Introduction

In the previous blog post we went through System Center Operations Manager as a framework, we talked about management packs, and that importing a management pack isn’t stopping the work you need to do.

We talked about fine-tuning and the importance of it to make the framework fit your environment.

In this blog posts, we are simply going to import a management pack(s) and then immediately create an “override” management pack to store our customizations. Just a few best practices that you need to do before you actually do the import.

Setting the scene

In this series we are going to work with the Veeam Management Pack for System Center and use the Hyper-V capabilities from it.

Wait! Don’t import it yet!!!!

The first mistake everybody makes is download all the management packs he or she needs (whether Microsoft or 3rd party) is just import it, wait, and see all the alerts coming in and then run away being scared of the environment. On the one hand Microsoft has made it easy for us for being able to connect to the catalog but on the other hand that is not the smartest idea to do.

Continue reading

Nicolas Vermandé (VCDX#055) is practice lead for Private Cloud & Infrastructure  at Kelway, a VMware partner. Nicolas covers the Software-Defined Data Center

This is Part 2 in a series of posts the describes a specific use case for VMware NSX in the context of Disaster Recovery. Here’s part 1,

++++++++++++++++++++++++++++++++++

Deploying the environment

Now let’s see have a closer look at how to create this environment. The following picture represents the vSphere logical architecture and the associated IP scheme…

ipNSX

 

… and the networks mapping:

logicalnetNSX

First of all you have to create three vSphere clusters: one Management Cluster and two Compute Clusters, as well as  two distinct VDS, within the same vCenter. Each Compute cluster will be connected to the same VDS. One cluster will represent DC1, and the other one will represent DC2. The second VDS will connect to the Management and vMotion networks. Also, you have to create a couple of VLANs: one VLAN for VTEPs, used as the outer dot1q tag to transport VXLAN frames, two external transit VLANs to allow the ESGs to peer with your IP core and VLANs for traditional vSphere functions, such as Management, vMotion and IP storage if required.

Note: As this lab has been created for educational purpose, it is clearly not aligned with NSX design considerations for a production environment. I’ll probably dedicate another blog post for that.

Now let’s get our hands dirty. I have to assume that you already have the NSX Manager deployed as well as 3 controllers. All those virtual appliances should be placed in the Management Cluster and connected to the Management VDS. For the sake of simplicity you can use the same Management VLAN for both ESXi and NSX components management.

The first step after having deployed the controllers is to install the ESXi vibs:  go to the NSX vCenter Plugin, then under Installation, select the Host Preparation tab. Select your Compute Clusters and click Install.

01

Once done, click Configure under the VXLAN section to configure the VXLAN networking:

02

The VLAN field is the outer VLAN ID for your VXLAN overlay. Create a new IP pool named VTEP and use it at the reference pool for your VTEP configuration. Note that if you select “Load Balance – SRCID” or “Load Balance – SRCMAC” as the teaming policy, two VTEPs will be created within the same IP Pool. It means that if you want your VTEPs to reside in two different subnets, you have to use a DHCP server. Another thing I noticed: be sure to create the appropriate number of VDS uplinks BEFORE preparing the hosts, or the NSX manager may not see the right number of uplinks when you want to deploy multiple VTEPs.

03

Next step is to configure the Segment ID range, which will represent your pool of available VNIs. As we will be using unicast transport mode, we don’t need to configure any Multicast Group.

04

Then you can go under Logical Network Preparation > Transport Zones. Add two Transport Zones, as we’ll be simulating two distinct datacenters. Select Unicast as the Control Plane Mode.

05

Continue reading

VMware product updates address security vulnerabilities in Apache Struts library
VMware Security Advisory
Advisory ID: VMSA-2014-0007.1
Synopsis: VMware product updates address security vulnerabilities in Apache Struts library
Issue date: 2014-06-24
Updated on: 2014-07-11
CVE numbers: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
1. Summary
VMware product updates address security vulnerabilities in Apache Struts library
2. Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
VMware vCenter Operations Management Suite prior to 5.7.3
3. Problem Description

The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0050, CVE-2014-0094, and CVE-2014-0112 to these issues.

CVE-2014-0112 may lead to remote code execution. This issue was found to be only partially addressed in CVE-2014-0094.

CVE-2014-0050 may lead to a denial of service condition.

vCenter Operations Management Suite (vCOps) is affected by both CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112 may lead to remote code execution without authentication.

vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not by CVE-2014-0112.

Workaround

A workaround for CVE-2014-0112 is documented in VMware Knowledge Base article 2081470.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
vCOPS

5.8.x
any vCOPS 5.8.2
vCOPS 5.7.x any vCOPS 5.7.3
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
4. Solution

Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.

vCenter Operations Management Suite 5.8.2 and 5.7.3
Downloads and Documentation:
https://www.vmware.com/go/download-vcops
5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112

http://kb.vmware.com/kb/2081470
6. Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.

2014-07-11 VMSA-2014-0007.1
Updated security advisory in conjunction with the release of vCenter Operations Management Suite 5.7.3 on 2014-07-10.
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
– See more at: https://www.vmware.com/security/advisories/VMSA-2014-0007.html#sthash.wCLWJcpF.dpuf

LOGO1Get More from your Software-Defined Data Center with Business Critical Application Virtualization

Virtualizing critical applications on vSphere improves their health and administration.

Get maximum use of hardware resources without compromising application performance.
Make your applications more mobile and easily migrated to any server in the environment, without downtime in many cases, by decoupling the application and operating system from the server hardware.
Add an additional layer of baseline availability that compliments most internal application or operating system availability functions.

Add the vCloud Suite to Monitor, Automate, and Protect You Business Critical Applications

In addition to the benefits provided by the standard functions within vSphere, VMware management products can add significant value and help you achieve more benefits of the software-defined data center and enterprise website hosting solution.

Continue reading

Today, we are very happy and proud to announce another great free tool coming from Veeam: Veeam Task Manager for Hyper-V.

If you are a windows administrator, then you need to check this one out. We all know that opening task manager on a windows server running Hyper-V only gives you the compute of the parent partition and not what resources the virtual machines are consuming.

In Veeam’s latest Management Pack release (Veeam Management Pack for System Center) we released an entirely new in-line task that can bring up the Veeam Task Manager for Hyper-V. The Veeam Task Manager for Hyper-V will display task manager data for both the Hyper-V host and for each of the child VMs attached to that host! But as of today, you can get that functionality for free even without our management pack.

clip_image002

Want to know more?

Read more on our how-to article here: http://hyperv.veeam.com/task-manager-hyper-v-announce/

If you want to use Veeam Task Manager for Hyper-V just register and download it