vSphere 6.5
Torino, 17 aprile 2018
Torino 18 aprile 2018
About me
Pietro CiotolaIngegnere Informatico
Dal 2008 Trainer ufficiale VMware (VCI)
VCIX6-DCV (Implementation Expert)
Linkedin : https://www.linkedin.com/in/pietroc/
Torino 18 aprile 2018
Agenda
• vSphere Client
• vCenter Server
• Storage
• Network I/O control 4
• Encryption
• DRS and HA cool stuff
• VMware AWS Integration
• Hyper-Converged Infrastructure
vSphere Client
Torino 18 aprile 2018
vSphere Client for Windows
• vSphere Client for
Windows is not available
in vSphere 6.5 because
it scaled poorly and it
supported only
Windows.
• vSphere Web Client has
all the functionality of
vSphere Client for
Windows.
Torino 18 aprile 2018
Host Client
• With VMware Host
Client, no dedicated
installation-time
configuration is
needed.
• VMware Host Client
is served from ESXi
6.5:
https://your_ESXi_h
ost/ui
Torino 18 aprile 2018
vSphere Web Client
• vSphere Web Client has the following components:
– Adobe Flex client application running in a browser
– Java server embedded in vCenter Server Appliance 6.5
• No dedicated installation-time configuration is needed.
• Client Integration plug-in is not required.
Torino 18 aprile 2018
vSphere Client
• HTML5-based vSphere Client has no dependency on
installing Adobe Flex.
• You access vSphere Client from vCenter Server
Appliance at https://your_vCenter_Server_Appliance/ui.
vCenter Server
Torino 18 aprile 2018
vCenter Server Management Platform
vSphere vSphere vSphere
vCenter Server
Manage
Torino 18 aprile 2018
vCenter Server Appliance Architecture
vSphere Clients
ESXi Host Hosting vCenter Server
Appliance Systems
Photon OS
vCenter Server Application
vCenter Server Database
Embedded
vCenter Server Appliance Systems
Managed Hosts and
Guests
Photon OS
Platform Services Controller
Torino 18 aprile 2018
Platform Services Controller
• vCenter Server includes Platform Services Controller:– Platform Services Controller includes a set of common infrastructure
services:• VMware vCenter® Single Sign-On• VMware License Server• Lookup Service• VMware Certificate Authority• Certificate Store• VMware Directory Services
– Other features are installed under the vCenter Server component.– You can install vCenter Server and Platform Services Controller on the
same or different machines.
vCenter Server
Platform Services Controller
Torino 9 febbraio 2017
Torino 18 aprile 2018
vCenter Server Services
• The vCenter Server group of services contains:– vCenter Server– vSphere Web Client (server)– VMware Inventory Service– vSphere Update Manager– VMware vSphere® Auto Deploy™– VMware vSphere® ESXi™ Dump Collector– VMware vSphere® Syslog Collector
• You cannot distribute these vCenter Server functions across multiple servers. When you deploy vCenter Server Appliance, all of these features are included.
Platform Services Controller
vCenter Server
Torino 9 febbraio 2017
Torino 18 aprile 2018
vCenter Server Deployment Options
• vCenter Server Appliance is functionally equivalent to vCenter Server installed on a Windows server:– vCenter Server Appliance can be
configured in the following ways:• As an embedded system with an internal
Platform Services Controller instance
• As a distributed system with an external Platform Services Controller instance
• vCenter Server Appliance supports Enhanced Linked Mode.
vCenter Server AppliancePlatform Services
Controller
vCenter Server Appliance
vCenter Server
WindowsvCenter Server
vCenter Server
vCenter Server
Platform Services Controller
vCenter Server Appliance
Torino 18 aprile 2018
vCenter Server APIs
• vSphere 6.5 includes a developer and automation-friendly REST-
based API and interfaces that simplify automation and development.
REST API
vCenterServer
SDKsAutomation
ToolingREST-
Based Tools
• REST API for VM management
• Simplified and modern API design
• Enables easy access to automation from standard tooling
• Designed with automation and DevOps in mind
• Full featured SDKs, CLI, and workflow access
Overview
Key use case: VM automation, development, and vCenter Server Appliance services health checkBenefits:• Reduces API development complexity and time
• Access through modern automation and development processes for consistency and repeatability
• Simplified API model
• Single point of access for all API samples
Benefits
Docs
Torino 18 aprile 2018
VMware vCenter Server® 6.5 new features
• The installer has been overhauled, resulting in a new, modernlook and feel. It is now supported on Microsoft Windows, macOS, and Linux without the need for any plug-ins.
• With vSphere 6.5, the VMware vCenter Server Appliance™ has surpassed the Windows installable version. It offers the following exclusive features:
– Migration Tool
– Improved appliance management
– Native high availability
– Native backup and restore
Torino 18 aprile 2018
vCenter Server Appliance Native UI Installer
• With vSphere 6.5, a native application has been
developed to facilitate the deployment of vCenter Server
Appliance 6.5
Torino 18 aprile 2018Torino 9 febbraio 2017
Torino 18 aprile 2018
vCenter Server Appliance Management UI
• To back up or
restore vCenter
Server Appliance,
you must connect
to the Appliance
Management
interface at
https://FQDN_or_I
P_address:5480.
Torino 18 aprile 2018
Appliance Management
In addition to CPU and memory statistics, it nowshows network and database statistics, disk space usage,and healthdata.
This reduces reliance on a command-line interfacefor simple monitoring and operational tasks.
Torino 18 aprile 2018
Native vCenter Server Backup and Restore• Removes dependency on third-
party backup solutions
• Restores a vCenter Server instance to a brand new appliance
• Supports backup or restore of vCenter Server Appliance and Platform Services Controller
• Includes embedded and external deployments
• Supports protocols, including:
• HTTP/S
• SCP
• FTP/S
• Includes option for encryption
• Restores directly from the vCenter Server Appliance ISO
Torino 18 aprile 2018
vCenter Server High Availability
This solutionconsists of active, passive, and witness nodes thatare cloned from the existing vCenterServer instance.
The vCenter HA cluster can be enabled, disabled, or destroyed at anytime.
Storage
Storage Protocol Overview
Storage ProtocolBoot from SAN
SupportvSphere vMotion
SupportvSphere HA
SupportvSphere DRS
Support
Raw Device MappingSupport
Fibre Channel ● ● ● ● ●
FCoE ● ● ● ● ●
iSCSI ● ● ● ● ●
NFS ● ● ●
DAS ● ●
Virtual Volumes ● ● ●
vSAN ● ● ●
Torino 18 aprile 2018
About VMFS6• VMFS6:
– Allows concurrent access to shared storage.
– Can be dynamically expanded.
– Uses 1 MB sizes that are good for storing large virtual disk files.
– Uses subblock addressing that is good for storing small files: the subblock size is 8 KB.
– Provides on-disk locking.
HostHost
VMFS Datastore
Torino 18 aprile 2018
Automated UNMAP
• UNMAP is a vSphere Storage APIs primitive that enables reclamation of dead or stranded space on thinly provisioned VMFS volumes.
• In vSphere 6.0, this can be initiated by running a simple ESXCLI command that can free up deleted blocks from storage. vSphere 6.5 automates the UNMAP process by which VMFS tracks the deletedblocks and reclaims deleted space from the backend array in background.
• This background operation ensures a minimal storage I/O impact due to UNMAP operations. UNMAP works at a guest OS level with newerversions of Windows and Linux.
Torino 18 aprile 2018
LUN Scalability
• In vSphere 6 the maximum number of LUNs is 256 and
paths is 1,024
• vSphere 6.5 now supports up to 512 LUNs and 2,000
paths
Network Scalability and Network I/O Control
Torino 18 aprile 2018
About Distributed Switches
• A distributed switch functions as a single virtual switch across all associated hosts.
• Distributed switches have several benefits over standard switches:– They simplify data center administration.
– They enable networking statistics and policies to migrate with virtual machines during a VMware vSphere® vMotion® migration.
Standard SwitchesDistributed Switches
Torino 18 aprile 2018
vCenter Server
Distributed Switch Architecture
Host 1 Host 2
VirtualPhysicalPhysical NICs
(Uplinks)
Distributed Ports and Port Groups Distributed Switch
(Control Plane)UplinkPort Group
Hidden Virtual Switches(I/O Plane)
Management Port
Management Port
vSphere vMotion Port
vSphere vMotion Port
Torino 18 aprile 2018
About Network I/O Control Version 3
• Network I/O Control version 3 can be used to allocate network bandwidth to business-critical applications and to resolve situations where several types of traffic compete for common resources.
