Building a vCAC based cloud – lessons learned (some the hard way) – updated 30-6

– Start with Functional Designs and a Global Design;

– From that, derive the necessary Technical Designs (TD);

-Write all TD’s, review them and only move on when all TD’s have been approved;

– Start building the physical infrastructure;

– (basic) Virtual infra is next (that is, vSphere and vCenter Servers, vCOps, you know, the basics for a cloud);

– Build your AD infra;

– Build your PKI infra;

– Put signed certs from your trusted CA on all hosts and VM’s before you implement vCAC;

– Get a public cert for your public front-end;

– Decide what SSO server you’ll use for vCAC, the SSO appliance that comes with vCAC, or the SSO server that comes with vCenter Server (from 5.5.b onward)?;

– If you started with self signed certificates do not, I repeat DO NOT change them without being really really sure you know what you’re doing… and even then have the phone number for VMware Support at hand… but really, just don’t do it?! We’ve spent over two weeks of troubleshooting and more than 50 hours of VMware support so far, and we’ve not been able to fix it. Yet… So if you did not read this blog untill after you get a “javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated” error or the message “Internal Error. An internal error has occurred. If the problem persists, please contact your system administrator. When contacting your system administrator, use this reference: dc5f05b8” or another randomly generated reference, don’t call me, call VMware Support;

– Do not change the vCAC Host-name without checking the consequences. Decide how or what you are going to call your portal before implementing vCAC end-to-end… Don’t change it afterwards, see what I wrote about changing certificates after you’ve implemented and configured vCAC 6.0.x.

No, but serious, of course the first eight or nine points ought to be no-brainers, but the point I want to make with this blog, is about the last two in the list. Just avoid them.

Have we stumbled onto a previously unknown bug? Did we corrupt or break something when upgrading certificates and re-registering the vCAC components with each other?

We just don’t know yet. As soon as we’ve fixed the problem, I’ll write an addendum to this page.

Update June 30th: OK the problem hasn’t been fixed yet, but after 100 hours of trouble shooting we have found that a bug causes problems when using intermediate CA certificates, and that is happening in our case (offline Root CA, Domain CA as issuing CA). That bug is taken care of in vCAC 6.1. Unfortunately for us , the release of 6.1 (originally scheduled for release in June) has been postponed to Q3. Furthermore there is a bug in vCenter 5.5b SSO, which is/will be fixed in vCenter 5.5 update 1.

So for now we are reverting to self signed certificates and will be testing to check whether that has done the trick for now.

The VMworld 2014 5K Fun Run/Walk

Kick off the week with your fellow colleagues and other vGeeks at VMworld with a beautiful 5k charity run/walk, just like we do with a team from Conclusion Future Infrastructure Technologies. Enjoy scenic views of San Francisco Bay, Alcatraz prison and historic Fort Point, all for a great cause. From previous visits to VMworld in San Francisco (2006 and 2013) I remember this area to be fairly calm (Fishers Mans Wharf can be quite crowded), with a beautiful view on Alcatraz Island, historical ships (among others a Whaler if I remember correctly) and if we are lucky, the Golden Gate Bridge. And fun besides, you’ll do something good too (apart from your health you’ll support two local charities). So, don’t be stupid, be a smarty, come and join the VMworld 5k Fun Run Party!

The VMworld 5K Fun Run/Walk is the perfect way to kick off the week. Join your friends and colleagues on Sunday, August 24th for a beautiful 5K run or walk at Crissy Field located in the Golden Gate National Recreation Area, along the spectacular San Francisco Bay. It doesn’t matter whether you run every day or you’ve never run at all; the wide, flat park paths offer stunning views of the Bay, the Golden Gate Bridge, Alcatraz, and historic Fort Point.

Get involved! A percentage of the funds raised will be donated to two a local charities:
• Inveneo delivers the tools of technology – sustainable computing and broadband – to those who need it most
in the developing world, transforming lives through better education, healthcare, economic opportunities and
faster emergency relief. Visit http://www.inveneo.org/about/mission/ for more information.
• BUILD addresses the crisis of high school dropouts with a hands-on entrepreneurship training and college
preparation program that makes school engaging and relevant, motivating students to succeed. Visit
http://build.org/ for more information.

