The upside of ignorance (How Innovation can thrive on the lack of knowledge)

In her “The Power of not knowing“, part of the the Stanford Technology Ventures (STVP) Entrepreneurship Corner program, Liz Wiseman, author and leadership educator, shares how insisting on “rookie mindset“, that is creating a habit that forces you to look at new goals as if you know nothing about achieving them,  in order to get new insights and accelerate your speed of delivery to an unexpected velocity.

Liz’s research shows that people who have experience in a subject matter, can have very small advantage over newbies who are determined and committed to succeed in a task. The rookies learn at very early stage they won’t make it without help. They know almost nothing on that topic, so they quickly and openly seek for advise, insight and information from the best people they can find.

Having gathered the information, rookies can see new opportunities, where experienced people won’t, because the paths to reach the target are already set. An experienced professional’s mind will short-cut to the quickest effortless route for a given goal. But the mind of the newbie will be able to see new possibilities. Those insights, screened and reviewed by the experienced guide, can lead the rookies to their goals much faster.

The research Liz has gone through shows what many “continuous successful leaders” know – they have to be humble and “play with the kids”, to be able and see something new.

That’s also an important message for human resource professionals, regarding new venues for considering candidates.

I believe you have to be an optimistic and a bit of a risk-taker, but one who also looks for ways to mitigate the possible downfalls. People who are too rational and cautious, will focus on the many ways they could fail, and choose to avoid failure by walking away from the achieving the goal. If you are an optimistic newbie, you are more likely to jump into the cold deep waters, because you would probably not realize how much effort you would have to put in, to succeed. Then it is about your enthusiasm, humbleness, determination, desire to learn and sense of curiosity to “rescue” you into innovation and success.

What’s your experience? How did you make it with a new territory, where you were the rookie?

Microsoft Cloud Platform System (CPS) vs. the World (VMware EVORails and Amazon)

Microsoft’s Cloud Platform System (CPS) vs. the World (VMware EVO:Rails and Amazon)

More bigs news from Microsoft – Microsoft’s Cloud Platform System (CPS) –  (I call it Azure Cloud “Private Edition”) –  a joint announcement from Microsoft and Dell, which offers a bundle including Dell Racks with expandble computing, storage and networking, running a private Azure cloud (on premise) that should look and work the same as Microsoft’s public Azure offering.

You can create multiple tenants to represent different groups, organizations or sub-companies and lauch Windows and Linux instances. You can expand the hardware to support hundreds or thousands of VMs.

In continuation for its future Docker based Windows containers support for Windows Server and Azure, it looks like Microsoft is on a roll. This time, looks like its Cloud Platform System offering goes head to head with VMware’s EVO:Rail offering, announced just few weeks ago in the VMware World 2014 conference. This is also an in-direct competition with Amazon’s offerings, which could have a hit-run with customers massively using Microsoft’s technologies.

This might also be a nice fresh innovative-direction for Dell, and certainly shows it is working hard to create new interesting offertings, which makes you wonder, what else is coming next.

Now its time to look deeper into the new system, maybe try and download the Windows Azure Pack and see how it can be used on your current hardware

What do you think?

Docker based Windows containers

Docker based Windows containers support for Windows Server and Azure

That’s it. Docker won over Windows containerization as well!

Microsoft just announced it will add to its support for Linux VMs running Docker Linux Containers, support of Docker engine inside Windows Server and Windows Azure, to support native Windows containers,

More info here: Docker based Windows containers

This means you will be able to develop and support your Windows Apps within a slim agile-to-maintain container. What happens to licensing is one question, and what happens to security is definitely another worthy question.

PatchMe - Quick Shell Shock and future Vulnerabilities Auto-Patcher for Multi Operating Sites

“PatchMe” – Quick Shell Shock (+future Vulnerabilities) Auto-Patcher for Heterogeneous Unix / Linux Sites

Download, comment and like it here: https://github.com/jackbezalel/patchme

I think you should like this new Shell-Shock Auto-Patcher I created (“PatchMe“). It should serve you well for future and past similar “noisy” vulnerabilities, specially if you have a lab or site with many types of “loosely” managed operating systems. This tends to happen within development labs, where you have license for every machine, but do not necessarily set or maintain them through a central patch repository.

It is also good for cases where patching is not straight-forward as it is in Ubuntu, Debian or similar free open source operating system.

I believe you will find PatchMe is simple to deploy and use. You don’t have to go through a complex massive patching, testing and mass-deploying, just to get rid of one hot vulnerability.

It is a right-to-the-point vulnerability patcher, for what is in the news, and allows you to automatically dry-test the patch, if successful run the patch live, get a central repository dynamically created during the patch process, so you have full audit of what is going on.

Here it is for use “as is” (don’t complain if it breaks anything). It may have bugs, but was tested and seems to work just fine on dozens of machines. It currently patches Red Hat 5, 6, 7 and should work well for release 4 as well. I am adding support for Solaris, including Solaris Zones scenarios and will be taking care of CentOS, HP-UX and AIX as well other Linux distributions.

Download, comment and like it here: https://github.com/jackbezalel/patchme

PatchMe uses the “patchme.sh” script which works has an NFS based repository.

All one need to do is mount the PatchMe NFS tree (directory structure in the PatchMe readme file) and run the patchme.sh script from the bin directory, followed by a vulnerability name. You could basically schedule it to run at once for all your machines or just a few of them.

You have to get the patches for the vulnerability on your own, provided your license allows it, and PatchMe will take care of installing the right patch on each machine and operating system.

Why not use your Unix or Linux distribution software update mechanism? Well, because each vendor has a different mechanism and requirements, while PatchMe is meant to reduce the time and effort, and focus on just one vulnerability each time. It allows you, the system administrator save time and effort, and keep management off your back.

