vSphere 5 presentation

1. Cloud Infrastructure Launch – What’s New
Your Cloud. Intelligent Virtual Infrastructure. Delivered Your Way.
Michele Apa
Senior Systems Engineer
mapa@vmware.com
© 2009 VMware Inc. All rights reserved

2. Agenda
 Cloud Infrastructure 5
• vSphere 5
• vCenter 5
• vCenter Site Recovery Manager 5
 vCloud Director 1.5
 VCOPs
2

3. The New IT Landscape: Promise & Challenge
Empowered, Secure, Mobile Workforce
• Any app on any device, anytime, anywhere – securely!
New Generation of Enterprise Apps
Existing Apps • Combining the social, mobile experience
New Enterprise Apps SaaS Apps
with enterprise requirements
A More Flexible, Efficient Infrastructure
• Exploiting modern, cost-effective hardware
• Creating & spanning both internal and external resource pools
Existing Datacenters Public Cloud Services
3

4. The New IT Landscape: Promise & Challenge
The Challenge for IT:
Existing Apps
Weave all thisApps
New Enterprise
together SaaS Apps
into a cohesive,
secure, compliant whole
Existing Datacenters Public Cloud Services
4

5. The Approach in the IT Management
Traditional IT Management Management in the new Era
Services and Service
assets tied components are
together in abstracted and
complex, brittle, sourced from
vertical stacks dynamic
that are hard resource pools
to change and with horizontal
manage layers loosely
bound into
services
Business agility IT able to keep up with
suffers speed of the business
5

6. Key Constituents for Infrastructure and Management
What kind of
How do I build the right infrastructure should I
How do I keep OpEx
infrastructure to deliver design for today and
down and still deliver
business value yet still tomorrow’s needs? Will
high quality of service?
Care keep the lights on? it work with our current
infrastructure?
About
Head of Head of Head of
Infrastructure Architecture Operations
Balance Seamless extension of
Desired Maximize operational
operating existing infrastructure
Outcome efficiencies with more
expense and interoperable with dynamic lights-out
innovation new technology environment
6

7. VMware Infrastructure and Management Delivers the Infrastructure of the Future
Tier 1 Tier 2 Tier 3
APP APP APP APP APP
Resource Pools
VMware Cloud Infrastructure and Management
Respond and Alert
PhysicalServer
Failed Servers vs.
Alert and Respond
 Optimized for business critical workloads
Hybrid
 Highly dynamic, scalable and adaptive Cloud
Private Public
 Built-in intelligence to shift to new IT Cloud Cloud
Bridge
management paradigm
 Flexible Computing Model
Intelligent Virtual Infrastructure. Delivered Your Way
The Foundation for Your Cloud
7

8. The Cloud Infrastructure 5
8

9. Three Core Focus Areas
Re-think End-User Computing
Modernize Application Development
Existing Apps New Enterprise Apps SaaS Apps
Evolve the Infrastructure
Existing Datacenters Public Cloud Services
9

10. In 2010 VMware Unveiled a Complete Hybrid Cloud Stack…
vCloud Director
vShield Security
vCenter Management
vSphere vSphere vSphere
10

11. Complete Hybrid Cloud Stack
 Leverage virtualization to transform physical silos into elastic, virtual capacity
 Increase automation through built-in intelligent policy management
 Move from static, physical security to dynamic, embedded security
 Enable secure, self-service to pre-defined IT services, with pay-for-use
Organization: Marketing Organization: Finance
Users & Policies Virtual Datacenters Catalogs Users & Policies Virtual Datacenters Catalogs
Compute
Storage
Network
11

12. In 2011 VMware is Introducing a Major Upgrade
of the Entire Cloud Infrastructure Stack
vCloud Director 1.5
vCloud Director
New
vShield Security
vShield 5.0
Cloud Infrastructure Launch
(vSphere, vCenter,Operations 1.0 Director)
vCenter vShield, vCloud
vCenter Management
vCenter SRM 5.0
vSphere vSphere 5.0
vSphere vSphere
12

13. vSphere 5: Accelerating the Path to 100% Virtualization
4x
VMware VMware VMware
ESX 1 ESX 2
Inf. 3 vSphere4 vSphere 5
CPU (VCPUs) 1 2 4 8 32
Memory (GB per VM) 2 3.6 64 256 1,000
Network (Gb/s) <.5 .9 9 30 >36
IOPS <5,000 7,000 100,000 300,000 1,000,000
13

14. Companies are Increasingly Virtualizing Bus. Critical Apps
Improve App Improve App Accelerate App
Quality of Service Efficiency Time to Market
The Niche Apps
(LOB apps, Tier 2 DB, etc.) >60% Virtualized
SAP
Custom Java Apps
SharePoint
Exchange
SQL
Oracle
30% Virtualized
The Easy Apps
(infrastructure, file, print)
vSphere vSphere vSphere
14

15. vSphere 5
What’s new
15

16. ESXi is the Trusted Place to Run Business Critical Applications
Overview
• vSphere 5.0 exclusively utilizes the thin
ESXi hypervisor: 144MB footprint versus
2GB for VMware ESX with the service
console
ESX
vSphere ESXi
Benefits
• Smaller security footprint
• Streamlined deployment and configuration
• Simplified patching and updating model
16

17. ESXi 5.0 Firewall Features
 Capabilities
• ESXi 5.0 has a new firewall engine which is not based on iptables.
• The firewall is service oriented, and is a stateless firewall.
• Users have the ability to restrict access to specific services based on
IP address/Subnet Mask.
 Management
• The GUI for configuring the firewall on ESXi 5.0 is similar to that used with the
classic ESX firewall — customers familiar with the classic ESX firewall should
not have any difficulty with using the ESXi 5.0 version.
• There is a new esxcli interface (esxcfg-firewall is deprecated in ESXi 5.0).
• There is Host Profile support for the ESXi 5.0 firewall.
• Customers who upgrade from Classic ESX to ESXi 5.0 will have their firewall
settings preserved.
17

18. UI: Security Profile
 The ESXi Firewall can be managed via the vSphere client.
 Through the Configuration > Security Profile, one can observe the
Enabled Incoming/Outgoing Services, the Opened Port List for
each service & the Allowed IP List for each service.
18

19. ESXi Image Deployment
 Challenges
• Standard ESXi image from VMware download site is sometimes limited
• Doesn t have all drivers or CIM providers for specific hardware
• Doesn t contain vendor specific plug-in components
?
Missing
CIM
provider
Missing
driver
Standard
ESXi ISO
• Base providers
• Base drivers
19

20. ESXi Image Deployment: Composition of an ESXi Image
Core CIM
Hypervisor Providers
Plug-in Drivers
Components
20

21. Capacity: vSphere 5 with Autodeploy
Before After
vSphere vSphere vSphere vSphere
Time: 30 mins Time: 30 mins Time: 30 mins
...Repeat 37 more times…
Total time: 20 Hours! Total time: 10 Minutes!
21

22. Auto Deploy: What is?
 New host deployment method introduced in vSphere 5.0
• Based on PXE Boot
• Works with Image Builder, vCenter Server, and Host Profiles
• How it works:
• PXE boot the server
• ESXi image profile loaded into host memory via Auto Deploy Server
• Configuration applied using Answer File / Host Profile
• Host placed/connected in vCenter
• Benefits
• No boot disk
• Quickly and easily deploy large numbers of ESXi hosts
• Share a standard ESXi image across many hosts
• Host image decoupled from the physical server
• Recover host w/out recovering hardware or having to restore from backup
22

23. What Is Auto Deploy
 No Boot Disk? Where does it go?
Boot Disk
Platform Composition: ESXi base,
drivers, CIM providers, …
Configuration: networking, storage, All information on the state
date/time, firewall, admin password, … of the host is stored off the
host in vCenter
Running State: VM Inventory,
HA state, License, DPM configuration
Event Recording: log files, core dump
23

24. What Is Auto Deploy
 No Boot Disk? Where does it go?
Boot Disk
Platform Composition: ESXi base,
drivers, CIM providers, … Image Profile
Configuration: networking, storage,
date/time, firewall, admin password, … Host Profile
Running State: VM Inventory,
HA state, License, DPM configuration vCenter Server
Event Recording: log files, core dump Add-on Components
24

25. Performance
25

26. Technical Barriers to 100% Virtualization Have Been Falling
Application’s Performance Requirements
95% of Apps VMware Inf. VMware VMware
Require ESX 1 ESX 2 vSphere 4 vSphere 5
3.0/3.5
CPU 1 to 2 CPUs 1 VCPUs 2 VCPUs 4 VCPUs 8 VCPUs 32 VCPUs
% of Applications
Memory < 4 GB at peak 2 GB per VM 3.6 GB per VM 16/64 GB per VM 256 GB per VM 1,000 GB per VM
Network <2.4 Mb/s <.5Gb/s .9 Gb/s 9 Gb/s 30 Gb/s >36Gb/s
IOPS < 10,000 <5,000 7,000 100,000 300,000 1,000,000
26

27. New Virtual Machine Features
 vSphere 5.0 supports the industry s most capable virtual machines
• 32 virtual CPUs per • 1TB RAM per VM
VM • 4x previous capabilities!
VM Scalability
• 3D graphics
Richer Desktop
Experience
• Client-connected USB • VM BIOS boot order config API
devices and PowerCLI interface
• USB 3.0 devices • EFI BIOS
Broader Device • Smart Card Readers for
Coverage VM Console Access
• UI for multi-core virtual • Support for Mac OS X
Other new CPUs servers
features • Extended VMware
Tools compatibility
Items which require HW version 8 in orange
27

28. Networking
28

29. New Networking Features
 Two broad categories of features
 Network Discovery and Visibility/Monitoring features
• LLDP
• NetFlow
• Port Mirror
 I/O Consolidation (10 Gig) related features
• New traffic types
• User Defined Network Resource Pool (VM traffic)
• Host Based Replication traffic
• 802.1p Tagging (QoS)
29

30. What Is NetFlow?
 NetFlow is a networking protocol that collects IP traffic information
as records and sends them to third party collectors such as CA
NetQoS, NetScout etc.
VM A VM B
Legend :
VM traffic
NetFlow session
Physical
Collector
switch VDS
Host
trunk
 The Collector/Analyzer report on various information such as:
• Current top flows consuming the most bandwidth
• Which flows are behaving irregularly
• Number of bytes a particular flow has sent and received in the past 24 hours
30

31. NetFlow Usage
 NetFlow helps customers monitor the application flows and
measure application performance overtime.
 It also helps in capacity planning and ensuring that I/O Network
resources are utilized appropriately by different applications.
 NetFlow capability in vSphere infrastructure provides complete
visibility into virtual infrastructure traffic.
• Inter-VM traffic on the same hosts
• Intra-VM traffic across hosts
• VM-to-Physical Infrastructure traffic
 This visibility into virtual infrastructure traffic allows customer to
• Perform Security and Compliance analysis
• Do Profiling and Billing
• Perform Intrusion Detection and Prevention, Networking Forensics
31

32. What Is Port Mirroring ?
 Port Mirroring is the capability on a network switch to send a copy
of network packets seen on a switch port to a network monitoring
device connected on another switch port.
 Port Mirroring is also referred to as SPAN (Switched Port Analyzer)
on Cisco Switches.
 Port Mirroring overcomes the limitation of promiscuous mode.
• By providing granular control on which traffic can be monitored
• Ingress Source
• Egress Source
 Helps in troubleshooting network issue by providing access to:
• Inter-VM traffic
• Intra-VM traffic
32

33. Performance: vSphere 5 with Network and Storage I/O Controls
VIP
33

34. Performance: vSphere 5 with Network and Storage I/O Controls
VIP “Noisy Neighbor”
Granular IO service level guarantees
34

35. What Is Network I/O Control (NETIOC)?
 Network I/O control is a traffic management feature of vSphere
Distributed Switch (vDS).
 In consolidated I/O (10 gig) deployments, this feature allows
customers to:
• Allocate Shares and Limits to different traffic types.
• Provide Isolation
• One traffic type should not dominate others
• Guarantee Service Levels when different traffic types compete
 Enhanced Network I/O Control — vSphere 5.0 builds on previous
versions of Network I/O Control feature by providing:
• User-defined network resource pools
• New Host Based Replication Traffic Type
• QoS tagging
35

36. NETIOC VM Groups
VMRG1 VMRG2 VMRG3
Total BW = 20 Gig
User Defined RP
vMotion
VMware vNetwork Distributed Switch
iSCSI
HBR
NFS
VM
FT
Network I/O Control
10 GigE
VMRG1
VMRG2
VMRG3
36 Confidential

37. Storage
37

38. What is Storage DRS?
 Without Storage DRS:
• Identify the datastore with the most disk space and lowest latency.
• Validate which virtual machines are placed on the datastore and ensure
there are no conflicts.
• Create Virtual Machine and hope for the best.
 With Storage DRS:
• Automatic selection of the best placement for your VM.
• Advanced balancing mechanism to avoid storage performance bottlenecks
or “out of space” problems.
• VM or VMDK Affinity Rules.
38

39. What Does Storage DRS Provide?
 Storage DRS provides the following:
1. Initial Placement of VMs and VMDKS based on available space and
I/O capacity.
2. Load balancing between datastores in a datastore cluster via Storage
vMotion based on storage space utilization.
3. Load balancing via Storage vMotion based on I/O metrics, i.e. latency.
 Storage DRS also includes Affinity/Anti-Affinity Rules for VMs
and VMDKs;
• VMDK Affinity – Keep a VM’s VMDKs together on the same datastore.
This is the default affinity rule.
• VMDK Anti-Affinity – Keep a VM’s VMDKs separate on different datastores.
• Virtual Machine Anti-Affinity – Keep VMs separate on different datastores.
39

40. Datastore Cluster
 An integral part of SDRS is to create a group of datastores called
a datastore cluster.
• Datastore Cluster without Storage DRS – Simply a group of datastores.
• Datastore Cluster with Storage DRS – Load Balancing domain similar to
a DRS Cluster.
 A datastore cluster, without SDRS is just a datastore folder.
It is the functionality provided by SDRS which makes it more
than just a folder. 2TB
datastore cluster
500GB 500GB 500GB 500GB
datastores
40

41. Storage DRS Operations – Initial Placement
 Initial Placement – VM/VMDK create/clone/relocate.
• When creating a VM you select a datastore cluster rather than an individual
datastore and let SDRS choose the appropriate datastore.
• SDRS will select a datastore based on space utilization and I/O load.
• By default, all the VMDKs of a VM will be placed on the same datastore within
a datastore cluster (VMDK Affinity Rule), but you can choose to have VMDKs
assigned to different datastore clusters.
2TB
datastore cluster
500GB 500GB 500GB 500GB
datastores
300GB 260GB 265GB 275GB
available available available available
41

42. Storage DRS Operations – Datastore Maintenance Mode
 Datastore Maintenance Mode
• Evacuates all VMs & VMDKs from selected datastore.
• Note that this action will not move VM Templates.
• Currently, SDRS only handles registered VMs.
Place VOL1 in
maintenance
mode 2TB
datastore cluster
VOL1 VOL2 VOL3 VOL4
datastores
42

43. Storage DRS Operations – Load Balancing
Load balancing – SDRS triggers on space usage & latency threshold.
 Algorithm makes migration recommendations when I/O response
time and/or space utilization thresholds have been exceeded.
• Space utilization statistics are constantly gathered by vCenter, default
threshold 80%.
• I/O load trend is currently evaluated every 8 hours based on a past day
history, default threshold 15ms.
 Load Balancing is based on I/O workload and space which ensures
that no datastore exceeds the configured thresholds.
 Storage DRS will do a cost / benefit analysis!
 For I/O load balancing Storage DRS leverages Storage I/O Control
functionality.
43

44. Storage DRS Operations – Thresholds
44

45. Storage DRS Operations
Datastore Cluster Datastore Cluster Datastore Cluster
VMDK affinity VMDK anti-affinity VM anti-affinity
 Keep a Virtual Machine’s  Keep a VM’s VMDKs on  Keep VMs on different
VMDKs together on the different datastores datastores
same datastore
 Useful for separating  Similar to DRS anti-
 Maximize VM availability log and data disks of affinity rules
when all disks needed in database VMs
order to run  Maximize availability of
 Can select all or a a set of redundant VMs
 On by default for all VMs subset of a VM’s disks
45

46. Placement: vSphere 5 with Profile-Driven Storage & Storage DRS
High IO
Throughputs
Tier 1 Tier 2 Tier 3
Set it and forget it storage configuration in as few as 3 clicks
Automated storage placement
46

47. Why Profile Driven Storage? (1 of 2)
 Problem Statement
1. Difficult to manage datastores at scale
• Including: capacity planning, differentiated data services for each datastore,
maintaining capacity headroom, etc.
2. Difficult to correctly match VM SLA requirements to available storage
• Because: Manually choosing between many datastores and >1 storage tiers
• Because: VM requirements not accurately known or may change over its lifecycle
 Related trends
• Newly virtualized Tier-1 workloads need stricter VM storage SLA promises
• Because: Other VMs can impact performance SLA
• Scale-out storage mix VMs with different SLAs on the same storage
47

48. Why Profile Driven Storage? (2 of 2)
Save OPEX by reducing repetitive planning and effort!
 Minimize per-VM (or per VM request) “thinking” or planning for
storage placement.
• Admin needs to plan for optimal space and I/O balancing for each VM.
• Admin needs to identify VM storage requirements and match to physical
storage properties.
 Increase probability of “correct” storage placement and use
(minimize need for troubleshooting, minimize time for
troubleshooting).
• Admin needs more insight into storage characteristics.
• Admin needs ability to custom-tag available storage.
• Admin needs easy means to identify incorrect VM storage placement
(e.g. on incorrect datastore).
48

49. Storage Capabilities & VM Storage Profiles
Compliant Not Compliant
VM Storage Profile
associated with VM
VM Storage Profile
referencing Storage
Capabilities
Storage Capabilities
surfaced by VASA or
user-defined
49

50. VM Storage Profile Compliance
 Policy Compliance is visible from the Virtual Machine
Summary tab.
50

51. Introduction
 In vSphere 5.0, VMware releases a new storage appliance
called VSA.
• VSA is an acronym vSphere Storage Appliance.
• This appliance is aimed at our SMB (Small-Medium Business) customers
who may not be in a position to purchase a SAN or NAS array for their virtual
infrastructure, and therefore do not have shared storage.
• Without access to a SAN or NAS array, this excludes these SMB customers
from many of the top features which are available in a VMware Virtual
Infrastructure, such as vSphere HA & vMotion.
• Customers who decide to deploy a VSA can now benefit from many additional
vSphere features without having to purchase a SAN or NAS device to provide
them with shared storage.
51

52. Introduction
VSA VSA VSA VSA Manager
vSphere vSphere vSphere
vSphere Client
NFS NFS NFS
 Each ESXi server has a VSA deployed to it as a Virtual Machine.
 The appliances use the available space on the local disk(s) of the
ESXi servers & present one replicated NFS volume per ESXi server.
This replication of storage makes the VSA very resilient to failures.
52

53. vCenter 5
Web Client e vCenter Appliance
53

54. vSphere Web Client Architecture
The vSphere Web
Client runs within
a browser Fx
Application
Server that Flex Client
provides a Back End
scalable back end
The Query Service
vCenter in either Query obtains optimized
single or data live from the
Service core vCenter
Linked mode
operation vCenter Server process
54

55. Extension Points
Launchbar Tabs
Inventory Objects Create custom actions
Sidebar Extension
Portlets
Add right-click extensions
55

56. Features of the vSphere Web Client
 Customize the GUI
• Create custom views to reflect the information you need to see, the way you
like to see it
56

57. Introducing vCenter Server Appliance
 The vCenter Server Appliance is the answer!
• Simplifies Deployment and Configuration
• Streamlines patching and upgrades
• Reduces the TCO for vCenter
 Enables companies to respond to business faster!
VMware
vCenter Server
Virtual Appliance
Automation Visibility
Scalability
57

58. Component Overview
 vCenter Server Appliance (VCSA) consists of:
• A pre-packaged 64 bit application running on SLES 11
• Distributed with sparse disks
• Disk Footprint
Distribution Min Deployed Max Deployed
3.6GB ~5GB ~80GB
• Memory Footprint
• A built in enterprise level database with optional support for a
remote Oracle databases.
• Limits are the same for VC and VCSA
• Embedded DB
• 5 hosts/50 VMs
• External DB
• <1000 hosts/<10,000 VMs (64 bit)
• A web-based configuration interface
58

59. Feature Overview
 vCenter Server Appliance supports:
• The vSphere Web Client
• Authentication through AD and NIS
• Feature parity with vCenter Server on Windows
• Except –
• Linked Mode support
• Requires ADAM (AD LDS)
• IPv6 support
• External DB Support
• Oracle is the only supported external DB for the first release
• No vCenter Heartbeat support
• HA is provided through vSphere HA
59

60. New Licensing
60

61. vSphere 5 licensing: Evolution Without Disruption
vSphere 4.x vSphere 5
Licensing Unit Processor = Processor
!
Core per proc Restricted < Unlimited
Physical RAM
Restricted < Unlimited
per host
Pooled vRAM Amt of vRAM pooled
NA ≠
entitlement across entire environment
61

62. What is vRAM?
Virtual memory configured
√ to virtual machines
≠
Physical RAM available in
X the server
62

63. What is vRAM?
 vRAM is the memory configured to a virtual machine
 Assigning a certain amount of vRAM is a required step in the
creation of a virtual machine
63

64. Key concepts - Example
4 licenses of vSphere
Each vSphere Enterprise
Enterprise Edition
Edition license entitles
vRAM Pool (256GB) provide a vRAM pool of
to 64GB of vRAM.
256GB (4 * 64 GB)
Consumed vRAM = 80 GB
64GB 64GB 64GB 64GB
Customer creates
20 VMs with 4GB
vRAM each
vSphere Ent vSphere Ent
1 1 1 1
CPU CPU CPU CPU
Host A Host B
Compliance =
12 month rolling average of Consumed vRAM < Pooled vRAM Entitlement
64

65. vSphere 5 Editions
t New in vSphere 5.0 Essentials Essentials Enterprise
` Essentials Essentials Standard Standard
Advanced Enterprise
Plus Plus Plus
vRAM Entitlement per proc 32 GB 32GB 32 GB 64 GB 96 GB
vCPU 8 way 8 way 8 way 8 way 32 way
Features
Hypervisor
High Availability
Data Recovery
vMotion
Virtual Serial Port Concentrator
Hot Add
vShield Zones
Fault Tolerance
Storage APIs for Array Integration
Storage vMotion
Distribute Resource Scheduler &
Distributed Power Management
Distributed Switch
I/O Controls (Network and Storage)
Host Profiles
Auto deploy t
Profile-Driven Storage t
Storage DRS t
All editions include: Thin Provisioning, Update Manager, Storage APIs for Data Protection, Image Profile, and SLES (except Ess and Ess +)
65

66. Site Recovery Manager 5
66

67. Business Continuity at Lower Cost and Complexity for All Apps
Local Site Failover Site
vSphere vSphere vSphere vSphere vSphere
Improved
in 2011
Local Availability Disaster Recover
Improved
 vSphere High Availability in 2011  vCenter Site Recovery Manager
 vSphere Fault Tolerance  Includes vSphere Replication
 vMotion
New
Data Protection in 2011
Improved
 vSphere Data Recovery in 2011
 vSphere Storage APIs for Data
Protection
67

68. vCenter Site Recovery Manager Ensures Simple, Reliable DR
Site Recovery Manager Complements vSphere to provide the simplest
and most reliable disaster protection and site migration for all applications
Provide cost-efficient replication of
applications to failover site
• Built-in vSphere Replication
Site A (Primary) Site B (Recovery)
• Broad support for storage-based
VMware Site Recovery VMware Site Recovery
replication
vCenter Server Manager vCenter Server Manager
Simplify management of recovery and
VMware vSphere VMware vSphere
migration plans
• Replace manual runbooks with
centralized recovery plans
• From weeks to minutes to set up new
plan
Servers Servers Automate failover and migration
processes for reliable recovery
• Enable frequent non-disruptive testing
• Ensure fast, automated failover
• Automate failback processes
68

69. Key Components Of SRM 5
Site Recovery Manager
• Manages recovery plans
Site
vCenter Server Recovery • Automates failovers and failbacks
Manager
• Tightly integrated with vCenter and replication
Choice of Replication Options
vSphere vSphere Replication
• Bundled with SRM
• Replicates virtual machines between
vSphere clusters
Storage
Storage-Based Replication (3rd party)
• Provided by replication vendor
• Integrated via replication adapters created,
certified and supported by replication vendor
Required at Both Protected
and Recovery Sites
69

70. What’s New In Site Recovery Manager 5.0?
 vSphere Replication
Expand DR coverage to
• Bundled with SRM at no additional cost
Tier 2 apps and smaller
• Provides simple, cost-efficient replication
sites
between vSphere clusters
 Automated failback
• Bi-directional recovery plans
• Automates failback to original site Streamline planned
migrations
 Planned migration
• New workflow that can be applied to any (for disaster avoidance,
recovery plan planned maintenance, …)
• Ensures no data-loss, application-consistent
migrations of virtual machines
 Others
• More granular control over VM startup order
• Protection-side APIs
• IPv6 support
70

71. Simplify Replication Management With vSphere Replication
Storage-based Replication Overview
SharePoint Datastore Group
VMFS A vSphere Replication provides simple management
Web Datastore of replication
LUN 1
 Managed directly from vCenter
App
VMFS B
Datastore Hub  Managed at the individual VM-level
LUN 2
SQL
vSphere Storage Admin
Admin
Benefits
vSphere Replication
SharePoint  Eliminate complex interactions between
vSphere and storage teams to set up
Web replication
 Eliminate need to shuffle VMs between
App
datastores to map applications to replicated
LUNs
vSphere SQL
Admin
71

72. vSphere Replication Complements Storage-Based Replication
Replication
Cost Management Performance
Provider
• Low-end storage • VM’ granularity • 15 min RPOs
supported • Managed directly • Scales to 500 VMs
vSphere • No additional in vCenter
VMware • File-level
Replication replication consistency
software
• No automated
failback, FT, linked
clones, physical
RDM
• Higher-end • LUN – VM layout • Synchronous
replicating • Storage team replication
Storage-based storage coordination • High data volumes
Replication • Additional • Application
replication consistency
software possible
72

