FEDERATION ENTERPRISE HYBRID CLOUD 3.5 - Foundation ...

FEDERATION ENTERPRISE HYBRID CLOUD 3.5 Foundation Infrastructure Reference Architecture Guide

• Infrastructure as a service

• Automated provisioning and monitoring

• Service-driven IT operations

ABSTRACT

This reference architecture guide describes the reference architecture of the Federation Enterprise Hybrid Cloud 3.5 solution that enables IT organizations to deploy an on-premises hybrid cloud delivering infrastructure as a service (IaaS) to their business quickly.

March 2016

Reference Architecture Guide

Copyright

Copyright © 2016 EMC Corporation. All rights reserved. Published in the USA.

Published March 2016

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

EMC2, EMC, Avamar, Connectrix, Data Domain, Data Protection Advisor, Enginuity, GeoSynchrony, Isilon, Metro, PowerPath/VE, EMC RecoverPoint, ScaleIO, Unisphere, ViPR, VMAX, VNX, VPLEX, XtremIO, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.

Federation Enterprise Hybrid Cloud 3.5 Foundation Infrastructure Reference Architecture Guide

Part Number H14701.2

2

http://www.emc.com/legal/emc-corporation-trademarks.htm

Contents

Contents

Executive summary ................................................................................. 4

Hybrid cloud features and functionality ...................................................... 6

EMC and VMware integration .................................................................. 13

Key components ................................................................................... 15

Solution architecture ............................................................................. 19

Generic platform topologies ................................................................... 21

Converged platform support ................................................................... 26

VCE platforms and Federation Enterprise Hybrid Cloud .............................. 27

Software resources ............................................................................... 33

Resource sizing .................................................................................... 35

Conclusion ........................................................................................... 46

3

Executive summary

Executive summary

This document describes the reference architecture of the Federation Enterprise Hybrid Cloud 3.5 solution that enables IT organizations to deploy an on-premises hybrid cloud delivering infrastructure as a service (IaaS) to their business quickly.

The document introduces the main features and functionality of the solution, the solution topologies and key components, and the validated hardware and software environment. The companion Federation Enterprise Hybrid Cloud 3.5 Concepts and Architecture Guide is an enablement reference to begin the planning and design of your hybrid cloud and to prepare for a successful implementation.

The following guides provide further information about various aspects of the Federation Enterprise Hybrid Cloud solution:

• Federation Enterprise Hybrid Cloud 3.5: Concepts and Architecture Guide

• Federation Enterprise Hybrid Cloud 3.5: Administration Guide

• Federation Enterprise Hybrid Cloud 3.5: Infrastructure & Operations Management Guide

• Federation Enterprise Hybrid Cloud 3.5: Security Management Guide

This document is intended for executives, managers, architects, cloud administrators, and technical administrators of IT environments who want to implement a hybrid cloud IaaS platform. Readers should be familiar with the VMware® vRealize® Suite, storage technologies, general IT functions, and requirements, and how a hybrid cloud infrastructure accommodates these technologies and requirements.

The Federation Enterprise Hybrid Cloud solution enables customers to build an enterprise-class multitenant, scalable, infrastructure that enables:

• Complete management of the infrastructure service lifecycle

• On-demand access to and control of network bandwidth, servers, storage, and security

• Provisioning, monitoring, protection, and management of the infrastructure services by the line of business users, without IT administrator involvement

• Provisioning of application blueprints with associated infrastructure resources by line-of-business application owners, without IT administrator involvement

• Provisioning of backup, continuous availability, and disaster recovery services as part of the cloud service provisioning process

• Maximum asset utilization

While many organizations have successfully introduced virtualization as a core technology within their data center, the benefits of virtualization have largely been restricted to the IT infrastructure owners. End users and business units within customer organizations have not experienced many of the benefits of virtualization, such as increased agility, mobility, and control.

Transforming from the traditional IT model to a cloud-operating model involves overcoming the challenges of legacy infrastructure and processes, such as:

• Inefficiency and inflexibility

• Slow, reactive responses to customer requests

• Inadequate visibility into the cost of the requested infrastructure

Document purpose

Audience

Solution purpose

Business challenge

4

Executive summary

• Limited choice of availability and protection services

The difficulty in overcoming these challenges has given rise to public cloud providers who have built technology and business models catering to the requirements of end-user agility and control. Many organizations are under pressure to provide these same service levels within the secure and compliant confines of the on-premises data center. As a result, IT departments must create alternative cloud solutions that are cost-effective and do not compromise enterprise requirements such as data protection, disaster recovery, and guaranteed service levels.

This Federation Enterprise Hybrid Cloud solution integrates the best of EMC, VCE, VMware, and Pivotal products and services, and empowers IT organizations to accelerate the implementation and adoption of a hybrid cloud infrastructure, while still enabling customer choice for the compute and networking infrastructure within the data center. The solution caters to customers who want to preserve their investment and make better use of their existing infrastructure and to those customers who want to build out new infrastructures that are dedicated to a hybrid cloud.

The solution takes advantage of the strong integration between EMC technologies and the VMware vRealize Suite. The solution, developed by EMC and VMware product and services teams includes EMC scalable storage arrays, VCE converged infrastructure, integrated EMC and VMware monitoring, and data protection suites to provide the foundation for enabling cloud services within the customer environment.

The Federation Enterprise Hybrid Cloud solution offers several key benefits to customers:

• Rapid implementation: The solution can be designed and implemented in 28 days, in a validated, tested, and repeatable way as the foundation for IaaS based on VCE converged infrastructure. This increases the time-to-value for the customer while simultaneously reducing risk. Deliver IT as a service (ITaaS) with add-on modules for backup, disaster recovery, continuous availability, virtual machine encryption, applications, Hadoop, application lifecycle automation for continuous delivery, Federation End-User Computing, ecosystem extensions, and more.

• Supported solution: Implementing Federation Enterprise Hybrid Cloud through EMC results in a solution that EMC supports and further reduces risk that is associated with the ongoing operations of your hybrid cloud.

• Defined upgrade path: Customers implementing the Federation Enterprise Hybrid Cloud receive upgrade guidance based on the testing and validation completed by the Federation engineering teams. This upgrade guidance enables customers, partners, and EMC services teams to perform upgrades faster and with much less risk.

• Validated and tested integration: Build guides have been developed and extensive integration testing has been carried out by engineering across the solution, making it simpler to use and manage, and more efficient to operate.

The EMC Federation

EMC II, Pivotal, RSA, VCE, Virtustream, and VMware form a unique Federation of strategically aligned businesses, each can operate individually or together. The Federation provides customer solutions and choice for the software-defined enterprise and the emerging “3rd platform” of mobile, cloud, Big Data and social, transformed by billions of users and millions of applications.

EMC and the authors of this document welcome your feedback on the solution and the solution documentation. Contact [email protected] with your comments.

Authors: Ken Gould, Penelope Howe-Mailly

Technology solution

We value your feedback!

5

mailto:[email protected]?subject=Feedback:%20Federation%20Enterprise%20Hybrid%20Cloud%203.5%20Reference%20Architecture%20Guide%20-%20H14701

Hybrid cloud features and functionality


The Federation Enterprise Hybrid Cloud is an engineered solution that offers a simplified approach to IT functionality for IT organizations, developers, end users, and line-of-business owners. In addition to delivering baseline IaaS, built on the software-defined data center (SDDC) architecture, the Federation Enterprise Hybrid Cloud also delivers feature-rich capabilities to expand from IaaS to business-enabling ITaaS.

Backup as a service (BaaS), continuous availability (CA), and disaster recovery as a service (DRaaS) policies can be enabled with just a few clicks. End users and developers can quickly gain access to on-demand services for Microsoft Exchange, Microsoft SQL Server, Microsoft SharePoint, Oracle, SAP, Pivotal, Hadoop, and CloudLink Encryption. Resources can be deployed on private cloud or public cloud service providers, including VMware vCloud® Air™.

