VMware News and Announcements – May 26, 2022

VMware News and Announcements – May 13, 2022

VMware News and Announcements – March 4, 2022

VMware news and announcements – Feb 18, 2022

VMware news and announcements – Jan 28, 2022

VMware Response to Apache Log4j Remote Code Execution Vulnerability

Here is latest VMware Advisory:

VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
https://www.vmware.com/security/advisories/VMSA-2021-0028.html

VMware VMSA-2021-0028: Questions & Answers for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)

https://core.vmware.com/vmsa-2021-0028-questions-answers-faq

This vulnerability is an industry-wide one, in a component called “log4j” that is used to log information from Java-based software. This vulnerability is critical, rated 10 out of 10 on the CVSS 3.1 scoring scale, because it is an unauthenticated remote code execution (RCE) vulnerability, allowing attackers to run commands on affected systems by simply getting them to log a specific string. 

Generally speaking, every piece of software that has ever used log4j is potentially vulnerable. VMware uses log4j as well, which is why we are reacting to this. However, this vulnerability also affects customer workloads, too. Customers need to assess their entire environment for use of log4j, in infrastructure and workloads, and remediate it as soon as possible either through patches or workarounds.

The vulnerability was announced by the Apache Foundation suddenly, as a “0-day” or “zero day” vulnerability, taking everybody by surprise. Normally a vulnerability is reported privately to the software maintainers who then have time to repair the issue and release an update so attackers don’t have a temporary advantage. That isn’t the case this time. Regardless of the timing, the ubiquitous use of log4j means that no matter when this vulnerability surfaced it was likely to have a huge impact. While disclosure going into a weekend is bad timing, it’s good that it did not happen later in the calendar year.

VMware Customers should subscribe to the VMSA mailing list and continue to monitor the VMSA page itself, as well as the linked resources like the QandA/FAQ. They also should be assessing everything else in their environment, because lots of other software incorporates log4j. This issue isn’t a VMware-specific problem, it’s an “everything everywhere” problem.

VMware for AI & ML Workloads

28 years ago I spent a year preparing a University thesis focused on Neural Networks. Practical usage and the job market wasn’t there back then but lots has changed and Artificial Intelligence and Machine Learning (AI/ML) is everywhere. VMware has been focused on AI/ML for awhile by incorporating it into its products and making it easier for customers to run those types of workloads on top of vSphere. Recently I started looking deeper into this and uncovered some great resources that I thought I would share.

This is a good blog summarizing VMware’s strategic direction: VMware’s AI/ML direction and Hardware Acceleration with vSphere Bitfusion

AI/ML was popular at VMworld 2020 and you can see a list of the focused sessions here: Your Guide to AI/ML Content at VMworld 2020. To view the recorded session, you can go to the VMworld On-Demand Video Library. If you don’t have an account already, you can create one.

Some of the announcements at VMworld 2020:

To keep up to date check out the VMware ML/AI BLOG: VMware Machine Learning & Artificial Intelligence

What Capacity Utilization Will I have after I Evacuate a vSAN Host?

To fully evacuate a vSAN host and satisfy FTT=1, FTM=RAID1 you must have at least 4 hosts in the cluster. When a host is put in maintenance mode and fully evacuated, that host data is spread across the surviving hosts. In other words, if you follow the vSAN best practice guidance to stay less than or equal to 70% utilized, then the capacity that represents the 70% utilization must now fit on 3 hosts, which means those 3 hosts become 93% utilized (70% utilized * 4 nodes / 3 nodes = 93.3% utilized). The more hosts you have in the cluster, the less utilized your cluster will be when putting a host in maintenance mode. For example: 70% utilized * 10 nodes / 9 nodes = 77.7% utilized after evacuation of a host.

The formula for this is:

% Utilization after evacuation = (% Utilization before evacuation * # nodes) / (# nodes – 1)

Nearly 10,000 vSAN Customers! Come hear from 4 of them at VMworld 2017!

I started at VMware on the vSAN team 4 years ago when we had 0 customers. It’s been a pretty wild and fun ride to get to 10,000 but we’ve only just begun. Customers are seeing the benefits of HCI and vSAN for all sorts of use cases including mission critical applications, management clusters, VDI, ROBO, DMZ, test/dev, DR Sites, and IaaS at IBM Bluemix (formerly SoftLayer) and soon at Amazon with VMware Cloud on AWS.

Unfortunately, we cannot fit all 10,000 customers in one breakout session at VMworld, but we can fit 4. I’m hosting a breakout session titled:

vSAN Technical Customer Panel [STO2615PU]

(Now that the session has happened, here is the video recording:)

I hosted a similar session last year with Stanley Black and Decker, Synergent Bank, M&T Bank, and Baystate Health and it was a lot of fun with some great audience participation. For more information check here.

This year we are fortunate to have Sanofi, Sekisui, Travelers, and Herbalife join the panel. The format is this:

  • Introduce the Panel
  • Panelists introduce their company, their VMware environment, and their use of vSAN
  • Q&A – I will have some questions for the panel but we expect the audience questions to generate some great discussion.

