VMC on AWS
Updated: Oct 30, 2018
VMware on AWS is essentially VMware’s SDDC (vSphere, vSAN & NSX) as a tenant running on AWS bare metal. This provides the agility of the cloud with access to AWS’ fantastic VPC services such as S3, Lambda, RDS, IoT, Glacier etc.
VMC is initially a 1 host or 3/4 host cluster that is dedicated to your workloads, there is no noisy neighbor issues, control and consumption of the cluster is dedicated to you. HA & DRS is enabled. Host failure remediation is handled by VMware
The interesting thing is that as a cloud service you are paying for the full resource (cluster). The charge for the service is the same no matter what the number of workloads that can fit in the cluster. To me this brings predictability. I know how much the service is and am not getting varying costs per month. It's important to note that we still have the agility of the cloud. If we need to increase the compute power we can slot another host into the cluster in minutes. Alternatively we can let Elastic DRS handle it. This will automatically "scale out" or "scale in" the environment. By setting a policy on the cluster E-DRS will automatically add or remove hosts based on defined thresholds. It will allow you to specify minimum and maximum hosts for the cluster
The service can be consumed in an island mode or what I find great is that it can be managed in vCenter hybrid linked mode. In vCenter on premise you will see your on-premise cluster, we integrate the vCenter running in the VMC on AWS tenant. The cluster(s) (on premise and in the service) are all managed in the one place. This means the service introduces the best of both worlds and introduces a true hybrid offering.
The difficulty with public cloud thus far has been that applications developed to run on premise could not easily move to the public cloud. Both the underlying VM configuration is designed to run on a specific hypervisor and that the application was built to run and expect certain characteristics that might not be the same in a public cloud.
With VMC on AWS hybrid cloud makes this possible, without the need to re-architect applications. VMC can be thought of as “just another DC/target”. We are moving workloads from vSphere on premise to vSphere in AWS. If it works on premise it will work in AWS.
Another interesting point is that in AWS the environment is serviced. By this I mean VMware will handle updates and compatibility. VMC on AWS is built on VMware Cloud Foundation making it consistent and based on a VVD (VMware Validated Design). In simple terms, you consume the service and let VMware manage to updates/upgrades etc – just like you would any other cloud service.
To break down the service the specifications will be as follows:
Running vSphere 6.5
1, 3 or 4 Hosts - 4 Host Cluster Core Count 144
512GB Each Host
Dual CPU Sockets - Custom built Xeon E5-2686
18 cores per socket running @ 2.3GHz
Scale out model to 16 Hosts
Running vSAN 6.5 All Flash
1, 3 or 4 Hosts - 40 TB of RAW capacity in cluster
8 NVMe devices per host
Running NSX and used to for all networking and security - decoupled from Amazon VPN networking
2 Gateways created:
Management Edge Gateway (MGW) NSX Edge - this connects to the vCenter server, FW rules can be created, IPSec VPN and DNS for the management gateway.
Customer Gateway (CGW) NSX Edge & DLR - For Ingress/Egress of VM network traffic. FQ rules, inbound NAT, VPN, DNS and public IP are created here.
Connection to both gateways with IPSec VPN's.
1 Node Option
A nice way to test the service is by signing up to an on demand 1 node host. This will allow you to test performance, capabilities and get a feel for the management of the service.
HCX (Hybrid Cloud Extension) and HLM (Hybrid Linked Mode) are available in the 1 node service. This will allow both vCenter's on premise and from VMC on AWS to be connected to form a single pane of glass. HCX will create a VPN connection from on premise to VMC on AWS allowing you to test migrations and share a content library to deploy ISO's etc. Within 30 days if you decide to proceed with the service VMware can automatically expand to a 3 or 4 host production cluster.
SRM (Site Recovery Manager) as a service (SRMaaS) can also be added to the 1 node service. SRMaaS is charged per protected VM and therefore this is a nice cost effective option to test SRM's failover orchestrated features and benefits by leveraging the cloud service.
With VMC on AWS being a cloud service the speed at which additional features are being added in extraordinary. This is very apparent when looking at the public VMC on AWS roadmap. vSAN Stretched Clustering across AWS AZ's is now available providing even further reliability (Zero RPO) for business critical applications and services running in the tenant.
Horizon 7 is fully supported on VMC on AWS, this opens up very interesting possibilities. If there is Horizon on premise, cloud pod architecture can be configured between both the private and public sites to create universal entitlements, this and the benefit of having public global reach means Horizon can be deployed in regions closest to it's consumption.
There is a new high storage capacity option with vSAN. Customer can deploy additional clusters that are based on EC2 R5.metal instances that use AWS' Elastic Block Storage (EBS). This allows for you to choose the storage capacity used per host ranging from 15 to 35 TB in increments of 5 TB.
Micro-segmentation with NSX has been added which allows you to compartmentalize applications creating east-west firewall policy control.
Built-in vSAN encryption is now available with AWS' Key Management Service. This creates data at rest encryption across the vSAN datastore within the VMC on AWS tenant.
Custom CPU core counts is in preview. This provides the ability to select the number of cores per host when the environment is being provisioned. For applications that are licensed per physical core this will help control the costs.
At present this service is available in US East and West, Europe London and Frankfurt, APJ Sydney. Planned locations are Dublin, Paris and Sweden.