Tuesday, September 4, 2018

VMware New Updated Certifications Release

There is three certifications release before VMworld 2018 announced here. Namely VCAP-DCV 2018 Deploy, VCAP-CMA Deploy 2018 and VCP7-DTM 2018.

Here is something new is the naming convention. The certification is no longer tied to the version of the product. Though this is also mentioned in the article as well as in the certification page.

This is a long awaiting certification since vSphere 6.5 was released more than a year ago and the Design exam was available since last year and Deploy was not till now. This applies the same for Cloud Automation exam too.

For VCP-DTM, this is more of an update to match Horizon 7.5.

I do welcome the naming convention as it also allows testers to know when they last took their exam especially VCP is valid for two years.

As mentioned in my last blog on VCAP6.5-DCV Design, the difference between VCP and VCAP testing of capabilities is different. The way Design and Deploy testing criteria is also different for the different audience between an architect and a administrator per-se.

As I am fortunate to be involved in the contribution for both VCAP6.5 in Design and Deploy exam, it really took lots of time and debate between all the SMEs to have the exam created. It is a great opportunity to met up many expertise in the field around.

If you have taken of the exam, do provide some feedback good or bad so VMware Certification team can take that into future development.

Tuesday, August 28, 2018

VMware vForum 2018 Singapore: vWarrior Championship!

The yearly VMware vForum 2018 Singapore is announced to be on 4th Oct and can be registered here just as when VMworld 2018 is running. You will be expecting some content from VMworld for sure.

What's New?
One new program that is coming out from vForum this year in Singapore, will be vWarrior Championship. This is going to be one of it's kind.

This is going to be a Hands-on Lab competition and teams will be competing in completing tasks in the correct manner. Of course, there will an introduction session beforehand for those who ain't familiar. We don't expect everyone to know everything that is for sure to be fair.

Here are the details:

Grand Prize: Go Pro Hero 6 Black per member
Runner Up Prize: Amazon Echo Dot 2nd Gen per member

Short description: Showcase your technical capabilities in our Hands-on Lab environment across the VMware portfolio of solutions in Software-Defined Data Center (SDDC) and End-User Computing (EUC). 

Compete through a group stage and knockout rounds to be crowned the grand prize winner!

  • Each round will cover a different solution
  • Form a team of 1 – 3 members and register via this link
  • Briefing and training will be held on 13th and 20th September, each session covers a different set of solutions related to the competition < Recommended to attend
  • Registration ends 3rd September

What are you waiting for?
What are you waiting for? Quickly sign up. Did I mention, each participant will be given away a vWarrior Varsity Jacket?

Tuesday, August 14, 2018

Validated and Compliance Versus Certified and Approved

As a technical professional, it is always very ignoring to see honesty been bridge using marketing words. How many times have you seen creative words been used to justify for something which is not true? Or when they claim they are and they are not?

That comes to the topic in my subject. Have you come across products stating that they are validated and compliance instead of Certified and Approved? And you have to explain the meaning behind this.

There is a lot of confusion created due to the use of words and to clarify this, we will use an example with sources you can testify what is really Certified and Approved instead of following Validated guidelines or Compliance to follow certain requirements.

Let's use VMware products as a discussion. You can find out that VMware vSphere, NSX and vSAN is an Approved DISA STIG solution. If you head over to STIG Viewer, you can see the guidelines given to all the approved solution. You find VMware vCenter, NSX, and ESXi as an approved list. VMware vSAN is part of VMware ESXi, in such, it is also updated and stated in the STIG which you can read more from the public post which links to the STIG guideline.

To be part of a solution used in DoD, it has to have DISA STIG approval. However by just following a guideline from DISA STIG only get a solution compliance and not approved. An approved solution needs to be done only by the governance body.

So Compliance is NOT equal to Approved.

Do not get this confused. Anyone can be in compliance by following a guideline but it does not equal to be approved.

Next, let's talk about Compliance. Let's take FIPS140-2 which is govern by NIST. To know if a solution vendor is certified by NIST for FIPS on their Crypto Module, you can head over to here and search the vendor is listed. When a solution or product claims it is compliance/validated on FIPS, this does not equate to be certified as many thought. The word "Validated" is been misused many a time. To find out the truth, use the search in NIST and key in the Vendor name to be sure.

If you enter VMware, you will see that VMware Cryptography Module is listed this is because vSphere is FIPS certified and uses this module. You can also try other solution such as Redhat, Oracle, Citrix, Nutanix, Microsoft and you will find different results.

Note that FIPS140-2 has also two levels. Where level 1 is applicable only for software and level 2 is applicable only for hardware.

Validated is NOT Certified.

Be very careful when you need a FIPS solution and its claimed to be Validated and not really Validated or even Certified. What do you need as a compliance in your environment stated by your security policy, Is it Validated enough or Certified? Make sure you are certain of it.

Tuesday, July 3, 2018

Assumed Support from Third Party Solutions

While I was doing some presentation slides for one workshop, I happen to look for 3rd party virtual switches support on vSphere.

This is the KB that is from VMware. Just for those who are not aware, VMware has announced the end of support for third-party virtual switches on vSphere and vSphere 6.5 Update 1 will be the last release to support these switches with vSwitch APIs.

