What does VMware Cloud Disaster Recovery have in common with Dell PowerProtect?

What does VMware Cloud Disaster Recovery have in common with Dell PowerProtect?

May 4, 2023 | AWS, Azure, Cloud Native Apps, Data Protection, ESXi, Kubernetes, Security, VCPP, VMware Cloud, VMware Cloud Foundation, vSphere

It was at VMware Explore Europe 2022 when I ran into a colleague from Dell who told me about “transparent snapshots” and mentioned that their solution has something in common VMware Cloud Disaster Recovery (VCDR). After doing some research, I figured out that he was talking about the Light Weight Delta (LWD) protocol.

Snapshots

Snapshots are states of a system or virtual machine (VM) at a particular point in time and should not be considered a backup. The data of a snapshot include all files that form a virtual machine – this includes disks, memory, and other devices like network interface cards (vNIC). To create or delete a snapshot of a VM, the VM needs to be “stunned” (quiesce I/Os).

I would say it is common knowledge that a higher number of snapshots negatively impact the I/O performance of a virtual machine. Creating snapshots results in the creation of a snapshot hierarchy with parent-to-child relationships. Every snapshot creates a delta .vmdk file and redirects all inputs/writes to this delta disk file.

VMware vSphere Storage APIs for Data Protection

Currently, a lot of backup solutions use “VMware vSphere Storage APIs for Data Protection” (VADP), which has been introduced in vSphere 4.0 released in 2009. A backup product using VADP can backup VMs from a central backup server or virtual machine without requiring any backup agents. Meaning, backup solutions using VADP create snapshots that are used to create backups based on the changed blocks of a disk (Changed Block Tracking aka CBT). These changes or this delta is then written to a secondary site or storage and the snapshot is removed after.

Deleting a snapshot consolidates the changes between snapshots and previous disk states. Then it writes all the data from the delta disk that contains the information about the deleted snapshot to the parent disk. When you delete the base parent snapshot, all changes merge with the base virtual machine disk.

To delete a snapshot, a large amount of information must be read and written to a disk. This process can reduce the virtual machine performance until the consolidation is complete.

VMware Cloud Disaster Recovery (VCDR)

In 2020, VMware announced the general availability of VMware Cloud Disaster Recovery based on technology from their Datrium acquisition. This new solution extended the current VMware disaster recovery (DR) solutions like VMware Site Recovery, Site Recovery Manager, and Cloud Provider DR solutions.

VMware Cloud Disaster Recovery is a VMware-delivered disaster recovery as a service (DRaaS) offering that protects on-premises vSphere and VMware Cloud on AWS workloads to VMware Cloud on AWS from both disasters and ransomware attacks. It efficiently replicates VMs to a Scale-out Cloud File System (SCFS) that can store hundreds of recovery points with recovery point objectives (RPOs) as low as 30 minutes. This enables recovery for a wide variety of disasters including ransomware. Virtual machines are recovered to a software-defined data center (SDDC) running in VMware Cloud on AWS. VMware Cloud Disaster Recovery also offers fail-back capabilities to bring your workloads back to their original location after the disaster is remediated.

VMware Cloud DR Architecture

Note: Currently, VCDR is only available as an add-on feature to VMware Cloud on AWS. The support for Azure VMware Solution is expected to come next.

To me, VCDR is one of the best solutions from the whole VMware portfolio.

High-Frequency Snapshots (HFS)

One of the differentiators and game-changers are these so-called high-frequency snapshots, which are based on the Light Weight Delta (LWD) technology that VMware developed. Using HFS allows customers to schedule recurring snapshots for every 30 minutes, meaning, that customers can get an Recovery Point Objective (RPO) of 30min!

To enable and use high-frequency snapshots, your environment must be running on vSphere 7.0 U3 or higher.

With HFS and LWD, there is no Changed Block Tracking (CBT), no VADP, and no VM stun. This results in better performance when maintaining these deltas.

Transparent Snapshots by Dell EMC PowerProtect Data Manager (PPDM)

At VMworld 2021, Dell Technologies presented a session called “Protect Your Virtual Infrastructure with Drastically Less Disruption [SEC2764S]” which was about “transparent snapshots” – image backups with near-zero impact on virtual machines, without the need to pause the VM during the backup process. No more backup proxies, no more agents.

Dell Transparent Snapshot Architecture

As with HFS and VCDR, your environment needs to run on vSphere 7.0 U3 and higher.

How does it work?

PowerProtect Data Manager transparent snapshots use the vSphere API for I/O (VAI/O) Filtering framework. The transparent snapshots data mover (TSDM) is deployed in the VMware ESXi infrastructure through a PowerProtect Data Manager VIB. This deployment creates consistent VM backup copies and writes the copies to the protection storage (PowerProtect appliance).

After, this VIB (Data Protection Daemon (DPD) which is part of the VMware ESXi >7.0 U3 image has been installed on the ESXi host) tracks the delta changes in memory and then transfers the delta changes directly to the protection storage.

VMware Data Protection Daemon

Note: PPDM also provides image backup and restore support for VMware Cloud on AWS and Azure VMware Solution, but requires VADP.

Light Weight Delta (LWD)

It seems that LWD has been developed by VMware but there is no publicly available information out there yet. I only found this screenshot as part of this Dell article:

VMware Light Weight Delta

It also seems that Dell is/was the first who could leverage the LWD protocol exclusively but I am sure it will be made available to other VMware partners as well.

VMware vSphere – The Enterprise Data Platform

VMware vSphere – The Enterprise Data Platform

Feb 21, 2023 | AWS, Azure, Cloud Native Apps, Edge Computing, ESXi, Google Cloud, Kubernetes, Tanzu, VMware Cloud, VMware Data, vSphere

The world is creating and consuming more data than ever. There are multiple reasons that can explain this trend. Data creates the foundation for many digital products and services. And we read more and more about companies that want or need to keep their data on-premises because of reasons like data proximity, performance, data privacy, data sovereignty, data security, and predictable cost control. We also know that the edge is growing much faster than large data centers. These and other factors are the reasons why CIOs and decision-makers are now focusing on data more than ever before.

We live in a digital era where data is one of the most valuable assets. The whole economy from the government to local companies would not be able to function without data. Hence, it makes sense to structure and analyze the data, so a company’s data infrastructure becomes a profit center and is not just seen as a cost center anymore.

Data Sprawl

A lot of enterprises are confronted with the so-called data sprawl. Data sprawl means that an organization’s data is stored on and consumed by different devices and operating systems in different locations. There are cases where the consumers and the IT teams are not sure anymore where some of the data is stored and how it should be accessed. This is a huge risk and results in a loss of security and productivity.

Since the discussions about sovereign clouds and data sovereignty have started, it has never been more important where a company’s data resides, and where and how one can consume that data.

Enterprises have started to follow a cloud-smart approach: They put the right application and its data in the right cloud, based on the right reasons. In other words, they think twice now where and how they store their data.

What databases are popular?

When talking to developers and IT teams, I mostly received the following names (in no particular order):

  • Oracle
  • MSSQL
  • MySQL
  • PostgreSQL

I think it would be a fair statement to make that a lot of customers are looking for alternatives to reduce expensive database and database management solutions (DBMS). It seems that Postgres and MySQL earned a lot of popularity over the past years, while Oracle is still considered one of the best databases on the market – even seen as one of the most expensive and least liked solutions. But I also hear other solutions like MongoDB, MariaDB, and Redis mentioned in more discussions.

DBaaS and Public Cloud Characteristics

It is nothing new: Developers are looking for a public-cloud-like experience for their on-premises deployments. They want an easy and smooth self-service experience without the need for opening tickets and waiting for several days to get their database up and running. And we also know that open-source and freedom of choice are becoming more important to companies and their developers. Some of the main drivers here are costs and vendor lock-in.

IT teams on the other side want to provide security and compliance, more standardization around versions and types, and an easy way to backup and restore databases. But the truth is, that a lot of companies are struggling to provide this kind of Database-as-a-Service (DBaaS) experience to their developers.

The idea and expectation of DBaaS are to reduce management and operational efforts with the possibility to easily scale databases up and down. The difference between the public cloud DBaaS offering and your on-premises data center infrastructure is the underlying physical and virtual platform.

On-premises it could be theoretically any hardware, but VMware vSphere is still the most used virtualization platform for an enterprise’s data (center) infrastructure.

VMware vSphere and Data

VMware shared the information that studying their telemetry from their customer base showed that almost 25% of VMware workloads are data workloads (databases, data warehouses, big data analytics, data queueing, and caching) and it looks like that MS SQL Server still has the biggest share of all databases that are hosted on-premises.

They are also seeing a high double-digit growth (approx. 70-90%) when it comes to MySQL and steady growth with PostgreSQL. Rank 4 is probably Redis followed by MongoDB.

VMware Data Solutions

VMware Data Solutions, formerly known as Tanzu Data Services, is a powerful part of the entire VMware portfolio and consists of:

  • VMware GemFire – Fast, consistent data for web-scaling concurrent requests fulfills the promise of highly responsive applications.
  • VMware RabbitMQ – A fast, dependable enterprise message broker that provides reliable communication among servers, apps, and devices.
  • VMware Greenplum – VMware Greenplum is a massively parallel processing database. Greenplum is based on open-source Postgres, enabling Data Warehousing, aggregation, AI/ML and extreme query speed.
  • VMware SQL – VMware’s open-source SQL Database (Postgres & MySQL) is a Relational database service providing cost-efficient and flexible deployments on-demand and at scale. Available on any cloud, anywhere.
  • VMware Data Services Manager – Reduce operational costs and increase developer agility with VMware Data Services Manager, the modern platform to manage and consume databases on vSphere.

VMware Data Services Manager and VMware SQL

VMware SQL allows customers to deploy curated versions of PostgreSQL and MySQL and DSM is the solution that enables customers to create this DBaaS experience their developers are looking for.

VMware DSM Personas

Data Services Manager has the following key features:

  • Provisioning – Provision different configurations of databases (MySQL, Postgres, and SQL Server) with either freely
    configurable or pre-defined sizing of compute and memory resources, depending on user permissions
  • Backup & Restore – Backup, Transactional log, Point in Time Recovery (PiTR), on-demand or as scheduled
  • Scaling – Modify instances depending on usage (scale up, scale down, disk extension)
  • Replication – Replicate (Cold/Hot or Read Replicas) across managed zones
  • Monitoring – Monitor database engine, vSphere infrastructure, networking, and more.

…and supports the following components and versions (with DSM v1.4):

  • MySQL 8.0.30
  • Postgres 10.23.0, 11.18.0, 12.13.0, 13.9.0
  • MSSQL Server 2019 (Standard, Developer, Enterprise Edition)

Companies with a lot of databases have now a way at least to manage, control and secure Postgres, MySQL and MSSQL DB instances from a centralized tool than can be accessed via the UI or API.

Project Moneta

VMware’s vision is to become the cloud platform of choice. What started with compute, storage and network, continues with data: make it as easy to consume as the rest of their software-defined data center stack.

VMware has started with DSM and sees Moneta, which is still an R&D project, as the next evolution. The focus of Moneta is to bring better self-service and programmatic consumption capabilities (e.g., integration with GitHub).

Project Moneta will provide native integration with vSphere+ and the Cloud Consumption Interface (CCI). While nothing is official yet, I think of it as a vSphere+ and VMware Cloud add-on service that would provide data infrastructure capabilities. 

Final Words

If your developers want to use PostgreSQL, MySQL and MSSQL, and if your IT struggles to deploy, manage, secure and backup those databases, then DSM with Tanzu SQL can help. Both solutions are also perfectly made for disconnected use cases or airgapped environments.

Note: The DB engines are certified, tested and supported by VMware.

Open Source and Vendor Lock-In

Open Source and Vendor Lock-In

Jan 12, 2023 | AWS, Azure, Cloud Native Apps, CNCF, Google Cloud, Kubernetes, Observability, Tanzu, Tanzu Application Platform

When talking about multi-cloud and cost efficiency, open source is often discussed because it can be deployed and operated on all private and public clouds. From my experience and conversations with customers, open source is most of the time directly connected to discussions about vendor lock-ins.

Organizations want to avoid or minimize the use of proprietary software to avoid becoming dependent on a particular vendor or service. And there are different factors like proprietary technology or service, or long-term contracts. It is also about not giving a specific supplier leverage over your organization – for example when this supplier is increasing their prices. Another reason to avoid vendor lock-in is the notion that proprietary software can limit or reduce innovation in your environment.

CNCF and Kubernetes

Let us take Kubernetes as an example. Kubernetes, which is also known as K8s, was contributed as an open-source seed technology by Google to the Linux Foundation in 2015, which formed the sub-foundation “Cloud Native Computing Foundation” (CNCF). Founding CNCF members include companies like Google, Red Hat, Intel, Cisco, IBM, and VMware.

Currently, the CNCF has over 167k project contributors, over 800 members, and more than 130 certified Kubernetes distributions and platforms. Open source projects and the adoption of cloud native technologies are constantly growing.

The Cloud Native Computing Foundation, its members, and contributors have the same mission in mind. They want to provide drive the cloud native adoption by providing open and cloud native software that “can be implemented on a variety of architectures and operating systems”. This is one of the values described in the CNCF mission statement).

If we access the CNCF Cloud Native Interactive Landscape, one will get an understanding of how many open source projects are supported by the CNCF and this open source community.

CNCF Landscape Jan 2023

Since donated to CNCF, a lot of companies on this planet are using Kubernetes, or at least a distribution of it:

  • Amazon Elastic Kubernetes Service Distro (Amazon EKS-D)
  • Azure (AKS) Engine
  • Cisco Intersight Kubernetes Service
  • K3s – Lightweight Kubernetes
  • MetalK8s
  • Oracle Cloud Native Environment
  • Rancher Kubernetes
  • Red Hat OpenShift
  • VMware Tanzu Kubernetes Grid (TKG)

A distribution, or distro, is when a vendor takes core Kubernetes — that’s the unmodified, open source code (although some modify it) — and packages it for redistribution. Usually, this entails finding and validating the Kubernetes software and providing a mechanism to handle cluster installation and upgrades. Many Kubernetes distributions include other proprietary or open source applications.

These were just a few of the total 66 certified Kubernetes distributions. What about the certified hosted Kubernetes service offerings? Let me list here some of the popular ones out of the 53 total:

  • Alibaba Cloud Container Service for Kubernetes (ACK)
  • Amazon Elastic Container Service for Kubernetes (EKS)
  • Azure Kubernetes Service (AKS)
  • Google Kubernetes Engine (GKE)
  • Nutanix Kubernetes Engine (formerly Karbon)
  • Oracle Container Engine for Kubernetes (OKE)
  • Red Hat OpenShift Dedicated

While Kubernetes is open source, different vendors create curated versions of Kubernetes, add some proprietary services, and then offer it as a managed service. The notion of open source is that you can take all of your applications and their components and leave a specific cloud provider if needed.

Trade-Offs

Open source software can make cloud migrations easier in some ways (e.g., if you use the same database in all the clouds). Kubernetes is designed to be cloud-agnostic, meaning that it can run on multiple cloud platforms. This can make it easier to move applications and workloads between different clouds without needing to rewrite the code or reconfigure the infrastructure. At least this was the expectation of Kubernetes. And it should be clear by now, that a managed service or platform means a lock-in. No matter if this is GKE, EKS, AKS, or VMware Tanzu for Kubernetes.

You cannot avoid a (vendor) lock-in. You have the same with open source. It is about trade-offs.

If you deploy workloads in multiple clouds, you end up with different vendors/partners, different solutions, and technologies. For me, it is about operations at the end of the day. How do you manage and operate multiple clouds and their different managed services? How do you deploy and use open source software in different clouds?

I have not seen one customer saying that they moved away from AKS, EKS, GKE, or Tanzu and went back to the upstream version of Kubernetes and built the application platform around it by themselves from scratch with other open source projects. You can do it, but you need someone who did that before and can guide you. Why?

There are other container-related technologies like databases, streaming & messaging, service proxies, API gateways, cloud native storage, container runtimes, service meshes, and cloud native network projects. Let us have a look at the different categories and examples:

  • Database, 62 different projects (Cassandra, MySQL, Redis, PostgreSQL, Scylla)
  • Storage, 66 different projects (Container Storage Interface, MinIO, Velero)
  • Network, 25 different projects (Antrea, Cilium, Flannel, Container Network Interface, Open vSwitch, Calico, NGINX)
  • Service Proxy, 21 different projects (Contour, Envoy, HAProxy, MetalLB, NGINX)
  • Observability & Analysis, 145 projects (Grafana, Icinga, Nagios, Prometheus)

CNCF Cloud Native Networking

It is complex to deploy, integrate, operate and maintain different open source projects that you most probably need to integrate with proprietary software as well. So, one trade-off and disadvantage of open source software could be that it is developed and maintained by a community of volunteers. Some companies need enterprise support.

Note: Do not forget that even though you may be using open source software in different private and public clouds, you cannot change the fact that you most probably still have to use specific services of each cloud platform (e.g., network and storage). In this case, you have a dependency or lock-in on a different architectural layer.

If it is about costs, then open source can be helpful here, sure, but we shouldn’t forget the additional operational efforts. You will never get the costs down to zero with open source

The Reality

Graduated and incubating CNCF projects are considered to be running stable and can be used in production. Some examples would be Envoy, etcd, Harbor, Kubernetes, Open Policy Agent, and Prometheus.

Companies and developers have different motivations why open source. Open source software lowers your total cost of ownership (TCO), is created by skillful and talented people, you have more flexibility because of non-proprietary standards, it is cloud agnostic, has strong and fast support from the community when finding bugs, and is considered to be secure for use in production.

Open source is even so much liked that its usage attracts talent. There is no other community of this size that is collaborating on innovation and industry standardization!

But the Apache Log4j vulnerability showed the whole world that open source software needs to become more secure, and that project contributors and users need to ensure the integrity of the source code, build, and distribution in all open source software since a growing number of companies are using open source software as part of their solutions and managed services.

There are certain situations where open source software needs to be integrated with proprietary software. Commercial software can also provide more enterprise-readiness and can provide a complete solution, whereas with open source software on the other hand, you have to deploy and use a combination of different projects (to achieve the same). This could mean a lot of effort for a company. And you have to ensure the interoperability of the implemented software stack.

Technical issues always occur, no matter if it’s open source or proprietary software. Open source software does not provide the enterprise support some organizations are looking for.

While one has to decide what is best for their company and strategy, a lot of people are overwhelmed by the huge and confusing CNCF landscape that gives you so many options. Instead of deploying and integrating different open source projects by themselves, organizations are looking for public cloud service providers that take care of the management and ecosystem (network, storage, databases etc.) related to Kubernetes and this way is seen as the easiest way to get started with cloud native.

What has started for some organizations in one public cloud with one hosted Kubernetes offering has sometimes grown to a landscape with three different public clouds and four different Kubernetes distributions or hosted services.

Example: Companies may have started with Kubernetes or VMware Tanzu on-premises and use AKS, EKS and GKE in their public clouds.

How do you cost-efficiently manage all these different distributions and services over different clouds with different management consoles and security solutions? Tanzu Mission Control and Tanzu Application Platform could be on option.

VMware and Open Source

VMware and some of their engineers are part of the community and they actively contribute to projects like Kubernetes, Harbor, Carvel, Antrea, Contour and Velero. Interested in some stats (filtered by the last decade)?

Open source is an essential part of any software strategy—from a developer’s laptop to the data center. At VMware, we’re committed to open source and their communities so that we can all deliver better solutions: software that’s more secure, scalable, and innovative. VMware Tanzu is open source aligned and built on a foundation of open source projects.

VMware Tanzu

VMware (Tanzu) leverages some of the leading open source technologies in the Kubernetes ecosystem. They use Cluster API for cluster lifecycle management, Harbor for container registry, Contour for ingress, Fluentbit for logging, Grafana and Prometheus for monitoring, Antrea and Calico for container networking, Velero for backup and recovery, Sonobuoy for conformance testing, and Pinniped for authentication.

VMware Open Source

VMware Tanzu Application Platform

According to VMware, they built Tanzu Application Platform (TAP) with an open source-first mindset. Here are some of the most popular technologies and projects:

More information can be found here.

VMware Data Services

VMware has also a family of on-demand caching, messaging, and database software (from the acquisition of Pivotal):

  • VMware GemFire – Fast, consistent data for web-scaling concurrent requests fulfills the promise of highly responsive applications.
  • VMware RabbitMQ – A fast, dependable enterprise message broker provides reliable communication among servers, apps, and devices.
  • VMware Greenplum – VMware Greenplum is a massively parallel processing database. Greenplum is based on open source Postgres, enabling Data Warehousing, aggregation, AI/ML and extreme query speed.
  • VMware SQL – VMware’s open-source SQL Database (Postgres & MySQL) is a Relational database service providing cost-efficient and flexible deployments on-demand and at scale. Available on any cloud, anywhere.

Watch the VMware Explore 2022 session “Introduction to VMware Tanzu Data Services” to learn more about this portfolio.

Developers could start with the Tanzu Developer Center.

VMware SQL and DBaaS

If you are interested in building a DB-as-a-Service offering based on PostgreSQL, MySQL or SQL Server, I recommend the following resources from Cormac Hogan:

  1. A closer look at VMware Data Services Manager and Project Moneta
  2. VMware Data Services Manager – Architectural Overview and Provider Deployment
  3. VMware Data Services Manager – Agent Deployment
  4. VMware Data Services Manager – Database Creation
  5. VMware Data Services Manager – SQL Server Database Template
  6. Introduction to VMware Data Services Manager (video)

Closing

Like always, you or your architects have to decide what makes the most sense for your company, your IT landscape, and your applications. Make or buy? Open source or proprietary software? Happy married or locked in? What is vendor lock-in for you?

In any case, VMware embraces open source!

Share Your Opinion – Cross-Cloud Mobility and Application Portability

Share Your Opinion – Cross-Cloud Mobility and Application Portability

Dec 15, 2022 | AWS, Azure, Cloud Native Apps, CNCF, Edge Computing, Google Cloud, HCX, Kubernetes, Tanzu, VMware Cloud

Do you have an opinion about cross-cloud mobility and application portability? If yes, what about this is important to you? How do you intend to achieve this kind of cloud operating model? Is it about flexibility or more about a cloud-exit strategy? Just because we can, does it mean we should? Will it ever become a reality? These are just some of the answers I am looking for.

Contact me via michael.rebmann@cloud13.ch. You can also reach me on LinkedIn.

I am writing a book about this topic and looking for cloud architects and decision-makers who would like to sit down with me via Zoom or MS Teams to discuss the challenges of multi-cloud and how to achieve workload mobility or application/data portability. I just started interviewing chief architects, CTOs and cloud architects from VMware, partners, customers and public cloud providers (like Microsoft, AWS and Google) as part of my research.

The below questions led me to the book idea.

What is Cross-Cloud Mobility and Application Portability about? 

Cross-cloud mobility refers to the ability of an organization to move its applications and workloads between different cloud computing environments. This is an important capability for organizations that want to take advantage of the benefits of using multiple cloud providers, such as access to a wider range of services and features, and the ability to negotiate better terms and pricing.

To achieve cross-cloud mobility, organizations need to use technologies and approaches that are compatible with multiple cloud environments. This often involves using open standards and APIs, as well as adopting a microservices architecture and containerization, which make it easier to move applications and workloads between different clouds.

Another key aspect of cross-cloud mobility is the ability to migrate data between different clouds without losing any of its quality or integrity. This requires the use of robust data migration tools and processes, as well as careful planning and testing to ensure that the migrated data is complete and accurate.

In addition to the technical challenges of achieving cross-cloud mobility, there are also organizational and business considerations. For example, organizations need to carefully evaluate their use of different cloud providers, and ensure that they have the necessary contracts and agreements in place to allow for the movement of applications and workloads between those providers.

Overall, cross-cloud mobility is an important capability for organizations that want to take advantage of the benefits of using multiple cloud providers. By using the right technologies and approaches, organizations can easily and securely move their applications (application portability) and workloads between different clouds, and take advantage of the flexibility and scalability of the cloud.

What is a Cloud-Exit Strategy?

A cloud-exit strategy is a plan for transitioning an organization’s applications and workloads away from a cloud computing environment. This can be necessary for a variety of reasons, such as when an organization wants to switch to a different cloud provider, when it wants to bring its applications and data back in-house, or when it simply no longer needs to use the cloud. A cloud-exit strategy typically includes several key components, such as:

  1. Identifying the specific applications and workloads that will be transitioned away from the cloud, and determining the timeline for the transition.
  2. Developing a plan for migrating the data and applications from the cloud to the new environment, including any necessary data migration tools and processes.
  3. Testing the migration process to ensure that it is successful and that the migrated applications and data are functioning properly.
  4. Implementing any necessary changes to the organization’s network and infrastructure to support the migrated applications and data.
  5. Ensuring that the organization has a clear understanding of the costs and risks associated with the transition, and that it has a plan in place to mitigate those risks.

By having a well-defined cloud-exit strategy, organizations can ensure that they are able to smoothly and successfully transition away from a cloud computing environment when the time comes.

What is a Cloud-Native Application?

A cloud-native application is a type of application that is designed to take advantage of the unique features and characteristics of cloud computing environments. This typically includes using scalable, distributed, and highly available components, as well as leveraging the underlying infrastructure of the cloud to deliver a highly performant and resilient application. Cloud-native applications are typically built using a microservices architecture, which allows for flexibility and scalability, and are often deployed using containers to make them portable across different cloud environments.

Does Cloud-Native mean an application needs to perform equally well on any cloud?

No, being cloud-native does not necessarily mean that an application will perform equally well on any cloud. While cloud-native applications are designed to be portable and scalable, the specific cloud environment in which they are deployed can still have a significant impact on their performance and behavior.

For example, some cloud providers may offer specific services or features that can be leveraged by a cloud-native application to improve its performance, while others may not. Additionally, the underlying infrastructure of different cloud environments can vary, which can affect the performance and availability of a cloud-native application. As a result, it is important for developers to carefully consider the specific cloud environment in which their cloud-native application will be deployed, and to optimize its performance for that environment.

How can you avoid a cloud lock-in?

A cloud lock-in refers to a situation where an organization becomes dependent on a particular cloud provider and is unable to easily switch to a different provider without incurring significant costs or disruptions. To avoid a cloud lock-in, organizations can take several steps, such as:

  1. Choosing a cloud provider that offers tools and services that make it easy to migrate to a different provider, such as data migration tools and APIs for integrating with other cloud services.
  2. Adopting a multi-cloud strategy, where the organization uses multiple cloud providers for different workloads or applications, rather than relying on a single provider.
  3. Ensuring that the organization’s applications and data are portable, by using open standards and technologies that are supported by multiple cloud providers.
  4. Regularly evaluating the organization’s use of cloud services and the contracts with its cloud provider, to ensure that it is getting the best value and flexibility.
  5. Developing a cloud governance strategy that includes processes and policies for managing the organization’s use of cloud services, and ensuring that they align with the organization’s overall business goals and objectives.

By taking these steps, organizations can avoid becoming overly dependent on a single cloud provider and maintain the flexibility to switch to a different provider if needed.

Final Words

Multi-Cloud is very complex and has different layers like compute, storage, network, security, monitoring and observability, operations, and cost management. Add topics like open-source software, databases, Kubernetes, developer experience, and automation to the mix, then we will have most probably enough to discuss. 🙂

Looking forward to hearing from you! 

VMware Cloud Foundation – A Technical Overview (based on VCF 4.5)

VMware Cloud Foundation – A Technical Overview (based on VCF 4.5)

Dec 6, 2022 | Cloud Native Apps, Edge Computing, ESXi, HCX, homelab, Kubernetes, NSX, Tanzu, VMware Aria, VMware Cloud, VMware Cloud Foundation, vRealize

 

Update: Please follow this link to get to the updated version with VCF 5.0.

This technical overview supersedes this version, which was based on VMware Cloud Foundation 4.3, and now covers all capabilities and enhancements that were delivered with VCF 4.5.

What is VMware Cloud Foundation (VCF)?

VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. VCF is based on different components like vSphere (compute), vSAN (storage), NSX (networking), and some parts of the Aria Suite (formerly vRealize Suite). The idea of VCF follows a standardized, automated, and validated approach that simplifies the management of all the needed software-defined infrastructure resources.

This stack provides customers with consistent infrastructure and operations in a cloud operating model that can be deployed on-premises, at the edge, or in the public cloud.

Tanzu Standard Edition is included in VMware Cloud Foundation with Tanzu Standard, Advanced, and Enterprise editions.

Note: The VMware Cloud Foundation Starter, Standard, Advanced and Enterprise editions do NOT include Tanzu Standard.

What software is being delivered in VMware Cloud Foundation?

The BoM (bill of materials) is changing with each VCF release. With VCF 4.5 the following components and software versions are included:

  • VMware SDDC Manager 4.5
  • vSphere 7.0 Update 3g
  • vCenter Server 7.0 Update 3h
  • vSAN 7.0 Update 3g
  • NSX-T 3.2.1.2
  • VMware Workspace ONE Access 3.3.6
  • vRealize Log Insight 8.8.2
  • vRealize Operations 8.8.2
  • vRealize Automation 8.8.2
  • (vRealize Network Insight)

Note: Only one vCenter Server license is required for all vCenter Servers deployed in a VMware Cloud Foundation system.

VMware Cloud Foundation Components

What is VMware Cloud Foundation+ (VCF+)?

With the launch of VMware Cloud Foundation (VCF) 4.5 in early October 2022, VCF introduced new consumption and licensing models.

VCF+ is the next cloud-connected SaaS product offering, which builds on vSphere+ and vSAN+. VCF+ delivers cloud connectivity to centralize management and a new consumption-based OPEX model to consume VMware Cloud services.

VMware Cloud Foundation Consumption Models

VCF+ components are cloud entitled, metered, and billed. There are no license keys in VCF+. Once the customer is onboarded to VCF+, the components are entitled from the cloud and periodically metered and billed.

VMware Cloud Foundation+

The following components are included in VCF+:

  • vSphere+
  • vSAN+
  • NSX (term license)
  • SDDC Manager
  • Aria Universal Suite (formerly vRealize Cloud Universal aka vRCU)
  • Tanzu Standard
  • vCenter (included as part of vSphere+)

Note: In a given VCF+ instance, you can only have VCF+ licensing, you cannot mix VCF-S (term) and VCF perpetual licenses with VCF+.

What are other VCF subscription offerings?

VMware Cloud Foundation Subscription (VCF-S) is an on-premises (disconnected) term subscription offer that is available as a standalone VCF-S offer using physical core metrics and term subscription license keys.

VMware Cloud Foundation Subscription TLSS

You can also purchase VCF+ and VCF-S licenses as part of the VMware Cloud Universal program.

Note: You can mix VCF-S with perpetual license keys as long as you use the same key (either or) for a workload domain.

Which VMware Cloud Foundation editions are available?

A VCF comparison matrix can be found here.

VMware Cloud Foundation Architecture

VCF is made for greenfield deployments (brownfield not supported) and supports two different architecture models:

  • Standard Architecture
  • Consolidated Architecture

VMware Cloud Foundation Deployment Options

The standard architecture separates management workloads and lets them run on a dedicated management workload domain. Customer workloads are deployed on a separate virtual infrastructure workload domain (VI workload domain). Each workload domain is managed by a separate vCenter Server instance, which allows autonomous licensing and lifecycle management.

VMware Cloud Foundation Single Site Deployment

Note: The standard architecture is the recommended model because it separates management workloads from customer workloads.

Customers with a small environment (or a PoC) can start with a consolidated architecture. This allows you to run customer and management workloads together on the same workload domain (WLD).

Note: The management workload domain’s default cluster datastore must use vSAN. Other WLDs can use vSAN, NFS, FC, and vVols for the principal storage.

VMware Cloud Foundation Storage Options

What is a vSAN Stretched Cluster?

vSAN stretched clusters extend a vSAN cluster from a single site to two sites for a higher level of availability and inter-site load balancing.

VMware Cloud Foundation Stretched Cluster

Does VCF provide flexible workload domain sizing?

Yes, that’s possible. You can license the WLDs based on your needs and use the editions that make the most sense depending on your use cases.

VMware Cloud Foundation Flexible Licensing

How many physical nodes are required to deploy VMware Cloud Foundation?

A minimum of four physical nodes is required to start in a consolidated architecture or to build your management workload domain. Four nodes are required to ensure that the environment can tolerate a failure while another node is being updated.

VI workload domains require a minimum of three nodes.

This means, to start with a standard architecture, you need to have the requirements (and money) to start with at least seven physical nodes.

What are the minimum hardware requirements?

These minimum specs have been listed for the management WLD since VCF 4.0 (September 2020):

VMware Cloud Foundation Hardware Requirements

Can I mix vSAN ReadyNodes and Dell EMC VxRail deployments?

No. This is not possible.

What about edge/remote use cases?

When you would like to deploy VMware Cloud Foundation workload domains at a remote site, you can deploy so-called “VCF Remote Clusters”. Those remote workload domains are managed by the VCF instance at the central site and you can perform the same full-stack lifecycle management for the remote sites from the central SDDC Manager.

VMware Cloud Foundation Remote Cluster

Prerequisites to deploy remote clusters can be found here.

Note: If vSAN is used, VCF only supports a minimum of 3 nodes and a maximum of 4 nodes per VCF Remote Cluster. If NFS, vVOLs or Fiber Channel is used as principal storage, then VCF supports a minimum of 2 and a maximum of 4 nodes.

Important: Remote clusters and remote workload domains are not supported when VCF+ is enabled.

Does VCF support HCI Mesh?

Yes. VMware Cloud Foundation 4.2 and later supports sharing remote datastores with HCI Mesh for VI workload domains.

HCI Mesh is a software-based approach for disaggregation of compute and storage resources in vSAN. HCI Mesh brings together multiple independent vSAN clusters by enabling cross-cluster utilization of remote datastore capacity within vCenter Server. HCI Mesh enables you to efficiently utilize and consume data center resources, which provides simple storage management at scale.

Note: At this time, HCI Mesh is not supported with VCF ROBO.

What is SDDC Manager?

SDDC Manager is a preconfigured virtual appliance that is deployed in the management workload domain for creating workload domains, provisioning additional virtual infrastructure and lifecycle management of all the software-defined data center (SDDC) management components.

VMware Cloud Foundation SDDC Manager

You use SDDC Manager in VMware Cloud Foundation to perform the following operations:

  • Commissioning or decommissioning ESXi hosts
  • Deployment of workload domains
  • Extension of clusters in the management and workload domains with ESXi hosts
  • Adding clusters to the management domain and workload domains
  • Support for network pools for host configuration in a workload domain
  • Product licenses storage
  • Deployment of vRealize Suite components.
  • Lifecycle management of the virtual infrastructure components in all workload domains, and of vRealize Suite Lifecycle Manager components.
  • Certificate management
  • Password management and rotation
  • NSX-T Edge cluster deployment in the management domain and workload domains
  • Backup configuration

VMware Cloud Foundation SDDC Manager Dashboard

How many resources does the VCF management WLD need during the bring-up process?

We know that VCF includes vSphere (ESXi and vCenter), vSAN, SDDC Manager, NSX-T and eventually some components of the vRealize Suite. The following table should give you an idea what the resource requirements look like to get VCF up and running:

VMware Cloud Foundation Resource Requirements

If you are interested to know how many resources the Aria Suite (formerly vRealize Suite) will consume of the management workload domain, have a look at this table:

VMware Cloud Foundation Resource Requirements vRealize

How can I migrate my workloads from a non-VCF environment to a new VCF deployment?

VMware HCX provides a path to modernize from a legacy data center architecture by migrating to VMware Cloud Foundation.

VMware Cloud Foundation HCX

What is NSX Advanced Load Balancer?

NSX Advanced Load Balancer (NSX ALB) formerly known as Avi is a solution that provides advanced load balancing capabilities for VMware Cloud Foundation.

Which security add-ons are available with VMware Cloud Foundation?

VMware has different workload and network security offerings to complement VCF:

Can I get VCF as a managed service offering?

Yes, this is possible. Please have a look at Data Center as a Service based on VMware Cloud Foundation.

Can I install VCF in my home lab?

Yes, you can. With the VLC Lab Constructor, you can deploy an automated VCF instance in a nested configuration. There is also a Slack VLC community for support.

VCF Lab Constructor

Where can I find more information about VCF?

Please consult the VMware Foundation 4.5 FAQ for more information about VMware Cloud Foundation.

 

 

 

VMware Aria and The Next Era of Multi-Cloud Management

VMware Aria and The Next Era of Multi-Cloud Management

Dec 5, 2022 | AWS, Azure, Cloud Native Apps, Google Cloud, VMware Aria, VMware Cloud, vSphere

Multi-cloud is a mess. I already said it more than once. But with VMware Aria, the future looks brighter again. Imagine a world where more than 50% of companies are using three or four different clouds (private and public cloud) and applications are being automatically migrated to the cloud where their hosting makes the most sense. Imagine that you could gather all data like events, metrics, traces, logs, netflows and configs from different clouds, correlate and analyze them, which gives you a totally different view of your multi-cloud infrastructure. What about if you can detect and understand patterns, and use artificial intelligence that gives you new business insights and possibilities for troubleshooting and maintaining your multi-cloud? This is VMware Aria.

The next chapter of VMware’s multi-cloud management story brings a new perspective on managing VMware-based clouds, native public clouds and cloud-native apps. And with Aria Hub we have the next superstar at the center of everything.

VMware Aria Overview

No, it was not a rebranding, Aria is something different. Yes, VMware vRealize and CloudHealth are now unified, but there is so much more. Let us start with the foundation and technologies underpinning Aria (these are pillars, not products):

  • VMware Aria Cost
    • Aria Cost powered by CloudHealth
  • VMware Aria Operations
    • Aria Operations (vRealize Operations)
    • Aria Operations for Logs (vRealize Log Insight)
    • Aria Operations for Networks (vRealize Network Insight)
    • Aria Operations for Applications (Tanzu Observability)
    • Aria Operations for Integrations (vRealize True Visibility Suite)
  • VMware Aria Automation
    • Aria Automation (vRealize Automation)
    • Aria Automation Assembler (VMware Cloud Assembly)
    • Aria Automation Consumption (VMware Service Broker)
    • Aria Automation Pipelines (VMware Code Stream)
    • Aria Automation Templates (VMware Cloud Templates)
    • Aria Automation Orchestrator (vRealize Orchestrator)
    • Aria Automation Config (vRealize Automation SaltStack Config)
    • Aria Automation for Secure Hosts (vRealize Automation SaltStack SecOps)
    • Aria Automation for Secure Clouds (CloudHealth Secure State)

In addition, you will get the following end-to-end multi-cloud management solutions:

These existing and new solutions come together in the new multi-cloud management platform called Aria Hub (formerly known as Project Ensemble).

VMware Aria Hub is a Game-Changer

Aria Hub is VMware’s platform that unified the management of cost, operations, configuration and automation with a common control plane and data model for any cloud. It is not an integration of different solutions and dashboards, but more a federation of data from different tools and clouds.

VMware Aria Hub Dashboard

I see Aria Hub as a multi-cloud database, which gives different teams finally an understanding of a multi-cloud application’s topology and its dependencies. It provides a centralized view and controls to manage a multi-cloud environment.

This is only possible because Aria Hub’s Entity Data Service (EDS) stores collected data in the Aria Graph database, which gives entities (in EDS) a unique ID and canonical resource ID, which allows the normalization of different data models from different public clouds and Aria services. You see? Federation, not integration.

Diagram that illustrates how Operations for Networks, Operations for Secure Clouds, Automation, and Operatons contribute to the Hub inventory, infrastructure management, applications management, and secure findings.

VMware Aria Graph is a graph-based datastore that captures all the resources and relationships of a multi-cloud environment. It uses Amazon Neptune which is highly scalable and can store billions of relationships.

How to get started with Aria Hub?

You have different options to experience Aria Hub:

  • Register for the free tier of Aria Hub that enables you to inventory, map, filter and search resources from vCenter Servers, Kubernetes Cluster, and public clouds like AWS and Microsoft Azure.
  • Test-drive Aria Hub via VMware Pathfinder
  • Try out the VMware hands-on lab “VMware Aria Hub (HOL-2301-08-ISM)” (follow the link and search for “aria”

Multi-Cloud Migration Service

Companies started to become cloud smart. They want to host or migrate their apps to the cloud which makes the most sense for it. It could be a VMware-based cloud like VMware Cloud on AWS or a native public cloud like Azure or Google Cloud.

With Aria Migration, VMware announced at VMware Explore, that it can assess your applications and workloads and tell you which cloud is the best fit for it. Today, organizations can already figure out which cloud is the most appropriate one. The problem is the execution. What sounds easy on paper becomes a nightmare. Migrations mostly take longer than planned, and the operational costs are going through the roof. And then there are application dependencies and network configurations and policies.

VMware Aria Migration can accelerate and simplify cloud migrations not only with its automated assessment, which is done with solutions like Aria Cost and Aria Operations, but helps customers with the planning and execution. If you tell Aria Migration that you want to migrate 1’000 VMs from your data center in 12 waves to a public cloud, it will do the planning for you. If needed, you can edit the suggested plan, and then Aria Migration executes it.

VMware Aria Migration Planning

VMware’s story about cloud migrations sounds much better now, I love it. Instead of only allowing the migrations to a VMware-based destination cloud, they are now talking about “any cloud to any cloud”, which implies that native public clouds are also on the roadmap.

VMware Aria Licensing

It took VMware some time to work things out, but they are on the right track now when it comes to licensing. If you praise that you are “the” multi-cloud enabler and embrace native public clouds as well, you need an easy licensing model.

Aria Universal Suite (vRealize Cloud Universal)

As you may already know from vRealize Cloud Universal (vRCU) before, the new Aria Universal Suite combines SaaS and on-premises capabilities and solutions for automation, operations, network and log analytics, cost optimization and compliance into one license.

Aria Suite (vRealize Suite) and VMware vCloud Suite

The Aria Suite, before known as vRealize Suite, includes Aria Automation (vRealize Automation), Aria Operations (vRealize Operations) and Aria Operations for Logs (vRealize Log Insight) – for on-prem only.

The VMware vCloud Suite is just a combination of VMware vSphere and the Aria Suite.

How do I get Aria Hub and the other new products?

We do not know yet. But I have spoken to different people at VMware Explore in Barcelona and one thing makes sense:

Since Aria Hub can be a SaaS solution only, customers need Aria Universal, and Aria Hub will be included in all editions. The higher the edition, the more Aria (Hub) capabilities you get.

You can sign up for the Aria Hub free tier for now. This means that there will be an open Beta program coming in the next few months. Aria Migration is also just available as tech preview for now.

VMware Aria Hub Free Tier

Maybe we will know more in January or February 2023.

Final Words

Sign up for the Aria Hub free tier and have a look at the Beta when it comes out, because Aria Hub is something that almost every company was asking for!

With an aggressive timeline and roadmap execution, Aria could become HUGE next year. I am a fan. I love it.