6. VMware vSphere™ – The Industry’s First Cloud Operating System
vSphere Industry s
Firewall
Clustering Anti-virus
Anti virus Dynamic R
D i Resource
Data Protection Intrusion Prevention Sizing
Intrusion Detection
Application
Availability
Services Security Scalability
vSphere 4.0
vCompute
p vStorage
g vNetwork
Infrastructure
Services
Storage
Hardware Assist
Management
M
Enhanced Live & Replication Network
Migration Management
Storage Virtual
Compatibility
Appliances
S-6
9. Infrastructure Services Deliver CapEx and OpEx Savings
p p g
Highest consolidation ratios in the industry
Most efficient use of hardware resources
Low operational overhead
S-9
11. vCompute vStorage vNetwork
Optimization for the Highest Consolidation Ratios
Virtual Machines VM Scale Up 8-way vSMP and 255 GB of
Virtual hardware scale out RAM per VM
APP APP
APP APP APP
OS OS
OS OS OS
64 cores and 512 GB of
ESX Hardware Scale Up physical RAM
Hardware Assist
Lowest CPU overhead
Purpose Built Scheduler
CPU Hardware Assist
Maximum memory efficiency
Page Sharing
Ballooning
Memory
VMXNET3 Wirespeed network access
VMDirectPath I/O
Networking
Greater than 200k iops per
Storage stack optimization secondd
VMDirectPath I/O Lower than 20 microsecond
Storage latency
S-11
12. vCompute vStorage vNetwork
Run the Most Business Critical Applications
95% of ESX 3.5 ESX 4.0
applications
CPU 1 to 2 CPUs 4 VCPUs 8 VCPUs
% of Applications
s
Memory
M < 4 GB at peak
t k 64 GB per VM 255 GB per VM
Network < 300 KB/s 9 Gb/s 40 Gb/s
IOPS < 100 at peak 100,000 200,000+
Application’s Performance Requirements
S-12
17. vCompute vStorage vNetwork
Power Optimization
DPM consolidates workloads onto
fewer servers when the cluster
needs fewer resources
Places unneeded servers in
standby mode
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
Brings servers back online as
workload needs increase
VMware vSphere™
ESX supports Intel Speed
Step/AMD Power now for individual
host power optimization
DPM brings
DPM powers off
p
servers when
server back Minimizes power consumption
online when
requirements while guaranteeing service levels
load increases
are lower
No disruption or downtime
to virtual machines
S-17
19. vCompute vStorage vNetwork
Additional 20% Reduction in Power Costs with DPM…
Assumptions: 50 out of 100 servers can be powered down for 8 hrs/day on weekdays and 16 hrs/day on weekends.
Total power consumption per server ( operating power + cooling power) = 1130.625 watts/hr
Cost of energy = $ 0.0813 per kWH (source: Energy Information Administration)
S-19
20. vCompute vStorage vNetwork
VMware DPM Expanded Support
DPM consolidates workloads to
reduce power consumption
Cuts power and cooling costs
Automates management of energy
efficiency
pp p
Supports three wake protocols:
Resource Pool
Intelligent platform management
interface (IPMI)
Integrated Lights Out (iLO)
Lights-Out
Wake-On-LAN (WOL)
Power
Optimized Configure and test wake on
Standby Host
Server
every host in cluster
S-20
23. vStorage APIs for Data Protection
Physical Server or VM
Backup Application
(Windows or Li
(Wi d Linux)
vStorage APIs for
Data Protection
Backup Centralized
Proxy Data Mover
Server
Se e
Mount
Snapshots
SAN Storage
S-23
24. Features in vStorage APIs for Data Protection
Includes All VCB features
Also supports:
All storage architectures for backup and restore, LAN and SAN
g p
Full, incremental, and differential file-level backup options
File-level backup and restore
p
Windows and Linux guests
Snapshots and Volume Shadow-Copy Service Quiescing
y g
S-24
25. vCompute vStorage vNetwork
vStorage Thin Provisioning
