Feb 262014
 

41zxoiTJ66L._SY300_

A neighbor of mine recently installed automated light switches like the one shown here, in all of his children’s bed rooms.  His kids had been constantly leaving the lights on when they went outside to play.  This way, if they were not using the room, he was not paying for the electricity to light a unused room.  The return on investment was quick given the cost of electricity vs the cost of the switches and time to install them.

Fast forward to a discussion I was having with a customer yesterday.  The customer wanted to “test the waters” in the public cloud because they had some changes coming to their datacenter.  They were looking to offload many of their applications to the public cloud so they could avoid having to purchase new server storage and networking hardware.  During the discussion, I mentioned Automation Center from VMware.  The customer asked, “If I looking to put things in the public cloud in the future, why do I need automation?”  A great question.  I shared with the customer my story about my neighbor above and asked him another question, “If your direction is to move things to the public cloud, you will begin purchasing your IT infrastructure as a utility.  How will you make sure your kids do not leave the lights on?”  There was a long pause as the gravity of the analogy set in.  I have seen customers today with current monthly public cloud bills that are 100 times+ my monthly electric bill.  This makes this requirement all the more critical.

Automation Center can build things in the public clouds in an automated fashion and still provide ownership and accountability for the things that users create.  You can mandate that all things created in the public cloud have an expiration date.  An application owner can see the end dates for everything they have requested.  An App Manager can see everything their department has requested and owns in the public cloud.  IT can see the owners and expiration of everything everyone from the company has created in the public cloud.  If we near the expiration, we can give the owners the option to request an extension (with proper approvals of course) and the expiration date will be moved out automatically.

What I try to help customers understand is not to think of Automation Center as the tool to take the request and create the VMs.  It’s a tool which manages the life of the things that users create from IT.  Whether that’s in the private cloud or the public or both.  With the cost of that public cloud adding up quickly, knowing that I’m only running the things I need to becomes all the more critical.  Now off to get some new light switches, damn kids left the lights on again.

Dec 102013
 

On the heels of the new vCOPs release comes a major update to vCAC.  You can find the download for this release here.  There are tons of new stuff in this release, specifically Anything-as-a-service, Unified Service Catalog, Puppet integration and enhanced vSphere support.  Here is the What’s New Section from the release notes:

  • Unified Service Catalog for Infrastructure, Desktop, and Application Services
    • In addition to its support for heterogeneous infrastructure, vCloud Automation Center now offers a single catalog for publishing and consuming application services. Users can browse the same catalog to request and provision single- or multi-node applications, just as they do for infrastructure and desktop services.
    • Catalog requests are now governed by a more flexible and powerful approval policy engine. Approval policies can be based on request criteria, support multiple levels of approvers (requiring one or all approvers at each level), and be enforced both before and after services are provisioned. Furthermore, administrators can set up policies that allow approvers to override specific request fields (for example, the lease duration).
  • Enhancements to Application Deployment and Updates (formerly “Application Director”)
    • Users can request applications from the Service Catalog and monitor their overall deployment status.
    • Application enhancements: Users can now roll back failed updates to restore the system. They can also significantly reduce the time to update an application by reusing update profiles that store frequently used update scripts and properties. This enables the promotion of changes across Deployment Environments to facilitate Release Automation, and scale-in of clustered applications to save unused resources.
    • External services: Users can reduce time to deliver workload by connecting to an external or existing service such as a load balancer, an existing database with pre-configured schema, SaaS applications such as Salesforce, an LDAP server, an SSO server and so on.
    • Policy-based provisioning: Administrators can enforce policies across different deployment environments by blacklisting application services or enforcing mandatory services. They can also facilitate policy-based provisioning by setting number of Total Instances (VMs) limits across all nodes in a deployment. Compliance View shows policy violations against currently active and effective policies on deployments and application updates.
  • Extensibility to any IT Service
    • In addition to out-of-the-box services, customers can now more easily extend vCloud Automation Center to publish any kind of IT service to the common service catalog. Whether it’s storage-as-a-service, backup-as-a-service, or something as simple as letting users add capacity to their e-mail account, the new Advanced Service Designer lets service architects design rich user forms and provisioning workflows in a matter of minutes.
    • Like out-of-the-box services, custom services leverage the same entitlement and approval policy engine, enabling organizations to enforce a consistent governance layer.
  • Integration with IT Business Management Standard Edition
    • Provides visibility into the cost and usage of on-premise virtual infrastructure and public cloud infrastructure, including benchmarking capabilities.
    • Supports “what-if” cost analysis to determine the best infrastructure type and placement options
    • Includes capacity, cost, and budget analysis capabilities for proactive planning
  • Improvements in Infrastructure as a Service
    • Support for VMware vCloud Hybrid Service: vCloud Automation Center now provides the ability to provision and perform basic administrative tasks on virtual machines deployed in vCloud Hybrid Services.
    • Support for OpenStack: In addition to vSphere, vCloud Director, Amazon Web Services, Hyper-V, Kernel-based Virtual Machine, Citrix XenServer, and various physical server management interfaces, vCloud Automation Center now provides support for provisioning and performing administrative actions on machines managed by OpenStack.
      • Supports RedHat OpenStack 3.0 (Grizzly)
      • Supports static IP and floating IP
      • Supports attach to VNC console
      • Support for Linux kickstart and WIMimage
    • Log in to vSphere machines from the service catalog: After a vSphere virtual machine is provisioned, a user can now access it via the VMware Remote Console.
    • Continued integration with vCNS: In previous versions, vCloud Automation Center provided support for placement in existing VXLANs, load balancers and security groups. This release adds support for the dynamic creation of isolated and routed networks and load balancers.
    • Support for vSAN as a datastore: vCloud Automation Center now supports storage clusters and allows the selection of a vSAN as a data store for a reservation.
  • Puppet Integration
    In this release, support for reuse of Puppet content to build application blueprints in Application Director allows application architects to accomplish the following goals:

    • Model multi-tier applications using Puppet modules.
    • Mix-and-match Puppet and non-Puppet content in application blueprints.
    • Import both Puppet Open Source and Puppet Enterprise Modules
    • Manage the application update life cycle while maintaining multi-node dependencies, property bindings, and diverse content types.
    • Leverage vCloud Automation Center Service Catalog to publish and request Puppet applications.
  • Enhanced vSphere support
    • vCloud Automation Center supports Storage DRS (SDRS): SDRS clusters and volumes are discovered as individual storage paths.
    • vCloud Automation Center supports storage clusters and recognizes a Storage DRS-enabled storage cluster as a datastore.
    • vCloud Automation Center automatically consumes the changes at the next data collection as datastores are added or removed from the storage cluster.
    • vCloud Automation Center supports Storage DRS automated mode.
    • vCloud Automation Center allows the selection of a cluster, standalone datastore, or a cluster member (datastore from a cluster) in the same reservation. All selections have the same priority and are accessed via round-robin.
  • Improved Administration Capabilities
    • Support for LDAP services: In addition to Microsoft Active Directory, vCloud Automation Center now provides support for LDAP-based directory services.
    • Improvements in multi-tenancy: vCloud Automation Center administrators can easily create multiple tenants with dedicated directory services, service catalog, and portal branding.
    • New verb-oriented RESTFUL APIs (BETA): New programmatic interfaces provide a more secure and easier way for external systems to interact with the vCloud Automation Center service catalog and cover operations such SSO authentication, submitting a service request, approving a request, listing provisioned items, and so on. These APIs are available for BETA testing and are expected to evolve in the next vCloud Automation Center release. Older vCloud Automation Center 5.x APIs are still available and have received minor updates for feature enhancements.
Dec 102013
 

A nice vCOPs update which includes support for Hyper-V and dashboards for Exchange and SQL.  You can find the download here.  You can find the What’s New section from the release notes below:

Improved Enterprise Readiness

  • Optimized query execution to improve performance at scale.
  • Enhanced authentication options with new active directory integration for authentication.
  • Improved security with upgrades to the OS and runtime environment.

Expanded Integration

  • New integration with VMware Log Insight using a vCenter Operations Manager Content Pack that enables you to monitor your vCenter Operations Manager infrastructure.
  • Expanded integration with vCenter Hyperic using the vCenter Operations Management Pack for vCenter Hyperic. This management pack provides many new capabilities, such as:
    • Support for Microsoft Hyper-V servers, including out of the box dashboards for troubleshooting and performance analysis.
    • Support for Microsoft Exchange and SQL Servers, with out of the box dashboards for troubleshooting.
  • Several new management packs are available for download. Check the Cloud Management Marketplace on the VMware Solution Exchange for more details: https://solutionexchange.vmware.com/store/vcops.
Sep 092013
 

In working with a customer on a demo yesterday and they asked this question:

So Mirage is licensed by named user, we just need to license it for our users and the number of devices does not matter, correct?

“Yes, that’s correct,” I said.

The reality is that it is correct, although it may not appear to be.  Let me explain:

The best description of this scenario can be found in this VMware KB article entitled VMware Horizon Suite 1.0 licensing.

In the Q&A section in the bottom of this article, you will find the following question (as of this writing):

“Q: When I purchase a particular number of Horizon Mirage licenses, how do I count the named-user licenses used?

A: Each named user who has access to a Mirage-managed endpoint consumes one license. One named user can have multiple Mirage-managed endpoints, and this named user still consumes only one license. The Workstation virtual machines that the administrator creates for ThinApp packaging are not counted as named-user licenses. Nor are the Fusion Pro base restricted virtual machines, which will be distributed to end users.”

That sounds correct, exactly as I understood it.  Each named user consumes 1 license and they can login to as many devices as necessary.

My customer then asked, “Can you show me where I can see the number of licenses in use currently?”

I proceded to go to the license screen which showed our demo license for 500 CVDs.  (CVDs are Centralized Virtual Desktops.  They are a enpoint that is protected by Mirage.)

The customer then asked, “Since a CVD represents an endpoint, how is your 500 user count accurate if the product draws off one license for each endpoint?”

“That’s a great question,” I said.

It would appear that the product is not actually managing the licenses as the software license policy dictates.  I have run into this quandary before in Mirage and I’ve not dug deep into the info to figure it out until now.

Surely I’m not looking at the right screen in the product so I grab my latest version (v4.2.3 as of this writing) of the Mirage Installation Guide and head to the section entitled “Managing Horizon Mirage Software Licenses”.

There I find this: “The Horizon Mirage Management server requires a license. The license file enforces the number of CVDs that you can run on your system and the duration of the license agreement.”  

Uh, wait what???  The admin guide says that the license is consumed by each CVD (or endpoint) and the KB Article says that the policy is per user.  Who’s right?

The answer is the policy.  The reason the product is drawing off licenses for CVDs is because Wanova (the company who VMware acquired who created Mirage) origionally licensed the product by endpoint.  It would appear that VMware changed the licensing policy so that it would work in a unified fashion with the rest of the Horizon Suite.  Unfortunately, it would seem, that the change in policy has not been updated in the current release of the product.

What is a customer to do?

My recommendation to my customers has been that if they find themselves approaching the CVD limit in Mirage but they have not exceeded their named user limit, to file a support request with VMware to request additional licenses for Mirage and reference the KB article above.  I am very confident that VMware will correct the code in Mirage to reflect the current policy in an upcoming release.  Unfortunately this has been confusing customers until the product code and the licensing policy become concurrent.  Hopefully this helps in the interim.

Aug 202013
 

Customers have been really loving the convenience of HTML access in Horizon View.  This provides a full desktop experience to a web browser with just HTML5 and no plugins, java, flash, etc required.  Very handy for users in many scenarios.  As of the time of this writing, there are some important features in the GUI client that are not available to HTML access.

Here is the functionality you get when using HTML access:

  • RSA SecurID and RADIUS authentication
  • Single SignOn to the desktop
  • Blast display protocol

Here is the functionality you do not get when using HTML access:

  • Printing from the virtual desktop
  • Audio
  • Clipboard support (copying from the endpoint to/from the clipboard in the VM)
  • USB device mapping
  • RDP protocol
  • PCoIP Protocol (HTML uses the Blast Protocol)
  • Smart Cards
  • Multiple monitors
  • Local Mode

For more information you can refer to the HTML Access User’s Guide.  VMware is constantly adding features to View and I expect this list to change.  I will try to revise this article as things change.  If I am outdated in my information, please comment and I’ll get it updated.