Transcription
VMUG - vCloud Air Deep Dive 2014 VMware Inc. All rights reserved.
Agenda1Overview of vCloud Air2Advanced Networking Capabilities3Use Cases4Overview of Disaster Recovery Service5Questions2
VMware vCloud AirTechnical Overview
vCloud Air OfferingsVMware vCloud Air is a secure public cloud operated by VMware, built on thetrusted foundation of vSphere.The service supports both existing workloads as well as new application development,giving IT a common platform to seamlessly extend their data center to the cloudleveraging the same tools and processes they use today.
vCloud Air Core ServicesService ClassConsumptionModelShared tionMulti-Tenant
vCloud Air Subscription ServicesTerm Lengths:1m, 3m, 12m, 24m, 36m subscriptionsDedicated CloudVirtual Private CloudDisaster RecoveryPhysically IsolatedYour Own Private CloudInstanceLogically IsolatedGuaranteed ResourceAllocationLogically IsolatedBusiness ContinuitySolutionBase Resources: 120GB vRAM 30GHz vCPUBase Resources: 20GB vRAM 10GHz vCPUBase Resources: 20GB vRAM 10GHz vCPUStarts at: 6 TBStarts at: 2 TBStarts at: 1 TB 50 Mbps allocated 1 Gbps burstable 3 Public IPs 10 Mbps allocated 50 Mbps burstable 2 Public IPs 10 Mbps allocated 50 Mbps burstable 2 Public IPs66
Virtual Private Cloud: Subscription vs. OnDemandSubscriptionFixed Size (Subscription)Shared Compute ResourcesOnDemandShrink and Extend OnDemandShared Compute Resources
vCloud Air LocationsUS New JerseyUS VirginiaUS Gov VirginiaUS Northern CaliforniaUS NevadaUS Gov ArizonavCloud AirEurope UKEurope GermanyJapan WestUS TexasAustraliavCloud Government Service8
Challenges of Realizing a True Hybrid CloudDiverse set of platforms and incompatibility, raise costs and complexityData Center OptionsCUSTOMER’SDATA CENTERCUSTOMHOSTINGCO-LOCATIONSERVICEPublic Cloud ServiceInelastic consumptionHeterogeneous toolsComplex networkingNo authenticationNo common governanceNo common security modelIaaSMANAGEDSERVICEDiverse set of standardsIncompatible platform9
True Hybrid CloudLeverage the economics of IaaS. Run your data center like an IaaS.Data Center OptionsCUSTOMER’SDATA RVICEPublic Cloud ServiceElastic Consumption ModelCommon ManagementSeamless NetworkingCommon AuthenticationCommon Governance, BillingCommon Security ModelvAPPCommon Platform10
Run Any OS, Any App, Any PlatformCOMPUTEOverview Runs the largest number of guest operatingsystems: Multiple generations of Windows/LinuxBoth 32- and 64-bitWorkload agnostic approach with broad range ofISV supportBenefits Run legacy existing apps and net-new apps onpremises and in the cloud Run industry-specific software supported onvSphere
Hybrid Connectivity into vCloud AirOverviewWWW HTTPS / IPsec VPNOver the Internet: Over Direct Connect: Direct ConnectHTTPS or IPsec VPNPrivate Line or Cross ConnectBenefitsON-PREMISESvCLOUD AIR Multiple options for securely accessing vCloud Airfrom your on-premises data center No added cost for high bandwidth VPN endpoint Integrate with large set of Network ServiceProviders for high bandwidth private connections
Network Virtualization in vCloud AirWWWOverviewEDGE GATEWAYTest/Dev Network Available services include: Firewall, NAT routing, DHCP, load balancer Create routed and isolated networks, static routes Designed with Active/Standby High AvailabilityVirtualApplianceBenefitsIsolated NetworkDMZvCLOUD AIR Mirror on-premises networking policies and avoidreconfiguring applications All software-defined for rapid changing app &security needs Safeguard security and support advanced policies
Simple Migration of vSphere Workloads into the CloudOverviewOVF OVF Import using built-in Java applet vCloud Connector for transferring workloads andcatalog synchronization Offline Data Transfer with vCloud Connector forlarge data transfersCustomerData CenterBenefits Flexibility to move apps on- or off-premises asdesired; no location lock-in No reformatting of virtual machines required Manage all environments through a unified view
vCloud Connector:Migration of Workloads Across Hybrid CloudsvSphere ClientClientControl PlanevCC UI PluginContentLibraryvCC ServervSphereNodeNodePrivatevCloudNodeNodevCloud AirNetworkData PlaneON-PREMISESvCloud AirOFF-PREMISES
vCloud Air vSphere Client Plug-in:Single Pane of Glass Management Across Hybrid CloudsHYBRIDMANAGEMENTOverview Free plug-in for vSphere Web Client View and administer vCloud Air services Manage inventory of virtual data centers,gateways and networks Create and manage virtual machinesBenefits Manage hybrid cloud from a “single pane ofglass” Maximize your existing investments andprocesses Leverage existing skillsets and retain the sameteams and to manage both on-prem and off-prem
Cloud Automation for Multi-Cloud InfrastructureHYBRIDMANAGEMENTvRealize AutomationSelf - ServicePolicy-Based Governance with Automated wsvSphereXaaSOtherHypervisorVCLOUD AIRCloud Providers
Advanced NetworkingCapabilities
Current Edge Gateway Capabilities in vCloud AirNETWORKINGNSX EDGE GATEWAY(vCloud Air Network) Stateful Inspection FirewallNetwork Address Translations (NAT)DHCPSite to Site VPN (IPSec)Static RoutingLoad Balancer L4/L79 Interfaces(vCloud Air Network)vCloud Air
New NSX Edge Gateway Capabilities in vCloud AirNETWORKINGNSX EDGE GATEWAY(vCloud Air Network) Stateful Inspection FirewallNetwork Address Translations (NAT)DHCPSite to Site VPN (IPSec)Static RoutingDynamic Routing OSPF, BGPLoad Balancer L4/L7SSL Certificate OffloadingSSL VPN (Client to Server)200 Sub-InterfacesDistributed Firewall(vCloud Air Network)vCloud Air
Direct Connect – Private LineExisting NSPConnectionsNETWORKING“Meet Me Room” (MMR)“Main Distribution Frame” (MDF)Untagged Layer 2connection(1G, 10G)Customer ALayer 2VLANCustomer BCustomer CNSP TerminationPointvCloud AirConnection Point
Direct Connect – Cross ConnectNETWORKINGCustomerRackUntagged Layer 2connection(1G, 10G)Customer ALayer 2VLANCustomer BCustomer CNSP TerminationPointvCloud AirConnection Point
Reasons to Deploy Direct ConnectGOOD FOR:Reason:High ThroughputLow LatencySecurity Hybrid applications that require large amounts of data transfer like Big Dataand/or Oracle/SAP apps Video and voice applications that are sensitive to variable latency Applications where data in transit must be secure to meet either complianceor regulatory standardsCustom Compute Multimedia or gaming applications that require GPU processingCustom Network Applications that require special networking hardware like IDS/IPS, loadbalancersCustom Storage Applications that require encryption at rest or other unique storage features
Data Center Extension using NSXNETWORKINGInternetInternetUplinkDefault RoutervCloud AirClientvNICTrunk VLAN 10-11(192.168.5.0/24)VLAN 10NSX Edge 24)VLAN 11ON-PREMISES VLAN BACKED NETWORKvCLOUD AIR
Use Cases & Case Studies
Five Starting PointsvCloudAirDisasterRecoveryExtend ExistingApplicationsDevelopment /TestingWeb andMobile AppsDevelopmentOperationsSimple, low costfailover andrecovery100% compatible,same security,high availability100% compatible,lower cost, broadOS supportAccelerate weband mobile appdevelopmentImprove app devproductivity andquality27
Example: Distributed Hybrid SharePoint ApplicationNETWORKINGINTERNETIPSEC VPNEDGE GATEWAYVPN ENDPOINTSharePoint WebPrivate LocalActive DirectoryCorp NetworkSharePoint ORYvCLOUD AIR
Example: Routed Hybrid Security with Direct ConnectDIRECT CONNECT (1 Gbps)INTERNET10.1.1.x/24EDGE GATEWAYIGWIDS10.1.1.x/24EDGE GATEWAYPrivate Network(192.168.50.0/24)IPSFirewallExisting Security Policies & AppliancesDMZ Network(192.168.52.0/24)Private INEON-PREMISESVIRTUALMACHINEvCLOUD AIRNETWORKING
Example: Mobile Back End leveraging Direct ConnectCustomer Data CentervCloud AirDirect ConnectInternet
Example: Global load Balancing with 3rd PartyTraffic DirectorInternetEDGE GATEWAYEDGE GATEWAYPool ool irtual Private Cloud (West)Virtual Private Cloud (East)
Example: TM Lab Global Site Based Logical ArchitectureCloud to Cloud VPNCloud to Cloud VPNDedicated IaaS vDC LVCloud to Cloud VPNDedicatedCloudLas VegasDedicatedCloudDedicated DaaS vDC LVDaaSvmtm.orgIPSec VPNDisaster RecoveryCloudTexasCloud to Cloud VPNIPSec VPNvCloud Air-DRReplicationDaaS Secure TunnelVirtual Private CloudSterlingVirtual PrivateCloudLas Vegas vDCDaaS ProviderIPSec VPNOn Premises in WDCcorp.vmtm.org
Disaster Recovery Use Case
vCloud Air Disaster RecoveryWhat is it?Simple and secure asynchronous replication and failover for vSphere Warm standby capacity on vCloud Air Self-service protection, failover and failbackworkflows per VM 15 min1 – 24 hr. recovery point objective (RPO) Initial data seeding by shipping a disk Includes: SITE A(PRIMARY)vCLOUD AIR , SITE B(RECOVERY)7-day run time per DR test30 days of recovered VM run timeDR Instance1Dependenton available bandwidth34
Disaster Recovery Add-On Options Standard Storage, Support, Bandwidth Compute (subscription) Compute (one time) IP Address Offline Data Transfer Direct Connect
Example: Disaster Recovery to the CloudIPSEC VPNIPSEC VPNEDGEGATEWAYIPSEC VPN EndpointDomain NetworkADDomain NetworkADDNSEDGEGATEWAYCorp NetworkTest NetworkREPLICATIONPROTECTEDWORKLOADSOn-Premises Data Center(San Francisco)Corp/RecoveryNetworkvCloud Air Disaster Recovery(Virgina)vCloud AirDNSVPC OnDemand(Virgina)
Q&A
THANK YOU!CONFIDENTIAL38
Next Steps and ResourcesLearn more about vCloud m/TutorialsvCloud Air Customer Storieshttp://vcloud.vmware.com/uses/our customersExperience vCloud Air Hands-Onhttp://www.vmware.com/go/testdriveKeep up with the Latest Activityhttp://blogs.vmware.com/vcloud
Network Virtualization in vCloud Air Mirror on-premises networking policies and avoid reconfiguring applications All software-defined for rapid changing app & security needs Safeguard security and support adv
