Cloud Praxis #2 : Let’s build some on-prem Infrastructure

daisettalabs large logo

If you haven’t seen the opening post in this series, I encourage you to read it.The TL;DR version is this: I’m an IT guy in Infrastructure supporting the Microsoft stack, specializing mostly in virtualization & storage. I’ve been in IT for almost 15 years now and I love what I do, but what I do is being disrupted out of existence by the Microsoft cloud. 

Cloud Praxis is my response. It’s a response addressed to my situation and to other IT guys like me. It’s a response & a method that’s repeatable, something you can practice, hone, and master. That’s how I learn- hands-on experimentation. Like the man Cicero said at the top of the mission patch above, “Constant practice devoted to one subject often outdoes both intelligence and skill.” 

Above all, Cloud Praxis is a recognition that the 1) The Microsoft cloud is real & it’s here to stay, 2) my skills are entirely based in the old on-prem model, 3) I better adapt to the new regime, lest I find myself irrelevant, 4) it’s urgent that I tackle this weakness in my portfolio; I can’t wait on my workplace to adopt the cloud, I need some puffy cloud stuff in my CV post-haste, not next year or in two years. 

This is I how did it.

It may not be the Technet way, or the only way, but it was my way. And I’m sharing it with you because maybe you’re like me; a mid-career IT generalist with a child partition at home, perhaps a little nervous about this cloud thing yet determined to stay competitive, employable and sharp. Or maybe you are just a fellow seeker of #InfrastructureGlory.

If that’s the case, join me; I’ll walk you through the steps I took get a handle on this thing.

Oh, it’s also a lot of fun. Join me!

[table caption=”PRAXIS #2 : BUILD THEE SOME INFRASTRUCTURE – Infrastructure Requirements”]

Item Type,Suggested Config, Cost,License?,Notes

Compute/Storage,A PC with at least 16GB RAM & ethernet, Depends, No, Needs to be virutalization capable

Compute/Hypervisor,Windows 8.1 Pro or Ent, $200 or free 90 day eval, Yes, 2012 R2 eval works too

VM OS,Windows 2008 R2-2012R2 Standard, $0 with 90 day eval, Yes, Timer starts the day you install

Network,Always-on high speed internet at home/work,$-,No,Obviously [/table]

The very first step on our path to #InfrastructureGlory in the Microsoft Cloud is this: we need to build ourselves some on-prem infrastructure of sufficient size & scope to simulate our workplace infrastructure.

The good news is that the very same technology that revolutionized Infrastructure 4-5 years ago (virtualization) is now available downmarket, so downmarket in fact that you can build an inexpensive yet capable virtualization lab on a cheap consumer-level PC your family can use at home.

And you don’t even need a server OS on your parent partition to do this. As remarkable as it sounds, you can build a simple virtualization lab on consumer hardware running (at minimum) Windows 8.1 Pro as long as your PC is 1) virtualization capable and 2) has sufficient memory (16GB RAM but I suppose you could get by with as little as 8GB) and 3) storage resources and 4) a NIC (the one in your motherboard will likely work fine, just connect it to your home router).

If you don't have this installed on your Windows 8 machine, you're missing out.
If you don’t have this installed on your Windows 8 machine, you’re missing out.

How’s this possible?

Client Hyper-V baby. It’s the first and only feature you need to build a modest virtualization lab at home on your road to #InfrastructureGlory in the cloud. Client Hyper-V has about 60% of the features server Hyper-V has and uses a common management snap-in and cmdlets. You can’t build a converged fabric switch in Client Hyper-V nor play around with LACP and Live Migration, but at this scale, you don’t need to. You just need a place to park two or three VMs, an ethernet adapter on top of which you’ll build a virtual switch, and a bit of storage space for your VMs.

And some focus & intensity. I’m a virtualization guy and anything prefixed with a “v” gets me excited. It’s easy to get distracted in lab work, but my advice is to keep it simple and keep your focus where it belongs: Azure & Office 365. As much as I love virtualization, it’s just a bit player now.

Now What? 

Broadly outlined, here’s what you need to do once you’ve got your lab infrastructure ready.

  1. Make with the ISO downloads!: Check with your IT management and ask about your organization’s licensing relationship with Microsoft and/or the reseller your group works with. You might be surprised by what you find; though Microsoft has stopped selling Technet subscriptions to individuals, if your IT group has an Enterprise Agreement, Software Assurance, or MSDN subscriptions, you may be able to get access to those Server products under those licensing schemes. See how far your boss lets you take this; some licenses, for instance, give you $100 worth of credit in Azure, something I’m taking advantage of right now. I am not a licensing expert though, so read the fine print, get sign-off from your boss before you do anything with licensed products and understand the limitations.
  2. Consider your workplace Domain Functional level: If you are at 2008 functional level at work, try to get the Server 2008 iso. If you’re at (gasp!) 2003, get that iso if you can and start reading up on Domain Functional Levels & dirsync requirements. I see some Powershell in your future. At my work, we’re relatively clean & up to date in AD: Forrest functional level is at 2012, limited only by Exchange 2010 at this point (haven’t done the latest roll-up that supports 2012 R2). The idea here is to simulate, to the greatest degree possible, your workplace-to-cloud path.
  3. Build at least two VMs: You can follow the process as outlined here on Technet. VM1 is going to be your domain controller, so if you’re at 2008 functional level at work, build a 2008 VM. Your second VM will host dirsync and other cloud utilities. Technet says it can run 2012 R2, so you can use that. In my lab, I stood up a 2008 R2 server for this purpose
  4. Decide on a domain name: Now for some fun. You need to think of a routable domain name for your Windows domain, unless your workplace is on a .local or other non-routable domain. My workplace’s domain is routable, so I built a routable domain in the lab, then took the optional next step: I purchased the domain name from a registrar ($15) as this most closely simulates my workplace (on-prem domain matching internet domain) You should do the same unless you’re really confident in yourself; this step is very important for the next stage as we start to think about User Principal Name attributes and synchronizing our directory with Office 365 via Windows Azure.

And that, friends, is how Daisetta Labs.net* was born. I needed a domain name. Agnostic Computing.com was taken by some jerk blogger and I wanted something fast.

In retrospect, it might have been better to use Agnostic Computing.com as my lab domain because that’s a more realistic scenario; in the real world, I gots me some internet infrastructure tied to my routable domain and a 3rd party DNS host. I also gots me some on-prem Windows domain infrastructure tied to a routable domain name tied to my Windows DNS infrastructure on-prem. If you’re rusty on DNS, this is your chance to get up to speed as it’s everything in Microsoft-land.

On the domain name itself; pick a domain name and have some fun with it but maintain a veneer of professionalism and respectability. I want you to be able to put this on your resume, which means someone might ask you about it someday. If you take the next step and buy a domain from a registrar, you’ll want a domain name you’re not ashamed to have as an SMTP address.

In Cloud Praxis #3, we’re going to take some baby steps into Office 365. Hope you check back tomorrow!

*Some readers have asked me what a Daisetta is, and why it’s a lab. Not sure how to answer that. Maybe Daisetta is the name of my first love; or my first pet dog. Perhaps it’s a street name or a place in Texas, or maybe it’s the spirit of innovation & excitement that propels me forward, that compels me to build a crazy home lab. Or maybe it’s a fugazi, fogazzi, it’s a wazzi, it’s a woozie..it’s fairy dust.

fogazzi

 

Been iterating so fast, log file can’t keep up

Sorry for the lack of content lately; between the hyperactive child partition redlining my cpu and hogging all my spare bandwidth for himself and some interesting developments at work (Why hello there spare MSDN sub and $100/month in Azure credits! and testing out a certain OpsMan package I raved about in March), Agnostic blogging has virtually ground to a standstill. Fail.

I promise some good stuff tomorrow and in the days that follow, including:

  • How to Win the Cloud Wars @ Home and Join the Battle for them at Work
  • So long iSCSI & Block storage, I found a new love : SMB 3 Multicast

 

Windows Phone? More like #WindowsFun with @Nokia Cinemagraph app

Some blatant fanboism here, but what’s not to like?

  • Child partition dancing
  • High quality optics
  • Fun camera app
  • Outputs to animated gif, the only truly agnostic video format out there

WP_20140501_19_43_28_Cinemagraph_export

Building something like this used to involve about 15 hours on the PC, a fast camera, a copy of Paint Shop Pro, and some serious patience and tolerance for folder sprawl.

Now I’m doing it on a phone in seconds, and I don’t even have to think about it. I can even do what were once difficult color modifications, holding the phone with one hand, and the dog’s leash with the other.

Of course, as a new dad, I’m a sucker for gimmicky pics, almost going out of my way to get them. Credit/blame to Google+ here; they sort of reintroduced the animated gif genre and burned probably thousands of compute hours just to try and impress me with Auto Awesome. Some have been gems, most have been duds. Thanks for the free compute G+!

In contrast, Nokkia’s Cinemagraph is hands-on. It’s not hard to use, but you have to visualize your shot, hold your phone steady, and frame the action. Then you press the screen and a few seconds later, you can introduce some neat & fun little effects.

And then you hit the save button, and the little Snapdragon inside gets busy and builds what you see above.

Gimmicky? Sure. But this is my gimmick, damnit, not a G+ cron job.

