MEXICO CITY WWPS Summit...Hybrid cloud with VMware and AWS Jorge Hernandez Solutions Architect AWS...
Transcript of MEXICO CITY WWPS Summit...Hybrid cloud with VMware and AWS Jorge Hernandez Solutions Architect AWS...
© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Hybrid cloud with VMware and AWS
Jorge HernandezSolutions ArchitectAWS
S P O T 2 0 1
What we expect
Hybrid cloudvision
What we getHybrid cloud
vision
Networking and host management
Monitoring and logging
Unified security
Consistent provisioninginterfaces
Building a hybrid cloud is hard
Journey to the hybrid cloud...
Hybrid architecture goals
Operational consistency
Existing skill sets and tools
Simple to control, manage,
secure
Enterprise-class app SLA
Build once, deploy anywhere
VMware and AWS working together to deliver a seamlessly integrated hybrid cloud
• Leading compute, storage, and network virtualization capabilities
• Support for a broad range of workloads • De facto standard for the enterprise DC
• Flexible consumption economics• Broadest set of cloud services• Global scale and reach
Jointly engineered solution delivers the best of VMware and AWS for customers
Amazon EC2 Amazon S3 Amazon RDS
Amazon Redshift AWS DirectConnect
DynamoDB
VMware Cloud on AWS architecture
Data Center Extension
Footprint expansion/ on-demand capacity
Test/dev
Virtual desktops and published apps
Disaster Recovery
New DR
Replace existing DR
Complement existing DR
Cloud Migrations
Application specific
Data center wide
Infrastructure refresh
Next-Generation Apps
Application modernization
New application build-out
Hybrid applications
Aligning intended use to long-term cloud strategy
ExpandMaintain Primary Secondary Consolidate Secondary
Fastest path to hybrid cloudOn-demand scaling with no changes to your apps
Cost-effective DR solution Modernize existing and create new cloud-born apps
Customer-driven use cases for VMware Cloud on AWS
HIPAA BAA CSA STARSelf-assessment
GDPR compliance
Payment Card Industry Data Security Standard
Federal Risk andAuthorization
Management Program
ISO 27001, 27017, 20718 SOC 1, SOC 2, SOC 3
Compliance certifications, attestations, and assessments
Key industry certifications
VMware Cloud on AWS expanding global reach
AvailableUS West – Oregon
US East – N. Virginia
Europe – London
Europe – Frankfurt
Asia Pacific – Sydney
Asia Pacific – Tokyo
Gov Cloud US West
US West – N. California
US East – Ohio
Europe – Ireland
Asia Pacific – Singapore
Canada – Central
Europe – Paris
South America – Sao Paulo
Asia Pacific – Seoul
Asia Pacific – Mumbai
EC2 Bare MetalRun bare metal workloads on EC2
with all the elasticity, security, scale, and services of AWS
i3.metalIntel Xeon E5 2686 v4 (Broadwell)36 hyperthreaded cores15.2-TB SSD-based NVMe storage512-GiB RAM
Designed for workloads that are not virtualized, do not require specific types of hypervisors, or have licensing models that restrict virtualization
Powers the VMware Cloud on AWS
Amazon EC2 Bare Metal Instances
VMware vSAN utilizing Amazon Elastic Block Store with VMware Cloud on AWS running on new Amazon EC2 elastic, bare-metal instance
Augment existing SDDCs for storage-dense workloads to cost-effectively scale storage
• VMware Cloud on AWS new Amazon EC2 R5.metal instance type with flexible storage
• VMware vSAN delivers enterprise class storage utilizing Amazon Elastic Block Storage (EBS) storage
• Storage per host range from 15 to 35 TB in increments of 5 TB
• User chooses amount of storage desired and used on all hosts within the cluster
Amazon EC2 R5.metal: R5.metal instances are based on 2.5 GHz Intel Platinum 8000 series (Skylake-SP) processors. Each host has 2 sockets, 48 cores, 96 hyper-threads, 768 GiB RAM, and 25 Gbps network bandwidth.
vSphere vSAN NSX
VMware Cloud on AWSPowered by VMware Cloud Foundation
Amazon EC2 R5.metal
Amazon EBS Amazon EBS Amazon EBS Amazon EBS Amazon EBS
Software Defined Data Center
ESXi
NSX
vSphere
vSAN
AWS Bare Metal Instances
Cluster 1 Cluster 2 Cluster 3
Software Defined Data Center
T0
MGW
vCenter Server Appliance
NSX Controllers
Network A
Network B
Network C
CGW
VM VMVM
VM VMVM
VM VMVM
DX
AWS Direct Connect
VPC
Elastic NetworkInterface
NSX/HCXL2 VPN
IPSECL3 VPN
VMware Cloud SDDC account
Is owned, operated, and paid directly by the customer
Private connectivity to VMware Cloud SDDC
Full access to the native AWS services
A new AWS account to run SDDC resources
Is owned, operated, and paid directly by VMware
Single tenant for all SDDC resources
AWS customer owned account
VMware Cloud on AWS account structure
SubnetSubnet
AWS account connectivity
VMware Cloud on AWS SDDC account Customer owned AWS account
Network A
Route table
Host-1
Host-2
Host-3
Host-4
Edge
Amazon VPC Amazon VPC
X
VM
VM
VM
VM
Subnet
Stretch cluster networking
Amazon VPC
Availability Zone
Availability Zone
VMware Cloud on AWS SDDC account
Network A
VM
VMEdge
X
VM
VMEdge
Subnet
Customer owned AWS account
Amazon VPC
Availability Zone
Availability Zone
Stretch cluster storageAmazon VPC
VMware Cloud on AWS
VMRead traffic serviced by AZ in which VM resides
Synchronous replication commits writes to both AZs
Witness traffic dependent on number of objects
Witness
Availability Zone
Availability Zone
Availability Zone
VMware Cloud on AWS SDDC
T0
CGW
Network A
APP DB
On premise
HCX
HCX
APP DB
Customer AWS account
AWS Glue
VPC Amazon Redshift
Amazon S3 Bucket
ENI
L3 VPN
L2 VPN
VGW VPCEndpoint
VPCEndpoint
Migration
VMware Cloud on AWS SDDC
T0
CGW
Network A
APP
On premise
HCX
HCX
APP DB
Customer AWS account
Amazon RDS
VPC
ENI
L3 VPN
L2 VPN
VGW VPCEndpoint
Database pattern
VMware Cloud on AWS SDDC
T0 CGW Network B
VM VM
On premise
VM VM
Customer AWS account
CloudWatch Logs
VPC
Lambda
ENIDX
AWS Direct Connect
VGW
Network A
VPCEndpoint
Supplemental capacity
VM VM VM
VMware Cloud on AWS SDDC
T0 CGW Network B
VM VM
On-Prem
VM VM
Customer AWS Account
VPC
ENIDX
AWS Direct Connect
VGW
Network A
VDI pattern
VM VM VM
Athena Amazon S3 Bucket
Amazon EC2
On premise
DB App
Customer AWS account
VPC
ENI
DX
AWS Direct Connect
VGW
Network B
Augmentation
IGWALB
T0CGWNetwork A
AppDB
VMware Cloud on AWS SDDC
Route 53
Amazon EC2
ElastiCache
Customers
Mainframe
3P
AmazonRDS
AWS WAF
CloudFront
AmazonRedshift
Amazon EFS
Multiple VPCsCustomer AWS account
VPC
ENI
VPC
VPC
Directory Service
AWS Transit Gateway
CloudWatch LogsVPCEndpointENI
ENI
ENI
VMware Cloud on AWS SDDC
T0CGWNetwork B
VM VMVM
L3 VPNOn premise
DB App
Network A
MainframeL3 VPN
L3 VPN
Customer constraints require apps to stay on premises
Low Latency Applications
Local Data Processing Applications
Latency-sensitive workloads need to run on premises
Limited bandwidth back to the AWS Cloud
Large data volumes captured locally, but transmission to the cloud is
wasteful or expensive
Same AWS infrastructure and services on premises
AWS-designed, AWS Nitro System forthe same security and performance
Automatically managed and updatedas part of AWS Regions
Single point of service and support
AWS Outposts • Same infrastructure
• Same programming interface
• Same monitoring and operations
• Use existing skillset
Available in two options:
• Native AWS
• VMware Cloud on AWS
• Fully managed VMware SDDC running on AWS bare metal on premise
• Eliminate customer burden of managing infrastructure lifecycle
• Enterprise-class VMware compute, storage, and networking (HA, DRS, stretch clusters, etc.)
• Consistent infrastructure and operations with other VMware environments
• Seamless workload mobility with no re-platforming
• Cloud-like consumption model for hyper-scale architecture
Customer Data Center
VMs Containers
AWS Bare Metal On Premises
Intrinsic Security & Lifecycle Automation
Powered byVMware Cloud Foundation
Works with AWS Services
Network Compute Storage
Automation & Operations
VMware Cloud on AWS OutpostsVMware SDDC consumed as a service on premises
VMware solutions for AWS Outposts
Customer Data Center AWS Global Infrastructure
Data Center Cloud
VMs Containers
AWS Bare Metal On Premises
VMware Cloud on AWS Outposts
AWS Services
VMware Unified Data Management
VMs Containers
AWS Cloud
VMware Cloud on AWSAWS Services
VMware Unified Enterprise Network and Security
VMware vRealize, CloudHealth, and Wavefront for Operations and Management
The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation by VMware that items in this presentation will become available.
Extend your existing VPC experience on premises
Seamlessly connect your regional and AWS Outposts environments
AWS Region
Subnet
Availability Zone
Subnet
AWS Outposts
AWS Outposts
VPC
VPC
Subnet Subnet
Subnet