Why Kubernetes’ platform prowess is a bigger threat to Amazon than its containers


According to some reports, Amazon Web Services (AWS) feels threatened by Kubernetes, and not because Kubernetes has become a rallying cry for the “Anyone but AWS” club. As Kubernetes becomes the industry’s default way to manage containers, and as the enterprise goes gaga for containerization, Kubernetes gives enterprises a way to run workloads across different clouds—not merely AWS.

AWS, apparently, is now building a Kubernetes service, though the company refused to confirm or deny this when I asked. In so doing, AWS is likely responding to Kubernetes’ promise well beyond orchestrating containers. That may be short-sighted. As Bitnami’s Sebastien Goasguen told The Register, Kubernetes “should be seen as a platform you can build on,” and not merely a container tool.

Clear and present danger

Inside sources who do business with AWS have revealed that apparently AWS “feels threatened” by Kubernetes because “they don’t own it.” This may be true in part, but AWS builds services with lots of open source code that it doesn’t own, per se: RDS is just one prominent (and profitable) example.

With Amazon’s ECS service paling in popularity in comparison to Kubernetes, it would make sense for AWS to get deeper into the Kubernetes game. As CoreOS (and Kubernetes contributor) CEO Alex Polvi highlighted in an interview with me, “I wouldn’t be surprised to see AWS release a Kubernetes-as-a-Service” offering as “customers are asking for it. Look closely and you’ll see AWS in the Kubernetes community already. Amazon doesn’t like to waste time on open-source development.”

SEE: Why Kubernetes may be a bigger threat to Amazon than Google’s cloud (TechRepublic)

In other words, AWS’ commitment to Kubernetes indicates a deep and abiding interest in the technology.

The reason, however, may not be tied to containers. I would hazard a guess that the truly threatening thing about Kubernetes is that it promises to be such a broad platform, one that makes it easy to take workloads away from AWS and run them, for example, on Google Cloud, where they allegedly run better. But it’s not just about containers.

The everything platform

Kubernetes has much more promise than its day job as a container management tool. 451 Research analyst Jay Lyman touched on this when he wrote that Kubernetes can help to “create a consistent developer deployment model across on-premises and hybrid clouds.” In other words, companies can use Kubernetes to power workloads on AWS…but also to take those workloads elsewhere. With Kubernetes, it becomes straightforward to orchestrate containers wherever they may live.

Or to build out a mesh network. Or to manage a database, as Goasguen noted:

By using third-party resources, you can extend Kubernetes and build your own API. For example, if you can use Kubernetes to manage a database, you can define that database as an object; the API gets extended and recognises the database.

SEE: The cloud war moves to machine learning: Does Google have an edge? (TechRepublic)

According to Ocado’s Mike Bryant in an interview with The Register, Kubernetes’ value goes beyond its pliability. It also affords the opportunity to run demanding workloads on decidedly undemanding hardware: “Most people run Kubernetes on high-performance servers, we run it on PCs – it’s a very dramatic cost saving. And it’s not just the servers, we don’t need enterprise network cabling, we don’t need high-end networking kit, we save on cooling – we’re really cutting costs.”

Kubernetes role as the default container orchestration platform would be enough to signal danger to AWS. But Kubernetes’ expanding option as a broad platform makes it even more important that AWS not merely offer Kubernetes as a hosted option, but to deeply integrate it into the AWS fabric. As such, we should expect to see AWS engineers contributing more code to Kubernetes as it seeks to become an influencer on the project.

How to improve your Mac notebook’s battery life for free with Chargeberry

Many laptop users, including Mac professionals, are surprised to learn notebook batteries are considered consumables whose life spans don’t always match the intended life span of the laptop’s other components. Laptop batteries possess known maximum cycle counts and, as a result, lose effectiveness once they complete so many battery charge cycles.

SEE: Free ebook—Boost your Mac productivity with these 10 techniques (TechRepublic)

Here’s how laptop battery charge cycles work. Say you use half your Macbook Air’s battery charge today, then recharge it at night, and the next day you repeat the same actions. Although the battery never discharged completely, Apple states that, because you twice drew the battery charge down by half and recharged it, the battery experienced one complete cycle.