Final note: when are Facebook & Twitter going to man up and allow us to post animated gifs? I’m tired of having to use that other old yet fully agnostic communications protocol (SMTP) to share my cheesy dad pics with the fam.

Google lets me post these to G+ (if only someone were there to see them). My rinky-dink blog sitting on a shared LAMP server in some God-forsaken GoDaddy datacenter has no problem hosting these ineffecient but highly useful animated gifs.

Hell, I bet you can post animated gif shots to Yammer.

Yet Zuck & mighty Twitter can’t handle animated gifs. Sissies.

Fail File : SAN down! SAN down! All Nodes respond

Introducing Fail File #1, where I admit to screwing something up and reflect on what I’ve learned

SAN2.daisettalabs.net, the NAS4Free server I built to simulate some of the functions I perform at work with big boy SANs, crashed last night.

Or, to put it another way, I pushed that little AMD-powered, FreeBSD-running, Broadcom-connected, ZFS-flavored franken-array to the breaking point:

Untitled picture
Love the directness of BSD. The iSCSI Target process was killed in cold blood, resulting in the death of several child partitions. What’s more, in just a few words, I have the suspect (Kernel) the motive (swap space) & the victim (iSCSI). Windows would have said, “The service terminated unexpectedly…error 0x081942ad-SOL”

 

Such are the perils of concentrated block storage, amiright? Instantly my Hyper-V Cluster Shared Volumes + the 8 or 9 VMs inside them dropped:

csvs

So what happened here?

I failed to grok the grub or fsck the fdisk or something and gave BSD an inadequate amount of swap space on the root 10GB partition slice. Then I lobbed some iSCSI packets its way from multiple sources and the kernel, starved for resources (because I’m using about 95% of my RAM for the ARC), decided to kill istgt, the iSCSI target service.

Thinking back to the winter, when I ran Nexenta -derived from Sun’s Solaris, not BSD-based- the failure sequence was different, but I’m not sure it was better.

When I was pounding the Nexenta SAN2 back in the winter, volleying 175,000+ iSCSI packets per second its way onto hardware that was even more ghetto, Nexenta did what any good human engineer does: compensate for the operator’s errors & abuses.

It was kind of neat to see. Whether I was running SQLIO simulations, an iometer run, robocopy or eseutil, or just turning on a bunch of VMs simultaneously, one by one, Nexenta services would start to drop as resources were exhausted.

First the gui (NMV it’s called). Then SSH. And finally, sometimes the console itself would lock up (NMC).

But never iSCSI, the disk subsystem, the ARC or L2ARC…those pieces never dropped.

Now to be fair, the GUI, SSH & console services never really turned back on either….you might end up with a durable storage system you couldn’t interact with at all until hard reset, but at least the LUNs stayed online.

This BSD box, in contrast, kills the most important service I’m running on it, but has the courtesy to admit to it and doesn’t make me get up out of my seat: GUI/SSH all other processes are running fine and I’ve instantly identified the problem and will engineer against it.

One model is resilient, bending but not breaking; the other is durable up to a point, and then it just snaps.

Which model is better for a given application?

Fail File Lesson #1: It’s just as important to understand how things fail as it is to understand why they fail, so that you can properly engineer against it. I never thought inadequate swap space would result in a homicidal kernel gunning for the most important service on the box…now I know.

Labworks 2:5-8 – Get-Me -ConvergedSwitching -For “Hyper-V” | Now-Please

Hello Labworks fans, detractors and partisans alike, hope you had a nice Easter / Resurrection / Agnostic Spring Celebration weekend.

Last time on Labworks 2:1-4, we looked at some of the awesome teaming options Microsoft gave us with Server 2012 via its multiplexor driver. We also made the required configuration adjustments on our switch for jumbo frames & VLAN trunking, then we built ourselves some port channel interfaces flavored with LACP.

I think the multiplexor driver/protocol is one of the great (unsung?) enhancements of Server 2012/R2 because it’s a sort of pre-virtualization abstraction layer (That is to say, your NICs are abstracted & standardized via this driver before we build our important virtual switches) and because it’s a value & performance multiplier you can use on just about any modern NIC, from the humble RealTek to the Mighty Intel Server 10GbE.

But I’m getting too excited here; let’s get back to the curriculum and get started shall we?

Goals

5.  Understand what Microsoft’s multiplexor driver/LBFO has done to our NICs

6. Build our Virtual Machine Switch for maximum flexibility & performance

7. The vEthernets are Coming

8. Next Steps: Jumbo frames from End-to-end and performance tuning

Schematic:

Lab 2 - Daisetta Labs overview

2:5 Understand what Microsoft’s Multiplexor driver/LBFO has done to our NICs

So as I said above, the best way to think about the multiplexor driver & Microsoft’s Load Balancing/Failover tech is by viewing it as a pre-virtualization abstraction layer for your NICs. Let’s take a look.

Our Network Connections screen doesn’t look much different yet, save for one new decked-out icon labeled “Daisetta-Team:”

daisettateam

Meanwhile, this screen is still showing the four NICs we joined into a team in Labworks 2:3, so what gives?

A click on the properties of any of those NICs (save for the RealTek) reveals what’s happened:

Egads! My Intel NIC has been neutered by LBFO
Egads! My Intel NIC has been neutered by LBFO

The LBFO process unbinds many (though not all) settings, configurations, protocols and certain driver elements from your physical NICs, then binds the fabulous Multiplexor driver/protocol to the NIC as you see in the screenshot above.

In the dark days of 2008 R2 & Windows core, when we had to walk up hill to school both ways in the snow I had to download and run a cmd tool called nvspbind to get this kind of information.

Fortunately for us in 2012 & R2, we have some simple cmdlets:

daisettateam3

So notice Microsoft has essentially stripped “Ethernet 4” of all that would have made it special & unique amongst my 4x1GbE NICs; where I might have thought to tag a VLAN onto that Intel GbE, the multiplexor has stripped that option out. If I had statically assigned an IP address to this interface, TCP/IP v4 & v6 are now no longer bound to the NIC itself and thus are incapable of having an IP address.

And the awesome thing is you can do this across NICs, even NICs made by separate vendors. I could, for example, mix the sacred NICs (Intel) with the profane NICs (RealTek)…it don’t matter, all NICs are invited to the LBFO party.

No extra licensing costs here either; if you own a Server 2012 or 2012 R2 license, you get this for free, which is all kinds of kick ass as this bit of tech has allowed me in many situations to delay hardware spend. Why go for 10GbE NICs & Switches when I can combine some old Broadcom NICs, leverage LACP on the switch, and build 6×1 or 8x1GbE Converged LACP teams?

LBFO even adds up all the NICs you’ve given it and teases you with a calculated LinkSpeed figure, which we’re going to hold it to in the next step:

4GbS LACP team sounds great, but is it really 4Gb/s?
4GbS LACP team sounds great, but is it really 4Gb/s?

2:6 Build our Virtual Machine Switch for maximum flexibility & performance

If we just had the multiplexor protocol & LBFO available to us, it’d be great for physical server performance & durability. But if you’re deploying Hyper-V, you get to have your LBFO cake and eat it too, by putting a virtual switch atop the team.

This is all very easy to do in Hyper-V manager. Simply right click your server, select Virtual Switch Manager, make sure the Multiplexor driver is selected as the NIC, and press OK.

Bob’s your Uncle:

daisettaconverged1

But let’s go a bit deeper and do this via powershell, where we get some extra options & control:

PS C:usersjeff.DAISETTALABS> new-vmswitch -NetAdapterInterfaceDescription “Microsoft Network Adapter Multiplexor Driver” -AllowManagementOS 1 -MinimumBandwidthMode Weight -name “Daisetta-Converged”

Let’s go through each of these:

  • New-vmswitch : the cmdlet we’re invoking to build the switch. Run get-help new-vmswitch for a rundown of the cmdlet’s structure & options
  • -NetAdapterInterfaceDescription : here we’re telling Windows which NIC to build the VM Switch on top of. Get the precise name from Get-NetAdapter and enclose it in quotes
  • -Allow ManagementOS 1 : Recall the diagram above. This boolean switch (1 yes, 0 no) tells Windows to create the VM Switch & plug the Host/Management Operating System into said Switch. You may or may not want this; in the lab I say yes; at work I’ve used No.
  • -Minimum Bandwidth Mode Weight: We lay out the rules for how the switch will apportion some of the 4Gb/s bandwidth available to it. By using “Weight,” we’re telling the switch we’ll assign some values later
  • Name: Name your switch

A few seconds later, and congrats Mr. Hyper-V admin, you have built a converged virtual switch!

2:7 The vEthernets are Coming

Now that we’ve built our converged virtual switch, we need to plug some things into it. And that starts on the physical host.

If you’re building a Hyper-V cluster or stand-alone Hyper-V host with VMs on networked storage, you’ll approach vEthernet adpaters differently than if you’re building Hyper-V for VMs on attached/internal storage or on SMB 3.0 share storage. In the former, you’re going to need storage vEthernet adpters; in the latter you won’t need as many vEthernets unless you’re going multi-channel SMB 3.0, which we’ll cover in another labworks session.

I’m going to show you the iSCSI + Failover Clustering model.

In traditional Microsoft Failover Clustering for Virtual Machines, we need a minimum of five discrete networks. Here’s how that shakes out in the Daisetta Lab:

[table]

Network Name, VLAN ID, Purpose, Notes

Management, 1, Host & VM management network, You can separate the two if you like

CSV, 14, Host Cluster & communication and coordination, Important for clustering Hyper-V hosts

LM, 15, Live Migration network, When you must send VMs from broke host to host with the most LM is there for you

iSCSI 1-3, 11-13, Storage, Soemwhat controversial but supported

[/table]

Now you should be connecting that dots: remember in Labworks 2:1, we built a trunked port-channel on our Cisco 2960S for the sole purpose of these vEthernet adapters & our converged switch.

So, we’re going to attach tagged vethernet adapters to our host via powershell. Pay attention here to the “-managementOS” tag; though our Converged switch is for virtual machines, we’re using it for our physical host as well.

You can script his out of course (and VMM does that for you), but if you just want to copy paste, do it in this order:

  • Add the vEthernets
add-vmnetworkadapter -managementos -name CSV -switchname Daisetta-converged
add-vmnetworkadapter -managementos -name iSCSI-1 -switchname Daisetta-converged add-vmnetworkadapter -managementos -name iSCSI-2 -switchname Daisetta-converged
add-vmnetworkadapter -managementos -name iSCSI-3 -switchname Daisetta-converged
add-vmnetworkadapter -managementos -name LM -switchname Daisetta-converged
  • Tag those vEthernets!
Set-VMNetworkAdapterVlan -ManagementOS -Access -VlanId 15 -VMNetworkAdapterName LM
Set-VMNetworkAdapterVlan -ManagementOS -Access -VlanId 14 -VMNetworkAdapterName CSV
Set-VMNetworkAdapterVlan -ManagementOS -Access -VlanId 13 -VMNetworkAdapterName iSCSI-3
Set-VMNetworkAdapterVlan -ManagementOS -Access -VlanId 12 -VMNetworkAdapterName iSCSI-2
Set-VMNetworkAdapterVlan -ManagementOS -Access -VlanId 11 -VMNetworkAdapterName iSCSI-1
  • Now set IPs
New-NetIPAddress -IPAddress 172.16.14.12 -InterfaceAlias "vEthernet (CSV)" -AddressFamily IPv4 -PrefixLength 24
 
New-NetIPAddress -IPAddress 172.16.15.12 -InterfaceAlias “vEthernet (LM)” -AddressFamily IPv4 -PrefixLength 24
New-NetIPAddress -IPAddress 172.16.13.12 -InterfaceAlias "vEthernet (iSCSI-3)" -AddressFamily IPv4 -PrefixLength 24
New-NetIPAddress -IPAddress 172.16.12.12 -InterfaceAlias "vEthernet (iSCSI-2)" -AddressFamily IPv4 -PrefixLength 24
New-NetIPAddress -IPAddress 172.16.11.12 -InterfaceAlias "vEthernet (iSCSI-1)" -AddressFamily IPv4 -PrefixLength 24
 

Notice we didn’t include a Gateway in the New-NetIPAddress cmdlet; that’s because when we built our Virtual Switch with the “-managementOS 1” switch attached, Windows automatically provisioned a vEthernet adapter for us, which either got an IP via DHCP or took an apipa address.

So now we have our vEthernets and their appropriate VLAN tags:

daisettaconverged2
Ignore the DMZ vEthernet for now. Notice Daisetta-Converged, our VM Switch, is seen as a VMNetworkAdapter and is untagged. In my lab, this interface functions as my Host Management interface. In a production scenario, you’ll probably use separate vEthernet adapters for Host Management and not expose the switch itself to the management OS

 

 

 

 

 

 

 

2:8: Next Steps : Jumbo Frames from end-to-end & Performance Tuning

So if you’ve made it this far, congrats. If you do nothing else, you now have a converged Hyper-V virtual switch, tagged vEthernets on your host, and a virtualized infrastructure that’s ready for VMs.

But there’s more you can do; stay tuned for the next labworks post where we’ll get into jumbo frames & performance tuning this baby so she can run with all the bandwidth we’ve given her.

Links/Knowledge/Required Reading Used in this Post:

[table]
Resource, Author, Summary
New-VMSwitch Technet, Microsoft, Always good to have Technet reference
Building a Converged Fabric with Server 2012, Hans “The Hyper-Dutchman” Vredevoort, A 2012 post which helped me when I was struggling through 2008 R2 to 2012 Hyper-V migration

Hyper-V 3.0 Converged Networks with Force 10 and DCB, Dell, Neat Wiki & diagram with iSCSI as separate virtual switch but with DCB

[/table]

 

 

Schadenfreude tempting, but in real IT, Hearts Bleed together

schadenfreude_picA few Microsoft bloggers (some prominent, some less so, none that I know of are employed by MS) are doing a bit of crowing today…OpenSSL, VMware, AWS….all #Heartbleed vulnerable while Azure & Windows & Hyper-V are secure! <Nelson>Ha Ha!</Nelson>

I’m new to IT blogging, but one thing I’ve noticed is that it’s dominated by consultants who are selling something other than just software: their skills & knowledge. That goes for Hyper-V bloggers or VMware bloggers, SQL bloggers or Oracle bloggers. And that’s just fine: we all have to find a way to put food on the table, and let’s face facts: blogging IT doesn’t exactly bring in the pageviews, does it? However, making sport out of the other products’ flaws can bring in the hits, and it’s fun.

Me? I’m what you call a “customer” who has always supported Microsoft products, had a love/hate/love relationship with them, a curiosity about the other camps, and a desire to just make it all work together, on time & on budget in service to my employer and my users. 

So I blog from that perspective.

And so while it’s tempting to join some of my Win32 colleagues (after all the BSOD & dll.hell jokes are getting old 20 years on) as they take joy in other engineers’ suffering, I say no!

I remind the reader of that great engineer of words, John Donne, who wrote:

No man is an island,
Entire of itself,
Every man is a piece of the continent,
A part of the main.
If a clod be washed away by the sea,
Europe is the less.
As well as if a promontory were.
As well as if a manor of thy friend’s
Or of thine own were:
Any man’s death diminishes me,
Because I am involved in mankind,
And therefore never send to know for whom the bell tolls;
It tolls for thee.

This poem gets me every time; Donne knows his stuff.

No :443 is an island entire of itself, especially in the internet age. And every network is a part of the great /0.

If one datacenter falls, our infrastructure is the less.

Any engineer’s pain diminishes me, because I have been in his shoes*, RDPd or SSHd into the device at 3am, worried about my data and my job, just as he or she is right now.

So to my friends & colleagues in the open source world trying to stem the bloodloss, I ask; do you need a hand?

Working from home today and be happy to help and I know my way around putty.

*Chinese hackers, the NSA, and other malefactors are of course exempted here

If you can’t beat them, join them : Microsoft Introduces OneGet

Do you remember this guy from Maxxel tape commercials?

maxell-cassette-tape-chair-man

Throw out the old cathode ray tube and insert a few 24″ LCD panels, and that’s been me for the last 48 hours as I’ve absorbed the news from #BUILD2014, Microsoft’s big developer conference and the first one under Captain Satya “Fearless” Nadella.

Blown away.

All the consumer stuff is great and exciting and on a personal level, I think Windows Phone 8.1 finally has reached feature parity with iOS & Android and is thus a potential handset for me some three years after I gave the laughable Windows Phone 7 a chance.

But the biggest news is *nix & Windows, friends at last. Maybe.

Where’s Microsoft headed? Agnostic Computing land. Just look at these crazy developments:

  • Jeffrey Snover & a declarative Windows/Azure in WMF 5: Snover, who I’ve written about before, is the father of PowerShell & Desired State Configuration, Microsoft’s document-based attempt to simplify deployment. Basically it’s a Redmond-flavored Puppet, but, on a deeper level, and as Snover pointed out in an interview last year, it’s a declarative framework for Windows, which marks a subtle change in focus in our old API-focused OS. Windows is/will soon be document-based like Linux, which means something substantive to programmer types and something practical to guys like me who are tired of SCCM crashing
  • Speaking of Chef & Puppet, both are now a legit part of the Azure stack. The Puppet Labs CEO was even on stage at #BUILD
  • OneGet: Thomas Maurer, MVP Hyper-V blogger ,outlines OneGet in detail but here’s what you need to know: Are you familiar with Apt-get in Ubuntu/Debian or pkg install in *BSD? OneGet is like that. For f#($*#( Windows!
  • Xamarin: Microsoft is really embracing Xamarin, Miguel de Icaza’s firm that produces open source tools for .net. If anyone deserves a bit of fame & fortune, it’s probably de Icaza as he’s been a .net/C# supporter for a long time in a space and among a crowd that hung pictures of Bill Gates, Locutus of Borg. I mean, imagine trying to scratch out a living wedged between giant ecosystems and associated history baggage & dogma. That’s where de Icaza has been and I’m eager to see the fruits of the new relationship.
  • Microsoft open sources stuff: Suddenly Microsoft is interesting again, says WaPo, of the blizzard of open source announcements at #BUILD. .Net Compilers, Win Java Script, hell, they’ve even open sourced Word 1.0. “Microsoft is trying to be your friend, and it may actually win you over,” WIRED swoons.

To me, the significant news out of BUILD is further proof that Nadella’s got his priorities straight, that Microsoft’s no longer worrying about shedding some of the legacy stuff/philosophies that have held it back in mobile, cloud and elsewhere.

The line between the open source world & Windows used to be really sharp, fine, and narrow, with combatants clearly staked out on each side.

After BUILD 2014, it seems a whole lot more fuzzy, and I think that’s a great thing in IT and in the consumer space. You can almost have best of breed & one throat to choke simultaneously!

One last cool news bit from BUILD: Microsoft’s network virtualization solution to date has amounted to NVGRE, a packet encapsulation solution that few engineers outside of Azure seem to care about, use, or make products for. It’s only available if you’re a System Center customer and frankly, seems more trouble than its worth. I don’t have multiple tenants in my data-center, I have one: my employer.

Meanwhile, OpenDaylight and all the VMware SDN products & frameworks are gaining momentum. And you can experiment with that stuff for free. Cumulus Networks sells a Linux-powered switch, some companies are pushing API-based traffic management and SDN feels like it’s real & tangible.

Well, Microsoft’s got something new there too, and though I can’t say it’s truly “SDN,” it’s at least practical and interesting: program your switch with powershell. Hot!

The Game Just Changed Son

Meet the new focused, nimble & determined Microsoft, now free of Windows shackles, eyes set fiercely on the rainbow colored G in Mountain View:

Microsoft CEO Satya Nadella on Thursday unveiled Office for iPad, a highly anticipated and long overdue version of its bread-and-butter productivity software for Apple’s popular tablet.

The move enforces Microsoft’s recognition that it must deliver services to both businesses and consumers wherever they are, especially on mobile devices.

The app will be live for free in Apple’s App Store today. You’ll be able to read and present your content that way, but for creating and editing content, you will need an Office 365 subscription.

Today marks the “beginning of exploration for us,” Nadella said in his opening remarks.

Lean and mean Nadella then stared menacingly into the camera, narrowed his gaze and stared right through the glass to Sergey & Larry’s soul, then puffed his chest slightly and in what can only be described as a shouted whisper said, “Nadella out.”

Then he dropped the mic, stormed off the stage and some reporters fainted.

The game just changed, son.

My first thoughts, some probably influenced or borrowed from the great Mary Jo Foley and/or Paul Thurott are:

  • Is this the end of Windows? Microsoft just de-coupled it’s most profitable product Office, from the product that built Microsoft, Windows. That’s huge and it’s good. Redmond has recovered from Ballmer Fever, an acute condition marked by paralysis and fear, excess nostalgia for the way things were, and grandiose thinking out of sync with reality. Spring has come, rebirth is in the air, and the Ballmer Fever has broken, hallelujah. Office 365 online for cloud + high quality Office is going to the places where the people are at: iPads and iPhones. It’s been a soul-wrenching fight to get here, but Microsoft did it. They gut checked this out of committee and into the real world. Good on them and good on Nadella for making “cloud & mobile” something more than “devices & services.”
  • Drive is old ‘n Tired, O365 is the fresh look: Google Drive hasn’t aged well. Funny to think of it in those terms, but Docs debuted in what, 2007 or 2008? Largely it looks the same. Office 2013 has its UI fans, me among them, and it’s detractors, but you can’t say it’s remained static and boring. It’s rich. It’s still pretty fresh and, what’s more, the Hotmail/Live.com/Windows Messenger veneers have finally been wiped away from Microsoft’s O365, Azure and Outlook.com interfaces for good. It used to be you could scratch an Azure or Outlook.com like a lottery ticket and find some Hotmail or Live.com underneath, but no longer!  Somehow, someway, Microsoft went and learned great UI & Web design skills, and this is coming from an HTML 5 fanboi & zealot and one-time disciple of the ChromeOS Religion.
  • This is a really compelling deal: The O365 personal subscription is $70 a year, so affordable you almost want to buy a domain and move it there since you get Office + Outlook just like at your work. Now that deal is even sweeter because you can get Office on an iPad your wife can use. No more Office interpretative art apps for the Household Technologist to troubleshoot just to view the .xlsx file! Hurray!
  • This means less pain at work, perhaps a beginning of the end of Tech Cognitive Dissonance & Shadow IT: That C-Level executive in your life who cut his teeth on Lotus 1-2-3 and is now the premiere Excel ninja & Power Pivot/Sharepoint reosurce for the company can use his preferred touch device, an iPad, the same device he brute forced into your stack a few years ago. No more fighting; here’s your iPad Office sir. Yes sir, I promise, I will never ask you to try a Surface tablet again. Thank you good day. One less battle!
  • This is Agnostic Computing in theory and practice: We the people want the software and tools and apps and content we like to be available on whatever device we happen to have with us at the moment, whether it’s got a half-eaten fruit on it, a Windows logo, or a green robot. Microsoft just validated that vision
  • This is confusing for Microsoft shops: My British colleague and friend sitting across from me was excited by this too. He’s a Windows guy like me professionally, but an Apple fan in his private life. Hey, no one is perfect, and I hesitate to share his private afflictions like that, but he approved it. Anyway, upon hearing the Good News, my colleague began pondering an iPad-as-workstation strategy and rushed to the AppStore to get Office for his iPhone. Now he’s got The Real Thing installed alongside his OneDrive app, and he opened an Excel doc from our Sharepoint site which hooked somehow into our modest O365 implementation but that prompted for his on-prem domain credentials and holy shit, can I get a whiteboard up in here? I’ve lost the thread/Kereberos ticket. Point is, he got Excel on his iPhone.

I’m feeling pretty bullish on Microsoft today even if I fear for my precious Windows & Hyper-V. This is exciting news, a step forward for technology and an acknowledgement that while Microsoft can’t compete everywhere, in some places, it’s still to be feared and it’s still on its feet. 

The fever has broken and the game is back on. Your move Google.

Dear Syslog, regarding NAT & #VFD3 Day 0

Dear Syslog,

It seems like only yesterday that I was listening to Tom Hollingsworth discuss IPV6 on some podcast or other. It went something like this:

Host: So with v6, we’re free of *insert nasty habit tacked onto v4 that we all came to think of as normal, but which is really not normal*

Hollingsworth: Yes. It’s the internet the way it was meant to be.

Me: *kernel panic/bsod/head explodes* 

 

Syslog, how crazy is it that I was only listening to such debates over recorded podcasts a few months ago until last night, at the #VFD3 kick-off dinner, where I participated in one? And it was In Silicon Valley itself, not the technology sticks of Los Angeles!

Yeah, it’s great Syslog. Hollingsworth held forth on v6 for what felt like a good hour or two, and we #VFD3 delegates, all of us comfortable with our v4 subnetting, our 192.168s and our 10.10s and 172.16s and the whole RFC-1918 spec and our NATs, were at turns skeptical, outraged, excited, amused, or confused by Hollingsworth and we let him have it.

I have to say syslog, I’m convinced. I’m ready to make the leap. And no I’m not talking about Microsoft Direct Access (finally understood the proper context of Teredo tunneling last night syslog), or other half-measures, no….syslog, I want the real v6…I want full 128 bit routable addresses…yeah that’s it. 128 bit routable IP addresses on everything!

Yeah I know I’ve flirted with v6 in the past. Felt cool and 1337 when I hooked up a tunnel to HE.net. But then I turned it off not knowing what to do with it, fearing the unknown.

Now syslog, regarding NAT…it strikes me that Network Address Translation is not to be hated or despised, but rather, understood in the proper context of the development of the internet. All us #VFD3 guys were struggling for metaphors last night as we contemplated v6 in our own enterprises, but after sleeping on it, I think I’ve figured it out.

This is NAT + IPV4:

pTRU1-2878337dt

This is v6:

The Cannibal, Eddy Merckx
The Cannibal, Eddy Merckx

ergo syslog, NAT+IPV4 = learning to bicycle with training wheels, dad’s steady hand on your back and his encouraging voice in your ears.

ipv6 = Eddy Merckx demolishing a 7% grade somewhere in the Pyrennes during a Tour de France, no helmet, no training wheels, just poise, power and determination. Full of Win.

And so it goes in technology, syslog. NAT had its place and its time, it delayed the onset of Peak IP/v4 address exhaustion, and it let us all get comfortable in this new, hyper-connected world.

But we should have removed those rickety, rusting training wheels long ago and used the internet as it was meant to be used syslog. Instead, we’re inventing all sorts of contraptions and strange tools just to keep the training wheels on indefinitely.

Syslog, the lesson from #VFD3 Day 0 is this: There is no Eddy Merckx destroying his opponents and the mountain until we take the training wheels off. Or, to go all Biblical on you syslog:

When I was a child, I talked like a child, I thought like a child, I reasoned like a child. When I became a man, I put the ways of childhood behind me

Sincerely, Agnostic Node 1

In other news, packed day ahead with #VFD3 events. Follow the Twitter tag #VFD3, or maybe you want to tune into the live-stream, in which case I’ve ctrl-c’d/ctrl-v’d the feed below:

http://cdn.livestream.com/embed/techfieldday?layout=4&color=0xe7e7e7&autoPlay=false&mute=false&iconColorOver=0x888888&iconColor=0x777777&allowchat=true&height=385&width=640

Check back later for more!