bca1695-optimized virtual infrastructure for business critical apps_final_us.pdf
TRANSCRIPT
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
1/45
Optimized Virtual
Infrastructure forBusiness Critical Apps
Alex Fontana, VMware Inc.
APP-BCA1695
#vmworldapps
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
2/45
2
Disclaimer
This session may contain product features that are
currently under development.
This session/overview of the new technology represents
no commitment from VMware to deliver these features in
any generally available product.
Features are subject to change, and must not be included in
contracts, purchase orders, or sales agreements of any kind.
Technical feasibi lity and market demand will affect final delivery.
Pricing and packaging for any new technologies or features
discussed or presented have not been determined.
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
3/45
3
Agenda
Introduction to OVI for BCA
OVI for BCA Use Cases
OVI for BCA Toolkit Overview
Resources
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
4/45
4
What Exactly is an Optimized Virtual Infrastructure?
What it isnt
An individual product
A reference architecture
A one-size-fits-all approach to virtualization of business critical apps
What it is
A solution stack using existing VMware products
A way of tackling the issues which come about from supporting business
critical apps (virtual or physical)
A view into how these VMware products can come together to support BCA
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
5/45
5
Requirements of Business Critical Applications
Application and infrastructure site resiliency
RPO and RTO based on SLAs
Disaster Recovery
Configuration control and compliance
Network security and application traffic isolation
Security
Application and infrastructure monitoring
Capacity planning and maintenance
Management
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
6/45
6
Supporting BCA using Traditional Infrastructure
Vendor specific recovery plans
Dedicated hardware
Multiple teams to complete recovery
Disaster Recovery
Hardware network security appliances
Network segmentation
Configuration management software
Security
Application-aware monitoring tools
Proactive capacity management
Management
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
7/45
7
How it all begins
Business crit ical applications are deployed in the same security
zone / trust zone
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
8/45
8
Evolution of the BCA environment
Oracle Enterprise
ManagerSystem Center
Operations Manager
Hardware
monitoring toolsConfiguration
management
Changes in security policies lead to application isolation
and added securi ty controls
Management and monitoring for all layers becomes increasinglyimportant
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
9/45
9
Disaster Preparedness
Oracle Enterprise
Manager
Hardware monitori ng
tools
System Center
Operations Manager
Configuration
management
Storage Replication
Oracle Data Guard
Exchange DAG
SQL Always-On AG
App recovery
silos
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
10/45
10
and when a disaster happens?
Are my applicationsstill protected from
network threats?
How are we going
to failback?
Do I have any
high-availability?
Can I still monitormy applications?
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
11/45
11
Optimized Virtual Infrastructure for BCA
Business Critical Applications
VMware vSphere VirtualizationPlatform
VMware vCenter Server
Compute Storage Network
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
12/45
12
Optimized Virtual Infrastructure for BCA
Business Critical Applications
VMware vSphere VirtualizationPlatform
VMware vCenter Server
Compute Storage Network
Virtualization &
Cloud Management
VMware vCenter
Operations
VMware vCenter
Site Recovery Manager
VMware vCenter
Configuration Manager
VMware vCenter
Infrastructure Navigator
VMware vShield Securit y
(VMware vCloud Networking and Security)
A VMware powered Optimized Virtual Infrastructure
provides a single Integrated solution stack to ful fill the
requirements of business critical applications
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
13/45
13
Benefits of Optimized Virtual Infrastructure
Managem
ent
D
isasterRecovery
Security
DR for All Applications
Complete protection for virtualizedbusiness critical applications
Non-disruptive recovery plan testing
Performance and Capacity
Management
Integrated Security
Hypervisor level firewall
Flow monitoring
Trust zones for application protection
Patented analytics
Capacity planning
Configuration and compliance
management
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
14/45
14
Applying VMware Products to the Solution Stack
Site Recovery Manager provides complete protection for virtualized
datacenters Integration with vCenter Operations Management Suite helps make sure all
application dependencies are protected
Integrated replication to protect all workloads
DR for All Applications
vShield (vCloud Networking and Security) App provides hypervisor level
protection for applications Protects logical and dynamic application boundaries using Security Groups
vCenter Configuration Manager provides configuration and compliancecontrol and alerting through vCenter Operations Management Suite
Integrated Security
vCenter Operations for proactive performance management of a convergedvirtual infrastructure
Adds patented analytics to third-party monitoring tools using vCenterOperations adapters
Capacity analytics drives efficiency by identifying over-provisionedresources
Performance and Capacity Management
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
15/45
15
Agenda
Introduction to OVI for BCA
OVI for BCA Use Cases
OVI for BCA Toolkit Overview
Resources
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
16/45
16
Site Resiliency
Whats wrong with site resiliency in physical environments?
