Hydra 1303


All News Items

Components of VMware Cloud Foundation

from the Hydra High Council Dec 17th 2019

Understanding the Components of VMware Cloud Foundation

VMware Cloud Foundation (VCF) is a game-changing set of technologies that provides customers a very fast and efficient way to stand up an SDDC (Software-Defined Data Center). VCF is made up of multiple software components from VMware; which include, vSphere, vSAN, NSX, SDDC Manager. Enterprise and Platinum editions also include cloud management (vRealize Suite and vRealize Network Insight). HCX is also included with NSX DC ENT+, which is part of VCF ENT and Platinum. Note that vCenter Server is sold and licensed separately!

VFC is ran on top of vSAN ReadyNodes, which simply put are a set of devices that have been tested and verified to produce stable and high-performance environments. Here's a link to the vSAN ReadyNode compatibility guide.

What makes VCF so special and why should my business consider it?

Building out an internal "cloud" environment where we are able to provide self-service infrastructure as a Service is becoming a necessity in today's business landscape. Developers need the ability to quickly access resources (compute, network and storage) in order to meet the needs of the business. If we do not provide this for our business, what we typically see will be "shadow IT". This is where internal users go outside of the control of the internal systems and go to a public cloud provider to gain instant access to resources to design, test and deploy their applications on. This, in general, is not a good thing. They are potentially bypassing security policies that are set to protect the business, their customers and their data. This opens the door for liability, but even so, some see the benefit of speed to market as outweighing the risk, and there lies the issue.

Traditionally speaking, the process of provisioning resources has consumed a lot of human resources and a lot of time! With business running very lean internal IT shops, that time becomes even more valuable to the business because now administrators and engineers are forced to spend all of their effort on keeping the lights on versus growing internal innovation. When we look at the traditional process for a developer to gain access to the resources they need; again computer, network, and storage, we typically see a process like this:

  • Developer puts in a request for compute resources to the virtual/server team.
  • The server team then needs to request storage from another team
  • The server team also needs to request that network services be provisioned, this could be something as simple as providing an IP block.
  • The network team will then typically involve the security team
  • The security team will come back and ask a few questions, such as
    • Why is this needed?
    • How does this work?
    • What ports does the application use?
    • What dependencies does the application have….
  • The developer may or may not understand all of those aspects and when that is the case, the security team will almost always "sandbox" the application for a set period of time to learn the ins and outs of how it works so they can best tailor the security rules to keep the business secure.

This whole process takes a lot of time. We have seen it take multiple weeks just to get IP blocks assigned and configured. That alone is no longer acceptable from a business perspective. We need to be able to move much fast than that!!!

What is the solution?

By utilizing VCF, customers can stand up a fully functional SDDC environment in hours. This includes compute, network and storage as well as automation components. Once the VCF management domain is stood up (this process is mostly automated as well), we can then stand up other workload domains in a matter of hours, again this is an automated process. With the correct licensing, we can also provide our internal users with the ability to access vRealize Automation (vRA). This allows end-users to log in to a portal to request resources. This whole process reduces the total time exponentially when compared to traditional methods and also provides lifecycle management, which will keep companies from having random servers out in their environments many years after they are no longer needed (we see this very frequently). The customer can also tie vRA into internal systems like ServiceNow (covered in this previous blog) , which streamlines the customer's experience.

As those workload domains are up and running, there will come a time where we need to patch/update the components of the solution. Think vSphere, NSX, vSAN, vRLI, etc.. This is another area where VCF absolutely rocks. VCF can automate the process of updating all the components and can do so with a very high degree of certainty that it will upgrade successfully. This is because VMware test all of the components and their dependencies extensively before pushing this out to customers. Also, did I mention all of those components are updated from one central point of management? That central point is SDDC Manager! This alone is something that could save tons of hours and reduce many headaches!

Of course, there are many other areas and topics of conversation with VCF and we plan on hitting each one in our upcoming blogs. Keep an eye out and as always please let us know if you have any questions or if we can help you and your organization out!