Sam has been working in the IT industry for nearly 20 years now, and is currently working for VMware as a Senior Technical Marketing Manger in the Cloud Management Business Unit (CMBU) focussed on Automation. Previously, he has worked as consultant for VMware PSO, specializing in cloud automation and network virtualization. His technical experience includes design, development and implementation of cloud solutions, network function virtualisation and the software defined datacentre. Sam specialises in automation of network virtualisation for cloud infrastructure, enabling public cloud solutions for service providers and private or hybrid cloud solutions for the enterprise.
Sam holds multiple high level industry certifications, including the VMware Certified Design Expert (VCDX) for Cloud Management and Automation. He is also a proud member of the vExpert community, holding the vExpert accolade from 2013-present, as well as being selected for the vExpert NSX, vExpert VSAN and vExpert Cloud sub-programs.
There are different schools of thought as to whether you should have SSH enabled on your hosts. VMware recommend it is disabled. With SSH disabled there is no possibility of attack, so that’s the “most secure” option. Of course in the real world there’s a balance between “most secure” and “usability” (e.g. the most secure host is powered off and physically isolated from the network, but you can’t run any workloads ).
Last night was the VMworld party which was loads of fun, I took some pictures so I won’t write loads! Highlights include watching people fall over on the roller disco, losing to @shogan85 at street fighter (he has some skills showing a misspent youth) and a rather amusing game of spot the difference.
#vcm5477 Cloud Service Automation with NSX and vCloud Automation Center with Cargi Keeling and Phil Fleischer This was one of the most technically cool sessions I’ve been in this week, setting how vCAC and NSX come together to deploy multi tiered applications with the networks provisioned on demand, including firewalls and routing.
Today was always going to be a bit of a funny day as I scheduled the VCAP5-DCD exam for 10am this morning. I am happy to say that I passed! I’m a bit light on VMworld to report today, so forgive my DCD experience to pad it out!
Preparation I have to confess my prep for this exam was light – I literally only watched the TrainSignal course by Scott Lowe (@scott_lowe) and just about finished that last night in the hotel!
I flew from Gatwick to Barcelona last night to my very first VMworld!
I’m staying in a hotel that is actually quite far from the conference, it’s a metro, train and bus journey away from the conference center and it takes about 40 minutes to get here. On the plus side I was only 5 minutes away from the VMUG party last night so I went over there for an hour or so.
Losing a root password isn’t something that happens often, but when it does it’s normally a really irritating time. I have to rotate the password of all hosts once a month for compliance, but sometimes a host drops out of the loop and the root password gets lost. Fortunately, as the vpxuser is still valid I can manage the host via vCenter - this lends itself to this little recovery process:
This is the second article in a series of vSphere Security articles that I have planned. The majority of this article is based on vSphere/ESXi 5.1, though I will include any 5.5 information that I find relevant. The first article in this series was vSphere Security: Understanding ESXi 5.x Lockdown Mode.
Why would you want to join an ESXi host to an Active Directory domain? Well you’re not going to get Group Policies applying, what you’re really doing is adding another authentication provider directly to the ESXi host.
This is the first article in a series of vSphere Security articles that I have planned. The majority of this article is based on vSphere/ESXi 5.1, though I will include any 5.5 information that I find relevant.
I think lockdown mode is a feature that is rarely understood, and even more rarely used. Researching this article I’ve already encountered several different definitions that weren’t quite right. As far as I can see there are no differences between lockdown more in 5.
John Troyer (@jtroyer) asked a question on Twitter last night about a CloudCred prize of $1000-2000:
@jtroyer a nice lab setup! — Sam McGeown (@sammcgeown) September 19, 2013 @jtroyer I guess a couple of hosts, storage and a switch, wouldn't get HCL certified for that but I'm sure it's doable! — Sam McGeown (@sammcgeown) September 19, 2013 That got me thinking – was it possible to create an entire 2 host lab with storage on a $2000 budget?
After my previous post about studying and the exam experience of the VCAP5-DCA exam (and 3 weeks of waking up to check my phone for the email all night) I am pleased to say that I received my Exam Score last week and it was a pass! I was really pleased to see that I passed with a very decent margin too, which was great! The rushed nature of the exam and long wait for the results leaves you going over the exam in your head convincing yourself how badly you’ve done, so it came as a huge relief and surprise.
There’s not a lot more to say than the title of this post – if you create a new Virtual Switch using PowerCLI without specifying the NumPorts parameter, it defaults to 64 ports. This strikes me as odd when the default for a standard switch is 120.
You can see in the screenshot below that when I create a Virtual Switch without the parameter, it creates it with 64 ports. Once you minus the 8 reserved for physical NIC ports (uplinks), CDP traffic, and network discovery it leaves you with 56 ports available for VMs.
