Here’s a preview of what will be available next week:

• Welcome Breakfast on Monday
• Wine excursion
• Horseback riding in Red Rock Canyon
• Spa services through Canyon Ranch Spa at The Venetian

For more information on any of these activities, or to sign up, visit the registration page.

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

It’s Not Too Late

• Spousetivities at EMC World 2012
• VMworld 2011 Spousetivities
• VMworld 2010 Spouse Activities Calendar
• Spousetivities at HP Discover Vienna
• Have You Registered Yet?

In any case, let’s get into the meat of it. I hope you find something useful!

Networking

• Trying to learn MPLS? (I am.) I found this article on basic MPLS/VPN on Cisco IOS to be helpful.
• If you think your network is appropriately protected against bridging loops, read this article by Ivan Pepelnjak.
• Derick Winkworth does a write-up on Infineta and parallelization and how it enables their data center interconnect (DCI) acceleration platform.

Security

• I have to agree with Tom Hollingsworth that we often create backdoors by design simply out of our own laziness. I’ve heard it said—in fact I may have used the statement myself—that no amount of security can fix stupidity. That might be a bit strong, but it does apply to the “shortcuts” that we create for ourselves or our customers in our designs.

Servers/Hardware

• Kevin Houston (who works for Dell) posted an article about a recent test report comparing power usage between Dell blades and Cisco UCS blades. If you’re comparing these two solutions, find a comparable report from Cisco and then draw your own conclusions. (Always get multiple views on a topic like this, because every vendor—and I know because I work for a vendor, too—will spin the report in their favor.)

Virtualization

• Andre Leibovici has a couple of great posts on VMware View. In this article, he discusses how CBRC metadata is handled when the RecomputeDigest_Task is invoked. The second article I saw discusses automating the “Already Used” state in VMware View.
• Luc Dekens has a post on how to test if you can unmount a VMFS datastore.
• Sammy Bogaert has a nice post summarizing some recommended BIOS settings for HP ProLiant DL580 G7 servers for vSphere.
• Ben Armstrong discusses storage migration performance in the upcoming release of Microsoft Hyper-V. He also discusses some storage migration configuration settings in a separate post.
• Here’s a “how to” on using esxcli to mask a LUN from ESXi.
• This article touts the “benefits” that Windows 8 will bring to virtualized environments, but somehow this seems even more complicated—and more difficult to track—than before. Is it just me?
• Duncan Epping helps us understand the need for the das.maskCleanShutdownEnabled setting when we’re also taking advantage of the disk.terminateVMOnPDLDefault advanced setting (very useful in stretched cluster scenarios).
• Frank Denneman has a good write-up on the considerations around aggregating multiple storage arrays in a single datastore cluster.
• Cody Bunch has launched a new series of articles about running vSphere on an OpenCompute platform. Part 1 is here. I’m looking forward to future installations of this series.
• Here’s a nice summary of CLI commands for manipulating VMs on ESXi 5.
• Mounting VMFS from Ubuntu Linux? Interesting…
• How many people out there have played with/are using VirtualBox? I’m interested in getting any feedback.
• Adrian Costea provides a “how to” on adding a vCenter Server to Microsoft SCVMM.
• Here’s a design by Paul Kelly that presents a highly redundant vSphere 5 network layout. It’s a sweet layout, leveraging mutliple 10Gb Ethernet links, Nexus 2000s, and Nexus 5000s. At least he admits that it’s costly.
• This site has what appears to be some good instructions for getting up and running with oVirt. I say “what appears to be good instructions” because I haven’t yet had the opportunity to walk through these instructions to see how useful they are.

That’s it for this time around. I hope that you have found something useful here. If anyone has any suggestions for sites/forums they’ve found helpful with data center-focused topics, I’d love for you to add that information in the comments.

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Technology Short Take #22

• Technology Short Take #13
• Technology Short Take #9
• Virtualization Short Take #28
• Technology Short Take #19
• Virtualization Short Take #39

There’s quite a line-up planned for this year:

• Morning keynote from Satyam Vaghani and Vinay Gaonkar of VMware on the past and future of VMware storage
• An afternoon keynote from Jake Howering of Cisco (this should be a good talk on data center interconnects)
• Self-paced labs (provided by Varrow)
• Instructor-led labs (provided by eGroup, also a Spousetivities sponsor)
• A series of breakout session by such luminaries at Alan Renouf, Cody Bunch, Chris Colotti, and more!

All in all, it looks like quite an exciting event. If you’re anywhere near Charlotte, it will probably be worth the time to try to make it to the event.

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Carolinas VMware Users Summit 2012

• Carolina VMware Users Summit 2010
• 2011 Carolina VMware User Summit Coming Up
• VMworld 2011 Spousetivities
• GestaltIT Tech Field Day
• Spouse Activities: Back for Another Year!

Here’s the updated property list file:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE plist PUBLIC "-//Apple Computer/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>org.synergy-foss.synergys</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/bin/synergys</string>
                <string>-f</string>
                <string>-c</string>
                <string>/etc/synergy.conf</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>ServiceDescription</key>
        <string>Synergy server daemon</string>
</dict>
</plist>

After making the changes and rebooting, everything seems to work just fine. Thanks for the tip!

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Updated launchd Property List File for Synergy

• Running Synergy Server Automatically on OS X Lion
• Snow Leopard, Time Machine, and Iomega ix4-200d
• Some OSS with my Mac, Part 1: Synergy
• Setting Up ipfw on Mac OS X
• Trojan Horse Exploiting OS X Flaw

If you haven’t heard of Spousetivities, it’s a company that Crystal created to organize and carry out activities for spouses, families, friends who are traveling with conference attendees to major IT conferences. Spousetivities had its birth at VMworld US, but has since spread to VMworld EMEA, EMC World, Dell Storage Forum, and HP Discover EMEA. (And more companies are waiting in the wings!) It’s a great way to keep your family involved and with you when you have to travel to a conference. In today’s day and age of hectic schedules and trying to keep up with everything at work, this is a nice way to add a bit of balance to your life.

But enough of that—let’s talk about the activities. Here’s a sneak peek at what Crystal and Spousetivities has planned:

• Keeping with Spousetivities tradition, there’s a Welcome Breakfast scheduled for Monday, May 21, at the Canyon Ranch Spa at The Venetian (the conference hotel). Even if you’re not interested in eating, you should plan on coming to this anyway for a chance to win one of several great giveaways! (iPad, anyone?)
• After breakfast on Monday, Crystal’s organized a wine excursion—complete with a limo ride to the winery. But don’t worry if you can’t make it on Monday, because there’s another one scheduled for Wednesday!
• On Tuesday, there is an option for horseback riding in Red Rock Canyon. Lunch is included, naturally.
• There is also a full set of spa services available through Canyon Ranch Spa, with exclusive Spousetivities discounts. Different options are available on Sunday, Monday, Tuesday, Wednesday, and Thursday, so there are plenty of options to fit into your schedule!

Even if none of these activities sounds great to your spouse/partner/companion, I really encourage you to at least get him or her to attend the Welcome Breakfast. I’ve heard lots of stories of participants meeting up at the breakfast and just hanging out with each other during the conference. Some great friendships have been forged at Spousetivities!

Space is limited for all these events, so sign up at the registration page as soon as you can. Trust me—your spouse (or partner or family member or friend) will thank you.

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Spousetivities at EMC World 2012

• It’s Not Too Late
• VMworld EMEA Spousetivities Update
• Spouse Activities: Back for Another Year!
• VMworld 2011 Spousetivities
• Spousetivities at HP Discover Vienna

Please join VMware as we discuss the next step forward in end-user computing for the post-PC era.

Watch Vittorio Viarengo, VP of End-User Computing, discuss the latest advancements in the VMware End-User Computing Platform. Understand how VMware provides solutions to simplify traditional technology silos, enable policy driven management, and connect people to technology and each other in new and collaborative ways.

This event will provide you with an opportunity to:

• Attend a live keynote from the VMware leadership team
• Learn about the latest innovations in the VMware End-User Computing portfolio
• Chat with VMware End-User Computing product experts
• Network with peers

Looking forward to seeing you there. Click here to register.

The VMware End-User Computing Team

The virtual conference is next Thursday, May 3, from 8:30 AM Pacific Time until 1:30 PM Pacific Time. If you’re interested in end-user computing, it might be worth your time to tune in and see what VMware has to share. (I don’t have any inside knowledge on exactly what’s being shared.)

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

VMware End-User Computing Virtual Conference

• EMC World 2010 Coverage
• eG Innovations Now Supporting Multiple Virtualization Platforms
• Cisco UCS Announcements
• Carolina VMware Users Summit 2010
• For Me, VMworld Begins Today

However, I recently acquired a new dual quad-core Mac Pro workstation, and as part of the setup for the new Mac Pro I wanted it to be the new Synergy server. This would make things easier; the 13″ MacBook Pro would then only need to know whether or not it needed to run the Synergy client, and the Synergy server process could simply run full-time on the Mac Pro. However, in order to do that, I needed to configure the Mac Pro (running OS X Lion 10.7.3) to run synergys automatically. Here’s how I did it.

