Category Archives: cloud

My Guide for Passing the AWS Solution Architect Associate Exam

If you are reading this then you probably already have an understanding how fast Amazon Web Services rolls out new features and services. It’s impossible to know everything about AWS and I definitely struggled in my preparation for this exam. I set out to get certified almost two years ago but simply never could find the best time to take it. Truth be told, after rescheduling three times in 2018, I let my test expiration lapse because I literally didn’t have time to sit for it. In 2019 I was determined to pass the Solution Architect Associate exam as my 2018 failure was hovering over me like a black cloud. I am excited and relieved that I recently passed and I want to pass along some tips for those of you who want to be a certified AWS Solutions Architect. **Once I set a test date, I prepped for about six weeks.**

  1. Leverage AWS Free Tier – This exam was not easy for me as I spend over 90% of my time with VMware solutions and all my AWS exposure was after hours. That being said, leveraging the AWS Free Tier proved to be a lifesaver when preparing for the exam. There are some things that you will use in practice labs that may cost a few dollars but every cent is worth it. You will need hands on experience setting up S3, EC2, and VPC from scratch. The free tier makes it all possible with next to zero dollars in cost. My advice….look at as an investment.
  2. A Cloud Guru – Ryan Kroonenburg and team have done all of us a great service in making several AWS constructs easy to understand. The cost was well worth it. I didn’t get a membership but did purchase the AWS Certified Architect Associate course. I reviewed each session twice and went through the VPC, S3, Databases, and HA Architecture content several times. Make sure you understand all the labs!! I went through the practice tests as well but I didn’t quite find them deep enough to help me prepare. I had to find another test prep course…Whizlabs!
  3. Whizlabs! – I can confidently say that without Whizlabs AWS Practice Tests , I would not have passed the exam. Whizlabs provides great content that is similar to the exam and detailed explanations to each test question. I purchased the practice exam questions for under $10 at Udemy. As a matter of fact, they are having their Black Friday sale right now! DON’T TEST PREP WITHOUT IT!!!
  4. AWS.com FAQs – For S3, EC2 also read all about Database Services. There will be some questions that come straight out of the FAQs.
  5. AWS Certified SA Official Study Guide – I wouldn’t say this is a must have but for those of you who like having something physical in your hand to study, this will do the trick. I found some of the diagrams and summaries helpful.
  6. Architecting on AWS – This three day course helped me with better understanding AWS concepts and best practices. I don’t view this as a must but it was well worth my time.
  7. Practice, Practice, Practice – Understand the exam format helped me prepare. You will have plenty of time to answer all 65 questions if you practice beforehand. Understanding the concepts around VPCs and networking is a must. Also know RDS and DynamoDB inside out!!

As the VMware-AWS partnership continues to grow, it’s important for both companies to understand each others’ services. This exam was on the tough side but I felt well prepared by the time I sat for it. Preparing for this exam has definitely helped me in conversations with customers as they not only move vSphere workloads to VMware Cloud on AWS but also look for ways to innovate with AWS native services such as S3, RDS, Lambda and more. I highly recommended getting this certification. It’s well worth it!! Good luck in your studies and feel free to reach out to me if you have questions via Twitter @vSeanLambert or reply to this blog!

Bye Bye Spreadsheets! Hello (New) VMCSizer!!!! Part 2

In a previous blog, I highlighted Workload profiles and how they should be used in right sizing your VMWonAWS environment. Since my last blog, the sizer has been updated not only with a new URL but with several new features. One of which is that you can now choose either i3 or R5 instances depending on your workload needs. You will notice that when you select an r5 instance, you are automatically assigned 15 TB of AWS Elastic Block Storage (EBS) aka Elastic VSAN. For more information regarding Elastic VSAN, click here.

r5 instance type

Similar to the previous version, you will be able to see the results of your workload inputs. Another new feature is ribbon across the top that allows you get into the data!! Information is key when sizing your environment and this section of the sizer gives you everything you need.

Recommendation buttons that allow you to go deep into your data inputs and results

As a part of the recommendation, you can see below that the sizer has identified my SDDC to be storage bound due to my storage requirements. This gives me a good idea where I will need to grow going forward.

SDDC Recommendation Dashboard

With the continued interest and adoption of VMware Cloud on AWS come two topics that always come to the forefront once you get passed how cool it is…..HOW MUCH DO I NEED? and HOW MUCH IS IT GOING TO COST?! To get the full picture, you will need to capture the details of your environment. There are several tools available and luckily enough, Bill Roth from VMware highlighted these tools in a blog a few weeks ago. In addition to his mention of RVTools, which is very popular, I would also encourage you to reach out to your….shameless plug…VMware Technical Account Manager. They have an additional toolset that can help you right-size the environment. Take a test drive and size today!!

VMware Cloud on AWS – Identity Access with Microsoft AD

For years I have been Window (see what I did there) shopping Intel NUC, HP Microservers, Mac minis, and others to setup my home lab v 2.0. However, with the onslaught of Cloud Services, I continue to balk at the thought of dropping thousands of dollars every few years for new hardware, as well as the electric bill and management overhead that comes with it. With VMware Cloud on AWS, I wanted to see how I could create a lab environment and continue to use Active Directory for vCenter authentication. Due to not having an vCenter on prem, Hybrid Linked Mode (HLM) wasn’t an option for an identity source. VMware has existing documentation where you can see the options for Identity Sources. This blog will walk you through the setup and configuration steps I took to get AD working within VMWonAWS vCenter. Like with all things in Public Cloud, it’s critical to have your networking straight before you begin adding subnets, etc.

  • Create your subnet via SDDC > Networking & Security > Network > Segments > Add Segment
  • Login to vCenter with the cloudadmin account.  We can see the network segment is added in vCenter. Note that we cannot add networks from vCenter. We must use the SDDC Console to add logical networks
Networking View from vCenter

One of the great things about vSphere 6.7 and later is the additional functionality built into the Content Library. I have already loaded several OVF Templates and will deploy my Domain Controller from a Win2016 Std OVF template. For more content library goodness, check out William Lam’s blog here. I’m a huge fan and I recommend you use Content Libraries!!

During OVF deployment, place the VM on the correct network

With the Network Segment selected and IP assigned, the new Domain Controller will be able to communicate with the SDDC vCenter after a few more configurations.

Now that we have the DC on the proper network segment, we need to allow traffic to flow between the SDDC Management Gateway and the DC. To do this we need to create a Management Group. This is done by going to the SDDC Console > Networking & Security > Inventory > Groups > Management Group > Add Group. Add your domain controller to the Management Group with its assigned IP.

Once the Management Group assignment has been configured, we can now add a Gateway firewall rule to allow the domain controller to talk to the SDDC vCenter. To enable communication, go to SDDC Console > Networking & Security > Gateway Firewall > Management Gateway > Add New Rule. This is where adding the user defined group comes into play as we need to be able to select the group to add as the destination for the firewall rule.

We now need to allow communication via the DNS settings on the management gateway. We must remove the default DNS settings and add the domain controller(s) IPs so LDAP/AD can communicate with the SDDC vCenter. If we don’t change the IPs from default, we will get an LDAP error that the URL cannot be reached. Here’s a video that ties together the final piece of adding the DNS server and assigning the GlobalCloudAdmin role to the user I want to login to vCenter with the s2c.local domain credentials. In addition, you can read Nico Vibert’s blog that shows how to use AWS Directory Services as an identity source. Enjoy!!

AWS re:Invent 2018 – Takeaways

re:Invent 2018 was a week full of exciting announcements that kept me running from one session to another as well as took me out of my comfort zone as a technologist. There was so much going on that it was difficult to digest every session let alone keep up with all of the services and industries that AWS is in. However, these are my takeaways…..

