28
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Bryan Wood, Partner Solutions Architect, AWS Chris Lennon, Staff Systems Engineer, VMware VMworld 2018 Hello, You Had Me at Infrastructure as Code: Hybrid SDDC Cloud Automation HYP3003BUS VMworld 2018 Content: Not for publication or distribution

or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

  • Upload
    others

  • View
    0

  • Download
    0

Embed Size (px)

Citation preview

Page 1: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Bryan Wood, Partner Solutions Architect, AWS

Chris Lennon, Staff Systems Engineer, VMware

VMworld 2018

Hello, You Had Me at Infrastructure as Code:

Hybrid SDDC Cloud Automation

HYP3003BUS

VMworld 2018 Content: Not for publication or distribution

Page 2: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Disclaimer

This presentation may contain product features that are currently under development.

Features are subject to change, and must not be included in contracts, purchase orders, or

sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new technologies or features discussed or presented have

not been determined.

VMworld 2018 Content: Not for publication or distribution

Page 3: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Agenda

VMware Cloud on AWS Overview: Software Defined Data Center

On-Premises, SDDC, and Native AWS Services Topology

Automated Provisioning of an SDDC

API Explorer Interface

Postman

vSphere Automation SDK

AWS Native Services Integration

Serverless Architecture & Step Functions

CloudFormation

Service Catalog

Bender: SlackBot IntegrationVMworld 2018 Content: Not for publication or distribution

Page 4: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

vRealize Suite, PowerCLI

VMware Cloud on AWS

AWS Global Infrastructure

On-Premises

Datacenter

AWS Global Infrastructure

vCenter ServerSingle pane of glass and API across on-premises and cloud

Access to all AWS services

Amazon

EC2

Amazon

S3

Amazon

RDS

AWS Direct

Connect

Amazon

Redshift

AWS CloudFormation, AWS CLI, AWS SDK

Amazon

DynamoDB

Overview: VMware Cloud on AWS

VMworld 2018 Content: Not for publication or distribution

Page 5: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Compute

- 36 PCPUs (72 vCPUs)

- 512GB RAM

- 8 x 2TB NVMe local SSD

- Dedicated Host

vSphere Features

- vSphere HA

- vMotion

- DRS

- Elastic DRS

Storage

- ESXi boot-from-EBS

- 16TB NVMe-backed local raw storage

Networking

- 25 Gbps

- VMware Cloud ENI

Amazon EC2i3.metal

Compute: vSphere on Bare-Metal

VMworld 2018 Content: Not for publication or distribution

Page 6: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Industry leading platform for

private storage virtualization

NVMe flash on bare-metal

Fully Featured

- Deduplication

- Compression

- Erasure Coding

Write Buffer

Capacity Tier

Disk Group 1 Disk Group 2

Storage: vSAN

VMworld 2018 Content: Not for publication or distribution

Page 7: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

VMware vSphere + vSAN + NSX

Mgmt

CGW

PrivatePublic

Industry leading platform for

private SDDC network virtualization

Fully Featured advanced

networking and security

services

- Logical L2 Switching(multicast capable)

- Overlays can span L3 routing

- Routing

- Firewalling

- Load Balancing

- VPN

Logical Overlay Networks

IPs from VPC CIDR blockeu-central-1a eu-central-1b

Networking: NSX

VMworld 2018 Content: Not for publication or distribution

Page 8: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

VMware vSphere + vSAN + NSX

Mgmt

CGW

PrivatePublic

Topology Diagram

VMworld 2018 Content: Not for publication or distribution

Page 9: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

vCenterMgmt

VMware vSphere + vSAN + NSX

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

CGW

PrivatePublic

VMware Cloud on AWS SDDC

MGWMgmt

vCenter

VGW

Private VIFAWS

Direct

Connect

Customer

Router

ESXi ESXi ESXi

VMware vSphere Distributed Switch

On-Premises Datacenter

vSAN

Witness

EC2

Mgmt

vMotionvMotion

Mgmt

NSX Edge

Appliance

IGW

AWS Customer Acct

VMware

Cloud

ENIs

Route53

Directory

Service

Amazon EFS

Private Endpoint

Route53

CNAME

BLU

E

GREEN

0.0.0.0

172.16.0.0

10.0.0.0

VPCe

Backups

S3 Bucket

- L3VPN to MGW: Cold Migration- L2VPN to CGW: Live Migration- VMware Cloud ENI routes to Customer Acct- Native AWS Services Integration Examples

- Backups over S3 VPC Endpoint- Private Zone DNS resolution- Elastic File System in-guest mount

Topology Diagram

VMworld 2018 Content: Not for publication or distribution

Page 10: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

CGW

PrivatePublic

VMware Cloud on AWS SDDC

Customer

Router

ESXi ESXi ESXi

VMware vSphere Distributed Switch

On-Premises Datacenter

VMware vSphere + vSAN + NSX

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

i3

Metal

Mgmt

AWS Customer Acct

VPCe

Backups

S3 Bucket

- VM Backup to S3

- Deploy SDDC Cluster

- Restore VM from Backup

- Deploy Native AWS Resources

w/CloudFormation

Provisioning an SDDC via Automation

Route53

Directory

Service

Amazon EFS

Private Endpoint

Route53

CNAME

BLU

E

GREEN

0.0.0.0

172.16.0.0

10.0.0.0

VMworld 2018 Content: Not for publication or distribution

Page 11: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

DEMO 1 Interactive SDDC Provisioning

API Explorer

Postman

SDK for Python

Serverless Architecture: Lambda

Step Functions

VMworld 2018 Content: Not for publication or distribution

Page 12: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Resources VMware Cloud Foundation Workload Configuration

Amazon Virtual Private

Cloud (VPC)

Amazon Elastic Compute

Cloud (EC2)

AWS Identity and Access

Management (IAM)

Amazon Relational

Database Service (RDS)

Amazon Simple Storage

Service (S3)

Provision SDDC

NSX Logical Networks

Firewall Rules

NAT Rules

Virtual Private Network (VPN)

AWS Direct Connect (DX)

vCenter Hybrid Linked Mode

VM provisioning

Application

dependencies

Application configuration

Service registration

Management scripts

Database credentials…

AWS CloudFormation

AWS Lambda: VMware VMC and vSphere SDKs

AWS OpsWorks

VMworld 2018 Content: Not for publication or distribution

Page 13: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

• JSON/YAML format template

• Presents template to CloudFormation Service

• CloudFormation translates that to API request

• Forms a stack of resources

• FREE – only pay for resources

• All regions

• API are called in parallel.

• Manages dependencies/relationships

API calls made on your behalf

Template

A running

environment

Stack

CloudFormation (CFn) Overview

VMworld 2018 Content: Not for publication or distribution

Page 14: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

• Define AWS resources to create / update

• Supports 163 resource types, and growing.• Always refer back to CloudFormation user guide

CFn Template Anatomy - Resources

VMworld 2018 Content: Not for publication or distribution

Page 15: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Validation of AWS resource types

Input validation and restriction

Occurs prior to stack creation

Lists are possible for some types

Control UI using AWS::CloudFormation::Interface

CFn Template Anatomy - Parameters

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

AWS::EC2::AvailabilityZone::Name

AWS::EC2::Image::Id

AWS::EC2::Instance::Id

AWS::EC2::KeyPair::KeyName

AWS::EC2::SecurityGroup::GroupName

AWS::EC2::SecurityGroup::Id

AWS::EC2::Subnet::Id

AWS::EC2::Volume::Id

AWS::EC2::VPC::Id

List<AWS::EC2::Subnet::Id>

VMworld 2018 Content: Not for publication or distribution

Page 16: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

CFn Custom Resources

AWS::CloudFormation::CustomResource or Custom::String

Call and manage custom actions in your stack

Endpoints support SNS & Lambda functions

Dynamic input data

Add to existing resources{Request

PayLoad}

{Response

PayLoad}

Lambda

SNS SQS

Instance

Or

JSON

Template

VMworld 2018 Content: Not for publication or distribution

Page 17: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

CFn Custom Resources – Lambda

Security group

Auto Scaling group

EC2

instance

Elastic Load

Balancing

ElastiCache

memcached cluster

Software pkgs,

config, & dataCloudWatch

alarms

Your AWS CloudFormation stack

Look up VPC ID and Subnet IDs

Deploy SDDC via vSphere SDK

Your AWS Lambda functions

Deploy additional AWS Resources

Notify upon end-to-end completion

Lambda-powered

custom resources

VMworld 2018 Content: Not for publication or distribution

Page 18: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

CFn Custom Resource interaction1. Resource

2. Request Payload{RequestPayLoad}

VMworld 2018 Content: Not for publication or distribution

Page 19: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

CFn Custom Resource interaction3. Code entity

4. Response

Payload

Send payload to pre-signed URL from 2.

{Response

PayLoad}

VMworld 2018 Content: Not for publication or distribution

Page 20: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Coordination by function chaining

λ

λλ

λλλ

λ

VMworld 2018 Content: Not for publication or distribution

Page 21: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Step Functions

VMworld 2018 Content: Not for publication or distribution

Page 22: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Application Lifecycle in AWS Step Functions

Visualize in the

ConsoleDefine in JSONMonitor

Executions

VMworld 2018 Content: Not for publication or distribution

Page 23: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Execute One or One Million

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

Start

End

HelloWorld

VMworld 2018 Content: Not for publication or distribution

Page 24: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Service Catalog

• Create and Manage catalogs of IT services

• Enables Users to quickly deploy Approved IT Services they need self-

service without direct access to underlying services

Organizations Developers

Control

Standardization

Governance

Agility

Self-service

Time to market

VMworld 2018 Content: Not for publication or distribution

Page 25: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Service Catalog - key benefits

Ensure compliance with corporate standards

Help employees quickly find and deploy approved IT services

Centrally manage IT service lifecycle

VMworld 2018 Content: Not for publication or distribution

Page 26: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

DEMO 2 Cloud Formation

Service Catalog

Bender SlackBot

VMworld 2018 Content: Not for publication or distribution

Page 27: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Additional Resources

VMworld Session CODE5591U, Wednesday 08/29 4:00PM:

Leverage Bots to Automate SDDC Deployments in the Cloud

https://github.com/aws-samples/aws-autodeploy-vmware-cloud-on-aws

https://github.com/vmc-field-team/bender

https://vmc.vmware.com/console/developer/sdks

https://vmc.vmware.com/console/developer/code-samples

https://code.vmware.com/samples/3683/postman-rest-samples-for-vmware-cloud-on-aws

https://aws.amazon.com/lambda

https://aws.amazon.com/step-functions/

https://aws.amazon.com/cloudformation/

https://aws.amazon.com/servicecatalog/

VMworld 2018 Content: Not for publication or distribution

Page 28: or distribution Hello, You Had Me at Infrastructure as ... · 172.16.0.0 10.0.0.0 VPCe Backups S3 Bucket - L3VPN to MGW: Cold Migration - L2VPN to CGW: Live Migration - VMware Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

VMworld 2018 Content: Not for publication or distribution