Goals for 2018

First of all, you may wonder why I’m setting my goals for 2018 in October. I get it, but now that the Jewish holiday season is over, include Rosh Hashanah (Jewish new year) it’s make sense to look at 2018 and set some goals. Also, attending VMworld Barcelona really made me thinking…

When I look back at 2017 it was a great year, my goals for 2017 was earning VCP7-CMA (Check!), be more involved in the VMware community (Check!) and become a vExpert (Check!), I also wanted to be more familiarize with Azure and maybe get a certificate but I didn’t had time (lame…). For me, Attending VMworld is one of the highlight of the year, meeting so many familiar faces and meet new friends is very energizing and I’m proud to be part of that great community around VMware.

But it also makes me think where I’m, how can I improve myself and what I want to do.

forks-rabbit-hole

Professional Goals –

  • More blogposts –There is so many good blogs out there that its hard do find something new to write about. I will try to expand my boundaries and blog about things that are less technical.
  • To be more involved in the VMware community – last year I started to be more involved as a reference customer, I received many calls and met with potential customers that had questions about vSAN, VDI and vRA. This year I plan to be more involved in the local VMUG community.
  • Certification – there is lots of talk if certification is needed or not, well for me certification is a way to learn new technology and validate my knowledge. I’m interesting in AWS associate, MCSE: Cloud Platform and Infrastructure or a VMware VCAP certificate. Need to choose one soon.
  • Read more – I’m reading “IT ARCHITECT SERIES: THE JOURNEY” and I’m loving it, it reminds me how much I like to read a real book. Next I have “IT ARCHITECT SERIES: Foundation in the Art of Infrastructure Design: A Practical Guide for IT Architects” and “VMware vSphere 6.5 Host Resources Deep Dive”.

Personal Goals –

  • Get fit! – Well this is self-explanatory. Losing some weight and get fit is a lifelong goal.
  • More quality time with my family.

Well that’s it, I will write a follow-up and update on my progress.

Shana Tova!!! (“Happy New Year” in Hebrew)

VMware vRealize Suite Lifecycle Manager (vRSLCM)

VMware vRealize Suite Lifecycle Manager (vRSLCM) is the latest addition to the vRealize Suite and is now part of vCloud/vRealize Suite 2017.

overview1

vRealize Suite is a collection of products that cater different needs from Self-Service (vRealize Automation), orchestration and automation (vRealize Orchestrator) to operation and analytics (vRealize Operations and vRealize Log Insight). All of these products are tightly integrated and delivers a comprehensive cloud management platform.

This extensive compatibility’s come at a cost, deploying and operating a vRealize Suite environment is time consuming and error prone due to the large number of servers and manual configuration needed.

In the last few versions there was a huge improvement, but in my opinion – vRSLCM is the solution for all of this problem (VMware Gods and Product Managers – please don’t prove me wrong).

For more information please read the official VMware Blog post –

vRealize Suite Lifecycle Manager – Simplified Management for Your vRealize Investment.

Additional Links –

I’m very excited to test vRSLCM in my lab and hopefully will blog about the product soon. Stay tuned!

vExpert 2017 Second Half Award Announcement

VMW-LOGO-vEXPERT-2017-k

This Wednesday VMware announced the result for the vExpert 2017 second half award program with new vExperts.

I’m humbled and honored to be recognize as a vExpert for the first time.

I wish to thank Ariel Sanchez for mentoring me on the vExpert program and to Corey Romero and the rest of the VMware Social Media & Community Team for all the effort you put into the vExpert program to make it the success it is.

vExpert 2017 Second Half Announcement

My vExpert Directory

 

Objective 2.2: Create and Manage Directories

This is part of my VCP7-CMA study guide – Objective 2.2: Create and Manage Directories.

Official Blueprint-


Knowledge

  • Create and manage LDAP directory for Active Directory in vRealize Automation
  • Create and manage Windows Integrated Authentication Directory in vRealize Automation
  • Determine and configure appropriate user and directory binding details
  • Evaluate directory synchronization health and troubleshoot issues

Tools


In vRealize 7.x VMware replaced the underlying identity management system from vCenter SSO to VMware Identity Manager (vIDM), vIDM is integrated to the vRA 7.x appliance and is easy to scale with the addition of another vRA appliance.

Continue reading

Objective 2.4: Manage User and Group Role Assignments

This is part of VCP7-CMA study guide – Objective 2.4: Manage User and Group Role Assignments.

Official Blueprint-


Knowledge

  • Explain the roles available to vRealize Automation and vRealize Business
  • Assign roles to individual users for a given design
  • Assign roles to directory groups for a given design
  • Create vRealize Automation custom groups and assign roles

Tools


Explain the roles available to vRealize Automation and vRealize Business

Assign roles to individual users for a given design

See “Assign roles to directory groups for a given design”.

Assign roles to directory groups for a given design

Prerequisites

Log in to the vRealize Automation console as a tenant administrator.

Procedure

  1. Select Administration > Users & Groups > Directory Users & Groups.
  2. Enter a user or group name in the Search box and press Enter.Do not use an at sign (@), backslash (\), or slash (/) in a name. You can optimize your search by typing the entire user or group name in the form user@domain.
  3. Click the name of the user or group to which you want to assign roles.
    vra-roles1
  4. Select one or more roles from the Add Roles to this User (or Group, the process is the same) list.The Authorities Granted by Selected Roles list indicates the specific authorities you are granting.
    vra-roles2
  5. (Optional) Click Next to view more information about the user or group.
  6. Click Update Finish.

Users who are currently logged in to the vRealize Automation console must log out and log back in to the vRealize Automation console before they can navigate to the pages to which they have been granted access.

 Source – Assign Roles to Directory Users or Groups

Create vRealize Automation custom groups and assign roles

Tenant administrators can create custom groups by combining other custom groups, identity store groups, and individual identity store users.
You can assign roles to your custom group, but it is not necessary in all cases. For example, you can create a custom group called Machine Specification Approvers, to use for all machine pre-approvals. You can also create custom groups to map to your business groups so that you can manage all groups in one place. In those cases, you do not need to assign roles.

Prerequisites

Log in to the vRealize Automation console as a tenant administrator.

Procedure

  1. Select Administration > Users & Groups > Custom Groups.
  2. Click the Add icon (green-plus).
    vra-roles3
  3. Enter a group name in the New Group Name text box.
    Custom group names cannot contain the combination of a semicolon (;) followed by an equal sign (=).
  4. (Optional) Enter a description in the New Group Description text box.
  5. Select one or more roles from the Add Roles to this Group list.
    The Authorities Granted by Selected Roles list indicates the specific authorities you are granting.
    vra-roles4
  6. Click Next.
  7. Add users and groups to create your custom group.
    vra-roles5

    1. Enter a user or group name in the Search box and press Enter.
      Do not use an at sign (@), backslash (\), or slash (/) in a name. You can optimize your search by typing the entire user or group name in the form user@domain.
    2. Select the user or group to add to your custom group.
  8. Click Add Finish.

Users who are currently logged in to the vRealize Automation console must log out and log back in to the vRealize Automation console before they can navigate to the pages to which they have been granted access.

 Source – Create a Custom Group

Quick note -Intel-v4 and HPE server’s compatibility

hewlett_packard_enterprise

Quick note about Intel-v4 and HPE server’s compatibility with ESXi –

I was surprised when I looked at the VMware HCL (VMware Compatibility Guide) for HPE servers with v4 processor, the version of ESXi 6 U1 was missing…

vmware-hcl

I contact HPE support and they told me that it is not supported, HPE skipped this version (6 U1) to version 6 U2.

This is also documented in the HPE SupportMatrix – look at the footprint notes –

  • 10Includes support for the Intel® Xeon® E5-2600-v4 Series (6.0 U2)
  • 15Includes support for the Intel® Xeon® processor E7-8800/4800 v4 (6.0 U2)
  • 16Includes support for the Intel® Xeon® processor E5-4600 v4 (6.0 U2)

 

Lesson learned – always check compatibility before the purchase, assume nothing.

My VMware VCP7-CMA Beta Exam Experience

vcp7-cma

Today I took the VCP7-CMA beta exam and I wanted to quickly share my experience with you. Obviously this tips are more general and will be relevant to the GA exam and probably to any certification exam (for my knowledge the beta ends this week).

About the beta exam – it’s tough! The exam consists of 175 (!) single and multiple choice questions covering all topics of the product (vRA 7). The time allowed is 210 minutes and for non-native English speakers countries there is an extra 30 minutes, so 240 minutes (4 hours) for 175 questions.

Let me say it straight – I don’t think I pass (there is no immediate results at beta exams). As a customer I tend to foucus on my company needs and use cases and not necessary using and gaining experience with other features of the product which is quite expected but not good enough for certification exams.

I had a feeling that I wasn’t ready for the exam but decided to try anyway, I figured it is a good experience and that I could learn what are my weak areas so I can improve for next time (and it was cheap… the exam cost 50$).

As expected, I was quite overwhelmed by the deep technical level some of the questions was, I knew that I have more to cover on XaaS, Roles, Reservations and Approval policies but I didn’t know how much…

I’m not telling you to learn this Objectives! I’m trying to emphasize that you need to map your weak areas, what is not on your day-to-day tasks? what you have never done? try to strengthen your knowledge and gain some experience on that areas.

From my weak objective list, you can see that in my environment I don’t use Approvals Policies (YET!) and that we are just starting to use XaaS. I didn’t know reservation as I expected – there is much more insight there then I know… Roles is a huge topic; I will try to write a post about roles soon.

Good luck!

Objective 2.1: Create and Manage Tenants

This is part of VCP7-CMA study guide – Objective 2.1: Create and Manage Tenants.

Official Blueprint-


Knowledge

  • Create a new tenant for a given design
  • Create, add, and manage local users
  • Configure administrative access and describe privilege level differences between roles
  • Determine the unique URL used to access the tenant

Tools


Create a new tenant for a given design

  1. Go to the  vRealize Automation console – https://vra-host/vcac
  2. Log in as a System Administrator (usually administrator@vsphere.local)
  3. Select Administrator  -> Tenatsimage001
  4. Click green-plus New.
  5. Fill this form –
    Name – Name for the new Tenant.
    URL name – this will be use to direct users directly to this tenant.
    For example, enter thesysadminlogs to create the URL https://vra-host.fqdn/vcac/org/thesysadminlogs.If you have a large environment with different tenant it will be very handy to use the Description and Contact email fields.

    image002

  6. Click Submit and Next (Please note – selecting Submit and Next will create the tenant and proceed to the Local Users tab)

Create, add, and manage local users

  1. There is 2 ways to get here –
    1. Part of the New Tenant wizard
    2. Edit Tenant from Administrator  -> Tenats and select Local Users.
  2. Click green-plus New.image003
  3. Enter First name, Last name, Email, User name and Password.
    image004
  4. Click OK and then Next.

Configure administrative access and describe privilege level differences between roles

  1. There is 2 ways to get here –
    1. Part of the New Tenant wizard
    2. Edit Tenant from Administrator  -> Tenats and select Administrators.
  2. There is 2 options – (The description is from the Foundations and Concepts document)
    1. Tenant administrators – Typically a line-of-business administrator, business manager, or IT administrator who is responsible for a tenant. Tenant administrators configure vRealize Automation for the needs of their organizations.
      They are responsible for user and group management, tenant branding and notifications, and business policies such as approvals and entitlements. They also track resource usage by all users within the tenant and initiate reclamation requests for virtual machines.
    2. IaaS administrators – IaaS administrators manage cloud, virtual, networking, and storage infrastructure at the system level, creating and managing endpoints and credentials, and monitoring IaaS logs. IaaS administrators organize infrastructure into tenant-level fabric groups, appointing the fabric administrators who are responsible for allocating resources within each tenant through reservations and reservation, storage, and networking policies.
  3. Enter the name of a user or group is the search field under the privilege you selected and press Enter or the search icon.

    image005

  4. Click Add.

Objective 3.2: Install an Enterprise Deployment

This is part of my VCP7-CMA study guide – Objective 3.2: Install an Enterprise Deployment.

Official Blueprint-


Knowledge

  • Identify IaaS enterprise deployment prerequisites
  • Validate environment readiness for given design based on install type and size
  • Confirm DNS configuration for servers and load balancers based on deployment type and size
  • Deploy and configure vRealize Automation Appliance OVF
  • Install using the installation wizard
    • Determine and select appropriate deployment based on size
    • Determine and select the appropriate servers for component installation
    • Prepare the environment for installation based on deployment size
    • Install IaaS Web components and model manager data
    • Install IaaS manager server and DEM Orchestrator components
    • Install DEM Workers
    • Install Management Agents
  • Implement and manage CA signed certificates

Tools


I would recommend to go thru the simple installation at least once and read the official documentation in addition to this blog posts.

Eric Shanks (The IT Hollow) – vRealize Automation 7 – Enterprise Install

Michael Rudloff (Open902.com) – vRealize Automation 7 – Enterprise Install

Objective 3.3: Install and Configure vRealize Business Standard for use with vRealize Automation

This is part of my VCP7-CMA study guide – Objective 3.3: Install and Configure vRealize Business Standard for use with vRealize Automation.

Official Blueprint-


Knowledge

  • Create and configure a vRealize Business tenant
  • Create a user based on defined credentials for vRealize Business in vRealize Automation
  • Select the credentials for the vRealize Business user
  • Configure vRealize Business to connect to vRealize Automation

Tools


Install vRealize Business Standard

  1. Deploy the OVF template and follow the wizard –2
  2. Customize Template –
    Currency – You cannot change the currency configuration after deploying!
    Enable Server –  Select the Enable Server option if this is going to be the vRealize Business for Cloud server, If you are deploying only a data collector for remote access then deselect this option.
    Networking – Make sure you expand the Networking Properties at the bottom of the page and configure the IP ,default gateway, netmask and DNS.8
  3. Go grab a cup of coffee and wait for the deployment to complete.

Configure vRealize Business Standard

  1. Log-in to the vRB console – https://vrb-fqdn-or-ip:5480
  2. Before registering with vRA we need to configure NTP.
    Navigate to Administrator > Time Settings.
  3. Configure the “Time Sync. Mode” to “Use Time Server” and write down the IP or DNS of your NTP server.1-NTP.JPG
  4. Now let’s register the vRealize Business with the vRealize Automation,
    go to vRealize Automation Tab,
    Hostname – IP or hostname of the vRealize Automation Appliance.
    SSO Default Tenant – this will be your default tenant name, usually – vsphere.local.
    SSO Admin User – only the user name of the administrator…
    SSO Admin Password – well… the admin user password.
    Accept “vRealize Automation” certificate – Yes please. if this is the first time you register this with vRA – you need this.2-vra-register
  5. After you click “Register” it will take a few moments – Make sure you see this green text – “Registered with vRealize Automation” and the SSO Status – “Connected to vRealize Automation”.3-vRA registered.JPG
  6. Next we need to configure vRealize Automation to use vRealize Business for Cloud and assign permissions.
  7. Log in to the vRealize Automation – https://vRA_hostname/vcac/org/tenant
  8. Go to Administration tab > Users & Groups and select Custom Groups.
  9. Select the user or group you want to add the vRB role
  10. From the “Add Roles to this Group” – select the required privileges.4-vRA-roles.JPGSome clarification from the official documentation (page 23 ) –

    • If the user has to perform all administration tasks such as managing connections, managing public cloud account, updating reference database, assign the Business Management Administrator role to a user who has the Tenant Administration role.
    • If the user has to view and update the cost information only, assign Business Management Administrator role.
    • If the user has to view the details but not update the information, assign Business Management Read only role.
    • If the user has to view the assigned tenant details, but not perform other administration, assign the Business Management Controller role.
  11. Click Update and Refresh the browser (log-out and log-in will do magic sometime…).
  12. The Business Managment tab is available in the vRA UI.5-vra-newtab
  13. Click the Business Managment tab and enter your license key.6-vrb-serial

Next will be to add the vCenter server to vRB, I think its out of the scope of the exam but here it is –

  1. Configure the vCenter in vRB.
    Go to Administration > Business Managment.8-vra
  2. Extend the vCenter Server and click the + sign
    Here you will add your “Resource” vCenter – where you are provision VMs from vRA.9
  3. When prompt – Select to Install the certificate.10.JPG
  4. Go back to Business Managment tab and click on the “Status” sign. Click “Update Now” under the vCenter data collection and wait for the data collection to run successfully.11.JPG
  5. Back to the Business Managment tab and you should see some data.12.JPG