Software

There’s a world below clouds and enterprise environments with thousands of VMs and hundered or thousands of hosts. A world that consists of maximal three hosts. I’m working with quite a few customers, that are using VMware vSphere Essentials Plus. Those environments consist typically of two or three hosts and something between 10 and 100 VMs. Just to mention it: I don’t have any VMware vSphere Essentials customer. I can’t see any benefit for buying these license. Most of these environments are designed for a lifeime of three to four years. After that time, I come again and replace it with new gear. I can’t remember any customer that upgraded his VMware vSphere Essentials Plus. Even if the demands to the IT infrastructure increases, the license stays the same. The hosts and storage gets bigger, but the requirements stays the same: HA, vMotion, sometimes vSphere Replication, often (vSphere API for) Data Protection. Maybe this is a german thing and customers outside of german are growing faster and invest more in their IT.

On February 25, 2015 PernixData released the latest version of PernixData FVP. Even if it’s only a .5 release, FVP 2.5 adds some really cool features and improvements. New features are:

• Distributed Fault Tolerant Memory-Z (DFTM-Z)
• Intelligent I/O profiling
• Role-based access control (RBAC), and
• Network acceleration for NFS datastores

Distributed Fault Tolerant Memory-Z (DFTM-Z)

FVP 2.0 introduced support for server side memory as an acceleration resources. With this it was possible to use server side memroy to accelerate VM I/O operations. Server side memory is faster then flash, but also more expensive. With FVP 2.5, the support for adaptive memory compression. was added. DFTM-Z provides a more efficient use of the expensive resource “server side memory”.  Some of you may think “Oh no, compression! This will only cost performance!”. I don’t think that this is fair. ;) The PernixData engineers are focused on performance and I think that they haven’t during the development of DFTM-Z. DFTM-Z is enabled on hosts that use at least 20 GB memory for FVP. With increasing memory used for FVP, the area used for compression in the memory is also increased. So not the whole memory area used for acceleration is compressed, it’s only a part of it. With 20 GB contributing the FVP cluster, the compressed memory region is 4 GB. With more than 160 GB, the region is increased to 32 GB.

Yesterday I’ve updated a CentOS 6.6 VM with a simple yum update. A couple of packages were updated and to be honest: I haven’t checked which packages were updated. Today I noticed that an application, that uses a secure tunnel to connect to another application, doesn’t work. While browsing through the log files, I found this message from Stunnel.

LOG3[1145:140388919940864]: SSL_accept: 14076129: error:14076129:SSL routines:SSL23_GET_CLIENT_HELLO:only tls allowed in fips mode

I rised the debug level and restarted Stunnel. Right after the restart, I found this in the logs.

I’m a bit late, but better late than never. Some days ago I installed PernixData FVP 2.0 in my lab and I’m impressed! Until this installation, solutions such as PernixData FVP or VMware vSphere Flash Read Cache (vFRC) weren’t interesting for me or most of my customers. Some of my customers played around with vFRC, but most of them decieded to add flash devices to their primary storage system and use techniques like tiering or flash cache. Especially SMB customers had no chance to use flash or RAM to accelerate their workloads because of tight budgets. With decreasing costs for flash storage, solutions like PernixData FVP and VMware vSphere Flash Read Cache (vFRC) getting more interesting for my customers. Another reason was my lab. I simply hadn’t the equipment to play around with that fancy stuff. But things have changed and now I’m ready to give it a try.

In my last blog post I have highlighted how HAProxy can be used to distribute client connections to two or more servers with Exchange 2013 CAS role. But there is another common use case for load balancers in a Exchange environment: SMTP. Let’s take a look at this drawing:

The inbound SMTP connections are distributed to two Mail Transfer Agents (often a cluster of appliances, like Cisco IronPort or Symantec Messaging Gateway) and the MTAs forward the e-mails to the Exchange servers. Sometimes the e-mails are not directly forwarded to the Exchange servers, but to mail security appliances instead (like Zertificon Z1 SecureMail Gateway). After the e-mails have been processed by the mail security appliances, they are forwarded to the Exchange backend. Such setups are quite common. If a load balancer isn’t used, the MX records often point to the public IP address of a specific MTA. In this case, two or more MX records have to be set to ensure that e-mails can be received, even if a MTA fails.

Some of my customers use TeamViewer to provide a quick access to their systems, without the need to configure VPN connections, install software on hosts etc. TeamViewer provides fast and secure access without the need to install software. Simply start the teamviewer.exe and choose if you want to connect to a host or use the session id and password to allow someone else access your computer. TeamViewer is free for all non-commercial users! So it’s a great choice for remote support all your family members.

Disclaimer: I use a NFR license that was provided to me as a vExpert by code4ward free of charge.

I have searched for a relatively long time for a solution to manage multiple remote connections, like RDP, VNC or SSH. I tried different free tools, but none of them fulfilled my requirements, which are quite simple: Manage different connections & credentials. First I’ve tried Devolutions Remote Desktop Manager, which was quite good. But to be honest: It was a bit too much for my needs. Justin Paul wrote a nice review of Remote Desktop Manager. The second product I’ve tested was more suitable: Royal TS for Windows.

Nutanix was founded in 2009 and left the stealth mode in 2011. Their Virtual Computing Platform combines storage and computing resources in a building block scheme. Each appliance consists up to four nodes and local storage (SSD and rotating rust). At least three nodes are necessary to form a cluster. If you need more storage or compute resources, you can add more appliances, and thus nodes, to the cluster (scale out). Nutanix scales proportionately with cluster growth. The magic is not the hardware - it’s the software. The local storage resources of each appliance are passed to the Nutanix Controller VM (CVM). The CVM services I/O and storage to the VMs and is running on each node, regardless of the hypervisor. You can run VMware ESXi, Microsoft Hyper-V and KVM on the nodes. Although the Nutanix Distributed File System (NDFS) is stretched across all nodes, I/O for a VM is served by the local CVM. The storage can be presented via iSCSI, NFS or SMB3 to the hypervisor.