Technology

In a previous post we covered the different capabilities and basic setup of EC2 Systems Manager, including the IAM roles that needed to be created and the installation of the SSM Agent. In this post we’ll focus on running some commands through the EC2 Systems Manager Console. We’ve already got an Amazon Linux instance deployed within our VPC. I’ve placed this instance in a public facing subnet and it is a member of a security group that allows HTTP traffic over port 80. ...

We love Amazon EC2 instances because of how easy they are to deploy and we have a huge catalog of templates (AMIs) to choose from which really speeds up our provisioning. But once those instances are up and running it would be really nice to have some methods of managing those instances. Luckily, Amazon has developed several capabilities to help manage Amazon EC2 instances after they’ve been deployed. These capabilities are used to execute scripts, manage patches and kick off automation routines within an EC2 instance, directly from the AWS console. ...

AWS is taking the virtualization world by storm. Workloads that used to get spun up on vSphere are now being deployed in AWS in many cases. But what if you’ve got workloads in vSphere that need to be moved? Sure, it probably makes sense to build new servers in AWS and decommission the old ones but sometimes it’s OK to lift and shift. Amazon has a service that can help with this process called the AWS Server Migration Service. ...

Amazon’s S3 is a cost effective way to store file but many organizations are used to mapping NFS shares to machines for file storage purposes. Amazon Storage Gateways are a good way to cache or store files on an NFS mount and then back them up to an S3 bucket. This post goes through the setup of an AWS Storage Gateway in an EC2 instance for caching files and storing them in an S3 bucket. This same solution (and a similar but different process) can be used to mount block devices through iSCSI or setup a Tape Gateway for backup products. ...

Preventing blueprint sprawl should be a consideration if you’re building out a new cloud through vRealize Automation. Too many blueprints and your users will be confused by the offerings and the more blueprints, the more maintenance needed to manage them. We’ve had custom methods for managing sprawl up until vRA 7.3 was released. Now we have some slick new methods right out of the box to cut down on the number of blueprints in use. These new out of the box configurations are called Component Profiles. ...

vRealize Automation version 7.3 dropped a few weeks ago and you’re really excited about the new improvements that have been made with the platform. Release Notes for version 7.3 You’ve gone through the upgrade process which is constantly improving I might add but once you log in you find out that your endpoints that you spent so much time building are now missing. Kind of like the ones in my screenshot below. ...

vRA is great at deploying servers in an automated fashion, but to really use the built in functionality for an organization some additional information should be requested to properly place the workloads in the environment. This post covers how to ask users for the correct information to properly determine the placement location of new server workloads. Cluster Placement The first placement decision that needs to be made is which cluster the workload should be placed on. This can be done with reservations and reservation policies but often comes with some blueprint sprawl. We’d like to be able to ask the requester which environment the workload should be placed on. To specify a cluster (which could include a cluster on a different vCenter or datacenter) we’ll modify an xml document stored in the IaaS Server(s) which will describe our datacenters. In my example I’ve got two clusters in a single vCenter named “Management” and “Workload”. My clusters are shown below. ...

It’s a pretty common design request these days to have a single authentication source. I mean, do you really want to have to manage a bunch of different logins instead of having to remember one? Also, five different accounts give attackers five different avenues to try to exploit. So many times we use our existing Active Directory infrastructure as our single source of authentication. Amazon Web Services (AWS) needs a way for people to login and will allow you to use your own Active Directory credentials through Security Assertion Markup Language (SAML). This post will walk you through the setup of Active Directory Federation Services (ADFS) on Windows Server 2016 and configuring it to be your credentials for AWS. ...

vRealize Code Stream Management Pack for IT DevOps (code named Houdini by VMware) allows us to treat our vRealize Automation Blueprints, or other objects, as pieces of code that can be promoted between environments. In previous posts we’ve done just this, but a glaring piece was missing in during those articles. Promoting code between environments is great, but we’ve got to test it first or this process is only good for moving code around. A full release pipeline including unit tests can make your environment much more useful for organizations trying to ensure consistency. ...

In previous posts we covered how to install, configure and setup vRealize Code Stream Management Pack for IT DevOps (code named Houdini) so that we could get to this point. During this post we’ll take one of our vRA blueprints in the development instance and move it to the production instance. Let’s get started. To set the stage, here is my development instance where I have several blueprints at my disposal. Some of them even work! (That was a joke) For this exercise, I want to move the “Server2016” catalog from my development instance to my production instance because I have it working perfectly with my vSphere environment. ...