Virtualization Archives

VMworld 2014 Session Voting Open

May 6, 2014 by Bob Plankers

One of the most interesting things about VMworld is the public session voting, which is now open. Not many conferences allow attendees to have a say in what gets presented at the conference. If you’re planning to attend VMworld 2014 it’s probably a good idea to vote for sessions that interest you. I am involved in two session proposals: 2770 – The Art of Migrating to the vCenter Server Appliance As the vCenter Server Appliance gains maturity, capacity, and functionality it is becoming a serious choice for those running vSphere environments, reducing expense and administration time. This session will be based in first-hand migration experienced and cover what the vCSA is, common use cases and designs, and where the vCSA isn’t …

The Eternal Wait For Vendor Software Updates

April 16, 2014 by Bob Plankers

There’s been a fair amount of commentary & impatience from IT staff as we wait for vendors to patch their products for the OpenSSL Heartbleed vulnerability. Why don’t they hurry up? They’ve had 10 days now, what’s taking so long? How big of a deal is it to change a few libraries? Perhaps, to understand this, we need to consider how software development works. The Software Development Life Cycle To understand why vendors take a while to do their thing we need to understand how they work. In short, there are a few different phases they work through when designing a new system or responding to bug reports. Requirement Analysis is where someone figures out precisely what the customer wants …

Upgrading to VMware vCenter Server Appliance 5.5 from Windows vCenter 5.1

March 17, 2014 by Bob Plankers

My coworkers and I recently undertook the task of upgrading our vSphere 5.1 environment to version 5.5. While upgrades of these nature aren’t really newsworthy we did something of increasing interest in the VMware world: switched from the Windows-based vCenter Server on a physical host to the vCenter Server Appliance, or vCSA, which is a VM. This is the story of that process. If you aren’t familiar with the vCSA it is a vCenter implementation delivered as a SuSE-based appliance from VMware. It has been around for several major versions, but until vSphere 5.5 it didn’t have both feature parity with Windows and the ability to support very many hosts & VMs without connecting to an external database. Under vSphere …

What Clients Don't Know (and Why It's Your Fault)

March 12, 2014 by Bob Plankers

“Whether you work with outside clients or whether you’re part of an internal team your job is always, always going to include having to convince someone of something. Because your job isn’t just making things. Believe it or not, that’s the easy part. You’re going to spend 90% of your time convincing people that shit you thought up in the shower this morning is right. Your job is to figure out whether something should be made, how it’s made, and always, always, always work to convince someone that you’ve made the right choices.” That’s a quote from Mike Monteiro’s presentation at the Event Apart Austin 2013 conference, a presentation that seems suited to system administrators, IT consultants, and IT professionals …

Update to VMware vCenter Server Appliance & NTP Issues

February 13, 2014 by Bob Plankers

Earlier today I posted “VMware vCenter Server Appliance 5.5.0 Has An Insecure NTP Server.” One of the reasons I like VMware is that they’re responsive to customer issues. This situation is no different. I just spoke with a few guys involved in VMware security, and this is what I’ve learned. 1. There has been mitigation information available internally to VMware Support/GSS since shortly after the vulnerability was published. If you call VMware Support your best bet is to reference the CVE number, CVE-2013-5211. I have not called VMware Support to confirm this, or to verify that they’re able to properly resolve the issue if you don’t reference the CVE number. In the future I’ll make sure to reference the CVE number if …

VMware vCenter Server Appliance 5.5.0 Has An Insecure NTP Server

February 13, 2014 by Bob Plankers

Update: I have updated this article to reflect some new information provided by VMware. I have also published new notes and discussion as a separate blog post. On January 10, 2014 a vulnerability in ntpd, the Network Time Protocol daemon, was made public (US CERT VU#348126): UDP protocols such as NTP can be abused to amplify denial-of-service attack traffic. Servers running the network time protocol (NTP) based on implementations of ntpd prior to version 4.2.7p26 that use the default unrestricted query configuration are susceptible to a reflected denial-of-service (DRDoS) attack. Other proprietary NTP implementations may also be affected. I have encountered several vCenter Server Appliances, version 5.5.0 build 1476327 and older, that were exposed to the general Internet, and have …

The Lone Bookshelf: The Macintosh Way by Guy Kawasaki

February 11, 2014 by Bob Plankers

(This is the inaugural post of my Lone Bookshelf series. Find more posts using the “Books” category) Last summer my family moved to a different house. By itself, moving isn’t that big of a deal. Take everything out of the old house, put it on a truck, unload it into the new house. What is a big deal is sorting. At the old house all of our stuff had a place, carefully curated and filed and sorted and stored. At the new place our stuff had piles in the middle of rooms. Ugh. I have three large bookshelves from my college years that needed a new home in our new home. Bookshelves are a particularly pernicious piece of furniture. By themselves …

Better Linux Disk Caching & Performance with vm.dirty_ratio & vm.dirty_background_ratio

December 22, 2013 by Bob Plankers

This is post #16 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” In previous posts on vm.swappiness and using RAM disks we talked about how the memory on a Linux guest is used for the OS itself (the kernel, buffers, etc.), applications, and also for file cache. File caching is an important performance improvement, and read caching is a clear win in most cases, balanced against applications using the RAM directly. Write caching is trickier. The Linux kernel stages disk writes into cache, and over time asynchronously flushes them to disk. This has a nice effect of speeding disk I/O but it is risky. When data isn’t …

Account for the Bandwidth-Delay Product with Larger Network Buffers

December 19, 2013 by Bob Plankers

This is post #14 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” At times we can refer to certain network concepts with a “pipe” analogy, where bandwidth is the diameter of the pipe and latency is the length of the pipe. A garden hose has a certain limited amount of “bandwidth” because it has a small interior diameter, and has a lot of latency because it is so long. Water you put in one end of the hose takes a while to come out the other end. A house in the USA likely has a main sewer pipe with 4 inches of “bandwidth” so it can move more, …

Use a RAM Disk to Improve Disk Access Times

December 14, 2013 by Bob Plankers

This is post #15 in my December 2013 series about Linux Virtual Machine Performance Tuning. For more, please see the tag “Linux VM Performance Tuning.” One of the biggest things folks in IT worry about is data loss. We go to enormous lengths to protect our data, using backups, snapshots, remote replication, rsync, scp, temporary copies in our own home directories… you name it. The thing is, as we look at our systems we sometimes discover that our applications do a lot of writing of temporary files. These temporary files often don’t need any particular protection because they’re transient, yet we write them to our expensive, already overtaxed disk arrays, commit the writes over long distances to our DR sites, …

+ More Posts +