Archive

Archive for the ‘Virtualisation’ Category

VMware certification exams – 50% discounts (2013 offer)

October 14th, 2013 13 comments
Print Friendly

defy-conventionIf you’re in the market to take a VMware certification exam, there’s some good news – provided you’re quick. For the next couple of days (while VMworld Barcelona is running, Oct 14th-17th 2013) you can book the VCP and VCAP exams at a cool 50% offeven if you’re not at the conference! For VCP that’s a saving of approx £50 and more like £200 for the VCAP exams! If you want to blitz some of the new certification tracks recently announced you’re not limited to just one – study your little legs off and you could save even more by taking multiple exams….

The codes you need to register with are;

  • VWBAR50 – for the VCP exams (VCP-DV, VCP-DT,VCP-Cloud,VMware IaaS, VMware View)
  • VWADVBAR50 – for the VCAP exams (VCAP-DCA, VCAP-DCD, VCAP-CID, VCAP-CIA, VCAP-DTD)

UPDATE 15th Oct: There is also a code for the new VCA exams (completely free) which looks to be good until the end of the month (October 2013).
CORRECTION 15th Oct: I incorrectly stated the VCAP code as VMADVBAR50, which has now been corrected (as above).

Conditions:

  • You MUST book the exam while VMworld Barcelona is running. You don’t have to be attending the conference, it’s just the period of time the offer is valid.
  • You MUST take the exam by the end of the year.

What are you waiting for? Head over to VMware Certification and get registered certification junkies!

Categories: VMware Tags: , ,

Converged infrastructure: an introduction

September 9th, 2013 No comments
Print Friendly

For the last couple of years adoption of ‘converged infrastructure’ has been on the rise but until recently it wasn’t something I’d needed to understand beyond general market awareness and personal curiosity. I was familiar with some of the available solutions (in particular VCE’s vBlock and Netapp’s Flexpod) but I also knew there were plenty of other converged solutions which I wasn’t so familiar with. When the topic was raised at my company I realised that I needed to know more.

Google research quickly found a converged infrastructure primer at Wikibon which had the quotable “Nearly 2/3rds of the infrastructure that supports enterprise applications will be packaged in some type of converged solution by 2017“. The Wikibon report is well worth a read but it didn’t quite answer the questions I had, so I decided to delve into the various solutions myself. Before I continue I’ll review what’s meant by ‘converged infrastructure’ with a Wikipedia definition;

Converged infrastructure packages multiple information technology (IT) components into a single, optimized computing solution. Components of a converged infrastructure solution include servers, data storage devices, networking equipment and software for IT infrastructure management, automation and orchestration.

In a series of blogposts over the coming months I’m planning to summarize the converged offerings from various vendors including VCE, Netapp, HP, Oracle, IBM, Dell, Hitachi. If I find time I’ll also cover the newer ‘hyperconverged’ offerings from Nutanix, Scale Computing, Pivot3 and Simplivity. This is largely for my own benefit and as a record of my thoughts – there’s quite a bit of material out there already so it may turn into a compilation of links. I don’t want to rediscover the wheel!

Q. Will this series of blogposts tell you which converged solution you should choose?
A. Nope. There are many factors behind these decisions and I (unfortunately) don’t have real world experience of them all.

CI solutions vary considerably in their degree of convergence and use cases. Steve Chambers (previously of VCE, now CanopyCloud) has a good visualisation of the various solutions on a ‘convergence’ scale. If you haven’t read it already I’d strongly recommend you do so before continuing.

Why converged infrastructure?

Before I delve into the solutions let’s have a look at some factors which are common to them all – there’s no point looking at any solution unless you know how it’s going to add value.

