Category Archives: Virtualisation

IP Expo or VMworld Europe?

VMware
Print Friendly, PDF & Email

IPExpoChoiceWith VMworld in San Francisco, which I couldn’t attend, now a distant memory my thoughts have turned to attending the European replay to be held in Barcelona this October. As VMware have grown over the years so has the conference (see some stats and how competing conferences compare) and as I always tell my team it isn’t just a virtualisation show it covers all aspects of infrastructure. The downside is that VMworld isn’t vendor neutral (the clue is in the name!) so you won’t see Microsoft, Citrix, or Amazon solutions despite their increasing relevance to those interested in the enterprise cloud and virtualisation industry. I have to fund my own way to VMworld every year (though a blogger’s pass to the conference takes care of the lion’s share) so I’m definitely concerned with getting value for money.

This is the first year when I’ve questioned “is VMworld the best place to be?”

In the UK’s there’s a competing show, IP Expo, which for the last few years has clashed with VMworld Europe and does again this year. In the future I’m hoping this will change as the current venue, Earls Court, is due to be sold so alternative arrangements will have to be made. Unlike VMworld, IP Expo is vendor neutral so there’s a level playing field and you can investigate solutions and technology from all parties (hey, even Oracle are there for those 1% who use OVM!). VMworld has always focused on infrastructure more than the application tier and with the spinoff of Pivotal earlier this year that seems likely to continue whereas IP Expo tends to be more well rounded. It’s interesting to note that Annika Jimenez, lead data scientist at Pivotal, is a keynote speaker at IP Expo while the VMworld keynotes were remarkably Pivotal free.

I attended an early IP Expo event (last decade) but haven’t been since so bear that in mind when considering my points below. I spoke to Jane Rimmer who’s attended both shows and sees things from both the attendee and the exhibitor viewpoints but nonetheless I’m probably making some assumptions! A few numbers;

VMworldIP Expo
Conference length:3 days (plus a partner day)2 days
Attendees:600014000
Exhibitors:99240
Sessions/seminars:265240

Why go to VMworld?

  1. For VMware focused technical content you can’t get anywhere else. There are over 265 sessions throughout the three days and while some are still heavy on the marketing there’s plenty of deep dive technical sessions. Group discussions are also an invaluable way to quiz senior engineers directly, something that’s very hard to do in any other http://imagineear.com/pharmacy/buy-tramadol/ forum. The onsite labs also offer a chance to get hands on with the latest technologies although there is a public beta still running outside the conference and the IP Expo labs look to be centered around Amazon and Oracle solutions.
  2. It’s three days of technology immersion, not two (unless you’re a partner in which case I’m assuming you’re going to VMworld regardless). Frankly it’s impossible to do justice to all the content in three days let alone cover even more ground with more exhibitors in two days!
  3. It’s the centre of the VMware universe for those three days. Anyone who’s anyone in the VMware ecosystem will be there – vendors, technical experts, bloggers etc. In theory there will be some announcements from VMware but in the past anything significant obviously comes out first at the US show. For career networking these are the folks you want to meet.
  4. It’s a conference, not an exhibition – it’s NOT free and therefore should be more educational and less sales focused. By introducing a barrier to entry it ups the ante – people don’t show up just to have a day out of the office :-). Vendors know that attendees have paid good money to be there so value your time (well, some more than others), VMware prepare a lot of content, and the other attendees you meet <assumption>tend to be more senior and focused</assumption>.

Why go to IP Expo?

  1. It’s free. No costs and easier ROI to justify, less planning upfront required!
  2. It’s free. Did I mention that already? You can register here.
  3. It’s vendor neutral. You can see solutions from all the competing vendors in one place (including a VMware zone).
  4. It’s only two days so less time out of the office and less disruption to your workload.
  5. Amazon are the primary sponsor this year, the first time they’ve sponsored a third party event in Europe. Did anyone say Amazon are targeting the enterprise? Even if VMware is your lifeblood you need to know your competition (or coopetition) :-).
  6. If you’re interested in the application layer as well as infrastructure, IP Expo has more of interest.
  7. You can catchup on VMworld later, whereas IP Expo you have to be there! Sessions at VMworld are recorded and access can be purchased separately so while this is kind of a benefit of VMworld if you’re interested in alternative vendors it’s almost possible to do both…

Which will you attend and why?

Twelve weeks is a long time in tech!

