How simple Terraform plans make hybrid and multi-cloud a reality: an introduction

Most non-IT people will have heard about the word Terraform, will automatically think of this, changing dead planets into Earth like paradises.

Terraforming Mars will be an escapade in automation, just like terraforming your AWS environment.

But for those of us that work in Infrastructure and Cloud; Terraform is a language definition that allows the deployment of infrastructure as code. There is a loose analogy there, with Terraform you are building your environment exactly as you wish with a pre-configured script to create a predefined end point, just like the science fiction future environment building a new earth from barren rock.

Anybody who has utilized AWS will be aware of Terraform. It was written by Hashicorp and it is one of the primary methods used to automatically build AWS environments in this bold and new DevOps world.

What not a lot of people aware of is that Hashicorp’s Terraform can be utilized to build any infrastructure; all it requires is a provider. Currently Terraform is available for integration into all the major public cloud providers (AWS, Azure, GCP, Oracle Cloud and Alibaba Cloud). It is also available for on-prem environments with VMware and Microsoft Hyper-V.

—– Read More —-

Advertisements

DevOps – The Infrastructure Revolution

Remove term: DepOps DepOpsRemove term: HashiCorp HashiCorpRemove term: Puppet Puppet

According to the good and the great, DevOps is the new reality for Operations. I mean everything is now virtual or encapsulated in light-weight containers. It is all about the App! In this article it is intended to have a brief look in to the rise of the movement that is now called DevOps, investigate where it came from, and where it is now and more importantly is it suitable for the future.

The DevOps Revolution

Big Dev, Little Ops

Today our view of DevOps is big DEV and little OPS, or to be more precise, people who have more a history of development than day to day operations, the focus is more on using code to deploy infrastructure, than using code to make day one and day two operations simpler. Focus has moved rapidly from making system administration simpler through orchestration and automation to the point where the concept of a virtual machine, container or application have been distilled down to several lines of code. Great examples of tools to help us do that are Terraform, PowerShell, Perl, Ansible, Chef and Puppet.

———–Read More———–

Previously published on Amazic World.

Are Containers a first class citizen in the enterprise?

VMware have recently finished their annual VMworld conference. One of their major announcements was that of Project Pacific. This is VMware’s biggest vSphere announcement since the the introduction of their ESXi product back in 2007.

What are containers to Project Pacific?

Project Pacific is effectively a complete rewrite of vSphere to become a Kubernetes deployment engine. What this effectively means is that VMware have made Containers first-class citizens on their platform. Yes it is true that VMware has supported containers in the past, firstly with VMware VIC (Virtual Integrated Containers) then later with VMware PKS (Pivotal Container Service), but these have been very much add-ons to their core product, and seen as an adjunct to Virtual Machines rather than as a fully paid up member of the enterprise club.

Project Pacific
,  VMware move to be an Application platform (copyright VMware)

VMware have struggled with Containers, chiefly because at their enterprise tipping point they were seen as the more valid answer to the then current issues that enterprises needed solving over fledgling container technology from Unix Vendors like Sun MicroSystems (bought by Oracle) with their Solaris Zones product.

————-Read More —————-

VM extremely slow after upgrade to macOS 10.14.6

Currently there is this mega thread VM became extremely slow after upgraded to macOS 10.14.6

2019/08/26: Apple just released a fix for this problem, see also https://www.macrumors.com/2019/08/26/apple-tvos-watchos-macos-software-updates/ So far the reports in the mega thread are positive. “It’s solved on Apple 10.4.6 supplemental update build 18G85.”

2019/08/09: VMware has pushed out an update that mitigates the issue when your VM is encrypted. More details by VMware employee ksc (at the bottom). Note that this does not yet fix all issues!

2019/08/02: There’s an update from VMware .. see at the end of the post.

The latest update from apple for macOS 10.14 (and macOS 10.15) changed something in such a way that Virtual Machines running under VMware Fusion 11 now suffer serious performance problems. So much so that using those VMs becomes very hard to impossible.

Continue reading “VM extremely slow after upgrade to macOS 10.14.6”

create a macOS Catalina VM with VMware Fusion

Update: This is no longer an issue with Fusion 11.5

Here’s a quick note on how-to setup a macOS catalina VM on VMware Fusion 11. Credit for figuring out how-to do this goes to vmtn users Bogdam and intel008 as they are the ones who posted the resolution in the following thread at VMTN: macOS Catalina VMs do not run in VMware Fusion 11.1.0

This thread describes the problems you bump into if you try to upgrade a macOS Mojave VM to the new beta macOS Catalina. Basically if you run the upgrade then your VM will hang on reboot. If you then try to reboot it in verbose mode, so that you can see what happens, you’ll get the following screen.

macOS Catalina boot error

Yikes, that’s no good!

Continue reading “create a macOS Catalina VM with VMware Fusion”

Well it is time to buckle down and finally attempt VCDX

Time to place a line in the side, no more prevaricating – time to attempt the VCDX

I am putting this out there as a poke and a prod for me to get my self in gear and finally attempt the VCDX-DCV. I am not going to kill myself on this as I have a life and work commitments, but realistically I will attempt to submit for the December 2019 defence dates. so submission in September.

So 5 months to sit both VCAPs exams and write my submission.

You may think that I am myself under significant pressure and I am, but I have prevaricated enough over the years.

This is my line in the Sand.

The Cloud Act and What it means for you, or more importantly, me!

The CLOUD Act, or to give it full nomenclature, the Clarifying Lawful Overseas Use of Data Act, has been passed into law by POTUS 45. This little act has been touted as an update to the ECPA, or Electronic Communications Privacy Act, and ostensibly, this is the case. What is worrying, though, is the way that it has been signed into law as a part of the Omnibus Spending Bill, without the oversight that a base privacy law should have been given. It feels like it has been smuggled through.

