VMware CloudTM on AWS brings VMware’s enterprise class Software-Defined Data Center software to Amazon’s public cloud, delivered as an on-demand, elastically scalable, cloud-based VMware sold, operated and supported service for any application and optimized for next-generation, elastic, bare metal AWS infrastructure. This solution enables customers to use a common set of software and tools to manage both their AWS-based and on-premises vSphere resources consistently. Further virtual machines in this environment have seamless access to the broad range of AWS services as well. This session will introduce this exciting new service and examine some of the use cases and benefits of the service. The session will also include a VMware Tech Preview that demonstrates standing up a complete SDDC cluster on AWS and various operations using standard tools like vCenter.
2. What to expect from the session
• Overview of the VMware and AWS partnership
• Introduction to VMware Cloud on AWS
• Solution summary—components and processes
• Technical drilldown—how this thing works
• Illustrated use cases for an integrated VMware/AWS
ecosystem
• Product demonstration
3. Partnering to deliver a game-changing solution
Leading private compute, storage, and
network virtualization capabilities
Support for broad range of workloads
De facto standard for the on-premises
enterprise
Global scale and reach
Flexible consumption economics
Broadest set of cloud services
Elastic infrastructure on demand
Uniting the leaders in private and public cloud services
+
4. VMware Cloud on AWS enables faster hybrid cloud adoption by removing these barriers
Common challenges with hybrid cloud adoption
Incongruent
networks
Operational
inconsistencies
Multiple
monitoring &
control
mechanisms
Multiple virtual
machine formats
Differing security
baselines
5. Introducing VMware Cloud on AWS
Customer data
center
Management
(vCenter Server) VMware Cloud on AWS
AWS global infrastructureAWS global infrastructure
vRealize Suite, PowerCLI
Access to all AWS services
Amazon
EC2
Amazon
S3
Amazon
RDS
AWS Direct
Connect
AWS Identity & Access
Management (IAM)
Amazon
Redshift
…
…
…
…
AWS CloudFormation, CLI, SDK
vCenter Server
6. VMware Cloud on AWS is a VMware service
VMware Cloud on AWS
AWS global infrastructure
Service is sold, delivered, operated, and supported directly by VMware
7. What is vSphere?
VMware Cloud on AWS
AWS global infrastructure
• Industry leading private
compute virtualization platform
• ESXi 6.5 on bare-metal hosts
• Fully featured
vMotion
DRS
HA
vSphere
• ESXi on dedicated hardware
• Support for containers and VMs
8. What is VSAN?
VMware Cloud on AWS
AWS global infrastructure
• Industry leading private storage
virtualization platform
• Flash SSD on bare-metal hosts
• Fully featured
Deduplication
Compression
Erasure coding
• VSAN on flash storage and EBS
• Replication and DR orchestration
VSAN
9. What is NSX?
VMware Cloud on AWS
AWS global infrastructure
• Industry leading private SDDC
network virtualization platform
• 10 Gbps+ NICs on bare-metal
• Fully Featured
Switching
Routing
Firewalling
Load balancing
VPN
• NSX spanning on-prem and cloud
• Advanced network/security
services
NSX
10. Customer decides on and places workloads between on-premises DC and AWS
Common scenarios and use cases
Scenario 1:
Maintain and expand
ExpandMaintain
Geo expansion
Disaster recovery and
backup
Scenario 3:
Workload flexibility
Prod, dev, test, lab, and training
Burst capacity
Flex as needed
Scenario 2:
Consolidate and migrate
MigrateConsolidate
Data center consolidation
Application migration
12. 2VMware Cloud
on AWS
• Fully configured VMware
software stack running on
AWS hardware
• Direct access to your
dedicated vCenter
Server, PSC, and NSX
Manager
ESXi
NSX VSAN
HW
AWS Cloud
integration3
• Leverage state of the art
compute, storage, and
networking
• Single all inclusive bill
(SW+HW) from VMware
Delivered as a service from VMware4
Service
console1
• Provision, scale, and
manage capacity
globally
• Sign up, deploy, and
access your data center
in minutes
vmc.vmware.com
13. 2VMware Cloud
on AWS
• Fully configured VMware
software stack running on
AWS hardware
