Cloud infrastructure 5


Published on

vSphere 5 presentation

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cloud infrastructure 5

  1. 1. Cloud Infrastructure Launch – What’s NewYour Cloud. Intelligent Virtual Infrastructure. Delivered Your Way.Michele ApaSenior Systems © 2009 VMware Inc. All rights reserved
  2. 2. Agenda   Cloud Infrastructure 5 •  vSphere 5 •  vCenter 5 •  vCenter Site Recovery Manager 5   vCloud Director 1.5   VCOPs2
  3. 3. The New IT Landscape: Promise & Challenge Empowered, Secure, Mobile Workforce •  Any app on any device, anytime, anywhere – securely! New Generation of Enterprise Apps Existing Apps •  Combining the social, mobile experience New Enterprise Apps SaaS Apps with enterprise requirements A More Flexible, Efficient Infrastructure •  Exploiting modern, cost-effective hardware •  Creating & spanning both internal and external resource pools Existing Datacenters Public Cloud Services3
  4. 4. The New IT Landscape: Promise & Challenge The Challenge for IT: Existing Apps Weave all thisApps New Enterprise together SaaS Apps into a cohesive, secure, compliant whole Existing Datacenters Public Cloud Services4
  5. 5. The Approach in the IT Management Traditional IT Management Management in the new Era Services and Service assets tied components are together in abstracted and complex, brittle, sourced from vertical stacks dynamic that are hard resource pools to change and with horizontal manage layers loosely bound into services Business agility IT able to keep up with suffers speed of the business5
  6. 6. Key Constituents for Infrastructure and Management What kind of How do I build the right infrastructure should I How do I keep OpEx infrastructure to deliver design for today and down and still deliver business value yet still tomorrow’s needs? Will high quality of service? Care keep the lights on? it work with our current infrastructure? About Head of Head of Head of Infrastructure Architecture Operations Balance Seamless extension ofDesired Maximize operational operating existing infrastructureOutcome efficiencies with more expense and interoperable with dynamic lights-out innovation new technology environment 6
  7. 7. VMware Infrastructure and Management Delivers the Infrastructure of the Future Tier 1 Tier 2 Tier 3 APP APP APP APP APP Resource Pools VMware Cloud Infrastructure and Management Respond and Alert PhysicalServer Failed Servers vs. Alert and Respond   Optimized for business critical workloads Hybrid   Highly dynamic, scalable and adaptive Cloud Private Public   Built-in intelligence to shift to new IT Cloud Cloud Bridge management paradigm   Flexible Computing Model Intelligent Virtual Infrastructure. Delivered Your Way The Foundation for Your Cloud7
  8. 8. The Cloud Infrastructure 58
  9. 9. Three Core Focus Areas Re-think End-User Computing Modernize Application Development Existing Apps New Enterprise Apps SaaS Apps Evolve the Infrastructure Existing Datacenters Public Cloud Services9
  10. 10. In 2010 VMware Unveiled a Complete Hybrid Cloud Stack… vCloud Director vShield Security vCenter Management vSphere vSphere vSphere10
  11. 11. Complete Hybrid Cloud Stack   Leverage virtualization to transform physical silos into elastic, virtual capacity   Increase automation through built-in intelligent policy management   Move from static, physical security to dynamic, embedded security   Enable secure, self-service to pre-defined IT services, with pay-for-use Organization: Marketing Organization: Finance Users & Policies Virtual Datacenters Catalogs Users & Policies Virtual Datacenters Catalogs Compute Storage Network11
  12. 12. In 2011 VMware is Introducing a Major Upgradeof the Entire Cloud Infrastructure Stack vCloud Director 1.5 vCloud Director New vShield Security vShield 5.0 Cloud Infrastructure Launch (vSphere, vCenter,Operations 1.0 Director) vCenter vShield, vCloud vCenter Management vCenter SRM 5.0 vSphere vSphere 5.0 vSphere vSphere12
  13. 13. vSphere 5: Accelerating the Path to 100% Virtualization 4x VMware VMware VMware ESX 1 ESX 2 Inf. 3 vSphere4 vSphere 5 CPU (VCPUs) 1 2 4 8 32 Memory (GB per VM) 2 3.6 64 256 1,000 Network (Gb/s) <.5 .9 9 30 >36 IOPS <5,000 7,000 100,000 300,000 1,000,00013
  14. 14. Companies are Increasingly Virtualizing Bus. Critical Apps Improve App Improve App Accelerate App Quality of Service Efficiency Time to Market  The Niche Apps (LOB apps, Tier 2 DB, etc.) >60% Virtualized  SAP  Custom Java Apps  SharePoint  Exchange  SQL  Oracle 30% Virtualized  The Easy Apps (infrastructure, file, print) vSphere vSphere vSphere14
  15. 15. vSphere 5 What’s new15
  16. 16. ESXi is the Trusted Place to Run Business Critical Applications Overview •  vSphere 5.0 exclusively utilizes the thin ESXi hypervisor: 144MB footprint versus 2GB for VMware ESX with the service console ESX vSphere ESXi Benefits •  Smaller security footprint •  Streamlined deployment and configuration •  Simplified patching and updating model16
