Trusted Cloud: Security Practice Guide for VMware Hybrid ...
Accelerate IT With VMware Cloud Foundation · Anatomy of a Hybrid Cloud Private Cloud Public Cloud...
Transcript of Accelerate IT With VMware Cloud Foundation · Anatomy of a Hybrid Cloud Private Cloud Public Cloud...
©2019 VMware, Inc.
Jenson ChongSenior vSAN Manager, South East Asia & Korea
Zod ChenStaff Specialist Solution Engineer,VMware Cloud Foundation, Asia Pacific & Japan
Accelerate ITWith VMwareCloud Foundation
Confidential │ ©2019 VMware, Inc.
©2019 VMware, Inc.
Disclaimer
This presentation may contain product features or functionality that are currently under development.
This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
Technical feasibility and market demand will affect final delivery.
Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.
This information is confidential.
2
The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation to deliver any items presented herein.
©2019 VMware, Inc. 3
PRIVATE CLOUD PUBLIC CLOUD
Need to Modernize, But No One Solution Solves EverythingEach environment offers a unique set of advantages, need something future-proof
Cost optimized for data intensive apps
Enterprise IT governance
Data locality and control
Leverages existing tools and operations
Ideal solution for the edge
Flexible, low upfront commitment
Agile and easily scalable
Built for new class of apps
Rich developer services
Fully managed and automated
©2019 VMware, Inc. 4
Hybrid Cloud is the Preferred Enterprise StrategyCombining the best of both worlds into a single strategy
4%71%21% Private Cloud Only
Hybrid
Public Cloud Only
Source: RightScale 2018 State of the Cloud Report
©2019 VMware, Inc. 5
Two High-Level Patterns
1 23 Tier – presentation + middleware + database
Maybe monolithic – scales together
Web app or client driven
Cloud Native , event driven , non-blocking
Microservices based , loosely coupled
Device, sensor and mobile client driven
Src: Ben Hindham
©2019 VMware, Inc. 6
Enterprise Reality
1 23 Tier – presentation + middleware + database
Maybe monolithic – scales together
Web app or client driven
Cloud Native , event driven , non-blocking
Microservices based , loosely coupled
Device, sensor and mobile client driven
Src: Ben Hindham
©2019 VMware, Inc. 7
Anatomy of a Hybrid Cloud
Public CloudPrivate Cloud
VMware Cloud Foundation
Network Compute Storage
Automation & Operations
VMware Cloud Foundation
7
VMware HCX
©2019 VMware, Inc. 8
Consistent Infrastructure
VM Infrastructure / Container Infrastructure
Consistent Operations
Automation and Operations / Across Clouds
Consumable Developer Experience
Simplification
Cloud is not a place, it’s an operating model
Modern Business Applications Require the Hybrid Cloud
Public Cloud EdgeData Center
©2019 VMware, Inc. 9
Hybrid Cloud Use Cases
VMware Cloud Foundation
VMC on AWS
Consistent Zero Defect Provisioning Full Stack LCM
Elastic IaaSCloud Native Economics
for Traditional Apps
Short Duration WorkloadsVariability of Demand
Traditional Apps adjacent to Cloud Native
©2019 VMware, Inc. 10
VMware Cloud Foundation
Public CloudPrivate Cloud
VMware Cloud Foundation
Network Compute Storage
Automation & Operations
VMware Cloud Foundation
10
VMWare HCX
©2019 VMware, Inc. 11
Consistent infrastructure and operations to speed innovation
VMware Delivers Across the Public Cloud, Data Center, and Edge
Network
Storage
Compute
Mgmt.
Cloud Foundation
Consistency & Security
StandardizedArchitecture
Full Stack Approach Built-in Security Apps/Services/Infrastructure Automation
Tested and Validated
Simplified Experience
VMware Cloud Foundation
Management Compute Storage Networking
Public Cloud EdgeData Center
©2019 VMware, Inc. 12
ST
AN
DA
RD
IZE
D
DE
SIG
NS
VMware Cloud Foundation (VCF)
Integrated SDDC platformLIFECYCLE AUTOMATION
VMware’s Approach to SDDC
VMware Validated Designs (VVDs)Standardized architecture designs
BEST PRACTICES
Validated components
VMware Bill Of Materials (BOM)INTEROP TESTING
vSphere vSAN NSX vRealize Other VMware components …
©2019 VMware, Inc. 13
Everything you need to be hybrid cloud ready in one solution
Core components
SDDC Manager
ESXi
vSAN
vCenter
NSX
vRealize Log Insight
Optional components
vRealize Suite
Horizon Suite
vCenter
SDDC Manager
PSC
Horizon Suite
vRealize Suite
vRealize
Operations
vRealize
Automation
vRealize
Log Insight
vRealize
Business
Horizon 7 App Volumes
Optional Add-on Components
VMware Cloud Foundation
NSX
ESXi vSAN HCI HWESXi
vRealize Network Insight
©2019 VMware, Inc. 14
Ease Of The Public Cloud In Your Data CenterVMware Cloud Foundation delivers lifecycle automation for the complete VMware software stack
Rapid deployment and configuration
On-demand provisioning of infrastructure pools
One-click patching and upgrading
Install Software
Configure Environment
Provision Infrastructure Resources (workload domains)
Patch & Upgrade
©2019 VMware, Inc. 15
Lifecycle Automation – Automated Upgrading and PatchingMade Easy with Cloud Foundation
• Notification
• View Details
• Precheck
• Schedule or Update now
• Monitor
• Complete
©2019 VMware, Inc. 16
On-demand, policy managed infrastructure for workloads
VMware Cloud Foundation: Workload Domains
HETEROGENOUS HARDWARE RESOURCE POOL e.g. GPUs, Large Storage/Memory, Higher Performance Storage
Mapping to specific HW infrastructure capabilities
ExternalIP Storage
PKSNSX-T
n
v1 on WLD1
vRAHorizon VDI
App Volumes
3rd Party Software
Software FlexibilityProducts, Versions, 3rd party software
Hardware ChoiceVendors, ConfigurationComposability
Application Mapped InfrastructureCapacity, Performance,Security/Compliance,HW requirements
Large Memory Servers
MANAGEMENT DOMAIN
e.g. Hytrust, Palo Alto FW
External APIIntegrations
VM
WA
RE
CL
OU
D F
OU
ND
AT
ION
Hybrid Connectore.g. HCX, HLMExternal Interfaces
Can be specific to certainWorkload Domains (WLD)
PKSNSX-T
n
v2 on WLD2
ML/AI NFS
Database WORKLOAD DOMAIN
EUCWORKLOAD DOMAIN
GPU enabled servers
IaaS WORKLOAD DOMAIN
Machine LearningWORKLOAD DOMAIN
GPU enabled servers
ContainerWORKLOAD DOMAINS
©2019 VMware, Inc. 17
VMware HCX
Public CloudPrivate Cloud
VMware Cloud Foundation
Network Compute Storage
Automation & Operations
VMware Cloud Foundation
17
VMWare HCX
©2019 VMware, Inc. 18
A Hybrid Environment for App Mobility Across Enterprise Sites
18
1
Infra Abstractionbetween vSphere versions
2
Infra Hybriditystretched network
across multiple data centers and clouds
3
App Mobilitywith business
continuity at scale
©2019 VMware, Inc. 19
A Secure and Seamless Migration Path
19
Extended Network
On-PremisesData Center
Modern SDDC
1
Extend Network
2
Migrate Workloadsto Modern SDDC
3
Migrate Networkto NSX
©2019 VMware, Inc. 20
Securely perform live and cold, bi-directional VM migrations across trust domains and boundaries from vSphere 5.5+.
