1 2 3 4 Previous Next

Geek Speak

1,495 posts

As an admin, how do you ensure that you don’t run out of disk space? In my opinion, thin provisioning is the best option. It reduces the amount of storage that needs to be purchased for any application to start working. Also, monitoring thin provisioning helps you understand the total available free space and thus you can allocate more storage dynamically (when needed). In a previous blog I wrote, I explained how thin provisioning works and the environment it can be useful in. Now I’d like to discuss the different approaches for converting from fat volume to thin.

Once you’ve decided to move forward with thin provisioning, you can start implementing all your new projects with minimum investment. With thin provisioning, it’s very important to account for your active data (in fat volume) and to be aware of challenges you might encounter. For example, when conducting a regular copy of existing data from fat volumes to thinall the blocks associated with fat volume will be copied to the thin, ultimately wasting any benefits from thin provisioning.

There’s several ways to approach copying existing data. Let’s look at a few:

File copy approach

This is the oldest approach for migrating data from fat volume to thin volume. In this method, the old fat data is backed up at the file level and restored as new thin data. The disadvantage of this type of backup and restore is that it’s very time consuming. In addition, this type of migration can cause interruption to the application. However, an advantage to the file copy approach is that it marks the zero value blocks as available to be overwritten.

Block-by-block copy approach

Another common practice is using a tool that does a block-by-block copy from an old array (fat volume) to a new thin volume. This method offers much higher performance compared to the file copy method. However, the drawback to this method is the zero-detection issuemeaning fat volumes will have unused capacity which will be filled with zero’s awaiting the eventual probability of an application writing data to it. So, when you do general migration by copying block-by-block data from array to the new, you receive no benefit from thin provisioning. The copied data will have unused space with zero-blocks, and you end up with wasted space.


A tool that can handle zero block detection can also be used. The tool should remove the zero valued blocks, while copying the old array to the new. This zero-detection technology can be software based or hardware based. Both software and hardware based fat to thin conversions can help remove zero blocks. However, the software based fat to thin conversion has a disadvantagethe software needs to be installed on a server. That means this software will consume large amounts of server resources and will impact other server activities. The hardware based fat to thin conversion also has a disadvantageit’s on the expensive side.

As discussed, all the methods to convert from fat volumes to thin have advantages and disadvantages. But, you cannot continue using traditional provisioning or fat provisioning for storagesince fat provisioning wastes money and results in poor storage utilization. Therefore, I highly advise using thin provisioning in your environment, but make sure you convert your old fat volumes to thin ones before you do.


After you have implemented thin provisioning, you can start the over-committing of storage space. Be sure to keep an eye out for my upcoming blog where I will discuss the over-commitment of storage. 

If you haven’t heard already, SolarWinds’ Head Geeks are available for daily live chat, Monday-Thursday for the month of March at 1:00PM CT.  kong.yang, adatole, sqlrockstar and yes me too, will be online to help answer any questions you may have about products, best practices, or general IT.  Though unlikely, some chump stumpage may occur, so we’ll also have experts from support and dev to make sure we have the best answer for anything you can throw at us.  You’ll find us here http://thwack.com/officehours on the Office Hours event page in thwack.


My Question


Daily Office Hours is part of a thwack & Head Geek experiment to test new ways for the community to reach product experts.   I’m also testing a new tag line for our fortnightly web TV show, SolarWinds Lab http://lab.solarwinds.com, and would love your feedback before I rebuild the show header graphic.


What do you think of: What Will You Solve Next?


It means something specific to me, but I’d love to get your feedback before I say what I think it means.  Please leave some comments below.  Do you like it?  Is it the kind of thing we ask each other on thwack?  Is it something SolarWinds does/should ask?  Am I taking liberties with the tm?  After you all chime in and let me know what you think, I’ll reply with what I think it means.


Thanks as always, we hope to see you in March for Office Hours!

Of all of the security techniques, few garner more polarized views than interception and decryption of trusted protocols. There are many reasons to do it and a great deal of legitimate concerns about compromising the integrity of a trusted protocol like SSL. SSL is the most common protocol to intercept, unwrap and inspect and accomplishing this has become easier and requires far less operational overhead than it did even 5 years ago. Weighing those concerns against the information that can be ascertained by cracking it open and looking at its content is often a struggle for enterprise security engineers due to the privacy implied. In previous lives I have personally struggled to reconcile this but have ultimately decided that the ethics involved in what I consider to be violation of implied security outweighed the benefit of SSL intercept. With other options being few, blocking protocols that obfuscate their content seems to be the next logical option, however, with the prolific increase of SSL enabled sites over the last 18 months, even this option seems unrealistic and frankly, clunky. Exfiltration of data, being anything from personally identifiable information to trade secrets and intellectual property is becoming a more and more common "currency" and much more desirable and lucrative to transport out of businesses and other entities. These are hard problems to solve.

Are there options out there that make better sense? Are large and medium sized enterprises doing SSL intercept? How is the data being analyzed and stored?

Is User Experience (UX) monitoring going to be the future of network monitoring? I think that the changing nature of networking is going to mean that our devices can tell us much more about what’s going on. This will change the way we think about network monitoring.

Historically we’ve focused on device & interface stats. Those tell us how our systems are performing, but don't tell us much about the end-user experience. SNMP is great for collecting device & interface counters, but it doesn't say much about the applications.

NetFlow made our lives better by giving us visibility into the traffic mix on the wire. But it couldn't say much about whether the application or the network was the pain point. We need to go deeper into analysing traffic. We've done that with network sniffers, and tools like Solarwinds Quality of Experience help make it accessible. But we could only look at a limited number of points in the network. Typical routers & switches don't look deep into the traffic flows, and can't tell us much.

This is starting to change. The new SD-WAN (Software-Defined WAN) vendors do deep inspection of application performance. They use this to decide how to steer traffic. This means they’ve got all sorts of statistics on the user experience, and they make this data available via API. So in theory we could also plug this data into our network monitoring systems to see how apps are performing across the network. The trick will be in getting those integrations to work, and making sense of it all.

There are many challenges in making this all work. Right now all the SD-WAN vendors will have their own APIs and data exchange formats. We don't yet have standardised measures of performance either. Voice has MOS, although there are arguments about how valid it is. We don't yet have an equivalent for apps like HTTP or SQL.

Standardising around SNMP took time, and it can still be painful today. But I'm hopeful that we'll figure it out. How would it change the way you look at network monitoring if we could measure the user experience from almost any network device? Will we even be able to make sense of all that data? I sure hope so.


A Geek's Guide to AppStack

Posted by kong.yang Mar 5, 2015

What is the Geek's Guide to AppStack? Simply put, it's the central repository for all tech content involving the AppStack. If data and applications are important to you, the AppStack Dashboard is for you. The AppStack Management Bundle enables agility and scalability in monitoring and troubleshooting applications. And this blog post will continue to be updated as new AppStack content is created. So bookmark and favorite this post as your portal to all things AppStack. Also, if there is anything that you would like to discuss around AppStack, please comment below.

Application Relationship Mapping for Fast Root Cause Analysis: Application Stack Dashboard

Download the Application Stack Management Bundle:

AppStack Reference

Hear what the Head Geeks had to say in the AppStack Blog Series:

Ambassador BlogsApplication-Centric Monitoring:

AppStack Social Trifecta:

Helpful AppStack Resources:

SolarWinds Tech Field Day Coverage:

There’s two ways to get things donethe hard way or the easy way. The same holds true with help desk management. There are many micro to small businesses who do not have the resources to manage their help desk, and end up spending more time and effort doing the job manuallyby tracking tickets via email, updating statuses on spreadsheets, walking over to the customer’s desk to resolve tickets, etc. This is a tedious and time-consuming process, highly ineffective, and causes delays & SLA lapses.


Streamlining the help desk process and employing automation to simplify tasks and provide end-user support is the other waythe smart way. If you know what tools to use, and how to get the best benefits from them, you can achieve help desk automation cost-effectively.


Here are a few things you should automate:

  • Ticketing management: from ticket creation, technician assignment, tracking, to resolution
  • Asset Management: scheduled asset discovery, association of assets to tickets, managing inventory (PO, warranty, parts, etc.)
  • Desktop Support: ability to connect to remote systems from the help desk ticket for accelerated support


Take a look at this Infographic from SolarWinds to understand the benefits of centralized and organized help desk management.