First, I wrote a simple shell script that checks for the presence of synergys already running. If synergys is already running, do nothing; otherwise, start synergys. Here’s the shell script:

#!/bin/sh
# Startup script for the Synergy server component

# Check for synergys running
number=$(ps ax | grep "[/]synergys" | wc -l)

# Start synergys in foreground if not already running
if [ $number -gt 0 ]
then
        echo Running
else
        /usr/bin/synergys -f -c /etc/synergy.conf
fi

Based on the testing I’ve done so far, this script works well. If you’re a shell scripting expert and have a better way of handling this, let me know (I’m always open to suggestions for improvement).

The next step was to configure launchd to automatically run this shell script—and therefore run synergys—every time I booted the Mac Pro. To do this, I created a property list file, also known as a plist file, in the /Library/LaunchAgents directory. I named the file org.synergy-foss.synergys.plist, but you can use a different name if you wish.

Here’s the contents of the plist file I created:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE plist PUBLIC "-//Apple Computer/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>org.synergy-foss.synergys</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/local/bin/synlaunch.sh</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>ServiceDescription</key>
        <string>Synergy server daemon</string>
</dict>
</plist>

Of course, synergys also needs its configuration file. You can read about the configuration file I used in my original Synergy article. I modified it slightly to remove the double-tap feature and to add corners where the cursor wouldn’t switch screens (to make it easier to get to the Apple and Spotlight menus).

With the configuration file, shell script, and property list file in place, I rebooted the Mac Pro. Once the Mac Pro was booted, a netstat -tan | grep LISTEN showed that synergys was listening on the default port of TCP 24800. I then launched synergyc on the 13″ MacBook Pro and it connected flawlessly. Continued testing did not show any problems. The only final step was to reconfigure ControlPlane to start or stop synergyc—the client portion of Synergy—in response to whether the laptop was docked.

So, if you’re in a need to have the Synergy server run automatically on your Mac OS X system, this information should get you up and running. If you have any questions, clarifications, or suggestions for improvements, I encourage you to speak up the comments below.

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Running Synergy Server Automatically on OS X Lion

• Updated launchd Property List File for Synergy
• Some OSS with my Mac, Part 1: Synergy
• Setting Up ipfw on Mac OS X
• Snow Leopard, Time Machine, and Iomega ix4-200d
• Revisiting Snow Leopard and Time Machine on an Iomega ix4-200d

This webinar will discuss whether stretched clusters or a solution like VMware Site Recovery Manager is a better fit for your needs, as well as provide some guidelines around the use of stretched clusters as of vSphere 5.0.

If you’re interested in registering for the webinar, visit the registration page and sign up. Thanks!

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

SRM and Stretched Clusters Webinar

• It’s Not Too Late
• VMworld 2010 Spouse Activities Calendar
• Spousetivities at VMworld EMEA 2011
• Distance vMotion = Stretched Cluster?
• Stretched Clusters, Distance vMotion and L2 Adjacency

In any event, here are some older links that I’ve been saving up to share with you. Many of these posts are a bit older, but I’m including them here just in case someone missed them earlier. As usual, I hope that you find something useful here!

Networking

• Derick Winkworth describes data center networking as “a messy pile of discombobulated garbage” in his post on the sad state of data center networking. As someone simply observing developments in data center networking from the outside while desperately trying to keep up, now I don’t feel so bad that I don’t necessarily get all of it.

Security

• Pardon me for the self-promotion, but in order to prevent the ranks of the 600K Macs infected with Flashback from growing, I’d recommend you have a look at this list of 8 things to help secure your Mac. Also, for more details on the latest Flashback variant, see here.
• Interesting information on a potential VMware security vulnerability is available here. vSphere 5 is not affected.

Storage

• I posted this article on Twitter, but wanted to share it here as well. This post by Richard Elling on IOPS and latency is, in my opinion, a must-read.

Virtualization

• I’ve really enjoyed several of Frank Denneman’s SDRS-related articles. His article on SDRS initial placement and datastore cluster defragmentation was really good and in-depth (as are most, if not all, of his articles). Also good was the article on anti-affinity rules and HA interoperability and the post on SDRS load balancing with array-based auto-tiering. Good stuff—thanks Frank.
• Speaking of array-based auto-tiering, Michael Webster clears up any potential confusion about support for using Storage I/O Control with EMC FAST.
• A couple of Michael Webster’s other posts also made it into my list of “things to mention”: this post on jumbo frames on vSphere 5 (with more results from vSphere 5 Update 1) and this post on CA SSL certificates and vCenter 5.
• Dave Hill has a great series on vCloud Director going on. Check out the different parts of this series (part 1, part 2, part 3, and part 4 on his site.

