Hybrid Cloud Manager Deployment Considerations

by Michael Francis

VMware Hybrid Cloud Manager™ is VMware’s management extension for VMware vSphere® and VMware vCloud® Air™. Hybrid Cloud Manager aims to simplify the implementation of a true hybrid cloud.

My Definition of Hybrid Cloud

What is hybrid cloud? In my mind, hybrid cloud means extending my on-premises estate into a data center facility owned and provided by a third party. The key to this definition is in the word “extension.” A true extension means I can retain my existing operating model, security model, and provisioning systems and seamlessly migrate applications from my on-premises environment to my provider’s platform, just as I do within my on-premises environment.

How Does Hybrid Cloud Manager Achieve This?

Hybrid Cloud Manager integrates tightly with the vSphere infrastructure you already have in your data center. It provides the following enhanced features to your vSphere platform:

  • Live migration between on-premises vSphere and vCloud Air
  • Point-and-click layer 2 network extension instantiations
  • Software-defined WAN to secure and optimize the hybrid cloud experience
  • Low downtime migration between on-premises vSphere and vCloud Air

Make it Simple for Me

Because Hybrid Cloud Manager is purpose-built to integrate vSphere and vCloud Air, setup and consumption of your hybrid cloud is simple. The integration extends the context menus within vSphere as shown below. We have the option in the vSphere Web Client to extend our on-premises network.

vSphere Web Client

The image below illustrates the additional context menu option to migrate an application into the cloud.

VMware vSphere Web Client

What is Actually Involved?

Hybrid Cloud Manager is comprised of three components:

  • A management component – The Hybrid Cloud Manager virtual appliance
  • A data plane gateway – The Cloud Gateway virtual appliance
  • Supporting components – The WAN optimization and L2 extender appliances

The diagram below shows the relationship of these components with your vSphere platform and vCloud Air.

vSphere Platform and vCloud

Hybrid Cloud Manager

The Hybrid Cloud Manager is a virtual appliance located on premises, in your data center. It registers via the VMware vCenter™ Platform Services Controller™ with your vCenter environment to extend the vSphere Web Client with a Hybrid Cloud Manager extension.

The Hybrid Cloud Manager communicates with vCloud Air; it needs to do this to set up the components automatically for you on the vCloud Air side of your hybrid cloud as you perform operations such as extending an L2 network or migrating a virtual machine. These communications all occur securely over an https connection to the internet-facing web service of vCloud Air. The Hybrid Cloud Manager also communicates with the Network Services Provisioning API in vCloud Air as needed to support your on-premises operations.

Finally, it automates the deployment and configuration of the supporting components of the hybrid cloud solution on premises, including the:

  • Cloud Gateway
  • L2 extension appliance
  • WAN optimization appliance

These appliances are referred to as the “WAN fleet.”

From a placement consideration perspective, the Hybrid Cloud Manager appliance will be located on the management cluster—the same cluster that is hosting the vCenter that is managing the workload cluster that has the workloads to be integrated with vCloud Air.

Cloud Gateway

The Cloud Gateway is a virtual appliance deployed and configured by the Hybrid Cloud Manager. Its purpose is to create the secure tunnel using UDP-based IPSEC between your on-premises Cloud Gateway and a partner Cloud Gateway provisioned by the Hybrid Cloud Manager via the Network Services Provisioning API.

The Cloud Gateway is the termination and entry point for all traffic between the on-premises and vCloud Air. The Cloud Gateway works through service chaining to leverage the WAN optimization appliance for all traffic that leverages the Cloud Gateway tunnel.

The Cloud Gateway also acts as the conduit used by the L2 extension appliance to “bridge” the L2 traffic from the on-premises network to the vCloud Air network.

It is important to understand that only L2 extension traffic and workload migration traffic use this Cloud Gateway to Cloud Gateway tunnel. Any new networks created in vCloud Air will use standard routing to route packets over the underlying network between the on-premises environment and vCloud Air.

From a placement consideration perspective, the Cloud Gateway appliance will be located on a workload or edge cluster. It is provisioned by the vCenter that the Hybrid Cloud Manager is registered with.

L2 Extension Appliance

The L2 Extension appliance comes in two form factors: standard, and high throughput. The high throughput is recommended any time the underlying transport network supports multi gigabit throughputs. But it has a heavier resource footprint than the standard L2 extension appliance.

The L2 extension can function by routing all L2 extension traffic through the Cloud Gateway, or it can be configured to route traffic over its own SSL connection directly with its peer L2 extension appliance in vCloud Air. Again, this peer L2 extension appliance has been automatically deployed and configured by the Network Services Provisioning API called by the Hybrid Cloud Manager. It is expected that under most conditions customers would route through the Cloud Gateway and take advantage of the WAN optimization appliance in the process.

