vSphere 6.5 Security – Virtual Machine Encryption

Virtual Machine Encryption
Information security is the utmost priority when it comes to securing customer data in private/public clouds.Data encryption is safe method to protect the data which provides solution to many security concerns, however which requires solid strategy and key management in place. With vSphere 6.5 VM encryption feature you can now encrypt your existing VMs or create a new encrypted virtual machines. With this feature you can encrypt virtual machine files, VMDK’s and core dump. VM encryption works independent of guest OS and data store type as it is policy driven (by applying new storage policy to a VM). There will not be any operational overhead on Virtual machine compute since the encryption/decryption done at hypervisor layer itself. With this new vSphere administrators can perform Encryption/Decryption operations within vCenter Sever UI.  Continue reading

vSphere 6.5 – VMWare VCSA 6.5 Backup and Restore

VMware VCSA 6.5 Backup and Restore: In this blog post we will learn how to backup and restore VMware VCSA 6.5 using native backup and restore feature introduced with the launch of vSphere 6.5, this out of the box file based backup and recovery feature uses vCenter Server Management API to backup files to an external destination. This feature supports HTTP, HTTPS,SCP, FTP and FTPS as supported protocols as destination path to backup files. VCAS 6.5 backup feature also backs up embedded Auto deploy and VUM configurations. Restoring from backup is easy and simple through VCSA deployment UI.  Continue reading

VMware vSphere 6.5 – Platform Service Controller HA lab using BIG IP Load Balancer

VMware vSphere 6.5 – Platform Service Controller HA lab using BIG IP Load Balancer

In my previous post I have  showed to how to configure high availability for platform services controllers in vSphere 6.0 using F5 BIG IP load balancer. In this post I am going to demonstrate how to configure Platform Service Controller High Availability (HA) in a vSphere 6.5 environment. Continue reading

VSAN 6.5 whats’s new – VSAN iSCSI End to End Deployment Guide

In my previous post I have demonstrated how to deploy VMware vCSA 6.5 and enable Native high availability for vCenter Server Appliance, I am going to demonstrate vSAN 6.5 iSCSI support for physical servers in this post. With vSphere  6.5 and vSAN 6.5 you can now you can extend vSAN data stores to physical servers using iSCSI target service. The main use case for extending vSAN support for physical servers is to support legacy non virtualized clustered application which requires RDMs (MSFC for instance). Now customers need not to maintain multiple storage solutions based on applications they run at their data center and unifi. In previous version only virtual machines on the vSAN cluster could access the vSAN. Please refer this link to know more about what’s new VSAN 6.5 Continue reading

VMware vSphere 6.5 – How To Enable Native vCenter High Availability

Native vCenter High Availability – I wanted to explore this feature since vSphere 6.5 was announced in VMworld Europe this year. With VMware announcing general availability of vSPhere 6.5 I was able to setup test environment in my lab and I am very exited about implementing the same in production at later point. Traditionally there was no out of the box solution available for vCenter high availability but there were other solutions to provide high availability to vCenter services such as vSphere HA, vSphere Fault Tolerence, Microsoft Clustering and now retired vCenter Server Heartbeat. With the new release VMware provides Native High Availability for vCenter Servers, as of now this feature is available only for vCSA based deployments. The new VCHA architecture is made of three node cluster. Active, Passive and a Witness node. Passive is full clone of the original Active node, witness node is clone of the original Active node. Witness node will never become Active in event of failure. Prerequisites to setup VCHA is fully functional DRS/HA cluster with minimum of 2-3 nodes. Continuous file level replication takes place between active and passive nodes using Linux RSYNC which keeps all the configurations and services state in sync. Native Native vPostgres DB replication will handle replication of VCDB and VUMDB.  Continue reading

vSphere 6 Platform Service Controllers HA Setup using F5 Loadbalacer and vSphere 6 Enhanced Linked Mode

In my previous post I have shown how to deploy vCenter server in a stand alone embedded model, in this post we learn how to configure Platform Service Controllers HA  using F5 Load balacer and install vCenter server 6 to use common SSO domain (Enhanced linked mode ). vCenter linked mode deployment will help you to manage multiple vCenter servers in a single pane of glass view. With vSphere 6 architecture changes vCenter server services are consolidate into two components namely Platform Service Controller or PSC and vCenter server core services. Continue reading

Deploying VMware vCSA 6.0

In this post, we will learn how to deploy VMware vCSA 6.0 appliance and its components in different modes. vCSA makes deployments simple and robust, there are two deployment modes – embedded and external. Embedded deployment refers to deploying all vCenter server components related components in same virtual machine. In external server deployment model vCenter components and vCenter server are installed on different virtual machines. Continue reading