
Phenomenal Power: Automating Dell EMC vSAN Ready Nodes
Tue, 16 Nov 2021 21:07:04 -0000
|Read Time: 0 minutes
Dell EMC vSAN Ready Nodes have Identity Modules that act at the lowest level of a node and imbues a host with special features and characteristics. In this blog, we explore how to use the attributes of the Identity Module to automate tasks in a vSphere environment.
Let’s start out by identifying all the Dell EMC vSAN Ready Nodes in our environment and displaying some information about them, such as the BIOS version of each host and vSphere version. After we learn about the hosts in our environment, we will discover what VMs are running on those hosts. We’ll do all of this through VMware’s PowerCLI, which is a plug-in for Microsoft PowerShell.
Note: We could also easily do this using other tools for vSphere such as Python (with pyVmomi), Ansible, and many others.
The environment we are using is a small environment using three Dell EMC vSAN Ready Nodes R740 with identity modules. All three nodes are running ESXi 7.0 U2 (vSAN 7.0 Update 2). VMware vSAN is using an all flash configuration. The code we are discussing in this post should work across current Dell EMC vSAN Ready Nodes and current vSphere releases.
The code displayed below may seem trivial, but you can use it as a base to create powerful scripts! This unlocks many automation capabilities for organizations. It also moves them further along in their autonomous operations journey. If you’re not familiar with autonomous operations, read this white paper to see where your organization is with automation. After reading it, also consider where you want your organization to go.
We’re not going to cover many of the things necessary to build and run these scripts, like connecting to a vSphere environment. There are many great blogs that cover these details, and we want to focus on the code for Dell EMC vSAN Ready Nodes.
In this first code block, we start by finding all the Dell EMC vSAN Ready Nodes in our environment. We use a ForEach-Object loop to do this.
Get-VMhost -State "connected" | ForEach-Object { if ($_.ExtensionData.hardware.systemInfo.model.contains("vSAN Ready Node")){ echo "=================================================" echo "System Details" echo "Model: " $_.ExtensionData.hardware.systemInfo.model echo "Service Tag: " $_.ExtensionData.hardware.systemInfo.serialNumber echo "BIOS version: " $_.ExtensionData.hardware.biosInfo.biosVersion echo "ESXi build: " $_.ExtensionData.config.product.build } }
This code snippet assumes we have connected to a vSphere environment with the Connect-VIServer command. It then creates a view of all the hosts in the environment using the Get-VMhost command, the results of which are passed to the ForEach-Object loop using the | (pipe) symbol. We then loop through this view of hosts using a ForEach-Object command and look at the hardware.systemInfo.model property of each host. The object of focus, one of the discovered hosts, is represented by the $_ variable, and to access the properties of the host object, we use the ExtensionData property. We check each host with a conditional method, .contains(), added on to the end of the property we want to check. Using the .contains method, we check if the hardware.systemInfo.model contains “vSAN Ready Node”. This string is a property that is unique to Dell EMC vSAN Ready Nodes and the Identity Module. It’s set at the factory when the Identity Module is installed.
If the system is a Dell EMC vSAN Ready Node with an Identity Module, we then display information from the hardware.systemInfo and the hardware.biosInfo, specifically the system’s BIOS version. We also collect the vSphere build of the host using the config.product property of the host.
As we loop through each host, we only display these details for the Dell EMC vSAN Ready Nodes in the environment that have Identity Modules. This results in output similar to the following:
The remainder of the nodes are excluded from the output shown here:
PS C:> .\IDM_Script.ps1 ================================================= System Details Model: PowerEdge R740 vSAN Ready Node Service Tag: [redacted] BIOS version: 2.1.12 ESXi build: 18538813
This provides relevant information that we can use to create automated reports about our environment. You can also use the script as the basis for larger automation projects. For example, when a new Dell EMC vSAN Ready node is added to an environment, a script could detect that addition, perform a set of tasks for new Dell EMC vSAN Ready Nodes, and notify the IT team when they are complete. These sample scripts can be used as a spark for your own ideas.
This next script uses the same for loop from before to find the hosts that are Dell EMC vSAN Ready Nodes and now looks to see what VMs are running on the host. From this example, we can see how the Identity Module is integral in automating the virtual environment from the hosts to the virtual machines.
