Orange is v cloud 3

© 2011 VMware Inc. All rights reserved

Vmware: vCloud

Paul Manaton

Copyright © 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

Agenda

09:00 - Registrations and Coffee

09:15 - Introduction to vCloud Director

09:35 - Architecting your cloud

10:00 - Live demonstration of vCloud Director

10:50 - Q&A

11:00 - Coffee break

2 Confidential

http://www.vmware.com/go/patents


3 Confidential



4 Confidential



The VMware Cloud Overview

5 Confidential



Platform

Virtual Datacenter

Virtual Infrastructure

Infrastructure

Network Storage Server

What we need

Operations

Charge back

Performance

Capacity

IaaSOrchestration

Runbook

Automation

Configuration

Consumption

Service CatalogSelf-Service

PortalApproval ITSM



Platform

vCloud Director

vSphere

Infrastructure

Network Storage Server

VMware delivers

vCOPs

Chargeback

vCenter Operations

vCenter CapacityIQ

IaaSOrchestration

vCenter Orchestrator

vConfiguration Manager

Consumption

vService Manager



8 Confidential

The foundation for Infrastructure as a Service is vCloud Director

VMware’s vision is to build as a services on this platform


Standardization. Construct virtual data centers by pooling compute, storage, and networking resources together

Offers self-service. Construct Service Catalogs, application architectures can be deployed by non-technical people or by automated triggers such as ticketing systems

Secure multi-tenancy, ability to run multiple organisations on the same platform

Report consumption, permit charge or show back of what has been consumed and allow for different cost models

Characteristics of IaaS Clouds

Programmatic control via open APIs, ability to automate tasks and ensure mobility or resources between clouds

10

VMware vCloud Director

To make this possible, cloud requires new resource abstractions

Secure Private Cloud

Organization: Marketing Organization: Finance

Organization VDCs CatalogsOrganization VDCs Catalogs

VMware vSphere

VMware vCenter Server

Resource Pools Datastores Port Groups

(Go

ld)

(Bro

nze

)

Provider Virtual Datacenters

(Sil

ver)

Users & Policies Users & Policies

11

VMware vSphere and vCenter Server

Clusters and Resource Pools• Provide cloud compute

• DRS is a requirement for the clustero Shared storageo vMotion compatible or EVC enabled

Datastores• Provide cloud storage

• Abstract away underlying storage

type

Portgroups• Provide cloud networking

• Abstract away underlying

networking infrastructure

• vSwitch, vNetwork Distributed

Switch or Nexus 1000VFC Storage

vNetwork Distributed Switch

vSphere Cluster/Resource Pool

iSCSI Storage NFS Storage

vCenter Server

ESXi/ESX hosts

12

VMware vCloud Director

Define standard infrastructure

tiers called Virtual Datacenters• Pool virtualized infrastructure

resources across multiple vCenter

Servers

Define standard collections of

VMs called vApps Create Organizations and

manage users with RBAC Provide UI for users to self

provision vApps into Virtual

Datacenters Provide secure multi-tenancy

using vShield Edge

13

vApp

Container of one or more VMs,

Networking & security

appliances • Package up multi-tier application

architectures

• Upload vApp to a service catalog for

easy one-click redeployment

• Select boot order of VMs, start

delays and stop delays

• Set policies for vApp, storage lease

vApp

App

OS

App

OS

App

OS

Uses the OVF standard• Captures meta data about the VMs

• Allows import and export between

clouds in standard format

VMwarevShield

vApp Networks

14

Fast Provisioning using Linked Clones For Improved Agility

vmdkTemplate

• Provisions new VMs from a template without replicating the entire image

• Instead, links the images (clones) so that common elements are stored only once

Overview

• Dramatically speeds up provisioning time from >2 minutes to <5 seconds

• Reduces storage footprint (and cost) by over 60%

Benefitsvmdk vmdk vmdk

15

Networking & Security : Introducing vShield Products

VMware vSphere VMware vSphere

DMZ Application 1 Application 2

Securing the Private Cloud End to End: from the Edge to the Endpoint

vShield Edge

Secure the edge of the virtual datacenter

vShield App and Zones

Create segmentation between enclaves or silos of workloads

vShield Endpoint

Offload anti-virus processing

vShield Manager

Centralized Management

16

Provide Choice in Resource Consumption Models

With Vmware Chargeback we have set 3 “out of the box” consumption models

Allocated Pool – “Bill for thevirtual container”

Reservation Pool – “Bill for the physical container”

Pay-Per-vApp – Purchase VMs of specified sizes and contents

17 Confidential

Open standards make the hybrid cloud possible

vApp

Provisioning and Control of the Application

vCloud API: First Open API to Consume and

Control Cloud Resources

PublicClouds

PrivateCloud

Open Virtualization Format: First Industry Standard Cloud

Workload

18

Consumption Visibility

Show back or Charge back to consumers

• vCloud Director resources like broadband network traffic, public IP addresses, DHCP, NAT can be metered and billed