That’s going to do it this time around. Feel free to speak up in the comments below to add your thoughts, other links you’ve found useful, or anything else. Thanks!

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

Technology Short Take #21

• Technology Short Take #13
• Technology Short Take #4
• Technology Short Take #10
• Technology Short Take #22
• Technology Short Take #14

Upon thinking about it a bit more, I realized that if I wasn’t doing enough as a pretty savvy user, then a lot of people probably weren’t doing enough. So, here’s a breakdown of my Mac defense strategy. Perhaps sharing what I’m doing with others will encourage them to improve their security posture as well.

1. I use the BSD-level ipfw firewall. Mac OS X is, at its core, built on FreeBSD. This powerful UNIX layer offers an equally powerful stateful firewall in the form of ipfw. If you aren’t using ipfw, I’d encourage you to take a long, hard look at starting to use it. It provides a powerful ruleset to give you tremendous control over the types of traffic that are allowed into (and out of) your Mac. To help encourage people to use it, I recently published an article on how to configure ipfw on Mac OS X.(Keep in mind that Mac OS X 10.7 “Lion” prefers pf instead of ipfw. I hope to post an article on that soon as well.)
2. I use the built-in Mac OS X application-level firewall. Mac OS X ships with a pretty GUI for a built-in application-level firewall in System Preferences. I recommend that you turn it on, and select which applications you want to accept incoming connections. Some people have asked “Why both firewalls?” This is a fair question. The built-in application-level firewall simply allows or denies inbound traffic on a per-application level, but doesn’t—to my knowledge—offer any more granularity than that. Using the built-in application-level firewall in conjunction with the BSD-level ipfw (or pf) firewall gives you the ability to specify which source addresses or networks are allowed to make connections to applications. This means that you can allow iTunes connections at the built-in firewall layer, and then use ipfw (or pf) to only allow connections from your home network subnet.
3. I use an outbound application-level firewall. The built-in Mac OS X firewall in System Preferences only controls inbound traffic. What about outbound traffic? Do you know what processes and applications on your system are communicating with the outside world? I use Little Snitch, which I believe to be an excellent choice in this area. (No, I don’t have any affiliation with Objective Development.) Little Snitch gives you the visibility to know what applications and processes are communicating and on which protocols and ports.
4. I use an account without administrative privileges for my day-to-day use. While this won’t thwart all security problems—Flashback.K still works, for example—it’s still a good idea. I also recommend that you only install applications using a separate account with administrative privileges. This forces you to log off, log on as the administrative user, then install your application(s). While this is a bit of a hassle, the security trade-off is, in my opinion, worth it.
5. I disabled the opening of “Safe” files. Safari has this feature enabled by default. I recommend that you turn it off, and check to make sure it’s turned off in other applications as well.
6. I use an AV application. Yes, yes, I know—Macs don’t get viruses. Tell that to the 600,000 Macs infected with the Flashback trojan. And while Flashback isn’t technically a virus, at this point you’re just splitting hairs. I’m using the free Sophos AV Home Edition for the Mac and feel that it is pretty good, but there are numerous others. Find one and use it. (This is a recent addition to my own security strategy.)
7. I do my best to stay updated. I encourage you to run Software Update on a regular basis. If you’ve followed the advice of #4, this means you’ll need to log in as an administrator and run Software Update. Make it a point to check regularly.
8. I don’t run the standalone Adobe Flash Player. Instead, I use Google Chrome when Flash is required, which comes with its owned patched version of Adobe Flash that is generally regarded (last time I checked) to be a bit safer than the standalone version of Flash. Yes, this means that I need to switch back and forth between browsers (Safari for day-to-day use, Chrome for Flash use), but this is a task that AppleScript easily solves.

While these 8 things aren’t going to guarantee that my Mac (or yours, should you choose to follow them as well) will never be exploited, I do feel that they provide a reasonable level of protection. Safe computing (and safe browsing) is still required; no amount of security can protect against stupidity. But when combined with security awareness and safe computing/browsing, I feel that these measures will provide the level of protection that I need.

(BTW, there are other network-level protections that I have in place as well, but I didn’t include them here as the focus of this article is on the Mac itself.)

If you have any additional suggestions for helping keep your Mac secure, please feel free to speak up in the comments. Every suggestion can help!

This article was originally posted on blog.scottlowe.org. Visit the site for more information on virtualization, servers, storage, and other enterprise technologies.

8 Things to Help Keep Your Mac Secure

• Setting Up ipfw on Mac OS X
• Fixing Repeating iTunes Firewall Prompt
• Stupid Tricks With The Mac OS X Firewall
• Essential Apps for New Mac Owners
• What Does it Take to Keep Windows Secure?