Platinum

sponsors:

Chris Colotti, Principal Architect - VMware

© 2014 VMware Inc. All rights reserved.

vCloud Air Deep Dive

33

VMware vCloud Hybrid Service VMware vCloud Air

© 2014 VMware Inc. All rights reserved.

What Makes it a Hybrid Data Center?

5

What Defines a Hybrid __________?

• hy·brid

• noun

– The offspring of two plants or animals of different species or varieties, such as a mule (a hybrid of a donkey and a horse).

– A thing made by combining two different elements; a mixture.

• Adjective

– of mixed character; composed of mixed parts.

What Makes it a Hybrid Data Center?

• Blur the lines between…

– Users and applications

– Applications and infrastructure

– Hardware and resources

– Operations and management

– Support and operations

• Simplify access to resources

• Faster time to market

• More geographic options faster

• Create a global architecture

• Treat it like any other physical location

vCloud Air Data Center Locations

8

Phoenix

vCGS

Santa Clara

Las Vegas

Dallas

Sterling

New Jersey

Slough

Dulles

vCGS

Opening Soon

Available Today

All Data Centers:

• Tier 3+

• N+1 UPS, Generator

• Multiple days of on-hand fuel with multiple contracts for emergency resupply

• Redundant power feeds to all systems

Use Cases for the Hybrid Data Center

9

5 Starting Points to Hybrid Cloud

Create Next

Generation

Applications

Evolve from traditional

applications to next

generation applications

(Spring, Ruby on Rails)

to deliver on any

platform, anywhere

Dev/Test

Take a low-risk first

step and free up

valuable on-premises

data center capacity

by hosting dev/test

workloads in hybrid

cloud

Extend Existing

Applications

Facilitate

pre-production

testing for upgrades

and host new apps,

e.g., Microsoft

Exchange in hybrid

cloud

Modernize

Enterprise

Applications

Build and host

business-critical

applications and virtual

desktops in hybrid

cloud, including new

applications in

traditional 3-tier

architectures (Java)

Disaster

Recovery

Deliver disaster

recovery and extend

the data center for

dev/test, seasonal

workloads, and

additional geo

locations

Think Outside the Box - Free Your Mind

• If you built a new Physical Data Center what steps are there?

– Networking

– Infrastructure

– Applications

• Always remember the definition of Hybrid

• Focus on applications not infrastructure

– Get out of the break fix business

– Get into the application business

• Don’t focus on it being “Cloudy”

– Just because it’s “In the cloud” means little

• Forget everything you know about ESXi (to a point)

– Wait, What?!

• Most any use case applies if you treat as any other Data Center

Bridging the Gap Between IT and the Business

Line of Business

Requires speed, agility and

the ability to innovate

IT

Focused on maintaining

reliable, secure infrastructure

Growing chasm between

Business and IT due to

lack of agility

Lack of trust for business-

critical workloads in the

public cloud

vCloud Air = The True Hybrid Cloud

13

Existing & New Apps

Seamless Networking

Common Management

One Support Call

VMware vCloud

Hybrid Service

Software-Defined

Data Center

Your Datacenter /

Private Cloud

VMware vSphere &

vCloud Suite

Any Application, Any OS, Same Platform

vCloud Air is based on VMware vSphere - the

most broadly deployed and trusted virtualization

platform in the world

Supports a broad range of large-scale and

mission-critical applications

SQL

Runs the largest number of guest operating

systems:

Generations of Windows and Linux distributions

Both 32-bit and 64-bit editions

Enterprise offering or free distribution

Running the Most Operating Systems – Based on vSphere

15

Windows Server 2003 (32/64)

Windows Server 2008 (32/64)

Windows Server 2012

RHEL 5 (32/64)

RHEL 6 (32/64)

SLES11 (32/64)

Debian Squeeze 6 (32/64)

Debian Wheezy (32/64)

FreeBSD 9

CentOS 6 (32/64)

Ubuntu 10 (32/64)

Ubuntu 11 (32/64)

Ubuntu 12 (32/64)

Amazon Linux (32/64)

Fedora Core 4

Fedora Core 8

SLES 10 (32/64)

OpenSolaris 2008.11 (32/64)

OpenSolaris 2009.06 (32/64)

Oracle Linux 5 (64)

