vSphere Replication 6.0 part 3: enhanced linked mode, backup and recovery scenarios

In the 3rd part of my series I am going to talk about the usage of vCenter enhanced linked mode and vSphere Replication 6.0 and how it can be used to protect the vSphere replication infrastructure itself.

In the newest version vSphere replication makes use of the LookupService provided by SSO on the new Plattform Service Controller (PSC). Having multiple vCenter instances sharing the same PSC, the so called vCenter enhanced linked mode, we are not just able to manage all vCenter within a single vSphere Web Client. We can also use vSphere replication to replicate and therefore protect VMs from one site to another and migrate simply a VM back after a restore of the protected site within an integrated view.

The following demonstrated a logical view on a recommended vCenter enhanced linked mode setup.


This architecture has a lot of benefits. You have a vCenter in both sites which is required when you are forced to recover your VMs (in a supported way). As soon as we are having our vCenter in an enhanced linked mode we are able to select all joined vCenter as a target for our vSphere replication protection.

vSphere Replication linked mode target site

I see very often that the backup strategy of some organizations does not take it into consideration that you very often MUST have a vCenter to recover a VM with your backup solution ( if there is no ’emergency-direct-to-ESXi-recovery-feature’ included). For sure there are ways to register the replicated VM back to on the recovery site, but hey … (officially) we need to make sure that our recovery procedures are supported by the vendor.

In the current situation there is one thing I am uncomfortable with. The current recommended way by VMware tells us to create a dedicated PSC-Cluster with a Network Load Balancer in front of it. Since only NSX, F5 and NetScaler is supported this puts a little additional fee for licensing, operating and implementing of the solution. To be honest, I don’t believe to see such a setup pretty often in non-enterprise environments (On this level people are waiting for vVol replication support ;-)).

The only ‘easier’ suitable option would be to a solution like the following in place


Referring to VMware blog post on the new PSC architecture possibilities the only recommended option is the one mentioned in the beginning. I am currently evaluating and searching discussions about the pros/cons of the mentioned configuration. I will write about the findings in a different post.

Protect and Recover vSphere Replication Appliances and Server (Demo)

It’s worth to remember protecting the vSphere Replication Appliances as well, so that in case of an outage your are able to bring back the replication infrastructure pretty painless. I am going to show you how to recover from a vSphere Replication Appliance data-loss.

In my Lab environment I have two sites and I am going to protect the vSphere replication appliance from LE02 (managed by LE02VCE03) to LE01 (managed by vCSA01). The PSC of each vCenter has joined to the same SSO-Domain.

On my protected site I have 6 machines protected.

In the first scenario I have lost my vSphere replication appliance data on the protection site, so I recover it (vSRA) with help of vSphere replication


and once the original site has been restored, I failback to it via cross vCenter vMotion.

vSphere_Replication_2 vSphere_Replication_4

One thing you need to take care of is that the vSphere Replication Appliance and Server are registered against a vCenter. If you restore this machine in the way I described it above or with any other backup solution that restores the VM you need to make sure to re-register the VM with the vCenter, otherwise you see the following error within the vSphere replication menu.



So what to do? Register the recovered VM as a vSphere replication server

Screen Shot 2015-07-14 at 16.16.10

and verify that all of your vSphere replication jobs are still in place / running.

Screen Shot 2015-07-11 at 11.15.50

Voila… we recovered the vSphere Replication Appliance and can go on with our next test.

Recover  protected virtual machines with and failback with cross vCenter vMotion (Demo)

My protected site has been failed and the data has been lost. Lucky me I was able to recover all protected VMs on my recovery site. Depending on the network-characteristics you might be forced to change the IPs of your VMs (PowerCLI can be your friend 😉 )

Screen Shot 2015-07-14 at 17.11.58

Screen Shot 2015-07-13 at 21.32.39

After the rebuild of my primary site. I was able to to failback/migrate all VMs with cross vCenter vMotion to the original site.

Screen Shot 2015-07-13 at 22.53.59


Finalize the steps and voila. You have successfully failed back the VMs.

Make sure to configure a re-protection of the virtual machines.

Final words

The thing I am still missing is a smooth way of having a simple setup of a vCenter in a linked mode. Once I lost my protected site the behaviour of the Web Client was getting really slow and sluggish. Even after the site recovery I needed a reboot of my primary vCenter to get it fully functional again. At this time I am still not sure what’s the best way to establish a vCenter in enhanced linked mode in a ‘stretched’ environment. Any input / discussions / opinions are very appreciated.



IMO: #VMworld 2014 recap Automation & Orchestration (part 5)

Sitting here at the airport in Bucharest I thought I can finally write down my IMO thoughts about the whole automation/orchestration topic.