  • Management. The management and orchestration tools are often what add real value to these solutions and that’s typically the component that people aren’t familiar with. Run a POC to understand how effective these new tools are. Do they offer and API?
  • Simplicity – validated architectures, preconfigured and integrated stacks of hardware and software, and built in automation all promise to ease the support burden of deploying and operating infrastructure. Who do you call to resolve problems? Will you be caught between vendors blaming each others components or is there a single point of contact/resolution? While a greenfield deployment may be simpler, if you add it to the existing mix (rather than as a replacement) then you’ve added complexity to your environment, and potentially increased your TCO rather than reduced it. Changes to existing processes may also impact job roles – maybe you won’t need a storage admin for example – which can be a benefit but may require considerable change and entail uncertainty for existing staff.
  • Flexibility – Is deploying a large block of compute/network/storage granular enough for your project? Many vendors are now producing a range of solutions to counter this potential issue. While deployment may be quicker, consider ongoing operations – because the engineered systems need to be validated by the vendor you may not be able to take advantage of the newest hardware or software releases, including security patches. For example Oracle’s Exalogic v2, released in July 2012, ships with Linux v5 despite v6 being released in February 2011. The CPU’s were Intel’s Westmere processors (launched in Jan 2011) instead of the E5 Romley line which were released in March 2012. This isn’t just Oracle – to varying degrees this will hold true for any ‘engineered’ system.
  • Interoperability. Can you replicate data to your existing infrastructure or another flavour of converged infrastructure? What about backups, monitoring etc – can you plumb them into existing processes and tools? Is there an API?
  • Risk. CI solutions can reduce the risk of operational issues – buy a 100 seat VDI block which has been designed and pretested for that purpose and you should be more confident that 100 users can work without issue. But what if your needs grow to 125 VDI users? Supplier management is also a factor – if a single vendor is now responsible for compute, networks, and storage, vendor lock in becomes more significant but consolidating vendors can also be a benefit.
  • Cost. CI is a great idea and easy to grasp concept but there’s no such thing as a free lunch – someone is doing the integration work (both software and hardware) and that has to be paid for. CI solutions aren’t cheap and tend to have a large initial outlay (although Oracle have recently announce a leasing scheme which some are sceptical of!) so may be more suited to greenfield sites or larger projects. TCO is a complex issue but also bear in mind support costs – engineered systems can be expensive if you need to customize them after deployment. CI system’s integrated nature may affect your refresh cycle and have an impact on your purchasing process.
  • Workload. Interestingly virtualisation promised a future where the hardware didn’t matter but the current bundling of CI solutions could be seen as a step backwards (as eloquently described by Theron Conrey in this blogpost ‘Is converged infrastructure a crutch?‘). There’s an interesting trend of extending the convergence through to the application tier as seen in Oracle’s Exadata/Exalogic, VCE’s’specialised’ solutions (SAP Hana etc) and Netapp’s Flexpod Select solutions. This promises certification/validation through the entire stack but does raise an interesting situation where the application teams (who are closer to the business) increasingly influence infrastructure decisions…

There’s a thought provoking article at Computer Weekly discussing modular datacentres which takes the converged concept even further. Why bolt together building blocks in your datacentre when you can buy a complete datacentre in a box. Convergence on a larger scale! Next thing you know they’ll be using shipping containers for datacentres… :-)

Further Reading

Converged infrastructure primer (Wikibon)

Management of converged infrastructures (the Virtualization Practice)

Engineers Unplugged session on hyperconverged infrastructure (7 mins)

The Future of Convergence think tank (2hr video)

EMC’s white paper “Time for Converged Infrastructure?” – some good points but with an obvious bias

Containerized datacenters – is a box a good fit?

Converged infrastructure and Object Oriented programming

The state of Converged infrastructure (Zenoss 2013 survey results)

VMworld 2013 – Is it just me?

September 3rd, 2013 No comments
Print Friendly

vmworld2013logo-300x169Overall I guess I feel disappointed. Over the last week I’ve been trying to keep up with developments from VMworld and to be honest it’s not been as tough as I thought because most of the announcements were already known quantities and very little ‘new’ information was given. I see this as a reflection of the growth and maturity of VMware – release cycles are getting longer, innovation takes longer to gestate, and the low hanging fruit of ‘wow’ features has been exhausted (and having written that I see Chris Wolf’s article which says much the same thing. I’m in good company). Chris Wahl’s blog has full details of the new stuff.

caveatUPDATE 4th Sept: It’s been pointed out to me that as a vExpert and blogger I do tend to have early access to both information and beta releases so what I consider new and what most attendees consider new is different. Fair comment.

Eric Siebert, a long time veteran of VMworld and the technology involved, has a great writeup of the main announcements along with his thoughts, which largely mirror my own. Maybe we’ve been spoilt over the years by the ‘cool’ factor of the vMotion and svMotion, maybe I woke up on the wrong side of bed, or maybe VMware aren’t delivering the goods as they used to.

vSphere ticks along

vSphere has been on a two year release cycle for major versions but that seems to have slipped. The next release of the core vSphere platform will be out later this year (probably at VMworld Barcelona as with v5.1 last year) but even when it does v5.5 is not much to write home about;

  • SSO has been rewritten but it probably shouldn’t have been released as it was in the first place :oops:. OK, there are a few new features too.
  • New maximums will probably only help the minority
  • VSAN might be nice but isn’t even in beta yet and will still be an extra cost when it is released.
  • We still have two clients, both of which are required. The web client has been improved but they haven’t discontinued the GUI client as expected.
  • App HA is apparently significantly improved from previous editions but application support is still limited. Good for MS SQL maybe but there’s no Oracle, SAP etc. It’s also an Enterprise+ feature. SMP support for VMware’s FT feature (which could be great) is still just a technical preview with no release date.
  • OK – vSphere Flash Read Cache is a nice addition, as is lifting the 2TB VMDK limit and OSX support for the remote console (a personal gripe there) :-) Shame vFRC is also Enterprise+ only…
  • OK – the vCSA can now handle larger environments, but vCenter is still not a scalable, highly available service. Yeah, I’m grumpy.

If you look at the benefits they’re largely for the admin or behind the scenes. If I have to justify time and resource to upgrade my hosts, what benefit does the business get? I’m on Enterprise licencing, so precious little sadly. :-(

reality

vCloud Suite still isn’t as compelling as it should be

With public vs private vs hybrid cloud all the rage I can understand why VMware aren’t focusing on the hypervisor so I was expecting a big vCloud push. There was much fanfare about the launch of VMware’s public cloud, vCHS, but I’m still unconvinced;

  • It’s launch is US only and is potentially missing some key functionality (though I think some of those referenced features are less in demand for enterprise apps). I accept that the US cloud market leads the world but as a European this leaves me somewhat in limbo – I’m sure it’ll reach us eventually but Amazon and Azure (among others) are already available….
  • I’ve not seen any official statement from VMware so take it with a pinch of salt, but vCD looks like it’s on the chopping block and being replaced by vCAC (though both are still included in v5.5). This is a product that’s been at the pinnacle of VMware’s spearhead into the cloud market and it’s being ‘retired’ at only three years old? What about the vCloud Service Providers? Apparently it’ll live on for them but for how long? The launch of vCHS probably didn’t please too many service providers and this move looks set to alienate them further, along with many customers who have invested in vCD. One of the big selling points for vCHS is the seamless experience of running VMware’s stack for both your private and public clouds, but how do I start down that road today? Should I buy into the vCloud Suite and invest in vCloud Director knowing it’s going away? By the same token I know vCAC is going to change significantly in the next year or two and today it lacks key functionality like multi-tenancy. Maybe I should wait a year or two and see how things pan out? In that case, where’s the synergy in vCHS? Unfortunately VMware don’t have a great history in providing seamless upgrade paths – need I mention Lab Manager, Stage Manager, VDP…

After VMworld last year I speculated that VMware needed to accelerate their customer’s journey to the cloud or suffer and I don’t think this reshuffle/repositioning helps matters. For something of such strategic importance would you want to be an early adopter of the vCAC/vCD amalgamation? Dynamic Ops were initially a competitor to vCD, then post VMware acquisition they became mutually beneficial, and now vCAC is becoming the primary cloud solution. VMware have always excelled at promoting a vision which helped get ‘buy in’ – you knew that when you were ready for the next step it’d be waiting for you. Now I’m not so sure. On the bright side the pricing for the vCloud Suite seems better than I realised. Looking at pricing for vSphere Enterprise+ vs vCloud Standard it’s almost the same despite the fact you also get vCD, vCAC, and vCOPS with the vCloud suite.

fojtaUPDATE 1st Sept: A twitter conversation with Tom Fojta and Dave Hill, both of whom work for VMware (though tweets are their own) implied that vCD may not be retired but merely realigned because enterprise and service providers need different solutions. This makes more sense as it will at least minimise the disruption. Let’s hope there’s some official clarification from VMware soon as I’m not the only one with concerns.

UPDATE 4th Sept: VMware have now provided a directional statement which confirms how this will affect customers, how functionality will migrate to vSphere/vCAC, and clarifies that vCD will continue in use with service providers.

EUC moves forward

I’m not much of an end user computing guy as my company haven’t bought into it conceptually, and with the release of the Horizon suite earlier this year we finally have some of the products VMware have been talking about for the last few years. I’m excited about the possibility of desktops in the cloud but Brian Madden, a well known VDI guru, seems to think the vision is spot on but execution and delivery are lacking.

SDDC is a grand vision but can it succeed?

I like the idea of the software defined datacenter but it’s going to be a tough sell for VMware. It’s disrupting major technologies, networks and storage, which are well embedded in the datacenter which puts them in competition with many of their major partners.

Storage is going through an exciting time and VMware are now beginning to promote their storage credentials. With the addition of VSAN and vFRC they’re pushing vSphere storage towards the ‘software defined’ concept they’ve coined  although I was hoping for some advance on the Virsto acquisition. The announcements and sessions around NSX, VMware’s network hypervisor, do look interesting and if they can be successful we’re in for quite a ride! Maybe this is where VMware can recapture some of that magic they had four or five years ago. Even if they succeed the SDDC will arrive slowly because of financial, technical, and social factors. Given the potential complexity and disruption introduced by SDDC we need a clear value statement otherwise the perception may be that we’ll all be better off in a cloud where someone else manages it for us…

The process of writing and researching this article has actually made me more optimistic and I still think VMware have huge potential to innovate and disrupt (in a positive way) the datacentre of the future. I think I’m just grumpy because we still don’t have the VMTN Subscription! I’m sure I’ll soak up the boundless energy VMworld Barcelona generates and be back to my optimistic self later in the year.

Cloud threatens VMware

Categories: Cloud, VMware Tags: , , ,

IP Expo or VMworld Europe?

September 2nd, 2013 No comments
Print Friendly

IPExpoChoiceWith VMworld in San Francisco, which I couldn’t attend, now a distant memory my thoughts have turned to attending the European replay to be held in Barcelona this October. As VMware have grown over the years so has the conference (see some stats and how competing conferences compare) and as I always tell my team it isn’t just a virtualisation show it covers all aspects of infrastructure. The downside is that VMworld isn’t vendor neutral (the clue is in the name!) so you won’t see Microsoft, Citrix, or Amazon solutions despite their increasing relevance to those interested in the enterprise cloud and virtualisation industry. I have to fund my own way to VMworld every year (though a blogger’s pass to the conference takes care of the lion’s share) so I’m definitely concerned with getting value for money.

This is the first year when I’ve questioned “is VMworld the best place to be?”

In the UK’s there’s a competing show, IP Expo, which for the last few years has clashed with VMworld Europe and does again this year. In the future I’m hoping this will change as the current venue, Earls Court, is due to be sold so alternative arrangements will have to be made. Unlike VMworld, IP Expo is vendor neutral so there’s a level playing field and you can investigate solutions and technology from all parties (hey, even Oracle are there for those 1% who use OVM!). VMworld has always focused on infrastructure more than the application tier and with the spinoff of Pivotal earlier this year that seems likely to continue whereas IP Expo tends to be more well rounded. It’s interesting to note that Annika Jimenez, lead data scientist at Pivotal, is a keynote speaker at IP Expo while the VMworld keynotes were remarkably Pivotal free.

