Delivering Multi-Cloud Platform with vRealize Automation 8...§ Infrastructure-as-Code for multi-cloud deployments ... • Single click consumption of Code Assembly templates, AWS

HEADSET CHANNEL 5

#vFORUMAU#vFORUMAU

5

Scott Norris, VMwareTony Phan, VMware

Delivering Multi-Cloud Platform with vRealizeAutomation 8

#vFORUMAU

Disclaimer

This presentation may contain product features or functionality that are currently under development.

This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.

This information is confidential.

The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation

to deliver any items presented herein.

©2019 VMware, Inc.

Agenda

3

Foundation

Infrastructure-as-Code

Simplify Automation through Action Based eXtensibility

Catalog and Policies through Service Broker

Native Cloud Integrations

Extensible Pipelines through Code Stream

Cost and Compliance with CloudHealth

4©2019 VMware, Inc.

Foundation

©2019 VMware, Inc. 5

Hybrid Cloud Native Public Cloud

Multi-Cloud Journey


De-Risk strategies

Global reach

Cost efficiency

Strategic IT Investments

What is Driving Native Public Cloud Adoption?

Developer andBusiness Agility

Developer speed

Infinite scale

On-demand services


Integrating Multi-Cloud Brings Challenges

7

Multiple Portals

• Multiple UI/API’s for Dev’s

and Admins• Different terminology and

concepts between

providers

Growing Costs• 24x7 Development

Workloads• No simple correlation to

costs and business units or projects

Lack of Standards

• Different deployment

and maintenance procedures

• Lack of centralised

workload metadata

Security

• Lack of security and audit

standards• Enforcement of available

cloud providers based on data sensitivity


VMware Cloud Automation

Programmable Provisioning: vRealize Automation for Multi-CloudPurchase and operate as SaaS and on-premises

Cloud APICloud Admin,SRE

Blueprints: Multi-Cloud TemplatesDeveloper

On Premises: vRealize Automation 8 SaaS: Cloud Automation Service (vRA Cloud)

Developer, DevOps Admin

Catalog & Policy Continuous DeliveryService Brokering

Application Service

Container Service

Function Service

Third-Party Tools

PO

LIC

IES

EC2 EBS S3 ROUTE

53

REDSH

IFT

RDS LAMB

DA

KMS KINESI

S

IAM EMR VM DISK STORA

GE

SQL SEARC

HREDIS DNS APP INSTA

NCEDISK

MACHINE

VOLUME

NETWORK

LOAD

BALANCER

EC2 EBS S3 ROUTE

53

REDSH

IFT

RDS LAMB

DA

KMS KINESI

S

IAM EMR VM DISK STORA

GE

SQL SEARC

HREDIS DNS APP INSTA

NCEDISK

MACHINE

VOLUME

NETWORK

LOAD

BALANCER

VCPP / VMC

The picture can’t be displayed.

PUBLIC CLOUD


SDDC (VCF) EDGE

Hybrid infra


Self-governing Cloud Services

vRealize Automation Self-service catalog of native templates for each cloud.Consistent governance guard rails across clouds.

Multi-Cloud and Application AutomationOrchestrates and expedites infrastructure and application delivery in line with DevOps principles

Deployment automation with operations

Cloud AssemblyMulti-Cloud and Application AutomationOrchestrates and expedites infrastructure and application delivery in line with DevOps principles

Service BrokerSelf-service catalog of native templates for each cloud.Consistent governance guard rails across clouds.

