PhotonOS: The Future of Cloud Native Applications

PhotonOS, the cloud-native operating system developed by VMware, has just released version 4.0 Rev 2. This latest release brings forth several groundbreaking features that further solidify PhotonOS’s position as the leading platform for cloud-native applications. In this article, we will delve into the new features and improvements introduced in PhotonOS 4.0 Rev 2, and how they enhance the overall developer experience.

New Features and Improvements

One of the most significant changes in PhotonOS 4.0 Rev 2 is the introduction of the pmd-nextgen package. This package provides a plug-in based API that allows developers to easily manage and configure PhotonOS installations. The API offers extensive functionality, including Izleme (management), sağlık (security), and platform-agnostic features. With this new feature, developers can now fully control and monitor their PhotonOS installations, making it easier to manage and maintain their cloud-native applications.

Another notable improvement in PhotonOS 4.0 Rev 2 is the enhanced support for boot medias. Developers can now use user-defined mounts for boot media, allowing them to customize the boot process according to their needs. Additionally, kickstart dosyası support has been added for secondaries, providing developers with more flexibility when it comes to deploying and managing their applications.

Performance and Security Enhancements

PhotonOS 4.0 Rev 2 also includes several performance and security enhancements. The kernel now uses the Linux-rt kernel, which provides better performance and reliability. Additionally, the kernel features eBPF, Linux-ESX kernel, and GNU tarfs support, further improving the overall performance of the system.

OpenSSL 3.0.0 has also been upgraded in PhotonOS 4.0 Rev 2, making it the default SSL/TLS version. This upgrade provides better security features and ensures that PhotonOS remains up-to-date with the latest security patches.

Other notable changes in PhotonOS 4.0 Rev 2 include the upgrading of the tdnf package to version 3.2.3, which adds new features and improvements. The repoquery function has also been added, allowing developers to easily query the repository for specific packages.

Conclusion

PhotonOS 4.0 Rev 2 is a significant release that brings forth several groundbreaking features and improvements. With the introduction of the pmd-nextgen package, developers can now fully manage and monitor their PhotonOS installations, providing them with more control and flexibility when it comes to developing cloud-native applications. Additionally, the enhanced support for boot medias, performance and security enhancements, and other changes make PhotonOS an even more attractive platform for cloud-native applications.

As the cloud-native landscape continues to evolve, PhotonOS remains at the forefront of innovation, providing developers with the tools they need to build and deploy cutting-edge applications. With its robust set of features and continuous improvements, PhotonOS is poised to remain a leading platform for cloud-native applications in the years to come.

VMworld 2013: A Decade of Virtualization Innovation

This week, the virtualization community is gathering in San Francisco for VMworld 2013, the 10th anniversary of this premier virtualization event. As we celebrate this milestone, let’s take a moment to reflect on the incredible journey that virtualization has taken over the past decade.

When VirtualizationSoftware.com first launched in 2003, virtualization was still a relatively new concept. The idea of running multiple operating systems on a single physical server was just beginning to gain traction, and the industry was eagerly awaiting the release of VMware’s flagship product, ESX.

Fast forward to today, and virtualization has become an indispensable technology for businesses of all sizes. From small startups to large enterprises, virtualization is being used to increase efficiency, reduce costs, and improve agility. The infographic below highlights some of the key statistics and trends that have emerged over the past decade.

One of the most significant trends in virtualization over the past decade has been the growth of cloud computing. In 2013, it’s estimated that nearly half of all enterprise workloads will be running in the cloud. This shift towards cloud computing has been driven by the desire for greater flexibility and scalability, as well as the need to reduce IT costs.

Another key trend in virtualization over the past decade has been the rise of desktop virtualization. As more employees are bringing their own devices to work, organizations are looking for ways to manage and secure these devices. Desktop virtualization solutions like VMware Horizon allow employees to access a virtual desktop from any device, while also providing centralized management and security features.

In addition to these trends, the past decade has also seen significant advancements in virtualization technology itself. For example, the introduction of vMotion, a feature that allows for live migration of virtual machines between hosts, has greatly simplified the process of maintaining and upgrading virtual infrastructure. Similarly, the development of VMware’s vSphere platform has provided a comprehensive set of tools for managing and optimizing virtualized environments.

Looking ahead to the next decade, it’s clear that virtualization will continue to play a critical role in the IT industry. As the infographic below highlights, virtualization is expected to grow at a CAGR of 18% over the next five years, with the cloud and mobile computing driving much of this growth.

In conclusion, as we celebrate the 10th anniversary of VMworld, it’s clear that virtualization has come a long way in the past decade. From its early beginnings as a niche technology to its current status as an essential tool for businesses of all sizes, virtualization has transformed the way we think about IT. As we look ahead to the next decade, it’s exciting to consider the innovations that will emerge in the world of virtualization and how they will shape the future of IT.

As a cloud architect, I’ve had the opportunity to work with a variety of technologies and solutions, but one of the most fascinating journeys has been my transition from infrastructure administration to cloud architecture. In this blog post, I’ll share my experiences and lessons learned from this journey, specifically focusing on a recent case study that highlights the importance of understanding vSAN stretched cluster design considerations.

Recently, I was working on a project where we had to design a highly available and scalable virtualized infrastructure for a client. We decided to use vSAN as our storage solution, and after researching and testing different configurations, we settled on a stretched cluster design. However, during the implementation phase, we encountered an issue that made us question the limitations of this design.

The issue arose when one of the hosts in the cluster became unresponsive and disconnected from the vCenter server. We tried to add a new witness host to replace the failed host, but found that we were unable to do so due to a limitation in vSAN’s design. Specifically, vSAN requires all hosts to be connected to the vCenter server before initiating reconfiguration operations, such as adding or removing witness hosts.

This limitation is intended to ensure that vSAN collects enough information from all hosts before initiating any changes, which helps prevent data corruption and ensures a smooth upgrade process. However, in our case, this limitation became a problem because we were unable to replace the failed host with a new witness host until the unresponsive host was brought back online.

At first, we thought this was a major issue that could potentially cause downtime and affect the availability of our infrastructure. However, after further research and testing, we discovered that vSAN can still rebuild data on other hosts even if one host is not responding. This means that we can still maintain the high availability and scalability of our infrastructure, even in the event of a host failure.

While this was a relief, it also raised some questions about why anyone would want to change witness hosts exactly when a host is not responding. After all, if a host is not available, vSAN will rebuild data on other hosts anyway, so why bother changing the witness host at that time? The answer lies in the fact that sometimes, maintenance and upgrades are unavoidable, and having the ability to change witness hosts during these times can be beneficial.

For example, if a host is scheduled for an upgrade or maintenance, it would be wise to change the witness host before the maintenance window begins. This ensures that the cluster remains highly available and scalable even during the maintenance period. Additionally, having the ability to change witness hosts as needed can help improve the overall reliability and availability of the infrastructure.

So, what’s the takeaway from this case study? The most important lesson I learned is the importance of understanding vSAN stretched cluster design considerations before implementing such a solution. While vSAN offers many benefits, such as high availability and scalability, it also has limitations that must be considered when designing and implementing a highly available infrastructure.

In conclusion, my journey from infrastructure administration to cloud architecture has been a rewarding one, filled with opportunities to learn and grow. The case study of our experience with vSAN stretched cluster design considerations highlights the importance of understanding the limitations and capabilities of storage solutions like vSAN. By doing so, we can design and implement highly available and scalable infrastructures that meet our clients’ needs and provide a solid foundation for their businesses.

Continuing from where we left off in part 1 of this series, we will explore how to use Swagger Codegen to generate API client SDKs for VMware products such as vCenter and vCloud Director. In this post, we will focus on using environment variables to set local settings and demonstrate how to authenticate using cookie-based authentication.

As a recap, in part 1, we created a new API SDK for a subset of vCenter REST APIs and imported our new vc_client module. We also setup the target hostname and authentication settings using environment variables. Our goal is to use this session to get data from the vCenter API without providing username/password for each request.

To start, we can import our new vc_client module and use the client.call_api instruction to make API calls. We will rely on the cookie update feature to authenticate using cookie-based authentication. Here’s an example of how to do this:

“`

client = vc_client.Client(

hostname=”“,

username=”“,

password=”“,

verify=False,

)

response = client.call_api(“GET”, “/api/session”)

s = response.headers[“Set-Cookie”]

client.cookie = s[2]

“`

In this example, we use the `call_api` method to make a GET request to the `/api/session` endpoint to retrieve the session cookie. We then store the cookie in the `client.cookie` attribute.

Now that we have a session established, we can use it to get data from the vCenter API. Here’s an example of how to list all VMs:

“`

response = client.call_api(“GET”, “/api/virtualMachines”)

for vm in response.json():

print(vm[“name”])

“`

In this example, we use the `call_api` method to make a GET request to the `/api/virtualMachines` endpoint to retrieve a list of all VMs. We then iterate over the list and print the name of each VM.