I attended an early IP Expo event (last decade) but haven’t been since so bear that in mind when considering my points below. I spoke to Jane Rimmer who’s attended both shows and sees things from both the attendee and the exhibitor viewpoints but nonetheless I’m probably making some assumptions! A few numbers;

VMworldIP Expo
Conference length:3 days (plus a partner day)2 days
Attendees:600014000
Exhibitors:99240
Sessions/seminars:265240

Why go to VMworld?

  1. For VMware focused technical content you can’t get anywhere else. There are over 265 sessions throughout the three days and while some are still heavy on the marketing there’s plenty of deep dive technical sessions. Group discussions are also an invaluable way to quiz senior engineers directly, something that’s very hard to do in any other forum. The onsite labs also offer a chance to get hands on with the latest technologies although there is a public beta still running outside the conference and the IP Expo labs look to be centered around Amazon and Oracle solutions.
  2. It’s three days of technology immersion, not two (unless you’re a partner in which case I’m assuming you’re going to VMworld regardless). Frankly it’s impossible to do justice to all the content in three days let alone cover even more ground with more exhibitors in two days!
  3. It’s the centre of the VMware universe for those three days. Anyone who’s anyone in the VMware ecosystem will be there – vendors, technical experts, bloggers etc. In theory there will be some announcements from VMware but in the past anything significant obviously comes out first at the US show. For career networking these are the folks you want to meet.
  4. It’s a conference, not an exhibition – it’s NOT free and therefore should be more educational and less sales focused. By introducing a barrier to entry it ups the ante – people don’t show up just to have a day out of the office :-). Vendors know that attendees have paid good money to be there so value your time (well, some more than others), VMware prepare a lot of content, and the other attendees you meet <assumption>tend to be more senior and focused</assumption>.

Why go to IP Expo?

  1. It’s free. No costs and easier ROI to justify, less planning upfront required!
  2. It’s free. Did I mention that already? You can register here.
  3. It’s vendor neutral. You can see solutions from all the competing vendors in one place (including a VMware zone).
  4. It’s only two days so less time out of the office and less disruption to your workload.
  5. Amazon are the primary sponsor this year, the first time they’ve sponsored a third party event in Europe. Did anyone say Amazon are targeting the enterprise? Even if VMware is your lifeblood you need to know your competition (or coopetition) :-).
  6. If you’re interested in the application layer as well as infrastructure, IP Expo has more of interest.
  7. You can catchup on VMworld later, whereas IP Expo you have to be there! Sessions at VMworld are recorded and access can be purchased separately so while this is kind of a benefit of VMworld if you’re interested in alternative vendors it’s almost possible to do both…

Which will you attend and why?

Categories: VMware Tags:

Twelve weeks is a long time in tech!

May 13th, 2013 No comments
Print Friendly

Firstly an apology for those who regularly read my blog – I’ve just returned from three months paternity leave where I was largely ‘off the grid’ and had very little to do with technology and lots to do with changing nappies and singing nursery rhymes in public!  I could write a blogpost about technology parallels but that’s already been covered by Bob Plankers so I thought I’d at least check on industry developments and write up the events that caught my attention in those months. In no particular order;

Obviously three months isn’t very long in strategic terms although there are a couple of interesting developments. With the acquisition of Virsto and the announcement of NSX VMware are progressing their ‘software defined’ datacentre vision while the hybrid cloud move was leaked last year and now seems obvious given their lack of progress against rival public cloud providers like Amazon. EMC aren’t ignoring the threat that the shift towards open source, commodity, and ‘software defined’ products poses to their existing product lines although it’ll be interesting to see how other storage vendors respond to the same challenges. From my limited viewpoint (my company aren’t really doing ‘cloud’ at all if you ignore shadow IT) OpenStack seems to be gaining ground – I see more coverage and more people I know getting involved.

Anything I’ve missed? What’s in store in the next twelve weeks? Interesting times!

Categories: VMware Tags: ,

Spring has sprung and it’s LonVMUG time again!

April 16th, 2013 1 comment
Print Friendly

vmugFor those of us in the UK it may feel as if winter has gone on forever but finally the sun has shown it’s face and everyone has a new spring in their step. What to do with all that pent up energy?

