Whitebox lab server

Node1.daisettalabs.net, my primary PC and the best-equipped server in the homelab, has received an upgrade.

A whitebox upgrade. Literally:

IMG_20150303_052455318

 

I’m a fan of metaphors and whitebox everything is a powerful one in our line of work, so I figured why not roll my own whitebox server in the lab?

Node1 vitals:

  • Motherboard: Supermicro X10SAT with all the PCIe 3.0 slots you’d need, Thunderbolt port, and integrated Haswell graphics plus a pair of Intel NICs
  • CPU: Intel Core i7-4770K (Haswell), quad core with hyperthreading
  • RAM: 4x8GB Kingston Hyper-X non-ECC
  • Storage (Boot): 2xSamsung 850 SSD (240GB) in RAID 0 because I like to live dangerously  I’ve just about automated the buildout of this server and most of my data is in One Drive for Business
  • Storage (Tiered Storage Spaces): 2x 128GB SanDisk Extreme + 2x1TB WD Red 2.5″
  • Graphics: AMD FirePro W4100 w/ 2GB RAM makes my Visio buttery smooth.
  • Networking:  The Supermicro has a pair of Intels, an I-210 and a 217V, both of which connect up to my Cisco 2960S in the garage. To that I’ve also added a Pro1000 PCIe 2.0 card with dual ports, one of which also connects to the 2960S (I only ran 3 cables from the garage to my home office)
  • OS: Server 2012 R2 Standard, naturally, with full Desktop GUI and Windows Management Framework February 2015 preview so that I can tinker with DSC
  • Case: NZXT 340 something or other. Very nice case for $70. I’ve never wanted to exhibit the inside of a PC I’ve built, but this case makes it so simple to hide the nasty PC underlay (power, SATA etc)

#WhiteboxGlory shot of the innards that make the child partition go “wooooow!!”

IMG_20150303_052331601

 

 

Hunting Lettered Drives in a Microsoft Enterprise

Of all the lazy, out-dated constructs still hanging around in computing,SMB shares mapped as drive letters to client PCs has to be the worst.

Microsoft Windows is the only operating system that still employs these stubborn, vestigal organs of 1980s computing. Why?

Search me. Backwards compatibility perhaps, but  really? It’s not like you can install programs to shares mapped as drive letters, block-storage style.

If you work in Microsoft-powered shops like me, then you’re all too familiar with lettered drive pains. Let’s review:

  1. Lettered drives are paradigms from another era: Back in the dial-up and 300 baud modem days you got in your car and drove to Babbages to purchase a big box on a shelf. The box contained floppy diskettes, which contained the program you wanted to use. You put the floppy in your computer and you knew instinctively to type a: on your PC. Several hours later after installing the full program to your C: drive, you took the floppy out of its drive and A: ceased to exist. If this sounds archaic to you (it is), then welcome to IT’s version of Back to the Future, wherein we deploy, manage and try to secure systems tied to this model
  2. Lettered drives are dangerous:  The Crytpo* malware viruses of the last two years have proven that lettered drives = file server attack vector. I have friends dealing with Gen 3 of this problem today; a drive map from one server to all client PCs must be a Russian crypto-criminal’s dream come true.
  3. Your Users Don’t Understand Absolute/Relative paths:  When users want to share a cat video from the internet, they copy + paste the URL into an email, press send, and joyous hilarity ensues. But anger, confusion, despair & Help Desk tickets result when those same users paste a relative path of G:FridayFunDebsFunnyCatVids into an email and press send. Guess what Deb? Not everyone in the world has a G: drive. This is frustrating for IT, and Deb doesn’t understand why they’re so mad when she opens a ticket.
  4. Lettered drives spawn bad practice offspring: Many IT guys believe that lettered drives suck, but they end up making more of them out of laziness, fear or uncertainty. For instance: say the P:HR_Benefits folder is mapped to every PC via Group Policy, and everyone is happy. Then one day someone in HR decides to put something on the P: drive that users in a certain department shouldn’t see. IT hears about this and figures, “Well! Isn’t this a pickle. I think, good sir, that the only way out of this storm of bad design is to go through it!” and either stands-up a new share on a new letter (\fsSecretHRStuff maps to Q:) or puts an NTFS Deny ACL on the sub-folder rather than disabling inheritance. More Help Desk tickets result, twice as many if the drive mapping spans AD Sites and is dependent on Group Policy.
  5. Lettered drives don’t scale: Good on your company for surviving and thriving throughout the 90s, 2000s, and into the roaring teens, but it’s time for a heart-to-heart. That M:Deals thing you stood-up in 1997 isn’t the best way to share documents and information in 2015 when the company you helped scale from one small site to a global enterprise needs access to its files 24/7 from the nearest egress point.

