Building an Enterprise Hybrid Cloud with the
VMware vCloud Solution
Glenn Grabowski, Staff Systems Engineer, Senior Cloud Specialist, VMware
Agenda
VMware vCloud Initiative
IT Needs Cloud To Enable Efficiency and Agility
VMware’s Cloud strategy
Business Owner
It’s all about “The App” : Developers need more agile infrastructure…
We need to:
• Get capacity now
• Get s/w stacks deployed
• Simulate production
Once in prod, we need
• Plan capacity for app
• Place on Tier 1 capacity
• Provision the App Server, web, database
• Set up the load balancer
• Set up the firewall
• Set up data protection
• Set up mgmt
• Manage the app
• …
Operations How do we get the
… and often leverage commodity clouds when IT doesn’t respond Developers May I have a LAMP stack, please? vSphere Admin
CIOs have concerns about…
? Security and Compliance
? Performance and SLAs
? Availability and Data Protection
? Intellectual Property
Queues Custom requests Hardware acquisition
Flexibility and agility are becoming increasingly important to IT
Q9: Which of the following are top drivers of cloud computing initiatives at your organization? (Please check all that apply)
Business agility is the top driver for cloud computing
CIOs are facing public cost benchmarks…
Pushing IT to benchmark their own IT organization…
Provisioning workflow with VMware's vCloud Director
Agenda
VMware vCloud Initiative
IT Needs Cloud To Enable Efficiency and Agility
VMware’s Cloud strategy
Virtualization is the foundation of cloud, and it’s proliferating
Physical Hosts Virtual Machines
More VMs were deployed than physical servers starting 2 years ago
17.5 15.0 12.5 10.0 7.5 5.0 2.5 2006 2007 2008 2009 2010 2011 2012 2013 2005 M illi ons VM Cross Over
Gartner, Inc. Magic Quadrant for x86 Server Virtualization Infrastructure, Thomas J. Bittman, Philip Dawson, George J. Weiss, 26May 2010. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluatedin the context of the entire report. The Gartner report is available upon request from VMware. The Magic Quadrant is copyrighted 2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, asdefined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability orfitness for a particular purpose.
“Virtualization is a modernization catalyst and unlocks cloud computing.”
―Gartner, May 2010
What is this Cloud Thing? SaaS Public Cloud IaaS PaaS Private Cloud IT as a Service
Your Cloud
Cloud Computing is an approach to computing that leverages the efficient pooling
Cloud is changing the new IT landscape…
Existing Apps New Enterprise Apps SaaS Apps
Existing Datacenters Public Cloud Services
The Challenge for IT:
Weave all this together
into a cohesive,
secure, compliant whole
Evolve the Infrastructure
Evolve your existing datacenter to a private cloud
Leverage virtualization to transform physical silos into elastic, virtual capacity
Compute
Storage
Network
Increase automation thru built-in policy-driven management
Move from static, physical security to dynamic, embedded security
Enable secure, self-service to pre-defined IT services, with pay-for-use
Organization: Marketing Organization: Finance
Organization VDCs Catalogs Organization VDCs Catalogs
Users & Policies Users & Policies
$75
Evolve your existing datacenter to a private cloud
Compute
Storage
Network Organization: Marketing Organization: Finance
Organization VDCs Catalogs Organization VDCs Catalogs
Users & Policies Users & Policies
$75
USEUSEUSEUSE
Private Cloud
Cloud Infrastructure
Compute Storage Networking Integrated Security
Apps
Only VMware offers the best of both worlds with hybrid cloud
Cloud Infrastructure Apps Cloud Infrastructure Management Security Common platform Common management Common security
Cloud Computing Moves from a
Technology Discussion to a Business Decision
vCloud Service Provider Private Cloud
VMware
VMware offers a secure hybrid cloud for enterprises Private Cloud Portability Cloud Consumption vCloud Cloud Consumption vCloud
Operations and Management
vCenter
Operations and Management
vCenter
Security and Compliance
vShield
Security and Compliance
vShield Virtualization vSphere Virtualization vSphere Public Cloud Cross-Cloud Standards vCloud API
Open Virtualization Format
Cross-Cloud Standards
vCloud API
Open Virtualization Format
Cross-Cloud Management vCloud Connector Cross-Cloud Management vCloud Connector vCloud Solution vCloud Powered Broad array of VMware-compatible clouds
for any business need
vCloud Datacenter
Security & performance for enterprises
vCloud Express
The leading public clouds all partner with VMware
Source: Gartner (December 2010)
4,000+ vCloud IaaS Partners
VMware offers two co-branded public cloud services
vCloud Express
• Rapid Signup with Credit-card Billing
• Utility “pay as you go” Pricing
• Lowest cost with high QoS
• Interoperability across providers
vCloud Datacenter Services
• Guaranteed quality of service
• Certified adherence to ref. architecture
• Secure and compliant
• Workload mobility across providers
Extensions, notifications, and APIs enable third-party integrations
Easily orchestrate vCloud actions
• vCloud API
• vCenter Orchestrator Plug-in
• VMware Service Manager Plug-in
• JMX Interfaces can be monitored using
existing monitoring systems
Existing systems are supported
• In-Guest agents are fully supported
• Existing IT request systems, approval
management systems can be configured to use the vCloud API
VM Request
Cloud Foundry - World’s first open Platform as a Service (PaaS) offering
Optimize not only
how IT is delivered
and managed, but
also how it is
consumed
Increase business agility by empowering
users to rapidly deploy services on-demand with self-service portals
Improve security and compliance within
multi-tenant environments with strong
access controls and vShield security
Reduce costs by more efficiently
delivering resources and by consolidating