Attend the London VMUG on Thursday 25th April of course! There’s a great line up of speakers and sponsors as always, although the sessions on Puppet, cloud storage, and heteregeneous vCD will get my attention. Below is the full agenda but note that you need to register for free in advance.

Where to go for the usergroup

London Chamber of Commerce and Industry 33 Queen Street
London, EC4R 1AP (map)

Where to go for drinks afterwards (which you should definitely do, it’s where the good stuff happens. It’s a five minute walk from the usergroup)

The Pavilion End pub
23 Watling Street, Moorgate
London
EC4M 9BR (map)

Twitter:@lonvmug (or hashtag #lonvmug)

April2013-VMUG-agenda

Hope to see you there!

Categories: VMware Tags:

Automating vSphere with Cody Bunch – book review

March 6th, 2013 No comments
Print Friendly

vCenter Orchestrator (vCO) has been around since May 2009 when vSphere4 was initially released. Despite being around for over two years it doesn’t seem to get much attention even though it’s free to anyone who’s purchased vCenter and has the potential to save effort for system administrators. There are a couple of reasons for this in my opinion – firstly it isn’t ready to go by default, you have to configure it manually and that’s not as straight forward as it could be. Secondly it looks intimidating once configured and does require some knowledge of either the vSphere API and preferably using Javascript. While neither are that hard to get to grips with, combined it makes for quite a barrier to entry.

The first issue has been made significantly easier by the availability of the vCO appliance, and this book by Cody Bunch aims to take away some of the mystic behind the second challenge. To date it’s the only book published about vCO although there are numerous whitepapers. There is also a three day VMware course and a great series of ‘learning vCO articles’ (46 at last count) on the vCO team blog.

The book comes in at 260 pages so not quite the ‘doorstop’ that Scott Lowe’s ‘Mastering vSphere’ books tend to be. As with many technical books however the key is in understanding the content rather than having lots of it – you could easily spend a week learning a specific part of the API while you perfect a real world workflow. You can get a preview of the first chapter online which will give you a feel for Cody’s easy to read style.

The book is split into three sections plus appendices;

  1. Introduction, installation and configuration (50 pages)
  2. Working with Orchestrator (50 pages)
  3. Real world use cases (100 pages)
  4. Appendices – Onyx, VIX, troubleshooting, the vCO vApp (50 pages)

If you’re familiar with vCO (if you’ve done the VCAP4-DCA exam for example you probably installed and configured Orchestrator as it was on the blueprint) you won’t dwell too long on the first section as there’s not much you won’t already know. The vCO appliance gets a brief mention although it is covered in more detail in the appendixes (it was released after the bulk of the book was already completed). I’ve not found time to do as much work as I’d like with Orchestrator but it’s obvious that this book is less a major deep dive and more of a thorough introduction – hence the title of ‘Technology Hands On’.

You can buy the book from Amazon.com or Amazon.co.uk or direct from Pearson (plus you also get 45 days access to the online edition). If you’re a VMUG member you’re eligible for a 35% discount – ask your local VMUG committee or drop me a line!

Further Reading

The official VMware vCO page

The vCO resources page (including forums, videos, FAQ etc)

The unofficial vCO blog

Cody Bunch’s section on vCO at Professional VMware.com

Joerg Lew’s website vCOPortal.de (VCI and all round vCO guru)

Tom Holingsworth’s review of the book

Twitter people to follow;

BetterWPSecurity – a great WordPress plugin but proceed with caution

February 19th, 2013 No comments
Print Friendly

I’ve recently installed the BetterWPSecurity WordPress plugin, and found that while it’s very useful and does increase the security of WordPress it can also break your site.

Ah, Monday morning and the start of my three months paternity leave looking after my six month old son Zach. During his morning nap I logged into my blog to work on an article and noticed that my blog wasn’t loading articles correctly even though the home page worked just fine. Investigating further and looking at my site stats (I use both the Jetpack plugin and Google Analytics) clearly showed that something broke at the start of the weekend – I had nearly no traffic all weekend. Having just referred a colleague to my site for some information and on my first day of paternity leave (ie less time on my hands, not more as some may think) this was definitely not ideal timing!