I wish Microsoft would just tear the band-aid off and prevent disk mapping of SMB shares altogether. Barring that, they should kill it by subterfuge & pain ((Make it painful, like disabling signed drivers or something))

But at the end of the day, we the consumers of the Microsoft stack bear responsibility for how we use it. And unfortunately, there is no easy way to kill the lettered drive, but I’ll give you some alternatives. It’s up to you to sell them in your organization:

  1. OneDrive for Business: Good on Microsoft for putting advanced and updated OneDrive clients everywhere. This is about as close to a panacea as we get in IT. OneDrive should be your goal for files and your project plan should go a little something like this: 1) Classify your on-prem file shares, 2) upload those files & classification metadata to OneDrive for Business, and 3) install OneDrive for Business on every PC, device, and mobile phone in your enterprise, 4) unceremoniously kill your lettered drive shares
  2. What’s wrong with wack-wack? Barring OneDrive, it’s trivial to map a \sharefolder to a user’s Library so that it appears in Window Explorer in a univeral fashion just like a mapped drive would
  3. DFS: DFS is getting old, but it’s still really useful tech, and it’s on by default in an AD Domain. Don’t believe me? Type \yourdomain and see DFS in action via your NETLOGON & SYSVOL shares. You can build out a file server infrastructure -for free- using Distributed File Sharing tech, the same kit Microsoft uses for Active Directory. Say goodbye to to mapping \sharesharename to Site1 via Group Policy, say hello to automatic putting bits of data close to the user viaGroup Policy.
  4. Alternatives: If killing off the F: drive is too much of an ask for your organization, consider locking them down top prirority with tools like SMB signing, access-based enumeration and other security bits available in Server 2012 and 2012 R2.

Snover re-factoring Windows Server & System Center

My last two posts on Microsoft were filled with angst and despair at Microsoft’s announcement that the next gen versions of Server & System Center would be delayed until sometime in 2016. Why, I cried out, why the delay on Server, and what’s to become of my System Center, I wondered?

I went a bit off-the-rails, imagining that Satya Nadella had shaken things up for the System Center team. Then I wrote a letter to him asking him what was up.

Snover & Microsoft love Linux
Snover & Microsoft love Linux

Well, I was wrong on all that, or perhaps I was only a little bit right.

There was a shakeup, but it wasn’t Nadella who had angrily overturned a gigantic redwood table at System Center HQ, spilling Visio shapes & System Center management packs as he did so, rather it was Mr Windows himself, the Most Distinguished of Distinguished Technical Fellows, Dr. Jeffrey Snover who had shaken things up.

Yes. The Padre of Powershell himself filled in the gaps for me on why System Center & Windows Server were delayed during a TechDays online one day after my last post.

During that  talk, he announced that the Windows Server Team has been meshed with the System Center Team and, even better, the Azure team. Hot dog.

Redmond mag:

[Snover] explained that the System Center team and the Windows Server team are now “a single organization,” with common planning and scheduling. He said that the integration of the two formerly separate organizations isn’t 100 percent, but it’s better than it’s been in the past. The team also takes advantage of joint development efforts with the Microsoft Azure team, he added.

That’s outstanding news in my view.

Microsoft’s private|hybrid|public cloud story is second to none as far as I’m concerned. No one else offers deep integration between cutting edge public cloud systems (Azure) with your on-prem legacy infrastructure stack.

Yet that deep integration (not speaking of AAD Sync & ADFS 3 here) was becoming confused and muddled with overlap between the older tools (System Center) and the newer tools like Desired State Configuration, mixed in with AzurePack, an on-prem/cloud management engine.

It sounds to me like Snover’s going to put together a coherent strategy using all the tools, and I can’t think of a better guy to do the job.

But what of Windows server?

It’s getting Snovered too, but in a way that’s not as clear to me. Again, Redmond mag:

The next Windows Server product will be deeply refactored for cloud scenarios. It will have just the components for that and nothing else, Snover explained. Next, on top of that, Microsoft plans to build a server that will be the same as the Windows Servers that organizations currently use. This server it will have two application profiles. One of the application profiles will target the existing APIs for Windows Server, while the other will target the subsets of the APIs that are cloud optimized, Snover explained. On top of the server, it will be possible to install a client, he added. This redesign is happening to better support automation, he explained.

I watched most of Snover’s talk, took a few days to think about it, and still have no idea what to make of the high-level architecture slide below that flashed on screen briefly:

vnext

Some thoughts that ran through my head: is the cloud-optimized server akin to CoreOS, with active/passive boot partitions, something that will finally make Patch Tuesday obsolete? One could hope that with further abstraction, we’ll get something like that in Windows Server vNext.

In some sense, we already have parts of this: if you enable the Hyper-V feature on a bare-metal computer, you emerge, after a few reboots, running a Windows virtual machine atop a Type-1 Hypervisor.

Big deal right? Well, Snover’s slide seems to indicate this will be the default state for the next generation of Windows server, but more than that, it seems to indicate that what we think of as the Type-1 Hyperivisor is getting a bunch of new features, like container support.

We knew Docker support was coming, but at this level, and almost indistinguishable from the hypervisor itself?

That’s potentially all kinds of awesome.

