Tag Archives: vCloud Director

Veeam DRaaS v10 Enhancements: vCloud Director Support!

Today at VeeamON 2017 we announced two very important enhancements to our DRaaS capabilities around Cloud Connect Replication and Tape Backup for our Veeam Cloud and Service Provider partners that help customer minimize the cost and reduce recovery times during a disaster. The press release can be found here, however as you could imagine I wanted to talk a little bit about the vCloud Director support.

A lot of service providers have been asking us to support vCloud Director in Veeam Cloud Connect Replication and I’m very happy to write that today we announced that v10 of Backup & Replication will have support for replica’s to be replicated and brought up into at service providers vCloud Director environment.

This is a significant enhancement to Cloud Connect replication end even with it being somewhat of a no brainer I am still sure it will make many VCSP people happy. With vCloud Director support in v10 tenants can now replace existing hardware plans with vCloud Director Virtual Datacenter resources. A tenant can either leverage an existing virtual datacenter or have the service provider create a dedicated one for the purpose of replication.

While Cloud Connect Replication was a strong product already with industry leading networking and ease of use, the flexibility that can be harnessed by tenants (and service providers) through the vCD platform means that there is even more control when a failover takes place. Look out for more information on our vCD integration as the v10 release gets closer…again for me, this is huge and bring’s together two of the best platforms for cloud based services even closer!

Worth a Repost: “VMware Doubles Down” vCloud Director 8.20

It seems that with the announcement last week that VMware was offloading vCloud Air to OVH people where again asking what is happening with vCloud Director….and the vCloud Air Network in general. While vCD is still not available for VMware’s enterprise customers, the vCloud Director platform has officially never been in a stronger position.

Those outside the vCAN inner circles probably are not aware of this and I still personally field a lot of questions about vCD and where it sits in regards to VMware’s plans. Apparently the vCloud Team has again sought to clear the air about vCloud Director’s future and posted this fairly emotive blog post overnight.

I’ve reposted part of the article below:

Blogger Blast: VMware vCloud Director 8.20

We are pleased to confirm that vCloud Director continues to be owned and developed by VMware’s Cloud Provider Software Business Unit and is the strategic cloud management platform for vCloud Air Network service providers. VMware has been and continues to be committed to its investment and innovation in vCloud Director.

With the recent release of vCloud Director 8.20 in February 2017 VMware has doubled down on its dedication to enhancing the product, and, in addition, is working to expand its training program to keep pace with the evolving needs of its users. In December 2016 we launched the Instructor Led Training for vCloud Director 8.10 (information and registration link) and in June 2017 we are pleased to be able to offer a Instructor Led Training program for vCloud Director 8.20.

Exciting progress is also occurring with vCloud Director’s expanding partner ecosystem. We are working to provide ISVs with streamlined access and certification to vCloud Director to provide service providers with access to more pre-certified capabilities with the ongoing new releases of vCloud Director. By extending our ecosystem service providers are able to more rapidly monetize services for their customers

Again, this is exciting times for those who are running vCloud Director SP and those looking to implement vCD into their IaaS offerings. It should be an interesting year and I look forward to VMware building on this renewed momentum for vCloud Director. There are many people blogging about vCD again which is awesome to see and it gives everyone in the vCloud Air Network an excellent content from which to leach from.

The vCloud Director Team also has a VMLive session that will provide a sneak peek at vCloud Director.Next roadmap. So if you are not a VMware Partner Central member and work for a vCloud Air Network provider wanting to know about where vCD is heading…sign up.

#LongLivevCD

vCloud Director SP 8.20 – NSX Advanced Networking Overview

Many, including myself thought that the day would never come where we would be talking about a new UI for vCloud Director…but a a month on from the 8.20 release of vCloud Director SP (which was the 8th major release of vCD) I’m happy to be writing about the new Advanced Networking features of 8.20 based on NSX-v. Full NSX compatibility and interoperability has been a long time coming, however the wait has been worthwhile as the vCloud Director team opted to fully integrate the network management into the vCD Cloud Cells over the initial approach that had a seperate appliance acting as a proxy between the NSX Manager and vCD Cells.

