Looking Back at LinuxCon + ContainerCon + CloudOpen in China

LinuxCon + ContainerCon + CloudOpen (LC3) came to China for the first time last week at the China National Convention Center in Beijing.

LC3 enables attendees to collaborate, share information and learn about the newest and most interesting open source technologies, including Linux, containers, cloud technologies, networking, microservices and more. The events also provide insight into how to navigate and lead in the open source community.

Expert speakers from VMware shared their open source insights and technical knowledge at the event.

Dirk Hohndel, VMware Chief Open Source Officer, had an interview with Linus Torvalds, the creator of Linux and Git. According to Linus, the advantage of participating in open source is more opportunities to interact and share with people in this field and try something that you had always been interested in. Read this great recap of their interview via Linux.com: Linus Torvalds Explains How Linux Still Surprises and Motivates Him.

Ben Pfaff, Principal Engineer, and Justin Pettit, Senior Staff Engineer, delivered a speech on the Open vSwitch and OVN projects. In this presentation, they provide an overview of the current state of the projects and their future plans.

Ben and Justin also had another speech in this conference, entitled “The Business Reality of Building Open Source: What We Learned from OVS and OVN.” In this presentation, they discussed quite a few questions that commonly arise in supporting open source projects within companies that primarily develop closed-source software.

Henry Zhang, Chief Architect of R&D China, gave a speech on Efficient and Secure Container Image Management in Enterprise. In this presentation, he focused on the management of container images and reviewed the challenges to enterprises and discussed how to manage container images efficiently and securely to meet the need of enterprises.

Challenges addressed included RBAC (Role Based Access Control), image consistency, large scale image distribution, image replication and promotion and high availability of registry. The open source registry Project Harbor was introduced as part of the solution to these challenges.

Tiejun Chen, Staff Engineer, delivered a speech of Unikernalized Linux. In his speech, Unikernels are facing three major challenges:

  1. Compatibility with existing applications.
  2. Lack of production support (e.g. monitoring, debugging, logging).
  3. Lack of compelling use case.

Tiejun reviewed their investigations and exploration of if and/or how they can convert Linux as Unikernel to eliminate these significant shortcomings, plus some explorations of coordinating and cooperating with hypervisor.

VMware’s Booth at LC3

VMware also had a booth to promote open source projects, including Harbor, Clarity and Admiral. The booth attracted 200-plus visitors, who came over to have a deep interaction with our onsite engineers. They discussed the VMware technology in the open source area.

The conference gave us an opportunity to promote open source products to the China developer community, and we are looking forward to the opportunity to engage with many more open source developers at events throughout the rest of 2017.

 

The post Looking Back at LinuxCon + ContainerCon + CloudOpen in China appeared first on Open Source @VMware.

Source: Open Source @VMware

The VMWare Certified Dell EMC Networking Plug-in Solution

Dell EMC’s Networking Plug-in Summary Description:

The Dell EMC Networking plug-in lets an admin create an inventory of the physical network devices they wish to monitor. After the devices are discovered, the plug-in associates the virtual machine mapping to the physical device and the physical interfaces they connect to. The physical device alerts, health, CPU and memory utilization usage, and health is monitored and reported on the dashboards. There is no function to change the physical configuration of the physical devices in any way from this plug-in. This helps the Network Admins maintain control of the devices configuration and still share information that is relevant to other admins.
An administrator of a Software-Defined Data Center (SDDC) would find this physical network information very helpful.

BENEFITS: What are the benefits of Dell EMC’s Networking Plug-in Solution for vSphere?

  • Physical Network Inventory and health monitoring
  • VM to physical network mapping
  • Alerts, traps, and notifications related to field replaceable units in the network

For more information, visit Dell EMC website
Dell EMC Networking Plug-in VSX Link:
https://marketplace.vmware.com/vsx/solutions/dell-networking-os-9-web-client-plugin-for-vcenter

Take a look at Dell EMC’s Networking Plug-in Solution

Screen Shot #1: Dell EMC Networking Plug-in Summary

Screen Shot #2: Physical Inventory Summary

Screen Shot #3: Device Inventory

Screen Shot #4: Connected VM

VMware’s Web Client Plug-in Certification Program:

Many companies are building and certifying their plug-in. We have seen a surge in HTML 5 plugins being certified in 2017. Through VMware certification program, partners can ensure a better end user experience and have the trusted VMware brand behind their plug-in. Look for new partner web client plug-in certifications in 2017! Thanks to all of our partners for supporting the VMware vSphere web client plug-in certification and partner program.

