Welcome to my inaugural post on rnelson.com, I’m happy to be here and hope that I can provide some useful insight. Recently, I received a voucher for the Microsoft Hyper-V certification exam and decided to take that opportunity to really give it a proper test. With that in mind, Rob convinced me to write some articles on interesting or difficult concepts I come across in the hope that I can help people down the road avoid the same technical landmines. I’m a vSphere admin by experience, so I’ll be comparing Hyper-V components to their vSphere equivalents to help root this in familiar terms. Today, I’ll describe what Hyper-V is, the lab I’m running it in, and some pre-reqs to installing it. Follow up articles with provide greater detail (and pictures!) and cover installation and use.
Hyper-V is Microsoft’s virtualization product in their server line. In my opinion, starting with Hyper-V in Server 2012, it’s becoming competitive with vSphere for the small to medium scale environments in which I’ve worked. Veeam has a great article explaining the concept of Hyper-V. Veeam is a terrific backup product for virtual environments and it supports both Hyper-V and vSphere. If you are an MCSA/MCSE or VCP, you should look into their NFR (Not for resale) licenses to run in your home lab.
With summer upon us, I’ve taken a break from the blog. You’ll still see a few of my small posts pop out every so often, but no lengthy technical posts from me for a while. That doesn’t mean the blog is taking the summer off, though!
I’m proud to introduce a colleague and fellow Arsian, Jason Crichton, as a contributing author on my blog! Jason is going to write some articles over the summer about Hyper-V. For those of us (myself included!) who are only familiar with vSphere, Jason will help us compare the analogous features from each product with articles most Wednesdays this summer. Here’s a little background those of you who have not met Jason before:
My name is Jason Crichton, I’m an IT professional like Rob, just crossing over the 10 year mark of System Administration this summer. I started in the trenches of help desk and through a bit of luck and a lot of hard work now work as a Senior Systems Analyst for a relatively small multinational corporation. I tend to end up heavily involved in the virtualization, security, and operations aspects of the business. Recently I have moved into Powershell tool development for improving the lives of our help desk staff. I find the willingness of people like Rob to put the time and energy into sites like this incredibly valuable, so when he asked me to contribute I was thrilled at the opportunity to give back myself.
When I’m not working with tech, I tend to be motorbiking with my wife Christina on whatever random trip we’ve been able to organize.
My professional experience can be viewed on LinkedIn
. Additionally you can follow me on twitter through @hawkbox
Please give Jason a warm welcome to the blogosphere! If you have any requests for Hyper-V topics, please let myself or Jason know what you’d like to see covered. Thanks!
This week was another nail biter in the Virtual Design Master competition. Challenge 2 required us to save the moon while using someone else’s design plus a few constraints: must fit in 21U, have to use the same vendors (but can use different product lines) as the provided design used, and the big one, the moon base only has IPv6 networking. I understand IPv6 but certainly haven’t designed an IPv6-only network, so this was pretty scary and very time consuming for the research.
There were a lot of great designs presented by the VDM competitors. Three of us had to work off of Daemon Behr’s and six of us had to work off of my design from the previous challenge. It was fun to see how other people managed the same base project and morphed it into a project that had their fingerprints on it. Watch the results show and check out the designs (here’s mine). During the design and the judging, I learned a few things in no particular order:
Last week, we started using Hiera. We’re going to do a lot more today. First, we’ll add what we have to version control, then we’ll integrated it with r10k, and we’ll wrap up by migrating more content out of manifests into Hiera. Along the way we’ll explain how Hiera works. I also encourage you to review the Puppet Labs docs and the source code as needed. Continue reading
This week has been pretty exciting. It’s getting closer to the move and things are starting to seem real – which means more time is involved in it. Somehow, in the midst of all that, I managed to complete my design proposal for Virtual Design Master’s first challenge, a whopping 30 minutes before the due date. On Thursday night, all the contestants defended their design. To my surprise, I survived! I am thankful of some critical reviews from Jason Shiplett and some friends on IRC. We lost a few competitors, as is the nature of the challenge, but everyone’s designs are amazing. Check them out at http://www.virtualdesignmaster.com/.
This week’s challenge is about constraints. We have some physical constraints – have to use the same vendors, and needs to fit in 21U, oh and by the way, it’s on the moon – plus a unique requirement I haven’t seen anywhere else: IPv6 only. That’s going to be tough. But they weren’t done with the constraints yet. We have to use someone else’s design from challenge 1! Everyone on Team Beta has to work off the design by Daemon Behr (@VMUG_Vancouver). I’m very honored that my design (@rnelson0) was chosen as the design that Team Alpha has to work from.
If you are available next Thursday at 9PM Eastern, tune in at http://www.virtualdesignmaster.com/live/ to see the results of challenge 2!
If you’ve been following along with the Puppet series, our next task is to start using roles and profiles. If you’re just visiting, feel free to review the series to get caught up. Today, we will discuss the roles and profiles pattern, start implementing it as well as a custom fact, and deploy a webserver on a node managed by puppet. Finally, we’ll move some of our configuration from the site manifest into Hiera.
NOTE: A small note on security. I’ve been running through this series as ‘root’ and earlier said, “Well, just be more secure in production.” That’s lame. This blog covers security as well as virtualization and automation so I’m going to live up to that. For now, I’ve added a local user with useradd, updated sudoers, and cloned all the repos so that I can show best practices, which will include doing most work as my user and then sudo/su to run a few commands as root. Later, we’ll manage local users via puppet.
My summer has been exciting. On Wednesday, I received notification that I was accepted as a vExpert for 2014! That’s pretty awesome, both as confirmation that hard work has payed off and encouragement to keep it up in the future. On Thursday night, the Virtual Design Master competition kicked off. This will hopefully keep me busy throughout the summer. I haven’t even gotten started on it, though, as I am on-call this week and things blew up right after the live start. Here’s hoping it settles down so I can work this weekend!
As if that wasn’t busy enough, my wife accepted a new job in June with a start date in August. We’ll be moving in support of that around the end of the month. With that in mind, I’m taking a summer break from the blog (but certainly not a vacation!). I have a few scheduled articles that will take me through the end of July and I’m hoping to have a guest author to cover August until VMworld. I plan to get back to blogging in early September.
Until then, here is a mix of the most popular articles and the ones I really enjoyed writing.
- Puppet – There are two more articles to complete the intro portion. Now that you’re familiar with Puppet, we’ll look at closer integration with vSphere in the Fall.
- Auto Deploy Deep Dive – I was hoping to present this at VMworld but it wasn’t meant to be! Check out the #vBrownBag presentation, too. They’re in the middle of a Cisco track and will be covering Docker on 7/23, good stuff.
- The Philosophy of Ender’s Game – Now that the movie’s out on DVD and cable, it’s a good time to watch it again and do some critical analysis. Preferably on your tablet while piloting a quadcopter drone, both ideas that can be traced back to this novel. This wasn’t very popular, but it was one of my favorite articles to write. It’s always fun to wax philosophical.
- Snapshots Management – Surprisingly, this recent article seems very popular. I shouldn’t be surprised, snapshots continue to be a wildly misunderstood tool that cause problems for even veteran vSphere admins.
- InfoSec and Social Media – This article was a result of attending CPX 2014 and comparing it to VMworld 2013. I had fun writing it, soliciting feedback, and working to do the things I said I would.
- Synology Multi-VLAN Setup – This remains a very popular article. I hope Synology makes VLAN configuration a little smoother in future DSM revisions, but until then, this will get you going.
Have a great summer!
A common problem in virtualization is snapshots. The name “snapshot” makes us (novice or otherwise!) think of a picture in time, which sometimes leads to the belief that the snapshot is “taken” and then stored somewhere, though that’s not how snapshots really work.
In reality, snapshots create a psuedo-consistent state of the virtual disk at that point in time. Subsequent writes in a snapshotted state are redirected to delta files. If you are performing an upgrade, a snapshot is helpful, allowing you to restore the prior system state if there are problems. After a few days, the snapshot loses its value as a restore becomes increasingly unlikely because you would lose the application changes as well. Snapshots also play a role in backups, where they are used temporarily to provide the psuedo-consistent state for the backup utility before the snapshot is deleted.
When a snapshot is deleted, that delta is applied to the base virtual disk(s), playing back through the transactions. Large snapshots take a long time to delete and affect system performance until the consolidation is complete. They can also affect the VM during normal operation as the delta file size increases.
In our ongoing Puppet series, we just completed installing PuppetDB and Hiera. There’s one other installable that’s a bit more complicated than those two.
Since writing this article, the module puppetlabs/mcollective has been updated. In particular, the “middleware => true” parameter is not valid in the base class. I have not had time to revisit this and update the solution. If you have, please drop me a line in the comments!
The last component we’re going to install today is MCollective. While developed by Puppet Labs, MCollective isn’t directly related to Puppet, as PuppetDB and Hiera are. It’s not a Configuration Management tool, it’s an Orchestration API. It does integrate quite well with Puppet and Facter, among other sources. Some things you can do with MCollective might be to query how many systems have 32GB of RAM, how many systems are running a version of OpenSSL vulnerable to Heartbleed, or to restart Apache on all servers in the Development environment. This installation is trickier than either PuppetDB or Hiera.
I’ve seen a few topics recently where people seem to misunderstand what a systems administrator is. The cause for this is likely due to a combination of factors including HR job classifications, some misunderstandings, and also a simple lack of other terms to use. Here’s my definition:
Systems Administration requires that you administer a group of interconnected objects, i.e. a system. One the important components of a modern system is the network, something that actual systems administrators know about. This does not mean that they are experts on each system component, but they are familiar with the components and can perform basic and some intermediate troubleshooting without requiring assistance.
In many cases, it appears that what people are talking about is actually a server administrator, maybe even just a computer operator. If we had an IT union, the only thing I’d want from them is to prevent people (and HR!) from misrepresenting their actual responsibilities.
Is that a good definition of systems administration, and are there better terms we can use? What do you think?