Varrow VMworld Update and vCHS Lunch and Learn Presentation
Upcoming SlideShare
Loading in...5
×
 

Varrow VMworld Update and vCHS Lunch and Learn Presentation

on

  • 956 views

This is the vCHS and VMworld Update presentation we are using for our Q4 2013 Lunch and Learn Series.

This is the vCHS and VMworld Update presentation we are using for our Q4 2013 Lunch and Learn Series.

Statistics

Views

Total Views
956
Views on SlideShare
951
Embed Views
5

Actions

Likes
1
Downloads
19
Comments
0

2 Embeds 5

https://twitter.com 4
http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • The adoption of server virtualization over the past decade has resulted in a completely new operational model for provisioning and managing applications workloads in the data center. The ability to be dynamic, to treat physical compute (hosts) as a pool of CPU, memory and storage capacity that can be consumed and repurposed on demand, transformed the server market landscape and saved businesses billions of dollars. However, the network to which these now dynamic workloads are connected has not kept pace. The network operational model is the same as it has been for 25 years, designed in a time when workloads were static and ran directly on physical servers. This antiquated operational model is broken and is now a barrier to achieving the full benefits of virtualization: Legacy physical networks are complex, hardware dependant and require vendor specific expertise Network provisioning is a slow and manual process, taking days or weeks to provision even simple network topologies. Legacy VLANs make networking operationally intensive, requiring significant manual configuration and maintenance Workload placement and mobility is limited by physical network constraints and topology Security is bolted-on and creates chokepoints and hairpinning firewall rule tables are complex. In a dynamic datacenter environments, every time new firewall rules are needed, firewall rule table must be updated, a process that can take weeks. Network services such as load balancing are provided by costly purpose-built hardware appliances and cannot scale with the business requirements.The solution to address the challenges of the legacy network is to virtualize the network.Vmware did a great job of virtualizing a server and now we are doing the same for the network. What if you could programmatically provision any network to allow you to place any workload anywhere which then could be moved anywhere which is then independent of any physical hardware and provides you operationally efficiently where now you can deploy any of the complex applications within minutes. That is the goal of network virtualization. Network virtualization layer abstracts physical network constructs and greatly simplifies the provisioning and consumption of networking moving forward. In addition, security services are built in, do not require purpose-built hardware, and can scale with the network
  • Introducing VMware NSX.NSX is the network virtualization platform that delivers the entire networking and security model in software, decoupled from traditional networking hardware. The VMware NSX platform brings together the best of Nicira NVP and VMware vCloud Network and Security (vCNS) into one unified platform.  It can be deployed on top of any physical IP network fabric, resident with any compute hypervisor, connecting to any external network, and consumed by any cloud management platform.Let’s dig deeper and understand how it work.Like server virtualization, the NSX approach allows data center operators to treat their physical network as a pool of transport capacity that can be consumed and repurposed on demand. Like a virtual machine is a software container which presents logical CPU, memory and storage to an application, a virtual network is a software container that presents logical network components to connected workloads – logical switches, logical routers, logical firewalls, logical load balancers, logical VPNs and more. Virtual networks are programmatically created, provisioned and managed, utilizing the underlying physical network as a simple packet forwarding backplane. Network services are programmatically distributed to each VM, independent of the underlying network hardware or topology, so workloads can be dynamically added or moved without any human intervention and all of the network and security services attached to the VM move with it, anywhere in the data center of between multiple data centers.NSX works by firstCompletely decoupling virtual networks from physical network hardwareThe network virtualization layer works as an overlay above any physical network hardware and works with any server hypervisor platform. This means that the only requirement from a physical network is that it provide IP transport. There is no dependence on the underlying hardware or hypervisor deployed.2. NSX then, faithfully reproduces the physical network model in the virtual network space, so that workloads see no difference.Itreproduces the entire networking environment,  L2, L3 , L4-7 network services, in  software within the virtual network. The workloads that are connected to the software network, see the network model as if they are connected to the physical network. Not only that, NSX provides a distributed logical architecture for L2-7 services including, logical switch, router, firewall and load balancer, enabling the network and security services to move and scale with the VMs. In addition, the distributed firewall with identity context provides line rate performance. NSX also includes a global server load balancer with SSL termination. And it also provides gateway capability allowing seamless connection to legacy VLANs and physical workloads.3. NSX Automation is from both a cloud operations and network operations perspective.NSX offers a way to automate the consumption of services and their mapping to Virtual Machines using logical policy, greatly improving operations. Customers can assign policies to groups of VMs and as more VMs are added to the group, the policy is automatically applied to the VM. Customers can build advanced workflows automating their network provisioning and security/compliance workflows such as n-tier application provisioning including L2, load balancing VIPs and Firewall rules. 4. Finally NSX offers a platform to insert other vendor services. As VMs vMotion from host to host, partner services maintain connection state and protection for those VMs. Partners can also take advantage of policy based deployment described above. Partners services can be applied selectively based on regulations such as PCI or HIIPA or on specific applicationsBy virtualizing the underlying physical network, NSX delivers a completely new operational model for networking that breaks through current physical network barriers and allows data center operators to achieve orders of magnitude better agility and economics. Benefits include: Innovation speed & business velocity: Complex multi-tier network topologies to be created and provisioned programmatically in seconds. Some customers reduced network provisioning time from days to seconds Dramatic cost savings. OPEX savings exceed CAPEX saving, contributing to an overall steady state IT expense reduction. In fact, a large financial services company estimates combined OPEX and CAPEX results in 75% reduction in overall IT expenses NSX provides the operational model of a VM for the network. The ability to programmatically create, provision, snapshot, delete, restore complex, multi-tier networks all in software The deployments is Non-disruptive and existing applications work unmodified.NSX will GA in Q3 of 2013
