Monday, September 26, 2022

Demystifying Aria

A few weeks ago Raghu, during his general session at VMware Explore, unveiled VMware Aria in the center of the main stage exploring how it can bring peace to the Cloud Chaos caused by the great but still disorganized cloud adoption during the past few years, leading companies from every size to live with a disparate set of tools, siloed teams, miss-configurations, lack of compliance and even high unnecessary expends. You can still catch the replay here.

First and foremost what Aria means?
It has a musical meaning; the word is used to describe a piece for voice. That piece could be an instrumental accompaniment or be solo, and is usually part of a longer work, like an opera. Sing with One Voice

It makes perfect sense because VMware Aria is all about bringing everything together, from cost, and performance to configuration into a single central management console, something that has never been seen before.

Another common mistake is to think it's a simple rebrand of vRealize Suite. Not the case !!
Although VMware Aria will benefit from several solutions that you already own and love, meaning you can leverage everything you have built so far, including the knowledge you acquired along the road, also brings to the table new groundbreaking technology such as Aria Hub and Aria Graph:

Let me give you an overview of the entire VMware Aria portfolio:

Aria Hub: That's the centralized multi-cloud management portal where you can see and manage your entire fleet of apps, from Cloud Native to on-prem workloads. Along with your App details, you will see dependencies/relationships, cost, performance metrics, security information, and more without the need to jump from screen to screen;

Aria Graph: the database powering Aria Hub. Designed for the challenges of the cloud world, being able to ingest billions of data points from different sources, and correlate and federate them in a way to make consumption much easier.

Aria Guardrails: a high-level policy definition to enforce your desired state on your environment, network, cloud accounts, organizations, and more. But also to be able to remediate your settings as drift occurs;

Aria Business Insights: dozens of events and alerts coming these days from different sources, Which one is critical ? Which one is relevant? Which one is simple noise ? That's the goal of this AI, leveraging ML to present you the relevant insights so you can take actions to remediate your app, which could be a performance anomaly or a suddenly cost increase, or even a security vulnerability;

Aria Migration: designed to help migrate your workloads to the cloud taking into consideration cost, performance impact, and dependencies,  allowing you to schedule when the migration will occur. All of this with a rich set of pipelines for you to customize adding extra steps and approvals along the way;

Aria Cost (formerly CloudHealth): a complete FinOps platform that simplifies financial management, streamlines operations and improves cross-organization collaboration across multi-cloud environments;

Aria Automation (formerly vRealize Automation): Modern automation platform allowing self-service cloud consumption with governance and Dev-Ops based infrastructure management;

Aria Automation Assembler (formerly Cloud Assembly): part of Aria Automation in charge of the creation and design of end-to-end services and offers to be consumed by end-users;

Aria Automation Consumption (formerly Service Broker): part of Aria Automation responsible for Catalog presentation, approval policies and governance;

Aria Automation Pipelines (formerly Code Stream): part of Aria Automation providing pipelines services for CI/CD activities;

Aria Automation Config (formerly SaltStack Config): It's VMware's configuration management solution to configure systems, install products on-demand, enforce policies and guidelines, remediation, Vulnerability and compliance checks remediations;

Aria Automation Orchestrator (formerly Orchestrator): it's a long-time VMware veteran in charge of extensibilities beyond what's provided out of the box, with hundreds of plugins available so you can extend your solution far beyond;

Aria Operations (formerly vRealize Operations): enables self-driving IT Operations delivering continuous performance, capacity and cost optimization;

Aria Operations for Applications (formerly Tanzu Observability and before that Wavefront): provides unified observability for your applications covering metrics, logs, traces, and events from a single source of truth for greater business agility with unmatches scalability in the millions of points per second;

Aria Operations for Logs (formerly vRealize Log Insight): Centralized log management with deep operational visibility and intelligent analytics for troubleshooting and auditing;

Aria Operations for Networks (formerly vRealize Network Insight): Manage your network at scale with intelligent application discovery, analytics and troubleshooting to help you identify trends, patterns and even not allowed traffic;

Aria Operations for Integrations (formerly vRealize True Visibility Suite):  Extend Aria Operations to data depth and context to additions solutions, like physical datastore, applications, networks and more;

Aria Operations for Secure Clouds (formerly CloudHealthSecure State): Find risks and misconfiguration by visualizing and correlating resources for faster response and remediation to protect your cloud environments;

If you got this far, thanks a lot. 

I'm sure now you understand how all those details can be brought together for a comprehensive understanding of your applications, making your life much easier !!

Tuesday, September 6, 2022

Beacons as States

Beacons at VMware Aria Automation Config (AKA vRealize Automation Saltstack Config) is a key enabler to creating a self-healing, healthy and stable environment. It allows you to continually monitor events on the minions, like logins, disks and processes usage, services, and much more, once a defined activity occurs the beacon will notify the system, and then you can trigger a Reactor, which is the piece that does the remediation/configuration, but Reactor is a topic for another post, today let's focus on the beacon itself.

There are a few methods to enable beacons, through the use of config files, Pillars, or with the use of state modules.

Here's come the first challenge, if you look at tutorials and blogs out there, you will only find examples of config file manipulation, local to the minions or through the use of the file state module.

Second challenge; complexity and scalability:
IMHO, using the file state module is a little complex and requires some extra attention as the solution scales;
Let's take an example of 3 behaviors you wanna monitor; A, B, and C (for this example it does not matter what those beacons are).

To get it to work on every possible combination you will need to create 7 different config files to distribute for your minions depending on the combination of activities you want them to monitor.

file 1: only a
file 2: only b
file 3: only c
file 4: a+b
file 5: a+c
file 6: b+c
file 7: a+b+c

To summarize, to monitor only 3 behaviors you will need 7 config files, you can imagine how complex it would be if you have dozens of individual behaviors to monitor. Plus, when you are manipulating the config file you need to restart the salt-minion service for the new beacon to take effect (would that be another challenge?).

Now comes my preferred method;  the use of state modules;
You can write individual beacons for the behaviors you want to monitor and apply them whenever you want without having to worry about previous beacons or a combination of the desired config file, It will just add up to the beacons that are already applied, and because it's applied through the states it's automatically enabled, no need to restart the service.
Taking the A, B, and C example, you will end up with only 3 state files.
But now here's come another challenge, there are not many beacon examples of state files out there;

even though they look pretty much the same for other states, I usually have a hard time getting them right, so I decided to share its syntax.

1 - It's the ID, can be anything you want, or the name of the module;
2 - this one is self-explained, right ?! it's a beacon;
3 - the name of the module you want t monitor;
4 - it saves the beacon to the local minion's config file,  it will persists upon reboots, otherwise it will just monitor available during the actual session;
5 - enable, means enable, right...why create something if you will keep it disabled;
6 - extra parameters the module might require;

if you are looking for some other examples, check my GitHub repository.

Now, it's your turn, tell me how you manage beacons in your environment.


Monday, August 22, 2022

VMware Explore recommended sessions

VMware Explore is right around the corner, from August 29th to September 01st, if you are like me, you are planning your time to take the best from the event by attending sections and talks that most align with your challenges and interests.
Content Catalog is already available, but sometimes it's hard to find the session you need among so much great content.
You wont miss the General Sessions, right... right ?!?
That's why I'm sharing the best Cloud Management sessions out there, enjoy it !!!
Tuesday, Aug 30
Wednesday, Aug 31
Thursday, Sep 01
If you still have some free slots, here's a list of some nice Hand-on labs you can practice the cool stuff:

It's not a definitive guide, of course there are so many other great content available, it will really depends on where your are on your cloud adoption journey and the level of knowldge you already have.
Share on the comments other sessions we cannot miss !!!

Monday, June 13, 2022

Cloud Assembly - Kubernetes EXITED

 For the past few days my vRealize Automation Cloud has been broken, mainly because there was an error with my Cloud Proxy preventing it to connect back to my on-premise vCenter.

Checking the Cloud Proxy details I could see Cloud Assembly - Kubernetes (cloudassembly-cmx-agent) had an EXITED status.

Even though the UI logs provides a clear error message: "Error generating auth token, status code: 400" I still had no idea on how to fix i.

Checking the container's log directly on the cloud proxy provides a consistent message.

I was running out of ideas since my searches resulted in nothing, no public KB, internal stuff, documentation blogs out there... nothing related to this error and how to fix it.

Of course I tried to start the container again, reboot the appliance even provisioned a few extra cloud proxies, all with the same error.

At this point it made me to think it was something extra, maybe environmental.... that's when it strike me, my whole lab leaves inside a bubble, including my internal NTP server.

Checking this baby I realized it was 5 hours behind it... which havent cause any issue with my systems, but since the Cloud Proxy connects back to the external world... it might be it. With so little hope I adjusted ajusted my NTP server time and syncronized everything back to it.

As you might guess, cloudassembly-cmx-agent was back to run.

Yeah I know.... sometimes it's the basics, the whole point of this post is to document that such an unusual error message could be simply your time settings and hopefully it would save you some precious troubleshoot hours.

See you guys

Who am I

My photo
I’m an IT specialist with over 15 years of experience, working from IT infrastructure to management products, troubleshooting and project management skills from medium to large environments. Nowadays I'm working for VMware as a Consulting Architect, helping customers to embrace the Cloud Era and make them successfully on their journey. Despite the fact I'm a VMware employee these postings reflect my own opinion and do not represents VMware's position, strategies or opinions. Reach me at @dumeirell

Most Viewed Posts

Blog Archive