• Network I/O Control version 3 allocates network bandwidth over distributed switches by using network resource pools for virtual machine and system traffic.
Mgmt NFS iSCSI
vSpherevMotion
FaultTolerance
Distributed Switch
Distributed Port Group
10 GigE
Network Resource Pools
vSphereReplication
vSphereData
ProtectionBackup
Virtual SAN
Torino 18 aprile 2018
Network I/O Control Version 2 and Version 3
• vSphere 6.5 provides Network I/O Control version 3.
• Version 3 has the following features:
– Enables you to reserve bandwidth for system traffic and virtual machine traffic based on the capacity of the physical adapters on a host.
– Enables detailed resource control at the virtual machine network adapter level, similar to the model that you use for allocating CPU and memory resources:
• Shares, reservations, and limits are used to control bandwidth.
Torino 18 aprile 2018
Bandwidth Allocation Model for System Traffic
You can use Network I/O Control version 3 on a distributed switch to configure bandwidth allocation for system traffic (such as management, vSphere vMotion migration, and virtual machines).
• Network I/O Control version 3 allocates bandwidth to each type of system traffic by using shares, reservations, and limits.
Bandwidth Parameter Description
Shares
The relative priority of a system traffic type against other system traffic types that are active on the same physical adapter. Use the following values to define the number of shares:• Low: 25• Normal: 50• High: 100• Custom: A user-defined value (1 to 100)
Reservations The minimum bandwidth, in Mbps, that must be guaranteed on a single physical adapter.
LimitThe maximum bandwidth, in Mbps or Gbps, that a system traffic type can consume on a single physical adapter.
Torino 18 aprile 2018
Bandwidth Admission Control in vSphere DRS
• Bandwidth admission control validates that the virtual machine reservation can be met.
• If the reservation cannot be met on the current host, then VMware vSphere® Distributed Resource Scheduler™ places the virtual machine on a host that has the capacity to guarantee the bandwidth reserved for the virtual machine.
Distributed Switch
ESXi Host1
VM2 VM1
Uplink 1 Gbps
VM Reservation:600 Mbps per Uplink
ESXi Host2Uplink 1 Gbps
VM Reservation:600 Mbps per Uplink
Reservation: 600 Mbps
VM3Reservation:600 Mbps
VM Network Traffic
Reservation: 600 Mbps
Reservation
cannot be met
Torino 18 aprile 2018
Bandwidth Admission Control in vSphere HA
• When a host fails, VMware vSphere® High Availability powers
on the failed virtual machines on another host in the cluster
according to the bandwidth reservation and teaming policy.
Distributed Switch
ESXi Host1
VM1
Uplink 1 Gbps VM Reservation:1200 Mbps
ESXi Host2Uplink 1 Gbps VM Reservation:
600 Mbps
VM Network Traffic
Reservation: 600 Mbps
VM1
vSphere Security Encryption
Torino 18 aprile 2018
Business Use Case: Securing Virtual MachinesThe Problem:• A large company has several vSphere and storage administrators.• The company must protect its confidential data.• The company must reduce the risk of someone easily downloading a VMDK
file, or even the entire virtual machine, to a removable storage device, and leaving the company with the data.
The Solution:• With virtual machine encryption, the company can secure confidential data on
a virtual machine disk so that the data is unreadable without a digital key used to encrypt the disk.
• The key is not readable in any file, but secured in an additional layer of encryption.
• The company grants only a limited number of people access to the key.
Torino 18 aprile 2018
About Virtual Machine Encryption
• vSphere 6.5 introduces virtual machine encryption, which provides the following functionality:
– Encryption:• Protection of virtual machine disks as well as metadata files, such as .vmx, .nvram, and .vswp• Multi-layer key protection
– Orchestration:• Simplified deployment using storage policies• Storage and guest operating system agnostic
– Key control:• Key management provided by key servers• Use of standardized KMIP standard• Nonpersistence of keys for added security
– Access control:• New role for administrators without cryptography permissions• Cryptographic tasks authorized only to administrators with appropriate permissions
Torino 18 aprile 2018
Advantages of Virtual Machine Encryption
• vSphere 6.5 virtual machine encryption has several
advantages over similar offerings in the market:
– Does not require in-guest agents
– Uniform methodology across all guest operating systems
– Protects all virtual machine data including swap files, not just virtual disk files
– Granular key control – virtual machines and disks can use different keys
– Easy orchestration through virtual machine storage policies
Torino 18 aprile 2018
Virtual Machine Encryption Architecture (1)
• When an ESXi host is running encrypted virtual machines, vCenter Server ensures that keys are available for any virtual machine on that host or cluster.