Interestingly, Server Roles & Features look like they’re being recast into a “Client” level that operates above a Windows Server.

Which, if we continue down the rabbit hole, means we have to ask the question: If my AD Domain Controller  or my RemoteApp session host farm servers are now clients, what are they running on? It certainly doesn’t seem to be a Windows server anymore, but rather a kind agnostic compute fabric, made up of virtual “Servers” and/or “Containers” operating atop a cloud-optimized server running on bare-metal…an agnostic computing ((Damn straight, had to work that in there)) fabric that stretches across my old on-prem Dells all the way up to the Azure cloud…right?!?

I’m like four levels deep into Jeffrey Snover’s subconscious so I’ll stop, but suffice it to say, the delay of Windows Server & System Center appears to be justified and I can’t wait to start testing it in 2016.

Open Letter to Satya Nadella re: Windows Server/System Center Delay

Seattle, WA (AP):  Microsoft today postponed the release of its next generation computer server operating system, Windows Server 2015, as well as a companion app or program called “System Center” in a stunning move that left IT Pros throughout the world sad, angry, and in a state of bewilderment. The Redmond- based computing giant told reporters it had no further comment 

Whoa whoa whoa. This has got to be a mistake. Hey Cortana, why is the AP reporting that Server’s been delayed?

Cortana: That’s classified. 

Say what Cortana??

Cortana: Master Chief, that is classified information. 

Classified? Windows Server? System Center? Cortana, you’re buggy as hell. Take down this email addressed to Mr. Satya Nadella.

Cortana: Yes Master Chief. 

Dear Satya Nadella,

I read this about Server & System Center, and I’m in shock.

Microsoft today postponed the release of its next generation computer server operating system, Windows Server 2015, as well as a companion app or program called “System Center”

Like hell you are going to delay……come on Mr. Nadella, I thought you were an enterprise guy, like me! What gives?

I’ve been computing on Server Technical Preview Build 9481 -a four month old operating system for crying out loud- patiently waiting for something fresh and new, for some of the promised manna from the Azure clouds to drop onto me.

Waiting around like an unloved Android handset waited in vain for its Kit Kat update, hopeful on release day, yet the update progress bar never comes.

It never comes Mr Nadella, and I am just a sad, jilted little robot, green & jealous of all the attention the Insiders receive on Windows 10.I just don’t understand….Of all the things the things you could have punted on, all the useless consumer things like that health band,  you decided to punt on Windows Server & System Center?

The insiders complain about Windows 10, even as they download the new bits & enjoy the new features, they complain. How your team suffers these fools is beyond me.

Yet your Server fans can’t even install Windows Management Framework 5.0 and play with all the neat cutting edge things available to WMF 5 on Server 2012 R2, Do we bitch and moan? Not as much!

That cuts me deep, Mr. Nadella, real deep.

Mary Jo says you’ve halted the release of System Center & Server this year because you want to get more feedback from customers, that woe-is-me IT Professionals are urging you to slow down, begging, “Please…mercy sir!! We upgraded two years ago! We don’t want to do it again so soon! Please let us have Windows 2003 for a few more years!!”

If I may suggest Satya, if I can call you by your first name. These are not the IT Professionals you are looking for. You should talk to IT Pros like me, or Aidan Finn, or Didier van Hoye, we’re the guys who got the memo that servers are not pets, but cattle, and that like all cattle, VMs have a certain natural lifecycle, a lifecycle I, might add, that you can make into a Cattle Template right in System Center VMM.*

MSFTSystemCenterlogo1Or is it something else? Does the Google/VMware cloud thing have you worried? I wouldn’t fret too much; it’s totally obvious those two lack something important that can only be had by jumping in bed with the other. For VMware, it’s cloud credibility, for I have seen the vCloud Air, and yea though I was impressed, it still lacks a certain j‘ne Se Qua compared to Azure.  As for Google? They want into the brownfield enterprise, which, if it’s virtual, is about 2/3rds VMware and 25% Microsoft.

What they both want is what you have in spades Satya: a story. A story that sounds like science fiction but is actually running in production around the world right now today. A story with a hero whose name is Windows Server, a multi-talented, jack-of-all-trades/master-of-some genuine American hero that can beat just about any enterprise villain in the hands of a skilled IT Pro like me.  Like so:

Windows Server. Not afraid to rationalize and tier your storage, just like a SAN. 

Windows Server & VMM: It’s the Type 1 Hypervisor & automation engine that ropes, rides, and gathers up all your stray VMs so that they can be put to work for you. 

Windows Server. With Exchange as his sidekick, makes for a best-in-class messaging platform, on-prem, hybrid, or up in Office 365. 

Windows Server, SCOM, and SCCM: You don’t need to hire a Sheriff to police things when Windows Server comes to town, for he’s packing all sorts of security heat: PKI, RMS, RBAC, identity, sChannel, AD, Defender, antimalware, Forefront. And his sidekick SCCM will keep tabs on all the PCs, mobile devices. 