APP APP APP Virtual machine disks
OS OS OS
consume only the amount of
ESX
physical space in use
Virtual machine sees full
Thick
20GB
Thin
40GB
Thin
100GB
logical disk size at all
times
Virtual 20GB
Disks 20GB Full reporting and
p g
40GB
alerting on allocation and
consumption
100GB
Significantly improve storage
Datastore utilization
Eliminate need to over-
provision irt al
pro ision virtual disks
60GB
20GB
Reduce storage costs by up
to 50%
S-25
26. vCompute vStorage vNetwork
Thin Disk Provisioning Operations
A thin-disk option is
C ea e e
Create New Virtual
ua
available hen o
a ailable when you:
Machine Wizard
Create a virtual machine
Clone to a template
Clone a virtual machine
Migrate virtual machine
storage (Storage VMotion)
Clone and Migrate Virtual
Machine Wizards
S-26
29. Standard Switch Architecture
Network configuration at
N t k fi ti t
the host level
Service
Console
vNICs
VMotion Port VM Port Group VMotion Port VM Port Group COS Port
Port Groups
vSwitches
Virtual
Physical Physical
NICs
Physical
Switches ESXi Host 1 ESX Host 2
S-29
30. Distributed Switch Architecture
Distributed
Port G
P t Groups VMotion Virtual Machines Service Console vCenter
C t
Distributed Server
Switch
(Control
Plane)
Service
Console
Hidden
vSwitches
(IO plane) Virtual
Physical
ESXi Host 1 ESX Host 2
S-30
38. Availability Security Scalability
DRS Ensures Capacity on Demand
Shrink and grow of
applications based on
demand and priority
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS Dynamic and responsive
VMware vSphere™ load balancing
S-38
39. Availability Security Scalability
New DRS Management Pages
Recommendations page
Refresh
Edit cluster recommendations
properties
Faults page
Apply a subset of Apply all selected
recommendations recommendations
Faults view displays issues that
prevented DRS from providing or
applying recommendations.
Customize the
History tab Actions taken based on display
recommendations
S-39
40. Availability Security Scalability
VMware Fault Tolerance
Single identical VMs
running in lockstep on
separate hosts
Zero downtime, zero data
APP APP APP
loss failover for all virtual
OS OS OS machines in case of
VMware vSphere™
hardware failures
Zero downtime, zero data
loss
No complex clustering or
specialized hardware
required
Single common
mechanism for all
applications and OS-es
S-40
41. Availability Security Scalability
Transforming Availability Service Levels
ce
ardware Failure Toleranc
Continuous
VMware FT
T
Automated
Restart
F
with VMware HA
Unprotected
Ha
0% 10% 100%
Application Coverage
S-41
42. Availability Security Scalability
Reducing the Cost of Downtime with VMware FT
VMware Fault Tolerance (FT) prevents revenue loss from mission-critical,
high-revenue
high revenue generating applications outages
Simplicity of configuration and reduced time & effort compared to hardware-
based solutions adds even more savings
For a 10 physical server, 150 VM environment, assume ~10% of VMs are protected by FT (15 VMs). 2
host failures in the cluster per year Lost revenue per minute of high-revenue apps can range from
year.
$2000-15000 per minute depending on type of transactions being processed.
S-42
43. Availability Security Scalability
Enable Fault Tolerance with a Single Click
Primary Virtual Machine >
Summary Tab
After you turn on Fault Tolerance,
the Status tab on the primary
p y
virtual machine shows Fault
Tolerance information.
S-43
44. Availability Security Scalability
How VMware FT Works
Primary
y Secondaryy
Virtual Machine Virtual Machine
VMkernel VMM VMM VMkernel
Log Update? Log Read?
Record L
R d Logs
Log Buffer Log Buffer
Heartbeat?
Read/Write Read
Single Copy of Disks on Shared Storage
S-44
46. Availability Security Scalability
VMware Data Recovery
VMware’s Backup/Recovery
Solution based on APIs for
Data Protection
Agentless disk-based backup
and recovery
De-duplication and incremental
backups to save disk space
p p
46
47. Availability Security Scalability
VMware Data Recovery Key Components
vCenter Plug-in
> With vSphere Client plug-in, allows configuration
and management of backup/recovery appliance
> Wizard driven backup and restore job creation
vCenter Server Data > Storage of backup configuration in vCenter Server
Recovery
database and awareness of HA/VMotion/DRS
Virtual Machines Backup and Recovery Appliance
> OVF appliance
> Leverages vStorage APIs for Data Protection to
VMware
VM are ESX/ESXi discover,
discover manage backup and restore
Servers
VMware ESX/ESXi
> Provides VSS support
> Ch
Change block tracking f
bl k t ki functionality allows b k
ti lit ll backups t b
to be
more efficient
Storage
Storage
> Any VMFS storage: DAS, iSCSI or Fibre Channel
DAS
storage plus NFS and CIFS shares as target
> All backed up virtual machines are stored on disk
in a deduplicated datastore
S-47
48. Availability Security Scalability
Storage VMotion in vSphere 4
Storage VMotion
Relocate running VM from one datastore to
another datastore with zero downtime
Relocate across diff
R l t different storage types
t t t
Change VM disk format (thick or thin)
Enhancements
Can administer via vSphere Client
Supports NFS, Fibre Channel, and iSCSI
No longer requires 2 x memory
Supports moving VMDKs from thick to thin
formats
Limitation
Virtual machine cannot include snapshots
S-48
49. Availability Security Scalability
Storage VMotion in vSphere 4
4. Invoke fast suspend/resume on
virtual machine
4
3. “Pre-copy” virtual machine’s disk
2. Enable changed block tracking on and swap file from source to
the virtual machine’s disk destination
2 5 3
1
Source Destination
5. Remove source home and disks of
1. Copy virtual machine files except
virtual machine
disks to new datastore
S-49
51. Availability Security Scalability
VMware VMsafe
API that enables protection of VMs
by inspection of virtual components
in conjunction with hypervisor
Isolation of protection engine from
malware
Broad ranging coverage of virtual
machine CPU, memory, storage and
network
Application
Operating System
Protection Engine
VMware vSphere™
S-51
52. Availability Security Scalability
VMware vShield Zones
Self-learning, self-configuring
firewall Service
APP APP APP APP APP APP
OS OS OS OS OS OS VMotion and network-
APP APP APP APP APP APP configuration aware trust zones
OS OS OS OS OS OS
Dynamic firewall policy using
application protocol awareness
Dynamic security capacity
D i i i
VMware vSphere™
using infrastructure vServices
Security policies auto-adapt
auto adapt
to network reconfiguration
or upgrades
S-52
54. Availability Security Scalability
vShield Zones
Capabilities
Bridge, firewall, or isolate VM zones
based on familiar VI containers
Monitor allowed and disallowed activity
by application-based protocols
One-click flow-to-firewall blocks precise
network traffic
Benefits
Well-defined security posture within
virtual environment
Monitoring and assured policies, even
through Vmotion and VM lifecycle
events
Simple zone-based rules reduces policy
errors
S-54
55. Availability Security Scalability
VMware vShield Zones Architecture
vShield Host Gateway vShield Manager
Virtual N
Vi l Network M i i
k Monitoring Centralized M i i
C li d Monitoring
Virtual Network Firewall Centralized Policy Assignment
Transparently Managed
p y g Web-based interface
VMware
VMware vShield vShield vShield
vShield
C t
vCenter Manager
VMware ESX VMware ESX VMware ESX
S-55
57. Availability Security Scalability
Host Scalability
Enhanced performance and
App AA A
A App App
App App
App App AppApp
AppApp App higher consolidation rates
OS OS OS
OS OS OS
192
256 VMs OS OS OS
OS OS OS
VMs 64-bit VMkernel
512GB host memory
memor
64 logical CPUs
256 virtual machines per host
64 32
Cores 512GB
256 GB
Cores
57
58. Availability Security Scalability
Virtual Machine Scalability
Dynamic scale-up supports
much larger workloads
8-Way Virtual SMP
256GB RAM
Virtual Machine Hardware
App 256 GB Version 7
App
pp
OS New virtual devices
OS VMDirectPath I/O
8 CPUs
Hot plug support
58
59. Availability Security Scalability
Scale Up Applications for Assured QoS
Scalable virtual machines
Hot add of
APP CPU
Memory
OS
255 GB
64 GB Hot add and remove
Storage devices
g
Network devices
Hot Extend virtual disks
Zero downtime scale out of
virtual machines
CPUs
8CPUs
CPU
4 CPU
S-59
61. Availability Security Scalability
Hot Add for Memory and CPU
Virtual Machine > Edit Settings >
Options Tab > Memory/CPU Hotplug
You must enable Memory and
CPU Hot Add so that the
options are available on the
Hardware tab.
