Hybrid Cloud and Multi-Cloud

Devyani Pisolkar, VMware, Inc. Nestor Rodriguez Rico, Provident Mexico
#CNET2520BU
©2019 VMware, Inc.
This presentation may contain product features or functionality that are currently under development.
This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
Technical feasibility and market demand will affect final delivery.
Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.
2
The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation to deliver any items presented herein. VMworld 2019 Content: Not for publication or distribution
©2019 VMware, Inc. 3
Multi-Cloud : It’s Harder Than It Looks Inconsistent infrastructure stacks and unique operational models
Public Cloud Private Cloud Compute Edge
VMworld 2019 Content: Not for publication or distribution
43% of organizations find maintaining security consistency across data center and public cloud environments as their top challenge
Confidential ©2019 VMware, Inc.
UsersVMs, Containers, Microservices
Top Multi-Cloud Challenges in IT
Improper Governance
Security Risks
Operational Overhead
DR Site
Efficient Cloud Migrations Between DC/cloud–to–DC/cloud Hybrid Cloud Extension
Consistent Policy Across on-premises and native public clouds NSX Cloud
Seamless Connectivity Between on-premises and public cloud, and more
VMware Cloud on AWS
Multi-Cloud use cases with
NSX Cloud
... Web App DB Web App DB
Security Challenges in Public Cloud
Multiple VNETs/VPCs create multiple security touch- points
Cloud security resource limitation inhibit consolidation
Static Group membership and IP-address rules require coordination at deployment
Cloud Operational framework inconsistent between public clouds, and on-prem env.
Inconsistent security constructs between clouds
Azure/AWS Account
Cloud Admin
Azure VNET 1 Security Groups
Azure VNET 2 Security Groups
Azure VNET 3 Security GroupsVMworld 2019 Content: Not for publication or distribution
Consistent Security Across Clouds
Single Security Policy: define a policy once, then apply anywhere
Rich set of abstractions
Granular enforcement of application workloads
Dynamic security group membership and policies follow workloads as they move
Service Insertion with leading L7 vendors
AWS Azure Future Public
VMware NSX Cloud
NSX-T Management Plane and Control Plane deployed in on- premises Data Center
Product deployment under the covers
Management and control Plane NSX Management Cloud Service Manager
(VPN Gateway, Direct Connect, ExpressRoute)
Add Cloud Service Manager to get visibility into your hybrid cloud
Deploy Public Cloud Gateways (PCGs) in cloud VPCs / VNETs
NSX tools auto-deployed with PCG or embedded in application templates Data Plane
Cloud gateway
NSX Cloud Gateway
NSX Cloud
Manage and monitor your workloads across AWS and Azure from a single-pane-of- glass in NSX Cloud
Inventory view across all accounts, regions, subscriptions, VPCs/VNETs
Operational status of every VM to enable quicker troubleshooting
Summarized view across clouds
NSX Cloud
Very Granular status information of each VM across all VNETs / VPCs
Rich search and filtering feature for ease of management
Ability to pick and choose what workloads to manage with NSX
Detailed view of public cloud workloads
University of Idaho Enabling a secure hybrid cloud strategy
With NSX Cloud, we got a very compact policy- easy to review and easy to manage. The power, administratively, is that we go to one place to update our policy and when we publish it, it automatically deploys it to every cloud server instance. This was a big win for us.”
“
Visibility across Clouds
Consistent operations control across on-premises Data Center and Public Cloud
DFW / Edge Firewall (L4)
3rd Party Service Insertion
CNET1365BU - Wed, Aug 28 at 4:00 p.m.
18©2019 VMware, Inc.
NSX Cloud Demo
89% of organizations face challenges associated with cost when migrating to the cloud
• Cost of third party migration tool
• Incompatibility between site versions
Use cases:
• DC evacuation / consolidation, DC refresh, V to T migration, workload rebalancing
Accelerating the SDDC modernization and cloud journey
Hybrid Highway
Application Mobility Platform VMworld 2019 Content: Not for publication or distribution
Public Cloud
Cloud Foundation Through VCF
Partner Program
60% of enterprises cite infrastructure incompatibility as a challenge when migrating • Old vSphere version?
• Outdated hardware?
Large-scale HCX Bulk Migration
When replica is ready, can choose switchover method:
• Quick Switchover: Switch over as soon as sync is ready
• Scheduled Switchover: Switch over in a pre-determined maintenance window
Great for mass-migration of VMs
Update VMtools and Hardware version while migrating
Supports migrating from vSphere 5.0+ to Modern vSphere stacks
1
2
Large VM replicating to Target SDDC while remaining online in source environment
At user-selected time, the VM is powered off at source, powered on in target site, for low down-time switchover
Replication-based migration with WAN Acceleration
Source Target SDDC
2,800 Workloads
550 TB
Full Migration in 45 days the first 300 workloads were live migrated in less than 96 hours
Power of HCX Migration at scale
Massachusetts
Hyper-V
HCX
HCX
NEW!
No reboot
SDDC On-prem or cloud
HCX – Automating Workload Migration
CNET2141BU – Wed, Aug 28 at 10:00 a.m.VMworld 2019 Content: Not for publication or distribution
VMware Cloud on AWS
VMware Cloud on AWS
• Optimized access to native AWS services
• On-demand capacity and flexible consumption
• Full operational consistency with on-premises SDDC
• Global AWS footprint, reach, availability over time
Consistent infrastructure, consistent operations
Center
Large-scale application migration
S3 Lambda Redshift
ELB CodeBuild KMS
The Three Value Pillars
Advanced Security Built-in, granular protection
IPsec VPN
©2019 VMware, Inc. 35Confidential ©2019 VMware, Inc.
Console (3)
VMware Cloud on AWS
Management Gateway (MGW): vCenter, NSX Manager, NSX Controllers in Mgmt domain
Compute Gateway (CGW): NSX network segments, workloads in Compute domain
Edge FW for both gateways
DFW for E-W traffic
VMware Cloud on AWS
VPC
• Simpler ops and less error- prone
• Provides redundancy
vCenter
MGW
VTI 1 172.0.0.1
VTI 1 172.0.0.2
Connectivity to on-premises, to another SDDC, or to AWS VPC with route-based VPN
Direct Connect
Can configure IPSec VPN over DX
Can configure IPSec VPN as backup to DX Private VIF
Direct Connect
On-Prem Gateway
10.2.0.0/24 10.2.1.128/25 10.2.0.0/26 10.3.10.0/24 10.3.20.0/24 10.3.30.0/24
BGP Route
No NSX on-premises
NSX on-premises
L2VPN On-premises to VMware Cloud on AWS SDDC for workload migration and vMotion
T0 NSX-V Unmanaged Edge
IP Network
IP Network
vCenter
On-Premises
VPC
VPC
Micro-segmentation with Distributed Firewall
• Micro-segmentation within the same L2 network or across different networks
Why DFW?
Compute Networks (Overlay)
CNET1219BU - Thu, Aug 29 at 9:00 a.m.
videos.vmworld.com
Top Multi-Cloud Challenges in IT
Improper Governance
Security Risks
Operational Overhead
DR Site
Cloud SDDC VMware Cloud
Layer 2 VPN
45©2019 VMware, Inc.
Making a difference in the everyday life of our customers by offering
simple and personalized financial solutions
Customer Service Excellence: Provident Hungary
FTSE4GOOD: IPF PLC
IPF at a glance International Personal Finance
Who we are What we do How we do it
2.3M Customers
11 Markets
Mexico home credit
2018 branches (+5) 17,000
2017 branches (+6) 41,000
48 VM´s in HO Puebla
10 VM´s in Azure Cloud
Others • 7 physical servers (KIO Sta. Fe)
• Total 19 with another Hypervisor type (Hyper V). In Puebla 9 VMs and 10 VMs in AZURE Cloud
KIO Santa Fe HO Puebla
KIO CDMX DC 1
AWS Global Infrastructure
Native AWS Services
AWS Global Infrastructure
VMC
do more CTB
Learn Design Guides
Connect Join VMUG, VMware Communities (VMTN)
nsx.techzone.vmware.com

Hybrid Cloud and Multi-Cloud

Documents

Transcript of Hybrid Cloud and Multi-Cloud