• Direct access to your
dedicated vCenter
Server, PSC, and NSX
Manager
ESXi
NSX VSAN
HW
AWS cloud
integration3
• Leverage state of the art
compute, storage, and
networking
• Single all inclusive bill
(SW+HW) from VMware
Delivered as a service’ from VMware4
Service
console1
• Provision, scale, and
manage capacity
globally
• Sign up, deploy, and
access your data center
in minutes
vmc.vmware.com
14. 1. Service console and API endpoint
Administrative interfaces for provisioning and billing
• https://vmc.vmware.com
• My VMware Authentication
• Responsive HTML5 interface
including support for mobile
• REST API for
– Provisioning
– Scaling
– Billing
Overview
15. 2VMware Cloud
on AWS
• Fully configured VMware
software stack running on
AWS hardware
• Direct access to your
dedicated vCenter
Server, PSC, and NSX
Manager
ESXi
NSX VSAN
HW
AWS Cloud
integration3
• Leverage state of the art
compute, storage, and
networking
• Single all inclusive bill
(SW+HW) from VMware
Delivered as a service from VMware4
Service
console1
• Provision, scale, and
manage capacity
globally
• Sign up, deploy, and
access your data center
in minutes
vmc.vmware.com
16. 2. VMware Cloud on AWS
VMware
operated,
supported, and
maintained
Gateway Gateway …
Fully configured VMware software stack
running on state of the art infrastructure
provisioned on-demand in minutes
Latest software
• VCSA, ESXi, NSX, VSAN, H5 client
Dynamic capacity
• DRS/HA compute cluster (intel x86)
• VSAN storage cluster (SSD)
• NSX network virtualization (10 Gbps++)
Flexible topology
• Standalone cloud cluster
• Hybrid connectivity to on-premises
• Cloud to cloud connectivity
Overview
vCenter
Server
NSX
Manager
…
…
…
ESXi
ESXi
ESXi
…ESXi
…ESXi
…ESXi
VMware Cloud
Single tenant (dedicated) bare metal
Amazon EC2 hardware
17. 2VMware Cloud
on AWS
• Fully configured VMware
software stack running on
AWS hardware
• Direct access to your
dedicated vCenter
Server, PSC, and NSX
Manager
ESXi
NSX VSAN
HW
AWS Cloud
integration3
• Leverage state of the art
compute, storage, and
networking
• Single all inclusive bill
(SW+HW) from VMware
Delivered as a service from VMware4
Service
console1
• Provision, scale, and
manage capacity
globally
• Sign up, deploy, and
access your data center
in minutes
vmc.vmware.com
18. 3. AWS Cloud integration
AWS global infrastructure
VMware Cloud on AWS Access to all native AWS Services
Amazon
EC2
Amazon
S3
Amazon
RDS
AWS Direct
Connect
IAMAWS IoT
…
…
…
…
19. 2VMware Cloud
on AWS
• Fully configured VMware
software stack running on
AWS hardware
• Direct access to your
dedicated vCenter
Server, PSC, and NSX
Manager
ESXi
NSX VSAN
HW
AWS Cloud
integration3
• Leverage state of the art
compute, storage, and
networking
• Single all inclusive bill
(SW+HW) from VMware
Delivered as a service from VMware4
Service
console1
• Provision, scale, and
manage capacity
globally
• Sign up, deploy, and
access your data center
in minutes
vmc.vmware.com
20. 4. Delivered as a service from VMware
The fully configured VMware Cloud software
stack running will be provisioned, operated, and
maintained directly by VMware.
Provisioning
• Automated account creation and environment
provisioning by using the API
• Automated interconnection created between
VMware and AWS customer accounts
Operations
• Support provided by VMware directly
• Ongoing infrastructure monitoring
Maintenance
• Ongoing stack maintenance managed
directly by VMware
Overview
22. Account structure
• VMware Cloud VPC account
• A new AWS solution account is created for each customer
• Is owned, operated, and paid directly by the VMware
• Each solution account is single tenant for all ESXi hosts
• Solution account is linked to a VMware Master-Payor account
• AWS customer VPC account
• Is owned, operated, and paid directly by the customer
• Has full access to VMware Cloud endpoints within the VPC
• VMware Cloud endpoints are automatically deployed into the
customer VPC with customer consent
• Has full access to the entire catalog of native AWS services within
the AWS Region of deployment
23. Existing customer environment
Customer Data Center
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
No NSX in your current VMware environment?