Get-VMhost -state "connected" | ForEach-Object { if ($_.ExtensionData.hardware.systemInfo.model.contains("vSAN Ready Node")){ echo "=================================================" echo "System Details" echo "Model: " $_.ExtensionData.hardware.systemInfo.model echo "Service Tag: " $_.ExtensionData.hardware.systemInfo.serialNumber echo "BIOS version: " $_.ExtensionData.hardware.biosInfo.biosVersion echo "ESXi build: " $_.ExtensionData.config.product.build echo "+++++++++++++++++++++++++++++++++++++++++++++++++" echo "$_ list of VMs:" Get-VM -Location $_ | ForEach-Object{ echo $_.ExtensionData.name } } }
This new code snippet, shown in bold, builds on the previous example by looping through our hosts looking for the “vSAN Ready Node” as before. When it finds a matching host, it creates a new view using the Get-VM command, consisting of the virtual machines for that host. The host is specified using the -Location parameter, to which is passed the current host represented by the $_. We then use another ForEach-Object loop to display a list of VMs on the host.
This gives our code context. If an action is carried out, we can now define the scope of that action, not just on the host but on the workloads it’s running. We can start to build code with intelligence — extracting a greater value from the system, which in turn provides the opportunity to drive greater value for the organization.
As I said earlier, this is just the starting point of what is possible when building PowerCLI scripts for Dell EMC vSAN Ready Nodes with Identity Modules! Other automation platforms, like Ansible, can also take advantage of the identity module features. We only covered the basics, but there are enormous possibilities beyond discovery operations. The nuggets of knowledge in this blog unlock numerous opportunities for you to build automations that empower your data center.
For more information see Dell EMC vSAN Ready Nodes overview and the Dell EMC VSAN Ready Nodes blog site.
Author Information
Tony Foster
Related Blog Posts

Dell EMC vSAN Ready Nodes: Taking VDI and AI Beyond “Good Enough”
Mon, 18 Oct 2021 13:06:37 -0000
|Read Time: 0 minutes
Some people have speculated that 2020 was “the year of VDI” while others say that it will never be the “year of VDI.” However, there is one certainty. In 2020 and part of 2021, organizations worldwide consumed a large amount of virtual desktop infrastructure (VDI). Some of these deployments went extremely well while other deployments were just “good enough.”
If you are a VDI enthusiast like me, there was much to learn from all that happened over the last 24 months. An interesting observation is that test VDI environments turned into production environments overnight. Also, people discovered that the capacity of clouds is not limitless. My favorite observation is the discovery by many IT professionals that GPUs can change the VDI experience from “good enough” to enjoyable, especially when coupled with an outstanding environment powered by Dell Technologies with VMware vSphere and VMware Horizon.
In this blog, I will tell you about how exceptional VDI (and AI/ML) is when paired with powerful technology.
This blog does not address cloud workloads as it is a substantial topic. It would be difficult for me to provide the proper level of attention in this blog, so I will address only on premises deployments.
Many end users adopt hyperconverged infrastructure (HCI) in their data centers because it is easy to consume. One of the most popular HCIs is Dell EMC VxRail Hyperconverged Infrastructure. You can purchase nodes to match your needs. These needs range from the traditional data center workloads, to Tanzu clusters, to VDI with GPUs, and to AI. VxRail enables you to deliver whatever your end users need. Your end users might be developers working from home on a containers-based AI project and they need a development environment, VxRail can provide it with relative ease.
Some IT teams might want an HCI experience that is more customer managed but they still want a system that is straightforward to deploy, validate, and is easy to maintain. This scenario is where Dell EMC vSAN Ready Nodes come into play.
Dell EMC vSAN Ready Nodes provide comprehensive, flexible, and efficient solutions optimized for your workforce’s business goals with a large choice of options (more than 250 as of the September 29, 2021 vSAN Compatibility Guide) from tower to rack mount to blades. A surprising option is that you can purchase Dell EMC vSAN Ready Nodes with GPUs, making them a great platform for VDI and virtualized AI/ML workloads.
Dell EMC vSAN Ready Nodes supports many NVIDIA GPUs used for VDI and AI workloads, notably the NVIDIA M10 and A40 GPUs for VDI workloads and the NVIDIA A30 and A100 GPUs for AI workloads. There are other available GPUs depending on workload requirements, however, this blog focuses on the more common use cases.
For some time, the NVIDIA M10 GPU has been the GPU of choice for VDI-based knowledge workers who typically use applications such as Microsoft PowerPoint and YouTube. The M10 GPU provides a high density of users per card and can support multiple virtual GPU (vGPU) profiles per card. The multiple profiles result from having four GPU chips per PCI board. Each chip can run a unique vGPU profile, which means that you can have four vGPU profiles. That is, there are twice as many profiles than are provided by other NVIDIA GPUs. This scenario is well suited for organizations with a larger set of desktop profiles.
Combining this profile capacity with Dell EMC vSAN Ready Nodes, organizations can deliver various desktop options yet be based on a standardized platform. Organizations can let end users choose the system that suites them best and can optimize IT resources by aligning them to an end user’s needs.
Typically, power users need or want more graphics capabilities than knowledge workers. For example, power users working in CAD applications need larger vGPU profiles and other capabilities like NVIDIA’s Ray Tracing technology to render drawings. These power users’ VDI instances tend to be more suited to the NVIDIA A40 GPU and associated vGPU profiles. It allows power users who do more than create Microsoft PowerPoint presentations and watch YouTube videos to have the desktop experience they need to work effectively.
The ideal Dell EMC vSAN Ready Nodes platform for the A40 GPU is based on the Dell EMC PowerEdge R750 server. The PowerEdge R750 server provides the power and capacity for demanding workloads like healthcare imaging and natural resource exploration. These workloads also tend to take full advantage of other features built into NVIDIA GPUs like CUDA. CUDA is a parallel computing platform and programming model that uses GPUs. It is used in many high-end applications. Typically, CUDA is not used with traditional graphics workloads.
In this scenario, we start to see the blend between graphics and AI/ML workloads. Some VDI users not only render complex graphics sets, but also use the GPU for other computational outcomes, much like AI and ML do.
I really like that I can run AI/ML workloads in a virtual environment. It does not matter if you are an IT administrator or an AI/ML administrator. You can run AI and ML workloads in a virtual environment.
Many organizations have realized that the same benefits virtualization has brought to IT can also be realized in the AI/ML space. There are additional advantages, but those are best kept for another time.
For some organizations, IT is now responsible for AI/ML environments, whether delivering test/dev environments for programmers or delivering a complete AI training environment. For other IT groups, this responsibility falls to highly paid data scientists. And for some IT groups, the responsibility is a mix.
In this scenario, virtualization shines. IT administrators can do what they do best: deliver a powerful Dell EMC vSAN Ready Node infrastructure. Then, data scientists can spend their time building systems in a virtual environment consuming IT resources instead of racking and cabling a server.
Dell EMC vSAN Ready nodes are great for many AI/ML applications. They are easy to consume as a single unit of infrastructure. Both the NVIDIA A30 GPU and the A100 GPU are available so that organizations can quickly and easily assemble the ideal architecture for AI/ML workloads.
This ease of consumption is important for both IT and data scientists. It is unacceptable when IT consumers like data scientists must wait for the infrastructure they need to do their job. Time is money. Data scientists need environments quickly, which Dell EMC vSAN Ready Nodes can help provide. Dell EMC vSAN Ready Nodes deploy 130 percent faster with Dell EMC OpenManage Integration for VMware vCenter (OMIVV) (Based on Dell EMC internal competitive testing of PowerEdge and OMIVV compared to Cisco UCS manual operating system deployment.)
This speed extends beyond day 0 (deployment) to day 1+ operations. When using the vLCM and OMIVV, complete hypervisor and firmware updates to an eight-node PowerEdge cluster took under four minutes compared to a manual process, which took3.5 hours.(Principle Technologies report commissioned by Dell Technologies, New VMware vSphere 7.0 features reduced the time and complexity of routine update and hardware compliance tasks, July 2020.)
Dell EMC vSAN Ready Nodes ensures that you do not have to be an expert in hardware compatibility. With over 250 Dell EMC vSAN Ready Nodes available (as of the September 29, 2021 vSAN Compatibility Guide), you do not need to guess which drives will work or if a network adapter is compatible. You can then focus more on data and the results and less on building infrastructure.
These time-to-value considerations, especially for AI/ML workloads, are important. Being able to deliver workloads such as AI/ML or VDI quickly can have a significant impact on organizations, as has been evident in many organizations over the last two years. It has been amazing to see how fast organizations have adopted or expanded their VDI environments to accommodate everyone from knowledge workers to high-end power users wherever they need to consume IT resources.