  17. 17. ESXi 5.0 Firewall Features  Capabilities •  ESXi 5.0 has a new firewall engine which is not based on iptables. •  The firewall is service oriented, and is a stateless firewall. •  Users have the ability to restrict access to specific services based on IP address/Subnet Mask.  Management •  The GUI for configuring the firewall on ESXi 5.0 is similar to that used with the classic ESX firewall — customers familiar with the classic ESX firewall should not have any difficulty with using the ESXi 5.0 version. •  There is a new esxcli interface (esxcfg-firewall is deprecated in ESXi 5.0). •  There is Host Profile support for the ESXi 5.0 firewall. •  Customers who upgrade from Classic ESX to ESXi 5.0 will have their firewall settings preserved.17
  18. 18. UI: Security Profile  The ESXi Firewall can be managed via the vSphere client.  Through the Configuration > Security Profile, one can observe the Enabled Incoming/Outgoing Services, the Opened Port List for each service & the Allowed IP List for each service.18
  19. 19. ESXi Image Deployment  Challenges •  Standard ESXi image from VMware download site is sometimes limited •  Doesn t have all drivers or CIM providers for specific hardware •  Doesn t contain vendor specific plug-in components ? Missing CIM provider Missing driver Standard ESXi ISO •  Base providers •  Base drivers19
  20. 20. ESXi Image Deployment: Composition of an ESXi Image Core CIM Hypervisor Providers Plug-in Drivers Components20
  21. 21. Capacity: vSphere 5 with Autodeploy Before After vSphere vSphere vSphere vSphere Time: 30 mins Time: 30 mins Time: 30 mins ...Repeat 37 more times… Total time: 20 Hours! Total time: 10 Minutes!21
  22. 22. Auto Deploy: What is?  New host deployment method introduced in vSphere 5.0 •  Based on PXE Boot •  Works with Image Builder, vCenter Server, and Host Profiles •  How it works: •  PXE boot the server •  ESXi image profile loaded into host memory via Auto Deploy Server •  Configuration applied using Answer File / Host Profile •  Host placed/connected in vCenter •  Benefits •  No boot disk •  Quickly and easily deploy large numbers of ESXi hosts •  Share a standard ESXi image across many hosts •  Host image decoupled from the physical server •  Recover host w/out recovering hardware or having to restore from backup22
  23. 23. What Is Auto Deploy  No Boot Disk? Where does it go? Boot Disk Platform Composition: ESXi base, drivers, CIM providers, … Configuration: networking, storage, All information on the state date/time, firewall, admin password, … of the host is stored off the host in vCenter Running State: VM Inventory, HA state, License, DPM configuration Event Recording: log files, core dump23
  24. 24. What Is Auto Deploy  No Boot Disk? Where does it go? Boot Disk Platform Composition: ESXi base, drivers, CIM providers, … Image Profile Configuration: networking, storage, date/time, firewall, admin password, … Host Profile Running State: VM Inventory, HA state, License, DPM configuration vCenter Server Event Recording: log files, core dump Add-on Components24
  25. 25. Performance25
  26. 26. Technical Barriers to 100% Virtualization Have Been Falling Application’s Performance Requirements 95% of Apps VMware Inf. VMware VMware Require ESX 1 ESX 2 vSphere 4 vSphere 5 3.0/3.5 CPU 1 to 2 CPUs 1 VCPUs 2 VCPUs 4 VCPUs 8 VCPUs 32 VCPUs% of Applications Memory < 4 GB at peak 2 GB per VM 3.6 GB per VM 16/64 GB per VM 256 GB per VM 1,000 GB per VM Network <2.4 Mb/s <.5Gb/s .9 Gb/s 9 Gb/s 30 Gb/s >36Gb/s IOPS < 10,000 <5,000 7,000 100,000 300,000 1,000,000 26
  27. 27. New Virtual Machine Features  vSphere 5.0 supports the industry s most capable virtual machines •  32 virtual CPUs per •  1TB RAM per VM VM •  4x previous capabilities! VM Scalability •  3D graphics Richer Desktop Experience •  Client-connected USB •  VM BIOS boot order config API devices and PowerCLI interface •  USB 3.0 devices •  EFI BIOS Broader Device •  Smart Card Readers for Coverage VM Console Access •  UI for multi-core virtual •  Support for Mac OS X Other new CPUs servers features •  Extended VMware Tools compatibility Items which require HW version 8 in orange27
  28. 28. Networking28
  29. 29. New Networking Features  Two broad categories of features  Network Discovery and Visibility/Monitoring features •  LLDP •  NetFlow •  Port Mirror  I/O Consolidation (10 Gig) related features •  New traffic types •  User Defined Network Resource Pool (VM traffic) •  Host Based Replication traffic •  802.1p Tagging (QoS)29
  30. 30. What Is NetFlow?  NetFlow is a networking protocol that collects IP traffic information as records and sends them to third party collectors such as CA NetQoS, NetScout etc. VM A VM B Legend : VM traffic NetFlow session Physical Collector switch VDS Host trunk   The Collector/Analyzer report on various information such as: •  Current top flows consuming the most bandwidth •  Which flows are behaving irregularly •  Number of bytes a particular flow has sent and received in the past 24 hours30
  31. 31. NetFlow Usage  NetFlow helps customers monitor the application flows and measure application performance overtime.  It also helps in capacity planning and ensuring that I/O Network resources are utilized appropriately by different applications.  NetFlow capability in vSphere infrastructure provides complete visibility into virtual infrastructure traffic. •  Inter-VM traffic on the same hosts •  Intra-VM traffic across hosts •  VM-to-Physical Infrastructure traffic  This visibility into virtual infrastructure traffic allows customer to •  Perform Security and Compliance analysis •  Do Profiling and Billing •  Perform Intrusion Detection and Prevention, Networking Forensics31
  32. 32. What Is Port Mirroring ?  Port Mirroring is the capability on a network switch to send a copy of network packets seen on a switch port to a network monitoring device connected on another switch port.  Port Mirroring is also referred to as SPAN (Switched Port Analyzer) on Cisco Switches.  Port Mirroring overcomes the limitation of promiscuous mode. •  By providing granular control on which traffic can be monitored •  Ingress Source •  Egress Source  Helps in troubleshooting network issue by providing access to: •  Inter-VM traffic •  Intra-VM traffic32
  33. 33. Performance: vSphere 5 with Network and Storage I/O Controls VIP33
  34. 34. Performance: vSphere 5 with Network and Storage I/O Controls VIP “Noisy Neighbor” Granular IO service level guarantees34
  35. 35. What Is Network I/O Control (NETIOC)?  Network I/O control is a traffic management feature of vSphere Distributed Switch (vDS).  In consolidated I/O (10 gig) deployments, this feature allows customers to: •  Allocate Shares and Limits to different traffic types. •  Provide Isolation •  One traffic type should not dominate others •  Guarantee Service Levels when different traffic types compete  Enhanced Network I/O Control — vSphere 5.0 builds on previous versions of Network I/O Control feature by providing: •  User-defined network resource pools •  New Host Based Replication Traffic Type •  QoS tagging35
  36. 36. NETIOC VM Groups VMRG1 VMRG2 VMRG3 Total BW = 20 Gig User Defined RP vMotion VMware vNetwork Distributed Switch iSCSI HBR NFS VM FT Network I/O Control 10 GigE VMRG1 VMRG2 VMRG336 Confidential
  37. 37. Storage37
  38. 38. What is Storage DRS?  Without Storage DRS: •  Identify the datastore with the most disk space and lowest latency. •  Validate which virtual machines are placed on the datastore and ensure there are no conflicts. •  Create Virtual Machine and hope for the best.  With Storage DRS: •  Automatic selection of the best placement for your VM. •  Advanced balancing mechanism to avoid storage performance bottlenecks or “out of space” problems. •  VM or VMDK Affinity Rules.38
  39. 39. What Does Storage DRS Provide?  Storage DRS provides the following: 1.  Initial Placement of VMs and VMDKS based on available space and I/O capacity. 2.  Load balancing between datastores in a datastore cluster via Storage vMotion based on storage space utilization. 3.  Load balancing via Storage vMotion based on I/O metrics, i.e. latency.  Storage DRS also includes Affinity/Anti-Affinity Rules for VMs and VMDKs; •  VMDK Affinity – Keep a VM’s VMDKs together on the same datastore. This is the default affinity rule. •  VMDK Anti-Affinity – Keep a VM’s VMDKs separate on different datastores. •  Virtual Machine Anti-Affinity – Keep VMs separate on different datastores.39
  40. 40. Datastore Cluster  An integral part of SDRS is to create a group of datastores called a datastore cluster. •  Datastore Cluster without Storage DRS – Simply a group of datastores. •  Datastore Cluster with Storage DRS – Load Balancing domain similar to a DRS Cluster.  A datastore cluster, without SDRS is just a datastore folder. It is the functionality provided by SDRS which makes it more than just a folder. 2TB datastore cluster 500GB 500GB 500GB 500GB datastores40
  41. 41. Storage DRS Operations – Initial Placement  Initial Placement – VM/VMDK create/clone/relocate. •  When creating a VM you select a datastore cluster rather than an individual datastore and let SDRS choose the appropriate datastore. •  SDRS will select a datastore based on space utilization and I/O load. •  By default, all the VMDKs of a VM will be placed on the same datastore within a datastore cluster (VMDK Affinity Rule), but you can choose to have VMDKs assigned to different datastore clusters. 2TB datastore cluster 500GB 500GB 500GB 500GB datastores 300GB 260GB 265GB 275GB available available available available41
  42. 42. Storage DRS Operations – Datastore Maintenance Mode  Datastore Maintenance Mode •  Evacuates all VMs & VMDKs from selected datastore. •  Note that this action will not move VM Templates. •  Currently, SDRS only handles registered VMs. Place VOL1 in maintenance mode 2TB datastore cluster VOL1 VOL2 VOL3 VOL4 datastores42
  43. 43. Storage DRS Operations – Load BalancingLoad balancing – SDRS triggers on space usage & latency threshold.  Algorithm makes migration recommendations when I/O response time and/or space utilization thresholds have been exceeded. •  Space utilization statistics are constantly gathered by vCenter, default threshold 80%. •  I/O load trend is currently evaluated every 8 hours based on a past day history, default threshold 15ms.  Load Balancing is based on I/O workload and space which ensures that no datastore exceeds the configured thresholds.  Storage DRS will do a cost / benefit analysis!  For I/O load balancing Storage DRS leverages Storage I/O Control functionality.43
  44. 44. Storage DRS Operations – Thresholds44
