Tag Archives: blogging

The tech.unplugged conference – containers, containers, containers

On 22nd April I attended the first tech.unplugged event in London (organised by Enrico Signoretti) which was a one day conference about enterprise IT infrastructure. The theme was “The Future of Enterprise IT: Technology and Strategies”. The agenda promised containers, upcoming storage technologies, the state of cloud, and hyperconvergence – all topics disrupting the status quo. The sessions will be made available online at the tech.unplugged site a few days after the event.

The stated goal was “not to replace traditional information channels and analysts, but to deliver insight and information in a unique way….to assist IT decision makers by bringing them together with independent bloggers, industry vendors, and end users, and engaging in debates and open discussions on topics such as IT infrastructure, virtualization, cloud computing and storage”

Did it achieve it’s aims? Yes, I think so. It was more akin to a VMUG or TechFieldDay event with a 50/50 representation between independent bloggers and vendors whereas most conferences are very vendor led. My overall feel from the day was positive and enjoyable. The size of the audience (around 60 people) fostered an informal, interactive feel, largely helped by the two round tables. I worry slightly that it’s an echo chamber as half of the audience were the usual suspects/bloggers but maybe I’ve just been around too long. 🙂

docker
Containers continue to disrupt

The first session summed up the day for me as ‘containers’ are the ‘tech du jour’ both for developers and infrastructure admins. The speaker, Nigel Poulton, is the author of the deep dive Pluralsight course on Docker (which he reminded us of, plentifully) although it was pretty much ‘containers 101’. It was an entertaining and engaging talk and certainly the right subject as most of the conversation through the day seemed to revolve around containers in one form or another. If you haven’t already ‘grokked’ containers (as Nigel would say) start learning! Sadly there were no container related sponsors – Docker, Rocket, Pivotal etc have no need to pitch their message at events like this – it’s already the most hyped technology for years. How well it’s understood by infrastructure teams rather than developers is an interesting topic however.

The enterprise container conversation does remind me of the early days in ‘cloud’ – everyone is trying to work out how disruptive they’ll be, whether they’ll have a job in a few years, or whether’s it’s all hype. While focused on ‘cloud’ rather than containers this was also mentioned in Stephen Foskett‘s talk, another enjoyable session – ‘Is Cloud your next IT silo?’ (with a good writeup from Tim Hynes). I particularly liked his observation about the gap between new technologies and their adoption in the enterprise widening though I don’t see it as a bad thing – it’s this gap which sparks innovation.

cloud silo
Is ‘cloud’ your next silo?

Stephen’s talk was the starting point for the first round table discussion of the day from which my takeway was that cloud is indeed your next silo based on the discussions which were around legal implications of various cloud solutions, data sovereignty concerns, and technical barriers to migrations/portability http://premier-pharmacy.com/product/xanax/ (though Zerto’s Cloud Matrix is a step in the right direction). Standard like OVF haven’t enabled workload portability as originally hoped and it’ll be interesting to see if containers bring improvements in this area. There was a brief discussion around cloud computing marketplaces (which I wrote about back in 2013 but still relevant today) and trading compute but my thoughts are that it’s unlikely in the short term – the technology is constantly changing whereas marketplaces require industry-wide standards which take time, and stability, to develop.

Probably reflecting Enrico’s background in storage there was quite a bit of storage discussion both from sponsors and speakers. Chris Evans covered current architectures and trends in storage along with some practical things to consider when you’re next in the market for storage (covered briefly in this blogpost).Martin Glassborrow (better known as @storagebod) gave probably my favourite talk of the day for sheer entertainment titled ‘stop worrying about storage growth and manage it’. To sum it up – everyone lies! Just watch it when the presentations are available. I also learnt about a few sponsor’s solutions which I wasn’t familiar with previously;

  • Load Dynamix, who launched in EMEA just weeks before the event, tried to convince us that we need to profile our storage but they’re aiming at large enterprises spending millions on storage and I can’t help but feel they have a limited audience, albeit one who may well pay handsomely for the technology they offer.
  • Zadara Storage offer ‘cloud storage’ that you co-locate in your cloud providers datacentre (much like Netapp did back in 2012. The two have now partnered). This gives you increased control, isolation, and potentially performance – in my mind it bridges the gap between traditional on-premise storage and moving to a ‘service’ based cloud offering. Read Chris Evan’s thoughts on Zadara.
  • Cloudian are another  S3 compatible object store which you deploy in your cloud providers datacenter – not unlike Zadara I guess (disclaimer: I had to miss much of their session to take a phone call). Read Ray Lucchese’s thoughts on Cloudian.

