EMC IT最佳實踐軟體定義雲端策略經驗談 · • EMC Avamar 7.2.0 • VMware vRealize Log Insight 3.0.1 • vRealize Operations Manager 6.0.2 ... Storage VXRACK vBLOCK

1 © Copyright 2016 EMC Corporation. All rights reserved. © Copyright 2016 EMC Corporation. All rights reserved.

EMC IT最佳實踐:軟體定義雲端策略經驗談 EMC TAIWAN 資深技術顧問李文哲

2 © Copyright 2016 EMC Corporation. All rights reserved.

議程

1

2

3

4

5

Software Defined Data Center

Enterprise Hybrid Cloud

Summary

Q&A 6

EMC IT Overview

Infrastructure Evolution


Our global footprint

雲架構

STORAGE

40+ PBs storage

70% Block

20% File

10% Object

9+ PBs protection

COMPUTE

1,400 ESX servers

17,500 VMs

14.2:1

7,000 VDIs

43.2:1

NETWORKING

14,000 ports

4,000 VIPs

1,000,000+ DNS entries

7 Data Centers

3 vCloud Air

Sites

98% Virtualized


EMC 全球資料中心

Santa Clara, CA

Cork, Ireland

Durham, NC

Hopkinton, MA

Bangalore, India

Regional Data Center

Enterprise Data Center

Bunker

vCA Site


基礎架構演進 2008

Consolidated

2010

• Tiered and shared virtualized

servers

and SANS

• X86 standard

• Project-driven

• Siloed organization

Ruthless Virtualization

Shared

2012

• Multi-tenant virtual hosting

platform

• MC application

transformation

• Capex & Opex savings

• Converged organization

Optimized

2014+

• Service catalogue

- Self and Auto IT

• Service and utility- focused organization

• Cost transparency

Purpose-built Automation Converged Infrastructure

Cloud

• Software-defined storage

• Virtual networking and

security

• Full chargeback

• Integrated network team

• Formal automation team

ITaaS

Virtualization

Capex Opex

TEST

PROMOTE

BUILD

TESTFIX

DevOps


我們的混合雲策略 O

FF

-PR

EM

ISE

S

ON

-PR

EM

ISE

S

VIRTUALIZATION CLOUD


VMware vCloud Suite + EMC ViPR

企業混合雲

Situation Over the last ten years since the transformation began, EMC has tripled in size and revenue, and its reliance on IT as measured by the size of the infrastructure, has grown at even a much higher rate.

Solution Defined a “Greenfield” strategic platform standard that was consolidated, scaled-out, tiered, multi-tenant and 100% virtualized, while reinventing the IT Operating Model to a professional services business under the Federation Enterprise Hybrid Cloud solution.

Expected Benefits Provisioning time reduced from 45 days to 1 day

− Delivery of standard “usable” services to customer − Moving from VMaaS to IaaS+ or PaaS

• Single code stack to manage “well run” hybrid cloud − 25 new services and growing


議程

1

2

3

4

5

EMC IT Overview




Summary

Q&A 6


軟體定義資料中心架構

VIRTUALIZED INFRASTRUCTURE

SERVICE CATALOG

EMC TIERED STORAGE

vRealize Business

Financial Transparency

vRealize Operations

Operational Management

Self-Service & Automation

vRealize Automation

VCE CONVERGED INFRASTRUCTURE

CA & DR

SRDF

RecoverPoint

Backup &

Recovery

Data Domain

Avamar, Networker

Powered by Intel® Xeon® Processors


企業混合雲軟體元件

• VMware vSphere 6.0

• NSX 6.2.x

• ViPR Controller 2.3 / ViPR SRM 3.6 SP4

• vRealize Automation 6.2.1 / vRealize Orchestrator

6.0.2 / ViPR vRealize Orchestrator Plug-in 2.4

• EMC Avamar 7.2.0

• VMware vRealize Log Insight 3.0.1

• vRealize Operations Manager 6.0.2

• vRealize Business 6.2.3

• VCE VxBlock RCM 6.0.5


Compute

企業混合雲架構



融合架構策略

BLOCKS RACKS APPLIANCES

Enterprise & Traditional Workloads

Big Data & 3rd Platform Workloads

Edge and ROBO



vSphere Hypervisor as foundation for compute

運算主機能力策略

Cloud Resource Pools Hybrid Cloud

VMware vSphere

VMware vCenter Suite

App App App App App App App App

• vMotion

• Storage vMotion

• HA / Fault Tolerance

• Data Recovery

• vShield Endpoint

• NSX • DRS

• Hot Add

• ESXi Hypervisor

• DRS and DPM

• Memory

• Over commit

• VMFS / RDM

• SPBM / SIO Controls

• Thin Provisioning

• VVOL / VSAN

• Distributed Virtual Switch

• Network I/O Control

Scalability

Network

Existing Applications Future Applications

Application Services

Infrastructure Services

Availability

Storage

Security

Compute


Network

企業混合雲架構 VXRACK vBLOCK Avamar Data Domain


網路策略 NSX Micro segmentation – zero trust model

SECURITY POLICIES SEC GROUPS LOGICAL SWITCHING, ROUTING,

FIREWALL, LOAD BALANCING

WEB “Standard Web” Firewall – allow inbound

HTTP/S, allow outbound ANY

DATABASE

“Standard Database” Firewall – allow inbound

SQL

APP

“Standard App” Firewall – allow inbound TCP

8443, allow outbound SQL

“Default” Firewall – Access shared

services (DNS, AD, NTP,

Patch Mgmt, Backup, Syslog)

DEFAULT

WEB

APP

DATABASE

VM VM

VM VM VM

VM


企業混合雲架構 Storage VXRACK vBLOCK Avamar Data Domain



存儲策略 ViPR

ViPR CONTROLLER ViPR SRM

Self Service

Automation Security

SERVICE MANAGEMENT

Reports

Resource management

South Bound

Platform Layer

• Discovery

• Registration

• Resource Pooling

• Data Protection

• Platform Data Services

North Bound

Service Layer

• Tenancy

• Projects

• RESTful APIs

• Service Definition

• Automation & Orchestration

Provision Incident Service Catalog

Dashboard GRC

Isilon PAPI

SYMCLI SMI-S XML API

REST API

VNX Isilon VMAX XtremIO



ViPR 架構 VDC: HOPKINTON VDC: DURHAM

Project 1 : Atlas

Block* File% Object^

Volumes Exports Buckets

Tenant1: EHC

Tenant2: VDI

Tenant3: LOB

Project 2: Virtual_Infra

Project 1 : Atlas

Block* File% Object^

Volumes Exports Buckets

Tenant1: EHC

Tenant2: VDI

Tenant3: LOB

Project 2: Virtual_Infra

Note: Fully deployed (*), Limited deployment (%), In Planning (^)

VMAX XtremIO Isilon VNX

POOL_Gold

POOL_Silver

POOL_Bronze

Capacity

vArray

FC IP

Networks Pools Clusters

vArray vArray vArray

VMFS Data Store

Block Volume File System

Identity Roles

SECURITY

XtremIO Isilon VNX

POOL_Gold

POOL_Silver

POOL_Bronze

Capacity

vArray

FC IP

Networks Pools Clusters

vArray vArray vArray

VMFS Data Store

Block Volume

File System

VMAX

SERVICES SERVICES

ESXi ESXi

WAN


ViPR 目錄及服務

SNAP

PROTECT

RESTORE

MIGRATE

EXPORT

EXPAND

CREATE

OPERATIONS

DELETE

RETIRE

GOLD

DEFAULT

BRONZE

SILVER

PLATINUM

DIAMOND

SLA POLICY

3 TIER APP

FILE

VDI

BOOT VOLUMES

DBAAS

IAAS

USE CASE

RPO / RTO

Geography

Security

Compliance

Availability

Performance

OBJECTIVES

Provider

Cost

TIER


ViPR 控制器 VMware vrealize orchestrator Plug-in

Default ViPR workflow. Modified with “Volume, Data Store and Timeout” to meet “EMC IT” needs.


Block 存儲 End-to-end provisioning

ARRAY

Create thin devices

Create thin meta devices

Create SG

Bind SG to pool

Associate SG to FAST Policy

Add devices to SG

SAN

Create Zones

Add to a Zoneset

Activate Zoneset

Discover LUNs

Create Data Stores

Mount Data Stores

ESX HOST

Before ViPR

• 3 Element Managers

• 12 Manual Steps

• Fulfillment in Hours

After ViPR

• VRO API Call to ViPR

• Provision in few mins

• Automation

• Standards

• Compliance

One Catalogue Request

1 PB of Storage provisioned

On demand provision

500% increase in productivity


EMC IT – ViPR 主控台


ViPR – 標準 Volumes


ViPR –存儲開通訂單


ViPR – 工作檢視


議程

1

2

3

4

5

EMC IT Overview




Summary

Q&A 6


租戶建置

Physical Resources

Compute Storage Network Cloud

Software Defined Data

Center

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi Resource Endpoints

vCloud Air

Automation and User

Portal

Tenant & Business Groups

Cloud Team

ITBM & Chargeback

Services Library

PaaS

IaaS

Converged and Hyper-Converged Infrastructure


Physical Resources



Center

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi


vCloud Air

Automation and User

Portal


Cloud Team

ITBM & Chargeback

Services Library

PaaS

IaaS

租戶建置


租戶建置

Physical Resources



Center

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi


vCloud Air

Automation and User

Portal


Cloud Team

ITBM & Chargeback

Services Library

PaaS

IaaS


Physical Resources



Center

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi

ESXi


vCloud Air

Automation and User

Portal


Cloud Team

ITBM & Chargeback

Services Library

PaaS

IaaS

租戶建置


虛擬機開通訂單


存儲開通訂單


開通訂單完成


首頁


議程

1

2

3

4

5

EMC IT Overview




Summary

Q&A 6


EMC IT 軟體定義資料中心 Outcomes and results

End to End Mapping

100% application & service mapping

Configuration Management High standards with

“zero” variations

Driven by APIs

25 Standard services exposed in catalogue

Utilization Optimization

80% utilization target

SLA Achievement

Faster provision and fewer escalations

Application Chargeback

90% opex chargeback

Infrastructure Automation

Resources can move further up value stack

Scale and Reuse

Write once and use everywhere – 125

component services


五個經驗分享

ADAPT Adapt your team

roles and structure

CHALLENGE Building this yourself

is hard

Instill a software mindset

ADOPTION It’s all about the

“service”

CUSTOMER

Don’t try to force this on all of your legacy

infrastructure

RIGHT FIT

Documents

EMC IT最佳實踐 軟體定義雲端策略經驗談 · • EMC Avamar 7.2.0 • VMware vRealize Log Insight 3.0.1 • vRealize Operations Manager 6.0.2 ... Storage VXRACK vBLOCK

EMC IT最佳實踐軟體定義雲端策略經驗談 · • EMC Avamar 7.2.0 • VMware vRealize Log Insight 3.0.1 • vRealize Operations Manager 6.0.2 ... Storage VXRACK vBLOCK