While reading through the pointers I came across one point that caught my attention:

What about Cisco AVS, which is part of the Cisco ACI solution? Are you also discontinuing support for AVS? 
VMware has never supported Cisco AVS from its initial release.

This might come as a surprise but there are customers who have implemented the above without knowing that VMware does not support.

Just by using the above for discussion. there are many solutions currently on the market that claims or market to support certain hardware or software. However, with further research, this has been a one-sided claim support. And was never two ways.

Using the above example from Cisco (hope Cisco don't hate me for that), when you hit an issue running Cisco AVS thinking that VMware supported it. When you raise a support case with VMware and needed something to be changed, or an API to be tweak, or a driver to be created/modified, you will get nothing out of it as it is unsupported in the first place.

Imagine if this is running in your production environment, you just got your environment not supported. Logging a case with Cisco might not going to solve your problem if it requires something from VMware to help support Cisco AVS.

Now to bring to attention. There are many solutions that are currently claiming to support some hardware and software. So when selecting a solution make sure to check that support comes in both ways and not just by one-sided claims. Imagine running a software and require certain support from both party where it is not supported, you are as good as hitting a dead end.

When planning for a solution, do check out both ways supportability from the vendors you are using. This avoids coming to a stop when you need the help most.

Tuesday, June 12, 2018

Software Support Service Level, Why it Auto Close?

Many times I have heard comments on software support from other vendors externally by customers as well as internally working in principle.

The interesting part is many does not know how these support services measure their support quality or success criteria.

This article is just to illustrate how a support ticket goes through and how it is closed or close temporarily till a user response.

Typically when we raised a support request, there are always three levels or severity. I would go into the details. But you can check out my past post on that.

An engineer typically response to a support request upon receiving a support based on the severity SLA if it's raised online. If that is over the phone, the user will have to wait for the next available engineer to answer the user.

Once a call is completed with the user, they will reply to the user based on what was communicated over the phone. This then follows the next step typically awaiting user to perform a certain task and revert.

This can carry on several times but eventually, once it waiting for the user to respond, a timer will start. It will last for 3 days before a ticket is automatically put to a close or temporary close and email typically is triggered to inform the user.

Now I know this is frustrating, as a user you still want that ticket to be open as you haven't got the time or didn't expect an unfinished issue to be closed.

This is the part that needs explanation. The support engineer is measured by the number of closed tickets on time. So the request system helps by identifying tickets that are opened for three days but not closed by doing an auto closure or temporary closure with an email to the customer. For a user to keep the ticket open more than 3 days, he would either reply to the service request so that the system reset the timer, or request to the engineer so he can flag it out with the system doing an auto closure.

Also having more tickets close, also means that support service quantity is higher as they are able to close more tickets and have less pending tickets. This also measures success criteria.

So the next time you need more time, or need to have a service request ticket to remain open, either reply to the email within 3 days or inform the engineer you are speaking to on not closing.

However, do note that not all system allows the engineer to prevent auto closing. Best is to reply on it within 3 days.

Tuesday, May 22, 2018

vMotion Between CPUs

With the release of vSphere 6.7, and the ability to have EVC on a per VM level instead of a per cluster level raise some questions.

Before we start here is an article on how to check what level of EVC to use here.

One of the questions often asked, does vMotion works across newer CPUs in the same generation without an EVC cluster?

If you follow this KB, in the last paragraph:

Once the virtual machine is power cycled:
  • They are only able to move to other ESX/ESXi hosts that are at the same CPU generation or newer.

What this state means if you have a new server with a new CPU generation, technically you can perform a vMotion without having the VM in an EVC cluster.

However, there are cases where vMotion will fail even the CPU is of the same generation due to an older version of VM hardware which has a more stringent check. As stated here, due to the destination host with a newer CPU with ISA extension not found on the source host.

In the above case, vMotion will still fail without having the VM in an EVC cluster unless the VM is upgraded with a newer version of VM hardware.

In a good practice, when upgrading your vSphere environment, upgrade your VMware Tools and VM hardware as much as possible. Often than not, I have seen many environments with old VMware Tools and VM hardware but of a newer version vSphere environment.

In any of which, both upgrading of VM hardware and placing a cluster or a VM (in vSphere 6.7) in an EVC mode, require a power cycle (note the difference, not a restart).

Saturday, May 5, 2018

VMUG Singapore by VMware and HPE

If you are in Singapore, do remember to register for VMUG Singapore event sponsored by VMware and HPE.

Look for the event details here.

This is not going to be the usual evening session but going to start at 2pm coming Friday, 11th May. There will be several sessions on the updated release from VMware and HPE and a networking session, vBeer to interact with fellow professionals as well as a chance for you to find out more what VMware and HPE are cooking.

We will also have our special guest Don Sullivan, author of Virtualizing Oracle Databases on vSphere.

So don't look further, if you are in town, Join Us!

VMware New Updated Certifications Release

There is three certifications release before VMworld 2018 announced here . Namely VCAP-DCV 2018 Deploy, VCAP-CMA Deploy 2018 and VCP7-DTM 20...