S-61
62. Availability Security Scalability
Hot Adding and Removing PCI Devices
Virtual Machine > Edit Settings >
Hardware Tab > Add
You can hot-add/remove:
Network cards
SCSI adapters
Sound
So nd cards
SCSI disks and CDROMs
USB EHCI controller
VMCI
PCI passthrough devices
S-62
63. Availability Security Scalability
Hot Extending VMDKs
Virtual Machine > Edit Settings >
Hardware T b
H d Tab
S-63
67. Host Profiles
Cluster Simplified setup and change
management f ESX hosts
for h
Easy detection of
Reference non compliance
non-compliance with
Host standard configurations
Automated remediation
S-67
68. Basic Workflow to Implement Host Profiles
Host Profile 2
Memory Reservation
Storage
Scan
Networking
g
Date and Time Attach 4
Firewall
3
Security
Services
Users and User Groups
p
Security
5
Remediate
1 Reference Host Cluster
68
70. vCenter Server – Linked Mode
Standard VI Client can
vCenter Linked Mode access iinventory across
multiple vCenters
Replicated licenses & roles
View and search across
combined inventory of
vCenter vCenter vCenter a group of VC Servers
Server
vCenter Server
vCenter Server
vCenter
Server Server Server Shared roles and
license configurations
ESXi ESX ESX ESXi ESXi ESXi ESX
S-70
71. vCenter Server - Linked Mode
Standard S h
S d d vSphere Cli Client
can access inventory
across multiple vCenters
View and search across
combined inventory of
a group of vCenter
Servers
S-71
72. vCenter Server Linked Mode Architecture
vSphere Client
vCenter Tomcat vCenter Tomcat vCenter Tomcat
Server Web Service Server Web Service Server Web Service
ADAM Instance ADAM Instance ADAM Instance
vCenter Server Instance vCenter Server Instance vCenter Server Instance
Connection information
Certificates and thumbprints
Licensing information
User roles
S-72
73. Automation with vCenter Orchestrator
Workflow engine for
orchestrating virtualization
h t ti i t li ti
Automate manual, repeatable
steps by drag and drop interface
without scripting
Centralize workflow
vCenter Orchestrator management for a p ocesses
a age e t o all processes
associated with the environment
Administer and control large
environments easily
Provide custom workflows for
complex environments
S-73
77. vApp Overview
vApps are multi-tier application services that you can
manage as a single inventory item.
i l i t it
Provides for single-step
management
g vApp
Eliminates complex setup App Server App Server Database
and configuration
VM VM VM
OVF Descriptor
Resource Pool
Distributed Virtualization Layer
…
S-77
80. VMware vSphere™: Most Comprehensive OS Support
vSphere :
VMware vSphere™ MS Hyper-V
Windows NT 4 0
Wi d 4.0 SLES8
Windows 2000 Ubuntu 7.04 Win Server 2008 (up to 4P vSMP)
Windows Server Solaris 10 for x86 Win Server 2003 SP2 (up to 2P
2003 NetWare 6 56.5 vSMP)
Windows Server NetWare 6.0 Win Server 2000 SP4 (1P only)
2008 NetWare 6.1 SLES10 (1P only)
Windows Vista Debian Windows Vista SP1
Windows XP CentOS Windows XP Pro SP2/SP3
RHEL5 FreeBSD
RHEL4 Asianux
RHEL3 SCO OpenServer
RHEL2.1 SCO Unixware
SLES10 ..
SLES9
vSphere = most guest OS
S-80
81. VMware vSphere™ 4.0 Delivers the Lowest Cost Per Application
p pp
VMware costs 13% less AND has more functionality!
S-81
82. VMware vSphere: Maximum Choice
S-82 New capability in VMware vSphere
Note: Many improvements were also made to existing VI3 capabilities
83. VMware vSphere: Most Efficient
S-83 New capability in VMware vSphere
Note: Many improvements were also made to existing VI3 capabilities
84. VMware vSphere: Uncompromised Control
S-84 New capability in VMware vSphere
Note: Many improvements were also made to existing VI3 capabilities