VMware’s Solution Exchange (VSX): https://marketplace.vmware.com/vsx/?appType=3

vCenter website for vSphere web client plug-ins: http://www.vmware.com/products/vcenter-server.html

vSphere Fling for developing plug-ins: https://labs.vmware.com/flings/vsphere-html5-web-client

VMware Clarity – Plug-in development tool:  http://clarity.design

Social Media Channels: vSphere YouTube Channel: VMwarevSphere and Twitter: @VMwarevSphere

The post The VMWare Certified Dell EMC Networking Plug-in Solution appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

Secure By Default – VM.disable-unexposed-features

I’m super happy to announce that we are showing more progress in our quest for “Secure By Default” for ESXi and vCenter Server. This latest update is one that is near and dear to many of you who live and breath by the Hardening Guide (now called the Security Configuration Guide in 6.5) and its many offshoots and subsets and supersets like PCI, HIPAA, DISA STIG, etc..

In ESXi 6.0 Patch 5 (see below), many of the VM.disable-unexposed-features.* settings are now set to be “Secure By Default”. Meaning, the Hardening Guide / Security Configuration Guide desired values are the default values. (see table below) You don’t have to manually set them anymore.. Not that many of you actually did have to set them to begin with.

I know that these changes are going to bring up a LOT of questions. IT folks will have to deal with their security folks. So, this post will go into a little history to help explain things and hopefully calm any nerves.

Why were the settings there to begin with?

These settings come from the Workstation/Fusion code base. When a Workstation VM would get imported into ESXi customers would see these settings and wonder what the values should be. There’s little to no corresponding code on ESXi that use these settings.

What does “little to no” mean? There may be entry in the code that responds to a query but there’s no code to execute. Or, if there is code, after further review, it was deemed to be not a security issue.

The main reason why these settings got added is because for many customers (finance, 3 letter agencies, etc.), they have a policy whereby “if there is a setting there must be a value” so, over time, these values got added to past iterations of the Hardening Guide.

History

When I took over the guide 4+ years ago it had become like a set of firewall rules or a Jenga tower. “Stuff” was added over the years but never removed because of a fear of doing something wrong or pulling out the piece that made the tower fall. (I don’t have that fear. I do stuff wrong all the time.. Just ask my teenager!)

The guide had become unruly to manage and maintain so in the vSphere 6.0 timeframe I started the first of many reviews, not unlike a code review process. You can read about that process here.

For the vSphere 6.5 release I sat down with many of our engineers that maintain and develop the code you depend on every day. When I met with the group that deals with the virtual machine code on ESXi we went through every single VM setting/guideline in the guide. This was a fun and enlightening process for all of us!

What resulted out of that meeting was a bunch of bug reports that started the process of either dropping old settings completely or changing the default values for a number of settings to the value reflected in the guide. Specifically, for the purposes of this blog, the VM.disable-unexposed-features.* values. As these bugs are fixed they are assigned to patch releases. Sometime easy changes such as these can be backported to earlier releases. The settings below are in ESXi 6.0 Patch 5.

Secure By Default

Some ask (regularly), why these settings weren’t already set. The answers to that are lost in time. My goal isn’t to argue the past but to fix the future. The point driving this change is that security has now graduated to a primary interest of customers and we’re doing our part to provide you with the most secure platform available without a huge amount of management overhead. Fixing these settings is part of that effort. If security is a pain to implement then there’s a good chance it will be implemented wrong or not at all.

Where were the settings changed?

The default values for the settings were/are changed in the ESXi code. For ESXi 6.0 there is no reason anymore to add these settings to the VMX/VM Advanced Settings starting with 6.0 Patch 5.

How do I enable them?

You don’t! It’s been done for you in ESXi. If you are using VUM to update your hosts to 6.0 Patch 5 then when VM’s are migrated to an updated host they will be running with the updated values. You don’t need to power them down in this scenario.

If you are running a standalone host you can suspend the VM’s, update the host, reboot the host and resume the VM’s and they will be running with the updated values.

Changed Settings

Below are the guideline ID’s, their new value setting set in ESXi itself and the configuration parameter. If you are manually setting any of these settings on 6.0 then apply Patch 5 and you don’t have to set them anymore!

Guideline ID New Value Configuration Parameter
VM.disable-unexposed-features-autologon TRUE isolation.tools.ghi.autologon.disable
VM.disable-unexposed-features-launchmenu TRUE isolation.tools.ghi.launchmenu.change
VM.disable-unexposed-features-protocolhandler TRUE isolation.tools.ghi.protocolhandler.info.disable
VM.disable-unexposed-features-shellaction TRUE isolation.ghi.host.shellAction.disable
VM.disable-unexposed-features-trayicon TRUE isolation.tools.ghi.trayicon.disable
VM.disable-unexposed-features-unity TRUE isolation.tools.unity.disable
VM.disable-unexposed-features-unity-interlock TRUE isolation.tools.unityInterlockOperation.disable
VM.disable-unexposed-features-unity-taskbar TRUE isolation.tools.unity.taskbar.disable
VM.disable-unexposed-features-unity-unityactive TRUE isolation.tools.unityActive.disable
VM.disable-unexposed-features-unity-windowcontents TRUE isolation.tools.unity.windowContents.disable
VM.disable-unexposed-features-unitypush TRUE isolation.tools.unity.push.update.disable

Other versions?

“Wait! You said you started this process for 6.5 but you’re talking about 6.0? What’s the deal? Are the changes in 6.5?”

Unfortunately, I’m not at liberty to talk about any unreleased versions or patch releases. I can only talk about released versions or patches.

This release for 6.0 should, however, show that we are serious in making life easier for VI Admins and Security and Compliance folks. This is a big step in the right direction.

Patching resources

Here’s the resources for updating your ESXi 6.0 hosts.

Build numbers and versions of VMware ESXi/ESX (2143832)

https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=2143832&sliceId=1&docTypeID=DT_KB_1_1&dialogID=439816075&stateId=1%200%20439814722

Download Patches

https://www.vmware.com/patchmgr/findPatchByReleaseName.portal

ESXi 6.0 Patch 5 (ESXi600-201706001)

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2149958

Wrap Up

I hope this shows to you that there is always progress being made to make vSphere more secure while at the same time lessening the burden on IT to maintain that security. Lets not forget that the threat landscape is constantly evolving and that there is no one solution that will make you “secure”. You can’t just press the Easy Button. Security is an iterative process. There is no status quo if you are doing it correctly. “This is the way we’ve always done it” is not how best to operate.

I encounter situations where some security folks are visibly upset that I have removed a setting from the guide after it’s been reviewed and found to be no longer relevant. Back to the firewall rules example. If you aren’t constantly reviewing and adjusting then you aren’t doing security right. JMHO.

Thanks

I’d like to thank all the engineers who helped me tremendously in making these changes. Kudos to Jesse, Ravindra and many others for not only making our customers jobs easier but mine as well.

mike

The post Secure By Default – VM.disable-unexposed-features appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

vSphere with Operations Management Updates!

It’s that time again, release time! This month’s releases feature some great updates to vSphere with Operations Management in the form of vRealize Operations Manager (vR Ops) 6.6 and vRealize Log Insight 4.5.

Updates to vRealize Operations Manager 6.6

With this release, the first thing you’ll immediately notice is the updates to the user interface (UI). vR Ops now follows the Clarity Design System. Clarity is an open sourced project that focuses on applying standard user experience guidelines to an HTML/CSS framework along with Angular components.

What that really means, vR Ops has a new, easy to use, and amazing looking interface. Don’t take my word for it, see this example for proof:

vR Ops 6.6 Login Process

More information about the Clarity Design System can be found on the Project Clarity GitHub page.

This UI change also allowed vR Ops to streamline the process of accessing environmental information. The “Getting Started” dashboard is now more interactive and gives faster access to those listed dashboards.

vR Ops Getting Started Dashboard

Speaking of dashboards, quite a few were recipients of updates and added functionalities!

The “Workload Utilization” dashboard is one of my favorites and received some substantial updates. This dashboard is now known as “Workload Balance”. There are some good reasons for this change. The first is that it has taken over the duties of the DRS dashboard! We can now view and modify each cluster’s DRS settings directly from this dashboard. Additionally, we can now visualize the workload of distributed virtual switches, distributed virtual port groups, and even vSAN disk groups.

vR Ops 6.6 Workload Placement Dashboard

That’s not all, taking a look beneath the “level” image we’ll see some blue links. While there are no changes to the “Rebalance Container” link, the other two are brand new. The first of the new links gives the ability to schedule rebalance container actions at specific times and intervals. The other link is to configure the “Workload Automation Policy Settings”. There are three tunable settings: Consolidate Workloads, Balance Workloads, and Cluster Headroom. Watch this blog for a deep dive on how these can be used in the near future.

vR Ops 6.6 Workload Placement Policy Settings

The other dashboards receiving updates are the configuration orientated dashboards. These have been refreshed to show some better information based on inputs from our users.

Updates to vRealize Log Insight 4.5

This release of Log Insight has taken the vR Ops integration to the next level! There are now four different ways to interact between vR Ops and Log Insight. The Log Insight dashboard and interactive analytics modes continue with this release, but there are two new methods. The first is more by way of an action. Simply double clicking on specific objects will now bring up those related logs. The other new method is through vR Ops’ Alerts area. When opening an alert, there is a new link to “View Logs”. Clicking that link takes you to that resource’s events within Log Insight.

vR Ops 6.6 Alerts View

There have also been a handful of other updates on the server side. These include the addition of several new REST APIs to query alert executions as well as notification histories. This release also includes updated versions of the General and vSphere content packs. Lastly, the vSAN and vR Ops content packs are included by default.

Wrap Up

vSphere with Operations Management continues to get better and better. From the amazing new UI to the streamlined ability to access the information you need, this release looks as good as it performs.

Upgrade your environment today!

For more information on each new release mentioned above, please see the following:

The post vSphere with Operations Management Updates! appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

Oracle on the SDDC – CPBU 2017

Oracle on vSphere and the SDDC Developments 2017H1

Many positive developments have materialized over the past few months pertaining to the subject of Oracle on vSphere and the SDDC.  This blog entry will both summarize the individual developments as well as highlight the important aspects of each item.

 

VMware and Oracle Collaborate to Enable Advanced Security Features of Oracle Mobile Enterprise Applications

The Oracle Mobile Business Applications (OMBA) and the Oracle Mobile Cloud Service (OMCS) can now be managed on VMware Workspace One and Airwatch.  The collaborative effort is described in detail in the below press release constitutes a major breakthrough in the longstanding partnership between Oracle and VMware.  All Oracle applications and the RDBMS have been supported when running on vSphere since 2007 (Metalink note: 249212.1) and independently by the specialized VMware Global Support Services Oracle team.  This public collaboration brings together the platform maturity and security provided by Workspace One and Airwatch with the functional capability of the OMBA Suite.

Members of the VMware Experts Program Oracle Branch were interviewed and they overwhelmingly agreed that the security benefits brought to the OMCA suite through this collaboration will are critical to customer success.

http://www.vmware.com/company/news/releases/vmw-newsfeed.VMware-and-Oracle-Collaborate-to-Enable-Advanced-Security-Features-and-Streamlined-Management-of-Oracle-Mobile-Enterprise-Applications.3297390-manual.htm

 

VMware Experts Program – Oracle Branch

The VMware Experts Program 2017 events are dedicated exclusively to the Oracle Branch. VMware and the CPBU hosted 12 new Oracle-Experts attendees as well as 6 alumni at the event in Palo Alto in April.  The event featured 18 technical sessions and executive addresses from Shekar Ayyer VMware Executive Vice President, Strategy and Corporate Development and, R&D Corporate Development and Kit Colbert Cloud Platform BU CTO. Joining Shekar and Kit was Scott Dietzen CEO of Pure Storage to complete the all-star Executive Cast. Speaking of All-Stars, the group attended an MLB Game at AT&T Park in a Suite sponsored by VMware Experts Program partner Pure Storage. The game, like the event was fast-paced, intense and full of extra content as the Giants won when Hunter Pence extended the last at-bat in the 10th inning to 9 pitches before knocking in the winning run.

