integration with VMwareonAWS 😉

References:

http://pubs.vmware.com/Release_Notes/en/vcd/8-20/rel_notes_vcloud_director_8-20.html

https://www.vmware.com/support/pubs/vcd_sp_pubs.html

https://blogs.vmware.com/vcloud/2017/02/vmware-announces-general-availability-vcloud-director-8-20.html

VCSP Important Notice: 9.5 Update 1 Is Out…With vSphere 6.5 Support!

Last Friday, we at Veeam made available for download Update 1 for Backup & Replication (Build 9.5.0.823), Veeam One (Build 9.5.0.3254) as well as for Backup for Microsoft Office 365 (Build 1.0.0.912). What was slightly unusual about this release for our VCSP partners is that there was no RTM build before GA…this is because Update 1 for Backup & Replication is what we term a non breaking update, meaning that if a Cloud Connect client upgrades from the 9.5 GA (9.5.0.711) to Update 1 (9.5.0.823) this would not break any backup or replication functionality.

Update 1 is a fairly significant update and contains over 300 enhancements and bug fixes with a lot of those enhancements aimed at improving the scalability of the Backup & Replication platform that VCSPs can take advantage of. The biggest and most anticipated (and by far requested) update is for the support of vSphere 6.5…as you can see below there are a number of specific enhancements in this build aimed at 6.5 features:

  • Encrypted VMs Support
  • VMFS6 Support
  • Virtual Hardware Version 13 support
  • NBD Compression
  • New Guest Interaction API Support
  • New VM Tag API Support

Of most importance to me is to point out the fact the clients can now replicate in Virtual Machines with VM Hardware Version 13 meaning that you should get your production replication clusters up to ESXi 6.5 as soon as possible to avoid clients getting errors such as the one below:

This does pose an interesting problem for VCSPs offering Cloud Connect Replication as it represents a situation whereby holding back on vSphere upgrades could mean that clients (who are more likely to have less roadblocks to upgrade) can’t replicate newer VMs created on 6.5 into the VCSPs Replication Cluster. The workaround is to make clients aware that only specific Hardware Versions are supported for replication however it might be expected that providers offering these services are not bound by these limitations. This becomes an architectural/business discussion around separating IaaS vCenter’s from Replication vCenter’s …but that is a topic for another day.

For the moment, regardless of your underlying vSphere versions it’s worth planning the upgrade to Veeam Backup & Replication 9.5 Update 1 as soon as possible as it contains a number of enhancements beyond the ones listed above and some minor fixes for Cloud Connect.

For a full list check out the release notes below and download the update here.

References:

https://www.veeam.com/kb2222

 

 

« Older Entries