VMware vCloud Director Overview - EDV-Design

VMware vCloud Director OverviewIvan Lagler, Systems EngineerVMware Switzerland GmbHConfidential© 2009 VMware Inc. All rights reserved

AgendaProduct OverviewWhat’s New in vCloud Director 1.52 Confidential

VMware Accelerating the Journey to CloudCloud Computing is an approach to computing that leverages the efficient poolingof on-demand, self-managed virtual infrastructure, consumed as a service.Efficiency thru Utilizationand AutomationAgility with ControlFreedom of ChoicePoolingFrom machines to highlyelastic resource pools, with ondemandcapacityZero-Touch InfrastructurePolicy-driven automation ofprovisioning, deployment andmanagementSelf-ServiceEasy access with policybasedprovisioning anddeploymentControlApplication-awareinfrastructure with built-inavailability, scalability, securityand performance guaranteesOpen & InteroperableApplication mobility betweenclouds, based on openstandardsLeverage ExistingInvestmentsBenefits of cloud computing toexisting applications anddatacenters3 Confidential

From vSphere to Cloud InfrastructurePhysicalvSphereResourceGroupings:Provider vDCOrg ResourceAllocationOrg: FinanceProvisioning PoliciesAccess ControlHostResource PoolvDCsGroupResourcesintoGold” Gold vDCCatalogsSANDatastore“ServiceTiers” withSpecificcostsOrg: SalesProvisioning PoliciesAccess ControlvDCsNetworkPort GroupSilverCatalogsVMware vCloud Director4 Confidential

§ VMware Cloud Components and Licensing§ VMware Cloud Architecture§ Deploying a VMware Cloud5 Confidential

VMware Cloud Components§ VMware vSphere and vCenter Servers§ VMware vCloud Director§ vShield for VMware Cloud Director§ Chargeback Server6 Confidential

VMware vSphere and vCenter Server§ Clusters and Resource Pools• Provide cloud compute• DRS is a requirement for the cluster• Shared storage• vMotion compatible or EVC enabled§ DatastoresvCenter ServervSphere Cluster/Resource PoolvNetwork Distributed Switch• Provide cloud storage• Abstract away underlying storagetype§ PortgroupsESXi/ESX hosts• Provide cloud networking• Abstract away underlyingnetworking infrastructure• vSwitch, vNetwork DistributedSwitch or Nexus 1000VFC StorageiSCSI StorageNFS Storage7 Confidential

VMware vCloud Director§ Define standard infrastructuretiers called Virtual Datacenters• Pool virtualized infrastructureresources across multiple vCenterServers§ Define standard collections ofVMs called vApps§ Create Organizations andmanage users with RBAC§ Provide UI for users to selfprovision vApps into VirtualDatacenters§ Provide secure multi-tenancyusing vShield Edge8 Confidential

VMware vCloud Director Installation and Licensing§ Installs on RHEL 5 U4 or higher64-bit machine§ VMware vCloud Directorsupports• VMware vSphere Editions• VMware vSphere Enterprise*• VMware vSphere Enterprise Plus• VMware vCenter Server Editions• VMware vCenter Server 4.0 Standard• Minimum requirements• vSphere and vCenter Server versions4.0 U2 and 4.1.vCenter ServerVMware vCloudDirectorVMware vCloud Director licensed by concurrentpowered-on VMs managed by VCD*vSphere Enterprise will not support VLAN backed Network Pools and VMware vCloud Director Network Isolation (VCDNI) backed Network Pools9 Confidential

Oracle Database§ Oracle 10g/11g Standard or Enterprise database• Oracle Express is not supported• Will work for small test/dev, POC type deployments• See Express database memory and storage restrictions on Oracle website§ Database can be run physical or in a virtual machine§ Ensure that the database is backed up and replicated• Consult with your favorite DBA§ Sizing requirement guidelinesDatabase size VMs Users Orgs173 MB 7943 4096 3854343 MB 12793 4918 3951443 MB 16443 11450 502210 Confidential

VMware vShield for VMware vCloud Director§ VMware vShield Edge provides end point security• Available for download with vSphere Enterprise and Enterprise Plus.§ One vShield Manager required per vCenter Server• Provides network edge security• Provides firewall, NAT, port forwarding, IP masquerading and DHCPfunctionality (enforces multi-tenancy)• Edge appliances deployed and managed by VMware vCloud Director onvSphere.• Separate client not required.• Does not require separate database11 Confidential

VMware Chargeback Manager 1.5§ Associate costs and bill forVMware vCloud Director usage• Uses vCloud data collectors tocollect billable events from VMwarevCloud Director database• Uses vCenter data collectors tocollect usage data for vCenterServers providing resources§ Database• SQL Server 2005 and 2008• Oracle 10g/11g Ent. or Std.§ Built-in load balancer• Create new Chargeback servers toscale with the cloud§ Licensed per VM12 Confidential

§ VMware Cloud Components and Licensing§ VMware Cloud Architecture§ Deploying a VMware Cloud13 Confidential

VMware Cloud Architecture14 Confidential

§ VMware Cloud Components and Licensing§ VMware Cloud Architecture§ Deploying a VMware Cloud15 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback16 Confidential

Install and protect VMware Cloud components§ Create a Management Cluster• Verify DNS, AD, NTP availabilityand redundancy• Install vCloud Director Server on aManagement Cluster• vCloud Director Server• load balancer (if using >1 cell)• Database• vShield Manager virtual appliance• Chargeback Server• Chargeback SQL Server• Protect using HA, DRS and SRM.• Backup Management VMs viastorage level backups or vDR.• Backup the Databases• Use VUM to patch hostsManagement clusterESXi/ESX Servers17 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• vCenter Servers• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback18 Confidential

VMware vCloud Director web portal§ Provides a convenient webbased portal for• Cloud administrators to deploy andmanage cloud resources• End users to use cloud resources§ Web based – works with anystandard browser§ Rich Flash based UI experience19 Confidential

Cloud Personas§ Cloud Administrator• Deploy and manage cloud infrastructure• Add vCenter Servers• Create Provider VDCs, External Networks and Network Pools• Create Organizations• Create Organization VDCs and Organization Networks§ Organization Administrator• Organization user and roles management• Creating catalogs• Managing organization policies leases, quotas and limits• Setting up org specific SMTP settings and org specific domain to join§ End Users• Use vApps from catalogs• Create vApp networks20 Confidential

Add vCenter Servers§ VMware vCloud Directorsupports multiple vCenterServers§ vCenter Servers provide• Compute via Clusters andResource Pools• Storage via Datastores• Networks via portgroups andvNetwork Distributed Switches§ Requires vCenter user withadmin credentials§ Requires vShield Managerconnected to vCenter Server21 Confidential

Create Provider Virtual Data Centers (VDC)§ Combine compute and storageinto standard offerings• Created by Cloud administrator§ To create Provider VDC• Select a Resource Pool/Cluster• Select datastores that you wish toattach to the Provider VDC.• Max of 256 datastores per Provider VDC§ Choose from across inventoryof vCenter Servers§ VMware vCloud Directorprepares each host in thecluster by installing an agent.Host does not require reboot.22 Confidential

Examples of Provider VDCs§ Use Provider VDCs to offer tiered compute and storage• Fast, medium, slow compute and storage• Silver (SATA), Gold (FC), Platinum (EFD), Unobtainium (aggregate) storage• Nehalem based clusters, AMD based clusters§ Create a Provider VDC per tier of compute and storage you wish tooffer to users23 Confidential

Types of Network Pools§ Portgroup-backed• Create isolated portgroups in vSphere manually or with automation• Attach a collection of them to VMware vCloud Director§ VLAN-backed• VMware vCloud Director will automatically create portgroups as needed,and use a range of VLANs to isolate them§ VMware vCloud Director Network Isolation-backed• Proprietary network isolation technologyNetwork PoolBuilding BlocksVLAN BackedvNetwork Distributed Switch+ VLAN tagsVCDNIvNetwork Distributed Switch+ one VLAN for transportPortgroup backed vNetwork Distributed Switch or vSwitch portgroups24 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• Adding vCenter Servers• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback25 Confidential

Create Organizations§ Unit of tenancy§ Isolate groups or users or lines ofbusiness from each other• E.g. Finance and IT• created by Cloud administrator§ Users on boarded to organizations§ Each organization has a unique URL inthe VMware vCloud Director system26 Confidential

Authentication and RBAC§ 3 Ways to Manage Users• Local Users• Simplest. User auth stored in DB• One LDAP server for entirecloud• E.g. corporate Active Directory• Organizations = OUs• LDAP server per-organization§ Users & Groups assignedRoles• Roles = collection of rights• Create new or edit existing roles27 Confidential

Leases, Quotas and Limits§ Exercise control via leases,quotas and limits§ Set by Organizationadministrator• Lease – Length of time that a usercan use a vApp in a VDC• Runtime and storage lease• Quotas• Running VM Quota• Stored VM Quota• Limits• Heavy operations• Per user• Per Org• Simultaneous connection per VM28 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• Adding vCenter Servers• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback29 Confidential

Create Organization VDCs§ Allocate resources toorganizations usingOrganization VDCsOrg 1 Org 2§ Org VDCs are allocated fromProvider VDCs• Can be as large as a Provider VDC• All Organization VDCs in a ProviderVDC are the same tier of serviceOrg 1PremiumOrganizationVDCPremiumProvider VDCOrg 2 Premium OrganizationVDC• Each organization VDC representsa tier of service• SLA• Cost§ vApps run in Org VDCsCommodity ProviderVDCPremiumProvider VDCOtherProvider VDC30 Confidential

Create Organization Networks§ Provide connectivity to workloads running inside an organizationNetworkFeaturesInternalConnectivity to vApps within the organization. No external connectivityExternal RoutedConnectivity to vApps and services on a shared external network. vShield Edge device is deployed outsidethe organization to provide NAT and firewall services for vApps inside the organizationExternal Direct ConnectConnectivity to vApps and services on a shared external network. vApps get IP addresses on the externalnetwork. No NAT or firewall exists between the organization vApps and other vApps on the ExternalNetwork31 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• Adding vCenter Servers• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback32 Confidential

Catalogs§ Catalogs are collections of vApps andmedia created & owned by Organizations• Can be shared (to the org) & published (to thewhole cloud)Linux TemplatesWindows TemplatesEngineering vAppsBasic MediaCatalog§ Examples:• Infrastructure as a Service Catalogs• Empty Small, medium and large VMs/vApps.• Pre-installed Windows & Linux VMs• OS Media files (ISO, floppy images)• App catalogsIT - Oracle vAppsPremiumMedia Catalog• Corp standard Database servers, application servers• If post deploy configurations are needed, guest customizationin VCD can run custom scripts33 Confidential

vApps§ Container of one or more VMs• Package up multi-tier applicationsinto vApps• Operate on VMs as one unit• Select boot order of VMs, startdelays and stop delays• Set runtime and storage leases§ Can be created from scratch• Building blocks templates in thecatalog§ Can be imported from outsidethe cloudAvailability =99.99%Security = HighPerformance =msecSLA DefinitionsAppOSvAppAppOS§ Uses the OVF standardApp• Captures meta data about the VMsOS• Allows import and export betweenclouds in standard format34 Confidential

Deploying a VMware Cloud§ Setting up Management Cluster§ Setting up Cloud resources• Adding vCenter Servers• Provider VDC• External Networks• Network Pools§ Setting up Organizations• Setting up Users, roles and previliges• Setting up Policies§ Setting up Organizational Resources• Organization VDC• Organization Networks§ Setting up Catalogs of vApps and Media§ Setting up Chargeback35 Confidential

Chargeback§ Manage cloud organizationsand workloads via heirarchies§ Attach cost models§ Generate usage and billingreports36 Confidential

Connecting Chargeback to the Cloud§ Install Chargeback datacollectors for• vCenter Server• VMware vCloud Director• vShield Manager§ Add Cloud vCenter Server toChargeback Server37 Confidential

Setting up Heirarchies§ Chargeback automaticallycreates heirarchies fororganizations created inVMware vCloud Director§ Under each organization, fourtop level folders are created• Allocation Pool• Reservation Pool• Pay-As-You-Go• Networks§ Any changes made toOrganization VDCs will bereflected in Chargebackheirarchy38 Confidential

Cost Models§ Chargeback ships with a set ofcost models pre-defined for eachVMware vCloud Directorresource allocation model§ vCloud Allocation Pool§ vCloud Reservation Pool§ vCloud Pay-As-You-Go§ vCloud Networking39 Confidential

Reports§ Generate reports by selectingobjects in Chargebackheirarchy• Organization level usage and costreport• VM level usage and cost report• Network and bandwidth usage andcost report40 Confidential

Infrastructure-as-a-Service (IaaS)§ Access vApps from Homescreen§ Browse catalogs§ Copy to “My Cloud”§ Access VM consoles fromwithin browser41 Confidential

What’s New: vCloud Director 1.5?42 Confidential

What’s New in vCloud Director 1.5Most Agile Access toCloud Infrastructure§ Fast Provisioning (Linked Clones)§ vApp Custom Guest Properties§ Cisco Nexus 1000V Integration§ GlobalizationSecure Isolation andSimple Management§ vCloud Messages§ Microsoft SQL Server Support§ Expanded vCloud API and SDKs§ vSphere 5 supportThe Only Hybrid CloudInfrastructure§ vShield Edge VPN Integration43 Confidential

Fast Provisioning Using Linked ClonesOverview• Provisions new VMs from a templatewithout replicating the entire image• Instead, links the images (clones) so thatcommon elements are stored only oncevmdk vmdk vmdkBenefitsvmdkTemplate• Dramatically speeds up provisioning timefrom >2 minutes to

vApp Custom Guest PropertiesOverview3• Allows developers and other users toeasily pass user data into guest OSesusing OVF descriptors.12DeploymentConfigurationvAppvSphere• Parameters available using VMware tools,on an ISO, or in the XML for the vAppDeployOVF PackageBenefitsOVF Package• Easier post-deployment configuration &provisioning of identity to VMs & vApps• Provides functionality to bootstrap a widevariety of guest customization solution45 Confidential

vCloud MessagesOverview• Connect vCloud Director to enterprisesystems through messaging to rapidlycreate end-to-end system integrationsBenefits• Integrate vCloud Director with existing ITmanagement toolsCMDB IPAM Ticketing• Reduce the cost of manually buildingintegrations46 Confidential

Questions?47 Confidential