DEPLOYING AND MANAGING MICROSOFT APPLICATIONS IN EMC HYBRID CLOUD WITH VMWARE

(1)

DEPLOYING AND MANAGING MICROSOFT

APPLICATIONS IN EMC HYBRID CLOUD WITH

VMWARE

Based on the EMC Hybrid Cloud with VMware Foundation

Infrastructure Solution 2.5

EMC Solutions

Abstract

This Solution Guide describes how to use EMC Hybrid Cloud with VMware Foundation Infrastructure Solution 2.5 to provision and manage new and existing Microsoft Exchange, Microsoft SQL Server, and Microsoft SharePoint applications for on-premises or hosted cloud services.

(2)

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

EMC2_{, EMC, and the EMC logo are registered trademarks or trademarks of EMC} Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.

Deploying and Managing Microsoft Applications in EMC Hybrid Cloud with VMware Solution Guide

(3)

Chapter 1 Executive Summary

11

Document purpose ... 12 Audience ... 12 Solution purpose ... 12 Business challenge ... 13 Technology solution ... 13 Key components ... 14 Software components ... 16 Terminology... 18

Chapter 2 Hybrid Cloud Overview

21

Overview ... 22

Solution architecture ... 23

Self-service and automation ... 23

Multitenancy and secure separation ... 25

Workload-optimized storage ... 26

Security and compliance ... 27

VMware NSX for vSphere ... 27

Monitoring and service assurance ... 27

Chapter 3 Provisioning Microsoft Applications

29

Overview ... 30

VMware vCloud Application Director ... 31

Marketplace... 31

Cloud providers ... 32

Deployment environments ... 33

Application owners and business groups ... 33

Logical templates ... 33

vCloud Application Director Services ... 33

Application blueprints ... 34

Publishing application blueprints ... 36

Service Catalog ... 38

Services ... 39

(4)

Contents

Approval Policies ... 41

Storage tiering ... 42

Provisioning Microsoft Active Directory Services ... 43

Provisioning Microsoft Exchange ... 44

Exchange Server application blueprints ... 45

Additional services ... 46

Publishing a stand-alone Exchange Server ... 47

Requesting Exchange Server from vCAC catalog ... 48

Validating an Exchange Server deployment... 49

Provisioning Microsoft SQL Server ... 51

Anti-affinity rules for SQL Server virtual machines ... 51

SQL Server application blueprints ... 51

Additional services ... 53

Requesting a SQL Server ... 53

Approving a request ... 55

Validating a SQL Server deployment ... 55

Provisioning Microsoft SharePoint ... 56

Provisioning SharePoint 2010 ... 57

Provisioning SharePoint 2013 ... 64

Chapter 4 High Availability for Microsoft Applications on EMC Hybrid Cloud67

Overview ... 68

High availability ... 68

Microsoft Exchange DAG ... 68

vSphere HA with Exchange DAGs ... 69

vSphere DRS with Exchange DAG ... 69

Anti-Affinity rules for Exchange virtual machines ... 69

Provisioning an Exchange DAG ... 70

Microsoft SQL Server with AAG ... 73

Provisioning SQL Server 2012 AAG ... 73

Application Director Blueprint for SQL Server AAG ... 74

Verifying SQL Server 2012 AAG deployment ... 75

Microsoft SharePoint availability ... 76

Chapter 5 Monitoring Microsoft Applications

79

Overview ... 80

VMware vCenter Hyperic ... 80

Supported versions ... 81

vCenter Hyperic Agent ... 81

(5)

VMware vCenter Operations Manager ... 82

VC OPS integration with Hyperic ... 83

Monitoring Microsoft Exchange ... 86

Exchange 2013 Metrics ... 86

Microsoft Exchange dashboards ... 87

Monitoring Microsoft SQL Server ... 88

SQL Server Metrics ... 88

SQL Server dashboards ... 90

Monitoring Microsoft SharePoint ... 92

SharePoint server metrics ... 92

SharePoint dashboards ... 93

Chapter 6 Elasticity for Microsoft Applications

95

Overview ... 96

Threshold Alerts ... 96

Email Notification ... 97

Elasticity for Microsoft Exchange ... 97

Elasticity for Microsoft SQL Server ... 101

Elasticity for Microsoft SharePoint ... 102

SharePoint 2010 ... 102

SharePoint 2013 ... 107

Chapter 7 Conclusion

111

Summary ... 112

Findings ... 112

Chapter 8 Reference Documentation

113

EMC documentation ... 114

VMware documentation ... 114

(6)

Contents

Figures

Figure 1. EMC Hybrid Cloud components... 14

Figure 2. EMC Hybrid Cloud features and functionality ... 22

Figure 3. Solution reference architecture ... 23

Figure 4. Self-service provisioning through the vCAC portal ... 25

Figure 5. Sample Microsoft application dashboard ... 28

Figure 6. Workflow for publishing a vCloud Application Director blueprint... 30

Figure 7. Importing application blueprints from the Marketplace ... 31

Figure 8. Sample of Marketplace import options ... 32

Figure 9. Adding a cloud provider and vCAC blueprints ... 32

Figure 10. vCAC Blueprints and Logical Templates are added to a cloud provider ... 32

Figure 11. Setting build information for a vCAC cloud blueprint ... 33

Figure 12. Adding a service created on vCloud Application Director ... 34

Figure 13. Creating an application blueprint ... 35

Figure 14. Dragging and dropping GUI in vCloud Application Manager ... 35

Figure 15. Publishing application blueprints to vCAC ... 36

Figure 16. Using the overridable option for an application parameter ... 36

Figure 17. Reviewing and publishing the application blueprint to vCAC catalog ... 37

Figure 18. Viewing application blueprints added to vCAC Catalog Items... 37

Figure 19. Viewing the vCAC Service Catalog ... 38

Figure 20. Viewing the vCAC Service Catalog for SQL Server 2012 ... 39

Figure 21. Viewing vCAC Services ... 39

Figure 22. Viewing vCAC Catalog Items ... 40

Figure 23. Viewing vCAC Actions ... 40

Figure 24. Viewing vCAC Entitlements ... 41

Figure 25. Approving or rejecting a request ... 41

Figure 26. Selecting a storage tier ... 42

Figure 27. Selecting a storage tier for SQL Server in vCAC ... 42

Figure 28. Provisioning Microsoft Active Directory from vCAC ... 44

Figure 29. Properties and actions for Exchange 2013 (stand-alone) blueprint ... 46

Figure 30. Selecting a stand-alone Exchange server blueprint ... 47

Figure 31. Editing a stand-alone Exchange application blueprint properties ... 47

Figure 32. Editing options for a stand-alone Exchange blueprint ... 48

Figure 33. Viewing vCAC Service Catalog items for Exchange ... 48

Figure 34. Viewing vCAC application parameters for Exchange Server ... 49

Figure 35. Confirming a successful Exchange Server deployment ... 49

(7)

Figure 37. Exchange admin center: newly deployed Exchange

Server verification ... 50

Figure 38. Viewing properties and actions for a SQL Server application blueprint deployment ... 52

Figure 39. Viewing vCAC Service Catalog for SQL Server ... 54

Figure 40. Viewing vCAC application properties for SQL Server ... 54

Figure 41. Viewing Pending Approval of vCAC requests for SQL Server ... 55

Figure 42. Confirming a successful SQL Server deployment ... 55

Figure 43. Viewing a provisioned application ... 56

Figure 44. Example of a completed SQL Server deployment ... 56

Figure 45. Application Director SharePoint blueprints available for deployment ... 57

Figure 46. vCloud Application Director services for SharePoint deployments... 58

Figure 47. vCloud Application Director application blueprint for SharePoint ... 58

Figure 48. SharePoint service types, templates, and services for the vCAC blueprint ... 59

Figure 49. Application Director service properties for a SharePoint blueprint ... 60

Table 3. SharePoint blueprint property values... 60

Figure 50. Viewing SharePoint service catalog selections in the vCAC ... 61

Figure 51. Adding information for a SharePoint deployment request ... 61

Figure 52. Changing service options for a SharePoint deployment ... 62

Figure 53. Viewing deployed SharePoint virtual machine in vCAC ... 62

Figure 54. SharePoint farm deployment information ... 63

Figure 55. Selecting a SharePoint template ... 64

Figure 56. Deploying a SharePoint 2013 blueprint in Application Director ... 64

Figure 57. Viewing vCAC Catalog items for SharePoint 2013 ... 65

Figure 58. Viewing a successful SharePoint 2013 deployment ... 65

Figure 59. Configuring a new SharePoint farm for HR ... 66

Figure 60. Anti-Affinity DRS rule for Exchange DAG servers ... 70

Figure 61. Selecting an Exchange server blueprint from available Applications .... 71

Figure 62. Viewing the application blueprint for an Exchange 2013 DAG ... 71

Figure 63. Submitting a blueprint for deployment ... 72

Figure 64. Selecting and deploying the Exchange DAG template in the vCAC catalog ... 73

Figure 65. Viewing the SQL Server AAG catalog items in vCAC ... 73

Figure 66. Viewing the AAG application blueprint ... 74

Figure 67. Viewing the AAG application blueprint description ... 74

Figure 68. Viewing AAG service dependencies ... 75

Figure 69. Reviewing task execution workflow for AAG ... 75

(8)

Contents

Figure 72. vCenter Hyperic Plugin Manager ... 80

Figure 73. Adding the Hyperic Service on vCloud Application Director ... 81

Figure 74. Auto-Discovery window on vCenter Hyperic ... 82

Figure 75. vC Ops custom UI ... 83

Figure 76. Installing and configuring the Hyperic Management Pack ... 83

Figure 77. Confirming the Management Pack for Hyperic is listed... 84

Figure 78. Managing Adapter Instance ... 85

Figure 79. Adding and setting up the Hyperic Adapter Instance ... 85

Figure 80. Sample metrics in Hyperic ... 86

Figure 81. Sample Exchange attribute package ... 87

Figure 82. Exchange dashboard ... 88

Figure 83. Managing attribute packages ... 89

Figure 84. Viewing SQL Server Resource Details ... 90

Figure 85. Customizing a SQL Server dashboard ... 91

Figure 86. SQL Server customized dashboard sample ... 91

Figure 87. Managing attribute packages for SharePoint ... 92

Figure 88. Viewing SharePoint Resource Details... 93

Figure 89. Creating a custom SharePoint dashboard ... 94

Figure 90. SharePoint customized dashboard sample ... 94

Figure 91. Alerts Overview... 96

Figure 92. Configuring an alert ... 97

Figure 93. Blueprint for Exchange 2013 DAG expansion ... 98

Figure 94. Configuration properties for Exchange 2013 DAG expansion blueprint ... 98

Figure 95. vCAC Exchange DAG expansion request information and description ... 99

Figure 96. vCAC Exchange DAG expansion properties... 100

Figure 97. Deployment configuration properties for Exchange DAG expansion ... 100

Figure 98. SQL Server alert ... 101

Figure 99. Editing CPU resources for SQL Server ... 101

Figure 100. CPU usage for SharePoint WFE in vC Ops ... 102

Figure 101. SharePoint application blueprint ... 103

Figure 102. SharePoint Application blueprint properties and actions ... 103

Figure 103. SharePoint 2010 WFE selection from the vCAC catalog ... 104

Figure 104. SharePoint 2010 request information ... 104

Figure 105. SharePoint 2010 request properties ... 104

Figure 106. Provisioned SharePoint 2010 virtual machines in vCAC ... 105

Figure 107. SharePoint 2010 Farm information ... 105

(9)

Figure 109. Destroying virtual machine confirmation options in vCAC ... 107

Figure 110. SharePoint 2013 WFE selection from the vCAC catalog ... 107

Figure 111. SharePoint 2013 request information and properties ... 108

(10)

Contents

Tables

Table 1. Solution software requirements ... 16

Table 2. Terminology... 18

Table 3. Exchange 2013 (stand-alone) blueprint property values ... 46

Table 4. SQL Server blueprint property values ... 52

Table 5. Exchange DAG blueprint property values ... 72

(11)

Chapter 1 _{Executive Summary}

This chapter presents the following topics:

Document purpose ... 12 Audience ... 12 Solution purpose... 12 Business challenge ... 13 Technology solution ... 13 Software components ... 16 Terminology ... 18

(12)

Chapter 1: Executive Summary

Document purpose

This Solution Guide describes how to deploy and manage Microsoft applications, such as Microsoft Exchange, Microsoft SQL Server, and Microsoft SharePoint within EMC Hybrid Cloud built with VMware vCloud Suite. This guide supplements the EMC Hybrid Cloud Solutions with VMware Foundation Infrastructure Solution Guide 2.5, which describes the foundation hybrid cloud solution in more detail.

This guide introduces the main features and functionality of the solution, the solution architecture and key components, the validated hardware and software environment, and demonstrates the use cases enabled by this solution.

Audience

This guide is intended for EMC customers and qualified EMC partners. The guide assumes that users who intend to deploy this solution have the necessary training and background to install and configure an end-user computing solution based on EMC Hybrid Cloud with VMware, Microsoft Exchange, SQL Server, SharePoint, and the associated infrastructure.

Users should also be familiar with the infrastructure and database security policies of the customer installation.

This guide provides external references where applicable. EMC recommends that users implementing this solution are familiar with these documents. For details, refer to Reference Documentation.

Solution purpose

This solution enables EMC customers to build an enterprise-class, scalable, multitenant cloud that enables:

• Complete management of the infrastructure service lifecycle

• On-demand access to and control of network bandwidth, servers, storage, and security

• Provisioning, monitoring, and management of the infrastructure services by the line-of-business end user, without IT administrator involvement

• Provisioning of application blueprints with associated infrastructure resources by line-of-business application owners without IT administrator involvement • Maximization of asset utilization

This solution provides a reference architecture that integrates all the key components and functionality of a hybrid cloud.

(13)

Business challenge

Business applications are becoming more integrated into a consolidated compute, network, and storage environment. Every organization is trying to:

• Lower operational costs • Increase revenue • Reduce risk

While many organizations have successfully introduced virtualization as a core technology within their data center, the benefits of virtualization have largely been restricted to the IT infrastructure owners. End users and business units within customer organizations have not experienced the benefits of virtualization, such as increased agility, mobility, and control.

Transforming the traditional IT model to a cloud-operating model involves overcoming the challenges of legacy infrastructure and processes, such as:

• Inefficiency and inflexibility

• Slow, reactive responses to customer requests

• Inadequate visibility into the cost of the requested infrastructure • Limited choice of availability and protection services

The difficulty in overcoming these challenges has given rise to public cloud providers who have built technology and business models specifically catering to the

requirements of end-user agility and control. Many organizations are under pressure to provide these same service levels within the secure and compliant confines of the on-premises data center. As a result, IT departments need to create cost-effective alternatives to public cloud services—alternatives that do not compromise enterprise features, such as data protection, disaster recovery, and guaranteed service levels.

Technology solution

This solution for Microsoft applications on EMC Hybrid Cloud integrates the best of EMC and VMware products and services, and empowers IT organizations to accelerate implementation and adoption of a hybrid cloud while still enabling customer choice for the compute and networking infrastructure within the data center. This solution caters to customers who want to preserve their investment and make better use of their existing infrastructure and to those who want to build out new infrastructures dedicated to a hybrid cloud.

This solution takes advantage of the strong integration between EMC technologies and the VMware vCloud Suite. As developed by the EMC and VMware product and services teams, this solution includes: EMC scalable storage arrays, integrated EMC and VMware monitoring, and data protection suites to provide a foundation for cloud services within customer environments.

(14)

This solution is based on the EMC Hybrid Cloud solution presented in the EMC Hybrid Cloud Solution with VMware Foundation Infrastructure Solution Guide 2.5. With the addition of vCloud Application Director, you can automate Microsoft application deployments, as shown in Figure 1.

Figure 1. EMC Hybrid Cloud components

Data center virtualization and cloud management

VMware vCloud Automation Center

VMware vCloud Automation Center (vCAC) enables customized, self-service provisioning and lifecycle management of cloud services that comply with established business policies. vCAC provides a secure portal where authorized administrators, developers, and business users can request new IT services and manage existing computer resources from predefined user-specific menus.

VMware vCloud Application Director

vCloud Application Director automates application provisioning in the cloud, including deploying, configuring, and updating the application's components and dependent middleware platform services on infrastructure clouds. vCloud Application Director simplifies complex deployments of custom and packaged applications on infrastructure clouds.

(15)

VMware vSphere ESXi and VMware vCenter Server

VMware vSphere ESXi is a virtualization platform for building cloud infrastructures. vSphere enables you to confidently run your business-critical applications to meet your most demanding service level agreements (SLAs) at the lowest total cost of ownership (TCO). vSphere combines this virtualization platform with the award-winning management capabilities of VMware vCenter Server. This solution gives operational insight into the virtual environment for improved availability, performance, and capacity utilization.

VMware vCenter Orchestrator

VMware vCenter Orchestrator (vCO) is an IT process automation engine that helps automate the cloud and integrates the VMware vCloud Suite with the rest of the management systems. vCO enables administrators and architects to develop complex automation tasks within the workflow designer. The vCO library of pre-built activities, workflows, and plug-ins help accelerate the customization of vCAC standard capabilities.

VMware NSX for vSphere

VMware NSX for vSphere is the next generation of software-defined network virtualization and offers additional functionality and improved performance over traditional network and security devices. This additional functionality includes

distributed logical routing, distributed firewalling, logical load balancing, and support for routing protocols such as Border Gateway Protocol (BGP), Intermediate System to Intermediate System (IS-IS), and Open Shortest Path First (OSPF). Where workloads on different subnets share the same host, the distributed logical router optimizes traffic flows by routing locally. This enables substantial performance improvements in throughput, with distributed logical routing and firewalling providing line-rate

performance distributed across many hosts instead of being limited to a single virtual machine or physical host.

NSX also introduces Service Composer, which integrates with third-party security services.

VMware vCenter Operations Manager

VMware vCenter Operations Manager (vC Ops) is the key component of the vCenter Operations Management Suite. It provides a simplified approach to operations management of vSphere and physical and cloud infrastructures. vC Ops provides custom dashboards to gain insights and visibility into the health, risk, and efficiency of Microsoft Applications running on EMC Hybrid Cloud.

VMware vCenter Hyperic

VMware vCenter Hyperic is a component of the VMware vCenter Operations Management Suite. It is used to monitor metrics specifically related to SQL Server, SharePoint and Exchange.

VMware vCenter Log Insight

VMware vCenter Log Insight delivers automated log management through log

aggregation, analytics, and search. With an integrated cloud operations management approach, it provides the operational intelligence and enterprise-wide visibility needed to proactively enable service levels and operational efficiency in dynamic

(16)

VMware IT Business Management Suite

VMware IT Business Management (ITBM) Suite provides transparency and control over the cost and quality of IT services. By providing a business context to the services that IT offers, ITBM helps IT organizations move from a technology orientation to a service-broker orientation, delivering a portfolio of IT services that aligns with the needs of business stakeholders.

EMC storage services

EMC ViPR

EMC ViPR®_{is a lightweight, software-only solution that transforms existing storage} into a simple, extensible, and open platform. ViPR extends current storage

investments to meet new cloud-scale workloads, and enables simple data and application migration out of public clouds and back under the control of IT (or vice versa). ViPR gives IT departments the ability to deliver on-premises, fully automated storage services at price points that are at or below public cloud providers.

EMC ViPR SRM

EMC ViPR SRM, storage resource management software, provides comprehensive monitoring, reporting, and analysis for heterogeneous block, file, and virtualized storage environments. It enables you to visualize applications to storage

dependencies, monitor and analyze configurations and capacity growth, and optimize your environment to improve return on investment.

EMC VNX and EMC Symmetrix VMAX

EMC VNX®_{and EMC Symmetrix}®_VMAX®_{are powerful, trusted, and smart storage array} platforms that provide the highest level of performance, availability, and intelligence in the hybrid cloud. VNX and VMAX storage systems offer a broad array of

functionality and tools, such as Fully Automated Storage Tiering for Virtual Pools™ (FAST VP), enabling multiple storage service levels to support ViPR-driven storage-as-a-service offerings in the hybrid cloud environment.

Software components

Table 1 provides the Microsoft application versions used in this solution. For a complete list of other software requirements refer to EMC Hybrid Cloud with VMware Foundation Infrastructure Solution Guide 2.5.

Table 1. Solution software requirements

Software Version Notes

Enterprise Applications on EMC Hybrid Cloud

Microsoft Windows Server 2008 R2 Used for deployment of Domain Controllers, SQL 2008 R2 and SharePoint 2010

Microsoft Windows Server 2012 Used for deployment of Microsoft Exchange, SQL and SharePoint

Microsoft Exchange 2010 and 2013 A version of Microsoft Exchange used for deployments

(17)

Software Version Notes

Microsoft SQL Server 2008 R2 and 2012

A version of Microsoft SQL Server used for deployments

Microsoft SharePoint 2010 SP2 and 2013 SP2

A version of Microsoft SharePoint used for deployments

EMC storage

EMC ViPR 2.0 P1 EMC ViPR software-defined storage

EMC Unisphere for VMAX 1.6.2.4 Management software for EMC VMAX EMC Enginuity™ 5876.229.1.45 Operating environment for VMAX EMC VNX Operating Environment Release 33 Operating environment for VNX block EMC Solutions Enabler 7.6.2.8 CLI software for Symmetrix VMAX storage

management

EMC SMI-S Provider 4.6.2.3 SMI-S Provider for Solutions Enabler 7.6

EMC PowerPath Virtual Edition 5.9 SP1 Multipathing and load balancing for block access EMC and VMware integration

EMC Hybrid Cloud Foundation Module

2.5 A customization package for STaaS and foundation workflows

EMC Virtual Storage Integrator 6.2 EMC plug-in for VMware vSphere Web Client EMC ViPR plug-in for VMware

vCenter Orchestrator 2.0.0.12 EMC ViPR plug-in for vCenter Orchestrator workflows Additions to EMC Hybrid Cloud

VMware vCloud Application

Director 6.0.1 Accelerates streamlining and optimization of applications deployment through logical application blueprints by leveraging

preapproved, standardized OS and middleware components

(18)

Terminology

Table 2 provides definitions for some of the terms used in this guide.

Table 2. Terminology

Term Definition

Microsoft Active Directory (AD)

Provided with Windows Server as a special-purpose database or directory that is designed to store system-specific data for handling a large number of read and search operations, which are hierarchical, replicated, and extensible.

Application

Programming Interface (API)

A set of routines, protocols, and tools for building and communicating with software applications.

Application blueprint Logical topology of an application for the deployment in a virtual cloud. A blueprint captures the structure of an application with logical nodes, their corresponding services and operating systems, dependencies, default configurations, and network and storage topology requirements. The blueprint is published as a catalog item in the common service catalog.

Backup-as-a-Service (BaaS)

Uses a cloud infrastructure to backup data to a shared, rather than a dedicated, backup infrastructure.

Business group A set of users, often corresponding to a line of business, department, or other organizational unit, that can be associated with a set of catalog services and infrastructure resources.

Database availability

group (DAG) A set of highly available Microsoft Exchange Mailbox servers that host a set of databases and provides automatic database-level recovery from failures that affect individual servers or databases.

AlwaysOn Availability

Group (AAG) A high-availability and disaster-recovery feature included with SQL Server as an enterprise-level alternative to database mirroring.

high availability (HA) Enables a system or infrastructure to continue to provide applications and access to data if a single component or resource fails and service is interrupted for only a brief time, which might or might not be apparent to users.

Infrastructure-as-a-Service (IaaS) A standard of automated resources that include compute, storage and networking capabilities through a host or service provider.

(19)

IT-as-a-Service (ITaaS) Enterprise IT that acts and operates as a competitive service provider for an organization with many IT service options. Additional service options for

providers, other than the internal IT organization, might include outsourcing companies and public cloud providers.

Key performance

indicator (KPI) A quantifiable measure that compares performance criteria, including strategic and operational goals of an organization.

Logical template A predefined virtual machine definition in vCloud Application Director that can be mapped to a cloud template in the cloud catalog and supporting services enabling an application blueprint to remain cloud-agnostic.

Public-key

infrastructure (PKI)

A system of digital certificates or authorities that provide public-key encryption. It authenticates the validity of each party involved in an Internet transaction and establishes and maintains a trustworthy networking environment across a wide variety of applications for an organization.

vCloud Application Director Properties

vCloud Application Director configuration name-value pairs for services and application components that are variables used by scripts to set parameters and run various configurations.

vCloud Application

Director Service vCloud Application Director scripted software that can be installed on a virtual machine and reused in multiple applications.

Secure Sockets Layer

(SSL) A language used by an application to communicate with another application that provides services. VMware vCloud

Automation Center (vCAC)

Enables customized, self-service provisioning and lifecycle management of cloud services that comply with established business policies

virtual local area

network (VLAN) Enables a geographically dispersed network of computers and users to communicate in a simulated environment as if they exist in one LAN and are sharing a single broadcast and multicast domain. VLANs quickly adapt to changes in network requirements and relocation of workstations and server nodes.

virtual extensible LAN

(VXLAN) Runs an overlay, virtual network that is built on top of existing network Layer 2 and Layer 3 technologies to support elastic compute architectures, which enables network engineers to scale out a cloud computing environment while logically isolating cloud apps and tenants.

(20)

web front-end (WFE) A Web-based user interface for a back-end service, such as a database. It is a Web server that handles Web page requests from users. A SharePoint farm can use multiple WFE servers and a Network Load Balancer (NLB) to distribute requests for scalability and

(21)

Chapter 2 _{Hybrid Cloud Overview}

Overview ... 22

Solution architecture ... 23

Self-service and automation ... 23

Multitenancy and secure separation ... 25

Workload-optimized storage ... 26

Security and compliance ... 27

Monitoring and service assurance... 27

(22)

Chapter 2: Hybrid Cloud Overview

Overview

This EMC Hybrid Cloud solution brings new functionality to IT organizations, developers, end users, and line-of-business owners. In addition to delivering baseline infrastructure as a service (IaaS) built on the software-defined data center (SDDC) architecture, EMC Hybrid Cloud also delivers feature-rich capabilities that enable businesses to expand from IaaS to IT-as-a-service (ITaaS).

Backup-as-a-service (BaaS) and disaster-recovery-as-a-service (DRaaS) are policies that can now be enabled with just a few clicks. End users and developers can quickly gain access to a marketplace of application resources from Microsoft, Oracle, SAP, EMC Syncplicity, Pivotal, and add third-party packages, as needed. All these

resources can be deployed on private cloud or public cloud services as cloud service providers powered by EMC, including VMware vCloud Air.