Learn how to effectively manage IT service requests »

If you’ve worked in IT for any amount of time, you are probably aware of this story: An issue arisesthe application team blames the database, the database admin blames the systems, the systems admin blames the network, and the network team blames the application. A classic tale of finger pointing!


But, it’s now always the admins fault. We can’t forget about the usersoften the weakest link in the network.


Over the years, I think I’ve heard it all. Here are some interesting stories that I’ll never forget:


Poor wireless range

User:     Since we moved houses, my laptop isn’t finding my wireless signal.

Me:        Did you reconfigure your router at the new location?

User:     Reconfigure…what router?


The user had been using their neighbors signal at their previous house. I guess they just assumed they had free Wi-Fi?  However, this was almost a decade ago when people were unaware that they could secure their Wi-Fi.


Why isn’t my Wireless working?

User:     So, I bought a wireless router and configured it, but my desktop isn’t picking up the signal.

Me:        Alright, can you go to ‘Network Connections’ and check if your wireless adapter is enabled?

User:     Wait, I need a wireless adapter?


Loop lessons

I was at work and one of my coworkers…let’s call him the hyper enthusiastic newbie. Anyway, the test lab was under construction, lab devices were being configured and the production network wasn’t connected to the lab yet. After hours of downtime, the hyper enthusiastic newbie came to me and said:


Newbie:               I configured the switch, and then I wanted to test it.

Me:                        And?

Newbie:               I connected port 1 from our lab switch to a port on the production switch. It worked.

Me:                        Great.

Newbie:               And then to test the 2nd port, I connected it to another port on the production switch.


This is a practical lesson on what switching loopbacks can do to the network


Not your average VoIP trouble

A marketing team member’s VoIP phone goes missing. An ARP lookup showed that the phone was on a sales reps desk. The user decided to borrow the phone for her calls because hers wasn’t working. Like I said, not your average VoIP trouble.


One of my personal favorites: Where's my email?

User:     As you can see I haven’t received any email today.

Admin: Can you try expanding the option which says today?


Well, at least it was a simple fix.

Dancing pigs over reading warning messages

So, a user saw wallpaper of a ‘cute dog’ online. They decided to download and install it despite the 101 warning signs that his system threw at him. Before they knew it…issues started to arise: Malware, data corruption, and soon every system was down. Oh my!


Bring your own wireless

The self-proclaimed techie user plugs in his wireless travel router that also has DHCP enabled. This DHCP also first responds to a client that asks for an IP. As you all know, this can lead to complete Mayhem and is very difficult to troubleshoot.


Excuse me, the network is slow

I hear it all the time and for a number of reasons:


Me:        What exactly is performing slowly?

User:     This download was fine. But, after I reached the office, it has stopped.

Me:        That is because torrents are blocked in our network.


That was an employee with very high expectations.


Monitor trouble!

Often, our office provides a larger sized monitor to users who are not happy with their laptop screen size. That said:

User:     My extra monitor displays nothing but the light is on.

Me:       Er, you need to connect your laptop to the docking station.

User:     But I am on wireless now!


Due to all these instances, user education has been a priority at work. However, these situations still continue to happen. What are your stories? We’d love to hear them.

Many IT folks, including yours truly, made technology predictions for 2015. These predictions revolved around buzz worthy tech trends of now – hybrid cloud, software-defined data center, converged infrastructure, and containers. In a recent webinar, I hosted three techies to get their take on these tech constructs and share their E’s for successfully navigating the fear, uncertainty, and doubt, aka the FUD factor.

The three industry SMEs were:

  • Christopher Kusek. Chief Technology Officer of Xiologix, LLC. Christopher is an EMC® Elect, a VMware® vExpert, and an accomplished speaker, and an author with five books published. Blog: http://pkguild.com
  • John Troyer. Founder of TechReckoning, an independent IT community. He is the co-host of the Geek Whisperers Podcast and consults with technology vendors on how to work better with geeks. Blog: http://techreckoning.com
  • Dennis Smith. IT veteran in various roles. Most recently, Dennis was the Principal Engagement Manager for EMC social marketing where he led the strategy for the influencer program, the EMC Elect. Blog: http://thedennissmith.com

The three “E’s” from the panelists stayed with me long after our webcast was over were:


Christopher stated that technologies are meant to make it easier for IT pros to do what they have to do with their role and responsibilities. He pointed to root-cause visibility through the entire stack as a requirement to make these technology constructs viable and successful; but also said that tool makers aren’t there yet. In lieu of hundreds of management tools, he recommended using a few tools to empower IT pros to manage and monitor their ecosystem as they integrate their existing deployments with new technology constructs. He concluded by saying that IT pros can't be an extra in their IT ecosystem action film. Be the main character in the IT world full of characters!