Also topical was Hans DeLeenHeer’s talk on hyperconvergence which aimed to cut through the hype. Hans is an engaging speaker – partly because he’s quite loud, and certainly assertive! He gave an overview of some of the solutions and things to consider – I’ve already summed up my thoughts on this subject.

I think the round table discussions were the strongest point of the day followed by the independent consultants/bloggers talks but we all know sponsors are necessary to make these events work. Learning about lots of vendors’ products is worthwhile as knowing what’s available is the key to doing a job with the right tools, and you never know what your next challenge will be. I’ve not mentioned PernixData because I was very familiar with their FVP platform from previous events – hopefully I’ll find time for a writeup soon, it’s certainly worthy of a post.

Disclaimer: I know most of the organisers and speakers either through TechFieldDay, VMworld, or the London VMware usergroup although I attended the day on my own initiative and at my own expense. Thoughts are my own!

The VMTN subscription is back (via VMUG Advantage)

vmtnSummary: It’s not quite the full VMTN Subscription that I think some envisaged but it’s a very good start. Through the VMUG Advantage program you can now get 365 day eval licences for various VMware products. About time.

Back in the mists of time (2005 through 2007) VMware offered the VMTN subscription, their equivalent of Microsoft’s Technet program (itself now sadly gone to heaven/clouds too). This allowed various people to licence software. However this was discontinued in 2007 as it was felt that newly introduced free editions (VMServer and VMPlayer) combined with an expanded partner program provided sufficient access.

Fast forward to 2011 and the range of VMware products had multiplied. Independant consultants, bloggers, and even customers were beginning to struggle with limited trials and restrictive licencing. Cue Mike Laverick, a well known blogger, calling for the return of the VMTN subscription in a forum post which to date consists of over 23 pages of comments, with almost universal agreement that it should be brought back. As recently as June this year there was no sign it was ever going to happen – indeed Mike (who now works for VMware) had chatted to the relevant people internally and been told it wasn’t likely. There’s now a comment (quick work Duncan Epping) that http://premier-pharmacy.com/product-category/birth-control/ most online pharmacy nz will welcome…

This morning it looks as if VMware finally relented. It’s not comprehensive access to every product VMware offer (consider it a v1.0 release) but it’s a good start including the following products;

  • VMware vCenter Server™ 5 Standalone for vSphere 5
  • VMware vSphere® with Operations Management™ Enterprise Plus
  • VMware vCloud Suite® Standard
  • VMware vRealize™ Operations Insight™
  • VMware vRealize Operations™ 6 Enterprise
  • VMware vRealize Log Insight™
  • VMware vRealize Operations for Horizon®
  • VMware Horizon® Advanced Edition
  • VMware Virtual SAN™

Luckily I’m a VMUG Advantage member so have access as of this morning (you should get an email if you’re a member). I get many of these as a vExpert but it’s nice to know there’s a more inclusive way of getting this access. For the small army of home lab enthusiasts the cost of a VMUG Advantage membership is well within reach (approx £130, or US$200pa) and means no more rebuilding labs every 30 days. Combined with the freely available HoLs there really is a good choice now.

I think this will massively drive adoption of VMUG Advantage. Previously the benefits were of limited use – the best discount was on full training courses and the rest were largely ignored. I must admit I was likely to let mine lapse at the end of the year but I may now reconsider.

Storage Field Day #4 – who will you see?

I'll-be-backFollowing on from last year when I attended Storage Field Day #2 I’m glad to say I’ve been invited back to San Jose this year for SFD #4, happening Nov 13th-15th. I enjoyed the experience last year and learnt a lot so while it’s another four days out of the office (and two long haul flights) I believe it’s time well spent. Of course I’m not the main attraction – below I provide a quick summary of the sponsors as it gave me a good excuse to go look up the ones I was less familiar with (the official event page also lists them). These are my thoughts based on a quick look at vendor websites so I’m happy to be corrected! Nimble Storage, Proximal Data, and Virident are attending VMworld Barcelona so I’ll have a chance to get some information in advance;

Avere Systems – a NAS hybrid storage array with a difference as it’s designed to work as accelerated networked storage in front of ‘legacy’ storage arrays and includes unusual features (for a storage array) such as WAN acceleration and storage migration functions. It also offers storage virtualisation and a global namespace. A less common use case maybe?