Beyond “just expanding VDI” to more users, organizations have discovered that GPUs can improve the end-user experience and, in some cases, not only help but were required. For many, the NVIDIA M10 GPU helped users gain the wanted remote experience and move beyond “good enough.” For others who needed a more graphics-rich experience, the NVIDIA A40 GPU continues to be an ideal choice.
When GPUs are brought together as part of a Dell EMC vSAN Ready Node, organizations have the opportunity to deliver an expanded VDI and AI/ML experience to their users. To find out more about Dell EMC vSAN Ready Nodes, see Dell EMC vSAN Ready Nodes.
Author: Tony Foster Twitter: @wonder_nerd LinkedIn: https://linkedin.com/in/wondernerd

Enhancing your Data Center Security with VxRail
Fri, 28 Jul 2023 22:16:57 -0000
|Read Time: 0 minutes
In addition to providing operational efficiency, VxRail fundamentally sets up a secure foundation for your organization’s data center. This blog post provides a high-level overview of VxRail security. For a complete understanding of VxRail security features, read the VxRail Comprehensive Security by Design white paper or view the three-part video series VxRail Security: A Secure Foundation for your Data Center:
The white paper and videos provide a complete picture of how security begins with VxRail design and extends through VxRail deployment in your IT infrastructure.
As an introduction to what you can expect to learn from the videos, here’s the first of the three:
The integrated components of VxRail are designed to help secure your data center, starting from the PowerEdge server layer running on Intel or AMD processors, to the VMware vSphere (ESXi) layer integrated with vSAN for virtual storage, to the VxRail HCI system software layer that provides life cycle management through VxRail Manager (which is accessed through the vCenter plug-in), and to other add-ons from Dell and VMware, such as RecoverPoint for Virtual Machines. The video series and security by design white paper provide information about data protection and how VxRail creates a stable environment to ensure business continuity.
VxRail is engineered to employ functions of the NIST framework: protect, detect, and recover to boost cyber resiliency. VxRail includes integrated features to protect VxRail BIOS, firmware, and your organization’s data stored in vSAN. The VxRail system built on the PowerEdge server has a system lockdown feature that prevents configuration changes that may lead to security vulnerabilities. The PowerEdge hardware of the VxRail system verifies the integrity of software update files moving through the integrated stack through the embedded UEFI Secure Boot feature, which ensures that the files are from vetted sources.
Furthermore, the VxRail nodes are protected through Intel’s Trusted Execution Technology (TXT). The TXT prevents the introduction of malware into the VxRail nodes is prevented by the TXT by verifying the cryptographically signed PowerEdge server firmware, BIOS, and hypervisor version. Also, VxRail devices deployed in open environments are protected using bezel locks, preventing the introduction of malware-infected USB drives. With the bezel locks, the ports can be disabled and enabled. In addition to using bezel locks on VxRail in an open environment, VxRail satellite nodes are protected from theft and the compromise of data privacy by self-encrypting drives (SEDs).
To secure your organization’s workloads, VxRail is designed to protect data and VMs using the VxRail Manager, VMware vSphere, and vSAN. FIPS 140-2 Level 1 encrypts data in use, data at rest, and data in transit. These keys are carefully stored using Dell BSAFE Crypto-C Micro Edition and two FIPS-validated cryptographic modules using AES 256-bit.
Dell provides hardening packages for your VxRail using the Security Requirement Guide published by the Defense Information Systems Agency (DISA) for customers seeking additional security that meets their industry or sector requirements. For more information about hardening your IT infrastructure, see the resource links at the end of this post.
If you have not already watched the VxRail security video series or read the white paper, I hope this short summary of features gives you some insight into the tremendous features of VxRail security. To learn more about how VxRail provides a secure foundation for your data center through a carefully vetted supply chain, secure development life cycle, and many other features provided by VxRail, see the following resources:
- Dell VxRail: Comprehensive Security by Design
- Dell VxRail Documentation Quick Reference List—For links to the Product Security Configuration Guide, STIG Hardening Guides, and other useful support documentation)
- VxRail Info Hub—For additional technical guides, white papers, blogs, and videos
- Dell VxRail Hyperconverged Infrastructure (Dell Technologies product page)
Author:
Olatunji Adeyeye, Product Manager