VCE Word Template                                               Table of Contents                                         ...
ContentsIntroduction ........................................................................................................
Cisco Data Center Network Manager ................................................................................. 18  Se...
Cisco UCS ...................................................................................................................
Access Layer ................................................................................................................
Introduction        The Vblock™ Solution for Trusted Multi-Tenancy (TMT) Design Guide describes how Vblock™        Systems...
The specific goal of this guide is to describe the design of and rationale behind the TMT solution. The        guide looks...
Trusted Multi-Tenancy Foundational Elements        The TMT solution comprises six foundational elements that address the u...
Secure Separation        Secure separation refers to the effective segmentation and isolation of tenants and their assets ...
Security and Compliance        Security and compliance refers to the confidentiality, integrity, and availability of each ...
 Request more services as needed        In addition, tenants taking advantage of data protection or data backup services ...
Technology Overview       With Vblock systems, VCE delivers the industrys first completely integrated IT offering that com...
Note:      Cisco Nexus 7000 is not part of the Vblock system architecture.        For more information on the Vblock syste...
EMC Ionix Unified Infrastructure Manager/Provisioning         EMC Ionix UIM/P enables automated provisioning capabilities ...
VMware vCenter Server         VMware vCenter Server is a simple and efficient way to manage VMware vSphere. It provides un...
Storage Technologies         The features of multi-tenancy offerings can be combined with standard security methods such a...
EMC PowerPath/VE         EMC PowerPath/VE delivers PowerPath multipathing features to optimize storage access in VMware   ...
Network Technologies         Multi-tenancy concerns must be addressed at multiple levels within the network infrastructure...
Security Technologies        RSA Archer eGRC and RSA enVision security technologies can be used to achieve security and   ...
Design Framework        This section provides the following information:            End-to-end topology            Logic...
Figure 3. TMT design frameworkVirtual Machine and Cloud Resources Layer         VMware vSphere and VMware vCloud Director ...
Virtual Access Layer/vSwitch         Cisco Nexus 1000V vSphere Distributed Switch (vDS) acts as the virtual network access...
Network Layers         Access Layer         Nexus 5000 is used at the access layer and connects to the Cisco UCS 6120s. In...
Figure 4. TMT logical topology© 2012 VCE Company, LLC. All Rights Reserved.   24
The logical topology represents the virtual components and virtual connections that exist within the      physical topolog...
Tenant Traffic Flow Representation         Figure 5 depicts the traffic flow through each layer of the solution, from the ...
Traffic flow in the data center is classified into the following categories:          Front-end—User to data center, Web,...
VMware vSphere Logical Framework Overview        Figure 6 shows the virtual vSphere layer on top of the physical server in...
Figure 7. Management cluster and resource groups      Cloud Management Clusters      A cloud management cluster is a manag...
Components                                        Number of virtual machines       vCenter Chargeback Server              ...
Resource Groups      A resource group is a set of resources dedicated to user workloads and managed by VMware vCenter     ...
Logical Design         This section provides information about the logical design, including:             Cloud managemen...
vSphere Cluster Specifications         Each VMware ESXi host in the management cluster has the following specifications.  ...
Host Logical Configuration for Resource Groups         The following table identifies the specifications for each VMware E...
Tenant Anatomy Overview        This design guide uses three tenants as examples: Orange (tenant 1), Vanilla (tenant 2), an...
Design Considerations for Management and Orchestration        Service providers can leverage Unified Infrastructure Manage...
Figure 12. UIM/P Service OfferingsConfiguration        While UIM/P automates the operational tasks involved in building se...
Device manager                    Initial configuration                        Operational configuration                  ...
Stage        Workflow action             Description       3            Service provisioning        Reserve resources base...
Creating a Service Offering         To create a service offering:         1. Select the operating system.         2. Defin...
Design Considerations for Compute       Within the computing infrastructure of Vblock systems, multi-tenancy concerns can ...
Design Considerations for Secure Separation        This section discusses using the following technologies to achieve secu...
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE
Upcoming SlideShare
Loading in...5
×

VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE

1,366

Published on

VBLOCK™
SOLUTION FOR TRUSTED
MULTI-TENANCY: DESIGN GUIDE

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,366
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
124
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: DESIGN GUIDE"

  1. 1. VCE Word Template Table of Contents www.vce.comVBLOCK™ SOLUTION FOR TRUSTEDMULTI-TENANCY: DESIGN GUIDEJune 2012Solution AuthorsSaif Khan, Manager, Solution ArchitectShreekant Das, Lead Principal ArchitectKailin Chen, Solutions ArchitectBilal Syed, Sr. Solutions ArchitectJason Videll, Sr. Solutions ArchitectTed Balman, Solutions Architect © 2012 VCE Company, LLC. All Rights Reserved. 1 © 2012 VCE Company, LLC. All Rights Reserved.
  2. 2. ContentsIntroduction ...............................................................................................................................6 About This Guide .....................................................................................................................6 Audience .................................................................................................................................7 Scope ......................................................................................................................................7 Feedback .................................................................................................................................7Trusted Multi-Tenancy Foundational Elements ...................................................................... 8 Secure Separation ...................................................................................................................9 Service Assurance ...................................................................................................................9 Security and Compliance ....................................................................................................... 10 Availability and Data Protection ............................................................................................. 10 Tenant Management and Control .......................................................................................... 10 Service Provider Management and Control ........................................................................... 11Technology Overview ............................................................................................................. 12 Management and Orchestration............................................................................................. 13 Advanced Management Pod .............................................................................................. 13 EMC Ionix Unified Infrastructure Manager/Provisioning ...................................................... 14 Compute Technologies .......................................................................................................... 14 Cisco Unified Computing System ....................................................................................... 14 VMware vSphere ................................................................................................................ 14 VMware vCenter Server ..................................................................................................... 15 VMware vCloud Director ..................................................................................................... 15 VMware vCenter Chargeback ............................................................................................. 15 VMware vShield ................................................................................................................. 15 Storage Technologies ............................................................................................................ 16 EMC Fully Automated Storage Tiering................................................................................ 16 EMC FAST Cache .............................................................................................................. 16 EMC PowerPath/VE ........................................................................................................... 17 EMC Unified Storage .......................................................................................................... 17 EMC Unisphere Management Suite ................................................................................... 17 EMC Unisphere Quality of Service Manager ...................................................................... 17 Network Technologies ........................................................................................................... 18 Cisco Nexus 1000V Series ................................................................................................. 18 Cisco Nexus 5000 Series ................................................................................................... 18 Cisco Nexus 7000 Series ................................................................................................... 18 Cisco MDS ......................................................................................................................... 18 © 2012 VCE Company, LLC. All Rights Reserved. 2