The EMEA Oracle event will occur July 18-20 featuring new program members from across Europe to include Finland, Germany, Switzerland and Ireland along with Russia and Azerbaijan.

The montage video for the Palo Alto event is linked below.

 

Mike Corey Blog on VMware Experts Database Program

Day 3 VMware Experts Workshop Oracle with Pure Storage

 

 Oracle On vSphere Licensing

The “Oracle Certification, Support and Licensing Guide” 2017 version has been complete and is available on the BCA Homepage Oracle section.  This landmark document, originally established in 2010 as a project of the Cloud Platform Business Unit (CPBU) has been developed and fine-tuned through a number of iterations since the original version by internal and external contributors. VMware extends specials thanks to Dave Welch and House of Brick for having contributed mightily to each version.  Strict rules for language translation have been published and are available by contacting Don Sullivan sullivand@vmware.com

http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/whitepaper/solutions/oracle/understanding_oracle_certification_support_licensing_vmware_environments-white-paper.pdf

The Oracle Licensing webinar “Straight Talk on Oracle on vSphere Licensing” 2017 is also available on the BCA Homepage Oracle section.

http://www.dbta.com/Webinars/1041-Straight-Talk-on-Oracle-on-VMware-Licensing-in-2017.html

 

Oracle Monster Virtual Machine Performance on vSphere 6.5

Todd Muirhead and the Performance Engineering team in collaboration with IBM (Storage) have developed a new Oracle related performance paper focused on classic Monster VMs with an impressive I/O related component. Following the landmark “Capstone” project from 2015 Todd, aided by IBM has once again proven that with vSphere 6.5, the adage “No Application Left Behind” is truer than ever.

http://www.vmware.com/techpapers/2017/vsphere65-oracle-monster-vm-perf.html

 

Business Critical Applications Homepage Oracle Section:

http://www.vmware.com/solutions/business-critical-apps/oracle-virtualization.html

 

Database Trends and Applications VMware-DellEMC Microsite:

http://www.dbta.com/emc

 

All Oracle on vSphere/SDDC Collateral is now consolidated under a single blog listing managed by Sudhir Balasubramanian sudhirb@vmware.com

https://blogs.vmware.com/apps/2017/01/oracle-vmware-collateral-one-stop-shop.html

 

The post Oracle on the SDDC – CPBU 2017 appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

The VMware Certified IBM Spectrum Protect 8.1 Plug-in Solution

The VMware Certified IBM Spectrum Protect 8.1 Plug-in Solution Capabilities:

Managing backup and recovery systems can be complex, especially with the volume of data being produced by modern businesses. IBM Spectrum Protect simplifies this process by delivering an intuitive and comprehensive data protection solution that makes it easy to take advantage of the cloud.  You can deploy IBM Spectrum Protect on the cloud to protect cloud-hosted data, or serve as a replicate site for on-premises backups. Built-in performance and efficiency features make it easy to migrate business class backups to the cloud and still meet recovery objectives. By scaling with the data it protects, IBM Spectrum Protect can help you to stay on top of backup and recovery with less complexity and cost.

IBM Restore Option – Screenshot #1

IBM Spectrum Protect VM Restore – Screenshot #2

BENEFITS: What are the benefits of IBM Spectrum Protect 8.1 Plug-in Solution for vSphere?