  1. The AWS-VMware partnership runs deep! As previously mentioned, VMware CEO Pat Gelsinger was the only other CEO to join Andy Jassey on stage during his keynote where they announced AWS Outposts. I’m excited to see how customers use the service and the use cases behind them. In addition to the keynote, the VMware Code booth was busy from opening to close as we covered IoT (Raspberry Pi with sensors), Wavefront, VMware Cloud on AWS, and more. It was great to see so much activity and help customers realize that VMware is heavily invested in the cloud and can bring immediate value as customers continue to develop their cloud strategy.
  2. If you haven’t heard the words, Artificial Intelligence, Machine Learning, Deep Learning, Reinforced Learning, or Neural Networks….you WILL!! With services like SageMaker, RoboMaker, DeepRacer, DeepLens, Polly and more, intelligent software is here. From a VMware standpoint, we changed the SDDC acronym at VMworld 2018  from Software Driven Data Center to the Self Driving Data Center as we are working to build intelligent software in products such as vRealize Operations, NSX Data Center, and AppDefense as well as services like NSX Cloud and VMware Cloud on AWS. I would advise everyone to get a base understanding of AI and ML. It will benefit you greatly as skills will need to shift due to learning being built into software. I personally believe that things such as host and server configurations will be a thing of the past. Infrastructure as code is here and we all must learn to adapt. I recommend picking up Prediction Machines: The Simple Economics of Artifical Intelligence by Ajay Argwal, Joshua Gans,  and Avi Goldfarb.
  3. Get outside your comfort zone! re:Invent hosts some of the smartest people I have ever been around. re:Invent is not the time to keep to yourself and only bounce from session to session. Go see the exhibit halls, demo booths and more. Although you may get your badge scanned countless times and receive pointless swag, you may come away with some valuable connections and insight. Take this amazing opportunity to grow your professional network!
  4. There is too much to learn in one week! Consider re:Invent a conference that you will never be able to attend every session you want. The sheer scale of this event makes getting to everything impossible. However, with YouTube at your fingertips, you have an opportunity to review sessions you attended as well as see some you may have missed.

I know this post is a little late. I have been wanting to post this for some time. re:Invent was awesome and I can’t wait to attend next year!

AWS re:Invent 2018 – Day 4

Last full day at re:Invent for me but it ended on a really good note. The morning was spent attending Werner Volgels’ Keynote that covered new database services, serverless, and more! I highly recommend watching.

The next session I attended put me on my heels. My background is in systems administration and operations. I am not a developer but my main goal in attending re:Invent was to stretch myself and learn more about what Andy Jassy refers to as “builders”. I believe that Artificial Intelligence (AI) and Machine Learning (ML) are going to be major disruptors in all industries so I jumped at the chance to learn more about them. I attended a session on the newly announced AWS Deep Racer. This was a 2.5 hour workshop where I learned about Reinforcement Learning (RL). This is the main type of machine learning behind Deep Racer. The standby line to get into the session was at least 100 people so I’m lucky I pre-registered for this one. This session was attended by developers, robotic specialists, ML scientists, and those who simply wanted to learn more about AI. The surprise of the session was that each of us was given a Deep Racer for attending!!! The irony was that we had to pick up the car and then take it to the FedEx store to have it shipped to our homes if we didn’t want to carry it on the plane. I’m pretty sure AWS could have leveraged someone who’s really good at shipping things to my door….but who cares….I got one!!!!

My last session for the conference ended on a high note. ENT215-R1 – Top Strategic Priorities You Can Tackle with VMware Cloud on AWS. With yesterday’s announcement of AWS Outposts, this was a highly attended session. Well-known VMware technologists such as William Lam, Kyle Ruddy, Emad Younis, and Alan Renouf were all in attendance. AWS VP Sandy Carter and VMware VP Mark Lohmeyer along with Emad covered more uses cases for VMWonAWS and introduced AWS Outposts. This is a must watch if you are interested in Hybrid Cloud.

After sending my Deep Racer off for home delivery, it was time for some R&R at the hotel before re:Play. Re:Play is the party held on the last night of the conference. The only time I have seen so many people in tight spaces have been at major sporting events or amusement parks. PEOPLE EVERYWHERE!! Even the line for the men’s restroom was insane! The laser show and dodgeball were entertaining. It was great to see all the excitement after a long week of sessions. After about an hour of bumping into people, I decided to call it a night. Day 4 = 20,545 steps (10.18 miles)

 

AWS re:Invent 2018 – Day 3

Day 3 I attended a breakfast to celebrate the great things that VMware and CloudHealth are doing with our partners and customers. I’m excited about the multi-cloud functions the service has and how it will help customers get their arms around better managing their public cloud instances from security to costs. Here’s a link to VMware CEO Pat Gelsinger and CloudHealth CEO Tom Axbey discussing the acquisition and strategy going forward. During breakfast, we watched the live steam of Andy Jassy’s keynote. The next 2.5 hours of announcements were announced at an insane pace as I struggled to keep track. Once Andy started telling the story of Hybrid Cloud, I knew something cool was coming. Low and behold, Pat Gelsinger (VMware CEO) joins him on stage to announce AWS Outposts!!! There are so many exciting things about this announcement. In a nutshell, we are letting users choose between on-premises servers and storage, which can be ordered in quarter, half, and full rack units. AWS Outposts can be upgraded with the latest hardware and next-generation instances to run all native AWS and VMware applications. A second version, VMware Cloud on AWS Outposts, will let customers use the VMware control plane and APIs to run the hybrid environment. Andy Jassy Keynote at AWS at The Venetian, Las Vegas, NV on Wednesday, Nov. 28, 2018.After the keynote, I headed back to the Expo Hall to see what kind of attention the AWS Outposts message was getting and it was fairly packed! There’s a lot of interest around this technology. Very exciting! I spend a few hours there talking to several other VMware attendees at our booth and on the floor. It was awesome to see all the customer meetings. VMware and AWS are going to continue to innovate together, that much is clear.

My last session of the day was ENT313-S Running Production Workloads in VMware Cloud on AWS. VCSA and Hybrid Cloud Extension (HCX) all-pro Emad Younis and VMWonAWS Director Alex Jauch presented. Alex and Emad focused on the deep partnership between VMware and AWS that makes this service possible. If you want to know more about use cases, how the service is built, and how to quickly migrate workloads between on-prem and VMWonAWS, look no further than this session.

Day 3 = 14,509 steps (7.18 miles)

 

VMC Sizer: Understand your VMware Cloud on AWS Costs

As multi-cloud strategies continue to evolve, the cost of moving to the cloud will continue to be an important topic among decisions makers. In order to better understand the total cost of ownership (TOC), VMware Cloud on AWS has created a simple cost estimating tool for customers. Introducing VMC Sizer. With VMC Sizer, you can choose your workload type (VDI, Databases (Oracle or MSSQL), or General VMs), as well VM specifics such as vCPU, vRAM, IO, storage requirements and much more. With this tool, we have taken the guesswork out of understanding the costs associated with running workloads in VMware Cloud on AWS. In order to get a holistic view of costs, you have the option of adding several workload profiles to your profile where you can see all the costs of your Oracle, Microsoft SQL, VDI, and General Purpose VM configurations.

Getting the recommendations and TCO for your workloads only takes three simple steps.

  • Define your workloads
  • Review the recommendations based on your inputs
  • Create an account and review your VMConAWS TCO.

Workload Profiles

This is where the rubber meets the road but it’s important for you to understand that the information you enter from this point forward will determine the results of the recommendations and TCO of your SDDC in VMConAWS. The first settings you need to verify is your Cluster Settings, specifically your desired CPU Headroom and Fault Tolerance. The Server Configuration is static as all VMware Cloud on AWS hosts are all i3 instances.

Cluster Settings

Once you are comfortable with your cluster settings, you have the option of creating more than one workload profile so why not create one for your General VMs as well as your databases and VDI?! After selecting your workload type and VM count, you have two options for calculating storage. You can enter the amount of storage per VM or, if you are unsure how much you need per VM, you can enter the cluster storage requirement.

Workload ProfileStorage-Cluster

The next step in the process is to define additional workload settings such as vCPU, vRAM properties as well as IOPs and Dedup.  Keep in mind that your choices around IOPs and Dedup will change the size of your SDDC clusters.

Sizer-Workload

Once all the data has been entered, select “Recommendation” to move to Step 2. I will cover the Recommendation and TCO section in Part 2. In the meantime, take the tool for a spin and enjoy!! VMCSizer