Skip to content

Recent Articles


What the Hell is Wrong with the VCDX Program?

This morning, I woke up to this in Slack:

Thank you for participating in the July 2016 VCDX Defense.

Kindly note that there is a slight delay in announcing your VCDX defense result. We would be announcing your VCDX defense result by mid of next week.

We appreciate your patience and understanding on this.

I don’t have a ton of patience or understanding for this, but we’ll get there in a minute. First, a disclaimer. I am not a VCDX candidate. I am not one of the poor folks mashing refresh on their inbox waiting for results, who had their hearts stop when they got a message from with a subject line of “Result Status of the July 2016 VCDX Design Defense,” only to find a “Just Kidding” message. I have been following the program for quite some time, though. I’m one of the folks that built out a sort of VCDX incubator program at my employer, and to date we’ve had five people successfully complete the VCDX process, with two more waiting for results. So this isn’t a rant born of first-hand bitterness, just indignation on behalf  of my colleagues who seemed to be jerked around at every turn throughout this process.

It’s interesting that you don’t see many public complaints about the process. Complaints seem confined to private Slack channels and Twitter DMs, where they’re less useful. I think candidates are wary of making their opinions known during the process, out of a fear that complaints might be held against them. I’m not suggesting that would happen, and I think candidates know that, but I think there’s a sense of why take the chance. I bet this would never occur to program management–they’d never do such a thing, so they wouldn’t consider that a factor in the absence of complaints, so they probably think that things are largely fine. After results finally go out, those that pass are going to be elated, and all will be forgiven. Those that do not pass will lick their wounds and blame themselves. So you have this situation where you have suppressed rage on one side, and complacency on the other.

This round of VCDX defenses hasn’t been all that smooth. Tech reviews ran late, invitations to defend were sent out late, and now results are delayed. Everything up to results I get and can sort of defend–reviewers have day jobs, and things happen. Oh, how they happen. But this isn’t an isolated event, and repeated appeals to “things happen” start to look like systemic issues if you squint.

Delaying results, though, I just don’t get. I don’t get this latest “slight delay,” and I don’t get the original 10 business day commitment either.  If scoring is at all objective, results must be calculable as soon as the defense is finished, right? No one is expecting immediate turn-around, but if you have a block of people defending over the course of a week, surely you could get results out at the end of that week if you were so inclined, right? Well, we know this is possible, because it has happened before. At VMworld 2013, VCDX candidates had their defense results by Friday night. One guy even found out on Twitter. So if this is possible, and has been done before, why isn’t it expected and the norm?

I’ve heard some people try to deflect this before, saying that they had to wait, so why shouldn’t this class, as if the post-defense emotional rollercoaster was in some way integral to the prestige of the designation. That seems silly to me, as you’d have to make the claim that the VCDXes awarded that VMworld were somehow lesser for it. I’m not buying it.

VMware asks for so much from their VCDX candidates. The least those candidates should expect in return is timely communication of their status. But that really doesn’t seem to be a priority. Why?

Look, I have enormous respect for everyone involved in this process. The candidates that put so much of their time and themselves into their applications, the reviewers that spend so much time and effort assessing those applications, the panelists who have to break candidates down and measure them, and the staff that built and maintain the program. I’ve not had the pleasure of dealing with the VMware folks involved directly, but I’ve heard only glowing things about those individuals from people who have. I believe they are all good, competent, hardworking people that only want what’s best for the program. But there’s room for improvement here, and when the emperor has no clothes, somebody has to point at his wang and laugh or he’ll never put his pants on.

VMware, it’s time to put some pants on.

Update – 8/9/2016

For the record, VCDX results were sent out this morning, within the original 10 business day commitment. I want to thank the VCDX program for their efforts there. Credit where credit is due, and all. I do feel a little bad for jumping the gun and complaining about lateness before any lateness had actually occurred.


Fun with the AWS IoT Button

Last week, Amazon announced the limited availability of the AWS IoT Button, the general-purpose version of the Dash buttons used for single-click ordering of laundry detergent, toilet paper, coconut water—all the home essentials. According to the product page that I half-skimmed before mashing “Buy Now,” virtually anything could be automated. I bought one immediately, with no particular idea about what I might want to use it for.