But before I dive into the new HTML5 goodness, I thought it would be good to recap the Advanced Networking Services of vCD and how we got to where we are today…

No More vShield…Sort Of:

As everyone should know by now, the vCloud Networking & Security was made end of life late last year and from the release of vCD SP 8.10 vShield Edges should have been upgraded to their NSX equivalents. These Edges will remain as basic Edges within vCloud Director and even though at the backend they would be on NSX-v versioning, no extra features or functionality beyond what was available in the existing vCD portal would be available to tenants.

  • DHCP
  • NAT
  • Firewall
  • Static Routing
  • IPSec VPN
  • Basic Load Balancer

The version of NSX-v deployed dictates the build number of the NSX Edge, however as can be seen below it’s still listed as a vShield Edge in vCenter.

As anyone who has worked closely would know, NSX-v has a lot of vShield DNA in it and in truth it’s more vShield than NSX when talking about the features that pertain to vCloud Director. However the power of NSX-v can be taken advantage of once an basic edge is upgraded to an Advanced Edge.

Advanced Edge Services:

Before the major UI additions that came with vCD SP 8.20 the previous 8.10 version did give us a taste of what was to come with the introduction of a new menu option when you right clicked on an Edge Gateway.

This option was greyed out unless you where running the initial beta of the Advanced Networking Services or ANS. The option can be executed by anyone with the rights to upgrade the edge gateway, but by default this can only be done by a System Administrator or the Org Admin. So it’s worthwhile double checking the roles you have allocated to your tenant’s to ensure that these upgrades can be controlled.

Once you click on the Convert to Advanced Gateway option you get a warning referring to a VMwareKB that warns you about an API change that may make previous calling methods obsolete. Something to take note of for anyone automating this process. On execution of this conversion there is no physical change to the Virtual Machine, however if you now click on the Edge Gateway Services option of the Edge Gateway you will be taken to the new HTML5 Web Interface for NSX Advanced Networking Services to access all the advanced features:

  • Firewall
  • DHCP
  • NAT
  • Routing (Dynamic)
  • Load Balancer (Advanced)
  • SSL VPN Plus
  • Certificates
  • Grouping Objects
  • Statistics
  • Edge Settings

All new Advanced Networking features are configured from the new HTML5 web interface which retains the base vCD URL but now adds:

/tenant/network-edges/{ID}?org=ORGNAME

Everything is self contained the tenant doesn’t have to authenticate again to get to the new user interface. However, if you just upgrade the Edge and go to configure the Advanced Network Services out of the box you will only see a couple of the items listed above.

In order to use the new features a System Administrator must use the vCloud API to grant the new rights that the organisation requires. This process has been explained very well by my good friend Giuliano Bertello here. This process uses the vCloud API to Grant Distributed Firewall and Advanced Networking Services Rights to roles in vCloud Director 8.20 using the new granular role based access control mechanisms that where introduced in 8.20. Once configured your tenant’s can now see all the services listed above to configure the Edge Gateway.

Organisational Distributed Firewall:

Something that is very much new in the 8.20 release is the ability to take advantage of mircosegmentation using the NSX-v Distributed Firewall service. The ability to configure organisation wide rules logically, without the need for a virtual Edge Gateway is a significant step forward for vCD tenants and I hope that this feature enhancement is exposed by service providers and it’s value sold to their tenants. To access the Distributed Firewall, in the Virtual Datacenters windows of the Administration tab, right click on the Virtual Datacenter name and select Manage Firewall.

Once again you will be taken to the new HTML5 user interface and once the correct permissions have been applied to the user you can enable the Distributed Firewall and start configuring your rules. The URL is slightly different to the Edge Gateway URL:

/tenant/dwf/{ID}?org=ORGNAME

But the look and feel is familiar.

Conclusion:

vCloud Director SP 8.20 has finally delivered on the what most members of the vCloud Air Network had wanted for some time…that is, full NSX interoperability and feature set access as well as a new user interface. Over the next few weeks, I am going to expand on all the features of the Advanced and Distributed Networking features of vCD and NSX and walk through how to configure elements through the UI and API as well as give a looks into what’s happening at the backend in terms of how NSX stores rules and policy items for vCD tenant use.

Compatibility with vSphere 6.5 and NSX-v 6.3.x:

vCloud Director SP 8.20 is compatible with vSphere 6.5 and NSX 6.3.0 and supports full interoperability with other versions as shown in the VMware Product Interoperability Matrix. As of vCD 8.20 GA, vCD 8.20 passed the functional interoperability test and limited scale testing for these versions:

  • vCD 8.20 with vSphere 6.0 and NSX 6.3.0
  • vCD 8.20 with vSphere 6.5 and NSX 6.3.0

References:

https://kb.vmware.com/kb/2149042
https://kb.vmware.com/kb/2147625

Quick Fix: vCloud Director SP None of the Cells have a vCenter Proxy Service Running. SSL Protocol Fix

vCloud Director SP 8.20 was released a few weeks ago and I wanted to highlight an issue I ran into while testing of the BETA. I hadn’t come across this issue in previous versions of vCD and even though it relates to the fact I had a vCenter 5.5 I thought it worth a post now that 8.20 has GA’ed.

After I upgraded my cells I got the fairly common error message under the Cloud Cells section of the Manage & Monitor menu telling me that I didn’t have a vCenter Proxy service running. It’s something all vCD administrators would have seen over the years, so I did the usual troubleshooting step of going of reconnecting the vCenter under vSphere Resources. This didn’t work, so I did what comes naturally and cleared the Quartz Tables in the vCD database without any success.

Failed to connect to the vCenter. Please check if this is a valid vCenter server and the credentials are correct.

The NestedESXi lab was running vCenter 5.5 U3b and after a bit of searching I came across a post in the vCloud BETA forums relating to this issue:

Starting with VDC 8.20, the SSL protocol ‘TLSv1’ is no longer supported by default in the product for security reasons (as a server to serve the REST API request, but also as a client when talking to vCenter).
The version of vCenter you are running (please confirm which version), is older and probably only supports TLSv1.

Which explains the errors I also had been observing. Note that from 5.5 Update 3e and 6.0 Update 3 and later TLS v1.0 has been disabled and should be disabled.

Due to security concerns in the TLSv1.0 protocol, both Payment Card Industry (PCI) and BSI organizations have suggested to implement and enable TLSv1.1 or TLSv1.2, and move away from the use of TLSv1.0 as soon as possible

Even though it’s not suggested I needed to enable TLS v1 so that vCD SP 8.20 could connect to the vCenter. The following steps where done to enable TLSv1 which was based off this VMwareKB outlining why cells no longer enable SSL v3 by default and talks about a cell management tool command that configures the allowed SSL Protocols vCD uses during the handshake process with vCenter.

The SSL V3 protocol has serious vulnerability, described in CVE-2014-3566. As of vCloud Director 5.5.3, cells no longer enable SSL V3 by default for internal and external HTTPS connections. The vCloud Director cell management tool has been updated with a new subcommand that enables the system administrator to configure the set of SSL protocols that the cell offers to use during the SSL handshake process. This new subcommand has been made available in vCloud Director 5.5.3

Run the following command on the vCD cell in /opt/vmware/vcloud/bin/

./cell-management-tool ssl-protocols -d SSLv3,SSLv2Hello

After that is done restart the cell and check to make sure you have a listener and that vCenter is connected. If you run the ssl-protocols command with a -l flag it will show you what ssl-protocols are allowed. By default you should now only have TLS v1.1 and 1.2 enabled, but in my case I also needed v1.

Finally, it’s worth repeating that TLS v1 shouldn’t be used in production, but if you are still running older versions of 5.5 and 6.0 in your labs then this will help.

References:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2112282

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145796

Released: vCloud Director SP 8.20 with HTML5 Goodness!

This week, VMware released vCloud Director SP version 8.20 (build 5070630) which marks the 8th Major Release for vCloud Director since 1.0 was released in 2010. Ever since 2010 the user interface give or take a few minor modifications and additions has been the same. It also required flash and java which has been a pain point for a long time and in someways unfairly contributed towards a negative perception around vCD on a whole.  It’s been a long time coming but vCloud Director finally has a new web UI built on HTML5 however this new UI is only exposed when accessing the new NSX integration which is by far and away the biggest addition in this release.

This NSX integration has been in the works for a while now and has gone through a couple of iterations within the vCloud product team. Initially announced as Advanced Networking Services which was a decoupled implementation of NSX integration we now have a fully integrated solution that’s part of the vCloud Director installer. And while the UI additions only extend to NSX for the moment it’s brilliant to see what the development team have done with the Clarity UI (tbc). I’m going to take a closer look at the new NSX features in another post, but for the moment here are the release highlights of vCD SP 8.20.

New Features:

  • Advanced Edge Gateway and Distributed Firewall Configuration – This release introduces the vCloud Director Tenant Portal with an initial set of controls that you can use to configure Edge Gateways and NSX Distributed Firewalls in your organization.
  • New vCloud Director API for NSX – There is a new a proxy API that enables vCloud API clients to make requests to the NSX API. The vCloud Director API for NSX is designed to address NSX objects within the scope of a vCloud Director tenant organization.
  • Role Administration at the Organization Level – From this release role objects exist in each organization. System administrators can use the vCloud Director Web Console or the vCloud API to create roles in any organization. Organization administrators can use the vCloud API to create roles that are local to their organization.
  • Automatic Discovery and Import of vCenter VMs – Organization VDCs automatically discover vCenter VMs that exist in any resource pool that backs the vDC. A system administrator can use the vCloud API to specify vCetner resource pools for the vDC to adopt. vCenter VMs that exist in an adopted resource pool become available as discovered vApps in the new vDC.
  • Virtual Machine Host Affinity – A system administrator can create groups of VMs in a resource pool, then use VM-Host affinity rules to specify whether members of a VM group should be deployed on members of a vSphere host DRS Group.
  • Multi-Cell Upgrade – The upgrade utility now supports upgrading all the cells in your server group with a single operation.

You can see above that this release has some major new features that are more focused on tenant usability and allow more granular and segmented controls of networks, user access and VM discovery. The Automatic VM discovery and Import is a significant feature that goes along with the 8.10 feature of live VM imports and helps administrators import VM work loads into vCD from vCenter.

“VMware vCloud Director 8.20 is a significant release that adds enhanced functionality.  Fully integrating VMware NSX into the platform allows edge gateways and distributed firewalls to be easily configured via the new HTML5 interface.  Additional enhancements such as seamless cell upgrades and vCenter mapping illustrate VMware is committed to the platform and to vCloud Air Network partners.”

A list of known issues can be found in the release notes and i’d like to highlight the note around Virtual Machine memory for the vCD Cells…I had my NestedESXi lab instances crash due to memory pressures due to the fact the VMs where configured with only 5GB of RAM. vCloud Director SP 8.20 needs at least 6GB so ensure your cells are modified before you upgrade.

Well done the the vCloud Director Product and Development team for this significant release and I’ll look to dig into some of the new feature in detail in upcoming posts. You can also read the offical vCloud Blog release post here. I’m looking forward to what’s coming in the next release now…hopefully more functionality placed into the HTML5 UI and maybe integration with VMwareonAWS 😉

References:

http://pubs.vmware.com/Release_Notes/en/vcd/8-20/rel_notes_vcloud_director_8-20.html

https://www.vmware.com/support/pubs/vcd_sp_pubs.html

https://blogs.vmware.com/vcloud/2017/02/vmware-announces-general-availability-vcloud-director-8-20.html

First Look: ManageIQ vCloud Director Orchestration

Welcome to 2017! To kick off the year I thought I’d do a quick post on a little known product (at least in my circles) from Red Hat Inc called ManageIQ. I stumbled across ManageIQ by chance having caught wind that they where soon to have vCloud Director support added to the product. Reading through some of the history behind ManageIQ I found out that in December of 2012 Red Hat acquired ManageIQ and integrated it into its CloudForms cloud management program…they then made it open source in 2014.

ManageIQ is the open source project behind Red Hat CloudForms. The latest product features are implemented in the upstream community first, before eventually making it downstream into Red Hat CloudForms. This process is similar for all Red Hat products. For example, Fedora is the upstream project for Red Hat Enterprise Linux and follows the same upstream-first development model.

CloudForms is a cloud management platform that also manages traditional server virtualization products such as vSphere and oVirt. This broad capability makes it ideal as a hybrid cloud manager as its able to manage both public clouds and on-premises private clouds and virtual infrastructures. This acts as a single management interface into hybrid environments that enables cross platform orchestration to be achieved with relative ease. This is backed by a community that contributes workflows and code to the project.

The supported platforms are shown below.

The October release was the first iteration for the vCloud provider which supports authentication, inventory (including vApps), provisioning, power operations and events all done via the use of the API provided by vCloud Director. First and foremost I see this as a client facing tool rather than an internal orchestration tool for vCAN SPs however given it can go cross platform there can be a use for VM or Container orchestration that SPs could tap into.

While it’s still relatively immature compared to the other platforms it supports, I see great potential in this and I think all vCAN Service Providers running vCloud Director should look at this as a way for their customers to better consume and operate vCD coming from a more modern approach, rather than depending on the UI.

Adding vCloud Director as a Cloud Provider:

Once the Appliance is deployed, head to Compute and Add New Cloud Provider. From the Type dropdown select VMware vCloud

Depending on which version of vCD SP your Service Provider is running, select the appropriate API Version. For vCD SP 8.x it should be vCloud API 9.0

Next add in the URL of the vCloud Director endpoint with it’s port…which is generally 443. For the username, you use the convention of [email protected] which allows you to login specifically to your vCD Organization. If you want to login at an admin enter in [email protected] to get top level access.

Once connected you can add as many vCD endpoints as you have. As you can see below I am connected to four seperate instances of vCloud.

Clicking through you get a Summary of the vCloud Zone with it’s relationships.

Clicking on the Instances you get a list of your VM’s, but this also has views for Virtual Datacenter, vApps and other vCD objects. As you can see below there is detailed views on the VM and it does have basic Power functions in this build.

I’ve just started to look into the power of CloudForms and have been reading through the ManageIQ automation guide. It’s one of those things that needs a little research plus some trial and error to master, but I see this form of cloud consumption where the end user doesn’t have to directly manipulate the various API endpoints as the future. I’m looking forward to how the vCloud Director provider matures and I’ll be keeping an eye on the forums and ManageIQ GitHub page for more examples.

Resources:

http://manageiq.org/docs/get-started/
http://manageiq.org/docs/reference/
https://pemcg.gitbooks.io/mastering-automation-in-cloudforms-and-manageiq/content/chapter1.html

OVFTool: vCloud Director OVA Upload PowerShell Script

Earlier this year I put together a quick and nasty PowerShell Script that exports a vApp from vCloud Director using the OVFTool …for those that don’t know the OVFTool is a command line tool that has a powerful set of functions to import/export VMs and vApps from vCenter, ESXi and vCloud Director weather it be from a vCloud Air or a vCloud Air Network Provider.

You can Download and install the tool from here:

This week I needed to upload an Virtual Machine that was in OVA format and for those that have worked with vCloud Director you would know that the OVA format is not supported using the upload functionality in the current web interface. With that I thought it was a good time to round out the export using OVTTool post with an import using OVFTool post. Again, doing some research I found a bunch of posts relating to importing OVAs into vCloud Director and after working through the Admin Guide and some examples I was ready to build out a basic import command and start work on the PowerShell Script. On Windows you can run the tool from CMD but I would suggest using PowerShell/CLI as in the example below I go through building a variable.

What Info is Required:

  • vCloud URL
  • vCloud Username and Password
  • Org Name
  • vDC Name
  • vApp Name
  • Catalog Name
  • Path to OVA

Command Line Example:

Below is a basic example of how to construct the vCloud String and use it as a variable to execute the tool.

PowerShell Script:

Again, I’ve taken it a step further to make it easier for people to import OVAs into vCloud Director and put together another, slightly improved PowerShell Script that I have coded in to work with my old companies vCloud Zones…though this can be easily modified to use any vCloud Air Network vCD endpoint.

The output of the script can be seen below:

It’s a very basic script that gathers all the required components that make up the vCloud Source Connection String and then exports the OVA into the vCD vApp. I’ve even done a little more PowerShell improvements around password security and added a little colour.

Save the code snippet as a .ps1 into the OFVTool Windows Folder and execute the script from the same location. If there are any errors with the inputs provided the OVFTool will fail with an error, but apart from that it’s a very simple straight forward way to import OVAs into any vCloud Director enabled endpoint.

Additional Reading:

http://www.virtuallyghetto.com/tag/ovftool

http://www.vmwarebits.com/content/import-and-export-virtual-machines-command-line-vmwares-ovf-tool 

vCloud Director SP 8.10.1 UI Additions – Boot Options

Last week VMware released vCloud Director SP 8.10.1 Build 4655197 and while it was mainly a patch release there was one new feature added which was a couple of additional UI settings under the General Tab of a Virtual Machine.

  • New boot customization options added to delay the boot time and to enter into the BIOS setup screen. You can use the vCloud Director Web console or the vCloud API to set Boot Delay and EnterBIOS mode options.

This might seem like a small and meaningless setting, but you would be surprised how many times I experienced customers frustrated at the fact they could not get into the BIOS easily via the VM Console or have a long enough boot delay to trigger a boot from alternative media option.

The previous General Tab looked like this:

The 8.10.1 General Tab looks like this:

You can see that you now have an check box to Enter BIOS Setup and set the Boot Delay. These settings follow the rules of vSphere meaning the Boot delay is in milliseconds and can only be modified if the Virtual Machine is powered off. I had this image open with the System Administrator account which explains why you see the a few more VM related bits of information telling you what Host and Datastore the VM is residing on and what the name of the VM is in vSphere.

Again, this is a simple but extremely useful addition but continues to show VMware’s commitment to improving the vCD platform even before the big UI enhancements start to filter through next year.

#LongLivevCD

Released: vCloud Director SP 8.10.1 Important Upgrade for Zerto Clients

This week VMware released vCloud Director SP 8.10.1 Build 4655197. This is the sister build for vCD SP 8.0.2 and like that release, while there a a number of minor bug fixes in this release there is one important fix that will make service providers who offer replication services built upon Zerto happy, as it resolves a bug that had stopped many service providers upgrading from vCD SP 5.6.x…however unlike the release notes in 8.0.2 it doesn’t mention the specific fix in the notes. By all acounts the hot-fix that was released prior to this offical build is in this build…if you still have issues after this build please let VMware know through GSS.

 Apart from the bug fixes, there is one new feature in this build and that is something that will be welcomed by a lot of vCD users and that is Enhanced Boot Options.

  • New boot customization options added to delay the boot time and to enter into the BIOS setup screen. You can use the vCloud Director Web console or the vCloud API to set Boot Delay and EnterBIOS mode options.

There is also official support for NSX-v 6.2.4 and that’s now covered by all the latest vCD SP versions as you can see below.

As usual I’ve gone through the Resolved Issues list and highlighted the ones I feel are most relevant…the ones in red are issues we had seen my old employers vCloud Zones and Zettagrid Labs.

  • Deployment of vApp template in My Cloud with Hardware Modification fails with null UI Error
    Attempts to deploy vApp in My Cloud from the vApp template with hardware modificat
  • After vCloud Director upgrade, the vCloud Director version does not change in vCenter Solutions Manager
    After successful upgrade of the vCloud Director from version 8.0.1 to 8.10.0, the vCloud Director version in vCenter Solutions Manager does not update and remains 8.0.1.
  • Uploading ISO media file does not consume quota that is set after the storage policy is configured to organization vDC
    When you configure the storage policy to organization virtual datacenter (vDC) and set a quota limit, the quota is not consumed while uploading the ISO media file.
  • vCloud Director database upgrade takes long time to complete when the audit_event table contains millions of records
    Database upgrade of vCloud Director from versions 5.5.x, 5.6.x to versions 8.0, 8.0.x, 8.10 might take up to 8 hours time to complete if the audit_event table contains millions of records. This issue is resolved in vCloud Director 8.10.1. The database upgrade might now take up to 20 minutes.
  • VMware vCloud Director (vmware-vcd) services do not start automatically upon a reboot
    The VMware vCloud Director (vmware-vcd) services do not start automatically after a reboot because of an issue in the systemd-219-19.el7 module of Red Hat Enterprise Linux 7.2 that includes the upgrade to Red Hat Enterprise Linux 7.3.

This will more than likely be the last build of the current 8.0 and 8.10 releases with a closed BETA of the next vCD SP currently underway. This next major release of vCD SP promised to deliver on new UI enhancements (HTML5) and deep NSX-v integration.

