Posted by Brian on Aug 31, 2010 in Cloud, vCloud, VMware, VMworld, vSphere | 0 comments
So your head is probably spinning this week with all of the news coming out of VMworld 2010. I know it’s only day 2 and each evening my head was pounding after absorbing so much new information. Today was day 2 and the information fountain was turned up all the way with the Keynote speak, there was several new products announced. In this post I am covering vCloud Datacenter service and what it has to offer to your Service Catalog.
To break this down in simple terms. I see this as the public version of vCloud that provides you the ability to link up your internal private cloud build on vCloud Director. This service allows you to provision app’s and VM’s out in the public space when you need to. Maybe its because you are out of space on your private cloud or that you just want something out there for other reasons. The vCloud Datacenter services gives you the interoperability that you want with ease of use and VMware is promising the security that Corporations are demanding. This will all be provided by vCloud Director and the new vShield product family.
Here some of what VMware has to say about vCloud Datacenter services.
Built to predefined specifications and based on secure VMware cloud infrastructure technology, vCloud Datacenter Services provide multilevel, auditable security through SAS 70 Type II or ISO 27001 compliance. vCloud Datacenter Services also provide best-in-class virtual firewall capabilities, Layer 2 isolation, role-based access control and the ability to integrate with Active Directory. Access to end user activity logs keeps you in control and allows you to calibrate user access levels for enhanced end user security.
Because vCloud Datacenter Services are built upon the same, globally consistent foundation as your internal datacenter or private cloud, VMware vCloud Director and VMware vSphere, internal virtualized applications can be easily moved to a vCloud Datacenter Services without re-architecting or refactoring. Rather than being locked into a proprietary cloud platform as you may be with other providers, you can choose the vCloud Service Provider that best meets your needs and manage, move and operate your applications as if they were on site.
Link to vCloud Datacenter services at VMware
Here are some of the differences between what vCloud Datacenter Service has to offer compared to public clouds.
|
vCloud Datacenter Services
|
Other public clouds
|
| COMPATIBILITY AND ADMINISTRATION |
|
|
| Use existing internal VMs or vApps in the cloud |
Yes
|
No
|
| Familiar VMware infrastructure |
Yes
|
No
|
| Authenticate users against enterprise directory |
Yes
|
No
|
| Multi-user, role-based access control |
Yes
|
No – one user per account
|
| Identical GUI for internal and external clouds |
Yes
|
No
|
| Move applications between virtual data centers |
Yes
|
No
|
| PERFORMANCE |
|
|
| Predictable performance from resource allocation (committed VDC and dedicated VDC) |
Yes
|
No – depends on other tenants’ use
|
| Storage performance |
5x
|
1x
|
| NETWORKING AND SECURITY |
|
|
| Firewall per vApp and per organization |
Yes
|
No – per VM
|
| Full virtual layer 2 networking |
Yes
|
No – L3 only
|
| Auditable security with all logs provided |
Yes
|
No
|
| Optional physical segregation of resources |
Yes
|
No
|
Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and is helps lead the Chicago VMUG group. This blog Virtualize Tips was started to document and remember things that I come across while working with tech.
Mail | Web | Twitter | LinkedIn | More Posts (169)
Posted by Brian on Aug 31, 2010 in Cloud, vCloud, VMware, VMworld, vShield, vSphere | 0 comments
Today at VMworld 2010 VMware announces the new family of vShield products. The new products to this family are vShield Endpoint, vShield App and vShield Edge. Each product has been designed for a few core functions that are helping to facilitate and secure the IT as a Service model that VMware is promoting with its new vCloud Director solution. These security related products are going to secure, make management easier and help move down the patch to a cloud infrastructure.
I will try and provide some more details about each product below gathering any details that are available as of today. In the image below are some of the concerns that VMware is address based on what Enterprises have been telling them.
vShield Endpoint – vShield Endpoint provides on-host antivirus and malware protection that reduces performance latency and eliminates the need to maintain individual security agents in each and every virtual machine, helping to simplify security administration while minimizing the risk of malware infections. Datasheet
vShield App -VMware vShield App protects applications in the virtual datacenter from network-based threats. vShield App gives organizations the ability to create and manage business-relevant policies that adapt to dynamic cloud environments. It also provides deep visibility into network communications between virtual machines and granular enforcement through security groups. Datasheet
vShield Edge – vShield Edge is a network gateway solution that protects the edges of the virtual datacenter with DCHP, network address translation (NAT), firewalling, load balancing, site-to-site VPN, port group isolation and other capabilities that help organizations maintain proper segmentation between different organizational units. Datasheet
vShield Manager – Included with all vShield products, vShield Manager provides a central point of control for managing, deploying, reporting, logging and integrating third-party security services. Working in conjunction with vCenter Server, vShield Manager also enables role-based access control and administrative delegation as part of a unified framework for managing virtualization security.
vShield Zones – VMware vShield Zones, included with vSphere, provides basic protection from network-based threats in virtual datacenters, with application firewalling and policy management based on administrator-defined zones, using basic traffic information such as the source IP address, the destination port, and so on.
Here is a quote from a VMware product release.
Enterprise Partner Extranets – vShield lets enterprises extend their networks and application resources to branch offices, home offices and business partner sites through site-to-site VPN services that offer simplified provisioning, streamline administrative tasks and improve scalability. All traffic between sites is encrypted using IPsec to maintain the confidentiality and integrity of all site-to-site communications.
vShield Product Family Brochure
Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and is helps lead the Chicago VMUG group. This blog Virtualize Tips was started to document and remember things that I come across while working with tech.
Mail | Web | Twitter | LinkedIn | More Posts (169)
Posted by Brian on Aug 31, 2010 in Cloud, vCloud, VMworld, vSphere | 2 comments
You can now hear the sigh of relief as many bound by NDA to keep silent about Project Redwood. This morning brings the news of the official announcement from VMware about vCloud Director or vCD. This is the new VMware Cloud Infrastructure solution that will allow Corporations and Service Providers to build clouds and ITaaS ( IT as a Service ) consumption models. Below is a quote from the VMware press release about vCloud Director.
VMware vCloud(TM) Director: A new model for delivering and consuming
infrastructure services
VMware vCloud Director changes the way IT
delivers infrastructure services and the way users access and consume
them. By extending the resource pooling capabilities of VMware
vSphere, VMware vCloud Director enables IT to create "virtual data
centers" (VDCs) -- logical pools of compute, network and storage
resources with defined management policies, SLAs and pricing. IT
organizations can offer these VDCs -- along with catalogs of other
infrastructure and application services such as virtual appliances,
VMs, and OS images -- to users through fully automated self-service
access.
So what is vCloud Director
To put it in the simplest terms it’s a layer that sits on top of vCenter server and abstracts all the resources that vCenter has under it’s control. You then combine all of these resources into large pools for your Customers or Tenants to consume. Also vCloud Director provides the Customer a Self Service portal to use.
So what exactly are the resources that vCloud Director abstracts from vCenter server? Below is a list of the resources and the vSphere term to bring it all together.
- Compute resources = vSphere Clusters and Resource Pools
- Network resources = dvSwitches and portgroups
- Storage = Datastores ( VMFS and NFS )
These resources are then presented to you via the Self Service Portal of vCD. As an administrator you can use the vCloud Director Portal to split up and assign resources to Customers, Department or some other business division. These call also be referred to as an Organization, this sounds a lot like Lab Manager. The vCloud Director product was designed to work with both Enterprise and Service Provider clouds. The resources are divided up and assigned to a Virtual Datacenter or vDC. There are two types of vDC’s available withing vCloud Director.
- Provider Virtual Datacenter ( Provider vDC )
- Organization Virtual Datacenter ( org vDC )
The Provider Virtual Datacenter is the base for compute resources. When creating a Provider Virtual Datacenter you will need to select a resource pool. Nex you will need to associate at least one datastore with the Provider vDC, this might be all LUNs masked to your cluster. Duncan from Yellow Bricks layed out the following theory
Some of my colleagues described the Provider vDC as the object where you specify the SLA and I guess that explains the concept a bit more. So for instance you could have a Gold Provider vDC with 15K FC disks and N+2 redundancy for HA while your Silver Provider vDC just offers N+1 redundancy and runs on SATA disk… everything is possible.
Now that a Provider vDC was created you can create an Org vDC and associate the Org vDC to a vCD Organization. Its possible that an Organization can have multiple Org vDCs associated to it. For example it’s possible to have 3 Org vDCs owned by a single Organization across two Provider vDCs. Those provider vDCs could each have a different SLA.
So in my thought vCloud Director does seem be Lab Manager on steroids which is a phrase that I’ve heard before. Many of these ideas do seem to be based off of the Organizations, configurations and networking that Lab Manager was using.
Pricing and Availability
VMware vCloud Director is currently available and is licensed per VM starting at $150 per VM.
Build Secure, Multi-Tenant Clouds – VMware vCloud Director lets administrators group users by policy, such as a business unit, division or subsidiary. Each group has isolated virtual resources, independent LDAP-authentication, specific policy controls and unique catalogs. To ensure security and compliance in a cloud environment where multiple organizations share infrastructure resources, VMware vCloud Director includes VMware vShield perimeter protection, port-level firewall, and NAT and DHCP services.
vCloud Director Links
Download link for vCloud Director
vCloud Director Install and Configuration guide
vCloud Director User Guide
vCloud Director Administrators guide
Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and is helps lead the Chicago VMUG group. This blog Virtualize Tips was started to document and remember things that I come across while working with tech.
Mail | Web | Twitter | LinkedIn | More Posts (169)
Posted by Brian on Aug 30, 2010 in VMworld | 0 comments
Since I was unable to attend VMworld 2010 I will just be covering as much as possible while working and connecting with people on site in San Francisco. I am creating this as a list of other bloggers that were able to get the Sunday morning preview of the VMworld labs and others that attend during the week. A big thanks to all of these dedicated people that are blogging while being very busy at VMworld.
Jae Ellers of Mister VM
Duncan Epping of YellowBricks.com
Simon Gallagher of VINF.net
Josh Townsend of VMtoday
Bob Plankers of LoneSysAdmin
Vlad Seget of VLadan.fr
Bill Hill of VirtualBill’s Blog
Interview with Lab staff by VirtualBill
Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and is helps lead the Chicago VMUG group. This blog Virtualize Tips was started to document and remember things that I come across while working with tech.
Mail | Web | Twitter | LinkedIn | More Posts (169)
Posted by Brian on Aug 30, 2010 in Cloud, HP | 0 comments
HP today announced HP CloudStart, the industry’s first all-in-one solution for deploying an open and flexible private cloud environment within 30 days.
Built on an HP Converged Infrastructure, HP CloudStart simplifies and speeds private cloud deployments. Consisting of hardware, software and services, HP CloudStart empowers businesses to deliver pay-per-use services reliably and securely from a common portal, and it offers the ability to scale and deploy new services automatically. Real-time access to consumption and chargeback reports allows clients to operate their private clouds in the same fashion as a public cloud.
HP is promoting that they can deliver on the following basic principles of Cloud Computing.
- Request a compute service via a portal
- Have service provided immediately
- Use the service without worrying about security, management, etc.
- Scale or cancel the service
- Get a regular report on consumption or chargeback
See full press release here.
Brian is a Technical Architect for a VMware partner and owner of this website. He is active in the VMware community and is helps lead the Chicago VMUG group. This blog Virtualize Tips was started to document and remember things that I come across while working with tech.
Mail | Web | Twitter | LinkedIn | More Posts (169)
