Monday, October 29, 2018

Whats New In VRA 7.5

Only few weeks ago VMware released its newest version of the vRealize suite and with it came many long-waited features.
I have been working with vRealize Automation since version 6.2 and must say that this is in my opinion the most significant improvement I have seen in the product yet.
The new UI, which is based on the Clarity UI (HTML5) is a huge improvement. The ease of access to your provisioned items and the fresh look of the portal make it much more user friendly.
Another great addition that many people have been requesting for a long time is the ability to resubmit a request that failed. Requiring the end user to refill the form can be a tedious act that was not user friendly. Finally, this has been implemented.
One more great addition is that if you are entitled to a catalog item from multiple Business Groups you will still only see the catalog item once. When you request the catalog item a popup emerges that allows you to choose the Business Group you want to request this under.
The global search option that has been added is amazing. You can now search for any string and it will find items, menu options, blueprints etc. and allows the end user or administrator to navigate the portal in a much more fluid and comfortable manner.
   
The Items and Requests tabs have been removed and instead a new tab titled Deployments has been created. I was very impressed by its fluidity. Now when you request a deployment you are transferred directly to the deployments page where you see your deployments progress and how far through the deployment phase it is. Additionally, in the case it fails, the error message replaces the progress bar and that is a great improvement to the multiple clicks that were needed to locate the error in previous versions.
They have also added the ability to filter deployments and catalog items based on many different parameters which is a huge improvement.
Another great addition is the history tab on all provisioned deployments. This shows you  the entire history of the deployment, from the provisioning to all the Day-2 actions that have been run on it.
VMware have also improved the integration with vROPS in a very positive direction.
With the new vROPS integration you can now view, from within VRA, runtime statistics from vROPS on the managed Virtual Machines and Deployments regarding CPU, RAM, IOPS and Networking.
Another great new feature is the NSX-T and PKS integrations into VRA. Whilst neither of these features is perfect it is a great starting point.
They have also improved the Event Subscriptions allowing you to choose if you want a Blocking Subscription in any phase to fail the deployment if the VRO Workflow fails.
A lot of previous issues that were painful for VRA administrators and users were fixed.
The Azure plugin is now faster and doesn’t time out on the Day-2 actions as it did in past releases.
The Upgrade and patching process has also been greatly improved from the means of audit logging and one of the greatest additions is that you no longer need to play with disabling Load Balancers when upgrading.
Another huge improvement that was made is the HTML5 VRO Monitoring Client.
This was added in 7.4, but 7.5 allows running workflows via the Client as well. This is a huge benefit for operational teams to be able to run these workflows without the need to build XaaS Blueprints for everything and to prevent the need for everyone to download and access the VRO Java Client.
VMware has also partnered with SovLabs in order to add Ansible Tower integration for configuration management in a similar manner to the Puppet integration which already exists.
VMware has also added the ability to add vRealize Business Parameters into Custom Forms which is a huge improvement.
Another improvement is the ability to easily rename a deployment or its description. Frequently, users would request the ability to easily update a deployment with details regarding the purpose of what those systems contained. In 7.5 you simply highlight the name and select the pencil icon to edit and save the changes.
Another great option that has been improved is the ability to propagate properties from a blueprint when applied to all deployments that have been deployed from that same blueprint. This includes the ability to change lease and archive times.
In general, this is an amazing release. With all the new features that have been implemented and the many bugs that have been fixed this seems to be a sign that VMware is listening to its customers and is on the right track regarding the vRealize Suite.
While this is about the new VRA release I must also say that the new vROPS is quite impressive as well. Especially the ability to share a dashboard via link or embed a dashboard on another website and allow users who are not authorized to access the vROPS the ability the view a dashboard of your choosing.

Tuesday, October 23, 2018

How to assure your vCenter is Protected?

As the vCenter server is becoming more and more business critical in many organizations the need for backup and restore capabilities as well as high availability are becoming very critical questions for many companies.
There are a few options that each has its advantages and disadvantages and I do not believe that there is a definitive answer on the best solution. I believe that all the options should be evaluated and considered.
Here are the main options in my opinion with notes on the upside and downside of each one.
Option 1 – Veeam backup:
  1. To back up the VCSA with Veeam, it’s important to understand that Veeam does not directly support Postgres SQL (VMware’s embedded DB). Instead, it’s optimal to perform backup in 2 steps:
  1. Image Level Backup with Veeam
  2. Database backup via VMware Best Practice
Step 2 is not required but restoring the image-level backup ensures the same state the Database was in at the point in time of the backup.
VMware Best Practice shows to back up the database as regular maintenance. Then you would be able to restore the server from step 1, then restore the database to whichever point in time with the backup from step 2.
The following links can be of assistance in regard to this option:
Pros:
  1. Utilizes Veeam backup which is used is many organizations already.
  2. Allows for quick restore of the VC if you use Instant Recovery
Cons:
  1. Requires the use of 2 steps to backup according to best practices
  2. Requires manually running the Python script on the VCSA or created a scheduled task but none the less is not ideal
  3. The DB backup is performed to the VCSA itself and not to a remote location
Option 2 – vCenter HA:
  1. This is an HA Option and not a backup
  2. This is available from vSphere 6.5 and above
  3. In this design 3 appliances are deployed (Active Passive and Witness)
  4. Please see the following Document regarding requirements for this to work:
This is a good option for HA if you have multiple sites with less than 10ms latency between them. It can be implemented within the same site as well but the time it takes for the failover to happen is about the same as typical vSphere HA and the need for 3 appliances seems redundant if the single site is still a single point of failure.
Pros:
  1. It is an official VMware solution which means it is fully supported
  2. Does not require extra licensing
Cons:
  1. It is unsupported to snapshot a VCHA VM which makes most backup solutions irrelevant. See KB – https://kb.vmware.com/s/article/2148003
  2. Requires deploying 3 appliances which can waste valuable resources
Option 3 – vCenter File Based Backup:
  1. This is an option as of 6.5 but is very strongly enhanced and is a very good option as of 6.7
  2. This is a native File Based backup of the VC performed via the VAMI interface of the VCSA
  3. In 6.5 this was manual and in 6.7 this can be scheduled, and a retention policy can be set as well as data encryption
  4. The restore process is very simple:
    1. Mount the installation ISO of the VC build installed.
    2. Choose the restore option.
    3. Enter the backup file location via the wizard
    4. Select the backup
    5. This will deploy a new VCSA and import the configuration of the original VC to it.
  5. This option allows for you to choose what to back up:
    1. Only inventory and configuration
    2. Inventory, Configuration, Stats, Tasks and Events
  6. This is also a native VMware solution that is a VMware best practice in regard to backing up the VC.
  7. For this to work you must have a backup destination (FTP, FTPS, HTTP or HTTPS)
  8. Please see below for limitations and considerations:

Pros:
  1. This is a native VMware backup solution built for the purpose of backing up and restoring the VC.
  2. This option allows you to choose what to backup.
  3. This can be done on a VCHA setup as well which is a huge benefit over almost all other backup solutions
Cons:
  1. The restore process is longer than the Veeam instant recovery option.
  2. It deviates from the idea a single program that would manage all your backups like Veeam can provide.

As you can see nothing is perfect and the solution is very dependent on the customers setup, but these three options are all very good solutions.