1

© 2010 VMware Inc. All rights reserved

Iwan ‘e1’ Rahabok

Staff SE, Strategic Accounts

e1@vmware.com | Skype: e1_ang

Building your private cloudVCAP-DCD

What is Cloud?

Cloud Infrastructure

Cloud Application

PlatformEnd-User

Computing

vCloud Solution

EnterpriseHybrid Cloud

Only VMware address all three

Only VMware enables the hybrid cloud

Only VMware offers true pooling and all the required Services

Private Cloud

vCloud Powered

Community Cloud

Recap from keynote…

End User Computing

End-UserExperience

Desktop Provisioning

Dynamic Resource Right-Sizing

Cloud Application Platform

Platform as a Service

ApplicationProvisioning

ApplicationPerformance

Cloud Infrastructure & Management

Automated Operations

Security & Compliance

IT Financial Management

IT Governance, Risk & Compliance

Service Portfolio Management

IT Business Management

EnterpriseHybrid Cloud

IT Services

Business Services(Application)

Private Cloud: what does it look like?

Application Services:• Security• Disaster Recovery• High Availability• Fault Tolerant• Live Migration• Load Balancing• Back up

vDC Management:• Inventory Management• Configuration Management• Compliance• Life Cycle• Performance Troubleshooting• Capacity Management• Patch Management• Orchestration

OS for the entire virtual DC

Physical DC 1 Physical DC 2

Uses the “Cloud OS” API

But how does it map to actual technology…?

vShield

Edge App AV

vCloud

Portal Virtual DC Hybrid

vSphere

Resource Abstraction

Storage Appliance

QoS: CPU, RAM, Disk, Network

vCenter

vCenter Standard

vCenter SRM

vCenter Operations

• vSphere Management• Orchestrator & Automation

• Performance Troubleshooting• Capacity Planning• Chargeback• Application Dependancy• Configuration Management• IT Dashboard

• DC migration• Automated DR with Failback

Partner plug-in• HA plug-in• Array plug-in• Backup plug-in

vCenter Heartbeat

• Network plug-in• Mgmt plug-in• Server plug-in

I got that. But how do I build one?

How to build your private cloud

Get the input right• Budget, Timeline, Application, Requirement, etc

Lay the foundation• Architecting the vSphere layer

Add advance services• Security as a service

• DR as a service

Add vSphere-specific management• Configuration, Performance, Capacity, Chargeback

Add vCloud appropriately• 2-tier IT

• Transient workload

To give you some depth…

Covered in SRM session

Covered in VC Ops session

Covered in vShield session

Covered in vCloud session

Business & IT requirements

How many VMs do you need support?

What applications are you going to run?

etc

Requirements & Goals

First Thing First

Budget constraint

Time constraint

Technical constraint

etc

Contraints & Risks

Tech & Non-Tech assumptions

Operational assumptions

etc

Assumptions

Design Methodology

Architecting a Private Cloud is not a sequential process• The components are inter-linked, and impact one another.

VM

Server

Storage

Network

Data Center

Mgmt

Security

Building Blocks

Your cloud is made of discrete pieces of building blocks• Improve management significantly

Know when to create:• Separate RP, Subcluster, Cluster, Data Center, or vCenter

• Separate Datastore, Datastore Cluster, or use RDM

• Separate Port Group, vSwitch

Cluster & Resource Pool Datastore and Cluster vSwitch and Port Groups

Compute Storage Network

Methodology: Data Center

When do you create a separate…• Cluster?

• vCenter DC?

• vCenter?

Factors influencing the above• Security

• Manage-ability

• Budget

• Workload

Physical DC vCenter Virtual

DC Cluster ESXi

Physical DC

vCenter

Virtual DC Virtual DC

Cluster Cluster

ESXi ESXi ESXi

vCenter

Virtual DC

The need for Non Prod Cluster

This is unique in the virtual data center. Non-Prod Cluster serves multiple purposes• Run Non Production VM

• DR

• Test-Bed for Infrastructure patching or updates.

• Test-Bed for Infrastructure upgrade or expansion

Even with all the above…• How are you going to test SRM properly?

• SRM test needs 2 vCenters, 2 arrays, 2 SRM servers. • If all are used in production, then where is the test-

environment for SRM?

Business

IT

This new layer does not exist in physical world.It is software, hence needs its own Non Prod envi.

The need for IT Cluster

Special purpose cluster• Running all the IT VMs used to

manage the virtual DC or provide core services

• Separated for ease for management & security

This separation keeps Business Cluster clean, “strictly for business”.

Category Virtual MachinesVMware vCenter (for Server Cloud)

vCenter Heart-beatvCenter Update ManagerSymantec AppHA ServervCloud Director

Storage Storage Mgmt tool (may need physical RDM to get fabric info)

Network Network Management ToolNexus 1000V Manager (VSM)

Core Infra MS AD 1MS AD 2Syslog serverFile Server (FTP Server)

Advance vDC Services

Site Recovery Manager + DBChargeback + DBAgentless AVObject-based Firewall

Security Security Management ServervShield Manager

Admin Admin client (1 per Sys Admin)VMware ConvertervMAvCenter Orchestrator

Application Mgmt App Dependancy Manager

Management vCenter Ops + DBHelp Desk

Desktop View Managers + DBThinApp Update ServervCenter (for Desktop Cloud)

Cluster Size

Factors impacting cluster size• Availability

• Budget

• Manage-ability

• Overall farm size

• Workload

Best practice for cluster• Identical hardware spec with same CPU frequency.

• Complies with Fault Tolerant & VMware View best practices

General guide• 4-8 host per cluster

• 8 node for View

• 4 node for IT Cluster

Sample Architecture for vSphere-layer: Large Cloud

1500 VM500 VM

Sample Architecture for vSphere-layer: Large Cloud

Sample: 3 tier cluster

The hosts can be identical, but SLA differs

Properties Tier 1 Tier 2 Tier 3

# Hosts 5 (always) 4 – 8 (likely 8) 6 – 8 (likely 8)

Node Spec? Always Identical 1 variations 2 variations

Failure Tolerance 2 hosts failure 1 host failure 1 host failure

MSCS Allowed Limited No

#VM Max 18 VM per cluster Max 70 VM. 10 per (N-1)

Max 140 VM 20 per (N-1)

Monitoring Application level.Intelligent Alert

Infrastructure level Intelligent Alert.

Infrastructure level Intelligent Alert.

Remarks Only for Critical App. No Resource Overcommit.

App can be vMotion to Tier 1 during critical

runResource Overcommit

Sample: 3 tier Storage

This become the type of Storage Pool provided to VM

Properties Tier 1 Tier 2 Tier 3

Interface FC FC iSCSI

IOPS >4000 >2000 >1000

Latency 10 ms 15 ms 20 ms

RAID 10 5 5

RPO 1 hour 4 hour 8 hour

RTO 1 hour 4 hour 8 hour

Datastore Size 1 TB 2 TB 3 TB

Limit 70% 80% 80%

Array-level Snapshot Yes No No

# VM ~10 VM. Flat Disk

~20 VM. Thick Provisioned

~30 VM. Thin Provisioned

QoS at Storage Layer

Constraints:• VMs interfere with one another as

they share the same physical Storage Pool or Aggregate

Solution• Storage IO Control

• All ESX hosts will co-ordinate and comply with policy.

4 1 2 1 2 1 1 3 1

QoS at Network Layer

Constraint:• VMs share physical NIC

• In 10 GE, only 2 NIC for everything

Solution:• Network IO Control

DataMining

PrintServer

OnlineStore

MicrosoftExchange

Without Network IO Control

NFS vMotion FT

DataMining

PrintServer

OnlineStore

MicrosoftExchange

With Network I/O Control

NFS vMotion FT

Next Steps

To gain initial understanding, attend the following sessions• vCloud

• SRM

• VC Ops

• vShield

Discuss with your VMware SE on your company private cloud plan• There is a standard “kit” that we follow to help you structure the approach.

Implement a pilot Go deep on the technology

• While private cloud is possible, it’s not as easy in reality.

© 2011 VMware Inc. All rights reserved

Have a great journey to the Cloud.