The Cloud Act: it’s MAD (Mutually Assured Data Access)
THE CLOUD ACT: IT’S MAD (MUTUAL ASSURED DATA ACCESS)

This is an act that has been praised by technology companies. The below is an outtake from a joint letter from Apple, Google, Facebook, Microsoft, and Oath (the new name for Yahoo).

The new Clarifying Lawful Overseas Use of Data (CLOUD) Act reflects a growing consensus in favor of protecting Internet users around the world and provides a logical solution for governing cross-border access to data. Introduction of this bipartisan legislation is an important step toward enhancing and protecting individual privacy rights, reducing international conflicts of law and keeping us all safer.

And vilified by privacy and civil rights organizations. This is an outtake of what the ACLU thinks of the law.

The CLOUD Act represents a major change in the law — and a major threat to our freedoms. Congress should not try to sneak it by the American people by hiding it inside of a giant spending bill. There has not been even one minute devoted to considering amendments to this proposal. Congress should robustly debate this bill and take steps to fix its many flaws, instead of trying to pull a fast one on the American people.

The Electronic Frontier Foundation also had a list of objections:

  • Includes a weak standard for review that does not rise to the protections of the warrant requirement under the 4th Amendment.
  • Fails to require foreign law enforcement to seek individualized and prior judicial review.
  • Grants real-time access and interception to foreign law enforcement without requiring the heightened warrant standards that U.S. police have to adhere to under the Wiretap Act.
  • Fails to place adequate limits on the category and severity of crimes for this type of agreement.
  • Fails to require notice on any level – to the person targeted, to the country where the person resides, and to the country where the data is stored. (Under a separate provision regarding U.S. law enforcement extraterritorial orders, the bill allows companies to give notice to the foreign countries where data is stored, but there is no parallel provision for company-to-country notice when foreign police seek data stored in the United States.)
  • The CLOUD Act also creates an unfair two-tier system. Foreign nations operating under executive agreements are subject to minimization and sharing rules when handling data belonging to U.S. citizens, lawful permanent residents, and corporations. But these privacy rules do not extend to someone born in another country and living in the United States on a temporary visa or without documentation.

It seems that there are two sides to this story, and they are diametrically opposed. Why would the technology companies be on one side of the fence, and the civil rights organisations on the other? Especially considering Google’s mantra of “Do no Evil.” The wordings of legal documents often cause this type of result. Their intention is to be clear and leave little to no wriggle room for interpretation, but as you can see, the act has been read completely differently.

This post was previously published on http://www.tvpstrategy.com

—– Read More —–

Is Traditional IaaS Cloud a Dead Man Walking

Traditional IaaS cloud—whether AWS’s EC2, Azure’s offering, or even a private IaaS cloud running vCloud Director, vRA, or OpenStack, to name a few—is in trouble. Now, that sounds like quite a contentious statement to make, but I feel the writing is on the wall. “What?” you may ask. “How can you say that? There are many companies that have not even started their cloud journey, and surely IaaS is the first baby step in their travails.” Well, the answer to this is “yes and no.”

Early movers headed out on their journey unprepared, bright-eyed and bushy tailed, walking into their cloud migrations thinking only of up-front cost savings and believing the patter of the snake-oil salesmen. What is worrying is that, according to an IDG and Datalink survey in 2016, up to 40% of those early adopters have had buyer’s remorse and returned to their cozy data centers or colo sites. Why? Traditional IaaS is expensive. Moving to an infrastructure only–based cloud is very expensive, and companies are used to being always on. They are comfortable with instant access to their data from anyplace, at any time, from effectively anywhere. You really can not move to a subscription-based cost model on that basis.

Previously Published on TVP Strategy (The Virtualization Practice)

 

—– Read More —–

PERTH IS LOVELY TO VISIT, BUT IT’S NOT CLOUDY: SD-WAN TO THE RESCU

On February 19, my colleague Edward Haletky wrote a piece on scale. In it, he highlights that scale is not just about 20,000 desktops and 3,000 virtual hosts. Rather, there are many other metrics that could and should be considered with regard to scale.

I am currently living in Perth in Western Australia. Perth holds a rather dubious record in that is it is the most remote capital city in the world. “Wait, Canberra is the capital of Australia,” you might say, and you would be correct. However, Australia operates in a federal manner and is made up of states and territories, and Perth is the capital of Western Australia. Why am I saying all this? One word, really: cloud. Living in Perth, our nearest AWSAzure, and GCP zones are in Sydney, 3,300 kilometers (2,000 miles) away on the east coast. Oracle Cloud? Again, Sydney. OVH? Yes, Sydney. Softlayer? Wait, it has a zone in Melbourne, but that is still 2,700 kilometers (1,700 miles) from Perth. As you can see, we are quite isolated. Physics rather than doctrine limits Perth’s access to public cloud.

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

PURE STORAGE DOUBLES DOWN ON VVOLS AND A FEW OTHER THINGS

For a long time, VVols have appeared to be a solution looking for a problem. For the uninitiated, we will first give a brief outline of what VVols are and identify the problem that they purport to solve. On the face of it, it is nothing more than the ability to do one VM to one datastore. However, it is much more than that. VVols are the logical extension of this paradigm in a modern environment. VVols allow for policy-based metrics to be applied to individual virtual machines rather than at a datastore level. Why could this not be done with traditional datastores? Quite simply, the ESXi is limited to 256 LUNs per host. Now, this might sound like a lot, but consider that this would limit you to 256 guests per cluster if you wished to utilize vMotion or Storage vMotion. Not exactly optimal.

Previously Published on TVP STrategy (The Virtualization Practice)

—– Read More —–