Navigating vCenter’s permissions puzzles to create granular rights for users within the same DRS Cluster.
Currently, the DRS Clusters in our development lab consist of machines belonging to multiple teams.
The original Lab Admin grouped the ESX Servers according to machine model number (presumably to facilitate easier vMotion i.e. sans Enhanced vMotion Compatibility). Thus, ESX Servers from different teams belong to the same clusters.
Information regarding HA solutions for your VMware environment.
Congratulations! You successfully designed your VMware Environment including your high-speed Fibre\iSCSI SAN that connects your powerful servers to the latest and greatest disk arrays.
You are capable of running hundreds of VMs simultaneously without so much as a blip in vCenter’s Resource Monitors.
The Backup Administrator in me can’t help but ask “What is your Disaster Recovery plan?” i.e. What happens if the cleaning crew accidentally causes a break in one of those Fibre cables in the middle of the night? Of course, that never happens….right? Continue reading “High Availability in VMware Environments”
Video showing details on how to grant granular permissions to create VMs without giving them too much authority on Hosts and VMs that they do not own.
A User was recently granted Admin rights to his vSphere Server. However, when he logged into vCenter, he still did not have the necessary rights to create VMs or Browse Datastores. I needed to resolve the problem without giving him too much authority at the Datacenter and vCenter root levels.
After some experimentation, I came up with the solution in the video below.
vShield technology can simplify your security management tasks.
On Wednesday, Oct. 27, 2010, I attended a VMUG Webinar featuring Serge Maskalik, Senior Manager of the vShield Team.
It was great to see how committed VMware is about addressing security concerns in virtual environments.
One of the key features of vShield is the capability to allow multiple security zones on the same Host while still ensuring complete separation of communication between the different zones. This can open up possibilities for improved utilization of host resources by not requiring completely separate hardware for each security zone.
There are also other benefits such as decreased reliance on complicated VLAN setups, which could present logistical concerns in an SRM deployment.
Federal customers are already deploying vShield, and the technology is still undergoing stringent evaluation by Government Security standards to obtain approval for deployment in agencies with even stricter requirements.
I will post more thoughts on vShield as I learn more about the technology.