and standardizing your infrastructure
Enable application portability and interoperability across clouds while leverage existing investments
Build a hybrid cloud with vCloud to resolve IT’s challenges
Consuming Infrastructure as a Service
Intercontinental Hotels built a hybrid cloud to offer global access
InterContinental Hotels Group
• More than 4,500 hotel properties, 650,000
guest rooms in more than 100 countries/ territories worldwide
Business Drivers
• Need for elasticity
• Use of current IT configurations
• Ability to charge back applications
• Cost effective; no CapEx
Solution Offering:
• Membership rewards program
• Exported vApp and uploaded into Verizon
CaaS enabled by vCloud Datacenter
• Used vCD to manage and configure
Agenda
VMware vCloud Initiative
IT Needs Cloud To Enable Efficiency and Agility
VMware’s Cloud strategy
VMware's vCloud solution stack
Cloud requires elasticity, on-demand access, resource pooling Cloud Infrastructure Cloud Application Platform End-User Computing vCloud Solution Enterprise Hybrid Cloud Only VMware addresses all three
Only VMware enables the hybrid cloud Only VMware offers
vCloud API
Public Clouds
Programmatic Control and Integrations
VMware vCloud Director Builds on vSphere and scales up to
10,000 VMs and 25 vCenter Servers
Creates virtual datacenters, by pooling
resources into new units of consumption
Securely enables the cloud with
vShield, LDAP authentication, and RBAC
Provides self-service portals and
standardized infrastructure catalogs
Isolates users into organizations with unique catalogs, policies, and LDAP
VMware vCloud Director builds on vSphere to transform IT
vCloud API and extensions enables cloud
portability, orchestration, and integrations
Users
Organization 1 Organization m
VMware vShield
Secure Private Cloud
VMware vCenter Server
VMware vCenter Server VMware vSphere VMware vSphere
User Portals
Virtual Datacenter n (Silver) Virtual Datacenter 1 (Gold)
VMware vCloud Director
vCloud Director introduces new multi-tenant resource abstractions
Secure Private Cloud
Organization: Marketing Organization: Finance
Organization VDCs Catalogs Organization VDCs Catalogs
VMware vSphere VMware vCenter Server
Resource Pools Datastores Port Groups
(Go
ld)
(Bronz
e)
Provider Virtual Datacenters
(Sil
ve
r)
IT must become an internal cloud service provider
IT becomes a service provider, enabling true business agility
Achieve the economics and agility of cloud computing without sacrificing security or control
Users are given an alternative to commodity public clouds, eliminating the need for
Java Stack Database on Linux Provisions “hardware” Needs services
Directory Services
Group users into organizations and delegate access to the catalog
Organizations are completely isolated and secure
• Isolated virtual resources
• Independent LDAP-authentication
• Specific policy controls
• Unique catalogs
Catalogs can be customized by organization or shared
• Users can be given permission to create organization-wide catalogs
• Organizations can be given permission to create datacenter-wide catalogs
Enables a multi-tenant environment
• IT can serve multiple organizations from common infrastructure
Users deploy into logical containers of tiered resources with SLAs
One Size Fits All Datacenter
Gold
Bronze
Directory Services
Directory Services
$100
$ 50
$150
$ 35
$175
$ 50
$275
$ 75
Pay for Use
Gold SLA $100 per VM Bronze SLA $50 per VM USE USE USE USE
Pay for SLA
IT maintains control with Chargeback and user limits
Strict user limits
• Leases: Set maximum time period
VMs can exist; IT can select renewal policies
• Quotas: Maximum number of VMs
per user within in organization
Chargeback integration
• Financial transparency for users and
IT
• Resources like broadband network
traffic, public IP addresses, DHCP, and NAT can be metered and billed
Customizable allocation models
• Pay-as-you-Go
• Allocation Pool
• Reservation Pool
IT maintains control with strict controls and approvals
Strict access controls
• RBAC: Access privileges restricted by
roles within LDAP
o vApp creation/modification
o Catalog creation/modification
o Cross-organization sharing
o Resource allocation
Approvals and workflows
• IT can require pre-approval if necessary
using Service Manager or pre-existing suites
Shared vApp catalogs enable collaboration & workload portability
vApps contain all of the
information required to deploy a service
Development Cycle Example:
• Developer end user submits a vApp to
QA by publishing to the shared catalog
• QA tester checks out the vApp from the
shared catalog
• Network isolation between vDCs allows
VMs to have identical network settings without conflicts
vApps can be easily migrated to other clouds using vCloud
This fundamentally changes user behavior, benefiting both sides
Dynamic scaling and capacity
management invisible to user, ensuring SLAs are met
IT can hot add capacity to the
virtual datacenter without user disruption
As a result, users no longer feel
the need to hoard or
overprovision resources
• Aligns incentives to provision
• Eliminates over-provisioning
LabCorp developers have instant access to VMs
Objectives
• Speed provisioning
• Provide self-service capacity on demand to IT teams
• Ease regulatory compliance, reduce risk, speed time to market
VMware Solution
• VMware vCloud Director provides secure cloud environment for controlled self-service to developers and admins
Business Impact
• Absorb acquired labs quickly, maintaining legacy systems
• Developers get VMs in seconds
• Meet constant demand for new tests, upgrades, regulatory reports
• Build path to SaaS for agile, competitive business operations
Industry Headquarters Employees Annual Revenue
“LabCorp grows by acquisition. Virtualization and the cloud environment enable us to absorb new labs and
speed time to market.”
― James P. Jones, IT Manager, Virtual/Cloud Services, LabCorp
• VMware vSphere 4
• VMware Site Recovery Manager
(SRM)
• VMware vCloud Director • vCloud Accelerator Service PROFILE
Medical testing Burlington, N.C. 28,000
$5.2 billion
Only VMware offers defense in depth for your cloud infrastructure
Virtualizes common network services such as NAT and DHCP
vShield Endpoint protects the individual VM with
offloaded anti-virus
vShield App protects the applications with multi-VM trust zones
VDC Gold VDC Bronze
Security profiles follow workloads in the Hybrid Cloud model, too
vCloud Datacenter
VDC Silver
VDC Gold
VDC Bronze
Secure Private Cloud
Cross cloud management makes hybrid cloud real
Visualize resources across hybrid clouds inside the vSphere Client
• See VMs, vApps and templates across
vSphere and private and public vClouds
• Delivered as a vSphere Client Plugin
Copy & operate on resources across clouds
• Copy resources between vSphere and
vClouds
• Perform power operations on workloads
• Access console of vApps running in
vClouds
Deliver enterprise level security
• Data managed by onsite server
• Security scope set by vSphere Client
vCloud Connector
VMware provides continuous compliance within & across clouds
vCenter Configuration Manager
• Continuous Compliance
• Assessment & Enforcement
Policies built from Out-of-the-box
compliance templates
• SOX, HIPAA, FISMA, DISA, GLBA,
ISO 27002, NIST, PCI DSS, NERC, CIS, FERC
• Harden the hypervisor configs
for ESX, network, storage, etc.
• Harden the hypervisor guest
• Harden the Guest OS
The US government trusts their vCloud deployment with vShield
View Users View Users View Users
Scientific Apps
• Build and maintain a secure network that isolates highly sensitive scientific applications from the rest of the environment without
creating “airgaps”
Customer Need
• Reduced provisioning time from 30 days to 30 minutes
• Lower Capex & Opex by replacing hardware appliances with virtual appliances
Business Benefits
• Create adaptive trust zones on the same shared infrastructure to control access to
o highly sensitive scientific apps o shared services
o business critical apps o and the DMZ
• Restrict inbound and outbound traffic to the trust zones
• Restrict access to applications in a trust zone to View users in the subgroup within the zone
• Automatically move infected VMs to a remediation zone
Solution with vShield App
.
Secure multi-tenancy and VDCs allow BUs to share infrastructure
Secure Multi-tenancy with vShield
• Virtual networking technologies segregate
network traffic
• Policy-based management eliminates
“noisy neighbor” concerns
Enables shared infrastructure
• Formerly silo’d infrastructures (either
separate clusters or entire datacenters) can be migrated to virtual data centers and
share the
No airgapped pods/silos
• Eliminates the need for physical separation
for security or compliance
Maximizes consolidation ratio
VMware is the leader in enterprise hybrid cloud infrastructures
VMware is the leader in the cloud
platform VMware offers the products and services to build a hybrid cloud
VMware has the expertise and services to build clouds VMware powers the industry’s
largest cloud ecosystem
Private Cloud
Portability
Service Consumption
vCloudRequest Manager vCenterChargeback Service Consumption
vCloudRequest Manager vCenterChargeback
Service Delivery
vCloudDirector Service Delivery
vCloudDirector
Security and Compliance
vShieldSecurity Family vCenterConfiguration Manager Security and Compliance
vShieldSecurity Family vCenterConfiguration Manager
Virtualization
vSphere vCenterManagement Family
Virtualization
vSphere vCenterManagement Family
Public Cloud
Cross-Cloud Standards
vCloudAPI Open Virtualization Format
Cross-Cloud Standards vCloudAPI Open Virtualization Format
Cross-Cloud Management vCloudConnector Cross-Cloud Management vCloudConnector vCloudPowered Broad array of VMware-compatible clouds
for any business need
vCloudDatacenter
Security & performance for enterprises
vCloudExpress
Rapid, credit card payment for developers Co-Branded vCloudServices
Agenda
VMware vCloud Initiative
IT Needs Cloud To Enable Efficiency and Agility
VMware’s Cloud strategy
VMware's vCloud solution stack