This solution includes the following features and functionality, as shown in Figure 1:

• Automation and self-service provisioning

• Multitenancy and secure separation

• Workload-optimized storage

• Elasticity and service assurance

• Monitoring and resource management

• Metering and showback

• EMC and VMware integration

Figure 1. Federation Enterprise Hybrid Cloud features and functionality

Introduction

6


This Federation Enterprise Hybrid Cloud solution provides self-service provisioning of automated cloud services to end users and infrastructure administrators. The Federation Enterprise Hybrid Cloud uses VMware vRealize Automation™ and VMware vRealize Orchestrator™ integrated with EMC ViPR® Controller and VMware NSX™ to provide the compute, storage, network, and security virtualization services for the software-defined data center. These services enable rapid deployment of business-relevant cloud services across your hybrid cloud and physical infrastructure.

Cloud users can request and manage applications and compute resources within established operational policies; this can reduce IT service delivery times from days or weeks to minutes. Features include:

• Cross-cloud storefront: Acts as a service governor that provisions workloads based on business and IT policies

• Role-based self-service portal: Delivers a user-specific catalog of IT services

• Resource reservations: Enables resources to be allocated to a specific group and ensures that access is limited to that group

• Service levels: Defines the amount and type of resources a specific service can receive either during the initial provisioning or as part of any configuration changes

• Build specifications: Contains the automation policies that specify the process for building or reconfiguring compute resources

vRealize Automation provides lines of business with the ability to deploy cloud applications rapidly and services to meet the demands of the business. Furthermore, it provides the ability to divide a shared infrastructure into logical partitions and assign them to different business units. Using role-based entitlements, business users can manage resources from their own self-service catalog of custom-defined services and blueprints. Each user’s catalog presents the virtual machines, applications, and service blueprints they are entitled to, based on their role within the organization.

Service blueprints, which are powered by vRealize Orchestrator workflows developed by the Federation, enable cloud infrastructure administrators to deploy new EMC services that are supported by EMC ViPR Controller for automated storage services, and EMC Avamar® and EMC Data Domain® for backup and restore services.

Virtual machine and application blueprints can be added for single machine or multimachine deployments. Multitier-enterprise applications requiring multiple components (application, database, and web) and service levels can be deployed easily from predefined blueprints.

Data protection policies can be applied to virtual machines at provisioning time, enabling users to request on-demand backups and restores of their virtual machines, and generate backup reports from the vRealize Automation self-service portal.

Automation and self-service provisioning

7


Figure 2 shows the Federation Enterprise Hybrid Cloud catalog after the initial deployment of storage, backup, and virtual machine provisioning services.

Figure 2. Federation Enterprise Hybrid Cloud vRealize Automation catalog view

As part of the vRealize Automation provisioning process, you can use VMware NSX virtual networks to provide an on-demand deployment including custom networks required as part of a multitier virtual machine provisioning process.

This solution is built to work with new and existing infrastructures. It supports the differing requirements of an enterprise’s many business units, and integrates with a wide variety of existing IT systems and best practices.

Multitenancy access requirements in a cloud environment range from shared, open resource access to completely isolated resources. This solution provides the ability to enforce physical and virtual separation for multitenancy, offering different levels of security to meet business requirements. This separation can encompass network, compute, and storage resources to ensure appropriate security and performance for each tenant.

The solution supports secure multitenancy through vRealize Automation role-based access control (RBAC), enabling vRealize Automation roles to be mapped to Active Directory users and groups. vRealize Automation uses existing authentication and business groupings. The user’s business role governs user access to the self-service portal.

Physical segmentation of resources can be achieved in vRealize Automation to isolate tenant resources or to isolate and contain compute resources for licensing purposes. For example, you can manage Oracle licensing costs by physically isolating all Oracle instances to a set of dedicated VMware ESXi™ resource pod clusters. Federation Enterprise Hybrid Cloud storage-as-a-service (STaaS) services ensure that any logical unit number (LUN) or VMware vSphere® datastore is presented to a single vSphere cluster, further ensuring that Oracle licensing costs might be limited to just those vSphere clusters that are designated to run Oracle instances.

Virtualized compute resources within the SDCC are objects that are inherited from the vSphere endpoint, most commonly representing VMware vSphere ESXi hosts, host clusters, or resource pools. Compute resources can be configured at the vSphere layer to ensure physical and logical separation of resources between functional areas such as Production, and Testing and Development (Test/Dev).

Multitenancy and secure separation

8


Networking

Valid concerns exist around information leakage and “noisy neighbors” on a shared network infrastructure. Consumers of the provisioned resources must operate in a dedicated environment and benefit from infrastructure standardization. To address these concerns, this solution was designed for multitenancy with a defense-in-depth perspective, which is demonstrated through:

• Implementing virtual local area networks (VLANs) to enable isolation at Layer 2 throughout the solution and where it intersects with the enterprise network

• Implementing network security controls such as Private VLANs (PVLANs), virtual routing and forwarding (VRF) instances, and virtual data centers (VDCs) to provide isolation at Layer 3

• Using VXLAN overlay networks to segment tenant and business group traffic flows

• Integrating with firewalls functioning at the hypervisor level to protect virtualized applications and enable consistent security policy enforcement throughout the solution

• Deploying provider and business group edge firewalls to protect the business group and tenant perimeters

VMware NSX for vSphere

The Federation Enterprise Hybrid Cloud can employ VMware NSX for vSphere to offer significant advancements over the VMware vCloud Networking and Security™ feature set. Enhanced networking and security features in VMware NSX include:

• VMware NSX logical routing and firewalls: Provide line-rate performance distributed across many hosts instead of being limited to a single virtual machine or physical host.

• Distributed logical routers: Contain east-west traffic within the hypervisor when the source and target virtual machines reside on the same host.

• Logical load balancer: Enables load sharing across a pool of virtual machines with configurable health check monitoring and application-specific rules for service high availability, URL rewriting, and advanced Secure Sockets Layer (SSL) handling. A distributed firewall enables consistent data-center-wide security policies.

• Security policies: Can be applied directly to security groups enabling greater flexibility in enforcing security policies.

Security

This solution enables customers to enhance security by establishing a hardened security baseline across the hardware and software stacks supporting their Federation Enterprise Hybrid Cloud infrastructure. The solution helps to reduce concerns around the complexities of the underlying infrastructure by showing how to tightly integrate an as-a-service solution stack with a public key infrastructure (PKI) and a common authentication directory to provide centralized administration and tighter control over security.

Note: This PKI and authentication directory may pre-exist in the customer environment thereby providing the integration point between the Federation Enterprise Hybrid Cloud and a customer’s existing security management infrastructure.

The solution addresses the challenges of securing authentication and configuration management to comply with industry and regulatory standards through:

• Securing the infrastructure with PKI support for authenticity, non-repudiation, and confidentiality

• Converging the various identity sources into a single directory to enable a centralized point of administration and policy enforcement

9


• Using configuration management tools to generate infrastructure reports for audit and compliance purposes

For details, refer to the Federation Enterprise Hybrid Cloud: Security Management Solution Guide.

This solution enables customers to take advantage of the proven benefits of EMC storage in a Federation Enterprise Hybrid Cloud environment. Using EMC ViPR Controller storage services and EMC XtremIO®, EMC ScaleIO®, EMC VNX®, and EMC VMAX® capabilities, this solution provides policy-based, software-defined storage management of EMC block and file storage.

With scalable storage architecture that uses the latest flash and tiering technologies, XtremIO, ScaleIO, VNX, and VMAX storage arrays enable customers to satisfy any workload requirements with maximum efficiency and performance, in the most cost-effective way. With ViPR Controller the storage, configuration is abstracted and presented as a single storage control point, enabling cloud administrators to access all heterogeneous storage resources within a data center as if they were a single large array.

Storage administrators maintain control of storage resources and policies while enabling the cloud administrator to provision automatically to the cloud infrastructure.

This solution uses a combination of tools to provide environmental visibility and alerts that are required to ensure service levels proactively in virtual and cloud environments. Using vRealize Automation and tools that are provided by EMC, administrators and end users can dynamically add resources as needed, based on their performance requirements.

Infrastructure administrators manage storage, compute, and network resources within resource pools, while end users manage their resources at a virtual machine level to achieve the service levels required by their application workloads.

Cloud users can select from a range of service levels of compute, storage, and data protection for their applications to achieve the most efficient use of the resources within their software-defined data center environment.

This solution features automated monitoring capabilities that provide IT administrators with a comprehensive view of the cloud environment to enable intelligent decision making for resource provisioning and allocation. These capabilities are based on a combination of VMware vRealize Operations Manage™r dashboards, alerts, and analytics, using extensive storage detail provided through EMC analytics adapters for ViPR, VNX, VMAX, and EMC VPLEX®.

vRealize Operations Manager provides pre-built and configurable dashboards for real-time performance, capacity, and configuration management. Performance data is interpreted and assigned a health risk value, and efficiency metrics that enable IT administrators to identify evolving performance problems easily.

The ViPR Analytics and EMC Storage Analytics (ESA) management packs are presented through the vRealize Operations Manager custom interface. This enables administrators to identify the health of ViPR Controller virtual arrays quickly as well as VMAX, VNX, XtremIO, and VPLEX storage systems using customized EMC dashboards for vRealize Operations Manager, such as the ViPR Controller dashboard, as shown in Figure 3.

Workload-optimized storage

Elasticity and service assurance

Monitoring and resource management

10


Figure 3. EMC ViPR Analytics with VMware vRealize Operations Manager

Capacity analytics in vRealize Operations Manager identify over-provisioned resources so they can be right-sized for the most efficient use of virtualized resources. What-if scenarios eliminate the need for separate performance and capacity modeling.

EMC ViPR SRM is storage resource management software that offers comprehensive monitoring and reporting for this hybrid cloud solution. ViPR SRM helps IT departments visualize, analyze, and optimize their software-defined storage infrastructure. Cloud administrators can use ViPR SRM to understand and manage the impact that storage has on their applications and view the topologies of their hybrid cloud from application to storage. Capacity and consumption of EMC ViPR software-defined storage and software level agreement (SLA) issues can be identified through real-time dashboards and reports to meet the needs of the wide range of hybrid cloud consumers.

In addition, VMware vRealize Log Insight™ provides the ability to centralize and aggregate system and application logs. Each system in the Federation Enterprise Hybrid Cloud solution can be configured to forward logs to the Log Insight system for event analytics and reporting. When configured with VMware vRealize Log Insight, EMC content packs provide customizable dashboards and user-defined fields specifically for those EMC products that enable administrators to conduct problem analysis and analytics on the storage array and backup infrastructure.

The solution uses VMware vRealize Business™ Standard to provide cloud administrators with metering and cost information across all business groups in the enterprise. vRealize Business Standard reports the virtual machine and blueprints costs based on business units and application groups across the hybrid cloud environment.

vRealize Business uses its own reference database, which has been preloaded with industry-standard and vendor-specific cost data to compute the cost of virtual CPU (vCPU), RAM, and storage. These prices are automatically consumed by vRealize Automation, where the cloud administrator may change them appropriately. This eliminates the need to configure cost profiles manually and assign them to compute resources in vRealize Automation.

Metering and showback

11


vRealize Business is integrated into the vRealize Automation portal for the cloud administrator and presents a dashboard overview of the hybrid cloud infrastructure, as shown in Figure 4.

Figure 4. vRealize Business overview dashboard for the hybrid cloud

vRealize Business is also integrated with VMware vCenter and can import existing resource hierarchies, folder structures, and VPLEX tags to associate hybrid cloud resource usage with business units, departments, and projects.

Application services

The Federation Enterprise Hybrid Cloud uses VMware vRealize Application Services™ to optimize application deployment and release management through logical application blueprints in vRealize Automation. A drag-and-drop user interface lets you quickly and easily deploy blueprints for applications and databases such as Microsoft Exchange, Microsoft SQL Server, Microsoft SharePoint, Oracle, SAP, and Cloud Foundry.

Data protection backup services

Using EMC customizations for vRealize Orchestrator workflows, administrators can quickly and easily define multitier data protection policies that users can assign when provisioning their virtual machines. The backup infrastructure takes advantage of Avamar and Data Domain features such as deduplication, compression, and VMware integration.

Avamar provides scalable backup and restore capabilities with integrated data deduplication. This reduces total disk consumption by up to 50 times, enabling cost-effective, long-term retention on Avamar Data Store servers. Avamar can alternatively use a Data Domain appliance as the backup target.

EMC Data Protection Advisor™ automates and centralizes the collection and analysis of all data across backup applications, replication technologies, the virtual environment, and supporting infrastructure, providing a single, comprehensive view of your data protection environment and activities.

Using the vRealize Automation application program interface (API) and extensibility toolkits, this solution implements custom functionality to provide Avamar-based, image-level backup

Modular add-on components

12

EMC and VMware integration

services for applications and file systems within a single organization or multiorganization hybrid cloud environment.

With this solution, enterprise administrators can offer IaaS with EMC backup to end users who want a flexible, on-demand, automated backup infrastructure without having to purchase, configure, or maintain it.

Continuous availability

A combination of VPLEX, VMware vSphere vMotion®, and VMware vSphere High Availability enables hybrid cloud users to distribute applications and their data effectively across multiple sites over synchronous distances. With virtual storage and virtual servers working together over distance, your infrastructure can provide load balancing, real-time remote data access, and improved application protection. All mobility and migration of live systems is seamlessly executed between sites, completely transparent to users and applications.

Disaster recovery

The Federation Enterprise Hybrid Cloud enables cloud administrators to select disaster recovery protection for their applications and virtual machines when deploying from the vRealize Automation self-service catalog. EMC customizations automatically place these systems on storage that is protected remotely by EMC RecoverPoint®. VMware vCenter Site Recovery Manager™, through tight integration with the EMC ViPR Controller Storage Replication Adapters, can automate the recovery of all virtual storage and virtual machines at a recovery or failover site.

Encryption

The Federation Enterprise Hybrid Cloud allows administrators to use CloudLink SecureVM to apply portable encryption to applications and virtual machines. EMC customizations allow administrators to select the virtual machine volumes to encrypt and then apply encryption to the virtual machines automatically when they provision applications and workloads from the vRealize Automation self-service catalog.

The Federation End-User Computing solution provides everything necessary for secure, anytime, anywhere access to desktops, including virtual desktop infrastructure (VDI), support desk, orchestration and automation, security, and professional services.

You can deploy the solution on a VCE converged infrastructure or on your own infrastructure platform. When integrated as an additional cloud service within the Federation Enterprise Hybrid Cloud, virtual desktops may be managed alongside other production applications in the data center.

This Federation Enterprise Hybrid Cloud solution enables IT organizations to broker public cloud services. This solution has been validated with VMware vCloud Air as a public cloud option that can be accessed directly from the solution's self-service portal by administrators and users. End users can provision virtual machines while IT administrators can perform virtual machine migration (offline) from the on-premises component of their hybrid cloud to vCloud Air using VMware vCloud Connector®.


This Federation Enterprise Hybrid Cloud solution contains many integration points between EMC and VMware products. This section highlights some of the key integration points and the value they provide to the overall solution.

End-user computing

Public cloud services

13


Figure 5 shows the areas of integration across Federation Enterprise Hybrid Cloud.

Figure 5. Federation Enterprise Hybrid Cloud integration points

Though managed by ViPR Controller, VNX, VMAX, VPLEX, XtremIO, and ScaleIO storage arrays support VMware vSphere Storage APIs—Array Integration™, which offloads ESXi host operations to the arrays to optimize server performance.

The ViPR Storage Provider integrates ViPR with VMware vSphere Storage API for Storage Awareness™. This enables vCenter to collect and report the storage capabilities of ViPR-provisioned datastores. Administrators use the vSphere API for Storage Awareness information to make intelligent placement decisions and optionally configured virtual machine and datastore service-level storage policies.

All VMware vSphere ESXi servers run EMC PowerPath®/VE for automatic path management and I/O load balancing in the storage area network (SAN). PowerPath/VE automates failover and recovery and optimizes load balancing of data paths in virtual environments to ensure availability, performance, and the ability to scale-out mission-critical applications.

The ViPR Controller plug-in for VMware vRealize Orchestrator provides an orchestration interface to the ViPR Controller software platform. The ViPR Controller plug-in has pre-packaged workflows that automate common ViPR operations such as Virtual Machine File System (VMFS) or Network File System (NFS) datastore provisioning. The ViPR Controller plug-in is installed through the vRealize Orchestrator configuration interface.

The ESA adapter for EMC VNX, VMAX, VPLEX, and XtremIO provides preconfigured dashboards for vRealize Operations Manager users to view storage metrics and topologies of the individual storage components beneath ViPR Controller.

EMC also provides storage and data protection content packs for use with VMware vRealize Log Insight. Content packs for VNX and VMAX provide dashboards and user-defined fields specifically for those EMC products that enable administrators to conduct problem analysis.

ViPR Controller Storage Provider plays a key role in this solution in identifying the capabilities of the storage presented to ESXi servers managed by vCenter. A storage profile is created in vCenter for each class, or tier, of storage presented by ViPR. These storage

Storage services

Orchestration

Operational management and monitoring

Metering

14

Key components

profiles are used by VMware vRealize Business to classify and charge for each tier of storage presented and consumed in vRealize Automation.

Key components

This section describes the key components of the solution, as shown in Figure 6.

• VMware vRealize Suite including:

VMware vRealize Automation

VMware vRealize Orchestrator

VMware vRealize Operations Manager

VMware vRealize Configuration Manager

VMware vRealize Business Standard

VMware vRealize Log Insight

• VMware vSphere ESXi and VMware vCenter Server

• VMware NSX for vSphere

• VMware vCenter Site Recovery Manager (DR only)

• EMC ViPR Controller software-defined storage

• EMC VNX, VMAX, ScaleIO, VPLEX, Isilon®, and XtremIO storage platforms

• EMC RecoverPoint (DR only)

• EMC Avamar and Data Domain data protection platforms

• EMC ViPR SRM and Data Protection Advisor

Figure 6. Federation Enterprise Hybrid Cloud solution components

Introduction

15

Key components

VMware vRealize Automation

VMware vRealize Automation enables customized, self-service provisioning and lifecycle management of cloud services that comply with established business policies. vRealize Automation provides a secure portal where authorized administrators, developers, and business users can request new IT services and manage existing computer resources from predefined user-specific menus.

VMware vSphere ESXi and VMware vCenter Server

VMware vSphere ESXi is a virtualization platform for building cloud infrastructures. vSphere enables you to run your business-critical applications confidently to meet your most demanding SLAs at the lowest total cost of ownership (TCO). vSphere combines this virtualization platform with the management capabilities of VMware vCenter Server™. This solution gives you operational insight into the virtual environment for improved availability, performance, and capacity utilization.

VMware vRealize Orchestrator

VMware vRealize Orchestrator is an IT process automation engine that helps automate the cloud and integrates the vCloud Suite with the rest of your management systems. vRealize Orchestrator enables administrators and architects to develop complex automation tasks within the workflow designer. The vRealize Orchestrator library of pre-built activities, workflows, and plug-ins helps accelerate the customization of vRealize Automation standard capabilities.

VMware NSX for vSphere

VMware NSX for vSphere is the next generation of software-defined network virtualization and offers additional functionality and improved performance over vCloud Networking and Security and traditional network and security devices. This additional functionality includes distributed logical routing, distributed firewalling, logical load balancing, and support for routing protocols such as Border Gateway Protocol (BGP), Intermediate System to Intermediate System (IS-IS), and Open Shortest Path First (OSPF).

Where workloads on different subnets share the same host, the distributed logical router optimizes traffic flows by routing locally. This enables substantial performance improvements in throughput, with distributed logical routing and firewalling providing line-rate performance distributed across many hosts, instead of being limited to a single virtual machine or physical host. VMware NSX also introduces Service Composer which integrates with third-party security services.

VMware vRealize Operations Manager

VMware vRealize Operations Manager is the key component of the vRealize Operations Management Suite. It provides a simplified approach to operations management of vSphere, and physical and cloud infrastructures. vRealize Operations Manager provides operations dashboards to gain insights and visibility into the health, risk, and efficiency of your infrastructure, performance management, and capacity optimization capabilities.

VMware vRealize Configuration Manager

VMware vRealize Configuration Manager extends the capabilities of vCenter host profiles and vSphere Update Manager to provide inventory and asset management, scheduled configuration and compliance scans, reports, and integration with vRealize Operations Manager. In addition, vRealize Configuration Manager enables configuration management of Windows and Linux guest operating system (OS) patches, and can audit the entire virtualized environment against many industry or regulatory frameworks and standards.

VMware vRealize Log Insight

VMware vRealize Log Insight delivers automated log management through log aggregation, analytics, and search capabilities. With an integrated cloud operations management

Data center virtualization and cloud management

16

Key components

approach, it provides the operational intelligence and enterprise-wide visibility that is needed to enable service levels proactively and operational efficiency in dynamic hybrid cloud environments.

VMware vRealize Business Standard

VMware vRealize Business Standard provides transparency and control over the cost and quality of IT services. By providing a business context to the services that IT offers, vRealize Business helps IT organizations shift from a technology orientation to a service-broker orientation, delivering a portfolio of IT services that align with the needs of business stakeholders.

VMware vCenter Site Recovery Manager

VMware vCenter Site Recovery Manager is a disaster recovery management solution that provides automated orchestration and non-disruptive testing of centralized recovery plans to simplify disaster recovery for virtualized applications. Site Recovery Manager integrates with RecoverPoint replication and ViPR automated storage services by means of Storage Replication Adapters (SRAs).

Site Recovery Manager reduces the time and effort that is required to set up and maintain recovery plans. Its simple, centralized recovery plans require significantly less time and coordination to update regularly than complicated, manual runbooks.

VMware Platform Services Controller

A VMware Platform Services Controller groups a set of infrastructure services, including vCenter Single Sign-On, License Service, Lookup Service, and VMware Certificate Authority. Federation Enterprise Hybrid Cloud leverages distinct virtual machines (external Platform Services Controllers) to provide these services.

EMC ViPR Controller

EMC ViPR Controller is storage automation software that centralizes and transforms multi-vendor storage into a simple and extensible platform. It abstracts and pools resources to deliver automated, policy-driven storage services on demand through a self-service catalog.

EMC VNX and EMC VMAX

EMC VNX and EMC VMAX are powerful, trusted, and smart storage arrays that provide the highest level of performance, availability, and intelligence in the hybrid cloud. VNX and VMAX storage systems offer a broad array of functionality and tools, such as the fully automated storage tiering for virtual pools (FAST VP), enabling multiple storage service levels to support ViPR-driven STaaS offerings in the hybrid cloud environment.

EMC XtremIO

EMC XtremIO is an all-flash scale-out enterprise storage array that provides substantial improvements to I/O performance. Purpose-built to use flash media, XtremIO delivers new levels of real-world performance, administrative ease, and advanced data services for applications.

EMC ScaleIO

EMC ScaleIO is a software-only server-based SAN that converges storage and compute resources to form a single-layer, enterprise-grade storage product. ScaleIO storage is elastic and delivers linearly scalable performance. Its scale-out server SAN architecture can grow from a few to thousands of servers.

EMC Isilon

EMC Isilon is a scale-out network-attached storage (NAS) storage platform that provides a powerful, simple, and efficient way to consolidate and manage enterprise data and

EMC storage services

17

Key components

applications. Its OneFS Operating System intelligently combines file system, volume manager, and data protection across all nodes within a cluster.

EMC RecoverPoint

EMC RecoverPoint is an advanced data protection, replication, and disaster recovery solution designed with the performance, reliability, and flexibility required for enterprise applications in heterogeneous storage and server environments. It provides local replication and bi-directional remote replication for physical, virtual, and cloud environments.

