Turbonomic, Economic Theory, and Disaster Recovery…

A big fan of Turbonomic. From the mailbag:


From: Jonathan Merrill
Sent: Wednesday, March 18, 2020 9:19 AM
Subject: RE: Lanvera & Turbonomic – VMware discussion and Turbo Instance check

Good morning, guys.  I lurked on yesterdays’ call as I felt Sonny did a great job working through LANVERA’s positions.  I say Turbo has been a win for our organization.

One argument to leave you with.  As you may know, Turbonomic smartly trains ACE in economic terms, specifically the idea of markets, desired configuration state, utilization buying from the lowest provider.  Based on our conversation yesterday, a conclusion was reached that Turbo isn’t the right product for unplanned disaster recovery, this is what Veeam, Zerto, and SRM does.  Economically speaking, you’re saying the product isn’t poised to correct for sudden market volatility, a change of market conditions.  I say, rubbish.  Apply economic theory:  Keynesian vs. Friedman.

I would reason Turbonomic should be able to apply Keynesian theories, as I control the markets’ foundation and worth by submitting an economic plan.  For better or for worse, if I want one market to look less appetizing than the other, I submit a plan and the markets react, utilization buying to the lowest provider.  Which essentially is what LANVERA is looking for.  I want to move workloads from one data center to another.  I want to be able to control all workloads in one DC to shift to the other side through “an economic plan”.  I should be able to define market strategy to meet a planned economic market outcome.  I see this as a basic Turbonomic function.

I also contend Turbonomic should be able to support Friedman’s theory, which is best poised to handle market volatility.  If a host goes down (ie, consumers stop buying), the market adjusts by triggering economic stimulus (disaster recovery hosts or moving workloads to the DR side).  This reactionary economic plan ensures desired configuration state in tough economic times, and could include cloud (foreign) markets (not in our case).  Alarms should go out when market volatility occurs and adjustments should be made at the workload level (consumer).  Essentially what LANVERA is looking for.  I should be able to define disaster (market) recovery plan which basically outlines where workloads go during unplanned events.

Maybe that means trigger SRM or Veeam Orchestration.  But you see the problem with that right?  Unless your hooking into those tools and pulling the strings, the response time still requires human intervention.  Not ideal.

Food for thought.


Anyone else think Turbonomic could replace SRM? This is what watching YouTube financial video watching does..

\\ JMM

NSX Is Not For Beginners…

“If I would have known how difficult it is to get NSX up and running, I never would have recommended this solution.”
– Sonny Mendoza, System Engineer – Architect, Lanvera

One of Lanvera’s major achievements in 2018 was crossing the finish line with the deployment of VXLAN and VMWare’s NSX.  Although, NSX was not simple to deploy, easy to troubleshoot, nor kind on your patience.

In fact, in 2018, I attended a Palo Alto event where I sat at a table and talked about NSX.  Others overheard and came to our table to talk about it.  One gentlemen claimed he was on his third attempt to deploy it.  Another said it broke several parts of the network and IT deemed it a risk.  The other said it’s deployed but not in production, fear of it breaking.

All of these concerns are not unfounded.  Here is a few of the take-aways we ran into that marred/aided our deployment.

5.  Hiring A Consultant Does Not Guarantee Success.  After the consultant left, our NSX solution was technically up, but moving VMs between datacenters didn’t work as expected.  Routing didn’t work as expected.  And many phone calls to VMWARE ensued to work on the small whoops that the consultant didn’t catch.  Consultants often expect their clients to know what to look for and with something like NSX, we didn’t know what we didn’t know.

4.  NSX Training Does Not Guarantee Success.  At the behest of our sales engineer, they highly suggested we attend VMWARE’s NSX training, which we spend credits on.  My team reported that the training was problematic, from lab’s crashing or freezing to unable to run the content.  Many phone calls to support dragged it out by weeks, if not a month or two.  After the technical leads were trained, they found the training really didn’t prepare them for the challenges of the deployment.  “Thank goodness we had the consultant”.

3.  Attending VMUG Did Not Guarantee Success.  Although, my team would say it helped.  In fact, Sonny took over a session at the DFW VMUG to talk through our NSX deployment with their subject matter experts.  Explaining our behavioral problems.  Lots of stumpers unsolved.  All that said, I am an advocate of VMUG.  I feel user groups are important to attend for these kinds of reasons.

2.  Reading VMWARE’s Books and White Papers on NSX Did Not Guarantee Success.  Forums and communities would highlight these reads, so we absorbed as much as we could.  However, the books contradicted what sales engineers and our consultants told us.  When we shared our sources for the matieral, “Well, that is technically true, but I don’t recommend it” is what we got back.  Conversations got really suspicious.  What is the agenda here?  Sell more VMWARE licensing or actually get NSX running in a workable state.

1.  Having a VMWARE Lab is the Biggest Recommendation We Can Make To Improve Success.  We didn’t have a lab, but the entire time either we made comments, consultants made comments, or people at VMUG made comments.  Testing these technologies in lab is far better than going straight to the production network.  VMUG is an excellent resource on lab licenses for the VMWARE IT pro.  Competency of the product is paramount, especially when encountering anomalous behaviors.

Resources

VMWARE’s User Group

NSX Communities

Beginner or Advance NSX Hands-On-Lab (HOL)

VMware product page, customer stories, and technical resources

VMware NSX YouTube Channel

\\ JMM

Does Network Cabling Matter ?

Cabling is important. Its need to be good enough. The problem I have with cabling is that people spend way to much time fussing, fretting and fooling themselves that having nice cabling actually has value.

You should be spending time in meetings, writing scripts or buffing up your excel skills to work out the software subscription licensing costs.

Q. Want your advice on a cabling colour scheme for our new data centre ?
A. I DO NOT CARE. IT JUST HAS TO WORK. NO REALLY. I JUST DONT CARE

From Blog Ethermind, June 2018

I read Greg Ferro. I have read his blog for many years. I feel his pain and acknowledge it.  And, although this argument is well written, it is worthy of comment for those who choose to think different.

You see, I do fall in the camp that cabling is important. It’s representative of many things that exist in Information Technology that are under the covers.  Cabling determines how serious you are, how disciplined your IT show is, and the attention to detail your team has.  Yes, cabling says all that.  And when you invite me over to see your data center, it’s what I am thinking when you show off your hard work.

“Network cabling usually only represents 10% of the total technology spend.” – Bill Atkins, during his time at Panduit

Yet, we run the production IT show on that cabling.

“Sometimes you have to do IT two or three times to get it right.” – Former CTO (Name Witheld)

Ouch.  Doing the same things two or three times is not cost efficient and often indicative of culture.  Did you hire the right people and put them in the right seats?  Did we listen to our wiring experts or follow the misguided advice of “this is how we’ve done it for 20 years”?  Two or three times in the wire business is great for the manufacturer and installer, bad for the organization writing the check.

Why Cabling Should Be Important To IT People

I didn’t say critical.  But there should be a standard to hit, as IT craftsmen.  A guide to follow.  Here is my top 5 things I recommend peers to consider when cabling.

#1.  Wiring should be easy to understand.  Color codes and design.  BICSI.  ANSI/TIA/EIA-606-A, Administration Standard for the Telecommunications Infrastructure of Commercial Buildings, or the updated ANSI/TIA/EIA-606-B documents these standards.

#2.  Wiring should be easy to troubleshoot.  As-Builts in all data centers and cable plants.  Consistent labeling throughout the facility.  Velcro over zip-ties.  Basket tray versus cable tray.  Combined wire with slack vs. just letting it hang.

#3.  Quality versus Crap.  Mid-grade wire versus minimally compliant.  Wire for the 20 year plan vs. no plan.  1GB is often plenty.  10GB is overkill if your back end can’t support it.  Think hard about plenum vs. non-plenum.

#4.  Manufacturer and installer proud.  When the manufacturer wants to show your work to their prospects, that’s a good sign they’ve done it right.  Choose certified installers.  Ask the question.  Then choose quality products that align with your team’s standards.

#5.  Wire once.  Your ROI is far better achieved when the installer comes out to do the big job versus coming out multiple times over 2-3 years.  Multiple times often equates to two times the labor cost.  Your not saving money and the chances of mistakes are actually higher.  Wire once, if at all possible.  And then ask the manufacturer to QA your job during your walk through.

\\ JMM

LANVERA’s System Engineering Team – 2018

“NIHIL SINE MAGNO LABORE”
– Translated ‘Nothing Without Hard Work’

Rebuilding technology is no small feat.  It takes people who are willing to work the extra hours, have the attention to detail, put their technical skill to the test, and work with peers who expect the same.  It takes a team.

ITO SE 2018

LANVERA System Engineering Team – 2018

\\ JMM

Information Security Preventative Measures

Information Security Preventative Measures
By US Department of Homeland Security, United States Secret Service
NTX ISAA Cyber Security Conference, November 10, 2018

  1. Employee Awareness and Training
  2. Strong Filters
  3. Email Scanning (Incoming and Outgoing)
  4. Firewall Configuration
  5. Network Segmentation
  6. Software Updates
  7. Scheduled AV Scans
  8. Configure Access Control (Least Privilege)
  9. Disable Remote Access
  10. Software Restriction Policies

Please check out this conference notes and consider attending going forward.  Amazing event and a lot of content shared.

\\ JMM

Our Data Center Reboot

“In today’s era of volatility, there is no other way but to re-invent.” – Jeff Bezos, Amazon founder

Our first major project happened in September of this year.  We fork-lifted the corporate office data center, refreshing our technology foot print and establishing standards.  An investment in not just things, but our technology philosophy, with emphasis on quality, craftsmanship, and ownership.

Before:

XXXX
LANVERA’s Data Center – June 2017 – Front

LANVERA's Data Center - June 2017 (Back)
LANVERA’s Data Center – June 2017 – Back

After:

Coppell's New Datacenter-Front
LANVERA’s Data Center – September 2017 – Front

Coppell Datacenter - Back
LANVERA’s Data Center – September 2017 – Back

Reinvention, completed.

\\ JMM

The Technology Roadmap…

One of the masterful idea’s contributed by Steve Moore, Director, IT Operations, at Santander Consumer USA, was introducing the Technology Roadmap.  This tool is not just about tracking what technology is owned, but serves a very specific purpose:  managing upgrades, identifying risk, communicating timeframes.

If your looking for a way to set up up transparency in IT systems engineering and communicate timeframes with leadership, this tool accomplishes that aim.  If you need to report to auditors the review cycles and pros/cons to the versionsm, this tool meets that need.

You can find this tool here.

\\ JMM

Technology: Faster, Cheaper, Or Better

“Technology is only valuable if it results in faster, cheaper, or better. If not, it just sucks up time and money that could be put to better use somewhere else.” – Jeff Haden, INC. Magazine

This quote is timely as we are actively investigating VMWARE’s virtual networking technology NSX.  Remarkably, the technology is capable and connected deeply with our strategic DevOps philosophy.

However, my struggle is NSX’s cost.  Sans discussing the specifics of our pricing, the math roughly equates to $2000 per server for 3 years.

Organizations with a small technology footprint, is NSX valuable enough for faster, cheaper, or better results?

\\ JMM

60 Days: It’s Go Time!

“Does anyone have any questions on where we are going and your role how to get us there?  No?  It’s go time, team.  Always forward!” – Jonathan Merrill

Here we are at the 60 day mark and we are looking back with awe and anticipation. Although this isn’t the exhaustive list, the highlights are:

1. We hired our system engineering architect, Sonny Mendoza. A US Navy and IT veteran, he brings deep expertise in both the VMWARE and Microsft stack. A proponent of VEEAM and NIMBLE, two complimentary technologies currently in house. His experience in both the SMB and large enterprise space is evident in his questions and answers. He has been an amazing addition to the IT team, bringing in sage experience, a positive energy, and can do attitude.

2. Wrote and implemented IT maintenance policies focusing on patching and security remediation. The policy includes an change freeze period, quarterly reviews and update schedule, and architectural review. Formalizing maintenance was the first step in establishing a relationship and accountability with teams testing patches and reducing risk. Establishing a schedule communicates when IT infrastrucutre will be updated so development and print operations has down range visibility, setting reliable expectations.

3. Implented enterprise password management. Our specific requirements were password sharing with teams, role based access control, automatic password rotation, password auditing and history, Active Directory integration, and high availability. We migrated from a KEEPASS situation to Click Solutions’ Password State.

4. Implemented the enterprise auditing solution. Speaking to vision, the solution needed to give unprecedented transparency to all teams as we marry up audit data with change management practices and and enabling a better support visibility across all teams. Netwrix Auditor is a best of breed tool and is supremely designed for SMB organizations. Microsoft space initially targeted. Additional work still to go covering VMWARE, Exchange, SQL, and networking.

5. Implemented an asset-focused network management tool. Many of my former team members won’t be surprised, but I am firm believer of LANSWEEPER and giving teams’ access to manage their resources. This tool gives teams a birdseye view of whats installed, what errors exist, and health of resources applied. When we rolled this out, teams were presently surprised at what’s going on and assists in the troubleshooting of issues. Now we are collaborating.

6. Exited out of CenturyLink’s hosted services. We are continuing to evaluate our strategic partners and aligning to goals. No fault of CenturyLink, we determined to go another direction. We thank them for their stellar services provided.

7. Implemented the ORC process. Documenting systems should be a part of our DNA. This process enforces the C (Culture) and S (Sharing) in CAMS. We asked for leadership buy in and got it, trained teams, now set goals. 100% by Jan 1.

8. Implemented Death By Meeting’s, “Tactical” and “Stand Up”. Next up is strategic. Goal: Lower adhocs.

All this in 30 days! And doesn’t include the projects in flight. Here are some quick bullets of things we are building:

  • Workstation Technology Refresh. Uplifting the workstation platform, bringing in new tech.
  • Active Diretory Refresh. Cleaning up the past, rolling out RBAC, and enabling teams. Trust, but verify.
  • Network Refresh. Rethinking wireless, local area, and wide area networks. SDN for the win.
  • OpManager Proof of Concept. Manage Engine’s solution is comprehensive. Amazing value for what is delivered.
  • Splunk Proof of Concept. Can anyone argue that Splunk isn’t an amazing tool? Evaluating it’s place.
  • Alien Vault USM Proof of Concept. Having had experience with Nessus, Qualys, Nexpose, Alien Vault is a challenger.
  • Data Operations Proof of Concept. Automating core functions internally. Managing 10k scripts or jobs requires control.
  • Intranet / Employee Portal.  Rethinking SharePoint’s place.

It’s go time.

\\ JMM