Last week, I had the pleasure of catching up with a new startup called Runecast. These guys are doing something that is very close to my heart. As systems become more and more complex, and with fewer people taking on more responsibility, highlighting potential issues, and providing descriptive guidance to resolving an issue is now critical. This is something that is resonating in the world of HCI, hyper-converged infrastructure, where the vSphere administrator may also be the storage administrator, and perhaps the network administrator too. This is where Runecast come in. Using a myriad of resources such as VMware’s Knowledgebase…
Before I get into this post, I do want to highlight that you probably will not do this in any production type environment. The reason why I implemented this, and how this post came about, is because I was helping out with our new edition of the VSAN 6.2. Hands-On-Lab (which should be available imminently by the way). Part of the lab involved demonstrating checksum functionality. Since VSAN has a distributed architecture, there was a requirement to run commands on different hosts. Rather than having lab participants input the password each and every time to run a command on the…
I’ve had an opportunity recently to get some hands-on with HyTrust’s Data Control product to do some data encryption of virtual machine disks in my Virtual SAN 6.0 environment. I won’t deep dive into all of the “bells and whistle” details about HyTrust – my good buddy Rawlinson has already done a tremendous job detailing that in this blog post. Instead I am going to go through a step-by-step example of how to use HyTrust and show how it prevents your virtual machine disk from being snooped. In my case, I am encrypting virtual machine disks from VMs that are…
This came up in a conversation today. Does VMware’s Software iSCSI implementation support Internet Protocol Security (IPsec) in vSphere 5.1? Internet Protocol Security (IPsec) secures IP communications coming from and arriving at an ESXi host. Although KB article 1021769 states that IPv6 is compatible with Software iSCSI, it doesn’t state whether or not IPsec is supported with Software iSCSI. To find this information, you have to reach for the vSphere Security Guide. Under the section ‘Securing iSCSI Devices Through Authentication’, it states: ESXi does not support Kerberos, Secure Remote Protocol (SRP), or public-key authentication methods for iSCSI. Additionally, it does not…