Windows Server: It’s Azure-scale, runs Nebula too, but is humble & approachable enough to slum it in a garage lab

Windows Server: GUI?!? We don’t need no stinkin’ gui for Windows Server has Powershell. 

Windows Server is all these things to me, and now you’ve delayed it Mr. Nadella. I’m crushed.

Please tell me it’s for a good reason, like you’re going to make all those cool things I learned at TechEd Barcelona come true (I need a VXLAN story, Mr. Nadella, and  a Docker story would be nice too, and keep working the Storage Spaces replication storyline, ok?).

Please tell the devs to go back to their TFS Consoles, their swank Visual Cloud Studios and tell them not to forget about us Server fans, ok?

Sincerely,

Jeff Wilson

Agnostic Computing.com

* My Physical servers &  VMs are cattle and I birth ’em, brand ’em, work ’em, drive ’em hard, slaughter ’em and experiment on their leftover parts in my lab. Yeeehaaa!!

Buying a car is just like buying storage

Supermicro...the king of all storage disruptors
Would you like some underbody rust protection with your array sir?

So the family car (a tiny 2012 Mazda 3) lease is up in February which means it’s time to get a new Agnosto-ride for the Supe Module spouse, the Child Partition and -like dads everywhere know- all the heavy, awkwardly-shaped stuff that’s required to go everywhere the Child Partition goes.

It’s 2015, I’m nearing 40 and so I’m thinking Agnosto-ride 2.0 will be something bigger, safer, and because gas is so cheap and will never, ever, ever go up again, suitably powerful & commanding. Something established, something that says “Look upon and fear me,”  yet is soft, friendly and maneuverable enough that my wife and I can park it without effort.

Or hell, maybe it can park itself.

That’s right. Time to go car shopping, baby.

I love shopping for cars, almost as much as I love shopping for storage arrays. When you step back and think about it, the two industries (cars & storage arrays) are so similar I’m convinced a skilled salesman could make a great living selling cars in the morning and slinging shelves in the afternoon. ((Or perhaps NetApp could merge with Ford and the same guy who sells you a Taurus could sell you a filer out of the same dealership))

Think about it. Glen works for a dealer selling Camrys in the morning, and he’s really good at bumping his commission up by convincing his mark to buy something that really should be included: a spare tire. By late afternoon, he’s pitching the exact same thing (High Availability via Active/Passive controllers) in expensive recurring license form to some poor storage schlub who just needs a few more TBs so he can sleep at night without worrying about his backups.

What’s more, the customer victim can’t just go and purchase the car/array from the manufacturer himself,  he’s got to have some value added to that transaction by way of a VAR or a dealer, you see, else what reason is there for Glen?  The customer must have Glen’s guidance; he literally is incapable of picking the right car or array for himself, even if the mark produces his own storage podcast or subscribes to Auto Week & Consumer Reports. The mark’s hands are held until such time that he selects the right car/array, which is always either the car/array closest to Glen, or the car/array that offers Glen’s employer the most margin.

For this is the way of things, except during quarter or year end.

And in both industries, the true cost of the product is either really hard to find or it’s been hidden in plain site, or it only applies in certain use cases, all of which  makes determining a car/array’s value very hard to quantify. Yes, you can take all the variables, drop them in Excel, but pivot tables only go so far: the electric gets you an invaluable HOV sticker for 2x the cost of the range-anxiety free hybrid, while the all flash array that dedupes & compresses inline and goes like a bat out of hell costs twice as much as the compress-only hybrid array which has honest-to-God cheep ‘n deeps that you know and trust.

Lastly, no buyer of metal boxes with rotating round things ((usually)) is as biased & opinionated as car & storage buyers. “You’ll regret that POS Kia in a few years, it’ll let you down!” says the Honda snob to the dad trying to save a buck or two. “No one ever got fired for buying EMC!” shouts the storage traditionalist at his colleague who just wants a bunch of disks & software.

And in the end, all this …analysis if you can call it that…. is utterly worthless if your family doesn’t like the way the car handles or your DBA can’t quite grasp the concept of mounting a cloned snapshot of his prod LUN and insists on doing SQL backups the way he learned to do them in 19-diggity-7.

Don’t hate the player, hate the game, Jeff you’re thinking.

But I don’t! I love the player and the game. I just like winning and if that means Glen loses a point or two on his commission, so be it.

Which is why before I buy a car or a storage array, I arm myself as best I can. In the case of storage, it’s imperfect spreadsheets with complex formulas, some Greybeards on Storage, some SQLIO & IOMETER, and some caffeine. In the case of cars, it’s perfect spreadsheets + Clark Howard + myFico.com credit report ((Incidentally, it won’t be Myfico.com this time around since Fair Isaac apparently refuses to encrypt their entire site like a real bank would

For Shame Fair Isaac
For Shame, Fair, Fair Isaac, if that is your real name

)) + bank check just to let Glen know that I’m the real deal, that I could bolt and buy that other car he’s trash-talking if he doesn’t toss in the spare tire gratis.