Once activated, PatchMe will create a specific directory in the central repository for review and analysis, with those files for each machine and vulnerability as well as patch cycle run for it:

- Software installed on the system, pre-patching
– State of patching dry-run (will only test if patch can be deployed fine, but will not install it)
– Dry Run log
– Software packages installed on the system post patching (in case you want to consider roll back of the patch)
– State of update live-run (patched or not)
– Live patching log

Download, comment and like it here: https://github.com/jackbezalel/patchme

I am not going to work on roll-back of patches – it seems too sensitive and problematic, while we are aiming here at a simple short process.

Future planned updates:

I will work on trying to avoid using NFS.
Instead you would use a single “Patcher” machine where the NFS repository exists, (I used Red Hat 7.0) and from there use a “dropper” script that will try to login to the target machine we want to patch, via ssh, using root passwords you provide the “Dropper” with. The “Patcher” will copy a zip file with the relevant script, run it and then get the results back to the patcher repository.

The next step (maybe for Thu) could be to run a scan from the patcher machine, producing a list of Linux/Unix machines (nmap, etc) and feed this to the Dropper and PatchMe to logon to those machines and patch them.

Feel free to comment and/or advise…

Doing lots of encryption? Make sure your hardware and software uses AES-NI

While this may be an old news for you, I still see cases where it is overlooked. Intel’s processors supporting AES-NI standard can boost your encrypted data processes if the software you use utilizes the 7 processor encryption related built-in instruction set. It also includes DRNG (Dynamic Random Number Generator). So IT Managers want to make sure any server they have doing lots of encryption, has those new processors, while developers should make sure they use the AES-NI libraries for the encryption related code they create. Click here for info on AES-NI processors, software toosl and more.

VMWorld 2014 – Cool stuff you should know about

Here are my VMWorld 2014 notes about the conference’s top new solutions.

Bottom line, I expect most of those features and solutions become popular and although it starts to feel like there is “too much”, that’s our role as IT Professionals, to pick the right tools for use in the right time and place.

  1. EVO: Rail – “Data Center in a Box” – allows hardware and software ISVs to package their multi-suite software appliances into a single kit that includes shrink-wrapped manageability options (no need for vCenter and similar management tools, but they can be used if you have them). All deployed within 15 minutes!
  2. EVO: Rack – “vHardware v2.0“. Yes, “vHardware” is my term to describe the offering of integrated, data center scale hardware to support quick deployment of VMware at mass scale. In the past years it featured products such as Cisco UCS, EMC vBlock, NetAPP FlexPod). I’d say EVO: Rack is the second “vHardware” major effort, now fueled by the new “SDDC” (Software Defined Data Center) standard, including extensible racks including servers, storage, networking (from various hardware vendors) and the complete suite of VMware’s data center management products, all deployable within 2 hours and aimed to allow launching multiple Virtual Data Centers, within a single physical Data Center.
  3. vCloud AirAllows for easy transparent secure migration of VMs into and from the cloud, or across the world into and from other data centers. The policies, including network and security rules of a VM will migrate with it, and be enforced, no matter where it is migrated to. All based on the new vSphere 6.0 (Beta) engine.
  4. vCloud Realize – Management and monitoring of Operations,  Automation, Business, provided on internal external or Hybrid Cloud via vCloud Air.
  5. Contributing to and integrating with Docker containers as well as with Google Kubernetes Docker management software, both are becoming a strong standard for agile development, testing, packaging and deploying software. Essentially you can deploy and maintain Docker containers within the well-known VMware management tools, such as VMware vCenter.
  6. Pay as You Go – packaging of VMware’s products as SaaS or IaaS (some now, others in the future). That’s cool and not trivial for solutions that are dealing with infrastructure.
  7. vSphere 6 Beta now allows migration of live VMs from one GEO location to another one across the world, providing transparent network access to the VMs without any adjustment of their IP network details independently of the actual local network details for each GEO location, all based on VMware NSX technology)
  8. Policy based deployment and enforcement of SDDC: network, storage, availability, etc. Those policies automate the setup and maintenance of our VMs, and reduces the need to create and monitor operation and monitoring related scripts.
  9. Virtual Volumes (Beta): Using the Sphere APIs for Storage Awareness (VASA), it allows for the offloading of VM operations to the most common storage solutions. For example, creating a VM snapshot can be done by the storage system (EMC, NETAPP, etc), using its own means to do what until now, the VMware ESX server had to do. This complements past offering of VMware’s Virtual SAN, which aimed to replace the need for expensive physical storage solutions, by offering many of the SAN storage features through software on top of economic commodity hardware.
  10. Rapid mobile deployment of apps (temporary desktop) streamed from VMware cloud assisted by the Air-Watch technology. As an example, allows one to send a document that requires a specific APP, to another person. If the receiving party is entitled to use the relevant app, it will be available for him as soon as he tries to open that document.
  11. Federated App / Desktop Delivery via VMware AirWatch. As an example this allows a doctor to securely send a patient health test result to another expert’s mobile device, even though the expert works in another hospital. Only the doctor and the expert can collaborate on this document. All done seamlessly. App delivery and usage is streamed through VMware cloud data centers in the background so it seems delivery is instant.

That’s it for now.

Do let me know what you found out so far (I am still going through the VMWorld Brown Bag sessions).

Docker containers to rock CoreOS

Docker containers to rock CoreOS

Check out the “Docker” new slim Linux containers technology, now at the center of CoreOS

CoreOS is an easily scalable SaaS / MSP targeted Linux variant, now available on Google Compute engine as well.

Each Docker container includes a complete App / Service with all its Data Structures, similar to Ca Technology 3Tera.

http://infoworld.com/t/application-virtualization/coreos-uses-docker-put-linux-diet-242218

Going to check it out soon…