EMC VPLEX

The EMC VPLEX family removes physical barriers within, across, and between data centers. VPLEX Local provides simplified management and non-disruptive data mobility for heterogeneous arrays. VPLEX Metro™ and VPLEX Geo provide data access and mobility between two VPLEX clusters within synchronous and asynchronous distances respectively. With a unique scale-out architecture, VPLEX advanced data caching and distributed cache coherency provide:

• Workload resiliency

• Automatic sharing, balancing, and failover of storage domains

• Local and remote data access with predictable service levels

EMC ViPR SRM

EMC ViPR SRM provides comprehensive monitoring, reporting, and analysis for heterogeneous block, file, and virtualized storage environments. It enables you to visualize applications to storage dependencies, monitor and analyze configurations and capacity growth, as well as optimize your environment to improve return on investment (ROI).

EMC storage integration with VMware

Both VNX and VMAX support VMware vSphere Storage APIs – Array Integration, which offloads virtual machine operation to the array to optimize server performance. Both platforms also support VMware vSphere Storage API for Storage Awareness, which enables VMware administrators to expose the underlying storage performance and protection details to assist them in creating virtual machine storage policies.

EMC ViPR and EMC Storage Analytics

Powered by vRealize Operations Management Suite, EMC adapters for ViPR and ESA combine to provide a powerful management tool for VMware and storage administrators to access real-time intelligent analytics for the ViPR software-defined storage layer and the individual VNX, VMAX, VPLEX, and XtremIO platforms. Administrators can get detailed statistics through customizable dashboards, heat maps, and alerts and access topology mappings in a VMware environment.

EMC data protection workflows for vRealize Orchestrator

With vRealize Orchestrator, cloud administrators can use the data protection workflows that the Federation creates to automate Avamar and Data Domain protection of virtual machines. These workflows are added to the vRealize Automation virtual machine provisioning blueprints so that cloud users can easily set up protection at provisioning time and request on-demand restores for specific virtual machines, where they can choose to restore from all available backups.

Cloud infrastructure administrators can also use workflows that carry out the entire protection policy setup on Avamar and vCenter, to facilitate quick and easy deployment of the infrastructure that is needed to support all the end-user protection needs.


18

Solution architecture

EMC Storage Replication Adapters

EMC’s Storage Replication Adapters (SRAs) ensure tight integration between vCenter Site Recovery Manager and the RecoverPoint and ViPR products. The SRAs automate the replication and data-sync operations for coordinated disaster recovery failovers and planned migrations.

The RecoverPoint Storage Replication Adapter for VMware vCenter Site Recovery Manager enables Site Recovery Manager to implement disaster recovery using RecoverPoint. The RecoverPoint SRA supports Site Recovery Manager functions, such as failing over, failing back, and failover testing, using RecoverPoint as the replication engine.

The ViPR Controller Storage Replication Adapter for VMware vCenter Site Recovery Manager provides the same functionality for protected storage provisioned using EMC ViPR Controller.

EMC Avamar

EMC Avamar is a fast, efficient backup and recovery system that is provided through a complete software and hardware solution. Equipped with integrated variable-length deduplication technology, Avamar backup and recovery software provides integrated source and global data deduplication, which facilitates fast, full daily backups for hybrid cloud environments.

EMC Data Domain

With Avamar, you can choose to direct backups to an EMC Data Domain system instead of the Avamar server. Data Domain deduplication storage systems deduplicate data inline so that data is written already deduplicated on the disk, and requires less disk space than the original dataset. With Data Domain, you can retain backup and archive data on site longer to enable quick and reliable data restores from disk.

EMC Data Protection Advisor

With EMC Data Protection Advisor (DPA), you can automate and centralize the collection and analysis of all data across backup applications, replication technologies, the virtual environment, and supporting infrastructure. This provides a single, comprehensive view of your data protection environment and activities. In addition, when integrated with vRealize Orchestrator workflows, DPA can be used to provide on-demand reporting of backup statistics and status.


The Federation Enterprise Hybrid Cloud provides a single-site topology as well as multiple different dual-site topologies, which are described in the following section.

Note: In this context, dual site means any environment with two separate data islands of infrastructure. These data islands can be in the same data center, on the same campus, or separated over a larger geographical distance.

Hybrid cloud data protection

Overview

19


Figure 7 shows how the components of the management stack are distributed among the management pods.

Figure 7. Cloud management platform component layout

Core Pod

The Core Pod is used to host a core set of resources that must exist before the remainder of the cloud can be deployed. These core resources include vCenter Server, Microsoft SQL Server 2012, and Vmware NSX Manager, if in use. The hardware that hosts this pod need not be managed by cloud components, but the virtual machines it hosts are the critical foundation of the cloud.

Automation Pod

The Automation Pod hosts the virtual machines that automate and manage the cloud infrastructure that supports the workloads consumed by the clouds tenants. The Automation Pod supports the components responsible for functions such as the user portal and automated provisioning, monitoring, metering, and reporting.

NEI Pod

The Network Edge Infrastructure (NEI) Pod hosts the VMware NSX Edge™ appliances and VMware NSX Controllers and is only required if VMware NSX is in use. It becomes the convergence point at which the physical and virtual networks connect.

Management model

The Core, Automation, and NEI Pod resources can be hosted by distinct vSphere clusters or by a single vSphere cluster, depending on whether the distributed or collapsed management model is used.

Management stack components

20

Generic platform topologies

Workload Pods

The Workload Pods are configured and assigned in vRealize Automation as shared resources, to host virtual machines deployed by the different business groups in the hybrid cloud environment. These Workload Pods are deployed as VMware vSphere clusters in VMware vCenter endpoints.

Note: Workload Pods were previously termed resource pods in Federation Enterprise Hybrid Cloud 2.5.1 and earlier. For further details about the management platform and supported deployment models, refer to the Federation Enterprise Hybrid Cloud 3.5: Concepts and Architecture Guide.


The topology that is shown in Figure 8 shows the basic sets of resources and components that the Federation Enterprise Hybrid Cloud solution requires.

Figure 8. Federation Enterprise Hybrid Cloud single-site architecture

The single site Federation Enterprise Hybrid Cloud topology should be used when restart or recovery of the cloud to another data center is not required. It can also be used as the base deployment on top of which you can layer the dual site /single vCenter or dual site /dual vCenter topologies at a later time.

Single-site topology

21


The architecture that is shown in Figure 9 represents the standard dual-site/single vCenter Federation Enterprise Hybrid Cloud topology which can controls two sites, each with independent islands of infrastructure using a single vCenter instance and a Federation Enterprise Hybrid Cloud Management stack/portal.

Note: In this case, the scope of the term site is at the user’s discretion. It could be taken to mean separate individual geographical locations, or could also mean independent islands of infrastructure in the same geographical location such as independent VCE™ Vblock® platforms.

Figure 9. Federation Enterprise Hybrid Cloud standard dual-site/single vCenter

architecture

Standard dual-site/single vCenter topology

22


Figure 10 depicts the conceptual configuration of the Federation Enterprise Hybrid Cloud CA dual-site/single vCenter topology. This topology hosts the same components within each of the pods, but enhances the single-site topology by including VPLEX Metro and vSphere metro storage cluster technologies to protect all the management and workload across data centers.

Figure 10. Federation Enterprise Hybrid Cloud dual-site CA topology

In this configuration, each pod is stretched across both sites in active/active fashion. The underlying VPLEX distributed storage allows all the management components and workloads to either proactively move before a known event using vMotion or reactively restart, using vSphere High Availability if an unpredicted failure event occurs.

Continuous availability (CA) dual-site/single vCenter topology

23


The standard dual site/dual vCenter Federation Enterprise Hybrid Cloud architecture controls two sites, each with independent islands of infrastructure, each using its own vCenter instance but controlled by a single Federation Enterprise Hybrid Cloud management platform/portal.

This architecture provides a mechanism to extend an existing Federation Enterprise Hybrid Cloud by adding additional independent infrastructure resources to an existing cloud, when resilience of the management platform itself is not required, but where the resources being added either already belong to an existing vCenter or it is desirable for them to do so. Figure 11 shows the architecture used for this topology option.

Figure 11. Federation Enterprise Hybrid Cloud standard dual site/dual vCenter

architecture

Standard dual-site/dual vCenter topology

24


Figure 12 depicts the conceptual configuration of the Federation Enterprise Hybrid Cloud DR dual-site/dual vCenter topology. This topology hosts the same components within each of the pods, but enhances the single-site topology by including EMC RecoverPoint and VMware Site Recovery Manager technology to protect the relevant management and Workload Pods across data centers.

Figure 12. Federation Enterprise Hybrid Cloud DR dual-site/dual vCenter topology

In this configuration, each site has its own distinct Core and NEI Pods, but the Automation Pod that supports the cloud workloads and the cloud workloads themselves, can be recovered on the secondary site through the VMware Site Recovery Manager framework.

Disaster recovery (DR) dual-site/dual vCenter topology

25

Converged platform support

The server hardware and networking requirements for this Federation Enterprise Hybrid Cloud solution conform to the VMware Compatibility Guide.

This solution uses standard VMware- and EMC-supported I/O devices to support Ethernet and Fibre Channel (FC) connectivity, including:

• 10 Gb Ethernet

• 8 Gb/s FC

The VMware Compatibility Guide provides detailed lists of vendor devices that have been either physically tested or are similar to the devices tested by VMware or VMware partners.

Resource sizing information is provided in Resource sizing.

Converged platform support

Figure 13 shows the converged platforms that the Federation Enterprise Hybrid Cloud supports and the relevant Federation Enterprise Hybrid Cloud services that each converged platform supports.

Figure 13. Converged platforms Federation Enterprise Hybrid Cloud services support

Vblock Systems are pre-architected, pre-engineered, pre-configured converged infrastructures that consist of storage technologies from EMC, network and compute systems from Cisco, and virtualization platforms from VMware. Vblock Systems provide dynamic pools of resources that can be intelligently provisioned and managed to address changing demands and rapidly shifting business opportunities. VCE provides single-call

Server and networking requirements

VCE Vblock

26

http://www.vmware.com/resources/compatibility/search.php?deviceCategory=server

VCE platforms and Federation Enterprise Hybrid Cloud

support to maximize the value of customer investment in Vblock with an integrated support portfolio that increases system availability, reliability, and productivity.

VCE VxBlock® Systems simplify all aspects of IT and enable organizations to achieve better business outcomes faster. Seamlessly integrating best-in-class compute, network, and storage technologies from industry leaders EMC, Cisco, and VMware, VxBlock Systems provide dynamic pools of resources that can be intelligently provisioned and managed to address changing demands and rapidly shifting business opportunities. Engineered to the same exacting specifications as Vblock Systems for the highest levels of performance, capacity, availability, and security, VxBlock Systems address a need for increased choice of network virtualization solutions using VMware NSX.

VCE VxRack™ System 1000 Series is a new hyper-converged offering that complements VCE converged infrastructure systems. These self-contained units of servers and networking are well-suited for the rapid growth in next-generation applications—enabling you to support a growing number of use cases with built-in resiliency and less stringent availability and performance requirements on infrastructure. The VxRack System 1000 Series can incorporate alternate software-defined storage technologies, a choice of hypervisors, and bare metal workloads.

The new VCE VxRail™ Appliance is a Hyper-converged Infrastructure Appliance that delivers virtualization, compute, storage, networking, and data protection in an agile, scalable, and easy-to-manage SDDC Building Block. VxRail Appliances are fully integrated, preconfigured, pretested VMware HCI appliances that scale-out linearly in common modular building blocks that are based on business needs. VxRail delivers resiliency, quality 0f service (QoS), and centralized management functionality that enables faster, better, and simpler management of consolidated workloads, virtual desktops, business critical applications, and remote office infrastructure. VxRail Appliances provide the flexibility of a broad set of configuration options at a variety of price and scale points.


VCE’s converged infrastructure offerings are the ideal platforms on which to build a Federation Enterprise Hybrid Cloud. The following sections show specifically how Federation Enterprise Hybrid Cloud overlays on VCE Converged Infrastructure platforms in terms of component efficiencies.

Note: Other converged platforms are also supported. Converged platform support provides more information.

In a single-site Federation Enterprise Hybrid Cloud deployment on VxBlock:

• The use of the high performance Advanced Management Platform (AMP-2HAP) option from VCE is required. AMP-2HAP ensures sufficient compute resources exist to run all native AMP management components as well as the Federation Enterprise Hybrid Cloud core pod components.

• A single vCenter is the default as the Federation Enterprise Hybrid Cloud External and Cloud vCenters are fully collapsed into the VCE AMP vCenter.

Federation Enterprise Hybrid Cloud External and Cloud vCenters can be installed outside of the AMP (leveraging VxBlock production blades) to provide further fault domains, but only as part of a VCE and Federation Enterprise Hybrid Cloud consulting engagement.

• Core and NEI pod functions are deployed and configured in the VCE factory.

VCE VxBlock

VCE VxRack

VCE VxRail

Overview

VxBlock Single Site architecture overlay

27


• The Federation Enterprise Hybrid Cloud NEI Pod function is split across the AMP and Edge Clusters.

• The Edge cluster uses VCE UCS C-Series (configurable based on bandwidth requirements).

• Automation pod components consume production blades. They are deployed in the VCE factory but are configured onsite.

Figure 14 shows how the Federation Enterprise Hybrid Cloud and VCE components overlay in this configuration.

28


Figure 14. Overlay of Federation Enterprise Hybrid Cloud on VxBlock in single site architecture

In a CA dual-site/single vCenter Federation Enterprise Hybrid Cloud deployment on Vblock:

• The high performance AMP-2HAP option from VCE may be used, but is not required.

• AMP vCenter remains distinct.

• Federation Enterprise Hybrid Cloud External and Cloud vCenters may be collapsed.

• Core, NEI, and Automation pod functions all consume production blades.

Vblock Continuous Availability architecture overlay

29


• Core, NEI, and Automation pod functions are all deployed in the VCE factory but are configured onsite.

• VPLEX Metro is required for storage replication.

• The SMI-S that is located in the AMP may be used by Federation Enterprise Hybrid Cloud.


30


Figure 15. Overlay of Federation Enterprise Hybrid Cloud on Vblock in CA architecture

In a DR dual-site/dual vCenter Federation Enterprise Hybrid Cloud deployment on VxBlock:

• The use of the high performance AMP-2HAP option from VCE is required. AMP-2HAP ensures sufficient compute resources exist to run all native AMP management components as well as the Federation Enterprise Hybrid Cloud core pod components.

VxBlock Disaster Recovery architecture overlay

31


• A single vCenter per site is the default as the Federation Enterprise Hybrid Cloud External and Cloud vCenters are fully collapsed into the relevant VCE AMP vCenter.

Federation Enterprise Hybrid Cloud External and Cloud vCenters can be installed outside of the AMP (leveraging VxBlock production blades) to provide further fault domains, but only as part of a VCE and Federation Enterprise Hybrid Cloud consulting engagement.

• Core and NEI pod functions are deployed and configured in the VCE factory.

• The Federation Enterprise Hybrid Cloud NEI Pod function is split across AMP and Edge clusters.

• The Edge cluster uses VCE UCS C-Series (configurable based on bandwidth requirements).

• Automation pod components consume production blades. They are deployed in the VCE factory but are configured onsite.

• EMC RecoverPoint is required for storage replication.

• Reserved compute capacity in the secondary VxBlock for automation pod failover is required.


Figure 16. Overlay of Federation Enterprise Hybrid Cloud on VxBlock in DR architecture

EMC Secure Remote Support (ESRS)

ESRS allows EMC personnel to monitor the health of EMC storage arrays in the VCE Converged Platform remotely, and perform support and maintenance functions. ESRS serves as the conduit for all communications between EMC and the EMC storage arrays. ESRS monitors the health of multiple EMC storage arrays in VCE Systems and elsewhere. EMC ESRS is integrated into the EMC base software suite.

VCE management components

32

Software resources

Advanced Management Platform (AMP)

Provides the infrastructure and tools to jump-start the VCE System build and to provide out-of-band management, monitoring, and troubleshooting. The AMP is available in high-availability (HA) and mini-AMP versions.

AMP-2HAP is the second-generation Advanced Management Platform model that provides automatic failover and load balancing of virtual machines (VMs) that are deployed to implement Core and VCE Optional management workloads. The performance option (P) consists of the base configuration plus a third Cisco UCS rack server and 100-GB enterprise flash drives (EFDs) to implement FAST VP.

VCE Vision Intelligent Operations

The VCE Vision™ software suite provides an integrated set of software products to manage a data center. VCE Vision software is the first software suite to provide an intelligent solution to manage operations in a converged infrastructure environment. These tools enable and simplify converged operations by dynamically providing a high level of intelligence into a customer’s existing management toolset.

XtremIO Management Server (XMS)

XMS is a stand-alone dedicated Linux-based server that is used to control the XtremIO system. Each XtremIO cluster requires its own XMS host, which can be either a physical or a virtual server. The array continues to operate if it is disconnected from the XMS, but cannot be configured or monitored.

ViPR Image Server

The EMC ViPR Controller requires the ViPR Image server, which is a compute image server, to deploy compute OS images. When you run the VCE System provisioning service, this image server participates in OS installation using EMC ViPR Controller.

Software resources

This section provides details, by category, of the software that is certified in this solution.

Note: For up-to-date supported version information, refer to the ELab Navigator home page.

Array software Table 1.

Software Notes

EMC Enginuity™ for VMAX2 Operating environment for VMAX

EMC Enginuity for VMAX3 Operating environment for VMAX3

EMC VNX1 Operating Environment Operating environment for VNX1 block and file

EMC VNX2 Operating Environment Operating environment for VNX2 block and file

EMC ScaleIO Operating environment for ScaleIO

EMC GeoSynchrony® Operating environment for VPLEX

EMC XtremIO Operating environment for XtremIO

33

https://elabnavigator.emc.com/eln/modernHomeFederation

Software resources

EMC software Table 2.

Software Notes

EMC Connectrix® Manager Converged Network Edition (CMCNE)

Required by EMC ViPR for Brocade SAN

EMC PowerPath® Virtual Edition Multi-pathing and load balancing for ESXi hosts

EMC PowerPath Virtual Appliance License management for EMC PowerPath Virtual Edition

EMC RecoverPoint EMC RecoverPoint software installed on RPAs

EMC RecoverPoint Storage Replication Adapter (for Windows)

EMC RecoverPoint Storage Replicator Adapter for VMware vCenter Site Recovery Manager

EMC SMI-S Provider for VMAX (for Windows) SMI-S Provider for Windows x64

EMC Solutions Enabler for VMAX3 (for Windows)

SMI-S Provider for Windows x64

EMC SMI-S Provider for VNX (for Windows) SMI-S Provider for Windows x64

EMC ViPR Controller EMC ViPR software-defined storage

EMC ViPR Storage Replication Adapter (for Windows)

EMC ViPR Storage Replicator Adapter for VMware vCenter Site Recovery Manager

EMC ViPR SRM EMC ViPR Storage Resource Management Suite

EMC and VMware integration Table 3.

Software Notes

EMC Federation Enterprise Hybrid Cloud Foundation Module

Customization package for STaaS and foundation workflows

EMC Federation Enterprise Hybrid Cloud Backup Module

Customization package for BaaS workflows

EMC Federation Enterprise Hybrid Cloud Disaster Recovery Module

Customization package for DRaaS workflows

EMC ViPR Analytics EMC ViPR Analytics adapter for VMware vRealize Operations Manager

EMC Storage Analytics EMC Storage Analytics adapter for VMware vRealize Operations Manager

EMC ViPR Controller plug-in for VMware vRealize Orchestrator

EMC ViPR Controller plug-in for vRealize Orchestrator workflows

EMC backup and recovery Table 4.

Software Notes

EMC Avamar Avamar system software

EMC Data Domain Operating System (DD OS) Operating system for Data Domain appliance

EMC Data Protection Advisor Data protection management software

34

Resource sizing

VMware virtualization and cloud infrastructure Table 5.

Software Notes

Microsoft SQL Server Database server for vCenter Server and vRealize Automation

Microsoft Windows Server Operating system (OS) for the server environment

VMware vRealize Automation VMware cloud management and infrastructure

VMware vRealize Automation Application Services

VMware application deployment for vCloud

VMware vRealize Orchestrator Appliance vRealize orchestration engine

VMware vRealize Orchestrator vRA Plug-in vRealize Automation Center plug-in for vRealize Orchestrator

VMware vCenter Server (for Windows) vSphere management server

VMware vSphere ESXi VMware server hypervisor

VMware NSX for vSphere Next-generation software-defined networking and security

VMware vRealize Orchestrator Plugin for VMware NSX

VMware vRealize Orchestrator plug-in for VMware NSX

VMware vDS for vSphere Aligns with vSphere

VMware vRealize Operations Manager Automated operations management Appliance

VMware vRealize Configuration Manager Automated configuration management

VMware vRealize Log Insight vRealize log analytics and management

VMware vRealize Business Standard VMware vRealize Business Standard Edition

VMware vCenter Site Recovery Manager (for Windows)

VMware vCenter Site Recovery Manager

VMware vRealize Orchestrator Plug-In for Site Recovery Manager

Site Recovery Manager plug-in for vRealize Orchestrator

EMC security add-on Table 6.

Software Notes

EMC Cloudlink SecureVM Virtual machine encryption software

Resource sizing

When sizing a hybrid cloud, it is important to size the management infrastructure so that it has adequate capacity to address the size of the resource clusters being planned for deployment.

This section provides sample management infrastructures for four different cloud sizes, namely 500, 1,000, 5,000, and 10,000 workload virtual machines. They are based on a number of assumptions that are likely, and are permitted, to differ in actual installations.

Note: The following sizing configurations are sample outputs from the Federation Enterprise Hybrid Cloud Solution Sizing tool, and do not represent the only permitted configuration. To size

Sample sizing

35

Resource sizing

for the individual requirements of your own hybrid cloud accurately, and to obtain the exact virtual machine sizing requirements for each component, refer to the Federation Enterprise Hybrid Cloud Solution Sizer, available at: https://mainstayadvisor.com/go/emc.

The following guidelines and assumptions were used when creating the sample management configurations:

• Mandatory guidelines:

CPU core over-subscription must be no greater than 2:1 for all Federation Enterprise Hybrid Cloud management pods.

• Recommended guidelines:

Sufficient infrastructure must exist to allow all virtual machines to run in steady state simultaneously.

VMware NSX is the recommended networking technology and is used in these samples.

Note: VMware vSphere Distributed Switches are also supported.

VMware vSphere HA should be used in each management pod. To enable this, one additional node (ESX server) is suggested over and above the calculated requirements for each pod.

Note: For ultimate resilience and ease of use during maintenance windows, creating vSphere clusters sizes based on N+2 may be appropriate based on customer preference, where N is the calculated CPU and RAM requirements for the hosted VMS plus host system overhead. The Federation Enterprise Hybrid Cloud sizing tool sizes vSphere clusters based on an N+1 algorithm.

Calculated requirements should, and in these examples, do include a buffer of 20 percent for RAM utilization in the Core, Automation, and NEI Pods. The minimum value that EMC supports is 10 percent.

Calculated requirements should, and in these examples, do include a buffer of 20 percent for CPU core utilization in the Core, Automation, and NEI Pods. The minimum value that EMC supports is 10 percent.

• The following additional inputs were also arbitrarily chosen for the purposes of these sample calculations:

Servers for the Core Pod have 20 CPU cores and 256 GB RAM.