Let’s meet the Panelists:

Joachim Heppner
Director, Virtualization Engineering Services
Sanofi

In 2016 this large pharma needed to refresh their Remote Office Branch Office (ROBO) sites. After a successful proof of concept, 2+ Node vSAN on HPE ProLiant Servers was chosen. Since then, vSAN has been deployed for management clusters and VDI in USA and EMEA as well as in 2 of their 13 regional data centers. Next, Cloud Foundation is being considered to replace their legacy Blade servers & Storage arrays.

Michael DiBenedetto
Director, Global IT
Sekisui Diagnostics

In early 2014 this mid-size pharma needed to build a DR site and chose a 4 Node vSphere cluster with vSAN enabled. They used vSphere Replication and SRM to test and automate DR. They also moved their test and development environment to this cluster. This year they are replacing their production data center with HCI and vSAN.

Alexander Szwez
Senior Systems Engineer
Travelers

vSAN was chosen to support production and test/dev Hadoop workloads. Two other vSAN clusters are used for new application workload POC’s. In addition, 2 Cloud Foundation configurations, each with a management cluster and a VM workload cluster are being implemented to prove how the built-in automation simplifies operations.

Jaime Gurrola
Worldwide Manager of Linux & VMWare
Herbalife International of America

In early 2014 this nutrition company wanted to modernize their data center by automating IT to simplify application access and management and transform Windows delivery. Today they run vSphere and vSAN and are evaluating NSX in multiple call centers to support 4000 Horizon VDI across 5 ROBO sites and their primary data centers for mission critical applications. They’ve achieved great cost savings resulting in significantly reduced TCO while delivering exceptional performance to their users.

I’m looking forward to seeing many great friends and to meet new ones at VMworld. I hope you can come and participate and enjoy this session with these great guests.

Replays of Virtual SAN Sessions at VMworld 2016 That You Didn’t Want to Miss

What a great week last week at VMworld 2016. I had many good meetings with customers, participated in 3 breakout sessions, met up with some old friends and met some new ones. If you missed VMworld, well, then you missed a bunch of great sessions. There’s no way you could have seen them all, so, VMware has made them available here: http://www.vmworld.com/en/sessions/2016.html.

I participated in two sessions:

The first one was a customer panel discussion on Tuesday afternoon. I need to thank Glenn Brown from Stanley Black & Decker, Mike Caruso from Synergent, Tom Cronin from M&T Bank, and Andrew Schilling from Baystate Health who all did a fantastic job representing themselves, their companies, and their use of Virtual SAN. We had great interaction from the audience with lots of good questions. For a replay of the session check this out:

Four Unique Enterprise Customers Deployment of VMware Virtual SAN [STO7560]
Glen Brown
, System Engineer, Stanley Black and Decker
Michael Caruso, AVP Corporate Information Systems, Synergent
Tom Cronin, Sr. Staff Specialist – Platforms Engineering Group, M&T Bank
Frank Gesino, Senior Technical Account Manager, VMware
Andrew Schilling, Team Leader – IT Infrastructure, Baystate Health Inc.
Tuesday, Aug 30, 5:00 p.m. – 6:00 p.m.

The other session I was involved in was on Wednesday and repeated on Thursday. I had the good fortune to present with two VSAN Product Managers who are responsible for making VSAN great. Vahid Fereydounkolahi is responsible for driving new features into the VSAN product and Rakesh Radhakrishnan is responsible for making sure all the vendor hardware components are properly qualified for VSAN and for looking out into the future of new technologies like NVMe and RDMA to adopt into VSAN. For a replay of the two sessions check these out:

Peter Keilty, Office of the CTO, Americas Field – Storage and Availability, VMware, Inc.
Rakesh Radhakrishnan, Product Management & Strategy Leader, VMware
Wednesday, Aug 31, 2:00 p.m. – 3:00 p.m.
Vahid Fereydounkolahi kicked this one off discussion VSAN features, capabilities, and how it works, I took over in the middle to discuss Day 2 operations, and Rakesh Radhakrishnan finished it off discussing the Ready Node program as well as current and future flash and IO technology that VSAN incorporates or will incorporate.
Virtual SAN Technical Deep Dive and What’s New [STO8246R]

Thursday, Sep 01, 10:30 a.m. – 11:30 a.m.
Vahid wasn’t able to make this time so I kicked things off talking about VSAN features, capabilities, how it works, and Day 2 operations, and Rakesh Radhakrishnan finished it off discussing the Ready Node program as well as current and future flash and IO technology that VSAN incorporates or will incorporate.
Virtual SAN Technical Deep Dive and What’s New [STO8246R]

In my previous blog post I highlighted the sessions you wouldn’t want to miss. So here, I’ll provide the links to those sessions. A few either haven’t been uploaded yet or won’t because of legal or future looking reasons:

Christos Karamanolis is literally the brains behind VSAN since its inception and our chief visionary for Storage. If you want the whole picture wrapped up in a 1 hour session, this is it.
An Industry Roadmap: From storage to data management [STO7903]
Christos Karamanolis, VMware Fellow – CTO of Storage and Availability, VMware
Wednesday, Aug 31, 4:00 p.m. – 5:00 p.m.

Continue reading “Replays of Virtual SAN Sessions at VMworld 2016 That You Didn’t Want to Miss”