© 2012 VMware Inc. All rights reserved

VMware Advanced Cloud Proof of Concept (POC)

Architecture Overview

2

Download

Student Guide & Internal & Confidential Update Daly - https://goo.gl/VVmVZ0

-- Release Notes http://ouo.io/VxrUAr

00 Document Map http://ouo.io/NGCDo

01 Delivery Reference Guide http://ouo.io/Xrw906

02 Use Cases and Workflows http://ouo.io/H3muhE

03 Use Case 1 Gap Analysis http://ouo.io/l18Ynp

A01 Prerequisites Checklist http://ouo.io/eBX2O

A02 Overview http://ouo.io/geUNbu

A03 Architecture Overview http://ouo.io/Eu9vJW

A04 Installation and Configuration Guide http://ouo.io/LVjyZ

A05 As-Built Workbook http://ouo.io/3kRqMB

A06 Validation Test Plan http://ouo.io/rZcTtH

3

Agenda

Advanced Cloud and Advanced Cloud Components Overview of VMware Advanced Cloud Component Architecture Multitenant Cloud with vCloud Director VMware Service Manager Cloud Provisioning Orchestration with vCenter Orchestrator Compliance and Configuration Management with VCM Predictive Capacity and Performance Management with

vCenter Operations Manager Workload Mobility with vCloud Connector Cost Analysis and Reporting with vCenter Chargeback Dependency Mapping with vCenter Infrastructure Navigator Appendix A: VCM into vCenter Operations Manager Integration Appendix B: vCO Workflows for VCM Patching and Compliance

4

Advanced Cloud and Advanced Cloud Components

5

What Is Advanced Cloud? (Formerly Cloud B)

Advanced Cloud builds on the basic IaaS capabilities of Cloud A to provide better compliance, extensibility, operational visibility, and capacity management

vCloud Director

vCenter

vSphere

Administrator UI

VMware Service Manager Cloud Provisioning

Providers Consumers

vShi

eld

Physical Infrastructure (server, storage, network)

vCen

ter O

rche

stra

tor

vCen

ter

Ope

ratio

ns

User Portal

AMQP

Cha

rgeb

ack

LDAP

SMTP

6

Advanced Cloud Components

VMware vSphere® 5 VMware vCloud ® Director™ (VCD) 1.5.1 VMware vShield Edge™ 5.01 VMware vCenter™ Operations Manager™ 5.0 VMware vCenter Configuration Manager™ (VCM) 5.5 VMware vCenter Orchestrator™ 4.2.1 (with the following plug-ins)• vCloud Director Plug-in 1.5

• Active Directory Plug-in 1.0.1

• AMQP Plug-in 1.0.1

• REST Plug-in 1.0.1

7

Advanced Cloud Components (cont.)

VMware vCenter Chargeback™ 2.0.1 VMware Service Manager™ Cloud Provisioning 9.1 Patch 1 VMware vCloud Connector™ 1.5 GA VMware vFabric RabbitMQ™ 2.5.1 VMware vCenter Infrastructure Navigator™ 1.0.1

8

Dependency

Mapping

Capacity and

Performance

Management

Workload Mobility

Reporting and Cost Analysis

Compliance and

Configuration Management

Multitenant Cloud

Provisioning Engine

Orchestration

Advanced Cloud Data Flow

vCO connector

Cloud Provisioning

Portal

VCD connector

vCloud Director

vCenter Orchestrator

RESTplug-in

vCloud API

vCloud APIvCO plug-

in for VCD

Active Directory

vCenter Configuration

Manager

vCenter Operations Manager

vCloud Connector

vCenter Infrastructure

Navigator

vCenterChargeback

AMQPMessage

s

vCenter Operations

Cloud Provisioning

RabbitMQ

vCloud API

External System

s

AD plug-

in

Cloud Consumer

Cloud Admin

9

Overview of VMware Advanced Cloud Component Architecture

10

Advanced Cloud Architectural Capabilities

Multitenant Cloud Cloud Provisioning Portal Orchestration Infrastructure and Workload Compliance and Configuration

Management Predictive Capacity and Performance Management Reporting and Cost Analysis Dependency Mapping AMQP Messages

11

Multitenant Cloud with vCloud Director

12

Resource Abstractions and Allocation

Users Access control

Catalogs Provisioning policies

User clouds

Virtual Datacenter Organization

UsersAccess control

catalogs Provisioning policies

Virtual Datacenter Organization

User clouds

Provider VDC: Gold Provider VDC: Silver Provider VDC: Bronze

Port groups or dvPort groups

Resource pools

Datastores

vSphere

OrganizationVirtualDatacenters

Organization virtual datacenters

Organization virtualdatacenters

vApp(virtual machines with vApp network)

vApp(3-tier direct connect)

Organizationvirtualdatacenters

Organization virtual datacenters

External networksOrganization network Organization network

vApp network

13

Example Resource Group Network Architecture

Internet/MPLS

Intranet

Org

aniz

atio

n

Private Cloud

Routed Org Net 10.1.4.x/24

OSPF Routes10.1.2.0/24 to 10.1.1.2

10.1.3.0/24 to 10.1.1.310.1.4.0/24 to 10.1.1.4

10.2.2.0/24 to 10.1.8.6

10.2.3.0/24 to 10.1.8.610.2.4.0/24 to 10.1.8.6

vShield VPN Tunnels

10.1.8.6

4.3.2.99

oVDC2 oVDC3 oVDC4

10.1.1.2

10.1.1.3

10.1.1.4

Routed Org Net 10.1.2.x/24

Routed Org Net 10.1.3.x/24

External Net 10.1.1.x/24

Org

aniz

atio

n

Public Cloud

Routed Org Net 10.2.4.x/24

oVDC2 oVDC3 oVDC4

7.7.7.2

7.7.7.3

7.7.7.4

Routed Org Net 10.2.2.x/24

Routed Org Net 10.2.3.x/24

External Net 7.7.7.x/24

14

Example Resource Group Network Architecture (cont.)

Internet/MPLS

Intranet

Org

aniz

atio

n

Private Cloud

Routed Org Net 10.1.4.x/24

OSPF Routes10.1.2.0/24 to 10.1.1.210.1.3.0/24 to 10.1.1.3

10.1.4.0/24 to 10.1.1.4

10.2.2.0/24 to 10.1.8.6

10.2.3.0/24 to 10.1.8.610.2.4.0/24 to 10.1.8.6

vShield VPN Tunnels

10.1.8.6

4.3.2.99

10.1.1.2

10.1.1.3

10.1.1.4

Routed Org Net 10.1.2.x/24

Routed Org Net 10.1.3.x/24

External Net 10.1.1.x/24

Org

aniz

atio

n

Public Cloud

Routed Org Net 10.2.4.x/247.7.7.2

7.7.7.3

7.7.7.4

Routed Org Net 10.2.2.x/24

Routed Org Net 10.2.3.x/24

External Net 7.7.7.x/24

OS

WEB

vApp

10.1.2.21

oVDC2

OS

APP

vApp

10.1.3.31

oVDC3

OS

DB

vApp

10.1.4.41

oVDC4

OS

WEB

vApp

10.2.2.21

oVDC2

OS

APP

vApp

10.2.3.31

oVDC3

OS

DB

vApp

10.2.4.41

oVDC4

15

VMware Service ManagerCloud Provisioning

16

Cloud Provisioning Portal

A Cloud Provisioning Portal contains information about all IT/Cloud Services available for consumption and deployment

The Cloud Provisioning Portal is the part of the IT/Cloud Service Portfolio that is published to customers, and which is used to support the sale and delivery of services

The Cloud Provisioning Portal includes information about deliverables, prices, contact points, ordering, and request processes

17

Why a Cloud Provisioning Portal Is Important

Governance • Permission to access and provision only your assets

• Provisioning affects capacity

Provides request management • Cost control

• Managing user expectations (service levels)

Documentation • Recording the who, what, why, and when a change happened (or did not

happen) to the infrastructure

• Viewing the stage and status of requests

The Cloud Provisioning Portal makes it easy for enterprises and other consumers of cloud services to use offerings in a formal, normalized manner. It also drives consistency of the service obligations and the units of measurement for services

18

Enhanced Self-Service with VMware Service Manager

VMware Service Manager Cloud Provisioning enables the consistent delivery of service catalog items through workflow automation

19

Cloud Portal Service Catalog View

The visibility of available service catalog items can be adjusted on a per user basis

Two mechanisms for filtering catalog items• By organization

• By subscriber groups

VMware Service Manager Cloud Provisioning organization is a separate concept from a VCD organization

20

VMware Service Manager Cloud Provisioning Architecture

21

IntegrationScheduler

Service Manager CMDB

Configuration Item Templates

VDC Template

VM Template

Create vApp

Service Action Templates

vApp TemplateType: vApp Service

Services

vApp Service

Configuration ItemsvApp Templates

Virtual Machines

vApps

Organization VDCs

Organizations

Linked

Linked

Linked

CMDB Item Types(included with

Service Manager 9.x)

(vCloud) Org VDC

(vCloud) VM

(vCloud) vApp Template

(vCloud) Organization

ServiceType

Integration Resource Mappings

vApp Template mapping

vApp mapping

Org VDC mapping

Organization mapping

VM mapping

Integration Resource Types

(included with Service Manager 9.x)

vApp Template

vApp

Org VDC

Organization

VM

Integration

ResourceType

Integration Links

Organization /VDC

VDC / VDC Resources

vApps / VMs

vCloudDirector

Mappings

CI creatio

n

Links

Inve

ntor

y

CMDB Screens(vCloud) vApp Template

Details

(vCloud) VM Details

Customer Approval Task ScreenSet

"Request Intel VM"Approval Review Screen

Task Details Screen

Request ScreenSet"Request Intel VM"

Request Submission Screen

Request Details Screen

Request Review Screen

Fiel

dsFi

elds

Workflow Template"Request Intel VM"

Service ActionRequest a Virtual

Machine

Linked

Linked

Linked

Create CMDB

Item Task

Transaction"Create vApp"

Linked

Linked

CI Templates

Linked

(vCloud) vApp Details

Linked

Organization Template

CMDB

ItemType

1

1

2

3

4

5

6

7

8

Step 1–8

1 Link 1–5

2

3

4

5

11

4

2

5

3

VMware Service Manager Cloud Provisioning Dependencies

22

Orchestration with vCenter Orchestrator

23

Application Provisioning, Configuration,

and Monitoring

Management Systems

vCenter Orchestrator Provides a Plug-In Framework

vCO plug-ins enable integration with third-party systems

CMDB, configuration, service desk, and so

on

Cloud Resources Manager

VMware vCloud

Director

Virtual Infrastructure

Layer

VMware vSphere and

vCenter Server

Physical Layer

Cisco UCS and UCS Manager

24

• Windows XP• Windows 7

vCO Client

• SOAP• REST (future)

Web ServiceAccess

BrowserAccess

• IE 8 and later• Firefox 3, later

vCenter Orchestrator Product Architecture

• Oracle• Microsoft

SQL Server

vCODatabase

DirectoryServices

Workflow library

Web view libraryWorkflow Engine

…

vCO Access Points

Management Systems

IT Infrastructure

vCO Platform

vCO Plug-Ins

……

platform

plug-inseco-system

25

Compliance and Configuration Management with vCenter

Configuration Manager

26

VCM Process of Gathering and Managing Data

Collect Analyze Report Manage Act

CARMA

27

Compliance Process

Step 1Create a rule group

Step 2Create filters and rules

and add them to the rule group

Step 3Create a template and

add the rule groups to it

Step 4Run the template immediately or

schedule it to be run at a later time

Step 5Check the results

carefully and make necessary adjustments

Step 6Create exceptions

necessary to exclude rules or systems from

being assessed in particular conditions

28

vCenter Configuration Manager – System Components

Installation Manager

VCM Server VCM System Components• Installation Manager• VCM Collector

• 3-Tier architecture supported

• Collector Service

• Internet Information Services• SQL Server • SQL Server Reporting Services (SSRS)

VCM Collector

Collector Service Internet Information Services (IIS) SQL Server SSRS

29

VCM Agents, Communication, and Databases

VCM Server

Managed Linux Host

Managed Windows Host

VCM Agent

VCM Agent

DCOM or HTTP

HTTP

VCM_RAW

VCM_Coll

VCMVCM_Unix Windows

Managing Agent

vCenter VISDK

VCM Agent

DCOM or HTTP

HTTPS

vCloud Director API

HTTPS

vShield Management

Appliance

HTTPS

30

Managing Agent

vCenter VISDK

vCloud Director REST API

vShield REST API

Start Collection

Collector Determines the

Managing Agent

Submit request to Managing AgentInclude source (vCenter, vShield, VCD), username, password, and

inspection script

Managing Agent runs Python script (part of standard Windows agent)

Data Returned to

collector and added into

VCM database

“Any VCM 5.5 windows agent

will work”

2

1

3

4

5

6

31

Predictive Capacity and Performance Management with

vCenter Operations Manager

32

vSphere

VMware vCenter Operations Manager Architecture

OpenVPN

Postgres DB

vSphere

WebApp

Custom

WebApp

Admin

WebApp

vCenter Operations Manager vApp

UI VM

Rolled up capacity data

Capacity Analytics

FSDBPostgres DB

Collector

ActiveMQ

Performance Analytics

Analytics VM

Metric Data

vSphere

VMware vCloud / VMware vCenter

vSphere

VMware vCenter Operations Manager UI with vSphere

VMware vCenter Configuration

Manager

Third-Party Data Sources

vCenter Communications

over SSL

vCenter Operations Manager Custom UI

33

Workload Mobility with vCloud Connector

34

vCloud Connector Architecture

Private Cloud Public Cloud

vCloud Connector

Server

“Control Plane”

“Data Plane”

vSphereClient

Clients

Public Cloud

Data

Private vCloud

vSphere Public Cloud

vCC UI

vCC Server

Node

Node Node

Node

35

Cost Analysis and Reporting with vCenter Chargeback

36

Using vCenter Chargeback with vCloud Director

vCloud Databases

Organization Hierarchies Cost ReportsCost Models

Chargeback Data Collectors

vCenter Chargeback Database

Third-Party Tools

1

2

3

37

Integration Architecture with Chargeback

vCenter Chargeback Server

vCenter Chargeback Application/Web UI

vCenter Server System 1

vSphere Client

•Stores organization hierarchy

•Stores cost/rate plan•Global cost configuration

•vCenter Server database statistics

Chargeback database

•Cost reports•Cost configuration

JDBC

HTTPS

HTTPSvCenter APIs/JDBC

Multiple vCenter Server deployment vCenter Chargeback plug-in

vCenterChargebackREST APIs / HTTP(S)

vCloud Director Database

vCloud Director Server vShield Manager Server

vCenter Chargeback adds two new data collectors for vCloud integration

vCenter Server System 2

38

vCloud Architecture with vCenter Chargeback

vCenter Server

VMware vSphere ESXi™ hosts with vCloud Director agents

vCloud Agent

vCloud Agent

vCloud Agent

vCloud Agent

vCloud Agent

Datastores

VMware vSphere

vCenter Server database

LDAP

vSphere Client

vCenter Chargeback web interface

vCenter Chargeback database

vCenter Chargeback

vCenter Chargeback Server

VMware vCloud Director

vCloud Director Cell

vCloud Director database

vCloud Director web console

vCloud API

vShield vShield Manager and vShield Edge virtual appliancesdata collectors

39

Dependency Mapping with vCenter Infrastructure Navigator

40

VMware vCenter Infrastructure Navigator Architecture

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

VMVMware

Tools

vCenter

41

AMQP Messages with RabbitMQ

vCloud Director publishes notification messages to an Advanced Message Queuing Protocol (AMQP) exchange (AMQP version 0.9.1 supported by RabbitMQ version 2.0 and later)

42

Appendix A:vCenter Configuration Manager into

vCenter Operations Manager Integration

43

vCenter Configuration Manager Integration Architecture

vCenter 4.0 u2 and later VCM 5.5 configured to collect from• vCenter or virtual machines

vCenter Operations Manager 5.0• Collects from the same vCenter instance

• IE (7, 8, or 9*) is required for launch-in-context

• VCM Adapter

• Pre-installed on vCenter Operations Manager vApps

• Install separately for the non-vApp (Enterprise Plus Linux or Windows installers)

vCenter Operations Management Suites• Enterprise Plus and Enterprise

• Enterprise can be enabled if a la carte full VCM functionality is added for some virtual machines. Otherwise there is no guest operating system data to gather

VCM

vCenter Operations Manager

CollectorVCM Adapter VMware Adapter

VCM DBvCenter

* There are no known issues with IE9 in compatibility mode

44

vCenter Operations Manager

vCenter Configuration Manager Architecture – Data Flow

1. VCM collects vCenter inventory and configuration data using VI-SDK and standing collection job, usually nightly

2. VCM collects guest operating system data using VCM Agent and standing collection job, usually nightly

3. vCenter Operations Manager VMware Adapter collects vCenter topology, performance and change data from vCenter using VI-SDK every five minutes by default

4. vCenter Operations Manager VCM Adapter collects vCenter guest OS change data from VCM using JDBC connection• Depends on and to complete for

success

• Every five minutes by default

VCM

CollectorVCM Adapter VMware Adapter

VCM DB

vCenter1

2

34

45

vCenter Configuration Manager – Multiple Components

Can I do multiple instances of the components?• Need multiple adapters

• 1 VCM Adapter per VCM• 1 VMware adapter per vCenter

instance

VCM collects from eachvCenter instance

vCenter Operations Manager registered for each vCenter instance

Correlate data between VCM and vCenter Operations Manager across multiple vCenter instances• Uses VCID (vCenter ID) and MOID

(vCenter Managed Object ID)

vCenter Operations Manager

VCM Adapter1 VMware Adapter1

vCenter1

vCenter2

VCM1

VCM2

VCM Adapter2 VMware Adapter2

46

Appendix B:vCO Workflows for VCM Patching and

Compliance

47

Agenda

Overview and Architecture Prerequisites and Components Getting Started• Important VCM Prerequisites

• Import Workflow Package

• Update REST Host Configuration

Configuring vCO Getting started on VCM workflows Patching and Compliance Workflows• Virtual machine patching (online, offline, and snapshot before patching)

• Virtual machine compliance assessment (online and offline, including taking snapshot)

• vCenter template patching

• vCenter template compliance assessment

48

Overview and Architecture

vCO server can be running on Windows or as a virtual appliance vCO workflows leverage vCenter plug-in, HTTP REST plug-in, and

VCM API

49

Prerequisites and Components

VCM 5.5 with API 1.0 vCO vCO plug-ins • HTTP-REST 1.0.1

• vCenter Server

• Mail (optional)

Workflow package Prerequisites• vCenter virtual machine or template must

• Have VMware Tools™ installed• Be reachable through a network

• Must have VCM agent pre-installed on target virtual machines or templates running Linux operating system

50

Getting Started – Important VCM Prerequisites

Latest Windows and UNIX patch bulletins are downloaded Required compliance templates are imported Required remote commands are added (see the VMware Advanced

Cloud POC Use Cases and Workflows document) Timeout setting for Windows patch deployment in case a very large

set of patches are being deployed• Under Administration > Settings >General Settings > Patching > Windows >

Additional Settings change setting with description “Timeout in minutes for the entire patch deployment job”

51

Getting Started – Import Workflow Package

Download signed package, com.vmware.library.vcm.package.cab Extract the workflow package from the downloaded CAB file Log in to vCO Client Click the Packages link Click the dropdown menu and select Import package Select com.vmware.library.vcm.package and click Open

52

Getting Started – Update REST Host Configuration

Select workflow Update a REST host from Workflows > Library > HTTP-REST > Configuration > Update a REST host

Right click the workflow and select Start Workflow Select the Not Set link in the Host to be updated Select the host under Inventory > HTTP-REST and click select Enter details for the host properties like the following and click

Submit

53

Patching and Compliance Workflows

1. Virtual Machine Patching

54

Patching and Compliance Workflows (cont.)

2. Virtual Machine Compliance Assessment

55

Patching and Compliance Workflows (cont.)

3. Template Patching

56

Patching and Compliance Workflows (cont.)

4. Template Compliance Assessment

57

Questions

58

VMware Advanced Cloud Proof of Concept (POC)

VMware, Inc.3401 Hillview AvePalo Alto, CA 94304

Tel: 1-877-486-9273 or 650-427-5000Fax: 650-427-5001