Cloud here, cloud there, cloud is everywhere at the moment and private VMware vClouds are being deployed at customers all over the world. But with all great things the start with a design. And before you can design a nice solution to fit your need, you need to understand what vCloud is and what it’s capable of.
For this reason VMware created the vCloud Reference Architecture. A document that helps you design a private vCloud and understand all of it’s components. It will help you in the creation process, building your vCloud, size it for the needs of your organization and give you pointers on how to manage it.
You can download “Architecting a vCloud” over here.
I always love to learn new things to optimize my personal skills. One of those skills is mindmapping. Apparently VMware shares that point of view and has created various mindmaps for troubleshooting various issues.
Each mindmap starts with a central theme, Troubleshoot Network Issues for example. You can then select your area where you have a problem by expanding (hit the +). This will result in more specific areas with regards to your selected problem area. Eventually this will result in a set of KB articles which can possibly solve your problem.
For examples have a look at the following articles :
This guide is the official security hardening guide by VMware. It will help you configure your VMware vSphere 4.1 Infrastructure in such a way that your infrastructure will be protected against all kinds of security risks.
I find these security hardening guides very handy in helping me to understand all the areas that I need to look into to protect my vSphere Infrastructure. I’m not a security expert and most security experts I talk to don’t have enough knowledge of vSphere to give good advice on the best way to protect your vSphere Infrastructure. This document fills the knowledge gap between both areas of expertise.
Notice that this document is a best practice document. Please read the document carefully before implementing all the security configuration items into your vSphere infrastructure. My advice is to use the security guide as the standard and document all the security configuration items that you do not implement into your vSphere infrastructure. Also document why you didn’t implement the recommended security settings into your vSphere infrastructure. There can be a valid reason for it, but this way you have documented the reason and can always explain your security configuration settings to the security team in the future.
This set of documents provides guidance on how to securely deploy VMware® vSphere™ 4.1 (“vSphere”) in a production environment. The focus is on initial configuration of the virtualization infrastructure layer, which covers the following:
-‐ The virtualization hosts (both VMware ESX® 4 and VMware ESXi™ 4)
-‐ Configuration of the virtual machine container (NOT hardening of the guest operating system (OS) or any applications running within)
-‐ Configuration of the virtual networking infrastructure, including the management and storage networks as well as the virtual switch (but NOT security of the virtual machine’s network)
-‐ VMware vCenter™ Server, its database and client components
-‐ VMware Update Manager (included because the regular update and patching of the ESX/ESXi hosts and the virtual machine containers are essential to maintaining the security of the environment)
You can download the Security Hardening Guide for vSphere 4.1 over here.