Articles by slowe

You are currently browsing slowe’s articles.

It’s Not Too Late

Friday, May 18, 2012 in Storage by slowe | No comments

It’s not too late to sign up for Spousetivities at EMC World 2012! The conference is upon us next week, and if you have a spouse/partner/friend/family member traveling with you then you owe it to them to check out Spousetivities. More information on the activities, costs, and the ability to actually register for activities can be found on the registration page. Go sign up now!

Here’s a preview of what will be available next week:

Welcome Breakfast on Monday
Wine excursion
Horseback riding in Red Rock Canyon
Spa services through Canyon Ranch Spa at The Venetian

For more information on any of these activities, or to sign up, visit the registration page.

Tags: EMC, EMCWorld2012

Technology Short Take #22

Thursday, May 3, 2012 in Microsoft, Networking, Security, Virtualization by slowe | 5 comments

Welcome to Technology Short Take #22! Once again, I find myself without too many articles to share with you this time around. I guess that will make things a bit easier for you, the reader, but it does make me question whether or not I’m “listening” to the right communities. If any readers have suggestions on sources of information to which I should be subscribing or I should be following, I’d love to hear your suggestions.

In any case, let’s get into the meat of it. I hope you find something useful!

Networking

Trying to learn MPLS? (I am.) I found this article on basic MPLS/VPN on Cisco IOS to be helpful.
If you think your network is appropriately protected against bridging loops, read this article by Ivan Pepelnjak.
Derick Winkworth does a write-up on Infineta and parallelization and how it enables their data center interconnect (DCI) acceleration platform.

Security

I have to agree with Tom Hollingsworth that we often create backdoors by design simply out of our own laziness. I’ve heard it said—in fact I may have used the statement myself—that no amount of security can fix stupidity. That might be a bit strong, but it does apply to the “shortcuts” that we create for ourselves or our customers in our designs.

Servers/Hardware

Kevin Houston (who works for Dell) posted an article about a recent test report comparing power usage between Dell blades and Cisco UCS blades. If you’re comparing these two solutions, find a comparable report from Cisco and then draw your own conclusions. (Always get multiple views on a topic like this, because every vendor—and I know because I work for a vendor, too—will spin the report in their favor.)

Virtualization

Andre Leibovici has a couple of great posts on VMware View. In this article, he discusses how CBRC metadata is handled when the RecomputeDigest_Task is invoked. The second article I saw discusses automating the “Already Used” state in VMware View.
Luc Dekens has a post on how to test if you can unmount a VMFS datastore.
Sammy Bogaert has a nice post summarizing some recommended BIOS settings for HP ProLiant DL580 G7 servers for vSphere.
Ben Armstrong discusses storage migration performance in the upcoming release of Microsoft Hyper-V. He also discusses some storage migration configuration settings in a separate post.
Here’s a “how to” on using esxcli to mask a LUN from ESXi.
This article touts the “benefits” that Windows 8 will bring to virtualized environments, but somehow this seems even more complicated—and more difficult to track—than before. Is it just me?
Duncan Epping helps us understand the need for the das.maskCleanShutdownEnabled setting when we’re also taking advantage of the disk.terminateVMOnPDLDefault advanced setting (very useful in stretched cluster scenarios).
Frank Denneman has a good write-up on the considerations around aggregating multiple storage arrays in a single datastore cluster.
Cody Bunch has launched a new series of articles about running vSphere on an OpenCompute platform. Part 1 is here. I’m looking forward to future installations of this series.
Here’s a nice summary of CLI commands for manipulating VMs on ESXi 5.
Mounting VMFS from Ubuntu Linux? Interesting…
How many people out there have played with/are using VirtualBox? I’m interested in getting any feedback.
Adrian Costea provides a “how to” on adding a vCenter Server to Microsoft SCVMM.
Here’s a design by Paul Kelly that presents a highly redundant vSphere 5 network layout. It’s a sweet layout, leveraging mutliple 10Gb Ethernet links, Nexus 2000s, and Nexus 5000s. At least he admits that it’s costly.
This site has what appears to be some good instructions for getting up and running with oVirt. I say “what appears to be good instructions” because I haven’t yet had the opportunity to walk through these instructions to see how useful they are.