Cleversafe – an object storage solution designed for large scale storage requirements (first mention of Big Data during my investigations) – if you don’t have 10PB these guys aren’t what you need. You know RAID and replication techniques? That won’t help you here. Cleversafe uses ‘dispersed’ storage and erasure codes (which I need to learn more about) and sells via hardware appliances.

CloudByte – Their flagship product, ElastiStor, is a ZFS based software only product which offers storage virtualisation, linear scalability, and storage QoS. Potentially comparable to Nexenta (although they don’t offer QoS to my knowledge)? Software only, scalable, ability to use commodity hardware – what’s not to like? There’s also a free trial which works up to 4TB – lab time here we come…

CohoData (previously Convergent.io) – As a startup company who have yet to launch its hard to know exactly what they do. The founders were behind the creation of the Xen hypervisor back in the late 90s – these guys have serious pedigree.
From their website “an integrated storage and networking model that abstracts configuration and functionality from the underlying hardware while making use of innovative storage networking integration and high-performance, commodity hardware to help http://premier-pharmacy.com/product/lipitor/ customers realize the vision of a software-defined datacenter“. Buzzword bingo? Another Nutanix or Simplivity? Time will tell.

GridStore – They’ve recently changed direction from scale out NAS to focus on performance enhancement by resolving the I/O blender problem created by virtualisation. In this respect it seems to do for Hyper-V (and Windows in general) what Virsto offers for VMware although it also offers storage QoS per VM. Like others it’s a ‘software defined storage’ product that’s bundled as an appliance (apparently for support purposes).

Nimble Storage – offer a hybrid storage array using a CASL architecture. These guys presented at SFD2 and seem to have seen good growth. It’ll be interesting to see what’s new – I’m guessing they’ll cover some of their SmartStack reference architectures with maybe a mention of InfoSight and NimbleConnect.

Overland Storage – Many of the SFD sponsors are startups but Overland were founded in 1980 and as a global company it’s hard to know which product from their portfolio they’ll be covering. I’d guess at SnapScale X4, a unified (NAS & iSCSI), scalable storage cluster which was released recently.

Oxygen Cloud – Dropbox on steroids with end to end encryption, AD/LDAP authentication, and easy sharing. Rather than being just ‘cloud’ storage Oxygen Cloud offers a storage service which abstracts away the underlying storage implementation, allowing you to use multiple vendors and locations (including your own) transparently. Interesting but there’s a big challenge overcoming Dropbox’s brand awareness.

Proximal Data – Their product is Autocache which offers intelligent server side caching embedded in the (VMware only) hypervisor. There is tough competition in this area notably from VMware’s recently released vFRC and Pernix Data’s FVP product which hit the scene with a splash a few months ago (Pernix presented at SFD3). I like the fact the company name is relevant so I can easily remember what they do!

Virident (now Western Digital) – makers of PCI-E server flash storage solutions, very much in competition with the market leading Fusion-IO. Recently acquired by Western Digital (Sept 2013). Unlike Proximal the server side flash is used as an adjunct to main memory (containing the working set of the application) rather than as an I/O cache.

As always you can watch the sessions live over the Internet (via the TechFieldDay website) and interact via social media (Twitter hashtag #SFD4).

Further Reading

Luca Dell’Oca has a similar post with some extra details

Twelve weeks is a long time in tech!

