vCloud Extender – Installation Review

I’m happy to announce VMware has released vCloud Extender for vCloud Director. With that said, I was given the opportunity to provide feedback to our talented engineering and product management teams on installing and reviewing this new valuable solution set.

To start – what is vCloud Extender? vCloud Extender allows tenants to seamlessly migrate workloads to a vCloud Director environment. This is without any net new infrastructure or software purchase: the tenant just needs to add two vApps while the provider would add three – very streamlined. For a provider to get started with Extender, you just need vCloud Director for Service Providers.

Check out VMware’s Introduction to vCloud Director Extender video:

The installation of Extender is extremely streamlined for the tenant and provider environments. This post will go through the installation steps and requirements for an initial successful Extender installation.

Link for vCloud Director Extender download here 

vCloud Director Extender Documentation Link

First off, let’s talk about architecture. I covered this in a previous blog post, but it wouldn’t hurt to reiterate a few of the points. If you haven’t seen the previous blog post on vCloud Extender, check it out here.

On the provider side, we have the following workflow:

  1. Management vCenter deploys Extender Manager appliance. This provides the functionality for managing Extender.
  2. Extender Manager does the following…
    1. Registers to vCD and management vCenter instance
    2. Deploys and activates Replication Manager
    3. Deploys and activates Replication Instance
      1. Replication Instance is then pointed to Resource vCenter (think the Consumption environment where the tenant resides)
  3. A few points of interest:
    1. Proxy Server – you can access the Replication Manager and Replication Instance through a proxy server or a gateway. One of the requirements are to provide a proxy with a public endpoint and configure rules to route the network traffic to the replication components.
      1. This would allow you to have vCD, Extender Manager, and a Reverse Proxy in the DMZ while the replication instances and Replication Manager are in a private management network behind an Edge/FW.
    2. Control traffic – traffic between the Extender instances and replicator instances – all run over HTTPs / 443 traffic. It’s important to note that the on-prem replication instance and the Replication Manager must have bi-directional 443 communication. This is something to ensure your tenants are aware of when planning for installation.
    3. Replication Traffic goes over encrypted TCP which is on port 44045.

On the tenant side, it’s pretty straight forward. We have two appliances to deploy:

  1. Extender Appliance – manages the association with the tenant vCenter instance along with replication instance deployments.
  2. Replication Appliance – is deployed from Extender Appliance and controls the migration (warm or cold) of VM’s. This is based on our new H4 engine – next generation vSphere Replication engine.

From the tenant perspective, we would have something like this:

High Level Steps for installation:

  1. Provider
    1. Deploy Extender appliance in SP management vCenter environment.
    2. Bring up the Extender Manager UI (HTML access)
    3. Start the Configuration Wizard
      1. Associate it with the Management vCenter (where your other management appliances will reside)
      2. Register with vCD
      3. Register with Resource vCenter instance
      4. Deploy Replication Manager – then activate
      5. Deploy Replicator Instance – then activate
    4. Complete – verify Extender sees all connected resources.
    5. For L2 VPN Network Span, this is done by having administrator privileges to the L2 VPN configuration in vCD. From there, we need to establish a L2 VPN Server and L2 VPN Client (Client would be on the tenant environment). A future blog post will cover this in further detail.
  2. Tenant
    1. Deploy Extender appliance in tenant vCenter environment.
    2. Bring up the Extender UI (HTML)
    3. Start the Configuration Wizard
      1. Register tenant vCenter
      2. Register Plugin with vCenter instance
      3. Deploy Replicator instance – then activate
    4. Complete – from here, we could deploy a Network Stretch function (this will be covered in another blog post)

Demonstration Environment for Extender Installation

For the sake of this post and video, I wanted to create a streamlined installation process for vCD Extender. Therefore, my demonstration environment architecture looks like the following:

As you probably can imagine, this is not built for production state, but just to demonstrate the Extender installation. Initial recommendations:

  1. Separation of management/resource vCenter instances
  2. Separation of compute/management clusters for Provider environment
  3. I will be using internal IP’s/FQDN’s for this demonstration – a production environment would have externally facing resources and/or DNS addresses.
  4. Utilization of a Reverse Proxy to segment DMZ / Private Management connectivity. I will point out these options during the installation video.
  5. L2 VPN connectivity / warm migrations will be covered in a future blog post. L2 VPN is not required for cold migrations.

Provider Installation Video:

Tenant Installation Video:

Tenant Connection to Provider and Cold Migration:

 

Any feedback would be much appreciated.

-Daniel

Updated Cloud Provider Program Hands On Lab

One of my esteemed peers, Eric Stine, has updated our Cloud Provider Program Hands On Lab (HOL).

http://labs.hol.vmware.com/HOL/catalogs/lab/3869

For those of you that do not know what the VMware HOL is, it’s our free solution that allows you to try out VMware solutions.

Eric and Dan go over NSX, vSAN, vROps, Log Insight, vCD, vCAv, AND Usage Meter! What’s important is Usage Meter is updated to version 3.6 for those of you that wanted to test out the new functionality before upgrading.

Definitely check it out and give it a whirl!

vCloud Architecture Toolkit – Released!

If you are looking for some extremely valuable reference architecture AT NO COST – check out what we published today on VMware’s site –

https://www.vmware.com/solutions/cloud-computing/vcat-sp.html

So why is this so special? The vCAT page is a single entity for all of our vCloud designs posted by our Global Cloud Practice. We break this out by the following categories:

  1. Cloud Automation and Orchestration
  2. Cloud Operations and Management
  3. Hybridity
  4. Network and Security
  5. Storage and Availability
  6. Digital Workspace

As you can see in the chart below, we have multiple architecture papers in each of these domains.

Some of my favorites:

  1. Architecting a vCD Solution by Tomas Fojta – LINK
  2. Architecting a NSX Solution by Michael Haines and Jeffrey Moore – LINK
  3. VMware vCenter Use Cases and Architectures by Martin Hoskin – LINK

Honestly, all of them are amazing. Moreover, these are publicly available. If you aren’t reading up on them, you are missing out on some valuable information.

A little about the Global Cloud Practice – they are my peer team here in the Cloud Provider Program and we are working together to support our strategic SP’s. I truly enjoy working with them and quite frankly, learning from them.

Definitely review and engage us to discuss your objectives further!

-Daniel

vCloud Director 9 Released! My 3 Favorite Things.

So I’m sure many of you saw the release of vCD9 – in my opinion, one of the largest releases in some time now. Many exciting features to talk about, but I’m going to highlight a few very valuable things that will change how providers utilize vCD9 in the future.

Oh, before I forget – release notes: https://docs.vmware.com/en/vCloud-Director/9.0/rn/rel_notes_vcloud_director_90.html

Multi-Site Federation Capability

This is a phased approach, but the first phase of this providing the ability to view two distinct vCD sites from a single console and provide a trust relationship between them.

More info here – Configuring and Managing Multisite Deployment – vCD9 Documentation

Tenant Metrics built into vCD + vROps Tenant App

Big addition here. Natively, some level of performance data has been in the Cassandra DB for some time – it was up to the SP’s to utilize the data if they choose.

Part of vCD9 is the ability to see basic monitoring data of their vApps/VM’s from the tenant UI.

There is no additional charge for this capability inside of vCD9 – which is fantastic: new capabilities for your end-users.

Now if you want advanced monitoring and analytical capabilities, we have the vRealize Operations tenant plugin for vCD. This complements the built-in tenant metrics and one could run this side by side based on the tenant use case.

So how does the vROps integration work – it collects data from vCenter backing vCD and there’s a management pack for vCD that filters data into vCD constructs like org vDCs and so on.

For multi-tenancy, one can provide two distinct views: Provider and Tenant. A user configured as Service Provider admin can see both views while a Tenant can only see the Org views. User and Role creation is a manual process at this time.

Please note that for vCD9 integration, you must run vROps 6.6 with the 4.5 Management Pack. Get the management pack here:

https://marketplace.vmware.com/vsx/solutions/management-pack-for-vcloud-director

As expected, for the vROps integration, you will need to be licensed for Advanced or Enterprise for the vCD9 integration.

NSX Networking Additions

Always love this. Some awesome additions:

  1. Ability to spin up DLR’s between org networks and edge gateway from the UI
    1. Notes:
      1. Existing org network can be converted to use a DLR
      2. Org network can either be connected to an Edge or DLR
      3. Only DNS and DHCP from the edge can be relayed to org networks
    2. Read more here in the What’s New Whitepaper – Link to vCD9 What’s New Whitepaper
  2. Trunking Support for VLANs and External Networks
    1. Notes:
      1. Support only for router and external networks
  3. Security Groups for Distributed Firewalls
    1. Documentation for Managing Security Groups

Gosh, there’s so much more to cover. But these are my three top things I wanted to cover this morning.

Last of all, I want to thank our Product Management, Marketing, and Engineering teams at VMware – without them, this could not of happened. I’m just highlighting THEIR efforts while I provided feedback.

Enjoy and I look forward to seeing vCD9 in action with many of our providers.

-Daniel

 

vCD 9 – Metadata to control Edge Placement

With vCD9 now GA, I can post this!

One of the things our team has been diligently working on is the ability to specify a host cluster to be an edge cluster for edge deployments. This is a recommended design methodology in NSX, especially for providers to control scalability and allow for proper North/South traffic. I had a conversation with one of our SP’s who was beta testing vCD9 and this came up in discussion.

In vCD9, we will have the ability to utilize metadata to force edge placement in a pvDC. Associated KB will be posted shortly.

Summary steps:

  1. In vCenter, create the cluster that will be holding said Edges.
  2. We need to get the resource pool MoRef now. Use the Managed Object Browser or query by running the ‘{url}/api/admin/extension/providervdc/{pvdcId}/resourcePools’ query). You need to discover the name and Managed Object ID of the resource pool. The name will be used to attach the resource pool to the pVDC and the Managed Object ID for the metadata you create.
  3. In vCD, create the provider vDC, then attach another resource pool to it, specifying the name of the resource pool backed by the Edge Cluster you set up in Step 1. New org vDC’s will have access to this RP by default.
  4. Click on the Metadata tab of the Provider vDC to create the following metadata for the resource pool object.
    1. placement.resourcepool.edge = resource-pool-Managed-Object-ID
    2. For example,  placement.resourcepool.edge = respool-12

Done. With this tag in place, new Edges will be automatically created in this resource pool while no other vApps will be placed there. Previous Edges can be redeployed into this RP now also.

Preparing for my VCAP-NV…

So I’ve been in the process of preparing for my VCAP-NV (3V0-643) to earn my VCIX-NV.

There’s been a lot of great material that’s been posted online, but I’m going to share my study plan so it’s documented for others. My goal is to take this by calendar year end if possible.

  1. Clinton Prentice did an amazing job with his study guide – I’ve been working on his guide posted here – https://vzealand.com/category/vcap6-nv-study-guide/
  2. There was a beta Blueprint that’s still really valuable – I could never find the live version of the blueprint, so using this as part of my plan. It’s attached to this post but also link here – https://blogs.vmware.com/education/files/2015/12/Exam_Prep_Guide_3V0-643_v1.2.pdf
  3. vCloud Director nested environment
    1. You won’t be able to prepare sufficiently for this test without hands-on experience.
    2. Currently, I have a 3 node nested ESXi environment with 6.5 ESXi and 6.3.3 NSX running on a vCD environment. I will be expanding this further and probably may follow Clinton’s lab design too – but trying out different things.
  4. Got a new addition – Ryan Johnson shared Iwan’s study guide that will be part of my regiment – http://www.vcix-nv.com/vcix-nv-study-guide/

More to come – but this is definitely exciting (and scary)!

-Daniel

Exam_Prep_Guide_3V0-643_v1.2

We are now desensitized by technology.

This is a little bit of a rant, but it’s very evident as of late and wanted to share my opinion regarding this matter.

I have fully realized we are now desensitized by technology.

This became very evident at the Apple Event on September 12th. While yes, I am an Apple fan, but I’ve heard quite a bit of criticism on Apple’s launch event.

One thing amazed me was the release of the Series 3 watch – Apple has introduced LTE inside of the new Apple Watch. This is definitely a natural evolution of a product, but amazing that this fits now in a computing device that’s about 28.7 grams and has the height of 38.6mm.

What grabbed me was the live demo of Jeff Williams calling one of his associates (Deidre) while she was paddle boarding in the middle of some body of water.

Now this was without any phone attached and it sounded crystal clear.

Let’s think about this for a moment. We now have the capability of calling someone from a device that’s as small as a car fob and people were expecting more from this event.

Jeff even went “rogue” for a minute and spoke about how some people take technology for granted.

At VMworld this year, Pat Gelsinger spoke about our “frame of reference” continues to change based on technology. Is this a nice way of saying we are taking this type of technology for granted? That we expect dramatic change at every product release? Do we have overstated expectations?

Cloud Computing and this field has changed how we think of Data Centers today and will continue to dramatically change the landscape we know over the next several years – I can’t imagine what it’ll look like in 10 years.

However, I think sometimes we need to take a step back, sit down, and appreciate how far we’ve come in the past several years. There are some incredible companies that have changed our “frame of reference” and how we engage with others on a daily basis.

But where’s those dang flying cars?? 😉

-Daniel

vCloud Extender – What is it?

Part of our upcoming release of vCloud Director 9 is vCloud Extender. I’d like to do an intro to this new solution since we’ve been getting a lot of questions in the Solutions Exchange.

Extender is VMware’s replacement for vCloud Connector – in essence, the ability to migrate workloads to a VMware vCloud Director environment. Our goal is to make this extremely easy and allow tenants (end-users) the ability to migrate their own workloads. Self-sufficiency is the name of the game here.

Moreover, we want the ability to provide Data Center L2 extension – ability to migrate workloads using the same IP space. Does not require NSX in the tenant environment.

Last of all, cost. If you are a current VMware Cloud Provider using vCloud Director, there will be no additional cost for Extender.

Migrations are cold or warm. Well, what does this mean? Cold – ability to take a powered off VM and replicate over. Warm – synchronize based on assigned RPO. Once cutover is ready, Extender will power off the VM in tenant environment and power on in the cloud environment.

Let’s do a high-level overview of what Extender consists of. Please note that more details will be provided on release but wanted to give some insight on what to expect.

Provider (presuming current vCD architecture):

  1. Extender Manager appliance
    1. Deployed to a resource vCenter inside provider
    2. Credentials are provided to existing vCD instance(s)
  2. Replication Manager appliance
    1. Provides management of replication activities between tenants and provider
  3. Replicator appliance
    1. Provides replication state for selected VM’s

The provider deployment will be done through a very simple UI as seen below:

Tenant:

  1. Extender Connector appliance
    1. Connects to Extender Manager running in Provider environment
    2. Also provides direct registration of the Extender plugin into vCenter
  2. Replicator
    1. Provides replication state for selected VM’s to vCD
  3. NSX Edge Appliance (optional – required for warm migrations)
    1. The installation will take care of deploying a Standalone Edge in the on-prem environment to provide L2 VPN connectivity.

Again, a very simple UI interface for deployment:

Once deployed on the tenant side, the end user gets a clean (HTML5!) interface from vCenter:

From here, there are three key sections:

  1. Establishing a connection to your respective organization virtual Data Center (vDC) instance. Note this will require org administrator credentials.
  2. Creating the DC Layer 2 Extension connections. This is back-ended by the standalone edge deployed that will connect to provider edges established by vCD.
  3. Migrate workloads – cold or warm as described above.

Below is a quick intro video to demonstrate functionality (note – no sound but provides a look and feel on what to expect).

More to come as we GA Extender with vCD9 – but I have to say I’m very excited about this release and providing a easy way to migrate workloads to a VMware Cloud Provider.

-Daniel

vCloud Director 9 has been announced!

First off, I should have had this drafted before I hit VMworld – big mistake! Cannot underestimate the amount of time that is spent here.

I’m very excited to discuss the announcement of vCD 9 – we’ve been beta testing this with a select group of providers and have been getting some great feedback.

Formal announcement here: https://blogs.vmware.com/vcloud/2017/08/vmware-announces-new-vcloud-director-9-0.html

Key areas I’d like to highlight:

  1. Tenant UI is now all HTML5. This is great as if it follows our new approach to H5 and provides the ability for providers to customize. We will continue to release new skins as time progresses.
    1. NOTE: part of the engine overhaul also separates the UI from the vCD process. Therefore, we will be able to make UI changes without disrupting the vCD backend daemon.
  2. Extender – I’ll have more on this soon, but we have a new plugin to move workloads from the tenant on-prem infrastructure to vCD cloud environment: cold or warm. This plugin will be at no additional cost to our Cloud Provider Partners.
  3. Validated Stack – our BU will now publish a certification matrix on what versions of code have been validated for vCD. This will take the guesswork out of upgrades and deployments – saving you time!

Again, more to come but very excited about vCD 9. #longlivevCD

vROps Management Pack for vCD – NOW Tenant App!

I recently did a blog on the Management Pack for vCD on vROps – great way of a vCD admin to manage their vCD solution.

VMware just released the vRealize Operation Tenant App for vCloud Director 1.0 – this now allows you to provide tenant access to their org/VDC and provide tenant-level metrics! Very excited about this.

What’s New?

  1. Tenant Admin specific views to enable Operations Management solving monitoring, troubleshooting and capacity planning use cases
  2. Provider Admin can pick and choose the tenants to whom access it to be provided
  3. Photon OS based Virtual appliance (OVA) for easier installation
  4. HTML5 Client based on VMWare Clarity

Get it here: https://marketplace.vmware.com/vsx/solutions/management-pack-for-vcloud-director