The VMware-certified plug-in solution from IBM Spectrum Protect 8.1 has many benefits:

  • Provides comprehensive data protection for cloud-hosted and on-premises data
  • Guided workflows built into vSphere give VMware Administrators more control of backups and restores
  • At a glance monitoring thru the use of a dashboard.  Monitor capacity, peak loads, and efficiencies
  • It is a replication site for on-premises backups
  • Enables graphical management at sites that don’t allow add-on software on Administrator workstations
  • Backup and recovery is less complex and less costly

For more information, visit http://www.ibm.com/systems/storage/spectrum/protect/

VIDEO: Watch it in Action – IBM Spectrum Protect 8.1 Plug-in Solution:

IBM Spectrum Protect for VMware Administrators

VIDEO #1 Link: https://youtu.be/Ca-aUUTZPUQ?list=PLymLY4xJSThpgA7yM_NE8max1b6Jxcnvs

IBM Spectrum Protect for Easier VMware Backups to the Cloud

Video #2 Link: https://youtu.be/orgCOv0MUXM?list=PLymLY4xJSThpgA7yM_NE8max1b6Jxcnvs

VMware’s Web Client Plug-in Certification Program:

Many companies are building and certifying their plug-in.  We have seen a surge in HTML 5 plugins being certified in 2017. Through VMware certification program, partners can ensure a better end user experience and have the trusted VMware brand behind their plug-in.  Look for new partner web client plug-in certifications in 2017!   Thanks to all of our partners for supporting the VMware vSphere web client plug-in certification and partner program.  

For more information, view the links below:

VMware’s Solution Exchange (VSX): https://solutionexchange.vmware.com/store/vsphere/web-client-plug-in

vCenter website for vSphere web client plug-ins: http://www.vmware.com/products/vcenter-server.html

Social Media Channels: vSphere YouTube Channel: VMwarevSphere and Twitter: @VMwarevSphere

vSphere Fling for developing plug-ins: https://labs.vmware.com/flings/vsphere-html5-web-client

VMware Clarity – Plug-in development tool:  http://clarity.design

The post The VMware Certified IBM Spectrum Protect 8.1 Plug-in Solution appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

Open Source Projects at LinuxCon + ContainerCon + CloudOpen China

LinuxCon + ContainerCon + CloudOpen China (LC3) will take place in Beijing next week, June 19-20. The event offers attendees the opportunity to collaborate, share information and learn about new and interesting open source technologies. Attendees to this year’s conference can examine how Linux, containers, the cloud, networking, and microservices can work with open sources technology. Attendees will also learn how to navigate and lead in the open source community.

We’re excited to be part of this great open source event, with experts from our technical teams contributing to four unique sessions and our open source team from the Harbor project onsite at the VMware booth. The team will be showcasing Harbor, Admiral and Clarity – stop by and learn how to become part of our thriving open source community.

Here’s what’s on our agenda:

The Open vSwitch and OVN Projects
When: Monday, June 19 at 13:35 – 14:05
Experience level: Beginner
Who: Justin Pettit, Lead Developer, Open vSwitch & OVN, VMware and Ben Pfaff, Principal Engineer, VMware

About: Open vSwitch (OVS) is a multilayer open source virtual switch. OVS is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces. OVN is a new network virtualization project that brings virtual networking to the Open vSwitch user community. OVN includes logical switches and routers, security groups and L2/L3/L4 ACLs, implemented on top of a tunnel-based overlay network.

In this presentation, you’ll receive an overview of the current state of the projects and future plans, such as:

  • The current state of the Linux, DPDK and Hyper-V ports
  • A status update on a portable BPF-based datapath
  • The latest stateful and OpenFlow features available in OVS
  • Performance and debugging enhancement to OVN
  • OVN features under development such as ACL logging and encrypted tunnels

Unikernelized Linux
When: Monday, June 19 at 15:35 – 16:05
Experience level: Intermediate
Who: Tiejun Chen, Staff Engineer, VMware

About: Unikernel is a novel software technology that links an application with the operating system (OS) in the form of a library and packages them into a specialized image that facilitates direct deployment on a hypervisor. Comparing to the traditional virtual machine (VM) or the recent containers, Unikernels are smaller, more secure and efficient, making them ideal for cloud environments. There are many open source projects like OSv, Rumprun and so on. But why haven’t these existing unikernels gained mass popularity? We think Unikernels are facing three major challenges:

  1. Compatibility with existing applications.
  2. Lack of production support (e.g. monitoring, debugging, logging).
  3. Lack of compelling use case.