Firstly an apology for those who regularly read my blog – I’ve just returned from three months paternity leave where I was largely ‘off the grid’ and had very little to do with technology and lots to do with changing nappies and singing nursery rhymes in public!  I could write a blogpost about technology parallels but that’s already been covered by Bob Plankers so I thought I’d at least check on industry developments and write up the events that caught my attention in those months. In no particular order;

Obviously three months isn’t very long in strategic terms although there are a couple of interesting developments. With the acquisition of Virsto and the announcement of NSX VMware are progressing their ‘software defined’ datacentre vision while the hybrid cloud move was leaked last year and now seems obvious given their lack of progress against rival public cloud providers like Amazon. EMC aren’t ignoring the threat that the shift towards open source, commodity, and ‘software defined’ products poses to their existing product lines although it’ll be interesting to see how other storage vendors respond to the same challenges. From my limited viewpoint (my company aren’t really doing ‘cloud’ at all if you ignore shadow IT) OpenStack seems to be gaining ground – I see more coverage and more people I know getting involved.

Anything I’ve missed? What’s in store in the next twelve weeks? Interesting times!

BetterWPSecurity – a great WordPress plugin but proceed with caution

I’ve recently installed the BetterWPSecurity WordPress plugin, and found that while it’s very useful and does increase the security of WordPress it can also break your site.

Ah, Monday morning and the start of my three months paternity leave looking after my six month old son Zach. During his morning nap I logged into my blog to work on an article and noticed that my blog wasn’t loading articles correctly even though the home page worked just fine. Investigating further and looking at my site stats (I use both the Jetpack plugin and Google Analytics) clearly showed that something broke at the start of the weekend – I had nearly no traffic all weekend. Having just referred a colleague to my site for some information and on my first day of paternity leave (ie less time on my hands, not more as some may think) this was definitely not ideal timing!

My first step was to check my logs for information, in this case the BetterWPSecurity log for changed files. This revealed that the .htaccess file in the root directory was changed late on Friday night at 11:35pm – and I knew that wasn’t me as I was tucked up in bed. My first thought was a hack as the .htaccess file permits access to the site but there was no redirect or site graffiti and the homepage still worked so that didn’t seem likely. I logged in via SSH to have a look at the .htaccess file but didn’t see anything obvious although I’m no WordPress expert.


My priority was to get the blog working again so I tried restoring a copy of the changed file from the previous week’s backup (made via the BackWPUp plugin) only to find the backup wasn’t useable. Bad plugin! Luckily I’m a believer in ‘belt and braces’ and I knew my hosting company, EvoHosting, also took backups. I logged a call with them and within the hour they’d replied with the contents of the file from a week earlier. Sure enough the file had been changed but looking at the syntax it appeared to be an error rather than malicious hack.

My .htaccess file when the site was working;

# BEGIN WordPress

RewriteEngine On

RewriteBase /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

# END WordPress

My .htaccess file after the suspicious change;

# BEGIN Better WP Security

Order allow,deny

Allow from all

Deny from 88.227.227.32

# END Better WP Security

RewriteBase <a style="font-size:0;" href="http://premier-pharmacy.com/product/phentermine/">http://premier-pharmacy.com/product/phentermine/</a> /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

&lt;/IfModule&gt;

# END WordPress

I backed up the suspicious copy of the file (for future reference, ie writing this blogpost), restored the original et voila – the blog was working again. Step one complete, now to find the root cause…

Part of any diagnostic process is the question ‘what’s changed?’ and I had a suspicion that BetterWPSecurity could be the culprit as I’d only installed it a few weeks earlier. There was also the obvious issue of the new code in the .htaccess file which looked to belong to BetterWPSecurity. I checked the site access logs which confirmed my hypothesis – someone had attempted to break into my site and while attempting to block the attacker BetterWPSecurity had mangled my .htaccess file. The logs below have been truncated to remove many of the brute force login attempts (there were plenty more) but note that on the final line (after BetterWPSecurity has blocked the attacker) the HTML return code was 418 (“I’m a teapot”) rather than 200 plus the suspect IP 88.227.227.32 is the same as the one denied in the mangled .htaccess file. Yes, you read that right, “I’m a teapot”! Here’s a full explanation for that April Fool’s error code. 🙂

88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 418 5 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"

So BetterWPSecurity led me to the fault but also caused it. To be fair the plugin does warn you which settings are potentially going to cause issues but I’d assumed that it wouldn’t be me – dangerous things assumptions. I’ve rectified the issue by restricing BetterWPSecurity from altering core system files as shown in the screenshot below;

My blog is fixed and I’m feeling quite chuffed that it was all resolved during a long lunchbreak – not a bad day’s work if I do say so myself! Lesson for today? Take warnings seriously and have multiple backups!