Tuesday, October 14, 2014

VMware Software Defined Infrastructure with EVO:RAIL


VMware EVO: RAILTM is the first hyper-converged infrastructure appliance powered 100% by VMware’s compute, networking, storage, and management software. 

EVO: RAIL Deployment, Configuration, and Management streamlines initial setup and ongoing operations including updates with zero downtime and automatic scale-out. EVO: RAIL is fully deployed in minutes, once racked, cabled and powered on.

Custom Builds – These are the traditional, build-your-own style data centers, in which engineers or architects in the organization take the silo components – network, storage, compute, and management – and cobble them together using a combination of experience and know-how.

Converged Infrastructure – Offerings that combine the components from Custom Builds into an offering, either as a product (such as Vblock) or as a reference architecture (such as FlexPod). The benefit is that most of the architecture challenges have been solved for the consumer, and in the case of Vblock, is offered directly from the factory as a set of cabinets fully racked and stacked.


Hyper-Converged Infrastructure – This is usually a clean-slate approach that uses COTS (commodity, off the shelf) components to build a node that contains the compute power, storage, and upstream network interfaces. Nodes are pieced together into a seamless fabric using dedicated or shared network interfaces, varying from InfiniBand to traditional Ethernet, to look and feel like a single, logical entity. There is still a need to plumb these nodes into the physical or underlay network, typically a top of rack (ToR) or end of row (EoR) grid that connects up into a leaf-spine or three-tier topology.



Exposing the EVO

Get ready for some new acronyms. I’ve already spilled the beans on Software Defined Infrastructure in the headline, but now we also have Hyper-Converged Infrastructure Appliance, or HCIA. Under the covers, VMware has taken a COTS approach and layered on VMware vSphere along side Virtual SAN (VSAN). This provides all of the software bits necessary to put together an appliance offering that VMware plans to support end-to-end with a “one support call” model. EVO is sold as a single SKU – this includes the hardware, software, and SnS (support/maintenance) – to make the procurement model relatively less painful. We all know procurement will never be completely painless for most enterprise. 

Each HCIA (again, that’s the Hyper-Converged Infrastructure Appliance for those playing at home) is a 2U chassis with 4 nodes inside. The version 1.0 release will allow for 4 HCIAs to be put together, resulting in 8 RU of rack space and 16 nodes worth of EVO. That’s half the size allowed by the vSphere 5.5 cluster maximum, so I would imagine that the number will grow at some point beyond the 1.0 release. At least, let’s hope so.

EVO Use Cases


If you’re curious what VMware is targeting for EVO, it boils down to just about everything. Here’s a slide that could have easily been renamed to “all your base are belong to us” and not been far off the mark.


Simplicity with the EVO:RAIL Engine


Although the components within RAIL are the vSphere bits you know and love, there’s an additional component that turns EVO:RAIL into a product. That’s the EVO:RAIL Engine. It’s essentially a front-end interface into the product.

  • EVO: RAIL automatically configures the IP addresses and hostnames that you specified when you ordered EVO: RAIL. Configure your TOR switch and click the Just Go! button. All you have to create are two passwords.
  • When you customize EVO: RAIL, all required configuration parameters are supplied for you by default, except for ESXi and vCenter Server passwords. Customize Me! allows you to easily change the defaults.
  • Upload Configuration File, an existing configuration file can be selected and uploaded


Once completed, you get a very happy completion screen that lets you log into EVO:RAIL’s management interface.



Once logged in, you are presented with a dashboard that contains data on the virtual machines, health of the system, configuration items, various tasks, and the ability to build more virtual machines. Notice that the configuration screen also includes build versions of vCenter, ESXi, and EVO:RAIL, along with the ability to license the product and push offline updates (important for those without an interface facing connection) to the EVO.


Hardware Components

The EVO:RAIL comes with pre-defined hardware components listed below:

Per HCIA
  • 24 hot plug 2.5 drives
  • Dual PSUs ~1600W

Per Node
  • Dual socket Intel E5-2620v2 (6 cores)
  • Up to 192 GB of RAM
  • 1 x Expansion Slots PCI-E: Disk controller with pass through capabilities (Virtual SAN requirement)
  • 1 x 146 GB SAS 10K-RPM HDD or 32 GB SATADOM (ESXi boot)
  • 1 x SSD up to 400 GB (Virtual SAN requirement for read/write cache)
  • 3 x 1.2 TB SAS 10K-RPM HDD (Virtual SAN data store)
  • 2 x Network – 10 GbE RJ45 or SFP+
  • 1 x Management RJ45 – 100/1000 NIC

Adding a new HCIA involves cabling the appliance and then letting EVO:RAIL detect and connect. The rest is handled for you. You can only add one appliance at a time in release version 1.0.


Network Layout

The virtual switch is configured for 2 vmnics (vmnic0 and vmnic1) with pretty much all traffic using vmnic0. The only thing that uses vmnic1 is the VSAN traffic. Specifically


This configuration will require that you have provided a 10 GbE top of rack (ToR) switch for connectivity, as well as the following:

  • IPv4 and IPv6 multicast must be enabled on all ports on the TOR switch. When using multiple TOR switches, ISL multicast traffic for IPv4 and IPv6 must be able to communicate between the switches. (EVO uses IPv6 for auto-discovery)
  • Configure a management VLAN on your TOR switch(es) and set it to allow multicast traffic to pass through.
To allow multicast traffic to pass through, you have 2 options for either all EVO: RAIL ports on your TOR switch or for the Virtual SAN and management VLANs (if you have VLANs configured):
  • Enable IGMP Snooping on your TOR switch(es) AND enable IGMP Querier. By default, most switches enable IGMP Snooping, but disable IGMP Querier.
  • Disable IGMP Snooping on your TOR switch(es). This option may lead to additional multicast traffic on your network.

Here’s an example ToR configuration to set up the EVO:RAIL:



Sunday, October 12, 2014

VMware vSphere 5.5 C# Client

vSphere 5.5 Update 2 has just released and among the various bug fixes, one that stands out the most to me and I am sure everyone will be quite happy about (including myself) is the ability to now edit a Virtual Hardware 10 Virtual Machine using the legacy vSphere C# Client. Previously, if you tried to edit a Virtual Machine running the latest Virtual Hardware (version 10), you would get a warning message prompting you to use the vSphere Web Client and the operation would be blocked.


Direct download link for the vSphere 5.5 Update 2 C# Client: 





Note: You do not need to install vSphere 5.5 Update 2 to be able to use this new functionality, you just need to upgrade your vSphere C# Client to the vSphere 5.5 Update 2 release and you will be able to connect to previous versions of vSphere 5.5 (vCenter Server & ESXi).

VMware vSphere 5.5 Update 2 Released !!!

VMware released vSphere 5.5 update 2. Now available from vmware site. There are few additional feature and 100 plus bug fixes from vsphere 5.5 update 1 version.

This is a minor update, but with some important support database update. it’s great to see SQL server 2014 now supported.

SRM 5.8 requires vCenter 5.5 update 2.so whenever SRM 5.8 comes out be sure to upgrade your vCenter prior to deployment.

Vsphere 5.5 update 2 also allow the “legacy” vsphere client to modify some properties (RAM,change network port group, remove devices , vCPU , Mount ISO , increase disk space, reservertions, edit advanced settings) of Hardware v10 VMs.

What's New in VMware ESXi 5.5 update 2 ?

  • Support for hosts with 6TB of RAM – vSphere 5.5 Update 2 starts to support hosts with 6TB of RAM.
  • VMware vShield Endpoint Thin Agent is renamed as VMware Tools Guest Introspection plugin – The vShield Endpoint driver bundled with VMware Tools is now called Guest Introspection.
  • Resolved Issues: Take a look at the list of  Resolved issues  with the release of  VMware ESXi 5.5 Update 2
  • vCenter Server database support: vCenter Server now supports the following external databases:   Oracle 12c. (Important: For pre-requisite requirements, see KB 2079443),  Microsoft SQL Server 2012 Service Pack 1  &  Microsoft SQL Server 2014.
  • vCloud Hybrid Service: The vCloud Hybrid Service (vCHS) introduces a new container, Hybrid Cloud Service, on the vSphere Web Client home page. The Hybrid Cloud Service container contains the vCHS installer and the new vCloud Connector installer.
  • Customer Experience Improvement Program: The vSphere customer experience improvement program is introduced to collect configuration data for vSphere and transmit weekly to VMware for analysis in understanding the usage and improving the product.
  • Resolved Issues: Take a look at the list of Resolved issues  with the release of VMware vCenter 5.5 Update 2.

Product support Notices

  • vSphere Web Client: Starting with vSphere 5.5 Update 2, Windows XP and Windows Vista are not supported as vSphere Client Operating System. You can find the complete list of operating system supported by vSphere Web Client in the VMware Compatibility Guide.
  • vSphere Web Client: Because Linux platforms are no longer supported by Adobe Flash, vSphere Web Client is not supported on the Linux OS. Third party browsers that add support for Adobe Flash on the Linux desktop OS might continue to function.
  • VMware vCenter Server Appliance: In vSphere 5.5, the VMware vCenter Server Appliance meets high-governance compliance standards through the enforcement of the DISA Security Technical Information Guidelines (STIG). Before you deploy VMware vCenter Server Appliance, see the VMware Hardened Virtual Appliance Operations Guide for information about the new security deployment standards and to ensure successful operations.
  • vCenter Server database: vSphere 5.5 removes support for IBM DB2 as the vCenter Server database.
  • VMware Tools: Beginning with vSphere 5.5, all information about how to install and configure VMware Tools in vSphere is merged with the other vSphere documentation. For information about using VMware Tools in vSphere, see the vSphere documentation. Installing and Configuring VMware Tools is not relevant to vSphere 5.5 and later.
  • vSphere Data Protection: vSphere Data Protection 5.1 is not compatible with vSphere 5.5 because of a change in the way vSphere Web Client operates. vSphere Data Protection 5.1 users who upgrade to vSphere 5.5 must also update vSphere Data Protection to continue using vSphere Data Protection.

VCE Vision Intelligent Operations

VCE Vision Intelligent Operations enables and simplifies converged operations.  The software acts as a mediation layer between Vblock™ Systems and data center management tools, dynamically informing those tools about Vblock Systems – so all customer management toolsets can experience a consistent and comprehensive view of the entire infrastructure.  Vision Software delivers intelligent discovery to provide a single-objective perspective of Vblock Systems.  Comprehensive awareness of the industry-leading components that comprise Vblock Systems and promote infrastructure standardization through automated validation and system assurance.  And integration capabilities make it possible to provide this level of intelligence to any toolset.  The software is integrated with the VMware Virtualization and Cloud Management Portfolio, and also supports API-enabled integration into other standard industry tools.  




Deeper Dive:

Discovery
  • Detects what is in a Vblock System
  • Provides up-to-date inventory
  • Details component interconnections
Validation
  • Checks compliance to RCM
  • Collects required RCM updates*
  • Checks security status*
Health
  • Consolidated Health Status via API
  • Consolidated SNMP MIB & Traps
  • Consolidated SysLog
Logging
  • Archives component configurations
  • Checkpoints at set intervals
Consolidated collectionlatform with the new Vblock System 240. The Vblock System 240 is the perfect pre-configured system 

VCE launches the new Vblock System 540 with an all flash array

VCE, the leader in converged infrastructure systems, has announced the release of a new line of products led by the industry’s first converged infrastructure with an all flash based array.










