VMware Blogs

Congratulations to our last iPad winner - George C. Enjoy your new toy !

Allwyn Sequeira, VP Security & Network Solutions, VMware

I’m just winding down from a whirlwind trip through VMworld 2010 – days filled with sessions and meetings, and nights filled with celebratory events! Nice to see that the show continues to be very technology focused, with participants from around the world eager to learn and share the advances being made on so many fronts.

Security was a major theme this year, driven by three major forces:

• Enterprises are well down the path of virtualization, and as more critical assets get virtualized, security and compliance come to the fore.
• With so much interest in the benefits of cloud computing and infrastructure as a service, secure multi-tenancy is a top of mind issue.
• The security industry itself has been under siege for a while now, trying to keep up with the ever increasing volume of threats, while trying to avert endpoint and network bottlenecks. Virtualization and the associated scale out, agile architectures hold promise to achieve “better security with virtualization”.

VMware launched 3 products under the vShield umbrella, to secure virtualized environments all the way from the edge to the endpoint:

• vShield Endpoint: Enables offloading guest security agents to per-host security VMs.
• vShield App: Virtualizes network security, and enables mixed trust zones per host.
• vShield Edge: Virtualizes data center edge services i.e. FW, NAT, DHCP, VPN & Load Balancer.

A quick note on the vShield concept – these represent purpose-built, security VMs, that are distributed across the cluster in a scale out fashion, and are proximate to the resources being protected, while taking advantage of virtualization concepts like introspection, programmable insertion and mobile policies. We believe “virtual shields” are a key element of next generation security architectures, and where existing, static, scale-up firewalls and security devices/agents need to head, to take advantage of the VMware stack.

The vShield product line is managed by vShield Manager, which represents VMware’s point of integration for its security and wiring products. vShield Manager exposes all of the vShield product line features through the vShield API set, which is a RESTful set of APIs. vCloud Director, for example, integrates some of the vShield Edge capability, into its provisioning portal.

We announced partnerships around the vShield Manager concept with Cisco, Intel, McAfee, RSA, Symantec and Trend Micro, to further work towards presenting a unified security framework for VMware’s customers. We believe the framework and partnerships will significantly simplify security architectures for our customers, and leave us well poised to move to secure hybrid clouds.

The products were well received, and it was nice to see the vShield products get Best of Show for Security!

A quick note on some of the sessions I was involved with:

In my session SE8389 - Architectural Overview of Virtualization Security for the Private Cloud, we talked through our rationale & strategy for VMware security, with the vShield products representing a significant step in this direction. Whilst there is a lot of talk about public clouds, the bigger story is enterprises taking advantage of the benefits of cloud computing, by embracing secure hybrid clouds. From a security vantage point, we talked about four key areas we’re investing in, to make this happen:

• Virtualize security: The first step is virtualizing security hardware, and guest security agents. Much like server, desktop, storage and network virtualization led to disruptive architectures, likewise security virtualization will dramatically accelerate the journey to secure clouds.
  
  
• Build in security into the 3 layer VMware stack: We need to weave in security into the 3 layers of the virtualization/cloud stack i.e. cloud infrastructure, cloud apps, and end user computing. Different layers demand different areas of focus, all the way from roots of trust, end point security, virtualization infrastructure security, to app/data/id based security and edge security.
  
  
• Create a unified framework to tie together policies and trust zones: Rather than have tens of solutions hit the customer, it is important to tie these together in a unified fashion. We believe some of the key notions are “Trust Zones”, “Policy-based security” and “RESTful Services”.
  
  
• Make Secure VDCs (Virtual Data Centers) the next unit of virtualization and cloud computing: Once the above constructs are in place, we can encapsulate VMs, their wiring and their security policies into a higher level “Secure VDC” construct, that can be built, instantly stood up, migrated, federated, etc. Visio diagrams come to life!

SE8520 - Panel Discussion - Private Cloud - Virtualization Security and Compliance, Meeting PCI Standards

This was a nice, relaxed session with lot’s of audience participation, talking through issues of compliance in the virtualization and cloud world, with industry experts Neil MacDonald from Gartner, Bret Hartman from RSA, and Christopher Hoff from Cisco. Hoff did provide some comic relief, when he opened up to show a magic quadrant, carefully drawn up on his shirt. Here he is in pre-game warm-ups…



That’s about it for now. Lot’s to talk about. I’ll continue to provide more color in further posts.

Thanks, and your comments are most welcome!

/Allwyn

By Josh Duncan, Product Marketing Manager at Zenoss 

The Zenoss team has been busy at VMworld talking with customers and learning lots about what is going on in the cloud and virtualization space.  We made a big announcement at the conference about Zenoss support for VMWare's vCloud offering.

I asked Chet Luther, principal engineer at Zenoss, to give a quick introduction to our announcement while at the conference this week.

What’s in it for cloud providers using vCloud? For them, Zenoss offers real-time visibility into the resources required to operate a private or public cloud at scale. Providers need visibility into which customers are using what resources, what users/workloads are causing performance problems, and what is the root cause of these problems. They need to know when they are going to run out of capacity and where, and what customers will be affected.  

Zenoss provides a service assurance console enabling operational insights from across all your physical and virtual devices and into your vCloud infrastructure.  With automatic discovery and mapping of the dependencies between the components in the cloud and a map that updates in real-time based on changes to the environment, gives customer improved service delivery, faster time to resolution on operational issues, delegated administration, and access to the operational insight needed for capacity planning and management.

Check out our full demo here to learn more on Zenoss and vCloud management.  



Matthew D. Sarrel, Sarrel Group

In my previous post, I created a blank server within my Terremark vCloud Express VM environment.  Now I can connect to it and begin to install the operating system from a local .ISO file. 

 WARNING! A critical pre-requisite for a successful browser-based connection to a Windows machine is that the URL https://my.vcloudexpress.terremark.com must be in Internet Explorer’s trusted sites.  To add this URL to your trusted sites on IE, go to Internet options, security, trusted sites, and then click the sites button to add it.

Or http://www.youtube.com/watch?v=bitTioTYbws

Then I connect, mount the local ISO, and reboot the VM.  Windows XP begins to install.

http://www.youtube.com/watch?v=iRkoJnsNI4M

 It’s very time consuming to install from a local .ISO. 

Short cut alert! There is a faster way to do this. Upload all the .ISO's to a server in your vCloud Express environment, share that directory, and mount them from within the "local" network in the could. However, what I showed you in the video this is the easiest so those who want to get going fast and start experimenting with vCloud. 

There’s been a lot of buzz on the Terremark message boards about this not working at all over a low bandwidth connection so be forewarned.  I did this from a 1.5 Mbps SDSL connection and had no trouble.

Matthew D. Sarrel (or Matt Sarrel) is executive director of Sarrel Group, a technology product testing, editorial services, and technical marketing consulting company.  He also holds editorial positions at pcmag.com, eweek, GigaOM, and Allbusiness.com, and blogs at TopTechDog.

Matthew D. Sarrel, Sarrel Group

In my first blog, I wrote a hands-on introduction to vCloud Express. In my second blog, I wrote about my experimentation with Terremark’s vCloud Express and found it easy to create a VM from one of Terremark’s templates.  Yet, as we know, simply creating VM’s isn’t the end of the story. While the templates for Operating Systems to install on my VM’s are great, what happens when I want to install a blank server and then install my own OS?

 Watch this video to see how to create a blank server:

http://www.youtube.com/watch?v=BVQ19GT8bs4

 It couldn’t be more straightforward.  In my next entry I’ll explain how to mount an ISO and install the OS and apps of your choice – this is probably the most challenging set of tasks I’ve encountered on vCloud Express. 

 By the way, Terremark tells me that in vCloud Enterprise you can just copy an OVF or VMDK up into your cloud environment.  This seems like it would be a lot easier, but then you can’t take advantage of the vCloud Express features that make it so easy and inexpensive to get started.

Matthew D. Sarrel (or Matt Sarrel) is executive director of Sarrel Group, a technology product testing, editorial services, and technical marketing consulting company.  He also holds editorial positions at pcmag.com, eweek, GigaOM, and Allbusiness.com, and blogs at TopTechDog.

There have been multiple posts in the community about the size of the snapshots and how it should be calculated. There are some issues with the “SizeMB” property of the Snapshot object, so this post will try to explain what these problems are and what is the correct way to calculate snapshot sizes.

We’ll try to keep things simple and not go in too much detail. To start off let’s imagine you have a virtual machine with a single hard disk. This disk is represented as a “vmdk” file in the datastore (e.g. VM.vmdk). Whenever you write something on the hard disk of the VM it is saved in that VM.vmdk file (figure-1). 

When you create a snapshot this VM.vmdk file gets “frozen” and a new one (VM-1.vmdk) is created. The “frozen” VM.vmdk file represents the exact state of the VM’s hard disk at the time when the snapshot was taken. From that point on all changes on the VM’s hard disk are reflected in the new VM-1.vmdk file. Also a new “vmsn” file is created (e.g. Snapshot1.vmsm) which represents the state of the VM’s memory at the time of the snapshot creation (figure-2).

Similarly when a second snapshot is taken VM-1.vmdk gets “frozen” and VM-2.vmdk and Snapshot2.vmsn files are created, the same thing happens when we create a third snapshot (figure-3).

So how is the snapshot size calculated?

For each snapshot the size includes the sizes of the files needed to capture the state of the VM at snapshot time (e.g. hard disk and memory).

For Snapshot2 (figure-3) these files are Snapshot2.vmsn and VM-1.vmdk. The VM-1.vmdk contains all changes made after the first snapshot and it is required part of Snapshot 2.

For the currently active snapshot (e.g. Snapshot3), its size also includes the file which stores disk changes after the snapshot (e.g VM-3.vmdk, figure-3). Thus Snapshot3 files are Snapshot3.vmsn, VM-2.vmdk and VM-3.vmdk. VM-2.vmdk contains all changes since previous snapshot and VM-3.vmdk contains the current changes.

The root snapshot (e.g. Snapshot1) is based directly on the VM’s disk (e.g. VM.vmdk) but its size is not calculated (it’s calculated towards the size of the hard disk itself, not the snapshot). That way the files calculated in the size of each snapshot are the ones marked in orange in figures 2 and 3.

(Note: if we consider figure 3 and imagine that Snapshot2 is the currently active snapshot, then the size of VM-3.vmdk will be calculated in Snapshot2’s size, not Snapshot3’s)

Now for the “SizeMB” property of the Snapshot object. When calculating its value we use the above mentioned approach and calculate the size correctly for ESX 3.0 and 3.5. However there are some changes in the API behavior from 3.5 to 4.0 that we overlooked, thus resulting in wrong calculation of the snapshot size on ESX 4.0.

This issue will be fixed in a future release, but until then you can use the attached script to get the correct snapshot sizes. The script works on all ESX versions and uses the above mentioned approach for calculation.

Download GetSnapshotSize.ps1

Dimitar Hristov & Vitali Baruh

PowerCLI Team

Have you packaged Internet Explorer and gotten the default browser popup when testing your ThinApp package on another Windows system?

 

 

No worries, here is how to disable that popup for your ThinApp package.

 

Disable During Capture:

You can disable it prior to harvesting Internet Explorer 6 from an XP Pro system (or during capture of Internet Explorer 7/Internet Explorer 8) by launching the Internet Control Panel Applet by typing INETCPL.CPL in the RUN line after Pre-Install Setup Capture but prior to the Post-Install Setup Capture (when you would normally install any other app to capture). You'll then want to browse to the PROGRAMS tab and uncheck the "Internet Explorer should check to see whether it is the default browser" check box.

