VMware 2v0-731 VCP Cloud Management – VMware on AWS Cloud Basics

  1. VMware on AWS prerequisites

Prerequisites for VMware on AWS In this module, we’re going to talk about the setup requirements for setting up your VMware on AWS environment. Let’s proceed and discuss the requirements. The first thing that you’re going to be required to have is an account with VMware. This is called a SDDC account, also known as the SDDC Cloud. This is usually a subscription-based service, and with your support contract, you’ll be able to determine with your sales team what requirements you’ll need to procure. To meet the requirements, you also need an account with AWS if you want to extend your AWS environment to your hybrid cloud.

The account with AWS allows you to extend your virtual private cloud to link up with the VMware STDC. To use this service, you essentially need to have a minimum of VMware vSphere 6 (or later) running in your on-premises environment. If you want to extend the environment with what’s called Hybrid Link Mode for basically single-pane of glass management, you would need to be on Vsphere 6 or later for VPC connectivity. You would also need to set up your VMC gateway for your on-premises connection. Firewall rules would have to be configured as well so that you can enable that point-to-point connection between your VMware cloud and your on-premises capabilities. Supported identity sources are as follows: Active Directory over LDAP or Open LDAP are supported on-premises, and DNS server entries can also be used to resolve the on-premises identity source and the Platform Services Controller.

After you enable the service, you will also need a VMware single sign-on account. You would want to create and enable your Cloud Administrator group from your on-premises identity service. The Cloud Administrator group would allow you to provision resources not only in your VMware cloud but also in your hybrid cloud as well. This would allow that propagation from your hybrid cloud to the AWS cloud, and also remember that this is a managed service, so some of the capabilities are going to be directly managed by VMware. For having a single pane of glass, you generally want to enable what is called “Hybrid Link Mode.” This enables the management of resources on premises and in the cloud through a single pane of glass. Without the hybrid linked mode. You need to create two separate VCenter instances.

  1. Accounts and organizations

In this module, Let’s discuss accounts and organizations. When it comes to the VMware cloud on AWS, there are specifically two types of accounts. We have a VMware account for the VMC, and we have an AWS account for extending to AWS. The VMware account for the VMC is typically going to be initiated by you through your My VMware account, and you would contact sales to create essentially what is called an “organization.” We’ll talk more about what an organisation is shortly, and if you’d like to extend your VMware cloud outside of the realm of the VMC, which is a managed service that VMware maintains, you can do that as well. And you would need to have an AWS account. If you’re already using AWS services such as Lambda, for example, you can simply tie in your AWS account to the VMC and extend those services to AWS. If you don’t have an account already and you’d like to spin up AWS services to extend, you can do that as well. Again, getting started is fairly simple to get that started.

AWS accounts for VMware cloud are based on an organization. An organisation is really more or less a group, line of business, or other company entity that’s subscribing to the VMware cloud on AWS. As a note, these organisations in the VMware Cloud on AWS have absolutely no relationship to what is called an AWS organization. The name is similar. However, the specific use, case, and structure that VMware has are really a little bit different, and there’s really no relationship at all. Just don’t get confused between an AWS organisation and a VMware cloud organization. When it comes to organisation creation, you need your My VMware account. Basically, that My VMware account allows you to go into your account and then sign up for the VMware cloud on the AWS service. Basically. To do that, you need to contact your sales organisation and, essentially, complete a form essentially.

And there is a process to go through. We’ll talk more about that in other modules. Organization Owner: This is essentially the main point of contact for the My VMC account, and this owner will be able to invite new users. Those new users will be able to login to the VMC and provision resources, spin up clusters, spin down clusters, add VPNs, and do whatever else is authorized by the VMware cloud structure. as a managed service. There are going to be, of course, some capabilities that are managed by VMware, such as the underlying hardware architecture and other areas like the SDDC software stack, deployment, configuration, patching, and all that’s. If there is a failure, VMware will take care of it as well. If there is a failed disk, host issues, and so on. When it comes to managing your STDC cloud, however, you could certainly add and remove hosts. You can also configure the management network; you could also configure the compute network as well, especially around your workloads’ logical networks, firewall rules, and so on and so forth. Both of these new users can essentially manage the SDDC cloud. However, one significant difference to note is that the organization’s owner is the only one that can invite additional users to use the VMC cloud on AWS. In other words, the organisational owner is essentially the one who controls who can log in and administer the VMC cloud.

When it comes to organisational roles, VMware essentially introduced the cloud admin and the cloud global admin roles. Essentially, this was done because VMware wanted to add these new roles. Because of the prescriptive deployment architecture, VMware essentially does not want customers to do anything that’s going to cause issues with components or appliances. Basically, the customer has full control over their workloads, but they really only have a read-only view of the infrastructure itself or the management workloads. As well. The customer cloud administrators can’t adversely reconfigure the management components or appliances that are done by VMware. The model allows the customer cloud administrators to have full control over their workloads, but once again, they only have a read-only view of the management workloads and the infrastructure. Discrete administration refers to separate management platforms and processes for an on-premises and a cloud STDC workload. This can certainly be used in the right situation. However, when it comes to the VMware cloud on AWS, it uses what’s called a “unified management platform.” Let’s go ahead and talk about why that’s important.

The unified administration is carried out through the use of a unified management platform that manages both your on-premises and cloud SCDC environments. This is really accomplished through a newer feature that was introduced in 2006 called hybrid link mode. This enables this cohesive management platform. This basically allows you as a VMC user to not only have a single pane of glass to manage your on-premises environment, but you could also use it to manage your VMC Vsphere configuration as well. Those hosts that you’re using on the VMC—this again simplifies management. It creates that single pane of glass, that point of view, that you may appreciate, especially when it comes to understanding how everything works together. The VMware cloud on AWS and on premises SSO domains are managed in a specific strategy that allows you, as the VMware administrator, to effectively manage your Visa SSO domains alongside your client SDDC. This again makes the management of the two domains separate but equal and managed together in a way where there’s separation, which can enable some really good capabilities.

  1. Billing and costs

Billing and pricing for VMware’s AWS cloud service Let’s move on to the billing and costing methods that VMware employs for its VMware Cloud on AWS service. When you first initiate this service, you will have selected how you want to provision your VMware Cloud on AWS service. The choices would be either on-demand or a subscription-based approach.

You could use what’s called “On Demand,” which is an hourly service, or you could choose a one-year or three-year subscription service. Now, as you would expect, the subscription service would be cheaper based on the number of hours or the number of VMs that you’re using the service. A lot of this just depends on the use case that you require. If you’re looking for a dedicated VM managed service for a lengthy period of time, then a VMware on AWS subscription would make sense. Also note that any resources consumed outside of the SDVC Cloud account will be paid for separately. Reserved instances have up to a 50% discount on resource costs. When you commit to a subscription, on-demand provides flexibility, but it comes at a higher cost for no commitment. Remember, if you want to use the full suite of AWS services, you will need to have an AWS account.

The services that are in the SCDC account that you get from VMware are going to be billed to you directly from VMware. However, if any of those services are not in the VMware SCDC account and you want to extend them to the AWS Cloud, then you would need to have an AWS account and pay AWS directly for the services. Some of these services could be Lambda; they could be S 3. They could be EC 2 as well. It is possible to oversubscribe your virtual machines based on a costing model. That would be assuming that your CPUs are not fully utilized. This, of course, is a differentiator as compared to what you could do in AWS directly. Pricing is per host. For resources, VMware sets the price per host. This is not actually set by AWS; this will be set by VMware. The costs include the software, support, and services, all of which are fully included and inclusive. This also includes all the required software, such as ESXi, VCenter, and NSX vSAN. Using this service will help you eliminate costs such as the infrastructure costs of extending your data center.

  1. Main use cases

Let’s discuss some use cases for the VMware cloud on AWS. When it comes to deciding particular use cases for your enterprise cloud, especially if you’re going to extend it to AWS, you may want to take some specific use cases into perspective. One of the use cases could be that you have specific capacity requirements for your virtual machines. For example, let’s say you need to deploy regional capabilities around services, and one of the best ways to do that is to scale up your VMware cloud, assuming that the region works for your specific situation.

Another reason could be to adjust to global capacity requirements. Currently, the VMware cloud on AWS is supported in three regions. However, it is documented that AWS will be scaling to a more global capacity in the late 2018 or 2019 time frame, so that will allow your organisation to scale up and move your capacity around to meet your specific enterprise requirements. It could be for compliance, performance, or whatever the use case is. Disaster recovery as a service is another good use case. For example, you could go ahead and deploy disaster recovery as a service to allow your organisation to not have to go out and maintain a secondary site. This could be fully deployed in the VMware Cloud on AWS service.

When it comes to data center consolidation, one of the use cases for having to look at deploying resources in the VMware cloud could be the fact that Capex funds are not available. It could also be that your equipment is reaching the end of its useful life and you want to consolidate your data centers. Deploying your services on the VMware cloud could enable your organisation to get the full agility, enterprise support, and scale of the VMware cloud, fully integrate it into your VMware environment, and also extend it out to the AWS environment. Another use case could be backup instances. When it comes to backup instances, you may want to have additional copies of services in case there are compliance requirements. In case you have recovery requirements to meet, test and development instances could be another good use case as well. Being able to deploy additional virtual machines for a specific amount of time or for on-demand capacity could also benefit your organisation as well.

Application migrations are another use case in which you have an application that you need to migrate from your hybrid cloud to the cloud. This is a really good use case for you to extend your VMware cloud to AWS and benefit from the VMware cloud on the AWS service.

  1. Benefits and limitations

Let’s proceed to discuss some of the benefits and also some of the limitations or considerations that you should have when considering VMware on the AWS cloud. Some of the advantages are as follows: You have full utilisation of AWS services that are hosted in the VMware cloud environment in the SCDC, and you have full use of existing VMware skill sets in your organization. You have one bill for cloud services consumed in your SCDC account. VMware has responsibility for the stack.

In other words, if there is an issue with NSX or vSAN, VMware has the responsibility to maintain and alleviate any concerns around the stack. You could also scale on demand. Remember, it’s a managed service. It’s hosted, and you have the capability to scale up and scale down and provision VMs in a manner that makes sense for your organization. Some of the limitations and considerations you may want to look at are that this is a new service from VMware and AWS, and therefore it’s not fully deployed in all the AWS regions. Currently, at the time of writing, the following regions are supported by us: West Oregon is us. east, northern Virginia, and Europe, London.

There’s a limited selection of pricing models. In other words, when you’re looking at scoping out the pricing and costing for this service, you’ll have to realise that there isn’t too much flexibility in the scaling, pricing, and configurations you may want. For example, when you’re deploying your VMs, there are only two models to choose from. The administrators have limited control over their SDDC account. Once again, the scaling, the performance, and the maintenance are all handled by VMware. There are also fewer features available. For example, in NSX, you have NSX simple mode. You don’t have the capability to expand upon that. Also, the types of instances and configurations are limited. You.

  1. Top-level overview

It’s important that we take the service at a high level and then start drilling down to the more technical capabilities, capacities, and configurations of the VMware Cloud on AWS. When it comes to the VMware Cloud on AWS, be aware that it’s a dedicated platform. This platform is not shared by other AWS customers. Customers. VMware has essentially worked with AWS to provide a unique environment where VMware will manage the service for you as a customer. And this is not going to be shared among other AWS services or customers.

The VMware cloud on AWS is a cloud service. It’s fully configured, provisioned, operated, and maintained directly by VMware. Essentially, your support, your maintenance, and your subscription are all handled via VMware, not AWS. VMware handles all the patching and updates. Essentially, they handle the maintenance. As a customer, you do manage your virtual machines. However, you’re not managing the platform, you’re not managing the host clusters, you’re not managing NSX, vSAN, et cetera. VSphere ESXi, on the other hand, runs primarily on dedicated hardware and supports virtual machines and containers. Just be aware once again that these bare metal hardware environments are dedicated to the VMware Cloud on AWS.

This information is not made available to the AWS public environment. The following products are included with the VMware Cloud on AWS: Essentially, Vcenter Server is used for management. vSAN is used for storage. It’s all flash. NSX is used for your on-premises and cloud networking and security. It enables you to extend your on-premises environment to the VMware Cloud on AWS. The Vrealized products are not included; however, they are supported and integrated. If you do wish to investigate Vrealize at the time of writing, it supports seven, two, and 73 versions. It also allows you, as a customer, to integrate blueprints and to deploy specific resources, such as VMs, in an automated and orchestrated manner. VMware on AWS is essentially creating a cluster of Six hosts. The minimum number of hosts is four, and the maximum is 16 in a cluster. Just be aware that if you do want to scale, you have to scale in even numbers. You can’t scale in odd numbers. For example, in 4812, you can’t go four, seven, and nine.

For example, a cluster is a group of logically related hosts that are generally used to provide high availability, replication, DRS, and other features. Just be aware that DRS is supported and integrated. However, there is an additional cost for using DRS at the time of this writing. Extending storage is easy. Once again, all you have to do is scale your cluster. Add hosts and be aware that you cannot change the storage on the hosts. You’re going to adjust the storage by what? By scaling the number of hosts, you could migrate via cold migrations at the time of writing. However, it is also known at the time of writing that V motion will be supported and that cross-cloud V motion will be available in a feature release to be determined. How does this all work? A Vcenter server instance is deployed as part of every VMware cloud in an AWS software-defined data center. for management purposes.

A VMware cloud web console is provided, which allows for common tasks such as adding and removing hosts, configuring firewalls, and other basic networking settings such as setting up DNS, net, IP addresses, configs, et cetera. The VMware cloud on AWS uses a least-privileged security model. Basically, when you deploy a cloud admin role, for example, this role is going to be deployed with a minimum privileged security model. This is a best practice, and this is what is recommended by AWS as well. You can’t change the cluster settings. These are managed by VMware. This is for your high availability as well as your DRS, configurations, and support. VMware handles all host failures. For example, if there is a disc drive failure or a network interface failure, VMware will handle all the maintenance. Let’s proceed.