WHEN: Sunday, August 24, 2014 – 8:30 AM PST
WHERE: Chrissy Field, San Francisco (Shuttles will be provided to/from the location)
COST: $55 – Includes water, refreshments, shirt, in-person guides, and transportation to/from the Moscone Center.
REGISTER: Simply select the Fun Run package & accept the terms and conditions during registration at vmworld.com. Already registered? Log into your VMworld.com account, adding the Fun Run registration package to your account & agree to the terms & conditions.

VMworld 2014 – “Great Expectations”

Well, flight has been booked with KLM, direct flight this time, hotel remains an issue (please VMware, try to get some more rooms in close proximity to Moscone Center and for reasonable prices, like around $250), but we’ll keep watching the VMworld hotel portal and hope that Hilton Union Square will finally answer my request for information… (hint, hint) and plans are made to rent a car on our day of arrival to visit an outlet in the Bay area, tips are welcome (for both car and venue).

Compared to last year I must say that the hotel rooms are going extremely fast, so my guess is that this year will surpass last years VMworld attendee record. I expect between 25,000 and 30,000 VMware customers, partners and other virtualization nerds, geeks and gurus. The amount of session proposals was overwhelming, so I am not surprised that my session proposals didn’t make it. I am however surprised that a lot of others didn’t make it either, sessions proposed by veterans in virtualization, people that have really earned their spurs.

Anyway, Duncan Epping tipped us to propose our session(s) to our Dutch VMUG, so we’ll follow that route and share our experiences with vCAC 6 with the community.

Just for fun we decided to take part in the 5k Fun Run. Last year I heard some nice stories about it, it will prevent us from breaking our fast with too much eggs, sausages and hash-browns, and we’ll actually contribute to a good cause, which in its turn is entirely in line with Conclusion Future Infrastructure Technologies company policy.

I am also very glad that there is a Partner Day this year, I missed that last year. The benefit of a partner day is the ability for VMware personnel to be a bit more outspoken, the sessions probably being under NDA ( but don’t stick me to this, it is not up to me what they can and will tell us), but also it might lessen the strain on certain popular sessions a wee bit.

So, apart from huge crowds, standing in line, having to be even faster with the schedule builder to get into the good sessions =D, what are my “great expectations”? What do I hope to get from this years VMworld?

I’ll sum up a few, which I’m quite sure will not be a surprise to you…

• Announcement of a new version of vSphere with built in cloud functionality (inherited from vCloud Director) among other new technology
• vCAC 6.1 or higher, bringing even more functionality to the cloud
• Windows 2012 R2 support for vCAC IaaS
• Horizon View 6 (although, that might be announced in February at PEX 2015. There used to be a 6 months gap in between the releases)
• Windows 2012 support for View (both R1 and R2)
• More about NSX
• Roadmap presentations about the way vSphere, vCloud and others major products will go
• and I could continue for a while like this…

Then again, will vSphere 6 be announced on Monday 25th of August during the keynote? Only time will tell, and I am counting down =D

Unfortunately I have to catch a flight back home on Thursday (have to be back home on Friday), so any session I’ll schedule for Thursday morning will have to be expendable. My Conclusion FIT colleagues  can enjoy the benefits of one more VMworld day and do some last minute shopping enjoy a last breakfast at Lorie’s Diner e.g. before catching their flight back to the Netherlands on Friday.

VMware IT Business Management (ITBM) standard – part 2

In this post I’ll delve into all configurable variables, showing what can be altered in VMware’s ITBM standard. First of all, I haven’t implemented ITBM in a production environment yet. I had it running in a proof of concept in our lab environment, hence the screenshots, and of course it’s one of the subjects in the vCloud Automation Center 6 course. It took longer than I wanted to, to write this part due to some extensive troubleshooting I had to do, so I’ll start with a quick recap of some important parts of my previous blog on ITBM and Chargeback Manager. The part after the recap will demonstrate why ITBM standard is not enough to base the billing of your cloud upon.

ITBM and Chargeback

What does ITBM do?

