EMC ENTERPRISE PRIVATE CLOUD

Full text

(1)

Reference Architecture

EMC Solutions

January 2014

EMC ENTERPRISE PRIVATE CLOUD

EMC and VMware Infrastructure, VCE Vblock Systems

Infrastructure as a service

Automated provisioning and monitoring

Service-driven IT operations

(2)

Copyright © 2014 EMC Corporation. All Rights Reserved.

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose.

Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.

All trademarks used herein are the property of their respective owners. Part Number H12710

(3)

Table of contents

Executive summary ... 5 Document purpose ... 5 Audience ... 5 Solution purpose ... 5 Business challenge ... 6 Technology solution ... 6

Solution features and functionality ... 8

Automated provisioning ... 8

Self-service ... 9

Multitenancy and secure separation ... 10

Workload-optimized storage ... 11

Elasticity and service assurance ... 11

Monitoring ... 12

Metering and chargeback ... 14

Backup and recovery services ... 14

Key components ... 16

Introduction ... 16

VMware virtualization and cloud infrastructure ... 16

VMware vCloud Automation Center ... 16

VMware vSphere with Operations Management ... 16

VMware vCenter Operations Manager ... 17

VMware vCenter Orchestrator ... 17

VMware vCloud Networking and Security ... 17

VMware vCenter Log Insight ... 17

Vblock Systems ... 17

Compute ... 17

Network ... 18

Storage ... 18

Management ... 18

EMC and VMware integration ... 19

VMware vSphere Storage APIs ... 19

EMC Virtual Storage Integrator ... 19

EMC Storage Analytics ... 19

EMC backup and recovery ... 19

EMC Avamar ... 19

EMC Data Domain ... 19

EMC Data Protection Advisor ... 20

(4)

Private cloud management infrastructure ... 21 Architecture ... 21 Cloud resources ... 22 Data protection ... 22 Availability ... 23 Hardware resources ... 24 Software resources ... 25 Resource sizing ... 26 Conclusion ... 30 Summary ... 30

(5)

Executive summary

This document describes the reference architecture of an EMC® enterprise private

cloud (EPC) solution for an on-premises infrastructure as a service (IaaS) offering that enables IT to deliver Vblock-based private cloud services to their business. It

introduces the main features and functionality of the solution, the solution architecture and key components, and the validated hardware and software environment. The companion EMCEnterprise Private Cloud Solution Guide is intended asan enablement reference to begin the planning and design of your enterprise private cloud and to set the stage for a successful implementation.

This document is intended for executives, managers, architects, cloud administrators, and technical administrators of IT environments who want to

implement a private cloud IaaS platform. You should be familiar with VMware vCloud Suite, storage technologies, and general IT functions and requirements, and how they fit into a private cloud architecture.

EMC private cloud solutions enable customers to build enterprise-class, scalable, multitenant platforms that enable:

 Complete management of the infrastructure service lifecycle

 On-demand access to and control of network bandwidth, servers, storage, and security

 Provisioning, monitoring, and management of the infrastructure lifecycle by the end user without IT administrator involvement

 Maximum asset utilization

This EMC EPC solution provides a reference architecture for a Vblock-based

on-premises IaaS cloud solution that integrates all the key components and functionality of an enterprise private cloud, as shown in Figure 1.

Figure 1. Private cloud solution stack

Document purpose

Audience

(6)

Every organization is trying to do the same three things at all levels of their business:

 Lower operational costs

 Increase revenue

 Reduce risk

While many organizations have successfully introduced virtualization as a core technology within their data center, many end users and business units within customer organizations have yet to experience the increased agility, mobility, and control made possible by virtualization.

Transforming from the traditional IT model to an IaaS model involves overcoming the legacy challenges of:

 Inefficiency and inflexibility

 Slow, reactive responses to customer requests

 Inadequate visibility into the cost of the requested infrastructure

 Limited choice of availability and protection services

The difficulty in overcoming these challenges has given rise to public cloud providers who have built technology and business models specifically catering to the

requirements of end-user agility and control. Many organizations are under pressure to provide these same service levels within the secure and compliant confines of the on-premises data center. As a result, IT departments need to create cost-effective alternatives to public cloud services—alternatives that do not compromise enterprise features such as data protection, disaster recovery, and guaranteed service levels. As IT organizations implement a private cloud, the they must consider the following factors:

 The infrastructure must be quick to deploy so that business value can be recognized quickly.

 The private cloud infrastructure and operations must be designed to reduce costs through higher utilization and higher staff productivity.

 Risk of downtime must be controlled through disciplined change control and careful management of component compatibility.

 Support agreements must be established for all elements of the solution.

This EPC solution integrates the best of EMC and VMware products and services, and empowers IT organizations to accelerate implementation and adoption of private cloud solutions.