  45. 45. Storage DRS Operations Datastore Cluster Datastore Cluster Datastore Cluster VMDK affinity VMDK anti-affinity VM anti-affinity  Keep a Virtual Machine’s   Keep a VM’s VMDKs on   Keep VMs on different VMDKs together on the different datastores datastores same datastore   Useful for separating   Similar to DRS anti-  Maximize VM availability log and data disks of affinity rules when all disks needed in database VMs order to run   Maximize availability of   Can select all or a a set of redundant VMs  On by default for all VMs subset of a VM’s disks45
  46. 46. Placement: vSphere 5 with Profile-Driven Storage & Storage DRS High IO Throughputs Tier 1 Tier 2 Tier 3 Set it and forget it storage configuration in as few as 3 clicks Automated storage placement46
  47. 47. Why Profile Driven Storage? (1 of 2)  Problem Statement 1.  Difficult to manage datastores at scale •  Including: capacity planning, differentiated data services for each datastore, maintaining capacity headroom, etc. 2.  Difficult to correctly match VM SLA requirements to available storage •  Because: Manually choosing between many datastores and >1 storage tiers •  Because: VM requirements not accurately known or may change over its lifecycle  Related trends •  Newly virtualized Tier-1 workloads need stricter VM storage SLA promises •  Because: Other VMs can impact performance SLA •  Scale-out storage mix VMs with different SLAs on the same storage47
  48. 48. Why Profile Driven Storage? (2 of 2)Save OPEX by reducing repetitive planning and effort!  Minimize per-VM (or per VM request) “thinking” or planning for storage placement. •  Admin needs to plan for optimal space and I/O balancing for each VM. •  Admin needs to identify VM storage requirements and match to physical storage properties.  Increase probability of “correct” storage placement and use (minimize need for troubleshooting, minimize time for troubleshooting). •  Admin needs more insight into storage characteristics. •  Admin needs ability to custom-tag available storage. •  Admin needs easy means to identify incorrect VM storage placement (e.g. on incorrect datastore).48
  49. 49. Storage Capabilities & VM Storage Profiles Compliant Not Compliant VM Storage Profile associated with VM VM Storage Profile referencing Storage Capabilities Storage Capabilities surfaced by VASA or user-defined49
  50. 50. VM Storage Profile Compliance  Policy Compliance is visible from the Virtual Machine Summary tab.50
  51. 51. Introduction  In vSphere 5.0, VMware releases a new storage appliance called VSA. •  VSA is an acronym vSphere Storage Appliance. •  This appliance is aimed at our SMB (Small-Medium Business) customers who may not be in a position to purchase a SAN or NAS array for their virtual infrastructure, and therefore do not have shared storage. •  Without access to a SAN or NAS array, this excludes these SMB customers from many of the top features which are available in a VMware Virtual Infrastructure, such as vSphere HA & vMotion. •  Customers who decide to deploy a VSA can now benefit from many additional vSphere features without having to purchase a SAN or NAS device to provide them with shared storage.51
  52. 52. Introduction VSA VSA VSA VSA Manager vSphere vSphere vSphere vSphere Client NFS NFS NFS  Each ESXi server has a VSA deployed to it as a Virtual Machine.  The appliances use the available space on the local disk(s) of the ESXi servers & present one replicated NFS volume per ESXi server. This replication of storage makes the VSA very resilient to failures.52
  53. 53. vCenter 5 Web Client e vCenter Appliance53
  54. 54. vSphere Web Client ArchitectureThe vSphere WebClient runs withina browser FxApplicationServer that Flex Clientprovides a Back Endscalable back end The Query ServicevCenter in either Query obtains optimizedsingle or data live from the Service core vCenterLinked modeoperation vCenter Server process54
  55. 55. Extension PointsLaunchbar Tabs Inventory Objects Create custom actions Sidebar Extension Portlets Add right-click extensions 55
  56. 56. Features of the vSphere Web Client  Customize the GUI •  Create custom views to reflect the information you need to see, the way you like to see it56
  57. 57. Introducing vCenter Server Appliance  The vCenter Server Appliance is the answer! •  Simplifies Deployment and Configuration •  Streamlines patching and upgrades •  Reduces the TCO for vCenter  Enables companies to respond to business faster! VMware vCenter Server Virtual Appliance Automation Visibility Scalability57
  58. 58. Component Overview  vCenter Server Appliance (VCSA) consists of: •  A pre-packaged 64 bit application running on SLES 11 •  Distributed with sparse disks •  Disk Footprint Distribution Min Deployed Max Deployed 3.6GB ~5GB ~80GB •  Memory Footprint •  A built in enterprise level database with optional support for a remote Oracle databases. •  Limits are the same for VC and VCSA •  Embedded DB •  5 hosts/50 VMs •  External DB •  <1000 hosts/<10,000 VMs (64 bit) •  A web-based configuration interface58
  59. 59. Feature Overview  vCenter Server Appliance supports: •  The vSphere Web Client •  Authentication through AD and NIS •  Feature parity with vCenter Server on Windows •  Except – •  Linked Mode support •  Requires ADAM (AD LDS) •  IPv6 support •  External DB Support •  Oracle is the only supported external DB for the first release •  No vCenter Heartbeat support •  HA is provided through vSphere HA59
  60. 60. New Licensing60
  61. 61. vSphere 5 licensing: Evolution Without Disruption vSphere 4.x vSphere 5 Licensing Unit Processor = Processor ! Core per proc Restricted < Unlimited Physical RAM Restricted < Unlimited per host Pooled vRAM Amt of vRAM pooled NA ≠ entitlement across entire environment61
  62. 62. What is vRAM? Virtual memory configured √ to virtual machines ≠ Physical RAM available in X the server62
  63. 63. What is vRAM?  vRAM is the memory configured to a virtual machine  Assigning a certain amount of vRAM is a required step in the creation of a virtual machine63
  64. 64. Key concepts - Example 4 licenses of vSphereEach vSphere Enterprise Enterprise Edition Edition license entitles vRAM Pool (256GB) provide a vRAM pool of to 64GB of vRAM. 256GB (4 * 64 GB) Consumed vRAM = 80 GB 64GB 64GB 64GB 64GB Customer creates 20 VMs with 4GB vRAM each vSphere Ent vSphere Ent 1 1 1 1 CPU CPU CPU CPU Host A Host B Compliance = 12 month rolling average of Consumed vRAM < Pooled vRAM Entitlement64
  65. 65. vSphere 5 Editions t New in vSphere 5.0 Essentials Essentials Enterprise` Essentials Essentials Standard Standard Advanced Enterprise Plus Plus Plus vRAM Entitlement per proc 32 GB 32GB 32 GB 64 GB 96 GB vCPU 8 way 8 way 8 way 8 way 32 wayFeaturesHypervisorHigh AvailabilityData RecoveryvMotionVirtual Serial Port ConcentratorHot AddvShield ZonesFault ToleranceStorage APIs for Array IntegrationStorage vMotionDistribute Resource Scheduler &Distributed Power ManagementDistributed SwitchI/O Controls (Network and Storage)Host ProfilesAuto deploy tProfile-Driven Storage tStorage DRS t All editions include: Thin Provisioning, Update Manager, Storage APIs for Data Protection, Image Profile, and SLES (except Ess and Ess +)65
  66. 66. Site Recovery Manager 566
  67. 67. Business Continuity at Lower Cost and Complexity for All Apps Local Site Failover Site vSphere vSphere vSphere vSphere vSphere Improved in 2011 Local Availability Disaster Recover Improved   vSphere High Availability in 2011   vCenter Site Recovery Manager   vSphere Fault Tolerance   Includes vSphere Replication   vMotion New Data Protection in 2011 Improved   vSphere Data Recovery in 2011   vSphere Storage APIs for Data Protection67
  68. 68. vCenter Site Recovery Manager Ensures Simple, Reliable DR Site Recovery Manager Complements vSphere to provide the simplest and most reliable disaster protection and site migration for all applications Provide cost-efficient replication of applications to failover site •  Built-in vSphere Replication Site A (Primary) Site B (Recovery) •  Broad support for storage-based VMware Site Recovery VMware Site Recovery replication vCenter Server Manager vCenter Server Manager Simplify management of recovery and VMware vSphere VMware vSphere migration plans •  Replace manual runbooks with centralized recovery plans •  From weeks to minutes to set up new plan Servers Servers Automate failover and migration processes for reliable recovery •  Enable frequent non-disruptive testing •  Ensure fast, automated failover •  Automate failback processes68
  69. 69. Key Components Of SRM 5 Site Recovery Manager •  Manages recovery plans Site vCenter Server Recovery •  Automates failovers and failbacks Manager •  Tightly integrated with vCenter and replication Choice of Replication Options vSphere vSphere Replication •  Bundled with SRM •  Replicates virtual machines between vSphere clusters Storage Storage-Based Replication (3rd party) •  Provided by replication vendor •  Integrated via replication adapters created, certified and supported by replication vendor Required at Both Protected and Recovery Sites69
  70. 70. What’s New In Site Recovery Manager 5.0?  vSphere Replication Expand DR coverage to •  Bundled with SRM at no additional cost Tier 2 apps and smaller •  Provides simple, cost-efficient replication sites between vSphere clusters  Automated failback •  Bi-directional recovery plans •  Automates failback to original site Streamline planned migrations  Planned migration •  New workflow that can be applied to any (for disaster avoidance, recovery plan planned maintenance, …) •  Ensures no data-loss, application-consistent migrations of virtual machines  Others •  More granular control over VM startup order •  Protection-side APIs •  IPv6 support70
  71. 71. Simplify Replication Management With vSphere Replication Storage-based Replication Overview SharePoint Datastore Group VMFS A vSphere Replication provides simple management Web Datastore of replication LUN 1   Managed directly from vCenter App VMFS B Datastore Hub   Managed at the individual VM-level LUN 2 SQL vSphere Storage Admin Admin Benefits vSphere Replication SharePoint   Eliminate complex interactions between vSphere and storage teams to set up Web replication   Eliminate need to shuffle VMs between App datastores to map applications to replicated LUNs vSphere SQL Admin71
  72. 72. vSphere Replication Complements Storage-Based Replication Replication Cost Management Performance Provider •  Low-end storage •  VM’ granularity •  15 min RPOs supported •  Managed directly •  Scales to 500 VMs vSphere •  No additional in vCenter VMware •  File-level Replication replication consistency software •  No automated failback, FT, linked clones, physical RDM •  Higher-end •  LUN – VM layout •  Synchronous replicating •  Storage team replication Storage-based storage coordination •  High data volumes Replication •  Additional •  Application replication consistency software possible72
  73. 73. Planned Migrations For App Consistency & No Data Loss Planned Migration Overview Two workflows can be applied to recovery plans:   DR failover 1 Shut down 3 Recover app-   Planned migration production VMs consistent VMs Site A Site B Planned migration ensures application consistency and no data-loss during migration   Graceful shutdown of production VMs in application consistent state   Data sync to complete replication of VMs vSphere vSphere   Recover fully replicated VMs Replication Benefits 2 Better support for planned migrations Sync data, stop replication   No loss of data during migration process and present LUNs to vSphere   Recover ‘application-consistent’ VMs at recovery site73
  74. 74. Automated Failback To Streamline Bi-Directional Migrations Automated Failback Overview Re-protect VMs from Site B to Site A   Reverse replication   Apply reverse resource mapping Automate failover from Site B to Site A Reverse original recovery plan   Reverse original recovery plan Restrictions Site A Site B   Does not apply if Site A has undergone major changes / been rebuilt   Not available with vSphere Replication vSphere vSphere Reverse Benefits Replication Simplify failback process   Automate replication management   Eliminate need to set up new recovery plan Streamline frequent bi-directional migrations74
  75. 75. vCloud Director 1.575
  76. 76. VMware vCloud Director Builds on vSphere to Transform IT.New in vCloud Director 1.5   Builds on vSphere and scales up to Organization 1 Organization m 10,000 VMs and 25 vCenter Servers Users   Creates virtual datacenters, by pooling VMware vCloud Director resources into new units of consumption User Portals Catalogs Security   Securely enables the cloud with vShield, LDAP authentication, and RBAC Virtual Datacenter 1 (Gold) VMware vShield Virtual Datacenter n (Silver)   Provides self-service portals and standardized infrastructure catalogs VMware VMware   Isolates users into organizations with vCenter Server vCenter Server vCloud API unique catalogs, policies, and LDAP VMware vSphere VMware vSphere Secure Private Cloud Programmatic Control Public Clouds and Integrations   vCloud API and extensions enables cloud portability, orchestration, and integrations76
  77. 77. What s New in vCloud Director 1.5 Most Agile Access to Secure Isolation and The Only Hybrid Cloud Cloud Infrastructure Simple Management Infrastructure •  Fast Provisioning (Linked •  vCloud Messages •  vShield Edge VPN Integration Clones) •  Microsoft SQL Server Support •  vApp Custom Guest Properties •  Expanded vCloud API and •  Cisco Nexus 1000V Integration SDK •  Globalization •  vSphere 5 support77
  78. 78. Fast Provisioning using Linked Clones Overview •  Provisions new VMs from a template without replicating the entire image •  Instead, links the images (clones) so that common elements are stored only once vmdk vmdk vmdk Benefits •  Dramatically speeds up provisioning time Template from >2 minutes to <5 seconds vmdk •  Reduces storage footprint (and cost) by over 60%78
  79. 79. Linked clones – behind the scenes   Source VM disk serves as a base disk   Provisioning a new VM creates an empty delta disk (aka redo log) and not a full clone of the source. The delta disk is linked to the parent disk   All writes go to the delta disk. Reads walk up the chain until the desired block is found   Subsequent clones of the new VM can lead to more delta disks in this chain Writes Link Reads79
  80. 80. Cross Datastore Management – How it works vCloud Director 1.5 vCenter Server 1 vCenter Server 2 (S) VM-2 VM-3 VM-4 VM-5 VM-6 (L) (L) (L) (L) (L) Datastore-1 Datastore-2 Datastore -380
  81. 81. vApp Custom Guest Properties Overview •  Allows developers and other users to easily pass user data into guest OSes 3 using OVF descriptors. •  Parameters available using VMware tools, 2 vApp Deployment on an ISO, or in the XML for the vApp Configuration vSphere1 Benefits Deploy OVF Package •  Easier post-deployment configuration & OVF Package provisioning of identity to VMs & vApps •  Provides functionality to bootstrap a wide variety of guest customization solution81
  82. 82. vCloud Messages Overview •  Connect vCloud Director to enterprise systems through messaging to rapidly create end-to-end system integrations Benefits •  Integrate vCloud Director with existing IT management tools CMDB IPAM Ticketing82
  83. 83. vShield Product Family83
  84. 84. vShield Product Family Securing the Private Cloud End to End: from the Edge to the Endpoint vShield App vShield Edge Edge - Create segmentation Secure the edge of Security Zone between workloads vShield Endpoint the virtual datacenter Endpoint = VM - Sensitive data discovery Anti-virus processing DMZ Application 1 Application 2 vShield Manager Endpoint = VM Centralized Management84
  85. 85. vShield Edge Capabilities vShield vShield vShield Edge functionality Edge Edge Edge •  Stateful inspection firewall Tenant A Tenant C Tenant X •  Network Address Translation (NAT) •  Dynamic Host Configuration Protocol (DHCP) •  Site to site VPN (IPSec) •  Web Load Balancer Secure Secure Secure Virtual Virtual Virtual Appliance Appliance Appliance •  (NEW) Static Routing •  (NEW) Certificate mode support for IPSEC VPN Management features •  REST APIs for scripting •  Logging of functions Firewall Load balancer VPN 8585
  86. 86. Securing the Data Center Interior with vShield App   Key Benefits •  Complete visibility and control to the Inter VM traffic enabling multi trust zones on same ESX cluster. •  Intuitive business language policy leveraging vCenter inventory.86
  87. 87. vShield App Architecture vShield   Hypervisor-Level Firewall vShield App App •  Inbound/outbound connection control enforced at the virtual NIC level •  Dynamic protection as virtual vSphere vSphere machines migrate •  Protection against ARP spoofing vShield ESXi Host ESXi Host Manager vSphere vCenter Client Server87
  88. 88. Network segmentation   Two approaches •  vCenter Server container objects: •  Datacenters •  Clusters •  Resource pools •  vApps •  Port groups •  Topology-independent •  Security groups are administrator-defined, business-relevant groupings of any virtual machines by their virtual NICs. Examples: •  Deny traffic from Contractors Desktops pool to the Business Apps pool. •  Allow DNS traffic from DC01 to the DNS server at •  Allow VMs in Web-Tier to communicate with VMs in DB-Tier.8888
  89. 89. vShield Data Security for Compliance Readiness 800% increase in data volumes in Data Centers, 80% of which is unstructured, i.e. not in databases UBS View from 2010 Gartner Data Center Conference Discover Sensitive Data in the virtual environment 1 Choose from built in templates for most common types of sensitive data Continuous Data •  PII Personally Identifiable Information Privacy Sweep •  PCI-DSS Payment Card Industry Standard •  PHI Patient Health information 2 Continuous sweep of datacenter scanning for sensitive data in unstructured files 3 Generate actionable reports about the discovery of sensitive data Continuous agentless discovery of data across all virtual machines89
  90. 90. Sensitive Data Discovery: Policy Management  Regulations90
  91. 91. Sensitive Data Discovery: Policy Management91
  92. 92. Sensitive Data Discovery: Policy Management  Target VMs92
  93. 93. Sensitive Data Discovery: Policy Management  Target Files93
  94. 94. 94
  95. 95. vCenter Operations95
  96. 96. VMware’s Vision: Intelligent Policy ManagementDay N Problem – Ongoing Maintenance  SLA Monitoring w/ vCOps Availability = 99.99% Availability = 99.9% Availability = 99.% DR RTO = 1 hour DR RTO = 3 hour DR RTO = none Back up = daily Back up = weekly Back up = none Storage capacity = 10 TB Storage capacity = 10 TB Storage capacity = 10 TB Gold Performance = High I/O Security = High Silver Performance = Med I/O Security = Mid Bronze Performance = low I/O Security = low Cloud Infrastructure (vSphere, vCenter, vShield, vCloud Director)96
  97. 97. Learn Normal Behavior and Identify Abnormalities GRAY  BAR   Upper  and  Lower  band   of  Dynamic  Threshold  -­‐   “Normal”   BLUE  LINE   Metric’s  Current   Value   RED  BAR   Breached  Dynamic   Threshold  –  “Abnormal”     Doesn’t assume IT data has a normal bell-shaped distribution   Sophisticated Analytics – 8 different algorithms   Learns your dynamic ranges of “Normal” without templates   Learns patterns of behavior and identifies Abnormalities97
  98. 98. Vc Ops vSphere UI – Unified Dashboard   Launching Pad •  Click to Drill down   Focused on problems •  Click to drill into details! •  Almost everything is clickable   Main Themes •  Health •  Risk •  Efficiency   New Concepts •  Faults •  Weekly Stress Profile •  Reclaimable Waste •  Density98
  99. 99. vC Ops vSphere UI – Two Different Users Operations Short and Long Term Capacity•  Immediate •  Forward problems Looking•  What is •  Are there happening areas that I right now? should be•  What do I concerned need to pay about from a attention to? capacity perspective? •  Have I deployed my VI in the most efficient manner? 99
  100. 100. vC Ops Default UI – Major and Minor Badges •  High level Understanding Major x 3 •  Calculated from scores of Minor Badges •  Specifics Minor x 8 •  Guidance100
  101. 101. Operations: Major Badge – Health  “How is this object doing right now?" •  Identifies current problems in the system •  Issues that need to be resolved immediately to avoid problems  High Health is good (100-0)  Heatmap •  Provides quick view of many objects at once •  Shows Health of all parent and child objects •  Go back in time (6 hours) and see the “weather” of the Virt Infrastructure  Health Score is calculated from its Minor Badges •  Workload •  Anomalies •  Faults101
  102. 102. 95 Operations: Health Minor Badge – Workload  Measures how hard an object is working?  High Workload is bad (0-100 or more!) •  Percentage of Demand divided by effective capacity •  As workload approaches (and exceeds) 100%   Performance Problems!   Improved Network and Disk I/O   Starving object for resources! calculations  Focused attention   Eliminates idle networks and storage from showing High Workload •  CPU   Limit the erroneous 100% Workload •  Memory scores •  Disk I/O •  Network I/O102