73. Planned Migrations For App Consistency & No Data Loss
Planned Migration Overview
Two workflows can be applied to recovery plans:
 DR failover
1 Shut down 3 Recover app-  Planned migration
production VMs consistent VMs
Site A Site B Planned migration ensures application
consistency and no data-loss during migration
 Graceful shutdown of production VMs in
application consistent state
 Data sync to complete replication of VMs
vSphere vSphere  Recover fully replicated VMs
Replication
Benefits
2 Better support for planned migrations
Sync data, stop replication  No loss of data during migration process
and present LUNs to vSphere
 Recover ‘application-consistent’ VMs at
recovery site
73

74. Automated Failback To Streamline Bi-Directional Migrations
Automated Failback Overview
Re-protect VMs from Site B to Site A
 Reverse replication
 Apply reverse resource mapping
Automate failover from Site B to Site A
Reverse original recovery plan  Reverse original recovery plan
Restrictions
Site A Site B
 Does not apply if Site A has undergone major
changes / been rebuilt
 Not available with vSphere Replication
vSphere vSphere
Reverse
Benefits
Replication
Simplify failback process
 Automate replication management
 Eliminate need to set up new recovery plan
Streamline frequent bi-directional migrations
74

75. vCloud Director 1.5
75

76. VMware vCloud Director Builds on vSphere to Transform IT.New in vCloud Director 1.5
 Builds on vSphere and scales up to Organization 1 Organization m
10,000 VMs and 25 vCenter Servers
Users
 Creates virtual datacenters, by pooling VMware vCloud Director
resources into new units of consumption
User Portals Catalogs Security
 Securely enables the cloud with
vShield, LDAP authentication, and RBAC Virtual Datacenter 1 (Gold) VMware
vShield
Virtual Datacenter n (Silver)
 Provides self-service portals and
standardized infrastructure catalogs
VMware VMware
 Isolates users into organizations with vCenter Server vCenter Server
vCloud API
unique catalogs, policies, and LDAP VMware vSphere VMware vSphere
Secure Private Cloud Programmatic Control Public Clouds
and Integrations
 vCloud API and extensions enables cloud
portability, orchestration, and integrations
76

77. What s New in vCloud Director 1.5
Most Agile Access to Secure Isolation and The Only Hybrid Cloud
Cloud Infrastructure Simple Management Infrastructure
• Fast Provisioning (Linked • vCloud Messages • vShield Edge VPN Integration
Clones) • Microsoft SQL Server Support
• vApp Custom Guest Properties • Expanded vCloud API and
• Cisco Nexus 1000V Integration SDK
• Globalization • vSphere 5 support
77

78. Fast Provisioning using Linked Clones
Overview
• Provisions new VMs from a template
without replicating the entire image
• Instead, links the images (clones) so that
common elements are stored only once
vmdk vmdk vmdk
Benefits
• Dramatically speeds up provisioning time
Template
from >2 minutes to <5 seconds
vmdk
• Reduces storage footprint (and cost) by
over 60%
78

79. Linked clones – behind the scenes
 Source VM disk serves as a
base disk
 Provisioning a new VM creates
an empty delta disk (aka redo
log) and not a full clone of the
source. The delta disk is linked
to the parent disk
 All writes go to the delta disk.
Reads walk up the chain until
the desired block is found
 Subsequent clones of the new
VM can lead to more delta disks
in this chain
Writes Link
Reads
79

80. Cross Datastore Management – How it works
vCloud Director 1.5
vCenter Server 1 vCenter Server 2
(S)
VM-2 VM-3 VM-4 VM-5 VM-6
(L) (L) (L) (L) (L)
Datastore-1 Datastore-2 Datastore -3
80

81. vApp Custom Guest Properties
Overview
• Allows developers and other users to
easily pass user data into guest OSes
3
using OVF descriptors.
• Parameters available using VMware tools,
2 vApp
Deployment on an ISO, or in the XML for the vApp
Configuration
vSphere
1
Benefits
Deploy
OVF Package
• Easier post-deployment configuration &
OVF Package
provisioning of identity to VMs & vApps
• Provides functionality to bootstrap a wide
variety of guest customization solution
81

82. vCloud Messages
Overview
• Connect vCloud Director to enterprise
systems through messaging to rapidly
create end-to-end system integrations
Benefits
• Integrate vCloud Director with existing IT
management tools
CMDB IPAM Ticketing
82

83. vShield Product Family
83

84. vShield Product Family
Securing the Private Cloud End to End: from the Edge to the Endpoint
vShield App
vShield Edge
Edge - Create segmentation
Secure the edge of Security Zone
between workloads vShield Endpoint
the virtual datacenter Endpoint = VM
- Sensitive data discovery Anti-virus processing
DMZ Application 1 Application 2
vShield Manager
Endpoint = VM
Centralized Management
84

85. vShield Edge Capabilities
vShield vShield vShield
Edge functionality
Edge Edge Edge • Stateful inspection firewall
Tenant A Tenant C Tenant X
• Network Address Translation (NAT)
• Dynamic Host Configuration
Protocol (DHCP)
• Site to site VPN (IPSec)
• Web Load Balancer
Secure Secure Secure
Virtual Virtual Virtual
Appliance Appliance Appliance
• (NEW) Static Routing
• (NEW) Certificate mode support
for IPSEC VPN
Management features
• REST APIs for scripting
• Logging of functions
Firewall Load balancer VPN
85
85