That’s it for this time around. I hope that you have found something useful here. If anyone has any suggestions for sites/forums they’ve found helpful with data center-focused topics, I’d love for you to add that information in the comments.

Tags: Hardware, Microsoft, Networking, Security, VDI, Virtualization, VMware, vSphere, Windows

Carolinas VMware Users Summit 2012

Monday, April 30, 2012 in Virtualization by slowe | 2 comments

This year I have the opportunity to once again join a veritable “who’s who” in virtualization at the Carolinas VMUG Summit on May 15, 2012, in Charlotte, NC. (You can register for the event here.)

There’s quite a line-up planned for this year:

Morning keynote from Satyam Vaghani and Vinay Gaonkar of VMware on the past and future of VMware storage
An afternoon keynote from Jake Howering of Cisco (this should be a good talk on data center interconnects)
Self-paced labs (provided by Varrow)
Instructor-led labs (provided by eGroup, also a Spousetivities sponsor)
A series of breakout session by such luminaries at Alan Renouf, Cody Bunch, Chris Colotti, and more!

All in all, it looks like quite an exciting event. If you’re anywhere near Charlotte, it will probably be worth the time to try to make it to the event.

Tags: Virtualization, VMware

Updated launchd Property List File for Synergy

Monday, April 30, 2012 in Macintosh by slowe | No comments

After posting my article on running the Synergy server automatically on OS X Lion, a reader added a comment suggesting that it wasn’t recommended to use a shell script to launch a process via launchd. I haven’t been able to find any information to back up that recommendation, but I did create a new launchd property list file that doesn’t require (or use) a shell script to start synergys.

Here’s the updated property list file:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE plist PUBLIC "-//Apple Computer/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>org.synergy-foss.synergys</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/bin/synergys</string>
                <string>-f</string>
                <string>-c</string>
                <string>/etc/synergy.conf</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>ServiceDescription</key>
        <string>Synergy server daemon</string>
</dict>
</plist>

After making the changes and rebooting, everything seems to work just fine. Thanks for the tip!

Tags: Macintosh, OSS

Spousetivities at EMC World 2012

Friday, April 27, 2012 in General, Storage by slowe | 2 comments

This year at EMC World 2012 (being held once again in Las Vegas, NV), Spousetivities returns for their second year at EMC’s user conference. As usual, my wife Crystal—who founded and runs Spousetivities—has a great set of activities planned for any spouses, partners, family members, or friends that will be traveling with EMC World conference attendees. (EMC’ers: those of you attending the TC Conference can have your traveling companions attend Spousetivities too!)

If you haven’t heard of Spousetivities, it’s a company that Crystal created to organize and carry out activities for spouses, families, friends who are traveling with conference attendees to major IT conferences. Spousetivities had its birth at VMworld US, but has since spread to VMworld EMEA, EMC World, Dell Storage Forum, and HP Discover EMEA. (And more companies are waiting in the wings!) It’s a great way to keep your family involved and with you when you have to travel to a conference. In today’s day and age of hectic schedules and trying to keep up with everything at work, this is a nice way to add a bit of balance to your life.

But enough of that—let’s talk about the activities. Here’s a sneak peek at what Crystal and Spousetivities has planned:

Keeping with Spousetivities tradition, there’s a Welcome Breakfast scheduled for Monday, May 21, at the Canyon Ranch Spa at The Venetian (the conference hotel). Even if you’re not interested in eating, you should plan on coming to this anyway for a chance to win one of several great giveaways! (iPad, anyone?)
After breakfast on Monday, Crystal’s organized a wine excursion—complete with a limo ride to the winery. But don’t worry if you can’t make it on Monday, because there’s another one scheduled for Wednesday!
On Tuesday, there is an option for horseback riding in Red Rock Canyon. Lunch is included, naturally.
There is also a full set of spa services available through Canyon Ranch Spa, with exclusive Spousetivities discounts. Different options are available on Sunday, Monday, Tuesday, Wednesday, and Thursday, so there are plenty of options to fit into your schedule!

Even if none of these activities sounds great to your spouse/partner/companion, I really encourage you to at least get him or her to attend the Welcome Breakfast. I’ve heard lots of stories of participants meeting up at the breakfast and just hanging out with each other during the conference. Some great friendships have been forged at Spousetivities!

Space is limited for all these events, so sign up at the registration page as soon as you can. Trust me—your spouse (or partner or family member or friend) will thank you.

Tags: EMC, EMCWorld2012

VMware End-User Computing Virtual Conference

Thursday, April 26, 2012 in Virtualization by slowe | No comments

VMware is holding an “End User Computing Virtual Conference” next week. Here’s the text of the announcement/invitation that I saw (and yes, I made sure that VMware was OK with me posting it here so that others could attend if interested):

Please join VMware as we discuss the next step forward in end-user computing for the post-PC era.

Watch Vittorio Viarengo, VP of End-User Computing, discuss the latest advancements in the VMware End-User Computing Platform. Understand how VMware provides solutions to simplify traditional technology silos, enable policy driven management, and connect people to technology and each other in new and collaborative ways.

This event will provide you with an opportunity to:

Attend a live keynote from the VMware leadership team

Learn about the latest innovations in the VMware End-User Computing portfolio

Chat with VMware End-User Computing product experts

Network with peers

Looking forward to seeing you there. Click here to register.

The VMware End-User Computing Team

The virtual conference is next Thursday, May 3, from 8:30 AM Pacific Time until 1:30 PM Pacific Time. If you’re interested in end-user computing, it might be worth your time to tune in and see what VMware has to share. (I don’t have any inside knowledge on exactly what’s being shared.)

Tags: VDI, Virtualization, VMware

Running Synergy Server Automatically on OS X Lion

Tuesday, April 24, 2012 in Macintosh by slowe | 2 comments

In November of last year, I wrote this article on how I was using Synergy to share a single keyboard and mouse across two Mac laptops and an Ubuntu Linux laptop. At that time, my 13″ MacBook Pro was the Synergy server and used ControlPlane to automatically start or stop the Synergy server process. ControlPlane looked at whether the laptop was connected to the 24″ LED Cinema Display (which meant I was in my home office); if so, it launched the Synergy server. When it was disconnected from the display, it killed the Synergy server. For the most part, this setup worked reasonably well.

However, I recently acquired a new dual quad-core Mac Pro workstation, and as part of the setup for the new Mac Pro I wanted it to be the new Synergy server. This would make things easier; the 13″ MacBook Pro would then only need to know whether or not it needed to run the Synergy client, and the Synergy server process could simply run full-time on the Mac Pro. However, in order to do that, I needed to configure the Mac Pro (running OS X Lion 10.7.3) to run synergys automatically. Here’s how I did it.

First, I wrote a simple shell script that checks for the presence of synergys already running. If synergys is already running, do nothing; otherwise, start synergys. Here’s the shell script:

#!/bin/sh
# Startup script for the Synergy server component

# Check for synergys running
number=$(ps ax | grep "[/]synergys" | wc -l)

# Start synergys in foreground if not already running
if [ $number -gt 0 ]
then
        echo Running
else
        /usr/bin/synergys -f -c /etc/synergy.conf
fi

Based on the testing I’ve done so far, this script works well. If you’re a shell scripting expert and have a better way of handling this, let me know (I’m always open to suggestions for improvement).

The next step was to configure launchd to automatically run this shell script—and therefore run synergys—every time I booted the Mac Pro. To do this, I created a property list file, also known as a plist file, in the /Library/LaunchAgents directory. I named the file org.synergy-foss.synergys.plist, but you can use a different name if you wish.

Here’s the contents of the plist file I created:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE plist PUBLIC "-//Apple Computer/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>org.synergy-foss.synergys</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/local/bin/synlaunch.sh</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>ServiceDescription</key>
        <string>Synergy server daemon</string>
</dict>
</plist>

Of course, synergys also needs its configuration file. You can read about the configuration file I used in my original Synergy article. I modified it slightly to remove the double-tap feature and to add corners where the cursor wouldn’t switch screens (to make it easier to get to the Apple and Spotlight menus).