As I had more fun in writing about automation instead of vSAN/vVol I did it like George Lucas and mixed the orders of my parts/episodes 😉

IMO: #VMworld 2014 recap on VMware NSX (part 1)

IMO: #VMworld 2014 recap VMware EVO:RAIL (part 2)

IMO: #VMworld 2014 recap VMware vCloud Air (part 3)

IMO: #VMworld 2014 recap vSAN and vVol (part 4)

IMO: #VMworld 2014 recap Automation & Orchestration (part 5)

I visited a lot of breakout sessions regarding automation and scripting. Some of them were really really good with some great core-messages, for other sessions my skill-set of scripting or programming was not honestly not good enough to get it all ;-).

2014 was kind of a PowerCLI year for myself. I was automating a lot of stuff in a huge project with PowerCLI. I did not just used PowerCLI for interacting or automating vSphere object (VM, Clusters, Datastore,…) related things, but also to automate/optimize operational or implementation tasks (vCenter / SQL installation, Automatic Setup …). There are just so many amazing things you can do with Powershell/PowerCLI.

So IMO whoever is going to read this (if you are one of my students you will know this message):

Don’t be afraid of learning automation via scripts because it is related to programming.

In my opinion (and I meet/teach around 100 people a year from all kind of IT-infrastructure background) so many people are afraid because they have never been good at programming. This might be definitely correct, but there is no need to worry. I am definitely not a programmer and to be honest I am not considering me as a powershell/powercli professional as well. Nevertheless Powershell/PowerCLI makes it really easy to get started, because …

  • … the community is so f***** great.
  • … you have some sense of achievement pretty soon (I mean having an output of ‘hello world’ never really made me proud, but creating 50 VMs out of a template within 1-line in 2 minutes is somehow a really cool thing.
  • … the community is so f***** great ;-).

Automation is the future in the IT-infrastructure especially now that we are heading step-by-step towards the software-defined datacenter. Each component in the infrastructure is opening itself up via an API where we can run our code against. So what is the next step for me personally? Evolve from scripting to orchestrating.

During VMworld the session MGT2525 Chasing the White Rabbit all the Way to Wonderland: Extending vCloud Automation Center Requests with vCenter Orchestrator ()had a great outcome which order of automation is the best.

Policy driven (think about vVol/vSAN) things are probably not the things in the nearer future I will implement (I’m not a developer…….yet :P). Anyway I might be able to get much more into the whole orchestration (vCenter/vRealize Orchestrator) topic.

Working a lot in the automation field with script languages like Powershell, I realized the benefits and weaknesses of purely scripted solutions. If you want to have an automation engine done via a script language (e.g. Powershell/PowerCLI) it works pretty fine. But among other features you have to reinvent the wheel all the time. How can an object within a workflow be stored persistently? How can a workflow be pause/resumed? Functionality-extension via standardized plug-ins? How can I scale such an automation engine up? A lot of thinks will come up during the development, which have to be dealt with. Those topics are reasons where I believe that professional Orchestration solution are a much better choice. I will try to find this out and be more specific within the next months ;-).

So do we start learning this stuff? Having some chats after a #vBrownbag Session with Joerg Lew ( @joerglew – He was introduced to myself and is obviously the orchestration guru) he gave me some good advices how to start with when I want to learn about vR/vC Orchestrator.

That’s exactly what I am going to do in the next months…. When 2014 was my year of PowerCLI, 2015 will be my year of Orchestration.

So you wanna see how I am doing learning it? I try to keep you informed right here on this blog…stay tuned…

(And if I have not made any progress on automation at the end of next year…feel free to kick my ass if you see me 😉 )

IMO: #VMworld 2014 recap VMware vCloud Air (part 3)

This is part 3 (and the first as a VCAP-DCD 🙂 ) of my IMO #VMworld wrap up. Read my about thoughts of a new product called vCloud Air.

IMO: #VMworld 2014 recap on VMware NSX (part 1)

IMO: #VMworld 2014 recap VMware EVO:RAIL (part 2)

IMO: #VMworld 2014 recap VMware vCloud Air (part 3)

IMO: #VMworld 2014 recap vSAN and vVol (part 4)

IMO: #VMworld 2014 recap Automation & Orchestration (part 5)


A big part of the keynote during VMworld was about vCloud Air and the progress VMware is doing in creating new datacenters all over the world offering public cloud services. The idea of having a hybrid cloud is from a top-level approach a really good one. IT services need to be delivered quicker with changing workloads and so on. Instead of increasing the capex and might risk that we invest in unused resources we can transform the capex into an opex by just ordering Infrastructure resources on demand from a public cloud provider and pay-as-we-go. A great thing from a management perspective and also from observing the use-cases logically it makes kind of sense to transform long-term into a hybrid solution.

So what do we need for a hybrid solution? An integration between our local datacenter and a public provider. Using the same technologies within both datacenters, ours and vCloud Air, we are able to seamless connect to each other. vCloud Automation center….pardon I meant vRealize Automation Center, NSX, long distance vMotion are hybrid-cloud enabler from a technological perspective. With all those technologies the hybrid-cloud is starting to get reality (honestly, how many of you have heard or was involved in a fully functional hybrid-cloud integration project?)

Buuuuuuut IMO I honestly doubt that VMware’s vision will be successful in the short-/midterm here in Germany (maybe in Europe at all). With all the potential $$$-signs (I know, I know… Server virtualization is moving into get commodity as well and we need to find/grow into new markets if VMware wants to be successful) in their eyes there is one thing that was forgotten or at least not communicated well (honestly not communicated at all during VMworld).

What about data privacy?

And I am not talking about securing the boarders of your datacenter from an unauthorized access. I talk about authorized access of US organizations like NSA and so on.

As a trainer and consultant I thing I have a good feeling about the mood “on the streets”. You get to know and discuss a lot with many people from different companies, backgrounds with several use-cases and and and. The big driver of not using public services is the following: the data/information we have in our datacenter is our capital. It is the driver and enabler of our business and we need to protect it.

I don’t want to get into any conspiracy theories, but organizations like the NSA has a reputation that they are also involved in economic espionage. No matter if this is a fact or not, it is a general believe in IT organizations now-a-days. So the general opinion is. “We are not giving another organization a key directly to our valuable data”.

Sanjay Poonen mentioned during the keynote that VMware is proud about creating a datacenter for vCloud Air in Germany in compliance with our (Germany’s) pretty strict data privacy rules. This would be only as long a valid argument if our data-privacy rules cannot be leveraged by certain US-rules/laws.

Microsoft is currently fighting in front of US courts to make sure that data physically located in a non-US country MUST NOT be opened to specific US organizations.

The result of this process will accelerate or slow down (I don’t say enable or disable on purpose…the transformation to public services will happen anyway) the usage of public-/hybrid cloud solutions in our region.

IMO it’s a funny thing that Microsoft (as a competitor of VMware) will be responsible for a success of vCloud Air (of course Microsoft is doing this to enable/accelerate their own Azure business). What I would have wanted would be a statement by VMware about this specific situation and how the are going to deal with it. Don’t talking about things like data privacy is something that won’t work on a ‘conservative’ market like Germany. And since I heard sooo many German-speaking guys at the VMworld, I can’t imagine that this market can be ignored by VMware.

Microsoft vs. US law:

vCloud Air overview:

vCloud Air elearning:

IMO: #VMworld 2014 recap VMware EVO:RAIL (part 2)

This is part 2 of my IMO #VMworld wrap up. Read my about thoughts of a new product called EVO:RAIL

IMO: #VMworld 2014 recap on VMware NSX (part 1)

IMO: #VMworld 2014 recap VMware EVO:RAIL (part 2)

IMO: #VMworld 2014 recap VMware vCloud Air (part 3)

IMO: #VMworld 2014 recap vSAN and vVol (part 4)

IMO: #VMworld 2014 recap Automation & Orchestration (part 5)



EVO:RAIL is a pretty cool so called hyper-converged solution provided by VMware and partner vendors like (DELL, EMC, Fujitsu, INSPUR, net one, SUPERMICRO, HP, Hitachi). Summarized Evo:Rail delivers a complete vSphere-suite (including vCenter, vSAN, Enterprise+ & vRealize suite) bundled with 4 computing nodes which is from a technical perspective ready to be productive in less than 30minutes (the record at the EVO:RAIL challenge was <16 minutes).

Such a solution is a thing I thought about a long time ago (it was one of the outcomes of my master-thesis on the software-defined datacenter in small-/medium sized enterprises) especially for small environments where the admins want to focus on operating the running systems (or better: delivering an IT-service) rather than implementing, installing and configuring basic infrastructure (Yeah I know this is going to be a shift in the future for me as a trainer who delivers a lot of install, configure manage classes and did installations as part of my consultancy/implementation jobs).

IMO VMware did a very smart move not to get into the role of a hardware vendor and did a cooperation with existing and well-known partners to deliver the solution specified/managed via the EVO:RAIL engine by VMware. The established sales channel to customer and companies can be used. Especially small- and medium sized business will be attracted by this solution as long as the pricing/capex ist affordable for them. Which means from a business perspective the following: VMware delivers the software (vSphere, vRealize and the EVO-engine) and the vendor delivers the hardware & support. The business-management (#beersherpa) guy inside of me says…. perfect… everyone stays at its core competencies and bundle the power together to bring a much better solution for the customer (One contact point for support, a completely integrated and supported virtualization stack, shortest implementation times).

I believe for the big x86 vendors this solution is just a next step in becoming a commodity. Isn’t the whole software-defined datacenter thing about decoupling software from hardware, creating/using a smart VMware controlled control plane and a commodity data plane which is responsible for the concrete data processing based on the control plane logic? We don’t or will not care anymore if the hardware (switch, storage, computing nodes) is HP, Cisco, Juniper, IBM, etc. We will care about the control plane.

With EVO:RAIL it will get even tougher for the hardware vendors to differentiate from each other and the competition in the end can only be won by the price (in the small/medium sized market). I want to add that I missed the chance in the EVO:RAIL demo room to have a discussion about this topic from a vendor perspective (damn you VEEAM party 😉 ), so if you have done anything similar or have own opinions please comment on this post or contact me directly.

The use cases of EVO:RAIL can vary (Management Clusters, DMZ, VDI, small production environments) a lot and I believe that this is a product is a pretty good solution which will be triggered from a bottom-up perspective within the companies (I am referring to my bottom-up / top-down approach of bringing innovation in companies at the NSX post (link)). Administrators will love to reduce the setup time of a complete vSphere environment.

Especially for VDI solutions I can imagine a brilliant use case for the EVO:RAIL, which means next step… VMware please bundle the VMware Horizon View licence into EVO:RAIL and integrate the View setup into the Evo- engine :-).

Useful links around EVO:RAIL:

IMO: #VMworld 2014 recap on VMware NSX (part 1)

It’s really long ago that I have put any content on this blog, but the amount of discussions during VMworld Europe this year have lead to the situation that I somehow need to get out my thinkings/opinion (IMO) on all this new trending VMware topics. Feel free to confront me with my statements and I would love to defend or readjust them. (That’s how knowledge expansion works, does it?!)

While writing the several parts I have realized that it was suddenly much more content that I had in mind the first place, so I separated the articles in several parts. All articles are reflecting my personal opinion (IMO) and are differing a little from the other posts we have published so far on

IMO: #VMworld 2014 recap on VMware NSX (part 1)

IMO: #VMworld 2014 recap VMware EVO:RAIL (part 2)

IMO: #VMworld 2014 recap VMware vCloud Air (part 3)

IMO: #VMworld 2014 recap vSAN and vVol (part 4)

IMO: #VMworld 2014 recap Automation & Orchestration (part 5)

VMware NSX

NSX is the newest technology by VMware trying to enable the software-defined network (and be a part of the software-defined datacenter). I put a lot effort on NSX over the last days and must admit: this is a really cool concept and solution. We create a logical switch within and across all of our datacenter. You can define rule based networks (who can communicate with whom (DMZ, Multi-Tier Application) and have it integrated inside of the VMkernel (e.g. IP-traffic routed inside the ESXi instead of touching the physical devices).

Pat Gelsinger described it very well during his keynote. “The datacenter today is like o a hard boiled egg – hard on the outside, soft on inside”. NSX will enable to deliver security mechanisms within the virtualized datacenter as well integrated in the VMkernel of the ESXi.

NSX will offer us a great flexibility managed in a central point (NSX Manager) via an UI or API which can be used by orchestration engines likes vCO.

From a technological perspective this is definitely awesome, but will we see a similar development of NSX like we have seen with the x-86 virtualization products? IMO I don’t think so on a short- to mid-term.

The advantages of NSX will come to play in very large environments with high flexibility and security requirements (financial services, IT-provider, e.g.) which means I don’t see a mass market currently out there in the next years. This does not mean it won’t be a financial benefit for VMware (good things never come for free), but only a few of us will be confronted with a NSX installation or customer who are going to implement it.

The second thing I see is that those large enterprises will get faced with organizational challenges when implementing NSX. From my experiences and chats I had during VMworld, large enterprises typically have different organization units for Network and Virtualizations. Technologies like NSX will have a huge impact on the guys from the network team and from my personal feeling (I know a lot of network guys and had chats around those topics) I doubt that the network guys do want this product out of their own conviction.

This lead to the fact that with the implementation of a software-defined network an organizational transformation in the companies will be mandatory. Network and Virtualization (Storage and Programmers of course as well) team would need to re-organized as a single…(yes I hate buzzwords, but I think this describes it best) software-defined datacenter unit.

This means that the (software-defined) evolution inside the datacenter needs to be top-down driven by the management, which might lead to a high resistance in current organization and time-intensive process-changes (Network processes matured a lot during all the years). VMware will need to convince their customer on a much higher (organizational) level, than probably for vSAN/EVO:Rail which are IMO products wanted by the admins.

That should not mean I don’t believe in NSX. I believe that this is a great technology, but we should be aware of that the transformation to a software-defined network is not only a technical thing we are implementing and which will be automatically adopted by the network admins (which would be something like a bottom-up innovation). An adoption on the technical and organizational level will be crucial for the success of NSX.

I wish VMware good luck on this task, since I would love to get involved in some NSX projects in 2015.

Useful links around NSX:

© 2017 v(e)Xpertise

Theme by Anders NorenUp ↑