Benefits
Live vMotionZero Downtime Migration
VMware Cloud on AWS
Extended NetworkOn-Premises DC
vMotion
Active
Overview
• Secure vMotion Proxies w/
IP overlap
• Migrate workloads to destination
without impact to app owner
• Burst to another SDDC on-demand
• Disaster avoidance by quickly
migrating VMs to the target site
©2019 VMware, Inc. 21
• Migration Support from vSphere 5.0+
• Utilizes hypervisor replication
• Upgrade VM Tools / Compatibility
• Remove snapshots
• Force unmount ISOs
VMs replicating to VMware Cloud on AWS while remaining online in on-premises environment.
Benefits
Migration with vSphere ReplicationMigrate 1000s of VMs with Minimal Downtime
VMware Cloud on AWS
Extended NetworkOn-Premises DC
Migration with vSphere ReplicationWAN acceleration, compression, and
de-duplication
Active
Schedule switchover immediate after replication, or in a pre-determined maintenance window.
Replicating
Overview
©2019 VMware, Inc. 22
Automation, Orchestration, and Day 2 Operations
VMware Cloud Foundation
Network Compute Storage
Automation & Operations
VMware Cloud Foundation
22
VMWare HCX
VISIBILITY OPERATIONS AUTOMATION SECURITY GOVERNANCE CONTAINER MANAGEMENT
Cloud Operations and Automation
vRealize Operations • vRealize Automation
©2019 VMware, Inc. 23
vRealize AutomationMulti-cloud and Application Automation
Set up: projects, cloud accounts, zones, profiles
Build, deploy, iterate on
application blueprints
Embed:• Security Policy• Reservation
Policy• Approval Policy
Embed:• SLA• Cost Profile• Provisioning
Automation
App-Centric Network
Automation via NSX integration
Container Management
Configuration management integration
Infrastructure as Code
©2019 VMware, Inc. 24
vRealize OperationsSelf-Driving Operations across Clouds
Assess & Optimize Performance
Assess, Plan & Optimize Capacity
Troubleshoot Faster with Metrics,
Logs & Events
Manage vSphere Configuration &
Compliance
©2019 VMware, Inc. 25
Automated Full Stack Lifecycle
VCF or VCF on VxRail
vCenter Server vCenter Server
Software Defined Data Center
VMware Cloud on AWS
NSXNSX
vSphere vSphere
VSAN
Content Library
AWS Global Infrastructure
VSAN
vRealize Operations
vRealize Automation
©2019 VMware, Inc. 26VCF or VCF on VxRail
vCenter Server vCenter Server
Software Defined Data Center
VMware Cloud on AWS
NSXNSX
vSphere vSphere
VSAN
Content Library
AWS Global Infrastructure
VSAN
vRealize Operations
vRealize Automation
Automated Full Stack Lifecycle
VCF Lifecycle
Initiated through SDDC Manager
Curated Software Bundles
©2019 VMware, Inc. 27VCF or VCF on VxRail
vCenter Server vCenter Server
Software Defined Data Center
VMware Cloud on AWS
NSXNSX
vSphere vSphere
VSAN
Content Library
AWS Global Infrastructure
VSAN
vRealize Operations
vRealize Automation
Automated Full Stack Lifecycle
VMC on AWS
Software Lifecycle delivered as a service
©2019 VMware, Inc. 28
15x Faster Cloud Deployment
Easy, Repeatable Deployments
Up to 40% Lower TCO
Reduced deployment cycle from months to
4 days
20x Faster App Provisioning
One design, deployed globally
Fully automated app provisioning from 24 days to minutes
Reduced IT footprint with automation
$
What Real Customers Have Accomplished
Moved production to a co-location for all
mission critical applications
Implemented private cloud to automate
delivery of IT resources for 600+ labs
Secure cloud storage and backup
to prepare for natural disasters in
New Orleans
Built next-gen platform to power VDI services for
public sector
©2019 VMware, Inc.
Thank You!
Confidential │ ©2019 VMware, Inc.
©2019 VMware, Inc. 30