• vCenter Server communicates with a Key Management Server (KMS) and requests a key on behalf of the ESXi host:– A KMS is an external server that provides keys to services. The KMS is provided by a
third-party security vendor.
• vCenter Server uses the Key Management Interoperability Protocol (KMIP) to communicate with the KMS:– KMIP is an industry-standard language for the management of security keys.
Torino 18 aprile 2018
About the Key Management Server
• To prepare the environment for virtual machine encryption, you must set up the key management server.
• The key management server has the following characteristics:– Must be compatible with KMIP 1.1
– Provides key management service for KMIP clients, such as vCenter Server
– Can be configured with a KMIP proxy server
– Is accessed over IP
Torino 18 aprile 2018
Role of vCenter Server in Virtual Machine Encryption
• vCenter Server plays a very important role in virtual machine encryption:– Stores KMS credential information– Manages keys used for encryption
• Identifies keys by UUID• Retrieves keys from the KMS• Pushes keys to ESXi hosts when required
– Manages permissions– Implements and manages storage policies– Records events for auditing purposes
• vCenter Server Appliance itself cannot be encrypted.
Torino 18 aprile 2018
Who Manages Virtual Machine Encryption?• By default, the vCenter
Server Administrator role has cryptographic privileges.
• But not all administrators should be able to control encryption operations and have access to keys.
• vCenter Server provides a new role called No Cryptography Administrator, which allows you to control which administrators have encryption privileges.
ESXi
vCenterServer
3rd PartyKey Management Server
vSphere
VM Encryption
Virtual Machine Key
VM1VM2
✔✔
Security Adminmanages your KMS and keys.
A subset of vSphere Admins should manage encryption within vSphere.
Torino 18 aprile 2018
vCenter Server Role: No Cryptography Administrator• This role has most of the
same virtual machine privileges as Administrator.
• This role does not include the following privileges:– Cryptographic Operations
– Global.Diagnostics
– Host.Inventory.Add host to cluster
– Host.Inventory.Add standalone host
– Host.Local operations.Manage user groups
Torino 18 aprile 2018
Encrypting Virtual Machines
• To create an encrypted virtual machine, you need the following:– A registered KMS that can provide vCenter Server with keys– An ESXi 6.5 host– An encryption storage policy
• Use the built-in VM Encryption Policy.
Torino 18 aprile 2018
About Encrypted Core Dumps
• A core dump is a saved state of memory at the time of a system crash:– Used in debugging various types of system crashes
• Used by VMware Technical Support personnel when debugging crashes such as PSODs
– Can contain sensitive data, including keys used for virtual machine encryption
• VMkernel core dumps are stored in /var/core on the ESXi host.
• It is important to protect core dumps, even from VMware technical support personnel who are trying to help you debug your system crash.
• If you use virtual machine encryption, and if an error occurs on the ESXi host, then the resulting core dump is encrypted to protect customer data.
Torino 18 aprile 2018
How Core Dumps are Encrypted
• Core dumps are encrypted as follows:
1. Encrypted core dumps are wrapped in a digital envelope.
2. The envelope is encrypted with an internal key.
3. The internal key is protected by a host key.
• To open the envelope, you need
the host key, which is only
available on the host.
Torino 18 aprile 2018
vMotion inter vCenter Server Instances
ESXi
vCenterServer A
Network A
ESXi
vCenterServer B
vSphere vMotion Network
Enhanced LinkedMode
Network B
Torino 18 aprile 2018
VMkernel Networking Layer and TCP/IP Stacks
• The VMkernel networking layer provides connectivity to hosts and handles the standard system traffic of vSphere vMotion, IP storage, vSphere Fault Tolerance, vSAN, and others.