Servers for the NEI Pod have 10 CPU cores and 64 GB RAM.

Servers for the Automation Pod have 20 CPU cores and 256 GB RAM.

Note: Changing the server configuration changes the output. For the NEI Pod, the Federation mandates a minimum of four servers as VMware NSX best practice recommends that each VMware NSX controller be on a separate physical host and that VMware NSX ESG and DLR virtual machines be on separate physical hosts.

The average tenant resource virtual machine specification is 1 vCPU, 2 GB RAM, and 100-GB disk.

The number of tenants is one.

The number of transport zones is one.

The required north/south bandwidth of the solution is 40 Gb/s.

Datastores have 10 percent free capacity after components have reached full size.

Sizing guidelines and assumptions

36

https://mainstayadvisor.com/go/emc

Resource sizing

The user has chosen to deploy the Federation Enterprise Hybrid Cloud Data Protection Module.

The user has chosen to deploy ViPR SRM.

VMware vRealize Configuration Manager is not used.

VCE VxBlock was the chosen converged infrastructure platform for the solution.

Federation Enterprise Hybrid Cloud Single Site topology was chosen.

37

Resource sizing

This section details a sample set of requirements to manage a 500-virtual-machine cloud. Table 7 provides the detailed breakdown of the virtual machines that are required to manage this 500-virtual-machine cloud example and their location within the management platform.

Sample 500-VM cloud management platform: component and locations Table 7.

Component Quantity EHC Pod Cluster

Cloud vCenter Server 1 Core AMP Cluster

Cloud vCenter PSC 1 Core AMP Cluster

Cloud SQL Server 1 Core AMP Cluster

Update Manager 1 Core AMP Cluster

NSX Manager 1 Core AMP Cluster

NSX Controllers 3 Core AMP Cluster

Vision 1 N/A AMP Cluster

Vision MSM 1 AMP Cluster

PowerPath VAPP 1 AMP Cluster

ESRS VE 2 AMP Cluster

Element Manager (SMI-S) 1 AMP Cluster

Fabric Manager (Cisco DCNM)

1 AMP Cluster

NSX Enterprise Edge 4 NEI EHC NEI Cluster

NSX Tenant Edge 2 NEI EHC NEI Cluster

NSX DLR 2 NEI EHC NEI Cluster

vRA NSX Load Balancer 2 NEI EHC NEI Cluster

vRA Appliance 2 Automation EHC Automation Cluster

vRA IaaS Web Server 2 Automation EHC Automation Cluster

vRA IaaS Manager Server 2 Automation EHC Automation Cluster

vRA IaaS DEM Server 2 Automation EHC Automation Cluster

vRA IaaS Agent Server 2 Automation EHC Automation Cluster

Auto-PSC 1 Automation EHC Automation Cluster

Auto-SQL 1 Automation EHC Automation Cluster

vRA Application Services 1 Automation EHC Automation Cluster

ViPR Controller 3 Automation EHC Automation Cluster

vROPs 1 Automation EHC Automation Cluster

vCenter Log Insight Nodes 3 Automation EHC Automation Cluster

vRealize Business 1 Automation EHC Automation Cluster

vRO Appliance 2 Automation EHC Automation Cluster

DPA App Server 1 Automation EHC Automation Cluster

500-virtual-machine cloud sizing sample

38

Resource sizing


DPA DB Server 1 Automation EHC Automation Cluster

SRM Frontend 1 Automation EHC Automation Cluster

SRM Primary Backend 1 Automation EHC Automation Cluster

SRM Secondary Backend 1 Automation EHC Automation Cluster

SRM Collector 1 Automation EHC Automation Cluster

Table 8 represents a pod-by-pod summary of the virtual machine resource requirements that are needed to manage the 500-virtual-machine cloud example.

Sample 500-VM cloud management platform: component requirements Table 8.

Pod name Resource type Quantity

Core Pod (includes requirements for VCE AMP VMs)

Number of Virtual Machines 15

Virtual CPU 43

Virtual RAM 112

Storage (OS and Data) 1,646

NEI Pod Number of Virtual Machines 10

Virtual CPU 30

Virtual RAM 11

Storage (OS and Data) 95

Automation Pod Number of Virtual Machines 29

Virtual CPU 97

Virtual RAM 292


Table 9 lists the physical hardware that is required for each of the respective pods, based on the Sizing and the required number of hosts that are needed to satisfy the aggregate virtual machine requirements of the 500-virtual-machine cloud example.

Sample 500-VM cloud management platform: physical hardware Table 9.

Cluster name Number of physical hosts

AMP Cluster 3

EHC NEI (Edge) Cluster 4

EHC Automation Cluster 4

39

Resource sizing

This section details a sample set of requirements to manage a 1,000-virtual-machine cloud. Table 10 provides the detailed breakdown of the virtual machines that are required to manage this 1,000-virtual-machine cloud example and their location within the management platform.

Sample 1,000-VM cloud management platform: components and locations Table 10.








Vision 1 AMP Cluster





Fabric Manager (Cisco DCNM) 1 AMP Cluster




















1,000-virtual-machine cloud sizing sample

40

Resource sizing






Table 11 represents a pod-by-pod summary of the virtual machine resource requirements that are needed to manage the 1,000-virtual-machine cloud example.

Sample 1,000-VM cloud management platform: component requirements Table 11.



Number of Virtual Machines

15

Virtual CPU 47

Virtual RAM 120


NEI Pod Number of Virtual Machines

10

Virtual CPU 30

Virtual RAM 11


Automation Pod Number of Virtual Machines

29

Virtual CPU 97

Virtual RAM 292


Table 12 lists the physical hardware that is required for each of the respective pods, based on the Sizing and the required number of hosts that are needed to satisfy the aggregate virtual machine requirements of the 1,000-virtual-machine cloud example.

Sample 1,000-VM cloud management platform: physical hardware Table 12.


AMP Cluster 3



41

Resource sizing

This section details a sample set of requirements to manage a 5,000-virtual-machine cloud. Table 13 provides the detailed breakdown of the virtual machines that are required to manage this 5,000-virtual-machine cloud example and their location with the management platform.



































42

Resource sizing











Virtual CPU 55

Virtual RAM 128



Virtual CPU 30

Virtual RAM 11



Virtual CPU 101

Virtual RAM 308


Table 15 lists the physical hardware that is required for each of the respective pods based on the Sizing and the required number of hosts that are needed to satisfy the aggregate virtual machine requirements of the 5,000-virtual-machine cloud example.



AMP Cluster 3



43

Resource sizing

This section details a sample set of requirements to manage a 10,000-virtual-machine cloud. Table 16 provides the detailed breakdown of the virtual machines that are required to manage this 10,000-virtual-machine cloud example and their location with the management platform.



































44

Resource sizing











Virtual CPU 55

Virtual RAM 128



Virtual CPU 30

Virtual RAM 11



Virtual CPU 109

Virtual RAM 324


Table 18 lists the physical hardware that is required for each of the respective pods based on the Sizing and the required number of hosts that are needed to satisfy the aggregate virtual machine requirements of the 10,000-virtual-machine cloud example.



AMP Cluster 3



45

Conclusion

Conclusion

This Federation Enterprise Hybrid Cloud solution enables customers to build an enterprise-class multitenant, scalable, platform for complete infrastructure service lifecycle management. This solution provides on-demand access and control of infrastructure resources and security while enabling customers to maximize asset utilization. Specifically, the solution integrates all the key functionality that customers demand of a hybrid cloud and provides a framework and foundation for adding other services.

This solution incorporates the following principles:

• Self-service and automated provisioning

• Multitenancy and secure separation

• Security and compliance

• Elasticity and service assurance

• Monitoring

• Metering and chargeback

• Availability and data protection

The solution uses the best of EMC and VMware products and services to empower customers to accelerate the implementation and adoption of a hybrid cloud while enabling customer choice for the compute and networking infrastructure within the data center.

Summary

46

FEDERATION ENTERPRISE HYBRID CLOUD 3.5 - Foundation ...

Documents