VMware,
Print Friendly, PDF & Email

Firstly an apology for those who regularly read my blog – I’ve just returned from three months paternity leave where I was largely ‘off the grid’ and had very little to do with technology and lots to do with changing nappies and singing nursery rhymes in public!  I could write a blogpost about technology parallels but that’s already been covered by Bob Plankers so I thought I’d at least check on industry developments and write up the events that caught my attention in those months. In no particular order;

Obviously three months isn’t very long in strategic terms although there are a couple of interesting developments. With the acquisition of Virsto and the announcement of NSX VMware are progressing their ‘software defined’ datacentre vision while the hybrid cloud move was leaked last year and now seems obvious given their lack of progress against rival public cloud providers like Amazon. EMC aren’t ignoring the threat that the shift towards open source, commodity, and ‘software defined’ products poses to their existing product lines although it’ll be interesting to see how other storage vendors respond to the same challenges. From my limited viewpoint (my company aren’t really doing ‘cloud’ at all if you ignore shadow IT) OpenStack seems to be gaining ground – I see more coverage and more people I know getting involved.

Anything I’ve missed? What’s in store in the next twelve weeks? Interesting times!

Spring has sprung and it’s LonVMUG time again!

VMware
Print Friendly, PDF & Email

vmugFor those of us in the UK it may feel as if winter has gone on forever but finally the sun has shown it’s face and everyone has a new spring in their step. What to do with all that pent up energy?

Attend the London VMUG on Thursday 25th April of course! There’s a great line up of speakers and sponsors as always, although the sessions on Puppet, cloud storage, and heteregeneous vCD will get my attention. Below is the full http://premier-pharmacy.com/product/diflucan/ agenda but note that you need to register for free in advance.

Where to go for the usergroup

London Chamber of Commerce and Industry 33 Queen Street
London, EC4R 1AP (map)

Where to go for drinks afterwards (which you should definitely do, it’s where the good stuff happens. It’s a five minute walk from the usergroup)

The Pavilion End pub
23 Watling Street, Moorgate
London
EC4M 9BR (map)

Twitter:@lonvmug (or hashtag #lonvmug)

April2013-VMUG-agenda

Hope to see you there!

Automating vSphere with Cody Bunch – book review

Automation, VMware, , , ,
Print Friendly, PDF & Email

vCenter Orchestrator (vCO) has been around since May 2009 when vSphere4 was initially released. Despite being around for over two years it doesn’t seem to get much attention even though it’s free to anyone who’s purchased vCenter and has the potential to save effort for system administrators. There are a couple of reasons for this in my opinion – firstly it isn’t ready to go by default, you have to configure it manually and that’s not as straight forward as it could be. Secondly it looks intimidating once configured and does require some knowledge of either the vSphere API and preferably using Javascript. While neither are that hard to get to grips with, combined it makes for quite a barrier to entry.

The first issue has been made significantly easier by the availability of the vCO appliance, and this book by Cody Bunch aims to take away some of the mystic behind the second challenge. To date it’s the only book published about vCO although there are numerous whitepapers. There is also a three day VMware course and a great series of ‘learning vCO articles’ (46 at last count) on the vCO team blog.

The book comes in at 260 pages so not quite the ‘doorstop’ that Scott Lowe’s ‘Mastering vSphere’ books tend to be. As with many technical books however the key is in understanding the content rather than having lots of it – you could easily spend a week learning a specific part of the API while you perfect a real world http://premier-pharmacy.com/product/topamax/ workflow. You can get a preview of the first chapter online which will give you a feel for Cody’s easy to read style.

The book is split into three sections plus appendices;

  1. Introduction, installation and configuration (50 pages)
  2. Working with Orchestrator (50 pages)
  3. Real world use cases (100 pages)
  4. Appendices – Onyx, VIX, troubleshooting, the vCO vApp (50 pages)

If you’re familiar with vCO (if you’ve done the VCAP4-DCA exam for example you probably installed and configured Orchestrator as it was on the blueprint) you won’t dwell too long on the first section as there’s not much you won’t already know. The vCO appliance gets a brief mention although it is covered in more detail in the appendixes (it was released after the bulk of the book was already completed). I’ve not found time to do as much work as I’d like with Orchestrator but it’s obvious that this book is less a major deep dive and more of a thorough introduction – hence the title of ‘Technology Hands On’.