This solution includes the following features and functionality, as shown in Figure 2: • Self-service and automation

• Multitenancy and secure separation • Workload-optimized storage • Security and compliance

• Monitoring and service assurance

(23)

Solution architecture

Figure 3 shows the architecture for this EMC Hybrid Cloud solution. The addition of VMware vCloud Application Director and VMware vCenter Hyperic enables automated deployment of Microsoft applications and application monitoring during the

application lifecycle.

Figure 3. Solution reference architecture

Self-service and automation

This solution provides self-service provisioning of automated cloud services to both end users and infrastructure level administrators. EMC Hybrid Cloud uses VMware vCloud Application Director and VMware vCloud Automation Center integrated with EMC ViPR and VMware NSX to provide the compute, storage, network, and security virtualization platforms for the SDDC. These platforms enable you to rapidly deploy

(24)

and provision business-relevant cloud services across your hybrid cloud and physical infrastructure.

Cloud users can request and manage their applications and compute resources within established operational policies; this can reduce IT service delivery times from days or weeks to minutes. Features include:

• Cross-cloud storefront—Acts as a service governor that provisions workloads based on business and IT policies

• Role-based self-service portal—Delivers a user-appropriate catalog of IT services

• Resource reservations—Enables resources to be allocated for use by a specific group and ensures that those resources are inaccessible to other groups • Service levels—Defines the amount and type of resources a specific service can

receive, either during the initial provisioning or as part of any configuration changes

• Build specifications—Contains the automation policies that specify the process for building or reconfiguring compute resources

In this solution, vCAC and vCloud Application Director enable businesses to rapidly deploy and provision applications and services to the cloud platform on demand. vCAC enables you to divide a shared infrastructure into logical units and capacities that can be assigned to different business units. Using role-based entitlements, you can choose from your own self-service catalog of custom-defined services and

blueprints. Each catalog presents only the virtual machines, applications, and service blueprints that users have permission to view, based on their assigned role within the business.

vCloud Application Director blueprints are created and published to vCAC. These published blueprints contain virtual machine deployment information, as well as any application deployments and ancillary scripts for deploying services to a virtual machine (Hyperic agents, for example).

Virtual machine and application blueprints can apply to single systems or multiple systems, covering both bare-metal server deployments and virtual machine

deployments. From predefined blueprints, you can easily deploy multitier enterprise applications requiring multiple application, database, and Web components, and related services.

(25)

Figure 4. Self-service provisioning through the vCAC portal

You can apply data protection policies to virtual machine resources at provisioning time, which enables users to request on-demand backup and restore operations on their virtual machines and to generate backup reports, all from the vCAC self-service portal.

As part of the vCAC provisioning process, you can use NSX virtual routing to provide an on-demand deployment model for creating custom networks, which support NSX edge routers and logical switches. This enables you to build a custom configuration as part of a multi-machine provisioning process.

This solution is built to work with new and existing infrastructures. It supports the differing requirements of an enterprise’s many business units and integrates with a wide variety of existing IT systems and best practices.

Multitenancy and secure separation

Multitenancy requirements in a cloud environment can range from shared, open resources to completely isolated resources that are secure from any access,

depending on the organization’s end-user requirements. This solution provides the ability to enforce physical and virtual separation for multitenancy, offering different levels of security to meet business requirements. This separation can encompass network, compute, and storage resources, to ensure appropriate security and

(26)

The solution supports secure multitenancy through vCAC role-based access control (RBAC), enabling vCAC roles to be mapped to Active Directory groups. vCAC uses existing authentication and business groupings. The self-service portal shows only specific views, functions, and operations based on the user’s role within the business.

You can achieve physical resource separation in vCAC to isolate tenant resources or to isolate and contain compute resources for licensing purposes. You can also achieve resource separation between and within resource groups, depending on the level of separation required.

Virtualized compute resources within the hybrid cloud are objects inherited from the vSphere endpoint, most commonly representing VMware vSphere ESXi hosts, host clusters, or resource pools. You can configure compute resources at the vSphere layer to ensure physical and logical separation of resources between functional

environments, such as between Production, Test, and Development (Test/Dev). Valid concerns exist for information leakage and “nosy neighbors” on a shared network infrastructure. Consumers of the provisioned resources must operate in a dedicated environment to benefit from infrastructure standardization. To address these concerns, this solution has been designed for multitenancy. We approached this from a defense-in-depth perspective by:

• Implementing virtual local area networks (VLANs) to enable isolation at Layer 2 in the cloud management pods and where the solution intersects with the physical network

• Using VXLAN overlay networks to segment tenant and business group traffic flows

• Integrating with firewalls functioning at the hypervisor level to protect virtualized applications and enabling security policy enforcement in a consistent fashion throughout the solution

• Deploying provider and business group edge firewalls to protect the business group and tenant perimeters

Workload-optimized storage

This solution enables you to take advantage of the proven benefits of EMC storage in a hybrid cloud environment. Using EMC ViPR storage services and the capabilities of VNX and VMAX, this solution enables you to manage the policies of software-defined block- and file-based virtual storage.

With scalable storage architecture that uses the latest flash and tiering technologies, VNX and VMAX storage arrays enable you to meet any workload requirements with maximum efficiency, performance, and cost-effectiveness. With ViPR, the storage configuration is abstracted and presented as a single storage control point, enabling cloud administrators to access all heterogeneous storage resources within a data center as if they were a single large array.

(27)

As a result, storage administrators are able to maintain control of their storage resources and policies while enabling the cloud administrator to automatically provision storage resources into the cloud infrastructure.

Security and compliance

This solution enables you to enhance security by establishing a hardened security baseline across the hardware and software stacks supporting their EMC Hybrid Cloud infrastructure. The solution helps to reduce concerns around the complexities of the underlying infrastructure by demonstrating how to tightly integrate an as-a-service solution stack with public key infrastructure (PKI) and a common authentication directory to provide centralized administration and tighter control over security. The solution addresses the challenges of securing authentication and configuration management to aid compliance with industry and regulatory standards as follows:

• Securing the infrastructure by integrating with a PKI to provide authenticity, non-repudiation, and encryption

• Converging the various authentication sources into a single directory to enable a centralized point of administration and policy enforcement

• Using configuration management tools to generate infrastructure reports for audit and compliance purposes

You can use NSX for vSphere in EMC Hybrid Cloud to enable a richer networking and security feature set than that provided by traditional solutions. Enhanced networking and security features in NSX include:

• NSX logical routing and firewalls provide high line-rate performance distributed across many hosts instead of being limited to a single virtual machine or physical host.

• Distributed logical routers contain East-West traffic within the hypervisor where workloads reside on the same host.

• Logical load balancer enables load sharing across a pool of virtual machines with configurable health check monitoring and application-specific rules for high availability service, URL rewriting, and advanced Secure Sockets layer (SSL) handling. A distributed firewall enables consistent data-center-wide security policies.

• Security policies can be applied directly to security groups enabling greater flexibility in enforcing security policies.

