Virtualization solutions to optimize performance, improve availability, and reduce complexity

F5 and VMware Solution Guide

Features Increased VM density by up to

60 percent

Free up server resources to by offloading CPU-intensive operations.

Long distance vMotion

Enable fully automated long distance vMotion and Storage vMotion between data centers.

Load balancing and traffic management

Provide advanced load balancing and traffic management for virtual servers.

Integration with vCenter Server

Respond to infrastructure changes with VMware and F5 integration.

Integration with SRM for global traffic management

React quickly to SRM events by redirecting application traffic to the failover site.

Improved manageability

Simplify the management of application networking devices with the F5 Management Plug-In for VMware vSphere.

>> >>

>>

>>

>>

>>

The benefits of virtualization with VMware are clear. However many organizations

continue to expect more from their virtualization initiatives, including:

· Tighter server consolidation

· Simplified management

· Higher application performance

· Increased network agility

· Greater operational efficiency and automation

· Greater virtual desktop security

· Improved virtual desktop user experience

The combination of F5 and VMware unlocks new opportunities to meet these demands.

Unlock the power of virtualization with F5 and VMware solutions

· vSphere

· vCenter Server

· vCenter AppSpeed

· vCenter Site Recovery Manager

· VMware View

· F5 BIG-IP® Local Traffic Manager™ (LTM)

· F5 BIG-IP® Local Traffic Manager™ Virtual Edition (LTM VE)

· F5 BIG-IP® Global Traffic Manager™ (GTM)

· F5 BIG-IP® Optimization Module™ (WOM)

· F5 ARX® File Virtualization Solution

F5 and VMware have worked closely to integrate solutions, such as:

Data Center EfficiencyReduce hardware, power, and facility costs

THE CHALLENGE

One of the most compelling advantages of virtualization is building greater efficiency.

Within data centers of all sizes, server consolidation delivers reductions in physical server

infrastructure and power consumption. Organizations commonly see consolidation rates

of 10 times or more. But what if it were possible to increase your consolidation rates

even further? Certain computational transactions like SSL are more efficiently performed

in ASICs than general-purpose CPUs. This opens the door to even greater server

consolidation rates, often up to 60 percent greater than server virtualization alone.

But consolidation will only get you so far in meeting the growing expectations of your

IT organization. There are also more and more demands on your applications that

affect performance and availability. However, it is possible to simultaneously improve the

performance and availability of your virtualized applications even while consolidating your

servers. Optimizing application traffic using techniques like load balancing, acceleration,

transformation, rate shaping, and connection persistence can yield great improvements

in application performance and availability.

Organizations often face new VMDK (Virtual Machine Disk Format) storage challenges

as they move forward with their virtualization initiatives. As a result, file management

becomes more complex, storage bottlenecks appear, and storage costs increase.

Key benefits · Improve server consolidation by offloading

CPU-intensive tasks from the servers

· Increase performance and availability by optimizing application traffic

· Optimize file storage infrastructure and reduce costs

THE SOLUTION

BIG-IP Local Traffic Manager optimizes connections, routes traffic, and balances loads

across virtual machines (VMs), offloading many of the functions that create CPU and

memory strain. Offloading these functions to a purpose-built appliance can free up to

40 percent1 of server CPU and memory resources, creating a 60 percent increase in

VM guest density on the same host. This enables servers to operate more efficiently and

frees up server capacity.

Availability gains from BIG-IP LTM apply equally well to virtual servers. They include:

· Application acceleration up to 3X

· Improved security for applications and data

· Reduced bandwidth usage

· Full control of traffic to handle changing business, infrastructure, and application demands

Organizations can address their virtualization storage challenges by taking advantage of

intelligent file virtualization with the F5 ARX series. ARX abstracts the virtual file location

from the physical storage location. Enabling transparent and automated policy-based

allocation of files across different storage tiers.

1 F5 tests performed on Microsoft Exchange and vSphere 4 yielded a 40% reduction in CPU utilization from BIG-IP LTM, thus an equivalent 60% increase in VM guest density on the same host. See www.F5.com/vmware a detailed overview of the test plan and results.

BIG-IP LTM ARX

NFS

NFSF5 SOLUTION BENEFITS:- INCREASED SERVER CONSOLIDATION- IMPROVED PERFORMANCE & AVAILABILITY- OPTIMIZED VMDK FILE STORAGE

CLIENT

ESX SERVER

VMware ESX

VM VM VMVM

ESX SERVER

VMware ESX

VM VM VMVM

ESX SERVER

VMware ESX

VM VM VMVM

Long Distance vMotionLinking data centers across the city or thousands of miles apart

THE CHALLENGE

VMware vMotion enables users to move an entire running virtual machine from one

server to another and with VMware Storage vMotion, you can migrate VMDK files

across storage arrays. However, getting reliable and rapid performance of vMotion

and Storage vMotion events typically requires their movement to be restricted within

a single local vCenter Server cluster and a single layer 2 broadcast domain. Their

performance is naturally sensitive to poor network conditions like latency and packet loss,

which historically prevented long distance vMotion events. Furthermore the cost and

complexity of encrypting vMotion traffic over the WAN adds to the difficulty.

Key benefits · Application migration between

data centers

· Disaster avoidance

· Capacity expansion

THE SOLUTION

F5 and VMware have developed a complete solution for running vMotion and Storage

vMotion events together, between vSphere environments and over long distances.

The solution components enable vMotion migration between data centers without

downtime or user disruption. Key solution components include:

· Encryption and compression of vMotion traffic between sites using BIG-IP LTM iSessions feature

· Byte-level data deduplication of vMotion traffic between sites using BIG-IP WAN Optimization Module

· Client traffic management with BIG-IP LTM to direct user traffic to the correct VM

· Data center traffic management with BIG-IP GTM

One example is a Windows Server guest vMotion event across a 622 Mbps link with

40 milliseconds of round-trip time and zero packet loss, which would normally take more

than five minutes to complete. With BIG-IP WAN Optimization Module it takes less than

30 seconds. The worse the WAN conditions, the greater the potential improvement.

And when the vMotion event acceleration is combined with dynamic global and traffic

management, newly migrated VMs are recognized quickly, without disrupting existing

user sessions.

VMware ESX

VM VM VMVM

BIG-IP LTM

VSPHERE

STORAGE

CLIENT

VM VMVM

VM VMVM

DATA CENTER 1 DATA CENTER 2

VMware ESX

VM VM VMVM

BIG-IP LTM

BIG-IP GTM

VSPHERE

STORAGE

WAN OPTIMIZATION

VMOTION

VMOTION

Data Center AutomationAutomate your Application Delivery Network

THE CHALLENGE

Unexpected traffic spikes can wreak havoc on application availability. Yet providing server

capacity to cover all conceivable scenarios is simply too expensive. Fortunately vSphere

simplifies provisioning new VMs on demand. In order for these newly provisioned virtual

machines to properly integrate into the application network and assist in improving

availability, the network must typically be manually adjusted. This function is not handled

by virtualization solutions, and as a result it can take IT staff additional time to respond.

In addition, as the number of virtual machines increases, so can the amount of

time required to manage them. IT staff are often required to perform routine network

management and maintenance tasks that could otherwise be automated.

Key benefits · Improve network responsiveness to

the virtualized applications

· Reduce management complexity in the virtualized environment

· Improve IT staff efficiency with automation

· Minimize manual configuration errors

THE SOLUTION

F5 solutions greatly simplify network deployment, management, and maintenance tasks

through automation. Specifically, BIG-IP LTM integrates with vCenter via the F5 iControl®

API to receive instructions that enable it to adjust network traffic in response to changing

application conditions.

When new virtual machines are provisioned by vCenter, BIG-IP LTM can automatically add

those new servers to its load balancing pool and can direct traffic to them. BIG-IP LTM

waits until the VMs are responsive before sending traffic. At the same time, BIG-IP GTM

knows when virtual machines or entire data centers are overloaded or unavailable and

reroutes traffic accordingly. BIG-IP LTM and GTM can respond to fluctuating traffic

without the need for manual intervention.

Similarly, BIG-IP LTM can identify and distinguish between different “classes” of users.

For example, requests from high-priority users can be served up from a higher

performance VM pool. This and other similar functions maximize the performance and

availability of physical and virtual application resources.

iCONTROL API

STORAGE VIRTUALIZATION

ARX

MONITORING &MANAGEMENT

BIG-IP LTM

NFS NFS NFS

APP SERVER APP SERVER APP SERVER

APP SERVER VIRTUALIZATION

CLIENTS CLIENTS

VMware ESX

VM VM VMVM

VMware ESX

VM VM VMVM

VMware ESX

VM VM VMVM

VMWARE VCENTERSERVER

ARX4000

Business ContinuityProtect your business and minimize application downtime

THE CHALLENGE

Businesses cannot afford to be without their core applications and web-based services.

In traditional IT environments, it is difficult to move an application from one data center

to another or even from one server to another. To compensate, many companies install

more hardware, which also increases the cost.

Virtualization dramatically improves failover and disaster recovery (DR) capabilities by

making packaged application files easy to clone, migrate, and reboot. Solutions like

VMware vCenter Site Recovery Manager (SRM) further simplify the process of planning,

testing, and recovering a single application or an entire virtualized infrastructure. Despite

the automation of SRM, the DNS server must be manually configured to re-route

incoming traffic to the new site. It is difficult to fully automate the process, and can result

in delays and mistakes during failover.

Because application traffic must be redirected in after DR events, many organizations rely

on IT staff to manually implement the steps contained in their pre-defined DR run books.

Under stress, such as in a true DR scenario, any manual process can be subject to error.

Key benefits

· Load balance across data centers

· Maximize application availability and minimize the impact of downtime

· Increase the speed of large data transfers over the WAN

CLIENT

APPLICATION DELIVERYSYNCHRONIZATION

VM REPLICATION

DATA REPLICATION

ROUTER

BIG-IP LTM

ROUTER

BIG-IP LTM

VMWAREVCENTER SITE

RECOVERYMANAGER

BIG-IP GTMBIG-IP GTM

BIG-IP LTM SUPPORTS DISASTER RECOVERY - AT THE DATA CENTER LEVEL- AT THE SERVER LEVEL- AT THE VIRTUAL MACHINE LEVEL

SITE 1 (PRIMARY) SITE 2 (BACK-UP)

VMware ESX

VM VM VMVM

VMware ESX

VM VM VMVM VMWAREVCENTER SITE

RECOVERYMANAGER

VMware ESX

VM VM VMVM

VMware ESX

VM VM VMVM

THE SOLUTION

F5 BIG-IP Global Traffic Manager offers holistic control of global traffic to ensure

maximum availability and performance of applications running across multiple data

centers. It reacts based on predefined business policies and varying infrastructure

conditions.

The integration of BIG-IP GTM and VMware SRM provides a complete solution for

automated disaster recovery between two data centers, or to the cloud. In the event

of disaster, SRM automatically orchestrates the failover of VM guests and virtual

infrastructure between the two sites, while BIG-IP GTM redirects all incoming client

application traffic to the secondary site. BIG-IP GTM and SRM are easily integrated via

the F5 iControl API.

Because BIG-IP GTM sits in both the source and target sites, failover can happen

automatically even if one device suddenly disappears. Furthermore, while waiting for

suspended VMs to come online, BIG-IP GTM can respond back to clients with a

custom HTML page.

In addition, F5 BIG-IP WAN Optimization Module improves the transfer of data over

the WAN during a failover. This module enables large volumes of data to be transferred

from a source to a target data center quickly using compression and deduplication.

BIG-IP WAN Optimization Module encrypts traffic before transmission and decreases

bandwidth requirements.

Virtual DesktopsProvide a consistent, secure user experience with high application availability

THE CHALLENGE

Over recent years, many organizations have elected to replace their desktop PCs with

simple client terminals and give users access to centrally stored applications and services

over the LAN or WAN. In addition to the hardware cost savings, virtual desktop solutions

such as VMware View are easier and more cost-effective to manage and secure.

For such a solution to succeed however, users expect the same performance from virtual

desktops as physical desktops. In addition, scaling the centralized connection servers can

be expensive. Finally, organizations need to ensure that the connections are secure, but

without sacrificing simplicity of the user’s access and authentication experience.

Key benefits

· Simplify secure access with single sign-on

· Deliver a high performance virtual desktop experience to users

· Reduce the cost for large deployments by minimizing the number of servers required

· Ensure network and application security

VCENTER SERVER

VIRTUAL DESKTOPS

ACTIVE DIRECTORY

VDM CONNECTIONSERVERS

REMOTE CLIENT

CLIENT

LOCAL CLIENT

BIG-IP LTM

DMZ

BIG-IP EDGE GATEWAY

BRANCH OFFICE

VMware ESX

VM VM VMVM

THE SOLUTION

F5 BIG-IP LTM delivers load balancing, health monitoring, rate shaping, and server

resource offloading for the virtual desktop connection servers. This provides high

performance SSL termination and compression, and improves the overall solution’s

scalability.

Additionally F5 BIG-IP Edge Gateway addresses security challenges by enabling secure

remote access using high speed SSL everywhere and integration with authentication and

directory services. Unlike many SSL VPN solutions, F5 can securely transport the PCoIP

protocol without degrading its performance. Finally, BIG-IP Edge Gateway streamlines

the authentication process into a single quick and easy step for users by ensuring high

endpoint security prior to login.

Application VirtualizationEnsure high performance for applications

THE CHALLENGE

Enterprise applications, such as Microsoft Exchange, OCS, SharePoint, SAP, and Oracle

are critical for day-to-day operations. But they can also be a source of inefficiency. In

traditional IT environments, these applications can require vast numbers of servers, not all

of which are fully utilized.

Virtualization can reduce some of this inefficiency through server consolidation, but

virtualization technologies are primarily focused on the hardware and operating system

layers—not the applications layer. Therefore, when organizations decide to pursue a

virtualization strategy, they need to take steps to ensure that the new environment does

not adversely impact application performance.

Key benefits

· Reduce the risks associated with implementing an application virtualization strategy

· Minimize hardware and power costs by maximizing the density of virtual machines

· Optimize performance and application availability for users

· Maximize the return on investment of a virtualization strategy

DATABASE

HIGH PERFORMANCEWEB ACCELERATION

SERVERS

BIG-IP LTM+

WEBACCELERATORMODULE

BIG-IP GTMPRE-DEFINED APPLICATION CONFIGURATION OPTIONS- SHAREPOINT- EXCHANGE- SAP- ORACLE- IIS- VMWARE VIEW- ETC.

BIG-IP LTM REDUCES CPU AND MEMORY LOAD ON THE HOST SERVERS BY OFFLOADING NETWORK-RELATEDPROCESSES

PERFORMANCE

THE SOLUTION

F5 minimizes application-specific network risks when moving to a virtualized platform

by providing solutions that are optimized for specific applications and accompanied by

comprehensive, predefined profiles within BIG-IP devices. Often deployed in traditional IT

infrastructures, these predefined profiles are just as beneficial in virtualized environments.

Use of these application templates can lead to a 90 percent reduction in manual user

inputs, thereby reducing configuration time and data-entry errors. One of the predefined

application profiles provided in BIG-IP LTM is a VMware View (virtual desktop) profile.

Providing a best-practice configuration model, this template incorporates experience in

designing optimal VMware View systems and dramatically simplifies installation.

Additionally, organizations that rely heavily on web-based applications can take

advantage of F5 BIG-IP® WebAccelerator.™ BIG-IP WebAccelerator speeds up access

and decreases web page load time. It also drastically reduces the CPU load on web

application servers in virtualized environments through a combination of intelligent

caching, connection pipelining, and exploitation of browser behavior.

Cloud ComputingDeliver reliable web-based services

THE CHALLENGE

Cloud computing presents a significant opportunity for increased data center agility

and cost savings. Along with the vSphere platform, VMware vCloud Director simplifies

the process for cloud providers or large IT organizations to offer self-service cloud

computing. However there are fundamental challenges to ensuring that these

cloud services offer the same security, availability, and performance as traditional

on-premise computing.

Key benefits

· Keep control over authentication locally while running applications in the cloud

· Ensure consistently high security, performance, and availability for virtual infrastructure

· Deliver added network capacity on demand

· Improve WAN performance between data centers

BIG-IP GTMBIG-IP ASM

BIG-IP LTM

BIG-IP LTM

ROUTER

LAN

CLIENTS CLIENTS CLIENTS CLIENTS

EXTERNAL THIRD-PARTY CLOUDINTERNAL CLOUD

CLOUD BURSTING AND MIGRATION CAPABILITIES

ON-PREMISE COMPUTERS

THE SOLUTION

F5 provides a number of solutions that enable organizations to leverage public or

private cloud solutions from VMware easily, securely, and with maximum application

performance and availability.

BIG-IP GTM is used to direct traffic between multiple data centers in cases where

the application may be running in more than one location at times (for example,

cloud bursting).

BIG-IP LTM enables organizations to retain authentication and authorization locally,

when running applications in the cloud, by redirecting incoming authentication requests

to the home data center.

BIG-IP LTM Virtual Edition enables clouds to provide full BIG-IP LTM services as virtual

machines, which can be provisioned and configured on-demand.

BIG-IP® Application Security Manager™ can provide application firewall security to a

wide variety of applications running in the cloud.