  • VMware continues to offer vCloud Networking and Security product as part of the vCloud Suites. In 2013, this product is no longer offered standalone, it is only available bundled with vCloud suites. vCloud Networking and Security, bundled with the vCloud Suite is a completely separate product from VMware NSX. vCloud Networking and Security provides fundamental networking a security features for virtualized compute environments.Now let’s take a look at the components that make up vCloud Networking and Security.Edge virtual appliance delivers an operationally efficient, simple and cost-effective security services gateway to secure the perimeter of virtual datacenters and provide integrated services such as loadbalancing, VPN, NAT etc.App: is used to isolate and protect workloads based on trust levels, so that customers can protect critical applications in the virtual datacenterData Security: adds to App functionality and provides Sensitive Data Discovery across virtualized resources, enabling IT organizations to quickly assess the state of compliance with regulations from across the world. VXLAN – VXLAN works by creating Layer 2 logical networks that are encapsulated in standard Layer 3 IP packets. A "Segment ID" in every frame differentiates the VXLAN logical networks from each other without any need for VLAN tags. This allows large numbers of isolated Layer 2 VXLAN networks to co-exist on a common Layer 3 infrastructure. Note that VXLAN requires multicast in physical networks to be turned on. VXLAN technology allows compute resources to be pooled across contiguous clusters and then segment this pool into logical networks attached to applications.vShield Manager: integrates with vCenter and vCloud Director for seamless management of all virtual datacenter resources.Benefits:By including vCNS in vCloud suite, VMware has bundled the foundational networking and security functionality for virtualized environments in a single SKU.vCNS enables customers to pools compute resources across clusters and improve server utilization and improve Workload mobility. Customers realize cost savings by use of virtual appliances instead of purpose built hardware for services such as perimeter firewall, load balancer, VPN.App firewall helps customers isolate critical applications on shared infrastructure and meet their compliance goals
  • But the world is changing. Let’s take a look at the major trends that are enabling a whole new approach to storage. There are 3 major trends happening today:Severs are becoming increasingly powerful with multi-core CPUs and denser memory Server side flash and disks are becoming more affordable and reliable openingvSphere has become the default platform to run application and with its privileged position in the stack it has unique visibility into the needs to applications and the capabilities of underlying hardware
  • Software-defined storage delivers three key aspects of storage purely as software:Automated storage consumption through policiesVirtualized hardware-agnostic data servicesHypervisor storage abstraction on heterogeneous hardware
  • Virtual SAN clusters server disks to create radically simple shared storage designed for virtual machines. Virtual SAN automates storage provisioning and management with a self-tuning VM-centric approach. It enables two-click storage provisioning and automatically maintains the storage capacity, performance and availability required for individual VMs. By enabling a scale-out architecture with built-in read/write SSD caching, it delivers high performance, resiliency against multiple hardware failures and dynamic scalability. It reduces both capital and operating expenditures to deliver upto 50% lower TCO.
  • VSAN can be deployed in a wide range of use cases. The most significant ones that we see initially are: VDI, T/D or tier 2 environments, DR thanks to the integration with SRM and VR, ROBO, Big Data
  • VMware provides a suite of Business Continuity solutions to offer holistic BCDR protection to all applications running on the vSphere platform. These solutions provide simple, cost-effective protection with a common solution for all your applications. The VMware BCDR solutions includes: Local availability products to protect applications against downtime of individual hosts. This includes vSphere HA and FT for unplanned downtime, as well as vMotion and Storage vMotion for planned downtime. Data protection solutions to back up entire VMs, including OS, application binaries, and application data, in a simple, non-disruptive manner. This includes vSphere Data Protection, an entirely new backup and recovery solution designed for vSphere, replacing vSphere Data Recovery and designed for smaller deployments, and the Storage APIs for Data Protection that enable third party backup vendors to integrate directly with vCenter and vSphere.Disaster Recovery - vSphere Replication is an exciting addition to the vSphere platform providing cost-efficient and simple way to manage replication. vCenter Site Recovery Manager leverages vSphere and vSphere Replication to protect applications against site failures and to streamline planned migrations.
  • vSphere App HA is a new feature that complements the functionality of vSphere HA to detect and recover from application failure. App HA improves application uptime through policy-based,application-level monitoring and automated remediation with multiple recovery options, e.g. restart the application service or restart the virtual machine.App HA eliminates the need for application-specific clustering solutions, therefore reducing the complexity involved in managing infrastructure silos, as well as cost associated with the solutions. vSphere App HA leverages VMware vFabric™ Hyperic® to deliver uniform monitoring and support for the most commonly used, off-the-shelf applications.
  • vSphere Flash Read Cache isvSphere feature that virtualizes server side flash providing a high performance read cache layer that dramatically lowers application latency. The caching is fully transparent to the VM without requiring any guest agents. vSphere Flash Read Cache enables allocation of flash resources at a per-VMDK granularity providing vMotion consistent read caching and integration with DRS for initial placement 
  • vSphere Replication is the only true hypervisor-based replication solution for vSphere, enabling simpler management directly from vCenter Server with virtual machine granularity. It natively integrates with SRM for customers that want to full automated DR orchestration. vSphere Replication provides robust asynchronous replication with flexible Recovery Point Objectives (RPO) that can get as low as 15min. Because it operates at the individual virtual machine disk (VMDK) level, it enablesreplication that is storage agnostic. Customers can save not only on replication software, but also on storage infrastructure by using lower end, heterogeneous arrays across sites, including Direct Attached Storage.What’s new: Multiple point-in-time snapshots enable to retain historical points in time of replication and to recover from previous “last-known-good state” Multiple replication appliances per vCenter Server enables open topologies that can now be broadened to encompass inter-datacenter replication and intra-datacenter replication Support for Storage vMotion and Storage DRS enables to move VMs within the protected (primary) site
  • All of the hybrid cloud scenarios require a high level of consistency between clouds.If we start with what your data center looks like today, you have built infrastructure based on investments in enterprise hardware and software – servers, storage, networking and security, virtualization and management. Most of you have virtualized with VMware and some of you have started building catalogs of gold templates and vApps for your virtual environment. Some of you have also written some automation scripts with the vCloud API.vCloud Hybrid Service is designed to replicate your data center. It is built on the same stack that you are currently using and that makes it simple for you to treat vCHS as a natural extension to your current data center.Only VMware has provided a solution that maintains the same storage format (VMDK), allows you to extend your existing Layer 2 network, consistently copies your firewall and NAT rules, while also synchronizing those templates. Furthermore, as the service is built on vSphere and vCloud Director, you can expect your VMs to behave the same. You can even reuse your vCloud API automation scripts.This is complete compatibility across the entire stack which enables all of the hybrid cloud use cases mentioned earlier.
  • The possibilities for using vCloud Hybrid Service is everything from the low hanging fruit applications such as email, collaboration systems, and web applications to complex custom line-of-business applications. Regardless of the type of application you’re looking to run, using the Hybrid Service capacity as an initial testing and integration testing environment is common. Once initial application and workload testing is done, feel confident that you can move workloads into production in the same environment since our service was designed and architected to provide production-level service and support.
  • When customers are evaluating a cloud service provider, the 3 platforms that are often mentioned include Amazon Web Services, Rackspace Cloud Servers (built on Openstack technology), and Microsoft Windows Azure. In terms of cloud market share, Amazon is the clear leader with an estimated 60-70% market share. That is followed by Rackspace in the #2 spot. Windows Azure has the weight of Microsoft behind them.VMware vCloud Hybrid Service is something quite different than all these 3 platforms. We looked at these other services and found their shortcomings. Then, we went and built a new service that solves the problems that these clouds cannot – we have a service that can bridge the gap between on-premises and off-premises to deliver a true hybrid cloud.So why vCHS is different? How does vCHS stand against these other vendors that have been providing services longer than we have? How do you position our differentiators?
  • VMware is uniquely positioned to offer the best hybrid cloud because it is built on the same stack being used in the majority of data centers today. With 480,000 customers running vSphere and many of them with VMware-first policies, there are approximately 36 million virtual machines out there running on VMware technology. vCloud Hybrid Service is a seamless extension of a customer’s data center – with seamless networking, common management, and ability to support both existing and new applications.But what exactly are those differentiators? How is this different than what AWS, Azure, or Rackspace can do?
  • The three pillars to differentiation are:vCloud Hybrid Service is the fastest path to cloudVMware is delivering a true hybrid cloud with this service that is a natural extension to customers’ existing data centersAnd vCHS is the most pragmatic approach to cloud which drives down the risk and cost of going to the cloudThe first point is about our ability to support more workloads in a cloud environment than any other service out there – In other words, vCHS is the best public cloud.The second point is about delivering on the promise of hybrid cloud that goes far above what other services can do – In other words vCHS and VMware deliver the best hybrid cloud.The last point is about how we make it easy and painless for companies to adopt vCHS, removing the barriers that often hold companies back.
  • To summarize, VMware is delivering the best hybrid cloud in the market. First, it is able to support the 36 million VMs that are deployed on VMware today. vCloud Hybrid Service is a completely consistent and compatible environment to vSphere on premises. Customers don’t need to do any conversions when they move workloads, meaning there is no need to redesign anything.Where competitors falls short:AWS: There is no “on-premises” version of AWS. That means an AWS hybrid cloud requires workloads that are mainly built on vSphere must be completely converted to run on AWS (and vice versa). This is challenging because AWS is built on a version of the Xen hypervisor. To make AWS more “hybrid” friendly, AWS created the VM import/export tool which is a way to convert vSphere VMs to run on AWS. The problem is this tool only works with Windows 2003 and Windows 2008 VMs… It doesn’t support older Windows or Windows 2012 VMs and it doesn’t support Linux VMs. Another major problem is that a VM that was built in a vSphere environment typically relies on the infrastructure to be resilient (via vSphere HA). The EC2 infrastructure is not inherently resilient meaning these same applications will need to be redesigned to make them work well in an AWS environment.Azure: Microsoft recently added Azure Infrastructure Services to meet the needs of users who were looking for an IaaS solution. This was not the original intent of Azure which was really designed to be a PaaS solution. Azure is the closest to being able to match VMware’s hybrid capabilities, but there are still some important limitations. For example, if a customer is running the most current version of Hyper-V on-premise, that means they are running Windows Server 2012 and the storage format for VMs in this generation are VHDX files. However, Azure doesn’t support VHDX. So the customer must downgrade the file to VHD first. Also, when migrating a Hyper-V VM to Azure, there are several extra steps that must be taken – especially if it is a Linux VM. With Linux VMs, an additional package must be inserted to make it “Azure-aware”. And while Hyper-V supports failover clustering and HA, Azure does not. So again, the VM must be redesigned to make it work well in an Azure environment.Rackspace Cloud Servers is based on OpenStack Nova technology. Currently, it is running the Folsom release of Openstack on KVM. While the Openstack technology can be used to build clouds on-premise, adoption is still in its early phase. Also, if a company runs their on-premise Openstack environment on Xen or vSphere or Hyper-V, then the VMs deployed on-premise will not be consistent with Rackspace Cloud Servers. To solve some of these compatibility issues, Rackspace also provides a Private Cloud edition of their Cloud Servers. While that helps resolve the platform compatibility issue, the Openstack community has not solved the VM migration problem. Right now, only image templates can be shared across openstack-based clouds. There is no capability to move an instance between clouds. And once again, there is no resiliency built into the Rackspace architecture.
  • Seamless Network Integration is a critical strength for VMware that builds on both our vCloud Networking & Security (formerly vShield) technology, VXLAN network virtualization, and vCloud Connector. VMware is the only vendor that has made networking between on- and off-premises completely seamless with these unique capabilities:For example, with VMware you can take your existing Layer 2 network from your on-premises data center and extend that to vCloud Hybrid Service. That means VMs that reside on vCloud Hybrid Service can use the exact same Layer 2 domain even though it sits in a different Layer 3 network.In addition, you can take a vApp template – a group of VMs that are working together - with all of the intra-VM communication settings, and simply copy and paste this into vCHS while maintaining all of the internal networks. You don’t have to redesign these. You can also maintain the same IP and MAC addresses for a VM when you migrate them between clouds. Finally, you can maintain all of the Firewall rules that you’ve designed for your internal network and simply migrate those into vCHS as well – making your deployments in vCHS more secure and less prone to human error that comes from having to recreate security rules.
  • Second, VMware delivers unparalleled network integration between on-premise data centers and vCHS. These capabilities make it easier to extend into the cloud:Extending Layer 2 networks across different Layer 3 networks: A customer can take a Layer 2 domain they are using in their data center and extend that into vCHS. That way, VMs deployed in vCHS appear to be in the same Layer 2 network as those on-premise. One example where this becomes important is deploying a distributed Sharepoint environment. Without this capability, a separate Domain/AD set up is required.With vCloud Connector and vCloud Networking & Security (requires vCD 5.1), a virtual machine can be migrated (offline) from an on-premise data center into vCHS without need to change the IP and MAC addresses. Going back to the Sharepoint example, this means that a web server can simply be moved over to vCHS without having to reset all the authentication and networking rules.Also with vCloud Connector and vCloud Networking & Security, the firewall and NAT rules that you’ve defined on-premise can be seamlessly migrated into the vCHS. This actually can improve security because you are less susceptible to human error.Where competitors falls short:AWS – AWS relies on “Elastic IP” which is a Layer 3 construct that is specific to AWS only. It is a static IP tied to AWS instances, although they are different and not interchangeable between “EC2-classic” versus “EC2 VPCs”. Because of this reliance on Elastic IP, when a customer migrates VMs into AWS, they have to completely re-architect the networking to make these VMs work. Think for example if you have a 5-VM application (1 DB, 2 App Servers, 2 Web Servers). With AWS, you have to move each VM and then reconnect all of the networking rules between them. The same is true for any security firewall/NAT settings. They are all completely redesigned.Azure – Azure VMs carry over some virtual networking capabilities introduced recently in Hyper-V. The interesting scenario is when you want an Azure VM talk to an Azure Cloud Service (part of the original PaaS platform). Since these environments are completely unique platforms, the only way to do so is to route the traffic through an external network. In terms of controlling the network settings, there is very little accessible in the Azure UI. All networking design and set up must be replicated manually via PowerShell or scripts. That is true for both networking and security.Rackspace Cloud Servers – Quantum came out of incubation is the network virtualization solution for OpenStack. Rackspace has rolled out Quantum as part of “Cloud Networks” – it uses Open vSwitch and Nicira NVP (which is now part of VMware). While Cloud Networks does improve the ability to create networks via software, and it has the capability to do the Layer 3 stretching we are talking about, it is not supported with Cloud Networks today. Even with NVP, though, Rackspace does not have a solution that allows the network and security settings of on-premise VMs be carried into Rackspace Cloud Servers. * Side note on security settings: When lines of business and developers go straight to cloud (and bypass IT) there is no way to know if they are following company security policies. Now, when you add in a layer of self-design, the chances for human error causing serious GRC problems increases dramatically. With vCloud Hybrid Service, companies can leverage the security settings that have been well-defined and managed with internal workloads and copy them into the cloud. Less room for error, easier to maintain GRC.
  • VMware delivers unparalleled network integration between on-premise data centers and vCHS. These capabilities make it easier to extend into the cloud:-Extending Layer 2 networks across different Layer 3 networks: A customer can take a Layer 2 domain they are using in their data center and extend that into vCHS. One example where this becomes important is deploying a distributed Sharepoint environment where the SQL database remains on premise and the web front end is in vCHS. Now both parts of the application are within the same domain even though they are in separate environments. That also means less work maintaining a DNS server to keep track of where things are pointing.-With vCloud Connector and vCloud Networking & Security (requires vCD 5.1), a virtual machine can be migrated (while powered off) from an on-premise data center into vCHS without the need to change the IP and MAC addresses and the firewall and NAT rules. That means everything a team has already defined on-premise can be seamlessly migrated into the vCHS. This actually can improve security because you are less susceptible to human error.-vCHS networking is both powerful and intuitive. Each Edge Gateway device is also extremely flexible and can support up to 9 different routable IP spaces. Yet the entire networking architecture for vCHS is a virtual implementation of traditional physical networking. That makes it far more intuitive for users - there's nothing new to learn. And by providing RBAC, vCHS can separate the policy implementation (IT designs the network gateways) from the infrastructure consumption (AppDev just attaches a VM to one of the network gateways provided by IT). See note below.Where competitors falls short:•AWS – AWS relies on “Elastic IP” which is a proprietary Layer 3 construct that is specific to AWS only. Because of this reliance on Elastic IP, when a customer migrates VMs into AWS, they have to completely re-architect the networking to make these VMs work. Think for example if you have a 5-VM application (1 DB, 2 App Servers, 2 Web Servers). With AWS, you have to convert each VM (already a painful process) and then reconnect all of the networking rules between them using proprietary constructs that do not exist elsewhere. The same is true for any security firewall/NAT settings which must be completely redesigned using Security Groups. And since all of this is controlled locally, the app developer must become the networking and security expert.•Azure – Azure VMs carry over some virtual networking capabilities introduced recently in Hyper-V. The interesting scenario is when you want an Azure VM talk to an Azure Cloud Service (part of the original PaaS platform). Since these environments are completely unique platforms, the only way to do so is to route the traffic through an external network. In terms of controlling the network settings, there is very little accessible in the Azure UI. All networking design and set up must be replicated manually via PowerShell or scripts. That is true for both networking and security.•Rackspace Cloud Servers – Quantum came out of incubation is the network virtualization solution for OpenStack. Rackspace has rolled out Quantum as part of “Cloud Networks” – it uses Open vSwitch and Nicira NVP (which is now part of VMware). While Cloud Networks does improve the ability to create networks via software, and it has the capability to do the Layer 3 stretching we are talking about, it is not supported with Cloud Networks today. Even with NVP, though, Rackspace does not have a solution that allows the network and security settings of on-premise VMs be carried into Rackspace Cloud Servers.* Side note on security settings: When lines of business and developers go straight to cloud (and bypass IT) there is no way to know if they are following company security policies. Now, when you add in a layer of self-design, the chances for human error causing serious GRC problems increases dramatically. With vCloud Hybrid Service, companies can leverage the security settings that have been well-defined and managed with internal workloads and copy them into the cloud. Less room for error, easier to maintain GRC.
  • When you compare that to what AWS calls a Hybrid Cloud, the differences are clear.AWS often highlights its VM Import/Export tool as being a great way to move vSphere VMs into AWS (and AWS AMIs back onto vSphere). However, what they don’t often show you are the complexities of this process and the limitations of the tool. For one, the tool only works for Windows Server 2003 and 2008 instances. It does not support Windows Server 2012 nor does it support any Linux VM. But even when it is importing a Windows-based VM, it is not a simple offline migration like it is with vCHS. That is because AWS is built on a proprietary Xen-based hypervisor and format called AMI. A vSphere VM is based on a completely different technology and format (OVF) and the conversion from OVF to AMI requires a lot of scripting and preparation.Even after a VM has been converted (which can take a very long time depending on the size of the VM), the networking and security must be completely redesigned using AWS constructs like Elastic IP. Now consider how complex this would be with a a multi-VM application (like a vApp).
  • Part of what customers are looking for in a hybrid cloud is also the ability to manage both on- and off-premises environments using the same tools. With vCHS, companies can use the tools they’re already using. The vCloud Connector plug-in for vSphere allows an admin to manage and migrate VMs through vCenter. And with integration to vCloud Automation Center, a company can present a single portal to the end users while maintaining access to an internal private cloud, vCloud Hybrid Service, and other platforms including AWS and Azure.The integration with vCAC allows a company to define policies that automatically provision applications into one of the platforms based on needs. The beauty of vCHS is that it is practically invisible to the end user.
  • Today, there are more than 480,000 customers running VMware internally. That means there are millions of applications that have been tested and vetted to run on VMware. Now, when we last surveyed customers 2 years ago, we saw that a large majority of these customers were using VMware vMotion, High Availability, and DRS in production. That means most customers have come to rely and trust the VMware technology for their applications and have learned to tune their applications to run well on VMware; They have come to expect a certain level of security, reliability, and performance.Now when you compare the technology in most public clouds, many of these basic features are not supported. If the cloud does not support these features, the applications that have been running well in a VMware virtualization environment no longer have the same behavior. Consider for example what happens when a host becomes offline…either due to planned & unplanned downtime. For an application built on-premises in a VMware environment, the line of business application owners are probably accustomed to a certain level of availability and performance that comes from enabling vSphere HA and DRS. All of these things that applications have relied on are no longer available in these other clouds. That makes it difficult to support existing applications in these clouds.This goes back to the core architecture of these competing clouds…
  • vCHS is built on a different model where the underlying infrastructure is responsible for availability. In fact, each cloud in vCHS is provided a built-in failover node specifically for the automatic recovery of failed hosts and VMs. The main advantage of this model is that it can support any virtualized application. But this extra node also provides another benefit to customers – with an extra node, regular host maintenance and patch updating can occur without forcing to bring down all the VMs – they can be migrated one-by-one to the spare capacity, minimizing maintenance downtime.By being built on vSphere, customers are also less likely to have applications impacted by performance issues. That is because vCHS supports DRS and Storage vMotion – features that enable the rebalancing of a customer’s environment based on current demands.
  • For both services, Firewalls, VPNs, Load Balancers, Disk I/O, Redundancy & HA, DHCP & NAT are included. We do not charge for these and they are “free” to the customer. This is unlike some of our competitors who charge for each of these individually.

Varrow VMworld Update and vCHS Lunch and Learn Presentation Varrow VMworld Update and vCHS Lunch and Learn Presentation Presentation Transcript

  • Varrow Lunch and Learn Series – Q4 2013 VMWORLD UPDATE AND VCHS www.varrow.com
  • VMworld 2013 Product and Services Announcements www.varrow.com
  • What If? The same principles that transformed a single layer of the data center… Abstract. Pool. Automate. and delivered unprecedented value for customers… were applied to the entire data center? www.varrow.com
  • Software-Defined Data Center The ideal architecture for private, hybrid and public clouds. All infrastructure is virtualized and delivered as a service, and the control of this data center is entirely automated by software. www.varrow.com
  • VMware’s SDDC Architecture Software-Defined Data Center Management and Automation Compute Abstract. Network and Security Pool. Storage and Availability Automate. www.varrow.com
  • Software-Defined Data Center Solves IT Pain Points VMware’s Software-Defined Data Center Delivers Transformational Levels of: Control Traditional IT pain points Inefficiency Reduce IT capex by 75% and opex by 56%* Cloud Service Provider Economics Agility Choice New IT pain points Downtime Reduce downtime for tier 1 applications by 36%* Cloud on Your Terms Inflexibility Increase IT productivity by 67%* Apps at Business Speed Fear of Lock-In Support for over 500 ISV solutions and 80 operating systems Any App Anywhere * Claims being validated by the Taneja Group (final numbers expected August, 2013). www.varrow.com
  • Network Virtualization Transforming the Network to Speed Business Innovation www.varrow.com
  • SDDC On-Premises Network and Security Products Management and Automation vCloud Automation Center vCenter Operations Management Suite IT Business Management Suite vCenter Server and vCloud Director Compute Network / Security Storage / Availability vCloud Networking and Security vCenter Site Recovery Manager NSX Virtual SAN vSphere www.varrow.com
  • Why Network Virtualization Solution: Virtualize the A Barrier to Physical Network: Network Software Defined Data Center VDC • • • • • Programmatic slow Provisioning is provisioning Place any is limited Placementworkload anywhere Move any limited Mobility is workload anywhere Decoupled from hardware Hardware dependent Operationally intensive efficient SOFTWARE-DEFINED DATACENTER SERVICES Network Virtualization Abstraction Layer Compute Virtualization Abstraction Layer Physical Infrastructure www.varrow.com
  • VMware NSX – The Platform for Network Virtualization Networking in Software • Logical Switching– Layer 2 over Layer 3, decoupled from the physical network • Logical Routing– Routing between virtual networks without exiting the software container • Logical Firewall – Distributed Firewall, Kernel Integrated, High Performance • Logical Load Balancer – GSLB in software • Logical VPN – Site-to-Site & Remote Access VPN in software • NSX API – RESTful API for integration into any Cloud Management Platform • Partner Eco-System www.varrow.com
