White Paper: EMC Compute-as-a-Service

White Paper

EMC Solutions Group

Abstract

This white paper provides information on using EMC® technology to create a Compute-as-a-Service platform, and the design considerations related to its implementation. It also provides information on how to integrate various components in that infrastructure.

October 2011

EMC COMPUTE-AS-A-SERVICE EMC Symmetrix VMAX, EMC VNX Series, VMware vSphere, vCloud Director

• Reduce infrastructure and operational costs • Increase performance and optimize service-level agreements

EMC Compute-as-a-Service

2

Copyright © 2011 EMC Corporation. All Rights Reserved.

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

The information in this publication is provided “as is.” EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose.

Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.

All trademarks used herein are the property of their respective owners.

Part Number H8924

3 EMC Compute-as-a-Service

Contents

Executive summary ............................................................................................................... 5

Business case .................................................................................................................................. 5

Solution overview ............................................................................................................................ 5

Key results / recommendations ........................................................................................................ 6

Introduction .......................................................................................................................... 7

Purpose ........................................................................................................................................... 7

Scope .............................................................................................................................................. 7

Audience ......................................................................................................................................... 7

Terminology ..................................................................................................................................... 7

What is Compute-as-a-Service? ............................................................................................. 8

Overview .......................................................................................................................................... 8

Self-service portal and service catalog ............................................................................................. 8

Orchestration tool ............................................................................................................................ 9

Secure multi-tenant enabled shared environment .......................................................................... 10

Secure separation .......................................................................................................................... 10

Service assurance .......................................................................................................................... 12

Service provider in control ............................................................................................................. 13

Tenant in control ............................................................................................................................ 14

Security and compliance ................................................................................................................ 15

Availability and data protection ..................................................................................................... 17

Compute-as-a-Service ......................................................................................................... 19

Framework ..................................................................................................................................... 19

Virtual datacenters ......................................................................................................................... 19

Networking .................................................................................................................................... 20

External networks .......................................................................................................................... 21

Organization networks ................................................................................................................... 22

vApp networks ............................................................................................................................... 22

Network pools ................................................................................................................................ 23

vCloud connector ........................................................................................................................... 25

vCloud Director catalog .................................................................................................................. 26

VMware vCenter Orchestrator .............................................................................................. 27

Overview ........................................................................................................................................ 27

Integration with vCenter Orchestrator ............................................................................................. 27

Orchestrator environment .............................................................................................................. 27

vCenter Orchestrator hardware resources ....................................................................................... 28

vCenter Orchestrator software resources ........................................................................................ 28


4

vCenter Orchestrator plug-ins ......................................................................................................... 29

vCloud Director plug-in .............................................................................................................. 30

HTTP-REST plug-in ..................................................................................................................... 30

AMQP plug-in ............................................................................................................................ 31

vCenter Orchestrator test workflow ................................................................................................ 31

Cisco Intelligent Automation for Cloud ................................................................................. 34

Overview ........................................................................................................................................ 34

Test environment ........................................................................................................................... 34

Intelligent Automation for Cloud hardware resources ..................................................................... 35

Intelligent Automation for Cloud software resources ...................................................................... 35

Self-service portal .......................................................................................................................... 35

Tidal Enterprise Orchestrator .......................................................................................................... 36

Tidal Enterprise Orchestrator test workflow .................................................................................... 37

Conclusion ......................................................................................................................... 44

Summary ....................................................................................................................................... 44

About EMC Proven™ Solutions ...................................................................................................... 44

Take the next step .......................................................................................................................... 44

References .......................................................................................................................... 45

White papers ................................................................................................................................. 45

Product documentation .................................................................................................................. 45

Other documentation ..................................................................................................................... 45


Executive summary

Cloud computing enables service providers to seamlessly deliver infrastructure services to customers, while reducing power, saving space, maintaining reliability, and reducing the overall cost to serve. A Compute-as-a-Service (CaaS) architecture based on EMC® technology helps IT service providers to offer customized services to their end users that meet their business needs.

Today, service providers face several challenges in delivering services to their clients. Service providers need to consolidate the inefficient and disparate infrastructures typically associated with existing hosting and service offerings. Service providers can offer cloud compute services as an alternative to existing dedicated, siloed compute offerings while integrating customer service catalogs into an easy to deploy platform.

EMC’s CaaS solution provides service providers with the foundation deploy cloud-based services, while establishing a flexible platform to deliver additional value-added services to create new revenue streams. Customers benefit from their service provider’s ability to meet published service level agreements (SLAs) and quickly create new services in anticipation of changing market, customer, or business requirements.

To realize the promise of Compute-as-a-Service (CaaS) offerings, service providers and consumers alike must overcome a number of challenges. EMC CaaS solutions are uniquely designed to address these complexities:

• Establish a baseline compute offering as an alternative to existing web-based compute offerings, while also providing enterprise-grade services.

• Consolidate the inefficient, siloed infrastructures typically associated with earlier as-a-service offerings.

• Provide the necessary security and data protection reassurance to end-users that will accelerate cloud service adoption.

• Reduce the complexity of managing the end-to-end service lifecycle of Compute-as-a-Service customers.

• Accelerate time to market for new, compute-based as-a-service offerings.

EMC CaaS solutions enable service providers to build an enterprise-grade, scalable, multi-tenant platform for complete management of the compute service lifecycle. EMC CaaS provides on-demand access and control of network bandwidth, servers, storage, and security while maximizing asset utilization. Specifically, EMC CaaS integrates all of these CaaS key elements:

• Self-service portal for end user and administrative provisioning

• Service catalog of available compute services

• Rapid, precise automated service provisioning

• Multi-tenant capable monitoring, reporting, and billing

• An IT-as-a-Service (IaaS) framework on which a service provider can build additional IaaS offerings

Business case

Solution overview


6

Key solution components include:

• VMware® vCloud™ Director — Manages the virtual computing environment combined with vCloud Connector for hybrid/multi-cloud management. Consolidates datacenters, deploys workloads, and provides security on shared infrastructure.

• Orchestration — Automates delivery and control. This can be interoperable with a number of potential vendors technologies used.

• Service Catalog — Provides a list of supported compute services being offered.

• Cisco UCS Manager — Allows administrators to provision servers faster and more efficiently and move them as needed to achieve the greatest performance.

• Cisco Fabric Manager — Creates and optimizes the network environment.

• VMware vCenter™ Chargeback — Customizes cost models for the process and policies of different organizations. Integration with VMware vCloud Director also enables automated chargeback for private cloud environments. Provides visibility and transparency into costs and accountability of virtualized workloads and self-service resource requests.

• EMC Unisphere™ — Provides integrated management and automation of existing EMC CLARiiON, EMC Celerra and EMC VNX storage systems and virtualization. Includes a self-service support ecosystem that’s accessible with one-click.

• EMC Unified Storage — Provide reliable storage environment that lets you store, protect, optimize, and leverage your information.

• RSA® Security — Delivers authentication and deployment methods to manage the security and compliance of virtual, physical, and hybrid-cloud infrastructure.

• Data protection — EMC provides a reliable, efficient, and cost-effective data protection architecture that improves disaster recovery readiness and simplifies management.

Compute-as-a-Service enables users to change the way in which they consume IT services and pay for what they are using without worrying much about the underlying technologies. By removing the link between infrastructure and capital expenditure, CaaS increases organizations’ agility and flexibility, and lets them take advantage of enterprise IT features at a fraction of the cost of purchasing dedicated enterprise-grade infrastructure components.

• Improve flexibility and simplify application deployment.

• Enable end-users to focus on revenue generating activities and other projects instead of equipment logistics.

• Create a strong foundation to leverage the benefits of other services such as backup, data protection, and more.

Key results / recommendations


Introduction

This white paper describes how service providers can leverage EMC Compute-as-a-Service as an architecture to deploy cloud-based services. This framework allows service providers to adapt their service portfolio to their customers’ dynamic business requirements.

Throughout this white paper we assume that you have some familiarity with the concepts and operations related to virtualization technologies and their use in cloud infrastructure.

This white paper discusses multiple EMC products as well as those from other vendors. Some general configuration and operational procedures are outlined. However for detailed product installation information, please refer to the user documentation for those products.

This white paper is intended for EMC employees, partners, and customers including IT planners, virtualization architects and administrators, and any others involved in evaluating, acquiring, managing, operating, or designing a Compute-as-a-Service infrastructure environment leveraging EMC technologies.

Table 1 defines some of the key terms used in this paper.

Table 1. Terminology

Term Definition

Provider Virtual Datacenter (Provider vDC)

A virtual datacenter is a collection of virtual resources, typically mapped to a DRS cluster on vSphere. Provider vDCs are created based on the SLAs and cost.

Organization Virtual Datacenter (Organization vDC)

A virtual datacenter carved out from the provider vDC. An organization vDC is used for deployment of vApp, and catalogs.

vApp A collection of virtual machines (VMs) used for the deployment of application software.

Service Catalog A CaaS catalog is a list of products or services available to consumers. The catalog enables comparison shopping in self-service portals. With vCloud Director, the catalog contains the vApp templates and media.

CMDB Configuration Management Database

Tenant A customer of compute services. A service provider will have multiple tenants within their CaaS infrastructure.

URL Uniform Resource Locator.

5-Tuple Firewall Rule Firewall rule with source and destination IP, source and destination port, and protocol.

Purpose

Scope

Audience

Terminology


8

What is Compute-as-a-Service?

Compute-as-a-Service (CaaS) uses cloud infrastructure to deliver datacenter resources as a service rather than as a capital expenditure. Service providers can offer CaaS to their customers who want a flexible, on-demand infrastructure without having to purchase, configure, or maintain it themselves.

Much like an electric power utility, in which end-users consume and pay for power without needing to understand or maintain the component devices and infrastructure required to provide the service, customers can draw upon the elastic resources that cloud computing delivers and pay only for what they need.

A CaaS environment typically consists of:

• Self-service portal

• Orchestration tool

• Secure multi-tenant enabled shared infrastructure

The self-service portal and service catalog play a key role in a service-oriented architecture. It allows users to select what they need from a published service catalog, as shown in Figure 1, providing an experience similar to Internet shopping.

There are various portal and service catalog options available which perform all or some of the portal and catalog functions. Choosing a portal/catalog depends on what functionality is needed, existing systems, price, and other considerations. For our use case testing we focused on two service catalogs: VMware vCenter Orchestrator and Cisco newScale.

Figure 1. CaaS self-service portal based on VMware vCloud Director

Overview

Self-service portal and service catalog


The VMware vCloud Director user portal allows customers to select the vApps that they need from the service catalog. If the business requires additional functionality, such as adding approval before deploying a vApp or any other additional workflows, then VMware Service Manager or other third-party products like Cisco newScale (Figure 2) can provide a more robust experience as well as handling both virtual and physical environments.

Figure 2. newScale portal/service catalog interface

An orchestration tool allows you to define the workflows and operations needed to deploy the service and execute it on demand. For example, it provisions the server using Cisco UCS Manager plug-ins, deploys the storage using automated processes, configures the network, updates CMDB, provisions the provider vDC and organization vDC, and so on.

There are various orchestration tools available which perform all or some of the orchestration functions. Choosing an orchestrator depends on what functionality or infrastructure integration is needed, existing systems, price, and other considerations. For our use case testing we focused on two orchestrators: vCenter Orchestrator and Cisco Tidal Enterprise Orchestrator.

VMware vCenter Orchestrator uses an open and flexible plug-in architecture to automate provisioning and operational tasks across both VMware and third-party applications, as shown in Figure 3.

Figure 3. VMware vCenter Orchestrator architecture

Orchestration tool


10

Cisco Tidal Enterprise Orchestrator integrates event and alert management data with best practices for operational support processes (Figure 4).

Figure 4. Tidal Enterprise Orchestrator architecture

VMware vCloud Director provides a cloud infrastructure using the virtual resources provided by VMware vSphere. It addresses the following key requirements:

• Secure separation

• Service assurance

• Service provider in control

• Tenant in control

• Security and compliance

• Availability and data protection

VMware vCloud Director provides trusted multitenancy, allowing a shared infrastructure to host multiple tenants (such as many customers or many departments in an organization). Each tenant can have their own user list, policies, and catalogs. Figure 5 shows the service provider view of all tenants.

Secure multi-tenant enabled shared environment

Secure separation


Figure 5. Service provider tenant view in vCloud Director

Each tenant accesses the resource using their own URL and authentication.

VMware vShield™ Edge (Figure 6) provides a firewall between the tenants. vShield Edge supports 5-tuple firewall rules (source IP, destination IP, source port, destination port, protocol).

Figure 6. VMware vShield Edge firewall


12

Although all tenants use the shared infrastructure, the resources for each tenant are guaranteed based on the allocation model in place. The service provider can set the parameters for CPU, memory, storage, and network for each tenant’s organization vDC, as shown in Figure 7, Figure 8, and Figure 9.

Figure 7. Organization vDC allocation configuration

Figure 8. Organization vDC storage configuration

Figure 9. Organization vDC network pool configuration

Service assurance


Based on the SLA or cost tier, different provider vDCs can be created and the tenant can have their organization vDC created from those provider vDCs (Figure 10).

Figure 10. Provider vDC interface

With vCloud Director 1.0, the provider vDC can expand up to 32 hosts and can have up to 255 datastores. With vCloud Director 1.5, the provider vDC can be expanded up to the maximum number of clusters supported by the underlying vCenter server.

Note: When using FAST provisioning, the datastore should be connected to only eight hosts.

In this configuration the service provider is in complete control of the physical infrastructure (Figure 11). The service provider can enable or disable ESX hosts and datastores for the cloud usage.

Figure 11. Service-provider-in-control configuration

The service provider can create and remove the external networks that are needed for communicating with Internet, backup network, IP based Storage network, VPN, and MPLS networks, as well as the organization networks and network pools. The service provider creates and removes the organization, admin users , provider vDC, and organization vDCs. The service provider also determines which organization can share the catalog with others. Service providers can use VMware vCenter Chargeback to retrieve the tenant usage of resources.

Service provider in control


14

In this configuration (Figure 12) the tenants can create the vApps or deploy them from templates. They will be able to create the vApp network as needed from the network pool. The tenants can upload the media and access the console of the virtual machines in the vApp using the browser plug-in. Tenants can start and stop the virtual machines as needed.

Figure 12. Tenant-in-control configuration

The tenants can manage users and groups, policies, and the catalogs for their environment, as shown in Figure 13.

Figure 13. Tenant environment policies interface

Tenant in control


Each tenant has its own user and group management and provides role-based security access (Figure 14).

Figure 14. User role management

The users are shown only the vApps that they can access, as shown in Figure 15.

Figure 15. vApp access

vApps that users do not have access to will not be visible even if they reside within the same organization.

vShield Edge provides firewall, NAT mapping, and site-to-site VPN. It ensures policy enforcement with built-in edge network security and services, as shown in Figure 16. It also simplifies IT compliance with detailed logging. vShield Edge can provide granular control and visibility over network gateway traffic, along with VPN services to protect the confidentiality and integrity of communications between virtual datacenters.

Security and compliance


16

Figure 16. VMware vShield Edge architecture

Security and compliance can be further strengthened by using additional EMC or third-party products, such as the following EMC RSA products:

• RSA® Data Loss Prevention (DLP) Suite — Discover and classify sensitive data, ensure data is handled appropriately.

• RSA enVision® — Collect and analyze log and event data to identify high-priority security incidents as they occur.

• RSA Archer™ eGRC suite — Build an efficient, collaborative enterprise governance, risk, and compliance (eGRC) program.


VMware vCloud Director has a stateless architecture with multiple cells running in a cluster to provide high availability to the cloud environment, as shown in Figure 17.

Figure 17. VMware vCloud Director architecture

The database can be protected using the native tools provided by the database administration tool. The ESX hosts are protected by the vCenter High Availability feature, and storage paths can be protected using native multipathing software or by using EMC PowerPath®/VE (Figure 18).

Availability and data protection


18

Figure 18. Storage path protection

Follow the industry best practice by using redundant NICs for the uplink ports and connect to two different physical switches.

Virtual machines and application data can be protected using EMC Avamar®, Data Domain®, and Replication Manager.


Compute-as-a-Service

Cisco UCS servers running VMware vSphere and vCloud Director are used in conjunction with EMC storage arrays to host the CaaS environment, as shown in Figure 19.

The environment can be protected by EMC Avamar, Data Domain, and Replication Manager. From a security perspective, the CaaS solution provides support for RSA-based solutions such as DLP, enVision, Archer eGRC suites, and other third-party products.

Figure 19. EMC CaaS platform architecture

A virtual machine (VM) is the virtualized representation of a single physical hardware machine, including CPU, memory, local disk, and NICs. A virtualized application (vApp) is an application that needs multiple virtual machines to deploy. A virtual datacenter (vDC) is the virtualized representation of a physical datacenter, including compute, storage, network, and firewall resources. There are two kinds of virtual datacenters: provider vDCs and organization vDCs. Refer to Figure 20.

Figure 20. Virtual datacenter configuration

Framework

Virtual datacenters


20

A provider vDC is a group of virtualized compute, storage, and network resources (Figure 21). It typically points to the DRS cluster on vSphere and external networks defined in vCloud Director. Provider vDCs allow service providers to support multiple service tiers based on the customer’s requirements for SLAs and costs.

Figure 21. Virtual datacenter resources

An organization vDC is created from the provider vDC. The costing model is defined at the organization vDC. The vApps and the catalog use the organization vDC for their resources. The organization vDC sets the limits for compute, storage, and how much network it can consume from the network pool. An organization or tenant can have many organization vDCs associated with it, based on the costing model or SLA.

There are three types of network available in VMware vCloud Director (Figure 22):

• External networks

• Organization networks

• vApp networks

Networking


Figure 22. vCloud Director networking overview

The external networks are created to communicate with the provider’s network which enables communication with:

• Internet

• IP VPN or MPLS VPN termination

• IP based storage (NFS/iSCSI)

• Shared resource servers like backup, DNS, and NTP

The external network points to a port group on vSphere (Figure 23). The port group can be on a vNetwork distributed switch, vNetwork standard switch, or third-party vSphere switches like Cisco Nexus 1000v.

Figure 23. External networks configuration

The external networks are provisioned by the service provider.

External networks


22

Organization networks are used for communication between different vApps within an organization or external to the organization. There are two types of organization networks (Figure 24):

• Internal organization network

• External organization network

Figure 24. Internal and external organization networks

The organization networks are provisioned by the service provider using the network pools. Figure 25 shows the service provider admin view of the organization networks.

Figure 25. Admin view of organization networks

The vApp network is used for virtual machine communication within the vApp. vApp networks can be provisioned by the consumers (Figure 26). vApp network can also be provisioned from a set of pre-configured network resources called network pools.

The vApp networks can be connected to organization network in three different ways:

• Direct connectivity — A vApp network is bridged directly to an organization network.

• Fenced connectivity — A vApp network is NAT/Routed to an organization network using vShield Edge that provides firewall and NAT functionality.

• Isolated connectivity — A vApp network that is not connected to an organization network and used only the internal vApp communication.

Organization networks

vApp networks


Figure 26. vApp network configuration

Network pools are collections of virtual machine networks that are available to be consumed by virtual datacenters for the creation of vApp networks and organization networks. The network traffic on each network in a pool is isolated, at layer 2 from all other networks.

There are three types of network pools (Figure 27):

• VLAN-backed

• vCD network isolation-backed

• vSphere port-group-backed

Network pools


24

Figure 27. Network pools

Network pools automatically create the necessary port groups on the vSphere network switches as needed (except for port-group-backed pools). For port-group-backed network pools, the port groups should already exist on the vSphere to consume. For the VLAN-backed pools, a list of VLANs that can be consumed needs to be predefined and also should be configured on the physical network switches.

The VCD-NI-backed network pool adds 24 bytes of encapsulation to isolate the network. So, to avoid fragmentation, the MTU size must be changed to 1524 for the entire physical infrastructure.


Consumers can transport their existing virtual machines to the VMware-based cloud using VMware vCloud Connector. vCloud Connector is delivered as a vCenter plug-in as shown in Figure 28.

Figure 28. vSphere client vCloud Connector

Consumers can add the cloud instance by providing the needed information and authentication as shown in Figure 29.