References:

http://pubs.vmware.com/Release_Notes/en/vcd/8-10/rel_notes_vcloud_director_8-10-1.html

VMware on AWS: vCloud Director and What Needs to be Done to Empower the vCAN

Last week VMware and Amazon Web Services officially announced their new joint venture whereby VMware technology will be available to run as a service on AWS in the form of bare-bones hardware with vCenter, ESXi, NSX and VSAN as the core VMware technology components. This isn’t some magic whereby ESXi is nested or emulated upon the existing AWS platform, but a fully fledged dedicated virtual datacenter offering that clients can buy through VMware and have VMware manage the stack right up to the core vCenter components.

Earlier in the week I wrote down some thoughts around the possible impact to the vCloud Air Network this new offering could have. While at first glance it would appear that I was largely negative towards the announcement, after having a think about the possible implications I started to think about how this could be advantageous for the vCloud Air Network. What it comes down to is how much VMware was to open up the API’s for all components hosted on AWS and how the vCloud Director SP product team develops around those API’s.

From there it will be on vCloud Air Network partners that have the capabilities to tap into the VMC’s. I believe there is an opportunity here for vCAN Service Providers to go beyond offering just IaaS and combine their offerings with the VMware AWS offering as well as help extend out to offer AWS PaaS without the worry that traditional VM workloads will be migrated to AWS.

For this to happen though VMware have to do something they haven’t done in the past…that is, commit to making sure vCAN providers can cash in on the opportunity and be empowered by the opportunity to grow VMware based services… as I mentioned in my original post:

In truth VMware have been very slow…almost reluctant to pass over features that would allow this cross cloud compatibility and migration be even more of a weapon for the vCAN by holding back on features that allowed on-premises vCenter and Workstation/Fusion connect directly to vCloud Air endpoints in products such as Hybrid Cloud Manager. I strongly believed that those products should have been extended from day zero to have the ability to connect to any vCloud Director endpoint…it wasn’t a stretch for that to occure as it is effectively the same endpoint but for some reason it was strategically labeled as a “coming soon” feature.

Extending vCloud Director SP:

I have taken liberty to extend the VMWonAWS graphic to include what I believe should be the final puzzle in what would make the partnership sit well with existing vCloud Air Network providers…that is, allow vCloud Director SP to bridge the gap between the on-premises compute, networking and storage and the AWS based VMware platform infrastructure.

vCloud Director is a cloud management platform that abstracts physical resources from vCenter and interacts with NSX to build out networking resources via the NSX Manager API’s…with that it’s not hard in my eyes to allow any exposed vCenter or NSX Manager to be consumed by vCloud Director.

With that allowed, any AWS vCenter dedicated instance can become a Virtual Datacenter object in vCloud Director and consumed by an organisation. For vCloud Air Network partners who have the ability to programatically interact with the vCloud Director APIs, this all of a sudden could open up another 70+ AWS locations on which to allow their customers to deploy Virtual Datacenters.

Take that one step further and allow vCD to overlay on-premises compute and networking resources and then allow connectivity between all locations via NSX hybridity and you have a seriously rock solid solution that extends a customer on-premises to a more conveniently placed (remember AWS isn’t everywhere) vCloud Air Network platform that can in turn consume/burst into a VMware Dedicated instance on AWS and you now have something that rivals the much hyped Hybrid Cloud Strategy of Microsoft and the Azure Stack.

What Needs to Happen:

It’s pretty simple…VMware need to commit to continued/accelerated development of vCloud Director SP (which has already begun in earnest) and give vCloud Air Network providers the ability to consume both ways…on-premises and on VMware’s AWS platform. VMware need to grant this capability to vCloud Air Network providers from the outset and not play the stalling game that was apparent when it came to feature parity with vCloud Air.

What I have envisioned isn’t far off becoming a reality…vCloud Director is mature and extensible enough to do what I have described above, and I believe that in my recent dealings with the vCloud Director product and marketing teams at VMworld US earlier this year that there is real belief in the team that the cloud management platform will continue to improve and evolve…if VMware allow it to.

Further improving on vCloud Directors maturity and extensibility, if the much maligned UI is improved as promised…with the upcoming addition of full NSX integration completing the network stack, the next step in greater adoption beyond the 300 odd vCAN SPs currently use vCloud Director needs a hook…and that hook should be VMWonAWS.

Time will tell…but there is huge potential here. VMware need to deliver to their partners in order to have that VMWonAWS potential realised.

 

« Older Entries