Game on. Time to go hunting!

System Center is Dead, Long Live System Center?

MSFTSystemCenterlogo1Change is afoot for System Center, Microsoft’s stack of enterprise technology management applications that guys like me install, use, manage, and build great careers on top of. And not just little change. Big, sweeping change, I’m convinced, thanks largely to Satya Nadella, but also thanks to a new & healthy culture of pragmatism inside Microsoft.

But that pragmatic culture began with a bit of fear & intimidation for the System Center team. I’m told by a source ((Not really)) that it went down like this: Nadella strolled over to the office building where System Center is built by  segregated development teams. I’m told that the ConfigMan & VMM teams, as creators of the most popular programs in the suite, get corner offices with views of the Cascades, while the Service Manager & DPM teams fight over cubes in the interior.

Anyway, Nadella walked in one day, called them all around a handsome, gigantic, rectangular redwood work table in the center of their space. He looked at each of them quietly, then -with a roar that’s becoming legendary throughout the greater Seattle metroplex- he bent over and with enormous strength, flipped the table on its side, spilling coffee, laptops, management packs, DPM replicas, System Center Visio shapes and the pride/pain of so many onto the cold, grey marble floor.

“Some of this is going to stay. And some of it’s going to go,” he said to them, motioning to the mess on the floor.

And then, he vanished, like a ninja.

But seriously, look at all the change happening at Microsoft. Surely the System Center we love/hate/want to name our kid after is not goign to escape 2015 without some serious, deep, and heartbreaking/joy-inducing change, depending on your perspective. It’s already happening. To wit:

  • Parts of System Center are dead as of Windows Server Technical Preview: App Controller, the self-service Silverlight & http front-end to VMM has been dropped out of System Center Technical Preview.  Farewell oddly-named App Controller, can’t say I’ll miss you. In its place? Azure Pack baby.
  • In the last 45 days, the whole System Center team has been busy begging and pleading with us to give them some feedback. VMM put up a Survey Monkey , and the DPM, Orchestrator, and Service Manager blogs all have been asking readers to give them more feedback. VMM even has a Customer Panels  whose purpose is to take the pulse of working virtualization stiffs like me. That’s awesome -and reflects the broader changes in the company- but it’s also a bit scary because I love my VMM & Configman and I’m not used to being asked what I think of it, I’m used to just taking it, warts and all. ((Since they asked, I’m running SCVMM Technical Preview in the lab at home and though its changes mostly amount to removal of features in the production version, I view it as a great advancement for one reason: I can now automate the re-naming of vNICs through VMM itself, rather than some obscure netsh command/batch file thingy. Awesome))
  • There are many Configuration Management products out there, but ConfigMan is mine, and it has remained suspiciously absent from System Center Technical Preview. Now I’m not suggesting that MS is going to kill off the crown jewel of its System Center suite, but crazier things have happened. Jeffrey Snover, father of Powershell, isn’t giving up on his Desired State Configuration cmdlets, the DSC sect within the Microsoft professional community is gaining influence & strutting about the datacenter floor with some swagger, and DSC is a tool that with some maturity could largely make ConfigMan unnecessary in many environments. It probably scales to Azure better, though it doesn’t have anything in MDM as far as I know.
  • Though much improved, SCOM still strikes me as too hard  to build-out compared to Monitoring as a Service offerings like New Relic. Granted, SCOM’s cloud story was pretty strong; just two months I ago I got a taste of #MonitoringGlory when I piped an endless train of SCOM alerts/events directly into Azure Operational Insights and got, well, some insight into my stack. But guess what SCOM-fans? You no longer need SCOM for that.  Ok then.  Why would I use it?
  • There are no sacred cows at Microsoft anymore: My precious Lync? Gone. Renamed Skype for Business. The Start Screen, which I was strangely beginning to like? I’m suffering Stockholm Syndrome as I play with the latest Windows 10 build; it’s been axed! Sharepoint online public-facing websites? Starting March 9, new customers won’t have to go through the crucible some of us have gone through to stand-up a dynamic corporate website back-ended by Sharepoint in Office 365. They get to go through someone else’s crucible, like Drupal or something.
  • Nadella has a talent for picking the obvious, and he’s clear: Apparently it was Nadella who told the Microsoft Holo Lens team that what they were building was more akin to the Enterprise’s Holodeck than a new way to play shooters in XBox Online. It’s been Nadella repeating the call that there should be One Windows across all products, not an RT here, and a Windows Phone there. Like him or not, the man has some clarity on where he wants Microsoft to be; and I think that’s exactly what MS needed.

So, I have no evidence that System Center is going to get all shook up in 2015 -and I mean seriously shaken up- but it seems pretty obvious to me that with Nadella came a healthy & powerful introspection that’s really bearing some fruit in parts of Microsoft’s business.

