VMware vCloud Director Technisch Overzicht

70
VMware vCloud Directory Technisch Overzicht

description

 

Transcript of VMware vCloud Director Technisch Overzicht

Page 1: VMware vCloud Director Technisch Overzicht

VMware vCloud Directory Technisch Overzicht

Page 2: VMware vCloud Director Technisch Overzicht

Introductie ICT-Partners

Page 3: VMware vCloud Director Technisch Overzicht

VMware Accelerating the Journey to Cloud

Cloud Computing is an approach to computing that leverages the efficient pooling of on-demand, self-managed virtual infrastructure, consumed as a service.

Pooling From machines to highly elastic resource pools, with on-demand capacity

Zero-Touch InfrastructurePolicy-driven automation of provisioning, deployment and management

Self-ServiceEasy access with policy-based provisioning and deployment

ControlApplication-aware infrastructure with built-in availability, scalability, security and performance guarantees

Open & InteroperableApplication mobility between clouds, based on open standards

Leverage Existing InvestmentsBenefits of cloud computing to existing applications and datacenters

Efficiency thru Utilization and Automation Agility with Control Freedom of Choice

Page 4: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 5: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 6: VMware vCloud Director Technisch Overzicht

VMware Cloud Componenten VMware vSphere and vCenter Servers VMware vCloud Director vShield for VMware Cloud Director Chargeback Server

Page 7: VMware vCloud Director Technisch Overzicht

VMware vSphere en vCenter Server

Clusters en Resource Pools Provide cloud compute DRS is a requirement for the

cluster Shared storage vMotion compatible or EVC

enabled

Datastores Provide cloud storage Abstract away underlying storage

type Portgroups

Provide cloud networking Abstract away underlying

networking infrastructure vSwitch, vNetwork Distributed

Switch or Nexus 1000VFC Storage

vNetwork Distributed Switch

vSphere Cluster/Resource Pool

iSCSI Storage NFS Storage

vCenter Server

ESXi/ESX hosts

Page 8: VMware vCloud Director Technisch Overzicht

VMware vCloud Director

Define standard infrastructure tiers called Virtual Datacenters

Pool virtualized infrastructure resources across multiple vCenter Servers

Define standard collections of VMs called vApps

Create Organizations and manage users with RBAC

Provide UI for users to self provision vApps into Virtual Datacenters

Provide secure multi-tenancy using vShield Edge

Page 9: VMware vCloud Director Technisch Overzicht

VMware vCloud Director Installation and Licensing

Installs on RHEL 5 U4 or higher 64-bit machine

VMware vCloud Director supports VMware vSphere Editions

VMware vSphere Enterprise* VMware vSphere Enterprise Plus

VMware vCenter Server Editions VMware vCenter Server 4.0 Standard

Minimum requirements vSphere and vCenter Server versions 4.0

U2 and 4.1.

VMware vCloud Director licensed by concurrent powered-on VMs managed by VCD

vCenter ServerVMware vCloud

Director

*vSphere Enterprise will not support VLAN backed Network Pools and VMware vCloud Director Network Isolation (VCDNI) backed Network Pools

Page 10: VMware vCloud Director Technisch Overzicht

Oracle Database

Oracle 10g/11g Standard or Enterprise database Oracle Express is not supported

Will work for small test/dev, POC type deployments See Express database memory and storage restrictions on Oracle website

Database can be run physical or in a virtual machine Ensure that the database is backed up and replicated

Consult with your favorite DBA Sizing requirement guidelines

Database size VMs Users Orgs

173 MB 7943 4096 3854

343 MB 12793 4918 3951

443 MB 16443 11450 5022

Page 11: VMware vCloud Director Technisch Overzicht

VMware vShield for VMware vCloud Director

VMware vShield Edge provides end point security Available for download with vSphere Enterprise and Enterprise Plus.

One vShield Manager required per vCenter Server Provides network edge security Provides firewall, NAT, port forwarding, IP masquerading and DHCP functionality

(enforces multi-tenancy) Edge appliances deployed and managed by VMware vCloud Director on vSphere.

Separate client not required. Does not require separate database

Licensing Free but requires license key during configuration Upgradable to vShield Edge 1.0 (full version which includes site-to-site VPN and load

balancer)

Page 12: VMware vCloud Director Technisch Overzicht

VMware Chargeback Manager 1.5

Associate costs and bill for VMware vCloud Director usage

Uses vCloud data collectors to collect billable events from VMware vCloud Director database

Uses vCenter data collectors to collect usage data for vCenter Servers providing resources

Database SQL Server 2005 and 2008 Oracle 10g/11g Ent. or Std.

Built-in load balancer Create new Chargeback servers to

scale with the cloud Licensed per VM

Page 13: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 14: VMware vCloud Director Technisch Overzicht

VMware Cloud Architecture

Page 15: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 16: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 17: VMware vCloud Director Technisch Overzicht

Install and protect VMware Cloud components

Create a Management Cluster Verify DNS, AD, NTP availability and

redundancy Install vCloud Director Server on a

Management Cluster vCloud Director Server

o load balancer (if using >1 cell)

Oracle Database vShield Manager virtual appliance Chargeback Server Chargeback SQL Server

Protect using HA, DRS and SRM. Backup Management VMs via storage

level backups or vDR. Backup the Databases Use VUM to patch hosts

Management cluster

ESXi/ESX Servers

Page 18: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 19: VMware vCloud Director Technisch Overzicht

VMware vCloud Director web portal

Provides a convenient web based portal for

Cloud administrators to deploy and manage cloud resources

End users to use cloud resources Web based – works with any

standard browser Rich Flash based UI experience

Page 20: VMware vCloud Director Technisch Overzicht

Cloud Personas Cloud Administrator

Deploy and manage cloud infrastructure Add vCenter Servers Create Provider VDCs, External Networks and Network Pools Create Organizations Create Organization VDCs and Organization Networks

Organization Administrator Organization user and roles management Creating catalogs Managing organization policies leases, quotas and limits Setting up org specific SMTP settings and org specific domain to join

End Users Use vApps from catalogs Create vApp networks

Page 21: VMware vCloud Director Technisch Overzicht

Add vCenter Servers

VMware vCloud Director supports multiple vCenter Servers

vCenter Servers provide Compute via Clusters and

Resource Pools Storage via Datastores Networks via portgroups and

vNetwork Distributed Switches Requires vCenter user with admin

credentials Requires vShield Manager

connected to vCenter Server

Page 22: VMware vCloud Director Technisch Overzicht

Create Provider Virtual Data Centers (VDC)

Combine compute and storage into standard offerings

Created by Cloud administrator To create Provider VDC

Select a Resource Pool/Cluster Select datastores that you wish to

attach to the Provider VDC. Max of 256 datastores per

Provider VDC

Choose from across inventory of vCenter Servers

VMware vCloud Director prepares each host in the cluster by installing an agent. Host does not require reboot.

Page 23: VMware vCloud Director Technisch Overzicht

Examples of Provider VDCs

Use Provider VDCs to offer tiered compute and storage Fast, medium, slow compute and storage Silver (SATA), Gold (FC), Platinum (EFD), Unobtainium (aggregate) storage Nehalem based clusters, AMD based clusters

Create a Provider VDC per tier of compute and storage you wish to offer to users

Page 24: VMware vCloud Director Technisch Overzicht

Create External Networks

Provide external network connectivity to cloud workloads

“External” to (organizations in) the cloud

External networks can be isolated at Layer 2 by VLANs or physical separation

Portgroup on a vDS (Nexus 1000V supported)

Shared resource providing cloud workloads access to network resources

E.g. Corporate network, Test and dev network, Production network, Internet.

Page 25: VMware vCloud Director Technisch Overzicht

Create Network Pools

Provide “Internal” network connectivity to cloud workloads

Internal to organizations Internal to vApps

Pools of isolated Layer-2 networks Empower users to self-provision

networks Networks are provisioned on vDS portgroup backed network pools

supported on Nexus 1000V (see next slide)

Page 26: VMware vCloud Director Technisch Overzicht

Types of Network Pools

Portgroup-backed Create isolated portgroups in vSphere manually or with automation Attach a collection of them to VMware vCloud Director

VLAN-backed VMware vCloud Director will automatically create portgroups as needed, and use a

range of VLANs to isolate them VMware vCloud Director Network Isolation-backed

Proprietary network isolation technology

Network Pool Building Blocks

VLAN Backed + VLAN tags

VCDNI + one VLAN for transport

Portgroup backed or portgroups vSwitchvNetwork Distributed Switch

vNetwork Distributed Switch

vNetwork Distributed Switch

Page 27: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 28: VMware vCloud Director Technisch Overzicht

Create Organizations Unit of tenancy Isolate groups or users or lines of

business from each other E.g. Finance and IT created by Cloud administrator

Users on boarded to organizations Each organization has a unique URL in

the VMware vCloud Director system

Page 29: VMware vCloud Director Technisch Overzicht

Authentication and RBAC

3 Ways to Manage Users Local Users

Simplest. User auth stored in DB

One LDAP server for entire cloud E.g. corporate Active Directory Organizations = OUs

LDAP server per-organization

Users & Groups assigned Roles Roles = collection of rights Create new or edit existing roles

Page 30: VMware vCloud Director Technisch Overzicht

Leases, Quotas and Limits

Exercise control via leases, quotas and limits

Set by Organization administrator Lease – Length of time that a user

can use a vApp in a VDC Runtime and storage lease

Quotas Running VM Quota Stored VM Quota

Limits Heavy operations

o Per user o Per Org

Simultaneous connection per VM

Page 31: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 32: VMware vCloud Director Technisch Overzicht

Create Organization VDCs Allocate resources to organizations

using Organization VDCs Org VDCs are allocated from

Provider VDCs Can be as large as a Provider VDC All Organization VDCs in a

Provider VDC are the same tier of service

Each organization VDC represents a tier of service

SLA Cost

vApps run in Org VDCs

Premium Provider VDC

Commodity Provider VDC

Org 1 Premium Organization VDC

Org 2 Premium Organization VDC

Org 1 Org 2

Premium Provider VDC

Other Provider VDC

Page 33: VMware vCloud Director Technisch Overzicht

Organization VDCs

Cloud Administrator allocates portions of Provider VDCs to organizations

Select organization Select the Provider VDC Select the Allocation Model

Pay-As-You-Go Reservation Pool Allocation Pool

Select how much you wish to allocate

CPU, memory and storage shares

Select Thin Provisioning Select Network Pools for vApps to

use

Page 34: VMware vCloud Director Technisch Overzicht

Org VDC Allocation Models Pay as you go

No upfront resource allocation Org VDC allocated resources only as users create vApps Can set compute limits to cap usage Can guarantee only a % of organization VDC resources to cap usage

Reservation Pool Org VDC allocated a “container” set of resources 100% of container guaranteed Organizations use advanced vSphere resource management

controls such as Shares and Reservations to manage over commitment of their resources between their

workloads Allocation Pool

Org VDC allocated a “container” set of resources Organizations have very simple model of resources and

advanced resource management controls such as Shares and Reservations are managed by the cloud operator

Actual

Guarantee

Overcommit range

Actual

Guarantee

Page 35: VMware vCloud Director Technisch Overzicht

Create Organization Networks Provide connectivity to workloads running inside an organizationNetwork Features

Internal Connectivity to vApps within the organization. No external connectivity

External Routed Connectivity to vApps and services on a shared external network. vShield Edge device is deployed outside the organization to provide NAT and firewall services for vApps inside the organization

External Direct Connect Connectivity to vApps and services on a shared external network. vApps get IP addresses on the external network. No NAT or firewall exists between the organization vApps and other vApps on the External Network

Page 36: VMware vCloud Director Technisch Overzicht

Gold” vDC

Physical

Group Resources

into

“Service Tiers” with

Specific costs

Resource Groupings:

Provider vDC

Org Resource Allocation

Org: Finance

Access Control

vDCs

Catalogs

Provisioning Policies

Org: Sales

Access Control

vDCs

Catalogs

Provisioning Policies

Host

Network

SAN

vSphere

Resource Pool

Datastore

Port Group

VMware vCloud Director

Gold

Silver

From vSphere to Cloud Infrastructure

Page 37: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 38: VMware vCloud Director Technisch Overzicht

Catalogs

Catalogs are collections of vApps and media created & owned by Organizations

Can be shared (to the org) & published (to the whole cloud)

Examples: Infrastructure as a Service Catalogs

Empty Small, medium and large VMs/vApps. Pre-installed Windows & Linux VMs OS Media files (ISO, floppy images)

App catalogs Corp standard Database servers, application servers If post deploy configurations are needed, guest

customization in VCD can run custom scripts

Linux Templates

Windows Templates

Engineering vAppsBasic Media

Catalog

IT - Oracle vApps Premium Media Catalog

Page 39: VMware vCloud Director Technisch Overzicht

Create Catalogs

Standardize infrastructure and application offerings via Catalogs

Organizations can create their own catalogs

Create multiple catalogs per organization

Catalogs can be Shared – Select users or entire

organizations can use catalog Published – All organizations in

the cloud can access and use catalog

Page 40: VMware vCloud Director Technisch Overzicht

vApps

Container of one or more VMs Package up multi-tier applications

into vApps Operate on VMs as one unit Select boot order of VMs, start

delays and stop delays Set runtime and storage leases

Can be created from scratch Building blocks templates in the

catalog Can be imported from outside the

cloud

Availability = 99.99%

Security = High

Performance = msec

SLA Definitions

vApp

App

OS

App

OS

App

OS

Uses the OVF standard Captures meta data about the

VMs Allows import and export

between clouds in standard format

Page 41: VMware vCloud Director Technisch Overzicht

Import vApp templates and media into catalogs

Import vApps (.ovf) from local file system

VMware vCloud Director uses image transfer service to copy vApp from local file system to vSphere

Requires NFS share mounted to all VMware vCloud Director servers

Import powered off VMs from attached vCenter Servers

No import of vApps from vCenter Server. VMs only.

Export your vSphere vApps to ovf and import from local filesystem

Organization administrators cannot import VMs from vSphere

Page 42: VMware vCloud Director Technisch Overzicht

Deploying een VMware Cloud

Setting up Management Cluster Setting up Cloud resources

Provider VDC External Networks Network Pools

Setting up Organizations Setting up Users, roles and privileges Setting up Policies

Setting up Organizational Resources Organization VDC Organization Networks

Setting up Catalogs of vApps and Media Setting up Chargeback

Page 43: VMware vCloud Director Technisch Overzicht

Chargeback

Manage cloud organizations and workloads via hierarchies

Attach cost models Generate usage and billing reports

Page 44: VMware vCloud Director Technisch Overzicht

Connecting Chargeback to the Cloud

Install Chargeback data collectors for

vCenter Server VMware vCloud Director vShield Manager

Add Cloud vCenter Server to Chargeback Server

Page 45: VMware vCloud Director Technisch Overzicht

Setting up Hierarchies

Chargeback automatically creates hierarchies for organizations created in VMware vCloud Director

Under each organization, four top level folders are created

Allocation Pool Reservation Pool Pay-As-You-Go Networks

Any changes made to Organization VDCs will be reflected in Chargeback heirarchy

Page 46: VMware vCloud Director Technisch Overzicht

Cost Models

Chargeback ships with a set of cost models pre-defined for each VMware vCloud Director resource allocation model

vCloud Allocation Pool

vCloud Reservation Pool

vCloud Pay-As-You-Go

vCloud Networking

Page 47: VMware vCloud Director Technisch Overzicht

Reports

Generate reports by selecting objects in Chargeback hierarchy

Organization level usage and cost report

VM level usage and cost report Network and bandwidth usage

and cost report

Page 48: VMware vCloud Director Technisch Overzicht

Infrastructure-as-a-Service (IaaS)

Access vApps from Home screen Browse catalogs Copy to “My Cloud” Access VM consoles from within

browser

Page 49: VMware vCloud Director Technisch Overzicht

Access vApps from Home screen

User logs in to organization User role definies the capabilities

available in the UI Simple UI allowing the following

user operations Quick access to all vApps owned

by the user Click the Thumbnail to launch the

Remote console Quick access to Catalog via “Add

Cloud Computer System” link

Page 50: VMware vCloud Director Technisch Overzicht

Remote Console

Launches a new window allowing users to interact with the VMs in the vApp

Allows power and suspend operations

Connect local CD ROM and floppy devices, CD iso images from file shares.

Alternatively, users can connect via remote protocols like ssh and RDP to their VMs

Page 51: VMware vCloud Director Technisch Overzicht

Browse catalog and deploy vApps

Copy vApps from the Organization catalog (self-service)

Select Organization VDC Connect the vApps to one or more

networks Create vApp networks Connect to organization networks

Customize the VMs while deploying Requires sysprep files to be

available on VMware vCloud Director server

Page 52: VMware vCloud Director Technisch Overzicht

Search for catalog items and deploy to org VDC

Search catalog items based on Name Description Catalog VDC Owner Date Created

Page 53: VMware vCloud Director Technisch Overzicht

Network connections for vApp

Networking Connect the vApp to

External Network

Organization Networks

Create a new vApp Network on the fly

Requires Network Pool available to the

organization

Connect vApp Network to Org Network

o NAT or firewall

o VMware vCloud Director deploys a vShield Edge VM to

provide NAT and firewall services

Page 54: VMware vCloud Director Technisch Overzicht

Shared Catalogs

Setup catalogs to be shared by users in the organization

Sharing needs to be setup by Org admin

Dev and Test users work on a shared set of vApps

Build systems, Source control systems, Toolchains

Users need permissions to upload vApps into the catalog for sharing

vApp owner role

Page 55: VMware vCloud Director Technisch Overzicht

Network Fencing Requires available Network Pool attached to

the Organization VDC Deploys a vShield Edge VM into the Org VDC

Creates a portgroup on the vNetwork Distributed Switch (vDS)

Attaches the vShield Edge VM and the vApp VMs to the portgroup

Fenced vApp can span multiple hosts Deploy multiple copies of the vApp on the

same Org/External network without modifying hostname or IP address

Each VM keep original hostname/IP information inside the fence

Each VM assigned a new IP outside the fence

Page 56: VMware vCloud Director Technisch Overzicht

The complete picture

Provider VDC Organization VDC

vApp

vCenter Server 1

vCenter Server 2

vCenter Server n

VMware vCloud Director

Clusters, datastores, portgroups

Clusters, datastores, portgroups

Clusters, datastores, portgroups

Cloud compute cluster

Cloud management cluster with management VMs

Provider VDCs

Organization VDCs

vApps and templates

vShield Edge

Network Pool

External Networks

External Networks

Network Pools

Organization Networks and vApp Networks

Page 57: VMware vCloud Director Technisch Overzicht

BCDR with VMware vCloud Director

Backup and recovery is fully supported in conjunction with vCloud Director VMware recommends VADP-based backup solutions for backing up your

environment VMware Data Recovery is currently not compatible with vCloud Director

due to an identified bug

VMware SRM is currently not compatible with vCloud Director Classic disaster recovery (DR) solutions are fully supported with vCloud

Director

Page 58: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 59: VMware vCloud Director Technisch Overzicht

Elastic and Seasonal Workloads

Elastic workloads Scale up and down based on load easily by adding or removing

ESXi/ESX Servers to Provider VDC Datastores to Provider VDCs vCenter Servers VMware vCloud Director cells

E.g. Monte Carlo simulations Seasonal Workloads

Avoid having to purchase and maintain capacity through out the year for workloads that are seasonal

E.g. Tax season workloads, end of quarter accounting workloads Scale up resources during the season and scale down resources in the off season.

Page 60: VMware vCloud Director Technisch Overzicht

Multi-tenancy and Organization Isolation

Use VMware vCloud Director to provide complete Organization isolation on a shared cloud infrastructure

E.g. Organizations storing Consumer data

Secure LOBs that store consumer data using vShield Edge

Provide edge security isolating the Organizations containing customer data from other organizations

Multi-tenant UI with Role based access control

E.g. R&D org isolation Drive cost down by sharing

physical infrastructure

Org 2 Secure vApp

Org 1 vApp

Organization VDC

Organization secured by vShield Edge

Page 61: VMware vCloud Director Technisch Overzicht

Customer Support and Troubleshooting

Quickly spin up vApps to test customer configurations with minimal IT intervention Each vApp has short deployment and storage lease to save on resources Fence vApps to deploy multiple copies of vApps on shared networks Support Engineers can create vApp Networks on the fly without IT invervention

and deploy vApps to ensure network isolation

Page 62: VMware vCloud Director Technisch Overzicht

Product/Solution Demo and Training

Demo use case Maintain a catalog of demos Systems Engineers can deploy demo vApps quickly with short deployment and storage

leases for demo purposes Training and remote education use cases

Training administrator maintains course offerings in vApps Easily on-board students and associate roles and permissions Students can deploy course offerings into their cloud without IT intervention

Page 63: VMware vCloud Director Technisch Overzicht

Agenda

VMware Cloud Componenten en Licenties

VMware Cloud Architectuur

Deploying een VMware Cloud

Cloud use cases

Cloud Automation

Page 64: VMware vCloud Director Technisch Overzicht

vCloud API

RESTful Designed for web infrastructure Extensible, Modular

Released in “Open” form Version 0.9 currently public

Spans vCenter Instances Operate across multiple vCenter

Servers 100% Virtual VIM API Unchanged With OVF standard, unlocks ability

to move vApps across clouds (Hybrid cloud use case)

vApp Upload/Download

vApp Operations

Platform as a Service Enablement

Task Mgmt

Catalog Mgmt

Inventory Listing

Page 65: VMware vCloud Director Technisch Overzicht

2 Logical APIs for VMware vCloud Director

1: VMware vCloud Director “Admin API”

Automate VCD Management

Attach virtual/physical resources

Manage organizations, users, etc.

RESTful for loose couplingto existing systems

2: vCloud API

Standard way to consume vCloud Resources

Page 66: VMware vCloud Director Technisch Overzicht

Orchestration + VMware Cloud

FinancialSystems

End Users

Redwood Portal

OrchestrationEngine

Datastores

vCenter Chargeback

VMware vCloud IaaS

VMware vSphere

Hosts

ApprovalSystems

AssetSystems

CMDB

….

User Portal + vCloud API

vCloud API

Physical Config

1. User WorkflowInitiation

2. User Resource Interaction

vSphere API

VCD Portal

Page 67: VMware vCloud Director Technisch Overzicht

Driving agility and efficiency in a secure and evolutionary way

Increase business agility by empowering users to self-deploy services with the click of a button

Maintain security and control over multi-tenant environments with user controls and VMware vShield

Reduce costs by efficiently delivering resources to internal organizations as secure virtual datacenters

Leverage existing investments and open standards to ensure interoperability and application portability between clouds

Page 68: VMware vCloud Director Technisch Overzicht

Backup

Page 69: VMware vCloud Director Technisch Overzicht

Responsibilities delegated to Organization Administrator

Responsibilities of the org admin Organization user and roles

management Creating catalogs Managing leases, quotas and

limits for vApps deployed by the org

Setting up org specific SMTP settings

Specifying org specific domain join for vApps deployed by the org

Page 70: VMware vCloud Director Technisch Overzicht

User roles and previliges

Users only get access to resources that are associated with their organizations

The system comes with built-in roles that range from “root” to “view-only” users

Custom roles can be defined by those with the rights from a set of over 50 rights

If a user has multiple roles he/she gets the union of rights

Organization (tenant) specific policies can conditionally be delegated to the tenant without compromising overall cloud policies