Deploy a standalone NSX Edge appliance into
your existing vSphere environment to extend
the VMware Cloud on AWS environment to your
premises.
No problem…
24. Provision VMware Cloud VPC
Customer Data Center
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
VMware Cloud VPC
ESXi
Amazon EC2
The full VMware Cloud on AWS
stack will be auto-provisioned
and configured at launch into a
single tenant AWS account
(owned and operated by
VMware).
25. Build customer VPC
Customer Data Center
Customer VPC
VPC subnet VPC subnet
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
VMware Cloud VPC
ESXi
Amazon EC2
A customer-owned AWS
account is created and/or
assigned to interoperate with
the VMware Cloud VPC.
26. Connect data center to customer VPC
Customer Data Center
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Customer VPC
VPC subnet VPC subnet
AWS Direct
Connect
Private
VIF
VMware Cloud VPC
ESXi
Amazon EC2
Private connectivity is
established from the
customer data center to
the customer VPC
27. Link VMware Cloud VPC and customer VPC
Customer VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Private
VIF
VMware Cloud VPC
ESXi
Amazon EC2
Link the VMware Cloud
VPC and the Customer
VPC using private VPC
endpoints
28. Deploy and consume native AWS services
Customer VPC VMware Cloud VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
Private Managed
AWS ServicesCustomer Instances
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
ESXi
Amazon EC2
Internet
Private
VIF
Public
VIF
Regional AWS Services
AWS
Lambda
Amazon
S3
Amazon
CloudFront
Etc…
29. Operating in the hybrid ecosystem: examples
• Use X-vMotion to migrate a virtual machine from a customer data
center to VMware Cloud on AWS
• Copy an object from a virtual machine in VMware Cloud to an
Amazon S3 bucket
• Connect a virtual machine in VMware Cloud to an Amazon
Redshift cluster
• Connect web server hosted on a virtual machine in VMware Cloud
using public Internet access
30. Operating in the hybrid ecosystem: X-vMotion
Customer VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
Private Managed
AWS ServicesCustomer Instances
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Internet
Private
VIF
Public
VIF
VMware Cloud VPC
ESXi
Amazon EC2
vMotion from site to VMware Cloud
Regional AWS Services
AWS
Lambda
Amazon
S3
Amazon
CloudFront
Etc…
31. Operating in the hybrid ecosystem: Amazon S3
Customer VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
Private Managed
AWS ServicesCustomer Instances
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Internet
Private
VIF
Public
VIF
VMware Cloud VPC
ESXi
Amazon EC2
Copy an
object from
virtual
machine to
S3Regional AWS Services
AWS
Lambda
Amazon
S3
Amazon
CloudFront
Etc…
32. Operating in the hybrid ecosystem: Amazon Redshift
Customer VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
Private Managed
AWS ServicesCustomer Instances
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Internet
Private
VIF
Public
VIF
VMware Cloud VPC
ESXi
Amazon EC2
Connect
virtual
machine to
Amazon
RedshiftRegional AWS Services
AWS
Lambda
Amazon
S3
CloudFront Etc…
33. Operating in the hybrid ecosystem: VM internet access
Customer VPC
Customer Data Center
AWS Direct
Connect
VMware Cloud
Endpoints
VPC subnet VPC subnet
VPC subnet
Private Managed
AWS ServicesCustomer Instances
vSphere Environment
VMware
Endpoints
Non-vSphere Environment
ESXi
Internet
Private
VIF
Public
VIF
VMware Cloud VPC
ESXi
Amazon EC2
Connect to
a virtual
machine
from the
Internet
Assign
Elastic
IP
Configure
NAT
Regional AWS Services
AWS
Lambda
Amazon
S3
Amazon
CloudFront
Etc…
34. Security and governance
• VMware Cloud transit endpoints rest within the customer-owned VPC
• Customers maintain access security control of the transit path using
standard AWS security practices (security groups, NACL, flow logs, and so
on)
• vMotion traffic is encrypted (new in 6.5)
• VM-level encryption (new in 6.5)
• Audit-quality logging (new in 6.5)
• Fully managed offering delivered by VMware
• VMware manages the infrastructure patching and upgrades of the VMware
Cloud environment