While it was in transit, I started to think about what parts of my life could benefit from single-click automation. Where was I wasting time that could be scripted away? And then it hit me—a substantial portion of my day was frittered away with coming up with novel ways to annoy a co-worker, one Eric Shanks. What if, each time I felt the urge, I could simply click a button and move on to something more productive?

So I got to thinking about implementation. I wanted to send him some sort of insulting message, in a easy to accomplish but hard to ignore way. I’d love to write something that generated custom insults, but that would be a bigger project, more suitable for a later version. Tried to be mindful of time to value and minimally viable prank here. Other people have written perfectly suitable insult generators, it would just be a matter of interfacing with them. So that’s the content of the message, what about the delivery method? I wanted something that would actively alert him, with a phone notification or pop up or something. We use Slack a good bit at work, so that felt right. A direct message there would be private, ensuring no one else could get offended, and and obtrusive—it’d show up right on his lock screen. Perfect.

The button arrived, I got cranking, and a couple hours later I had this:


Read on for the step-by-step walkthrough of how to build something similar. If you make it to the end, there’s an opportunity to get in on the fun.

Getting Started

You’ll need a few things to get started:

  • An AWS Account
  • An AWS IoT Button
  • Admin access to your Slack account to add an echo channel and an incoming web hook integration
  • A negligible amount of programming ability

I’ll hit these high-level.

First, go create an AWS Account, if you don’t have access to one already. It’s free for a year, and there’s a ton of fun stuff you can play with there. I hear the cloud is a big thing these days.

Then, go buy an IoT Button, when they’re back in stock. When it arrives, run through the excellent Getting Started Guide to get your button on your wireless network, register it, create your certificates and policies, and create a sample rule.

Then, configure your Slack bits. I recommend creating a private channel to use for initial testing, and then to echo my direct messages to. Then move on to configuring the WebHook. From your Slack page, click your organization -> Customize Slack, then Configure Apps, then Custom Integrations. Click Incoming WebHooks, then Add Configuration. Select your test channel, then click Add Incoming WebHooks Integration. The next page will list your Webhook URL. Go ahead and record that in a safe place. The sample curl request listed under Example is a handy thing to record, too. You change #general to #yourtestchannel and give that a run from a command line to test your integration.

With those three things in place, we can get to the busy business of writing the code. To grab our insults and post them to Slack, we’re going to create AWS Lambda functions to execute appropriate code, and then associate those functions with IoT Button presses. Lambda supports Java 8, Node.js 0.10, Node.js 4.3, and Python 2.7. If those words don’t mean anything to you, stick with Python. There’s an excellent Intro to Python course available at edX, I’m about halfway through Week 2 and managed to get this going with only minimal assistance from my favorite programming resource:


So, get yourself some Python installed (Guide Here), and add the Requests library (Guide Here). We’re going to use the requests library to scrape the web insult generator, and post the results to Slack.


I just want to pause here and make abundantly clear that I am not a developer and know just barely enough about all the services and technologies discussed here to get by. There are quite likely better ways of doing all of this, and I’m eager to learn them in time. Again, minimally viable prank here.

Writing Terrible Code

Next step is to find an insult source, and write some code. In my research, I found two that I quite liked, and ultimately couldn’t decide between. So I did both, and tied each to a different button action. I’ll reference the tamer of the two throughout here, and that’s AutoInsult by JJ Berry, at This one is nice because there are a few styles to choose from:

  • Arabian: May 1,000 Catholic elephant herders make love whilst you’re trying to work
  • Mediterranean: Your mother was an embarrassing exotic dancer who attracted crowds with her act with a group of train spotters
  • Modern: You selfish plethora of ridiculous used toilet paper
  • Shakespearean: Thou fitful paper-faced younker

Neat, huh? I went with Modern. The direct URL for that generator is Load that up, go to view page source, and find the insult text. You’ll notice that it’s bounded by a couple tags—“<div class=”insult” id=”insult”>” and “</div><br>.” We’re going to use requests to grab the page, and regular expressions to filter out the string between those tags.

So let’s write something that does that:

import requests #Need this for the requests library to get the source page, and post the message to Slack
import re #This does the regular expression magic to grab the insult from the page source
import json #This is for dumping our payload JSON into the Slack message – We’ll get there later

r = requests.get(‘′) #Grabs the page
scrape = r.text #Stores the source text
x = re.findall(r'<div class=”insult” id=”insult”>(.*?)</div><br>’,scrape) #Uses RegEx to find everything between those tags we found earlier. Stores each occurrence in a list
y = x[0] #Takes the first result in the list returned above.
y = y.replace(‘&#44;’, ‘,’) #Cleans up our insult string. Commas, spaces, and apostrophes sometimes get converted to those codes.
y = y.replace(‘&nbsp;’, ‘ ‘)
y = y.replace(‘&#039;’, ‘\”)

print(y) #Prints our resulting insult string

Give that a run, and you should get something like this:


Cool! Now, let’s add in the Slack part.

import requests
import re
import json

r = requests.get(‘′)
scrape = r.text
x = re.findall(r'<div class=”insult” id=”insult”>(.*?)</div><br>’,scrape)
y = x[0]
y = y.replace(‘&#44;’, ‘,’)
y = y.replace(‘&nbsp;’, ‘ ‘)
y = y.replace(‘&#039;’, ‘\”)

payload = {“channel”: “@shanks”, “username”: “ShanksBot”, “text”: y, “icon_emoji”: “:shanks:”}
echopayload = {“channel”: “#iot-button-testing”, “username”: “ShanksBot-Echo”, “text”: y, “icon_emoji”: “:shanks:”}
s =, data=json.dumps(payload))
s =, data=json.dumps(echopayload))

So payload and echopayload there are just two different option sets for the call we’re making to Slack to post the message. ShanksBot posts directly to Shanks, and ShanksBot-Echo posts to my (private) test channel. I’ve uploaded a custom Slack emoji mapped to :shanks:, which is used as the picture for the bot.

Customize that to your liking, give it a run, and you should see something like the following:


Now we have working Python, so we need to package it to create a lambda function. You’ll need to make a couple tweaks to the Python code to add a handler for Lambda, something like this:

import requests
import re
import json

def my_hander(event, context):
r = requests.get(‘′)
scrape = r.text
x = re.findall(r'<div class=”insult” id=”insult”>(.*?)</div><br>’,scrape)
y = x[0]
y = y.replace(‘&#44;’, ‘,’)
y = y.replace(‘&nbsp;’, ‘ ‘)
y = y.replace(‘&#039;’, ‘\”)

payload = {“channel”: “@shanks”, “username”: “ShanksBot”, “text”: y, “icon_emoji”: “:shanks:”}
echopayload = {“channel”: “#iot-button-testing”, “username”: “ShanksBot-Echo”, “text”: y, “icon_emoji”: “:shanks:”}
s =, data=json.dumps(payload))
s =, data=json.dumps(echopayload))
return y

Everything after “def my_hander(event, context):” should be indented. WP ate my formatting.

So we added the handler definition, and set a return value so that when the Lambda function is executed, we’ll return the insult string to the lambda console, just for funsies.

Now, package your python code for upload to AWS. Follow the process here to create a project directory, copy your source, and install your library. The example helpfully shows requests already, which is the only library we need to package.

Create Your Lambda Function

Log into your AWS Console, and click Lambda.

Click Create a Lambda Function.

On the Select blueprint screen, click Skip. We don’t need no stinkin’ blueprints.

Give your function a name. I used the same name as my python script—I don’t know if that matters. Barely competent, like I said.

Pick the Python 2.7 runtime

Select upload a .ZIP file, browse and select your package.

For Handler, I used <scriptname>.my_hander. Again, no idea if this matters.

For Role, use the Basic Execution Role, and follow the prompts to create it.

Leave everything else default and click Next.

