Recently the IBM Cloud for VMware architecture team posted several new and updated architecture documents related to VMware on the IBM Cloud.
VMware: We’ve updated our base VMware on IBM Cloud virtualization architecture to converge the VMware Cloud Foundation and VMware vCenter Server architecture specifications. This reflects important points of convergence such as the recent availability of vSAN on VMware vCenter Server, and also our move to vSphere 6.5 and all–flash storage with vSAN 6.6.
NetApp ONTAP Select: We’ve published our architecture specification for the automated deployment of NetApp ONTAP Select on IBM Cloud, a software–defined storage offering that brings all the capabilities of NetApp ONTAP, including the ability to integrate with your on–premises NetApp storage.
Veeam: While Veeam has been available for some time as an integrated part of IBM Cloud for VMware Solutions, we’ve now published our architecture overview for Veeam Backup & Replication on IBM Cloud, including important considerations for sizing and scaling your Veeam deployment.
FortiGate Security Appliance: IBM Cloud infrastructure has offered the FortiGate Security Appliance (FSA) for quite some time as a means of protecting your public VLAN. IBM Cloud for VMware Solutions recently integrated the automated deployment of a FortiGate appliance as an add–on service for your VMware instance. Our FortiGate Security Appliance on IBM Cloud architecture includes important considerations about how to configure the appliance to ensure the proper functioning of the IBM automation and other add–on services such as Zerto and F5 BIG–IP.
It’s a day late for Tolkien’s birthday, but is it ever too late for Tolkien or Wolfe? Thanks to John Barach for sharing this tribute to Tolkien by Wolfe.
You are not likely to believe me when I say that I still remember vividly, almost 50 years later, how strictly I disciplined myself with that book, forcing myself to read no more than a single chapter each evening. The catch, my out, the stratagem by which I escaped the bonds of my own law, was that I could read that chapter as many times as I wished; and that I could also return to the chapter I had read the night before, if I chose. There were evenings on which I reread the entire book up the point—The Council of Elrond, let us say—at which I had forced myself to stop.
IBM Cloud offers a VPN service for your account which you can use to access your dedicated IBM Cloud network. The VPN access is available from your browser using a Java applet, but is also available using a standalone VPN application for Windows, Linux, or macOS.
Unfortunately, I’ve found that the version 2.0 update of the MotionPro Plus application for macOS has broken my VPN access. Not only has it lost all of the passwords I had previously saved, but when I do enter my password and attempt to connect to the IBM Cloud, it immediately disconnects.
While we await a fix from Array Networks, it is possible to revert to an older version of MotionPro:
- View the macOS Launchpad and find the MotionPro+ icon
- Click and hold the icon until it begins to jiggle, then release. Note that this will delete your MotionPro configuration.
- Click the X to uninstall MotionPro+
- From the Array Networks support site, download the MacOS MotionPro client corresponding to AG-OS 184.108.40.206
- Open the disk image and run the MotionPro installer package within the image. The installer will also install some command line tools
- Recreate your MotionPro configuration
See also: managing SoftLayer VPN subnet access.
This weekend our small group enjoyed our second annual caroling in downtown Fuquay.
The IBM Cloud for VMware Solutions architecture specifies that vSphere (ESXi) servers should be attached to the public network, but should be configured not to enable their own public IP address. This ensures that workloads running on the servers can access the public network as necessary (e.g., using an NSX Edge Services Gateway), but that the hosts themselves cannot be reached over the internet.
When IBM Cloud (a.k.a. SoftLayer) provisions a bare metal server, the default monitoring configuration for that server is to ping its public IP address. This means that by default all of your ESXi hosts are reported by the IBM Cloud infrastructure portal to be down:
You can correct this by re–configuring the monitor for each server to test the private IP address rather than the public IP address. Since you cannot change the IP address of a monitor, you will have to remove the existing monitor and create a new monitor for the private IP address.
If you have many bare metal servers in this situation, you’ll want to automate the re–configuration. To help with this, I wrote a Python script to reconfigure your bare metal server monitors. You’ll have to fill in your SoftLayer username and API key, and the script will reconfigure the monitors for all servers that are (1) marked down, and (2) have a monitor configured for their public IP but not their private IP. The new monitor for the private IP will retain the same attributes as the existing monitor for the private IP. Voila:
Kurtis Martin and I recently published a tutorial that shows how you can securely connect your VMware workload running in the IBM Cloud to other IBM Cloud services. This enables you to seamlessly extend your VMware application with valuable cognitive, data, and developer services available in the IBM Cloud.
Read more at IBM developerWorks: Securely connect your private VMware workloads in the IBM Cloud.
I presented a brief overview highlighting this tutorial at the IBM booth at VMworld 2017. Watch my overview here:
IBM has a significant lineup of activities at VMworld US 2017. I’m particularly excited about Dr. Michio Kaku’s session on Wednesday.
I’ll be speaking on Monday about integration between VMware applications and broader IBM Cloud services, and I’ll also be present at the IBM booth, for both US and Europe conferences. If you’re there, be sure to stop by and say hi!
Be sure to also check out our hands-on labs available at VMworld.