Monitoring and service assurance

For application administrators, this solution provides detailed monitoring and alerting capabilities with Microsoft SQL Server, Exchange, and SharePoint deployments that are running on an EMC Hybrid Cloud. These abilities enable in-depth analysis of real-time workloads on applications, which allows anomalies to be identified promptly, reducing potential performance degradation and any impact to

VMware NSX for vSphere

(28)

this functionality. The Management Pack for vCenter Hyperic provides metrics reports specific to Microsoft applications in vC Ops.

Customized dashboards can be created providing at-a-glance views of the availability and utilization of applications. This enables application teams to fine tune

applications guaranteeing service levels across the various business groups

configured on EMC Hybrid Cloud. You can configure email notifications to ensure the appropriate application teams are notified in the event of a KPI or threshold breach. Figure 5 shows an example of a Microsoft Application dashboard on vC Ops.

(29)

Chapter 3 _{Provisioning Microsoft Applications}

Overview ... 30 VMware vCloud Application Director ... 31 Publishing application blueprints ... 36 Service Catalog ... 38 Approval Policies ... 41 Storage tiering ... 42 Provisioning Microsoft Active Directory Services ... 43 Provisioning Microsoft Exchange ... 44 Provisioning Microsoft SQL Server ... 51 Provisioning Microsoft SharePoint ... 56

(30)

Chapter 3: Provisioning Microsoft Applications

Overview

This chapter describes the key components for this solution and how to provision Microsoft applications on EMC Hybrid Cloud with VMware, including: Microsoft SQL Server 2008 R2, Microsoft SQL Server 2012, Microsoft SharePoint 2013 SP2, Microsoft SharePoint 2010 SP2, and Microsoft Exchange 2013.

The EMC Hybrid Cloud with VMware 2.5 provides a foundation for successful and consistent deployments of Microsoft applications. Generic blueprints are available for each application that can then be adapted to specific organizational requirements to guarantee a standard industry level of service. This section provides the high-level process and methodology required to successfully deploy these applications by using VMware vCloud Application Director with VMware vCAC as the portal. Figure 6

illustrates the workflow used in this solution for each of the Microsoft applications deployed.

(31)

VMware vCloud Application Director

VMware vCloud Application Director enables you to construct application blueprints with a drag and drop GUI, which enables customers to quickly deploy Microsoft applications on an EMC Hybrid Cloud. These blueprints are easily transportable across EMC Hybrid Cloud environments. You can create application blueprints for each application and set of business requirements. You can then deploy these blueprints either directly from vCloud Application Director or publish them to a specific business group on vCAC where users can request them. For Microsoft application deployments, users can request multiple versions of SQL Server, SharePoint, and Exchange from a self-service portal. An application requested from vCAC allows application-related parameters to be modified prior to submitting the request.

You can enable a global setting where users can import application blueprints from the VMware Solutions Exchange Marketplace in vCloud Application Director, as shown in Figure 7.

Figure 7. Importing application blueprints from the Marketplace

Importing Microsoft Application blueprints from the Marketplace provides the preconfigured services and scripts required to install and customize applications in an EMC Hybrid Cloud environment. Figure 8 shows a sample of the options. The blueprints imported from the Marketplace can then be customized to meet the requirements of the application and the business.

(32)

Figure 8. Sample of Marketplace import options

To enable application blueprints to be published to a particular business group on vCAC, a cloud provider needs to be registered on vCloud Application Director, as shown in Figure 9. The cloud provider enables vCloud Application Director to communicate with vCAC.

Figure 9. Adding a cloud provider and vCAC blueprints

After a cloud provider is created for a specific business group, blueprints from vCAC can be added to the cloud provider and then to a logical template, as shown in Figure 10.

Figure 10._{vCAC Blueprints and Logical Templates are added to a cloud provider}

(33)

Important parameters, such as the minimum and maximum CPU and memory, are defined within the vCAC blueprints. A reservation policy can be specified in a vCAC blueprint, or alternatively in a deployment environment on vCloud Application Director. The virtual machine templates used for application deployments are identified within a vCAC blueprint. As shown in Figure 11, the Clone from field on the vCAC blueprint is set to use a Windows 2008 R2 virtual machine template.

Figure 11. Setting build information for a vCAC cloud blueprint

Before application blueprints can be published from vCloud Application Director to vCAC, a deployment environment must be configured. A Deployment Environment can have several reservations associated with it.

The application deployment design in vCloud Application Director is managed by application owners, such as SQL Server administrators. These owners can then publish application services to vCAC for deployment to meet business requirements. Additionally, specific users within business groups (for example, finance or HR) can be given permission to request application deployments from the vCAC Catalog, which are then approved or denied by the application owners.

A logical template associates a vCAC blueprint to a vCloud Application Director blueprint. A supported operating system version is specified to ensure that only supported services can be used when constructing an application blueprint. The option to add a service to the logical template is available while building a logical template. Alternatively, services can be added while designing the application blueprint. Multiple vCAC blueprints can be added to one logical template, which allows application blueprints to be published by using different reservation policies. Services are a fundamental element in creating Microsoft application blueprints with vCloud Application Director. These services enable reusable parts of the code to be used for the installation and customization of applications. Services can include scripts created with Windows PowerShell, the Windows Command line, and Linux Bash shell. External Services can be designed for Microsoft applications that require scripts for deployment, such as a load-balancer or a preinstalled database service. Similar to building a logical template, tags and a supported operating system version are required when creating a service.

Deployment environments Application owners and business groups Logical templates vCloud Application Director Services

(34)

Predefined property values can be added to a service that can then be overridden by a user with the vCAC self-service portal. These properties are specific to the deployed application. The same service can house multiple scripts, such as an application installation, an application configuration, or an update script. These services are reusable and available for selection during the creation of a new application blueprint in vCloud Application Director, as shown in Figure 12.

Figure 12. Adding a service created on vCloud Application Director

When Microsoft applications are implemented, the scripts contained within the service will run after the virtual machine is deployed. A number of services can be added to a single logical template and a service installation order can be specified. The same order applies when deploying multiple virtual machines within the same application blueprint.

An application blueprint can be created after the required elements on vCloud Application Director are established, as shown in Figure 13. These requirements include a cloud provider, a deployment environment, one or more logical templates, and the services which contain the scripts. Tags are added to indicate the type of service used and in which category to list the service.

Application blueprints

(35)

Figure 13. Creating an application blueprint

vCloud Application Director provides a drag and drop GUI where Logical Templates are positioned on a blank canvas. Depending on the application requirements, multiple logical templates can be added and clustered. Services and Application components are placed into logical templates, where associated scripts are executed during the deployment process.

Figure 14 shows an example of a completed application blueprint where components have been taken from the left and right menus to create reusable Microsoft

application blueprints that can be deployed into an EMC Hybrid Cloud. Compute resources and host name can be edited. The host name can also be assigned randomly on each execution of a blueprint by adding ${random}. After the application blueprint is created, it is ready to be published to the required business unit on vCAC where Microsoft applications can be requested.

(36)

Publishing application blueprints

Application blueprints can be published to vCAC. Figure 15 shows the Deploy option used to initiate these steps.

Figure 15. Publishing application blueprints to vCAC

During the publishing process, an option to map details that can be used to ensure Logical Templates in vCloud Application Director and blueprints in vCAC correlate. Application properties can be edited prior to publishing the blueprint, as shown in Figure 16. Administrators can use the overridable checkbox associated with each parameter in a service to enable requesters to change property values at deployment. Compute resources can also be modified during this process to ensure Microsoft applications are deployed on virtual machines that meet the performance

requirements of a business group. The ability to edit parameters before publishing enables the same application blueprint to be published with different specifications.

Figure 16. Using the overridable option for an application parameter

The execution plan can be reviewed before an application blueprint is published. This provides the opportunity to review the sequence of an implementation prior to

execution, which ensures that the correct application services are being deployed in the correct order.

As shown in Figure 17, the next step is to review all application related properties and select Publish. The name and description of the item are published and visible later within the vCAC catalog to the requester.

(37)

Figure 17. Reviewing and publishing the application blueprint to vCAC catalog

Application blueprints that are published to vCAC are not immediately visible in the catalog. These are initially listed as Inactive catalog items, as shown in Figure 18. After activation, the item changes to Active and can then be added to an applicable service.

(38)

Service Catalog

The Service Catalog in vCAC shows the catalog items that an end user, an application owner, or a business group, can request. After the request is approved, the

application virtual machine is deployed and the owner is notified. Figure 19 shows the different application deployments available based on EMC deployments.

Figure 19. Viewing the vCAC Service Catalog

Figure 20 shows a subset of catalog items for SQL Server 2012 that includes multiple deployments with varying virtual machine specifications.

(39)

Figure 20. Viewing the vCAC Service Catalog for SQL Server 2012

Services can be activated and deactivated in vCAC. Activated Services will appear in the vCAC catalog to users with appropriate entitlements, as shown in Figure 21. When application administrators select a Service, catalog items associated with the chosen service can be viewed.

Figure 21. Viewing vCAC Services

The catalog items are published to vCAC from different sources. For this solution, the items are from vCloud Application Director because they are all application

deployments. These catalog items are linked to a service, as shown in Figure 22.

(40)

Figure 22. Viewing vCAC Catalog Items

The Actions section enables an administrator to decide what actions users can do for the specified catalog item. This helps to control the level of actions that users can perform. For example, the administrator might want to prevent a user from destroying a virtual machine so maintenance tasks can be performed, as specified by the business unit.

Figure 23. Viewing vCAC Actions

Entitlements in vCAC control which users or groups have access to the catalog items, as shown in Figure 24. This ensures that only specified users can request specific deployments. For example, administrators can specify that only SQL Server application owners can view and select SQL Server catalog items in vCAC.

Actions

(41)

Figure 24. Viewing vCAC Entitlements

Approval Policies

Approval policies are created in the Admin tab in vCAC, where new approval policies can be added and edited for items being requested from the catalog. Approval Policies are then added to a particular Entitled Catalog Item by selecting the modify policy option. When an entitled catalog item has an approval policy set up, the approver will receive an email in their vCAC inbox. The request can then either be approved or rejected with a justification message.

The deployment can proceed after the request has been approved. Implementing approval processes provides essential control over Enterprise applications deployments and provides important governance over EMC Hybrid Cloud environments.

A wide range of approval policy types can be engaged. Various approval levels can be used to ensure that single approvers or a group of users are approved or declined a request. Figure 25 shows a view of an approval request sent to an approver.

(42)

Storage tiering

The Microsoft applications deployed in this solution take advantage of storage tiering within EMC Hybrid Cloud. Applications are provisioned on storage tiers to meet the workload requirements of SQL Server, SharePoint, and Exchange. As described in Publishing application blueprints, a vCAC blueprint is selected when publishing an application blueprint. The vCAC blueprint enables the administrator to choose the correct storage tier for user applications, as shown in Figure 26.

Figure 26. Selecting a storage tier

When applications are requested from the vCAC Service Catalog, users can choose the appropriate catalog item and storage tier for which an application is to be deployed. Figure 27 highlights one of the storage tiers available for a SQL Server deployment.

Figure 27. Selecting a storage tier for SQL Server in vCAC

In this solution, we implemented storage tiers by using VMAX and VNX storage arrays. Storage offerings can include a dedicated storage type or mixed storage. We created the following multiple tiers based on the requirements for each application:

• Tier 1—Extreme performance tier with all flash drives

• Tier 2—Balanced capacity and performance tier with FC/SAS drives • Tier 3—Capacity tier with large SATA/NL-SAS drives

(43)

The ability to select the required storage tier and compute resources from the vCAC catalog ensures that applications can perform workloads with guaranteed

input/output operations per second (IOPS).

For example, for the SQL Server deployment, the all-flash tier was used to optimize performance. For the Microsoft Exchange Server deployment, the capacity tier was used to provide the required mailbox capacity and performance.

Through the use of EMC array-based technologies, such as EMC FAST Cache and FAST VP, applications of varying I/O profiles can be added to the storage tiers. This can include storage offerings made up of different disk technologies. The workloads can then be promoted or demoted by EMC FAST Suite to best serve the operating

requirements of an application. For this solution, EMC ViPR is a central component of EMC Hybrid Cloud that centralizes and automates storage management on a single platform.

Through the vCAC self-service catalog, you can create volumes on ViPR and provision them to the required ESXi Servers. This allows the tiers required for Microsoft

applications to be assigned with a fully automated process. These volumes are then used to make up reservations on vCAC.

Note: For more details on Storage Tiering for EMC Hybrid Cloud, refer to the EMC Hybrid Cloud Solution with VMware Foundation Infrastructure Solution Guide 2.5.

Provisioning Microsoft Active Directory Services

Some cloud tenants require their own environment with an Active Directory

infrastructure. Usually, most of the tenants already have their own established Active Directory infrastructure and would not require a deployment of a Domain Controller. This option would be more appropriate for building a development lab, where Microsoft applications would be deployed for testing purposes.

For successful deployments of Microsoft applications, such as Exchange and SQL Server, users need to provide information about their existing Active Directory

infrastructure components. This information is necessary because these applications are heavily integrated with Active Directory. Users who were granted appropriate rights can also choose to deploy a Domain Controller and customize its settings to create an Active Directory domain before the application is provisioned. During deployment, the Domain Controller settings can be modified to specify an IP address, Domain Name, and administrator credentials. DNS can also be configured during Domain Controller deployment.