VMware IT Business Management Suite provides transparency and control over the cost and quality of IT services. By providing a business context to the services IT offers, IT Business Management helps IT organizations shift from a technology orientation to a service broker orientation, delivering a portfolio of IT services that align with the needs of line of business stakeholders. With benchmarks providing objective evidence, IT Business Management also provides the fact-based approach needed to minimize the cost of IT while maximizing the value IT delivers to its customers. Greater transparency and alignment, and the continuous improvement of IT services they enable, support IT as it seeks to develop competitive advantage through major IT transformation initiatives such as cloud, mobility and data center modernization.

What does Chargeback do?

VMware vCenter Chargeback Manager enables accurate cost measurement, analysis and reporting of virtual machines. With vCenter Chargeback Manager, line-of-business owners and IT teams can gain visibility into the actual cost of the virtual infrastructure and operations required to support business services. vCenter Chargeback Manager provides the ability to map IT costs to business units, cost centers or external customers – enabling a better understanding of how much resources cost and what can be done to optimize resource utilizationn. vCenter Chargeback Manager also allows organizations to support policy-driven accountability for self-service environments so that businesses can “pay as they go” for IT resources.

So, ITBM is about cost control and Chargeback is about cost metering.

Configuring ITBM variables

Before delving into the variables themselves, it is important to set your currency. The default currency is US $, but you can change that in this way:

1. Navigate to the appliance URL by using a supported browser.
2. The appliance URL format is https://IT_Business_Management_Standard_Edition_IP_adress:5480.
3. Enter the user name as root and password as vmware of the virtual appliance and click Login.
4. The IT Business Management Standard Edition Web console opens in the browser.

The following currencies are supported:

Currency Name	Supported Abbreviation
US Dollar	USD
Euro	EUR
British Pound	GBP
Australian Dollar	AUD
Canadian Dollar	CAD
Singapore Dollar	SGD
Japanese Yen	JPY
Indian Rupee	INR
Israeli Shekel	ILS

After the currency has been configured and ITBM has been connected to vCloud Automation Center (see part 1), the following dashboard appears in the vCAC portal when your userID is entitled for ITBM:

The first tab shows the dashboard, but the interesting part is behind the second tab: Cloud Cost.

This offers an overview of the configurable cost variables. Each item can be clicked to configure.

Server Hardware

 

These cost variables can be altered by clicking the pencil icon.

Storage

 

Storage cost can be configured in two ways, based on storage profile or based on storage type.

 

 

OS licensing

These cost variables too can be altered by clicking the pencil icon.

 

 

Maintenance

Labour

 

The labour costs are divided into three parts, server, virtual infrastructure and operating systems

 

Network

Facilities

Other costs

 

It looks like a lot of variables that can be configured, altered or adapted, but actually it isn’t that much compared to vCenter Chargeback Manager. Chargeback enables you to attach costs to metrics.  Unfortunately for “normal” VMware customers, vCenter Chargeback Manager has an End of Availability of June 10th 2014. It will remain available to VMware Service Providers. For End Users the advised replacement is the ITBM Business Suite (advanced or enterprise) which is quite a different product from the ITBM Standard appliance.

 

VMworld 2014 – important dates

For VMworld 2014 there are several important dates to put into your calendar:

• April 4th: Call for papers,
• May 7th: registration opened for VMworld 2014 US,
• June 2nd: notifications sent out which submissions made it (mine didn’t),
• June 10th: end of early bird rate VMworld US,
• June 16th Content Catalogue open (for both US and Europe)
• June 24th: registration open for VMworld Europe,
• July 16th Schedule Builder US open,
• July 29th: end of early bird rate VMworld Europe,
• August 15th: Schedule Builder Europe open,
• August 24th: 5K Fun Run/Walk and VMworld US Partner Day,
• August 25th: VMworld starts,
• August 27th VMworld Party,
• October 23rd VMworld Europe Partner Day,
• October 24th VMworld Europe starts,
• October 26th VMworld Party!

So, please do register for VMworld, either in San Francisco or in Barcelona, and don’t forget to benefit from the early bird discounts!

Hope to see you there.