  3. 3. Cisco Data Center Network Manager ................................................................................. 18 Security Technologies ........................................................................................................... 19 RSA Archer eGRC.............................................................................................................. 19 RSA enVision ..................................................................................................................... 19Design Framework .................................................................................................................. 20 End-to-End Topology ............................................................................................................. 20 Virtual Machine and Cloud Resources Layer ...................................................................... 21 Virtual Access Layer/vSwitch .............................................................................................. 22 Storage and SAN Layer ...................................................................................................... 22 Compute Layer ................................................................................................................... 22 Network Layers .................................................................................................................. 23 Logical Topology ................................................................................................................... 23 Tenant Traffic Flow Representation .................................................................................... 26 VMware vSphere Logical Framework Overview ................................................................. 28 Logical Design ....................................................................................................................... 32 Cloud Management Cluster Logical Design ........................................................................ 32 vSphere Cluster Specifications ........................................................................................... 33 Host Logical Design Specifications for Cloud Management Cluster .................................... 33 Host Logical Configuration for Resource Groups ................................................................ 34 vSphere Cluster Host Design Specification for Resource Groups ....................................... 34 Security .............................................................................................................................. 34 Tenant Anatomy Overview..................................................................................................... 35Design Considerations for Management and Orchestration ............................................... 36 Configuration ......................................................................................................................... 37 Enabling Services .................................................................................................................. 38 Creating a Service Offering ................................................................................................ 40 Provisioning a Service ........................................................................................................ 40Design Considerations for Compute ..................................................................................... 41 Design Considerations for Secure Separation ....................................................................... 42 Cisco UCS .......................................................................................................................... 42 VMware vCloud Director ..................................................................................................... 51 Design Considerations for Service Assurance ....................................................................... 57 Cisco UCS .......................................................................................................................... 57 VMware vCloud Director ..................................................................................................... 59 Design Considerations for Security and Compliance ............................................................. 61 Cisco UCS .......................................................................................................................... 61 VMware vCloud Director ..................................................................................................... 64 VMware vCenter Server ..................................................................................................... 66 Design Considerations for Availability and Data Protection .................................................... 66 © 2012 VCE Company, LLC. All Rights Reserved. 3
  4. 4. Cisco UCS .......................................................................................................................... 67 Virtualization ....................................................................................................................... 68 Design Considerations for Tenant Management and Control ................................................. 71 VMware vCloud Director ..................................................................................................... 71 Design Considerations for Service Provider Management and Control .................................. 73 Virtualization ....................................................................................................................... 73Design Considerations for Storage ....................................................................................... 77 Design Considerations for Secure Separation ....................................................................... 77 Segmentation by VSAN and Zoning ................................................................................... 77 Separation of Data at Rest ................................................................................................. 79 Address Space Separation ................................................................................................. 79 Separation of Data Access ................................................................................................. 82 Design Considerations for Service Assurance ....................................................................... 88 Dedication of Runtime Resources ...................................................................................... 88 Quality of Service Control ................................................................................................... 88 EMC VNX FAST VP ........................................................................................................... 89 EMC FAST Cache .............................................................................................................. 91 EMC Unisphere Management Suite ................................................................................... 91 VMware vCloud Director ..................................................................................................... 91 Design Considerations for Security and Compliance ............................................................. 92 Authentication with LDAP or Active Directory ..................................................................... 92 VNX and RSA enVision ...................................................................................................... 95 Design Considerations for Availability and Data Protection .................................................... 96 High Availability .................................................................................................................. 96 Local and Remote Data Protection ..................................................................................... 98 Design Considerations for Service Provider Management and Control ................................ 100Design Considerations for Networking ............................................................................... 101 Design Considerations for Secure Separation ..................................................................... 101 VLANs .............................................................................................................................. 101 Virtual Routing and Forwarding ........................................................................................ 102 Virtual Device Context ...................................................................................................... 104 Access Control List ........................................................................................................... 104 Design Considerations for Service Assurance ..................................................................... 105 Design Considerations for Security and Compliance ........................................................... 107 Data Center Firewalls ....................................................................................................... 108 Services Layer .................................................................................................................. 111 Cisco Application Control Engine...................................................................................... 111 Cisco Intrusion Prevention System ................................................................................... 113 Cisco ACE, Cisco ACE Web Application Firewall, Cisco IPS Traffic Flows ....................... 116 © 2012 VCE Company, LLC. All Rights Reserved. 4
  5. 5. Access Layer .................................................................................................................... 117 Security Recommendations .............................................................................................. 122 Threats Mitigated .............................................................................................................. 123 Vblock™ Systems Security Features ................................................................................ 123 Design Considerations for Availability and Data Protection .................................................. 124 Physical Redundancy Design Consideration .................................................................... 124 Design Considerations for Service Provider Management and Control ................................ 128Design Considerations for Additional Security Technologies .......................................... 129 Design Considerations for Secure Separation ..................................................................... 130 RSA Archer eGRC............................................................................................................ 130 RSA enVision ................................................................................................................... 130 Design Considerations for Service Assurance ..................................................................... 130 RSA Archer eGRC............................................................................................................ 130 RSA enVision ................................................................................................................... 131 Design Considerations for Security and Compliance ........................................................... 132 RSA Archer eGRC............................................................................................................ 132 RSA enVision ................................................................................................................... 133 Design Considerations for Availability and Data Protection .................................................. 133 RSA Archer eGRC............................................................................................................ 133 RSA enVision ................................................................................................................... 134 Design Considerations for Tenant Management and Control ............................................... 134 RSA Archer eGRC............................................................................................................ 134 RSA enVision ................................................................................................................... 134 Design Considerations for Service Provider Management and Control ................................ 135 RSA Archer eGRC............................................................................................................ 135 RSA enVision ................................................................................................................... 135Conclusion ............................................................................................................................ 136Next Steps ............................................................................................................................. 138Acronym Glossary ................................................................................................................ 139 © 2012 VCE Company, LLC. All Rights Reserved. 5
  6. 6. Introduction The Vblock™ Solution for Trusted Multi-Tenancy (TMT) Design Guide describes how Vblock™ Systems allow enterprises and service providers to rapidly build virtualized data centers that support the unique challenges of provisioning Infrastructure as a Service (IaaS) to multiple tenants. The TMT solution comprises six foundational elements that address the unique requirements of the IaaS cloud service model:  Secure separation  Service assurance  Security and compliance  Availability and data protection  Tenant management and control  Service provider management and control The TMT solution deploys compute, storage, network, security, and management Vblock system components that address each element while offering service providers and tenants numerous benefits. The following table summarizes these benefits. Provider Benefits Tenant Benefits Lower cost-to-serve Cost savings transferred to tenants Standardized offerings Faster incident resolution with standardized services Easier growth and scale using standard Secure isolation of resources and data infrastructures More predictable planning around capacity and Usage-based services model, such as backup and workloads storageAbout This Guide This design guide explains how service providers can use specific products in the compute, network, storage, security, and management component layers of Vblock systems to support the six foundational elements of TMT. By meeting these objectives, Vblock systems offer service providers and enterprises an ideal business model and IT infrastructure to securely provision IaaS to multiple tenants. This guide demonstrates processes for:  Designing and managing Vblock systems to deliver infrastructure multi-tenancy and service multi-tenancy  Managing and operating Vblock systems securely and reliably © 2012 VCE Company, LLC. All Rights Reserved. 6
  7. 7. The specific goal of this guide is to describe the design of and rationale behind the TMT solution. The guide looks at each layer of the Vblock system and shows how to achieve trusted multi-tenancy at each layer. The design includes many issues that must be addressed prior to deployment, as no two environments are alike.Audience The target audience for this guide is highly technical, including technical consultants, professional services personnel, IT managers, infrastructure architects, partner engineers, sales engineers, and service providers deploying a TMT environment with leading technologies from VCE.Scope TMT can be used to offer dedicated IaaS (compute, storage, network, management, and virtualization resources) or leverage single instances of services and applications for multiple consumers. This guide only addresses design considerations for offering dedicated IaaS to multiple tenants. While this design guide describes how Vblock systems can be designed, operated, and managed to support TMT, it does not provide specific configuration information, which must be specifically considered for each unique deployment. In this guide, the terms “Tenant” and “Consumer” refer to the consumers of the services provided by a service provider.Feedback To suggest documentation changes and provide feedback on this guide, send email to docfeedback@vce.com. Include the title of this guide, the name of the topic to which your comment applies, and your feedback. © 2012 VCE Company, LLC. All Rights Reserved. 7
  8. 8. Trusted Multi-Tenancy Foundational Elements The TMT solution comprises six foundational elements that address the unique requirements of the IaaS cloud service model:  Secure separation  Service assurance  Security and compliance  Availability and data protection  Tenant management and control  Service provider management and control Figure 1. Six elements of the Vblock Solution for Trusted Multi-Tenancy © 2012 VCE Company, LLC. All Rights Reserved. 8
  9. 9. Secure Separation Secure separation refers to the effective segmentation and isolation of tenants and their assets within the multi-tenant environment. Adequate secure separation ensures that the resources of existing tenants remain untouched and the integrity of the applications, workloads, and data remains uncompromised when the service provider provisions new tenants. Each tenant might have access to different amounts of network, compute, and storage resources in the converged stack. The tenant sees only those resources allocated to them. From the standpoint of the service provider, secure separation requires the systematic deployment of various security control mechanisms throughout the infrastructure to ensure the confidentiality, integrity, and availability of tenant data, services, and applications. The logical segmentation and isolation of tenant assets and information is essential for providing confidentiality in a multi-tenant environment. In fact, ensuring the privacy and security of each tenant becomes a key design requirement in the decision to adopt cloud services.Service Assurance Service assurance plays a vital role in providing tenants with consistent, enforceable, and reliable service levels. Unlike physical resources, virtual resources are highly scalable and easy to allocate and reallocate on demand. In a multi-tenant virtualized environment, the service provider prioritizes virtual resources to accommodate the growth and changing business needs of tenants. Service level agreements (SLA) define the level of service agreed to by the tenant and service provider. The service assurance element of TMT provides technologies and methods to ensure that tenants receive the agreed-upon level of service. Various methods are available to deliver consistent SLAs across the network, compute, and storage components of the Vblock system, including:  Quality of service in the Cisco Unified Computing System (UCS) and Cisco Nexus platforms  EMC Symmetrix Quality of Service tools  EMC Unisphere Quality of Service Manager (UQM)  VMware Distributed Resource Scheduler (DRS) Without the correct mix of service assurance features and capabilities, it can be difficult to maintain uptime, throughput, quality of service, and availability SLAs. © 2012 VCE Company, LLC. All Rights Reserved. 9
  10. 10. Security and Compliance Security and compliance refers to the confidentiality, integrity, and availability of each tenant’s environment at every layer of the TMT stack. TMT ensures security and compliance using technologies like identity management and access control, encryption and key management, firewalls, malware protection, and intrusion prevention. This is a primary concern for both service provider and tenant. The TMT solution ensures that all activities performed in the provisioning, configuration, and management of the multi-tenant environment, as well as day-to-day activities and events for individual tenants, are verified and continuously monitored. It is also important that all operational events are recorded and that these records are available as evidence during audits. As regulatory requirements expand, the private cloud environment will become increasingly subject to security and compliance standards, such as Payment Card Industry Data Security Standards (PCI- DSS), HIPAA, Sarbanes-Oxley (SOX), and Gramm-Leach-Bliley Act (GLBA). With the proper tools, achieving and demonstrating compliance is not only possible, but it can often become easier than in a non-virtualized environment.Availability and Data Protection Resources and data must be available for use by the tenant. High availability means that resources such as network bandwidth, memory, CPU, or data storage are always online and available to users when needed. Redundant systems, configurations, and architecture can minimize or eliminate points of failure that adversely affect availability to the tenant. Data protection is a key ingredient in a resilient architecture. Cloud computing imposes a resource trade-off from high performance. Increasingly robust security and data classification requirements are an essential tool for balancing that equation. Enterprises need to know what data is important and where it is located as prerequisites to making performance cost-benefit decisions, as well as ensuring focus on the most critical areas for data loss prevention procedures.Tenant Management and Control In every cloud services model there are elements of control that the service provider delegates to the tenant. The tenant’s administrative, management, monitoring, and reporting capabilities need to be restricted to the delegated resources. Reasons for delegating control include convenience, new revenue opportunities, security, compliance, or tenant requirement. In all cases, the goal of the TMT model is to allow for and simplify the management, visibility, and reporting of this delegation. Tenants should have control over relevant portions of their service. Specifically, tenants should be able to:  Provision allocated resources  Manage the state of all virtualized objects  View change management status for the infrastructure component  Add and remove administrative contacts © 2012 VCE Company, LLC. All Rights Reserved. 10
  11. 11.  Request more services as needed In addition, tenants taking advantage of data protection or data backup services should be able to manage this capability on their own, including setting schedules and backup types, initiating jobs, and running reports. This tenant-in-control model allows tenants to dynamically change the environment to suit their workloads as resource requirements change.Service Provider Management and Control Another goal of TMT is to simplify management of resources at every level of the infrastructure and to provide the functionality to provision, monitor, troubleshoot, and charge back the resources used by tenants. Management of multi-tenant environments comes with challenges, from reporting and alerting to capacity management and tenant control delegation. The Vblock system helps address these challenges by providing scalable, integrated management solutions inherent to the infrastructure, and a rich, fully developed application programming interface (API) stack for adding additional service provider value. Providers of infrastructure services in a multi-tenant environment require comprehensive control and complete visibility of the shared infrastructure to provide the availability, data protection, security, and service levels expected by tenants. The ability to control, manage, and monitor resources at all levels of the infrastructure requires a dynamic, efficient, and flexible design that allows the service provider to access, provision, and then release computing resources from a shared pool – quickly, easily, and with minimal effort. © 2012 VCE Company, LLC. All Rights Reserved. 11
  12. 12. Technology Overview With Vblock systems, VCE delivers the industrys first completely integrated IT offering that combines best-of-breed virtualization, networking, compute, storage, security, and management technologies with end-to-end vendor accountability. Vblock systems are characterized by:  Repeatable units of construction based on matched performance, operational characteristics, and discrete requirements of power, space, and cooling  Repeatable design patterns that facilitate rapid deployment, integration, and scalability  An architecture that can be scaled for the highest efficiencies in virtualization  An extensible management and orchestration model based on industry-standard tools, APIs, and methods  A design that contains, manages, and mitigates failure scenarios in hardware and software environments Vblock systems provide pre-engineered, production ready (fully tested) virtualized infrastructure components, including industry-leading technologies from Cisco, EMC, and VMware. Vblock systems are designed and built to satisfy a broad range of specific customer implementation requirements. To design TMT, you need to understand each layer (compute, network, and storage) of the Vblock system architecture. Figure 2 provides an example of Vblock system architecture. Figure 2. Example of Vblock system architecture © 2012 VCE Company, LLC. All Rights Reserved. 12
  13. 13. Note: Cisco Nexus 7000 is not part of the Vblock system architecture. For more information on the Vblock system architecture, refer to the Vblock systems Architecture Overview documentation located at http://www.vce.com/vblock/. This section describes the technologies at each layer of the Vblock system addressed in this guide to achieve TMT.Management and Orchestration Management and orchestration technologies include Advanced Management Pod (AMP) and EMC Ionix Unified Infrastructure Manager/Provisioning (UIM/P).Advanced Management Pod Vblock systems include an AMP, which provides a single management point for the Vblock system. It enables the following benefits:  Allows monitoring and managing of Vblock system health, performance, and capacity  Provides fault isolation for management  Eliminates resource overhead on the Vblock system  Provides a clear demarcation point for remote operations Two versions of the AMP are available: a mini-AMP and a high-availability version (HA AMP); however, an HA AMP is recommended. For more information on AMP, refer to the Vblock systems Architecture Overview documentation located at http://www.vce.com/vblock/. AMP components include:  VMware vCenter, vCenter Database, and vCenter Update Manager for Vblock system  Active Directory, DNS, DHCP (if required)  EMC Ionix UIM/P 3.0  Cisco Nexus 1000V VSM  Unisphere Service Manager, EMC VNX Initialization Utility, PowerPath/VE and Fabric Manager © 2012 VCE Company, LLC. All Rights Reserved. 13
  14. 14. EMC Ionix Unified Infrastructure Manager/Provisioning EMC Ionix UIM/P enables automated provisioning capabilities for the Vblock system in a TMT environment by combining provisioning with configuration, change, and compliance management. With UIM/P, you can speed service delivery and reduce errors with policy-based, automated converged infrastructure provisioning. Key features include the ability to:  Easily define and create infrastructure service profiles to match business requirements  Separate planning from execution to optimize senior IT technical staff  Respond to dynamic business needs with infrastructure service life cycle management  Maintain Vblock system compliance through policy-based management  Integrate with VMware vCenter and VMware vCloud Director for extended management capabilitiesCompute Technologies Within the computing infrastructure of the Vblock system, multi-tenancy concerns at multiple levels must be addressed, including the UCS server infrastructure and the VMware vSphere Hypervisor.Cisco Unified Computing System The Cisco UCS is a next-generation data center platform that unites network, compute, storage, and virtualization into a cohesive system designed to reduce total cost of ownership and increase business agility. The system integrates a low-latency, lossless, 10 Gb Ethernet (GbE) unified network fabric with enterprise class x86 architecture servers. The system is an integrated, scalable, multi-chassis platform in which all resources participate in a unified management domain. Whether it has only one server or many servers with thousands of virtual machines (VM), the Cisco UCS is managed as a single system, thereby decoupling scale from complexity. Cisco UCS Manager provides unified, centralized, embedded management of all software and hardware components of the Cisco UCS across multiple chassis and thousands of virtual machines. The entire UCS is managed as a single logical entity through an intuitive graphical user interface (GUI), a command-line interface (CLI), or an XML API. UCS Manager delivers greater agility and scale for server operations while reducing complexity and risk. It provides flexible role- and policy- based management using service profiles and templates, and it facilitates processes based on IT Infrastructure Library (ITIL) concepts.VMware vSphere VMware vSphere is a complete, scalable, and powerful virtualization platform, delivering the infrastructure and application services that organizations need to transform their information technology and deliver IT as a service. VMware vSphere is a host operating system that runs directly on the Cisco UCS infrastructure and fully virtualizes the underlying hardware, allowing multiple virtual machine guest operating systems to share the UCS physical resources. © 2012 VCE Company, LLC. All Rights Reserved. 14
