My Journey for VCAP6.5-DCV Design Certification

About the Journey

A career that began teaching Word Perfect for DOS classes (92), building computers for local VAR (93-94), repairing computer hardware/troubleshooting software (94), installing and maintaining Novell Netware Systems/Networks (95-98), and starting/owning both an Internet Service Provider (ISP) and a VAR/Systems Integrator company (95-03) has led to a very fulfilling career.  Skipping forward this leads into my journey with VMware and why I have chosen to take the journey even further.  Certification to me is validation of a skill set and loving VMware products has been at the forefront the last 12 years.  I have maintained at least one VCP certification(s) since 2009.  

Wanting to further validate the design or architect skills it became apparent that the VCAP was the next logical step.  I started studying for 3V0-624 after completing 2V0-622D exam on Feb. 5, 2019.  I took a fast track thinking I was prepared to take 3V0-624.  I scheduled the exam for merely one week from the 2V0-622D exam.  After failing the exam on Feb. 12, 2019, I started studying furiously (see below for resources used) and scheduled a second attempt.  On March 7, 2019 I passed 3V0-324 to earn the VMware Certified Advanced Profession 6.5 - Data Center Virtualization Design Certification.  I hope this information helps someone increase their knowledge and pass the certification.

 

Resources

Book: VMware vSphere 6.X Datacenter Design Cookbook - Second Edition

Book: It Architect: Foundation in the Art of Infrastructure Design: A Practical Guide for It Architects

 

Other VCAP Study Sites Used (excellent resources) Big thanks to these individuals

Zlatko Mitev - VCAP6.5-DCV Design Prep-Guide
Gregg Robertson - VCAP6-Deploy & Design
Daniel Paluszek - Achievement Unlocked: VMware VCAP 6.5 DCV 3v0-624 Exam – Summary and Tips 
David Stamen - VCAP6.5-DCV Design Experience
BuildVirtual.net - VCAP6-DCV Design Journey

There is a need to understand this Information

CADs : Constraints, Assumptions (Risks, Requirements) & Dependencies 
Design Examples
Configuration Maximums 
High Availability – Understanding the amount of downtime percentage that equates to year, month, week, day per calculation. 
VMware vSphere basics: understanding Resource Pools
vSphere 6.0 - Configure and Manage Resource Pools

Online Video Resources

#vBrownBag VCAP6-DCV Design 3V0-622 Obj 1.1 with #VCDX’s @JasonTweet7889 @GreggRobertson5 
#vBrownBag VCAP6-DCV Design Objective 1.2 with Mark Gabryjelski @MarkGabbs 
#vBrownBag VCAP6-DCV Design 3V0-622 Obj 1.3 with #VCDX @RebeccaFitzhugh 
#vBrownBag VCAP6-DCV Design 3V0-622 Obj 2.1 with #VCDX @PCradduck
#vBrownBag VCAP6-DVC Design Objective 2.1 with Paul Cradduck @pcradduck
#vBrownBag VCAP6-DVC Design Objective 3.1 with Joe Clarke @elgwhoppo

Practice Tests

vMusketeers Unofficial Test for VCAP6-DCV Design
Elastic Sky Unofficial Tests 

My Notes

IBFT - iSCSI Boot Firmware Table
VMCP - Virtual Machine Component Protection
VAAI - vSphere API for Array Integration Offload certain operations like cloning, deploying VMs from templates, storage vMotion
VASA - VMware API for Storage Awareness
VVOL - Supported FCoE, iSCSI, NFS (Not Supported: RDM SIOC SDRS) VASA required, storage provider required

Functional vs Non-Functional

Functional - Does it do something, yes or no?  A functional requirement specifies a function that a system or component must be able to perform.  It is more of a business function, not really a technical function

Examples: 

1. Does the solution provide a platform that is supported by the application vendor.

2. The design must be PCI 3.0 compliant

Non-Functional - Requires a specific criteria to judge the system, how well or fast does it do it?  A non-functional requirement is a statement of how a system must behave, it is a constraint upon the systems behavior.  More of a constraint and generally have metrics. 

Examples: 

 

  • Enough storage throughput in IOPS
  • The design should account for 20% growth of CPU/Memory/Network and Storage over the next 3 years

 

RCARs = Requirements, Constraints, Assumptions, Risks

Requirement - Must be provided and a solution must achieve these requirements. 

Constraint - Conditions that provide boundaries to the design.   Things that limit my choices!

Assumption - Conditions that are believed to be true, but are not confirmed.  

Risk - Factors that might have a negative effect on the design.  The design must do!

Example Questions from vBrownbag

Requirement The design should provide a centralized management console to manage both datacenters
Assumption The customer provides sufficient storage capacity for building the environment
Constraint The storage infrastructure must use existing EMC storage arrays for this project
Requirement The platform should be able to function with project growth of 20% per year
Assumption Active Directory is available in both sites
Requirement Solution should leverage and integrate with existing directory services
Risk Both server racks are subject to the same environmental hazards
Assumption BC/DR plans will be updated to include new hardware and workloads
Requirement The SLA is 99% uptime
Constraint External access must be through standard corporate VPN Client

RAMPS = Recoverability, Availability, Manageability, Performance, Security

Recoverability – Requires the ability to recover from an unexpected event which affects the availability of a system or environment. Backups, business continuity, and disaster recovery are to be addressed here.

Availability – This requires deliver of highly available solutions that comply with SLAs, as measured by percent uptime of relevant components. Example: requirements that concern High Availability.

Manageability – Anything about managing the environment and maintaining normal operations. Items such as ability to scale or how elastic the system is. This could cover topics such as logging, alerting, and reporting.

Performance – Requirements around responsiveness of components of the designed environment. Compute speeds or number of cores, storage space, storage IOPS, network etc.

Security – Any requirement for controls, confidentiality, integrity, accessibility, governance, and risk management, this will usually include some ability to prove or accomplish compliance with regulation.

Ideas -> Business Goals -> Requirements, Assumptions, Constraints -> Conceptual Design -> Logical Design -> Physical Design

Conceptual Design is an early phase of the design process, in which the broad outlines of function and form of something are articulated. It includes the design of interactions, experiences, processes and strategies.

Logical Design is a conceptual, abstract design. You do not deal with the physical implementation details yet; you deal only with defining the types of information that you need. The process of logical design involves arranging data into a series of logical relationships called entities and attributes.

Physical Design is the process of transforming a circuit description into the physical layout, which describes the position of cells and routes for the interconnections between them.

All the Best,

Sean

 

Passwords: Ending an era…

Passwords: Ending an era…

As I think back to “the old days” in the authentication world, we’ve come a long way; or have we?  In the early 90’s I ran a BBS, who knows what that is?  I required users to connect with a username and password of their choice.  Sounds like what we do today.  While login names and passwords have become increasingly complex the process has not changed.  Tell me, who you are and I will let you in!  This is a great strategy, actually it’s not.  There are millions if not billions of login credentials stolen annually and the majority of data breaches involve stolen credentials.  NY Times reports in August 2014 “Russian Hackers Amass Over a Billion Internet Passwords” and InformationWeek DarkReading reports in April 2014 “Stolen Passwords Used In Most Data Breaches”.  In the technology world we live in today, a username and password by itself is not enough, I repeat, a username and password by itself is not enough.  Have you been or known someone who’s been hacked?  We all do.  Simple steps can reduce the chances drastically for both businesses and personally.

  1. Use multi-factor authentication

    1. What is multi-factor authentication?  Wikipedia says; Multi-factor authentication (MFA) is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism - typically at least two of the following categories: knowledge (something they know); possession (something they have), and inherence (something they are).

    2. Many sites already offer multi-factor authentication.  Turn this feature on.  If you are a business owner add this to access your business resources.

      1. Banks – usually required

      2. Facebook – optional

      3. Google – optional

      4. Amazon – optional

    3. Reduce the complexity and time between password changes.

      1. Change the password requirements to be less complex and less characters required after adding addition factor to the authentication process.

      2. Reduce the frequency between password changes.  If the policy is currently 90 days perhaps 180 days is now acceptable after adding addition factor to the authentication process.

  2. Close access to resources not secured by multi-factor authentication

    1. Shutdown access from outside your network to resources inside your network which are not secured with multi-factor authentication.

    2. Provide a way to access those resources once inside a resource (virtual desktop, published application, etc) within the boundaries of your network.

That’s great Sean, but how do I accomplish the recommendations you have made?  To start with login to each of the sites you use and see if they offer multi-factor authentication.  Usually this will be something like; send me an email or text before allowing access.  If you are a business look at products like Duo, AuthAnvil, Azure, and others to add this functionally to your infrastructure.  The main idea is to determine what needs to be secured, then you can determine the best multi-factor product to secure it.

In conclusion, while all of these technologies have been in existence for many years the viability is now such all sizes of business should adopt.  The deployment of multi-factor products has simplified and with smartphones end user acceptance and adoption is very high.

Windows 10 KMS Activation against Windows Server 2012 R2 KMS Server

Note: This document assumes the Windows Server 2012 R2 is running the VA Services Role (KMS Server) if it is not install the Role and follow these steps.

Update Windows 2012 R2 to support activating Windows 10

https://support.microsoft.com/en-us/kb/3058168

Call Microsoft Volume Licensing to get Windows Srv 2012R2 DataCtr/Std KMS for Windows 10 Key

Support Center Contact Info
Country:  United States
Email(s): vlserva@microsoft.com
Toll Free Number(s): (866) 230-0560
Hours of Operation: 5 AM – 5 PMPST Mon - Fri
Languages Supported: English and French

  1. Login to VLSC

  2. In VLSC - click License, then Relationship Summary.

  3. Now click the License ID of your current Active license.

  4. Once the page changes, click Product Keys.

  5. Scroll down the list and look for "Windows Srv 2012R2 DataCtr/Std KMS for Windows 10". Use this key.

Add the new key you obtained by calling Microsoft Volume Licensing

  1. Open an elevated command prompt (admin)

    1. slmgr /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX (replace with your Windows Srv 2012R2 DataCtr/Std KMS for Windows 10 KMS Key obtained above)

    2. slmgr /ato

    3. slmgr /dlv

    4. Add the Windows 10 KMS Client Key to your clients:

Windows 10 Professional

 

W269N-WFGWX-YVC9B-4J6C9-T83GX

Windows 10 Professional N

 

MH37W-N47XK-V7XM9-C7227-GCQG9

Windows 10 Enterprise

 

NPPR9-FWDCX-D2C8J-H872K-2YT43

Windows 10 Enterprise N

 

DPH2V-TTNVB-4X9Q3-TJR4H-KHJW4

Windows 10 Education