Design with All Flash Array Using VMware Validated or ...€¦ · products, Accenture Hybrid Cloud...
Transcript of Design with All Flash Array Using VMware Validated or ...€¦ · products, Accenture Hybrid Cloud...
#vmworld
Using VMware Validated Design with All Flash Array
to Deliver a True Private Cloud Experience
Craig Waters, PurestorageMark Barajas, Accenture
PRV2190BU
#PRV2190BUVMworld 2018 Content: Not for publication or distribution
The business deploys a new application and encounters an unforeseen spike in demand…
Current and Future State
2
Monitoring detectsactivity and triggers service request…
IT initiates applicable governance and processes …
IT deploys server, network, storage,security capacity…
IT optimizes new demand within the existing enterprise…
IT manages new workloads across providers…
IT enforces policy throughout workload lifecycle…
Workloads Confined to on-premises
Workloads move across on-premises, colocation or cloud
Manual checklist driven operations
Automated & policy based operations
Deployment in weeks
Deployment in minutes
Lowutilization
Dynamically optimized
Add-on security & IT Controls
Embedded security,
Compliance & IT Controls
Opaque usage & cost allocation
Transparent usage-based show backs
IT allocates usage-based costs in real-time and transparently.
Manual service model
Automated self-service in minutes
Enterprise-grade security procedures
and standards
Single dashboard for centralized control
Analytics-based, policy-driven
approach
Open, scalable and integrated platform
Enterprise-grademanagement capabilities
Automated portability between clouds ??
VMworld 2018 Content: Not for publication or distribution
Software Defined Infrastructure (SDI) Maturity Model
3
VMworld 2018 Content: Not for publication or distribution
What are Validated Designs?
4
• IT cannot keep up with the pace of business• IT Transformation usually complex, long, lack of ROI accuracy, and costly• SDDC architecture varies in deployment, design, principal guides, operating model, maturity and patterns• Compliant and security are pervasive and could be major undertake, preventing digital enterprise adoption
Description Value Proposition Client DeliverablesVD is a set of architectures and designs that encompasses the entire set of VMware’s Software-Defined Data Center (SDDC) products, Accenture Hybrid Cloud Services, Intel products (and others). These provide standardized architecture designs to help build consistent and certified Hybrid cloud with the same value of public clouds and much more
• Top-down bottom-up SDDC stack with automation, orchestration, ITSM, lifecycle management, blueprints and tools to be deployed in hours not month
• Compliant with Government Rules, Policies and Regulations e.g. PCI, HIPAA, FISMA, SOX, CJIS etc.
• Reduce complexity and accelerate time to value
• Integrating converged systems and tools, which meets the business control and complaint demands
• Architecture that maximize efficiency and reduce TCO
• Delivered by Accenture hybrid Cloud experts
• Fully integrated, validated, end-to-end cloud solution
• Unified virtual and physical infrastructure management
• Adaptable and extensible automation
• Service-oriented orchestration• Integration with datacenter
management• Resource monitoring and
metering• Cohesive user experience
• GRC + Security (FedRAMP, HIPAA, etc.)• Automation Provisioning• Improve Agile Adaptation at IaaS• Automatic Scale-Out / Scale-Up • On Demand Expansion into Public Clouds• Fully Virtualized Data Center – SDDC • Micro-Segmentation Using Distributed Firewall
• VMware vRealize® Suite• VMware vSphere® Suite• VMware NSX, vSAN• ServiceNow**• Intel Security stack
Solution Components
Use Cases
Business Challenges
Solution
VMworld 2018 Content: Not for publication or distribution
VVDCPA Program, Goals, and Benefits
5
To accelerate adoption of SDDC technologies by deploying VVD through the Partner ecosystemG
oal
Ben
efits
• Time To Market• Reduce Resources• Lower Risk
• VMware Ready logo & VCG Listing
• Branding VVD Collateral• Exposure at VMware
events
• SDDC Validated Architecture
• Tech and Op Guidance• Deployment Assistance• Operation guidance
Optimize Prepare Influence1 2 3
Certify partners that align with the approved SDDC Architecture Designs based on the VMwaretechnology
Through a standardized review process, VMware verifies compliance of a partner’s design withVMware Validated Designs (VVDs) and best practices
Upon completion, the Architecture Design becomes eligible to earn the VMware Ready logoVVD
CPA
VMworld 2018 Content: Not for publication or distribution
Architecture Fundamentals
Accenture SDI Validated Design for SDDC
6
Physical Layout
One per Validated Design
Spans a Single Rack
2 Top-of-Rack / Leaf Switches
Compute: 4 Virtual SAN Ready Nodes
Network: vSphere Distributed Switch & NSX
Storage: Any Supported Storage Protocol per HCL
Physical Layout
One per Validated Design
Spans a Single Rack
2 Top-of-Rack / Leaf Switches
Compute: 4 Virtual SAN Ready Nodes
Network: vSphere Distributed Switch & NSX
Storage: Any Supported Storage Protocol per HCL
SDDC Components
NSX Controller Cluster for Compute
NSX Edge Gateways
Physical Layout
Multiple per Validated Design
Spans one or More Racks
2 Top-of-Rack / Leaf Switches per Rack
Compute Capacity to Meet Workload Demands
Network: vSphere Distributed Switch & NSX
Any Supported Storage Protocol per HCL
SDDC Components
Business Workloads
NSX Logical Switches
NSX Distributed Firewall
NSX Edge Gateways for Application Workloads
Physical Layout
Multiple per Validated Design
One or More Storage Arrays per Rack
2 Top-of-Rack / Leaf Switches
Any Supported Storage Protocol per HCL
NFS, iSCSI and/or FC/FCoE
SDDC Components
Storage Arrays with Broad Service Levels
SDDC Components
Management & Compute Platform Services Controllers
Management & Compute vCenter Server Instances
Management & Compute NSX Managers
Management NSX Controller Cluster
vRealize Operations Manager Nodes at Scale
vRealize Log Insight Nodes at Scale
Additional VMware Validated Design Specific Components
MANAGEMENT POD EDGE POD COMPUTE POD STORAGE POD
VMworld 2018 Content: Not for publication or distribution
Hardware
Accenture SDI Validated Design Components
7
• Hardware components procured separately
Build Your Own
• Hardware components integrated and sold in a single chassis, along with software options
Converged Infrastructure Systems
• Hardware pre-integrated with virtualization software for compute, network, storage and management
Hyper-ConvergedInfrastructure
Software-Defined Data Center
VMworld 2018 Content: Not for publication or distribution
Software: SDDC 4.3
Accenture SDI Validated Design Components
8
VMware vRealize Orchestrator 7.4VMware vRealize Automation 7.4
VMwareNSX 6.4.1
VMwarevRealize Operations 6.7
VMwareVirtual SAN 6.6.1 U2
VMwareSite Recovery Manager 6.5.1.1
VMwarevSphere 6.5U2
VMwarevRealize Log Insight 4.6
VMware vRealize Business for Cloud 7.4VMware vRealize Operations Manager 6.7
FOUNDATION
IT AUTOMATION CLOUD
VMworld 2018 Content: Not for publication or distribution
GRC Framework for Validated Design Solutions
9
Compliance• Lowers time-to-value.• Address multiple compliance
mandates.• Creates responsiveness; agility.• Supports competitive advantage.
Risk• Multi-regulation approach. • Purpose-driven architecture design.• Focus on survivability and resiliency.• Allows repeatable outcomes.
Governance• Driven by risk and maturity models.• Focus on sustainability. • Enables internal discussion driven
towards real-world business value.
Hardware• OEM Vendors• Converged Solutions• Hyper Converged Solutions
Reference Architecture• Certified Validated Designs• Partner Reference Architectures
Design• Validated Design SDDC foundation• VMWare Hardening Guide• Policy Driven Gold Standard• Named industry and / or Government regulation or standard• Partner Product Reference Design
X86
TXT / TPM
AES-NI
VXLAN Offload
Operations & Automation
Partners
Security
SolutionG
R
C
Virtualization
Regulation & Standards
Best Practices
Technology Partner Products• Networking• Security
• Operations / Automation• Audit Logging & Reporting
Implementation of the technical, physical, and administrative requirements found in the policy statements.
Controls
Technical, physical, and administrative requirements that must be in place to ensure compliance with the authorities.
Requirements
Verification of appropriately implemented controls to comply with requirements.
Audits
Authorities
Statements of implementation & enforcement of the authority requirements.
Policy
Gold StandardMinimum Baseline
Risk Optimized Compliance Requirements
Adheres to 90%+ of GRC Controls
Accenture SDI Validated Design Delivers• Holistic GRC Solution• Faster Time to Compliance• Increased Reliability• Operating Efficiency
• Differentiates Architecture Designs
• Addresses Customer Objections
• Drives purpose driven outcomes
VMworld 2018 Content: Not for publication or distribution
Accenture SDI Architecture
10
VMworld 2018 Content: Not for publication or distribution
Day 0 – Infrastructure Instantiation Services• SDDC SW Installation• Physical HW Installation
Day 2+ – Application Configuration Services• In VM software configuration management e.g.
install, configure, deploy software packages [Ansible, Puppet]
Day 1 – Infrastructure Client Services • Define Service Catalog Orderable Items• Integration with Monitoring & other tools
Day 2 – Application Consumption Services• Integration with IaC tools [Ansible, Puppet]• Integration with ServiceNow
Services and Operational Maturity
Services and OperationalAgility
Service Catalog and Operational Consumption Benefits Realization Operational Stages Day 0: Instantiation of a fresh clean set of services based on both HW & SW to provide a SDDC / Private Cloud
Day 1: Configure Service Catalog by defining services specification by size, CPU, memory, volumes, IP and operating systems. Log & Runtime monitoring, Capacity & Financial management, and other IT based services are operationalized
Day 2: Integration point between IT and Application teams where Day 1 capabilities are being leveraged primarily thru M2M interactions as Infrastructure as Code. H2M interactions are leveraged thru Service Catalogs capabilities such as ServiceNow as the self service portal and ITSM processes
Day 2+: Utilization and Full integration with Software Configuration Tools to manage E2E SDLC Application and Infrastructure Deployments in a CI\CD capability
Services and Operational StagingServices and Operational capabilities provide a common interface for consumers of IT services to request and manage the resources they need. The operational stages define the building blocks that provide the expanded capabilities that enable the customer-facing, outcome-oriented services.
VMworld 2018 Content: Not for publication or distribution
Hybrid Cloud Logical Architecture
VMworld 2018 Content: Not for publication or distribution
Secu
rity B
roke
rPr
ovisi
onin
g and
Orc
hest
ratio
nCl
oud
Secu
rity S
ervic
e Cat
alog
Governance & Risk ManagementStrategy and Risk Management
Control Implementation Maintenance
Policy, Procedures, Standards and Guidelines
Communication and Awareness
Contract, Service and Legal Agreements
Training and Support
Industry and Regulatory Compliance
Business Continuity
Virtualization Security Hypervisor Security
Platform Integrity
Secure VM Management
Monitoring, Logging and Audit
Foundation SecurityPhysical Security
Firewall and Network Security
System Hardening
System Integrity
Server / End point Security
Intrusion Detection / Prevention System
Malware Treatment
Disaster Recovery
Product Security (Application Security)Secure Development Lifecycle (SDL)
Application Firewalling
Security Testing
Fraud Detection
Digital IdentityUser Provisioning Directory Services Access Mgmt
Identity Integration Role & Compliance Mgmt Identity Intelligence
Data Privacy and ProtectionData Masking
Data Encryption at Rest and in Transit
Data Anonymization
Data Access Controls
Data Loss Prevention
Data Access Audit
Cyber DefenseThreat Management Vulnerability Management Advanced Security Analytics
Security Information and Event Management
Security Incident Management
Operational Monitoring
Active Defence & Response
Hybrid or Private Cloud onlyHybrid or Public Cloud only Hybrid or Public or Private Cloud
Business Partners
Contractors
Employees
Customers/Citizens
Sites
Devices
Networking (SDN)
Digital Identity
Cloud bursting
Data Protection
Failover / Disaster Recovery
H y b r i d C l o u d C o m p u t i n g
Development, Testing and Production
Public Cloud
On-Premises
Off-Premises
On-Premises
Off-Premises
Legacy IT
S a a SP a a SI a a S
Private Cloud
Secure Gateway Monitoring and Analytics
IoT Big Data Analytics
Split – Tier Application
Depl
oym
ent
Opt
ions
Serv
ice
Mod
els
Clou
d Fl
avor
Hybr
id C
loud
Se
curit
y U
se C
ases
LEGEND
Security ConsiderationsSecurity Workstream Reference Architecture Overlay
VMworld 2018 Content: Not for publication or distribution
Technical Security Instantiation - VMware Based Private Cloud Solution
Virtualization security is managed across VMware vCenter and vSphere to provide secure VM and hypervisor management
The following VMware tools will be leveraged to meet security capabilities- VMware App Defender, VMware Compliance Framework,
vRealize Operation, vRealize Network Insight, vRealize Log Insight
Zoning and separation of networks of VMs is performed by NSXusing virtual firewall, security groups, and security policies to lock down security capability
Application security is supported by AppDefender HyTrust leveraged for
- Physical infrastructure [TPM/TXT] safeguarding- …
Native Security Controls Incremental Security ControlsLegend
Security Broker
Cloud Security Service Catalog
Provisioning and Orchestration
Application SecuritySDLC Security
Application Firewalling
Security Testing
Fraud Detection
Digital IdentityUser Provisioning Directory Services Access Mgmt IOT Identity
Identity Integration Role & Compliance Mgmt Identity Intelligence
Foundation SecurityPhysical Security
Firewall and Network Security
System Hardening
System Integrity
Server / End point Security
Intrusion Detection / Prevention System
Malware Treatment
Disaster Recovery
Data Privacy and ProtectionData Masking
Data Encryption
Data Anonymization
Data Access Controls
Data Loss Prevention
Data Access Audit
Cyber DefensesOperational Monitoring Vulnerability Management Advanced Security Analytics
Security Information and Event Management
Security Incident Management
Threat Management
Active Defence & Response
Virtualization Security Hypervisor Security
Platform Integrity
Secure VM Management
Monitoring, Logging and Audit
VMworld 2018 Content: Not for publication or distribution
Accenture SDI SolutionVMworld 2018 Content: Not for publication or distribution
Benefits of SDI Solution leveraging Validated Designs
16
Accelerate Time to Value
Gain Confidencein Your SDDC
System Level Design
Faster deployment of your data center: Get to solving real business problems faster
Build your SDDC using a design validated by experts: Including recommended Day 0, Day 1, Day 2, and ongoing operations.
Comprehensive data center design: Built on VMware product knowledge, but spanning functional domains.
Designed and delivered by Experts
Continuously Validated
Comprehensive Design
• Created by a team of VMware experts, delivered by Accenture in partnership with 3rd party vendors (e.g. Pure Storage)
• Continuously improved based on feedback from real deployments.
• Every new build of any component of the design drops into an automated deployment of the design – to ensure nothing breaks!
• Ensures that a validated design remains valid.
• Each design includes everything needed for a fully functional SDDC covering a set of use cases leveraging preferred hardware (e.g. FlashStack)
• VMware Validated Designs come with their own reference design guides, deployment guides, operations guides…and more.
VMworld 2018 Content: Not for publication or distribution
17
When your business needs a private cloud….Accenture offers true private cloud solutions that deliver similar management efficiencies, automation, APIs, and service catalogs from the Public Cloud.
Application Strategy/Migration
Cloud Operating Model
Tech Stack & Deployment
Cloud Managed Services
Financial Management
Assess application to determine migration type, complexity, effort, costs, application cloud feasibility, and specific migration approach
Bring Operating Model Design structure, support DevSecOps and increased complexity and flexibility that comes with SDDC enablement
Rationalize technology platform from architecture to implementation
Manage and consume Hybrid Cloud [Software defined public and private infrastructure, on/off premises] thru a centralized portal
Economic case for unit cost, demand and variation, financial modeling, governance design, product pricing recovery, and benchmarking to support SDDC program success
Journey to Cloud – Program Management
VMworld 2018 Content: Not for publication or distribution
What we Deliver to Businesses
18
Intelligent Infrastructure and Private CloudLeveraging Intelligent Infrastructure enables optimized utilization converged infrastructure and Return on Investment (ROI) maximized. Over time, more workload can be migrated to Cloud rather than being deployed onto conventional dedicated and static servers.
Increased infrastructure sharing and UtilizationCapital Cost
Automation, Provisioning and OrchestrationAutomation and orchestration is key to ensuring consistency in delivery and the containment of costs. Users can seamlessly provision desired applications ,VMs or any other IT need which offered from the self service portal
Better time to market & Reduction in Operational costs
Speed of Delivery
Intelligent OperationsIntelligent operations suite provides comprehensive visibility across the virtual and physical infrastructure, this also high predictable and intelligent enough to detect the early alerts and heals by itself before it impacting to the business operations
Comprehensive Visibility Highly Predictable & Scalable
Visibility and Scalability
Metering and BillingMetering of services will introduce improved cost transparency to drive new behaviors with regard to usage. This will reduce over-provisioning and free up underutilized computing and storage capacity
IT Usage Analysis, Forecasting & Budgeting
Metering and Billing
Hybrid CloudSeamlessly integrates with Public with Private cloud for extending the Private cloud for provisioning and workload movement
Seamless connectivity between private & public cloud
Cloud Extensibility
Accenture SDI Validated Design Infrastructure Levers
BenefitsBusiness Challenges
VMworld 2018 Content: Not for publication or distribution
19
FlashStack SmartConfig (Greenfields Deployments)Day 0 Infrastructure Deployment Tool• Simplify FlashStack day 0 deployment• Use DHCP to discover all FlashStack components
• Automate the initial configuration of Compute/Network/Storage
• Update component Firmware to the latest version• Automate the deployment of vSphere Hypervisor
onto UCS Blade/Rack Servers
• Validated configuration based on Cisco Validated Design (CVD)
• Incorporates Cisco, Pure Storage and VMware best practices
• Basic/Advanced customizable deployment scenarios
• Error reporting on deployment progress
• Rollback/retry workflows• Import/Export Stack configuration into a machine
readable format (JSON).
VMworld 2018 Content: Not for publication or distribution
Rapid Deployment
Deployment Accelerator Toolkit (Greenfield Deployments)
20
Rapidly deploy a SDDC solution that delivers a foundational ‘out-of-the-box’ cloud platform for delivery of services to the IT user community
Gain skills and knowledge and get assistance with an initial deployment of the foundational platform
Start your IT transformation journey through cost reduction to managing IT by optimizing the provisioning process through a self-service portal
Deliver fast time to value to begin their IT transformation journey
Require a foundational SDDC solution based on proven and tested configurations
Need to provide self-service capabilities to their IT user community.
VMworld 2018 Content: Not for publication or distribution
New IT Architectures – VMware Mapping
21
Operations Analytics
Metering & Billing
Cat
alog
ueC
hann
el
Business Service Management
Business Customer, UserERP SCM PLM R&D Marketing CRM …
Service Management
Resource Brokerage Management
Dev
Ops
Cha
nnel
Security Management
Elements Management
Con
sum
ing
IT
Run
ning
IT
Govern IT
OPS
Strategic
Platform Resource & Runtime (Private & Public)
Intelligent Applications/Data Eco System
Internet of Things
Lightweight & Serverless Eco System
API M
anag
emen
t
VMware vRealize Automation
ServiceNow
vRealize Automation
vRealize Automation
Code Stream
Photon Platform
vRealize Operation
vRealize Log Insight
App Health Analyzer
vRealize Business
VMware vCenter
vRealize Business
VMware vSphere VMware vSAN VMware NSX
VMware NSX VMware SSO
VMware vRealize Orchestrator
VMware SDDC Controller
VMware SRMvSphere Data Protection
vRea
lize
Auto
mat
ion
VVD 4.3 included
VMware VIO
Pure Storage Integration
Pure1VMworld 2018 Content: Not for publication or distribution
Business Strategy –
Application Portfolio Mgm
t.
CI/CD is the next Big Wave to Optimize Resource through Agile and Liquid Methodology and Container based Resources
22
DevOps - Continuous Integration (CI/CD)Service Lifecycle Management
Private and Public Resources
Service Management – Service TransitionBusiness Service Management
Architecture Agile Development Continuous Integration Service Validation Operations
Orchestration and Automation Management
Sprint Planning
Sprint Review
Monitor & Learn
Test
RegressionTesting
UAT
Performance / FIT
Build
Design/Document Daily Scrum
Continuous Builds
Sprint Retrospective
Release
Lightweight Container Eco System
Private Public
Con
tinua
l Se
rvic
e Im
prov
emen
ts
Tool MappingDomains & Functions
Ops DB
<Product Owner>
Scrum Master >
ServiceNow Jira Confluence
VMW vRAService DesignerAnsible Tower
VMW Code Stream
APIsVMW vRARestful API
vRealize Operations
vRealize Log Insight
Content Pack(s)
VMW vRAIntegrations (AWS/Azure/GCP)
Information Architecture
Atlassian JIRA
Git, Git Labs
MavenEA Tools JUnite
Selenium
Cucumber
AWS - Azure - GCPx86 Hyper-/ Convergedx86 Hypervisor
Eclipse
Artifactory
SLACK
SonarQube
Apache JMeter
App Staging Plan
VMW Photon Platform
Ansible Tower
VMW vSphere VMW SRM
Management Pack(s)
VMworld 2018 Content: Not for publication or distribution
Example Solution
23
VMworld 2018 Content: Not for publication or distribution
24
Application Rationalization Targets 40% reduction in applications through decommissioning, consolidation, and move to Software-as-a-Service (SaaS)
Workload Virtualization Packages and moves legacy workloads to the target hosting environment (VPCxor OPCx) through ‘Factory’ model (standard process and automated tools)
Software-defined data center (SDDC)
Raritan EDC
N. VirginiaCo-lo
Beerse EDC
EMEACo-lo
Singapore Co-lo
Virginia
Singapore
Ireland
Sao Paulo
Virtual Private Cloud(VPCx)
On-Premise Cloud (OPCx)
SDDC is an infrastructure service delivery platform built with next-generation technologies. It is designed to operate with higher flexibility and dramatically lower cost due to automation, self-service operations, policy-based management, high asset utilization and reduced complexity from standardization.
Provides complete infrastructure platforms through Amazon Web Services and integrated with J&J processes and policies
Provides ‘on-demand’ infrastructure and platforms, built on the VMware software stack, inside our Enterprise Data centers or Co-location facilities in each region
SDDC ‘.Next’ Program
VMworld 2018 Content: Not for publication or distribution
Engineering – Highlights
• 5 PODs Deployed across AMER, APJ and EMEA
• POD architecture based on Cisco and Pure Storage FlashStack
• Automation based on VMware vCloud suite (vSphere+vRealize), NSX and Hytrust
• R1 capability release included Minimal Viable Product [MVP] such as adding Hot Compute/Storage, Change Resources, Expanding File System etc.
• R2 capability release included integration with various existing systems to deliver qualified (i.e. regulatory bodies) provisioning
• Key partners in delivery included VMware, Pure Storage and Hytrust (for security login management)
• Accenture development Centers are key resources as part of delivery teams
VMworld 2018 Content: Not for publication or distribution
Detailed Architecture
All Infrastructure components are extensible using APIs
Eliminate maintenance and infrastructure component failure events impacting application workloads
Ability to scale compute/storage/network independently without revisiting core architectural values
SDDC Physical Architecture
26
Primary Site
<space>
<space>
<space>
<space><space>
<space>
<space>
<space>
Network
Compute Storage
VMworld 2018 Content: Not for publication or distribution
27
Overall SDDC Global Production Environments
• 3 Global regional deployment: Singapore [ASPAC], Belgium [EMEA], and New Jersey [NA]• Expansions planned in each region in the future• Integration w/ legacy systems for ID / Compliance management, parching systems,
ServiceNOW, and others as needed / required
VMworld 2018 Content: Not for publication or distribution
28
SDDC High Level Logical Architecture
VMworld 2018 Content: Not for publication or distribution
29
SDDC :: Automation and Management Engine• Multi-tiered architecture provides for distributed and scalable components• Multi-interface capabilities providing
• User Interfaces for management of resources • CLI Interface to allow for scripting• REST API Interface for integration w/ other systems• Integration w/ Puppet / Chef / Others
• Entitlement of resource management• Policy driven resource allocation • Automated and / or manual approval process• Service Catalog
VMworld 2018 Content: Not for publication or distribution
30
Additional Virtual Infrastructure Services provided by other 3rd party vendors
SYM VSM 1 HOSTNAME
[X.X.X.X]CERT?
SYM VSM 2 HOSTNAME
[X.X.X.X]CERT?
Appliance Appliance
Active Passive
Software Define Network [SDN] Management Plane Control Plane Edge Services
– Distributed Logical Router– Application Logical Gateway– Load Balancer– Firewall
Micro-segmentation Cross-site deployment / management Multi-site overlay L2 over L3 networks for workload mobility
Symantec’s Virtual Security Management Manage security of critical infrastructure components
– vSphere Suite Login– vCloud Suite Login [limited deployment]– Future Roadmap for continued enhancements
Secure physical compute infrastructure by leveraging Intel’s TXT/TPM technologyPure1 for HW Management Monitoring Reporting (Performance/Capacity Planning) Configuration / Updates Call Home functionality (Telemetry Data) Remote Support
Edge Services
SDDC :: SDN Management and Edge Services Provider(s), Login Security Management, and HW Out of Band Management
443 External
Security – Management
VMworld 2018 Content: Not for publication or distribution
31
vRealize Business for Cloud Financial Management Cost ShowbackvRealize Operations Manager Utilization Data Collect for use in
– System Health Monitoring and Reporting – Capacity Reporting and Management [Light]
Predictive Analytics CapabilitiesvRealize Log Insight Collect SysLog Data Provides Analytics Engine Capabilities Integration with Physical devices
SDDC :: Financial Showback, Operations and SysLog Analytic Engine(s)
VMworld 2018 Content: Not for publication or distribution
Device/End-User/Sensor
Capability and Functionality Domain View
Operations Analytics
Metering & BillingPlatform Resource & Runtime (On-Premise & Public Cloud)
Cata
logu
eCh
anne
l
Service ManagementService Catalogue Service Request & Change Mgmt. Release Mgmt. Service Desk – IM, PM, KM IT Asset Mgmt.
Resource Brokerage ManagementOrchestration & Automation Configuration Mgmt. Policy Engine
Service Designer Software Defined / API(s)
DevO
psCh
anne
l
Security ManagementFoundation Security Application SecurityDigital Identity Data Privacy and Protection Cyber Défense
Availability / Capacity Management
Machine Learning / Analytics
Security, Compliance Management
Technical Operations – Infra. Mgmt.
Elements ManagementConfiguration Mgmt. CMDB Auto. Discovery Inventory Mgmt. Aggregation Service Tree Creation
Continual Service Improvement
Cons
umin
g IT
Runn
ing I
T
Govern IT
Ops
Strategic
Agile Code Dev/Tracking
Open Source Automation
Open Source SW ConfMgmt.
KPI – Cost Allocation – Rate Cards
NETW
ORK
NETW
ORK
STORAGE
Compute
Commodity Data Center & Infrastructure Components PaaSIaaS SaaS BPaaS
End-User Software Defined Resources – Codified Compute, Store; Network
End User Device
Unified Communication
User Application
Workplace Profile
Private Public
Business Service Management Business Service & Process Mgmt. Demand Management Portfolio Mgmt. Business Cont. & SLA Mgmt. Financial Management
Business Customer, UserConsumer Platform Engineering Labs R&D ITSD …
Reso
urce
Opt
imiza
tionLightweight & Serverless Architectures
DevOpsChannel
Source Code Mgmt
CI / CD
Containers
Lifecycle Mgmt. HA, Geographic Redundancy FO, Workload mobility
VMware vRealize Automation
VMware NSX VMware SSO
VMware vRealize Orchestrator
VMware App Defender* VMware Compliance Framework*
ServiceNow
vRealize Business
Code StreamContainers
vRealize Automation
VMware vCenter
VMware vSphere VMware vSAN VMware NSX
VMware SDDC Virtualization
VMware SRM/HCXvSphere Data Protection
vRealize Operation
vRealize Log Insight
VMWare Health Analyzer
vRealize Business
Existing
New/Add
Enhance/Enable
Ansible
Team City
GithubJIRA
Puppet
VMware IDM
vRealize Network Insight
VMworld 2018 Content: Not for publication or distribution
The Release Plan recommends an early, prototype offering of core (“basic”) services to test and improve the service implementation before adding production workloads and a full suite of services
Service Release Plan – Basic vs. Advanced Atomic Cloud Services
Basic
• Virtual Machines (Windows/Linux)
AdvancedBasicAdvanced
Basic Advanced
IaaS PaaS
DBaaS
Compute
• Block Storage
Storage
• Network Enablement• Domain Name Service• Network Load Balancing• Network Monitoring
Network
• Container Registry• Auto-Scaling• Event-Driven
Compute
• File Storage• Object Storage
Storage
• Networking (VPC)• Direct Private Connect• Virtual Private Gateway• Web Load Balancing
Network
• TBD
Containers• TBD
Containers
• Non-Cloud Native RDBMS (e.g. SQL, Oracle)
Databases• Cloud Native RDBMS
(e.g. Amazon RDS)• NoSQL (MongoDB)• Warehouse
Databases
Basic
• Account Management• IAM• Security Reporting• Active Directory• Firewall
Advanced
Add-On Services
Security
• Backup• Monitoring• Archiving• Continuous Integration• Logging
Additional Services
• Certificate Management• Advanced Firewall – Distributed• Key Management (PKI)
Security
• Enterprise Applications• Analytics
Managed Services
• Application Integration• Messaging• ETL
Additional Services
From Operating Model Workstream
VMworld 2018 Content: Not for publication or distribution
PURE STORAGE VVD/SDI BENEFITSKey Solution Capabilities Mapping
AVAILABILITY
99.9999% Uptime
Modular NDU Design
Generational Change without application impact
ActiveCluster- Live Migration- Rack HA- Transparent Failover
vMSC support
RECOVERABILITY
Multi Site ActiveCluster & Async Replication
Portable Snapshots
Snap to FB/NFS/Cloud/Delta
SRM + ActiveCluster
PERFORMANCE
Sub-millisecond Latency
NVMe & NVMe-oF
Application Consolidation
No Tuning Required
Single All-Flash Tier
QoS (Nosy Neighbor, Limits)
MANAGEABILITY
Simplified SaaS like Experience
Open Standards REST API
Scale disaggregated Capacity/Performance independently
Predictive Support and Analytics for Capacity/Performance Planning
Cross Validated Design support
Full vRealize Suite Integration (vRA, vRO, vROps, vRLI)
VVols 2.0/VASA 1.2/SPBM
SECURITY
Data at Rest Encryption
Always On Encryption
External key management with Vormetric DSM
Compliance
34
INDUSTRY-LEADING DATA REDUCTION : INCLUDING DEDUPE, COMPRESS, THIN, SNAPSHOTS 5:1 AVG. DATA REDUCTION, 10:1 AVG. TOTAL EFFICIENCY = TIER1 PERFORMANCE AT A TIER2 PRICE POINT
VMworld 2018 Content: Not for publication or distribution
Thank You!
Questions?VMworld 2018 Content: Not for publication or distribution
PLEASE FILL OUTYOUR SURVEY.Take a survey and enter a drawingfor a VMware company store gift card.
#vmworld #PRV2190BUVMworld 2018 Content: Not for publication or distribution
THANK YOU!
#vmworld #PRV2190BUVMworld 2018 Content: Not for publication or distribution