  15. 15. VMware vCenter Server VMware vCenter Server is a simple and efficient way to manage VMware vSphere. It provides unified management of all the hosts and virtual machines in your data center from a single console with aggregate performance monitoring of clusters, hosts and virtual machines. VMware vCenter Server gives administrators deep insight into the status and configuration of clusters, hosts, virtual machines, storage, the guest operating system, and other critical components of a virtual infrastructure. It plays a key role in helping achieve secure separation, availability, tenant management and control, and service provider management and control.VMware vCloud Director VMware vCloud Director gives customers the ability to build secure private clouds that dramatically increase data center efficiency and business agility. With VMware vSphere, VMware vCloud Director delivers cloud computing for existing data centers by pooling virtual infrastructure resources and delivering them to users as catalog-based services.VMware vCenter Chargeback VMware vCenter Chargeback is an end-to-end metering and cost reporting solution for virtual environments that enables accurate cost measurement, analysis, and reporting of virtual machines using VMware vSphere. Virtual machine resource consumption data is collected from VMware vCenter Server. Integration with VMware vCloud Director also enables automated chargeback for private cloud environments.VMware vShield The VMware vShield family of security solutions provides virtualization-aware protection for virtual data centers and cloud environments. VMware vShield products strengthen application and data security, enable TMT, improve visibility and control, and accelerate IT compliance efforts across the organization. VMware vShield products include vShield App and vShield Edge. vShield App provides firewall capability between virtual machines by placing a firewall filter on every virtual network adapter. It allows for easy application of firewall policies. vShield Edge virtualizes data center perimeters and offers firewall, VPN, Web load balancer, NAT, and DCHP services. © 2012 VCE Company, LLC. All Rights Reserved. 15
  16. 16. Storage Technologies The features of multi-tenancy offerings can be combined with standard security methods such as storage area network (SAN) zoning and Ethernet virtual local area networks (VLAN) to segregate, control, and manage storage resources among the infrastructure tenants.EMC Fully Automated Storage Tiering EMC Fully Automated Storage Tiering (FAST) automates the movement and placement of data across storage resources as needed. FAST enables continuous optimization of your applications by eliminating trade-offs between capacity and performance, while simultaneously lowering cost and delivering higher service levels. EMC VNX FAST VP EMC VNX FAST VP is a policy-based auto-tiering solution that efficiently utilizes storage tiers by moving slices of colder data to high-capacity disks. It increases performance by keeping hotter slices of data on performance drives. In a VMware vCloud environment, FAST VP enables providers to offer a blended storage offering, reducing the cost of a traditional single-type offering while allowing for a wider range of customer use cases. This helps accommodate a larger cross-section of virtual machines with different performance characteristics.EMC FAST Cache FAST Cache is an industry-leading feature supported by Vblock systems. It extends the VNX array’s read-write cache and ensures that unpredictable I/O spikes are serviced at enterprise flash drive (EFD) speeds, which is of particular benefit in a VMware vCloud Director environment. Multiple virtual machines on multiple virtual machine file system (VMFS) data stores spread across multiple hosts can generate a very random I/O pattern, placing stress on both the storage processors as well as the DRAM cache. FAST Cache, a standard feature on all Vblock systems, mitigates the effects of this kind of I/O by extending the DRAM cache for reads and writes, increasing the overall cache performance of the array, improving l/O during usage spikes, and dramatically reducing the overall number of dirty pages and cache misses. Because FAST Cache is aware of EFD disk tiers available in the array, FAST VP and FAST Cache work together to improve array performance. Data that has been promoted to an EFD tier is never cached inside FAST Cache, ensuring that both options are leveraged in the most efficient way. © 2012 VCE Company, LLC. All Rights Reserved. 16
  17. 17. EMC PowerPath/VE EMC PowerPath/VE delivers PowerPath multipathing features to optimize storage access in VMware vSphere virtual environments by removing the administrative overhead associated with load balancing and failover. Use PowerPath/VE to standardize path management across heterogeneous physical and virtual environments. PowerPath/VE enables you to automate optimal server, storage, and path utilization in a dynamic virtual environment. PowerPath/VE works with VMware ESXi as a multipathing plug-in that provides enhanced path management capabilities to ESXi hosts. It installs as a kernel module on the vSphere host and plugs in to the vSphere I/O stack framework to bring the advanced multipathing capabilities of PowerPath– dynamic load balancing and automatic failover–to the VMware vSphere platform.EMC Unified Storage The EMC Unified Storage system is a highly available architecture capable of five nines availability. The Unified Storage arrays achieve five nines availability by eliminating single points of failure throughout the physical storage stack, using technologies such as dual-ported drives, hot spares, redundant back-end loops, redundant front-end and back-end ports, dual storage processors, redundant fans and power supplies, and cache battery backup.EMC Unisphere Management Suite EMC Unisphere provides a simple, integrated experience for managing EMC Unified Storage through both a storage and VMware lens. Key features include a Web-based management interface to discover, monitor, and configure EMC Unified Storage; self-service support ecosystem to gain quick access to realtime online support tools; automatic event notification to proactively manage critical status changes; and customizable dashboard views and reporting.EMC Unisphere Quality of Service Manager EMC Unisphere Quality of Service (QoS) Manager enables dynamic allocation of storage resources to meet service level requirements for critical applications. QoS Manager monitors storage system performance on an appliance-by-application basis, providing a logical view of application performance on the storage system. In addition to displaying real-time data, performance data can be archived for offline trending and data analysis. © 2012 VCE Company, LLC. All Rights Reserved. 17
  18. 18. Network Technologies Multi-tenancy concerns must be addressed at multiple levels within the network infrastructure of the Vblock system. Various methods, including zoning and VLANs, can enforce network separation. Internet Protocol Security (IPsec) also provides application-independent network encryption at the IP layer for additional security.Cisco Nexus 1000V Series The Cisco Nexus 1000V is a software switch embedded in the software kernel of VMware vSphere. The Nexus 1000V provides virtual machine-level network visibility, isolation, and security for VMware server virtualization. With the Nexus 1000V Series, virtual machines can leverage the same network configuration, security policy, diagnostic tools, and operational models as their physical server counterparts attached to dedicated physical network ports. Virtualization administrators can access predefined network policies that follow mobile virtual machines to ensure proper connectivity, saving valuable resources for virtual machine administration.Cisco Nexus 5000 Series Cisco Nexus 5000 Series switches are data center class, high performance, standards-based Ethernet and Fibre Channel over Ethernet (FCoE) switches that enable the consolidation of LAN, SAN, and cluster network environments onto a single unified fabric.Cisco Nexus 7000 Series Cisco Nexus 7000 Series switches are modular switching systems designed for use in the data center. Nexus 7000 switches deliver the scalability, continuous systems operation, and transport flexibility required for 10 GB/s Ethernet networks today. In addition, the system architecture is capable of supporting future 40 GB/s Ethernet, 100 GB/s Ethernet, and unified I/O modules.Cisco MDS The Cisco MDS 9000 Series helps build highly available, scalable storage networks with advanced security and unified management. The Cisco MDS 9000 family facilitates secure separation at the network layer with virtual storage area networks (VSAN) and zoning. VSANs help achieve higher security and greater stability in fibre channel (FC) fabrics by providing isolation among devices that are physically connected to the same fabric. The zoning service within a fibre channel fabric provides security between devices sharing the same fabric.Cisco Data Center Network Manager Cisco Data Center Network Manager provides an effective tool to manage the Cisco data center infrastructure and actively monitor the SAN and LAN. © 2012 VCE Company, LLC. All Rights Reserved. 18
  19. 19. Security Technologies RSA Archer eGRC and RSA enVision security technologies can be used to achieve security and compliance.RSA Archer eGRC The RSA Archer eGRC Platform for enterprise governance, risk, and compliance has the industry’s most comprehensive library of policies, control standards, procedures, and assessments mapped to current global regulations and industry guidelines. The flexibility of the RSA Archer framework, coupled with this library, provides the service providers and tenants in a trusted multi-tenant environment the mechanism to successfully implement a governance, risk, and compliance program over the Vblock system. This addresses both the components and technologies comprising the Vblock system and the virtualized services and resources it hosts. Organizations can deploy the RSA Archer eGRC Platform in a variety of configurations, based on the expected user load, utilization, and availability requirements. As business needs evolve, the environment can adapt and scale to meet the new demands. Regardless of the size and solution architecture, the RSA Archer eGRC Platform consists of three logical layers: a .NET Web-enabled interface, the application layer, and a Microsoft SQL database backend.RSA enVision The RSA enVision platform is a security information and event management (SIEM) solution that offers a scalable, distributed architecture to collect, store, manage, and correlate event logs generated from all the components comprising the Vblock system–from the physical devices and software products to the management and orchestration and security solutions. By seamlessly integrating with RSA Archer eGRC, RSA enVision provides both service providers and tenants a powerful solution to collect and correlate raw data into actionable information. Not only does RSA enVision satisfy regulatory compliance requirements, it helps ensure stability and integrity through robust incident management capabilities. © 2012 VCE Company, LLC. All Rights Reserved. 19