The Vblock System 540 contains the latest in next generation Cisco UCS servers, Cisco ACI-ready network devices, and an EMC XtremIO array; all of which combine to provide a whooping 1M+ potential IOPS with sub-millisecond application response times that is perfect for Big Data, online transaction processing (OLTP), online analytical processing (OLAP) and end-user computing. The Vblock System 540 is extremely scalable with up to 192 Cisco UCS M3 or M4 B-series blade servers, and between 10 TB and 120 TB of raw storage capacity with the option of attaching an EMC Isilon storage array. The Vblock System 540 datasheet with all the details can be found here.


VCE has also released an updated version of the flagship converged infrastructure platform in the new Vblock System 740. The Vblock System 740 is designed with unmatched performance and capacity in mind, using the newest next generation Cisco UCS servers, Cisco ACI-ready network devices, and the EMC VMAX3 storage arrays to offer up 3x performance and 2x storage bandwidth over the previous Vblock System 700 model. This beast has support for up to 512 Cisco UCS blades and 4 PB of usable storage! Check out the full set of specs on the Vblock System 740 here.

To round out the spectrum of products, VCE has updated the entry level converged infrastructure platform with the new Vblock System 240. The Vblock System 240 is the perfect pre-configured system for private cloud solutions, utilizing the VNX5200 unified storage system, all in a single rack solution ready to drop into your datacenter in as little as 45 days after your order. See the full set of details here.

Couple these new products, with the VCE Support team that provides world class white-glove service and you have your next datacenter purchase. Visit http://www.vce.com or contact an authorized VCE reseller to see about acquiring your Vblock System.

Wednesday, October 1, 2014

VMware EVO RAIL

Introducing EVO:RAIL





VMware EVO:RAIL combines compute, networking,and storage resources into a hyper-converged infrastructure appliance to create a simple, easy to deploy, all-in-one solution offered by Qualified EVO:RAIL Partners.

EVO:RAIL enables power-on to Virtual Machine creation in minutes, radically easy VM deployment, easy non-disruptive patch and upgrades, simplified management…you get the idea.

Software-Defined Building Block

EVO:RAIL is a scalable Software-Defined Data Center (SDDC) building block that delivers compute, networking, storage, and management to empower private and hybrid cloud, end-user computing, test/dev, and branch office environments.

Trusted Foundation

Building on the proven technology of VMware vSphere, vCenter Server™, and VMware Virtual SAN™, EVO:RAIL delivers the first hyper-converged infrastructure appliance 100 percent powered by VMware software.

Highly Resilient by Design

Resilient appliance design starting with four independent hosts and a distributed Virtual SAN datastore ensures zero application downtime during planned maintenance or during disk, network, or host failures.

Infrastructure at the Speed of Innovation

Meet accelerating business demands by simplifying infrastructure design with predictable sizing and scaling, by streamlining purchase and deployment with a single appliance SKU, and by reducing CapEx and OpEx.

EVO:RAIL Software Bundle

  • EVO:RAIL rapid deployment, configuration and management engine.
  • Compute, network and storage virtualization enabled with vSphere and Virtual SAN


Monday, July 7, 2014

VMware announces opens public beta for Next-gen of vSphere 6


VMware has publicly released another beta version of vSphere 6.0, the next major update to its hypervisor technology.

As a part of that second public beta comes after a relatively small private Beta 1 gives the possibility to virtually any customer to test the next release of VMware’s flagship product, gaining some competitive advantages on its side and providing precious feedbacks to the vSphere Team.

Information posted at the VMware Community vSphere Beta Landing Page indicates that the vSphere 6.0 private beta is being opened up publicly to accelerate testing on a wider scale.

https://communities.vmware.com/viewwebdoc.jspa?documentID=DOC-27030&communityID=5854


VMware vSphere 6 introduces many new features and enhancements to further extend the core capabilities of the virtualization platform.


OS Enhancements


Linked Mode Enhancements


Sunday, June 22, 2014

vCenter 5.5 Profile Driven Storage and Storage Monitoring Service Failure

I’d been having a bit of a frustrating time recently with the Profile Driven Storage Service and the Storage Monitoring Service in my vCenter 5.5 system. For some reason they just wouldn’t start. Their health check service would continually fail and give a HTTP 503 Error. The logs were also not very helpful with regard to what was going on. The VMware KB was also no help with this particular issue as it had nothing to do with the known problem around using custom ports for the services. I was almost at a total loss and then I stumbled across the solution.

Going through the logs, searching the VMware KB and Googling didn’t help. Just rebooting hadn’t helped either. Then I noticed that vCenter was consuming a lot of memory. vCenter has become a bit of a memory hog over the versions. Even though I’m not running a huge environment I already had vCenter configured with 16GB RAM, all of which it was already consuming.

I though to myself, I wonder if it’s just because there isn’t enough RAM allocated? I checked my host to ensure I had some RAM to spare and I was in luck. I shutdown my vCenter, logged directly into the host and increased it’s allocated RAM to 24GB.  After the reboot I waited patiently for all the services to start. After all the services had restarted, this is what I was greeted with when checking the vCenter Service Status:



All green lights! Excellent.

If you’re Profile Driven Storage Service or Storage Monitoring Service isn’t working. Try giving vCenter some more RAM. It’s a simple solution and might quickly solve your problem. If not, then it’s time to seek additional assistance. As always comments and feedback are welcome.

Thursday, June 12, 2014

Architecting vCenter Single Sign On 5.5 (SSO)

In this article I will specifically talk about Best Practices around vCenter Single Sign-On Server and the related components. I would began this discussion with giving you a bite into the need and importance of vCenter Single-Sign On and later move towards recommendations on how to lay out the architecture of SSO. I would also like to give the credits for these slides to Nick Marshall from VMware

  • As mentioned in the slide above, vCenter SSO is the Authentication Platform for just the vSphere and related management components. This is very commonly mistaken as an enterprise wide single sign on solution.You do not have to buy a separate license for SSO as it is a part of the vCenter License and installation bundle.
  • SSO was launched with vCenter 5.1 and is now shipped along with vCenter 5.5 as well. SSO forms the authentication domain in a vSphere Infrastructure, hence a user unlike earlier version of vCenter, does not log in directly to vCenter Server. A user when logs into vCenter either via Web Client or C# client (thick client), first hits the SSO server which can be integrated to an AD/LDAP resource for user mapping. At this point a SAML 2.0 token is generated for the user which is exchanged as user credentials for that user to log in to vCenter or other vSphere Components which are supported today by vCenter SSO.
  • No operational SSO means no access to vSphere Components, hence it is the first component which needs to be designed and implemented to have a stable access mechanism.

VMware solutions which are integrated with vCenter SSO today. This makes it even more obvious that SSO is here to stay and we need to ensure that we design & implement it properly for a stable infrastructure.



  • Nearly all the components in a VMware Stack are integrated with SSO.
  • It is important to note that for vCloud Director the Provider Side of things are integrated with SSO. 
  • From a future perspective, I can clearly see VMware integrating SSO with other components of the management stack in the days to come.

For those who have used SSO with vSphere 5.1 would agree that there were issues & concerns around implementing and using SSO. There was a lot of buzz around the community which was not in favor of the concept of Single Sign-On as a vSphere component. I, being hands on guy would completely agree with the community since I faced many of those issues which made circles around the blogs & forums.


Thanks to the engineering teams at VMware, with vSphere 5.5, the entire SSO was re-written. This was a great move since it not only solved all the issues which were noticed in 5.1, it also improved the performance of the vCenter Server in its new avatar. Let’s have a quick look on what is new with vCenter Single Sign-On 5.5.
I believe the slide itself is self-explanatory, however I would like to point out to a few changes which I am impressed with. One being Built-in Replication and the other being Exclusion of Database. With these features you do not have to manually update new roles/users if you have multiple SSO instances. You can just go ahead and update one site and the replication will take care of syncing that information between all the SSO servers which are paired together. With no database, you do not have to run those nasty scripts to ensure you have a working database for SSO. Quite Cool.

On this note let's see what deployment models & upgrade options you have with vCenter SSO 5.5 in the slide below.

  • If you upgrade from vCenter 5.1 to vCenter 5.5, you can do so from any of the existing deployment model which you chose while install 5.1.
  • If you have the option of re-installing or if you are installing the vCenter 5.5 for the first time, you do not have to worry about the complex deployment models at all. You can use a Single Virtual Machine for all vCenter components, within same site or across the sites. In case you have 6 or more local vCenter, then you can have a single instance of SSO server, where all the vCenter servers will talk to this SSO server for authentication. This is to avoid multiple streams of replications among the SSO servers within the same site.
The recommendation of having a single virtual machine for all the components of the vCenter Server is showcased in the slide below.

  • Use the simple installer to have all the components install on the same virtual machine, rather than performing a split install.
  • You can install the database here, however having it on a separate VM would be beneficial when the environment scales.
  • Make sure you give enough compute power to this single virtual machine as it is hosting all the components.
Let us also look at recommendations around multi-site deployment model in the last slide.
  • Each site runs all its components individually while SSO replication maintains a single SSO domain across sites.
  • Use of Linked Mode configuration can give you a single pane of glass here.
  • So a simple install at each site would be the Best way getting rid of all the SSO nightmares you can think of.

vSphere ESX - Server 2012 - 3D Graphics Option 'Greyed Out'

Problem

Whilst attempting to add 3D graphic support to a Windows Server 2012 guest VM, the option was greyed out.



Solution



1. Locate the .vmx file for this virtual machine and download it so you can edit it (Select a Host > Configuration > Storage > {Storage the guest is on} > Right Click > Browse Data Store > {Guest VM Name}) > Download.


2. Edit the file, and add the following to the end of the vmx file;

mks.enable3d = TRUE




3. Upload the file back to your storage, at this point I checked and it was still greyed out. I had to remove the VM from the inventory* then add it back to the inventory.

*WARNING: Remove it from the inventory by right clicking the VM in the VI Client. DO NOT Delete it from Disk!



Monday, June 9, 2014

vSphere Hardening Guide 5.5 Update 1 Released!

I’m happy to announce the general availability of the vSphere Hardening Guide for vSphere 5.5 Update 1. This has been a work in progress for a little while now and I’m glad to get it out there!

There are 4 new additions to the guide. Please review.


  • enable-VGA-Only-Mode: Used for server VM’s that don’t need a graphical console. e.g. Linux web servers, Windows Core, etc.
  • disable-non-essential-3D-features: Remove 3D graphic capabilities from VM’s that don’t need them.
  • use-unique-roles: A new companion control to use-service-accounts. If you have multiple service accounts then each one should have a unique role with just enough privs to accomplish their task. This is in line with least-priv operations
  • change-sso-admin-password: A great catch. When installing Windows vCenter, you’re prompted to change the password of administrator@vsphere.local. When installing the VCSA in a default manner you are not. This control reminds you to go back and do that.
  • The rest are formatting, spelling, clarification, etc.. One interesting change is the “enable-nfc-ssl” control. That has been renamed to “verify-nfc-ssl” now that SSL is enabled by default in 5.5 for NFC traffic. All of the changes are called out in the Change Log.
Head on over to the vSphere Hardening Guide page to grab your copy now!

Thursday, April 24, 2014

Upgrade ESXi 5.5 to ESXi 5.5 Update 1

VMware announced the update for vSphere 5.5 which is vSphere 5.5 update 1.  This update includes most of the vCloud Suite products, including VMware Virtual SAN (VSAN). It is time to upgrade your vSphere 5.5 to vSphere 5.5 update 1 to utilize the new features and also to fix the issues reported on the vSphere 5.5. It’s again the task for VMware admins to make their hands dirty with updating your vSphere 5.5. This post going to explain the procedure to upgrade the ESXi 5.5 host to ESXi 5.5 update 1.
This can be easily achieved using Update Manager but even though this post is going to explain the manual process to upgrade your ESXi host using esxcli command. Download ESXi 5.5 Update 1 from the VMware patch download page and download the ESXi 5.s update 1 zip file. Take a look at post Search and Download VMware Patches.


 Once ESXi 5.5 update 1 is downloaded, upload the update-from-esxi5.5-5.5_update01. zip file to your datastore of the ESXi host and verify the file is visible in the directory inside the datastore .Before upgrading to ESXi 5.5 update 1, verify the build version of our ESXi host. which isVMware ESXi 5.5.0 (VMKernel Release Build 1331820) 




You can verify the build version of ESXi 5.5 from the command line using the below command:
vmware -v
Execute the below command to install the ESXi 5.5 update 1 :
esxcli software vib install -d /datastore/directory/update-from-esxi5.5-5.5_update01. zip
Once ESXi 5.5 update 1 is installed on the ESXi host, You can see the message “The update completed successfully, but the system needs to be rebooted for the changes to be effective”.  Reboot the ESXi host. Once ESXi host is back after the reboot, verify the ESXi version after upgrade to ESXi 5.5 update 1.
Build version for the ESXi 5.5 update  1 is VMware ESXi 5.5.0 (VMkernel Release Build 1623387)
 That’s it. We are done with the upgrade to ESXi 5.5 to ESXi 5.5 update 1. I hope this is informative for you. 

Wednesday, April 23, 2014

OpenSSL heartbleed bug – VMware products

Most probably you are aware about recent finding by The bug was independently discovered by security firm Codenomicon and a Google Security engineer. Heartbleed.com has a detailed explanation of the issue, which is related to the “heartbeat” section of OpenSSL’s transport layer security (TSL) protocols and has been in the wild since March 2012. If you’re running a server with OpenSSL 1.0.1 through 1.0.1f, it’s vital that you update to OpenSSL 1.0.1g immediately. Within next few days you should expect massive flow of the companies KB with list of products which are affected and unaffected by OpenSSL bug. 

VMware already released KB2076225 with a list of systems which are affected by this bug. Long story short if have old releases of VMware systems most probably you are not affected. Below you can find short-listed VMware products which are in the KB, to see full list of affected VMware products check mentioned KB article above.

These VMware products that ship with OpenSSL 1.0.1 have been confirmed to be affected:

•         ESXi 5.5
•         vCenter Server 5.5
•         VMware Fusion 6.0.x
•         VMware vCloud Automation Center (vCAC) 5.1.x
•         VMware vCloud Automation Center (vCAC) 5.2.x
•         VMware Horizon Mirage 4.4.0
•        vFabric Web Server 5.0.x – 5.3.x (For remediation details, see the                   Security Advisory on Critical Updates to vFabric Web Server document.)
•         VMware vCloud Networking and Security (vCNS) 5.1.3
•         VMware vCloud Networking and Security (vCNS) 5.5.1

These VMware products that ship with OpenSSL 0.9.8 have been confirmed to be unaffected:

•         ESXi/ESX 4.x
•         ESXi 5.0
•         ESXi 5.1
•         VMware Fusion 5.x
•         VMware vCenter Server 4.x
•         VMware vCenter Server 5.0
•         VMware vCenter Server 5.1
•         VMware vCenter Server Appliance (vCSA) 5.x
•         VMware vCloud Automation Center (vCAC) 6.x

VMware released first bunch of patches for their products related to hearthbleed bug discovered in OpenSSL library, see details below.


vSphere 8 Security Configuration & Hardening

    The VMware vSphere Security Configuration & Hardening Guide (SCG) has evolved significantly over the past fifteen years, remaining...