How many charge cycles can most Mac laptop batteries experience before being considered consumed? It depends upon the model. 2017 12″ MacBooks, 13″ MacBook Airs, and 15″ MacBook Pros are all rated for 1,000 maximum cycles, whereas a Mid 2009 MacBook Air is rated for only 500. A Late 2008 17″ MacBook Pro is only rated for 300 charge cycles. To confirm your Mac notebook’s cycle limit, check Apple’s site.

How to use the Chargeberry app

While it’s possible to natively check a Mac notebook’s battery charge cycle count (while holding the Option key, click the Apple icon on the menu bar, then select System Information, which lists the battery cycle count within the Hardware’s Power section), the free Chargeberry app simplifies the process and provides guidance to help improve battery life. The app also generates alerts to help prevent the battery level from dropping below 40%, a threshold below which many users do not wish to operate.


Chargeberry permits displaying the battery’s remaining estimated run time within the menu bar, as well as the battery’s charging status and charge percentage. When running, Chargeberry monitors and records a Mac battery’s electrical performance, which the application displays within a customizable Power History view. The Power History view, in addition to logging the time the battery powered the notebook, the time spent charging, how long the battery was fully charged, and how long the notebook was plugged in to electrical power, also lists the applications consuming the most power.

For guidance on maximizing battery life, Chargeberry users can click the app’s menu bar icon and then click the Tips: How to maximize battery life link (Figure A). To view the battery’s power history, users need only click the History button that appears when clicking the icon within the menu bar.

Figure A


Within its main menu, Chargeberry displays the battery’s current charge, health status, and time remaining. Within its health details section, Chargeberry displays information regarding the battery’s capacity, factory capacity, charge cycle count, temperature, voltage, and manufacture date.

SEE: Swift Programming for Beginners (TechRepublic Academy)

If you want Chargeberry to automatically launch at startup, click the application’s icon within the menu bar, click the gear icon in the top right corner, then click Preferences. From the resulting screen, ensure the General tab is selected and click the checkbox for Launch Chargeberry at system startup.

Using the same Preferences menu, clicking the Notifications tab enables configuring charge level notification settings and discharge process alerts. The Notifications tab is also where you configure battery health change alerts and the reminder alert to plug in the notebook’s charger when the battery level reaches 40%.

The bottom line

While some of Chargeberry’s status display information is available using the Mac’s Battery icon and System Information views, Chargeberry places all the battery management information within a single, free app. That’s a compelling combination for Mac users seeking to keep an eye on their Mac notebook’s battery performance.

Microsoft’s next HoloLens will have dedicated AI chip, boosting on-board processing

The second version of Microsoft’s HoloLens, the firm’s “mixed-reality” headset, will feature an on-board AI coprocessor designed by Microsoft itself, Microsoft’s AI lead Harry Shum announced in a keynote address at CVPR 2017 on Sunday.

The coprocessor will exist as part of the HoloLens’s multiprocessor known as the Holographic Processing Unit (HPU), according to a Microsoft blog post. With the AI coprocessor handling visual data analysis on the device, it would eliminate reliance on the cloud for processing, boosting the headset’s edge computing capabilities and opening it up for new use cases.

Previous processing options were tethered to the cloud, the post said. By adding the AI coprocessor on-board, it untethers the HoloLens completely, and lowers latency for visual input activities like hand tracking and more.

SEE: Build 30 Mini Virtual Reality Games in Unity 3D From Scratch (TechRepublic Academy)

According to Shum’s address, the AI coprocessor will be able to natively implement deep neural networks, with a bit of flexibility as well. The chip will support multiple layer types, which are programmable by Microsoft, the post said.

The new chip will also be powered by the HoloLens on-board battery, keeping in stride with Microsoft’s untethered theme for the HoloLens.

By processing data on the headset itself, the new AI chip makes the HoloLens a more powerful device for edge computing. In addition to improving graphics rendering for VR and AR, leading to a better user experience, edge computing could also lead to deeper explorations of autonomous vehicles and more efficient robotics for manufacturing. As such, networking firms like AT&T are investing heavily in edge computing capabilities.

Outside of VR and AR, the Internet of Things (IoT) also stands to benefit heavily from edge computing advances. Real-time analytics are easier to provide directly to managers and on-the-ground employees, as the data doesn’t have to be shipped off to be analyzed.

In addition to the new chip, there have been rumors that the next HoloLens will have a new form factor as well. A prototype developed by Microsoft uses normal-sized glasses to project holographic images onto a surface, in a view similar to those provided by AR and VR helmets.

The 3 big takeaways for TechRepublic readers

  1. Microsoft’s second HoloLens will have a dedicated AI coprocessor that will handle the visual data analysis on board, untethering the device from the cloud.
  2. The chip will be able to implement deep neural networks and support multiple layer types, which Microsoft will be able to program.
  3. The new coprocessor improves the HoloLens’s capabilities in edge computing, which will also stand to impact IoT, robotics, and more.

Three Square Market becomes first US company to offer implanted microchips to all employees

Employees at Three Square Market (32M) will soon be getting a tech upgrade: Biochips, imbedded in their hands. The company will become the first in the US to offer implanted microchip technology to all employees, essentially replacing ID badges and allowing users to open doors, log in to computers, and make purchases in the break room.

32M expects about 50 staff members to be voluntarily chipped at company headquarters in River Falls, WI on August 1, according to a press release. The chips will be implanted between an employee’s thumb and forefinger underneath the skin, in a process that only takes seconds, the release noted.

The company is partnering with BioHax International, based in Sweden, to provide the RFID chips to employees. The chips use near-field communications (NFC)—the same tech used in contactless credit cards and mobile payment systems.

Employees will be able to scan their chips to make purchases in the office break room, open doors, operate copy machines, log into computers, unlock phones, share business cards, store medical information, and act as payment at other RFID terminals, 32M CEO, Todd Westby said in the press release. “Eventually, this technology will become standardized allowing you to use this as your passport, public transit, all purchasing opportunities, etc,” Westby said.

SEE: The Ultimate Learn to Code 2017 Bundle (TechRepublic Academy)

While working with operators in Europe, 32M came across BioHax International and its chipped employees.

“We see chip technology as the next evolution in payment systems, much like micro markets have steadily replaced vending machines,” Westby said in the release. “As a leader in micro market technology, it is important that 32M continues leading the way with advancements such as chip implants.”

While this is the first time US employees will have the opportunity to be chipped company-wide, 32M isn’t the first to explore this technology. Swedish biohacker Hannes Sjöblad implants microchips into employees’ hands to make it easier for them to access data and gain entry to company buildings.

“The international market place is wide-open and we believe that the future trajectory of total market share is going to be driven by who captures this arena first,” 32M COO Patrick McMullan said in the release. “Europe is far more advanced in mobile and chip technology usage than the U.S. and we are thrilled with the growth opportunity this enhancement will bring to us.”


The 3 big takeaways for TechRepublic readers

1. 32M will become the first US company to offer all of its employees implanted microchips on a voluntary basis.

2. Employees will be able to scan their chips to make purchases in the office break room, open doors, operate copy machines, log into computers, unlock phones, share business cards, store medical information, and act as payment at other RFID terminals.

3. Europe is more advanced in mobile and chip technology than the US, but the market will likely continue to grow worldwide.

iCloud Keychain encryption bug exposes iOS passwords, credit card numbers

A largely unreported iOS security flaw undermined iCloud’s end-to-end encryption capability, and could have allowed attackers to steal passwords, credit cards, and any other information on file, according to security firm Longterm Security.

iCloud Keychain enables users to store passwords and credit card numbers across all of their devices, while iCloud Keychain Sync allows users to share this information securely between devices. The security flaw was found in iCloud Keychain Sync’s custom Off-The-Record (OTR) implementation, Longterm Security co-founder Alex Radocea wrote in a blog post.