This solution takes advantage of the strong integrations developed by EMC and VMware product and services teams between EMC technologies and VMware vCloud Suite. This includes using EMC scalable storage arrays and integrated EMC and VMware monitoring and data protection suites to ensure that this private cloud solution becomes the foundation for enabling IaaS within the customer environment. Business

challenge

Technology solution

(7)

The solution also uses the Vblock converged infrastructure systems developed by VCE, which enable data center modernization so that IT can simplify every aspect of IT operations to improve agility and lower costs. The Vblock systems provide the

following value in the private cloud solution:

 Factory-integration and validation accelerates deployment, ensures interoperability, and delivers predictable performance.

 Life cycle system assurance ensures system stability, performance, and compliance to reduce costs, and more importantly, business risk. VCE not only ensures that components are interoperable on day one, but also validates patches and updates before you install them to lower your risk, maximize uptime, and lower TCO.

 Comprehensive infrastructure support means that you have a single point of accountability for your entire infrastructure and data protection solution. VCE Support eliminates the need to manage multiple vendors to diagnose and resolve issues and speeds time to problem resolution.

The key solution components include:

 VCE Vblock System 340 and VCE Vblock System 720 converged infrastructure systems

 EMC Avamar® and EMC Data Domain® backup and recovery solutions

 VMware vSphere virtualization platform

 VMware vCloud Suite cloud management and infrastructure

(8)

Solution features and functionality

This EPC solution includes the following features and functionality:

 Automated provisioning

 Self-service

 Multitenancy and secure separation

 Workload-optimized storage

 Elasticity and service assurance

 Monitoring

 Metering and chargeback

 Backup and recovery services

This EPC solution provides automated provisioning capabilities that enable both users and administrators to quickly, easily, and efficiently provision virtual machines, add data protection policies, and implement archiving policies over the lifecycle of their virtual resources. These capabilities are supported through a modified VMware vCloud Automation Center (vCAC) blueprint process.

The EPC solution enables you to provision physical and logical resources from a Vblock infrastructure that can be handed over to business units. This solution uses vCAC, which enables rapid deployment and provisioning of business-relevant cloud services across your private cloud and Vblock infrastructure and acts as the service governor, providing a cross-cloud storefront for IaaS deployments. The solution empowers organizations to enforce business and IT policies throughout the service lifecycle, helping them to transform virtualized environments into software-defined cloud data centers.

Cloud users can choose from a self-service catalog of custom-defined blueprints, each containing the resources appropriate to different applications or business units. Blueprints can be single or multimachine, and can be used to easily deploy multitier enterprise applications that require multiple components (for example, application, database, and web) and multiple service levels. Administrators can add data protection using VMware vCenter Orchestrator workflows created by EMC that take advantage of EMC Avamar and EMC Data Domain backup and restore features. The EPC solution is built to work with both new and existing infrastructures. It supports the differing requirements of an enterprise’s many business units and integrates with a wide variety of existing IT systems and best practices. Through the vCAC workflow designer, vCenter Orchestrator workflows can easily be invoked to extend lifecycle state transitions and machine command menus. The virtual machine provisioning process is fully automated and requires no manual intervention by the IT team.

In addition to the automation provided by vCAC, EMC VSI for VMware enables

automation of the most common storage configuration tasks, from creating LUNs and datastores to expanding the size of a datastore that is running low on space. This Automated

(9)

allows administrators to quickly and easily manage EMC arrays and ensure that applications continue to have access to the storage resources they need.

This EPC solution provides self-service capabilities that enable end users to quickly and easily provision and protect needed resources. By using the Self-Service Portal provided by vCAC and the customized virtual machine blueprints provided by EMC, end users can deploy and protect virtual machines much faster than traditional IT allows.

Figure 2 shows the EPC Self Service Portal, which is based on vCAC.

Figure 2. Self-service provisioning using the vCAC user portal

The EPC solution empowers users to request and manage their own compute

resources within established operational policies—this can reduce IT service delivery times from days or weeks to minutes. Features include:

 Cross-cloud storefront, which acts as a service governor that provisions workloads based on business and IT policies.

 User-aware Self-Service Portal, which delivers a user-appropriate catalog of IT services.

 Resource reservations, which allow resources to be allocated for use by a specific group and ensure that those resources are inaccessible to other groups.

(10)

 Service levels, which define the amount and type of resources a given service can receive, either during initial provisioning or as part of any configuration changes.

 Build specifications, which contain the automation policies that specify the process for building or reconfiguring compute resources.

The solution also provides customized vCAC blueprints that enable cloud administrators to offer self-service access to end users, not only for provisioning virtual resources, but also for attaching a protection policy to those resources at provisioning time. In addition, users can request on-demand restores of their virtual machines and generation of backup reports, all from the vCAC Self-Service Portal.

Multitenancy requirements in a cloud environment can range from shared, open resources to completely isolated resources, secure from any access. The Self-Service Portal shows only the appropriate views, functions, and operations to end users in line with their role within the business. This EPC solution provides the ability to enforce physical and virtual separation for multitenancy as strongly as the administrator requires. This separation can encompass network, compute, and storage resources to ensure appropriate security and performance for each tenant. Virtualized compute resources within the enterprise private cloud are objects inherited from the vSphere endpoint, most commonly representing VMware vSphere ESXi hosts, host clusters, or resource pools. Compute resources are configured at the infrastructure level on Vblock and also at the vSphere level to ensure physical and logical separation of resources between business units, thereby removing resource contention across critical applications.

This solution separates physical resources at the enterprise group level so that there is no resource sharing between tenants. Compute resources are organized into enterprise groups from which virtual reservations are made for the various

departments and business units. Business unit users can deploy their systems from their respective enterprise groups, as specified by their blueprints.

The EPC solution supports secure multitenancy through vCAC, which uses existing authentication and business groupings.

Secure multitenancy at the virtual network level is achieved by enforcing Layer 2 network isolation for any provisioned networks, because VMware virtual networking does not suffer from the same vulnerabilities as those found in the physical network at Layers 2 and 3.

This solution enables customers to further enhance a hardened security baseline across the hardware and software stacks supporting their private cloud infrastructure. It helps to reduce concerns around the complexities of the underlying infrastructure by demonstrating how to tightly integrate an as-a-service solution stack with a public key infrastructure (PKI) and a common authentication directory to provide centralized administration and tighter control over security.

Multitenancy and secure separation

(11)

The solution addresses the challenges of securing authentication and configuration management to aid compliance with industry and regulatory standards through:

 Securing the infrastructure by integrating with PKI to provide authenticity, non-repudiation, and encryption

 Converging the various authentication sources into a single directory to enable a centralized point of administration and policy enforcement

 Using configuration management tools to audit the infrastructure and demonstrate compliance

During testing of the solution, we1 verified:

 Integration with a PKI implementation that enabled encryption of management activities

 Building and testing of a fully functional solution where all components use trusted certificates for authentication

 Integration with a centralized point of authentication and authorization for common system components

This EPC solution enables customers to take advantage of the proven benefits of the converged infrastructure platforms of Vblock Systems, backed by EMC storage in an integrated cloud environment. With a scalable storage architecture that takes advantage of the latest flash and tiering technologies, the EMC VNX and EMC Symmetrix® VMAX storage arrays enable customers to meet any workload

requirements with maximum efficiency and performance and in the most cost-effective way.

With VNX and VMAX, customers can take advantage of the FAST™ Suite for maximum

performance benefit while using the user-friendly management interfaces available with EMC Unisphere® and EMC Virtual Storage Integrator (VSI) for VMware to manage

block and file storage in their private cloud environment.

This solution provides proven best practices for creating storage services so that administrators can provide tiered storage offerings—Bronze, Silver, Gold—to their end user tenants in order to achieve the most efficient use of the storage resources in their cloud environment.

This EPC solution uses analytics to provide the intelligence and visibility required to proactively ensure service levels in virtual and cloud environments. Using the

capabilities of vCAC and the tools provided by EMC, administrators and end users can dynamically add resources as needed, based on their performance requirements. Administrators can add storage, compute, and network resources to their

provisioning group resource pools, while end users can expand the resources of their own virtual machines to achieve the service levels they expect for their application workloads.

1 In this document, "we" refers to the EMC engineering team that validated the solution.

Workload-optimized storage

Elasticity and service assurance

(12)

This EPC solution includes automated monitoring capabilities that provide IT

administrators with a comprehensive view of the cloud environment to enable smart decision making for resource provisioning and allocation. These capabilities are based on a combination of vCenter Operations Manager dashboards, alerts, and analytics, the extensive additional storage detail provided by EMC Storage Analytics, and the metering capabilities of vCAC.

VMware vCenter Operations Manager provides pre-built and configurable dashboards for real-time performance, capacity, and configuration management. Performance data is abstracted to health, risk, and efficiency measures that allow IT to efficiently identify evolving performance problems with less effort. Capacity analytics identify over-provisioned resources so they can be correctly sized for the most efficient use of virtualized resources. What-if scenarios eliminate the need for spreadsheets, scripts, and rules of thumb.

vCenter Operations Manager Enterprise edition enables customizations and provides flexibility with advanced features that extend monitoring, analytics, and reporting capabilities, and it is suitable for solutions of any size. Table 1 provides an overview of some of the features.

Table 1. vCenter Operations Manager Enterprise: Features

Feature Description

Customizable

dashboards Presents data and analysis in several ways: Through Smart Alerts that warn of potential or occurring problems

 In configurable dashboards where you can create a view of the most important data in your environment

Self-learning performance analytics

Offers the ability to gain a deep understanding of your applications’ behavior patterns and give insights into the relationships between resources, tiers, and applications to optimize the performance of your cloud environment.

Proactive Smart

Alerts Is able to learn an application’s typical performance deviation level. When vCenter Operations Manager Enterprise detects significant abnormal behavior, exceeding the expected level, a Smart Alert warns you through an alert summary dashboard or by email that a problem is developing.

Dynamic thresholds

Helps to dynamically determine and adjust the normal range of values for every metric for different time periods. Any behavior that deviates from this range triggers performance alarms.

Third-party integration

Enables direct integration with third-party monitoring tools, such as EMC Storage Analytics.

