Your SlideShare is downloading. ×
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

White Paper: EMC Compute-as-a-Service — EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director

930

Published on

This White Paper explores the integration of cloud technology components into a Compute-as-a-Service platform that enables service providers to deploy and manage cloud-based services and tenants to …

This White Paper explores the integration of cloud technology components into a Compute-as-a-Service platform that enables service providers to deploy and manage cloud-based services and tenants to adopt and customize those services into their businesses.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
930
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
145
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. White PaperEMC COMPUTE-AS-A-SERVICEEMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms,VMware vCloud Director • Automate provisioning of infrastructure services • Introduce new services with an integrated framework EMC Solutions Group Abstract This white paper explores the integration of cloud technology components into a Compute-as-a-Service platform that enables service providers to deploy and manage cloud-based services, and tenants to adopt and customize those services into their business. February 2012  
  • 2. Copyright © 2012 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. The information in this publication is provided “as is.” EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com. EMC2, EMC, RSA, the EMC logo, and the RSA logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. ESX, ESXi, VMware, VMware vCenter, VMware vCloud, VMware Service Manager, VMware vShield, and VMware vSphere are registered trademarks or trademarks of VMware, Inc. in the United States and/or other jurisdictions. All other trademarks used herein are the property of their respective owners. Part Number H10526  EMC Compute-as-a-Service 2 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 3. Table of contents Executive summary ............................................................................................................................. 5  Business case .................................................................................................................................. 5  Solution overview ............................................................................................................................ 5  Key benefits ..................................................................................................................................... 6  Introduction ....................................................................................................................................... 7  Purpose ........................................................................................................................................... 7  Scope .............................................................................................................................................. 7  Audience.......................................................................................................................................... 7  Terminology ..................................................................................................................................... 7  CaaS overview .................................................................................................................................... 8  What is Compute-as-a-Service? ........................................................................................................ 8  Self-service portals ...................................................................................................................... 8  Orchestration tools ...................................................................................................................... 9  Secure multi-tenant-enabled shared environment ....................................................................... 9  The six design principles of CaaS ................................................................................................... 10  High availability and protection ................................................................................................. 10  Secure separation ..................................................................................................................... 11  Security and compliance ........................................................................................................... 11  Service assurance, metering, and billing ................................................................................... 12  Tenant management and control ............................................................................................... 12  Service provider management and control................................................................................. 13  Summary ................................................................................................................................... 13  EMC Ionix IT Orchestrator ................................................................................................................. 14  Overview ........................................................................................................................................ 14  Adapters ........................................................................................................................................ 15  Design Studio ................................................................................................................................ 15  EMC Ionix Unified Infrastructure Manager ......................................................................................... 17  Overview ........................................................................................................................................ 17  Service catalog and service offerings ............................................................................................. 17  VMware vCloud Director.................................................................................................................... 19  Overview ........................................................................................................................................ 19  Compute resources ........................................................................................................................ 19  Networks and security .................................................................................................................... 21  Network pools ................................................................................................................................ 22  Network models ............................................................................................................................. 23    EMC Compute-as-a-Service 3 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 4. VMware vShield and vShield Edge ................................................................................................. 23 Application Programming Interfaces ................................................................................................. 24  Overview ........................................................................................................................................ 24  EMC Ionix UIM API .......................................................................................................................... 25  VMware vCloud API ........................................................................................................................ 26  VMware vSphere APIs .................................................................................................................... 27  VIX API ........................................................................................................................................... 28  VMware Service Manager API ......................................................................................................... 28  VMware vShield API ....................................................................................................................... 29  VMware vCenter Chargeback API .................................................................................................... 29 Use cases with EMC Ionix IT Orchestrator ......................................................................................... 30  Use case #1: Onboarding a new customer...................................................................................... 30  Use case #2: Commissioning a vApp .............................................................................................. 36  Use case #3: Decommissioning a vApp .......................................................................................... 39 Conclusion ....................................................................................................................................... 40  Summary ....................................................................................................................................... 40  About EMC Proven Solutions .......................................................................................................... 40  Take the next step .......................................................................................................................... 40 References ....................................................................................................................................... 41  EMC documentation ....................................................................................................................... 41    EMC Compute-as-a-Service 4 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 5. Executive summaryBusiness case Cloud computing enables service providers to seamlessly deliver infrastructure services to customers, while reducing power consumption, saving space, maintaining reliability, and reducing the overall cost to serve. A Compute-as-a-Service (CaaS) architecture based on EMC technology helps IT service providers offer customized services to their end users that meet their business needs. Today, service providers face several challenges in delivering services to their clients. In particular, they need to consolidate the inefficient and disparate infrastructures typically associated with existing hosting and service offerings. They also need an alternative to existing dedicated, siloed compute offerings. Service providers can offer cloud compute services as a solution to these challenges, while integrating customer service catalogs into an easy-to-deploy platform. EMC CaaS solutions provide service providers with a flexible platform that enables the creation of new revenue streams and delivery of additional value-added services. Customers benefit from their service provider’s ability to meet published service-level agreements (SLAs) and quickly create new services in anticipation of changing business requirements. To realize the promise of CaaS offerings, service providers and consumers must overcome a number of challenges. EMC CaaS solutions are uniquely designed to address these complexities: • Establish a baseline compute offering, while also providing enterprise-grade services. • Consolidate the inefficient, siloed infrastructures typically associated with earlier as-a-service offerings. • Provide the necessary security and data protection reassurance to end users that helps accelerate cloud-service adoption. • Reduce the complexity in managing the end-to-end service lifecycle of CaaS customers. • Accelerate the time to market for new, compute-based, as-a-service offerings.Solution overview EMC CaaS solutions enable service providers to build an enterprise-grade, scalable, multi-tenant platform for complete management of the compute service lifecycle. EMC CaaS provides on-demand access to, and control of, network bandwidth, servers, storage, and security, while maximizing asset utilization. Specifically, EMC CaaS integrates all these CaaS key elements: • Self-service portal for end-user and administrative provisioning • Service catalog of available compute services • Rapid, precise, automated service provisioning • Multi-tenancy, capable of monitoring, reporting, and billing • IT-as-a-Service (IaaS) framework on which service providers can build additional as-a-service offerings   EMC Compute-as-a-Service 5 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 6. Key solution components include: • EMC® Ionix™ IT Orchestrator—Offers service providers a scalable, high- performance enterprise solution to orchestrate and automate their public cloud services. • EMC Ionix Unified Infrastructure Manager (UIM)—UIM is a cross-element discovery and provisioning tool, with an API that provides context-sensitive access to the underlying infrastructure. UIM has two components: UIM/Provisioning (UIM/P) and UIM/Operations (UIM/O). • EMC RSA product suite—Combines business-critical controls in identity assurance, encryption and key management, SIEM (security information and event management), data loss prevention, and fraud protection. • VMware Service Manager™—VMware Service Manager is a fully integrated IT service management solution with all the process capabilities you need to deliver and support IT. • VCE Vblock® Infrastructure Platforms —Vblock Infrastructure Platforms combine industry-leading compute, network, storage, virtualization, and management technologies into prepackaged units of infrastructure. • VMware vCenter™ Chargeback Manager™—Customizes cost models for the processes and policies of different organizations. Integration with VMware vCloud™ Director enables automated chargeback for private cloud environments. • VMware vCloud Director—Manages the virtual compute environment, combined with vCloud Connector for hybrid- or multi-cloud management. Consolidates data centers, deploys workloads, and provides security on shared infrastructure along with VMware vShield™. • VMware vSphere™—VMware vSphere is the industry’s most complete, scalable and powerful virtualization platform, delivering the infrastructure and application services that organizations need to transform their information technology and deliver Compute-as-a-Service.Key benefits The key benefits of a CaaS architecture are: • Service providers and enterprises can automate the provisioning and deployment of infrastructure services. • Service providers can accelerate the time to deploy new services, leveraging an architecture that integrates management, orchestration, compute, storage, and network resources. • The solution provides a foundation for additional services like backup and data protection, and increased agility in business processes through easy and fast provisioning of required resources.   EMC Compute-as-a-Service 6 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 7. IntroductionPurpose This white paper explores the integration of cloud technology components into a CaaS platform that allows: • Service providers to deploy and manage cloud-based services • Customers to adopt and customize those services into their businessScope This white paper discusses multiple EMC products and products from other vendors. General configuration and operational procedures are outlined. For detailed product installation information, refer to the relevant product documentation.Audience This white paper is intended for EMC employees, partners, and customers, including IT planners, virtualization architects and administrators, and any others involved in evaluating, acquiring, managing, operating, or designing a CaaS infrastructure environment using EMC technologies. It is assumed that the reader is familiar with the concepts and operations related to virtualization technologies and their use in a cloud infrastructure.Terminology This paper includes the following terminology. Table 1. Terminology Term Definition API Application Programming Interface—a source code based specification intended to be used as an interface by software components to communicate with each other. CMDB Configuration Management Database. Organization In the context of this white paper, an organization is a tenant being hosted by the service provider. Service Catalog A CaaS catalog is a list of products or services available to consumers. Tenant In the context of this white paper, a tenant is a customer of a service provider. vApp A logical entity composed of virtual machines and software applications that can be installed and managed as a unit. Virtual data center (vDC) A virtual data center, more commonly referred to as a vDC, provides the storage, network, and compute capacity in which vApps are deployed. VMware vCloud Director has Organization vDCs and Provider vDCs.   