Figure 29. Add cloud interface

Similarly, they can use the vCenter instance or another cloud and they should be able to transport the virtual machines to the cloud (Figure 30).

vCloud connector


26

Figure 30. VM copy to cloud

In vCloud Director, the catalog presents the vApp templates and the media (Figure 31). The catalog can be specific to the organization or can be shared with others if service provider enabled that option.

Figure 31. vApp template catalog

Consumers can deploy vApp using the templates from the catalog or can install on their own using the media available from the catalog or using their own (if allowed).

vCloud Director catalog


VMware vCenter Orchestrator

VMware vCenter Orchestrator is deployed along with VMware vCenter to provide out-of-the-box workflows that can help administrators to automate existing manual tasks. Administrators can use sample workflows from the Orchestrator workflow library and provide a blueprint for creating additional workflows.

In our use case environment we checked the integration of vCloud Director with:

• vCenter Orchestrator

• Cisco Intelligent Automation for Cloud (newScale and Tidal)

Figure 32 shows the logical view of the environment that we used for testing.

Figure 32. vCloud Director and vCenter Orchestrator environment

Overview

Integration with vCenter Orchestrator

Orchestrator environment


28

Table 2 shows the hardware resources used.

Table 2. vCenter Orchestrator hardware resources

Equipment Quantity Configuration

Cisco UCS B200 M1 12 Two quad-core Intel Xeon E5540 2.5 GHz, 48 GB RAM, Cisco UCS M71KR-E CNA.

Nexus 7000 Switch 1 Multiple VLAN

MDS 9000 2 Single HBA zoning

EMC Symmetrix VMAX 1 FC, 600-GB 15K RPM FC drives, 200-GB Flash drives.

EMC VNX5700 1 File & Block. DAEs configured with: 145 300-GB 15K RPM SAS disks, 35 1-TB 7200 RPM near-line SAS disks, 15 200-GB Flash drives.

Table 3 shows the core software resources used.

Table 3. vCenter Orchestrator software resources

Software Version

VMware vCenter (both management and resource)

4.1.0 build 258902

VMware vCloud Director 1.0.0.285979

Oracle Database 11g 11.2.0.1.0

EMC PowerPath VE 5.7 build 122

VMware vCenter Orchestrator 4.1.0 build 581

HTTP-REST Plug-in 1.0.0

vCloud Director Plug-in 1.0.1

vCenter Server Plug-in 4.1.0

vCenter Orchestrator hardware resources

vCenter Orchestrator software resources


The flexible plug-in architecture allows vCenter Orchestrator to interact with various components and third-party products (Figure 33). The plug-ins we used included:

• VMware vCloud Director Plug-in

• HTTP-REST Plug-in

• vCenter Orchestrator plug-in for AMQP

Figure 33. vCenter Orchestrator configuration

vCenter Orchestrator plug-ins


30

vCloud Director plug-in The VMware vCloud Director plug-in provides various workflows that can be reused (Figure 34). If further actions are needed, they can be created with JavaScript using an appropriate API such as the vCloud API.

Figure 34. vCloud Director workflows

HTTP-REST plug-in The HTTP-REST plug-in allows interacting with any web services that support the REST API. The vCenter Server Plug-in allows you to automate various tasks that need to be performed on VMware vCenter. The community tool Project Onyx (a script recorder for vSphere; see Figure 35) captures the manual operation on VMware vCenter and provides the output in JavaScript that can be use in vCenter Orchestrator.

Figure 35. Project Onyx tool


AMQP plug-in The VMware vCenter Orchestrator plug-in for the Advanced Message Queuing Protocol (AMQP; Figure 36), used with RabbitMQ, lets you trigger the workflows on the vCenter Orchestrator based on the messages of the vCloud Director.

Figure 36. AMQP plug-in

We created a sample workflow to:

• Provision storage from EMC Symmetrix VMAX or EMC VNX Series based on the vCenter High Availability cluster.

• Create the datastore.

• Create the provider virtual datacenter.

• Create the organization virtual datacenter within the provider virtual datacenter that we created.

• Create the catalog on the organization virtual datacenter.

Figure 37 shows the workflow that we created on the vCenter Orchestrator.

vCenter Orchestrator test workflow


32

Figure 37. vCenter Orchestrator test workflow

The workflow can be executed from the vCenter Orchestrator client that can be installed on any supported remote machine (Figure 38).

Figure 38. Workflow in vCenter Orchestrator client

The workflow can also be executed using a custom portal created using vCenter Orchestrator Web Views. Figure 39 shows the portal with a custom logo and links for the workflow.


Figure 39. Web Views custom portal

vCenter Orchestrator keeps track of the workflow execution and what options are provided. Figure 40 shows the workflow for LUN provision, datastore creation, provider vDC, organization vDC, and a catalog creation completed within 3 minutes.

Figure 40. vCenter Orchestrator workflow execution record


34

Cisco Intelligent Automation for Cloud

Cisco Intelligent Automation for Cloud contains a self-service portal leveraging newScale as well as an orchestration tool called Tidal Enterprise Orchestrator. The self-service portal can be used for creating a catalog for virtual, cloud, physical, and professional services in the same portal.

Figure 41 shows the logical view of the environment that we used for testing.

Figure 41. Intelligent Automation for Cloud architecture

Overview

Test environment


Table 4 shows the hardware resources used.

Table 4. Intelligent Automation for Cloud hardware resources

Equipment Quantity Configuration



Nexus 7000 Switch 1 Multiple VLAN.

MDS 9000 2 Single HBA Zoning.

EMC Symmetrix VMAX 1 FC, 600-GB 15K RPM FC drives, 200-GB Flash drives.

EMC VNX5700 1 File & Block. DAEs configured with: 145 300-GB 15K RPM SAS disks, 35 1-TB 7200 RPM near-line SAS disks, 15 200-GB Flash drives.

Table 5 shows the core software resources used.

Table 5. Intelligent Automation for Cloud software resources

Software Version

VMware vCenter Management 4.1.0 build 258902

VMware vCenter Resource 5.0.0 build 434157

VMware vCloud Director 1.5.0.401004

Microsoft SQL Server 2005 9.00.3042.00

EMC PowerPath VE 5.7 build 122

Tidal Enterprise Orchestrator 2.1.0.270

newScale 9.1 Service Pack 2

The Cisco Intelligent Automation for Cloud self-service portal allows service providers to design their service catalogs. (This solution can potentially integrate with a customer's existing newScale catalog.) The catalogs can require approvals before deploying a service, track the requests, and show only the services which the user is allowed to order. The portal also allows each tenant to use their own branding based on custom style sheets to set the logo, color scheme, fonts and other customization.

The administrators of the portal can design the services using the Service Designer module by adding the tasks involved with that service, designing the form with data retrieval rules or conditional rules, adding the pricing to show to the customers, and defining escalations if the service was not performed within the duration (Figure 42).

Intelligent Automation for Cloud hardware resources

Intelligent Automation for Cloud software resources

Self-service portal


36

Figure 42. Intelligent Automation for Cloud portal configuration

Cisco Tidal Enterprise Orchestrator is an IT process automation platform that provides automation and interoperability across service-delivery processes using a drag and drop interface (Figure 43). Using the appropriate adapters, this tool not only orchestrates the cloud infrastructure but also the vApps in that cloud. It supports automation of SAP, SQL Server, other databases, Microsoft Exchange Server, Windows Server, and Active Directory.

Figure 43. Tidal Enterprise Orchestrator

The Web Service Adapter enables communication with any REST API server including vCloud Director. Once defined, it can be reused in any processes. Automation packs assist in transporting the processes from one server to another (Figure 44).

Tidal Enterprise Orchestrator


Figure 44. Tidal Enterprise Orchestrator Web Service adapter

In our test scenario workflow we established four provider vDCs, and whenever a new organization is created, we wanted to create four organization vDCs and an admin user in that organization (Figure 45).

Figure 45. Organization creation

We created a basic form on newScale for the user to provide the organization name and its full name. Based on that input, we set up a trigger to be created on Tidal Enterprise Orchestrator (Figure 46).

Tidal Enterprise Orchestrator test workflow


38

Figure 46. Tidal Enterprise Orchestrator trigger

Figure 46 shows the process, outlined in Figure 47, was started by the trigger and executes the process to create the organization, four organization vDCs and the admin user in vCloud Director.


Figure 47. Organization and vDC creation process flowchart

The status update is sent back to newScale on the service request. Figure 48 shows that the service request is handled in a minute and the task is performed by the agent Tidal.

Figure 48. newScale task information status


40

You can also confirm from vCloud Director that those organization vDCs are created along with the user account (Figure 49).

Figure 49. vCloud Director confirmation

The self-service portal communicated to Tidal Enterprise Orchestrator using the agents defined in the ServiceLink module (Figure 50).

Figure 50. ServiceLink agent status

The form is using the agent shown in Figure 50 to perform the task as seen on the plan section of that form, as shown in Figure 51.


Figure 51. ServiceLink agent plan

The ServiceLink agent makes the necessary XML transformations to communicate with Tidal and kicks off the process by its ID specified in the configuration (XREF).

Figure 52. ServiceLink process kick off

That generic process retrieves information and creates an alert based on the task as shown in Figure 53.


42

Figure 53. Task process flowchart

Based on the trigger with a specific task, any process can be executed by adding the trigger value (Figure 54).

Figure 54. Adding a trigger to process properties

Once set up, the workflows can be defined easily by dragging and dropping them and setting the correct property values, as shown in Figure 55.


Figure 55. Workflow property values


44

Conclusion

The Compute-as-a-Service solution enables service providers to build an enterprise-class, scalable, multi-tenant platform for complete compute service lifecycle management. This solution provides on-demand access and control of network bandwidth, servers, storage, and security while allowing service providers to maximize asset utilization. Specifically, EMC CaaS integrates all of the key functionality that your customers demand, and provides the foundation for adding other services such as backup and virtual desktop infrastructure.

The Compute-as-a-Service solution supports both a VMware vCloud Director/vCenter Orchestrator stack and VMware vCloud Director/Cisco Intelligent Automation for Cloud technology stack. This flexibility allows you to deliver the cloud-based services that your customers demand with the familiar functionality that they are accustomed to.

EMC Proven Solutions help customers identify and overcome business challenges by reducing risk and time-to-value of their information infrastructure. EMC leverages its expertise and proven technologies with its strategic relationships with Cisco, Microsoft, Oracle, SAP, and VMware to deliver solutions that support our customers business and technical requirements. All solutions are rigorously tested and documented with reference architectures and best practices designed to reduce the total cost of ownership of the infrastructure and increase IT Efficiency.

EMC offers a portfolio of consulting and professional services for service providers and their customers to assist in balancing workloads across service delivery models – ranging from legacy physical architectures and virtualized infrastructures through on– and off-premise cloud architectures. The EMC Cloud Advisory Service with Cloud Optimizer helps customers develop a strategy for optimizing the placement of application workloads. By assessing three factors – economics, trust and functionality – organizations can maximize their cost savings and business agility gained through the use of private and public cloud resources.

Summary

About EMC Proven™ Solutions

Take the next step


References

For additional information, see the white papers listed below.

• VMware vCloud — Architecting a vCloud (VMware)

• Four Steps to Private Cloud Implementation Success (Cisco)

For additional information, see the product documents listed below.

• VMware vCloud Director Documentation

• VMware vSphere Documentation

• VMware vCenter Orchestrator Documentation

For additional information, see the documents listed below.

• VMware vCloud Architecture Toolkit

• Getting started with Perspectives Webview

• Cisco Intelligent Automation for Cloud

White papers

Product documentation

Other documentation

http://www.vmware.com/files/pdf/VMware-Architecting-vCloud-WP.pdf�

http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6505/ps11869/four_steps_to_private_cloud_implementation.pdf�

http://www.vmware.com/support/pubs/vcd_pubs.html�

http://www.vmware.com/support/pubs/vsphere-esxi-vcenter-server-pubs.html�

http://www.vmware.com/support/pubs/orchestrator_pubs.html�

http://www.vmware.com/cloud-computing/cloud-architecture/vcat-toolkit.html�

http://www.vcoteam.info/�

http://www.cisco.com/en/US/products/ps11869/index.html�

White Paper: EMC Compute-as-a-Service

Technology

Transcript of White Paper: EMC Compute-as-a-Service