• You can also create VMkernel adapters on the source and target vSphere Replication hosts to isolate the replication data traffic.
• TCP/IP stacks at the VMkernel level:– Default TCP/IP stack– vSphere vMotion TCP/IP stack– Provisioning TCP/IP stack– Custom TCP/IP stacks
Torino 18 aprile 2018
vSphere vMotion TCP/IP Stacks
userworld
VMkernelUser
hostd PING DHCP
vSphere FT Virtual SAN NFS vSphere vMotion
Default TCP/IP
• Separate Memory Heap
• ARP Tables
• Routing Table
• Default Gateway
VMKTCP-API
vSphere vMotion TCP/IP
• Separate Memory Heap
• ARP Tables
• Routing Table
• Default Gateway
Torino 18 aprile 2018
Long-Distance vSphere vMotion Migration
• Long-distance vSphere vMotion migration is an extension of vSphere vMotion migration across vCenter Server instances. This migration is targeted at environments where vCenter Server systems are spread across large geographic distances and where the latency across sites is high.
• Use cases for long-distancevSphere vMotion migration: – Permanent migrations – Disaster avoidance– VMware Site Recovery Manager™ and
disaster avoidance testing– Multisite load balancing – Follow-the-Sun scenario support
Torino 18 aprile 2018
Networking Requirements for Long-Distance
vSphere vMotion Migration
• vSphere vMotion migrations between vCenter Server
instances must connect over layer 3 connections:
– Virtual machine network:
• L2 connection.
• Same virtual machine IP address available at destination.
• The round-trip time between the hosts can be up to 150 milliseconds.
– vSphere vMotion network:
• L3 connection.
• Secure (recommended if not using vSphere 6.5 encrypted vSphere vMotion)
• 250 Mbps per vSphere vMotion operation.
Torino 18 aprile 2018
About Encrypted vSphere vMotion• Encrypted vSphere vMotion secures confidentiality, integrity, and authenticity of data that is
transferred with vSphere vMotion.
• Encrypted vSphere vMotion supports all variants of vSphere vMotion for unencrypted virtual machines, including migration across vCenter Server systems.
generates
vCenter Server
Encrypted
vMotion Network
Migrate Spec:(including)
Encryption Key;Nonce;
Torino 18 aprile 2018
Enabling Encrypted vSphere vMotion
• Starting with vSphere 6.5, Sphere vMotion always uses encryption when migrating encrypted virtual machines.
• For virtual machines that are not encrypted, you can edit the virtual machine’s settings to use one of the following states:
– Disabled: Do not use encrypted vSphere vMotion
– Opportunistic: Use encrypted vSphere vMotion if the source and destination hosts support it.
– Required: Allow only encrypted vSphere vMotion. If the source or destination host does not support encrypted vSphere vMotion, then the migration is not allowed.
Torino 18 aprile 2018
Encrypted vSphere vMotion Requirements• Encrypted vMotion requires vCenter Server 6.5 and ESXi 6.5
hosts.
• Consider the following when choosing encrypted vMotion settings:– If the setting is Required, then the encrypted vMotion migration succeeds
only if you migrate a virtual machine to an ESXi 6.5 host.
– If the setting is Opportunistic or Disabled, then an encrypted vMotion migration succeeds if a virtual machine is migrated to an ESXi host that is not version 6.5.
• For encrypted vMotion migrations across vCenter Server instances, both the source and destination vCenter Server instances must be version 6.5.
vSphere HA
Torino 18 aprile 2018
About Clusters
A cluster is used in vSphere to share
physical resources between a group of ESXi
hosts. vCenter Server manages cluster
resources as a single pool of resources.
Features such as vSphere HA, vSphere DRS, and vSAN can be enabled in a cluster.
Cluster
Torino 18 aprile 2018
About vSphere HA
Protects against ESXi host failures
Protects against applicationfailures
Protects against datastore accessibility failures
Protects virtual machines against network isolation
Torino 18 aprile 2018
Proactive HA
• Proactive HA integrates with select hardware partners to detectdegraded components and evacuate VMs from affected vSpherehosts before an incident causes a service interruption.
• Hardware partners offer a vCenter Server plug-in to provide the health status of the system memory, local storage, power supplies, cooling fans, and network adapters. As hardware componentsbecome degraded, Proactive HA determines which hosts are at riskand places them into a new state, Quarantine Mode. While in Quarantine Mode, VMs are migrated to healthy hosts, as long asaffinity or antiaffinity rules are not violated and there is no impact to VM performance. In addition, the affected hosts are avoided whennew VMs are added to the cluster.
Torino 18 aprile 2018
High Availability Orchestrated Restart
• Orchestrated Restart improvesthe recoverability of applicationsthat run across multiple VMs.
• This is done by creatingdependency chains betweenVMs via VM-to-VM restart rules.
• These restart rules enforce the restart order for each VM withinthe dependency chain, increasing the likelihood that an impacted application will properlyrecover when vSphere HA restarts the VMs.
Torino 18 aprile 2018
Configuring vSphere HA Settings
Torino 18 aprile 2018
vSphere HA Admission Control Improvements
Torino 18 aprile 2018
About vSphere Replication
vSphere vSphereSource Target
vSphere Replication
Torino 18 aprile 2018
vSphere Replication Appliance
Standard OVF Virtual
Appliance
Delivered with the vSphere
Platform
Included with Most vSphere
Editions
vSphere Replication Appliance
Torino 18 aprile 2018
Replication Functions
Replication Between Two Sites
vSphere DRS
Torino 18 aprile 2018
vSphere DRS Cluster Prerequisites
Torino 18 aprile 2018
vSphere DRS : Automation Level
Migration threshold guides selection of virtual machines for migration.
Automation Level Settings
Torino 18 aprile 2018
Predictive DRS (1)
In addition to current usage metrics, vSphere DRS initiation also depends on predicted usage metrics provided by vRealize Operations.
Torino 18 aprile 2018
Predictive DRS
• Predictive DRS is a new feature that leverages the predictive analytics of vRealize Operations Manager with the powerful resource scheduler algorithm of vSphere DRS. Together, these twoproducts enable workload balancing for certain VMs before resource utilization spikes occur, potentially eliminating a great amount of resource contention that might have occurred in the past.
• vRealize Operations Manager runs its dynamic thresholds algorithm nightly against the VMs on which it collects data. These dynamic thresholds create forecasted metrics for the future utilization of the VMs.
• The metrics are then passed to vSphere DRS to determine the best placement and balance of VMs before resource utilization spikes occur. Predictive DRS helps prevent resource contentionon hosts that run VMs with predictable utilization patterns.
Torino 18 aprile 2018
Predictive DRS Example (1)
Predictions generated for the VM workloadMemory | Non Zero Active Memory (KB)
Sep 30 Oct 1 Oct 2 Oct 3 Oct 4 Oct 5 Oct 6
Torino 18 aprile 2018
Predictive DRS Example (2)
• Before VM migrations, vSphere DRS evenly distributes
the workload across hosts.
VMware and Amazon
Torino 18 aprile 2018
VMware cloud on AWS
Torino 18 aprile 2018
What is VMware Cloud on AWS?
VMware Cloud on AWS is an on-demand service that enables you to run applications across vSphere-based cloud environments with access to a broad range of AWS services.
Powered by VMware Cloud Foundation, this service integrates vSphere, vSANand NSX along with VMware vCentermanagement, and is optimized to run on dedicated, elastic, bare-metal AWS infrastructure.
With VMware Hybrid Cloud Extension, customers can easily and rapidly perform large-scale bi-directional migrations between on-premises and VMware Cloud on AWS environments.
Torino 18 aprile 2018
Torino 18 aprile 2018
AWS Management Portal for vCenter Server (1)• The portal installs as a vCenter Server plug-in within your existing
vCenter Server environment.
• Once installed, it enables you to migrate VMware VMs to Amazon
EC2 and manage AWS resources from within vCenter Server.
Torino 18 aprile 2018
Some features• It includes Single Sign-On support, so you can leverage Active Directory or other
identity providers to manage your users
• It provides integrated Role-Based Access Controls (RBAC), so you can set fine-
grained permissions over the specific resources that end users can view, create,
or modify.
• Administrators can also define templates, which specify the images, instance
types, networks, and other resources that end-users can leverage when creating
EC2 instances, providing a familiar governance model for managing what end-
users are able to do within the portal.
• Resources created within the portal are automatically tagged, so administrators
can also generate tag-based cost allocation reports for resources created using
the portal.
Torino 18 aprile 2018
VM import
• AWS Management Portal forvCenter Server includes integrated support for VM
Import. Once the portal is installed within vCenter Server, you can right-click on
a stopped VM and select “Migrate to EC2” to create an EC2 instance from the
VM.
• The portal will handle exporting the VM from vCenter Server, uploading it to S3,
and converting it into an EC2 instance for you, with no additional work required.
You can also track the progress of your VM migrations within the portal.
• For customers looking to migrate VMs from VMware to AWS, this provides
AWS’s simplest and most user-friendly option for migrating your VMs.
Torino 18 aprile 2018
vRealize Automation
Torino 18 aprile 2018
vRealize Automation integration
• With AWS endpoints you can automate the provisioning
of EC2 machines with Automation blueprints.
Hyper Converged Infrastructure
Torino 18 aprile 2018
About Storage and Networking
• A new approach is needed for storage and networking to
be able to fully achieve the vision of a hyper converged
datacenter.
Torino 18 aprile 2018
Software-Defined StorageStorage Today
New Control Plane
From hardware-centric to application-centric
New Data Plane
From specialized toindustry-standard hardware
• Policy-driven automation• Common across arrays• Dynamic control
• Server SAN• Flash-accelerated• Distributed
Torino 18 aprile 2018
VMware Vision of Software-Defined Storage
• Software-defined storage changes storage the way
server virtualization transformed compute.
vSphere storage policy-based management
Virtual SAN:• Hyperconverged architecture• Data persistence delivered from
the hypervisor
Extending the Control Plane of Software-Defined
Storage to the Ecosystem with vSphere Virtual
VolumesVMware Software-Defined Storage
Torino 18 aprile 2018
vSAN
• vSAN is a software-defined storage solution that enables administrators to create a cluster without traditional external shared storage:
– Policy-driven– Object based
vSAN Network
O b j e c t svSAN
Datastore
Disk Group Disk GroupDisk Group Disk Group
vSAN Cluster
Disk Group Disk Group
Virtual Machine
Virtual Machine
Virtual Machine
Virtual Machine
Torino 18 aprile 2018
vSAN Requirements
• vSAN is included for licensing in vSphere 5.5 U1 and later.
• Build Oprions: – vSAN ReadyNode (https://vsanreadynode.vmware.com/RN/RN)– Turn-key solution: Dell EMC VxRail and VxRack System SDDC
Any Server on the VMware Compatibility Guide
10 Gb NIC(or 1Gb for hybrid mode)
SAS/SATA Controllers (RAID Controllers must work in passthrough or RAID 0 mode.)
SAS/SATA/PCIe/NVMeSSD
SSD SATA HDD
1 SSD for caching
At least 1 SSD for capacity
(or HDD for hybrid mode only)
Torino 18 aprile 2018
NSX – Netwok Function Virtualization
– Slow provisioning
– Limited placement
– Limited mobility
– Hardware-dependent
– Operationally intensive
• Slow provisioning
• Limited placement
• Limited mobility
• Hardware-dependent
• Operationally intensive
Torino 18 aprile 2018
Need for the Correct Abstraction
• The correct abstraction is the virtual network, which enables you to change the operational model.
• Changing the operational model brings benefits:– Greater speed and agility– Lower operational overhead– Decreased capital expenditures
13
Torino 18 aprile 2018
Existing Physical Networks
• Network virtualization operates over existing data center networks while increasing efficiency and simplifying administration.
VMware NSX can be deployed on existing data center networks. The only requirement from the underlying network is IP connectivity and an MTU size of 1600 bytes or larger.
Internet
Torino 18 aprile 2018
Data Center Hardware
• Physical servers connect to the physical network. ESXi
is installed on these servers.
Torino 18 aprile 2018
Hypervisors and Virtual Switches
• ESXi abstracts data center hardware and creates virtual
machines and virtual switches.
Internet
Torino 18 aprile 2018
VMware NSX: Network Virtualization Platform
• VMware NSX leverages the distributed platform provided
by vSphere to provide the network virtualization platform
to leverage logical networks.
Internet
Torino 18 aprile 2018
Netwok Function Virtualization NFV • Virtual machines require no modification to use a logical
network.
THANK
YOU !