Vmware Audit
-
@Dashrender said in Vmware Audit:
@scottalanmiller said in Vmware Audit:
@Dashrender said in Vmware Audit:
@Jason said in Vmware Audit:
@DustinB3403 said in Vmware Audit:
This is the terms of service I agree to.
http://xenserver.org/overview-xenserver-open-source-virtualization/gplv2-license/13-about-xenserver-open-source/152-eula.html (without support)
It's not realistic to not have support on thousands of servers. When the Sh*t breaks out it can become a whirlwind fast..
Thats why we have RHEL and not CentOS for many things as well (some is CentOS).
This is funny - that company I mention from time time has thousands of RHEL boxes - and they too have support, but how many times have they called support? Zero? Why? because they have people on staff as good or better than the RHEL people themselves. They actively participate in reviewing and commenting on RFCs and other protocols regulations to get things working as they need them to for their platform.
I asked why they keep paying for support to RH? They didn't know.
I've seen enormous companies look at that and drop RH support just because RH products were so good that support wasn't needed. Which sucks for RH, because RH has great support.
When I was at the Wall St. firm we never needed RH support, never once in nearly a decade. We would use them, but only to back us up, never to solve the issue. They were great, but not needed at all.
So, so you were only really paying them to check a box on a form or to placate someone.
Totally for politics. Someone high up needed a checkbox that says "paying for support that isn't the support we hire already."
-
We've need support a few times, well never for RHEL. but for Vmware. It's always bugs that somehow no one else has found..
-
@Jason said in Vmware Audit:
Not sure yet, but they want a lot of stuff and we have thousands of Vmware servers. It's due within 7 days.
I just now noticed this part "Due in 7 days"
That seems like a very short turn around, are they sending an auditor on site or providing you with any guidance on pulling all of this information together?
-
@DustinB3403 said in Vmware Audit:
@Jason said in Vmware Audit:
Not sure yet, but they want a lot of stuff and we have thousands of Vmware servers. It's due within 7 days.
I just now noticed this part "Due in 7 days"
That seems like a very short turn around, are they sending an auditor on site or providing you with any guidance on pulling all of this information together?
From the sounds of it, the EULA suggested that the information should always be ready, not something to be pulled together.
-
Which means one should expect to be audited at any time from VMWare within a 12 month span?
That seems like yet another reason to not use VMWare....
-
@DustinB3403 said in Vmware Audit:
Which means one should expect to be audited at any time from VMWare within a 12 month span?
That seems like yet another reason to not use VMWare....
It's a general risk with proprietary software. It's not universal, but it is common. Anyone in the BSA group can audit you if you run any software from any one. Let any of it in the door and you are "EULA compromised."
-
Ya we are a full RHEL shop also. Both workstations and servers. We have a few things running CentOS and Debian, but they were "appliances" so they are just left alone.
-
Even if you don't need the support, buying RHEL gives you a voice into features and stuff and helps to fund continuing development of the product.
-
I've definitely been at customers large enough that when I said I needed a package from the EPEL to be fully supported they were like "we can do that."
-
How is this audit going? I believe you have 2 days left if I recall correctly from this conversation.
-
@DustinB3403 said in Vmware Audit:
How is this audit going? I believe you have 2 days left if I recall correctly from this conversation.
We don't know.. Audit's don't work like that you don't get updates/progress reports. You send the information then wait for months to hear back..
-
@Jason Sorry I was more referring to your progress on gathering of data to send to the auditors.
Not the actual progress of the audit response team.
-
Wow that really sucks. This will be one to remember for any future VMware discussions!
-
Luckily the log files from all the Vshpehere hosts will cover us. We have to give them the past 2 years of logs. The store in vcenter. And we had to get to decommissioned ones powered on to get the logs off of them. Now watch vmware try to say we needed licesnses for the decomed ones since we didn't uninstall vsphere just had them unracked and stacked in storage.
-
@Jason said in Vmware Audit:
Luckily the log files from all the Vshpehere hosts will cover us. We have to give them the past 2 years of logs. The store in vcenter. And we had to get to decommissioned ones powered on to get the logs off of them. Now watch vmware try to say we needed licesnses for the decomed ones since we didn't uninstall vsphere just had them unracked and stacked in storage.
YOu need a "log license."
-
-
You likely are under an EA if your getting audited by VMware. A lot of these operate on true up's (IE you commit to xxx, but can install up to yyy and at the end of the period you do an audit and adjust up/down). EA's fundamentally can include anything that is legal (I've seen some crazy EA's based on customer's need for wanting to pay per socket per day etc).
-
ALL of the data your asking about is tracked in the ESXi logs. If you just install LogInsight (Free for hosts now) it will track all of this information and retain it for you. There's even a handy dashboard you can request that will track vMotions, VM execution location to help with Oracle compliance if you have issues with them....
-
This is normal in enterprise when under an EA, and VMware (to my knowledge) has never sued anyone or taken the intense legal approach your used to hearing from Microsoft. Audits are multi-factored in that they can also make sure you are using what you pay for (and paying for what you use).
-
If you are not comfortable paying for what you use, and complying with licensing you REALLY need to move to BSD (not Linux, as the GPL requires compliance with specific requirements).
-
-
@John-Nicholson said in Vmware Audit:
- ALL of the data your asking about is tracked in the ESXi logs.
Not as he described it. Maybe what is actually required, but not as described. ESXi logs cannot track decoms, for example. And it isn't clear if the requirements are only VMware or other stuff as well.
-
@scottalanmiller The vCenter log will track decoms of VM's and hosts.
VMware doesn't enforce about licensing for non-VMware products (I'm not even sure if they are in the BSA, I think Microsoft dropped out and that group is largely CAD software stuff these days). -
@John-Nicholson said in Vmware Audit:
@scottalanmiller The vCenter log will track decoms of VM's and hosts.
VMware doesn't enforce about licensing for non-VMware products (I'm not even sure if they are in the BSA, I think Microsoft dropped out and that group is largely CAD software stuff these days)."Doesn't enforce licensing" is unrelated to "requires it in an audit", however. The concern that is raised here isn't what licensing is enforced, but how much it costs to perform an audit.
-
@scottalanmiller These audits generally involve filling out a spreadsheet according to best effort, and dumping the logs in the event an auditor really wants to validate something (often times they have scripts or 3rd parties tools for this stuff).
I've read several EA's over the years and never seen this language. This sounds like a lot of hand waving over a misunderstanding...