VMware vCloud Director is a cloud management platform that allows organizations to pool virtual infrastructure resources and provide self-service access through policy-driven automation. The document provides an overview of VMware vCloud Director 1.5 including its components, architecture for deployment, and how to set up cloud resources, organizations, catalogs, and chargeback capabilities.
3. 3 Confidential
VMware Accelerating the Journey to Cloud
Cloud Computing is an approach to computing that leverages the efficient pooling
of on-demand, self-managed virtual infrastructure, consumed as a service.
Pooling
From machines to highly
elastic resource pools, with on-
demand capacity
Zero-Touch Infrastructure
Policy-driven automation of
provisioning, deployment and
management
Self-Service
Easy access with policy-
based provisioning and
deployment
Control
Application-aware
infrastructure with built-in
availability, scalability, security
and performance guarantees
Open & Interoperable
Application mobility between
clouds, based on open
standards
Leverage Existing
Investments
Benefits of cloud computing to
existing applications and
datacenters
Efficiency thru Utilization
and Automation
Agility with Control Freedom of Choice
4. 4 Confidential
Gold” vDC
Physical
Group
Resources
into
“Service
Tiers” with
Specific
costs
Resource
Groupings:
Provider vDC
Org Resource
Allocation
Org: Finance
Access Control
vDCs
Catalogs
Provisioning Policies
Org: Sales
Access Control
vDCs
Catalogs
Provisioning Policies
Host
Network
SAN
vSphere
Resource Pool
Datastore
Port Group
VMware vCloud Director
Gold
Silver
From vSphere to Cloud Infrastructure
5. 5 Confidential
§ VMware Cloud Components and Licensing
§ VMware Cloud Architecture
§ Deploying a VMware Cloud
6. 6 Confidential
VMware Cloud Components
§ VMware vSphere and vCenter Servers
§ VMware vCloud Director
§ vShield for VMware Cloud Director
§ Chargeback Server
7. 7 Confidential
VMware vSphere and vCenter Server
§ Clusters and Resource Pools
• Provide cloud compute
• DRS is a requirement for the cluster
• Shared storage
• vMotion compatible or EVC enabled
§ Datastores
• Provide cloud storage
• Abstract away underlying storage
type
§ Portgroups
• Provide cloud networking
• Abstract away underlying
networking infrastructure
• vSwitch, vNetwork Distributed
Switch or Nexus 1000V
FC Storage
vNetwork Distributed Switch
vSphere Cluster/Resource Pool
iSCSI Storage NFS Storage
vCenter Server
ESXi/ESX hosts
8. 8 Confidential
VMware vCloud Director
§ Define standard infrastructure
tiers called Virtual Datacenters
• Pool virtualized infrastructure
resources across multiple vCenter
Servers
§ Define standard collections of
VMs called vApps
§ Create Organizations and
manage users with RBAC
§ Provide UI for users to self
provision vApps into Virtual
Datacenters
§ Provide secure multi-tenancy
using vShield Edge
9. 9 Confidential
VMware vCloud Director Installation and Licensing
§ Installs on RHEL 5 U4 or higher
64-bit machine
§ VMware vCloud Director
supports
• VMware vSphere Editions
• VMware vSphere Enterprise*
• VMware vSphere Enterprise Plus
• VMware vCenter Server Editions
• VMware vCenter Server 4.0 Standard
• Minimum requirements
• vSphere and vCenter Server versions
4.0 U2 and 4.1.
VMware vCloud Director licensed by concurrent
powered-on VMs managed by VCD
vCenter Server
VMware vCloud
Director
*vSphere Enterprise will not support VLAN backed Network Pools and VMware vCloud Director Network Isolation (VCDNI) backed Network Pools
10. 10 Confidential
Oracle Database
§ Oracle 10g/11g Standard or Enterprise database
• Oracle Express is not supported
• Will work for small test/dev, POC type deployments
• See Express database memory and storage restrictions on Oracle website
§ Database can be run physical or in a virtual machine
§ Ensure that the database is backed up and replicated
• Consult with your favorite DBA
§ Sizing requirement guidelines
Database size VMs Users Orgs
173 MB 7943 4096 3854
343 MB 12793 4918 3951
443 MB 16443 11450 5022
11. 11 Confidential
VMware vShield for VMware vCloud Director
§ VMware vShield Edge provides end point security
• Available for download with vSphere Enterprise and Enterprise Plus.
§ One vShield Manager required per vCenter Server
• Provides network edge security
• Provides firewall, NAT, port forwarding, IP masquerading and DHCP
functionality (enforces multi-tenancy)
• Edge appliances deployed and managed by VMware vCloud Director on
vSphere.
• Separate client not required.
• Does not require separate database
12. 12 Confidential
VMware Chargeback Manager 1.5
§ Associate costs and bill for
VMware vCloud Director usage
• Uses vCloud data collectors to
collect billable events from VMware
vCloud Director database
• Uses vCenter data collectors to
collect usage data for vCenter
Servers providing resources
§ Database
• SQL Server 2005 and 2008
• Oracle 10g/11g Ent. or Std.
§ Built-in load balancer
• Create new Chargeback servers to
scale with the cloud
§ Licensed per VM
13. 13 Confidential
§ VMware Cloud Components and Licensing
§ VMware Cloud Architecture
§ Deploying a VMware Cloud
15. 15 Confidential
§ VMware Cloud Components and Licensing
§ VMware Cloud Architecture
§ Deploying a VMware Cloud
16. 16 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
17. 17 Confidential
Install and protect VMware Cloud components
§ Create a Management Cluster
• Verify DNS, AD, NTP availability
and redundancy
• Install vCloud Director Server on a
Management Cluster
• vCloud Director Server
• load balancer (if using >1 cell)
• Database
• vShield Manager virtual appliance
• Chargeback Server
• Chargeback SQL Server
• Protect using HA, DRS and SRM.
• Backup Management VMs via
storage level backups or vDR.
• Backup the Databases
• Use VUM to patch hosts
Management cluster
ESXi/ESX Servers
18. 18 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• vCenter Servers
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
19. 19 Confidential
VMware vCloud Director web portal
§ Provides a convenient web
based portal for
• Cloud administrators to deploy and
manage cloud resources
• End users to use cloud resources
§ Web based – works with any
standard browser
§ Rich Flash based UI experience
20. 20 Confidential
Cloud Personas
§ Cloud Administrator
• Deploy and manage cloud infrastructure
• Add vCenter Servers
• Create Provider VDCs, External Networks and Network Pools
• Create Organizations
• Create Organization VDCs and Organization Networks
§ Organization Administrator
• Organization user and roles management
• Creating catalogs
• Managing organization policies leases, quotas and limits
• Setting up org specific SMTP settings and org specific domain to join
§ End Users
• Use vApps from catalogs
• Create vApp networks
21. 21 Confidential
Add vCenter Servers
§ VMware vCloud Director
supports multiple vCenter
Servers
§ vCenter Servers provide
• Compute via Clusters and
Resource Pools
• Storage via Datastores
• Networks via portgroups and
vNetwork Distributed Switches
§ Requires vCenter user with
admin credentials
§ Requires vShield Manager
connected to vCenter Server
22. 22 Confidential
Create Provider Virtual Data Centers (VDC)
§ Combine compute and storage
into standard offerings
• Created by Cloud administrator
§ To create Provider VDC
• Select a Resource Pool/Cluster
• Select datastores that you wish to
attach to the Provider VDC.
• Max of 256 datastores per Provider VDC
§ Choose from across inventory
of vCenter Servers
§ VMware vCloud Director
prepares each host in the
cluster by installing an agent.
Host does not require reboot.
23. 23 Confidential
Examples of Provider VDCs
§ Use Provider VDCs to offer tiered compute and storage
• Fast, medium, slow compute and storage
• Silver (SATA), Gold (FC), Platinum (EFD), Unobtainium (aggregate) storage
• Nehalem based clusters, AMD based clusters
§ Create a Provider VDC per tier of compute and storage you wish to
offer to users
24. 24 Confidential
Types of Network Pools
§ Portgroup-backed
• Create isolated portgroups in vSphere manually or with automation
• Attach a collection of them to VMware vCloud Director
§ VLAN-backed
• VMware vCloud Director will automatically create portgroups as needed,
and use a range of VLANs to isolate them
§ VMware vCloud Director Network Isolation-backed
• Proprietary network isolation technology
Network Pool Building Blocks
VLAN Backed + VLAN tags
VCDNI + one VLAN for transport
Portgroup backed or portgroupsvSwitchvNetwork Distributed Switch
vNetwork Distributed Switch
vNetwork Distributed Switch
25. 25 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• Adding vCenter Servers
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
26. 26 Confidential
Create Organizations
§ Unit of tenancy
§ Isolate groups or users or lines of
business from each other
• E.g. Finance and IT
• created by Cloud administrator
§ Users on boarded to organizations
§ Each organization has a unique URL in
the VMware vCloud Director system
27. 27 Confidential
Authentication and RBAC
§ 3 Ways to Manage Users
• Local Users
• Simplest. User auth stored in DB
• One LDAP server for entire
cloud
• E.g. corporate Active Directory
• Organizations = OUs
• LDAP server per-organization
§ Users & Groups assigned
Roles
• Roles = collection of rights
• Create new or edit existing roles
28. 28 Confidential
Leases, Quotas and Limits
§ Exercise control via leases,
quotas and limits
§ Set by Organization
administrator
• Lease – Length of time that a user
can use a vApp in a VDC
• Runtime and storage lease
• Quotas
• Running VM Quota
• Stored VM Quota
• Limits
• Heavy operations
• Per user
• Per Org
• Simultaneous connection per VM
29. 29 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• Adding vCenter Servers
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
30. 30 Confidential
Create Organization VDCs
§ Allocate resources to
organizations using
Organization VDCs
§ Org VDCs are allocated from
Provider VDCs
• Can be as large as a Provider VDC
• All Organization VDCs in a Provider
VDC are the same tier of service
• Each organization VDC represents
a tier of service
• SLA
• Cost
§ vApps run in Org VDCs
Premium
Provider VDC
Commodity Provider
VDC
Org 1
Premium
Organization
VDC
Org 2 Premium Organization
VDC
Org 1 Org 2
Premium
Provider VDC
Other
Provider VDC
31. 31 Confidential
Create Organization Networks
§ Provide connectivity to workloads running inside an organization
Network Features
Internal Connectivity to vApps within the organization. No external connectivity
External Routed Connectivity to vApps and services on a shared external network. vShield Edge device is deployed outside
the organization to provide NAT and firewall services for vApps inside the organization
External Direct Connect Connectivity to vApps and services on a shared external network. vApps get IP addresses on the external
network. No NAT or firewall exists between the organization vApps and other vApps on the External
Network
32. 32 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• Adding vCenter Servers
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
33. 33 Confidential
Catalogs
§ Catalogs are collections of vApps and
media created & owned by Organizations
• Can be shared (to the org) & published (to the
whole cloud)
§ Examples:
• Infrastructure as a Service Catalogs
• Empty Small, medium and large VMs/vApps.
• Pre-installed Windows & Linux VMs
• OS Media files (ISO, floppy images)
• App catalogs
• Corp standard Database servers, application servers
• If post deploy configurations are needed, guest customization
in VCD can run custom scripts
Linux Templates
Windows Templates
Engineering vApps
Basic Media
Catalog
IT - Oracle vApps Premium
Media Catalog
34. 34 Confidential
vApps
§ Container of one or more VMs
• Package up multi-tier applications
into vApps
• Operate on VMs as one unit
• Select boot order of VMs, start
delays and stop delays
• Set runtime and storage leases
§ Can be created from scratch
• Building blocks templates in the
catalog
§ Can be imported from outside
the cloud
Availability =
99.99%
Security = High
Performance =
msec
SLA Definitions
vApp
App
OS
App
OS
App
OS
§ Uses the OVF standard
• Captures meta data about the VMs
• Allows import and export between
clouds in standard format
35. 35 Confidential
Deploying a VMware Cloud
§ Setting up Management Cluster
§ Setting up Cloud resources
• Adding vCenter Servers
• Provider VDC
• External Networks
• Network Pools
§ Setting up Organizations
• Setting up Users, roles and previliges
• Setting up Policies
§ Setting up Organizational Resources
• Organization VDC
• Organization Networks
§ Setting up Catalogs of vApps and Media
§ Setting up Chargeback
36. 36 Confidential
Chargeback
§ Manage cloud organizations
and workloads via heirarchies
§ Attach cost models
§ Generate usage and billing
reports
37. 37 Confidential
Connecting Chargeback to the Cloud
§ Install Chargeback data
collectors for
• vCenter Server
• VMware vCloud Director
• vShield Manager
§ Add Cloud vCenter Server to
Chargeback Server
38. 38 Confidential
Setting up Heirarchies
§ Chargeback automatically
creates heirarchies for
organizations created in
VMware vCloud Director
§ Under each organization, four
top level folders are created
• Allocation Pool
• Reservation Pool
• Pay-As-You-Go
• Networks
§ Any changes made to
Organization VDCs will be
reflected in Chargeback
heirarchy
39. 39 Confidential
Cost Models
§ Chargeback ships with a set of
cost models pre-defined for each
VMware vCloud Director
resource allocation model
§ vCloud Allocation Pool
§ vCloud Reservation Pool
§ vCloud Pay-As-You-Go
§ vCloud Networking
40. 40 Confidential
Reports
§ Generate reports by selecting
objects in Chargeback
heirarchy
• Organization level usage and cost
report
• VM level usage and cost report
• Network and bandwidth usage and
cost report
43. 43 Confidential
What’s New in vCloud Director 1.5
Most Agile Access to
Cloud Infrastructure
§ Fast Provisioning (Linked Clones)
§ vApp Custom Guest Properties
§ Cisco Nexus 1000V Integration
§ Globalization
Secure Isolation and
Simple Management
§ vCloud Messages
§ Microsoft SQL Server Support
§ Expanded vCloud API and SDKs
§ vSphere 5 support
The Only Hybrid Cloud
Infrastructure
§ vShield Edge VPN Integration
44. 44 Confidential
Fast Provisioning Using Linked Clones
• Provisions new VMs from a template
without replicating the entire image
• Instead, links the images (clones) so that
common elements are stored only once
Template
vmdk
vmdk vmdk vmdk
• Dramatically speeds up provisioning time
from >2 minutes to <5 seconds
• Reduces storage footprint (and cost) by
over 60%
Overview
Benefits
45. 45 Confidential
vApp Custom Guest Properties
• Allows developers and other users to
easily pass user data into guest OSes
using OVF descriptors.
• Parameters available using VMware tools,
on an ISO, or in the XML for the vApp
• Easier post-deployment configuration &
provisioning of identity to VMs & vApps
• Provides functionality to bootstrap a wide
variety of guest customization solution
Overview
Benefits
vApp
Deploy
OVF Package
OVF Package
Deployment
Configuration vSphere
1
2
3
46. 46 Confidential
vCloud Messages
• Connect vCloud Director to enterprise
systems through messaging to rapidly
create end-to-end system integrations
Overview
• Integrate vCloud Director with existing IT
management tools
• Reduce the cost of manually building
integrations
Benefits
CMDB IPAM Ticketing