EMC Compute-as-a-Service 7 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 8. CaaS overviewWhat is Compute- Compute-as-a-Service (CaaS) is an architecture that uses cloud infrastructure toas-a-Service? deliver data center resources as a service rather than as a capital expenditure. Service providers can offer CaaS to customers who want a flexible, on-demand infrastructure without having to purchase, configure, or maintain it themselves. Much like an electric power utility, in which end users consume and pay for power without needing to understand or maintain the component devices and infrastructure required to provide the service, customers can draw on the elastic resources that cloud computing delivers and pay for only what they need. A CaaS environment typically consists of: • A self-service portal • An orchestration tool • A secure multi-tenant-enabled shared infrastructure Self-service portals Self-service portals and service catalogs play a key role in a service-orientated architecture. These allow users to select what they need from a published service catalog, providing an experience similar to internet shopping. There are various portal and service catalogs available that perform all or some of the functions required by a service provider or a customer. Cloud providers can choose to develop their own portal or integrate the cloud offering into an existing portal that they own. Choosing a portal/catalog depends on what functionality is needed, existing systems, and price, as well as other considerations. For the discussions and use cases in this document, the Ionix IT Orchestrator integrated portal is used as a front end to enable: • Service provider administrators to select and provision infrastructure service offerings from the EMC Ionix UIM service catalog • Customers to select and provision vApps from the VMware vCloud Director service catalog If the business requires additional functionality, such as seeking approval before deploying a vApp or any other additional workflows, products such as VMware Service Manager or other third-party products can provide a robust experience as well as handling both virtual and physical environments.   EMC Compute-as-a-Service 8 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 9. Orchestration toolsAn orchestration tool allows you to define the workflows and operations needed todeploy the service and execute it on demand. It can automate all kinds of processesthat would otherwise involve manual operations.For example, it can automate: • Provisioning of the server, storage, and networking • Adding or updating a configuration item (CI) within a CMDB • Synchronizing the resources in VMware vCenter and vCloud Director • Provisioning the Provider vDCs and Organization vDCs • Creating user profiles • Opening a ticket in a service desk to track a change or log an incident • Creating and updating billing policiesSeveral major orchestrators are available, such as EMC Ionix IT Orchestrator, VMwarevCenter Orchestrator, and Cisco Intelligent Automation; EMC has CaaS solutions forall these technologies. In general, most orchestrators are capable of handling all orsome of the same tasks. The specific choice for an environment is likely to bedetermined by the particular automation needs of that environment, existingcomponents, and the plug-ins and APIs that are available to enable orchestrators tointegrate with those components. The choice of orchestration tool also depends onexisting skill sets and those required to successfully build complex workflows.Secure multi-tenant-enabled shared environmentAny CaaS solution should have a systematic approach to secure separation at itscore, with a necessarily heavy focus on multi-tenancy. While the underlyingcomputing resources may be shared, tenant organizations must be confident that thelogical boundaries and technical controls in the CaaS solution ensure that thehighest degree of separation and security are achieved in a multi-tenantedenvironment.This is achieved using a combination of multiple components within the CaaS stack,including: • EMC Ionix IT Orchestrator • EMC Ionix UIM • EMC RSA product suite • VCE Vblock Infrastructure Platforms • VMware vCenter Chargeback Manager • VMware vCloud Director • VMware vShield • VMware vSphere  EMC Compute-as-a-Service 9 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 10. Most of the products in the preceding list are used and referenced in this document. These products leverage each other’s capabilities to achieve the overall goal of providing a secure multi-tenant environment for service providers and their tenants.The six design CaaS solutions are built on a platform of multiple industry-leading technologies thatprinciples of CaaS include the compute, network, security, storage, and management resources of the compute environment. For successful cloud-service delivery, CaaS solutions must adhere to the six key design principles. The six design principles of the CaaS architecture are: • Availability and data protection • Secure separation • Security and compliance • Service assurance, metering, and billing • Tenant management and control • Service provider management and control High availability and protection The Vblock Infrastructure Platform architecture shown in Figure 1 is a fully validated, production-ready, virtualized infrastructure, built on best-of-breed offerings from EMC, VMware, and Cisco. Each hardware layer uses redundant hardware to ensure continued High Availability. Figure 1. Highly available components of VCE Vblock Infrastructure Platform   EMC Compute-as-a-Service 10 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 11. The data within the CaaS infrastructure can be protected in several ways, using, forexample, EMC Avamar®, EMC Data Domain®, or EMC Replication Manager, dependingon the backup and recovery requirements.Secure separationVMware vCloud Director enables service providers or organizations to create virtualdata centers that are composed of compute, network, and storage resources,selected from the underlying physical hardware layer. vCloud Director uses vSphere’sabstraction of the network layer as a building block. It pools and leverages theseresources to enable automated, large-scale deployment while at the same timeensuring secure separation and multi-tenancy.EMC storage arrays allow for secure separation and isolation of resources at thestorage layer. Authentication can be further extended by incorporating solutions suchas RSA’s identity verification and assurance technologies.Security and complianceLack of visibility into the environment and the bridging of geopolitical and regulatorycompliance boundaries are among the most significant security and complianceconcerns impeding cloud adoption.A service provider can help to alleviate these concerns for their tenants through theintegration of vShield and RSA® enVision®, which enables the centralized logging ofadministrator, user, and system actions.Further integration with RSA SecurID®, RSA Archer™, and RSA Data Loss Prevention(DLP) seamlessly extends compliance capabilities from the enterprise to the CaaSenvironment by enabling multi-factor authentication, compliance and audit reporting,and sensitive data discovery and remediation. Organizations can audit anddemonstrate compliance with regulatory statutes and indigenous security policies.Figure 2 illustrates security and compliance life cycle management.Figure 2. Security and compliance lifecycle management  EMC Compute-as-a-Service 11 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 12. Service assurance, metering, and billingThe service provider’s primary goal is to achieve a level of service assurance thatsatisfies SLA and quality assurance (QA) parameters. Exact figures for forecasting andplanning environment expansion are crucial to determine the cost of the service andthe prices that should be attached to it.In general, monitoring tools provide integration across solutions by leveragingvendor-provided adapters and plug-ins. In a VMware-based public cloudenvironment, consider implementing VMware vCenter Operations with UIMOperations and EMC IT Operations Insight (ITOI) for monitoring and analytic-basedreporting, VMware vCenter CapacityIQ for capacity planning, and vCenter Chargebackfor billing.Tenant management and controlIn every cloud services model, service providers delegate some elements of control tothe tenant. For some service providers, this is a matter of convenience; for others, it isa matter of security or compliance.Tenants have the ability to create and deploy their own virtual machines or vAppsfrom the service catalog available to them. This vApp catalog is presented to thetenant via a front-end portal, such as that available with Ionix IT Orchestrator orVMware vCloud Director. The catalog content can also be managed by the tenantthemselves if required. The tenant can develop and publish their own customizedapplications and systems, which can then be used by other members of theirorganization. Figure 3 shows an example of a portal page where a tenantadministrator can specify the lease duration for a vApp as it is being commissioned.Figure 3. Tenant-in-control—manage lease of virtual machine  EMC Compute-as-a-Service 12 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 13. Service provider management and controlProviders of infrastructure services in a multi-tenant environment requirecomprehensive control and complete visibility of the shared infrastructure to providethe data protection, security, and service levels that their tenants expect. The abilityto control, manage, and monitor resources at all levels of the infrastructure requires adynamic, efficient, and flexible design that allows the service provider to access,provision, and then release compute resources from a shared pool quickly and easily,with minimal administrative effort. Service providers can leverage the portal providedby Ionix IT Orchestrator, VMware vCloud Director, or their own chosen portal tomanage infrastructure resources and tenant organizations. Figure 4 shows a viewfrom within vCloud Director whereby the service provider can see and administer alltenants.Figure 4. Service provider administrative view of tenant organizationsIonix IT Orchestrator provides abstraction of the workflow policies from the underlyinginfrastructure. This allows companies to leverage the latest technology and tools toeffectively and efficiently cost the CaaS solution. Upgrades require a new adapter andmanaged element only because the policies are not contained at the tool level.SummaryService providers can use these six design principles of CaaS as the framework forany CaaS solution to deliver IT services through the network to their enterprisecustomers. The platform enables service providers to build agile, secure, available,and interoperable solutions as the foundation for the services that they provide. Byreducing administrative and operational expenses and efforts in such environments,service providers can improve their current and future IT investment decisions for theservice(s) they deliver.  EMC Compute-as-a-Service 13 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 14. EMC Ionix IT OrchestratorOverview Ionix IT Orchestrator provides a high performance, enterprise-class automation platform. Moving beyond the limits of inward-facing data center integration products and one-off custom integrations, Ionix IT Orchestrator delivers mission-critical IT process automation that fits seamlessly into today’s heterogeneous, multi-vendor IT infrastructures and orchestrates the complexity of tomorrow’s demanding environments. Ionix IT Orchestrator leverages your data center infrastructure investment, avoiding the need to rip and replace current tools and endure expensive, custom consulting engagements. Ionix IT Orchestrator can be quickly and easily extended using its vast library of prebuilt adapters and process workflows (“Accelerators”). hese adapters are designed to accelerate the integration with third party products by providing a set of reusable workflows and code. This reduces the need to understand the products low- level API for common tasks. Figure 5 shows how Ionix IT Orchestrator fits into the overall product stack that makes up a cloud offering. Figure 5. Ionix IT Orchestrator   EMC Compute-as-a-Service 14 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 15. Adapters Ionix IT Orchestrator uses open and flexible adapters to automate provisioning and operational tasks across nearly any type of system that can generate events, expose data, or execute actions. It includes an easy-to-use integrated development environment, pre-built workflows (or accelerators), and a large number of Information Technology Infrastructure Library (ITIL)-based adapters for third-party data center products. Ionix IT Orchestrator integrates event and alert management data with best practices for operational support processes. Figure 6 shows the vCloud adapter provided with Ionix IT Orchestrator, and some of the common tasks it contains. Figure 6. Example of Ionix IT Orchestrator vCloud Director adapterDesign Studio The Ionix IT Orchestrator Design Studio provides an intuitive drag-and-drop interface to create and modify Ionix IT Orchestrator accelerators. Designers select from a palette of automation components, drag them onto the workspace, and use the point- and-click graphical editor to connect them. Defined processes can be reused in other workflows and integrated easily with existing and new systems using standard scripting interfaces (SNMP, JMX, WMI, IPMI). The studio also supports the creation of a new, custom adapter for orchestration. Figure 7 shows an example of how a workflow looks with Ionix IT Orchestrator Design Studio.   EMC Compute-as-a-Service 15 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 16. Figure 7. Ionix IT Orchestrator Design StudioIonix IT Orchestrator can encapsulate existing system scripts (Visual Basic, Java, C-shell, and so on) directly into its workflows to enable simple integration with externalIT data center and ITSM service desk applications.  EMC Compute-as-a-Service 16 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 17. EMC Ionix Unified Infrastructure ManagerOverview Ionix Unified Infrastructure Manager (UIM) provides a powerful and simplified solution to discover and configure Vblock Infrastructure Platforms. Ionix UIM provides a GUI for administrators, and also provides a comprehensive set of APIs that can be used by any orchestration tool to integrate Ionix UIM functionality into existing or new workflows. From this single tool, service providers can discover, configure and provision their compute, network, and storage resources, as shown in Figure 8. Figure 8. Ionix UIM logical component architecture When a service offering is deployed to a server, or collection of servers, Cisco Unified Computing System (UCS) Manager automatically configures the server, adapters, fabric extenders, and fabric interconnects to match the configuration specified in the service offering. This automation of device configuration dramatically reduces the number of manual steps required to configure servers, NICs, HBAs, and LAN and SAN switches. Note In the context of UIM/P, a service offering is a predefined bundle of LAN/SAN, storage, and vSphere resources with a specific set of capacity and performance criteria.Service catalog The configuration and application of a service offering can be linked to resourcesand service configured at a later stage in vCloud Director—for example, tenant organizations,offerings Organization vDCs and Provider vDCs. Ionix UIM integrates with vCenter, providing the ability to provision HA- and DRS-enabled ESX™ and ESXi™ clusters, synchronize these clusters in vCenter, and provision the resources through to vCloud Director Provider vDCs. The sample ‘CaaS-Infra’ service offering in Figure 9 shows what the   EMC Compute-as-a-Service 17 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 18. properties of a service offering can contain, and the configuration that it will apply toa blade or set of blade servers.Figure 9. Sample service offering “CaaS-Infra” in Ionix UIMTable 2 provides additional details on the numbered sections of the Ionix UIM/Pdashboard in Figure 9.Table 2. Ionix UIM/P dashboard—sections Section Description 1 This section details the number and grade of the servers that will be deployed. There may be multiple grades of servers available with varying compute resources of CPU and RAM. In this example, the four servers are from the Premium grade of servers. 2 This section contains details of the storage that will be configured and made available to each server. In this example, the server boot devices are configured on the Fibre Channel RAID 5 storage and the data devices on the PoolBased grade. 3 This section specifies the constraints applicable to the storage, where no more than 80 GB of Fibre Channel RAID 5 grade storage and no more than 4 TB of pool-based storage may be used. Note that the PoolBased grade of storage is FAST-enabled. In this example, each server has access to four 1 TB FAST-backed datastores. 4 This section details the networking configurations to be applied to each blade server. In this example, two vNICs are configured for each server, each with access to their respective VLANs.  EMC Compute-as-a-Service 18 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 19. VMware vCloud DirectorOverview VMware vCloud Director manages the virtual compute environment and, combined with vCloud Connector, allows for hybrid- or multi-cloud management. It consolidates data centers, deploys workloads, and provides security on shared infrastructure along with VMware vShield.Compute resources vCloud Director enables service providers or organizations to create logical data centers, called Provider vDCs, that comprise compute, network, and storage resources, selected from the underlying physical hardware layer, presented first to VMware vCenter, and subsequently to vCloud Director. These Provider vDCs provide the resources for the tenant Organization vDCs that support the tenant Organizations within vCloud Director, as shown in Figure 10. Figure 10. vCloud Director—inventory view of organizations Each Provider vDC could be an Ionix UIM service offering that consists of a certain type or level of network, storage, and computing resources—hosted and distributed by the Vblock platform. These different service offerings are eventually mapped as different Provider vDCs within vCloud Director, as shown in Figure 11. Figure 11. vCloud Director—inventory view of Provider vDCs   EMC Compute-as-a-Service 19 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 20. Each tenant organization may have one or more Organization vDCs which are theentities seen by the cloud tenants. An Organization vDC is associated with a higherlevel Provider vDC and provides a further layer of abstraction between the tenantsand the physical infrastructure.Multiple Organization vDCs (potentially from different tenants) are permitted to drawon the resources available in the Provider vDCs created in vCloud Director, therebypermitting multi-tenant sharing without visibility of other tenants resources.To manage differences in resource requirements, consumption, or SLAs between theorganization and the service provider, vCloud Director provides three allocationmodels for organizations, as shown in Figure 12.Figure 12. Allocation models for Organization vDCsThese allocation models are set at the Organization vDC layer and map directly intovCenter Chargeback for billing purposes.As with all resources in a virtual environment, management and monitoring ofavailable and remaining resources is key. vCloud Director allows administrators to setthresholds for resource availability. vCloud Director monitors the utilization ofresources within the Provider vDCs, as shown in Figure 13, and automatically alertsusers and administrators when appropriate.Figure 13. View of Provider vDC utilization  EMC Compute-as-a-Service 20 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 21. Networks and vCloud Director uses vSphere’s abstraction of the network layer as a building block. Itsecurity pools and leverages these logical resources to enable automated, large-scale deployment while at the same time ensuring the secure separation and multi-tenancy required by a shared infrastructure model. By design, vSphere’s network layer can ensure network isolation at Layer 2 for each of the provisioned networks in a multi-tenanted CaaS environment. vSphere virtual switches provide protection over and above physical switches against threats such as: • MAC flooding • Spanning-tree attacks • ISL tagging attacks • 802.1q VLAN tagging attacks • Double-encapsulation attacks • Multicast brute force attacks • Random frame attacks In addition, malicious network behavior, including MAC address changes and forged transmits, can be restricted, and promiscuous mode is rejected by default. When leveraged, the Cisco Nexus 1000V, which is an integral component of Vblock Infrastructure Platforms, can bring additional security features to the virtual network, including: • Access Control Lists (ACLs) • PVLANs • Cisco TrustSec policy-based access control • DHCP snooping • Port security • IP source guard • Dynamic ARP Inspection vShield Edge layers its L3 and L4 firewall capabilities to augment security controls implemented at Layer 2 and enforce secure segregation between the tenants’ IP networks. vCloud Director manages access to the CaaS organization’s cloud infrastructure and uses the vCD organizations as the logical security boundaries. Organization administrators and users are restricted to the resources of their organization—that is, the organization’s virtual data centers (vDCs), networks, vApps, and catalogs.   EMC Compute-as-a-Service 21 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 22. Figure 14 illustrates what a service provider’s implementation of vCloud Director might look like. Different tenants will have different security needs—for example, some may need to allow access to a web server from the Internet, in which case vShield Edge can provide the security needed to manage access and further protect internal systems, as shown in Org-vDC-A in Figure 14. Figure 14. Sample CaaS implementation using vCloud Director and vShield Another example is organizations that may want to extend their data center or private cloud to the service provider’s vCloud CaaS implementation through the virtual private network (VPN). Again, vShield Edge can be utilized to establish a secure VPN between the sites, as shown in Org-vDC-C in Figure 14. A further example is organizations or divisions that may share a segment to access resources in each other’s vDCs, as shown in Org-vDC-B and Org-vDC-C in Figure 14. They can control and secure access as required by their respective security policies using vShield Edge.Network pools Network pools can be backed by port groups, VLANs, or vCloud Director Network Isolation. Port-group-backed network pools are not appropriate for large-scale deployment because they are difficult to automatically provision and manage. Similarly, VLAN-backed network pools, while providing the best performance and security, do not scale beyond 4,095 networks. For a CaaS environment that requires scalability beyond this, vCloud Director Network Isolation can provide for large-scale deployment. As networks are decommissioned, their resources (IP ranges and VLAN IDs) are dynamically returned to the resource pool for future allocation. This ensures minimum wastage of resources and maximum availability and elasticity.   EMC Compute-as-a-Service 22 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 23. Network models vCloud Director, used with vShield, can provision three different network models— external network, organization network, and vApp network—providing as much flexibility as possible to the tenant administrator in a multi-purpose, multi-tenanted, virtual data center. The types of connectivity and their capabilities are as follows: • External network WAN connection such as MPLS or VPN tunnel An Internet connection A shared link to another organization within the same service provider’s network • Organization network Network address translation (NAT) and/or a routed connection to an external network through a vShield Edge security gateway Directly connected to an external network Isolated (not connected to any external network) • vApp network NAT and/or routed connection to an organization network through a vShield Edge security gateway Directly connected to an organization network or external network Isolated (not connected to any network)VMware vShield The VMware vShield product suite is a complementary family of virtualization securityand vShield Edge products designed for vSphere to secure cloud environments. vShield integrates with VMware vCenter and is a prerequisite component for vCloud Director environments. It plays a pivotal role in providing foundational protection to virtualized environments, enabling effective management, and addressing security and compliance concerns relating to virtualized networking. vShield uses vShield Edge, and policies defined using the tenant administrator’s vCloud Director portal, to secure the virtual perimeter, and to provide protection to additional virtual networks within the organization’s vDC. vShield Edge delivers network and security services such as dynamic host configuration protocol (DHCP), VPN, Web load balancing, network and port address translation (NAPT), and fully-fledged L3/L4 stateful firewall support.   EMC Compute-as-a-Service 23 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 24. Application Programming InterfacesOverview Application programming interfaces (APIs) are key to enabling self-service within a cloud infrastructure. APIs enable Ionix IT Orchestrator to implement workflows and processes that can be executed based on environmental thresholds or on authorized commissioning requests from a tenant or service provider administrator. Figure 15 shows how Ionix IT Orchestrator interacts with the various APIs within the CaaS stack. Figure 15. Cloud management stack This section of the document provides information around which APIs are required and available for the development of automated workflows in a CaaS solution: • EMC Ionix Unified Infrastructure Manager (UIM) API • VMware vCloud API • VMware vSphere API • VIX API • VMware Service Manager API • VMware vShield API • VMware vCenter Chargeback API   EMC Compute-as-a-Service 24 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 25. EMC Ionix UIM API The EMC Ionix UIM API provides support for developers who are building clients or orchestration tools to interact with Vblock platforms. The API provides a centralized interface for managing and interacting with the consolidated networking, storage, and processing of Vblock Infrastructure Platforms. It uses a RESTful application development style, with API clients and servers communicating over HTTP and taking the form of XML elements. Figure 16 is a graphical representation of the components that make up the UIM API.  Figure 16. Ionix UIM architectural overview Ionix UIM discovers and manages Vblock platform devices through the UIM/P API, the XML API for Cisco UCS Manager, CLI/SNMP for the Nexus IP and MDS FC switches, EMC Unisphere™, and EMC Symmetrix™ Management Console. The Ionix UIM API provides functionality to: • View and create services and service offerings in UIM • Modify the server, storage, and network configurations of a planned service • Initiate provisioning and activation of a service • Add storage, network, and server resources to an active service • Selectively provision, activate, and synchronize with a VMware vCenter (and VMware vCloud) • Release individual blades or all blades on a deactivated service Table 3. Ionix UIM API reference Document Title Document Location In Powerlink navigate to Home > Support > Technical EMC Ionix Unified Documentation and Advisories > Software ~ E-I ~ Infrastructure Documentation > Ionix Family > Ionix for Data Center Automation Manager API and Compliance > Ionix Unified Infrastructure Programmer’s Guide Manager/Provisioning > 2.1 & Service Packs   EMC Compute-as-a-Service 25 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 26. VMware vCloud The VMware vCloud API provides developers with the means to deliver resourcesAPI abstracted from the physical implementations of the infrastructure. Using vCloud API, organization administrators can access and manage their vCloud Director resources through the native vCloud Director user portal or through a third-party, front-end portal. Figure 17 shows the structure of the Admin, Extension, and User APIs that make up the vCloud API. The vCloud API is an open, representational state transfer (REST) API that allows scripted access to consume cloud resources, such as uploading and downloading vApps, and catalog management. The vCloud API enables service providers to create their own customized management solutions for a new environment or to integrate existing ones with VMware cloud infrastructure. Clients and servers can communicate over HTTP, to exchange representations of vCloud objects. These representations take the form of XML elements. Figure 17. vCloud APIs Table 4. vCloud API references Document Title Document Location vCloud API Programming Guide http://www.vmware.com/pdf/vcd_10_api_guide.pdf vCloud API Specification http://www.vmware.com/pdf/vcd_10_api_spec.pdf   EMC Compute-as-a-Service 26 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 27. VMware vSphere VMware vSphere is a suite of products that provides complete enterpriseAPIs virtualization functionality. The vSphere APIs enable developers to create custom solutions for managing virtual components and to integrate existing data center management solutions with VMware technologies. For example, use the vSphere APIs to quickly create, customize, or migrate virtual machines. The VMware vSphere API is a set of interfaces for centralized management of VMware ESX/ESXi hosts and virtual machines. The VMware vSphere SDK is a set of libraries that support VMware vSphere; it includes tools and samples to assist development efforts. Figure 18 shows where and how the various vSphere API components integrate in a vSphere environment. Figure 18. vSphere API architecture The vSphere Web Services SDK is the most comprehensive of the available management APIs. This SDK works with both ESX/ESXi and vCenter Server systems. As a Web Services SDK, the SDK is language neutral. The SDK includes stubs and examples for Java, Perl, and C# and a comprehensive documentation set including an API Reference generated from the source. Table 5. vSphere API references Document Title Document Location http://pubs.vmware.com/vsphere- vSphere 5.0 API 50/index.jsp?topic=/com.vmware.wssdk.apiref.doc_50/right- Reference pane.html vSphere 4.1 API http://www.vmware.com/support/developer/vc- Reference sdk/visdk41pubs/ApiReference/index.html   EMC Compute-as-a-Service 27 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 28. VIX API The VIX API is a library for writing scripts and programs to manipulate virtual machines. It is high‐level, easy to use, and practical for both script developers and application programmers. This API is well suited for dedicated IT personnel in an organization that is building its own in‐house tools. It might also be used by software vendors who are using VIX to integrate VMware products with their own products or to build management products for virtual machines. Table 6. VIX API reference Document Title Document Location http://www.vmware.com/support/developer/vix- VIX API Reference api/vix111_reference/index2.htmlVMware Service VMware Service Manager provides a common integration platform to set up variousManager API types of integration with external applications and technologies, with a view to automate the: • Transfer of information (for example, for the resolution of calls or the completion of tasks) • Management of alerts across different systems • Population of the VMware Service Manager CMDB with externally discovered resources Figure 19 shows the architecture of the VMware Service Manager API. Figure 19. Architecture of Service Manager API Table 7. VMware Service Manager API reference Document Title Document Location VMware Service http://downloads.vmware.com/d/details/sm_90_docrp5/ZG Manager v9.0 API User hkYmRAQGhiZCUqKg Guide   EMC Compute-as-a-Service 28 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 29. VMware vShield VMware vShield is a suite of network edge and application‐aware firewalls built forAPI VMware vCenter Server integration. vShield inspects client‐server communications and inter‐virtual‐machine communication to provide detailed traffic analytics and application‐aware firewall protection. vShield is a critical security component for protecting virtualized data centers from attacks and misuse, helping you achieve your compliance‐mandated goals. The VMware vShield API enables you to install, configure, monitor, and maintain the VMware vShield system by using REST API requests. Table 8. VMware vShield API reference Document Title Document Location VMware vShield 5.0 API http://www.vmware.com/pdf/vshield_50_api.pdf Programming GuideVMware vCenter VMware vCenter Chargeback is an end-to-end metering and cost reporting solution forChargeback API virtual environments that use VMware vSphere. It provides a unified control point for data collection, chargeback mediation, and metric reporting, allowing administrators to perform flexible cost measurement and utilization analysis. Figure 20 shows the architecture of the REST-based VMware vCenter Chargeback API. Figure 20. REST architecture in vCenter Chargeback vCenter Chargeback provides a REST-based Web service API for integrating the vCenter Chargeback solution with existing applications such as enterprise billing systems. Leverage this REST-based API to perform cost calculations and generate and deliver resource utilization reports. Table 9. VMware vCenter Chargeback API reference Document Title Document Location VMware vCenter http://www.vmware.com/pdf/cbm_api_prog_guide_2_0_ Chargeback Manager 2.0 0.pdf API Programming Guide   EMC Compute-as-a-Service 29 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 30. Use cases with EMC Ionix IT OrchestratorUse case #1: The purpose of this use case is to demonstrate how, by leveraging EMC Ionix ITOnboarding a new Orchestrator, a service provider administrator can automate the onboarding of a newcustomer customer into a multi-tenant environment. The example of onboarding a customer called GriffinCore is used in this document for the purposes of discussion. Figure 21 provides a visual representation of the scope of the process in this use case. Figure 21. Procedure for onboarding a new customer This use case has been customized specifically to highlight the views and operations specific to those a service provider administrator could experience in onboarding a new customer/tenant. It is possible to customize and tailor all views and related workflows to suit a more direct customer experience. This is entirely dependent on what a service provider chooses to offer their customers. The operations being focused on for this use case are (shown in Figure 22): • Entry of new customer details and requirements • Authorization of request • Commissioning a UIM service offering from Vblock platform for a new customer, where a customer requires dedicated hardware/infrastructure • Creation of new Provider vDC if dedicated hardware is requested • Creation of Organization and Org vDC in vCloud Director (with automatic initialization of chargeback hierarchy) • Creation of new users   EMC Compute-as-a-Service 30 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 31. Figure 22. Logical workflow of onboarding a new customerThe details specific to a new customer can be input from the portal page and usedwithin the Ionix IT Orchestrator workflow in the creation of the new resources for thecustomer. On the portal page in Figure 23, a new customer named GriffinCore iscreated and provided with a dedicated infrastructure of Bronze level.Figure 23. Ionix IT Orchestrator portal – Onboard New CustomerThe Customer Service Level correlates to the service tiers offered by various vCloudDirector Provider vDCs, which in turn are linked to the relevant Ionix UIM ServiceOfferings. These service offerings provide the infrastructure resources for a singlevCloud Director Provider vDC with the relevant tier of service.  EMC Compute-as-a-Service 31 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 32. Figure 24 displays the available Ionix UIM Service Offerings published within theUIM/P Service Catalog.Figure 24. Ionix UIM/P Service Catalog displaying available Service OfferingsBy leveraging the Ionix UIM APIs, Ionix IT Orchestrator can access and select theappropriate service offering from the UIM/P service catalog. This automaticprovisioning of resources is consolidated into a single step as part of the overallonboarding process for a new customer. Figure 25 shows a sample UIM CommissionService workflow.Figure 25. Ionix IT Orchestrator Design Studio ‘Commission Service’ workflowNote that a dedicated infrastructure is not a requirement for all customers. It is alsopossible to onboard a customer into a shared infrastructure, which would not requirea UIM service offering to be created as part of the onboarding process. In this case,the customers’ Organization vDC would use an existing Provider vDC within VMwarevCloud Director, thereby sharing that Provider vDC with other Organization vDCs.The approval of this onboarding request is managed by VMware Service Manager,which can be set to respond to, and deal with, all requests as appropriate. Certaincustomer requests may require approval elsewhere in the business, while otherrequests, such as internal service provider administrative requests, may beautomatically approved, based on the level or type of request. Such decisions arespecific to the business. Any changes made to the environment as a result of theapproved requests are then stored in a CMDB which stores an inventory of IT assetsand their relationships to each other.For this use case, after the request has been approved by VMware Service Manager,the onboarding process may continue. The onboarding process and creation ofinfrastructure resources for the new customer, GriffinCore, requires the creation of a  EMC Compute-as-a-Service 32 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 33. secure environment within VMware vCloud Director. EMC Ionix UIM/P automaticallysynchronizes the newly provisioned resources with VMware vCenter before addingthem as resources to the appropriate Provider vDC within VMware vCD.Ionix IT Orchestrator uses the vCloud API to create the secure environment forGriffinCore within vCloud Director. The primary vCD specific tasks required foronboarding this new customer are: • Creation of new Provider vDC if dedicated hardware requested • Creation of Organization and Org vDC in vCloud Director (with automatic initialization of chargeback hierarchy) • Creation of new usersThe workflow in Figure 26 demonstrates the order and the process used within IonixIT Orchestrator for creating the new GriffinCore organization in VMware vCloudDirector, the relevant users, and the virtual data centers that will provide theenvironment in which GriffinCore may deploy their vApps and associated services.Figure 26. Ionix IT Orchestrator workflow to configure vCloud Director components  EMC Compute-as-a-Service 33 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 34. Figure 27 displays the two new users created during the Onboarding New Customerprocess for GriffinCore. An administrative user (admin) has been created as well as avApp user (peter).Figure 27. Administrative users for new customer GriffinCoreThe GriffinCore organization, along with its associated resources and users, can beviewed and managed by the