In this presentation, you’ll learn about our investigations and exploration of how we can convert Linux as Unikernel to eliminate these significant shortcomings, plus some explorations of coordinating and cooperating with hypervisor.

Efficient and Secure Container Image Management in Enterprise
When: Tuesday, June 20 at 11:00 – 11:30
Experience level: Intermediate
Who: Haining Zhang, VMware

About: As container technology becomes widely adopted in the industry, containerized applications pose new challenges to administrators. The management challenges come from two aspects: the dynamic container runtime and the static container images.

In this presentation, you’ll learn how to address the management of container images and evaluate the challenges to enterprises. We will discuss how to manage container images efficiently and securely to meet the need of enterprises. Challenges to be addressed include Role Based Access Control (RBAC) of images, image consistency, large scale image distribution, image replication and promotion and high availability of registry.

The open source registry Harbor will be introduced as part of the solution to these challenges.

The Business Reality of Building Open Source: What We Learned from OVS and OVN
When: Tuesday, June 20 at 11:00 – 11:30
Experience level: Any
Who: Justin Pettit, Lead Developer, Open vSwitch & OVN, VMware and Ben Pfaff, Principal Engineer, VMware

About: A number of questions commonly arise in supporting open source projects within companies that primarily develop closed source software, such as:

  • How many resources should we allocate?
  • Are we just enabling our competitors?
  • What, if anything, should we keep proprietary?
  • What are the implications of the license being used?
  • What should we expect in terms of community contributions?
  • How do we balance the needs of the community versus the company?

As founding members of the Open vSwitch and OVN projects, the presenters helped answer these questions at both an early stage startup and a large established company. In this presentation, you’ll learn how they’ve navigated the often-conflicting goals of open source projects and our companies.

You can also find VMware’s Harbor team onsite at the VMware booth. Stop by to learn more about Harbor, Admiral and Clarity and become part of our growing open source community.

Not attending the event? Stay tuned here on the VMware Open Source Blog for more details and blogs from the speakers.

The post Open Source Projects at LinuxCon + ContainerCon + CloudOpen China appeared first on Open Source @VMware.

Source: Open Source @VMware

Huawei Storage Next Generation Client Plug-in Solution

Huawei Storage Next Generation Client Plug-in Solution Capabilities:

Huawei Storage Next Generation Client Plug-in for VMware vSphere Web Client, integrating with VMware vSphere platform, enabling VMware administrators to independently and centrally manage Huawei storage resources via VMware vSphere Web Client with more efficiency and ease. In addition, Huawei’s Storage NGC plug-in is integrated with Huawei OceanStor V3 series storage offering:

  • Storage Discovery
  • Health Monitor
  • Capacity Management
  • Provisioning Datastore
  • Backup
  • Restore Service

VMware administrators empowering effective and straightforward storage management via VMware vSphere web client.

Let’s take a look at Huawei’s plug-in!

1.       Where to find our plugin logo after installed.

2.       Summary of Huawei storage

3.       Monitor the alarms on Huawei storage

4.       Monitor datastores and LUNs for a specific host

5.       Implement storage operations for a specific host

6.       Create snapshot for a LUN, and recover LUNs from snapshots via our plugin

BENEFITS: What are the benefits of Huawei’s Storage Next Generation Client Plug-in Solution for vSphere?

  • Improving management efficiencies by enabling VMware administrators to effectively manage and monitor Huawei storage devices via vSphere web client
  • Simplifying data storage management with rapid provisioning
  • Providing Data protection with storage snapshots
  • Backup and restore LUNs mounted to ESX hosts by using Storage snapshots.
  • Examining Huawei Storage device health and status information
  • Viewing virtual machine information.
  • Providing all LUNs or File system information VM used on Huawei Storage

Read more about Huawei’s plug-in on VSX: https://solutionexchange.vmware.com/store/products/huawei-vcenter-plug-in-for-vmware

VMware’s Web Client Plug-in Certification Program:

Many companies are building and certifying their plug-in.  We have seen a surge in HTML 5 plugins being certified in 2017. Through VMware certification program, partners can ensure a better end user experience and have the trusted VMware brand behind their plug-in.  Look for new partner web client plug-in certifications in 2017!   Thanks to all of our partners for supporting the VMware vSphere web client plug-in certification and partner program.  

For more information, view the links below:

VMware’s Solution Exchange (VSX): https://solutionexchange.vmware.com/store/vsphere/web-client-plug-in

vCenter website for vSphere web client plug-ins: http://www.vmware.com/products/vcenter-server.html

Social Media Channels: vSphere YouTube Channel: VMwarevSphere and Twitter: @VMwarevSphere

vSphere Fling for developing plug-ins: https://labs.vmware.com/flings/vsphere-html5-web-client

VMware Clarity – Plug-in development tool:  http://clarity.design

The post Huawei Storage Next Generation Client Plug-in Solution appeared first on VMware vSphere Blog.

Source: VMware vSphere Blog

If IT Automation Is the Future, Open Source Is the Path

I’m lazy, and I write software. But you see, I actually view this as efficiency. Usually, this is not fancy, high-profile code. It is usually glue code—code intended to help me automate someone else’s code.

I’ve been writing code for the past two decades, give or take a few years. Throughout my career, I’ve been an operations guy and a software developer guy. I’ve worked a lot in embedded devices. Because of this, I find myself dabbling within the open source community. When you find a fix or need a fix, I’m of the mindset that others should not have to reinvent the wheel.

I was first exposed to the collaborative nature of open source software at college. Before sites like GitHub, working on and sharing code improvements was not as easy as it is now. In the late ‘90s, I was in college and discovered software for the first time. At that point, I did not even have my own computer! I came to appreciate what it means to take other people’s ideas and run with them and, on the flip side, contribute to them. That passion for a sharing economy turned into a defining part of my career. Since those early days, I never worked a job where I could not use open source software.

Progress Isn’t Made By Early Risers

Today, I work on consulting projects at VMware, where I focus on future-looking technologies. What is the cloud technology of the future? What do good cloud operators do? And how do we get there? On this quest, I leverage the paths others have paved, and contribute lines of code to open source projects wherever I can.

I write code to improve processes and make things more efficient. That way I have more time to develop the high-profile code that runs up the stack and really pays the bills. Also, I can spend more time reading gems from Robert Heinlein, like:

“Progress isn’t made by early risers. It’s made by lazy men trying to find easier ways to do something.”

An example of this automation/glue code is project Chaperone, a project started by my colleague, Tom Hite.

Project Chaperone

The last couple of years at VMware, I’ve contributed to an open source project called Chaperone, working with others to help automate the installation of VMware products. Rolling out a full software-defined data center (SDDC) is difficult. With Chaperone, we try to make parts of that process easier and repeatable. Internally, we use Chaperone in professional services to handle things like deployments of VMware Integrated OpenStack (VIO), VMware vRealize Automation (vRA), VMware vRealize Orchestrator (vRO) and VMware NSX in mixed brown/green field situations.

People should focus on more engaging details at the high level, and let tools do the “ho-hum” work. Using Chaperone, a person can deploy VMware tools faster and spend more time thinking about the things they want to do on top of that stack. For these humanitarian reasons, Chaperone has been open sourced.

Ansible Roles

Recently, we installed govc, Liota (Little IoT Agent) and vSphere Integrated Containers (each are also VMware open source projects). We captured that work as Ansible roles to be included in Chaperone. We released this code under the MIT license as open source software. We released these Ansible roles publicly, so that other people can deploy those same bits with less effort.

Here are those repos:

My team works with others to improve the process of deploying these bits and to help pave the road for future work automating new bits of code. Please join in with our work here at VMware Open Source. Learn from the code, submit patches or just use it to move from SDDC rollout drudgery to more rewarding tasks.

The ultimate goal? To be lazy about the dull stuff and write the code that really matters.

Because you liked this blog:

The post If IT Automation Is the Future, Open Source Is the Path appeared first on Open Source @VMware.

Source: Open Source @VMware