Improved ManageabilityIntegrate BIG-IP with the VMware vSphere Client

THE CHALLENGE

VMware vCenter Server provides a powerful central point of control for virtualization

management. Many organizations are seeking to use the associated vSphere Client

as a single management control point for virtual machines. They need to reduce

administration complexity and provide basic task automation. This enables their

administrators to be more productive and efficient.

Key benefits

· Streamline common networking tasks

· Eliminate manual synchronization between consoles

· Simplify BIG-IP LTM configuration for new VMs

VSPHERECLIENT

BIG-IP MANAGEMENT

CONSOLE

BIG-IP LTM

VMware ESX

VM VM VMVM

VCENTERSERVER

PLUG-INLINUX

THE SOLUTION

The F5 Management Plug-In for VMware vSphere allows virtualization administrators

to more easily manage their BIG-IP Application Delivery Networking policies as they

relate to VMware-virtualized applications. The F5 Management Plug-In for VMware

vSphere eliminates manual synchronization of information between BIG-IP devices

and the vSphere consoles. It also helps automate common networking tasks involved

in routine VM maintenance and administration. Finally it can automatically apply

Application Delivery Networking policies to newly provisioned VMs, and ease the

process of de-provisioning VMs. Overall, these features simplify and automate many

of the networking tasks common to VMs, thereby improving the agility of the

overall infrastructure.

F5 Solutions for Virtualized Environments

Maximize the benefits of virtualization with F5 solutions

BIG-IP LOCAL TRAFFIC MANAGER (LTM)

· Balances traffic to virtual servers and from virtual desktops

· Offloads processing-intensive activities like SSL termination, caching, or compression to reduce the strain on virtual machines and increase their capacity

· Includes a suite of security services that bolster network and application security

· Offers industry-leading layer 7 intelligence and many automated features for easier management

BIG-IP LOCAL TRAFFIC MANAGER Virtual Edition (LTM VE)

· Provides full feature parity with physical BIG-IP LTM appliances

· Available in trial, developer, or production editions

· Runs on any server compatible with VMware ESX or ESXi

BIG-IP GLOBAL TRAFFIC MANAGER (GTM)

· Directs traffic intelligently among virtual machines located at multiple data centers

· Redirects traffic automatically in the event of a disaster at one data center

· Provides a single framework for managing all application services across multiple sites

· Routes global traffic to the closest and most logical global data center to maximize performance and availability

BIG-IP EDGE GATEWAY

· Enables single sign-on for users

· Securely manages PCoIP connections while maintaining the protocol’s native high performance

· Integrates with authentication and directory services

BIG-IP WAN OPTIMIZATION MODULE

· Accelerates the transfer of files and speeds up data replication between data centers

· Reduces bandwidth usage by compressing and caching files

· Expands WAN capacity to improve application throughput

· Provides configurable site-to-site encryption using SSL

ARX SERIES

· Provides a single storage solution for virtualized environments

· Provisions new storage for virtualized environments quickly and easily

· Removes the need to pre-allocate large amounts of storage and distributes virtual machine files across multiple physical devices

· Enables non-disruptive data migrations, automated storage tiering, and optimal backup

Learn more about F5 and VMware virtualization solutionsFor more information on the following topics, browse through the materials below or

visit the VMware page on f5.com.

Data Center Efficiency:

· Product Overview: BIG-IP Local Traffic Manager

Long Distance vMotion:

· White Paper: “Connecting to the Cloud with F5 BIG-IP Solutions and VMware vMotion”

Data Center Automation:

· Deployment Guide: Deploying F5 Automated Network Provisioning for VMware Infrastructure

Business Continuity:

· Solution Brief: Automated DR Traffic Management with VMware SRM and F5 BIG-IP

Virtual Desktops:

· Solution Brief: F5 and VMware Virtual Desktop Infrastructure

Application Virtualization:

· White Paper: Application Ready Solution Templates

Cloud Computing:

· White Paper: Global Distributed Service in the Cloud with F5 and VMware

Management Integration:

· Solution Overview: F5 Management Plug-In for VMware vSphere

For more information about F5 and VMware solutions, please refer to: www.f5.com/vmware

“ VMware vSphere and VMware vCenter Server help

customers respond rapidly and easily to application

demands. F5 solutions extend this agility to the

network to enable consistency in application state

throughout the data center and in private clouds, for

faster responses with less manual intervention.”

Shekar Ayyar, VP, Infrastructure Alliances, VMware

F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 www.f5.com