vSAN

Why you should protect your Virtual SAN Network

As a common best practice you should separate management, vMotion and Virtual SAN traffic from production traffic. This is not only a performance requirement, but also for security concerns. Compared to management traffic which is encrypted and requires authentication and vMotion traffic which is impracticable to eavesdrop, Virtual SAN traffic presents a large surface area to attacks.

This article explains why it is critical to keep Virtual SAN traffic in protected networks and what can happen when you ignore this guideline. I am also explaining how you can detect and monitor such attacks.

Read More »Why you should protect your Virtual SAN Network

Building a Single-Node VSAN

single-node-vsanI was wondering if it possible to speed up my Intel NUC based ESXi with Virtual SAN. The idea is that compared against vSphere Flash Read Cache, Virtual SAN can use the SSD not only as read cache but also as write buffer. This post explains how you can create a Virtual SAN Datastore on a single ESXi host from the command-line without a vCenter Server.

It goes without saying that this is neither the idea behind Virtual SAN nor officially supported by VMware. It also violates VMware's EULA if you are running Virtual SAN without a VSAN license. To assign a licence you need a vCenter Server and wrap the single ESXi into a Cluster.

My configuration for this test:

Read More »Building a Single-Node VSAN

Reuse VSAN Claimed Disks as VMFS Datastore

During a test I used an old disk that has been previously used by Virtual SAN. The disk did not appear during the datastore creation process. I miss a flash drive here:

datastore-creationThe problem is that the disk has not been cleared from it's VSAN configuration. It has still valid VSAN partitions, so the ESXi "claims it for VSAN" what makes it impossible to create a VMFS filesystem.

Read More »Reuse VSAN Claimed Disks as VMFS Datastore