Now it’s System Center’s turn. And it’s good. We should look at that suite holistically, in the context of our time & and the marketplace. Parts of it are undoubtedly great & market-leading; other parts of it are, in my opinion, beyond fixing. The former will be strengthened, the latter will be cut off and discarded. System Center, whether it lives on or gets swallowed up by the Azure Pack, will get better, and I’m pumped about that!

Nimble Storage now integrates with System Center VMM

Just as I was wrapping up my time at my last employer, Nimble Storage delivered a great big Christmas gift, seemingly prepared just for me. It was a gift that brought a bit of joy to my blackened, wounded heart, which has suffered so much at the hands of storage vendors in years gone by.

What was this amazing gift that warmed my soul in the bleak, cold Southern California winter? Something called SMI-S, or Smizz as I think of it. SMI-S is an open standard management framework for storage. But before I get into that, some background.

You may recall Nimble Storage from such posts as “#StorageGlory at 30,000 IOPS,” and “Nimble Storage Review: 30 Days at Ludicrous Speed.” It’s fair to say I’m a fan of Nimble, having deployed two of their mid-level arrays this year into separate production datacenter environments I was responsible for as an employee, not as a consultant. From designing the storage network & virtualization components, to racking & stacking the Nimble, to entrusting it with my VMs, my SQL volumes, and Exchange, I got to see and experience the whole product, warts and all, and came away damned impressed with its time-to-deploy, its flexibility, snapshotting, and speed.

But one of the warts really stood out, festered, itched and nagged at me. While there has been support for VMware infrastructure inside a Nimble array since day one, there was no integration or support for Microsoft’s System Center Virtual Machine Manager, or VMM as us ‘softies call it. What’s a Hyper-V & System Center fanboy to do?

Enter SMI-S, the Storage Management Initiative – Specification,

Connecting green blobs to other green blobs, SMI-S is now in release candidate form for your Nimble
Connecting green blobs to other green blobs, SMI-S is now in release candidate form for your Nimble

a somewhat awkwardly-named but comprehensive storage management spec allowing you to provision/destroy volumes, create snapshots or clones, and classify your tiers via 3rd party tools, just the way $Deity intended it.

SMI-S is a product of the Storage Networking Industry Association and there’s a ton of in-depth, technical PDFs up on their site, but what you need to know is the specification has been maturing for a decade or longer, and it’s been adopted by a modest but growing number of storage vendors. The big blue N has it, for instance, as does HP and Hitachi Data Systems.

The neat thing about SMI-S is that it’s built atop yet another open management model, the Common Information Model, which, as MS engineers know, is baked right into Windows Server (both as a listener and provider).

And that has made all the difference.

I love SMI-S and CIM (as well as WBEM)  because it’s a great example of agnostic computing theory working out to my benefit in practice. SMI-S and CIM are open-standards that save time, money & complexity, abstracting (in this case) the particulars of your storage array and giving you the freedom to purchase & manage multiple different arrays from one software interface, System Center via that other great agnostic system, https.

Or, to put it another way, SMI-S and CIM help keep your butt where it should be, in your chair, doing great IT engineering work, not in the CIO’s office meekly asking, “Please sir, may I have another storage system API license?”

Single Pane o' glass in VMM with SMI-S for the Hyper-V set
Single Pane o’ glass in VMM with SMI-S for the Hyper-V set ***

Fantastic. No proprietary or secret or expensive API here, no extra licensing costs on the compute side, no new SKUs, no gotchas.*

And now Nimble Storage has it.

Nimble’s implementation of SMI-S is based on the Open Pegasus project**, the Linux/Unix world’s implementation of CIM/WBEM. All Nimble had to do to make me feel happy & warm inside was download the tarball, make it, and stuff it into NimbleOS version 2.2, which is the release candidate OS posted last week.

For IT organizations looking to reduce complexity & consolidate vendors, a Nimble Array that can be managed via System Center is a good play. For Nimble, that may only be a small slice of the market, but in that slice and among IT pros who focus on value-engineering just as much as they focus on convergence, System Center support enhances the Nimble story and puts them in league with the bigger, more established players, like the big blue N.

Which is just where they want to be, it appears.

Nimble’s on a roll and closing out 2014 strong, with fiber channel support, new all-flash shelves, faster models, a more mature OS (in fact, I believe it’s mostly re-written from the 1.4x days), stable DSMs for my Microsoft servers, and  now, like icing on the cake, an agnostic standards-based management layer that plugs right into my System Center.

* Well, one gotcha. As the release notes say: “Note: SCVMM can only discover volumes that have the agent_type smis attribute.When logical units are created using SCVMM, the SMI-S provider ensures the agent_type smis attribute is added to the volumes. However, volumes created from the array do not automatically have the attribute.You must add the attribute when you create the volume; otherwise, SCVMM will not be able to discover it. For more information about the agent_type smis attribute, see Create a Starter Volume.” So existing volumes won’t show in your VMM but’s not too big of a headache as you can storage live migrate your VMs to volumes you’ve provisioned via VMM. 

