VMware Cloud on AWS

NSX-T Opaque Networks now supported with Cross vCenter Workload Migration Fling

04/15/2019 by William Lam Leave a Comment

The Cross vCenter Workload Migration Fling continues to be an extremely powerful tool for our customers and I just love hearing successful customer stories like the one recently shared by Jason on how the tool allowed him to easily migrate over 600 Virtual Machines and with more to come!

Moved 600 and looking at another thousand. Some monster VMs... our test environment moved as easy as vmotion.

— Jason 🛠 (@JasonThoms) April 9, 2019

One capability that customers have been asking for is the ability to migrate to and from an NSX-T Opaque Network type, which the current Fling does not support. This has become more and more important as the default NSX stack for VMware Cloud on AWS (VMC) is now NSX-T by default, rather than NSX-V. We are also seeing requests from on-premises customers who have deployed NSX-T for their next generation infrastructure and needing the ability to easily migrate workloads between their old infrastructure that maybe running VSS/VDS or NSX-V backed networks.

With the help from two new colleagues, Vikas Shitole and Rajmani Patel, we are excited to announce the release Cross vCenter Workload Migration v2.6 which now adds support for NSX-T Opaque Networks!

Integrating Github Actions with vSphere and VMware Cloud on AWS

04/01/2019 by William Lam Leave a Comment

I have always been a fan of event-driven automation, the idea where you can automatically trigger a workflow or an operation based on a specific event. In the consumer world, the most popular example is the If This, Then That (IFTTT) service, which I use on a regular basis to automate the sharing of new articles from virtuallyGhetto to different Social Media channels.

For the Enterprise, this is also not a new idea and many folks including myself have been doing this for years in vSphere using vCenter Server Alarms. In fact, one example I still reference on a regular basis is from 2012 where you automatically apply a set of vSphere Security Hardening configurations to a Virtual Machine when a new VM Create Event is published by vCenter.

There are countless more examples of this concept beyond VMware but the general idea is to be able to subscribe to specific events and then automatically do something when a given event occurs. When Github Actions (Beta) was announced last year, I was really interested as I think this could open the door for a ton of interesting possibilities, especially from a VMware perspective around Continuous Integration/Development (CI/CD). I quickly registered for the Beta but did not get access until the start of this year. If you want to know what Github Actions can do, check out some of these demos that have been built by various folks from the community. The really exciting thing about Github Actions is that you can literally execute any workflow as long as you can containerized your business logic within a Docker Container. This means, you can use any language or tool that you are familiar with and make this work with Github Actions, pretty powerful stuff!

It was only recently while working on a personal project, which I hope will make its way to VMworld, that I finally got a chance to dig into Github Actions. I noticed in many of the online Github Action examples, that it included ways to deploy applications and containers to a Public Cloud but there was nothing that I found related to VMware. I figured, this would be a good learning opopournity for myself and I could even learn how to build my own Actions which can be useful for others to use or extend further.

ESXTOP and VMware Cloud on AWS

03/26/2019 by William Lam 6 Comments

ESXTOP is one of the most versatile and popular tool in the VI Administrators tool belt when it comes to real time performance analysis and data collection in a vSphere environment. In fact, ESXTOP also came up in the most recent episode of the VirtuallySpeaking Podcast covering the Top 10 Tools for VI Administrators, which Duncan Epping and I had the pleasure to be part of.

To use ESXTOP, you are required to SSH to an ESXi host as it is only available in the ESXi Shell. Traditionally, this has not been a huge issue for on-premises environment, especially as you can enable access when you needed to run ESXTOP. However, when operating on VMware Cloud on AWS (VMC), customers no longer have to worry about managing the underlying infrastructure and can now focus on being a consumer of the VMware SDDC. One side affect of this operational change is that customers do not have direct access to ESXi and would not be able to use ESXTOP.

vSphere Tag Attach/Detach events now in VMware Cloud on AWS

03/05/2019 by William Lam 2 Comments

The underlying products (vSphere, vSAN & NSX) that run within VMware Cloud on AWS (VMC) are constantly being improved with new capabilities and enhancements. As a service, VMC is updated more frequently than a traditional on-premise environment and one huge benefit for our customers is that they get to access all the latest and greatest features of the platform!

Yesterday, I came to learn about some improvements that we had made to our vSphere Tagging infrastructure to start publishing vCenter Server Events for when a vSphere Tag is attached or detached from an inventory object such as a Virtual Machine. This has been a frequently requested feature by our customers, especially for auditing purposes and this also enables the ability to perform additional actions through the use of a vCenter Alarm.

In the vSphere UI for a VMC vCenter Server, you can now see these new tagging events by selecting the vCenter Server inventory object and then go to Monitor->Events and filter by "attached tag" or "detached tag".

Automating complete HCX deployment and configuration to first cloud migration using PowerCLI

03/04/2019 by William Lam Leave a Comment

PowerCLI 11.2.0, was just released last week and for a "dot" release, it includes a number of new capabilities and enhancements. One of the most exciting features for me personally was the introduction of the VMware Hybrid Cloud Extension (HCX) PowerCLI module which I also had the pleasure of working on and providing early feedback to the HCX Engineering team. The new HCX module enables customers to use PowerCLI to now easily automate the HCX Fleet deployment (Interconnect, WAN Optimization and Network Extension) as well as perform bulk live migrations of workloads between two HCX-enabled environments, with on-premises vSphere to VMware Cloud on AWS (VMC) being the most popular.

I have written a number articles on HCX Automation using both the HCX REST API and PowerCLI and with this latest PowerCLI module, I realized that we now have complete end-to-end automation with PowerCLI from the HCX OVA deployment to initial configuration and fleet deployment to your very first HCX vMotion! This is quite exciting as I know a number of folks have been asking about automating the fleet deployment, especially for enabling quick proof of concepts and quickly showing the value of HCX to our customers for moving large amount of workloads without any downtime.

Below, you will find a breakdown of the HCX setup which I have split into three sections, each section includes the respective PowerCLI sample code that can easily be adapted to your own environment. I look forward to seeing what customers do with the new HCX PowerCLI module and if you have any feedback, be sure to leave a comment or better yet, file a feature enhancement using the PowerCLI Feature Request Tool.

Which NSX-T Policy APIs are used in the NSX-T UI in VMC?

02/20/2019 by William Lam Leave a Comment

As the adoption of VMware Cloud on AWS (VMC) continues to accelerate, one of the very first UI interface that customers must interact with is the NSX-T UI, for enabling basic connectivity. By default the Edge Gateway has a Deny All Firewall Rule, so you will need to come to this screen to setup connectivity from your on-premises environment including a Direct Connect (DX) or Route/Policy-Based VPN. For some customers who have familiarize themselves with the NSX-T UI and its capabilities, usually the next order of business is how do I go about automating these various aspects from Day 0 setup all the way to Day N where I am migrating in or creating additional workloads.

A very common set of questions that I have been getting lately is which API do I need to look at to do X in the NSX-T UI in VMC?

Having spent some time with the NSX-T Policy API, I figure it would be useful to share the categories of NSX-T Policy API that maps back to what you see in the NSX-T UI in VMC. The list below is not exhaustive, but should it should point you in the right direction when needing to automate a particular operation.