 

Disable Within Project:

You can also disable it within your Internet Explorer ThinApp project after the fact as well as this is simply a registry modification to the project. To do this, edit the HKEY_CURRENT_USER.TXT file and add the following data under the HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN key.

isolation_full HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  Value=Check_Associations
  REG_SZ~no#2300

NOTE: Do NOT add the registry key (as most likely it is there already).  Rather, just add the VALUE and REG_SZ lines (shown above) underneath the registry key line. You'll probably want to search on "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" and see if there is a "Check_Associations" value already defined with a value of "yes" instead of "no". If it's not listed, add it to the bottom of that section...and make certain to leave a blank space between the bottom of that section and the top of the next section.

Once done, save and rebuild!

Posted by Vittorio Viarengo
Vice President of Desktop Products

This week at VMworld 2010, we announced a strategy and set of new and emerging products that will help businesses and governments move beyond "IT as a Cost Center" to a more business-centric "IT as a Service" model. I am excited to finally be able to tell you about what we have been working on for a key component of this new IT model – the top layer of a modern IT architecture – End User Computing.

We have come a long way since this company launched our first desktop product, VMware Workstation. From that humble beginning we revolutionized the idea of virtualization, and radically simplified the data center with products like ESX and then VMware vSphere. We also created the virtual desktop market with the introduction of VDI 1.0 (now known as VMware View) in 2007. We love this market and have created solutions that are as innovative as they are simple. Along the way, we have also helped customers deploy tens of thousands of virtual desktops.

It is because of this ongoing love affair that the VMware View team is particularly proud to announce another major View deployment at VMworld. The Bank of Tokyo-Mitsubishi UFJ, Ltd recently deployed 3,000 end users on View 4.0 and is in the process of rolling it out to another 14,000.

View 4.0 has been a real tipping point for us in terms of customer adoption and deployments.

But that was yesterday, today is a new day.

At VMworld 2010 we are announcing VMware View 4.5, which will ship in early September. You can read Scott Davis’ blog to learn all about the great innovation that went into this release.

I want to highlight a couple of the principles that drove the development of this release:

• As customers start to run VDI solutions at scale, we invested a lot our development cycles in making VMware View 4.5 even easier to manage and more scalable. View has been recognized over the years as the best integrated solution for VDI on vSphere. With this release, we are raising the bar even further with a newly designed, single management console. We are also doubling the scalability per each individual pod from 5,000 to 10,000 desktops.

• We are dramatically increasing the number of use cases for virtual desktop technology by lowering the upfront infrastructure cost to a new record low of $252 per seat, and by introducing the first offline VDI solution in the market. View 4.5 Local Mode allows users to check out their virtual desktop from the data center and take it on the road with them with a standard laptop.

The VMware View 4.5 team should be very proud of these accomplishments.

At VMworld 2010 we are also introducing project Horizon. This is an exciting R&D initiative that we have kept under the radar for a while now. Horizon is the result of a lot of new thinking at VMware around the future of end user and cloud computing.

Under the leadership of our executive team, we have refocused our commitment to solving the client computing issues that our customers care about most. After all guys like Paul Maritz who led the development of Microsoft Windows, Richard McAniff who led the Microsoft Excel and Office team, and Tod Nielsen who built MSDN, know how to build compelling end user computing solutions.

They asked us to think outside the box and look at the next set of challenges that our customers need to solve.

The desktop as we know it today is being pulled apart by the cloud.

• Interactions and applications are moving increasingly toward a variety of different devices at the edge of the cloud

• Computing is moving into the data center (private cloud) and so are applications

• The public cloud is changing everything with 85% of new enterprise applications being delivered as SaaS (IDC)

VDI is definitely a fundamental first step to solve this puzzle. By modularizing the desktop and delivering it as a managed service with better security and manageability, customers can create better user experiences and gain more control.

We need to build upon our success in VDI and move beyond the Virtual Machine and the Hypervisor into the next level of abstraction – abstracting applications (including SaaS) and data.

In our personal lives, the cloud has spoiled us rotten as end users with high availability, along with ubiquitous and immediate access to information and applications. But this is not yet the case within the enterprise.

Our vision is to bring that consumer type of experience into the enterprise.

We need to help our customers build the foundation of their private clouds so that they can achieve the same level of service, speed and reliability that the public cloud offers today. We need to help them centralize and manage applications and data so that they can be delivered to end users on any device with the right level of security and compliance.

Project Horizon shows the direction that we are undertaking and we are all very excited about it.

A part of this transformation and increased commitment to this space, we created a new business unit within VMware, the End User Computing business unit, which includes our end user computing assets along with the desktop business unit.

See you around at VMworld 2010, don’t miss the End User Computing supersession on Thursday and the party Wednesday night.

Vittorio

For more information on the enhancements above and the other features in the View 4.5 release be sure to check out the following sites:

View Point Blog: View 4.5 - Modernizing the Window's Desktop - http://blogs.vmware.com/view-point/2010/08/view-45-modernizing-the-windows-desktop.html - a more technical look at the View 4.5 release

View Home Page: http://www.vmware.com/go/view - updated with new information related to the View 4.5 release

View Community Page: http://communities.vmware.com/community/vmtn/entdesk/view - keep up with the conversations, ask questions and learn more about View 4.5

This week the DMTF announced at VMworld that the Open Virtualization Format (OVF) became adopted as an ANSI standard. OVF was submitted as a draft to the DMTF just three short years ago and today is used by hundreds of vendors and products. What started out as a way to package and deploy virtual machines has evolved into a key building block for cloud interoperability.

It is a big deal for several reasons. First of all this may just be the first national standard for virtualization and cloud computing. Secondly customers buying virtulization software or IaaS cloud computing need to demand that their vendor support the spec, there is no excuse. Thirdly, there is broad industry support for the specification including VMware across its entire product line. And lastly as the US government under the leadership of Vivek Kundra is moving to cloud computing OVF could soon be a requirement for anyone that wants to offer cloud infrastructure services to any government agency.

Is OVF enough? No, but it is a great start. Other standards are in development. However, we can no longer say there are no standards for clouds and we can no longer say all standards take a long time to achieve adoption and improve interoperability.

Recorded at VMworld 2010, here is Angela Jaques talking all about support services at VMware, where Angela is a Director. The video below is a great overview of all of the services that VMware provides under the Global Support Services umbrella.

Angela talks about all of the various pieces that make up the support organization, and provides some details on how we rank case severities. She then outlines some really cool new things support is doing, like Twitter and Alerts. She recounts a recent serious issue VMware faced with a Microsoft .Net patch that crippled some VMware software. Using Twitter and other social media, tens of thousands of customers were immediately notified of the issue. Angela noted that not one escalation resulted from this potentially serious problem.

Here's video-

Welcome to Part II of my overview of virtualization for HPC. In Part I, I introduced myself, defined my terms and then began to describe the primary use-cases for virtualization in HPC. In this final section, I cover the remaining use-cases and then turn to a discussion of application performance.

We continue here describing the rest of the primary use-cases.

Checkpoint / Restart

Checkpoint / Restart – the ability to save and restore the state of a running job to disk – has been a much sought after capability in HPC for decades. Many attempts have been made with varying degrees of success. As a lack of application resiliency has come to be recognized as one of the largest barriers to increased application scaling on future systems, it has become more critical to find effective ways to safeguard application state in the presence of failing hardware and software. Virtualization offers the potential of a better way to checkpoint based on the existing snapshot functionality already available for virtual machines. By working in conjunction with an MPI implementation, it is possible to cause the draining of in-flight messages and write a checkpoint as a set of coordinated virtual machine snapshots. A very basic version of this capability has been prototyped using Open MPI running over TCP.

Dynamic Workload Migration

Some of the most exciting potential uses of virtualization for HPC revolve around the creative use of dynamic workload migration – VMotion. Leveraging this one capability will add significant capabilities to virtualized HPC environments.

First, migration can be used for power management by actively shifting running workload onto a subset of nodes when utilization drops to allow other nodes to be powered off or placed in a low power state.

Second, migration can be used to rearrange running workload on a cluster to make room for high priority jobs whose resource requirements cannot be met with the current workload placement. This is a significant advance beyond what is possible with current generation HPC distributed resource managers which place jobs within OS instances and have no subsequent ability to revisit or revise those placement decisions. In a virtualized environment, workload can dynamically shift across the cluster as resource requirements change.

Third, while checkpoint/restart is an important capability, it is a very expensive operation that requires the state of all virtual machines and their applications be written to disk periodically. In addition, for highly-scaled systems the data must be written quickly to avoid experiencing hardware failures before the checkpoint has been safely written to disk. As systems and their memories become larger and as failures become more frequent due to increased component counts, checkpointing becomes more problematic.

Virtualization in conjunction with fault management agents running on the cluster can mitigate this problem by creating a proactive approach to application resiliency. In such a system, a virtual machine could be migrated from a node that has been predicted to fail to a healthy node without having to take a checkpoint of the full application. While this capability would be quite challenging to implement, it could offer some significant advantages in the future as systems and applications continue to scale. It should be noted that researchers have successfully migrated individual MPI processes of a running MPI job using this technique, again with MPI running over TCP. Handling the more general case will be much more challenging.

Performance

Performance is obviously the question since the above benefits need to be assessed in terms of their value to a particular site and that value needs to be weighed against the performance cost of virtualization for applications of interest. As we’ve just begun our HPC effort, I do not yet have VMware-generated HPC performance numbers. We have several efforts underway to get this data, among them a proof-of-concept engagement with a university partner that is running a wide variety of traditional HPC benchmarks and applications both native and virtualized so comparisons can be made. I am also in the process of identifying additional benchmarks to run and am acquiring the gear to do so. The gear will include a variety of interconnects so we can carefully assess interconnect performance.

Having said the above, I’d like to share a few graphs from some research papers that looked at various aspects of performance for HPC workloads. These results were generated using Xen. I have used them in the past to illustrate the plausibility of vHPC, but of course these are not substitutes for generating our own numbers , which we will do. These numbers should not be taken at face value – use them, as I did, to conclude that good performance is plausibly achievable in a virtualized environment.


Figure 7: The Impact of Paravirtualized Memory Hierarchy on Linear Algebra Kernels and Software, Youseff, et al, HPDC ‘08

The first paper looked at both compute and memory performance for linear algebra kernels. Figure 7 shows the floating point performance for BLAS double precision routines over a range of scenarios. For our purposes, the specific configurations aren’t important beyond the fact that some are native and some are virtual. The fact that each fat histogram bar is essentially flat on top indicates that no significant performance difference was seen when running these kernels native or virtualized. The paper presents a much more in-depth analysis of both memory and CPU performance and essentially concludes that no significant performance differences were found.

While this is certainly promising and a useful result when considering single threaded application performance, it will still be important for us to measure performance of highly-threaded applications within a single virtual machine to assess the scalability of our infrastructure. Nonetheless, the results presented in this paper are encouraging.

Based on these results as well as performance results published by two other companies (I need to be vague until I have permission to share their results) who examined several single-process, parallel HPC applications and who found generally small slowdowns, I feel it is possible today for virtualization to be deployed in certain carefully chosen HPC vertical markets where large throughput workloads are processed and applications do not require MPI. Issues related to MPI are addressed below.


Figure 8: High Performance VMM-Bypass I/O in Virtual Machines, Liu et al, USENIX ‘06

A second paper examined the use of MPI and InfiniBand in a virtualized environment. More specifically, the researchers prototyped the equivalent of an OS bypass mechanism for Xen to allow the guest operating system to gain direct access to the underlying InfiniBand hardware and to achieve maximum possible performance. The left-hand graph in Figure 8 demonstrates that native and virtual latencies in this test framework were the same over a range of small message sizes. It is important to note that this result was generated with MVAPICH in polling mode. As can be seen in the right-hand netperf test, performance results can be lower in the virtualized case if interrupts are used to handle transfer completions. This is essentially because interrupts currently cannot be passed directly to the guest OS. For correctness, they must pass through the virtualized infrastructure which can add latency and decrease performance and small message sizes. Again, we need to measure all of this ourselves with our own products to assess where we stand and where improvements are needed.

It is also important to note that the above bypass approach punches right through the virtual machine abstraction and lets a guest operating system see a real piece of hardware in the system. Doing so either degrades or destroys the ability to live migrate workloads from machine to machine, which in turn makes it impossible to deliver several of the valuable capabilities for HPC outlined earlier in this piece. Whether we can mitigate the impact and do so in a way that is acceptable to VMware engineering and business owners remains to be seen. More study is needed in this area specifically.

The above observations regarding interrupts are also valid in a broader context that includes storage and networking. In cases where runtimes include a large amount of time spent in the transfer of primarily fine-grained messages, this may also lead to a degradation in application performance.

Summary

In this introductory piece, I’ve given you the flavor of the argument for how virtualization might be used today for some parts of HPC and also touched on some of the performance issues, both promising and concerning, related to virtualizing HPC. In subsequent posts I’ll share more details on performance, on discoveries we make as we continue to experiment, and on progress we are making on delivering the value of virtualization for HPC. We are at the beginning of a journey to a very interesting future for HPC – please join me!

Folks,

Its always hard saying good bye to these wonderful devices but we are happy they are going to a good home. Please help me congratulate Bill Dall ! Bill is the guy you want to go to Las Vegas with.

Best Regards,

Pablo Roesch - vSphere SDKs / CLIs Product Marketing

Time		Room
Tuesday 11:00 AM		Moscone North Room 133
Wednesday 10:30 AM		Moscone South Room 103 <= Just added
Thursday 10:30 AM		Moscone South Room 302

Folks,

We managed to get most of our SDK and PM teams to hang out and meet you guys at our booth during VMworld. Please note peoples schedules subject to change due to the nature of the event.

Latest updates @VMdeveloperday

Demo Location: Moscone Solutions Floor: vPod C112

Demo Description Overview: The demo will target System Administrators and Developers interested in using the vSphere APIs to manage the vSphere Platform.

Monday August 30, 2010
AM Shift	NA	NA	NA
PM Shift	4:00 – 7:00	Pablo Roesch	vSphere SDK Product Marketing
		Sia Yiu	Sr. Product Manager PowerCLI
		Sidharth Surana	SDK MTS Ecosystem Engineering
		Steve Jin	Sr. MTS Ecosystem Engineering
Tuesday August 31, 2010
AM Shift	11:00 – 2:30	Yavor Boychev	VMware Engineering Mng.
		Sidharth Surana	SDK MTS Ecosystem Engineering
PM Shift	2:30 – 6:00	Dildip Kaur	SDK Dev Support Engineering
		Angela Soni	SDK Dev Support Engineering
Wednesday September 1, 2010
AM Shift	10:00 – 2:00	Vladmir Goranov	VMware Engineering Manager - PowerCLI
		Yavor Boychev	VMware Engineering Manager - PowerCLI
		Sidharth Surana	SDK MTS Ecosystem Engineering
PM Shift	2:00 – 6:00	Dildip Kaur	SDK Dev Support Engineering
		Angela Soni	SDK Dev Support Engineering
		Rajesh Kamal	SDK MTS Ecosystem Engineering
Thursday September 2, 2010
AM Shift Only	10:00 – 2:00	Sidharth Surana	SDK MTS Ecosystem Engineering
		Rajesh Kamal	SDK MTS Ecosystem Engineering

Here is our Top 20 KB list for the past month. The list is ranked by the number of times a Technical Support case was resolved by following the steps in a published Knowledgebase article.

Enhanced VMotion Compatibility (EVC) processor support (1003212)

Upgrading to ESX 4.1 and vCenter Server 4.1 best practices (1022104)

Powering off an unresponsive virtual machine on an ESX host (1004340)

Upgrading ESX 4.0 to ESX 4.1 (1022140)

Upgrading to ESX 4.0 and vCenter 4.0 best practices (1009039)

Downloading and Installing VMware Fusion (1005466)

Best practices for using and troubleshooting VMware Converter (1004588)

Troubleshooting VMware High Availability (HA) (1001596)

Virtual machines stop responding when any LUN on the host is in an all-paths-down condition (APD) (1016626)

Restarting the Management agents on an ESX or ESXi Server (1003490)

Uninstalling, reinstalling, and upgrading VMware Fusion (1014529)

Consolidating snapshots (1007849)

vSphere 4.1 upgrade pre-installation requirements and considerations (1022137)

Purging old data from the database used by VirtualCenter 2.x (1000125)

Best practices for virtual machine snapshots in the VMware environment (1025279)

Recreating a missing virtual disk (VMDK) header/descriptor file (1002511)

Virtual machine does not power on because of missing or locked files (10051)

Installing VMware Update Manager 4.1 fails with the error: Error 25085 (1024795)

Overview of upgrading from VMware Infrastructure 3.x to vSphere 4.x (1021101)

Troubleshooting transaction logs on a Microsoft SQL database server (1003980)

In this installment, we'll look at one of the most complex, and yet perhaps the most powerful aspect of CIM - asynchronous events, or as they're officially named, CIM Indications.  In this post we'll talk a little about how the plumbing works to subscribe for and receive indications, and then look at a real-life event using the included example code.  With these examples, you should be able to quickly build up your own custom datacenter monitoring solutions for hardware health event detection.

The exact mechanism of subscribing for and receiving events in CIM depends on which wire protocol you're using.  In this example, since I'm using CIM XML, we'll focus on how that plumbing works.  If you use WS-Management, then there's a slightly different approach.  First, lets look at the theory behind how CIM XML based indications work.

With indications, the consumer first has to subscribe for indications and tell the server what sorts of events they're interested in.  As part of that subscription, the consumer has to tell the server where to send the indications, which we call the listener.  In the CIM XML model, the listener is really nothing more than a primitive web server that can handle HTTP POST operations, and parse and respond to CIM XML payloads.  So in essence, the client becomes the server, and the actual server becomes the client when delivering events.  When an event occurs on the server that matches the subscription, the server will open an outgoing socket to the listeners address and port number, and send the indication encoded in CIM XML over an HTTP POST operation.  This of course means this model doesn't work if you have a firewall in between the client and server without jumping through hoops setting up proxies or port forwarding somehow.

At present, pywbem does not include a generic listener, but that's OK because python does have all the primitives we need to build this up with ease.  In under 150 lines of python we can whip up a fairly functional indication listener.  I'm not going to devote space in this post describing exactly how the listener is implemented -- you can read through the attached code in detail if you like.  The code is written to work either standalone, where it will just dump out the indications it receives to the terminal, or you can import it into another script and wire up callbacks that will be called when an indication is received. If you're comfortable writing your own python scripts, then leveraging this listener would look something like this:

import indicationListener

import threading

portnumber = 1234 # Pick any number 

def myCallbackRoutine(listener, instance):

  # do something interesting here with the indication instance

indicationListener.SimpleCIMXMLListener.registerCallback(myCallbackRoutine)

t = threading.Thread(target=indicationListener.runListenerForever, args=[portnumber])

t.start()

Once we have a listener working on a known port, then we have to subscribe.  Subscription in CIM XML requires creating instances of two endpoint classes, and an association.  I've attached another python module to this post that does all the heavy lifting for you, so all you have to do is specify some arguments and it will take care of the rest.  Again, like the listener, you can either run this as a stand-alone tool, or import it and run it within your own scripts. Continuing from the snippet of code above, if we wanted to import this as a module and use it within another script, the code might look something like this.

import indicationSubscriber

myhostname = 'xxx' # replace with local host name (name of listener)

import pywbem

classname = 'VMware_CIMHeartbeat'

client = pywbem.WBEMConnection('https://myserver', ('root', 'password'), 'root/cimv2')

indicationSubscriber.subscribe(client, 'myserver', classname, myhostname, portnumber)

And you should start seeing a steady stream of "heartbeats" from the ESX system.  If you call the subscribe routine with an additional "True" at the end that tells it to unsubscribe only - by default it unsubscribes first to clear out any old subscriptions, and then subscribes.  (Note: These heartbeat indications are really only meant to be a debugging/setup aid.  I wouldn't recommend using them as a real-life heartbeat, as the frequency is too high and will cause network load issues if you have a large number of hosts.)

So now that we've got the plumbing out of the way, lets explore some "real" indications on the system.  One approach is to use formal documentation to figure out what classes to subscribe for.  To do this for the VMware implemented classes, take a look at the API Reference doc, click on "All Classes" in the upper left, and then search for classes with "Indication" in the classname in the lower left.  Alternatively, you can use a live system to figure this out on the fly.  Here's a simple block of code to display all the implementation classes that might be of interest given a starting classname (it hides all the superclasses that have some derived class.)

def dumpLeafClasses(client, classname):

   list = client.EnumerateClasses(ClassName=classname, DeepInheritance=True)

   superclasses = set()

   allclasses = set()

   for theClass in list:

      allclasses.add(theClass.classname)

      if theClass.superclass is not None:

         superclasses.add(theClass.superclass)

   return sorted(allclasses - superclasses)

If we call that with the class 'CIM_Indication' then we'll get all the indications that are available on the system, in the given namespace. Lets try this on a live system with a client connection pointed at the 'root/cimv2' namespace:

>>> dumpLeafClasses(client, 'CIM_Indication')

[u'OMC_IpmiAlertIndication', u'VMware_CIMHeartbeat', u'VMware_ConcreteJobCreation', u'VMware_ConcreteJobDeletion', u'VMware_ConcreteJobModification', u'VMware_HHRCAlertIndication', u'VMware_KernelIPChangedIndication']

>>> 

We could then do a GetClass on any of these to inspect their Description qualifiers to get some more details on what they're for.  The one that we'll look at in this post is the OMC_IpmiAlertIndication, which is sent when a change is detected in the IPMI subsystem.  In the sequence below, I'll use the CLI versions, but you can do the same via scripts as described above.

First we'll start the listener (if we don't specify a port number, it picks one at random):

% ./indicationListener.py 

Listener started on port 2578

Then we'll subscribe for the indications (using the port number it just gave us):

% ./indicationSubscriber.py -P 2578 -H listener -c OMC_IpmiAlertIndication -s esxbox -u root -p ''

Cleaning up old registrations

Could not delete subscription CIMError(5, u'Class not found')

Could not delete handler CIMError(6, u'The requested object could not be found')

Could not delete filter CIMError(6, u'The requested object could not be found')

Creating handler

Creating filter

Creating subscription

Done - events are enabled for listener:2578

%

You can safely ignore the "could not delete" warnings - that just tells us we didn't have a previous subscription from this host.

Then we'll cause something to happen on the system.  On many systems (Dell for example) there's usually a chassis intrusion sensor that will detect if you open the case.  I find that to be one of the simplest indications to get to fire if you want to test to make sure you have everything wired up correctly.   (If you have redundant power supplies, unplugging one of them from the wall is another easy test scenario.) Within about 15 seconds or so (the interval at which the system scans IPMI for events), on the listener window we'll see events appear:

esxbox - - [09/Jul/2010 14:07:47] "POST /test HTTP/1.1" 200 -

OMC_IpmiAlertIndication

                     AlertType = 8

         AlertingElementFormat = 2

        AlertingManagedElement = root/cimv2:OMC_DiscreteSensor.DeviceID="115.0.32.0",CreationClassName="OMC_DiscreteSensor",SystemName="44454c4c-5100-1051-8039-b3c04f464e31",SystemCreationClassName="OMC_UnitaryComputerSystem"

         CorrelatedIndications = None

                   Description = Assert + Physical Security General Chassis intrusion

                       EventID = None

                     EventTime = 20100709160722.000000+000

          IndicationFilterName = None

          IndicationIdentifier = None

                IndicationTime = 20100709160735.766255+000

                       Message = None

              MessageArguments = None

                     MessageID = None

                OtherAlertType = None

    OtherAlertingElementFormat = None

                 OtherSeverity = None

                  OwningEntity = None

             PerceivedSeverity = 0

                 ProbableCause = None

      ProbableCauseDescription = None

                  ProviderName = RawIpmiProvider

            RecommendedActions = None

       SystemCreationClassName = OMC_UnitaryComputerSystem

                    SystemName = 44454c4c-5100-1051-8039-b3c04f464e31

                      Trending = Non

If we close the chassis, then we'll get the corresponding event telling us the problem has been resolved

esxhost - - [09/Jul/2010 14:08:12] "POST /test HTTP/1.1" 200 -

OMC_IpmiAlertIndication

                     AlertType = 8

         AlertingElementFormat = 2

        AlertingManagedElement = root/cimv2:OMC_DiscreteSensor.DeviceID="115.0.32.0",CreationClassName="OMC_DiscreteSensor",SystemName="44454c4c-5100-1051-8039-b3c04f464e31",SystemCreationClassName="OMC_UnitaryComputerSystem"

         CorrelatedIndications = None

                   Description = Deassert + Physical Security General Chassis intrusion

                       EventID = None

                     EventTime = 20100709160747.000000+000

          IndicationFilterName = None

          IndicationIdentifier = None

                IndicationTime = 20100709160801.404661+000

                       Message = None

              MessageArguments = None

                     MessageID = None

                OtherAlertType = None

    OtherAlertingElementFormat = None

                 OtherSeverity = None

                  OwningEntity = None

             PerceivedSeverity = 0

                 ProbableCause = None

      ProbableCauseDescription = None

                  ProviderName = RawIpmiProvider

            RecommendedActions = None

       SystemCreationClassName = OMC_UnitaryComputerSystem

                    SystemName = 44454c4c-5100-1051-8039-b3c04f464e31

                      Trending = None

If you look closely at the output, you'll notice there are a few fields that are numeric types that have special meaning.  This listener was written so it doesn't require a connection (and therefore credentials) on the host that's the source of the indication.  If you want to pretty print the value maps, you can modify the code to follow the same approach as I described in the 3rd blog post in this series, but that will require a client connection back to at least one ESX host that has the given classes implemented.

If you've got an LSI based RAID card on your system, try subscribing for VMware_HHRCAlertIndication and simulate some failures (assuming you have a RAID level that provides redundancy, you can pull a drive and see events fire.)

Folks,

We have been really busy this week. We are extremely proud to announce the availability of the vCloud SDK for Java. Prasad gives us an nice introduction to the SDK and we invite you to attend his session at Technology Exchange for Developers PPC-14 Wednesday at Noon - Moscone West

Session Title: PPC-14 - vCloud API - SDK to Improve Efficiency when Building Your Clouds

Time: Wed 12:00 - 1:00 PM

Location: Moscone West Room 3009

Please remember this is a special event and it is for Tech Exchange Attendees - the VMworld only Pass will not get you in you will need a Tech Exchange Pass - $299 with VMworld Pass, $399 with out VMworld Pass. http://www.vmworld.com/community/conferences/techexchange

Folks,

Just in case you were wondering how you were going to get your poster home we added a liitle diagram in the upper right hand side. Sia suggested we add an Origami option for the folks out there who like to get creative.

Enjoy

Pablo Roesch

Congratulations to Tom Flynn - Monday's Tech Exchange iPad Raffle Winner -

Folks,

We just got notice that a few people are having problems with the handles on the bags (including me) If you have any problems with your bag PLEASE stop by Materials Pick Up. The friendly staff there will give you another bag.

Hope you are enjoying our event. 

Regards,

Pablo Roesch

Folks,

We have plenty of PowerCLI 4.1 Posters available, come by our Labs in Moscone West and PowerCLI Demo Booth in the Solutions Floor. Also we made the posters so you can fold them up and take them home. See diagram in upper right hand corner. Enjoy

http://vmware.com/go/powercli

Pablo Roesch

Kevin Mitts and myself Rick Blythe from Global Services and Support just got out of the General Session presentation from CEO Paul Maritz and Steve Harrod. I was in awe at the size of the crowd, the size of the stage and the three massive video backdrops. How many thousands are attending this one session? Wow! Here's a short video clip I took minutes before the session began.

Lots of announcements today. I won't cover them all here; this is a Technical Support blog after all, but one huge announcement was of VMware vCloud Director. The Knowledgebase team has been busy preparing for this launch and I can tell you we have prepared and produced 13 KBTV videos ready for imminent release on our YouTube channel here.

We'll be showing these videos at our busy booth (Social Support) right behind the Genius Bar at the conference through Thursday. We're going to be giving away some Starbucks gift cards too so stop and say hello!

 As Day #2 starts here at VMworld 2010, if you are a blogger or vExpert, drop by the Social Media & Bloggers Lounge. Along with saying hi, you can get your blogger and vExpert buttons. 

The blogger buttons, aside from letting people know that you are a VIP and should get free iPads, will also give you access to the media briefing activities that are going on at the event. (These are in the South Moscone East Mezzanine - follow the signs to the press area.) You can also get access to the Press Working Room and Press Wifi (ask me for details on these).

The orange vExpert button with the cloudy brain is also available. The blue button for vExperts will get you into our event Weds 5:30pm. Pick those up by giving your name to Registration Customer Service in North Moscone. Ask for the CTO Reception Invitation. (Sorry, vExperts only and strictly one per customer!)

-- John Troyer

Here are the press events you might be interested in:

VMworld  2010 Media Roundtable Schedule of Events

Tuesday, August 31, 2010

10:45 - 11:30 am: Post Keynote: CEO Q&A Session

Location: Theater 2, East Mezzanine, Moscone South

Speaker: Paul Maritz, CEO, VMware

11:30 - 12:15 pm: Media Roundtable: End User Computing

Location: Theater 2, East Mezzanine, Moscone South

Speakers:

Vittorio Viarengo, VP, End User Computing Products, VMware

Noah Wasmer, Director, Product Management, Advanced Development, VMware

1:00 - 1:45 pm:  Media Roundtable: Private Cloud

Location: Theater 2, East Mezzanine, Moscone South

Speakers:

Bogomil Balkansky, VP, Product Marketing, Server Business Unit, VMware

Jordan Janeczko, Program Manager SIS Cloud Initiative, Siemens

Glenn Harper, VP, Chief Infrastructure Architect, Sabre Holdings

2:00 - 2:45 pm: Media Roundtable: Public Cloud

Location: Theater 2, East Mezzanine, Moscone South

Speakers:

Brian Byun, VP and GM, Cloud Applications and Services, VMware

Mark Leonard, CIO, Colt Managed Services

Kerry Bailey, Executive Director, IT Solutions, Verizon Business

Wednesday, September 1, 2010

9:00 - 9:45 am:  Media Roundtable: Application Platform

Theater 2: East Mezzanine, Moscone South

Speaker: Shaun Connolly, VP, Product Management, SpringSource Division of VMware

1:00 - 1:45 pm:  Media Roundtable: Security

Theater 1: East Mezzanine, Moscone South

Speakers:

Neil MacDonald, Gartner

Venu Aravamudan, Senior Director, Product Marketing, Security, VMware

Anil Karmel, Solutions Architect, Los Alamos National Laboratory

2:00 - 2:45 pm:  Media Roundtable: OEM Partners

Theater 1:East Mezzanine, Moscone South

Speakers:

Ed Bugnion, CTO and VP, Server and Access Virtualization Technology Group, Cisco

Timothy D. Webb, Director, Global Data Center and Enterprise Architecture Consulting Practices, Dell

Paul Miller, VP, Solutions and Strategic Alliances, Enterprise Servers, Storage and Networking, HP

Jan Jackman, VP, Global Cloud Services, IBM Global Technology Services, IBM

3:00 - 3:45 pm:  Media Roundtable: Zimbra

Theater 1, East Mezzanine, Moscone South

Speakers:

Jim Morrisroe, GM, Zimbra Division of VMware

John Robb, Senior Director, Products and Marketing, Zimbra Division of VMware

User expectations of their business computing environments are changing, being driven by their experiences as consumers. New state of the art devices and user interfaces, cloud computing and the associated SaaS-based applications, ubiquitous connectivity. These trends are converging and when combined are profoundly influencing the direction of end-user computing.

What are some of the traits of this consumer cloud experience?

·  A better user experience – simplicity;

· Instant gratification, multiple devices;

· Always available – my apps and data are backed up, replicated or synched;

· Ubiquitous access;

· Personalized – small, engaging applications (at least the client part is small);

· Pay as you go;

· Excitement and anticipation for the next great device or application.

In the technology sense, what does this mean?

· Self-service;

· Encapsulation and isolation between applications;

· Rock solid data protection;

· Simple and easy.

Sound familiar? It should as these are VMware’s core competencies.

The challenge for enterprise IT will be to meet these expectations in the corporate environment while maintaining corporate policy, delivering on SLAs and flexible delivery at low cost. And to do so at the appropriate user and application granularity, all the while bridging to the world of Windows applications and desktops.

Delivering this consumer cloud experience for the enterprise is our mission at VMware’s End-User Computing Products Group (read more about our vision in today’s End-User Computing announcement) and our vision for user-centric IT, which I first described in my vision blog exactly one year ago.

VMware View 4.5

The first step on this vision is to modernize the Windows desktop – encapsulate and isolate the elements of a Windows environment to make them more manageable and user-centric. Today, I’m really glad that I am finally able to talk openly about this next phase of our User-Centric Computing journey and I am pleased to announce the very significant View 4.5 release. First let me be clear about the 4.5 nomenclature; naming aside, this release is as broad in scope as any .0 product and really delivers on the promise of virtualization to modernize today’s desktop environment.

Today I want to offer a tour through some of the View 4.5 technologies:

Modernizing the Desktop:

In my vision blog, I spoke about the notion of composited desktops. To reiterate and provide context, both Server and Client VMs achieve much of their value through encapsulation and isolation from the physical hardware used to execute them. However, Client VMs also differ from their more static Server VM cousins in that they can be more complex to manage; running lots of different applications, many ad-hoc and stateful. I postulated that separating such a Client VM into a set of isolated virtual layers would ultimately be a better architecture for managing them. Well, now this abstract idea is available commercially and we call the result “Modular Desktops”, a major step towards a more modern desktop architecture.

In View 4.5, we have 3 layers in our Modular Desktops, the Operating System, the Applications and the User Persona and each of these layers has an optimized management technology geared to the unique characteristics of its respective layer. Best of all, these optimized layer management tools are all seamlessly integrated and controlled via the common View Manager interface.

View Composer is the technology we use to manage the OS layer. Now View Composer is not new, but what is new are significant functional enhancements that make it far more effective. We are introducing tiered storage support for View Composer, which enables the separation of the read-only gold master image, the redo log snapshots and even the guest OS paging file onto separate storage LUNs. This is very powerful – the read-only gold master is ideally suited for storage on SSD/flash drives, and by doing so time oriented I/O storms can be very cost effectively avoided.

For example, with this architecture, if many desktop VMs boot at the same time the OS images are all now loaded from cache-like SSDs, not via spinning media. Also, by moving the paging file and system temp files to separate “disposable” storage, a major cause of storage space consumption in the redo logs is eliminated, reducing the need to frequently regenerate the images. Paging files can even be moved off the SAN entirely and use local disks – these are transient and do not need to be preserved. This disposable storage is discarded after every user session.

View Composer also has added Sysprep support, enabling automatic generation of a unique SID for each cloned VM. Lastly, Persistent Disks (formerly known as UDD) are now first-class manageable objects, independent of the base VM and can be detached, migrated, reattach or even archived. With Persistent Disks, 4.5 begins to deliver the benefits of User Persona virtualization for stateful desktops. There’s more to come here once we complete integration of the RTO Virtual Profiles technology that I blogged about back in February into the View platform.

View leverages another product release we announced today – ThinApp 4.6 – for application virtualization, separating applications from the Guest OS and isolating them from each other. It is a robust technology in widespread use and with View 4.5 we’ve added integration and management through the View Manager console. ThinApp applications can now be packaged and stored on a network file share in what we call a repository and these repositories can be imported into View Manager. Once there, applications can be assigned to selected individual desktops or designated pools of desktops.

You can choose to have them streamed via a “shortcut” or have the ThinApp’ed EXE/MSI deployed locally onto the VM. ThinApp 4.6 has a myriad of great new features in its own right, but I wanted to explicitly call out one critical capability - our ThinApp Windows 7 support enables virtualization of legacy apps on older Windows platforms for deployment to Windows 7. This has been a major stumbling block for enterprises as they have considered migration to Windows 7. With ThinApp 4.6 we ease this pain point.

And these technologies that comprise View 4.5’s modular desktops are all exposed and managed through one integrated console, View Manager.

View Client:

In my January blog on our thick client strategy, I introduced the View Client with Local Mode architecture for running View Managed VMs on unmanaged end-points. I said this was the ideal architecture for the Employee-Owned IT (EOIT/BYOPC) trend and that we would deliver it “soon”. Well, soon meant View 4.5 and View Client with Local Mode enables checkout and execution of View Managed VMs on almost any modern laptop. View Client with Local Mode, the industry’s first integrated offline virtual desktop solution enables users to access their virtual desktop even while disconnected from the network.

These VMs are usable when disconnected from the network. The VM is transferred to the end point and changes are efficiently replicated back to the data center in a sophisticated, fine grained manner when connected. VMs are encrypted using AES 128 or 256 bit modes and of course centrally managed through View Manager.

View Client with Local Mode brings all of the operational benefits – Business Continuity/Disaster Recovery, Rapid Provisioning, Security as well as Centralized Management and control to mobile users who require the freedom to work online and off the grid. And since it is based on common technology from the VMware Workstation product line, View Client with Local Mode even supports advanced graphics requirements including Win7 Aeroglass effects, DirectX 9 with 3D and sound and multimedia.

Also new in this release is a native Mac Client to allow Mac users to access their View virtual desktops expanding the number of uses cases that can benefit from View. The current release of this client uses RDP and will be supported with Mac OS 10.5 and above. Of course, subsequent versions will incorporate PCoIP.

We’ve added simplified sign on and authentication for virtual desktops over PCoIP channels supporting various authentication mechanisms including Windows username/password, smart cards/proximity cards, USB-connected biometric devices and a new “kiosk-mode” enabling MAC address-based authentication for fully unattended View Client operation. The release also supports “Tap and Go” functionality from our partner SSO Vendors – Imprivata, Sentillion, Juniper, etc.

These were some of the most passionate requests that came from our customers and we think that they will appreciate the new functionality.

View Manager:

Our integrated View Manager console is a critical part of the View experience and prompted Brian Madden to state in his geek week write-up that “Really it’s like View is a giant “easy button.” With View 4.5, we’re not resting on our laurels and have continued to improve our already best in class management interface. View now sports a rich new management console look and feel based on Adobe Flex, that displays tens of thousands VMs and related objects in one consolidated view. An important enhancement is delegated role-based administration, allowing the View administrator to create different roles with different access to View Manager by users/groups/virtual machines. This way IT can delegate tasks among different levels of staff while maintaining control over admin access.  

We’ve also created a unified view of event logs across entire View infrastructure – no more logging into each view broker separately to get information. Events are now formally defined with unique identifiers and standard attributes including module, user, desktops. Historical events can be stored in a configurable database that is accessed via VMware View Administrator. Report on events in the database using third-party reporting tools such as Crystal Reports to run audit reports.

As part of the extensibility of View, we have included a management pack for MSFT SCOM. This allows organizations that use SCOM to discover the View virtual environment which was not possible before. Now IT can use SCOM to discover, monitor their entire operation (physical and virtual) Including the ability to start/restart View services from SCOM console and enabling desktop administrators to receive SCOM View alerts indicating when and why something is in trouble with View servers. We’ve also added compatibility with Powershell, enabling extended management and scripting capabilities of the View environment through Powershell commands.

Finally, the new View manager UI delivers a comprehensive dashboard that provides quick insights into the current status of systems (View and vCenter) and virtual desktops and is scalable to larger configurations than previous releases. With vSphere and our block/pod based architecture, we continue to scale the View infrastructure modularly and horizontally. And now with View 4.5 there have been numerous improvements behind the scenes to the View Manager and its connection broker architecture yielding improved performance and scalability of the management interface; enabling management of a dramatically larger set of Desktop VMs through a single pane of glass.

I’m really pleased that I was able to share with you, for the first time publicly, what our View engineering team has been up to over this past year. They’ve sure been busy! I’m confident that you’ll agree with me that View 4.5 is a major step forward in virtual desktop technology, bringing a new level of modernization in desktop architecture to the marketplace and we’re looking forward to putting it in our customer’s hands in September.

Oh, and one more thing… If you think this is cool, just wait until you learn more at VMworld about our plans beyond the desktop…

---

We just released Onyx 2.0.

If you haven't heard of Onyx before - it's a tool that generates code based on the mouse clicks you make in the vSphere Client. Onyx makes it easy to see what is happening behind the covers and can help with development of scripts and automation solutions.

Here are the new features at a glance:

• More output formats – the new output formats are: raw SOAP messages, C#, and vCO JavaScript code.
• Easier to start – you can launch vSphere Client and PowerCLI directly from Onyx.
• New settings – you can configure which methods are ignored via the Settings dialog.
• Support for vSphere 4.1 – the new methods introduced in vSphere 4.1 API are available in the ouput.
• Many “invisible” changes – bug fixes, performance improvements, etc.

You can download and try the new release right away.

Folks,

Latest version of Project Onyx Tech Preview is now available, congratulations to the team !

Onyx official Website http://vmware.com/go/onyx

As the Product Marketing Manager for VMware vCloud Director, I am very excited to announce that as of Monday, August 30, VMware vCloud Director is generally available (GA) to the public.

This is a groundbreaking product. The technology under the covers is unabashedly complex, yet the user experience is fantastically simple. And this is reflective of the very magic underlying the product – the creation of complete logical separation between the consumption of IT services and the delivery and management of the infrastructure that supports them. IT can give users self-service access to their own isolated “virtual datacenters,” new units of consumption in the cloud that represent pools of compute, storage, and networking resources. Users deploy into these pools using standardized infrastructure service catalogs through a Flash-based web UI. On the back-end, IT can manage and architect the datacenter in the most efficient way, without unnecessarily siloed infrastructure.

In this way, VMware vCloud Director is the first product that truly enables cloud computing in existing datacenters. While public clouds have a number of great benefits – most notably instant access to on-demand capacity – most of our customers need a solution that provides these same benefits with the security, control, and long-term cost efficiency of their existing datacenter. And let’s not forget existing applications, hardware investments, people and skills. For most customers, the most pragmatic path to cloud computing is a dual-pronged approach that includes evolving existing datacenters into private clouds and using public cloud resources where necessary. In fact, we believe most customers will find that a hybrid environment using both public and private clouds is the best fit.

And when it comes to hybrid clouds – only VMware provides a clear and pragmatic path. It’s not enough to say that you have a private cloud and a public cloud - managing this sort of “mixed” cloud might actually be more complex than before.  Instead, VMware's vCloud Director provides a common, consistent platform for both internal private clouds as well as external public clouds.  In our hybrid cloud vision, customers have the ability to migrate workloads between clouds and interact with all clouds through the same set of programmatic interfaces and management tools. By VMware vCloud Director leveraging open standards such the VMware vCloud^TM API and the Open Virtualization Format (.ovf), and being used by a massive network of over 1,700 VMware vCloud service provider partners, we enabled customers to easily extend their datacenter capacity and manage public cloud capacity as easily as their own private cloud. And this week, we also launched VMware vCloud Datacenter Services, our solution to ensure customers have access to trusted, secure, and compatible public clouds that are ready for the hybrid cloud.

Over the past few months, I’ve worked with some of our most ambitious customers, building full private clouds on pre-release versions of vCloud Director, vCenter Chargeback, vShield Edge, vSphere Enterprise Plus, and vCenter Server. All of the pilots were successes, and the customers found a number of great uses for the product:

• Enabling the sales force to set up demos of complex software products to customers on the fly
• Consolidating datacenters and vCenter silos onto a shared infrastructure
• Providing developers and researchers a virtual sandbox for their applications
• Segregating and offloading data onto secure public clouds
• Simplifying compliance by standardizing on pre-approved infrastructure and application templates
• Enabling the easy transfer of workloads within an enterprise’s two datacenters
• Transforming a business model away from selling software on managed servers to providing convenient access to centrally hosted resources

Stay tuned on ReThink IT for more discussions on how VMware is leading the way with cloud computing to take the complexity out of IT. My colleague, Murthy, has been exploring many of these issues around cloud computing and, with his literary acumen, can explain even the most complex technology concept to a pre-schooler. I encourage you to join the conversation here and on the VMware Communities site for VMware vCloud Director.

And by the way, check out the article in the Wall Street Journal featuring VMware vCloud Director.

Greg 

I’m Venu Aravaduman, Sr. Director of product marketing for our security, storage and business-critical applications solutions. Today, at VMworld, we announced the availability of VMware vShield Edge, vShield App and vvShield Endpoint ! This marks a watershed moment for customers on the path toward IT as a Service. The VMware vShield family of products is designed to remove barriers to IT as a Service by delivering adaptive, cost effective and simple-to-manage security services.

Why is VMware focusing on security?

Traditional IT security tends to be rigid, brittle, expensive, and was not developed to be aware of virtualization and dynamic IT environments. As customers move towards building private clouds, traditional security models become very limiting. Today, it takes long lead times and a lot of pain to change ANYTHING around security policies and implementation. So, we asked ourselves: shouldn’t security be able to adapt instantaneously to changing business and infrastructure needs? This is precisely why VMware has a significant investment in enabling the next generation of IT security! And, guess what? Independent surveys of our customers show that they rank VMware very highly as someone capable of enabling and delivering this next generation of security solutions!

We are introducing 3 products to the market at VMworld 2010 – these are

· vShield Edge – Provides comprehensive network security and services for the edge of virtual datacenters

· vShield App - Protects applications in the virtual datacenter from network-based threats

· vShield Endpoint - Enables offloading of antivirus and anti-malware processing to security-hardened virtual machines delivered by VMware partners, strengthens security for virtual machines and their hosts while improving performance by orders of magnitude for endpoint protection.

We are also updating and upgrading out vShield Zones technology -- a feature of vSphere 4.1. The upgrade version now includes a more robust vNIC-level firewall, and this has complete control over inter-VM network traffic – a really important enhancement. vShield App builds on top of this capability. To read more about these products , visit http://www.vmware.com/products/vshield/

So, what’s the latest on VMsafe?

As you know, a couple of years ago we introduced the VMsafe program and set of APIs as the enablement for our first generation of introspection based solutions. There are currently 6 VMsafe partners, offering 7 solutions - for more information on VMsafe visit http://www.vmware.com/technical-resources/security/vmsafe.html. VMware is fully committed to supporting these solutions for our mutual customers. To summarize, we are building on the VMsafe foundation, and making this better for our partners and our customers!

Based on customer and partner feedback, VMware is now introducing our second generation of introspection based solutions; the first instantiation of this technology is in vShield Endpoint. This next-generation introspection platform brings additional benefits over the VMsafe investments, specifically

1) Broader integration of management frameworks with our partners

2) Better abstraction of lower level APIs, more ease of integration for partner solutions

3) More scalable partner based integration efforts, easier certification

We are building on the VMsafe foundation, and making this better for our partners and our customers. For example, Trend Micro is showcasing the first such solution to market in their Deep Security product, focusing on offloaded AV/anti-malware. We are also working closely with additional strategic partners such as RSA, Symantec, McAfee to enable solutions for offloaded AV and additional classes of endpoint solutions such as Data Leak Prevention, File Integrity Monitoring etc. Our longer-term direction is to drive this next-generation introspection capability to serve broad classes of solutions for endpoint and host protection solutions.

We have worked very closely with Cisco to ensure that our vShield solutions integrate well with Cisco UCS based deployments, as well as full support for the Nexus 1000 v. We are working closely with Intel to ensure that we can leverage Intel’s Trusted Execution Technology for attestation and compliance of cloud based platforms.

With our strategic industry partners, VMware is committed to delivering the infrastructure and security tools necessary to deliver IT as a Service to our customers. Please continue to watch for additional security updates from VMware.

By Raj Mallempati - Director, Product Marketing

Today, at VMworld 2010 in San Francisco, the VMware End-User Computing team is extremely excited to announce the launch of VMware View 4.5. This release is chock full of new features which enables customers to deploy desktop virtualization in a broad scale across the enterprise and address an increasing range of use cases.

In fact, Chris Wolf from Gartner has already declared View 4.5 as an enterprise ready desktop virtualization solution.

For those of you at VMworld, you will hear Paul Maritz and Steve Herrod detail our vision for the future of End-User Computing during the keynote. Our vision centers around the idea of delivering a consumer cloud computing experience within the enterprise while maintaining corporate policy, flexible service delivery at lower costs. You can read more about our strategy in today’s announcement.

A key first step to achieve this vision is to enable customers to modernize their existing desktop architecture so they can easily move from a more modern, user-centric model where users can access their applications and data from any device while providing IT with greater control and the ability to deliver increased efficiencies that maximize time and resources.

Here are some of the key features we have incorporated in View 4.5 to enable this vision:

Enhanced User Experience

• View Client with Local Mode – The industry’s first integrated offline and server hosted solution for desktop virtualization. End-user can check their virtual desktop out of the datacenter and work without a connection to the network efficiently and securely. Furthermore, the checked out virtual desktop will run on all existing and new PCs unlike other solutions. Additionally the checked out virtual machine is fully encrypted and has policies associated with it. This will enable organizations rapidly deploy desktop virtualization for BYOPC or EOIT (Employee Owned IT) use cases.
• Full Windows 7 support – Now with the full support for Windows 7, in View 4.5 and ThinApp 4.6, organizations can migrate to Windows 7 at half the cost and time. To further help our customers with their Windows 7 migration journey, a key new feature we are introducing in ThinApp 4.6 is the ability to virtualize IE6 and run it in Windows 7. Migrating your IE6 based applications cannot be any easier.
• View Client for Mac OS X - With View 4.5 we are further extending support for a diverse set of end user devices including Mac clients. This enables Mac users to access hosted Windows virtual desktops thereby extending the BYOPC or EOIT use cases to Mac users

Simplified and Integrated Management

• Integrated Application Assignment – Simplify the delivery of virtualized applications to end-users through the View Manager console. This integration enables ThinApp applications to be centrally managed and easily delivered to pools or individual desktops.
• Rich Graphical Dashboards – Simplify management and monitoring through improved reporting and diagnostics
• Role Based Administration – allows the distribution of IT tasks to the right administrator.
• Integration with Microsoft SCOM and PowerShell – Enable IT organizations to plug into existing management infrastructure and further simplify the management of View virtual desktops.

Best Desktop Infrastructure Platform

• Support for vSphere 4.1 and vCenter 4.1 – Deliver integration with the most widely deployed desktop virtualization platform in the industry and taking advantage of optimizations for View virtual desktops.
• Increased scalability –Customers can now deploy 10,000 virtual desktops per pod and use this modular architecture to scale out across their organization.
• Optimized Anti-virus Protection – Integration of vShield Endpoint enables the centralization of anti-virus and malware scanning to optimize virtual environment performance, simplify AV management and improve desktop security.

Lowest Acquisition Cost and Total Cost of Ownership

• Tiered storage support in View 4.5 – With the introduction of tiered storage, VMware View 4.5 helps reduce the cost of storage by enabling customers to take advantage of multiple storage tiers including high performance and locally attached storage. This helps to not only optimize performance but also allows organizations to reduce the cost associated with storage requirement for virtual desktop environments.
• Lowest Cost Reference Architectures – VMware has worked with partners such as Dell, HP, Cisco, NetApp and EMC to provide prescriptive Reference Architectures which enable customers to deploy a desktop virtualization solution that is both scalable and cost effective. For the first time in the desktop virtualization space our customers can deploy a virtual desktop solution which costs less than $500. Read more in the Reference Architecture here.

For more information on the enhancements above and the other features in the View 4.5 release be sure to check out the following:

View Point Blog: View 4.5 - Modernizing the Window's Desktop - a more technical look at the View 4.5 release

View Home Page - updated with new information related to the View 4.5 release

View Community Page - keep up with the conversations, ask questions and learn more about View 4.5

We’re also proud to be joined by our ecosystem of partners, many of whom have put out press releases today with solutions and technology that support the View 4.5 release.

General availability for the View 4.5 release is set for early September but in the meantime you’ll find a lot of information available for you to learn more about this release from the links above. You can also sign up for a free 60 day evaluation of VMware View 4.5 by going to the VMware View evaluation page and don’t forget to keep up with us on Twitter by following @vmwareview.

Folks,

Lots of great news this week at VMworld Tech Exchange. We are extremely happy to announce the creation of the vCenter Convertor SDK community. We welcome all developers to join the discussion, ask questions, provide feedback and participate.

The official URL for the Converter Community is http://vmware.com/go/convertersdk. A big thanks to our friends around the world that made this happen.

Hey everyone I just got back to the hotel after a nice 13 hour day at VMworld! I'm working labs 11-15 and am Co-Presenting the Orchestrating the Cloud session Monday, Tuesday, and Wednesday. Today's session from 3pm-4pm had over 130 people checked in and felt like it went pretty well. The session was intended to be discussion heavy around using VMware vCenter Orchestrator (vCO) to to perform cloud automation. As such, we presented a short series of 3 videos that highlight the usage of an upcoming vCO plug-in for VMware vCloud Director! There were plenty of questions throughout the session. If you happened to be at the session today and are stopping by to check out the site, please feel free to register and comment on this article and/or use the "Contact Us" form to provide us with feedback - and don't forget to fill out the online form for the Orchestrating the Cloud session at VMworld!

With over 16,000 (17,000) people in attendance this year, the labs are rockin' and people are excited :) Hope to see you here!

For those of you who managed to make it in on Monday - THANK YOU VERY MUCH for stopping by. If you missed Monday's session, we have 2 more sessions: 1 on Tuesday morning and a final one on Wednesday morning.

UPDATE: FYI - Day two of the labs saw the total labs deployed counter roll right past 8,000 labs!!! And we still have a couple days left!

Hello and welcome to my home, here within the CTO Community, at VMware. I'm Paul Strong, the CTO for Europe, Middle East and Africa (EMEA). I hope you'll be able to join me here from time to time to think, and talk, about how IT is being transformed by new, innovative technologies and how these fundamentally change the landscape for users of IT - from consumers to end users in business, government, academia and from developers to operations teams. I also intend to explore this from a particularly EMEA-ish perspective. These are very exciting times within our industry and I am thrilled to be an active participant in this transformation.

So what is my role here at VMware?

Well, in part, I am the connection between the Office of the CTO at VMware and VMware's partners, customers and field organization in EMEA.

From an outbound perspective I will be sharing VMware’s vision, strategy and direction, helping everyone understand the technology journey that we, as an industry, are on, how that is transforming IT and the businesses that IT supports, and how VMware is a key part of it. I will also be sharing VMware’s and its partners’ and customers’ experiences, enabling pragmatic implementations that not only deliver value today but provide the foundations for delivering and/or refining IT as a Service in the future.

From an inbound perspective it is also my job to listen and learn from our customers, partners and field organization. To take your needs (current and anticipated) and experiences back into VMware so that we can continue to innovate and deliver compelling new solutions, products and services, as well as improving and refining our existing offerings.

Of course, it is not in my role, nor my nature, to be a passive communicator. So I will also be helping to shape VMware’s vision, strategy and products, based on my interactions with you, and based upon my past experience as both an architect and operator of infrastructure and infrastructure tooling. I’ve spent many, many years working on how to deliver services on complex distributed infrastructure, a.k.a. Clouds. It is my personal mission to drive the development of technology that hides the inherent complexity within such infrastructure so that IT can focus on the high level task of managing business services, delivering the right Quality of Service, with the appropriate business agility, at the right price.

So bearing all of this in mind, please interact with me. Engage in a dialog. Comment on my blog. Discuss. Come up and talk to me if you see me at an event.

Cheers

Paul

The show has already started and we are excited to show you everything vSphere 4.1 has to offer. At the VMware booth we will be showing:

-Storage I/O Control and vStorage APIs for Array Integration

-Network I/O Control

-Memory Compression

-ESXI Hypervisor Architecture

-Availability Enhancements

If you get a chance, join me for an overview of vSphere 4.1 both today (12pm) and tomorrow (3:30). My session is TA9420.

Enjoy the show! See our keynotes and other video on demand here

Hello Technology Exchange Attendee,

Update in the Program Guide for Technology Exchange. Please see the following description of PRU-02 (Enhancing Partner Benefits – Update on the Re-Designed TAP Program) session. The session is at 3 pm today in Rm 3009, Moscone West. We look forward to seeing you there.

PRU-02 (Enhancing Partner Benefits – Update on the Re-Designed TAP Program)We are launching the re-designed TAP Program at Tech Exchange. Join us to learn about the new and updated benefits - broader set of licenses, enhanced business benefits, streamlined certification and support, and new tiering. These benefits address several key asks from our partners.

Look forward to seeing you there.

Folks,

As a special treat for you we will be giving away an iPad loaded with select sessions from event. Winners will be announced on this blog and @VMdeveloperday.Your names will be pulled randomly from our registration and survey lists. Please note you must be present to win and collect your prize.