“The bug we found is exactly the kind of bug law enforcement or intelligence would look for in an end-to-end encryption system,” Radocea told ZDNet.

The flaw was addressed in the iOS 10.3 update—demonstrating again why it’s important to stay on top of updating your device.

SEE: Learn Website Hacking and Penetration Testing From Scratch (TechRepublic Academy)

iCloud Keychain’s OTR encryption protocol uses key verification to protect a user’s devices by ensuring information can pass securely between multiple devices. Radocea was able to bypass the signature verification process via a man-in-the-middle attack. He was also able to intercept traffic from devices, and modify OTR packets in transit to deliberately get an invalid signature, ZDNet reported. After this, he was able to get a device approved.

“We could see everything [in the Keychain] in plain-text,” Radocea told ZDNet. Making matters more dangerous, “it’s completely silent to users,” he said. “They wouldn’t have seen a device being added.”

Weak, reused, and leaked passwords are a primary method of entry for cybercriminals, Radocea wrote in the blog post, making password hygiene critical for enterprise users. In 2016 alone, more than 500 million credentials surfaced publicly from mass-hack password dumps, combined with poor password storage practices, he added.

“Due to the risk of future mass dumps, passwords alone are just no longer a strong defense mechanism for sensitive data,” Radocea wrote. “It is a very good idea for organizations to further harden access to any important personal information.”

Current best practices include multi-factor authentication and end-to-end encryption, such as OTR, Radocea wrote.

Longterm Security will present more information on the issue in a session at Black Hat on Wednesday.


The 3 big takeaways for TechRepublic readers

1. A security flaw undermined iCloud’s end-to-end encryption capability, and could have allowed criminals to steal passwords and credit cards, according to Longterm Security.

2. The flaw was addressed in the iOS 10.3 update, so users should update if they haven’t done so.

3. Enterprises shouldn’t rely on passwords alone to protect sensitive data, and should use multi-factor authentication and end-to-end encryption.

New Microsoft cloud service uses AI to find bugs in your code

Microsoft Security Risk Detection, made publicly available Friday, uses artificial intelligence (AI) to help software developers find bugs in their code and other vulnerabilities. The cloud-based tool, previously known as Project Springfield, is meant to complement the work being done by developers and security experts, according to a blog post.

Microsoft’s David Molnar, who leads the group behind Microsoft Security Risk Detection, said in the post that the tool performs fuzz testing, a QA method for finding buggy code and security problems. As more and more software is developed, the need for this testing grows, and becomes hard to manage.

The AI is not meant to replace the human workers, but merely to augment the work they’re already doing, the post said.

SEE: Bug Bounty: Web Hacking (TechRepublic Academy)

“We use AI to automate the same reasoning process that you or I would use to find a bug, and we scale it out with the power of the cloud,” Molnar said in the post.

To conduct its fuzz testing, Microsoft Security Risk Detection asks “what if” questions to determine the root cause of a given issue, the post said. By doing this over and over, it narrows its focus, looking for problems that other tools may have missed. It is helpful for companies that build software in-house, or for those that customize off-the-shelf software or open source tools, the post said.

Electronic signature company DocuSign has been testing the new tool. The firm’s senior director of software security, John Heasman, said they have been using it as “an extra step of assurance.”

By automating some of the common security processes with bug testing, the tool has improved digital transformation efforts as well, Molnar said in the post. It also helps smaller companies, which may not have access to the same kind of resources, improve their security posture.

Cybersecurity has recently emerged as one of the core enterprise applications for AI. Startups like Armorway have been working on using AI to predict breaches, and IBM’s Watson has also been trained to help detect and mitigate potential threats.

The 3 big takeaways for TechRepublic readers

  1. Microsoft Security Risk Detection uses AI to help businesses better detect bugs in their software and identify potential security vulnerabilities.
  2. The new tool conducts fuzz testing, and is meant to augment existing efforts, not fully replace human security experts.
  3. Cybersecurity is fast emerging as a new initiative for AI in the enterprise, as startups and tech giants have been working with AI tools to improve security offerings.

Windows 10 only slightly more popular than Windows XP among firms

Microsoft’s aged Windows XP operating system is almost as widely used within businesses as Windows 10, according to a new survey.

Despite Windows XP being 16-years-old and, in general, no longer patched against hacks, XP is still being used on 11% of laptops and desktops, compared to 13% running Windows 10, the Spiceworks survey found.

“Despite the gains in Windows 10 penetration, the absolute share of computers running the OS remains relatively low,” writes Peter Tsai of Spiceworks of the data it gathered from hundreds of thousands of IT professionals.

Both Windows 10 and XP are a long way behind Windows 7, running on 68% of PCs. However, Windows 10 is now the second most used OS, according to the Spiceworks figures, and its overall share has improved since March this year, when it was only running on nine percent of machines.


Windows 10 is being run on at least one PC within 60% of firms, according to Spiceworks, compared to 84% running Windows 7 on at least a single machine, 42% running Windows XP and 35% running Windows 8.

However, these figures provide little indication as to whether each operating system is widely deployed or just being trialled on a single machine. When combined with Spicework’s figures on the absolute share of each OS within firms, it suggests that Windows 10 is being tested more often than it is being widely deployed.

This ‘penetration rate’ for Windows 10 is also lower than forecast in a Spiceworks survey of more than 500 IT pros just before the 2015 Windows 10 launch, when 73 percent said their organization was planning to adopt Windows 10 within two years.

Microsoft says there are more than 50 million business users of Windows 10, and recently highlighted that all 400,000 staff within Accenture, a global consulting company and Microsoft partner, are switching to the OS.

A poll earlier this year, found 52% of firms were still running Windows XP on at least one machine. However, Spiceworks’ latest figures showed overall use of XP is diminishing, with the OS installed on some 11% of PCs, down from 14% in March.

Tsai says recent high profile ransomware outbreaks like WannaCry and Petya are giving organizations an incentive to move to more modern operating systems that are still being regularly patched by Microsoft.

When Windows 10 launched in July 2015, Microsoft predicted it would be installed on one billion devices within two to three years.

Today, a few days shy of Windows 10’s two year anniversary, the OS is installed on half that original target, about 500 million devices. Consumer growth seems to be slowing, with the average daily increase in the number of Windows 10 devices dropping by more than two thirds since Windows 10’s 2015 launch.

It could be that Windows adoption is currently in a lull between two spikes. Microsoft’s offer of a free upgrade to Windows 10 for non-enterprise users ended in July last year, while most businesses are yet to begin large-scale migrations to Windows 10, with analyst house Gartner predicting that 85 percent of organizations will start a Windows 10 production deployment by the end of this year.

This Raspberry Pi-powered laptop is tiny enough to fit in your pocket


In its cheapest incarnation, the $35 Raspberry Pi is a computer in the simplest sense of the word, nothing more than a bare board.

The reason for the stark appearance of the Pi is that the board is a canvas for its owner’s ideas, a raw material for hundreds of different Pi-powered creations, everything from robots to retro arcade machines.

This latest project offers something for people who want to turn the Pi into a traditional computer with a twist, a ‘laptop’ so small it’ll fit in your pocket.

This ‘ultra-mobile PC‘ (UMPC) is not much bigger than the credit card-sized Pi itself, and can be put together for just over $100, which includes the cost of the Raspberry Pi 3 Model B.

The laptop’s case is 3D printed. Those who have a 3D printer can download the case designs from here and print them out, while those who don’t can order the parts from here, which will add about $50 to the build price.

By adding a screen and keyboard, the UMPC resolve an issue that prevents the Pi from being used on the move. The video below shows the UMPC running the Pi’s default Raspbian OS, a relatively easy to use operating system that comes with the usual web browser, office and email software, as well as an array of programming tools.

However, while the PC looks useable and the screen perfectly readable, it’s likely you wouldn’t want to spend too long using what is a desktop PC OS on a five-inch display. Typing on the tiny ADK-100 keyboard will also be no match for using a full-sized alternative and a separate mouse is needed to use Raspbian’s GUI.

The process of building the ‘ultra-mobile PC’ will also require a degree of skill with hardware, including being comfortable with soldering and desoldering, necessary to remove the Pi’s default connectors and install a pair of USB ports that will fit in the case.

Instructions for how to build the Raspberry Pi-based ‘ultra-mobile PC’ and a full list of components are available here or via the project’s Thingiverse page.

If you want a similar-sized Pi-powered device you could also check out the Zero Terminal project.

The top 5 IT certifications that will increase your salary

While a candidate’s experience trumps most other factors in an IT hiring manager’s decision, certifications can offer less experienced job candidates a way to demonstrate their knowledge and skillset.

“It’s a hot topic, as there is a shortage of skillsets needed in the marketplace,” said Sean Dolan, CEO of Global Knowledge, an IT and business skills training firm. While putting credentials behind your name can be valuable to employers, “certifications tend to be a little one-dimensional,” he added. For example, if a company is looking for a cloud security architect, that person would need several different certifications to demonstrate that they have the necessary skills.

Many companies are more interested in a candidate’s ability to apply the knowledge signified by a certification, rather than the certification itself, Dolan said.

For example, on the development side, some companies might want a certified Java programmer, said Carter Lowe, enterprise technical recruiter at Mondo, a national staffing agency specializing in niche IT, tech, and digital marketing. However, others think that only amounts to passing a test, not a proven skillset. “Especially for developers and programmers, hiring managers just want to see the work itself,” Lowe said. “Grit is more valuable than a certification.”

SEE: CISSP: Certified Information Systems Security Professional Training (TechRepublic Academy)

However, the opposite may be true true for a systems engineer or a high-level support staff member, Lowe said. For more specialized IT positions, such as those working for the federal government, many employers require a set of certifications such as CompTIA’s A+ or Network+, or ISC(2)’s Certified Information Systems Security Professional (CISSP).

“Certifications are just the entry game,” Dolan said. “It shows you’ve got a commitment to command a certain language, for example, but it’s not the be-all end-all. You want to make sure you’re not just memorizing for a test, but are understanding the practicality of using it and applying it in a knowledgeable way.”

When determining which certification to pursue, “it’s smart to plan out what you are passionate about, and to have a learning path in mind,” Dolan said. With companies iterating their platforms daily, it’s helpful to understand product lifecycle and the value of the certification in the near future. For example, infrastructure certifications for some particular products are less popular now because many companies have outsourced that work to cloud providers. “Knowing the technology itself will help you decide on the certifications and learning paths that will be most important, like cloud, security, development, or software,” Dolan said.

Here are the top five IT certifications that will increase your salary in 2017, according to Global Knowledge.

SEE: Project Management (PMP) Certification Training (TechRepublic Academy)

1. Certified in Risk and Information Systems Control (CRISC)

Average salary: $131,298

CRISC, offered by the nonprofit ISACA, is designed for IT professionals, project managers and others whose job it is to identify and manage IT and business risks through Information Systems controls. More than 20,000 people worldwide hold this credential, and 96% of those who have earned it keep it updated. As demand for professionals with these skills increases, CRISC is the highest-paying certification of the year, according to Global Knowledge.

2. Certified Information Security Manager (CISM)

Average salary: $128,156

CISM, also offered by ISACA, is aimed at management, focusing on security strategies and assessing systems and policies in place at a company. More than 32,000 people have earned the CISM certificate since it was introduced in 2002, so, like CRISC, it remains representative of a highly desired skillset that is in short supply.

With more information being stored in public clouds versus private data centers, it’s no surprise that risk management, governance policy, and security are covered in the top two certifications, Dolan said.

3. AWS Certified Solutions Architect – Associate

Average salary: $125,091

The AWS Certified Solutions Architect associate level certification demonstrates expertise in designing and deploying scalable solutions on AWS. Only 10,000 people have earned this certification, and, given the popularity of the AWS platform, they can command a high salary.

“In the cloud, you want a solutions architect who knows how to put together not just the workload but an end-to-end solution,” Dolan said. “[AWS Certified Solutions Architect] quickly became a top certification—you can’t turn around without hearing about companies leveraging the cloud in terms of digital transformation.”