Hardware at recovery site is dedicated and takes up rack space, power,
and cooling while sitting idleApplication protection occurs in a silo, each requiring dedicated recovery
procedures
Infrastructure teams become bottlenecks as they must assist multiple
application owners with differing requirements
Testing failover procedures requires activation of the recovery site
During a failover requirements such as monitoring and security become
nice to haves
How does OVI address these common issues?
Protection of the virtual data center, not the individual application Integration with vCenter Operations Management Suite
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
17/45
17
Site Resilience in OVI
Site A
Management Clus ter
Compute Storage Network
Site A
Optimized Virtual
Infrastructure
vCenter Server
(Res. Cluster Mgm t)
Site A
Resource Cluster
Compute Storage Network
Site A (Product ion)
Business Critical Apps
Site B
Management Clus ter
Compute Storage Network
Site B
Optimized Virtual
Infrastructure
Site B
Resource Cluster
Compute Storage Network
Site B (Recovery)
Business Critical Apps
Site B
vCenter Server
(Site A OVI Mgmt)
vShield Manager
Site A
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
vCenter Server
(Site B OVI Mgmt)
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
VMware vCenter
Operations Manager
VMware vCenter
Site Recovery Manager
VMware vCenter
Configuration Manager
VMware vCenterInfrastructure Navigator
vCenter Server
(Res. Cluster Mgm t)
vShield Manager
VMware vCenter
Site Recovery Manager
VMware vCenterInfrastructure Navigator
vSphere
Replication
Storage
Replication
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
18/45
18
Site Resilience in OVI
Site A
Management Clus ter
Compute Storage Network
Site A
Optimized Virtual
Infrastructure
vCenter Server
(Res. Cluster Mgm t)
Site A
Resource Cluster
Compute Storage Network
Site A (Product ion)
Business Critical Apps
Site B
Management Clus ter
Compute Storage Network
Site B
Optimized Virtual
Infrastructure
Site B
Resource Cluster
Compute Storage Network
Site B (Recovery)
Business Critical Apps
Site B
vCenter Server
(Site A OVI Mgmt)
vShield Manager
Site A
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
vCenter Server
(Site B OVI Mgmt)
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
VMware vCenter
Operations Manager
VMware vCenter
Site Recovery Manager
VMware vCenter
Configuration Manager
VMware vCenterInfrastructure Navigator
vCenter Server
(Res. Cluster Mgm t)
vShield Manager
VMware vCenter
Site Recovery Manager
VMware vCenterInfrastructure Navigator
vSphere
Replication
Storage
Replication
SRM Server
SRM Database
SRM Replication Manager
SRM Replicati on Server
SRM Server
SRM Database
SRM Replicati on Manager
SRM Replication Server
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
19/45
19
SRM and vCenter Operations Management Integration
vCenter Infrastructure Navigator maps network dependencies
and services
Integration with Site Recovery Manager helps virtualizationadministrators validate recovery plans
Is my VMprotected?
What other VMs does
my application
depend on?
Are all VMs in my
application stack
protected?
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
20/45
20
another look
SRM Protected
Downstream
dependencies
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
21/45
21
Customizable
Integrated virtual network
reconfiguration
Call-out to vCenter to perform
additional tasks
Integrate custom scripts
Define virtual machine dependencies
and power-on sequences
Export steps and detailed test reports
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
22/45
22
SRM Based Protection for Exchange DAG
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
23/45
23
Combining Application Site Resiliency with SRM
APP-BCA1344 Virtualizing Oracle for DR with Data Guard
and Site Recovery Manager
vCenter ServerSite
RecoveryManager
vSphere
vCenter ServerSite
RecoveryManager
vSphere
vSphereReplication
Site A (Primary) Site B (Recovery)
Primary
SAP DB
Standby
SAP DBOracle Data
Guard
Log Shipping
SAP CS SAP PAS SAP CS SAP PAS
http://www.google.com/imgres?imgurl=http://storageconference.org/2010/OracleLogo.jpg&imgrefurl=http://storageconference.org/2010/index.html&usg=__P3VabjEP_A-DfnBdUfgbxcgcXsE=&h=420&w=2034&sz=84&hl=en&start=1&um=1&itbs=1&tbnid=AZKrdJA3Q6B4cM:&tbnh=31&tbnw=150&prev=/images?q=oracle+logo&um=1&hl=en&sa=N&rls=com.microsoft:en-us:IE-SearchBox&tbs=isch:1http://www.google.com/imgres?imgurl=http://storageconference.org/2010/OracleLogo.jpg&imgrefurl=http://storageconference.org/2010/index.html&usg=__P3VabjEP_A-DfnBdUfgbxcgcXsE=&h=420&w=2034&sz=84&hl=en&start=1&um=1&itbs=1&tbnid=AZKrdJA3Q6B4cM:&tbnh=31&tbnw=150&prev=/images?q=oracle+logo&um=1&hl=en&sa=N&rls=com.microsoft:en-us:IE-SearchBox&tbs=isch:1 -
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
24/45
24
Application Security and Policy Management
Whats wrong with application security and policy management
in physical environments?
Disparate tools for maintaining a secure environment; hardware firewalls,intrusion prevention systems, anti-virus software, etc.
Applications requiring segmentation cause overhead for network staff
Configuration deviation leads to performance degradation and complex
troubleshooting
How does OVI address these common issues?
Security integrated with the hypervisor means security policies are built once
and become part of the virtual infrastructure management process
Configuration management integrates with performance management
and alerting to provide information around changes and how they affect
performance
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
25/45
25
Application Security in OVI
Site A
Management Clus ter
Compute Storage Network
Site A
Optimized Virtual
Infrastructure
vCenter Server
(Res. Cluster Mgm t)
Site A
Resource Cluster
Compute Storage Network
Site A (Production)
Business Critical Apps
Site B
Management Clus ter
Compute Storage Network
Site B
Optimized Virtual
Infrastructure
Site B
Resource Cluster
Compute Storage Network
Site B (Recovery)
Business Critical Apps
Site B
vCenter Server
(Site A OVI Mgmt)
vShield Manager
Site A
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
vCenter Server
(Site B OVI Mgmt)
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
VMware vCenter
Operations Manager
VMware vCenter
Site Recovery Manager
VMware vCenter
Infrastructure Navigator
vCenter Server
(Res. Cluster Mgm t)
vShield Manager
VMware vCenter
Site Recovery Manager
VMware vCenterInfrastructure Navigator
VMware vCenter
Configuration Manager
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
26/45
26
Application Security in OVI
Site A
Management Clus ter
Compute Storage Network
Site A
Optimized Virtual
Infrastructure
vCenter Server
(Res. Cluster Mgm t)
Site A
Resource Cluster
Compute Storage Network
Site A (Production)
Business Critical Apps
Site B
Management Clus ter
Compute Storage Network
Site B
Optimized Virtual
Infrastructure
Site B
Resource Cluster
Compute Storage Network
Site B (Recovery)
Business Critical Apps
Site B
vCenter Server
(Site A OVI Mgmt)
vShield Manager
Site A
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
vCenter Server
(Site B OVI Mgmt)
vShield Appliance-ESXi Host 1
vShield Appliance-ESXi Host 8
VMware vCenter
Operations Manager
VMware vCenter
Site Recovery Manager
VMware vCenter
Infrastructure Navigator
vCenter Server
(Res. Cluster Mgm t)
vShield Manager
VMware vCenter
Site Recovery Manager
VMware vCenterInfrastructure Navigator
vShield Manager and
vCenter Configuration
Manager provide security
and policy management
vShield Appliances
run on each vSphere
host
VMware vCenter
Configuration Manager
vShield Manager is deployed
In Site B, vCenter
Configuration Manager uses
SRM in case Site A fails
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
27/45
27
Integrated Security
Access control based on logical constructs
Reduced deployment time of applications requiring protection
from network based threatsProduction Server Zone
No ports
blocked
Oracle TNS
Msg Server
Gateway Dispatcher
No ports
blocked
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
28/45
28
Integrated Security
Access control based on logical constructs
Reduced deployment time of applications requiring protection
from network based threatsProduction Server Zone
No ports
blocked
Oracle TNS
Msg Server
Gateway Dispatcher
No ports
blockedAdd app VMs to VM
container, rules inherited.
No new firewall rules! VM containers include
Resource pools, folders,
And vApps
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
29/45
29
Policy Management
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
30/45
30
Policy Management
User-defined ru le set
Pin-point non-compliant
systems and the rules
Which were violated
Out-of-the-box toolkits
Include SOX, PCI, CIS, etc.
P li M
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
31/45
31
Policy Management
vCenter Configuration Manager events overlaid within vCenter
Operations Manager
Correlate in-guest change events with performance and health
Launch vCM in context to remediate conf iguration changes
P li M t
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
32/45
32
Policy Management
vCenter Configuration Manager events overlaid within vCenter
Operations Manager
Correlate in-guest change events with performance and health
Launch vCM in context to remediate conf iguration changes
Change events and
performance data correlated
to ease troubleshooting
and remediation
P f O ti i ti f B i C iti l A
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
33/45
33
Performance Optimization for Business Critical Apps
Why is performance optimization so difficul t?
Every vendor has their own solution for monitoring and management
Multiple dashboards and data streams make correlating data tedious
Static thresholds mean constant false-positive alerts and no intelligence
or self tuning
Capacity planning is reactive
How does OVI address these common issues? Integration with the most popular application monitoring software solutions
Patented analytics for smart detection of application, storage, networking
and virtual infrastructure anomalies
Capacity planning for proactive knowledge of when resources will be
exhausted or are being wasted
Dynamic application discovery and dependency mapping
I t ti i th P l M it i S l ti
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
34/45
34
Integration with Popular Monitoring Solutions
Consolidated views provide a complete picture as to the health
of the entire application stack
See the application, operating system, virtual machine, etc.in a single dashboard
P t t d A l ti
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
35/45
35
Patented Analytics
Proactive monitoring using dynamic thresholds
Anomaly detection provides early warning of potential issues
P t t d A l ti
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
36/45
36
Patented Analytics
Proactive monitoring using dynamic thresholds
Anomaly detection provides early warning of potential issues
Blue Line indicates
metrics current value
Gray Line indicates Upper
and lowerband of Dynamic
threshold normal
Capacit Planning and Si ing G idance
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
37/45
37
Capacity Planning and Sizing Guidance
Application Discovery
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
38/45
38
Application Discovery
Dynamically discover newly added virtual machines, the applications
running within, and whether or not they are protected
Customizable Dashboard
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
39/45
39
Customizable Dashboard
Application health, risk and efficiency at a glance
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
40/45
40
Agenda
Introduction to OVI for BCA
OVI for BCA Use Cases
OVI for BCA Toolkit Overview
Resources
OVI for BCA Toolkit
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
41/45
41
OVI for BCA Toolkit
Design Guide
Design considerations for deploying an Optimized Virtual Infrastructure
for business critical applications
Use Cases
Detailed use cases showing business critical applications deployed
in an OVI based on a fictitious customer
Architecture Example
Design detail for an OVI implementation at a fictitious customer
Available for download after VMworld
http://www.vmware.com/solutions/business-critical-apps/
http://www.vmware.com/solutions/business-critical-apps/http://www.vmware.com/solutions/business-critical-apps/ -
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
42/45
42
Agenda
Introduction to OVI for BCA
OVI for BCA Use Cases
OVI for BCA Toolkit Overview
Resources
More Information
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
43/45
43
More Information
Virtualizing Business Critical Enterprise Applications:
http://www.vmware.com/solutions/business-critical-apps/index.html
VMware and Oracle
http://www.vmware.com/solutions/partners/alliances/oracle.html
VMware and SAP
http://www.vmware.com/solutions/partners/global-alliances/sap/sap.html
Virtualizing Microsoft SQL on VMware vSphere
http://www.vmware.com/solutions/business-critical-apps/sql/index.html Virtualizing Exchange with VMware
http://www.vmware.com/solutions/business-critical-apps/exchange/index.html
SharePoint Server and the Private Cloud
http://www.vmware.com/solutions/business-critical-apps/sharepoint_server/index.html
Virtualizing Enterprise Java Applications
http://www.vmware.com/solutions/business-critical-apps/enterprise-java-app/overview.html
http://www.vmware.com/solutions/business-critical-apps/index.htmlhttp://www.vmware.com/solutions/partners/alliances/oracle.htmlhttp://www.vmware.com/solutions/partners/global-alliances/sap/sap.htmlhttp://www.vmware.com/solutions/business-critical-apps/sql/index.htmlhttp://www.vmware.com/solutions/business-critical-apps/exchange/index.htmlhttp://www.vmware.com/solutions/business-critical-apps/sharepoint_server/index.htmlhttp://www.vmware.com/solutions/business-critical-apps/enterprise-java-app/overview.htmlhttp://www.vmware.com/solutions/business-critical-apps/enterprise-java-app/overview.htmlhttp://www.vmware.com/solutions/business-critical-apps/sharepoint_server/index.htmlhttp://www.vmware.com/solutions/business-critical-apps/exchange/index.htmlhttp://www.vmware.com/solutions/business-critical-apps/sql/index.htmlhttp://www.vmware.com/solutions/partners/global-alliances/sap/sap.htmlhttp://www.vmware.com/solutions/partners/alliances/oracle.htmlhttp://www.vmware.com/solutions/business-critical-apps/index.html -
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
44/45
FILL OUT
A SURVEY
EVERY COMPLETE SURVEY
IS ENTERED INTO
DRAWING FOR A
$25 VMWARE COMPANY
STORE GIFT CERTIFICATE
-
7/27/2019 BCA1695-Optimized Virtual Infrastructure for Business Critical Apps_Final_US.pdf
45/45
Optimized Virtual
Infrastructure forBusiness Critical Apps
Alex Fontana, VMware Inc.
APP-BCA1695