John discussed the shift in IT attitude towards empathy to customers. He focused on shared goals, shared responsibilities, and end-to-end context but broke up the pieces into consumable bites for the IT pro. In other words, the IT pro wasn't responsible for knowing how to maintain the entire ecosystem from application development through operations (DevOps). He also discussed the rise in μ-services (micro-services) and how insane the monitoring is. Finally, he shared wisdom about how IT pros need to become a π-specialist. No not that kind of pie, but rather, the 3.14159 kind. And that pi-specialist needs broad IT generalist skills, but with deep-roots specialist know-how.


Dennis spoke of continuous learning in the continuous application delivery era. He shared his experience in building tech communities, engaging customers, and delivering solutions with the latest and greatest technologies. He felt that IT pros needed to be adaptable because technology is ever changing. That which can disrupt, often does change. His advice to IT pros was to pay it forward because it will be returned back to you many times over. And to pay it forward simple means to share your knowledge and expertise without expectation of getting anything in return.

Bridging to Business with Empower, Empathy, and Evolution in Clouds & SDDC.

The 2015 IT Prediction webinar centered on technology trends that promise agility and scalability. But to get to consumable simplicity, the equation is dependent on the IT pros, the processes that they put into place, and the tools that they will use to bridge the technology to successful business outcomes. The first tool that IT pros need to bridge utility is one that provides connected visibility of the application through the data stack.

Hello AppStack! If this resonates with any of you readers out there, I highly recommend you take a look at this Application Stack Management Bundle. You can access a free trial here:


Better yet, download the tool and then tune in to the live demonstration of the AppStack dashboard to…

On March 12th at 11AM-12PM CT, SolarWinds will demonstrate the AppStack dashboard to troubleshoot application performance issues.

Troubleshooting Performance Issues across the Application Stack

URL: http://bit.ly/AppStackWebcast

Thursday March 12th from 11AM-12PM

IT Pros can even try out the Application Stack Management Bundle while watching the live demo. Ask questions during the demo as SolarWinds SMEs will be on to answer them live. 

Given the current state of networking and security and with the prevalence of DDoS attacks such as the NTP Monlist attack, SNMP and DNS amplifications as well as the very directed techniques like DoXing and most importantly to many enterprises, exfiltration of sensitive data, network and security professionals are forced to look at creative and often innovative means to ascertain information about their networks and traffic patterns. This can sometimes mean finding and collecting data from many sources and correlating it or in extreme cases, obtaining access to otherwise secure protocols.

Knowing your network and computational environment is absolutely critical to classification and detection of anomalies and potential security infractions. In today’s hostile environments that have often had to grow organically over time, and with the importance and often associated expenses of obtaining, analyzing and storing this information, what creative ways are being utilized to accomplish these tasks? How is the correlation being done? Are enterprises and other large networks utilizing techniques like full packet capture at their borders? Are you performing SSL intercept and decryption? How is correlation and cross referencing of security and log data accomplished in your environment? Is it tied into any performance or outage sources?

Capacity planning is an important part of running a network. To me, it’s all about two things: Fewer surprises, and better business discussions. If you can do that, you'll get a lot more respect.

When I was working for an ISP, we had several challenges:

  • Average user Internet usage is steadily increasing
  • Users are moving to higher-bandwidth access circuits, which means even more usage
  • Upstream WAN bandwidth still costs money. Sometimes lots of money.

I built up a capacity planning model that took into account current & projected usage, and added in marketing estimates of future user changes. It wasn’t a perfect model, but it was useful. It gave me something to use to figure out how we were tracking, and where the pain points would be.

Fewer Surprises

No-one likes surprises when running a network. If your VM runs out of memory, it’s easy enough to allocate more. But if your WAN link reaches 90%, it might take weeks to get more bandwidth from your provider. If you hit that peak due to foreseeable growth, it makes for an awfully uncomfortable discussion with the boss. Those links can be expensive too. You'll be in trouble with the bean-counters if the budgets have been set, and then you tell them that you need another $10,000/month. You can't always get it right. There’s always situations where a service proves far more popular than expected, or a marketing campaign takes off. But reducing the surprises helps your sanity, and it improves your credibility.

Better Business Discussions

I like to use capacity planning and modeling tools for answering those “What if?” questions. e.g. The marketing team will come to you with questions like these:

  • What if we add another 5,000 users to this service? What will that do to our costs?
  • What if we move 10,000 customers from this legacy service to this new one? How will our traffic patterns change?
  • Do we have capacity to run a campaign in this area? Or should we target some other part of the country?
  • Where should we invest to improve user experience?

If you've been doing your capacity planning, then you've got the data to help answer those questions. You get a lot more respect when you're able to have those sorts of discussions, and answer questions sensibly.

This does take real effort though. Getting the data together and making sense of it can be tough. Tying it to business changes in particular is tough. No capacity planning model fully captures everything. But it doesn't have to be perfect - you can always refine it over time.

Are you actively doing capacity planning? How is it helping? (Assuming it is!) If you're not doing any capacity planning, what’s been holding you back? Or have you had any really nasty surprises, where you've run out of capacity in an embarrassing way?


Admins across the internet are freaking out about the color of this router.  Is it BlueGreen or Greenish Blue?  Although the debate has raged in datacenters for years, reliable sources including Adobe have weighed in on the matter, and indicated the router is in fact supposed to be PANTONE 7477, however Cisco has never taken a firm stand on the matter, more recently giving up entirely and gone grey with new systems.


It's believed that a combination of aging fluorescent lighting and overwork tracing dark Ethernet affects the color sensitivity of network administrators, leading to the heated disagreement.  Coupled with the erosive effects of X-Rays from CRTs before the arrival of LCDs, fluctuations in caffeine levels and temporary frustration with a device may also affect IT pro color perception.


And for the record I saw the dress as #838CC3 and #5D4C32

Last month, I had the pleasure and the privilege of sitting down with Ethan Banks and Greg Ferro of PacketPushers.net, to share some of my thoughts on monitoring, business justifications, the new features of NPM 11.5, and life in general. You can listen to the conversation here : Show 225 – SolarWinds on The Cost of Monitoring + NPM 11.5



I gotta tell you, it was an absolute hoot.


Getting IT professionals (IE: Geeks) to speak in public is not always an easy task. But Ethan and Greg are the consummate conversationalists. They know that the key to getting a really juicy conversation going is to tap into the love and passion that all IT pro's have. So we spent a decent amount of time “warming up.” I'm naturally gregarious, so I didn't feel like I needed the time to loosen up, but I appreciated not hitting the microphone cold.


Once the tape started rolling, Ethan and Greg kept the banter up while also helping me stay on track. For an attention-deficit-prone guy like me, that was a huge help.


But aside from all the mechanics, the best part of the talk was that they were sincerely interested in the topic and appreciative of the information I brought to the table. These are guys who know networking inside and out. They are IT pros who podcast, not talking heads who know enough tech to get by. And they really REALLY care about monitoring.


It's the fastest way to anyone's heart, really. Show me that you care about what I care about, and I'm yours.


So here's hoping I have the chance to join the PacketPushers gang again this year and share the monitoring love some more. Until then, I've got episode 225 to cherish, and I will be tuning into their regular podcasts to see what else they have to say.

On Tuesday, February 24, we released new versions of all our core systems management products, including Server & Application Monitor, Virtualization Manager and Web Performance Monitor. We also released a brand new product called Storage Resource Monitor. While this is all exciting in and of itself, what we’re most thrilled with is that all these products now have out-of-the-box integration with our Orion platform and include our application stack (AppStack) dashboard view.