Code StreamDeployment automation with operations


ON-PREM

SAAS

VMware Cloud Assembly

§ Infrastructure-as-Code for multi-cloud deployments

§ Build and deploy cloud-agnostic blueprints for infrastructure and apps

VMware Code Stream

§ Deliver developers code and applications faster

§ Reduce time required for troubleshooting and remediation

VMware Service Broker

§ Consistent control across cloud services

§ Templates for multiple clouds and platforms

§ Central catalog with role-based policies

Define, Aggregate and Deploy across CloudsVMware Automation

VMware vRealize Automation 8.0

VMware vRealize Automation Cloud


Define, Aggregate and Deploy across CloudsCloud Automation with vRealize Automation 8

Cloud AssemblyTM

VMwareCode StreamTM

VMwareService BrokerTM

VMware

Lease

Resource

Cost

Power schedule Approval

Naming

Tagging

Notification

Catalog Items

START

STOP

SCALE OUT

Cloud

AssemblyAzure

ARM*AWS CFT K8s*

+GOVERNANCE POLICIES

DEV PRODSTAGE

DEPLOY DEPLOYDEPLOY

TASK …TASK

…TASK …

Versioned Blueprints

VMware Marketplace

Brownfield Greenfield

DIY

vRO Pivotal*

* Indicate Templates and Services that are Coming Soon


Infrastructure-as-Code


Abstract image definition maps to specific images for each cloud & region

Cloud-Agnostic Infrastructure-as-Code

1

Image mapping

VM Templates AMI GCP

images

Azure VM

images

b

b


Flavors map to instance types in native clouds

Cloud-Agnostic Infrastructure-as-Code

1

c

cMachine flavor

GCP Instance types

Compute

Engine10GB PD

1 1

AWS Instance

types

CPU,

MemoryAzure Instance

types



Configuration Management

Ansible Integration



Ansible Server

Playbook

Deployment

Cloud Assembly


Consume Puppet Roles with Puppet Enterprise Puppet Integration


Iterate > Release > RestoreIntegrated Version Control


“Pull” Blueprint Definitions ExternallySource Control with Source Control


Resource placement is intent-based and determined at provisioning time

Tags, Tags, Tags


Configures the

CAPABILITY TAGS

for the resources


Sets the

CONSTRAINT TAGS

in the blueprints


Determines resources by matching

CONSTRAINT TAGS

to CAPABILITY TAGS

at deployment

RESOURCES

DEPLOYMENT

BLUEPRINT

Cloud Zone

Project

Project Priority

Cloud Zone

Image mapping

Machine flavor

Network profile

Storage Profile




DemonstrationInfrastructure-as-Code


Simplify Automation through Action Based eXtensibility


Extensibility with Event Broker Service

REQUEST

Custom host naming

Create AD OU

Add admins to OUs

Add requester

Get IP Address from Infoblox

Install puppet agent

Install centrify

Config LVM

Cleanup

Archive the instance disk

Cloud service lifecycle

PENDING DEPLOYMENT

DESTROYED DEPLOYMENT

EXPIRED DEPLOYMENT

ACTIVE DEPLOYMENT

APPROVAL

ARCHIVERETIREMANAGEPROVISION

Pending Request

Approved Request

UPDATES

EVENT EVENT EVENT EVENT EVENT EVENT EVENT

Update CMDB

Event broker

Sample integrations )Invoke Action scripts

Invoke vRO workflows


Serverless code execution framework

Actions





Event Based

Catalog Request

(XaaS)

AWS Lambda

Azure Functions

OnPrem ABX


Cloud Assembly Integration with Event Based Extensibility

IT services and custom IT

operations (XaaS)• Storage as a service• Backup/recovery• Security/compliance• AD management tasks

Third-Party integration

• CMDB• DNS• IPAM• Load balancers• Service desk• Monitoring systems• Databases• Web services

Blueprint




XaaS

Pre

ProvisionPost

ProvisionNetwork

ConfigureRemovalAllocationReservation

Cloud Lifecycle Events


The picture can’t b

AWS Lambda Azure FunctionsOnPrem ABX vRealize Orchestrator

ABX Orchestrator Workflow

SubscriptionsEvent

Subscription

Event Subscription

Event Subscription

Event Subscription


Extensibility Providers

Extensibility

Provider

vRO InstancevRealize Orchestrator

Action Based

Extensibility

vRO Workflow

Azure Functions

vRO Instance

AWS Lambda

GCP Functions (tbc)

ABX OnPrem (beta)

Python / NodeJS

New Capability


Action FlowsCombine many serverless functions

Action Flows can be trigger based on an event subscription or standalone (ABX XaaS)

You can control of flow execution, using programming concepts (like forks, joins) and pass parameters between multiple actions.


Git Integration

Action Based eXtensibility Versioning

Cloud Assembly Visual Studio Code• Two way Git Integration

• Use existing IDE tools for development

• Iterative development and release

• Diff in Cloud Assembly or in Git


DemonstrationAction Based eXtensibility


Catalog and Policies through Service Broker


What is Service Broker

LIBRARYCurate a collection of ready to consume templates and services

POLICIESEnforce constraints for the templates, services and cloud resources

PORTALConsume cloud services with a single click through a self-service portal

BROKERMake 3rd party services available for developers

Service Broker

• Self-service, single click consumption experience with governance

• Aggregation

• Service brokering

• Out of the box templates


Central Governance for Distinct Services

Aggregated catalog of services across cloud platforms

• Single click consumption of Code Assembly templates, AWS CFTs,

ARM templates, Helm charts

• Catalog of existing services that can be consumed

Policy based governance

• Access, lease, approval, cost policies for catalog items

• Day 2 management of deployments with access constraints

Extensibility

• Publish any vRealize Orchestrator

workflow to catalog

VMware Cloud

Assembly Templates

AWS Cloud Formation

Templates

Azure Resource

Manager Templates

Kubernetes Helm Charts

Docker Images

VMware OVF

Templates

VMware vROWorkflows

Services across cloud platforms

Access

Constraints

Lease

Approval

Naming

Resource

Cost

VMware vRA Blueprints

VmwareCode Stream

Pipeline Executions

TEMPLATES & SERVICES POLICIESCONTROLLED

CONSUMPTION OF CLOUD SERVICES

Clo

ud

A

sse

mb

ly

Se

rvic

e

Bro

ke

r

Compose

Application Template

Individual

(isolated) consumption

Co

de

S

tre

am

Automated

CD pipeline

Power Sched

Tagging


Enable consumption of versioned blueprints

Publishing Versioned Blueprints to Catalog

SERVICE BROKER

CATALOG ADMINISTRATIONCLOUD ASSEMBLY

BLUEPRINTSERVICE BROKER

STOREFRONT

Multi-tier app with isolated network

VMware

Canonical is the commercial sponsor of Ubuntu, the leading open-source platform for cloud, personal computing and next-generation devices. Ubuntu delivers reliability, performance and interoperability to cloud and scale-out environments. Together with our partners, we ensure that Ubuntu runs reliably on every platform from the PC and the smartphone to the server and, crucially, the cloud.

V Request Details

Deployment name _________________________________________

Description _________________________________________

Project _________________________________________

Size _________________________________________

Network _________________________________________

Storage tier _________________________________________

Request Summary

REQUEST

v4

v3

v2

RELEASED

RELEASED

RELEASE

v1RELEASED

v4

v1

v3

Content

v4

v4

v3

v1

Request Form

Forms auto-created, can

be further updated for each version

Cloud Assembly

Multi-tier app with isolated network

SUSE Linux Enterprise Server 15

REQUEST


Content Sources

Lease

Resource

Cost

Power schedule Approval

Naming

Tagging

Notification

Catalog Items

START

STOP

SCALE OUT

Cloud

AssemblyAzure

ARM*AWS CFT K8s*

+GOVERNANCE POLICIES

vRO Pivotal*

* Indicate Templates and Services that are Coming Soon


DemonstrationCatalog


Native Cloud Integrations


Rich support of IaaS and PaaS servicesCloud Specific Provisioning












EC2 EBS S3 ROUTE 53 REDSHIFT RDS LAMBDA KMS KINESIS IAM EMR

INSTANCE DISK


AWS

AZURE

GCP

VM DISK STORAGE SQL SEARCH REDIS DNS APP TRAFFIC KEY FUNCTIONS

STORAGE BIG QUERY

CLOUD SQL

DNS APP ENGINE

* * * * *


Embrace and integrate with Terraform

Terraform Integration

Cloud Assembly building blocks based on Terraform resource types

Cloud Assembly

EC2 EBS

RDS LAMBDA

VM DISK

REDIS DNS

Terraform

resource types

Terraform plugin for Cloud API

SOURCE CODE REPOSITORY

Terraform

templates

Use Cloud API from

Terraform

Compute NetworkStorage

CLOUD API

Terraform plugin for Catalog Items

SOURCE CODE REPOSITORY

Terraform

templates

Use Service Broker

catalog items from Terraform

CATALOG API

USE TERRAFORM TEMPLATES*USE BLUEPRINTS*Roadmap


DemonstrationNative Public Integrations


Extensible Pipelines through Code Stream


Application Delivery Lifecycle Has Evolved

Source CodeSource Control

CI Server

Artifact Repository

Production

UAT

Development

Monitor

Rollback

Analyze

1

2

3

4

5

6

9

8

7

Continuous Integration Continuous Delivery Continuous Monitoring


Two Key Types of Pipelines – Infrastructure and Apps

Infrastructure Pipelines

• Separate Git for each Environment

• Plan, Check, Update Deployments

• Integrate with Blueprints, K8s

Application Pipelines

• Separate Build and Deployment pipelines

• Deployments through Blueprints, K8s

• One image update at a time

Build Create Image

Dev & Test

Deploy UAT E2E Tests Approval Update

Prod

App

Plan Changes

Save Changes Approval

Check for

changes

Create /Update

Dep.

Monitor, Rollback Notify

Infra

1

2


locust.io

Pipeline integrations

Code Stream – Tito Application

VMware

Codestream

VMware

Cloud Assembly

Git trigger


Blueprint


UI TestDeploy to

any Cloud



Load Test

Slack

cypress.io

VMware

Wavefront


Threat

Detection


Performance

Analysis

The picture can’t be displayed.VMware

Secure State


Amazon

Route53


Blue Green

Failover


DemonstrationCode Steam


Cost and Compliance with CloudHealth


Cost information at multiple levels

Cost Visibility

PROJECTS

ORGANIZATION

Cloud Admin

DEPLOYMENTS

Display costing at a deployment, resource, and project level

Calculate individual component costs for workloads

PROJECT LEVEL AGGREGATED COST

DEPLOYMENT LEVEL COST

COMPONENT COST

Roadmap

Real cost information with advanced reports and drill-down for public clouds

*


Visibility

Perspectives

• Group by line of business for chargeback or showback

Dashboards and

reporting

• Graphical, tabular, multi-dimensional

• Across multiple clouds, on-prem, and containers

Integrations

• Enhance the tooling you already use

• Connect Datadog, New Relic, Puppet, Slack, JIRA, and more

CloudHealth Features

Reserved instance

management

• Plan, buy, manage Standard and Convertible RIs

Cost manageme

nt

• Cost savings recommendations

• Amortization, budgeting, forecasting

Governance

Rightsizing

• EC2, EBS, VM, SQL rightsizing across CPU, memory, network, disk

Security

• Manage compliance to policies such as CIS

• Automatically get alerted of security risks

Policies

• Set and ensure policies throughout a distributed organization

Automated Actions

• Take automated actions such as start, stop, delete assets

Optimization

#vFORUMAU#vFORUMAU

5

Thank You!

#vFORUMAU

Join the conversation

#vFORUMAU @VMwareAU

Documents

Delivering Multi-Cloud Platform with vRealize Automation 8...§ Infrastructure-as-Code for multi-cloud deployments ... • Single click consumption of Code Assembly templates, AWS