SEE: IT Security CISA, CISSP & CISM Certification Training (TechRepublic Academy)

4. Certified Information Systems Security Professional (CISSP)

Average salary: $121,729

CISSP, offered by (ISC)2, is designed to demonstrate security expertise, including security and risk management, communications and network security, software development security, asset security, security engineering, identity and access management, security assessment and testing, and security operations.

Similar to CRISC and CISM, this security skillset is in high demand and will likely be so for the next several years. However, CISSP allows professionals to earn an associate credential while working on the required experience, rather than necessitating that they have the experience already. This makes it a valuable certification for those wanting to break into the security field, Global Knowledge noted. Nearly 111,000 people worldwide hold a CISSP certificate.

5. Project Management Professional (PMP)

Average salary: $119,349

PMP, offered by the Project Management Institute, is the most recognized project management certification. The PMP exam includes skills relating to the lifecycle of a project: initiating, planning, executing, monitoring and controlling, and closing. There are nearly 730,000 active PMPs worldwide, across a variety of industries. This certification has been in the top certifications list for many years, and will likely continue to hold a place there, Global Knowledge noted.


Creating a bootable VMware ESXi USB drive in Windows


Virtualization is a big player in IT these days, regardless of the sector you’re in. Most businesses can benefit from consolidating servers—and to a greater degree, converging server, storage, and network infrastructures for centralized management and scalability.

With regard to consolidating servers by virtualizing them, the industry standard is VMware, with its extensive software and support offerings for businesses of all sizes. It even has a free offering—ESXi—which is its base hypervisor that can be run on any bare-metal supported server hardware to get IT pros familiar with the product and help organizations on their way to migrating their servers to virtual machines.

While many newer servers have added modern touches to facilitate VMware deployments, such as internal SD card readers for loading the hypervisor onto the SD to maximize all available resources, these servers have also done away with legacy items, like optical drives—and that makes loading VMware onto the servers a bit difficult initially.

But fret not, as USB flash drives (UFDs) have proven to be more than capable at replacing optical media for booting operating systems. And given their flexible read/write nature, even updating installers is a breeze using the very same UFD.

Read on and we’ll cover the steps necessary to create a bootable UFD, with VMware ESXi on it, from your Windows workstation. However, before jumping into this, there are a few requirements:

  • Windows workstation (running XP or later)
  • Rufus
  • VMware ESXi ISO
  • USB flash drive (4GB minimum)
  • Internet access (optional, but recommended)

SEE: VMware vSphere: The smart person’s guide (TechRepublic)

Creating the USB installer

    Start by inserting your UFD into the Windows computer and launching Rufus. Verify that under Device, the UFD is listed (Figure A).

    Figure A

      In the next section, Partition Scheme, select MBR Partition Scheme For BIOS Or UEFI from the dropdown menu (Figure B).

      Figure B

        Skip down to the CD icon and click on it to select the previously downloaded VMware ESXi ISO image (Figure C).

        Figure C

      Finally, click on the Start button to begin the process of formatting and partitioning the UFD and extracting the contents of the ISO to your USB drive. Please note that any data on the drive will be erased (Figure D).

      Figure D

      The transfer process will vary depending on the specifications of your workstation, but typically it should be completed within several minutes. During this process, you may be prompted to update the menu.c32 file, as the one used by the ISO image may be older than the one used by Rufus on the flash drive. If this occurs, click Yes to automatically download the newest compatible version from the internet. Once the process is complete, your USB-based VMware ESXi installation media will be created and ready to boot the hypervisor setup on your server.

      Note: If the USB will not boot on your server, ensure that the USB boot functionality is enabled in the BIOS or UEFI listing. In addition, before the ISO is downloaded from VMware, it is highly recommended that you peruse VMware’s Compatibility Guide on its website, which allows users to verify that their hardware is supported by VMware and for use with its products. If not, perhaps a previous version of ESXi may be a better fit or supplemental drivers may be needed to be included before your specific server will boot properly.