6. 6
Virtualization and Cloud Computing
Virtualization
Key Characteristics Key Benefits
• Server consolidation and containment
• Resource pooling
• Virtualized workloads
• Capital expenditure (CAPEX) savings
• Higher utilization
• Flexibility
Cloud Computing
Key Characteristics Key Benefits
• Secured multitenancy
• On-demand resources
• Self-service portal and service catalog
• Resource tiering and chargeback
• Economies of scale
• Elastic resources and more efficient utilization
• Line of business agility and operational
expenditure (OPEX) savings
• Financial cost transparency
7. 7
Why Not Just Virtualization?
§ Challenges in a Virtualized Environment
• Multitenancy support – How to securely segment resources by user
organization
• Controlling VM sprawl – Pricing resources to shape user behavior
• Self-service provisioning – Avoiding the IT provisioning bottleneck
• How do you accurately “charge” users for their resources to
discourage the notion that VMs are “free” resources?
• Can different organizations compete for the same resources?
• Can VMs from different organizations see each other?
Administrator
Users
• Can we have a defined catalog of VMs
for user self-provisioning while ensuring
some level of control?
8. 8
Why Cloud Computing?
§ Extending vSphere with Cloud Computing Benefits
• Multitenancy support – Control access and visibility to resources
• Self-service portal for user provisioning through catalogs
• Resource allocation models integrated with chargeback
• Economies of scale with elastic resources under your control
Catalog
Web Portal
Users
• Self-service portal for users
• Role-based security
• Catalogs of predefined VMs
• VMs assigned with allocation/cost model
and quotas
• Resources and access secured along organizational boundaries
• Add capacity seamlessly and reclaim unused resources via leases
• Chargeback reports aligned to resource allocation
models to shape user behavior
13. 13
Change in the way we Manage things
§ vSphere was traditionally the management layer
• Did not matter if vCenter was down for maintenance before
§ With vCloud Director vCenter is more “Application” Layer
• Much of the eco-system interfaces with vCenter
§ vSphere administrators may not be vCloud Administrators
• vSphere lockdowns (Do’s and Dont’s)
§ Orchestration and customization may be important
• Approvals and other workflows
§ High availability of all components involved
• vCenter Heartbeat
• Database Log Shipping
• FT on vShield Manager
14. 14
Possibly New or Deeper Skillsets
§ vSphere / ESX
• Still a foundation and needs care and feeding
§ Deeper Storage Skills
• Storage design for vCloud
§ Deeper Networking & Firewall skills
• vShield Edge, routing, NAT
§ Scripting (PowerCLI)
§ Workflows / Automation
• vCenter Orchestrator
§ Capacity Planning
§ Then - ESX, vCenter and some Scripting
§ Now – Total IAAS Management
15. 15
Eco-System in Practice - One vCloud, Two Buildings
§ Two On-Campus Datacenters
§ 2 vCloud Director Cells per building (4 Total Cells)
• Single NFS mount in Building A
• F5 GTM Load Balancer
§ 1 vCenter Server per building (2 Total)
• Protected with vCenter Heartbeat
• 1 Update Manager server per building
• 1 Cluster per vCenter
§ vShield Manager per building
• Protected use VMware Fault Tolerance
§ Database Servers per building
§ vCenter Orchestrator Server per building
§ Published Master Catalogs
22. 22
Allocation Model Impact on vCenter Resource Pools
Attribute Resource Pool Configuration for each Allocation Model
Allocation Model Pay-As-You-Go Allocation Pool Reservation Pool
Org vDC CPU
Speed
No configuration change Not Configurable Not Configurable
Org vDC CPU
Allocation
Not Configurable Resource Pool CPU
Limit = vDC CPU
Allocation
Resource Pool CPU Limit
& Reservation = vDC
CPU Allocation
Org vDC CPU
Guarantee %
Resource Pool CPU
Reservation = Sum of all VM
CPU Reservations
Resource Pool CPU
Reservation = vDC CPU
Guarantee % x vDC
CPU Allocation
Not Configurable
Org vDC Memory
Allocation
Not Configurable Resource Pool Memory
Limit = vDC Memory
Allocation
Resource Pool Memory
Limit & Reservation =
vDC Memory Allocation
Org vDC Memory
Guarantee %
Resource Pool Memory
Reservation = Sum of all VM
Memory Reservations
Resource Pool Memory
Reservation = vDC
Memory Guarantee % x
vDC Memory Allocation
Not Configurable
Notes Resource Pool CPU &
Memory has Expandable
Reservations and is Unlimited
No Expandable
Reservations for CPU &
Memory is not Unlimited.
No Expandable
Reservations for CPU &
Memory is not Unlimited.
23. 23
Allocation Model Impact on VM Configuration
Attribute Virtual Machine Configuration for each Allocation Model
Allocation Model Pay-As-You-Go Allocation Pool Reservation Pool
Org vDC CPU
Speed
Virtual Machine CPU Limit = vDC
CPU Speed x No. Virtual Machine
vCPUs
Not Configurable Not Configurable
Org vDC CPU
Allocation
Not Configurable No Virtual Machine CPU
Reservation or Limit
No Virtual Machine
CPU Reservation or
Limit
Org vDC CPU
Guarantee %
Virtual Machine CPU Reservation
= vDC CPU Guarantee % x Virtual
Machine CPU Limit
No Virtual Machine CPU
Reservation
Not Configurable
Org vDC Memory
Allocation
Not Configurable Virtual Machine Memory
Limit = Virtual Machine
Memory Allocation
No Virtual machine
Memory Reservation
or Limit
Org vDC Memory
Guarantee %
Virtual Machine Memory
Reservation = vDC Memory
Guarantee % x Virtual Machine
Memory Allocation
Virtual Machine Memory Limit =
Virtual Machine Memory Allocation
Virtual Machine Memory
Reservation = vDC
Memory Guarantee % x
Virtual Machine Memory
Allocation
Not Configurable
35. 35
Customer Networking Use Case Requirements
§ Catalog Items need to have static IP’s that cannot be changed
• (Static IP Pools will NOT be Used)
§ Multiple levels of Testing are required (Org Isolation)
§ Developers need their own isolated space
• Ideal for vApp Networking
§ 1:1 NAT’s will be required for external systems to access VM’s
• Web Services
• HP-UX
• Databases
• Code Repository
§ Multiple External VLAN’s will be needed per Org
§ At least 4 Organizations initially will be needed
36. 36
Customer “Master” Org Networking Use Case
36
Confidential
External Org Network Dedicated VLAN (Routable) 10.x.x.x (TBD)
NAT Routed Org Network
172.1.2.0/22
172.1.2.254/22
VM
.18
VM
.19
Component 2
VM
.16
VM
.17
Component 1
vApps sharing the same Subnet
and Segment for End-to-End
10.x.x.254
Manual 1:1 NAT Example
10.x.x.16 = 172.1.2.16
10.x.x.17 = 172.1.2.17
10.x.x.18 = 172.1.2.18
10.x.x.19 = 172.1.2.19
37. 37
Customer “Functional Testing” Org Networking Use Case
37
Confidential
External Org Network Dedicated VLAN (Routable) 10.y.y.y (TBD)
NAT Routed Org Network
172.1.2.0/22
172.1.2.254/22
VM
.18
VM
.19
Component 2
VM
.16
VM
.17
Component 1
vApps sharing the same Subnet
and Segment for End-to-End
10.y.y.254
Manual 1:1 NAT Example
10.y.y.16 = 172.1.2.16
10.y.y.17 = 172.1.2.17
10.y.y.18 = 172.1.2.18
10.y.y.19 = 172.1.2.19
38. 38
Customer “End to End Testing” Org Networking Use Case
38
Confidential
External Org Network Dedicated VLAN (Routable) 10.z.z.z (TBD)
NAT Routed Org Network
172.1.2.0/22
172.1.2.254/22
VM
.18
VM
.19
Component 2
VM
.16
VM
.17
Component 1
vApps sharing the same Subnet
and Segment for End-to-End
10.z.z.254
Manual 1:1 NAT Example
10.z.z.16 = 172.1.2.16
10.z.z.17 = 172.1.2.17
10.z.z.18 = 172.1.2.18
10.z.z.19 = 172.1.2.19
39. 39
Customer Individual Developer Org Networking Use Case
39
Confidential
External Org Network Dedicated VLAN (Routable) 10.a.a.a (TBD)
vApps isolated on
Direct connected
vApp networks with
dynamically created
1:1 NAT
VM
.16
VM
.17
Component 1
(Developer 1)
vApp Network
172.1.2.0/22
VM
.18
VM
.19
Component 2
(Developer 1)
vApp Network
172.1.2.0/22
vApps deployed from
catalog are NOT
customized and are
identical copies
VM
.16
VM
.17
Component 1
(Developer 2)
vApp Network
172.1.2.0/22
40. 40
§ Every Organization will need a dedicated External VLAN
§ Developer Org will use vApp Networks for Isolation
§ All other Organizations will use NAT Routed Org Networks
§ vApp Catalogs would be building block based
• Base OS Catalog (Single VM vApps)
o Windows and Linux
• “Golden” Image Catalog (Single VM vApps)
o Standard Web Server
o Standard App Server
o Standard DB Server
• Components Catalog (Multi-VM vApps)
Confidential40
Use Case Design Outcome
42. 42
The future of Cloud is unwritten.
You will write it.
We give you choice.
Be their Guide.
43. 43
Experiment with the Providers
§ Search for public providers
• vcloud.vmware.com
• vCloud Express – Generally Shared
• vCloud Datacenter – Generally Dedicated
§ Move workloads between clouds
• VMware vCloud Connector
• Move between vSphere and vCloud
• Build locally then push to cloud
§ Maintain provider based catalogs of your vApps
§ Single API between public and private
• vCloud Providers are using the vCloud API
45. 45
Just Some Interesting Stuff
Do….
§ Change the PAYG Defaults
§ Point Provider vDC’s to Cluster
level
§ Allow access to hosts only in
vCenter
• Use vCenter Roles
§ Always install VMware tools,
needed for customization
§ Get PSO for vCloud Designs
• Terrance Donovan
• Peter Stryzsinski
§ Follow Chris on Twitter and
visit my blog
Don’t….
§ Disable DRS in vCenter under
vCloud
§ Manage VM objects in vCenter
• i.e. change VM settings (NIC)
§ Don’t make too many clones of
clones
• Microsoft Activation Limit
§ Remove any vCenter objects
• i.e. Hosts, VMs, portgroups
§ Call Paul or Chris if you break
something, call GSS