From a placement consideration perspective, the L2 extension appliance will be located on a workload or edge cluster. It is provisioned by the vCenter that the Hybrid Cloud Manager is registered with.

WAN Optimization Appliance

The WAN optimization appliance uses a private network address to communicate with the Cloud Gateway and form the service chain. Unlike the L2 extension appliance and the Hybrid Cloud Manager, it must be layer-2 adjacent to the Cloud Gateway appliance.

There is no configuration of the appliance required. It is deployed to the same network as the Cloud Gateway and is hosted on the same vSphere cluster. It is a checkbox option during the wizard to setup hybridity to enable WAN optimization.

Communications Ports Summary

The diagram below shows the network ports used between your on-premises environment and vCloud Air to support this deployment.

Hybrid Cloud Manager

Live Migration

In 2005, when I first showed someone VMware vSphere vMotion®, they could not believe it. I get a similar response today, when I show live migration into and out of vCloud Air from an on-premises vSphere environment. Surely this is the desired outcome of hybrid cloud—easy movement of workloads back and forth between two different platforms.

The secret sauce is in the Cloud Gateway. During the initial setup of hybridity you are asked if you want to enable live migration. If you answer in the affirmative, you are asked for a host IP address for live migration. At the end of the process, if you review your vCenter inventory, you will see a new host has appeared as a standalone host in the inventory of vCenter. This host is the Cloud Gateway. The Cloud Gateway appears to the other ESXi hosts as another ESXi host with a vMotion interface. This allows the ESXi hosts on premises to be the source of a cross cloud live migration without having any additional knowledge or capabilities. All the functionality is in the Cloud Gateway.

The Cloud Gateway manages the live migration and the transfer of the migration state from on-premises into a virtual machine located in vCloud Air.

Replication-Based Migration

Both during a live migration and during a low downtime migration, vSphere replication is used to migrate the storage from one location to another. Again, the Cloud Gateway is the component that simplifies the solution. It appears to the ESXi hosts as a vSphere replication server, so the ESXi hosts on premises use existing vSphere replication modules (with some configuration changes) to replicate the blocks of storage through the Cloud Gateway via its peer Cloud Gateway located on vCloud Air to the destination virtual machine.

This eliminates the need for any third-party storage replication technologies and is fully automatically configured by the Hybrid Cloud Manager when you elect to migrate a virtual machine from one location to another.

Importance of Planning

While Hybrid Cloud Manager makes the setup and operation of the hybrid cloud very straightforward, you still need to do some planning.

How Much Capacity do I Need and How Many vCloud Air Virtual Data Centers?

You must have a separate set of WAN fleet appliances for each vCloud Air virtual data center. This does not mean additional Hybrid Cloud Managers, but does mean more Cloud Gateways and associated L2 extension appliances and WAN optimization appliances. Further, each WAN fleet must reside on its own dedicated L2 network. A WAN fleet cannot be L2-adjacent to another WAN fleet. So, from a planning perspective, for resources on premises and networking for each WAN fleet, it is important to understand how many virtual data centers you will likely require.

For these reasons, it is best to assess your current on-premises data center, categorize workloads, and consider the resources required for vCloud Air. This will give you the information you need to define the following:

  • Number of vCloud Air virtual data centers
  • Number of Hybrid Cloud Manager WAN fleets
  • Size of vCloud Air virtual data centers
  • Need for new networks in vCloud Air
  • Change rate of workloads that will be migrated to vCloud Air, as this will have a bearing on the size of the connection to vCloud Air
  • Size of vCloud Air constructs, such as edge gateways
  • Number of concurrent migrations and type of migrations that will occur under normal conditions

VMware can assist in this planning process through the Migration Assessment Service, which provides a comprehensive migration planning exercise and migration plan.

True Hybrid Cloud

As I said at the start, hybrid cloud is about maintaining current practices and tools. When you use Hybrid Cloud Manager to extend your data center into the cloud, your existing networks are fully extended and all provisioning and operational tools function as they did previously, because the relationship between the respective tool and the target virtual machine on the existing network has not changed. Further, the existing security model can be fully mirrored in vCloud Air, and the L2 extension can maintain existing inspection and traffic control points located in the on-premises data center.

The support for low downtime and live migration means moving workloads between on premise and vCloud Air is no different to moving workloads inside the data center.

Hybrid Cloud Manager differentiates VMware’s hybrid cloud model from others.  In the future, these capabilities will be extended to other target cloud providers. This will provide customers with unparalleled flexibility in their use of public cloud and on-premises private cloud.

The post Hybrid Cloud Manager Deployment Considerations appeared first on VMware Professional Services and Education Insights.

Source: VMware Hybrid Cloud – blogs.vmware.com