VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

Similar documents
VMware vcloud Director Evaluator s Guide TECHNICAL WHITE PAPER

VMware vcloud Director for Service Providers

Enabling Your Cloud with VMware. Rob Rowe Jason Kuipers

Cloud + Big Data Putting it all Together

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

Cloud Networking From Theory to Practice. Ivan Pepelnjak NIL Data Communications

Table of Contents HOL-PRT-1305

DEPLOYING A VMWARE VCLOUD DIRECTOR INFRASTRUCTURE-AS-A-SERVICE (IAAS) SOLUTION WITH VMWARE CLOUD FOUNDATION : ARCHITECTURAL GUIDELINES

VMware vsphere: Fast Track [V6.7] (VWVSFT)

VMware Cloud Provider Platform

Dedicated Hosted Cloud with vcloud Director

IaaS Integration for Multi- Machine Services. vrealize Automation 6.2

VMware vsphere 6.5/6.0 Ultimate Bootcamp

Exam Name: VMware Certified Associate Network Virtualization

VMware vsphere 6.5: Install, Configure, Manage (5 Days)

VMware - VMware vsphere: Install, Configure, Manage [V6.7]

IaaS Integration for Multi-Machine Services

Vmware.Test-inside.VCAC510.v by.Luger.97q

VMware vsphere: Install, Configure, Manage plus Optimize and Scale- V 6.5. VMware vsphere 6.5 VMware vcenter 6.5 VMware ESXi 6.

VMware vsphere Administration Training. Course Content

ATA Infotech Ventures Pvt. Ltd.

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

The Latest EMC s announcements

VMware vsphere: Fast Track. System administrators System engineers. Cursusduur: 5 Dagen Cursuscode: VSFT Version: 6.7. Beschrijving: Doelgroep:

What s New in VMware vcloud Director 8.20

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Administering VMware vsphere and vcenter 5

vcloud Director Administrator's Guide vcloud Director 8.10

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January

VMWARE VSPHERE: FAST TRACK V6.7 (EDU-VSFT67)

VMware vsphere: Install, Configure, Manage (vsphere ICM 6.7)

vshield Administration Guide

Cloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

VMware vsphere 4.0 The best platform for building cloud infrastructures

What s New with VMware vcloud Director 8.0

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

vcloud Director Administrator's Guide

VMware vcloud Director 1.5 Evaluation Guide

[VMICMV6.5]: VMware vsphere: Install, Configure, Manage [V6.5]

Detail the learning environment, remote access labs and course timings

Storage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0

Introducing VMware Validated Designs for Software-Defined Data Center

Transform to Your Cloud

Introducing VMware Validated Designs for Software-Defined Data Center

The vsphere 6.0 Advantages Over Hyper- V

Tenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

Introducing VMware Validated Designs for Software-Defined Data Center

PLEXXI HCN FOR VMWARE VSAN

Cisco Designing the Cisco Cloud (CLDDES) Download Full version :

vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5

ITaaS Solution Guide VMware vcloud Director and NetApp Unified Storage

Cross-vCenter NSX Installation Guide. Update 3 Modified on 20 NOV 2017 VMware NSX for vsphere 6.2

VMware vsphere with ESX 6 and vcenter 6

vcloud Director Administrator's Guide vcloud Director 9.0

vshield Quick Start Guide

Solution Brief: VMware vcloud Director and Cisco Nexus 1000V

NSX Administration Guide. Update 3 Modified on 20 NOV 2017 VMware NSX for vsphere 6.2

Cross-vCenter NSX Installation Guide. Update 6 Modified on 16 NOV 2017 VMware NSX for vsphere 6.3

IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture

VMware vcloud Architecture Toolkit Hybrid VMware vcloud Use Case

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

THE EXPONENTIAL DATA CENTER

Architecting Scalable Clouds using VXLAN and Nexus 1000V

Dell EMC. VxBlock Systems for VMware NSX 6.2 Architecture Overview

Cisco Expo 2009 Bratislava. Chief Technology Officer VMware, Inc.