  20. 20. Design Framework This section provides the following information:  End-to-end topology  Logical topology  Logical design details  Overview of tenant anatomyEnd-to-End Topology Secure separation creates trusted zones that shield each tenant’s applications, virtual machines, compute, network, and storage from compromise and resource effects caused by adjacent tenants and external threats. The solution framework presented in this guide considers additional technologies that comprehensively provide appropriate in-depth defense. A combination of protective, detective, and reactive controls and solid operational processes are required to deliver protection against internal and external threats. Key layers include:  Virtual machine and cloud resources (VMware vSphere and VMware vCloud Director)  Virtual access/vSwitch (Cisco Nexus 1000V)  Storage and SAN (Cisco MDS and EMC storage)  Compute (Cisco UCS)  Access and aggregation (Nexus 5000 and Nexus 7000) Figure 3 illustrates the design framework. © 2012 VCE Company, LLC. All Rights Reserved. 20
  21. 21. Figure 3. TMT design frameworkVirtual Machine and Cloud Resources Layer VMware vSphere and VMware vCloud Director are used in the cloud layer to accelerate the delivery and consumption of IT services while maintaining the security and control of the data center. VMware vCloud Director enables the consolidation of virtual infrastructure across multiple clusters, the encapsulation of application services as portable vApps, and the deployment of those services on- demand with isolation and control. © 2012 VCE Company, LLC. All Rights Reserved. 21
  22. 22. Virtual Access Layer/vSwitch Cisco Nexus 1000V vSphere Distributed Switch (vDS) acts as the virtual network access layer for the virtual machines. Edge LAN policies such as quality of service marking and vNIC ACLs are implemented at this layer in Nexus 1000V port-profiles. The following table describes the virtual access layer: Component Description One data center One primary Nexus 1000V Virtual Supervisor Module (VSM) One secondary Nexus 1000V VSM ESXi servers Each running an instance of the Nexus 1000V Virtual Ethernet Module (VEM) Tenant Multiple virtual machines, which have different applications such as Web server, database, and so forth, for each tenantStorage and SAN Layer The TMT design framework is based on the use of storage arrays supporting fibre channel connectivity. The storage arrays connect through MDS SAN switches to the UCS 6120 switches in the access layer. Several layers of security (including zoning, access controls at the guest operating system and ESXi level, and logical unit number (LUN) masking within the VNX) tightly control access to data on the storage system.Compute Layer The following table provides an example of the components of a multi-tenant environment virtual compute farm: Note: A Vblock system may have more resources than what is described here. Component Description Three UCS 5108 chassis  11 UCS B200 servers (dual quad-core Intel Xeon X5570 CPU at 2.93 GHZ and 96 GB RAM)  Four UCS B440 servers (four Intel Xeon 7500 series processors and 32 dual in-line memory module slots with 256 GB memory)  Ten GbE Cisco VIC converged network adapters (CNA) organized into a VMware ESXi cluster 15 servers (4 clusters)  Each server has two CNAs and are dual-attached to the UCS 6100 fabric interconnect  The CNAs provide: - LAN and SAN connectivity to the servers, which run VMware ESXi 5.0 hypervisor - LAN and SAN services to the hypervisor © 2012 VCE Company, LLC. All Rights Reserved. 22
  23. 23. Network Layers Access Layer Nexus 5000 is used at the access layer and connects to the Cisco UCS 6120s. In the Layer 2 access layer, redundant pairs of Cisco UCS 6120 switches aggregate VLANs from the Nexus 1000V vDS. FCoE SAN traffic from virtual machines is handed off as FC traffic to a pair of MDS SAN switches, and then to a pair of storage array controllers. FC expansion modules in the UCS 6120 switch provide SAN interconnects to dual SAN fabrics. The UCS 6120 switches are in N Port virtualization (NPV) mode to interoperate with the SAN fabric. Aggregation Layer Nexus 7000 is used at the aggregation layer. The virtual device context (VDC) feature in the Nexus 7000 separates it into sub-aggregation and aggregation virtual device contexts for Layer 3 routing. The aggregation virtual device context connects to the core network to route the internal data center traffic to the Internet and from the Internet back to the internal data center.Logical Topology Figure 4 shows the logical topology for the TMT design framework. © 2012 VCE Company, LLC. All Rights Reserved. 23
  24. 24. Figure 4. TMT logical topology© 2012 VCE Company, LLC. All Rights Reserved. 24
  25. 25. The logical topology represents the virtual components and virtual connections that exist within the physical topology. The following table describes the topology. Component Details Nexus 7000 Virtualized aggregation layer switch. Provides redundant paths to the Nexus 5000 access layer. Virtual port channel provides a logically loopless topology with convergence times based on EtherChannel. Creates three virtual device contexts (VDC): WAN edge virtual device context, sub-aggregation virtual device context, and aggregation virtual device context. Sub-aggregation virtual device context connects to Nexus 5000 and aggregation virtual device context by virtual port channel. Nexus 5000 Unified access layer switch. Provides 10 GbE IP connectivity between the Vblock system and the outside world. In a unified storage configuration, the switches also connect the fabric interconnects in the compute layer to the data movers in the storage layer. The switches also provide connectivity to the AMP. Two UCS 6120 fabric Provides a robust compute layer platform. Virtual port channel interconnects provides a topology with redundant chassis, cards, and links with Nexus 5000 and Nexus 7000. Each connects to one MDS 9148 to form its own fabric. Four 4 GB/s FC links connect the UCS 6120 to MDS 9148. The MDS 9148 switches connect to the storage controllers. In this example, the storage array has two controllers. Each MDS 9148 has two connections to each FC storage controller. These dual connections provide redundancy if an FC controller fails and the MDS 9148 is not isolated. Connect to the Nexus 5000 access switch through EtherChannel with dual-10 GbE. Three UCS chassis Each chassis is populated with blade servers and Fabric Extenders for redundancy or aggregation of bandwidth. UCS blade servers Connect to the SAN fabric through the Cisco UCS 6120XP fabric interconnect, which uses an 8-port 8 GB fibre channel expansion module to access the SAN. Connect to LAN through the Cisco UCS 6120XP fabric interconnects. These ports require SFP+ adapters. The server ports of fabric interconnects can operate at 10 GB/s and Fibre Channel ports of fabric interconnects can operate at 2/4/8 GB/s. EMC VNX storage Connects to the fabric interconnect with 8 GB fibre channel for block. Connects to the Nexus 5000 access switch through EtherChannel with dual-10 GbE for file.© 2012 VCE Company, LLC. All Rights Reserved. 25
  26. 26. Tenant Traffic Flow Representation Figure 5 depicts the traffic flow through each layer of the solution, from the virtual machine level to the storage layer. Figure 5. Tenant traffic flow © 2012 VCE Company, LLC. All Rights Reserved. 26
  27. 27. Traffic flow in the data center is classified into the following categories:  Front-end—User to data center, Web, GUI  Back-end—Within data center, multi-tier application, storage, backup  Management—Virtual machine access, application administration, monitoring, and so forth Note: Front-end traffic, also called client-to-server traffic, traverses the Nexus 7000 aggregation layer and a select number of network-based services. At the application layer, each tenant may have multiple vApps with applications and have different virtual machines for different workloads. The Cisco Nexus 1000V vDS acts as the virtual access layer for the virtual machines. Edge LAN policies, such as quality of service marking and vNIC ACLs, can be implemented at the Nexus 1000V. Each ESXi server becomes a virtual Ethernet blade of Nexus 1000V, called Virtual Ethernet Module (VEM). Each vNIC connects to Nexus 1000V through a port group; each port group specifies one or more VLANs used by a VMNIC. The port group can also specify other network attributes, such as rate limit and port security. The VM uplink port profile forwards VLANs belonging to virtual machines. The system uplink port profile forwards VLANs belonging to management traffic. The virtual machine traffic for different tenants traverses the network through different uplink port profiles, where port security, rate limiting, and quality of service apply to guarantee secure separation and assurance. vSphere VMNICs are associated to the Cisco Nexus 1000V to be used as the uplinks. The network interface virtualization capabilities of the Cisco adapter enable the use of VMware multi-NIC design on a server that has two 10 GB physical interfaces with complete quality of service, bandwidth sharing, and VLAN portability among the virtual adapters. vShield Edge controls all network traffic to and from the virtual data center and helps provide an abstraction of the separation in the cloud environment. Virtual machine traffic goes through the UCS FEX (I/O module) to the fabric interconnect 6120. If the traffic is aligned to use the storage resources and it is intended to use FC storage, it passes over an FC port on the fabric interconnect and Cisco MDS, to the storage array, and through a storage processor, to reach the specific storage pool or storage groups. For example, if a tenant is using a dedicated storage resource with specific disks inside a storage array, traffic is routed to the assigned LUN with a dedicated storage group, RAID group, and disks. If there is NFS traffic, it passes over a network port on the fabric interconnect and Cisco Nexus 5000, through a virtual port channel to the storage array, and over a data mover, to reach the NFS data store. The NFS export LUN is tagged with a VLAN to ensure the security and isolation with a dedicated storage group, RAID group, and disks. Figure 5 shows an example of a few dedicated tenant storage resources. However, if the storage is designed for a shared traffic pool, traffic is routed to a specific storage pool to pull resources. ESXi hosts for different tenants pass the server-client and management traffic over a server port and reach the access layer of the Nexus 5000 through virtual port channel. Server blades on UCS chassis are allocated for the different tenants. The resource on UCS can be dedicated or shared. For example, if using dedicated servers for each tenant, VLANs are assigned for different tenants and are carried over the dot1Q trunk to the aggregation layer of the Nexus 7000, where each tenant is mapped to the Virtual Routing and Forwarding (VRF). Traffic is routed to the external network over the core.© 2012 VCE Company, LLC. All Rights Reserved. 27
  28. 28. VMware vSphere Logical Framework Overview Figure 6 shows the virtual vSphere layer on top of the physical server infrastructure. Figure 6. vSphere logical framework The diagram shows blade server technology with three chassis initially dedicated to the vCloud environment. The physical design represents the networking and storage connectivity from the blade chassis to the fabric and SAN, as well as the physical networking infrastructure. (Connectivity between the blade servers and the chassis switching is different and is not shown here.) Two chassis are initially populated with eight blades each for the cloud resource clusters, with an even distribution between the two chassis of blades belonging to each resource cluster. In this scenario, vSphere resources are organized and separated into management and resource clusters with three resource groups (Gold, Silver, and Bronze). Figure 7 illustrates the management cluster and resource groups. © 2012 VCE Company, LLC. All Rights Reserved. 28
  29. 29. Figure 7. Management cluster and resource groups Cloud Management Clusters A cloud management cluster is a management cluster containing all core components and services needed to run the cloud. It is a resource group or “compute cluster” that represents dedicated resources for cloud consumption. It is best to use a separate cluster outside the Vblock system resources. Each resource group is a cluster of VMware ESXi hosts managed by a VMware vCenter Server, and is under the control of VMware vCloud Director. VMware vCloud Director can manage the resources of multiple resource groups or multiple compute clusters. Cloud Management Components The following components run as minimum-requirement virtual machines on the management cluster hosts: Components Number of virtual machines vCenter Server 1 vCenter Database 1 vCenter Update Manager 1 vCenter Update Manager Database 1 vCloud Director Cells 2 (for multi-cell) vCloud Director Database 1© 2012 VCE Company, LLC. All Rights Reserved. 29
  30. 30. Components Number of virtual machines vCenter Chargeback Server 1 vCenter Chargeback Database 1 vShield Manager 1 Note: A vCloud Director cluster contains one or more vCloud Director servers; these servers are referred to as cells and form the basis of the VMware cloud. A cloud can be formed from multiple cells. The number of vCloud Director cells depends on the size of the vCloud environment and the level of redundancy. Figure 8 highlights the cloud management cluster. Figure 8. Cloud management cluster Resources allocated for cloud use have little overhead reserved. For example, cloud resource groups would not host vCenter management virtual machines. Best practices encourage separating the cloud management cluster from the cloud resource groups(s) in order to:  Facilitate quicker troubleshooting and problem resolution. Management components are strictly contained in a specified cluster and manageable management cluster.  Keep cloud management components separate from the resources they are managing.  Consistently and transparently manage and carve up resource groups.  Provide an additional step for high availability and redundancy for the TMT infrastructure.© 2012 VCE Company, LLC. All Rights Reserved. 30
  31. 31. Resource Groups A resource group is a set of resources dedicated to user workloads and managed by VMware vCenter Server. vCloud Director manages the resources of all attached resource groups within vCenter Servers. All cloud-provisioning tasks are initiated through VMware vCloud Director and passed down to the appropriate vCenter Server instance. Figure 9 highlights cloud resource groups. Figure 9. Cloud resource groups Provisioning resources in standardized groupings promotes a consistent approach for scaling vCloud environments. For consistent workload experience, place each resource group on a separate resource cluster. The resource group design represents three VMware vSphere High Availability (HA) Distributed Resource Scheduler (DRS) clusters and infrastructure used to run the vApps that are provisioned and managed by VMware vCloud Director.© 2012 VCE Company, LLC. All Rights Reserved. 31
  32. 32. Logical Design This section provides information about the logical design, including:  Cloud management cluster logical design  vSphere cluster specifications  Host logical design specifications  Host logical configurations for resource groups  vSphere cluster host design specifications for resource groups  SecurityCloud Management Cluster Logical Design The compute design encompasses the VMware ESXi hosts contained in the management cluster. Specifications are listed below. Attribute Specification Number of ESXi hosts 3 vSphere datacenter 1 VMware DRS configuration Fully automated VMware High Availability (HA) Enable Host Yes Monitoring VMware HA Admission Control Policy Cluster tolerances 1 host failure (percentage based) VMware HA percentage 67% VMware HA Admission Control Response Prevent virtual machines from being powered on if they violate availability constraints VMware HA Default VM Restart Priority N/A VMware HA Host Isolation Response Leave virtual machine powered on VMware HA Enable VM Monitoring Yes VMware HA VM Monitoring Sensitivity Medium Note: In this section, the scope is limited to only the Vblock system supporting the management component workloads. © 2012 VCE Company, LLC. All Rights Reserved. 32
  33. 33. vSphere Cluster Specifications Each VMware ESXi host in the management cluster has the following specifications. Attribute Specification Host type and version VMware ESXi installable – version 5.0 Processors x86 compatible Storage presented SAN boot for ESXi – 20 GB SAN LUN for virtual machines – 2 TB NFS shared LUN for vCloud Director cells – 1 TB Networking Connectivity to all needed VLANs Memory Size to support all management virtual machines. In this case, 96 GB memory in each host. Note: VMware vCloud Director deployment requires storage for several elements of the overall framework. The first is the storage needed to house the vCloud Director management cluster. This includes the repository for configuration information, organizations, and allocations that are stored in an Oracle database. The second is the vSphere storage objects presented to vCloud Director as data stores accessed by ESXi servers in the vCloud Director configuration. This storage is managed by the vSphere administrator and consumed by vCloud Director users depending on vCloud Director configuration. The third is the existence of a single NFS data store to serve as a staging area for vApps to be uploaded to a catalog.Host Logical Design Specifications for Cloud Management Cluster The following table identifies management components that rely on high availability and fault tolerance for redundancy. Management Component High Availability Enabled? vCenter Server Yes VMware vCloud Director Yes vCenter Chargeback Server Yes vShield Manager Yes © 2012 VCE Company, LLC. All Rights Reserved. 33
  34. 34. Host Logical Configuration for Resource Groups The following table identifies the specifications for each VMware ESXi host in the resource cluster. Attribute Specification Host type and version VMware ESXi Installable – version 5.0 Processors x86 compatible Storage presented SAN boot for ESXi – 20 GB SAN LUN for virtual machines – 2 TB Networking Connectivity to all needed VLANs Memory Size to support virtual machine workloadsvSphere Cluster Host Design Specification for Resource Groups All vSphere resource clusters are configured similarly with the following specifications. Attribute Specification VMware DRS configuration Fully automated VMware DRS Migration Threshold 3 stars VMware HA Enable Host Monitoring Yes VMware HA Admission Control Policy Cluster tolerances 1 host failure (percentage based) VMware HA percentage 83% VMware HA Admission Control Response Prevent virtual machines from being powered on if they violate availability constraints VMware HA Default VM Restart Priority N/A VMware HA Host Isolation Response Leave virtual machine powered onSecurity The RSA Archer eGRC Platform can be run on a single server, with the application and database components running on the same server. This configuration is suitable for organizations:  With fewer than 50 concurrent users  That do not require a high-performance or high availability solution For the TMT framework, RSA enVision can be deployed as a virtual appliance in the AMP. Each Vblock system component can be configured to utilize it as its centralized event manager through its identified collection method. RSA enVision can then be integrated with RSA Archer eGRC per the RSA Security Incident Management Solution configuration guidelines. © 2012 VCE Company, LLC. All Rights Reserved. 34
  35. 35. Tenant Anatomy Overview This design guide uses three tenants as examples: Orange (tenant 1), Vanilla (tenant 2), and Grape (tenant 3). All tenants share the same TMT infrastructure and resources. Each tenant has its own virtual compute, network, and storage resources. Resources are allocated for each tenant based on their business model, requirements, and priorities. Traffic between tenants is restricted, separated, and protected for the TMT environment. Figure 10. TMT tenant anatomy In this design guide (and associated configurations), three levels of services are provided in the cloud: Bronze, Silver, and Gold. These tiers define service levels for compute, storage, and network performance. The following table provides sample network and data differentiations by service tier. Bronze Silver Gold Services No additional services Firewall services Firewall and load- balancing services Bandwidth 20% 30% 40% Segmentation One VLAN per client, Multiple VLANs per client, Multiple VLANs per client, single Virtual Routing single VRF single VRF and Forwarding (VRF) Data Protection None Snap – virtual copy (local Clone – mirror copy (local site) site) Disaster Recovery None Remote application (with Remote replication (any- specific recovery point point-in-time recovery) objective (RPO) / recovery time objective (RTO)) Using this tiered model, you can do the following:  Offer service tiers with well-defined and distinct SLAs  Support customer segmentation based on desired service levels and functionality  Allow for differentiated application support based on service tiers © 2012 VCE Company, LLC. All Rights Reserved. 35
  36. 36. Design Considerations for Management and Orchestration Service providers can leverage Unified Infrastructure Manager/Provisioning to provision the Vblock system in a TMT environment. The AMP cluster of hosts holds UIM/P, which is accessed through a Web browser. Use UIM/P as a domain manager to provision Vblock systems as a single entity. UIM/P interacts with the individual element managers for compute, storage, SAN, and virtualization to automate the most common and repetitive operational tasks required to provision services. It also interacts with vCloud Director to automate cloud operations, such as the creation of a virtual data center. For provisioning, this guide focuses on the functional capabilities provided by UIM/P in a TMT environment. As shown in Figure 11, the UIM/P dashboard gives service provider administrators a quick summary of available infrastructure resources. This eliminates the need to perform manual discovery and documentation, thereby reducing the time it takes to begin deploying resources. Once administrators have resource availability information, they can begin to provision existing service offerings or create new ones. Figure 11. UIM/P dashboard © 2012 VCE Company, LLC. All Rights Reserved. 36
  37. 37. Figure 12. UIM/P Service OfferingsConfiguration While UIM/P automates the operational tasks involved in building services on Vblock systems, administrators need to perform initial task sets on each domain manager before beginning service provisioning. This section describes both key initial tasks to perform on the individual domain managers and operational tasks managed through UIM/P. The following table shows what is configured as part of initial device configuration and what is configured through UIM/P. © 2012 VCE Company, LLC. All Rights Reserved. 37
  38. 38. Device manager Initial configuration Operational configuration completed with UIM/P UCS Manager  Management configuration (IP and  LAN credentials  MAC pool  Chassis discovery  SAN  Enable ports  World Wide Name (WWN)  KVMIP pool pool  Create VLANs  WWPN pool  Assign VLANs  Boot policies  VSANs  Service templates  Select pools  Select boot policy  Server  UUID pool  Create service profile  Associate profile to server  Install vSphere ESXi Unisphere MDS/Nexus  Management configuration (IP and  Create storage group credentials)  Associate host and LUN  RAID group, storage pool, or both  Zone  Create LUNs  Aliases  Zone sets vCenter  Create Windows virtual machine  Create data center  Create database  Create clusters  Install vCenter software  High availability policy  DRS policy  Distributed power management (DPM) policy  Add hosts to cluster  Create data stores  Create networksEnabling Services After completing the initial configurations, use the following high-level workflow to enable services. Stage Workflow action Description 1 Vblock system discovery Gather data for Vblock system devices, interconnectivity, and external networks, and populate data in UIM database. 2 Service planning Collect service resource requirements, including:  The number of servers and server attributes  Amount of boot and data storage and storage attributes  Networks to be used for connectivity between the service resources and external networks  vCenter Server and VMware ESXi cluster information © 2012 VCE Company, LLC. All Rights Reserved. 38
  39. 39. Stage Workflow action Description 3 Service provisioning Reserve resources based on the server and storage requirements defined for the service during service planning. Install VMware ESXi on the servers. Configure connectivity between the cluster and external networks. 4 Service activation Turn on the system, start up Cisco UCS service profiles, activate network paths, and make resources available for use. The workflow separates provisioning and activation, to allow activation of the service as needed. 5 vCenter synchronization Synchronize the VMware ESXi clusters with the vCenter Server. Once you provision and activate a service, the synchronizing process includes adding the VMware ESXi cluster to the vCenter server data store and registering the cluster hosts provisioned with vCenter Server. 6 vCloud synchronization Discover vCloud and build a connection to the vCenter servers. The clusters created in vCenter Server are pushed to the appropriate vCloud. UIM/P integrates with vCloud Director in the same way it integrates with vCenter Server. Figure 13 describes the provisioning, activation, and synchronization process, including key sub-steps during the provisioning process. Figure 13. Provisioning, activation, and synchronization process flow© 2012 VCE Company, LLC. All Rights Reserved. 39
  40. 40. Creating a Service Offering To create a service offering: 1. Select the operating system. 2. Define server characteristics. 3. Define storage characteristics for startup. 4. Define storage characteristics for application data. 5. Create network profile.Provisioning a Service To provision a service: 1. Select the service offering. 2. Select Vblock system. 3. Select servers. 4. Configure IP and provide DNS hostname for operating system installation. 5. Select storage. 6. Select and configure network profile and vNICs. 7. Configure vCenter cluster settings. 8. Configure vCloud Director settings. © 2012 VCE Company, LLC. All Rights Reserved. 40
  41. 41. Design Considerations for Compute Within the computing infrastructure of Vblock systems, multi-tenancy concerns can be managed at multiple levels, from the central processing unit (CPU), through the Cisco Unified Computing System (UCS) server infrastructure, and within the VMware solution elements. This section describes the design of and rationale behind the TMT framework. The design includes many issues that must be addressed prior to deployment, as no two environments are alike. Design considerations are provided for the components listed in the following table. Component Version Description Cisco UCS 2.0 Core component of the Vblock system that provides compute resources in the cloud. It helps achieve secure separation, service assurance, security, availability, and service provider management in the TMT framework. VMware vSphere 5.0 Foundation of underlying cloud infrastructure and components. Includes:  VMware ESXi hosts  VMware vCenter Server  Resource pools  VMware High Availability (HA) and Distributed Resource Scheduler (DRS)  VMware vMotion VMware vCloud Director 1.5 Builds on VMware vSphere to provide a complete multi-tenant infrastructure. It delivers on-demand cloud infrastructure so users can consume virtual resources with maximum agility. It consolidates data centers and deploys workloads on shared infrastructure with built-in security and role-based access control. Includes:  VMware vCloud Director Server (two instances, each installed on a Red Hat Linux virtual machine and referred to as a “cell”)  VMware vCloud Director Database (one instance per clustered set of VMware vCloud Director cells) VMware vShield 5.0 Provides network security services, including NAT and firewall. Includes:  vShield Edge (deployed automatically on hosts as virtual appliances by VMware vCloud Director to separate tenants)  vShield App (deployed on ESXi host layer to zone and secure virtual machine traffic)  vShield Manager (one instance per vCenter Server in the cloud resource groups to manage vShield Edge and vShield App) VMware vCenter 1.6.2 Provides resource metering and chargeback models. Includes: Chargeback  VMware vCenter Chargeback Server  VMware Chargeback Data Collector  VMware vCloud Data Collector  VMware vShield Manager Data Collector © 2012 VCE Company, LLC. All Rights Reserved. 41
  42. 42. Design Considerations for Secure Separation This section discusses using the following technologies to achieve secure separation at the compute layer:  Cisco UCS  VMware vCloud DirectorCisco UCS The UCS blade servers contain a pair of Cisco Virtual Interface Card (VIC) Ethernet uplinks. Cisco VIC presents virtual interfaces (UCS vNIC) to the VMware ESXi host, which allow for further traffic segmentation and categorization across all traffic types based on vNIC network policies. Using port aggregation between the fabric interconnect vNIC pairs enhances the availability and capacity of each traffic category. All inbound traffic is stripped of its VLAN header and switched to the appropriate destination’s virtual Ethernet interface. In addition, the Cisco VIC allows for the creation of multiple virtual host bus adapters (vHBA), permitting FC-enabled startup across the same physical infrastructure. Each VMware virtual interface type, VMkernel, and individual virtual machine interface connects directly to the Cisco Nexus 1000V software distributed virtual switch. At this layer, packets are tagged with the appropriate VLAN header and all outbound traffic is aggregated to the two Cisco fabric interconnects. This section contains information about the high-level UCS features that help achieve secure separation in the TMT framework:  UCS service profiles  UCS organizations  VLAN considerations  VSAN considerations UCS Service Profiles Use UCS service profiles to ensure secure separation at the compute layer. Hardware can be presented in a stateless manner that is completely transparent to the operating system and the applications that run on it. A service profile creates a hardware overlay that contains specific information sensitive to the operating system:  MAC addresses  WWN values  UUID  BIOS  Firmware versions © 2012 VCE Company, LLC. All Rights Reserved. 42

×