Also, as a footnote, I believe NetApp charges for SMI-S support. 
** Open Pegasus is itself affiliated with the Open Group, an unsexy but in my view exciting & important IT standards organization that 1) is legit as the official certifying body of the UNIX trademark, 2)  is not ITIL-affiliated as best I can tell and 3) aligns very well with Microsoft’s servers & systems. SMI-S is Ajust one piece of the puzzle; another is instrumentation & other infrastructure items. To that end, the Open Group oversees work being done on Open Management Infrastructure, which Microsoft supports and can utilize via WSMAN and wmi. Cisco, Arista and others are on board with this, and though I haven’t yet programmed a Nexus switch with Powershell yet, it is a real option and offers a compelling vision for infrastructurists like me: best-in-class storage, network, compute hardware, all managed & instrumented via System Center or whatever https front-end is suitable. Jeff Snover detailed the relationship over two years ago in this blog.
 *** Incidentally,without SMI-S & CIM, there’d be no way for me to build a simulation SAN in the Daisetta Lab (#StorageGlory Achieved : 30 Days on a Windows SAN) and management via VMM, but as I detailed earlier this summer, you can: stand up a Windows file server box, turn on the feature “Standards Based Storage Management,” point VMM at it and provision

Hyper-V + VXLAN and more from Tech Ed Europe

If you thought -as I admittedly did- that on-prem Windows Server was being left for dead on the side of the Azure road, then boy were we wrong.

Not sure where to start here, but some incredible announcements from Microsoft in Barcelona, most of which I got from Windows Server MVP reporter Aidan Finn

Among them:

  • VXLAN, NVGRE & Network Controller, courtesy of Azure: This is something I’ve hoped for in the next version of Windows Server: a more compelling SDN story, something more than Network Function Virtualization & NVGRE encapsulation. If bringing the some of the best -and widely supported- bits of the VMware ecosystem to on-prem Hyper-V & System Center isn’t a virtualization engineer’s wet dream, I don’t know what is.
  • VMware meet Azure Site Recovery: Coming soon to a datacenter near you, failover your VMware infrastructure via Azure Site Recovery, the same way Hyper-V shops can

    Not sure what to do with this yet, but gimme!
    Not sure what to do with this yet, but gimme!
  • In-place/rolling upgrades for Hyper-V Clusters: This feature was announced with the release of Windows Server Technical Preview (of course, I only read about it after I wiped out my lab 2012 R2 cluster) but there’s a lot more detail on it from TechEd via Finn:  rebuild physical nodes without evicting them first.You keep the same Cluster Name Object, simply live migrating your VMs off your targeted hosts. Killer.
  • Single cluster node failure: In the old days, I used to lose sleep over clusres.dll, or clussvc.exe, two important pieces in Microsoft Clustering technology. Sure, your VMs will failover & restart on a new host, but that’s no fun.  Ben Armstrong demonstrated how vNext handles node failure by killing the cluster service live during his presentation. Finn says the VMs didn’t failover,but the host was isolated by the other nodes and the cluster simply paused and waited for the node to recovery (up to 4 minutes). Awesome!
  • Azure Witness: Also for clustering fans who are torn (as I am) between selecting file or disk witness for clusters: you will soon be able to add mighty Azure as a witness to your on-prem cluster. Split brain fears no more!
  • More enhancements for Storage QoS: Ensure that your tenant doesn’t rob IOPS from everyone else.
  • The Windows SAN, for real: Yes, we can soon do offsite block-level replication from our on-prem Tiered Storage Spaces servers.
  • New System Center coming next year: So much to unpack here, but I’ll keep it brief. You may love System Center, you may hate it, but it’s not dead. I’m a fan of the big two: VMM, and ConfigMan. OpsMan I’ve had a love/hate relationship with. Well the news out of TechEd Europe is that System Center is still alive, but more integration with Azure + a substantial new release will debut next summer. So the VMM Technical Preview I’m running in the Daisetta Lab (which installs to C:Program FilesVMM 2012 R2 btw) is not the VMM I was looking for.

Other incredible announcements:

  • Docker, CoreOS & Azure: Integration of the market-leading container technology with Azure is apparently further along than I believed. A demo was shown that hurts my brain to think about: Azure + Docker + CoreOS, the linux OS that has two OS partitions and is fault-tolerant. Wow
  • Enhancements to Rights Management Service: Stop users from CTRL-Cing/CTRL-Ving your company’s data to Twitter
  • Audiocodes announces an on-prem device that appears to bring us one step closer to the dream: Lync for voice, O365 for the PBX, all switched out to the PSTN. I said one step closer!
  • Azure Operational Insights: I’m a fan of the Splunk model (point your firehose of data/logs/events at a server, and let it make sense of it) and it appears Azure Operational Insights is a product that will jump into that space. Screen cap from Finn

This is really exciting stuff.