86. Securing the Data Center Interior with vShield App
 Key Benefits
• Complete visibility and
control to the Inter VM
traffic enabling multi trust
zones on same ESX
cluster.
• Intuitive business
language policy
leveraging vCenter
inventory.
86

87. vShield App Architecture
vShield
 Hypervisor-Level Firewall
vShield
App App • Inbound/outbound
connection control enforced
at the virtual NIC level
• Dynamic protection as virtual
vSphere vSphere machines migrate
• Protection against ARP
spoofing
vShield
ESXi Host ESXi Host Manager
vSphere vCenter
Client Server
87

88. Network segmentation
 Two approaches
• vCenter Server container objects:
• Datacenters
• Clusters
• Resource pools
• vApps
• Port groups
• Topology-independent
• Security groups are administrator-defined,
business-relevant groupings of any virtual
machines by their virtual NICs.
Examples:
• Deny traffic from Contractors Desktops pool to the Business Apps pool.
• Allow DNS traffic from DC01 to the DNS server at 10.91.245.129.
• Allow VMs in Web-Tier to communicate with VMs in DB-Tier.
88
88

89. vShield Data Security for Compliance Readiness
800% increase in data volumes in Data Centers, 80% of which is unstructured, i.e. not in
databases UBS View from 2010 Gartner Data Center Conference
Discover Sensitive Data in the virtual
environment
1 Choose from built in templates for most common
types of sensitive data
Continuous Data
• PII Personally Identifiable Information Privacy Sweep
• PCI-DSS Payment Card Industry Standard
• PHI Patient Health information
2 Continuous sweep of datacenter scanning for
sensitive data in unstructured files
3 Generate actionable reports about the discovery
of sensitive data
Continuous agentless discovery of data across all virtual machines
89

90. Sensitive Data Discovery: Policy Management
 Regulations
90

91. Sensitive Data Discovery: Policy Management
91

92. Sensitive Data Discovery: Policy Management
 Target VMs
92

93. Sensitive Data Discovery: Policy Management
 Target Files
93

94. 94

95. vCenter Operations
95

96. VMware’s Vision: Intelligent Policy Management
Day N Problem – Ongoing Maintenance
 SLA Monitoring w/ vCOps
Availability = 99.99% Availability = 99.9% Availability = 99.%
DR RTO = 1 hour DR RTO = 3 hour DR RTO = none
Back up = daily Back up = weekly Back up = none
Storage capacity = 10 TB Storage capacity = 10 TB Storage capacity = 10 TB
Gold
Performance = High I/O
Security = High
Silver
Performance = Med I/O
Security = Mid Bronze
Performance = low I/O
Security = low
Cloud Infrastructure
(vSphere, vCenter, vShield, vCloud Director)
96

97. Learn Normal Behavior and Identify Abnormalities
GRAY
BAR
Upper
and
Lower
band
of
Dynamic
Threshold
-­‐
“Normal”
BLUE
LINE
Metric’s
Current
Value
RED
BAR
Breached
Dynamic
Threshold
–
“Abnormal”
 Doesn’t assume IT data has a normal bell-shaped distribution
 Sophisticated Analytics – 8 different algorithms
 Learns your dynamic ranges of “Normal” without templates
 Learns patterns of behavior and identifies Abnormalities
97

98. Vc Ops vSphere UI – Unified Dashboard
 Launching Pad
• Click to Drill down
 Focused on problems
• Click to drill into details!
• Almost everything is clickable
 Main Themes
• Health
• Risk
• Efficiency
 New Concepts
• Faults
• Weekly Stress Profile
• Reclaimable Waste
• Density
98

99. vC Ops vSphere UI – Two Different Users
Operations Short and Long Term Capacity
• Immediate • Forward
problems Looking
• What is • Are there
happening areas that I
right now? should be
• What do I concerned
need to pay about from a
attention to? capacity
perspective?
• Have I
deployed my
VI in the
most efficient
manner?
99

100. vC Ops Default UI – Major and Minor Badges
• High level
Understanding
Major x 3
• Calculated
from scores of
Minor Badges
• Specifics
Minor x 8 • Guidance
100

101. Operations: Major Badge – Health
 “How is this object doing right now?"
• Identifies current problems in the system
• Issues that need to be resolved immediately to
avoid problems
 High Health is good (100-0)
 Heatmap
• Provides quick view of many objects at once
• Shows Health of all parent and child objects
• Go back in time (6 hours) and see the “weather”
of the Virt Infrastructure
 Health Score is calculated from its Minor
Badges
• Workload
• Anomalies
• Faults
101

102. 95
Operations: Health Minor Badge – Workload
 Measures how hard an object is
working?
 High Workload is bad (0-100 or
more!)
• Percentage of Demand divided by
effective capacity
• As workload approaches (and
exceeds) 100%
 Performance Problems!  Improved Network and Disk I/O
 Starving object for resources! calculations
 Focused attention  Eliminates idle networks and storage from
showing High Workload
• CPU
 Limit the erroneous 100% Workload
• Memory scores
• Disk I/O
• Network I/O
102

103. Operations: Health Minor Badge – Anomalies
 Measures how normal is this object
behaving?
• Is what the vC Ops 1.x Health score was,
but now inversed
 Derived from the number of metrics
that are outside of their “Normal”
trended ranges
• Learns dynamic ranges of “Normal” for
each metric  Anomalies Chart
• Identifies metric abnormalities • Current number of Abnormal
 Low Anomalies is good (0-100) Metrics
• Zero meaning the object is performing • Problem/Noise Threshold
exactly the way vC Ops expects it to for  Crossing problem threshold will
that time of the day, that day of the week increase the Anomalies Score
• A high number of anomalies are usually  Does not generate an alert in
an indication of a problem this vSphere UI
103

104. Operations: Health Minor Badge – Faults
 Measures the degree of faults or  Best Practices:
problems the object is • Do not change the Faults
experiencing Threshold
• Pulled from active vCenter events • Use Alerts View to manage
 VMware specific knowledge of Faults
which vCenter Events affect  Faults shown in Widget
Availability and Performance
(examples):
• Loss of redundancy in NICs or HBAs
• Memory checksum errors
• HA failover problems
 Low Faults is good (0-100)
• Each fault has a default score (e.g. 25,
50, 75, 100)
• Highest individual Fault Score drives the
Fault object Score
104

105. Capacity Planning: Major Badge – Risk
 Are there future risks to my
systems and VI?
 Identifies potential problems that
could eventually hurt the
performance
 Low Risk is good (0-100)
 Risk Score is calculated from its
Minor Badges
• Time Remaining
• Capacity Remaining
• Stress
 Risk Chart
• Shows Risk score over the last 7 days
105

106. Capacity Planning: Risk Minor Badge – Time Remaining
 Measures time remaining
before each resource type
reaches its capacity
• CPU
• Memory
• Disk
• Network I/O
 Early warning of upcoming
provisioning needs
• Avoid future performance issues
 High Time Remaining is good
(100-0)
 Graph shows resource
utilization trends
106

107. Capacity Planning: Risk Minor Badge – Capacity Remaining
 Measures how many more
VMs can be placed on the
object
 Percentage of Total VM
“Slots” Remaining
• Based on the average size of the
VM on the object (e.g. VM profile)
• Each object has its OWN VM  333 More VMs correlates to
profile size: Host, Cluster, 77% Capacity Remaining for
Datacenter, Etc. this object
 High Capacity Remaining is
good (100-0)
• Zero mean no room left for more
VMs
107

108. Capacity Remaining Calculation
 Determine Capacity Constraint
Resource
• Dashboard Chart does not show
which resource is the limiting one
• Must drill into the Details Chart
 Deployed or Powered On VMs
• Deployed/Powered Off VMs only use
disk space resources
• Powered On VMs uses ALL of the 4
resources
 Calculation Example Shown:
• Limiting Resource is Disk Space with
333 VMs available
• Use the Deployed VM number of 99
to do the calculation for percentage
space remaining
• Determine Capacity Remaining
• 333 / (333 + 99) = 77%
108

109. Capacity Planning: Risk Minor Badge – Stress
 Stress measures long-term or
chronic workload
• Workload shows an instantaneous
value
• Stress looks over a longer period of
time
 Quickly find and resolve
• Undersized objects
• Population contention
 Low Stress is good (0-100)
 Stress score encompasses a six
(6) week period  Chart shows weeks break
down of Stress for each
• Workloads > 70% = “Stressed”
day/hour averaged over the
• Threshold Configurable last six (6) Weeks
109

110. Capacity Planning: Major Badge – Efficiency
 Are there optimization opportunities
in my systems?
 Shows you how to run a leaner
datacenter
 Save $$$ by better utilizing resources
 High Efficiency is good (100-0)
 Efficiency Score is calculated from its
Minor Badges
• Reclaimable Waste
• Density  Three Resources Considered
 Graph Depicts VMs by Percent • CPU
• Memory
• Optimal – Optimally Provisioned VMs • Disk Space
• Waste – Over Provisioned VMs
 Note: VMs can appear in Stress
• Stress – Under Provisioned VMs and Waste
110

111. Capacity Planning: Efficiency Minor Badge – Reclaimable Waste
 Measures the over-provisioning
for an object
 It identifies the amount of
reclaimable resources
• CPU
• Memory
• Disk
 Low Reclaimable Waste is good
(0-100)
 Graph shows breakdown of the
 Reclaimable Waste = Reclaimable Waste section of the Efficiency
Capacity / Deployed Capacity Badge pie chart
• Score depicts the MAX of the CPU, • % Idle VMs (based on configured
Memory and Disk calculation settings)
• Disk calculation can also include old • % Powered Off VMs
snapshots and templates
• % Oversized VMs
111

112. Capacity Planning: Efficiency Minor Badge – Density
 Contrasts Actual vs. Ideal Density
 Identify Optimal Resource
Deployment Before Contention
Occurs
 Greater Consolidation à $$$
 High Density is good (100-0)
 Measures consolidation ratios:
• VMs/Host Ratios
• vCPU/Physical CPU Ratios
• vMem/Physical Memory Ratios
112

113. vCenter Operations Management Special Offer
113

114. Resources
114

115. Resources on ESXi Migrations
 VMware.com
• ESXi and ESX Infocenter
• vSphere 5 Upgrade Center
 Documentation
www.vmware.com/support/pubs/vsphere-esxi-vcenter-server-pubs.html
www.vmware.com/support/pubs/view_pubs.html
www.vmware.com/support/pubs/vcd_pubs.html
 VMware VMTN Communities: ESX and ESXi
115

116. Questions
116