presentation v mware v-cloud director overview
TRANSCRIPT
© 2009 VMware Inc. All rights reserved
Confidential
VMware vCloud Director Overview
Ivan Lagler, Systems Engineer
VMware Switzerland GmbH
3 Confidential
VMware Accelerating the Journey to Cloud
Cloud Computing is an approach to computing that leverages the efficient pooling of on-demand, self-managed virtual infrastructure, consumed as a service.
Pooling From machines to highly elastic resource pools, with on-demand capacity Zero-Touch Infrastructure Policy-driven automation of provisioning, deployment and management
Self-Service Easy access with policy- based provisioning and deployment Control Application-aware infrastructure with built-in availability, scalability, security and performance guarantees
Open & Interoperable Application mobility between clouds, based on open standards Leverage Existing Investments Benefits of cloud computing to existing applications and datacenters
Efficiency thru Utilization and Automation Agility with Control Freedom of Choice
4 Confidential
Gold” vDC
Physical
Group Resources
into
“Service Tiers” with
Specific costs
Resource Groupings:
Provider vDC
Org Resource Allocation
Org: Finance
Access Control
vDCs
Catalogs
Provisioning Policies
Org: Sales
Access Control
vDCs
Catalogs
Provisioning Policies
Host
Network
SAN
vSphere
Resource Pool
Datastore
Port Group
VMware vCloud Director
Gold
Silver
From vSphere to Cloud Infrastructure
5 Confidential
§ VMware Cloud Components and Licensing § VMware Cloud Architecture § Deploying a VMware Cloud
6 Confidential
VMware Cloud Components
§ VMware vSphere and vCenter Servers § VMware vCloud Director § vShield for VMware Cloud Director § Chargeback Server
7 Confidential
VMware vSphere and vCenter Server
§ Clusters and Resource Pools • Provide cloud compute • DRS is a requirement for the cluster
• Shared storage • vMotion compatible or EVC enabled
§ Datastores • Provide cloud storage • Abstract away underlying storage
type
§ Portgroups • Provide cloud networking • Abstract away underlying
networking infrastructure • vSwitch, vNetwork Distributed
Switch or Nexus 1000V
FC Storage
vNetwork Distributed Switch
vSphere Cluster/Resource Pool
iSCSI Storage NFS Storage
vCenter Server
ESXi/ESX hosts
8 Confidential
VMware vCloud Director
§ Define standard infrastructure tiers called Virtual Datacenters • Pool virtualized infrastructure
resources across multiple vCenter Servers
§ Define standard collections of VMs called vApps
§ Create Organizations and manage users with RBAC
§ Provide UI for users to self provision vApps into Virtual Datacenters
§ Provide secure multi-tenancy using vShield Edge
9 Confidential
VMware vCloud Director Installation and Licensing
§ Installs on RHEL 5 U4 or higher 64-bit machine
§ VMware vCloud Director supports • VMware vSphere Editions
• VMware vSphere Enterprise* • VMware vSphere Enterprise Plus
• VMware vCenter Server Editions • VMware vCenter Server 4.0 Standard
• Minimum requirements • vSphere and vCenter Server versions
4.0 U2 and 4.1.
VMware vCloud Director licensed by concurrent
powered-on VMs managed by VCD
vCenter Server VMware vCloud
Director
*vSphere Enterprise will not support VLAN backed Network Pools and VMware vCloud Director Network Isolation (VCDNI) backed Network Pools
10 Confidential
Oracle Database
§ Oracle 10g/11g Standard or Enterprise database • Oracle Express is not supported
• Will work for small test/dev, POC type deployments • See Express database memory and storage restrictions on Oracle website
§ Database can be run physical or in a virtual machine § Ensure that the database is backed up and replicated
• Consult with your favorite DBA
§ Sizing requirement guidelines
Database size VMs Users Orgs 173 MB 7943 4096 3854 343 MB 12793 4918 3951 443 MB 16443 11450 5022
11 Confidential
VMware vShield for VMware vCloud Director
§ VMware vShield Edge provides end point security • Available for download with vSphere Enterprise and Enterprise Plus.
§ One vShield Manager required per vCenter Server • Provides network edge security • Provides firewall, NAT, port forwarding, IP masquerading and DHCP
functionality (enforces multi-tenancy)
• Edge appliances deployed and managed by VMware vCloud Director on vSphere. • Separate client not required.
• Does not require separate database
12 Confidential
VMware Chargeback Manager 1.5
§ Associate costs and bill for VMware vCloud Director usage • Uses vCloud data collectors to
collect billable events from VMware vCloud Director database • Uses vCenter data collectors to
collect usage data for vCenter Servers providing resources
§ Database • SQL Server 2005 and 2008
• Oracle 10g/11g Ent. or Std.
