VMUG - vcloud Air Deep Dive 2014 VMware Inc. All rights reserved.
Agenda 1 Overview of vcloud Air 2 Advanced Networking Capabilities 3 Use Cases 4 Overview of Disaster Recovery Service 5 Questions 2
VMware vcloud Air Technical Overview
vcloud Air Offerings VMware vcloud Air is a secure public cloud operated by VMware, built on the trusted foundation of vsphere. The service supports both existing workloads as well as new application development, giving IT a common platform to seamlessly extend their data center to the cloud leveraging the same tools and processes they use today.
vcloud Air Core Services Service Class Consumption Model Shared or Dedicated Environment Infrastructure Subscription Dedicated Infrastructure Subscription Multi-Tenant Infrastructure Pay-as-you-Go Multi-Tenant Recovery Subscription Multi-Tenant
vcloud Air Subscription Services Term Lengths: 1m, 3m, 12m, 24m, 36m subscriptions Dedicated Cloud Physically Isolated Your Own Private Cloud Instance Virtual Private Cloud Logically Isolated Guaranteed Resource Allocation Disaster Recovery Logically Isolated Business Continuity Solution Base Resources: 120GB vram 30GHz vcpu Base Resources: 20GB vram 10GHz vcpu Base Resources: 20GB vram 10GHz vcpu Starts at: 6 TB Starts at: 2 TB Starts at: 1 TB 50 Mbps allocated 1 Gbps burstable 3 Public IPs 10 Mbps allocated 50 Mbps burstable 2 Public IPs 10 Mbps allocated 50 Mbps burstable 2 Public IPs 6 6
Virtual Private Cloud: Subscription vs. OnDemand Subscription OnDemand Fixed Size (Subscription) Shrink and Extend OnDemand Shared Compute Resources Shared Compute Resources
vcloud Air Locations US Northern California US Nevada US Gov Arizona US Texas US New Jersey US Virginia US Gov Virginia Europe UK Europe Germany Japan West vcloud Air Australia vcloud Government Service 8
Challenges of Realizing a True Hybrid Cloud Diverse set of platforms and incompatibility, raise costs and complexity Data Center Options Public Cloud Service CUSTOMER S DATA CENTER CUSTOM HOSTING CO-LOCATION SERVICE MANAGED SERVICE Inelastic consumption Heterogeneous tools Complex networking No authentication No common governance No common security model IaaS Diverse set of standards Incompatible platform 9
True Hybrid Cloud Leverage the economics of IaaS. Run your data center like an IaaS. Data Center Options Public Cloud Service CUSTOMER S DATA CENTER CUSTOM HOSTING vapp CO-LOCATION SERVICE MANAGED SERVICE Elastic Consumption Model Common Management Seamless Networking Common Authentication Common Governance, Billing Common Security Model vapp Common Platform 10
Run Any OS, Any App, Any Platform COMPUTE Overview Runs the largest number of guest operating systems: Multiple generations of Windows/Linux Both 32- and 64-bit Workload agnostic approach with broad range of ISV support Benefits Run legacy existing apps and net-new apps onpremises and in the cloud Run industry-specific software supported on vsphere
Hybrid Connectivity into vcloud Air WWW HTTPS / IPsec VPN Direct Connect Overview Over the Internet: HTTPS or IPsec VPN Over Direct Connect: Private Line or Cross Connect ON-PREMISES vcloud AIR Benefits Multiple options for securely accessing vcloud Air from your on-premises data center No added cost for high bandwidth VPN endpoint Integrate with large set of Network Service Providers for high bandwidth private connections
Network Virtualization in vcloud Air WWW EDGE GATEWAY Test/Dev Network Overview Available services include: Firewall, NAT routing, DHCP, load balancer Create routed and isolated networks, static routes Designed with Active/Standby High Availability Virtual Appliance Isolated Network Benefits DMZ vcloud AIR Mirror on-premises networking policies and avoid reconfiguring applications All software-defined for rapid changing app & security needs Safeguard security and support advanced policies
Simple Migration of vsphere Workloads into the Cloud OVF Overview OVF Import using built-in Java applet vcloud Connector for transferring workloads and catalog synchronization Offline Data Transfer with vcloud Connector for large data transfers Customer Data Center Benefits Flexibility to move apps on- or off-premises as desired; no location lock-in No reformatting of virtual machines required Manage all environments through a unified view
vcloud Connector: Migration of Workloads Across Hybrid Clouds Client vsphere Client vcc UI Plugin Control Plane Content Library vcc Server Data Plane vsphere Node Node vcloud Air Network Private vcloud Node Node vcloud Air ON-PREMISES OFF-PREMISES
vcloud Air vsphere Client Plug-in: Single Pane of Glass Management Across Hybrid Clouds HYBRID MANAGEMENT Overview Free plug-in for vsphere Web Client View and administer vcloud Air services Manage inventory of virtual data centers, gateways and networks Create and manage virtual machines Benefits Manage hybrid cloud from a single pane of glass Maximize your existing investments and processes Leverage existing skillsets and retain the same teams and to manage both on-prem and off-prem
Cloud Automation for Multi-Cloud Infrastructure HYBRID MANAGEMENT vrealize Automation Self - Service Policy-Based Governance with Automated Delivery IaaS PaaS DaaS XaaS PHYSICAL VIRTUAL CLOUD Linux Windows vsphere Other Hypervisor VCLOUD AIR Cloud Providers
Advanced Networking Capabilities
Current Edge Gateway Capabilities in vcloud Air NETWORKING NSX EDGE GATEWAY Stateful Inspection Firewall Network Address Translations (NAT) DHCP Site to Site VPN (IPSec) Static Routing Load Balancer L4/L7 9 Interfaces (vcloud Air Network) (vcloud Air Network) vcloud Air
New NSX Edge Gateway Capabilities in vcloud Air NETWORKING NSX EDGE GATEWAY (vcloud Air Network) Stateful Inspection Firewall Network Address Translations (NAT) DHCP Site to Site VPN (IPSec) Static Routing Dynamic Routing OSPF, BGP Load Balancer L4/L7 SSL Certificate Offloading SSL VPN (Client to Server) 200 Sub-Interfaces Distributed Firewall (vcloud Air Network) vcloud Air
Direct Connect Private Line NETWORKING Existing NSP Connections Meet Me Room (MMR) Main Distribution Frame (MDF) Untagged Layer 2 connection (1G, 10G) Customer A Layer 2 VLAN Customer B Customer C NSP Termination Point vcloud Air Connection Point
Direct Connect Cross Connect NETWORKING Customer Rack Untagged Layer 2 connection (1G, 10G) Customer A Layer 2 VLAN Customer B Customer C NSP Termination Point vcloud Air Connection Point
Reasons to Deploy Direct Connect Reason: GOOD FOR: High Throughput Low Latency Hybrid applications that require large amounts of data transfer like Big Data and/or Oracle/SAP apps Video and voice applications that are sensitive to variable latency Security Custom Compute Applications where data in transit must be secure to meet either compliance or regulatory standards Multimedia or gaming applications that require GPU processing Custom Network Applications that require special networking hardware like IDS/IPS, load balancers Custom Storage Applications that require encryption at rest or other unique storage features
Data Center Extension using NSX NETWORKING Internet Internet Uplink NSX Edge Gateway Default Router vcloud Air Client vnic Trunk VLAN 10-11 (192.168.5.0/24) (10.10.10.0/24) VLAN 10 (192.168.5.0/24) (10.10.10.0/24) VLAN 11 ON-PREMISES VLAN BACKED NETWORK vcloud AIR
Use Cases & Case Studies
Five Starting Points vcloud Air Disaster Recovery Extend Existing Applications Development / Testing Web and Mobile Apps Development Operations Simple, low cost failover and recovery 100% compatible, same security, high availability 100% compatible, lower cost, broad OS support Accelerate web and mobile app development Improve app dev productivity and quality 27
Example: Distributed Hybrid SharePoint Application NETWORKING INTERNET IPSEC VPN VPN ENDPOINT EDGE GATEWAY SharePoint Web Private Local Active Directory Corp Network SharePoint App SHAREPOINT DB SHAREPOINT DB ACTIVE DIRECTORY ON-PREMISES vcloud AIR
Example: Routed Hybrid Security with Direct Connect NETWORKING DIRECT CONNECT (1 Gbps) INTERNET 10.1.1.x/24 10.1.1.x/24 EDGE GATEWAY EDGE GATEWAY IGW IDS IPS Firewall Existing Security Policies & Appliances Private Network (192.168.50.0/24) Private Network (192.168.110.0/24) DMZ Network (192.168.52.0/24) VIRTUAL MACHINE VIRTUAL MACHINE VIRTUAL MACHINE ON-PREMISES vcloud AIR
Example: Mobile Back End leveraging Direct Connect Customer Data Center vcloud Air Direct Connect Internet
Example: Global load Balancing with 3 rd Party Traffic Director EDGE GATEWAY Internet EDGE GATEWAY Pool Servers 192.168.109.11 192.168.109.12 192.168.109.13 Pool Servers 192.168.205.11 192.168.205.12 192.168.205.13 Virtual Private Cloud (West) Virtual Private Cloud (East)
Cloud to Cloud VPN Example: TM Lab Global Site Based Logical Architecture Cloud to Cloud VPN Cloud to Cloud VPN Dedicated Cloud Las Vegas Dedicated IaaS vdc LV IPSec VPN vmtm.org Cloud to Cloud VPN Disaster Recovery Cloud Texas Dedicated Cloud DaaS Dedicated DaaS vdc LV IPSec VPN DaaS Secure Tunnel vcloud Air-DR Replication Virtual Private Cloud Sterling Virtual Private Cloud Las Vegas vdc DaaS Provider On Premises in WDC corp.vmtm.org IPSec VPN
Disaster Recovery Use Case
vcloud Air Disaster Recovery What is it? Simple and secure asynchronous replication and failover for vsphere Warm standby capacity on vcloud Air Self-service protection, failover and failback workflows per VM 15 min 1 24 hr. recovery point objective (RPO) Initial data seeding by shipping a disk Includes: 7-day run time per DR test 30 days of recovered VM run time SITE A (PRIMARY) vcloud AIR, SITE B (RECOVERY) DR Instance 1 Dependent on available bandwidth 34
Disaster Recovery Add-On Options Standard Storage, Support, Bandwidth Compute (subscription) Compute (one time) IP Address Offline Data Transfer Direct Connect
Example: Disaster Recovery to the Cloud IPSEC VPN IPSEC VPN IPSEC VPN Endpoint Domain Network EDGE GATEWAY Domain Network AD DNS AD DNS Corp Network EDGE GATEWAY Test Network VPC OnDemand (Virgina) On-Premises Data Center (San Francisco) PROTECTED WORKLOADS REPLICATION Corp/Recovery Network vcloud Air Disaster Recovery (Virgina) vcloud Air
Q&A
THANK YOU! CONFIDENTIAL 38
Next Steps and Resources Learn more about vcloud Air http://vcloud.vmware.com http://vcloud.vmware.com/tutorials vcloud Air Customer Stories http://vcloud.vmware.com/uses/our_customers Experience vcloud Air Hands-On http://www.vmware.com/go/testdrive Keep up with the Latest Activity http://blogs.vmware.com/vcloud