The AppStack dashboard view is designed to streamline the slow and painful process of troubleshooting application problems across technology domains and reduce it from hours—and sometimes even days—down to seconds. It does this by providing a logical mapping and status between the application and its underlying infrastructure that is generated and updated automatically as relationships change. This provides a quick, visual way to monitor and troubleshoot application performance from a single dashboard covering the application, servers, virtualization, storage, and end-user experience. What’s key here is that this is all done in the context of the application. This means that from anywhere in the AppStack dashboard, you can understand which application(s) is dependent on that resource.


In addition to the immediate value we think this will have for you, our users, it also highlights a shift within SolarWinds towards setting our sights on tackling the bigger problems you struggle with on a daily basis. We’ve always sought to do this for specific situations, such as network performance management, application monitoring, IP address management, storage monitoring, etc., but the new AppStack-enabled products help solve a problem that spans across products and technical domains.


However, this doesn’t mean SolarWinds is going to start selling complex, bloated solutions that take forever to deploy and are impossible to use. Rather, by intelligently leveraging data our products already have, we can attack the cross-domain troubleshooting problem in the SolarWinds way—easy to use, easy to deploy and something that solves a real problem.


But know that the AppStack dashboard view isn’t the end. Really, it’s just the beginning; step one towards making it easier for you to ensure that applications are performing well. Our goal is to be the best in the industry at helping you answer the questions:


  • “Why is my app slow?”
  • “How do I fix it?”
  • “How do I prevent it from happening again?”


While integrating these four products with the AppStack dashboard view is a great first step, there’s clearly a lot more we can do to reach the goal of being the best in the industry at that. Pulling in other elements of our product portfolio that address network, log and event, and other needs—along with adding more hybrid/cloud visibility and new capabilities to the existing portfolio are all areas we are considering to reach that goal.


Easy to use yet powerful products at an affordable price. No vendor lock-in. End-to-end visibility and integration that doesn’t require a plane-load of consultants to get up and running. That’s our vision.

I hope you’ll take a look for yourself and see just how powerful this can be. Check out this video on the new AppStack dashboard view and read more here.

The core application to any HelpDesk workflow is the ticketing system. It helps all levels to track issues/requests and documents what has been discovered about the particular issue. There are some ticketing systems that are really complex with lots of features. As more and more features are added, complexity is added as well.



I was recently speaking with someone who stated that they had emailed into their IT ticket system with a list of items that needed addressing. They knew they were supposed to open a single ticket for each issue separately. A few days later the IT staff worked on one of the issues, then closed the ticket and marked it as resolved. Only one of the issues on the ticket was resolved with the rest of them never being addressed.



Since ticket creation via email is so easy, some users may create more tickets than they normally would. Perhaps instead of doing the research in a knowledge base or on a company intranet, users just send in the email to ask IT. I personally have done this because it was easy.



The email ticket creation feature is a convenient feature of a ticketing system. Users can easily send in one request or issue at a time to create a ticket. Users don’t have to stay on a phone trying to explain the issue while someone transcribes it into a ticket for them. However, with every feature there are down sides too. Users will inevitably email multiple items in at once and IT staff will overlook them. The email system or integration will go down. Users will create tickets via email with very generic requests like ‘Internet is slow’.



Does a feature like ticket creation via email improve user experience? Does the benefit to enable such a feature outweigh the cost to set it up and maintain it? Can you train users to only send in one issue per ticket.

SolarWinds hosted a Twitter chat using #syschat to talk about hybrid cloud, software-defined data centers, converged infrastructure, and container technologies. We invited three distinguished technology SMEs:

  1. Christopher Kusek (@cxi), pkguild.com
  2. Dennis Smith (@DennisMSmith), TheDennisSmith.com
  3. John Troyer (@jtroyer), TechReckoning.com (John was on a flight back from the Melbourne VMUG)

We discussed the tech constructs, how monitoring would be affected, how an IT pro's career path would be affected, and what resources are available to IT pros.


Below are some of the highlights of the #syschat. The complete #syschat can be viewed here: Hybrid Cloud, SDDC, Converged Infrastructure & Containers on Storify.








Converged, Cloud, and SDx Predictions for IT: Reality or Fiction?


Please join Christopher, Dennis, John, and me on March 3rd at 11AM-12PM CT for the 2015 Converged, Cloud, and SDx Predictions for IT: Reality or Fiction? webcast hosted by SolarWinds. Look forward to the conversation and engagement.

Filter Blog

By date:
By tag: