Session 1: vCloud Director as a central point of management and Extensible Service Provider Platform

Since vCloud director is now able to be used as a proxy for dedicated vCenter’s and the use cases for the Extensibility Framework are practically limitless we were eager to follow this session to see how this all works out in the Service Provider business. We’ve been working with the new versions of vCD for a while now and wanted to fact check our own findings. Below are the few noteworthy items we took from this session:

The integration of third party extensions inside vCloud Director make the tool the best cloud services portal according to VMware. Think about the use cases which could enable you as a business to provide more value to your customers such as self-service migrations and DRaaS functionality through vCloud Availability. Or an Extension from Rubrik to let your customers be able to manage their backups in a full self-service way. The number of partners that are adding Extensions to vCloud Director is growing by the day and the list already has large companies such as Veeam, Trend Micro, Rubrik, Zerto and Simplivity. The exposure of vRealize Orchestrator flows to the Service Library inside vCloud Director is also something that hasn’t been there for a long time. This creates a ton of possibilities for your customers to use all sorts of funtionality from within vCloud Director so that they don’t have to use more than one portal. You could be creative and create an extension that helps opening or closing servicedesk tickets from within the interface. There are also opportunities for you as a company to create and publish your own extensions in vCloud Director if you wish to do so. There is a mention that more customizations in the UI and eventually some sort of custom actions on vApps will be possible in future releases.

The vCloud Director software is also capable to use external public/mega-cloud resources on which you can deploy workloads. At the moment AWS is mentioned a lot. I can imagine that in the future more public clouds will be added.

For those that don’t know yet, chargeback has returned to VMware’s portfolio as a product through the Chargeback vROPS module which allows you to use the chargeback functionality from within vCloud Director. I’ve missed this tool since it was made end-of-life a couple of years ago. It’s a great tool to use to bill your customers the resources that they’ve used during a certain period. Unfortunately it needs a vROPS instance nowadays as far as I know, which makes the tool bulky to use.

The new tenant UI in vCloud Director 9.7 has been updated to include more and more functionality such as vApp Network Diagrams, Global Search functionality, tenant branding customizations. The support for NSX Edge clusters has also been added to this version. The new version also has a self-contained appliance which can be rolled out that has no dependencies from external sources and has High-Availability build in.

VMware is also maintaining the Terraform vCloud Director provider which exposes vCD resources to be used as infrastructure as code. This deploys resources inside vCD through code. There is also a vSphere and NSX-T provider that can be used if you don’t have vCD.

Container Service Extensibility (CSE) version 1.2 supports Kubernetes version 1.10 and has NFS support for static persistent storage. They mentioned that CSE version 2.0 will be released some time in the future which could have initial support for VMware PKS.

Since vCloud Director can expose dedicated vCenter servers now you don’t need to feed your customers dedicated VPN configurations and capabilities to provide them with access to their own vCenter Server environment. This enhances VMware’s vision that vCloud Director will be the Central Pane of Management for all cloud resources that a service provider offers to its customers. You can even give customers both, a shared resources and a dedicated vCenter server from within the same tenant.

Session 2: Cloud Provider Platform (CPP): Advanced Networking Architecture for Cloud Providers

This session was mainly about networking constructs for vCloud Director in a Cloud Provider Platform to connect to multiple sources such as on-premise, private cloud or even Amazon AWS, Azure and Google Cloud resources. Next to this there was also a lot of discussion on Network Architectures in the Enterprise and Service Provider environments. Below are some notes that we’ve made during this session:

One of the key sales number takeaway was that a couple of years ago leaders in the IT market warned businesses delivering IaaS services, that their business would be reduced to almost zero because of the mega-clouds. It seems that this is no longer true because last year the growth in this market segment has still been 31%. This is something we are also seeing ourselves.

Some other facts we heard is that for example a AWS VPN tunnel will give you a maximum throughput of 1.25 Gbit per second and a NSX-V Edge VPN gives you 700 Mbit per second. NSX-T seems to able to do 3 to 4 Gbit per second throughput which is dramatically higher than the NSX-V VPN tunnel. This is something you should consider when connecting data centers to each other through these services.

Session 3: NSX-T Design: Introductory Designs

As I said in yesterdays blog is that NSX-T is fully being advertised by VMware as the next new SDN technology that will completely transform the datacenter just like NSX-V did. We’ve been looking at NSX-T for a while now and we’ve been patiently waiting on more information about this product. All of the NSX session here at VMware EMPOWER 2019 are really useful to gain insights into NSX-T. Below are some notes we wrote down during this session:

NSX-T delivers cloud connectivity services on Private Clouds, Public Clouds and Containers. With a generic design that ensures that multiple endpoints can be connected without restraints on a hypervisor. This means it’s hypervisor agnostic. The latest version of NSX-T even allows you to connect up to more than 10 VMware vCenter servers to a single NSX Manager. As you know this is not possible in NSX-V since this version of NSX can only be connected to one vCenter server. If you want to know what elements in the NSX environment changed or are no longer available, please visit yesterdays blog to check that out.

The NSX Manager design has changed in NSX-T in regards to the NSX Managers. There can be more than one NSX Manager (since NSX-T 2.4) and they can also be coupled together with a loadbalancer or virtual cluster IP to create High-Availability of the UI and API. This means that a NSX Manager can fail but you can still access another NSX Manager. The default deployment design is that you connect to each NSX Manager independently through the GUI or API, but if one IP fails you’d have to connect to another IP. With the mentioned deployments designs this problem should be eliminated.

In NSX-T there is a new version of the Distributed Virtual Switch called NSX Distributed Virtual Switch. Like the original vDS this N-vDS can only be connected to one pNIC. The N-vDS also supports NIOC like the original vDS. The N-vDS’s run inside the EdgeNote-VM’s. This way NSX-T is hypervisor agnostic.

In NSX-T you have multiple routing topologies such as single tier routing topology which you can use in small environments that only has a T0 router where no services like NAT, FW etc are running. And a two tier routing topology in which you have T0 and T1 routers in which the one of the routers run services like NAT, VPN, FW or loadbalancing.

It seemed that NSX-T can provide L3 services to standard vlan backed logical switches. But this could already be done with NSX-V from with the ESG so I’m not quite sure why this was mentioned. I’m guessing because the architecture of this functionality is different.

This session was very very difficult to follow because of all the new information we received in a very short timespan. In short: NSX-V is not even close to the same design as NSX-T. We will come back to this at a later point in time to further explain the likes of NSX-T.

Session 4: Cloud Automation – The Road to Multi-Cloud

A session about VMware Cloud Automation Services, also called the next gen vRealize Automation tooling. It was fun to see that VMware has a tool in place to create cloud agnostic blueprints so that customers can define blueprints that can be run on several clouds such as on-premise vCenter, NSX-V, NSX-T, AWS, Azure and Google Cloud!

The way this works is that when you create a blueprint, you can map flavors, network settings, storage and sizing settings across clouds into policies. This way it doesn’t matter where you deploy your workload, you always get the same result. So lets say you want a VM sizing policy with the name “Small”. This virtual machine should have 1 vCPU and 2GB RAM on any cloud. This can be done by mapping the sizes for all clouds into the policy. The vSphere mapping is easy, 1 vCPU and 2GB RAM. The Azure sizing equivalent would be “Standard_A0” and the AWS equivalent would be “t2.small”. Now once you deploy the VM with Sizing policy “Small”, it doesn’t matter what destination you select, it will always have the apropriate sizing.

Maybe in the future vRA will be replaced by this new service. It does look like the same but certainly has some additional features differencing it from vRA.

Session 5: What’s New with Vmware’s Internet of Things?

With the growth of the number of smart devices managing these device at scale becomes a challenge. Already we have seen a number of vulnerabilities that have been exploited in the wild such as the Mirai Botnet. These incidents make organisations hesitant to embrace IoT even though there could be much value in using IoT devices.

There are several approaches to IoT. One approach uses things that are directly connected to the cloud. And depending on the vendor you might have features to effectively manage a fleet of these directly connected devices.

Another approach would be to use a three tier architecture where the things first talk to a gateway that is in turn connected to a cloud. This could mean a local datacenter, a private or public cloud. This multi-tier approach aligns with VMware’s vision of using any device, any application on any cloud.

Traditionally there are already a number of IoT devices that are built for typical use-cases such as building automation and physical security. Because of the lack of standardisation these devices are siloed and therefore hard to manage. The way VMware wants to change this by implementing a standard control plane that supports all types of IoT deployments. And this is where Vmware Puls IoT center comes into play.

VMware Pulse IoT Center is a SaaS service that allows for easy and secure device enrolment as well as OTA updates.

Pulse uses a HCL with templates for supported devices to ensure you can easily connect them. However you are not limited to using devices that are on the HCL as you do have the ability to create custom templates. Other features include a RBAC and API support for both agent and server management.

As the number of IoT capable devices will grow over time we think VMware Pulse IoT Center is strategically aligned to support all kinds of IoT workload and manage these in an effective and secure fashion.

Session 6: General Session VMware EMPOWER Day 2

This session had all of the VMware EMEA vice presidents on stage to talk about alliances and partnerships. They gave a lot of examples and situations in which VMware and partners worked together to gain more and more business. The core of the story was that when you work together you can achieve more! Which is kind of obvious but it was good to hear that VMware is investing more and more in their partners.

This concluded todays sessions! Come back tomorrow to read up on day 3!

A fun bonus addon to the blog! This evening was the main party for VMware EMPOWER 2019 in the beautiful LX Factory in Lisbon! I loved the venue and the drinks, entertainment (arcade machines!) and music. We’ve also been busy on social media during this event, whereas Rudolf is active on Twitter and I am on LinkedIN. There was a twitter contest today and Rudolf participated on that, and won! Below the video of him winning his price!

Rudolf winning the VMware EMPOWER 2019 Twitter contest!

Bryan van Eeden

Bryan is an ambitious and seasoned IT professional with almost a decade of experience in designing, building and operating complex (virtual) IT environments. In his current role he tackles customers, complex issues and design questions on a daily basis. Bryan holds several certifications such as VCIX-DCV, VCAP-DCA, VCAP-DCD, V(T)SP and vSAN and vCloud Specialist badges.


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *