http://blogs.vmware.com/consulting/2016/07/validated-design-sddc-2-0-now-available.html
------
Recently I
have been involved in a rather cool project inside VMware, aimed at validating
and integrating all the different VMware products. The most interesting customer
cases I see are related to this work because oftentimes products work
independently without issue—but together can create unique problems.
To be
honest, it is really difficult to solve some of the problems when integrating many
products together. Whether we are talking about integrating a ticketing system,
building a custom dashboard for vRealize Operations Manager, or even building a
validation/integration plan for Virtual SAN to add to existing processes, there
is always the question, “What would the experts recommend?”
The goal of
this project is to provide a reference design for our products, called a VMware
Validated Design. The design is a construct that:
- Is built by expert architects who have many years of experience with the products as well as the integrations
- Allow repeatable deployment of the end solution, which has been tested to scale
- Integrates with the development cycle, so if there is an issue with the integration and scale testing, it can be identified quickly and fixed by the developers before the products are released.
All in all, this has been
an amazing project that I’ve been excited to work on, and I am happy to be able
to finally talk about it publicly!
Introducing the VMware Validated Design for SDDC 2.0
The first of these designs—under
development for some time—is the VMware Validated Design for SDDC (Software-Defined Data
Center). The first release was not available to the
public and only internal to VMware, but on July 21, 2016, version 2.0 was released
and is now available to everyone! This design builds not only the foundation
for a solid SDDC infrastructure platform using VMware vSphere, Virtual SAN, and
VMware NSX, but it builds on that foundation using the vRealize product suite
(vRealize Operations Manager, vRealize Log Insight, vRealize Orchestrator, and
vRealize Automation).
The VMware Validated Design
for SDDC outcome requires a system that enables an IT organization to automate
the provisioning of common, repeatable requests and to respond to business
needs with more agility and predictability. Traditionally, this has been
referred to as Infrastructure-as-a-Service (IaaS); however, the VMware Validated
Design for SDDC extends the typical IAAS solution to include a broader and more
complete IT solution.
The architecture is based
on a number of layers and modules, which allows interchangeable components to be
part of the end solution or outcome, such as the SDDC. If a particular
component design does not fit the business or technical requirements for
whatever reason, it should be able to be swapped out for another similar
component. The VMware Validated Design for SDDC is one way of putting an architecture
together that has been rigorously tested to ensure stability, scalability, and
compatibility. Ultimately, however, the system is designed to ensure the
desired outcome will be achieved.
The conceptual design is
shown in the following diagram:
As you can see, the design
brings a lot more than just implementation details. It includes many common “day
two” operational tasks such as management and monitoring functions, business
continuity, and security.
To simplify such a complex
design, it has been broken up into:
- A high-level Architecture Design
- A Detailed Design with all the design decisions included
- Implementation guidance.
Let’s take an in-depth look.
Virtualized Infrastructure
The SDDC virtual infrastructure consists of a single region, which can
be expanded. Each region includes a
management pod, an edge pod, and a compute pod.
This is a standard design practice and has been tested in many customer environments. The purpose of each pod is as follows.
Management Pod
Management pods run the virtual machines that manage the
SDDC. These virtual machines host vCenter Server, NSX Manager,
NSX Controller, vRealize Operations, vRealize Log Insight, vRealize
Automation, Site Recovery Manager, and other shared management components.
All management, monitoring, and infrastructure services are provisioned to a
vCenter Server High Availability cluster, which provides high availability for
these critical services. Permissions on the management cluster limit
access to administrators only. This protects the virtual machines running the
management, monitoring, and infrastructure services.
Edge Pod
Edge pods provide these main functions:
- Support on-ramp and off-ramp connectivity to physical networks
- Connect with VLANs in the physical world
- Optionally host centralized physical services
Edge pods connect the virtual networks (overlay networks) provided
by NSX for vSphere and the external networks. Using edge pods reduces
costs and scales well as demands for external connectivity change.
Compute Pod
Compute pods host the SDDC tenant virtual machines
(sometimes referred to as workloads or payloads). An SDDC can mix different
types of compute pods and provide separate compute pools for
different types of SLAs.
Software-Defined? Yes, please! (Virtual SAN and VMware NSX Included)
As a part of the above design, you can see that it is truly
software defined with both VMware NSX and Virtual SAN parts of the design. I am
not going to lie, I am passionate about Virtual SAN as I have been working with
it for some time and, to be frank, it is amazing. Here are some details about
the design for Virtual SAN and NSX pieces that are included in the design:
Virtual SAN
Virtual SAN is a new technology compared to vSphere. Over
the releases, some amazing features have been added, and it is included here due
to the benefits it gives to the operational structure. The shared storage
design selects the appropriate storage device for each type of cluster:
- Management clusters use Virtual SAN for primary storage
and NFS for secondary storage.
- Edge clusters use Virtual SAN storage.
- Compute clusters can use FC/FCoE, iSCSI, NFS, or
Virtual SAN storage. At this stage, this design gives no specific guidance
for the compute cluster.
This allows for flexibility
rather than a blanket solution for each cluster. The following depicts the
logical design:
VMware NSX
The VMware Validated Design for SDDC implements
software-defined networking by using VMware NSX for vSphere. What I like a lot
about NSX is that in much the same way server virtualization revolutionized how
Virtual Machines are managed, it is doing the same thing for virtual networks..
This results in a transformative approach to networking that
not only enables data center managers to achieve orders of magnitude better
agility and economics, but also supports a vastly simplified operational model
for the underlying physical network. NSX for vSphere is a non-disruptive
solution because it can be deployed on any IP network, including existing
traditional networking models and next-generation fabric architectures, from
any vendor.
The design looks like the following:
From my experience, when administrators provision workloads,
network management is one of the most time-consuming tasks. Most of the time
spent provisioning networks is consumed configuring individual components in
the physical infrastructure and verifying that network changes do not affect
other devices that are using the same networking infrastructure.
The need to pre-provision and configure networks is a major
constraint to cloud deployments where speed, agility, and flexibility are critical
requirements. Pre-provisioned physical networks allow for the rapid
creation of virtual networks and faster deployment times of workloads utilizing
the virtual network. This works well as long as the physical network you need
is already available on the host where the workload is to be deployed. However,
if the network is not available on a given host, you must find a host with the
available network and spare capacity to run your workload in your environment.
Getting around this bottleneck requires a decoupling of
virtual networks from their physical counterparts. This, in turn, requires that
you programmatically recreate all physical networking attributes required by
workloads in the virtualized environment. You can provision networks more
rapidly because network virtualization supports the creation of virtual
networks without modification of the
physical network infrastructure.
The Cloud
Of course, no SDDC is complete without a
cloud platform. vRealize Automation is definitely a part of the design. It is a
big piece, so I wanted to show the
conceptual design of the architecture here because it provides a high-level
overview of the components, user types, and operations in workload
provisioning.
For anyone who is unfamiliar with it, the Cloud Management Platform consists of the following design element and components.
Design Element
|
Design Components
|
Users
|
· Cloud
administrators: Tenant, group, fabric, infrastructure, service, and other
administrators as defined by business policies and organizational structure.
· Cloud
(or tenant) users: Users
within an organization who can provision virtual machines and directly
perform operations on them at the operating system level.
|
Tools and supporting
infrastructure
|
Building
blocks that provide the foundation of the cloud:
· VM
templates and blueprints: VM templates are used to author
the blueprints that tenants (end users) use to provision their cloud
workloads.
|
Provisioning infrastructure
|
On-premises and off-premises
resources, which together form a hybrid cloud:
· Internal
Virtual Resources: Supported hypervisors and associated management tools
· External
Cloud Resources: Supported cloud providers and associated APIs
|
Cloud management portal
|
A portal that provides
self-service capabilities for users to administer, provision and manage
workloads:
· vRealize
Automation portal, Admin access: The default root tenant portal
URL used to set up and administer tenants and global configuration options.
· vRealize
Automation portal, Tenant access: Refers to a subtenant and is
accessed using an appended tenant identifier.
|
The advantage here is that it has been
tried, tested, and loaded into the validated design to ensure issues are
correctly identified and fixed before the platform is deployed.
Monitoring and Operational Procedures
Finally, having new monitoring and
operational procedures in place is becoming a hard requirement for many
businesses. The VMware Validated Design for SDDC includes a great design for
both vRealize Operations Manager as well as vRealize Log Insight. In addition,
it goes into all the different practices to back up, restore, and operate the
actual cloud that has been built. It doesn’t go as far as a formal operational
transformation for the business, but it does a great job showing many standard
practices that can be used as a basis for defining what you, as a business
owner, need in order to operate the cloud.
The following illustrates part of the design showing how vRealize
Operations Manager contains functional elements that collaborate for data
analysis and storage, and support creating clusters of nodes with different
roles:
Overall, this is a really powerful
platform that will revolutionize the way you see the environment.
Download It Now!
I look forward to future updates
that further expand this design (including use cases that allow for granular customization
of the design), and also for other designs that address different IT outcomes. Look
for those being released, as well.
I hope this helps you during
your architectural design discussions and has demonstrated that the integration
story is not only possible, but can make your experience deploying an SDDC much
easier.
Look for me and other folks
on the VMware Professional Services Engineering team as well as the Integrated
Systems Business Unit at VMworld, as well as other customer events such as
vMUGs and vForums. We are happy to answer any questions you may have about the
VMware Validated Designs!
No comments:
Post a Comment