Categories
AWS Veeam VMware VMware Cloud on AWS

Monitoring VMC – Part 1

As previously mentioned I have been working a lot with VMware Cloud on AWS and one of the questions that often crops up is around an approach to monitoring.

This is an interesting topic as VMC is technicaly “as a service” therefore the monitoring approach is a bit different. Technically AWS and VMware’s SRE teams will be monitoring all of the infrastructure components,

however you still need to monitor your own Virtual Machines. If it was me I would still want some monitoring on the Infrastructure and I see two different reasons why you would want to do this:

Firstly I want to check that the VMware Cloud on AWS service is doing what I am paying for. Secondly I still need to monitor my VM’s to ensure they are all behaving properly, the added factor is that with a good realtime view of my workload I can potential optimise the number of VMC hosts in my fleet reducing the costs.

With that in mind, I decided to look at a few options for connecting some monitoring tools to a VMC enviroment to see what worked and what didn’t.  I am expecting some things could behave differently as you don’t have true root/admin access as you would usually do.  All of the tests will be done with the cloudadmin@vmc.local account.   This is the highest level account that a service user has within VMC.

The first product that I decided to test was Veeam One.  This made sense for a few reasons:  Firstly I’m a Veeam Vanguard and am very familiar with the product. I also have access to the Beta versions of the v10 products as part of the Vanguard program.

Secondly, it’s pretty easy to spin up a test server to kick the tyres and finally, the config is incredibly quick to implement.

I could have easily added a VMC vCentre to my existing Veeam servers however I choose to deploy a new server just for this testing.  Assuming you have network access between your Veeam One server and the VMC vCentre then adding to Veeam One is straightforward. If not you will need to open up the relevant firewall’s

Once done Veeam performs an inventory operation and returns all of the objects you would expect.   This test was shortly after a VMC environment was created so it doesn’t yet have any workloads migrated to it.  However, as you can see below its correctly reporting on the hosts and VM workloads. It is correctly reporting back that the hosts are running ESXi 6.9.1

I also ran a couple of test reports to check they functioned as expected. Everything seemed to work as I would expect.

In Part two I am going to look at using  Grafana, Influxdb and Telegraf and seeing if this common opensource monitoring stack works with VMC.

Categories
AWS Veeam VMware

Monitoring VMC – Part 1

As previously mentioned I have been working a lot with VMware Cloud on AWS and one of the questions that often crops up is around an approach to monitoring.

This is an interesting topic as VMC is technicaly “as a service” therefore the monitoring approach is a bit different. Technically AWS and VMware’s SRE teams will be monitoring all of the infrastructure components,

however you still need to monitor your own Virtual Machines. If it was me I would still want some monitoring on the Infrastructure and I see two different reasons why you would want to do this:

Firstly I want to check that the VMware Cloud on AWS service is doing what I am paying for. Secondly I still need to monitor my VM’s to ensure they are all behaving properly, the added factor is that with a good realtime view of my workload I can potential optimise the number of VMC hosts in my fleet reducing the costs.

With that in mind, I decided to look at a few options for connecting some monitoring tools to a VMC enviroment to see what worked and what didn’t.  I am expecting some things could behave differently as you don’t have true root/admin access as you would usually do.  All of the tests will be done with the cloudadmin@vmc.local account.   This is the highest level account that a service user has within VMC.

The first product that I decided to test was Veeam One.  This made sense for a few reasons:  Firstly I’m a Veeam Vanguard and am very familiar with the product. I also have access to the Beta versions of the v10 products as part of the Vanguard program.

Secondly, it’s pretty easy to spin up a test server to kick the tyres and finally, the config is incredibly quick to implement.

I could have easily added a VMC vCentre to my existing Veeam servers however I choose to deploy a new server just for this testing.  Assuming you have network access between your Veeam One server and the VMC vCentre then adding to Veeam One is straightforward. If not you will need to open up the relevant firewall’s

Once done Veeam performs an inventory operation and returns all of the objects you would expect.   This test was shortly after a VMC environment was created so it doesn’t yet have any workloads migrated to it.  However, as you can see below its correctly reporting on the hosts and VM workloads. It is correctly reporting back that the hosts are running ESXi 6.9.1

I also ran a couple of test reports to check they functioned as expected. Everything seemed to work as I would expect.

 

 

In Part two I am going to look at using  Grafana, Influxdb and Telegraf and seeing if this common opensource monitoring stack works with VMC.

 

Categories
AWS Personal

AWS Solution Architect – Associate

Today was a good day.   I renewed my AWS Solution Architect certification.   Although my work is primarily in and around the VMware ecosystem I have been working a lot with VMware Cloud on AWS recently with a number of our customers.     Having a good foundation of the core AWS services has made this much much easier to be able to articulate to the customers.

Due to the non-disclosure agreement, I can’t talk about any specific questions however I will say that the questions and the focus have changed quite significantly since I sat the exam a few years ago.  Like AWS itself they were at the cutting edge of the industry and the number of services they now offer is extreme, adding to the challenge of the exam.  I am now good for the next three years however I am planning to sit the Professional level exam in the new year.

 

Categories
AWS Homelab Money

AWS IoT Button

AWS IOT Button

Back Story:

My AWS Solution Archictect certification is due to expire in the next 6 months and given I have not done a huge amount with AWS since getting certified I thought it was worth kicking the tyres again and running a few bits and pieces within AWS. One of the first things I did was move my blog over to AWS lightsail.

In addition to the  above I thought I would purchase an AWS IOT button  and have a play. The setup for these is now MUCH simpler with the introduction of the iOS and Android  setup apps.

Part 1   Button setup to email

To start with I just wanted to do something easy so I set it up so that with a press of the button it would send me an email via SES  This was to get to grips with the button check I had the comms setup correctly etc etc. I chose to use one of the prebuilt python functions for this. It deliveries a basic email like the below.

[codeblocks name='Pythonmail']

Part 2 IFTTT integration

Once i had this working I then decided to hook it into my Phillips Hue setup to turn the lights on or off. This was done mainly with the help of  this post from Joseph Guerra This wasnt quite straightforward as IFTTT have renamed some of the parts of the site. Joseph did a great post explaining this, however where he describes maker this is now called webhooks within IFTTT.  This is the full code that i’m using ( just with my key masked

[codeblocks name=’IFTTTLambda’]

Part 3 Monzo

Once the AWS to IFTTT integration was setup the next steps were quite easy.   Monzo is becoming my goto bank for most things.  They recently announced IFTTT integration so I wondered if i could hook my IOT button into Monzo.  I decided to create an action that when my button was pressed it would move £1 into a savings pot.

First you need to login to your IFTTT account and then add the Monzo channel.  This is pretty straight forward if you do from your phone where IFTTT and Monzo is installed.

I then went back to IFTTT on my laptop  to create the new applet using the create link https://ifttt.com/create

Then click on the + icon and drill down to find the webhook section

Then you need to check that the eventname on the webhook matches the AWS lambda event in my case I am using “buttonpress”

This should complete the “this” section, Now you to sort the “that”

Click on the plus and select the Monzo service with an action to move money into a pot ( Within the Monzo app I have already created a savings pot called IFTTT)

At the end of the process you should have something that looks like the below

If everything is setup ok a button press will move money over in a few seconds.

Categories
AWS Hosting

AWS Lightsail

AWS Lightsail

I have been running this blog on-top of some of my Infrastructure at home but the performance ( due to my connection) has never been stunning.

So I decided to move it over to an AWS Lightsail instance to investigate more about the newer VPS service from Amazon and to hopefully help anyone that wants a read.

Assuming you already have an AWS account getting a Lightsail instance up is very quick and incredibly easy.

Options exist for either Linux or Windows

 

Pricing is also very straightforward

Pricing

I chose to go for the $10 a month Instance running Ubuntu with Plesk Included

Once you have decided what you want decide what AWS region you want ( Not all are currently available) I have gone for Ireland

 

 

Then your Instance OS and App

Pick the instance  spec/price and then give the instance a name and click Create

 

A few minutes later you will have a running instance

A public IP will be allocated  and on a Linux server SSH HTTP and HTTPS will be open by default

 

In summery.  Its not as complex as EC2 but the beauty is in the simplicity if your new to AWS its a great place to start and the  performance has  certainly surprised me.

 

 

Categories
AWS Hosting

AWS Status Page – Monitoring Included

AWS Status Page – Enhancements

In a previous post, I deployed a basic AWS status page.  The tool I deployed lambstatus supports pulling metrics from AWS Cloudwatch and displaying them.  As part of my personal development, I thought I would include this on my status page.

I managed to get this working as can be seen here. This is a lambda function running once a minute polling this website and adding the response time into AWS Cloudwatch which Lambstatus is allowed to call.  It has been running without a hitch for nearly a month now at effectivly zero cost

Site Response

The guide I followed is very good and is documented in the Git repo here

Categories
AWS

AWS for Beginners Part 1

AWS for Beginners Part 1

I am hoping to get back into doing some AWS stuff over the next couple of months.  I am a huge fan of some of the tools and technology they have built.  It’s not perfect and its often not well understood by people lifting and shifting existing infrastructure into “the cloud”

My view is firmly if this is what you have done, then you have done it wrong and missed the point….

But if you do want to kick the tyres and see what its all about go and setup an account and play 

Ensure you implement the three recommendations

  • Root Account Security – Ensure you have a strong password on this account then stop using it.  Use IAM to set up another account and then use that.
  • Enable Two Factor Authentication – This is a must,  Sadly AWS don’t appear to support my preferred 2FA device . Yubikey so i’m using the Google authenticator
  • Enable Billing Alerts Create an alert so that if your bill will be over X you will get a notification.  Its very easy to leave an Instance or several running somewhere.  No one wants billshock.

 

Update:   AWS now does support Yubikey.   Wahoo .

 

Categories
AWS

AWS – Serverless

AWS – Serverless

Serverless is one of those stupid names within IT that doesn’t really explain whats going on. Its led to the comical meme below

But buzzword bingo aside what is it and what can you do with it?  Well, my AWS cert is due to expire shortly and I haven’t played with it for a good while.  So I decided to build something to demonstrate the power of it.

I run a few services on some of my lab kit (Mail/Web/Spam filtering etc ) So I decided to deploy a Serverless status page using some of the funky AWS services.   This is built using lamb status. Now they have done a huge amount of work on this and all credit goes to them.   It’s a very easy to deploy public website that relies on ZERO webservers.  It also has an admin page to easily edit the status pages and objects etc. It also supports input via API and publishing actual monitoring data from AWS.  Its designed to be incredibly cheap to run with 30,000 hits predicted to cost less than $1

Its built using a number of  AWS technologies listed below if you unfamiliar with these I would strongly suggest learning more.

  • Cloudformation
  • Cloudfront
  • S3
  • Lambda
  • Cognito
  • API Gateway
  • DynamoDB

How the AWS Services are hooked together

The finished public result is here giving public info on the services I run. I have added some demo incidents to see what they would look like.

In reality, this is total overkill but it was nice to see what some people are deploying on AWS and especially the serverless functions

The demo admin page is here. The deployment is incredibly straight forward and all done with Cloudformation so I haven’t gone into any detail here.

I will work on getting some of the metrics from my servers into this status page and it also allows you to add your own domain rather than the CloudFront one I am using hopefully that will by my next blog post.