The first announcement from VMworld this week was the debut of what we all called "Project Redwood". It has now been revealed as VMware vCloud Director and vCloud Datacenter.
Do we call it the "Secure Private Cloud"? The cloud is a journey, so how do we get there?
What will vCloud try to achieve? Pooling is the heart of vCloud. Greater pooling drives greater utilization which drives lower cost. Automation. Self-service workloads. Control with application-aware infrastructure. Open & Interoperable so it enables the hybrid cloud. Leverage existing environment and people to move forward.
Components of vCloud Director:
VMware vSphere ESX Hosts and your vCenter Servers. The foundation of vCloud. Leverage clusters and resource pools for your computing and memory. Use datastores for "cloud" storage and port grouips for networking.
VMware vCloud Director - Defines standard infrastructure tiers called vDC (Virtual Datacenters), collection of VMs called vApps, manage users with Role based access control. (Provided by vCloud to let's users come in and self-provision vApps. Installs on Red Hat Linux 5 U4 x64 VM. Must have Enterprise or Enterprise+ licensing. When using only Enterprise you will hit limitations with not having a vNetwork Distributed Switch (vDS). vCenter Sever 4.0 Standard is a minimum as well with vSphere 4.0 U2 or 4.1. Your database must be an Oracle 10g/11g Standard or Enterprise database. Licensing is based on per VM basis.
VMware vShield for VMware vCloud Director (vShield and vShield Edge) - vShield Edge provides the end-point security. You need one vShield Manager per vCenter server. It can provide network edge security such as firewall, NAT, port-forwarding, IP masquerading, and DHCP. These devices are deployed and managed by vCloud director so there is little direct interaction needed. Another new product is that you can upgrade to vShield Edge 1.0 which includes a site-to-site VPN and load balancer which will help enable the hybrid cloud.
Chargeback Server (leads to enabling pulic clouds). Chargeback Manager 1.5. Associate costs and bill for VMware vCloud Director usage. A tier has an SLA and cost. Uses vCloud and vCenter data collectors to collect billable events and usage data to calculate associated costs. Database is either SQL Server 2005/2008 or Oracle 10g/11g. Includes a Built-in load balancer. When new new servers are created as you scale, load-balancing will take place. Again, this is licensed per VM.
What does this convoluted space look like now?
The vCloud Director provides the portal for end users with possibly mulitple vCloud Director Cells to provide the UI. Which talks to the Oracle database and connects to AD and LDAP which talks to multiple vCenter servers. At the bottom you have ESX servers providing resources and storage. Then we have vShield Managers and vApps. vCloud Director is talking to vShield Edge to deploy multiple vShield appliances within the vSphere infrastructure to guarantee isolation and mutli-tenancy. vCenter Chargeback talks to vCenter and vCloud Director to be able to gather information and run reports.
Deploying and Best Practices
Create a management cluster that is filled with your DNS, AD, NTP, vCenter, vShield Manager, Chargeback, and vCloud Director, vCloud Oracle Database, Chargeback SQL Database servers so redundancy is key. Protect using HA, DRS, and SRM.
Log in to the vCloud Director Portal and add vCenter Servers. There must be a vShield Manager appliance connected to every vCenter server added. Now we can create provider virtual data centers (VDC). Select a reource pool/cluster and datastore that you can attach to a VDC.
You can create multiple tiers of VDC based on types of processors or storage (SATA vs SSD) and this is your own customization.
Next is to create an external networks and network pools that allows connectivity to cloud workloads. You can isolate by vlans, portgroups, etc. Pools are a bit confusing. You have Portgroup-Backed which creates isolated portgroups in vSphere or you can attach a collection of them to vCD. VLAN-backed will automatically create portgroups as needed and use a range of VLANs to isolate them. Lastly, vCD Network Isolation-backed uses a vDS (NOT 1000v) and one VLAN for transport over the wire.
Now it's time to create organizations. It brings a group of users into vCD to manageme them. It builds an isolated container so every can still share the same underlying resources. Every organization has a specific url to access their area.
Since VM sprawl can happen quickly so leases, quotas and limits can be triggered per user or per organization.
Allocation Models for Organizations:
- Pay as you go - No upfront allocation. can guarantee only a percentage of organization VDC resources to cap usage
- Reservation Pool - given a container of resources and are guaranteed all resources in that container. Advanced management controls such as shares and reservations to make sure over commitment doesn't impact workloads.
- Allocation Pool - given a container of resources and have very simple model of resource management such as shares and reservations which are managed by the cloud operator.
The last piece is to setup chargeback and you have vCD ready to go.
Who is going to use this product?
- Seems like it might only be for really large enterprises and current cloud service providers. The lack of SQL server support makes that argument. I would look at this as an Enterprise Only product
- Companies with elastic workloads such as seasonal or end of quarter workloads.
- Financial organizations that can utilize the security and multi-tenancy by having an isolated network and resources using pools and vShield
- Companies making acquisitions that need to quickly open up their data to new ventures
- Customer support and troubleshooting to spin up workloads for testing and QA
Cloud Services
vCloud API Being able to push applications using the vCloud API to public cloud providers.
vCloud Datacenter: different kind of public cloud. not a blackbox, delivered by a select amount of service providers. Compatibility to vCD internally. There is a reference architecture so everything is deployed in a similar fashion. This is a big security bonus with this as well. New regulation and compliance framework, new log framework, and perhaps a new audit standard. This is more manageable. Verizon is a big player in vCloud Datacenter trying to become a large enterprise cloud provider built upon this framework. Going to be an enterprise market mover with VMware. Enterprise extension cloud on demand.
vCloud Express: still going to be around for dynamic scaling apps that can be paid for by the hour.
Watch the Keynote I recorded
Watch Steve Herrod's Keynote in Entertainment | View More Free Videos Online at Veoh.com