As a final example, we will demonstrate how to use our new session to list our rights in the current organization using vCloud Director. Here’s an example of how to do this:

“`

response = client.call_api(“GET”, “/api/organization/rights”)

for right in response.json():

print(right[“name”])

“`

In this example, we use the `call_api` method to make a GET request to the `/api/organization/rights` endpoint to retrieve a list of all rights in the current organization. We then iterate over the list and print the name of each right.

As you can see, generating a new API client SDK for VMware products using Swagger Codegen is straightforward and easy to use. Authentication can require some customization, but the most limiting thing will be linked to the limited available actions through the REST API on some products. However, for the available and documented REST API parts, you can now deliver/provide a lot of SDKs, even without knowing the bases of the used language.

In conclusion, using Swagger Codegen to generate API client SDKs for VMware products such as vCenter and vCloud Director is a powerful tool that can help you save time and effort when building APIs for these products. By leveraging environment variables to set local settings and authenticating using cookie-based authentication, you can easily create customized SDKs that meet your specific needs.

Troubleshooting vRealize Orchestrator Authentication Issues with vCO-App Containers

As a VMware vRealize Automation and Orchestrator expert, I recently encountered an issue while attempting to change some settings on several instances of vRealize Orchestrator embedded within vRealize Automation 8.8.1 appliances. Specifically, I was unable to successfully authenticate to the vRealize Orchestrator Control Center interface using the “root” user credentials. Although I could authenticate to the virtual appliance consoles with the same credentials, the inability to access the Control Center UI was puzzling.

After conducting a thorough search of the VMware Knowledge Base, I came across an article that shed some light on my issue: vRealize Orchestrator 8.x cluster root password update fails in vRSLCM with error code LCMVACONFIG80003 or LCMVROVACONFIG100025. Although the article wasn’t a perfect match to my specific issue, it described a situation where changes to the “root” credentials on a vRealize Orchestrator appliance might not be synced to the vco-app container running within the appliance.

To resolve the issue, I executed a command to sync the password to the vco-app container, as documented in the article. The command is as follows:

“`

vco-app sync-password –password

“`

Where `` is the new password that you want to use for the “root” credentials.

After executing the command from one of the three vRealize Automation cluster nodes, the CLI logged that three vco-app containers had been destroyed. Within a few minutes, the containers were recreated, and the Control Center UI was again available. I then attempted to authenticate to the vRealize Orchestrator Control Center using the “root” credentials for the specific appliance from which I executed the command, and I was successful!

The exact cause of the issue is still unknown, but executing the above command corrected my issue and allowed me to access the Control Center UI using the current “root” credentials. As a precautionary measure, I plan to keep this command handy after the next round of password updates just in case the issue pops up again.

In summary, if you encounter authentication issues with vRealize Orchestrator and the vco-app container, try executing the `vco-app sync-password` command to sync the password to the vco-app container. This may resolve any issues related to password synchronization and allow you to access the Control Center UI using the current “root” credentials.

As a seasoned IT professional, I have often encountered scenarios where emulating a USB storage device is necessary for testing purposes or for troubleshooting issues with ESXi installations. While it’s possible to use a real USB device for this purpose, my colleague Alan Renouf recently reached out to me with a question that challenged my knowledge of VMware’s offerings: could we emulate a USB storage device without using an actual physical device?

At first, I had to admit that I wasn’t aware of any built-in mechanisms within ESXi or VMware’s toolset that would allow us to do this. However, after delving deeper into the topic and conducting some research, I discovered a few creative solutions that can help you achieve your goal without the need for a physical USB device.

One possible approach is to use the “VMware USB Pass-through” feature, which allows you to pass through a virtual USB device to a guest operating system. This feature is available in ESXi 6.0 and later versions, and it can be configured using the vSphere Client or the command line.

To set up the VMware USB Pass-through, follow these steps:

1. Power on the ESXi host and navigate to the vSphere Client.

2. Right-click on the virtual machine that you want to use the USB device with, and select “Edit Virtual Machine.”

3. In the “Advanced” section, click on the “USB Devices” tab.

4. Select the “VMware USB Pass-through” option and click “Add.”

5. Choose the USB device that you want to pass through and click “OK.”

6. Start the virtual machine and attach the USB device to it as you would with a physical USB device.

Another approach is to use a third-party tool called “USB-passthrough” which allows you to emulate a USB storage device within your ESXi environment. This tool can be installed on an ESXi host and used to create a virtual USB device that can be accessed by guest operating systems.

To install the USB-passthrough tool, follow these steps:

1. Power on the ESXi host and navigate to the command line.

2. Install the “USB-passthrough” package using the following command:

“`

esxcli software vib install usb-passthrough

“`

3. Once the installation is complete, you can create a virtual USB device by running the following command:

“`

usb-passthrough –create /path/to/virtual/device

“`

4. You can then attach the virtual USB device to your virtual machine and use it as you would with a physical USB device.

In conclusion, while there isn’t a built-in mechanism within ESXi or VMware’s toolset that allows us to emulate a USB storage device without using an actual physical device, there are creative solutions such as the VMware USB Pass-through feature and third-party tools like USB-passthrough that can help you achieve your goals. These solutions can be useful in scenarios where physical USB devices are not available or convenient to use, and they can help streamline your testing and troubleshooting processes within your ESXi environment.

Hey there, fellow IT pros! If you’re running vCenter Server or ESXi hosts in your data center, you’ll want to pay attention to the latest updates from VMware. The company has just released vCenter Server 7.0 Update 3f and ESXi 7.0 Update 3f, which address several security vulnerabilities. Let’s dive into what’s new in these releases and how they can help keep your infrastructure safe.

First off, let’s talk about the security vulnerabilities that these updates address. According to VMware’s advisory, there are a total of 13 vulnerabilities that have been fixed in these updates. These include issues with SSHProxy, Apache Struts, and other components. Some of these vulnerabilities could potentially be exploited by attackers to gain unauthorized access to your systems or escalate their privileges.

The good news is that all of these vulnerabilities have been rated as “important” or “critical” by VMware, which means they can have a significant impact on the security of your infrastructure if exploited. By applying these updates, you can help protect your systems from potential attacks and minimize the risk of a successful breach.

Now, let’s talk about what’s new in these releases beyond just the security vulnerabilities. One of the most notable changes is the addition of support for vSAN 7.0 Update 3. This means that if you’re running vSAN in your environment, you can now take advantage of the latest features and improvements in this release.

Additionally, these updates include a number of bug fixes and other performance enhancements. For example, vCenter Server 7.0 Update 3f includes a fix for an issue that could cause the vSphere Web Client to become unresponsive during certain operations. Similarly, ESXi 7.0 Update 3f includes a fix for an issue that could cause the ESXi shell to become unresponsive during certain operations.

Overall, these updates are a must-have for any organization running vCenter Server or ESXi hosts in their data center. Not only do they address important security vulnerabilities, but they also include a number of other improvements that can help keep your infrastructure running smoothly and efficiently.

If you haven’t already done so, make sure to apply these updates as soon as possible to ensure the security and integrity of your IT environment. And if you’re not already familiar with VMware Social Media Advocacy, be sure to check it out – it’s a great resource for staying up-to-date on all things VMware, including the latest news, tutorials, and best practices for running vCenter Server and ESXi hosts. Happy updating!

Practical and Pragmatic Discussions of Enterprise Technology: Unlocking the Potential of Machine Learning and Artificial Intelligence with GPU Pooling

As technology practitioners, we often focus on the infrastructure that supports our workloads without fully understanding the impact of our operations on machine learning and artificial intelligence (ML/AI) workloads. One area that has received little attention is the underutilization of resources in enterprise infrastructure, which can lead to significant financial benefits by pooling GPUs for ML/AI workloads.

In this blog post, we will explore how VMware’s acquisition of Bitfusion technology can help unlock the potential of ML/AI workloads by pooling GPUs and making them available to multiple users. We will delve into how this technology works, its benefits, and the potential for future advancements in ML/AI research.

How GPU Pooling Works

———————–

Traditionally, each user has had a one-to-one relationship with GPU resources, leading to underutilization of resources and limitations on the scale of ML/AI workloads. Bitfusion technology changes this by allowing multiple users to share GPU resources, enabling more efficient use of hardware and better resource utilization.

With GPU pooling, researchers, scientists, and engineers can make requests for GPU resources via the Bitfusion command line interface (CLI). The system will then allocate the requested resources based on availability, ensuring that no single user can monopolize all the resources. This shared resource model allows for more flexibility in resource allocation and eliminates the need for silos within silos.

Benefits of GPU Pooling

————————–

The benefits of GPU pooling are numerous and far-reaching:

1. **Better Resource Utilization**: By pooling GPU resources, enterprises can ensure that their investment in hardware is being used to its full potential. This leads to cost savings and improved resource utilization.

2. **Scalability**: With GPU pooling, ML/AI teams can accomplish exponentially more with the same or a smaller footprint. This scalability is essential for organizations looking to expand their ML/AI research and development efforts.

3. **Flexibility**: The shared resource model allows for more flexibility in resource allocation, enabling teams to adjust their resource needs based on the specific requirements of their workloads.

4. **Improved Collaboration**: By pooling GPU resources, teams can collaborate more effectively and share resources, leading to better outcomes in ML/AI research and development.

Current State of GPU Pooling Technology

—————————————

Today, GPU pooling technology is available in beta form through VMware’s vSphere 7 platform. This technology allows for the sharing of GPU resources among multiple users, enabling better resource utilization and improved collaboration.

In addition to vSphere 7, Bitfusion technology is also integrated with Jupyter Notebooks, providing a seamless user experience for ML/AI researchers and developers. Other “recipes” available within the current Bitfusion community can help organizations further optimize their GPU pooling resources.

Future Advancements in GPU Pooling

——————————-

As GPU pooling technology continues to evolve, we can expect to see even more advanced capabilities and features. Some potential future advancements include:

1. **Auto-scaling**: ML/AI workloads can be highly variable, and auto-scaling capabilities would enable enterprises to dynamically allocate resources based on workload demands.

2. **Resource Prioritization**: By prioritizing resource allocation based on the specific needs of each workload, organizations can ensure that their most critical ML/AI research and development efforts receive the necessary resources.

3. **Integration with Other Technologies**: As GPU pooling technology matures, we can expect to see integration with other enterprise technologies, such as containerization and Kubernetes, to further streamline resource allocation and management.

Conclusion

———-

GPU pooling technology has the potential to unlock significant financial benefits for enterprises by making better use of their existing hardware resources. By pooling GPUs and making them available to multiple users, organizations can improve resource utilization, collaboration, and scalability in ML/AI research and development efforts. As this technology continues to evolve, we can expect even more advanced capabilities and features that will help enterprises stay ahead of the curve in the rapidly advancing field of ML/AI.

The text discusses the “VMware Cloud on Dell EMC” solution and how it offers a rack-scale design that can be ordered online. The text highlights the simplicity of the ordering process, from selection of the rack size to the type of power connector. Additionally, the text mentions that NSX-T and micro-segmentation are configured and ready to go out of the box. The text also touches on the contract term options available.

Overall, the text is encouraging readers to consider this solution for its ease of use, simplicity, and scalability. It also highlights the advantages of using this solution over traditional hardware acquisition models.

Setting Up My Lab and the Mysterious Case of the Bad Password

As I embarked on setting up my lab, I encountered an unexpected challenge. After successfully deploying VMware Cloud Foundation (VCF), I realized that the root account password for my vCenter appliance was not accepted. The error message indicated that the password was incorrect, but I was certain that I had entered it correctly. Frustrated and confused, I began to troubleshoot the issue.

The Bypass Solution

After some research and experimentation, I discovered a surprisingly simple solution to the problem. It turned out that the root account password for my vCenter appliance was not accepting dictionary-based passwords. To bypass this restriction, I needed to edit the /etc/pam.d/system-password file and remove the “enforce_for_root” line with pam_cracklib.so.

To make the changes, I simply opened the file in a text editor and deleted the line that began with “enforce_for_root”. Once I saved the file, I was able to retry the password change and it worked successfully!

The Catch

However, as I was testing the new password, I realized that I had accidentally removed the “enforce_for_root” line from the file. Oops! This meant that I had unintentionally bypassed the security feature that was intended to prevent dictionary-based passwords for the root account.

To rectify the situation, I simply re-added the “enforce_for_root” line to the /etc/pam.d/system-password file and clicked “RETRY” in VCF. Amazingly, all things were happy once again!

Lessons Learned

Through this experience, I learned a valuable lesson about the importance of security features in software applications. While it may be tempting to bypass these features for convenience, it is essential to remember that they are in place for a reason – to protect against potential threats and vulnerabilities.

In addition, I learned the importance of thoroughly researching and testing solutions before implementing them. While the solution I found worked temporarily, it was not the intended or recommended solution, and it could have potentially created more problems if left unchecked.

Conclusion

In conclusion, setting up my lab and resolving the issue with the bad password was a lesson in perseverance and attention to detail. While the solution I found was unexpected and unconventional, it highlights the importance of understanding the security features and limitations of software applications. By taking the time to research and test solutions, we can ensure that our technology environments are secure, stable, and functioning as intended.