[FR] OVH Webinar : 10 questions à poser à votre Cloud Service Provider
LHC2401BE OVH: How Far Is Too Far? The Hybrid Cloud Distance … · 2019-06-27 · ©2017 OVH US |...
Transcript of LHC2401BE OVH: How Far Is Too Far? The Hybrid Cloud Distance … · 2019-06-27 · ©2017 OVH US |...
Trey Tyler | Sr. Solution Strategist OVH
LHC2401BE
#VMworld #LHC2401BE
OVH: How Far Is Too Far? The Hybrid Cloud Distance Factor.
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
VMworld disclaimer
This presentation may contain product features that are
currently under development. This overview of new
technology represents no commitment from VMware or OVH
to deliver these features in any generally available product.
Features are subject to change, and must not be included in
contracts, purchase orders, or sales agreements of any kind.
Technical feasibility and market demand will affect final
delivery. Pricing and packaging for any new technologies or
features discussed or presented have not been determined.
3#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
AGENDA
1. Introduction - 5 Minutes
2. Challenges of Owning a Hybrid Cloud – 15 Minutes
3. How OVH Can Help – 30 minutes
4. Q&A
4#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential
WHO IS OVH?
5
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
OVH is a global, hyper-scale cloud provider
that offers our customers maximum performance and value
• Vertical integration (constructing own servers, data centers) and proprietary green water cooling technology allows
OVH to save costs and pass savings to customers
• Named largest hosting & cloud provider in Europe and third largest global hosting provider by Netcrafthttps://www.netcraft.com/internet-data-mining/hosting-analysis/
6
OVH GROUP HIGHLIGHTS
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
7
Over 1.2 Million Business Clients in 138 Countries
Own 11+ Tbps
Network
with
32 PoPs
2016
20 data centers in
5 countries and
4 continents
2017
27 data centers
in 11 countries
2020
50 data centers
Hosting capacity: 1.3
million physical servers
270,000 already deployed
OVH IS A GLOBAL CLOUD LEADER
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential©2017 OVH US | Proprietary & Confidential
–––
+ Dedicated Cloud
+ Virtual Private Cloud
+ Disaster Recovery
+ VMware SDDC
+ Open API
+ Automation Compatibility
+ Scalability
+ Bring you own License
+ Non-Virtual Workloads
+ Proprietary Software
Dedicated Servers
Bare Metal
Customer Support & Services
Global Hyper-Scale Reach
OVH’s Fiber Optic Network (11+ Tbps) + Anti-DDoS + Private LAN
Public Cloud
SOLUTIONS TO SUIT YOUR NEEDS
Hosted Private Cloud
8#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential2017 Proprietary and Confidential
CHALLENGES OF HYBRID CLOUD
9
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
HYBRID CLOUD CHALLENGES
11#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential
HOW OVH CAN HELP
1
2
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
HYBRID CLOUD CHALLENGES
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
13#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
OWN THE BACKBONE
14#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
OWN THE BACKBONE
15#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
OWN THE BACKBONE
16#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential©2017 OVH US | Proprietary & Confidential
–––
Improved VM Migration Security & Performance with WAN Optimization
ESXiWAN
Optimization Appliance
IPsec VPN or Direct Connect
ESXi
vSphere vSphere
WAN Optimization
Appliance
vCloud AirOn-premises
Hybrid Cloud
Gateway
Hybrid Cloud
Gateway
Source VMDK passed thru military-grade
encryption
Data de-duped, compressed, transport streamlined for >40%
improvement
Source VMDK decompressed,
decrypted in vCloud Air
1 2 3
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential©2017 OVH US | Proprietary & Confidential
–––
Cloud Gateway Efficiencies & Benefits
IPsec Tunnels
FOU Tunnel
• Implementing multiple IPsec Tunnels increases throughput• Tunnels can take different paths over the WAN or split
between multiple connections • Traffic failover upon tunnel interruption • Suite-B Encryption
Hybrid Cloud
Gateway
Hybrid Cloud
Gateway
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
IPsec Tunnels
FOU Tunnel
vCPUsvCPUs
HT-L2C: ELEPHANTS AND MICE
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential©2017 OVH US | Proprietary & Confidential
–––
IPsec Tunnels
FOU Tunnel
vCPUsvCPUs
HT-L2C: ELEPHANTS AND MICE
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
2017 Proprietary and Confidential©2017 OVH US | Proprietary & Confidential
–––
HT-L2C: ELEPHANTS AND MICE
IPsec Tunnels
FOU Tunnel
vCPUsvCPUs
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
HCX – ANY-TO-ANY CLOUD
22
22
HCX – Any-to-Any
• Tether legacy vSphere 5.1 to next-gen vSphere 6.5 and above
• Seamless application mobility between different VMW stacks
• Secure L2 Extension w/o need for NSX on site
• Automatic VPN connectivity across sites
• vMotion and replication across disparate VMW stacks
Features
Benefits
• Move to cloud w/o need to upgrade vSphere on-prem
• No need to upgrade networking architecture to extend L2 to cloud
• Transform from legacy stack to next-gen SDDC+NSX without downtime
• Transform with no change in networking, IP or IT policies
• Automatic secure, high performance connection between sites
vSphere 5.1+
VCF orVC + NSX
HCX Hybridity
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
BE INFORMED
23#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
HYBRID CLOUD CHALLENGES
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
24#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential 25
• Pre-Firewall
• OVH Managed Firewall
• Firewall Network
• Customer Configurable per IP address
• Shield
• UDP reflexion/amplification attacks filtering
• Armor
• Profiles based mitigation
• Does the grunt of the work : SYN Authentication, Zombie detection, payload patterns, …
• Only enabled when we detect an attack
VAC
Pre-Firewall Firewall Shield Armor
VAC
Architecture
DDoS MITIGATION
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
VAC
VAC
VAC
VAC
SBG
RBX
GRA
BHS
Reference Article:
https://www.ovh.com/us/news/articles/a2367.the-ddos-that-didnt-break-the-camels-vac
LEVERAGING A GLOBAL NETWORK
26#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
HYBRID CLOUD CHALLENGES
27#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Customer Managed Networks
& vRACK
OVH POP
Open Stack vSphere-as-
a-ServiceDedicated
Server
Roubaix Hillsboro Vint Hill
Customer DC
vSphere-as-
a-Service
CONNECTIVITY SIMPLIFIED
28#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Top of Rack
Host Switches
Hosts / Storage
Q-in-Q
VLAN
Super Spine
Exchanger Q-in-Q
Backbone VXLAN
DC 1 DC 2
VXLANSpine
VRACK ARCHITECTURE
29#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
VRACK SIMPLIFIES CONNECTIVITY
30#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
VRACK SIMPLIFIES CONNECTIVITY
31
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
HYBRID CLOUD CHALLENGES
32#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
• Physical host provisioning within minutes
• New vSphere as-a-service provisioning within hours
• Just a moments time for PCI provisioning
• Automated host replacement
AUTOMATION AT THE CORE
33#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential 34
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
HYBRID CLOUD CHALLENGES
Cloud and Hybrid Cloud Considerations
Latency Initial Setup Technical Experience
Bandwidth Hardware Maintenance Troubleshooting
Security Replacement Hardware Project Timelines
Network Availability Time to Respond to Failure People
Design Production & Shipping Times Travel & Telecommuting
Connectivity Loss of Control
Flexibility Visibility
35#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
vCenter
• vMotion
• svMotion
• Fault Tolerance
• DRS
• HA
• vDS
NSX
• Logical Switches (VXLAN)
• Distributed Logical Router (DLR)
• Edge Services Gateways (ESG)
• Distributed Firewall (DFW)
• SpoofGuard
• Guest Introspection
vROPS
• Operations Platform
• Policy Management
• Performance Monitoring & Analytics
• Capacity Management
• Change, Config, & Compliance
Management
vCenter NSX vROPS
SAME TOOLS, SAME INTERFACE
36#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
ESXi Hosts
10GB NICs
vCenter NSX vROPS
NSX Control Cluster
Internet
OVH Managed Networks
Management Resources Customer Resource Pool
Customer Managed Networks
VirtualSAN
SAME TOOLS, SAME INTERFACE
37#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
Cloud and Hybrid Cloud Considerations
Latency Technical Experience
Bandwidth Initial Setup Troubleshooting
Security Hardware Maintenance Project Timelines
Network Availability Replacement Hardware People
Design Time to Respond to Failure Travel & Telecommuting
Connectivity Production & Shipping Times Loss of Control
Flexibility Visibility
HYBRID CLOUD CHALLENGES
38#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
FULL ACCESS & REMOTE MANAGEMENT
39#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
vScope – Monitoring for Private Cloud, designed by OVH. All useful information on a single page covering physical or virtual resource CPU, RAM or Network metrics. Daily, weekly, monthly, or even annual use metrics available.
VISIBILITY
40#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
RTM (Real Time Monitoring) – All maintenance events or incidents are documented and available publicly for all services.
Weather map
Weather Map - Real time network traffic load of the OVH private network is available through an easy to read graphical interface on the OVH Weather map.
Real Time Monitoring
TRANSPARENCY
41#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
©2017 OVH US | Proprietary & Confidential
CPU
With things like:
• High performance• Security • Transparency • Scalability• Industry Tenure• Self Service• Automation• Green Data Centers and Servers• Cross product connectivity• Affordability
Why wait to come to cloud?
CLOUD DOESN’T MEAN COMPROMISE
42#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
–––
Q&AVMworld 2017 Content: N
ot for publicatio
n or distribution
©2017 OVH US | Proprietary & Confidential
–––HOW TO CONTACT US
44
VMworld Booth Location – D313
@ovh and @vcloudair_ovh
@ovh and @vcloudair.ovh
OVH and vCloud Air powered by OVH
ovh.com
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
©2017 OVH US | Proprietary & Confidential
–––
OVH AT VMWORLD
45
Session ID Session Title Time
LHC3295BES OVH: Why Optimizing Layer 0 matters Wednesday Sept 13th 2:00 p.m. – 3:00 p.m.
LHC2401BE How far is too far? The Hybrid Cloud Distance Factor. Tuesday Sept 12 3:30 p.m. – 4:30 p.m.
LHC3296BES Shields Up! Building a True Security Barrier in the Cloud Tuesday Sept 12th 2:00p.m. – 3:00 p.m
LHC1951BEAutomate Cloud Recovery For When You Are Nuked From
Orbit: It’s the Only Way to Be SureThursday Sept 14th 9:00 a.m. – 10:00 a.m.
LHC1010BES Open your mind: mix Private Cloud, Hybridity and Elasticity all
TogetherTuesday, Sept 12th 5:00 p.m. – 6:00 p.m.
GRC2676BE Building a Paper Trail: How to Secure and Audit a Public CloudWednesday Sept 13th 3:30 p.m. – 4:30 p.m.
#LHC2401BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution