Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Bryan Wood, Partner Solutions Architect, AWS
Chris Lennon, Staff Systems Engineer, VMware
VMworld 2018
Hello, You Had Me at Infrastructure as Code:
Hybrid SDDC Cloud Automation
HYP3003BUS
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Disclaimer
This presentation may contain product features that are currently under development.
Features are subject to change, and must not be included in contracts, purchase orders, or
sales agreements of any kind.
Technical feasibility and market demand will affect final delivery.
Pricing and packaging for any new technologies or features discussed or presented have
not been determined.
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
VMware Cloud on AWS Overview: Software Defined Data Center
On-Premises, SDDC, and Native AWS Services Topology
Automated Provisioning of an SDDC
API Explorer Interface
Postman
vSphere Automation SDK
AWS Native Services Integration
Serverless Architecture & Step Functions
CloudFormation
Service Catalog
Bender: SlackBot IntegrationVMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
vRealize Suite, PowerCLI
VMware Cloud on AWS
AWS Global Infrastructure
On-Premises
Datacenter
AWS Global Infrastructure
vCenter ServerSingle pane of glass and API across on-premises and cloud
Access to all AWS services
Amazon
EC2
Amazon
S3
Amazon
RDS
AWS Direct
Connect
Amazon
Redshift
…
…
…
…
AWS CloudFormation, AWS CLI, AWS SDK
Amazon
DynamoDB
Overview: VMware Cloud on AWS
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute
- 36 PCPUs (72 vCPUs)
- 512GB RAM
- 8 x 2TB NVMe local SSD
- Dedicated Host
vSphere Features
- vSphere HA
- vMotion
- DRS
- Elastic DRS
Storage
- ESXi boot-from-EBS
- 16TB NVMe-backed local raw storage
Networking
- 25 Gbps
- VMware Cloud ENI
Amazon EC2i3.metal
Compute: vSphere on Bare-Metal
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Industry leading platform for
private storage virtualization
NVMe flash on bare-metal
Fully Featured
- Deduplication
- Compression
- Erasure Coding
Write Buffer
Capacity Tier
Disk Group 1 Disk Group 2
Storage: vSAN
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
VMware vSphere + vSAN + NSX
Mgmt
CGW
PrivatePublic
Industry leading platform for
private SDDC network virtualization
Fully Featured advanced
networking and security
services
- Logical L2 Switching(multicast capable)
- Overlays can span L3 routing
- Routing
- Firewalling
- Load Balancing
- VPN
Logical Overlay Networks
IPs from VPC CIDR blockeu-central-1a eu-central-1b
Networking: NSX
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
VMware vSphere + vSAN + NSX
Mgmt
CGW
PrivatePublic
Topology Diagram
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
vCenterMgmt
VMware vSphere + vSAN + NSX
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
CGW
PrivatePublic
VMware Cloud on AWS SDDC
MGWMgmt
vCenter
VGW
Private VIFAWS
Direct
Connect
Customer
Router
ESXi ESXi ESXi
VMware vSphere Distributed Switch
On-Premises Datacenter
vSAN
Witness
EC2
Mgmt
vMotionvMotion
Mgmt
NSX Edge
Appliance
IGW
AWS Customer Acct
VMware
Cloud
ENIs
Route53
Directory
Service
Amazon EFS
Private Endpoint
Route53
CNAME
BLU
E
GREEN
0.0.0.0
172.16.0.0
10.0.0.0
VPCe
Backups
S3 Bucket
- L3VPN to MGW: Cold Migration- L2VPN to CGW: Live Migration- VMware Cloud ENI routes to Customer Acct- Native AWS Services Integration Examples
- Backups over S3 VPC Endpoint- Private Zone DNS resolution- Elastic File System in-guest mount
Topology Diagram
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CGW
PrivatePublic
VMware Cloud on AWS SDDC
Customer
Router
ESXi ESXi ESXi
VMware vSphere Distributed Switch
On-Premises Datacenter
VMware vSphere + vSAN + NSX
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
i3
Metal
Mgmt
AWS Customer Acct
VPCe
Backups
S3 Bucket
- VM Backup to S3
- Deploy SDDC Cluster
- Restore VM from Backup
- Deploy Native AWS Resources
w/CloudFormation
Provisioning an SDDC via Automation
Route53
Directory
Service
Amazon EFS
Private Endpoint
Route53
CNAME
BLU
E
GREEN
0.0.0.0
172.16.0.0
10.0.0.0
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
DEMO 1 Interactive SDDC Provisioning
API Explorer
Postman
SDK for Python
Serverless Architecture: Lambda
Step Functions
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Resources VMware Cloud Foundation Workload Configuration
Amazon Virtual Private
Cloud (VPC)
Amazon Elastic Compute
Cloud (EC2)
AWS Identity and Access
Management (IAM)
Amazon Relational
Database Service (RDS)
Amazon Simple Storage
Service (S3)
…
Provision SDDC
NSX Logical Networks
Firewall Rules
NAT Rules
Virtual Private Network (VPN)
AWS Direct Connect (DX)
vCenter Hybrid Linked Mode
VM provisioning
Application
dependencies
Application configuration
Service registration
Management scripts
Database credentials…
AWS CloudFormation
AWS Lambda: VMware VMC and vSphere SDKs
AWS OpsWorks
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• JSON/YAML format template
• Presents template to CloudFormation Service
• CloudFormation translates that to API request
• Forms a stack of resources
• FREE – only pay for resources
• All regions
• API are called in parallel.
• Manages dependencies/relationships
API calls made on your behalf
Template
A running
environment
Stack
CloudFormation (CFn) Overview
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• Define AWS resources to create / update
• Supports 163 resource types, and growing.• Always refer back to CloudFormation user guide
CFn Template Anatomy - Resources
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Validation of AWS resource types
Input validation and restriction
Occurs prior to stack creation
Lists are possible for some types
Control UI using AWS::CloudFormation::Interface
CFn Template Anatomy - Parameters
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html
AWS::EC2::AvailabilityZone::Name
AWS::EC2::Image::Id
AWS::EC2::Instance::Id
AWS::EC2::KeyPair::KeyName
AWS::EC2::SecurityGroup::GroupName
AWS::EC2::SecurityGroup::Id
AWS::EC2::Subnet::Id
AWS::EC2::Volume::Id
AWS::EC2::VPC::Id
List<AWS::EC2::Subnet::Id>
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CFn Custom Resources
AWS::CloudFormation::CustomResource or Custom::String
Call and manage custom actions in your stack
Endpoints support SNS & Lambda functions
Dynamic input data
Add to existing resources{Request
PayLoad}
{Response
PayLoad}
Lambda
SNS SQS
Instance
Or
JSON
Template
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CFn Custom Resources – Lambda
Security group
Auto Scaling group
EC2
instance
Elastic Load
Balancing
ElastiCache
memcached cluster
Software pkgs,
config, & dataCloudWatch
alarms
Your AWS CloudFormation stack
Look up VPC ID and Subnet IDs
Deploy SDDC via vSphere SDK
Your AWS Lambda functions
Deploy additional AWS Resources
Notify upon end-to-end completion
Lambda-powered
custom resources
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CFn Custom Resource interaction1. Resource
2. Request Payload{RequestPayLoad}
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CFn Custom Resource interaction3. Code entity
4. Response
Payload
Send payload to pre-signed URL from 2.
{Response
PayLoad}
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Coordination by function chaining
λ
λλ
λλλ
λ
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Step Functions
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Application Lifecycle in AWS Step Functions
Visualize in the
ConsoleDefine in JSONMonitor
Executions
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Execute One or One Million
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
Start
End
HelloWorld
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Service Catalog
• Create and Manage catalogs of IT services
• Enables Users to quickly deploy Approved IT Services they need self-
service without direct access to underlying services
Organizations Developers
Control
Standardization
Governance
Agility
Self-service
Time to market
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Service Catalog - key benefits
Ensure compliance with corporate standards
Help employees quickly find and deploy approved IT services
Centrally manage IT service lifecycle
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
DEMO 2 Cloud Formation
Service Catalog
Bender SlackBot
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Additional Resources
VMworld Session CODE5591U, Wednesday 08/29 4:00PM:
Leverage Bots to Automate SDDC Deployments in the Cloud
https://github.com/aws-samples/aws-autodeploy-vmware-cloud-on-aws
https://github.com/vmc-field-team/bender
https://vmc.vmware.com/console/developer/sdks
https://vmc.vmware.com/console/developer/code-samples
https://code.vmware.com/samples/3683/postman-rest-samples-for-vmware-cloud-on-aws
https://aws.amazon.com/lambda
https://aws.amazon.com/step-functions/
https://aws.amazon.com/cloudformation/
https://aws.amazon.com/servicecatalog/
VMworld 2018 Content: Not for publication or distribution
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VMworld 2018 Content: Not for publication or distribution