Provisioning a Microsoft Active Directory Domain Controller involves the following tasks:

• Creating a Domain Controller application blueprint in Application Director • Publishing the Application Director blueprint to vCAC

(44)

To provision Microsoft Active Directory from vCAC:

1._{Select a Domain Controller from the catalog and click Request, as shown in} Figure 28.

Figure 28. Provisioning Microsoft Active Directory from vCAC

2._{After setting the required property values as prompted, click Submit.}

3. After the Domain Controller is deployed, record the IP address and host name, because these values are required when provisioning each Microsoft

application.

Provisioning Microsoft Exchange

Microsoft Exchange Server application blueprints that are published from vCloud Application Director facilitate the deployment of multiple editions of Exchange Server across any business group within an organization, whether the business group is a highly utilized production environment or a Test and Development unit. These versions can be provisioned easily and are ready for use within minutes of being requested.

To provision Microsoft Exchange Server on EMC Hybrid Cloud, the cloud administrator must first create an application blueprint in vCloud Application Director, and then publish the blueprint into a vCAC catalog. The following are prerequisites for deploying Exchange from EHC Hybrid Cloud self-service catalog:

• The Active Directory Infrastructure with DNS services must exist before Exchange can be installed.

• The account used to perform the Exchange installation must have the rights necessary to make changes to AD schema. Refer to Microsoft documentation for this information.

The following options are currently available for provisioning Microsoft Exchange Server:

Option 1 deploys a stand-alone Exchange Server with a preconfigured number of CPUs, memory, and storage resources in the template for a specified number of users. Mailbox server role and Client Access roles are combined in this deployment.

(45)

Option 2 deploys an Exchange Server in a high-availability configuration as part of an Exchange database availability group (DAG) with a preconfigured number of CPU, memory, and storage resources in the template for a specified number of users. This option deploys two servers in a DAG with two database copies. Mailbox server and Client Access roles are combined in this deployment.

Option 3 deploys a new Exchange server with a preconfigured number of CPUs, memory, and storage resources to an existing DAG. Mailbox server and Client Access roles are combined in this deployment.

Note: Option 2 is described in High Availability for Microsoft Applications on EMC Hybrid Cloud. Option 3 is described in Elasticity for Microsoft Exchange

The versions of Microsoft Exchange Server deployments supported in this solution are as follows:

• Exchange Server 2010 Standard and Enterprise Editions on Windows Server 2012 and Windows 2008 R2

• Exchange Server 2013 Standard and Enterprise Editions on Windows Server 2012 and Windows 2008 R2

Note: If installing a Mailbox server role as a member of a DAG, Windows Server 2012 Standard or Datacenter Edition, or Windows Server 2008 R2 SP1 Enterprise Edition are required. Windows Server 2008 R2 SP 1 Standard Edition does not support the features needed for DAGs.

To deploy a stand-alone Exchange Server, you must first configure the blueprint in vCloud Application Director. The application blueprint consists of services and custom scripts to automatically deploy and provision Exchange Server. In this solution, for a small configuration of 1,000 users, the deployment option combines the Exchange Mailbox Server and Client Access roles on one server. For larger configurations, you can deploy separate servers to host each role. After the application blueprint is configured, you can create the deployment profile and publish the configuration in vCAC.

vCloud Application Director ensures that Exchange Server application blueprints can be easily created and customized. A number of components are required to create an application blueprint, including a blueprint on vCAC, a logical template on vCloud Application Director, and related Services that contain the scripts necessary to install and customize Exchange Server.

The installation and customization scripts were created with Microsoft Windows PowerShell for this solution. Figure 29 and Table 3 show the Exchange Server service properties created within the application blueprint, which include the organization name, administrator credentials, and source location for the installation files. Additional properties can be introduced based on the deployment requirements of the application. You can edit these properties to customize the installation of the Exchange Server prior to requesting the application. During installation, you can change these parameters, provided they are made overridable within the blueprint.

Exchange Server application blueprints

(46)

Figure 29. Properties and actions for Exchange 2013 (stand-alone) blueprint

The table below lists some of the Exchange application properties that can be configured within an application blueprint. Other properties can be added as required.

Table 3. Exchange 2013 (stand-alone) blueprint property values

Property Blueprint value example Description

Domain exlab.local Your Windows Domain

name

User Administrator Domain user account

with admin rights to perform Exchange installation

Password Password User account

password Install_repository c:\software\Exchange Location of the

Exchange installation files

Organization_name Exchange Your Exchange

organization name

Based on the requirements of the Exchange Server deployment, you can create and add additional services to the application blueprint. For example, a Join Domain script service for which the specified user chooses which domain the Exchange Server virtual machine joins. You can also add services to Exchange Server

application blueprints that enable the application monitoring after the installation is complete. Monitoring Microsoft Applications on page 27 provides more details.

(47)

The following describes how to publish a stand-alone Exchange 2013 Server with both a Mailbox Server role and a Client Access Server role into a vCAC catalog. To provision a stand-alone Exchange Mailbox 2013 Server:

4._{In the Application Director, select Applications, and then select an Exchange} 2013 (Stand-alone) application blueprint, as shown in Figure 30.

Figure 30. Selecting a stand-alone Exchange server blueprint

5. Hover the cursor over the blueprint and click View Blueprint to view and edit the properties, as shown in Figure 31.

Figure 31. Editing a stand-alone Exchange application blueprint properties

6._{Select the template to view and edit the properties, such as the number of} CPUs and memory, as necessary, and then click Deploy in the upper right corner, as shown in Figure 32.

Publishing a stand-alone Exchange Server

(48)

Figure 32. Editing options for a stand-alone Exchange blueprint

After the Exchange Server application blueprint has been created, it can be published to vCAC. Publishing application blueprints provides instructions for this process. After services and entitlements are configured by the cloud administrator, a user (for example, an Exchange Administrator) can view and select only specific Exchange Server catalog items. Figure 33 shows an example of the Service Catalog that the Exchange administrator can see based on user-assigned permissions.

Figure 33. Viewing vCAC Service Catalog items for Exchange

Requesting Exchange Server from vCAC catalog

(49)

After a request has been initiated and a request description and reason are entered, the parameters specific to the Exchange Server and Domain can be edited, as shown in Figure 34. These are the parameters that were made overridable in the application blueprint on vCloud Application Director prior to publishing to vCAC.

Figure 34. Viewing vCAC application parameters for Exchange Server

After a request is submitted, the deployment begins. The status of requests submitted by the user can be viewed in the Requests tab. After the request is complete, the state of the request changes to successful. The details of the

implementation, including information relating to the virtual machine deployed, can be viewed under the Items tab. The request remains in a Pending Approval State until approved if an approval process has been implemented.

When an Exchange Server request has completed, the status of the request changes from In Progress to Successful on the Requests page, as shown in Figure 35. Users can see the status of their own submitted requests on this page.

Validating an Exchange Server deployment