Winner will be announced around 3:00 PM and iPad will be handed out in front of Room 2009 in Moscone West. Please bring your id - and good luck

VMware Data Recovery

Backing up the virtual machine using a VMware Data Recovery appliance fails with the error: Failed to create snapshot for [Datastore-Name] (1014412)

Date Published: 8/25/2010

VMware ESX

Rescanning all HBAs fail when there are NPIV virtual machines powered on (1013625)

Date Published: 8/23/2010

Netapp Snap Manager backups fail for LUNs with large numbers of virtual machines (1014516)

Date Published: 8/26/2010

Unable to claim the LUN back after unmasking it (1015252)

Date Published: 8/25/2010

iSCSI storage volumes configured with ESX/ESXi hosts are lost when the active storage controller fails (1016159)

Date Published: 8/26/2010

Unable to grow or expand a VMFS volume or datastore (1017662)

Date Published: 8/27/2010

Installing VMware Tools on a Linux Guest Operating System fails with the error: Unable to build the vmci module (1025260)

Date Published: 8/27/2010

Simultaneous migration with vMotion is limited when crossing resource pools (1026102)

Date Published: 8/27/2010

ESX host fails to boot from LUN that requires resignature (1026344)

Date Published: 8/25/2010

Rescanning after adding or removing LUNs generates a purple diagnostic screen with message: qla4xxx: mappings out of sync - stopping (1026413)

Date Published: 8/27/2010

ESX/ESXi 4.1 with network card NC522spf fails to install or upgrade with a purple diagnostic screen (1026431)

Date Published: 8/26/2010

Copy and Paste option is disabled in vSphere Client 4.1 (1026437)

Date Published: 8/23/2010

Not receiving activation email for evaluation and free products (1026455)

Date Published: 8/23/2010

HTTP file access to ESX 3.5 restricts special characters in filenames (1026469)

Date Published: 8/24/2010

The VMkernel log reports the log spew: owner xxxxx is not free on volume 'datastore' (1026494)

Date Published: 8/27/2010

Virtual Machine console is blank (1014725)

Date Published: 8/27/2010

Troubleshooting Storage Performance Issues (1009019)

Date Published: 8/23/2010

VMotion fails on ESX/ESXi 3.5 and 4.0 with some versions of nx_nic and unm_nic drivers (1026021)

Date Published: 8/24/2010

Using the Federal Support Log Scrubber (beta) for VMware Support Bundles (1026611)

Date Published: 8/25/2010

vMotion fails with the error: A general system occurred Invalid fault (1014371)

Date Published: 8/25/2010

VMware ESXi

VMware ESXi host log message: WARNING: VFAT: 154: File_Ioctl (1026423)

Date Published: 8/25/2010

VMware ThinApp

Virtualizing Multiple Browsers and Redirecting from Native Internet Explorer to Multiple Virtual Browsers with ThinApp ThinDirect (1026563)

Date Published: 8/28/2010

Which Native Browsers and Which Virtual Browsers Are Supported in the ThinApp ThinDirect Redirection Feature (1026564)

Date Published: 8/28/2010

ThinDirect.txt Syntax for Redirection from Native Internet Explorer to a Virtual Browser Such As Virtual Internet Explorer 6 (1026635)

Date Published: 8/28/2010

Installation and Registration of a Virtual Browser That Includes ThinApp ThinDirect to Redirect Web Pages from Native Internet Explorer to a Virtual Browser Like Internet Explorer 6 (1026636)

Date Published: 8/28/2010

Virtualizing a Browser Other Than Internet Explorer 6 in ThinApp (1026637)

Date Published: 8/28/2010

Virtualizing Internet Explorer 7 or Internet Explorer 8 with ThinApp (1026674)

Date Published: 8/28/2010

Updating the ThinApp ThinDirect.txt File with the ThinDirect.adm Administrative Template or Manually (1026677)

Date Published: 8/28/2010

Virtual Internet Explorer Redirects Websites to Native Internet Explorer (1026681)

Date Published: 8/28/2010

How To Virtualize a Browser Such As Internet Explorer 6; Set Up ThinDirect Redirection from Native Internet Explorer to the Virtual Browser; and Install and Register the Virtual Browser (1026836)

Date Published: 8/28/2010

VMware vCenter Server

Cannot change the status of pre-defined event based alarms from Unset to Warning or Alert (1014634)

Date Published: 8/26/2010

The Power On alarm is not triggered when the virtual machine is powered on (1015956)

Date Published: 8/26/2010

Unable to stage updates on ESX 3.5 hosts using VMware Update Manager 4.x (1026140)

Date Published: 8/24/2010

Update Manager upload error: A web exception has occured during file upload (1026602)

Date Published: 8/27/2010

VMware vCenter Site Recovery Manager

Snapshot LUNs are not removed after completing Test-Failover when using SRM with EMC RecoverPoint SRA (1012592)

Date Published: 8/23/2010

A Test Failover operation in Site Recovery Manager fails with the SRA message: Failed to create LUN snapshot (1013454)

Date Published: 8/24/2010

SRM Array Managers fails to discover replicated NetApp NFS volumes (1014643)

Date Published: 8/27/2010

VMware View Manager

VMware View virtual machines appear orphaned or inaccessible in vCenter Server (1016011)

Date Published: 8/26/2010

View Composer customisation fails to find configuration volume (1023146)

Date Published: 8/26/2010

Configuring the Novell Client GINA to work with PCoIP single sign-on (1025114)

Date Published: 8/24/2010

Virtual printer status always shows as Ready (1025939)

Date Published: 8/25/2010

Confirming the correct SSL certificate configuration (1026022)

Date Published: 8/23/2010

Datastores in the pool show low or zero disk space (1026047)

Date Published: 8/24/2010

Using USB passthrough in the View virtual machine fails (1026617)

Date Published: 8/25/2010

Redirecting USB audio devices in View Client for Windows (1023868)

Date Published: 8/28/2010

View Manager 4.0.x does not let you remove an invalid View Composer domain user from the QuickPrep domains list in View Administrator. (1026788)

Date Published: 8/26/2010

Hello everyone,

I saw at Yellow Bricks today some great shots that Duncan shared with everyone of the lab he is working in at this VMworld.  I thought I would do the same!  Mine are a little different:

And the datacenter that my rack is from is:

In the picture at the start of this blog, all of the blue lights signify the hosts that we are using to power the POD's that are in use on the other side of the truck to demonstrate things like Site Recovery Manager, ESXi, View and High Availability.  All of this is live, and not canned, and we have specialists ready to demo or answer questions.

Have a great VMworld!

Michael

The recently released vCenter Orchestrator 4.1 requires and takes advantage of a 64-bit OS. For development purposes, it can be desirable to have a single server to perform the following roles:

• Windows Domain Controller (Active Directory)
• E-mail Server (POP3/SMTP)
• Database Server
• vCenter Server
• vCO Server
• vCO Client

This short article is intended to help you get all these services running on a single server. Setting up these features in an incorrect order may result in conflicting ports and/or the inability to get some of the software installed.

Base Operating System

For simplicity, I have installed Windows 2008 Server Enterprise 64-bit edition in a Virtual Machine. After installation and activation, apply all current security patches and software updates.

NOTE: DO NOT MAKE THIS SERVER JOIN A DOMAIN OR BECOME A DOMAIN CONTROLLER YET. This will be done at a later step.

I have my dev machine configured with the following hardware:

• Single CPU
• 3 GB Memory
• 40 GB Disk

VMware vCenter Installation

After your base operating system has been installed, you should go ahead and get VMware vCenter 4.1.x installed next. When installing vCenter, an instance of LDAP and SQLExpress (DB Instance name will be "SQLEXP_VIM") will be used to manage local authentication and data.

IMPORTANT: During installation, on the "Configure Ports" screen, change the LDAP port from 389 to 3899 and the SSL port from 636 to 6369. These changes from the defaults are required to prevent port conflicts when the server is promoted to a Domain Controller.

Microsoft SQL Server Management Studio Express for 2005

During the vCenter 4.1.x installation, an instance of SQL Express 2005 was installed. We'll use this instance for the databases for vCO and the mail server coming up in the next steps... You'll need to get the SQL Server Management Studio Express for 2005 so that you can create the necessary databases. You can download it from here: Download SQL Server Management Studio Express for 2005.

NOTE: You'll need to be logged in as the "administrator" account or run a command prompt as the "administrator" account, then execute the msi installer, otherwise the installation will fail at the end.

Create a database for vCenter Orchestrator named "VCO" and a database for your e-mail server if you choose to use hMailServer for e-mail.

Install Active Directory

Now that vCenter is installed, you can run "dcpromo" on the server to create a domain controller! Perform this step before continuing on to the vCO and mail server installations.

Install an e-mail server capable of POP3 and SMTP

For an e-mail server, you'll want something capable of at least 5 accounts (possibly more depending on your test scenarios.) For my test/dev server, I chose hMailServer and have it installed. The installation is pretty simple and straightforward.

VMware vCenter Orchestrator (vCO) installation

Your base requirements are all set for a dev vCenter Orchestrator server so it is now safe to install vCenter Orchestrator 4.1.

The installation and configuration of vCenter 4.1 is nearly identical to that of vCenter 4.0. Please reference these articles for step-by-step instructions:

• How to install vCenter Orchestrator (vCO)
• How to configure vCenter Orchestrator (vCO)

Utilities and Other Programs

Your core dev server is ready, but you may want to grab a few other programs and tools to make your test/dev experience better. Some of my personal favorites are as follows:

• File/Directory comparison: WinMerge
• SCP File Transfer: WinSCP
• SSH Client: Putty
• Text Editor: PSPad
• Server Wallpaper Info: BGInfo
• CVS Client: Tortois CVS
• SVN Client: Tortois SVN
• Log Tailing/following: Baretail
• All around development environment: SpringSource Tool Suite / Eclipse
• E-mail Client: Zimbra Desktop / Thunderbird (Both clients are available for MAC OSX, Linux, and Windows!)

VMworld 2010 is almost upon us. We have a lot to talk about on the security front, as we begin the process of "building in" security into virtualization and cloud infrastructures, and embark on the journey to secure private and hybrid clouds.

The keynotes from Paul and Steve are always insightful - this year, in addition, there is a bit to talk about in the area of security, so do tune in!

I have a couple of sessions:
SE8389 - Architectural Overview of Virtualization Security for the Private Cloud

SE8520 - Panel Discussion - Private Cloud - Virtualization Security and Compliance, Meeting PCI Standards

I will be hosting three familiar experts in the virtualization and cloud security space:
Bret Hartman, CTO RSA/EMC EMC fellow
Christopher Hoff, Director of Cloud & Virtualization Solutions, Cisco (and blogger extraordinaire!)
Neil MacDonald, VP & Fellow, Gartner

So, this should be an insightful session. Come prepared with your questions - we'll keep this interactive.

We have also lined up several sessions on security:.
SE7811 - VMware View Security Architecture and Best Practices
SE7813 - vShield Edge & Application Protection - Architecture and Use cases
SE7835 - Securing your Cloud
SE8206 - Security Hardening Guidelines for vSphere
SE8378 - Compliance-Ready Virtual Infrastructure, Addressing PCI Security Standard for Virtualized Deployments
SE8421 - Hypervisor-based antivirus and endpoint security
SE8640 - How does Intel® Trusted Execution Technology address Cloud Computing security issues at hardware platform level

So, do visit us. And we do appreciate your ongoing feedback, as we chart a new course here.

/Allwyn

Hello, this is Martin Klaus again from the vCenter Product Marketing team.  VMworld San Francisco is less than one week away and it’s bound to be an awesome event for virtualization and cloud management. We have more than 20 management sessions, and the buzz around management is heating up -- as Dan Kusnetzky pointed out in his blog. As a track owner for the Private Cloud Management track I get to work with all the presenters of these sessions, and from what I’ve seen I can tell you that each and every session delivers thought provoking, high-quality content. There are too many diverse sessions to summarize in a few sentences, but here are some highlights that you cannot afford to miss:

Management Vision and Strategy Super Session

• SS1040 - VMware Vision for a New Generation for IT Management (Tuesday, Aug 31, 5:00pm)
  Ramin Sayar, Vice President of Products, Enterprise Management will discuss VMware’s vision for virtualization and cloud management. This is ­_the_ session to attend if you would like to understand how VMware’s approach provides purpose-built and policy-driven automation for dynamic environments to reduce management complexity and accelerate your journey to the cloud.

Management and Private Cloud Customer Panels and Presentations

• MA9789 – Virtualization Management Customer Panel (Wednesday, Sept , 12:00pm)
  Yours truly will be hosting managers and architects from three leading IT organizations who will share best practices and results from tools and processes they have implemented to achieve 800:1 VM per admin ratios, faster service delivery turnaround times, and 30:1 consolidation ratios for production systems generating an additional $750K in savings on Microsoft license fees.
• MA8338 – Hear From Several VMware Customers Who Have Successfully Built and Deployed a Private Cloud (Wednesday, Sept 1, 1:30pm)
  My colleague, Greg Bybee, will be hosting a panel of customers who have successfully implemented early access releases of upcoming technology releases to dramatically simplify the implementation of a private cloud architecture.

Analyst’s Perspective

• MA8092 -- Cloud Futures: The Infrastructure Authority (Tuesday, Aug 31, 5:00pm)
  Gartner’s Research VP Chris Wolf explores the emerging role of an “Infrastructure Authority” to be in charge of the growing need to meet security, regulatory and organizational policy constraints of private cloud infrastructure.

Technical Deep-dive Sessions

• MA7140 - vCloud Architecture Design Strategies and Design Considerations (Tue, Aug 31, 11:00am)
• MA8317 – vCenter Chargeback (Monday, Aug 30, 10:30am)
• MA8330 – 10 Best Free Tools for vSphere Management (Mon, Aug 30, 10:30am)
• MA8940 – Self-Service and Workflow Automation for the Private Cloud (Mon, Aug 30, 3:00pm)
• MA8181 – vCenter CapacityIQ (Tuesday, Aug 31, 11:00am)
• MA8649 – vCenter Configuration Manager (Tuesday, Aug 31, 1:30pm)

Again, this is only a short list with some of the management-related sessions at VMworld.  Be sure to check out the complete content catalog on www.vmworld.com.

Hope to see you in San Francisco next week!

Matthew D. Sarrel, Sarrel Group

Previously, I wrote about my experimentation with Terremark’s vCloud Express.  I found it insanely easy to create a VM from one of Terremark’s templates.  Yet, as we know, simply creating VM’s isn’t the end of the story.

I had a bunch of false starts trying to connect directly to my servers.  The best documentation I could find is here.

The steps involved are basically to download and install the SSL VPN client and then RDP (or SSH) into the VM directly.  It sounds easy enough but there’s more to it than that. The right way to do this is to click the VPN Connect button from the Servers page.  Much to my chagrin this appears to work only in IE.  I added the vCloud and the SSL VPN servers to my Trusted Sites:

Then I installed an ActiveX component, upgraded Java, and installed the SSL VPN client.

I ultimate arrived at this screen – remember this because it means you’re good to go.

I launched the RDP client and connected to the IP address (you can find this by clicking on the server and at the bottom of the screen it shows the “Detected IP”).  And voila, I was sitting at my desk controlling the mouse and keyboard of a VM located somewhere out in the cloud.

From here on it’s pretty straightforward.  I can install software either by downloading it directly to the server or by sharing my local drive with the server. Alternately, I could connect to the server by selecting it and clicking the “Connect” button.  This basically launches a remote session in the browser (again IE only).

It’s important to use the CD/DVD drop down list to mount and install VMware Tools.  I could also use the same drop down list to mount an .ISO or map a local drive – very useful when installing software for test purposes.

If you’re just getting starting on vCloud, let us know how it’s going and share your own experiences. I’ll be happy to post examples of common challenges, use cases, and lessons learned as you ramp up your working knowledge of the public cloud!

Matthew D. Sarrel (or Matt Sarrel) is executive director of Sarrel Group, a technology product testing, editorial services, and technical marketing consulting company.  He also holds editorial positions at pcmag.com, eweek, GigaOM, and Allbusiness.com, and blogs at TopTechDog.

“May you live in interesting times…” – Ancient Chinese curse/proverb

These are indeed interesting times for all of us, particularly so for IT as it undergoes one of the bigger changes in its young history. And this change permeates all aspects of IT: datacenters, clients, and even application development. The goal of this new community site is to provide a forum for discussing these changes. My hope is that we’ll all be able to help the industry navigate through and fully benefit from this transition.

Next Tuesday I have the privilege of presenting the VMworld kickoff keynote with our CEO Paul Maritz. We’ll share our vision for cloud computing and how the “New IT Stack” must be delivered across three distinct layers:

1. Integrated Infrastructure
2. An Application Platform
3. A New User-Provisioning Layer

Each of these areas is incredibly interesting and evolving rapidly… VMware alone has hundreds of engineers working on these along with thousands of engineers from numerous partners at each layer. In the coming weeks and months, VMware CTO Office members will elaborate on our thinking across all of them. More importantly, I hope many of you will challenge assumptions, ask questions, and contribute many of your own thoughts as to where the industry is headed.

This inaugural post is longer than future ones will be, as I’d like to share the motivating backdrop for this discussion, based on numerous customer and partner anecdotes.

The Rise of Enterprise Cloud Computing

As stated earlier, we are clearly experiencing the rise of a new era in IT, a shift as big as the one that moved us from mainframe to client-server computing to the web. The web completely changed the way we think about consuming services over the Internet, but that was only half of the picture. The other half is how those services are delivered. That is the focus of cloud computing, and that is the focus of VMware.

What is the origin of this change? Certainly the prevalence of powerful processors, more ubiquitous networking, and virtualization have enabled it, but I believe it is actually more of the business aspects of IT driving the change. Companies typically spend 70% of their IT budgets just on keeping their datacenters going… replacing failed components, troubleshooting outages, repelling security attacks, and doing other tasks that aren’t core to the mission of the business. Particularly during recent years of recession, this waste has become even more evident with CEOs and CFOs clearly wanting change. The allure of cloud computing is to shift much of this 70% towards activities that move the business forward… creating new applications that generate revenue, make them more competitive, or improve the quality of life for employees.

There are other changes also driving the move to cloud computing. First, the rise of public cloud offerings such as Amazon’s EC2 have, for the first time, made a rate card for basic IT services publicly available. For 7 cents an hour, you can have compute resources and for 10 cents per month you can have a GB of storage. These numbers push CEOs to ask awkward questions of the IT department… how much do you cost for these same services? Could I do better by pulling these services out of my IT department?

Secondly, these new services are “pay as you go”. Rather than make a large up-front capital outlay, you pay only for those resources that you consume. This is particularly attractive to new companies who can launch their businesses and more easily grow as they begin to make revenue.

And thirdly, we’re all experiencing a radical change in our personal consumption of computing capabilities. I can now instantly buy music, movies, and applications for my client devices. I can instantly sign up for email, and I can obtain goods with an online swipe of my credit card. This self-service ability is incredible. I don’t have to wait on anyone and have near instant gratification. The contrast between this and self-service and how IT works for many employees is stark. It can take days or even weeks from the time I request a server, some storage, or a new development environment until it is available for me. We’re expecting our IT departments to be more like these consumer services that we’re using, and this is also a promise of cloud computing.

Now, while there are these consumption needs driving IT to change, there is also a growing set of challenges for IT to deal with in production of these services. First, IT is held responsible for the availability and performance of IT-supported applications. In a world where more applications are served from datacenters outside of IT’s direct control, it’s harder to guarantee these service levels. Perhaps more top of mind are the security implications of putting company data and intellectual property outside of the direct control of the company. Right or wrong, there is concern that others may have access to critical company resources in this new world, and that causes many to hesitate. Related, there are more and more regulations facing many industries… SOX, HIPAA, and PCI, for example. In many cases, the organizations that provide these certifications are not ready for the brave new world of data living outside of the company’s direct ownership. And behind all of this is a requirement that existing application and infrastructure investments aren’t thrown out as we move to a brave new world. Quite a daunting set of challenges

Private, Public, or a Mix?

For these reasons and others, we’ve seen the rise of many different sorts of clouds. Most commonly discussed are public clouds, offerings from outside of a company’s datacenter walls that serve the business. The worries over service levels, security, and compliance have led to discussions of private clouds, new approaches to traditional IT where applications still run within the company’s datacenter walls, but are consumed in more of a public cloud-like fashion. It seems fairly clear that most mid- and large-sized enterprises will have a hybrid cloud environment and that each will manage this split differently; they’ll create their own private cloud that makes them more efficient and responsive while still maintaining the control that they require. They’ll also leverage public cloud offerings as the economics make sense and as the vendors offer higher levels of compatibility and control. With VMs as the lingua franca of both cloud types, each company will be able to choose the split between private and public clouds that best meets their needs, and move to cloud computing in an evolutionary way.

VMware’s Approach to Integrated Infrastructure

So how does VMware plan to attack this? We refer to our efforts here as VMware Cloud Infrastructure and Management, and we have three primary activities under way:

1. Turn existing datacenters into “private clouds”: Virtualization goes a long way towards making today’s datacenters more efficient, elastic, and scalable. We are building offerings upon this virtualized foundation that deliver on the additional key traits of clouds, namely self-service consumption models and chargeback or metered-usage. We are focused on servers and blades based on industry-standard x86 processors to provide the horsepower for these clouds. The end result will be the creation of a “private cloud” that brings many of the benefits of cloud computing to the enterprise while still giving CIOs complete control over their applications and data where control includes the ability to provide availability and performance guarantees AND to keep all of their data and IP in-house. This ability to reap the benefits of cloud computing without re-writing applications or relinquishing control allows the adoption of new technology in a more evolutionary way than previously possible.
   
   
2. Create an ecosystem of compatible “public clouds”: The next leg of our strategy is to offer software to hosters, service providers, telcos, outsourcers, and other owners of external datacenters that lets them offer computational capabilities to the enterprise. We base this software offering on the same VMware vSphere and vCenter product offerings as well, and the beauty of this approach is that it is compatible with what companies are doing within their own datacenters. VMs are completely portable to these “public clouds”, and they’ll get the same levels of availability and performance guarantees when they run them here. Along the way, we get to incorporate the learnings that come with being used in these public clouds, ultimately helping our products perform in the private cloud context.
   
   
3. Develop technologies that connect private and public clouds: It’s clear that most IT departments will have a mix of public and private cloud assets under their purview; VMware itself runs our private cloud for many business applications, but we also leverage more than 20 Software-as-a-Service (SaaS) offerings that complement the ones we’re running ourselves. We see a great opportunity to connect the private and public clouds in interesting ways including common management and monitoring tools, via storage replication, and with seamless network naming. The end goal will be even more choice for a company as to how much of their infrastructure runs inside and outside of their datacenter, and an ability to maintain appropriate levels of control as they do so.

Each of these activities are very large topics in their own right, and we’ll spend substantial time discussing them within this community.

And Beyond the Integrated Infrastructure…

The above discussion largely focuses on the datacenter and traditional server-based applications. The move towards cloud computing changes far more than just this space. In subsequent articles I’ll be discussing radical transitions that are also occurring in the next two layers of the stack… a new platform for cloud application development as well as a new approach to provisioning applications to users, regardless of where they are or what devices and gadgets they are using.

I hope you enjoy the exciting times ahead, and thanks again for participating in the VMware CTO Office community… with the keyword being “participating”!