Cisco CloudCenter Solution with VMware

VMware vshield Edge Design Guide

Agenda. Virtualization with the Power of Memory. 08:30 08:40 Begrüssung Einleitung W. Keller

Building a Big IaaS Cloud. David /

AirSembly. vcloud Director Management Platform

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

1V0-602.exam. Number: 1V0-602 Passing Score: 800 Time Limit: 120 min. Vmware 1V VMware Certified Associate 6 Hybrid Cloud Fundamentals

The Future of Virtualization. Jeff Jennings Global Vice President Products & Solutions VMware

New Features in VMware vsphere (ESX 4)

Flexible Computing Advanced User Guide

Data Center and Cloud Automation

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

vcloud Director Administrator's Guide

Cross-vCenter NSX Installation Guide. Update 4 VMware NSX for vsphere 6.4 VMware NSX Data Center for vsphere 6.4

The Future of Virtualization Desktop to the Datacentre. Raghu Raghuram Vice President Product and Solutions VMware

Network Configuration Example

The Software Driven Datacenter

vcloud Air - Virtual Private Cloud OnDemand User's Guide

Vblock Architecture Accelerating Deployment of the Private Cloud

Vmware VCXN610. VMware Certified Implementation Expert (R) Network Virtualization.

Soluzioni integrate con vsphere La virtualizzazione abilita il percorso evolutivo di innovazione dell'it

Introducing VMware Validated Designs for Software-Defined Data Center

Creating a VMware vcloud NFV Platform R E F E R E N C E A R C H I T E C T U R E V E R S I O N 1. 5

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Installing and Configuring vcloud Connector

Huawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers

Distributed Systems. 31. The Cloud: Infrastructure as a Service Paul Krzyzanowski. Rutgers University. Fall 2013

VMware vsphere with ESX 4 and vcenter

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

How Hybrid Cloud Accelerates IT Transformation

Transcription:

VMWARE SOLUTIONS AND THE DATACENTER Fredric Linder

MORE THAN VSPHERE vsphere vcenter Core vcenter Operations Suite vcenter Operations Management Vmware Cloud vcloud Director Chargeback VMware IT Business Management Suite Offering Vmware View VDI / Applications DR / Replication Site Recovery Manager Storage Appliance 2 Copyright 2012 Juniper Networks, Inc. www.juniper.net

INFRASTRUCTURE AS A SERVICE (IAAS) Most commonly adaptable strategy in the Enterprise Building resource pools for consumption CPU Memory Server Virtualization Storage SAN Network QoS, VLAN, Bandwith Requirements: Vmware vsphere vcloud Suite Dedicate resources based on service demands Monitor resource out take to guarantee resources 3 Copyright 2012 Juniper Networks, Inc. www.juniper.net

PLATFORM AS A SERVICE (PAAS) Delivering the foundation to building new SaaS applications. New application platform to build NextGen Applications Distributed application model Metering and subscription based model IaaS aware Requirements: Vmware vsphere vfabric Suite Dedicate resources based on service demands Monitor resource out take to guarantee resources Metering and subscription infrastructure 4 Copyright 2012 Juniper Networks, Inc. www.juniper.net

SOFTWARE AS A SERVICE (SAAS) Delivering SaaS applications. SLA driven Model End user experience Pay per use Vmware vsphere Operations Suite IT Buiness Management Suite Requirements: Dynamic resource allocation based on service demands Continues End-to-End SLA metering Automatic End-to-End adaptation of resources to meet SLA 5 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VMWARE VSPHERE AND VCENTER SERVER Clusters Datastores Portgroups and Resource Pools Provide cloud compute DRS is a requirement for the cluster Shared storage vmotion compatible or EVC enabled Provide cloud storage Abstract away underlying storage type Provide cloud networking Abstract away underlying networking infrastructure vswitch, vnetwork Distributed Switch or Nexus 1000V, IBM 5000v Resource Pools vcenter Server vnetwork Distributed Switch ESXi/ESX hosts iscsi Storage FC Storage NFS Storage 6 Copyright 2012 Juniper Networks, Inc. www.juniper.net

NETWORKING OPTIONS IN VMWARE vswitch Types - vswitch - One or more per host Basic functionality vnetwork Distributed Switch One or more per cluster LACP, BPDU filters, Port Mirroring, SR-IOV Requirement for 3 rd party switches VXLAN support (With vshield and Security Package) 7 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VXLAN - PRINCIPLES Identifier : 24bit segment VNI (up to 16M VXLAN) Only VMs in the same VXLAN (VNI) can communicate together Tunneling L2 over L3 (MAC-over-UDP, UDP port not defined at this time) VM are not aware of VXLAN, only VTEP. Today VXLAN Tunnel End Point (VTEP) would be setup on vswitch, but could be on physical switches, routers or servers (VXLAN gateways) 8 Copyright 2012 Juniper Networks, Inc. www.juniper.net

DRS CLUSTER DESIGN (8-12 HOSTS PER CLUSTER) V M V M 9 Copyright 2012 Juniper Networks, Inc. www.juniper.net

ACTIVE PASSIVE DESIGN V M V M V M V M Storage Replication NFS, iscsi, FCoE 10 Copyright 2012 Juniper Networks, Inc. www.juniper.net NFS, iscsi, FCoE

STETCHED CLUSTER DESIGN V M Affinity Groups V M Affinity Groups V M Storage Replication NFS, iscsi, FCoE 11 Copyright 2012 Juniper Networks, Inc. www.juniper.net NFS, iscsi, FCoE

VMWARE VCLOUD COMPONENTS VMware vsphere and vcenter Servers VMware vcloud Director vshield for VMware Cloud Director 12 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VMWARE VCLOUD DIRECTOR Define Define Create Provide Provide standard infrastructure tiers called Virtual Datacenters Pool virtualized infrastructure resources across multiple vcenter Servers standard collections of VMs called vapps Organizations and manage users UI for users to self provision vapps into Virtual Datacenters secure multi-tenancy using vshield Edge 13 Copyright 2012 Juniper Networks, Inc. www.juniper.net

(Gold) (Silver) (Bronze) VMWARE VCLOUD STACK VMware vcloud Director Organization: Marketing Organization: Finance Users & Policies Organization VDCs Catalogs Users & Policies Organization VDCs Catalogs Provider Virtual Datacenters VMware vcenter Server Resource Pools Datastores Port Groups VMware vsphere Secure Private Cloud 14 Copyright 2012 Juniper Networks, Inc. www.juniper.net

App VM App VM App VM Application Network FW vshield Organisation Network FW vshield External Network 15 Copyright 2012 Juniper Networks, Inc. www.juniper.net

EXTERNAL NETWORK: OVERVIEW Created at the vsphere level as a port group on a vss or vds Port group is mapped to a vcloud Director external network Mapping is on a one to one basis Use cases Internet access Provider supplied network endpoints IP based storage Backup servers Access to physical managed services Backhauled networking to a customer datacenter VPN access to a private cloud MPLS termination 16 Copyright 2012 Juniper Networks, Inc. www.juniper.net

EXTERNAL NETWORKS: IN VSPHERE Dedicate vds for statically mapped networks i.e. Provider vds Avoid vss unless using scripting to duplicate port groups to hosts Use unique VLANs per port group to avoid broadcast overlap Below is an example of VLAN isolated External Networks: 17 Copyright 2012 Juniper Networks, Inc. www.juniper.net

EXTERNAL NETWORKS: IN VMWARE VCLOUD DIRECTOR In VMware vcloud Director, create an external network by mapping it to a portgroup 18 Copyright 2012 Juniper Networks, Inc. www.juniper.net

ORGANIZATION NETWORKS: OVERVIEW Contained within an organization Allows vapps within the organization to communicate with each other or external endpoints Can be connected to external networks as: Public (External Org Direct) Bridged connection to an external network Others outside the organization can see Private Routed (External Org NAT-Routed) Connected to an External Network through a vshield Edge Can be configured for NAT & Firewall or left unconnected to external Private Internal (Internal Org) No External connectivity Backed by Network Pools 19 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VAPP NETWORKS: OVERVIEW Contained within a vapp Inherently Private Internal Allows VMs in a vapp to communicate with each other or by connecting them to Org networks, other vapps Can be connected to Org Networks as Public (Direct) Bridged connection to a organization network Private Routed Connected to a organization network through a vshield Edge Can be configured for NAT & Firewall Backed by a Network Pool 20 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VMware vshield Provides network edge security Provides firewall, NAT, port forwarding, IP masquerading and DHCP functionality (enforces multi-tenancy) Edge appliances deployed and managed by VMware vcloud Director on vsphere. App VM App VM Application Network FW Organisation Network App VM vshield NOTE: Does not include site-to-site VPN and load balancer FW vshield External Network 21 Copyright 2012 Juniper Networks, Inc. www.juniper.net

TYPES OF NETWORK POOLS Portgroup-backed Create isolated portgroups in vsphere manually or with automation Attach a collection of them to VMware vcloud Director VLAN-backed VMware vcloud Director will automatically create portgroups as needed, and use a range of VLANs to isolate them VMware vcloud Director Network Isolation-backed Proprietary network isolation technology Network Pool VLAN Backed Building Blocks vnetwork Distributed Switch + VLAN tags VCDNI vnetwork Distributed Switch + one VLAN for transport Portgroup backed vnetwork Distributed Switch or vswitch portgroups 22 Copyright 2012 Juniper Networks, Inc. www.juniper.net

App VM App VM App VM AppNet (vcd-ni) FW vshield OrgNet (vcd-ni) FW vshield ExternalNet (VLAN) 23 Copyright 2012 Juniper Networks, Inc. www.juniper.net

TRAFFIC FLOW EXAMPLE 24 Copyright 2012 Juniper Networks, Inc. www.juniper.net

TRAFFIC FLOW EXAMPLE 25 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VCLOUD API RESTful Designed for web infrastructure Extensible, Modular Released Spans 100% VIM With in Open form Version 0.9 currently public vcenter Instances Operate across multiple vcenter Servers Virtual API Unchanged OVF standard, unlocks ability to move vapps across clouds (Hybrid cloud use case) 26 Copyright 2012 Juniper Networks, Inc. www.juniper.net

2 LOGICAL APIS FOR VMWARE VCLOUD DIRECTOR 2: vcloud API Standard way to consume vcloud Resources 1: VMware vcloud Director Admin API Automate VCD Management Attach virtual/physical resources Manage organizations, users, etc. RESTful for loose coupling to existing systems 27 Copyright 2012 Juniper Networks, Inc. www.juniper.net

ORCHESTRATION + VMWARE CLOUD DIRECTOR Orchestration Engine User Portal + vcloud API 1. User Workflow Initiation End Users 2. User Resource Interaction Financial Systems vcloud API VMware vcloud IaaS VCD Redwood Portal Portal vcenter Chargeback Approval Systems Asset Systems vsphere API Hosts CMDB. Physical Config VMware vsphere 28 Copyright 2012 Juniper Networks, Inc. www.juniper.net Datastores

JUNIPER SOLUTIONS 29 Copyright 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER SOLUTIONS App VM App VM App VM AppNet (vcd-ni) FW vshield OrgNet (vcd-ni) FW vshield ExternalNet (VLAN) 30 Copyright 2012 Juniper Networks, Inc. www.juniper.net

JUNIPER SOLUTIONS App VM vgw App VM App VM AppNet (vcd-ni) FW vshield OrgNet (vcd-ni) FW vshield ExternalNet (VLAN) 31 Copyright 2012 Juniper Networks, Inc. www.juniper.net FW SRX

JUNIPER SOLUTIONS App VM vgw App VM App VM AppNet (vcd-ni) FW vshield OrgNet (vcd-ni) FW vshield ExternalNet (VLAN) 32 Copyright 2012 Juniper Networks, Inc. www.juniper.net FW vsrx

App VM vgw App VM App VM AppNet (vcd-ni) FW vsrx OrgNet (vcd-ni) FW vsrx ExternalNet (VLAN) 33 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VGW NETWORK VISIBILITY Benefits: Visibility to all VM communications Ability to spot design issues with security policies Single click to more detail on VMs Export flows for analysis See traffic flows Troubleshoot Navigate 34 Copyright 2012 Juniper Networks, Inc. www.juniper.net

35 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VGW INTROSPECTION X-ray VMs and automate compliance enforcement Benefits: Know exactly what s installed in a VM Automatically attach relevant security policy! Define & enforce a gold image (template or VM) 36 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VGW SMART GROUPS Smart Groups allow for the use of attributes to create dynamic system associations. Benefits: Tie vgw product discoveries to Smart Group definitions. Tie vcenter and VM config attributes to Smart Group definitions Attributes are read real time so if a VM changes in vcenter, it s instantly updated in vgw Smart Groups help capability allows administrator to see name, description and values of attributes Priority and precedence level can be defined to Tier Groups easily 37 Copyright 2012 Juniper Networks, Inc. www.juniper.net

VGW AND HOW VGW CAN HELP ORHESTRATE SECURITY VM1 VM2 VM3 ALTOR vgw Orchistration API s vgw VMware vsphere Zone Synchronization Traffic Mirroring to IPS Central Policy Management Firewall Event Syslogs Netflow for Inter-VM Traffic STRM Network Juniper EX Switch Juniper SRX with IDP 38 Copyright 2012 Juniper Networks, Inc. www.juniper.net

DC MANAGEABILITY CHALLENGES WITH SERVER VIRTUALIZATION Physical n/w B Network Admin 1. Blurred roles between the server and network admin. Virtual n/w A P P A 2. No automation/ orchestration to sync-up the 2 networks. VM1 VM2 VM3 VM1 VM2 Server Admin 3. VM Migration can fail. 4. Proprietary products & protocols 39 Copyright 2012 Juniper Networks, Inc. www.juniper.net

SOLUTIONS WITH JUNOS SPACE VIRTUAL CONTROL A Physical n/w Virtual n/w A P A P A A Virtual Control A Network Admin 1. Clear roles and responsibilities 2. Automated orchestration between physical and virtual networks VM1 VM2 VM3 VM1 VM2 Server Admin 3. Scalable solution allows VMs to move freely 4. Open Architecture 40 Copyright 2012 Juniper Networks, Inc. www.juniper.net

NETWORK RELATED ACCESS Server Admin should not have the following access Move network This can be a security concern Configure network Remove network Server Admin should have Assign network To assign a network to a VM 41 Copyright 2012 Juniper Networks, Inc. www.juniper.net

WILL QFABRIC HELP ME ORCHESTRATE One device One hop Non Blocking QFabric Director As Qfabric Director acts a the brain for the fabric you only have to request relevant information to this device in order to guarantee required characteristics from the application Orchestration Engine Less devices to orchestrate Less complex Simpler to deploy applications based on SLA Application 42 Copyright 2012 Juniper Networks, Inc. www.juniper.net

XML API, Junos Scripting Junos Space Openflow Windows Linux PHP Java Rails Node.js Service JUNIPER S OPEN CLOUD ORCHESTRATION MODEL Juniper provides an open interface model for cloud orchestration Cloud Governance and Lifecycle Management Network Abstraction, Orchestration and Automation Network Compute Storage Routing Hyper-V KVM Switching Security Virtual Machines Containers x86 - Platform from Intel 43 Copyright 2012 Juniper Networks, Inc. www.juniper.net

QUESTIONS?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback