Post on 19-Jun-2018
Kyle Gleed, Group Manager, Technical Marketing
PBO1222BU
#VMworld #PBO1222BU
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
CONFIDENTIAL 2
VMworld 2017 Content: Not fo
r publication or distri
bution
Presenter
Photo
About the PresenterKyle Gleed
Kyle Gleed is a Group Manager in VMware’s Integrated Systems Business Unit where he focuses on enabling customers to succeed in their journey to the Software-Defined Data Center (SDDC) and hybrid-cloud.
Kyle has been with VMware for seven years. He spent the first four years working with vSphere where he focused on ESXi and vCenter Server Appliance adoption. Over the past two years he has specializes in the Software-Defined Data Center where he works closely with the VMware Validated Designs and VMware Cloud Foundation
Group Manager, VMware Technical Marketing
VCP-DCV, VCP-NV
VMware Cloud Foundation
@Kyle_Gleed
kgleed@vmware.com
VMworld 2017 Content: Not fo
r publication or distri
bution
Presenter
Photo
About the PresenterGeorge Elliston
George Elliston works as OmegaFi’s Network Administrator. He keeps his fellow co-workers connected to each other and those they serve in the Greek community and works tirelessly to protect sensitive corporate and customer data.
OmegaFi is constantly innovating and developing ways to better serve their customers and provide their employees with efficient and streamlined work processes to maximize production. With that being said, George is researching, learning and implementing new technologies to improve security and advance OmegaFi’s position in the FinTech world.
Network Administrator
OmegaFi@OmegaFi
gelliston@omegafi.com
VMworld 2017 Content: Not fo
r publication or distri
bution
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
5
VMworld 2017 Content: Not fo
r publication or distri
bution
Agenda
• VMware Cloud Foundation Overview
• Cloud Foundation Architecture Overview
• Deploying Cloud Foundation
• Workload Domain Overview
• Deployment Considerations
6
VMware Cloud Foundation Technical Deep Dive
vRealize Suite
Horizon
Private cloud
Extend to virtualdesktops
Cloud managementplatform
Software-definedinfrastructure
Public cloud
VMware Cloud Foundation
SDDC Manager
vSAN NSXvSphere
VMworld 2017 Content: Not fo
r publication or distri
bution
Faster and Simpler Path to the SDDC is Now Available…
Do-It-Yourself Integrated, automated, easy to use
Past Present
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud FoundationSimple, agile, and secure cloud infrastructure
• Integrated cloud infrastructure platform
• Dynamic software-defined infrastructure
• Virtualization management
• Simplest to deploy and operate
• Standardized architecture based on VVD
• Lifecycle automation of the complete stack
• Comprehensive security
• Enables path to hybrid cloud
• Deploy on premises
• Consume as a service in the public
• Future proof, ready for VMs and containers
Compute Storage Network
Virtualization Management
VMware Cloud Foundation
Lifecycle Automation
Public CloudPrivate Cloud
VMworld 2017 Content: Not fo
r publication or distri
bution
Cloud Foundation Redefines the Enterprise Path to the Hybrid Cloud
Traditional
Piece parts
Complex planning and architecture
High management overhead
Incompatible public and private clouds
Integrated
Standardized and repeatable
Automated and simplified operations
Common platform across clouds
VMworld 2017 Content: Not fo
r publication or distri
bution
Cloud Foundation simplifies through standardization and automation
Standardized Architecture Simple to Operate
Automated deployment of a
standardized VMware Validated
Design
Unique lifecycle management that
automates day 0 to 2 operations
Integrated Stack
Engineered integration of entire
software defined stack
Network
Storage
Compute
Management
Cloud Foundation
VMworld 2017 Content: Not fo
r publication or distri
bution
Cloud Foundation Architecture Overview
12
VMworld 2017 Content: Not fo
r publication or distri
bution
Cloud Foundation Software Building Blocks
13
VMware Cloud Foundation
vSphere• ESXi
• PSC / vCenter
• HA/DRS
• vMotion
vSAN• Hyper-converged object
storage
• All flash and hybrid
• Dedup & compression
• Data protection &
replication
NSX• Distributed Firewall / M-Seg• Logical Switching / App virtual
networks• Distributed switching/routing• Edge Service Gateways (DHCP,
Load balancing, NAT, Firewall)
Compute Storage Network
+ + +Automation
SDDC Manager• Automated deployment
and bring-up• Set/enforce capacity,
availability, performance and security policies
• Lifecycle management (patch and upgrade)
VMworld 2017 Content: Not fo
r publication or distri
bution
vSANNSX
ESX vCenter
SDDC ManagerConfiguration
Patching and Upgrades
Deployment
Policy BasedProvisioning
Automated day 0 to day 2 operations of the entire cloud infrastructure
Simple to Operate with Lifecycle Automation
VMworld 2017 Content: Not fo
r publication or distri
bution
Architecture Overview
• Modern cloud architecture
• Prescriptive design
• Fully automated deployment
• Covers:
– Compute (vSphere)
– Storage (vSAN)
– Network (NSX)
• Integration with:
– vRealize Suite
– Horizon
15
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
Software Components
• Core components:
– SDDC Manager
– vSphere (PSC / vCenter / ESXi)
– vSAN
– NSX
– vRealize Log Insight
• Optional components:
– vRealize Suite
– Horizon Suite
16
VMware Cloud Foundation Architecture Deep Dive
App Volumes
Horizon View
vRealize Automation
vRealize Business
vRealize Operations
vRealize Log Insight
VMware NSX VMware vSANVMware vSphere
Utility HMSController
SDDC ManagerVMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud Foundation 2.2
Component Version Deployment Patching/Upgrades When Deployed
ESXi 6.5 U1 Automated Automated Bring-up
PSC 6.5 U1 Automated Automated Bring-up
vCenter 6.5 U1 Automated Automated Bring-up / WLD Creation
vSAN 6.6.1 Automated Automated Bring-up / WLD Creation
NSX 6.3.3 Automated Automated Bring-up / WLD Creation
SDDC Mgr 2.2 Automated Automated Bring-up
Log Insight 4.3.0 Automated Manual Bring-up
Horizon 7.2 Automated Manual VDI WLD Creation
17
Software BOM and Lifecycle Automation Capabilities
Optional
vR Ops 6.6.1 Manual Manual Manual
vRA 7.3 Manual Manual Manual
Others (vRNI, vRB, etc.) Manual Manual Manual
Included in the Cloud Foundation software
bundle
Download and deploy separately
VMworld 2017 Content: Not fo
r publication or distri
bution
Cloud Foundation Compatibility Guide
Expanding Hardware Support
• See VMware Compatibility Guide (VCG) for details
– vmware.com/go/cloudfoundation-vcg
• Readily identify hardware compatibility by VCF Version
– ReadyNode Vendors
– Management Switches
– Top-of-Rack (ToR) Switches
– Inter-Rack Switches
18
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
NSX Controller
NSX Controller
vSphere Design Overview
20
• Highlights:
– vCenters and NSX Managers run in the Management WLD
– All vCenters run in enhanced linked mode
– Max of 15 Workload Domains
– Centralized monitoring and log aggregation
VMware Cloud Foundation Architecture Deep Dive
vRealizeOperations
vRealize Log Insight
PSCvCenterServer
Management Workload Domain
vCenter Server
NSX Manager
vCenter Server
NSX Manager
PSC
vSphere vSAN
Workload Domain 1
NSX
vSphere vSAN
Workload Domain x
NSX
NSX Manager
NSX Controller
Redundant SSO instances
Centralized log aggregation
and monitoring
Dedicated vCenter Server,
NSX Manager & ControllersVMworld 2017 Content: Not fo
r publication or distri
bution
vSAN ReadyNode
22
VMware Cloud Foundation Architecture Deep Dive
Ready-Node Requirements• Dual-socket, 8 cores per socket (no maximum core count)
• Minimum 256 GB memory, maximum 1.5 TB
• Two 10 GbE NICs and 1 GbE BMC NIC
• Minimum of four 1U servers / maximum of 32 1U servers
2+ HDD
Hybrid Node
Disk Group 1
1 Flash
Disk Group 2
2+ HDD
All-Flash Node
Disk Group 1
1 Flash
Disk Group 2
Storage Requirements• 4TB capacity tier (minimum)
• Up to 8 disks per controller
• Min of 3 physical disks recommended for high
performance
Follow vSAN guidelines for cache tier sizing as described in the vSAN
Design and Sizing Guide.
VMworld 2017 Content: Not fo
r publication or distri
bution
External Storage
• NFS based storage can be used with Cloud Foundation
• Primarily used for:
– Data protection (File/Image backups)
– Data at rest (templates, backups, archives)
• Use vSphere web client to mount storage inside workload domains
23
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
Physical Network
• Cloud Foundation implements a highly scalable network backplane
– Fully automated – all switches configured and managed by SDDC Manager
– Easy scales as number of racks increases
• Each rack contains
– Redundant Top-of-Rack Switches
– Management Switch
• Redundant inter-rack switches added in multi-rack configurations for rack interconnect
• ToRs in 1st rack act as on/off-ramp to data center network
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
Logical Network
• vSphere Distributed Switch configured for each workload domain
– Separate VDS for each workload domain
• Switch and port group definitions fully automated by SDDC manager
26
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
NSX Configuration
• Separate NSX instance for each Workload Domain
• NSX Manager runs in the management workload domain
• NSX Controllers run in the workload domain
• Full set of NSX capabilities
VMware Cloud Foundation Architecture Deep Dive
v C en t er NSX Manager
vSAN
NSX Manager
runs in
Management
WLD
NSX Controllers
run in VI / VDI
WLDFull set of NSX
capabilities
available
VMworld 2017 Content: Not fo
r publication or distri
bution
Workload Domains
• Dedicated vSphere Cluster
– Separate capacity, availability, performance and security policies
• Automated provisioning through SDDC Manager
– vSphere, vSAN, NSX, SDDC manager, Log Insight
• Three types:
– Management Workload Domain
– Virtual Infrastructure (VI) Workload Domain
– Virtual Desktop Infrastructure (VDI) Workload Domain
• Ability to create, expand, and delete
• Up to 10 workload domains run in parallel
– vCenter Servers run in Enhanced Linked Mode
29
VMware Cloud Foundation Architecture Deep Dive
Virtual
Infrastructure
Workload
Domain
Virtual
Desktop
Workload
DomainManagement
Workload
Domain
SDDC Manager
Virtual
Infrastructure
Workload
Domain
Virtual
Infrastructure
Workload
Domain
Virtual
Infrastructure
Workload
Domain
VMworld 2017 Content: Not fo
r publication or distri
bution
Management Workload Domain
• Created during bring-up
• One per VCF instance
• Runs infrastructure components
• Workload domain vCenter server and NSX manager instances run in the Management Domain
30
VMware Cloud Foundation Architecture Deep Dive
vCenter
NSX Manager
App-Volumes
ViewConnect
ViewCompose
SQL AD
vCenter NSX Manager
vCenter
NSX Manager
VMworld 2017 Content: Not fo
r publication or distri
bution
Virtual Infrastructure Workload Domain
• Dedicated vSphere Cluster (min of 3 hosts)
– Separate vCenter Server
– Shared SSO Domain with Management WLD
– Size calculated based on user inputs
– Can be expanded later
• vSAN
– Support for Hybrid and All-Flash
– 8 disks per controller / 5 disk groups per host
– One vSAN datastore per workload domain
• VMware NSX
– NSX Manager deployed in the Management Workload Domain
– NSX controller cluster deployed in VI / VDI Workload Domain
31
VMware Cloud Foundation Architecture Deep Dive
vCenter NSX Manager
vSAN
VMworld 2017 Content: Not fo
r publication or distri
bution
Virtual Desktop InfrastructureWorkload Domain
• All VI Workload Domain Components
• Plus VMware Horizon:
– Horizon Composer
– Redundant Horizon Connection Servers
– Redundant Horizon Security Servers
– Optional components:
• Active Directory Server
• AppVolumes
32
VMware Cloud Foundation Architecture Deep DiveApp-
VolumesView
Connect
App-Volumes
ViewConnect
ViewCompose
SQL AD
v C en ter NSX Manager
vSAN
VMworld 2017 Content: Not fo
r publication or distri
bution
Automated Patch and Upgrade
• Components: vSphere, vSAN, NSX and SDDC Manager
• Product updates first validated by VMware and distributed as update bundles
• Updates automatically picked-up by SDDC Manager
• Upon notification of available update:
– Download
– Review
– Schedule
• Workload Domains updated independently
33
VMware Cloud Foundation Architecture Deep Dive
SDDC Manager
depot.vmware.com
or internal proxy
Download update
Schedule update
Mgmt
WLD
VI
WLD
VDI
WLD
Monitor / Track update
status and history
VMworld 2017 Content: Not fo
r publication or distri
bution
Deployment Types
• VCF Consolidated Architecture
– Compute workloads co-reside in management workload domain
– Shared vSphere cluster with resource pools
• VCF Standard Architecture
– Management workload domain dedicated to infrastructure
– Compute workloads run on separate vSphere clusters
• Easy to start with consolidated architecture and evolve to standard architecture
35
What’s New VMware Cloud Foundation 2.2
SmallMedium
Large
Consolidated
Design
Standard
Design
Today
Tomorrow
Start with what you need, easily scale as you growVMworld 2017 Content: Not fo
r publication or distri
bution
Consolidated Architecture
Infrastructure and Workload VMs run together on the Management Workload
Domain inside separate resource pools.
PSCPSC
vCenterNSX
ManagerSDDC MGR
Controller
SDDC MGR
Utility NSX CtrlNSX CtrlNSX Ctrl
NSX CtrlNSX CtrlvRealize
Log Insight NSX CtrlNSX CtrlvRealize
Operations NSX CtrlNSX CtrlvRealize
Automation
Optional
InfrastructureVMs
vSphere Cluster +
vSANESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
Management Resource Pool
VMVMVMVMVMVM
Workload Resource Pool
VMVMVMVMVMVM Workload
VMs
Management Workload Domain
VMVMVM
Consolidated Architecture
• Targets small deployments
– Minimum of 4 nodes, maximum of 32-nodes
• Infrastructure and workload VMs run together on management workload domain
• Resource Pools to segregate and isolate workload types
• Evolve to standard deployment in two easy steps
– Create VI workload domain
– vMotion VMs out of management workload domain
– Non-disruptive
VMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
Standard Architecture
• Targets medium to large deployments
– Minimum of 8-nodes, max of 256-nodes
• Management workload domain dedicated to infrastructure
• Dedicated vSphere clusters for VI and/or VDI workload domains
• Up to 10 workload domains
– vCenter Server instances run in linked-mode
VMware Cloud Foundation Architecture Deep Dive
vCenter
NSX
Manager
PSCPSC
vCenterNSX
ManagerSDDC MGR
Controller
SDDC MGR
Utility NSX CtrlNSX CtrlNSX Ctrl
NSX CtrlNSX CtrlvRealize
Log InsightvCenter
NSX
Manager
NSX CtrlNSX CtrlvRealize
Operations NSX CtrlNSX CtrlvRealize
Automation
Optional
Standard ArchitectureInfrastructure runs on a dedicated Management Workload Domain. Workload
VMs run in dedicated VI and/or VDI workload domains.
View Compose
View
Connect
SQL /
AD
App
Volumes
InfrastructureVMs
vSphere Cluster +
vSAN
vSphere Cluster +
vSAN
WorkloadVMs
VDI Workload Domain
VMVMVMVMVMVM
NSX CtrlNSX CtrlNSX Ctrl
VMVMVMVMVMVM
vSphere Cluster +
vSANESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
VMVMVMVMVMVM
VI Workload Domain
NSX CtrlNSX CtrlNSX Ctrl
VMVMVMVMVMVM
WorkloadVMs
ESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
ESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
Management Workload Domain
VMworld 2017 Content: Not fo
r publication or distri
bution
vCenter
NSX
Manager
PSCPSC
vCenterNSX
ManagerSDDC MGR
Controller
SDDC MGR
Utility NSX CtrlNSX CtrlNSX Ctrl
NSX CtrlNSX CtrlvRealize
Log InsightvCenter
NSX
Manager
NSX CtrlNSX CtrlvRealize
Operations NSX CtrlNSX CtrlvRealize
Automation
Optional
Consolidated Architecture Standard ArchitectureInfrastructure and Workload VMs run together on the Management Workload
Domain inside separate resource pools.
Infrastructure runs on a dedicated Management Workload Domain. Workload
VMs run in dedicated VI and/or VDI workload domains.
View Compose
View
Connect
SQL /
AD
App
Volumes
InfrastructureVMs
vSphere Cluster +
vSAN
vSphere Cluster +
vSAN
WorkloadVMs
VDI Workload Domain
VMVMVMVMVMVM
NSX CtrlNSX CtrlNSX Ctrl
VMVMVMVMVMVM
vSphere Cluster +
vSANESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
VMVMVMVMVMVM
VI Workload Domain
NSX CtrlNSX CtrlNSX Ctrl
VMVMVMVMVMVM
WorkloadVMs
ESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
ESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
Management Workload Domain
PSCPSC
vCenterNSX
ManagerSDDC MGR
Controller
SDDC MGR
Utility NSX CtrlNSX CtrlNSX Ctrl
NSX CtrlNSX CtrlvRealize
Log Insight NSX CtrlNSX CtrlvRealize
Operations NSX CtrlNSX CtrlvRealize
Automation
Optional
InfrastructureVMs
vSphere Cluster +
vSANESXi01 ESXi02 ESXi32
NSX vSwitch
…
vSAN
Management Resource Pool
VMVMVMVMVMVM
Workload Resource Pool
VMVMVMVMVMVM
WorkloadVMs
Management Workload Domain
VMVMVM
Summary of Deployment ArchitecturesVMware Cloud Foundation Architecture Deep Dive
VMworld 2017 Content: Not fo
r publication or distri
bution
Implementing a Private CloudVMware Cloud Foundation
Makes private cloud easy
Cloud Foundation
Private cloud in three easy steps:
Step 2: Image Hardware
Step 3: “Bring Up”
Step 1: Deploy imaging appliance (VIA)
VMworld 2017 Content: Not fo
r publication or distri
bution
Step 1: Deploy VIA (done by OEM Partner or Customer)
VIA Imaging Appliance
Physical Rack
Jump Host: VIA running in VMware Workstation
Connect2
VIA OVA
Software Bundle
MD5SUM
Download1
Deploy3
Mount, Upload and Activate Bundle4
VMworld 2017 Content: Not fo
r publication or distri
bution
VIA Deployment Demohttps://youtu.be/1C3qaIpW9ac?list=PL9MeVsU0uG64tNuFHhX-Iq82gn0fEnQ-A
42
VMworld 2017 Content: Not fo
r publication or distri
bution
Step 2: Imaging Hardware (done by OEM Partner or Customer)
Imaging the Physical Rack
Physical Rack
Jump Host: VIA running in VMware Workstation
Environment Inputs & Build Inventory1
Configure Switches (VLANs, Subnets, Ports)2
Configure Hosts (deploy ESXi)3
Stage SDDC SoftwareBundle4
Deploy SDDC Manager and related components5
Software Bundle
Cntrlr Utility
SDDC MGR
Node 0
VMworld 2017 Content: Not fo
r publication or distri
bution
VCF Rack Imaging Demohttps://youtu.be/gRYS9cuAbEU?list=PL9MeVsU0uG64tNuFHhX-Iq82gn0fEnQ-A
44
VMworld 2017 Content: Not fo
r publication or distri
bution
Step 3: Bring-Up
Physical Rack
Initial Rack Setup / Config (Time Sync, POSV)1
Internal Network Configuration(Hosts, ToRs, Mgmt, vSAN, VXLAN)2
Create Management Domain(Deploy SDDC Platform)4
Software Bundle
Ctrlr Utility
SDDC MGR
Node 0
Uplink Network Configuration(ToRs to Data Center)3
vCenterPSC1 PSC2 Log Insight
Management DomainMANAGEMENT
VMOTION
VSAN
VXLAN
SDDC Ready5
NSX Mgr
NSX CtlNSX CtlNSX CtlSDDC Cntrlr
SDDC Utility
VMworld 2017 Content: Not fo
r publication or distri
bution
VCF Bring-Up Demohttps://youtu.be/cFx4UQ5Ny50?list=PL9MeVsU0uG64tNuFHhX-Iq82gn0fEnQ-A
46
VMworld 2017 Content: Not fo
r publication or distri
bution
47
IT / Business Objectives
Benefits
Scales and Grows with M&A Activity with
Next-Gen Automated Cloud Platform
Key Use Cases
• Efficiently integrate IT environments of acquired companies
• Minimize complexity for “one man” IT staff
• Direct cost-to-scale that aligns with continuous M&A activity
• Business-critical apps: payment processing, Exchange, SQL, virtual
desktops
• Soft multi-tenancy for acquired companies via workload domains
• Security and compliance through micro-segmentation
• Ability to scale to complete SDDC with just one network admin
• Faster time to market – three days to deploy the entire stack
• 2.5x higher productivity during lifecycle management
• 40% lower TCO compared to legacy three-tier environment
“I love it - SDDC Manager
makes your life so much
easier!”
George Elliston,
Network Administrator
Dell PowerEdge R630
All-Flash
1 site, 1 Rack, 119 VMs
Customer Story
Financial Services
Platform Config
VMworld 2017 Content: Not fo
r publication or distri
bution
Broad ecosystem of compatible solutions
Private Cloud Public Cloud
VMware Cloud Foundation
Private cloud Public cloud
NEW! NEW!VMworld 2017 Content: Not fo
r publication or distri
bution
Resources
49
VMware Cloud Foundation Architecture Deep Dive
Resource URL
Product Page vmware.com/go/cloudfoundation
Documentation vmware.com/go/cloudfoundation-docs
Poster vmware.com/go/cloudfoundation-poster
Blog blogs.vmware.com/cloud-foundation
Community vmware.com/go/cloudfoundation-community
FAQ vmware.com/go/cloudfoundation-faq
Twitter @VMWvCFVMworld 2017 Content: N
ot for publicatio
n or distribution