My first step was to check my logs for information, in this case the BetterWPSecurity log for changed files. This revealed that the .htaccess file in the root directory was changed late on Friday night at 11:35pm – and I knew that wasn’t me as I was tucked up in bed. My first thought was a hack as the .htaccess file permits access to the site but there was no redirect or site graffiti and the homepage still worked so that didn’t seem likely. I logged in via SSH to have a look at the .htaccess file but didn’t see anything obvious although I’m no WordPress expert.


My priority was to get the blog working again so I tried restoring a copy of the changed file from the previous week’s backup (made via the BackWPUp plugin) only to find the backup wasn’t useable. Bad plugin! Luckily I’m a believer in ‘belt and braces’ and I knew my hosting company, EvoHosting, also took backups. I logged a call with them and within the hour they’d replied with the contents of the file from a week earlier. Sure enough the file had been changed but looking at the syntax it appeared to be an error rather than malicious hack.

My .htaccess file when the site was working;

# BEGIN WordPress

RewriteEngine On

RewriteBase /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

# END WordPress

My .htaccess file after the suspicious change;

# BEGIN Better WP Security

Order allow,deny

Allow from all

Deny from 88.227.227.32

# END Better WP Security

RewriteBase /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>

# END WordPress

I backed up the suspicious copy of the file (for future reference, ie writing this blogpost), restored the original et voila – the blog was working again. Step one complete, now to find the root cause…

Part of any diagnostic process is the question ‘what’s changed?’ and I had a suspicion that BetterWPSecurity could be the culprit as I’d only installed it a few weeks earlier. There was also the obvious issue of the new code in the .htaccess file which looked to belong to BetterWPSecurity. I checked the site access logs which confirmed my hypothesis – someone had attempted to break into my site and while attempting to block the attacker BetterWPSecurity had mangled my .htaccess file. The logs below have been truncated to remove many of the brute force login attempts (there were plenty more) but note that on the final line (after BetterWPSecurity has blocked the attacker) the HTML return code was 418 (“I’m a teapot”) rather than 200 plus the suspect IP 88.227.227.32 is the same as the one denied in the mangled .htaccess file. Yes, you read that right, “I’m a teapot”! Here’s a full explanation for that April Fool’s error code. :-)

88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 418 5 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"

So BetterWPSecurity led me to the fault but also caused it. To be fair the plugin does warn you which settings are potentially going to cause issues but I’d assumed that it wouldn’t be me – dangerous things assumptions. I’ve rectified the issue by restricing BetterWPSecurity from altering core system files as shown in the screenshot below;

My blog is fixed and I’m feeling quite chuffed that it was all resolved during a long lunchbreak – not a bad day’s work if I do say so myself! Lesson for today? Take warnings seriously and have multiple backups!

Categories: VMware Tags: , ,

My ‘chinwag’ with Mike Laverick

January 21st, 2013 No comments
Print Friendly

Late last week I joined an illustrious line of community bloggers, vendors, and authors by having a ‘chinwag’ with Mike Laverick. Anyone who knows Mike knows that a quick chat can easily last an hour for all the right reasons – he’s passionate about VMware and technology in general and good at presenting complex ideas in an easily understood manner. I guess that’s why he recently became a senior cloud evangelist for VMware! We discussed a few topics which are close to my heart at the moment;

  • Oracle
  • vCloud Director
  • Storage Field Day

You can listen to the audio (MP3 or the iPod/iPad friendly M4V) or watch the YouTube video. As time is limited on the actual chinwag I thought I’d offer a few additional thoughts on a couple of the topics we discussed.

Oracle and converged infrastructure

I didn’t want to get embroiled in a discussion about Oracle’s support stance on VMware as that’s been covered many times before but it’s definitely still a barrier. Some of our Oracle team have peddled the ‘it’s not supported’ argument to senior management and even though I’ve clarified the ‘supported vs certified’ distinction it’s a difficult perception to alter. Every vendor wants to push their own solutions so you can’t blame Oracle for wanting to push their own solution but it sure is frustrating!

Of more interest to me is where converged infrastructure is going. As we discussed on the chinwag Oracle are an interesting use case for converged infrastructure (or engineered systems, pick your terminology of choice) because it includes the application tier. Most other converged offerings (VCE, FlexPod, vStart and even hyperconverged solutions like Nutanix) tend to stop at the hypervisor, thus providing a abstraction layer that you can run whatever workload you like on. Oracle (with the possible exception of IBM?) may be unique in owning the entire stack from hardware all the way up through storage, networking, compute, through to the hypervisor and up to their crown jewels, the Oracle database and applications. This gives them a position of strength to negotiate with even when certain layers are weak in comparison to ‘best of breed’, as is the case with OracleVM. Archie Hendryx explores this in his blogpost although I think he undersells the advantage Oracle have of owning a tier 1 application – Dell’s vStart or VCE’s vBlock may offer competition from an infrastructure perspective but my company don’t run any Dell or VCE applications. If you’re not Oracle how do you compete with this? You team up to provide a ‘virtual stack’ optimised for various workloads – today VDI is the most common (see reference architectures from Nexenta, Nimble Storage et al). As the market for converged infrastructure grows I think we’ll see more of these ‘vertical’ stack style offerings.

Here’s a few blogpost’s I found interesting related to Oracle’s solutions: a look at the Exadata infrastructure, who manages the Exadata, Exalogic 2.0 Focuses on Elastic Cloud

vCloud Director

After I described my problem getting vCD tabled as a viable technology for lab management Mike rightly pointed out that many people are using vCD in test and dev – maybe more than in production. I agree with Mike but suspect that most are using dev/test as a POC for a production private cloud, not as purpose built lab management environment. I didn’t get time to discuss a couple of other points which both complicate the introduction of vCD even if you have an existing VMware environment;

  • Introducing vCD (or any cloud solution for that matter) is potentially a much bigger change compared to the initial introduction of server virtualisation. In the latter the changes mainly impacted the infrastructure teams although provisioning, purchasing, networks and storage were all impacted. If you’re intending to deliver test/dev environments you’re suddenly incorporating your applications too, potentially including the whole development/delivery lifecycle. If you go the whole hog to self-service then you potentially include an even larger part of the business right up to the end users. That’s a very disruptive change for some ‘infrastructure guy’ to be proposing!
  • vCD recommends Enterprise+ licencing which means I have to argue for the highest licencing level for test/dev, even if I don’t have it in production

If you’re interested in vCloud Director as a lab management solution here are links to some of the companies and technologies I mentioned;  SkyTap Cloud, VMworld session OPS-CSM2150 – “Lab management with VMware vCloud Director: Software development customer panel”, Frank Brix’s network fencing blogpost, and a good generic post about using the cloud for development.

Categories: VMware Tags: , , ,

Here’s what you missed in 2012 (LonVMUG)

December 3rd, 2012 No comments
Print Friendly

It’s that time of year when I book the next London VMUG session into my calendar and rather than my usual ‘here’s the agenda, you should go‘ blogpost I thought I’d recap what the last year has delivered. If this doesn’t convince you that there’s value in attending a free event where you could have learnt all the topics listed below as well as networking with your peers then nothing will. :-)

If there’s a topic you’d like covered or if you’d like to present something yourself get in touch with the organising commmittee. I’m planning to present at one of next year’s VMUG sessions (it’s about time!) because it’s a user group and real world experience can be gold dust for others to learn from. I’m told we’re a friendly audience!

Before you continue, register for the next session on 24th Jan 2013!

Cartoon showing Dilbert

I’ve grouped them according to some industry trends so your own ‘pointy haired boss’ will also see the value;

I could mention the giveaways (iPad, Fusion-IO card, t-shirts, AppleTV etc) and the free beers afterwards, the fact we had at least five VCDX’s presenting and the live labs from EMC, VMTurbo, and Embotics etc but you’re already sold right?

Register for the next session on 24th Jan 2013 (did I mention it’s free?)

Categories: VMware Tags: , ,