Plain Virtualization

Early this morning 11th Dec 2021, SGT, VMware has release a security advisory announcement for  VMSA-2021-0028 regarding a critical vulnerability in Apache Log4j identified by CVE-2021-44228 with a CVSSv3 full score rating of 10. Immediately, VMware has worked on several of the affected products that are affected with workaround or patches. As this is a full score rating, we likely to see VMware update workaround at least and release patches in the next few days. Do check back the page to see more updates. Do note that this is not a vulnerability specific to VMware. This is an Apache vulnerability. It is affecting all solutions that uses Apache. So do check out your environment and ensure all solutions used in your environment that do contain Apache Log4j is worked on. A FAQ site is also release for those with questions regarding this. If you are not aware do subscribe to VMware Security Advisory.

I have been presenting during VMware Partner Exchange in Singapore as well in certain workshops for customer and many times we brought up vSphere App HA as part of application availability solution which is part of vSphere Enterprise Plus. Previously with the 1.0 release, I did a post on the setup but it slip from my mind that there was an minor update to 1.1 on 8th April 2014 which I forgotten to update here which I find it pretty useful.  Do check out my previous post to have a better understanding.  The setup does not change much. In 1.0, it only support vSphere web client 5.5 and using vCenter Hyperic 5.7.  With the release of 1.1, it will now support from vSphere 5.1 U2 and creation of custom service where it is non default applications in vSphere App HA.  Lastly the pain in 1.0 of not able to edit a policy after it is created it now possible.  Finally this is fixed else you would need to delete and re-create a policy due to minor changes and reappl...