With the configuration file, shell script, and property list file in place, I rebooted the Mac Pro. Once the Mac Pro was booted, a netstat -tan | grep LISTEN showed that synergys was listening on the default port of TCP 24800. I then launched synergyc on the 13″ MacBook Pro and it connected flawlessly. Continued testing did not show any problems. The only final step was to reconfigure ControlPlane to start or stop synergyc—the client portion of Synergy—in response to whether the laptop was docked.

So, if you’re in a need to have the Synergy server run automatically on your Mac OS X system, this information should get you up and running. If you have any questions, clarifications, or suggestions for improvements, I encourage you to speak up the comments below.

Tags: Macintosh, OSS

SRM and Stretched Clusters Webinar

Monday, April 23, 2012 in Storage, Virtualization by slowe | No comments

This coming Thursday, April 26, I’ll be participating in an EMC webinar titled “Best Practices: When and How to Use Stretched Clusters.” (I wanted to title it as “Current Recommended Practices,” but the marketing group shot me down.) The webinar starts at 8 AM PT/9 AM MT/11 AM ET.

This webinar will discuss whether stretched clusters or a solution like VMware Site Recovery Manager is a better fit for your needs, as well as provide some guidelines around the use of stretched clusters as of vSphere 5.0.

If you’re interested in registering for the webinar, visit the registration page and sign up. Thanks!

Tags: EMC, Storage, Virtualization, VMware

Technology Short Take #21

Thursday, April 12, 2012 in Networking, Security, Storage, Virtualization by slowe | 1 comment

It’s been a while since I published my last Technology Short Take (found here), and in browsing my list of saved links I find that I don’t really have that many to share. Which then leads to me to ask the question, “Why?” I think it’s because I’ve been sharing lots of stuff via my Twitter account.

In any event, here are some older links that I’ve been saving up to share with you. Many of these posts are a bit older, but I’m including them here just in case someone missed them earlier. As usual, I hope that you find something useful here!

Networking

Derick Winkworth describes data center networking as “a messy pile of discombobulated garbage” in his post on the sad state of data center networking. As someone simply observing developments in data center networking from the outside while desperately trying to keep up, now I don’t feel so bad that I don’t necessarily get all of it.

Security

Pardon me for the self-promotion, but in order to prevent the ranks of the 600K Macs infected with Flashback from growing, I’d recommend you have a look at this list of 8 things to help secure your Mac. Also, for more details on the latest Flashback variant, see here.
Interesting information on a potential VMware security vulnerability is available here. vSphere 5 is not affected.

Storage

I posted this article on Twitter, but wanted to share it here as well. This post by Richard Elling on IOPS and latency is, in my opinion, a must-read.

Virtualization

I’ve really enjoyed several of Frank Denneman’s SDRS-related articles. His article on SDRS initial placement and datastore cluster defragmentation was really good and in-depth (as are most, if not all, of his articles). Also good was the article on anti-affinity rules and HA interoperability and the post on SDRS load balancing with array-based auto-tiering. Good stuff—thanks Frank.
Speaking of array-based auto-tiering, Michael Webster clears up any potential confusion about support for using Storage I/O Control with EMC FAST.
A couple of Michael Webster’s other posts also made it into my list of “things to mention”: this post on jumbo frames on vSphere 5 (with more results from vSphere 5 Update 1) and this post on CA SSL certificates and vCenter 5.
Dave Hill has a great series on vCloud Director going on. Check out the different parts of this series (part 1, part 2, part 3, and part 4 on his site.

That’s going to do it this time around. Feel free to speak up in the comments below to add your thoughts, other links you’ve found useful, or anything else. Thanks!

Tags: Networking, Security, Storage, Virtualization, VMware

8 Things to Help Keep Your Mac Secure

Monday, April 9, 2012 in Macintosh, Security by slowe | 9 comments

As the recent spate of Mac-specific malware shows, Mac OS X is not immune to security problems. (Not that this is really surprising to anyone.) To be honest, though, I was—until recently—fairly confident that my systems were reasonably secure. However, a Twitter conversation with security guru Christofer Hoff (aka @Beaker) convinced me that I wasn’t doing enough. The appearance of the Flashback.K trojan, which can install itself even without administrative privileges, confirmed that he was right—I wasn’t doing enough. (No, I didn’t get infected.)