Total: 35

Amazon Web Services EC2

MS-DOS 6.22

Windows 3.1

Windows 95

Windows 98

Windows NT

Windows XP (32/64)

Windows Vista (32/64)

Windows 7 (32/64)

Windows 8 (32/64)

Windows 2000

WinServer 2003 (32/64)

WinServer 2008 (32/64)

WinServer 2012

RHEL 2.1

RHEL 3 (32/64)

RHEL 4 (32/64)

RHEL 5 (32/64)

RHEL 6 (32/64)

SLES 8

SLES 9 (32/64)

SLES 10 (32/64)

SLES 11 (32/64)

SLED 10 (32/64)

SLED 11 (32/64)

Debian 4 (32/64)

Debian 5 (32/64)

Debian 6 (32/64)

CentOS 4 (32/64)

CentOS 5 (32/64)

CentOS 6 (32/64)

Oracle Linux 4 (32/64)

Oracle Linux 5 (32/64)

Oracle Linux 6 (32/64)

Asianux 3 (32/64)

Asianux 4 (32/64)

Ubuntu 8 (32/64)

Ubuntu 9 (32/64)

Ubuntu 10 (32/64)

Ubuntu 11 (32/64)

Ubuntu 12 (32/64)

Ubuntu 13 (32/64)

FreeBSD 6 (32/64)

FreeBSD 7 (32/64)

FreeBSD 8 (32/64)

FreeBSD 9 (32/64)

Solaris 10 (32/64)

Solaris 11

IBM OS/2 Warp 4

NetWare 5

NetWare 6

eComStation 1

eComStation 2

SCO UnixWare 7

SCO OpenServer 5

Toshiba 4690 6

Total: 90

VMware vCloud Air

Data collected Sept 12, 2013

64-bit only:

Windows Server 2008 R2

Windows Server 2012

SQL Server 2012

CentOS 6

SLES11

Ubuntu 12, 13

OpenSUSE 12

Total: 8

Microsoft Azure

vCloud Air Core Offerings

16

The vCloud Air Primary Services to Mix and Match

IaaS

RaaSDaaS

Infrastructure as a Service (IaaS)

• New applications built on standard Operating Systems

• Migration of existing applications

– From P2V to V2C

• Build infrastructure in the cloud and on premises

– View Security Servers

– SharePoint

– Exchange

– Web Servers

WDC (On Premises)

EDGE

GATEWAY

EDGE

GATEWAY

(192.168.20.0/24

Public-NET)

IPsec VPN

DT01 DT02

(192.168.3.0/24

Desktop-NET)

AD01

.41

AD02

.42

ViewCS

.5

vCHS Las Vegas (IaaS)

ViewSS

.5ViewSS

.5

(192.168.2.0/24

Public-NET)

view.vmtm.org

(192.168.1.0/24 Corp-NET)

66.45.200.34 69.194.137.139PCoIP and Blast

Desktop as a Service on vCloud Air (DaaS)

Windows desktops and apps as a cloud service. Backed by VMware. Simple cloud desktops at a predictable cost, without sacrificing security and control

VMware Horizon DaaS

Virtual desktop infrastructure, built on

vCloud Air

Corporate OfficeRemote Office

Corporate Wi-Fi

Mobile Workers

Recovery as a Service(RaaS)

vSphere

Replication

Replication to vCloud Air:

• Warm standby capacity on vCloud Air

• Self-service protection, failover and failback workflows per VM

• 15 min – 24 hr. recovery point objective (RPO)

• Initial data seeding by shipping a disk

– Can be done without Downtime!

• Remote management and monitoring, with Production-level support

• Flexible subscription options

Data Protection Option for IaaS Machines

• Self Service or full vDC backup

• 365 day retention

Understanding the vCloud Air Structure

21

How vCloud Air is Structured

Tenant Portal

Dedicated Cloud – Las Vegas

vCloud Director API

Edge Networking

Edge Networking

VPC – Virginia

vCloud Director API

Edge Networking

The vCloud Air Tenant Portal

• Single Sign-on to all your clouds

– View the type of cloud

– View by Region

• Same login for any access

– vCloud API

– Disaster Recovery

• Manage additional users

– First user is always the uber-admin

• Manage Data Protection Options

– IaaS Backup and Restore

• Access MyVMware

– Order additional resources

– Open support tickets

Two Service Offerings

24

Logically Isolated

Guaranteed Resource Allocation

24

Virtual Private Cloud

Physically Isolated

Your Own Private Cloud Instance

Dedicated Cloud

Compute

Storage

Network

Base Resources:

20GB vRAM

5GHz vCPU

Starts at:

2 TB

10 Mbps allocated

50 Mbps burstable

2 Public IPs

Base Resources:

120GB vRAM

30GHz vCPU

Starts at:

6 TB

50 Mbps allocated

1 Gbps burstable

3 Public IPs

VMware vCloud Air - Virtual Private Cloud OnDemand

Interested in participating in the vCloud Air OnDemand Beta Progam?

The Product Team from vCloud Air is now accepting candidates interested in participating in the Fall 2014 beta program.

25

BETA IS CURRENTLY CLOSED

vmware.com/go/ondemand

vCloud Air IaaS Offering Comparison

Dedicated Cloud Virtual Private Cloud

• Shared Hosts

– Limited ISV Mobility

– Cost Effective

– Shared API endpoint

• Fully reserved resources

– No over commitment of resources

– Eliminates the “Noisy Neighbor”

• Ideal for initial POC and testing

• Single Edge Gateway per vDC

• Used for vCloud Air Disaster Recovery

• Dedicated Hosts

– More ISV Licensing options

• Over Commit Built-In

• Ideal for both

– Test and Development

– Production workloads needing reservations

• User controlled per machine settings

• Sub-divide pool of resources

– Create multiple vDC’s

• Multiple Edge Gateway capability

– Get more than 9 Interfaces

Treat the Edge Gateway as an Advanced Core Switch

• Familiar networking design

• 10 total Interfaces per Edge

– 1 Edge per VPC

– Multiple Edges in Dedicated

• Static routes between interfaces automatically

• 5-tuple firewall rules

– Deny all by default

• Advanced features

– DHCP

– Load Balancing

– Static routing

INTERNET

Private (Corp) Network

DMZ Network

Test/Dev Network

Isolated Network

(Logging)

EDGE

GATEWAY

Connectivity to vCloud Air

28

z

Connectivity Options:

• Public or secure access to vCloud Air

• Dedicated connection to cloud

• High speed cross connect

Customer Data Center vCloud Air

Private WAN connectivity

IPSec Tunnel

Public

INTERNET

Network Virtualization in vCloud Air

29

vCloud Air

Networking & Security

vCloud Air

vSphere

VDC 1 VDC 2

VXLAN

Integrated Management Console

Edge Gateway

Secures the edge of the virtual data center and

delivers network services:

Firewall

NAT

Load Balancer

Site-to-Site IPSec VPN

Active/Standby High Availability

Stateful Session Failover

VXLAN

Foundation for elastic portable virtual

datacenters. Encapsulation allows

Isolation between Organization Networks

Bring-your-own private IPv4 layer 3 address

space

vCloud Air Networking

• Nine routable IP spaces

• Intuitive design replicates traditional networks

• Customizable to support production applications

Private Network Connectivity to vCloud Air

30

EDGE

GATEWA

Y

Two port connection options:

Standard internet -

HTTPS

IPsec VPN

Direct Connect -

Private Line

Cross Connect

Different price-performance-security

options to support different needs

Supports more use cases for flexibility

and choice

Supports multiple port connections at

once

Overview

Benefits

INTERNET

NEW!

vCloud Air Deployment Examples

CONFIDENTIAL31

IaaS – Distributed SharePoint

EDGE

GATEWAY

Private Network

Local Active Directory

SharePoint Web

SharePoint App

VPN

184.61.71.155

74.204.180.41

Corp Network

SharePoint DB

Active Directory

VPN or Direct

Connect Traffic

INTERNET

Mobile Back End With Direct Connect

Customer Data Center vCloud Air

Direct Connect

Internet

3rd Party Networking – F5 Example

(192.168.100.0/24 Corp-NET)

AD05 AD06

(192.168.200.0/24 Public-NET)

Internet

EDGE

GATEWAY

192.40.57.21

(10.10.10.0/24 BIP-Internal-NET)

BIP02.100

DNAT Any:Any

Firewall Any:Any

Global Technical Marketing Architecture

Dedicated IaaS

vDC LV

VPC IaaS Sterling

VA vDC

VPC IaaS LV vDC

(DaaS Provider)

VPC RaaS TX vDC

Cloud to Cloud

VPNCloud to Cloud

VPN

Cloud to Cloud

VPN

DaaS Secure

Tunnel

IPsec VPN

IPsec VPN

IPsec VPN

vCHS-DR

Replication

Cloud to Cloud

VPN

Dedicated DaaS

vDC LV

vmtm.org

• One Physical Site

• 3 Virtual Private Clouds

– RaaS in Dallas, TX

– IaaS Sterling, VA

– IaaS Las Vegas, NV

• 2 Dedicated Clouds

– IaaS in Las Vegas, NV

– DaaS in Las Vegas, NV

• IPsec VPN in Use

• DYN.com hosting all external DNS Zone records

– vmtm.org

vCloud Air Object StorageBeta

CONFIDENTIAL36

Service Scope

• RESTful API based

access

• GUI based management

Access

• Token-based

• Username and password

based

• Public URLs

Authentication

• 99.95% availability

• 11 9’ of durability

• Self Healing -Content-MD5 and CRC to detect data corruption

• Bucket Versioning

Durability& Availability

• PB scale

• Object size limit - 20TB

• 1000 Buckets, Unlimited

Objects

• Soft quota enforcement

Scalability

Popular Use Cases

38

BackupArchiving

Long term cost

effective storage

without

performance limits

ImagingMedia

Petabyte scale

static data with

custom metadata

Shared File StorageLog repository

Data repository

shared data across

multiple virtual

machines/Users

The Five Steps to Extending Your Data Center Building Your Hybrid Data Center

39

Step 1 – Size Your Resources (vDC)

Dedicated Cloud

CPU: 30 GHZ

RAM: 120GB

Storage: 6TB

Define Reservations and LimitsOver Commitment Ratio

What’s your comfort level today?5:1?

10:1? Maybe 20:1?

CPU: 5GHZ (burst 10GHZ)

RAM: 20GB

Storage: 2TB

100% Memory Reservations50% vCPU Reservation

Lets think about the mathVirtual Private Cloud

We haven’t forgotten about On-Premises its coming

Step 2 – Design Your Networks

External IP

Private Network

(10.0.0.0/24)

External IP

DC01 DC02 EMAIL vCCNode

ON-

PREMISES

ROUTING

DEVICE

Dedicated or Virtual Private Cloud

EDGE

GATEWAY

EDGE

GATEWAY

• How many routed networks?

• Create multiple networks for different services

• 9 Interfaces to utilize

• VPN Configuration

• Network Settings considerations

• Firewall Rules

• Firewall rules are always reciprocal

• Impact on my current environment

• Move my templates to the cloud

• Other considerations

• Backup Networks

Internet

69.194.137.231 69.194.137.139

(192.168.20.0/24 Public-NET)

(192.168.10.0/24 Corp-NET)

(192.168.20.0/24 Public-NET)

(192.168.10.0/24 Corp-NET)

Step 3 – Establish Network Connectivity

External IP

Private Network

(10.0.0.0/24)

External IP

DC01 DC02 EMAIL vCCNode

Dedicated or Virtual Private Cloud

INTERNET

VPN

Private Line

(192.168.20.0/24 Public-NET)

(192.168.10.0/24 Corp-NET)

ON-

PREMISES

ROUTING

DEVICE

EDGE

GATEWAY

Step 4 – Deploy Supporting Infrastructure

External IP

Private Network

(10.0.0.0/24)

External IP

DC01 DC02 EMAIL vCCNode

ON-

PREMISES

ROUTING

DEVICE

Dedicated or Virtual Private Cloud

EDGE

GATEWAY

INTERNET

VPN

(192.168.20.0/24 Public-NET)

(192.168.10.0/24 Corp-NET)

EDGE

GATEWAY

(192.168.20.0/24 Public-NET)

(192.168.10.0/24 Corp-NET)

DNS SMTP

DC03 DC04 APP01 APP02

DNS SMTP

DC03 DC04 APP01 APP02

Step 5 – Expand Your Footprint Further

Dedicated IaaS

vDC LV

VPC RaaS TX vDC

IPsec VPN

DaaS vDC

Questions

45