Platform9 KubeVirt: A Hands-on Lab Experience

As an automation guy with a love for containers, I was excited to try out Platform9’s KubeVirt implementation in their hands-on lab (HOL). After using Harvester for running VMs mainly for deploying Rancher RKE clusters, I was eager to see how Platform9 compared. In this blog post, I will share my experience with the platform and highlight the differences between it and Harvester.

Getting Started with Platform9

To get started with Platform9, you need to create a cluster using pf9ctl, their command-line tool. The process is straightforward, and you can follow the instructions in the official documentation. For my HOL, I created a K8s cluster with one Master node and one Worker node. The pre-node option for pf9ctl installs an agent and promotes the server to a PMK (Platform9 Managed Kubernetes) node that can be used to build a cluster.

Installing KubeVirt

Platform9 provides KubeVirt as an add-on, which can be installed with just one click. From the Infrastructure menu, select Clusters -> Managed, and a list of managed clusters will appear. Select the cluster intended for KubeVirt, and in the Platform9 KubeVirt documentation, you’ll find the details of the steps for installing KubeVirt on a new cluster. However, if your cluster already exists, the add-on can be added without issues.

Similarities and Differences with Harvester

There are some similarities between Platform9 and Harvester, but there are also significant differences. One of the main differences is that Platform9 keeps its offering very close to the upstream project, which means that you are more familiar with the solution, and when it’s time to move to another KubeVirt offering, the changes will be minimal. In contrast, Harvester offers a more curated experience but with less flexibility than Platform9.

Managing VMs

In the Platform9 KubeVirt documentation, you can find a lot of information about managing VMs. There are three areas of interest in the Virtual Machines section: All VMs, Live Migrations, and Instance Types. In the All VMs area, you can easily see the total, running or the VMs being migrated. In the Virtual Machine creation process, you can select the desired options for your VM, and the YAML syntax will start updating itself! This is a great feature that allows you to learn how to do the YAML version of the VM creation process and maybe run some CI/CD and automate VMs.

Upgrading the Cluster

While creating our cluster, we selected an older version of Kubernetes, and the idea is to be able to run an upgrade and see how things are handled for our VMs. To upgrade the cluster, select Infrastructure -> Clusters -> Managed, and select the cluster that will be upgraded. The steps for the upgrade are very similar to the initial install. During the upgrade, I noticed that the VMs first were moved to the Worker node, which is expected, as the first nodes to upgrade on K8s are the Master nodes.

Conclusion and Future Plans

In conclusion, Platform9’s KubeVirt implementation provides a hands-on lab experience that is different from Harvester in several ways. While both platforms offer similar functionality, Platform9’s closer alignment with upstream projects and its flexibility make it an attractive option for those looking for a more customizable solution. In my next blog post, I plan to dive deeper into the storage and networking aspects of Platform9 KubeVirt and compare them to Harvester’s offerings. Additionally, I will try to get my hands on PMK access to build a cluster in my homelab and test more stuff related to MetalLB, which looks like an interesting feature! Stay tuned for more updates!

Demystifying the World of Virtualization and Technology: Thoughts from Dell Technologies World 2018

As I reflect on my recent trip to Dell Technologies World 2018, I am reminded of the transformative power of technology and the impact it has on our lives. This year’s event was a unique experience that offered a glimpse into the future of technology and its potential to shape our world. As someone who is passionate about virtualization and technology, I felt right at home among the visionaries and thought leaders who gathered in Las Vegas to explore the latest advancements in the field.

One of the most striking aspects of this year’s event was the focus on customer transformation. Gone were the days of product-centric talks and presentations; instead, the emphasis was on how technology can be leveraged to drive real change and innovation within our organizations. The keynotes were a testament to this shift in focus, with thought leaders from diverse industries sharing their stories of how they are using technology to reimagine their businesses and push the boundaries of what is possible.

The Social Village was another highlight of the event. This innovative space provided attendees with an opportunity to relax, network, and engage in some truly unique experiences. From The Cube interviews to drone racing with VR headsets, there was no shortage of activities that allowed us to explore the cutting-edge technology on display. The expo floor was equally impressive, with a diverse range of vendors showcasing their latest offerings and providing attendees with a truly comprehensive view of the industry.

Of course, no Dell Technologies World event would be complete without some major announcements, and this year did not disappoint. The introduction of the next-generation all-flash array – The Powermax – was a standout moment for me. This powerhouse of a storage array represents a significant leap forward in terms of performance, scalability, and efficiency, and I am excited to see how it will impact the industry in the months and years to come.

One aspect of this year’s event that I found particularly noteworthy was the lack of a traditional community champion track. While this may seem like a departure from previous events, I believe that it was a deliberate choice to focus on the broader community and encourage attendees to engage with one another in new and meaningful ways. The UK customers who attended the event were some of the most passionate and engaged individuals I have ever met, and it was inspiring to see them sharing their knowledge and experiences with one another.

As I reflect on my time at Dell Technologies World 2018, I am reminded of the power of community and the importance of empowering our users to connect with one another. The bonds that we form within this industry are crucial to our success, and I believe that events like this one play a vital role in fostering those connections. Long may it continue!

In conclusion, Dell Technologies World 2018 was an experience that I will not soon forget. From the thought-provoking keynotes to the innovative exhibits on the expo floor, this event truly had something for everyone. As we look towards the future of technology and virtualization, I am excited to see what new developments and announcements will come our way in the months and years to come. Here’s to 2019 and beyond!

Five Things I Learned at My First VMworld

As someone who has been in the virtualization industry for a while, I have always heard great things about VMworld, but it wasn’t until my first time attending in 2012 that I truly understood the power of this event. Here are five things I learned during my first VMworld that have had a lasting impact on my career and personal brand:

Networking is key – Before attending VMworld, I thought conferences were all about listening to keynotes and sitting in sessions. But what I quickly realized was that the real value of the event came from the people I met. I made connections with fellow attendees, vendors, and VMware employees that have been instrumental in helping me grow my career and brand.

Be open to new experiences – As a virtualization professional, I had never been to a conference this large before, so everything was new and exciting. From the bright colors and psychedelic decorations on the show floor to the exclusive Veeam event, I was open to trying new things and stepping out of my comfort zone.

Set clear goals – With so many sessions and activities to choose from, it’s important to have clear goals for what you want to achieve at VMworld. Whether it’s learning about new technologies, meeting certain people, or simply soaking in the atmosphere, having a plan will help you make the most of your time there.

The show floor is not to be missed – Sure, the keynotes and sessions are important, but the show floor is where the magic happens. It’s where you can see the latest technologies up close and personal, get hands-on experience with products, and talk to vendors and other attendees about their experiences.

VMworld begins with you – The tagline for VMworld is “Right Here Right Now,” and that’s exactly what it felt like. It was a place where I could be myself, learn from others, and grow my personal brand. Looking back, attending VMworld was a pivotal moment in my career, and it continues to be an event that shapes my goals and aspirations every year.

vRealize Automation (vRA) Addressing Critical Security Vulnerability in Aria Automation: Action Steps and Recommendations

As a trusted advisor for VMware vRealize Automation (vRA), we want to inform you of a critical security vulnerability that has been identified in the Aria Automation platform. The vulnerability, designated as VMSA-2024-0001, affects all versions of Aria Automation prior to 2.9.5.

The vulnerability is caused by an input validation error in the Aria Automation web interface that allows an unauthenticated attacker to perform a command injection attack. This can lead to arbitrary code execution and potentially allow the attacker to gain control of the system.

VMware has released a patch for this vulnerability, which we highly recommend you apply as soon as possible. The patch is available for all supported versions of Aria Automation, and it addresses the input validation error that leads to the command injection vulnerability.

To apply the patch, follow these steps:

1. Log in to your vRA server using an account with administrative rights.

2. Open the vRA web interface by navigating to /ui.

3. Click on the “Upgrade” button in the top-right corner of the page.

4. Select the “Patch Management” tab.

5. Select the VMSA-2024-0001 patch and click “Install.”

6. Wait for the patch to complete successfully.

Once you have applied the patch, we recommend taking the following additional steps to ensure your vRA environment is secure:

1. Review and update your network policies to ensure they are aligned with your security policies and do not allow any unauthorized access or traffic.

2. Enable logging for all Aria Automation components and set up alerts to monitor for any suspicious activity.

3. Ensure that all Aria Automation components are running the latest supported version and that there are no known vulnerabilities affecting the system.

4. Implement access controls to restrict unauthorized access to the vRA server and its components.

5. Monitor your vRA environment regularly for any signs of suspicious activity or security breaches.

We strongly advise you to take these steps as soon as possible to ensure your vRA environment is secure and protected from potential attacks. If you have any questions or concerns about this vulnerability or its resolution, please do not hesitate to contact us. We are here to support you and ensure your success with vRealize Automation.

In addition to the above information, we would like to share some additional tips for securing your vRA environment:

1. Use strong passwords and passphrases for all accounts, and avoid using default or weak passwords.

2. Restrict network access to only those ports and protocols required by your workloads and applications.

3. Implement security segmentation to isolate critical assets and limit the spread of potential attacks.

4. Use encryption to protect sensitive data and communications.

5. Regularly review and update your security policies and procedures to ensure they remain effective and aligned with your business needs.

We hope these tips and recommendations are helpful in securing your vRA environment and protecting it from potential threats. If you have any further questions or concerns, please do not hesitate to contact us. We are here to support you and ensure your success with vRealize Automation.

Demystifying the World of Virtualization and Technology

As I arrived on Sunday for the vForum event, I was greeted with a smooth logistical process from start to finish. The evening was filled with meeting up with friends and customers at the vRockstar event, which is always a great way to connect with like-minded individuals from various backgrounds. Monday was all about TAM day and Partner day, where I attended a VMUG session focused on Dell EMC and VMware HCI offerings, as well as a captivating session by Brian Graf covering VMware Cloud on AWS.

The session hosted by Paul Mackay (EMEA CTO for Modern Data Center team) focused on HCI, specifically the use cases and outcomes that customers are asking for. He was assisted by Steffen Matthias, who covered the technical aspects of Dell EMC HCI solutions, and this was well received by the audience. It was a frank and informal discussion, and I felt that this is what customers want – to hear from vendors on how to get to the software-defined data center and eventually hybrid cloud.

The rest of the day was spent networking with my customers and talking to the various VMware staff and old acquaintances at the various booths about the new themes this year. The next few days are bound to be hectic with a lot of announcements and some interesting sessions, so I will give you my take on these as we go along with the event.

Overall, the vForum event is shaping up to be an exciting and informative experience, with a focus on demystifying the world of virtualization and technology. With a lineup of captivating sessions, networking opportunities, and announcements from leading vendors, this event is not to be missed for anyone interested in the latest trends and innovations in the tech industry.

I will continue to provide updates throughout the event, so be sure to stay tuned for more insights and takeaways from the world of virtualization and technology. And if you haven’t already, be sure to subscribe to my blog for the latest news, reviews, and analysis on all things tech.

vRealize Automation – vRA Addressing Critical Security Vulnerability in Aria Automation: Action Steps and Recommendations (VMSA-2024-0001) January 16, 2024

As a valued reader of our blog, we are committed to providing you with the latest information on critical security vulnerabilities and their impact on your VMware environment. In this post, we will be discussing a recently discovered vulnerability in Aria Automation that requires immediate attention from all vRealize Automation (vRA) users.

Background

VMware has released a security advisory (VMSA-2024-0001) on January 16, 2024, addressing a critical vulnerability in Aria Automation that can lead to unauthorized access and data breaches. The vulnerability is caused by an issue in the authentication mechanism of Aria Automation, which can be exploited by attackers to gain access to sensitive information.

Impact

The vulnerability affects all versions of vRA prior to 8.1.0, and it is important for all users to take immediate action to mitigate the risk. If left unaddressed, this vulnerability can lead to serious consequences, including:

* Unauthorized access to sensitive information

* Data breaches and leakage

* Compromised credentials

* Loss of confidentiality, integrity, and availability of data

Action Steps

To address this critical security vulnerability, we recommend that all vRA users take the following action steps:

1. Upgrade to vRA 8.1.0 or later: This is the most effective way to mitigate the risk associated with this vulnerability. The latest version of vRA includes a fix for the vulnerability, and it is recommended that all users upgrade as soon as possible.

2. Apply the security patch: If you are unable to upgrade immediately, you can apply the security patch (VMSA-2024-0001) to your existing version of vRA. This will help to mitigate the risk until you can upgrade to a later version.

3. Change passwords and certificates: In light of this vulnerability, it is recommended that all users change their passwords and certificates to ensure that they are secure and cannot be easily guessed or compromised.

4. Review and update policies: Review and update your security policies to ensure that they are aligned with the latest best practices and industry standards. This will help to prevent future vulnerabilities and protect your environment from potential attacks.

5. Monitor for suspicious activity: Continuously monitor your environment for suspicious activity, such as unusual login attempts or changes to sensitive information. This will help to detect any potential threats early on and minimize the impact of a security breach.

Recommendations

In addition to the action steps outlined above, we recommend that all vRA users take the following precautions to protect their environment:

1. Enable two-factor authentication (2FA): This will provide an additional layer of security and make it more difficult for attackers to gain access to your environment.

2. Limit access to sensitive information: Ensure that only authorized personnel have access to sensitive information, such as credentials and configuration files.

3. Regularly back up data: To ensure that your data is safe in the event of a security breach or other disaster, it is important to regularly back up your data.

4. Implement a vulnerability management program: This will help you to stay on top of the latest security threats and vulnerabilities, and take proactive steps to protect your environment.

5. Train employees on security best practices: Ensure that all employees are trained on security best practices, such as password management and phishing prevention, to reduce the risk of human error.

Conclusion

In conclusion, the recent discovery of a critical security vulnerability in Aria Automation requires immediate attention from all vRA users. To mitigate the risk associated with this vulnerability, we recommend that all users upgrade to vRA 8.1.0 or later, apply the security patch, change passwords and certificates, review and update policies, and monitor for suspicious activity. By taking these steps, you can help to protect your environment from potential threats and maintain the confidentiality, integrity, and availability of your data.

Demystifying the World of Virtualization and Technology: VMware’s Latest Innovations

The annual VMware event was a thrilling experience for me as a technology blogger. This year, I had the privilege of attending the opening keynote and speaking with some fellow bloggers and industry experts. Jean-Pierre Brulard, the CEO of VMware, kicked off the event by announcing that there were 12,000 attendees this year, a record number.

Pat Gelsinger, the CEO of VMware, took the stage to discuss the company’s vision for the future of technology. He emphasized that disruption is happening year after year, but businesses are still doing well by focusing on making profits. However, he also pointed out that there are still gaps in the IT silos that need to be bridged.

One of the key areas of focus for VMware is cloud computing. The company announced a new VMware Cloud Provider program, which has tripled in size over the past year. Additionally, Pat highlighted the importance of security in the technology industry and emphasized that security should be at the heart of every technology conversation.

Another significant announcement was the acquisition of Heptio, which will accelerate the adoption of Kubernetes across the enterprise. VMware also introduced a new offering called VMware Cloud PKS, which allows VMware to run the PKS environment on AWS.

The event also showcased some impressive demos, including one that demonstrated how AppDefense learns the behavior of a VM through machine learning. This creates an application behavior map, allowing the policy to lock down the application by the trusted ruleset. Another demo showed how Project Dimension offers a fully managed SDDC service from VMware that can be hosted on-premises and at edge locations.

