6. Enhanced vCenter 4.1 Scalability – “Cloud Scale”
vSphere 4 vSphere 4.1 Ratio
VMs per host 320 320 1x
Hosts per cluster 32 32 1x
VMs per cluster 1280 3000 3x
Hosts per VC 300 1000 3x
Registered VMs per VC 4500 15000 3x+
Powered-On VMs per VC 3000 10000 3x
Concurrent VI Clients 30 120 4x
Hosts per DC 100 500 5x
VMs per DC 2500 5000 2x
7. Agenda
VMware Approach to Cloud Computing
vCloud Director and Concepts
vCloud Request Manager
vCenter Cloud Connector
vCenter Chargeback
Questions
8. Support all applications
vApp: Standard Application Package
Availability =
99.99%
Security = High
Performance =
500 msec
SLA Definitions
vApp
App
OS
App
OS
App
OS
VMware Infrastructure Virtual Datacenter OS
An uplifting of a virtualized
workload
• VM = Virtualized Hardware Box
• vApp = Virtualized Software Solution
Properties
• Comprised of one or more VMs
(may be multi-tier applications)
• Encapsulates resource requirements on
the deployment environment
• Distributed in industry standard Open
Virtualization Format (OVF)
Built by
• ISVs / Virtual Appliance Vendors
• IT administrators
• SI/VARs`
Cloud 1
Cloud OS
Management Federation &
Choice
Standards
Cloud 2
Cloud OS
Management
10. vCloud Director
vCloud Director provides the
interface, automation, and
management feature set to
allow enterprises and service
providers to supply VMware
Infrastructure resources as a
web-based service.
Users of vCloud Director can
serve themselves by creating,
using, and managing virtual
machines and vApps, while IT
maintains control and bills for
usage.
VM Users
IT/ Service
Providers
Chargeback
“Infrastructure as a Service”
11. vCloud Director Areas of Investment
Cloud Middleware
Resource Management spanning vSpheres
Multi-Tenancy & Isolation
Catalogs of VMs, vApps, Media
Connectivity to Clouds
vSphere
Virtualization of physical resources
User Interface
End-User
Self Service Interface
IT Admin Controls
over Users
vCloud API
Use and Manage
Pure Virtual Resources
VIM API
Create & Manage Virtualization
of physical resources
The VI Client Plugin
Manage External
Cloud Capacity
Transfer vApps between
internal and external
clouds from the VI Client
The “Cloud OS”
Cloud
Middleware
Cloud
Applications
3rd Party Services
Built on top of the
various client libraries
published for
accelerated
development
12. vCloud Director architecture … the basics
vCenter
ESX ESX
vSphere
Client
vCenter
ESX ESX
vCenter
ESX ESX
vCD Cell(s)
vCloud APIs
vSphere Client (Plug-in)
vCD Portal
“Build your Own tool/portal”
Post vCD GA
Resource Pod
13. Architecture
• Scalability
• Horizontal scaling at both application
and physical infrastructure layers
• Add vCloud Director Servers as need
increases
• Add vCenter & ESX servers for
additional capacity
• Security
• Operation over Internet
• User permissions
• Multi-tenancy
• Availability
• Limit single points of failure
…
Replication
for backup
& availability
…
Secure
Clients
Secure
Clients
Secure
Clients
Public
Internet
Load
Balancer
Director
Server
Database
Message Bus
resource pools,
storage, network
Director
Server
Database
Director
Server
resource pools,
storage, network
14. Secure Client
Remote
Console
Image
Transfer
vCenter
ESX
Datastore
VM files
Media
Share
vCloud API
Frontend
Transfer
Service
vCenter Agent
vCenter
Server
Cloud Agent
vmkernel
Other OSGi Services
Reaction
System
Console
Proxy
VC
Inventory
VC
Control
Inventory
Collector
Task
Updates
VC Proxy
…
Replication
for backup &
availability
…
Secure
Clients
Secure
Clients
Secure
Clients
Public
Internet
Load
Balancer
vCD
Stateless
Serer
Database
Message Bus
resource pools,
storage, network
vCD
Stateless
Server
Database
vCD
Stateless
Server
resource pools,
storage, network
vCD scale out architecture … more details
15. vCloud Director Benefits Beyond vSphere
Multi-Tenant Self-Service User Interface
Web based for easy deployment
Designed for the Non-IT User
Ability for multiple organizations to use the application strictly isolated from each
other
Migrate workloads between onsite or offsite resources
Central Catalogs of VMs/ vApps, Media, and Software
Simple user interface to all the IT resources they need
Personalization of templates
Ability to deploy multiple identical copies of vApps
IT Control over Users
Control user resource usage through roles/rights, quotas, leases
Chargeback for Billing
Data collection for billing on resource allocation
User Abstraction from Underlying Hardware
Ability to scale installation without impacting users or how they use the application
Users don’t know what compute and storage resources are being used
Resource allocation decisions made by the infrastructure, not by the user
16. Gold” vDC
“Silver” vDC
Physical
Group
Resources
into
“Offerings”
with Specific
costs
Resource
Groupings
Org Resource
Allocation
Org: NASA
Access Control
vDCs
Catalogs
Provisioning Policies
Org: LANL
Access Control
vDCs
Catalogs
Provisioning Policies
Host
Network
SAN
vSphere
Resource Pool
Datastore
Port Group
New Resource Abstractions
vCloud DIrector
Provider vDC
Provider vDC
17. Containers
vCloud Director
Organization
vApp
vDC
Organization: Top Level User Container
Set up by installation administrator
• Hard Walls (multi-tenancy) or Soft Walls
• Access Methods (self service, API)
• Users with Roles/Rights
• Fully-Virtual Resources
• Catalogs (Template, Media, vApps)
• Policies (Quotas, Leases)
vDC: Resource Containers
• A deployment environment for vApps.
• Owned by an Org; Orgs may have multiple vDCs.
• Bundles storage, compute and networking
•E.g. 500Gb of fast storage,
•100 GHz/30Gb RAM of compute, etc.
• Abstracted resource container
• Not a user container
vApp: Grouping of dependent VMs
• Fenced or Unfenced (at deploy time)
• vCloud vApp has slightly different capabilities from
VC vApp
Single metaphor and naming
between public and private clouds
18. vCLoud DIrector Administrators (root)
• Users who set up organizations and allocate them
access methods, users, virtual resources, catalogs.
• In small deployments, the same as the vSphere
Administrator.
Organization Administrators
• Can add users to the organization directly or through
LDAP groups and give them roles
• Control permissions for users
vApp Owner
• Full control over a vApp
Custom Roles
• Can be defined by those given rights
• Template creator, application owners, read-only
users, technical support reps, etc.
Actors
The core actors are the owners
of each of the containers.
vCloud Director
Organization
vApp
vDC
19. Multiple Types of Object in Catalogs
• Template catalogs (personalize when used)
• vApp catalogs (don’t personalize)
• Media catalogs (ISOs, virtual floppies)
Multiple Catalog Scopes
• Catalogs are associated with one or more
organizations
• Upload and Download to & from Catalog
The API exposes a central “Catalog”
• Union of the different catalogs
• Content-aware (interpret OVF files, etc.) and contains
objects
• Common permissions and query model
• Extensible as object types added/removed
• Makes it easier to search across objects
Catalogs
Linux Templates
Windows Templates
Weblogic vApps
Basic Media
Catalog
Oracle vApps
Premium
Media Catalog
20. Networking
vCloud Director
Organization
vApp
vDC 1
VLAN 1
VLAN 2
“Gray Net”
“Red Net”
Net2
vApp
vDC 2
“WSnet”
“WSnet”
(fenced)
Portgroups mapped into
installation
Net1
“Private”
“Public”
Network
• A Layer 2 segment, plus gateway, netmask, and IP
range, named and associated to a container
Provider Network
• Statically configured, often connected to external
resources (e.g. “Internet”)
• Provider networks can be shared between multiple
organizations with restrictions set on IP address
usage
Network Pool:
• Collection of “generic” networks for use internal to
an organization
• Network Pools provide capacity for vApp networks
and Org networks.
Network Device
• Virtual appliance that isolates networks with router,
NAT, and firewall functionality
• Implemented with vShield EDGE
• Managed by vCloud Director and vShield Manager
21. 21
vShield Products
DMZ Application 1 Application 2
Securing the Private Cloud End to End: from the
Edge to the Endpoint
Edge
vShield Edge
Secure the edge of
the virtual datacenter
Security Zone
vShield App and
Zones
Create segmentation between
enclaves or silos of workloads
Endpoint = VM
vShield Endpoint
Offload anti-virus processing
Endpoint = VM
vCenter vShield
Manager
Centralized Management
vDC
vApp
22. vCloud API
• RESTful
• Designed for web infrastructure
• Extensible, Modular
• Release in “Open” form
• Submitted to DMTF
• “Pure Virtual”
• No physical or virtualized constructs
exposed
• VIM API Unchanged
• Subset Already Implemented at vCloud
Express Service Providers:
- Terremark
- Hosting.com
- BlueLock
- Melbourne IT (APAC)
- Logica (EMEA)
22
vApp Upload/Download
vApp Operations
Platform as a Service
Enablement
Task Mgmt
Catalog Mgmt
Inventory Listing
23. vCloud API - Complete list of operations
vApp Operations
POST <vapp-uri>/action/{deploy, undeploy}
POST <vapp-uri>/power/action/{powerOn, powerOff}
POST <vapp-uri>/power/action/{reset, suspend}
POST <vapp-uri>/power/action/{shutdown, reboot}
GET <vapp-uri>/screen
POST <vapp-uri>/screen/action/acquireTicket
vApp Configuration Operations
POST <vapp-parent-element-uri>
DELETE <vapp-element-uri>
PUT <vapp-element-uri>
Inventory Listing
GET <vapp-uri>
GET <vdc-uri>
GET <vAppTemplate-uri>
GET <media-uri>
GET <network-uri>
Catalog Management
GET <catalog-uri>
POST <catalog-uri>/catalogItems
Upload/Download/Provisioning Operations
POST <vdc-uri>/action/composeVApp
POST <vdc-uri>/action/instantiateVAppTemplate
POST <vdc-uri>/action/instantiateOvf
POST <vdc-uri>/action/annotate
POST <vdc-uri>/action/uploadVAppTemplate
POST <vdc-uri>/media
PUT <upload-uri>
GET <download-uri>
DELETE <resourceEntity-uri>
Task Management
GET <tasks-list-uri>
GET <task-uri>
POST <task-uri>/action/cancel
Service Provider Automation
Create/Delete/Update Org
Create/Delete/Update vDC for an Org
Create/Delete/Update an Org Network
Create/Delete/Update Org Catalogs
Create/Delete/Update Users, Groups, Roles
24. Scale up to large deployments
New Scale Testing Targets
Virtual
Center
Virtual
Center
Virtual
Center
Virtual
Center
Per
Instance
VMs 10,000
Deployed VMs 5,000
Concurrent VMware
Remote Consoles 300
Deployed vApps 20,000
VMs per vApp 128
Users 10,000
Concurrent Users 2,000
Orgs 5,000
Users per Org 1,000
vApps per Org 500
Datastores per vDC 256
VC servers 25
Hosts 1000
25. Agenda
VMware Approach to Cloud Computing
vCloud Director and Concepts
vCloud Request Manager
vCenter Cloud Connector
vCenter Chargeback
Questions
26. What is vCloud Request Manager?
• Add sophisticated workflow driven approvals
processes to provisioning requests.
1. Provisioning with Approvals
• Automatically track software license usage in the cloud.
2. Software License Tracking
• Simplify the creation of “Organizations” and enforce
standardization through “Blueprints”.
3. Policy Based Cloud Partitioning
27. Cloud Consumer (eg: QA Engineer): Requests new vApp based on template.
Approver (eg: Line Manager): Receives email notification and approves via email.
Key Value: Controlled approvals and governance
Capability: vApp Provisioning with Approvals
Initiate Request Approval Workflow Email Notification
28. Asset Manager: Associates software licenses with vApp templates.
Key Value: Automatically track software license usage in the Cloud.
Capability: Software License Tracking
Licenses Allocated on vApp Creation Licenses Freed on
vApp Deletion
29. Capability: Policy Based Cloud Partitioning
Cloud Consumer (eg: Project Manager, QA Manager): Requests new “Cloud”.
Approver (eg: Line-Manager): Receives email notification and approves via email.
Initiate Request Approval Workflow Email Notification
Key Value: Simplify creation and management of Organizations.
30. How Does vCloud Request Manager Work?
Element
Management
Cloud
Administrator
Cloud
Consumer
Approver(s)
VMware vCloud Request Manager
Private Cloud A
vSphere
Private Cloud B
vSphere
Service Provider
vSphere
Emails
Portal Blueprints
License
Mgt
Workflow
vCloud
API
VMware vCloud
Director
VMware vCloud
Director
Organizations
Catalogs
vDCs
VMware vCloud
Director
Organizations
Catalogs
vDCs
Organizations
Catalogs
vDCs
31. 32
VMware Approach to Cloud Computing
vCloud Director and Concepts
vCloud Request Manager
vCenter Cloud Connector
vCenter Chargeback
Questions
Agenda
32. 33
Transfer workloads from vSphere and VMware clouds
FUTURE: Coming early 2011
View multiple vClouds inside
vSphere Client
Single pane of glass management
• Create new vApp from catalog
• Basic actions on vApp
• Basic property edits (e.g. network
configuration in fence mode)
Enables workload transfer between
vSphere and clouds
• Workload transfer to VMware vCloud
Director private or public clouds from
within the VI Admin’s primary interface.
35. 36
VMware Approach to Cloud Computing
vCloud Director and Concepts
vCloud Request Manager
vCenter Cloud Connector
vCenter Chargeback
Questions
Agenda
36. 37
Allocation Pool
• “Bill for the container”
• Organizations are charged for the capacity
allocated to their vDCs, which they can expand
or contract at any time through SP.
• Predictable end of month billing
• No Resource QOS in this model
• Service Provider controls resource overcommit
Reservation Pool
• “Bill For the Container-Plus”
• As above, Organizations charged for VDC
capacity
• Full Resource management controls
(reservations, limits, shares) available to end
users.
• Service Provider cannot overcommit resources
Pay-Per-VM
• Purchase VMs of specified sizes for a certain
amount per month
• Predictable end of month billing
• Requires categorization of VMs
vCloud Director Supports Three Modes:
Extremely Flexible
Small Medium Large
MHz-hours
GB RAM-hours
GB disk-hours
Chargeback 1.5 & Resource Modes
37. 38
Chargeback Hierarchies
vCloud Director Integration
• Chargeback automatically creates hierarchies for organizations
• Folders representing costing models are created per organization
vCloud Chargeback Folders
• Allocation Pool
• Reservation Pool
• Pay-As-You-Go
• Networks
38. 39
Cost Models
vCloud Director Resource Allocation Models
• Allocation Pool
• Tracks allocated units of committed resources and charges according to the
configured base rates
• Resource Pool
• Similar to the allocation pool model
• Only difference is that actual usage cannot exceed reservations
• Pay-As-You-Go
• Uses the “Fixed Cost” Billing Policy which provides for a per-VM instance charge
• Other fixed costs may also be applied
vCloud Networking
• Uses allocation of IP address reservations and calculates charges based on
hourly average broadband usage