service provider administrator along with all othertenants. These tenants are completely isolated and secured from one another withinVMware vCloud Director.The new customer GriffinCore is highlighted by selection in Figure 28, displaying anoverview of how many users and Provider vDCs are currently configured.Figure 28. vCloud Director inventory view of all tenantsFigure 29 displays the end-to-end mapping of the compute resources supporting thisnew customer.Figure 29. End-to-end mapping of GriffinCore infrastructure resources  EMC Compute-as-a-Service 34 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 35. The final step for this use case is to integrate a billing component for GriffinCore, asshown in Figure 30.Figure 30. GriffinCore chargeback hierarchy in vCenter ChargebackThrough its tight integration with VMware vCloud Director, the creation of this newcustomer is automatically detected and reflected in the VMware vCenter Chargebackinventory.After Ionix IT Orchestrator completes the onboarding process, the GriffinCore admin ispresented with their own secure environment within VMware vCloud Director fromwhich they can proceed to create and develop their own vApps, virtual machines, andapplications. Figure 31 shows the end-to-end mapping of the new tenant resourcesthrough to the vCenter Chargeback billing component.Figure 31. End-to-end mapping of tenant resources to chargeback billing  EMC Compute-as-a-Service 35 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 36. Use case #2: Commissioning a vApp can be done in several ways, depending on the options theCommissioning a Service Provider has chosen to provide. One of these options is to deploy a vApp fromvApp an existing template available in the service catalog. Even before a vApp is deployed, a series of Ionix IT Orchestrator workflows need to be executed. The activity in Figure 32 corresponds to a workflow that retrieves the list of templates from the service catalog for the template drop-down list. Figure 32. Selecting a template from Service Catalog A similar workflow is executed to retrieve the list of networks available to connect the vApp to, as shown in Figure 33. Figure 33. Selecting the network   EMC Compute-as-a-Service 36 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 37. When commissioning the vApp, you can also specify how long this vApp is requiredfor, and have the system automatically decommission the application when thatlease time has expired, as shown in Figure 34.Figure 34. Selecting a Lease Period for the vAppAfter the information has been gathered from the customer admin, Ionix ITOrchestrator executes a vApp creation workflow; Figure 35 shows an example.Figure 35. Ionix IT Orchestrator workflow for commissioning a vAppHere we can see the vCloudService object (which is an Ionix IT Orchestrator Adapterfor VMware vCloud Director) being called. A workflow element named createVApp isfed the relevant information gathered from the customer admin, and the vApp iscreated with some error checking and power-on functions to complete the operation.  EMC Compute-as-a-Service 37 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 38. The creation of this new vApp is automatically synchronized with vCenterChargeback, which adds the new vApp, Exchange_farm01, to the inventory ofGriffinCore where the relevant cost models and rates can be applied, as shown inFigure 36.Figure 36. vCenter Chargeback Configure Cost for vAppAlternatively, automated configuration of billing rates, cost models, and reports fortenants can be achieved by extending the vCenter Chargeback API within Ionix ITOrchestrator workflows.  EMC Compute-as-a-Service 38 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 39. Use case #3: While it is possible to specify the lease duration (and hence the expiry time) of a vAppDecommissioning during the commissioning process, it may also be necessary to ‘manually’a vApp decommission a vApp which previously had no set expiry time. In this context, ‘manually’ means that the system decommissions the vApp based on a customer admin request and not as a result of a scheduled event. Figure 37 shows a corresponding Ionix IT Orchestrator workflow for this customer- requested decommissioning process. Figure 37. Ionix IT Orchestrator workflow for decommissioning vApp based on admin request As before, the VCloudService adapter is called, but this time the decommissionvAPP workflow element is used and is fed the information provided by the customer admin to operate against the correct vApp. As part of the decommissioning process, the compute, network, and storage resources previously consumed by the vApp are released back into the pool that corresponds with the Organization VDC of which the vApp was a part. The CMDB is updated to reflect the removal of the vApp, and the metering, monitoring, and chargeback functions for that vApp cease, though the chargeback data should be retained for the billing process.   EMC Compute-as-a-Service 39 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 40. ConclusionSummary The EMC CaaS solution enables service providers to build an enterprise-class, scalable, multi-tenant platform for complete compute service lifecycle management. This solution provides on-demand access and control of network bandwidth, servers, storage, and security while allowing service providers to maximize asset utilization. Specifically, EMC CaaS integrates all the key functionality that your customers demand, and provides the foundation for adding other services, such as backup and virtual desktop infrastructure. EMC CaaS architecture incorporates these six design principles: • Availability and data protection • Secure separation • Security and compliance • Service assurance, metering, and billing • Tenant management and control • Service provider management and control This Compute-as-a-Service architecture offers service providers an integrated framework that leverages EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, and VMware vCloud Director. This approach allows you to deploy rapidly the cloud-based services that your customers demand with the functionality they are accustomed to. By deploying EMC CaaS, you will spend less time integrating automation and management components with compute, storage, and network resources, which enables quicker on-boarding of new customers.About EMC Proven EMC helps service provider partners accelerate the creation, integration, andSolutions deployment of cloud service offerings through pre-tested and optimized reference architectures, blueprints, and build guides. Through the deployment of dedicated service provider field experts, and the creation of Service Provider Competency Centers, EMC combines decades of enterprise data center experience with a rigorous solution-testing environment to develop Proven Solutions for Service Providers. EMC ensures the compatibility of these solutions with service provider and end-user environments alike.Take the next step EMC offers a portfolio of consulting and professional services for service providers and their customers to assist in balancing workloads across service delivery models —ranging from legacy physical architectures and virtualized infrastructures through on-premise (private) and off-premise (public) cloud architectures. The EMC Cloud Advisory Service with Cloud Optimizer helps customers develop a strategy for optimizing the placement of application workloads. By assessing three factors— economics, trust, and functionality—organizations can maximize their cost savings and business agility through the use of private and public cloud resources.   EMC Compute-as-a-Service 40 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director
  • 41. ReferencesEMC For additional information, see the EMC documents listed below.documentation • White Paper: EMC Compute-as-a-Service–EMC Symmetrix VMAX, EMC VNX Series, VMware vSphere, vCloud Director • White Paper: EMC Compute-as-a-Service–Design Principles and Considerations for Deployment–VCE Vblock, VMware vCloud Director   EMC Compute-as-a-Service 41 EMC Ionix IT Orchestrator, VCE Vblock Infrastructure Platforms, VMware vCloud Director

×