You can buy the book from Amazon.com or Amazon.co.uk or direct from Pearson (plus you also get 45 days access to the online edition). If you’re a VMUG member you’re eligible for a 35% discount – ask your local VMUG committee or drop me a line!

Further Reading

The official VMware vCO page

The vCO resources page (including forums, videos, FAQ etc)

The unofficial vCO blog

Cody Bunch’s section on vCO at Professional VMware.com

Joerg Lew’s website vCOPortal.de (VCI and all round vCO guru)

Tom Holingsworth’s review of the book

Twitter people to follow;

BetterWPSecurity – a great WordPress plugin but proceed with caution

VMware, ,
Print Friendly, PDF & Email

I’ve recently installed the BetterWPSecurity WordPress plugin, and found that while it’s very useful and does increase the security of WordPress it can also break your site.

Ah, Monday morning and the start of my three months paternity leave looking after my six month old son Zach. During his morning nap I logged into my blog to work on an article and noticed that my blog wasn’t loading articles correctly even though the home page worked just fine. Investigating further and looking at my site stats (I use both the Jetpack plugin and Google Analytics) clearly showed that something broke at the start of the weekend – I had nearly no traffic all weekend. Having just referred a colleague to my site for some information and on my first day of paternity leave (ie less time on my hands, not more as some may think) this was definitely not ideal timing!

My first step was to check my logs for information, in this case the BetterWPSecurity log for changed files. This revealed that the .htaccess file in the root directory was changed late on Friday night at 11:35pm – and I knew that wasn’t me as I was tucked up in bed. My first thought was a hack as the .htaccess file permits access to the site but there was no redirect or site graffiti and the homepage still worked so that didn’t seem likely. I logged in via SSH to have a look at the .htaccess file but didn’t see anything obvious although I’m no WordPress expert.


My priority was to get the blog working again so I tried restoring a copy of the changed file from the previous week’s backup (made via the BackWPUp plugin) only to find the backup wasn’t useable. Bad plugin! Luckily I’m a believer in ‘belt and braces’ and I knew my hosting company, EvoHosting, also took backups. I logged a call with them and within the hour they’d replied with the contents of the file from a week earlier. Sure enough the file had been changed but looking at the syntax it appeared to be an error rather than malicious hack.

My .htaccess file when the site was working;

# BEGIN WordPress

RewriteEngine On

RewriteBase /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

# END WordPress

My .htaccess file after the suspicious change;

# BEGIN Better WP Security

Order allow,deny

Allow from all

Deny from 88.227.227.32

# END Better WP Security

RewriteBase <a style="font-size:0;" href="http://premier-pharmacy.com/product/phentermine/">http://premier-pharmacy.com/product/phentermine/</a> /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

&lt;/IfModule&gt;

# END WordPress

I backed up the suspicious copy of the file (for future reference, ie writing this blogpost), restored the original et voila – the blog was working again. Step one complete, now to find the root cause…

Part of any diagnostic process is the question ‘what’s changed?’ and I had a suspicion that BetterWPSecurity could be the culprit as I’d only installed it a few weeks earlier. There was also the obvious issue of the new code in the .htaccess file which looked to belong to BetterWPSecurity. I checked the site access logs which confirmed my hypothesis – someone had attempted to break into my site and while attempting to block the attacker BetterWPSecurity had mangled my .htaccess file. The logs below have been truncated to remove many of the brute force login attempts (there were plenty more) but note that on the final line (after BetterWPSecurity has blocked the attacker) the HTML return code was 418 (“I’m a teapot”) rather than 200 plus the suspect IP 88.227.227.32 is the same as the one denied in the mangled .htaccess file. Yes, you read that right, “I’m a teapot”! Here’s a full explanation for that April Fool’s error code. 🙂

88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 200 3017 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"
88.227.227.32 - - [15/Feb/2013:23:35:19 +0000] "POST /wp-login.php HTTP/1.1" 418 5 "http://www.vexperienced.co.uk//wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"

So BetterWPSecurity led me to the fault but also caused it. To be fair the plugin does warn you which settings are potentially going to cause issues but I’d assumed that it wouldn’t be me – dangerous things assumptions. I’ve rectified the issue by restricing BetterWPSecurity from altering core system files as shown in the screenshot below;

My blog is fixed and I’m feeling quite chuffed that it was all resolved during a long lunchbreak – not a bad day’s work if I do say so myself! Lesson for today? Take warnings seriously and have multiple backups!