(13)

Integrating vCenter Operations Manager with the EMC Storage Analytics Suite enables full end-to-end visibility of the entire infrastructure, from virtual machine to LUN and every point in between. EMC Storage Analytics links VMware vCenter Operations Manager for EMC Storage with the EMC Adapters for VNX and VMAX. vCenter Operations Manager displays performance and capacity metrics from EMC storage systems with data that the adapter provides by:

 Connecting to and collecting data from block and file systems

 Converting the data into a format that vCenter Operations Manager can process

 Passing the data to the vCenter Operations Manager Collector

This enables administrators to quickly visualize the health of EMC arrays (both block and file) using a simple Performance-at-a-glance tab, as shown in Figure 3.

Figure 3. EMC Storage Analytics with vCenter Operations Manager

In addition, infrastructure components can be configured to forward their logs to vCenter Log Insight, which then aggregates the logs from all the disparate sources for analytics and reporting. When integrated with Log Insight, EMC’s Content Packs for Avamar, VNX, and VMAX provide dashboards and user-defined fields specifically for those EMC products to enable administrators to conduct problem analysis on their storage array and backup infrastructure.

(14)

This EPC solution uses the metering capabilities of VMware vCAC and EMC Data Protection Advisor to provide users with chargeback information at the time of resource provisioning and with usage-based cost information on demand. Costs for services are therefore transparent—users know up front how much it will cost them to use the virtual resources they provision.

For chargeback and reporting purposes, administrators are able to provide business units and accounting departments with reports as needed to track usage by group and by user. When services such as backup are added to the virtual machine blueprints, related costs can be added as well, so that these incremental services become part of the overall cost of the provisioned resources.

This EPC solution automates data protection provisioning so that administrators and end users can easily take advantage of EMC Avamar and EMC Data Domain features such as deduplication, compression, and tight VMware integration. Using the vCenter Orchestrator workflows provided with the solution, administrators can quickly and easily set up multitier data protection policies and allow users to select an

appropriate policy using the customized blueprints when provisioning their virtual machines.

Avamar provides scalable backup and restore capabilities with integrated data deduplication, which reduces total disk storage by up to 50 times and enables cost-effective, long-term retention on Avamar Data Store servers. Avamar can alternatively use an EMC Data Domain appliance as the backup target.

Using the vCloud Automation Center API and extensibility toolkits, this solution implements custom functionality using common interfaces to provide Avamar image-level backup services for applications and file systems within a single- or multi-organization enterprise private cloud environment.

By integrating Avamar with vCenter Orchestrator through EMC custom workflows, the solution provides customized access to the backup, restore, configuration, and reporting aspects of Avamar without requiring direct access to the Avamar MCGUI. It uses the cloud infrastructure to automatically back up data to a shared, rather than a dedicated, backup infrastructure.

With this solution, enterprise administrators can offer IaaS with EMC backup to end users who want a flexible, on-demand, automated backup infrastructure without having to purchase, configure, or maintain it themselves.

Metering and chargeback

Backup and recovery services

(15)

Figure 4 shows the overall architecture of the solution’s availability and data protection functions.

(16)

Key components

This section describes the key components of the EPC solution, as shown in Figure 5. These include:

 VMware vCloud Suite

 Vblock Systems

 EMC Avamar, EMC Data Domain, and EMC Data Protection Advisor

Figure 5. EMC Enterprise Private Cloud solution components

This solution uses the VMware components described here—most of these are part of the VMware vCloud Suite offering.

VMware vCloud Automation Center

VMware vCloud Automation Center enables customized, self-service provisioning and lifecycle management of cloud services that comply with established business

policies. It provides a secure portal where authorized administrators, developers, and business users can request new IT services and manage existing computer resources from predefined user-specific menus or catalogs.

VMware vSphere with Operations Management

VMware vSphere ESXi is the industry-leading virtualization platform for building cloud infrastructures. vSphere enables you to run your business-critical applications

confidently to meet your most demanding service level agreements at the lowest TCO. vSphere with Operations Management combines this leading virtualization platform with the award-winning management capabilities of VMware vCenter Server. This solution enables IT to gain operational insight into the virtual environment for improved availability, performance, and capacity utilization.

Introduction

VMware

virtualization and cloud

(17)

VMware vCenter Operations Manager

VMware vCenter Operations Manager is the key component of the vCenter Operations Management Suite. It provides a new and much simplified approach to operations management of vSphere, physical, and cloud infrastructure. Using patented, self-learning analytics, and an open, extensible platform, vCenter Operations Manager provides operations dashboards that enable deep insights and visibility into the health, risk, and efficiency of your infrastructure, as well as performance

management and capacity optimization capabilities. VMware vCenter Orchestrator

VMware vCenter Orchestrator is an IT process automation engine that helps automate the cloud and integrate vCloud Suite with the rest of your management systems. Orchestration saves time, removes the potential for manual errors, reduces operating expenses, and simplifies IT management. vCenter Orchestrator allows administrators and architects to develop complex automation tasks within the workflow designer, and then quickly access and launch workflows directly from within the vSphere Client or through various triggering mechanisms.

VMware vCloud Networking and Security

VMware vCloud Networking and Security is the leading software-defined networking and security solution that enhances operational efficiency, unlocks agility, and enables extensibility to rapidly respond to business needs. It provides a broad range of services in a single solution, including virtual firewall, VPN, load balancing, and VXLAN extended networks.

VMware vCenter Log Insight

VMware vCenter Log Insight delivers automated log management through log aggregation, analytics, and search operations, extending VMware’s leadership in analytics to log data. With an integrated cloud operations management approach, it provides the operational intelligence and enterprise-wide visibility needed to proactively enable service levels and operational efficiency in dynamic hybrid cloud environments.

Vblock Systems combine industry-leading compute, network, storage, virtualization, and management technologies into pre-packaged units of infrastructure. Vblock Systems 720 and 340 are enterprise- and service provider-class systems designed to help organizations benefit from virtualization and cloud computing.

Compute

The Cisco Unified Computing System (UCS) is based on a standard set of components that is familiar to most IT personnel. Cisco UCS Manager manages the entire UCS system by communicating with firmware embedded in every device in the system and can manage up to eight chassis, providing a combined total of 64 server blades per Vblock. Each UCS 5108 server chassis supports up to eight UCS B-series blades. B-series blades provide up to 24 Intel Xeon cores. The Vblock 720 supports up to 48 chassis, for a total of 384 server blades with up to 9,216 cores. The Vblock 340 supports up to 16 chassis, for a total of 128 server blades with up to 3072 cores. Vblock Systems

(18)

Network

Cisco UCS Fabric Interconnects are a core part of Cisco UCS and provide both network connectivity and management capabilities to all attached blades and chassis. The Cisco UCS Fabric Interconnects offer line-rate, low-latency, lossless 10 Gigabit Ethernet, Fibre Channel over Ethernet (FCoE), and 8-Gigabit Fibre Channel functions. The fabric interconnects provide the management and communication backbone for the Cisco UCS B-Series Blades and UCS 5100 Series Blade Server Chassis.

The Cisco Nexus offers an end-to-end solution for aggregation and end-of-row and top-of-rack server connectivity in a single platform. The switch series, using cut-through architecture, supports line-rate 10 Gigabit Ethernet on all ports while maintaining consistently low latency, irrespective of packet size and services enabled.

The Cisco MDS 9500 Series Multilayer Director layers a broad set of intelligent features onto a high-performance, open-protocol switch fabric. By addressing the stringent requirements of large data center storage environments, Cisco MDS 9500 Series Multilayer Director provides high availability, security, scalability, ease of management, and transparent integration of new technologies.

Storage

EMC VNX and EMC Symmetrix VMAX are powerful, trusted, and smart storage array platforms that provide the highest level of performance, availability, and intelligence in the enterprise private cloud. EMC storage systems offer a broad array of

functionality and tools that simplify storage management and reduce costs in the private cloud. Optimized for virtual environments and applications, EMC storage platforms provide unsurpassed simplicity and efficiency, while providing storage replication for business continuity and disaster recovery solutions.

Enterprise customers can use the advanced storage tiering features and efficiencies of VNX and VMAX to deliver multiple storage service levels to their various

organizations, accelerating and simplifying their as-a-service offerings in the private cloud environment.

Management

VCE Vblock infrastructure platforms can be managed by a variety of industry toolsets, including EMC Ionix® UIM, or using the individual Vblock component management

tools. VCE Vision Intelligent Operations Software provides a single object perspective of Vblock Systems to management frameworks such as VMware vCenter Operations Manager and vCloud Automation Center.

VCE Vision

VCE Vision Intelligent Operations software enables and simplifies converged operations by dynamically providing a high level of intelligence to your existing management toolset. VCE Vision software acts as a mediation layer between your system and your existing management tool, allowing for intelligent discovery by providing a continuous, near real-time perspective of your compute, network, storage, and virtualization resources as a single object—ensuring that your management tools reflect the most current state of your Vblock Systems.

(19)

EMC Ionix Unified Infrastructure Manager (UIM)

EMC Ionix UIM manages Vblock infrastructure platforms as a single element and accelerates the deployment of private cloud elements and resources through the creation of physical resource service catalogs and templates. In addition to providing a powerful and simplified GUI for administrators, EMC Ionix UIM also provides a comprehensive set of APIs that can be used by any orchestration tool to integrate Ionix UIM functionality into existing or new workflows.

VMware vSphere Storage APIs

VCE Vblock Systems support VMware vSphere Storage APIs for Array Integration (VAAI). This technology improves overall storage performance by offloading various host resource-intensive operations to the array to optimize server performance. Both platforms also support VMware vSphere Storage API—Storage Awareness (VASA), which provides VMware administrators with a single management view into VNX and VMAX drive types (flash, SAS, or NL-SAS).

In addition, this solution uses VMware vSphere Storage APIs for Data Protection (VADP) to offload Avamar backup processing overhead from the client to a backup proxy server running as a virtual machine.

EMC Virtual Storage Integrator

EMC VSI is a free vCenter plug-in provided by EMC that extends the vCenter Server UI to add capabilities specific to EMC storage. VSI provides multiple feature sets including Storage Viewer, Path Management, and Unified Storage Management. Unified Storage Management simplifies provisioning of both VNX and VMAX virtual pooled storage for the private cloud and enables the cloud administrator to quickly and easily provision storage and perform management tasks.

EMC Storage Analytics

Powered by VMware vCenter Operations Management Suite, EMC Storage Analytics provides a powerful management tool for VMware and storage administrators to access real-time intelligent analytics for their VNX and VMAX platforms.

Administrators can obtain detailed statistics through customizable dashboards, heat maps, and alerts while also accessing topology mapping in a VMware environment.

EMC Avamar

EMC Avamar is a fast, efficient backup and recovery system provided through a complete software and hardware solution. Equipped with integrated variable-length deduplication technology, Avamar backup and recovery software provides integrated source and global data deduplication, which facilitates fast, daily full backups for enterprise private cloud environments. By integrating Avamar Management Console GUI (MCGUI) commands with vCenter Orchestrator workflows, this EPC solution enables set up of simple protection of resources at provisioning time.

EMC Data Domain

With Avamar, you can choose to direct backups to an EMC Data Domain system instead of to the Avamar server. Data Domain storage systems deduplicate data inline so that it lands already deduplicated on disk, thus requiring less disk space EMC and VMware

integration

EMC backup and recovery

(20)

than the original dataset. With Data Domain, you can retain backup and archive data on site longer to enable quick and reliable data restores from disk.

EMC Data Protection Advisor

With EMC Data Protection Advisor (DPA), you can automate and centralize the

collection and analysis of data across backup applications, replication technologies, virtual environments, and the supporting infrastructure. This provides a single, comprehensive view of your data protection environment and activities. In addition, when integrated with vCenter Orchestrator workflows, DPA can be used to provide on-demand reporting of backup statistics and status.

EMC data protection workflows for vCenter Orchestrator

With vCenter Orchestrator, cloud administrators can use the data protection

workflows created by EMC to automate Avamar and Data Domain protection of virtual machines. These workflows are added to the vCAC virtual machine provisioning blueprints so that users can easily set up protection at provisioning time. In addition, workflows can be used to enable simple restore of the last good backup for a

particular virtual machine.

Administrators can also use workflows that set up the protection policies on Avamar and vCenter, which facilitates quick and easy deployment of the infrastructure required to support end user security.

(21)

Private cloud management infrastructure

This section describes the environment and supporting infrastructure for this EPC solution.

Figure 6 shows the overall architecture of the solution.

Figure 6. Solution architecture

The management infrastructure for this private cloud solution is critical to the availability of its supporting components. This solution has two management layers which separate the physical and virtual infrastructure into two distinct tiers:

Vblock Advanced Management Pod (AMP-2)—Provides a centralized

management point for Vblock Systems and hosts all virtual machines required for management of the Vblock infrastructure platform. The AMP-2 contains one vCenter server to manage its own ESXi servers and virtual machines, and another vCenter server to manage the Enterprise Private Cloud Management Pod. Each AMP-2 is delivered pre-configured with the following software tools:

 AMP vCenter Server  Cisco UCS Manager  SQL Server

(22)

 EMC PP/VE  EMC Unisphere  UIM (optional)

 Management Pod vCenter Server

Enterprise Private Cloud Management Pod—Hosts all virtual machines used for

cloud-enabled infrastructure management and functions, such as the user portal and automated provisioning, monitoring, networking, security, and metering. The vCenter instance located in this management pod serves as the vSphere endpoint for vCAC, which hosts the resource clusters supporting the business needs of the various organizations within the enterprise. All server and virtual machine components within this management pod are managed by the separate, higher level vCenter server instance in the AMP-2. The private cloud management pod consists of the following virtual machine components:  vCloud Automation Center: Server

 vCloud Automation Center: Agent  vCloud Automation Center: Web portal

 vCloud Automation Center: Distributed Execution Manager (DEM)  vCloud Automation Center: Designer

 vCloud Automation Center: DB (SQL Server)  vCenter Orchestrator

 vCenter Server (vCAC endpoint)  vCenter Server DB (SQL Server)  vCenter Operations Manager (vCOps)  EMC SMI-S Provider

 EMC Data Protection Advisor  EMC Avamar Proxy01

 vCenter Log Insight Cloud resources

Compute resources that support the private cloud management pod or the resource clusters can be provisioned or expanded at any time using the individual component element managers or a management framework that uses the element managers. In the case of the resource clusters, subsequent resource reservation changes will be required at the vCAC layer to make the additional resources available for

consumption. Existing storage resources can be extended automatically using the EMC VSI if required, but you should consider maintaining LUN size for storage devices involved in remote replication operations (if applicable). The VSI should only be used if an alternative tool such as UIM is not being used to control storage provisioning. Data protection

Avamar provides data protection for all levels of this Enterprise Private Cloud solution by using agent-free image-level backup. While the virtual machines within the

(23)

customizations between VMware vCAC and Avamar, virtual machines in the

management cluster are manually protected in the more traditional manner using the Avamar administrative console.

Use Avamar guest-level backup with the client agent along with the Avamar SQL Server plug-in to protect the Microsoft SQL Server database instances that support vCAC and vCenter Server in the management cluster. Avamar guest-level backup can co-exist with image-level backup of the same machine.

Availability

The VCE Vblock System provides high availability (HA) at the hardware level. The enterprise private cloud built and operating on Vblock inherit all the features designed for HA from the components of each Vblock. Figure 7 shows the highly available components of Vblock.

Figure 7. Highly available components of the Vblock infrastructure platform

Each of the management pods required for this solution can be configured for high availability.

The VCE Vblock AMP-2, which provides a centralized management point for Vblock systems, can be ordered in a high-availability configuration that consists of two Cisco UCS C-series servers, a single EMC VNXe3150, and two Cisco Catalyst Ethernet switches.

The Enterprise Private Cloud Management Pod is supported by three ESXi servers using VMware vSphere Distributed Resource Scheduler (DRS) and VMware vSphere HA. All storage is provisioned on VNX or VMAX and is RAID protected, and all ESXi servers use EMC PowerPath®/VE for automatic path management and load balancing.

(24)

Table 2 lists the hardware used in this Enterprise Private Cloud solution to support both the private cloud management pod as well as the resource clusters.

Table 2. Solution hardware

Hardware Quantity Configuration Notes

Storage

EMC VMAX 10k 1 FC, SATA, and flash disks VCE Vblock 700 Family

VMAX 10 k offering multiple FAST VP storage policies

EMC VNX5700 1 SAS, NL-SAS, and flash disks VCE Vblock 300 Family VNX unified storage providing block and file storage, including EMC FAST VP and EMC FAST Cache

Compute

Compute blades 10  2 x six-core Intel Xeon 5600 Series

 96 GB RAM

 Converged network adapter

Cisco UCS B-series blade types include all supported VCE blade configurations

Compute chassis 2 Up to sixteen Cisco UCS Server

Chassis per domain Cisco UCS Server Chassis

Network/Fabric

Cisco UCS Fabric Interconnect

2 6200 Series / 48 port / Unified (6248UP )

Converged network and fabric for compute

Cisco MDS 2 9500 series / 9-slot (9509) SAN Fabric Nexus 2 5000 series Top of rack switch

Backup and recovery

EMC Avamar 1 15.5 TB capacity Backup appliance EMC Data Domain 1 21.5 TB capacity Data Domain appliance

The Vblock AMP-2 can be ordered in a high-availability configuration as specified in Table 3.

Table 3. Vblock AMP-2 hardware

Components Quantity Notes

Cisco UCS C220 servers 2 Host vSphere ESXi servers EMC VNXe3150 1 AMP storage

Cisco Catalyst 3560X Ethernet Switches 2 AMP networking

Hardware resources

(25)

Table 4 lists the software used in this solution.

Table 4. Solution software

Software Version Notes

VMware virtualization and cloud infrastructure

VMware vSphere ESXi 5.1 Build 799733 VMware hypervisor

VMware vCenter Server 5.1 vSphere management server

VMware vCloud Automation Center 5.2 VMware cloud management and infrastructure VMware vCenter Orchestrator 5.1 vCenter orchestration engine

VMware vCenter Operations Manager 5.7.1 Automated operations management

VMware vCenter Log Insight 1.0.4 Optional vCenter log analytics and management Microsoft SQL Server 2008 R2 Database server for vCenter Server and vCAC Microsoft Windows 2008 R2 SP1 Operating system for the server environment

EMC storage

EMC Unisphere 1.6.0.8 Management software for EMC VMAX and EMC VNX

EMC Enginuity™ 5876.229.145 Operating environment for Symmetrix VMAX EMC VNX Operating Environment Release 32 Operating environment for VNX block

EMC Solutions Enabler 7.6.0.12 CLI software for Symmetrix VMAX management EMC PowerPath®/VE 5.8 Multipathing and load balancing for block access

EMC Secure Remote Support (ESRS) Latest available EMC remote support

EMC, VMware and Cisco integration

EMC Ionix UIM V4.0 P1 Vblock resource management (UIM is a validated but optional component of the solution)

EMC Virtual Storage Integrator (VSI) 5.6 EMC storage plug-in for VMware vSphere client EMC Storage Analytics (ESA) 2.0 EMC storage analytics adapter for VMware

vCenter Operations Manager (ESA is a validated but optional component of the solution)

EMC backup and recovery (validated add-on to this solution)

EMC Avamar 7.0 Avamar system software

EMC Data Domain 5.3.0.6 Operating system for Data Domain appliance EMC Data Protection Advisor 6.0.1 Data protection management software EMC data protection workflows for

vCenter Orchestrator

N/A For automating Avamar and Data Domain protection services

(26)

Understanding the performance requirements of an enterprise cloud environment can be a challenge. For this private cloud solution, we consider the sizing of two distinct elements:

 The management infrastructure of the private cloud

 The supporting infrastructure on which the virtualized workload runs The solution includes guidance for sizing the private cloud management pod infrastructure correctly in relation to the size of the environment on which the virtualized workloads are running. As examples, the solution provides guidance for three sample environments managed by vCAC: small, medium, and large.

Table 5 lists the management infrastructure recommendations for a small environment, which can manage up to 1,000 physical or virtual machines.

Table 5. Recommended specifications for a small environment

Server role Quantity vCAC components Recommended hardware

specifications

Database server

1 vCAC database  CPU: 2.4 GHz 4-core or equivalent

 RAM: 8 GB

 Disk: 40 GB

 Network: 1 GB/s vCAC server/

web server2 1  Manager Service

 Distributed Execution Manager (DEM) Orchestrator

 Model Manager (web and data)  Portal website  Reports website  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s DEM machines

1 DEM Workers (one or more)  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s Agent machines

1 vCAC agents (one or more)  CPU: 2.4 GHz 4-core or equivalent

 RAM: 4 GB

 Disk: 40 GB

 Network: 1 GB/s

Note: In this configuration, the Manager Service can be co-hosted with the web components.

(27)

Table 6 lists the management infrastructure recommendations for a medium environment, which can manage up to 10,000 physical or virtual machines.

Table 6. Recommended specifications for a medium environment

Server role Quantity vCAC components Recommended hardware specifications

Database server 2 clustered vCAC database  CPU: 2.4 GHz 4-core or equivalent

 RAM: 8 GB

 Disk: 40 GB

 Network: 1 GB/s Web server 2  Model Manager

(web and data)

 Portal website  Reports website  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s vCAC server 2  Manager Service

 DEM Orchestrator  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s DEM machines 2 DEM Workers

(one or more)  CPU: 2.4 GHz 4-core or equivalent

 RAM: 4 GB

 Disk: 40 GB

 Network: 1 GB/s Agent machines 2 vCAC agents

(one or more)  CPU: 2.4 GHz 4-core or equivalent

 RAM: 4 GB

 Disk: 40 GB

(28)

Table 7 lists the management infrastructure recommendations for a large

environment, which can manage more than 10,000 physical or virtual machines.

Table 7. Recommended specifications for a large environment

Server role Quantity vCAC components Recommended hardware specifications

Database server 2 clustered vCAC database  CPU: 2.4 GHz 4-core or equivalent

 RAM: 8 GB

 Disk: 40 GB

 Network: 1 GB/s Web server 3  Model Manager (web

and data)  Portal website  Reports website  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s vCAC server 2  Manager Service

 DEM Orchestrator  CPU: 2.4 GHz 4-core or equivalent  RAM: 4 GB  Disk: 40 GB  Network: 1 GB/s DEM machines 2 DEM Workers

(one or more)  CPU: 2.4 GHz 4-core or equivalent

 RAM: 4 GB

 Disk: 40 GB

 Network: 1 GB/s Agent machines 2 vCAC agents

(one or more)  CPU: 2.4 GHz 4-core or equivalent

 RAM: 4 GB

 Disk: 40 GB

(29)

If you are deploying vCAC with vCenter Orchestrator and vSphere, the configuration shown in Table 8 can support more than 10,000 machines and therefore applies to all three configurations: small, medium, and large.

Table 8. Configuration for vCAC with vCenter Orchestrator and vSphere deployment

Server role Recommended hardware specifications

Database server vCenter database  vCPU 4

 RAM: 8 GB

 Disk: 1000 GB

 Network: 1 GB/s vCenter server  SSO

 Inventory  vCenter Server  vCPU 2  RAM: 10 GB  Disk: 100 GB  Network: 1 GB/s vCO vCenter Orchestrator  vCPU 1

 RAM: 2 GB

 Disk: 40 GB

 Network: 1 GB/s

Combining the vCenter Orchestrator/vSphere and vCAC sizing requirements means that the following configuration can manage more than 10,000 physical or virtual machines:

 13 virtual machines

 47 vCPUs (mapped as 12 physical cores)

 68 GB RAM

 640 GB storage

For guidelines on sizing vCenter Operations Manager, compute, storage, and data protection, which are all dependent on the size of the ultimate tenant resource environment, refer to the EMCEnterprise Private Cloud Solution Guide.

Official VCE Vblock System 700 information can be found at http://www.vce.com/products/vblock/system-700.

Official VCE Vblock System 300 information can be found at http://www.vce.com/products/vblock/system-300.

(30)

Conclusion

This private cloud solution enables customers to build an enterprise-class, scalable, multitenant platform for complete infrastructure service lifecycle management. The solution provides on-demand access and control of infrastructure resources and security while allowing customers to maximize asset utilization. Specifically, the solution integrates all of the key functionality that customers demand of an

enterprise private cloud and provides a framework and foundation for adding other services.

This EPC solution incorporates the following principles:

 Self-service and automated provisioning

 Multitenancy and secure separation

 Security and compliance

 Elasticity and service assurance

 Monitoring

 Metering and chargeback

 Availability and data protection

The solution uses the best of EMC and VMware products and services to empower customers to accelerate the implementation and adoption of private cloud while still enabling customer choice for the compute and networking infrastructure within the data center.

Figure

Updating...