Overall, the event provided valuable insights into the latest innovations in virtualization and technology. With its focus on cloud computing, security, and Kubernetes, VMware is well-positioned to continue leading the industry in the years to come. As a technology blogger, I am excited to see how these developments will shape the future of our industry.

VMware Cloud Director (VCD) is a powerful tool for managing and deploying cloud-based infrastructure, and with the recent release of VCD 10.4.2, there are some exciting new features and enhancements that can help organizations improve their cloud security and management capabilities. In this blog post, we’ll take a closer look at some of the key highlights of VCD 10.4.2, including its ability to act as an identity provider proxy server, and explore the different approaches for integrating VCD with Active Directory Federation Services (ADFS).

Identity Provider Proxy in VCD 10.4.2

One of the most significant enhancements in VCD 10.4.2 is the ability to configure VMware Cloud Director as an identity provider proxy server. This means that organizations can now register an OAuth 2.0 OpenID Connect compliant Identity Provider with VCD, and relying parties can use VCD for tenant-aware authentication of users known to VCD.

This feature provides a number of benefits for organizations, including:

* Simplified management: With the ability to act as an identity provider proxy server, VCD can simplify the process of managing user identities and access control across multiple clouds and applications.

* Increased security: By using VCD as an identity provider proxy, organizations can help protect against security threats such as phishing and man-in-the-middle attacks.

* Greater flexibility: With the ability to integrate with a wide range of Identity Providers, organizations can choose the solution that best meets their needs and requirements.

Integrating VCD with ADFS

When integrating VCD with ADFS, there are two main approaches that organizations can take: the tenant-based approach and the IDP Proxy-based approach. Both approaches have their advantages and considerations, and the choice will depend on the specific requirements and preferences of your organization.

Tenant-Based ADFS Integration

The tenant-based approach involves creating a separate ADFS instance for each VCD tenant. This approach provides more control and flexibility for individual tenants, as each tenant can have its own customized ADFS configuration. However, this approach also requires more management and maintenance, as each tenant will need to be separately configured and monitored.

IDP Proxy-Based ADFS Integration

The IDP Proxy-based approach involves using VCD as an IDP Proxy server for all ADFS instances. This approach provides centralized management and simplification for the VCD system administrator, as all ADFS instances can be managed from a single location. However, this approach also means that each tenant will need to be configured separately within VCD, which can be more restrictive than the tenant-based approach.

Evaluating Your Environment

When selecting the appropriate approach for integrating VCD with ADFS, it is important to evaluate your specific needs and constraints. Consider factors such as security requirements, management complexity, and scalability, as well as any existing infrastructure or policies that may impact your decision.

Conclusion

VMware Cloud Director 10.4.2 is a powerful tool for managing and deploying cloud-based infrastructure, and its ability to act as an identity provider proxy server provides a number of benefits for organizations. When integrating VCD with ADFS, it is important to consider the specific needs and constraints of your environment, and to choose the approach that best meets those needs. By taking advantage of these new features and enhancements, organizations can improve their cloud security and management capabilities, and better meet the evolving demands of their business.

Sanjay Poonen, the co-founder and CEO of VMware, recently hosted a keynote address at an event for technology enthusiasts. The main focus of his presentation was on the company’s accomplishments in the field of virtualization over the past decade and its potential for future growth.

Poonen highlighted several key aspects of the corporation’s success, including innovation and customer satisfaction. He emphasized that these two factors are essential to achieving high growth and a powerful story. To illustrate this point, he discussed Skyline, a project aimed at providing customers with a proactive approach to supporting their essential infrastructure. The economic impact of this project has been significant over the last ten years, as evidenced by the company’s impressive revenue growth.

Poonen then shifted his attention to the cost savings associated with software-defined storage and networking. He presented a compelling “killer slide” that showcased the economic benefits of adopting a hybrid cloud model. This approach allows companies to take advantage of both on-premises infrastructure and cloud services, depending on their needs.

Next, Poonen shared some customer stories, including those from Vodafone and Rentokil. Vodafone discussed the progress they have made in implementing network function virtualization (NFV) and their ongoing research in the field of 5G technology. Rentokil, on the other hand, spoke about their use of Workspace One, a digital workspace solution that has significantly improved their mobile device management capabilities.

Poonen then brought in customers who have been focused on EUC (End-User Computing) solutions to discuss their experiences with Horizon and Airwatch deployments. The NHS Christie Group was the first to share their story, highlighting the critical importance of secure data access for healthcare professionals. Airbus followed with a case study of swapping out a fleet of BlackBerries using the power of Workspace One.

The event also featured an interview with Aaron Buley, who leads the Dell EMC HCI Technology Engineering team. In this segment, Poonen discussed the importance of community to him, Brian Graf, and Gina Minks. Finally, he took part in the vExpert Daily Panel, which can be viewed here.

Overall, Sanjay Poonen’s keynote address provided valuable insights into VMware’s accomplishments and future plans. The event offered a unique opportunity for attendees to learn from industry leaders and share their experiences with one another.

Migrating Workloads from a Shared pVDC to a Dedicated Cluster or pVDC: A Comprehensive Guide

In the dynamic landscape of cloud infrastructure, businesses often find themselves in a scenario where they need to reassess and optimize their resource utilization. One such common scenario involves migrating workloads from a shared Provider Virtual Data Center (pVDC) to a dedicated cluster or pVDC. In this blog post, we will analyze the impact of such a scenario and provide insights into the technical feasibility and steps involved.

Scenario Overview

——————-

Consider a Virtual Cloud Director (VCD) infrastructure residing on a shared pVDC where resources are allocated among multiple customers. Now, let’s delve into a situation where a specific customer desires to move their workload to a dedicated cluster or a dedicated pVDC.

Questions at Hand

——————-

1. Technical Feasibility and Steps: Is it feasible to migrate workloads from a shared pVDC to a dedicated cluster or pVDC? What are the technical steps involved in such a migration process?

2. Impact on Customer Service: How does the migration process affect customer service, and what measures can be taken to minimize disruptions?

Technical Feasibility and Steps

——————————-

To migrate workloads from a shared pVDC to a dedicated cluster or pVDC, we can follow these steps:

1. Creation of a New pVDC with Dedicated Cluster: Establish a new pVDC with a dedicated cluster to cater to the specific customer’s requirements.

2. Creation of New VDCs in the Dedicated pVDC: Within the new pVDC, create new Virtual Data Centers (VDCs) tailored to the customer’s needs.

3. Move Customer vApps Using moveVApp APIs: Leverage the moveVApp APIs to seamlessly transfer customer Virtual Appliances (vApps) from the source VDC to the target VDC within the dedicated pVDC.

References

————

For detailed implementation guidance, refer to the following resources:

* VMware Cloud Director Documentation: Provides in-depth information on migrating workloads between org VDCs and pVDCs.

* VMware vRealize Automation: Offers a comprehensive guide on managing and automating virtual infrastructure, including workload migration.

Impact on Customer Service

—————————-

The migration process, when executed efficiently, minimizes downtime and disruption to customer services. By leveraging the moveVApp APIs, live vApps can be moved across org VDCs seamlessly, ensuring a smooth transition for the customer. To mitigate any potential service interruptions, consider the following measures:

* Schedule the migration during off-peak hours or plan it gradually to minimize the impact on customer services.

* Provide timely communication to customers about the migration process and its expected outcomes.

* Ensure adequate resources are allocated to the dedicated cluster or pVDC to accommodate the migrated workloads without affecting performance.

Conclusion

———-

The ability to migrate workloads from a shared pVDC to a dedicated cluster or pVDC is a valuable feature in optimizing resource allocation. As illustrated, the process involves creating a new pVDC, establishing dedicated VDCs, and leveraging moveVApp APIs for seamless migration. By following the recommended steps and referring to the provided resources, businesses can ensure a smooth transition while maintaining the continuity of customer services.

Stay informed, plan strategically, and embrace the flexibility of cloud infrastructure for optimal performance. Your email address will not be published. Required fields are marked *