  103. 103. Operations: Health Minor Badge – Anomalies  Measures how normal is this object behaving? •  Is what the vC Ops 1.x Health score was, but now inversed  Derived from the number of metrics that are outside of their “Normal” trended ranges •  Learns dynamic ranges of “Normal” for each metric   Anomalies Chart •  Identifies metric abnormalities •  Current number of Abnormal  Low Anomalies is good (0-100) Metrics •  Zero meaning the object is performing •  Problem/Noise Threshold exactly the way vC Ops expects it to for   Crossing problem threshold will that time of the day, that day of the week increase the Anomalies Score •  A high number of anomalies are usually   Does not generate an alert in an indication of a problem this vSphere UI 103
  104. 104. Operations: Health Minor Badge – Faults  Measures the degree of faults or   Best Practices: problems the object is •  Do not change the Faults experiencing Threshold •  Pulled from active vCenter events •  Use Alerts View to manage  VMware specific knowledge of Faults which vCenter Events affect   Faults shown in Widget Availability and Performance (examples): •  Loss of redundancy in NICs or HBAs •  Memory checksum errors •  HA failover problems  Low Faults is good (0-100) •  Each fault has a default score (e.g. 25, 50, 75, 100) •  Highest individual Fault Score drives the Fault object Score104
  105. 105. Capacity Planning: Major Badge – Risk  Are there future risks to my systems and VI?  Identifies potential problems that could eventually hurt the performance  Low Risk is good (0-100)  Risk Score is calculated from its Minor Badges •  Time Remaining •  Capacity Remaining •  Stress  Risk Chart •  Shows Risk score over the last 7 days105
  106. 106. Capacity Planning: Risk Minor Badge – Time Remaining  Measures time remaining before each resource type reaches its capacity •  CPU •  Memory •  Disk •  Network I/O  Early warning of upcoming provisioning needs •  Avoid future performance issues  High Time Remaining is good (100-0)  Graph shows resource utilization trends106
  107. 107. Capacity Planning: Risk Minor Badge – Capacity Remaining  Measures how many more VMs can be placed on the object  Percentage of Total VM “Slots” Remaining •  Based on the average size of the VM on the object (e.g. VM profile) •  Each object has its OWN VM   333 More VMs correlates to profile size: Host, Cluster, 77% Capacity Remaining for Datacenter, Etc. this object  High Capacity Remaining is good (100-0) •  Zero mean no room left for more VMs107
  108. 108. Capacity Remaining Calculation  Determine Capacity Constraint Resource •  Dashboard Chart does not show which resource is the limiting one •  Must drill into the Details Chart  Deployed or Powered On VMs •  Deployed/Powered Off VMs only use disk space resources •  Powered On VMs uses ALL of the 4 resources  Calculation Example Shown: •  Limiting Resource is Disk Space with 333 VMs available •  Use the Deployed VM number of 99 to do the calculation for percentage space remaining •  Determine Capacity Remaining •  333 / (333 + 99) = 77%108
  109. 109. Capacity Planning: Risk Minor Badge – Stress  Stress measures long-term or chronic workload •  Workload shows an instantaneous value •  Stress looks over a longer period of time  Quickly find and resolve •  Undersized objects •  Population contention  Low Stress is good (0-100)  Stress score encompasses a six (6) week period   Chart shows weeks break down of Stress for each •  Workloads > 70% = “Stressed” day/hour averaged over the •  Threshold Configurable last six (6) Weeks109
  110. 110. Capacity Planning: Major Badge – Efficiency  Are there optimization opportunities in my systems?  Shows you how to run a leaner datacenter  Save $$$ by better utilizing resources  High Efficiency is good (100-0)  Efficiency Score is calculated from its Minor Badges •  Reclaimable Waste •  Density   Three Resources Considered  Graph Depicts VMs by Percent •  CPU •  Memory •  Optimal – Optimally Provisioned VMs •  Disk Space •  Waste – Over Provisioned VMs   Note: VMs can appear in Stress •  Stress – Under Provisioned VMs and Waste110
  111. 111. Capacity Planning: Efficiency Minor Badge – Reclaimable Waste  Measures the over-provisioning for an object  It identifies the amount of reclaimable resources •  CPU •  Memory •  Disk  Low Reclaimable Waste is good (0-100)   Graph shows breakdown of the  Reclaimable Waste = Reclaimable Waste section of the Efficiency Capacity / Deployed Capacity Badge pie chart •  Score depicts the MAX of the CPU, •  % Idle VMs (based on configured Memory and Disk calculation settings) •  Disk calculation can also include old •  % Powered Off VMs snapshots and templates •  % Oversized VMs111
  112. 112. Capacity Planning: Efficiency Minor Badge – Density  Contrasts Actual vs. Ideal Density  Identify Optimal Resource Deployment Before Contention Occurs  Greater Consolidation à $$$  High Density is good (100-0)  Measures consolidation ratios: •  VMs/Host Ratios •  vCPU/Physical CPU Ratios •  vMem/Physical Memory Ratios112
  113. 113. vCenter Operations Management Special Offer113
  114. 114. Resources114
  115. 115. Resources on ESXi Migrations •  ESXi and ESX Infocenter •  vSphere 5 Upgrade Center  VMware VMTN Communities: ESX and ESXi115
  116. 116. Questions116