§ Built-in load balancer • Create new Chargeback servers to
scale with the cloud
§ Licensed per VM
13 Confidential
§ VMware Cloud Components and Licensing § VMware Cloud Architecture § Deploying a VMware Cloud
15 Confidential
§ VMware Cloud Components and Licensing § VMware Cloud Architecture § Deploying a VMware Cloud
16 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• Provider VDC • External Networks
• Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC • Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
17 Confidential
Install and protect VMware Cloud components
§ Create a Management Cluster • Verify DNS, AD, NTP availability
and redundancy
• Install vCloud Director Server on a Management Cluster • vCloud Director Server
• load balancer (if using >1 cell) • Database • vShield Manager virtual appliance • Chargeback Server • Chargeback SQL Server
• Protect using HA, DRS and SRM.
• Backup Management VMs via storage level backups or vDR.
• Backup the Databases • Use VUM to patch hosts
Management cluster
ESXi/ESX Servers
18 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• vCenter Servers • Provider VDC
• External Networks • Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
19 Confidential
VMware vCloud Director web portal
§ Provides a convenient web based portal for • Cloud administrators to deploy and
manage cloud resources
• End users to use cloud resources
§ Web based – works with any standard browser
§ Rich Flash based UI experience
20 Confidential
Cloud Personas
§ Cloud Administrator • Deploy and manage cloud infrastructure • Add vCenter Servers
• Create Provider VDCs, External Networks and Network Pools • Create Organizations
• Create Organization VDCs and Organization Networks
§ Organization Administrator • Organization user and roles management • Creating catalogs
• Managing organization policies leases, quotas and limits • Setting up org specific SMTP settings and org specific domain to join
§ End Users • Use vApps from catalogs
• Create vApp networks
21 Confidential
Add vCenter Servers
§ VMware vCloud Director supports multiple vCenter Servers
§ vCenter Servers provide • Compute via Clusters and
Resource Pools
• Storage via Datastores • Networks via portgroups and
vNetwork Distributed Switches
§ Requires vCenter user with admin credentials
§ Requires vShield Manager connected to vCenter Server
22 Confidential
Create Provider Virtual Data Centers (VDC)
§ Combine compute and storage into standard offerings • Created by Cloud administrator
§ To create Provider VDC • Select a Resource Pool/Cluster
• Select datastores that you wish to attach to the Provider VDC. • Max of 256 datastores per Provider VDC
§ Choose from across inventory of vCenter Servers
§ VMware vCloud Director prepares each host in the cluster by installing an agent. Host does not require reboot.
23 Confidential
Examples of Provider VDCs
§ Use Provider VDCs to offer tiered compute and storage • Fast, medium, slow compute and storage • Silver (SATA), Gold (FC), Platinum (EFD), Unobtainium (aggregate) storage
• Nehalem based clusters, AMD based clusters
§ Create a Provider VDC per tier of compute and storage you wish to offer to users
24 Confidential
Types of Network Pools
§ Portgroup-backed • Create isolated portgroups in vSphere manually or with automation • Attach a collection of them to VMware vCloud Director
§ VLAN-backed • VMware vCloud Director will automatically create portgroups as needed,
and use a range of VLANs to isolate them
§ VMware vCloud Director Network Isolation-backed • Proprietary network isolation technology
Network Pool Building Blocks
VLAN Backed + VLAN tags
VCDNI + one VLAN for transport
Portgroup backed or portgroups vSwitch vNetwork Distributed Switch
vNetwork Distributed Switch
vNetwork Distributed Switch
25 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• Adding vCenter Servers • Provider VDC
• External Networks • Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
26 Confidential
Create Organizations
§ Unit of tenancy § Isolate groups or users or lines of
business from each other • E.g. Finance and IT
• created by Cloud administrator
§ Users on boarded to organizations § Each organization has a unique URL in
the VMware vCloud Director system
27 Confidential
Authentication and RBAC
§ 3 Ways to Manage Users • Local Users
• Simplest. User auth stored in DB
• One LDAP server for entire cloud • E.g. corporate Active Directory • Organizations = OUs
• LDAP server per-organization
§ Users & Groups assigned Roles • Roles = collection of rights
• Create new or edit existing roles
28 Confidential
Leases, Quotas and Limits
§ Exercise control via leases, quotas and limits
§ Set by Organization administrator • Lease – Length of time that a user
can use a vApp in a VDC • Runtime and storage lease
• Quotas • Running VM Quota • Stored VM Quota
• Limits • Heavy operations
• Per user • Per Org
• Simultaneous connection per VM
29 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• Adding vCenter Servers • Provider VDC
• External Networks • Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
30 Confidential
Create Organization VDCs § Allocate resources to
organizations using Organization VDCs
§ Org VDCs are allocated from Provider VDCs • Can be as large as a Provider VDC • All Organization VDCs in a Provider
VDC are the same tier of service • Each organization VDC represents
a tier of service • SLA • Cost
§ vApps run in Org VDCs
Premium Provider VDC
Commodity Provider VDC
Org 1 Premium Organization VDC
Org 2 Premium Organization VDC
Org 1 Org 2
Premium Provider VDC
Other Provider VDC
31 Confidential
Create Organization Networks
§ Provide connectivity to workloads running inside an organization Network Features
Internal Connectivity to vApps within the organization. No external connectivity
External Routed Connectivity to vApps and services on a shared external network. vShield Edge device is deployed outside the organization to provide NAT and firewall services for vApps inside the organization
External Direct Connect Connectivity to vApps and services on a shared external network. vApps get IP addresses on the external network. No NAT or firewall exists between the organization vApps and other vApps on the External Network
32 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• Adding vCenter Servers • Provider VDC
• External Networks • Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
33 Confidential
Catalogs
§ Catalogs are collections of vApps and media created & owned by Organizations
• Can be shared (to the org) & published (to the whole cloud)
§ Examples:
• Infrastructure as a Service Catalogs • Empty Small, medium and large VMs/vApps.
• Pre-installed Windows & Linux VMs
• OS Media files (ISO, floppy images)
• App catalogs • Corp standard Database servers, application servers
• If post deploy configurations are needed, guest customization in VCD can run custom scripts
Linux Templates
Windows Templates
Engineering vApps Basic Media
Catalog
IT - Oracle vApps Premium Media Catalog
34 Confidential
vApps
§ Container of one or more VMs • Package up multi-tier applications
into vApps
• Operate on VMs as one unit • Select boot order of VMs, start
delays and stop delays
• Set runtime and storage leases
§ Can be created from scratch • Building blocks templates in the
catalog
§ Can be imported from outside the cloud
Availability = 99.99% Security = High Performance = msec
SLA Definitions vApp
App
OS
App
OS
App
OS
§ Uses the OVF standard • Captures meta data about the VMs • Allows import and export between
clouds in standard format
35 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster § Setting up Cloud resources
• Adding vCenter Servers • Provider VDC
• External Networks • Network Pools
§ Setting up Organizations • Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources • Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media § Setting up Chargeback
36 Confidential
Chargeback
§ Manage cloud organizations and workloads via heirarchies
§ Attach cost models § Generate usage and billing
reports
37 Confidential
Connecting Chargeback to the Cloud
§ Install Chargeback data collectors for • vCenter Server • VMware vCloud Director
• vShield Manager
§ Add Cloud vCenter Server to Chargeback Server
38 Confidential
Setting up Heirarchies
§ Chargeback automatically creates heirarchies for organizations created in VMware vCloud Director
§ Under each organization, four top level folders are created • Allocation Pool • Reservation Pool
• Pay-As-You-Go • Networks
§ Any changes made to Organization VDCs will be reflected in Chargeback heirarchy
39 Confidential
Cost Models
§ Chargeback ships with a set of cost models pre-defined for each VMware vCloud Director resource allocation model § vCloud Allocation Pool
§ vCloud Reservation Pool
§ vCloud Pay-As-You-Go
§ vCloud Networking
40 Confidential
Reports
§ Generate reports by selecting objects in Chargeback heirarchy • Organization level usage and cost
report
• VM level usage and cost report • Network and bandwidth usage and
cost report
41 Confidential
Infrastructure-as-a-Service (IaaS)
§ Access vApps from Home screen
§ Browse catalogs § Copy to “My Cloud” § Access VM consoles from
within browser
43 Confidential
What’s New in vCloud Director 1.5
Most Agile Access to Cloud Infrastructure § Fast Provisioning (Linked Clones)
§ vApp Custom Guest Properties
§ Cisco Nexus 1000V Integration
§ Globalization
Secure Isolation and Simple Management § vCloud Messages
§ Microsoft SQL Server Support
§ Expanded vCloud API and SDKs
§ vSphere 5 support
The Only Hybrid Cloud Infrastructure § vShield Edge VPN Integration
44 Confidential
Fast Provisioning Using Linked Clones
• Provisions new VMs from a template without replicating the entire image
• Instead, links the images (clones) so that common elements are stored only once
Template vmdk
vmdk vmdk vmdk
• Dramatically speeds up provisioning time from >2 minutes to <5 seconds
• Reduces storage footprint (and cost) by over 60%
Overview
Benefits
45 Confidential
vApp Custom Guest Properties
• Allows developers and other users to easily pass user data into guest OSes using OVF descriptors.
• Parameters available using VMware tools, on an ISO, or in the XML for the vApp
• Easier post-deployment configuration & provisioning of identity to VMs & vApps
• Provides functionality to bootstrap a wide variety of guest customization solution
Overview
Benefits
vApp
Deploy OVF Package
OVF Package
Deployment Configuration vSphere
1
2
3
46 Confidential
vCloud Messages
• Connect vCloud Director to enterprise systems through messaging to rapidly create end-to-end system integrations
Overview
• Integrate vCloud Director with existing IT management tools
• Reduce the cost of manually building integrations
Benefits
CMDB IPAM Ticketing