Upon thinking about it a bit more, I realized that if I wasn’t doing enough as a pretty savvy user, then a lot of people probably weren’t doing enough. So, here’s a breakdown of my Mac defense strategy. Perhaps sharing what I’m doing with others will encourage them to improve their security posture as well.

I use the BSD-level ipfw firewall. Mac OS X is, at its core, built on FreeBSD. This powerful UNIX layer offers an equally powerful stateful firewall in the form of ipfw. If you aren’t using ipfw, I’d encourage you to take a long, hard look at starting to use it. It provides a powerful ruleset to give you tremendous control over the types of traffic that are allowed into (and out of) your Mac. To help encourage people to use it, I recently published an article on how to configure ipfw on Mac OS X.(Keep in mind that Mac OS X 10.7 “Lion” prefers pf instead of ipfw. I hope to post an article on that soon as well.)
I use the built-in Mac OS X application-level firewall. Mac OS X ships with a pretty GUI for a built-in application-level firewall in System Preferences. I recommend that you turn it on, and select which applications you want to accept incoming connections. Some people have asked “Why both firewalls?” This is a fair question. The built-in application-level firewall simply allows or denies inbound traffic on a per-application level, but doesn’t—to my knowledge—offer any more granularity than that. Using the built-in application-level firewall in conjunction with the BSD-level ipfw (or pf) firewall gives you the ability to specify which source addresses or networks are allowed to make connections to applications. This means that you can allow iTunes connections at the built-in firewall layer, and then use ipfw (or pf) to only allow connections from your home network subnet.
I use an outbound application-level firewall. The built-in Mac OS X firewall in System Preferences only controls inbound traffic. What about outbound traffic? Do you know what processes and applications on your system are communicating with the outside world? I use Little Snitch, which I believe to be an excellent choice in this area. (No, I don’t have any affiliation with Objective Development.) Little Snitch gives you the visibility to know what applications and processes are communicating and on which protocols and ports.
I use an account without administrative privileges for my day-to-day use. While this won’t thwart all security problems—Flashback.K still works, for example—it’s still a good idea. I also recommend that you only install applications using a separate account with administrative privileges. This forces you to log off, log on as the administrative user, then install your application(s). While this is a bit of a hassle, the security trade-off is, in my opinion, worth it.
I disabled the opening of “Safe” files. Safari has this feature enabled by default. I recommend that you turn it off, and check to make sure it’s turned off in other applications as well.
I use an AV application. Yes, yes, I know—Macs don’t get viruses. Tell that to the 600,000 Macs infected with the Flashback trojan. And while Flashback isn’t technically a virus, at this point you’re just splitting hairs. I’m using the free Sophos AV Home Edition for the Mac and feel that it is pretty good, but there are numerous others. Find one and use it. (This is a recent addition to my own security strategy.)
I do my best to stay updated. I encourage you to run Software Update on a regular basis. If you’ve followed the advice of #4, this means you’ll need to log in as an administrator and run Software Update. Make it a point to check regularly.
I don’t run the standalone Adobe Flash Player. Instead, I use Google Chrome when Flash is required, which comes with its owned patched version of Adobe Flash that is generally regarded (last time I checked) to be a bit safer than the standalone version of Flash. Yes, this means that I need to switch back and forth between browsers (Safari for day-to-day use, Chrome for Flash use), but this is a task that AppleScript easily solves.

While these 8 things aren’t going to guarantee that my Mac (or yours, should you choose to follow them as well) will never be exploited, I do feel that they provide a reasonable level of protection. Safe computing (and safe browsing) is still required; no amount of security can protect against stupidity. But when combined with security awareness and safe computing/browsing, I feel that these measures will provide the level of protection that I need.

(BTW, there are other network-level protections that I have in place as well, but I didn’t include them here as the focus of this article is on the Mac itself.)

If you have any additional suggestions for helping keep your Mac secure, please feel free to speak up in the comments. Every suggestion can help!

Tags: Macintosh, Security

« Older entries