Setup leases to assure resource reclamation

VMware vSphere

19 Confidential

vCloud.vmware.com

20 Confidential

Connecting the Clouds

Cloud ServiceProvidersPrivate Cloud Move workloads

Traditional

vSphere/vCenter

Connect L2 networks

vCloud.vmware.com

21 Confidential

vSM Cloud Provisioning

Enhance provisioning and cloud self-service for vCloud Director

Standardize and automate service delivery of hybrid Clouds

Ensure policy compliance in higher governance environments

22 Confidential

vCloud Director and VMware Service Manager

Capabilities vCloud DirectorVMware Service

Manager – Cloud Provisioning

Accelerates end user time-to-market by enabling intelligent virtual machine provisioning across VMware vSphere® clusters with on-demand access..

Ensures secure isolation and enforce control with policy-based user controls and VMware vShield™ security technologies.

Uses open standards for interoperability and application portability between clouds

Consolidates infrastructure and delivers resources as configurable, easy-to-manage virtual datacenters.

Provides vCloud Director services in a service catalog for easiest end-user consumption

Standardizes and automates services from request, approvals, provisioning, changes, to notification

Provides tracking and reporting for higher governance environments

23 Confidential

Architecting for the Cloud

24 Confidential

Major considerations.

Users

• Who can do what with which resources?

What controls/policies should be in place?

• Who needs to authorise what?

Services

• What does your catalog need to look like?

Technical considerations

• Storage, CPU, RAM, Networks

25 Confidential

Where are you now?

What percentage are you virtualised?

• Do you want t got further?

What is our infrastructure costing?

• Can you achieve savings within current estate?

What barriers are stopping you maximising the potential?

• People, Budget

26 Confidential

Where do you want to go?

Public/Private/Hybrid?

• Where to go and what goes where?

27

Some Technical Detail

28 Confidential

Cloud Director architecture … the basics

vCenter

ESX ESX

vSphere Client

vCenter

ESX ESX

vCenter

ESX ESX

vCD

Cell(s)

vCloud APIs

vSphere Client (Plug-in)

vCD Portal “Build your Own tool/portal”

3rd party portals

(i.e. iWave ITO)

Resource Pod

29 Confidential

VMware vCloud Director Installation and Licensing

Installs on RHEL 5 U4 or higher 64-bit machine

VMware vCloud Director supports • VMware vSphere Editions

• VMware vSphere Enterprise*

• VMware vSphere Enterprise Plus

• VMware vCenter Server Editions

• VMware vCenter Server Standard

• Minimum requirements

• vSphere and vCenter Server versions 4.0 U2 and 4.1.

VMware vCloud Director licensed by concurrent powered-on VMs managed by VCD

vCenter ServerVMware vCloud

Director

*vSphere Enterprise will not support VLAN backed Network Pools and VMware vCloud Director Network Isolation (VCDNI) backed Network Pools

30 Confidential

Network Fencing

Allows developers to provision Layer-2 isolated networks in seconds…

Deploy multiple copies of the vApp on the same Org/External network without modifying hostname or IP address

• Each VM keep original hostname/IP information inside the fence

• Each VM assigned a new IP outside the fence

31 Confidential

vShield Edge – simplifying complex virtual networking

Provides virtual routing between physical and virtual networks

Brings firewalling/NATing ‘inside’ the virtual environment

Provides more flexibility, without the need to always go to external physical firewalls, but centrally managed

Extremely useful for test/dev environments

VCD-Network Isolation reduces the need for VLANs in crowded datacentres

Enables secure multi-tenancy for Service Providers

32 Confidential

vShield Edge networking

Physical

DMZ network

Internet

Physical

Secure network

Tenant A

DMZ routed network Tenant A

DMZ direct network

Tenant A

Secure direct network

Tenant A

Secure routed network

vApp network

vApp

33 Confidential

Connecting the Clouds

Cloud ServiceProvidersPrivate Cloud Move workloads

Traditional

vSphere/vCenter

Connect L2 networks

34 Confidential

IPsec VPN between 2 External networks

192.168.100.1/24 192.168.200.1/24

192.168.100.200/24192.168.100.100/24

192.168.100.1

IPsec VPN192.168.100.101

192.168.200.1

192.168.100.106

Edge Edge

Internet

35 Confidential

Five Tuple Firewalls

Create complex firewall rules for enhanced security

• Firewall rules now can be configured for <source address, source port, protocol, destination port, destination address>

• Support for ICMP protocol in addition to tcp and udp

36 Confidential

Static Routing

37 Confidential

Chargeback and Billing in VMware Cloud Director

• vCloud Service Director itself does NOT do billing or chargeback

• There is NO billing information or metering information presented in the interface

• All chargeback is done through vCenter Chargeback

Ava

ilab

ilit

y

Self-Service Cloud

vCenter Chargeback

3rd-Party Billing

vCenter Chargeback

• Monitor and charge for vCloud resources

• Deliver targeted multi-tenant reports

• Integrate with 3rd-party billing

38 Confidential

vCenter Chargeback Overview

39 Confidential

vCenter Chargeback

Chargeback awareness and metering for vCD

• Organizations

• Virtual Datacenters (VDCs)

• vApps, templates, media file storage

Support for vCSD Resource Allocation Models

• Pay as you go – pay for each vApp deployed

• Reservation Pool – pay for a guaranteed set of resources

• Allocation Pool – aka burst charging, pay for a guaranteed set of resources, can use more than guaranteed but that

gets charged at a premium rate

Applicable Charges

• Count of public IP addresses

• Broadband traffic (Tx/Rx), per public IP

• CPU, Memory, Storage (base and premium, templates and media file storage)

• Fixed monthly charges for a vApp

40 Confidential

VMware Service Manager Cloud Provisioning

Utilizes the VMware Service Manager and vCloud Director Connector

Provides additional functionality to vCloud Director:

• Customized Customer Entry Portal

• Configurable and Extendable Request Forms

• Change Request Management for Owned Items

• Flexible Workflows

• Plug into vCO to kick off 3rd party workflows

41 Confidential

Standardize and Automate Service Delivery of Hybrid Clouds

The automation engine helps Cloud providers standardizeand deliver Cloud infrastructure.

Electronicapprovalprocess Error

notification,if any

Requestinitiated byend-user

Policy-basedlogic

Provisioningin vCloud Director

Successfulservice

deployment

Databaseupdate

42 Confidential

VSM includes a connector to vCenter Orchestrator (vCO)

Introducing vCO in the Provisioning Process can enhance service automation by providing advanced technical orchestration capabilities

While VSM acts as the ‘Traffic Cop’ enforcing the service oriented workflow

Enhanced Provisioning Automation with vCO

Oracle EM

VMware Service Manager

vCloud Director

vCO

vCenter

3rd Party Systems

vCloud Director

43

Lets See the Product in Action

44

Case Study

45 Confidential

Oxford University

Secure DbaaS

Hybrid Cloud

46 Confidential

A Video

47

Many ThanksQuestions?

48 Confidential

A little bit on futures

49 Confidential

Introducing vFabric Data Director

Do for Databases what vSphere does for Servers

• Extends vSphere benefits to Databases

• Drastic Cost Savings for Databases

• CAPEX

• OPEX

• Consolidates Thousands of Databases & Simplifies Management

Built on and Integrated with vSphere 5.0

50 Confidential

Path to PaaS

Infrastructure-as-a-Service (IaaS)

• Centralized management of Compute, Storage,

and Network resources

• Self-service management of Infrastructure

resources

• Dependent on Virtualization

IaaS + Database-as-a-Service

• Centralized management of Databases

• Self-service database operations

• Leverages IaaS architecture

Platform-as-a-Service (PaaS)

• Centralized applications development framework optimized for the cloud

• Integrates automation provided by IaaS and

DBaaS

vSphere + vCloud Director vFabric Data Director Cloud Foundry

51 Confidential

vFabric Data Director

vFabric Data Director

• Powers database-as-a-service across private and public vClouds

• Self-service database virtualization platform for traditional and new databases

• First database enabled is PostgreSQL database with optimization for vSphere

• Oracle support in 2012

• MS SQL support in 2013

• Will integrate with vCD

Self-service IT Control vSphere-Optimized

VMware vSphere 5

App App AppAppApp App App App

Graphical User Interface/API

52 Confidential

Backup/Restore: Built-in Policies

DBA’s have limited time to enable, monitor, and test backup and recovery policies for all databases.

Solution: Built-In Backup Policies

• Fully integrated backup & restore process (backup templates)

• Automated scheduled backups

• Policy driven backup retention

• Self-service manual backups

• Database remains on line duringbackup

• Dual backup techniques integrated into single policy

• External Backups

• Resilient external backups

• Snapshots with Database Consistency

• Faster to take and restore

53 Confidential

Backup/Restore - Point-in-Time Recovery

Database recovery is cumbersome and error prone

Solution: Fully automated point-in-time recovery

• Comprehensive view of database backups

• Point in time recover with a few clicks

54 Confidential

Innovative Database Cloning

The average production database has 6 clones (dev, qa) and each clone takes days to create.

Solution: Innovative Database Cloning

• Automation and flexibility

• Choice of what to clone • Data and schema

• Schema only

• Choice of clone point• Backup (include PITR)

• Current state of database

• Choice of destination database configuration• Copy parent database configuration

• Specify destination database configuration

55 Confidential

Innovative Database Cloning

• Full Database Clone• Complete physical copy of parent

• Isolation between parent and clone

• Linked Database Clone• Clone created from parent snapshot

• Clone in minutes regardless of database size

• Delta disk to track change from parent

• Application transparent

• Great of diagnostic scenarios

Dev QA Perf

Linked DB Clones

Full DB Clone

Staging

Production

“House of Brick has always found that VMware outshines the competition when it comes to the tools supporting their cloud infrastructure. With vFabric Data Director, even routine operations such as database cloning are now automated and are as easy as one simple click.”

- David Woodward, COO, House of Brick

56 Confidential

Security

Role Based Access Control

• Out-of-the-Box Roles• Organization Administrator

• Developer

• Custom Roles

Fine-grained Security Privileges

• Over 30 different privileges• Create/Edit/Delete Database

• Backup/Restore/Clone Database

• Create/Edit/Delete Template

• Edit Template/Database settings

Benefits

• Robust security enables self-service

• Custom roles ease security management

57 Confidential

Flexible Database Templates

Solution: Flexible Database Templates

• Customize templates for database configuration and backup

• Robust role-based access control which templates users can access

• Search and browse templates

• Fast provisioning

Benefits

• Enforce IT standards and control

• Ease of use

• Ensure reliability and repeatability

Database provisioning and configuration requires sophisticated DBA with limited time.

58 Confidential

Dashboards

• Database performance

• Resource utilization

• Capacity planning

• System health, etc.

End to End Monitoring

• System, Organization, Database Group, Database

Alarms and Notifications

• Out-of-the-Box alarms

• Custom alarms and thresholds

Monitoring – Manage by exception

59 Confidential

vFabric AppDirector

AppDirector automates application deployments on hybrid clouds, specifically on VCD 1.5

vCloud Director 1.5

Application Stack

Applications

Custom or Packaged App binaries, config

.war, .jar, .tar, .zip etc

Middleware, OSApp servers, messaging, web servers, databases, operating systems, load balancers, etc

60 Confidential

Proliferation of Middleware, OS

60

Application teamsInfrastructure teams

A forward-looking large enterprise

1. Too many combinations of OS, middleware, scripts

2. Post deployment compliance headaches

3. Environment readiness for middleware adding to deployment time

Middleware, OS – Standardization, Collaboration, Policy-based enforcement?

cachedatabasemessaging

appserver appserver appserver

load balancer

worker

load balancer

Application Infrastructure teams

2

http://doc36.controltier.org/wiki/File:Problem_Big_ReallyBig.png

61 Confidential

What are key goals for AppDirector

Simplicity

• Automated deployment on cloud

• Intuitive graphical user interface

Cloud Ready

• Model-once, deploy anywhere (portability)

• Standardization of middleware, OS

• Open and Extensible

Active App Management

• Integrated Application Performance Management for dynamic remediation of apps

1

2

3

62 Confidential

vFabric AppDirector

Open architecture for model-driven, orchestrated provisioning on any IaaS cloud

Standardization of heterogeneous middleware, packaged apps, OS

Best-practice application blueprints for deployment patterns

1 2

3

Collaborative, integrated application management

4

cachedatabasemessaging

appserver

appserver

appserver

load balancer

worker

load balancer

63 Confidential

Deployment EnvironmentsDeployment Environments

Application BlueprintApplication Blueprint

Architect

Cloud Admin

Deployment

Profile

(dev)

Deployment

Profile

(dev)

Application Binaries

Application Stack - (Middleware, OS)

Deployment

Profile

(test)

Deployment

Profile

(test)

Deployment

Profile

(prod)

Deployment

Profile

(prod)

App Dev, QA, Release

Test Org VDCTest Org VDC Prod Org VDCProd Org VDCDev Org VDCDev Org VDC

vFabric AppDirector – “Model-driven” cloud-ready App provisioning

Catalog

Standardized configurations of OS, Middleware

Middleware Admin

Automated Deployment Plans with Orchestration

Logical Application Topology with Application Policies, Configurations

Pre-instrumented with App Monitoring

Collection of deployment settings

Makes blueprints portable across clouds

64 Confidential

Model Application BlueprintUse canvas to create deployment topology

Standardized templates

from catalog

Standardized scripted

services from catalog

65 Confidential

Select Deployment Environment, Cloud Templates, Networks

Steps in deployment profile

Based on logical names used for templates and NICs in the blueprint, system picks cloud templates and networks on the selected deployment environment

Date post:	08-May-2015
Category:	Technology
Upload:	tracepointmarketing
View:	443 times
Download:	3 times

Orange is v cloud 3

Technology