Vembu Community and Free Editions Updates

There are lots of resources available which help technical practitioners and decision makers evaluate options. One of the most valuable things that I’m enjoying with partner solutions that I work with is the community and free editions that are available. I run a reasonable sized lab environment which is ideal for using these platforms.

Vembu has been doing a lot around opening up more freely available tools to the market which helps get more environments protected and more of us involved in active testing of their products. I’m very pleased with the product experience and will be sharing those experiences in my upcoming data protection series.

Before you read those posts, I highly recommend taking some time and seeing what solutions may map out for you. With the timing of VMworld 2019 very near, it’s also super important for you to know what works and what may have any limitations based on your requirements. This means that you can have a more data-backed conversation around data protection as you evaluate potential solutions.

Free VMware backup software

VMware is the clear leader in virtualization but lacks an out-of-the-box data protection capability.  Despite years of taking a run at an internal offering, the rise in the data protection market shows that incumbent vendors generally can not get the same results on management features within their own products.  It’s ideal to look at the best-of-breed options by dedicated platform specialists.  VMware backup for free is part my own lab environment and I even use it on some cloud-hosted vSphere resources and store both on-premises and out in AWS using S3.

Product Page:

Data Sheet Page:  Product Datasheet

Free Backup for Hyper-V

I am seeing more and more Hyper-V implementations and the ease of building out a Hyper-V (also free with the Windows license) environment for labs is a great exercise to make sure to keep in tune with the latest happenings from the Microsoft virtualization camp.  This is also where having a free backup alternative is super helpful and I’ve been using Vembu as part of my lab infrastructure for Hyper-V as well.

Product Page:

Data Sheet page: Product Datasheet

Free Backup for Windows Server

Hey, don’t forget that you may have some standalone servers which need protection as well!  Despite everything being virtualized (which is not 100% true) and everything going to the cloud (also, not 100% true), the rest of us have a bunch of servers which need a little care and feeding, including data protection.

Product Page:

Data Sheet Page:  Product Datasheet

The differences you will find in the free versus the paid versions of any of the suite of tools is available in the online feature chart here:

Most notably different is the full support for CBT (Change Block Tracking) and CDP (Continuous Data Protection) which will be limited to a small number of virtual machines in the free editions.  Despite the limited count, you can run some full-featured testing using a subset of the environment which will give you an idea on the performance and capabilities.

Please let me know if there are any specific features you want to have explored and shared in the series.  Big thanks go out to Vembu for their support of the community as well which includes things like blog sponsorship and tons of information sharing with the blogging community.

vSphere arrives on ARM, but not for the reason most admins are thinking

There is a surprising amount of confusion on what the vSphere on ARM architecture announcement is about. The main reason for this is the pretty heavy focus on people thinking that it’s meant to run on a Raspberry Pi or similar device. Ok, I get the cool nerd factor, but seriously, we have to stop for a moment and think about what the real end-game is here.  This is my armchair analyst’s opinion on what I am seeing play out.

vSphere on RPi is like VDI on the iPad

We all remember the keynotes and sessions from a few years ago featuring Horizon clients running a full windows desktop on an iPad. It was the cool thing to do on a keynote stage both at the Citrix and VMware events. We collectively gave our best nerd squeals in joy as we saw the fact that we could suddenly access these nifty systems on the fastest growing touchscreen ecosystem.

It didn’t take until even the end of any of those events to realize that it was really not going to play out like some of the pundits would say. What we were witnessing was the best possible test market:

1. Freshly available consumer equipment that was in the midst of taking the title of future enterprise toy
2. New way to remind us that we weren’t done innovating the desktop yet

The real story that ended up coming from that wave of nerd joy was that desktop and application admins suddenly were forced to think about creating a touch experience. We also saw the move towards virtualizing the applications on top of the desktop and streaming them. Citrix solved that problem a decade earlier but the industry wasn’t quite ready to broadly move towards streamed applications.

The “app marketplace” mentality suddenly forced our (our being the industry as a whole) hands to rethink how we deliver application services. Enter the cloud, and we are now in the next big wave of actually playing out the original vision of delivering an enterprise-grade remote user experience using a touch interface. It also opened up the doors to a new market for mobile device management (MDM). Hmmmm didn’t VMware buy a bunch of technology right around that time and also pour millions of money into R&D, finally aligning the VDI and vApp teams?

You know where the RPi vSphere story is going now, right?

Change the names a bit (Raspberry Pi is now edge devices running on smaller form-factor ARM architectures) and the Horizon on iPad (read vSphere on ARM) is now the lead-in to the real story.

The financials clearly show that vSphere license sales are declining or flattening. That’s natural with the 500K-600K customers already on board and at high levels of virtualization.

1. Lots of cloud providers run on ARM
2. Lots of edge devices do, or will run on ARM

Think trends (even early ones) and where they ended up driving the ecosystem. VMware (as noted in their public financials) spent 1.2 Billion in 2017, will spend approximately 1.3 Billion in 2018, and estimates 1.4 Billion and 1.5 Billion in 2019 and 2020, respectively. Since vSphere licenses are slowing (read: less serves being sold with vSphere and the ones being sold are bigger and have higher workload ratios), the next area of growth is not selling server host licenses.

The five key areas to push into next are:

1. Management tools and suites – sell more stuff to the existing license owners
2. Network and security virtualization – NSX is clearly a targeted growth unit
3. Storage virtualization – vSAN and the hyper-converged Business Unit covers this one
4. Cloud and containerization – the workloads are moving, so they have to adapt and also to slow a potential mass exodus
5. Emerging technologies (containerization/edge/IoT/blockchain) – this is the new battleground for VMware

No need to go into the first four. You probably know that story already because it’s been playing out for the past 2 years. VMware spends now on things that won’t be live for at least 18-24 months (as does any company of that size), so the fifth area is where this next generation stuff will unfold the real reason to run vSphere on ARM.

Spoiler alert: it won’t be full vSphere in all cases. If the edge devices and IoT devices run something with vSphere-like APIs and can be managed like vSphere endpoints, then you now have the first four of those five things above that become very relevant (and profitable). Your vSphere endpoints can be sold endpoint licenses, network and security suites, and you may want to buy bare-metal cloud running ARM. This is where the new pioneering is happening. If you have 1.5 Billion to spend, you can imagine that significant portion is heading into the emerging space to make sure you put your fingerprints all over the future before it runs right by you.

I kind of like the nerd fun factor of running vSphere clusters on Raspberry PI devices. I also have to think about where the puck is going, not where it is now. VMware is playing a long game, as they should. This is just the market test. The real story is VMware making sure to lay the future bet. The only question is when, not whether this is the new battleground. It may seem like untouched powder on a freshly snow-capped ski hill. There are lots of skiers aiming to get first tracks.

PowerCLI 11.0 is Out – Easy Update and Features Galore!

PowerCLI fans unite and celebrate as the launch of the latest edition is now public.  If you’re a reader of my blog then there is a good chance you probably found me from PowerShell or PowerCLI  content which also is a hint of much more to come in the next while.

The first thing you will want to do as the new release is out is to make sure you get your install up to date.  If you haven’t already deployed PowerCLI using the modular approach and get past a couple of common gotchas with these blogs.

This is the list of added goodness as shared from the official PowerCLI blog on the update

  • Added a new Security module
  • Added new cmdlets for Host Profiles
  • Added a new cmdlet to interact with NSX-T in VMware Cloud on AWS
  • Support for vSphere 6.7 Update 1
  • Support for NSX-T 2.3
  • Support for Horizon View 7.6
  • Support for vCloud Director 9.5
  • Multiplatform support for the Cloud module
  • Updated the Get-ErrorReport cmdlet
  • Removed the PCloud module
  • Removed the HA module

These are handy as you get rolling with the most recent versions of vSphere and if you are a vCloud Director fan.  The security updates are probably the most prominent with the update to adding more with both native vSphere 6.7 Update 1 and the vSphere Platinum edition.

Running the Update using Update-Module in PowerShell

This example here shows how to easily update using PowerShell Module management which I’m showing from a Mac OSX installation.

You want to check to see which version you have first which is done using the Get-Module -Name VMware.PowerCLI first:

That confirms our current version.  This happens to be running 10.1.1 before the update.  All you have to do to get the latest update is run the Update-Module -Name VMware.PowerCLI and walk through the prompts. You will be asked about whether to trust the repository or not (spoiler alert:  you have to say Yes)

NOTE: If you’re reading this after future updates beyond 11.0 then you will get the latest edition available at that time from the PSGallery.

Here’s a quick 2 minute video to show you the install in action!

Happy Scripting!

Using VMware PowerCLI with Self-Signed TLS/SSL Certificates on vCenter

PowerCLI is one of the more popular scripting environments for VMware administrators and architects around the world, with good reason. It’s also something that newcomers to VMware environments often shy away from when errors are encountered.

Hoping to save you some time and a few clicks by sharing the most common first error that admins may bump into.  Many VMware vCenter environments are using self-signed TLS (aka SSL) certificates.  This is very common, especially with home labs.

My PowerCLI Won’t Connect to vCenter!!

The default configuration for PowerCLI is to require the use of a secure channel and to verify the certificate chain.  When first connecting to your vCenter without a certificate, or with a self-signed certificate, the command is super simple:

Connect-VIServer -Server YOURSERVERFQDN

Here is what happens:

The clear error condition shows that states “Could not establish trust relationship for the SSL/TLS secure channel with authority” for the FQDN (Fully Qualified Domain Name) of my vCenter server.

There is a simple fix for this.  The caveat with this fix is that you must be aware that you are enabling connections from PowerCLI to unsigned certificates.  As long as you are able to trust the target environments, this setting should be agreeable.  It must be noted just for the sake of proper security practices which should require the use of publicly signed or internally signed and validated TLS certificates.

Fixing TLS Errors for PowerCLI with the Ignore InvalidCertificateAction option

The configuration that needs to be set is the InvalidCertificateAction parameter.  When set to the default it will deny access.  The parameter must be changed by setting InvalidCertificateAction to Ignore which does not do a certificate check before performing actions using TLS.

The command is as follows:

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -confirm:$false

The resulting table shows the new parameter set as Ignore and now the Connect-VIServer will succeed even with our self-signed or invalid TLS certificate in place:

Hopefully this saves you some difficulty if the issue has stopped your PowerCLI from working as expected.