Hit Create function

You now have the option of testing your function. Give it a shot. You’ll be prompted to input test events:


If our function did anything useful, this might matter. It doesn’t and doesn’t. Hit Save and test.

You should see something like:


…and your message should post to Slack.

Create Your IoT Button Rule

This assumes you’ve run through the IoT Getting Started Guide. If you haven’t, go do it.

Got to the AWS Console, and hit IoT.

On the IoT Console, click Create a Rule:


Give your Rule a catchy name.

For Attribute, enter *.

For Topic Filter, enter your iotbutton filter. “iotbutton/<buttonserialnumber>” without quotes.

For condition, you have options. You can leave it blank, or specify a click type:

clickType = “SINGLE”
clickType = “DOUBLE”
clickType = “LONG”

For Choose an action, select “Insert this message into a code function and execute it (Lambda)”

For Resource, select your lambda function name.

Click Add action, then Create.

That should do it! Go nuts and click your button!

Getting in on the Fun

This is all well and good if you have an AWS Button, or access to the Ahead office to go and click mine, but what if you want to auto generate an insult to Shanks from outside of our organization?

Well, I setup an AWS API Gateway to allow folks to trigger the functions externally.

If you want to send Shanks an insult from the generator referenced herein, click here.

If you want to send a much, much more vulgar insult, click here.

If for some reason you want to send him a randomly-generated compliment instead, click here. Weirdo.


VMworld 2015 – A Shameless Plug

A month or so back, VMware Press reached out to Wahl and me asking if we’d be up for doing another book signing at VMworld. Wahl replied first, politely declining, citing his numerous event-related obligations–you know, booth duty, sessions, mingling with the normals–as well as the lackluster turnout last year. I think we had three people come by the booth. One was Cody Bunch, who was signing right after us. Another was just there early to see Cody.

I told them I’d be happy show up and play with my phone for 30 minutes, but if the two of us drew one net signee, with just me Moscone South would look something like this:


I figured that would kill the conversation, but a few weeks later they reached back out to confirm the time, and ask one more time if I could talk Wahl into it. So, I’ll be at the VMworld bookstore in Moscone South on Wednesday, September 2 from 11:00am-11:30am, signing copies of VMware for Network Administrators. Feel free to swing by for some stilted smalltalk.

And while nothing can quite fill the void left by Wahl’s absence, I have arranged for a very special mystery guest to join me in the booth. Come by and tweet a picture with him for a chance at what I’m told are fabulous prizes.


Time Management for the Overly Technical

A couple of years ago, I was asked to put together a presentation on time management and acclimating to life in delivery/post-sales for a group of recent hires.  I found it on a flash drive the other day, and figured it’d make cheap and easy blog fodder. What follows is the presentation largely as-delivered, with patter reconstructed from notes, and only a few company-specific references removed (mostly digs at Wahl).



Read more »


Who Wants a Book? (Part One)

So I have two boxes of copies of Networking for VMware Administrators laying around, and I figure it’s time to clear some out.

I will do this through a series of silly challenges, until I either run out of copies, or get bored with this.

Challenge the First:

I have a fondness for obscure movies that aren’t-quite-great. Not bad, per se, but flawed. Perhaps my favorite is a road trip movie with a great pedigree that ended up going direct to video, and later gained a cult following on Netflix. Sadly, it’s no longer available there, but it’s well worth the $3.99 to buy on Amazon Instant Video.

The first person that can identify that movie based on the screen capture below wins an autographed (don’t worry, by both authors) copy of the book.



VCAP5-DCA (VDCA550) – Experience & Tips

Back at VMworld, I got talked into something that I’ll elaborate on later, but it required passing VCAP5-DCA in a hurry. You may be aware that this exam is available in two flavors, VDCA510 based on vSphere 5.0, and VDCA550 based on vSphere 5.5. A choice had to be made. I was ill-prepared for either, but after hearing some horror stories about disconnected labs on the older exam, and reviewing both blueprints, I decided VDCA550 was a safer choice. I’ve spent more time with 5.5 lately, and the less AutoDeploy and vMA, the better.

Successfully scheduling this test should earn you points. While there are allegedly three PearsonVue Triple-Diamond-Whatever testing centers within an hour’s drive from me, none of them would give me any available testing dates. I checked the site every few days for a couple weeks, and then finally, during a full moon, a single slot opened up—October 4, 8am. It was on.

Here’s how I prepared:

  • Watched the crap out of Jason Nash’s vSphere Optimize and Scale course on PluralSight. Seriously, for the better part of a month, I was listening to to that content anytime I was in a car or on a plane. Probably made it through the whole series three times. Even had a dream I was on a road trip with Jason, and he would not shut up about esxcli.
  • Purchased and read through most of the VCAP5-DCA Official Cert Guide
  • Worked through all three of the sample exams on included with that book, probably four times each.
  • Spent a bunch of time working through VMware Hands on Labs. “HOL-SDC-1402 – vSphere Distributed Switch from A to Z” and “HOL-SDC-1404 – vSphere Performance Optimization” were the two I spent the most time on. Checking my HOL transcript, it seems I fired up the latter seven times, often veering far outside the lab manual.
  • Josh Andrews’s VCAP Test Track. Josh maintains a live lab containing a bunch of different vSphere 5.0 scenarios and makes it available freely to anyone that asks. Profoundly helpful.

The Exam

Saturday at 7:30am, with Monster and coffee on my breath, I walked into the test center to try my luck. So, the exam is 23 scenarios, conducted in a live lab setting, with a three hour time limit. Time, as everyone else that has ever taken this test will tell you, is not your friend here. Before the official exam starts, you’ll have ten minutes to fill out a survey. I suggest you use this time to collect your thoughts, make a few notes about whatever you were cramming on before entering the test site, whatever. I’d also suggest you write the numbers 1 – 23 down the left side of your scratch paper.

As soon as the test starts, click over to your jump box and launch the thick client and the web client. Log in. That’ll take a couple minutes to process—don’t wait. Click back to the question area. Quickly run through the test questions, and write a note or two about each scenario on your scratch paper. This’ll give you a sense of what’s ahead, and what tasks you might be able to work on concurrently or jump between.

After you’ve made your first pass, start wherever you feel most comfortable. I went right back to number one, and plugged away at the first fifteen or so in order. I then checked the time and realized I was not going to finish at that pace, so I started jumping around from there. I finished my first pass of the exam with about half an hour to spare, leaving one item completely untouched (as I had never seen the thing being tested) and three abandoned some portion of the way through. I was pretty well exhausted by that point and really tempted to just hit Finish and see where things landed. But, I decided to give the blank one the old college try, and see if I could figure it out by meandering through the UI. In what I feel is the Web Client’s best rebuttal against years of abuse, it turned out I could stumble my way through it without needing to know much of anything about the feature being tested. I then tried to salvage the other three, and I think I figured out two of them. The third, I did something that may have been what they were asking for—by that point I was done. I hit Finish with about five minutes left on the counter.

I got the “Expect results within 15 days” message, and I left feeling pretty good. I was not as prepared as I thought I was—more on that in a second—but I still felt I pretty much rocked that thing. As I got into my car, 20 minutes after hitting Finish, my pocket vibrated. Results were in. Passing Score: 300. Your Score: 300. Gulp. An ugly pass is still a pass, but that was cutting it a bit closer than I would have liked. Either the script that does the grading just stops and fires off an e-mail when it hits a certain threshold, or I made it by the skin of my teeth. I’m damned glad I didn’t hit Finish early.

Let’s assume that I presented as what they call the minimally qualified candidate. What could I have done better? Well, if you look at how I prepped, most of the resources I used were tailored to the 5.0 exam. I didn’t spend nearly enough time on 5.5-specific stuff. Also, without getting into NDA territory, there are things on the blueprint that can only be done in the Web Client, and I pretty much had to learn those things on the fly. The documentation was a huge help for that during the exam, but navigating it chewed up a lot of time.

Overall, it was not a particularly unpleasant exam. DCD was much more painful. With one exception, all of the questions were clearly written, and fair. Some of them covered things I wasn’t strong in, but they were direct enough that I knew right were to go for help. Some were a bit evil—giving you a few extra hoops to jump through on the way to an otherwise simple configuration bit—but most were surprisingly straightforward. Or, maybe they weren’t, and that’s why I only barely skated by. Either way, it’s done, and I can go on to the next thing.



In Which I’m Late to the Party – VMware EVO


If anything could wash the taste of the vRealize rebranding out of my mouth, it was VMware’s announcement of the EVO family.

VMware has realized that for all the pomp and circumstance they’ve built up around the Software-Defined Data Center, it remains a tough nut to crack. There are considerable challenges around initial setup, provisioning, and ongoing lifecycle management and support. The way they see it, there are three approaches to this today:

  1. Build your own. Separate procurement processes for all components—software, storage, compute, networking, etc—often based on a vendor’s reference architecture.
  2. Converged Infrastructure. Same traditional components from your major compute, network, and storage vendors, but sold as a single bundle, with some level of pre-integration. Your Vblocks, and to a somewhat lesser extent, FlexPods.
  3. Hyper-Converged Appliances. Scale-out devices comprising integrated compute and storage, with some networking tying them together.  The SimpliVities and Nutanices of the world.

EVO:RAIL is VMware’s initial swing at option 3. Chris Wahl has an excellent overview of EVO:RAIL here. The gist is that these are Hyper-Converged Infrastructure Appliances (HCIAs), 2U, 4-Node appliances, with each node containing two Intel E-2620v2 CPUs, up to 192GB RAM, a PCI-E Disk Controller, a 146GB SAS or 32 GB SATADOM device for ESXi boot, a single up-to-400GB SSD, three 1.2TB SAS 10K HDs, two 10GbE RJ45 or SFP+ ports for data traffic, and one 100/1000 Gb NIC for management. Each HCIA includes licensing for vSphere Enterprise Plus, Virtual SAN, Log Insight, and the EVO Engine.

Installation is ridiculously easy—rack it, cable it, and access the EVO:RAIL management console to launch a wizard that does the rest for you. The wizard walks you through assigning hostnames, network configuration, and passwords, and then cranks away for about fifteen minutes before presenting your with a happy “Hooray!” message and a URL for the EVO:RAIL dashboard . During that fifteen minutes, EVO:RAIL is deploying a vCenter appliance, installing ESXi, and configuring everything based on your inputs in the setup wizard. Crazy, huh?

The EVO:RAIL dashboard is something like training wheels for the vSphere Web Client. You can deploy new VMs, view system health, and perform updates. The traditional clients are available, too, if you prefer things to be harder.

Note that VMware itself is not in the hardware business. EVO:RAIL is something of a reference architecture, and VMware is partnering with OEMs to produce actual EVO:RAIL devices. Launch partners are Dell, EMC, Fujitsu, Inspur, Net One Systems, and Supermicro. You have to hand it to Dell, playing arms manufacturer in the hyper-converged appliance wars. They now OEM for VMware, SimpliVity, and Nutanix.

EVO:RAIL is neat, and I want one in a tower form-factor to sit under my desk and serve as a respectable homelab. I want a pony, too. But, neat though it may be, it doesn’t hold a candle to what’s ahead. VMworld also offered a tech preview of EVO:RAIL’s big brother, EVO:RACK.

EVO:RACK is the full SDDC in a box. Well, crate. The idea here is that these are large-scale deployments, with half-rack and full-rack configurations available, scaling to a large but unspecified number of racks. What’s in the racks will vary—the tech preview featured 2U, 2-Node appliances with Virtual SAN, but it’s somewhat open-ended. VMware will work with parters to qualify configurations for EVO:RACK. Software-wise, it’ll come with everything–vRealize Suite, Virtual SAN, NSX, and the new EVO:RACK Manager.

EVO:RACK Manager is where the magic happens. Here’s the experience VMware is shooting for:

  1. Pre-configured rack(s) arrive at customer site
  2. Customer connects power and network uplinks
  3. Customer walks through a quick wizard to define network settings, IP ranges, DNS, hostnames, tenant information–usual and basic stuff.
  4. EVO:RACK Manager takes over. Auto-provisions internal and uplink networking, ESXi installation, VCAC configuration.
  5. After provisioning, EVO:RACK Manager becomes a single pane of glass. Like, for real. As you grow, you continue to manage the environment as a single logical rack. New racks are auto-discovered and auto-provisioned based on Customer-defined SLA policies. Customers can request capacity, and EVO:RACK Manager auto-provisions pools based on those SLAs, and creates VCAC reservations as appropriate. Customers can request applications, and EVO will deploy logical networks and security automatically, again based on defined policies.

Total time, from wheeling in the rack to having a self-service portal? They’re shooting for under two hours.

I spent about half an hour just staring slack-jawed at the EVO:RACK Manager UI demo, just blown away. That degree of orchestration is hard. Just whisper “UIM” around anyone that’s been working with Vblocks awhile and watch the involuntary shudder. My initial impression was that this was a thumb-nosing at VCE, and what Vision is still so far from delivering. But in the Tech Preview session, they were called out by name as being on the integration roadmap. So maybe we’ll see a Vblock 900 someday based on EVO:RACK.

Yes, it’s a tech preview. Yes, forward-looking-statements and all. I don’t care–it’s nice to be excited about hardware again.


VCP-NV Preparation

Two days ago, VMware announced the availability of the VMware Certified Professional – Network Virtualization  track. An hour or two later, my buddy Chris Wahl dared me to take it. And fifteen minutes ago, I walked out of the exam center at Moscone South with a > 300 score report. Longtime readers of the blog may recall me mentioning that I knew next to nothing about NSX going into VMworld, and are probably just as surprised as I am that I eked out a pass in such a short time.

Here’s how I did it:

  1. Figure out what you don’t know. This was easy—everything.
  2. Get a sense of what you need to know. VMware makes this easy—everything they’re going to test on is in the blueprint.
  3. Figure out what resources you have available. The NSX documentation is readily available, and VMware was kind enough to link to specific docs in the blueprint. There are Hands-on-Labs, to get stick time. And there’s a practice test, to give you a sense of what you’re in for.
  4. Read the docs. Yes, all of them. Any random footnote is a potential test question. Start with the overview and design docs to get the concepts, then move into Installation and Admin guides. Take notes.
  5. Do the labs. Yes, all of them. I did HOL-SDC-1403 – VMware NSX Introduction, HOL-SDC-1425 – VMware NSX Advanced, and HOL-SDC-1462 – Palo Alto Something or Other.  After that, I launched and re-lauched HOL-SDC-1403 just to play around with different things, stepping through most of the tasks in the Installation and Admin guides, and exploring the UI. VMware loves to ask silly questions about which submenu under what sub tab of what configuration option a task is found in. You’ll have to poke around a little to prepare for that.
  6. Take the practice test. Consider it open book. Look up the answers as you go, and re-read the surrounding sections to make sure you understand each answer.
  7. Repeat 4-6. Stop just before you get here: 
  8. Take the test before you forget everything.

Total prep time here was maybe eight hours of reading and annotating, and ten hours of lab time, over not-quite-three days. Not something I’d recommend, but if you’re at a conference and free from the usual distractions, it can be done.

Ooh, also–if you can, it helps to read or write a general VMware Networking book beforehand, too. It’s VCP-NV, not VCP-NSX. There’s a good bit of traditional vSphere networking covered. If you need a good resource there, you could do worse than the one in the right sidebar.



Obligatory Pre-VMworld Post

So VMworld 2014 kicks off next week. I’m thrilled to be attending, for what must be the fifth or sixth time. There’s no better opportunity to brine yourself in geekery and soak up everything VMware and its partners have to offer. Sure, most of the content will be available later—and the general sessions will be available live—but there’s just no substitute for the energy of the room. Something about bringing all of these smart people together, everybody feeding off of each other’s curiosity and interest, it just recharges my Give-a-Shit battery like nothing else. And by this time of year, I’m pretty much running on fumes.

Empty battery small

Just try not to picture it full.



Here’s a selection of the sessions on my schedule, because that’s a thing people do:

NET1214 – NSX Certification – the Next Step in Your Networking Career.

NET2747 – VMware NSX: Software Defined Networking in the Real World

NET1743 – VMware NSX – A Technical Deep Dive

NET1589 – Reference Design for SDDC with NSX & vSphere

NET1974 – Multi-Site Data Center Solutions with VMware NSX

NET1674 – Advanced Topics & Future Directions in Network Virtualization with NSX

NET1581 – Reference Design for SDDC with NSX for Multi-Hypervisions

NSX overkill, maybe? I haven’t had time to do much more than scratch the surface of NSX, so I’m trying to make up for it here.

SDDC1600 – Art of IT Infrastructure Design: The Way of the VCDX – Panel

I’m still on the fence over whether or not VCDX is realistic given homelife constraints—kids are a gigantic time sink—but eventually I’m going to get sick of Wahl lording it over me.

SDDC1767 – SDDC at Scale with VMware Hyper-Converged Infrastructure: Deeper Dive

This session is strangely subtitled “Deeper Dive,” which leads me to believe we might get introduced to something called “VMware Hyper-Converged Infrastructure” during the General Session. I’m hoping this is the rumored MARVIN project, which The Register has speculated will involve a scale-out, node-based architecture built on VSAN with NSX on top.

INF2311 – vCenter Server Architecture and Deployment Deep Dive

This purports to be a futures discussion around how vCenter is evolving going into the next major release. As vCenter Server Heartbeat was recently shot in the head, I’m expecting some news on improved availability options. 

Book Signing

On a related note, Chris Wahl and I will be signing copies of our book, Networking for VMware Administrators, at 1:00pm Wednesday in the VMworld Bookstore (Moscone South). Please do come out, say hi to Chris, and give me an awkward “And you are?” look. Chris has announced that all of his proceeds from book sales will be donated to Alzheimer’s Association. I, too, would like to announce that all of Chris Wahl’s proceeds from book sales will be donated to Alzheimer’s Association.


UCS Fabric Interconnect Port-to-ASIC Mappings

I’ve done something like three million Cisco UCS installations. I treat them as something like performance art these days, going through a polished routine of technical facts and banter. One could say I’ve done too many. One could say that often, and loudly.

Anyway, every now and then I’ll have a customer interrupt the flow with a Good Question. I love when that happens, as it usually means I’m about to learn something new. Recently, a network guy—the network guys always start trouble—asked me about the port-to-ASIC mapping in a 6200-series Fabric Interconnect. And I realized I really didn’t know. Cursory Googling didn’t turn up a concrete answer. I reasoned aloud that since the Fabric Interconnects share the same hardware guts as the Nexus 5K switchest the internal plumbing was likely the same, and was able to turn up an answer for 5596 port mappings. The customer wasn’t terribly satisfied with this answer, as his 6296s differed in product number and, in fact, color from their Nexus switch cousins.

Some digging turned up an NX-OS command that would display these mappings on a 5500, and it turns out the same command works on the Fabric Interconnects. For a 6200-series FI, connect to the CLI of your FI, enter NX-OS configuration mode (connect nxos), and enter the command “show hardware internal carmel all-ports.” You’ll see something like the following:

6200 carmel

The first column indicates the FI port, and the third indicates the internal ASIC (or Unified Port Controller) number. So, on a 6200-series FI, each group of eight contiguous ports is backed by an individual ASIC.

A similar command works on the older 6100-series FIs—“show hardware internal gatos all-ports.” The difference reflects the different ASIC codenames between platforms. Output should be similar to the following:

6120xp Gatos

Again, first column is port number, third is ASIC number. On a 6100-series FI, each block of four ports is backed by an individual ASIC.

The more you know banner

Now, why did the network guy want this information? He was interested in potentially spreading port assignments across ASICs, as they had recently been bitten by an issue where an ASIC failed. This concern was alleviated after talking through FI failure scenarios, as ultimately the OCD-appeal of having neat, contiguous blocks of uplinks won out over protecting against the profoundly unlikely event of the same ASIC failing on two FIs.