  • vCloud Networking and Security (vCNS) – Networking and Security Capabilities of the vCloud Suite How it works • Edge virtual appliance providing integrated gateways services, such as Firewall, Load Balancing, NAT, VPN • App vNIC level firewall • VXLAN extended networks • Integration with vCenter and vCloud Director Benefits • Simplified packaging, only available in vCloud Suites • Improve workload mobility and compute utilization across clusters • Cost savings from the use of virtual appliance for L4-L7 services instead of purpose built hardware. • Meet compliance goals with ability to isolate critical applications in a shared infrastructure www.varrow.com
  • Networking and Security: Key Takeaways 1 Removes the last barrier to SDDC 2 Transforms the network operational model 3 Increases business speed, reduces IT costs and enables choice www.varrow.com
  • Software-Defined Storage and Availability Fully Abstracted, Pooled, Automated Storage for the Software-Defined Data Center www.varrow.com
  • SDDC On-Premises Storage and Availability Products Management and Automation vCloud Automation Center vCenter Operations Management Suite IT Business Management Suite vCenter Server and vCloud Director Compute Network / Security Storage / Availability vCloud Networking and Security vCenter Site Recovery Manager NSX Virtual SAN vSphere www.varrow.com
  • Several Storage Trends Are Enabling A New Approach To Storage Increasingly Powerful Servers www.varrow.com
  • VMware Approach to Software-Defined Storage Software-Defined Storage Policy-based Storage Management VM-centric policies for placement, protection, and performance Virtualized Data Services VM-centric snapshots, clones, replication, backup, etc. Hypervisor Storage Abstraction Heterogeneous storage consumed as datastores and VMDKs Release Plans SSD SAN/NAS • VMware Virsto • vSphere Flash Read Cache • Virtual Volumes HDD DAS • VSAN - Public Beta in Q3 2013. GA with vSphere 5.5 U1 in H1 2014 • Virsto - available since Q1 2013 • Flash Read Cache - GA with vSphere 5.5 • Virtual Volumes - 2014+ VMware Virtual SAN www.varrow.com
  • VMware Virtual SAN: Software Defined Storage With Unparalleled Efficiency & Agility Overview • VMware vCenter Server • vSphere • VSAN • ……………. SSD Hard disks SSD Hard disks SSD Hard disks SSD Hard disks Virtual SAN abstracts and pools solid state drives and hard disks from multiple servers to create shared storage Redefines the hypervisor to cluster compute and storage Policy based management for self-tuning VM-centric storage Scale-out architecture with built-in SSD caching Benefits • Radically simple storage designed for virtual machines Clustered VSAN Datastore • Fast, resilient, dynamic • Up to 50% lower TCO for comparable performance www.varrow.com
  • VMware VSAN – Initial Use Cases Virtual Desktop (VDI) VSAN  High Performance  No Bottlenecks Tier2/3 Test & Dev  Fast Provisioning  Low Cost VSAN vSphere vSphere Big Data  Scale-Out  High Bandwidth Site A DR Target ROBO Site B VSAN vSphere  Reduced hardware at remote site VSAN vSphere www.varrow.com
  • VMware Improves Business Continuity At All Levels Local Site vSphere Failover Site vSphere Local Availability vSphere vSphere New in 2013 Improved in 2013 • vSphere HA, vSphere App HA • vSphere Fault Tolerance • vSphere vMotion and Storage vMotion Data Protection • vSphere Data Protection, vSphere Data Protection Advanced vSphere Disaster Recovery • vSphere Replication • vCenter Site Recovery Manager • DR to the Cloud services based on SRM Improved in 2013 • vSphere APIs for Data Protection www.varrow.com
  • Software-Defined Storage and Availability: Key Takeaways 1 Virtual SAN clusters server disks to create radically simple shared storage designed for virtual machines –it’s fast, resilient and dynamic with significantly lower TCO. 2 SRM automates DR for all apps making it predictable and reliable. Forrester confirms that SRM reduce cost of DR by up to 50% 3 vSphere Data Protection Advanced is VMware’s solution for backing up vSphere environments. It is the simplest, most efficient solution to protect VM data www.varrow.com
  • SDDC On-Premises Compute Products Management and Automation vCloud Automation Center vCenter Operations Management Suite IT Business Management Suite vCenter Server and vCloud Director Compute Network / Security Storage / Availability vCloud Networking and Security vCenter Site Recovery Manager NSX Virtual SAN vSphere www.varrow.com
  • vSphere Performance and Scale Overview • Low latency application configuration • 2x Increase in Configuration Maximums • Up to 64 TB VMDKs Benefits • Low latency application optimization – tune vSphere • Support for even the largest business critical applications www.varrow.com
  • vSphere App HA Overview • Detect and recover from application or OS failure VMware HA App Restart 3 2 APP OS vSphere APP 1 OS • Supports most common packaged applications (Exchange, SQL, Oracle, SharePoint, etc.) • vCloud Extensibility – APIs to Ecosystem Benefits • Simpler management from vCenter Server • Tier 1 application protection at scale • Lower TCO than traditional application specific cluster availability solutions www.varrow.com
  • vSphere Flash Read Cache: Server-based Flash to Accelerate VM Performance Overview • Virtualized flash resource managed just like CPU and memory • Per-VM hypervisor-based read caching using server flash vSphere • Compatible with vMotion, DRS & HA New Flash Pool CPU Pool Accelerate performance Memory Pool Benefits • Accelerates performance for mission critical applications by up to 5-10x • Enables efficient use of server flash in virtual environments • Fully transparent read-caching – no host agents or application changes SAN/NAS www.varrow.com
  • vSphere Replication Overview Site A (Primary) • Virtual machine level replication by the vSphere host vSphere • New Support for: • Multiple Point-In-Time Copies • Multiple Replication Appliances per vSphere Replication Site B (Recovery) vCenter Server • Storage vMotion Benefits • Low cost/efficient replication vSphere • More granular recovery options • DR scalability and flexibility across BCAs • Integration with SRM enables automated DR process www.varrow.com
  • Site Recovery Manager Delivers Cost Effective, Predictable DR Overview Architecture Site A (Primary) VMware vCenter Server Site Recovery Manager VMware vSphere Site B (Recovery) VMware vCenter Server Site Recovery Manager SRM simplifies DR management by automating the testing and orchestration of centralized recovery plans:     Creation and management of recovery plans from vCenter Server Single-click automated failover and failback Automated, non-disruptive recovery plan testing Support for broad range of replication solutions:   VMware vSphere  vSphere Replication Array-based replication from all major vendors Planned data center migration Benefits Servers Servers  50% lower TCO for DR  Setup recovery plans in minutes, not weeks What’s new with SRM 5.5  Automate DR orchestration and replace manual processes • Multi-point in time recovery with vSphere Replication  Test as frequently as needed • Support for Storage vMotion and Storage DRS  Ensure predictable Recovery Time Objectives (RTO) as low as 30 • Integration with Virtual SAN minutes  Application and hardware agnostic. Protect any application without the need for point solutions www.varrow.com
  • vSphere Data Protection is VMware’s Backup & Recovery for vSphere Overview Architecture VDP provides proven, efficient and simple backup and recovery for small and midsize vSphere environments From vSphere Data Protection (included with vSphere at no cost)  Deployed as a virtual appliance Powered by  VDP Agent-less, image-level backup to disk  Integrated with the vSphere platform vSphere Data Protection Advanced (additional purchase)  All VDP capabilities plus:   Agent-based, application-awareness for Exchange and SQL  VMware vSphere 4x greater scalability Easy upgrade from VDP Benefits What’s new with VDP 5.5 Data deduplicated • Direct to host recovery (no dependency on vCenter Server) • Individual .vmdk backup and restore • Detachable/re-mountable backup storage       Built for vSphere, based on EMC Avamar technology 4x more storage-efficient 6x faster recovery Fast and easy deployment Managed directly from the vSphere Web Client Designed for the vSphere admin www.varrow.com
  • VMware vCloud Hybrid Service vCHS IaaS Overview www.varrow.com
  • VMware vCHS – Cloud Hybrid Service Two Key Challenges Growing chasm between Business and IT due to lack of agility Lack of trust for business-critical workloads in the public cloud Line of Business IT Team Requires speed, agility and the ability to innovate Focused on maintaining reliable, secure infrastructure With the Same Solution Common platform that spans private and public cloud, linking them together seamlessly. www.varrow.com
  • Vmware vCHS – Cloud Hybrid Service IaaS cloud owned and operated by VMware based on VMware software Existing & New Apps VMware vSphere & vCloud Suite VMware vCloud Hybrid Service Seamless Networking Common management Your Data Center One Support call Software-Defined Data Center Any Application… No Changes www.varrow.com
  • Vmware vCHS – Cloud Hybrid Service VMware vCloud Hybrid Service Web Console vCloud API Application Catalogs OS Catalogs Compute Bring Your Own Tools Bring Your Own VMs Bring Your Own Licenses Storage Networking & Security Infrastructure Management Infrastructure Hardware & Facilities Customer www.varrow.com Components
  • vCHS – Two Service Options Dedicated Cloud Your own private cloud instance Physically isolated Minimum size:  120GB vRAM  30GHz vCPU Storage Starts at:  6 TB  50 Mbps allocated  1 Gbps burstable  3 Public IPs Virtual Private Cloud Logically isolated Fully private networking Minimum size:  20GB vRAM  5GHz vCPU (burst to 10GHz) Storage Starts at:  2 TB  10 Mbps allocated  50 Mbps burstable  2 Public IPs www.varrow.com
  • Completely Consistent With Your Datacenter Your Data Center vCloud Hybrid Service vCloud APIs Cloud Catalog Primary Virtual Machine Format (OVF) US East Region Hypervisor Firewall & IP Addresses Regional Office Layer 2 Network Regional Office US West Region Data Center Extensions that Integrate Seamlessly www.varrow.com
  • What Workloads are Right for vCloud Hybrid Service? Email & Collaboration Exchange, SharePoint, Lotus Notes, Social Media, VDI Custom / Line-of-Business SAP, Oracle, Microsoft, Data Analytics, Business Intelligence Web & eCommerce 3-Tier Web Apps, Mobile Application Development, Content Delivery Solutions Business Continuity Disaster Recovery Remote Hot Site / Secondary Backup Site www.varrow.com
  • Several IaaS Options in the Market Other Openstack-based Public Clouds TRUE HYBRID CLOUD COMPETING CLOUDS www.varrow.com
  • vCloud Hybrid Service: A Better Hybrid Cloud VMware vSphere & vCloud Suite Existing & New Apps VMware vCloud Hybrid Service Seamless Networking Common management Your Data Center One Support call Software-Defined Data Center Any Application… No Changes www.varrow.com
  • vCloud Hybrid Service Key Differentiators The Fastest Path to Cloud Extend Beyond Your Current Data Center Drive Down Risk and Cost of Ownership Broadest OS Support The Same Platform Used On-Premises Common Management Tools Application Neutral Seamless Network Integration Security, Reliability, Performance Supports Existing & New Apps Advanced Networking Leverage Existing Tools & Skills www.varrow.com
  • vCloud Hybrid Service: Running the Most Operating Systems Microsoft Azure        Windows Server 2008 R2 Windows Server 2012 SQL Server 2012 CentOS 6 SLES11 Ubuntu 12 OpenSUSE 12 Amazon Web Services EC2                   Windows Server 2003 (32/64) Windows Server 2008 (32/64) Windows Server 2012 RHEL 5 (32/64) RHEL 6 (32/64) SLES11 (32/64) Debian Squeeze 6 (32/64) FreeBSD 9 CentOS 6 (32/64) Ubuntu 10 (32/64) Ubuntu 11 (32/64) Ubuntu 12 (32/64) Amazon Linux (32/64) SLES 10 (32/64) OpenSolaris 2008.11 (32/64) OpenSolaris 2009.06 (32/64) Oracle Linux 5 (32/64) Oracle Linux 4 – 32 only VMware vCloud Hybrid Service                         Total: 7 Total: 33    MS-DOS 6.22 Windows 3.1 Windows 95 Windows 98 Windows NT Windows XP (32/64) Windows Vista (32/64) Windows 7 (32/64) Windows 8 (32/64) Windows 2000 WinServer 2003 (32/64) WinServer 2008 (32/64) WinServer 2012 RHEL 2.1 RHEL 3 (32/64) RHEL 4 (32/64) RHEL 5 (32/64) RHEL 6 (32/64) SLES 8 SLES 9 (32/64) SLES 10 (32/64) SLES 11 (32/64) SLED 10 (32/64) SLED 11 (32/64) Debian 4 (32/64) Debian 5 (32/64) Debian 6 (32/64)                           CentOS 4 (32/64) CentOS 5 (32/64) CentOS 6 (32/64) Oracle Linux 4 (32/64) Oracle Linux 5 (32/64) Oracle Linux 6 (32/64) Asianux 3 (32/64) Asianux 4 (32/64) Ubuntu 8 (32/64) Ubuntu 9 (32/64) Ubuntu 10 (32/64) Ubuntu 11 (32/64) Ubuntu 12 (32/64) FreeBSD 6 (32/64) FreeBSD 7 (32/64) FreeBSD 8 (32/64) FreeBSD 9 (32/64) Solaris 10 (32/64) Solaris 11 IBM OS/2 Warp 4 NetWare 5 NetWare 6 eComStation 1 eComStation 2 SCO UnixWare 7 SCO OpenServer 5 Total: 90 Data collected Apr 8, 2013 Support both legacy and new apps in the same cloud www.varrow.com
  • Comparison of Hybrid Cloud Capabilities: The Same Platform vCloud Hybrid Service VM Format Consistency VM Migration Between On- and Off-Premises Maintains VM Resiliency  VMware vSphere and OVF  migration Seamless offline  Supports continued use of vSphere HA AWS  No on-premise version of AWS  Only Windows Server 2003 & 2008; No Linux support  EC2 infrastructure is not inherently resilient MS Azure Rackspace OpenStack ~ ☐ VHDX must convert down to VHD ~ ☐ Linux VMs require add’l packaging; Configuration only thru API  Azure not inherently resilient ~ hypervisor ☐ Not if different  portable Only images are  OpenStack infrastructure not inherently resilient Only VMware provides complete compatibility between onand off-premises workloads www.varrow.com
  • Networking & Security Integration is Unique to VMware Your Data Center vCloud Hybrid Service The Same Security Policies Primary Integrated L4-7 services for Firewall/NAT, IPSec VPN, Load Balancers, VXLAN gateways US East Region The Same Networking Topology Regional Office One click layer 2 extensions US West Region Full softwaredefined networks at layer 2 and layer 3 Regional Office Data Center Extensions that Integrate Seamlessly www.varrow.com
  • Comparison of Hybrid Cloud Capabilities: Network Integration Only VMware takes the guesswork out of networking and security in the cloud www.varrow.com
  • Comparison of Hybrid Cloud Capabilities: Network Integration vCloud Hybrid Service Networking & Security Portability Advanced Networking  Extends the Layer 2 across different Layer 3 networks  VMs can retain IP/MAC address, firewall/NAT rules  Layer 2 Network Extension Nine routable IP spaces available; Intuitive design replicates traditional networking AWS  Nothing comparable; Elastic IP uses Layer 3 addressing  All networking settings must be recreated  Proprietary networking forces steeper learning curve, lack of IT control Rackspace OpenStack MS Azure  Not available; Uses separate Layer 3 networks  Must be recreated via SDK, API, or PowerShell  Networking not consistent, must use PowerShell to design  Not available  Must be recreated ~ ☐ Some capabilities delivered via Nicira Only VMware takes the guesswork out of networking and security in the cloud www.varrow.com
  • Support for Advanced Networking Topologies Your Data Center vCloud Hybrid Service 10.25.132.x 10.25.132.x DMZ IPSec or SSL VPN vCloud Hybrid Service Networking: • • • Nine routable IP spaces Intuitive design replicates traditional networks Customizable to support production applications www.varrow.com
  • AWS “Hybrid Cloud” Falls Short in Comparison Your Data Center VM Import/Export Limited to Windows Server 2003 and 2008 instances; No Linux support! Regional Office • Replaces traditional network concepts with proprietary tools (Elastic IP, Security Groups) Security & Networking • Steeper learning curve to replicate production networks Re-created from scratch in both directions Primary • Limits IT control over network topology Regional Office Workloads must be re-architected for AWS… www.varrow.com …and are then locked in
  • Use the Same Management Tools On- and Off-Premises vCAC PORTAL DEVICES CUSTOM PORTALS APPLICATIONS vCloud Automation Center Security Service Tiers Policies Service Blueprint vCloud Director vCloud Connector vCloud Networking and Security vCenter Site Recovery Manager vSphere VMware vCloud Suite vCloud Hybrid Service is seamless for both IT and end users www.varrow.com
  • Complete Compatibility to Your Virtualized x86 Workloads  On-premise: 480,000+ VMware customers around the world • 84% use vMotion in production • 77% use HA in production • 60% use DRS in production  IaaS Offerings: vCloud Hybrid Service AWS MS Azure Rackspace Openstack Live Migration of VMs     HA (auto restart)     DRS (auto balancing)     Source: Comprehensive survey of VMware customers in Q1 2011 Keep the apps and app development processes you have www.varrow.com
  • What Happens When a Host Fails? Competing Clouds – No Recovery vCloud Hybrid Service – Auto Recovery Failed VMs Resource Pool vSphere vSphere Hypervisor Hypervisor Hypervisor Operating Server • vSphere Failed Server Operating Server Operating Server Failed Server Operating Server Every vCloud Hybrid Service deployment provides built-in HA capacity: – Automatically recovers VMs if host fails – Automatically recovers VMs that fail – Minimizes downtime from regular host maintenance and patching • Developing “design for failure” apps can come with additional costs: – Increased software development time – New expertise required – Not always feasible www.varrow.com
  • vCloud Hybrid Service Features – At no additional charge... Dedicated Cloud Virtual Private Cloud Firewalls VPNs Load Balancers Disk I/O Redundancy + HA DHCP, NAT • Included at no additional cost for all customers • Services do not consume resources from subscribed capacity pools • Networking and security components are configurable within the service administration portal www.varrow.com
  • Varrow VCare Technologies Supported • • • • • • EMC Storage EMC Data Protection VMware vSphere VMware vCHS VMware View VMware SRM • Citrix XenApp, XenDesktop and Netscaler • Cisco UCS and Nexus • Cisco Network & Security • Microsoft Exchange, Active Directory, and SQL www.varrow.com
  • What VCare Program is Right for You? Standard Reactive Support • 8x5 incident reactive support • 24x7 basic ping monitoring and notification • VCare response time SLAs • Manufacturer escalations • Available on all Varrow supported technologies • • • • • • • • Professional Managed Support 24x7 incident proactive support Full SNMP+ device monitoring VCare response time SLAs Discount on prepaid service hours Annual VChecks Quarterly service reviews Monthly service reports Available on all Varrow supported technologies Enterprise Managed Services • All benefits from VCare Professional plus... • Unlimited 24x7 proactive support • Operational run book development • Configuration, change, and capacity management • Patching and code updates • Uptime SLAs • Available on EMC backup and storage products www.varrow.com
  • www.varrow.com