NSX-T manager fails to load? It might be that the Corfu DB got corrupted

NSX Manager error
NSX Manager error

If you’re like me, and you are spinning new nested labs left and right, you are also probably over-committing on your VMFS datastore regularly.

The issue that happened to me was that I ran out of datastore space and it crashed my NSX-T manager. Perhaps this issue can also happen for other reasons. In any case the issue manifests itself by not being able to login to the NSX-T manager where it keeps saying that the service is not ready.

When runing the command “get management-cluster status” on the NSX-T manager you may get:

read more

What are these Spectre and Meltdown vulnerabilities all about


For any of my friends that are not computer savvy, or usually don’t care. In this post I’ve digested the info for you about the security bug in CPUs, which is a BIG DEAL. You will start to hear the words like #Meltdown and #Spectre alot soon regarding your computer security. Allow me to explain in very high level, hopefully this helps some of you to better understand the biggest security bug in history :
Meltdown is the name of a vulnerability found in Intel CPUs only, where security is compromised to gain more speed. Basically Intel engineers designed their CPUs to be more performant but neglected to make sure they are secure enough, and the result is that one piece of code running on an Intel CPU can read the “kernel memory” of the operating system (OS) . Think of the kernel memory as your brain’s secret thoughts, what would have happened if I gained access there? In the computer world that’s where all your passwords are for example.
The patches that are coming out for this one are on the OS side (windows, Linux etc) and they expect to slow down all Intel chip sets by 30%-50%. Yes, your computer will be slower.
Do not underestimate this problem, code and guides how to exploit this vulnerability are already surfacing. (see link below)
The second name you might hear is “Spectre”. This is a vulnerability that affects ALL cpu vendors. And the worst thing, this cannot be patched, it’s a basic design flaw and it will stay with us for at least a decade until the current HW cycle gets refreshed world wide. Fortunately this one is much harder to exploit. We will have to see how this rolls out.
Most worrisome use case besides getting the password of your grandma back accounts, is shared HW, especially in the cloud. Think of one customer who rents compute resources from the cloud and is able to read password and data of other customers running on the same HW. Maybe your bank is the victim? And this affect everyone!
That’s it, hope this helps, let me know your thoughts.
Those who wants to read more see this link https://meltdownattack.com/

read more

My VMworld sessions recordings from 2017


This year’s VMworld was the most busy and unbelievably awesome I have been too. This year I was also extra busy myself with 3 Breakout sessions, including one with Microsoft PM on stage talking about our joint work together, that one unfortently was not recorded.
Check the sessions recording out here:

VIRT2211BU – Automating NSX for Virtual Machines and Containerized Applications

VIRT1930PU – SQL Server on vSphere: A Panel with Some of the World’s Most Renowned Experts

EU recording

read more

My sessions recordings from VMworld US 2016

VMworld 2016

It is so nice that VMworld has released the sessions recordings from VMworld US publicly for everyone, thanks to William Lam for publishing
all the direct URLs here https://github.com/lamw/vmworld2016-session-urls

As for the sessions themselves, we had a nice turnout of about 220 folks in each session and the reviews were great.

Here are the recordings:

VIRT7575 – Architecting NSX with Business Critical Applications for Security, Automation and Business Continuity

VIRT7654 – SQL Server on vSphere: A Panel with Some of the World’s Most Renowned Experts

read more

My VMworld in 2016

This is it, this year I am finally taking a very active role at VMworld after a few years of only being an attendee (except for one session at VMworld Europe in 2009 ) .

For this year’s VMworld I am going to take on the role of the Booth captain for the Virtualzing apps track booth, (YES!)  I will be working with a staff of 4: Sudhir Balasubramanian, Vas Mitra, Agustin Malanco the man (Twitter – @agmalanco ) and Ryan DaWaele. such a great crew!

We are planning 2 stations this year, where station #1 is going to run the traditional demos for Business critical applications with vSphere, features like: DRS, vMotion etc and new this year with vVols and vRA.

read more

VMware NSX Question – Can You Figure it Out?

I wrote a blog post in the VMware official blog about a demo I recorded called “Dynamically enforcing Security On a Hot Cloned SQL Server With VMware NSX“.

A bit long of a title but captures the essence of the demo perfectly. You can see the demo as well here:

I got a question from a colleague of mine with has a very keen eye:

“I just saw the great video you made, at 0:50 second of the demo we can see the rules for the prod app

What is the meaning of rule 6?  If the source is the datacenter and is broader than the App Server in rule 5, and the rule allows for ANY service, doesn’t it make rule 5 irrelevant? “

read more

Going For The Double

2015-11-04 17_37_50-VMware Official VCDX Directory

I can’t believe i’m writing this post, I have achieved a second VCDX certification (or as it’s being referred to in the community a 2X ). This time the design was for cloud (CMA) and it came just one year and some change after I became a VCDX DCV.

Just being a VCDX was a long time career aspiration of mine and I am so grateful I was able to work on the second one.

Short disclaimer – Since I am a VCDX panelist I am forbidden from mentoring candidates through their VCDX process or giving out advice on the design itself, this is so that I won’t give anyone an unfair advantage. I’ll keep this post about my personal experience towards achieving the double and keep the advice about the process.

read more

IOPS reservations in SIOC 6 , what’s the deal?

Storage I/O control has been available for a long time now since vSphere 4.1, if you don’t know what SIOC is you can read about it in many blogs out there, my personal favorite for anything storage is Cormac Hogan‘s blog, here is also a link to Cormac’s post about SIOC.

Some of you might have read about the new SIOC feature in vSphere 6 called IOPS reservations.

In case you didn’t let’s quickly review it, In version 5.5 VMware introduced a new scheduler call mClock, this I/O scheduler is more efficient but also it has the capability to set I/O reservations on VMDK’s. In vSphere 6 VMware added the ability to set those reservations on the VMDK level, not through the web client but by setting the “reservation” property on the VMDK, see this post by William Lam that has a nice PowerCLI script to do this for you.

read more

Samsung Note 5 review

Camera of the Note 5-FaZzh4970VYb0TE,r0s8AAuQfoKBZVfcE7Nc0aGl-jID8QvzB7bt9XVqJ5o

This is a bit of a different post than the ones on this blog, it’s not about cloud or IT,  it’s about the Samsung Note 5 I have been carrying around lately.

No, Samsung are not paying me for this post but I really love the phone so I had to give it my personal review. A short one.

I have this phone a few weeks by now, it does have a few drawbacks but my experience with it is great, it is truly the best phone I ever had! It’s fast, responsive, and has some new features that are awesome. lets elaborate in points:

read more

Taking my career to the next level

If your reading this it’s probably because you are wondering where I am heading, so I’ll start with that first: I recently accepted a new position with a bigger impact on VMware and its customers and on the IT community.

Starting OCT 1’st I will become a Staff solutions architect for Microsoft enterprise applications architecture at VMware’s Global center of excellence, focusing mainly on MS SQL running on VMware’s platforms.

Why? you may ask. Considering my current job is indeed wonderful it is a fair question. Currently I am working with the best SE specialists team in the world. My team is responsible for delivering pre-sales engagements about the most strategic solutions we have at VMware to our most strategic customers. As a cloud automation specialist I learned a lot and engaged in the most interesting conversations with customers about their Cloud needs and wants, conducted POC’s, got to work for the best manager I had the privilege to work for in my career and most importantly built strong relationships and friendships.

read more