LHC2384BU VMware Cloud on AWS A Technical Deep Dive · PDF fileVMware Cloud on AWS – A...

LHC2384BU

#VMworld #LHC2384BU

VMware Cloud on AWS –A Technical Deep Dive

Ray Budavari – @rbudavariFrank Denneman - @frankdenneman

VMworld 2017 Content: Not fo

r publication or distri

bution

• This presentation may contain product features that are currently under development.

• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

• Technical feasibility and market demand will affect final delivery.

• Pricing and packaging for any new technologies or features discussed or presented have not been determined.

Disclaimer

2



bution

• Ray Budavari

Senior Staff Technical Product Manager

Networking and Security Business Unit

• Frank Denneman

Senior Staff Architect

Cloud Platform Business Unit

Speaker Introduction

3

Who



bution

Session Agenda

1 Why VMware Cloud on AWS

2 Compute and Storage

3 Networking and Security

4 Q&A

4



bution

Why VMware Cloud on AWS ?

5

Leading compute, storage and

network virtualization capabilities

Support for a broad range of

workloads

De-facto standard for the

enterprise DC

Flexible consumption economics

Broadest set of cloud services

Global scale and reach

Jointly engineered solution delivers the best of VMware and AWS for customers



bution

VMware Cloud on AWS – service overview

6

AWS Global Infrastructure

VMware Cloud™ on AWS

AWS Global InfrastructureCustomer Data

Center

vSphere vSAN NSX

Operational

ManagementNative AWS

Services

vRealize Suite, ISV ecosystem

vCentervCenter

• VMware SDDC running on AWS bare metal

• Sold, operated and supported by VMware

• Support for all VM types

• On-demand capacity & flexible consumption

• Operational consistency with on-premises

SDDC

• Workload portability and hybrid operations

• Global AWS footprint, reach, availability

• Direct access to native AWS services

Service Highlights

STRATEGY AND VISION



bution

Leverage AWS Global Footprint

7

3

US west

Oregon (3)

N. California (3)

2

3

AWS

GovCloud (2)

US east

N. Virginia (5)

Ohio (3)

3

2

5

Canada (2)

3

South America

São Paulo (3)

Europe

Ireland (3)

Frankfurt (2)

London (2)

23

2

2

Asia Pacific

Singapore (2)

Sydney (3)

Tokyo (3)

Seoul (2)

Mumbai (2)

2

22 3

3

2*

* *

New region

Paris, Ningxia, Stockholm*# Region and number of

availability zones

STRATEGY AND VISION



bution

Key Use Cases for VMware Cloud on AWS

8

Customer can decide strategically across on-premises data center and cloud

Maintain and expand

Regional capacity

DR and backup

Maintain

Expand

Consolidate and migrate

Data center consolidation

Application migration

Consolidate

Migrate

Workload flexibility

Test and development

Cyclic capacity

Flex

…as needed

STRATEGY AND VISION



bution

Infrastructure Overview



bution

Consume Cloud Resources



bution

What workload can you run in

Cloud?VMworld 2017 Content: N

ot for publicatio

n or distribution

Host Compute Configuration in Detail

12

▪ Dual socket CPU host configuration

▪ Intel Xeon E5-2686 v4

▪ 18 Cores per socket at 2.3 GHz

▪ 72 Logical processors per host

▪ Hyper-Threading enabled

▪ 82.8 GHz per host

▪ 512 GB memory per host

▪ Manufacturer: Amazon



bution

Initial Availability Compute Cluster Configuration

576144

81922048

TO

TO

CORES

GB

CORES

GB

16 NODE CLUSTER4 NODE CLUSTER



bution

vSphere DRS Configuration

▪ DRS Enabled

▪ Migration threshold = 3

▪ DPM = Disabled

▪ Resource Pools created to isolate

MGMT from Customer VMs

▪ Affinity Rules available in Future

Release

Customer Administrator(Cloud Admin)

VMware

vSAN Cluster

Managed by VMware

Managed by Customer

VC NSX … VM VM VMVM VM



bution

vSphere DRS Configuration



bution

Coupling AWS Elasticity with

vSphere Infrastructure softwareVMworld 2017 Content: N

ot for publicatio

n or distribution

Technical Preview



bution

Automatic Cluster Configuration

vSAN Cluster

HOST IS ADDED1. AUTOMATIC NETWORK CONFIGURATION2. 3.

vSAN Cluster

Management Network

vMotion Network

vSAN Network

VXLAN Network

vSAN Cluster

vSAN DATASTORE CAPACITY INCREASE



bution

Elastic DRS Integration

vSAN Cluster

CPU

Memory

Storage

vSAN Cluster

CPU

Memory

Storage

vSAN Cluster

CPU

Memory

Storage

CLUSTER OPERATING WITHIN TARGET THRESHOLDS1.

THRESHOLD EXCEEDEDPROVISION ADDITIONAL HOST2.

CLUSTER RETURNS TO TARGET THRESHOLD3.



bution

Automated Cluster Remediation

HOST FAILS, OR PROBLEM IDENTIFIED

NEW HOST ADDED TO CLUSTER.DATA FROM PROBLEM HOST REBUILT, AND/OR MIGRATED

PREVIOUS HOST EVACUATED FROM CLUSTER, FULLY REPLACED BY NEW HOST

1.

2.

3.

vSAN Cluster

vSAN Cluster

vSAN ClusterVMworld 2017 Content: Not fo


bution

HA Cluster Configuration

▪ Host failure remediation is the responsibility of VMware.

▪ As HA settings impact consolidation ratio, the following settings are used to provide

excellent service while minimizing overhead:

▪ Host Monitoring Enabled

▪ Admission Control Policy: Percentage Based

▪ Host Failures Tolerate: 1

▪ VM & App Monitoring Enabled

▪ Host Isolation Response: Power off and Restart VMs



bution

Cluster Configuration at Initial Availability


AWS Region

vSphereVSAN NSX

vS

phere

Clu

ste

r

VM VM VM

SDDC

VM

MGMT VMs

Availability Zone

VM

VM

VM

Availability Zone

▪ Restricted to one AWS Region and AZ

▪ Automatically detects failed hardware

▪ Auto remediation HA allows automatic

recovery from HA events

▪ Provision new host and eject failed node

without customer interventionVMworld 2017 Content: Not fo


bution

Cluster Configuration in Future Release


AWS Region

vS

phere

Clu

ste

r

VM VM VMVM

SDDC

Availability ZoneVM

VM

VMAvailability Zone

vSAN Cluster

▪ Multi AZ availability (Active-Active)

▪ vSAN stretched across multiple AZs

▪ Synchronous write replication across AZs

▪ RPO = 0, RTO = HA Restart

▪ Per-VM Storage Policy

▪ First time infrastructure level AZ resilience! No

need for refactoring traditional applicationsVMworld 2017 Content: N

ot for publicatio

n or distribution

Storage Configuration



bution

Initial Availability vSAN Host & Cluster Configuration

12832

16040

TO

TO

NVMe DEVICES

TB RAW CAPACITY

NVMe DEVICES

TB RAW CAPACITY

16 NODE CLUSTER4 NODE CLUSTER



bution

ESXi HostESXi Host

ESXi Host

vSAN Architecture

ESXi Host (x4)

vSAN Disk Group vSAN Disk Group

vSAN Node Configuration

▪ 2 Disk Groups

▪ 2 devices write-caching tier (3.4 TB)

▪ 6 devices capacity tier (10.2 TB)

Storage Policy Configuration

▪ Health Service is enabled *

▪ RAID 1, 5 and 6 available *

▪ vSAN Encryption is disabled at Initial

Availability

* User configurable policy settings



bution

Networking and Security Configuration



bution

VMware Cloud onAWS IS BUILTA R O U N D N S X

LHC2013BU – NSX and VMware Cloud on AWS: Deep Dive

LHC2105BU – NSX and VMware Cloud on AWS: The Path to Hybrid Cloud



bution

NSX in VMware Cloud on AWS – Introduction

▪ All VM networking in VMware Cloud on AWS is provided by NSX

▪ Provides compatibility with NSX and vSphere products used on-premises

▪ vSphere and NSX have been optimized to work in AWS environment

▪ Delivered using an ‘as a service’ cloud model



bution

AWS Networks are Used to Provide External Connectivity

▪ VPC Networking

▪ Services as a Transport

▪ Enables VMkernel networking

▪ Internet Gateway

▪ Enables N-S connectivity

▪ All services are provided by NSX

▪ Customer VPC Access

▪ Optimized access from VMC to connected VPCs

▪ AWS Direct Connect (Future Release)

▪ Dedicated, high performance connection to on-premises



bution

Cloud Networking Admin

▪ Setup initial networks and admin access to

vCenter Server

▪ Provide inbound access to workloads

▪ Control Firewall access to workloads

▪ Establish VPN connectivity

▪ Prescriptive network topology only

Manages

VI AdminManages

▪ Deploy VMs

▪ Attach VMs to networks

▪ Create new networks

▪ IP Addressing for VMs

Consumes Cloud

Network Admin

Managed Services

VMC Web Portal

vSphere

Web Client

VMware Cloud on AWS – Simplified mode consumption



bution

VMware Cloud on AWS – Network Overview

Management Pool▪ vCenter Server, NSX Manager, NSX Controllers

▪ Services provided by NSX Edge Gateway (MGW)

▪ Firewall and VPN for Security▪ Default Deny Policy

▪ NAT for Public VC Access

Compute Pool

▪ NSX Edge Gateway & Distributed LogicalRouter (CGW)

▪ Prescriptive network topology

▪ NSX Logical Switches for workload VMs

▪ Default Network provided, but customer

created networks are supported

▪ DHCP Relay/Server

▪ Automated routing configuration

▪ Firewall and VPN for security

▪ Default Deny Policy

▪ NAT for VM Internet Access

▪ Connection to Customer VPC

MGW

CGW

Internet

vSAN Cluster

Managed by

VMwareManaged by Customer

VC NSX … VM VM VMVM VM

VPN VPN

DLRVMworld 2017 Content: N

ot for publicatio

n or distribution

L3 VPN Hybrid Cloud Connectivity

On-PremGateway

Existing VMs and Management on-premises

VPN Connectivity using NSX ESG(Route selected networks or all traffic

to on-premises over VPN tunnel)

Customer DC

Software Defined Data Center (SDDC)

On-Prem Management

On-Prem

Workloads

Management

Network

Management GW

(NAT, FW, VPN)

VMware Cloud

on AWS

Compute GW

(NAT, FW, VPN, DHCP)

192.168.20.0/24192.168.10.0/24

DLR

Management Traffic

Compute Traffic

InternetInternet GW

IPSec VPN – L3 - Compute



bution

L3 VPN Connectivity Details

34

▪ IPsec VPN enables secure access to VMware Cloud on AWS workloads from on-premises

• Provides choice of remote gateway:

• VMware Cloud on AWS leverages NSX Edge for VPN

▪ Validation with all common VPN devices

▪ Joint whitepapers will be published with VMware Partners

Internet / WAN

VMC on AWS

VPN



bution

Optimized connectivity to Native AWS services

Compute Gateway

EC2 Instances, Private AWS services

or VPC Endpoints in customers existing VPCs

Direct Connectivity from VMC to Customer VPCs(without VPC Peering)

Customer VPC

Optimized Traffic Flow

AWS Networking

Provider Network

VMware Cloud

on AWS

VPC Endpoints

VPC subnets

Amazon

S3 Distributed Router

VNI 5001

VNI 5000

DLR

EC2 Instances

35

ENI fromCustomer VPC

VPC route

table

NSX route

table

Software Defined Data Center (SDDC)

Internet GWInternet GW

East-WestConnection

192.168.0.0

192.168.1.0

192.168.2.0

172.16.0.0

172.16.1.0

172.16.2.0



bution

VMC and AWS Services

▪ VMware Cloud on AWS provides access to native AWSservices

▪ Connected VPC access

▪ Provides higher bandwidth connectivity to selected AWS Services

▪ Requires an existing customer VPC

▪ Optimized access to EC2 instances and S3 are supportedat Initial Availability

▪ Additional services will be added in future releases

▪ Public Access to AWS Services is also available via the Internet

▪ Provides a base level of capability

▪ High Performance as VMC runs on the same AWS infrastructure

▪ Bandwidth limits for IGW apply

36

Access to AWS Services

Amazon

EC2

Amazon

S3

Amazon

RDS

AWS Direct

Connect

AWS IAMAWS IoT

…

…

…

…



bution

▪ NSX is front and center in VMware Cloud on AWS Portal

▪ Network Dashboard provides a view of NSX components and connectivity

VMware Cloud on AWS – Networking User Experience

37



bution

Simplified mode provides basic networking and security functionality


38

– Firewall – VPN – Logical – NAT – Public IPs



bution


▪ Logical Networks are managed within vCenter Server

▪ Uses a new HTML5 plugin specifically for VMware Cloud on AWS

▪ Enables the following:

▪ Create & DeleteNSX Logical Switches

▪ Provide a Default Gateway

▪ Optionally enable DHCP

▪ All remaining steps are automated



bution

VMware Cloud on AWS is an Extension of a Powerful & MatureProduction Operational Model and Ecosystem



bution

Questions



bution

• Ray Budavari – @rbudavari

• Frank Denneman - @frankdenneman



bution



bution

Cluster Compute

44

CPU CPU

36 CPU Cores + 512 GB

CPU CPU


CPU CPU


CPU CPU


144 CPU Cores + 2048 GB Memory

Default Cluster size: 4 ESXi Hosts



bution

Date post:	06-Feb-2018
Category:	Documents
Upload:	lamnhu
View:	231 times
Download:	5 times

LHC2384BU VMware Cloud on AWS A Technical Deep Dive · PDF fileVMware Cloud on AWS – A...

Documents