Commentary

Looking back on the last few years in Microsoft’s history, one thing stands out: the painful change from the old Server 2008R2 model to the new 2012 model was worth it. All of the things I’ve raved about on this blog in Hyper-V (converged network, storage spaces etc) were just teasers -but also important architectural elements- that made the things we see announced today possible.

The overhaul* of Windows Server is paying huge dividends for Microsoft and for IT pros who can adapt & master it. Exciting times.

* unlike the Windows mobile > Windows Phone transition, which was not worth it

Containers! For Windows! Courtesy of Docker

DockerWithWindowsSrvAndLinux-1024x505 (1)

Big news yesterday for fans of agnostic cloud/on-prem computing.

Docker -the application virtualization stack that’s caught on like wildfire among the *nix set- is coming to Windows.

Yeah baby.

Mary Jo with the details:

Under the terms of the agreement announced today, the Docker Engine open source runtime for building, running and orchestrating containers will work with the next version of Windows Server. The Docker Engine for Windows Server will be developed as a Docker open source project, with Microsoft participating as an active community member. Docker Engine images for Windows Server will be available in the Docker Hub. The Docker Hub will also be integrated directly into Azure so that it is accessible through the Azure Management Portal and Azure Gallery. Microsoft also will be contributing to Docker’s open orchestration application programming interfaces (APIs).

When I first heard the news, emotion was mixed.

On the one hand, I love it. Virtualization of all flavors -OS, storage, network, and application- is where I want to be, as a blogger, at home in my lab, and professionally.

Yet, as a Windows guy (I dabble, of course), Docker was just a bit out of reach for me, even with my lab, which is 100% Windows.

On the other hand, I also remembered how dreadful it used to be to run Linux applications on Windows. Installing GTK+ Libraries on Windows isn’t fun, and the end-result often isn’t very attractive. In my world, keeping the two separate on the application & OS side/uniting them via Kerberos and/or https/rest has always been my preference.

But that’s old world thinking, ladies and gentlemen.

Because you see, this announcement from Microsoft & Docker Inc sounds deep, rich, functional. Microsoft’s going to contribute some of its Server code to the Docker folks, and the Docker crew will help build Container tech into Windows Server and Azure. I’m hopeful Docker will just be another Role in Server, and that Jeffrey Snover’s powershell cmdlets will hook deep into the Docker stuff.

This probably marks the death of App-V, which I wrote about in comparison to Docker just last month, but that’s fine with me.

Docker on Windows marks a giant step forward for Agnostic Computing…do we dare imagine a future in which our application stacks are portable? Today I’m running an application in a Docker Container on Azure, and tomorrow I move it to AWS?

Microsoft says that’s exactly the vision:

Docker is an open source engine that automates the deployment of any application as a portable, self-sufficient container that can run almost anywhere. This partnership will enable the Docker client to manage multi-container applications using both Linux and Windows containers, regardless of the hosting environment or cloud provider. This level of interoperability is what we at MS Open Tech strive to deliver through contributions to open source projects such as Docker.

Full announcement.

Microsoft releases new V2V and P2V tool

Do you smell what I smell?

Inhale it boys and girls because what you smell is the sweet aroma of VMware VMs being removed from the vSphere collective and placed into System Center & Hyper-V’s warm embrace.

Microsoft has released version three of its V2V and P2V assimilator tool:

Today we are releasing the Microsoft Virtual Machine Converter (MVMC) 3.0, a supported, freely available solution for converting VMware-based virtual machines and virtual disks to Hyper-V-based virtual machines and virtual hard disks (VHDs).

With the latest release, MVMC 3.0 adds the ability to convert a physical computer running Windows Server 2008 or above, or Windows Vista or above to a virtual machine running on a Hyper-V host (P2V).

This new functionality adds to existing features available including:

• Native Windows PowerShell capability that enables scripting and integration into IT automation workflows.
• Conversion and provisioning of Linux-based guest operating systems from VMware hosts to Hyper-V hosts.
• Conversion of offline virtual machines.
• Conversion of virtual machines from VMware vSphere 5.5, VMware vSphere 5.1, and VMware vSphere 4.1 hosts to Hyper-V virtual machines.

Download available here.

This couldn’t have come at a better time for me. At work -which is keeping me so busy I’ve been neglecting these august pages- my new Hyper-V cluster went Production in mid-September and has been running very well indeed.

But building a durable & performance-oriented virtualization platform for a small to medium enterprise is only 1/10th of the battle.

If I were a consultant, I’d have finished my job weeks ago, saying to the customer:

Right. Here you go lads: your cluster is built, your VMM & SCCM are happy, and the various automation bits ‘n bobs that make life in Modern IT Departments not only bearable, but fun, are complete

But I’m an employee, so much more remains to be done. So among many other things, I now transition from building the base of the stack to moving important workloads to it, namely:

  • Migrating and/or replacing important physical servers to the new stack
  • Shepherding dozens of important production VMs out of some legacy ESXi 5 & 4 hosts and into Hyper-V & System Center and thence onto greatness

So it’s really great to see Microsoft release a new version of its tool.