By Nathan Bennett, Sterling Cloud Architect
In our coverage on ‘Chipageddon’ and the issues ensuing from it, I hope to show how cloud solutions have the chance to make the biggest positive impact on your world, allowing you to extend your data center and your environment beyond the physical barriers that hold them back and to enable you to grow. However, in many cases, the issue isn’t just about growth, it’s about capabilities and making sure you have the same solutions on-premises as in the cloud. With the new updates coming out during VMworld 2021, we are getting the services and solutions to VMC on AWS that can create this parity between on-premises environments and hybrid cloud.
It bears acknowledgment just how many places you can have a VMware Software Defined Data Center (SDDC) to manage your infrastructure, allowing you to bridge the gap between many different public cloud vendors. Dell’s own cloud-based solution, VMC on Dell Cloud, allows this versatility along with the other major players in the public cloud (AWS, GCP, Azure, and Oracle headlining). These solutions and additions offer parity of VMware solutions with each cloud, allowing you to manage your environment in the same way in multiple places, reducing complexity and improving reliability.
VMC on AWS updates
Speaking of reliability, VMC on AWS has been available as a stretched cluster for a while now, allowing you to improve your 99.9% uptime to 99.99%, which may give you the extra edge you’re seeking for compliances and policies. Stretched clusters also has been reduced in terms of sizing, allowing a simple 2-2-1 host solution, or, in other words, two hosts in two zones with one witness node.
This is probably the cheapest way to introduce the solution into your environment while still gaining you more uptime. And with this update, creating a stretch cluster is easier than ever. This is now a push-button capability, where you check a box and enable stretched clustering with your VMC on AWS — which is a fantastic and easy way to get started with your cluster.
Let’s talk briefly about compliance, certifications, and regions with VMC on AWS. Just recently, we saw that VMC on AWS made it possible for FedRamped high-authority-to-operate (ATO) federal entities to consume this solution, which, according to VMware, can save taxpayer dollars, as the complexity of the US infrastructure can be unruly in some areas.
This FedRamped certification is a huge deal for VMware, verifying that they are able to control data per government standards. VMC on AWS in the eastern GovCloud region will be released, hopefully, in Q4 2021 or Q1 2022.
Finally, on the VMC itself: A huge upgrade is being made to the SDDC. VMC on AWS is being updated from 6.7 U3 to 7.0 U3, allowing the new updates that VMware is bringing in 7.0U3 to all your VMC on AWS cluster. I was wondering when this would happen, as it seemed strange that some SDDC clusters within the big cloud partners were still around 6.7U3 or earlier. Now, when you jump into VMC on AWS, you will have the ability to enjoy all the capabilities of 7.0U3 after the cluster is prepped and ready to be consumed.
You can find our blog on vSphere 7.0U3 here.
The SDDC hardware is still i3.metal or i3en.metal in the AWS settings but it has many more capabilities with these services. Along with these service updates, NSX-T will also be updated to 3.1.3 along with all the capabilities this version brings, including IDS/IPS, advanced load balancing, and more.
If you have a vSphere cluster with NSX-T, the next VMware service that would follow is Tanzu, which is now available in VMC on AWS. This isn’t an easy push-button solution, but with the updates to the error messages within 7.0U3, including DHCP for Ingress/Egress CIDRs, this should make enabling Tanzu much easier if this is setup. I have also heard that NSX-T in VMC on AWS will set up the needed routing for Tanzu as well, which could make it extremely easy. The enablement for this should be through NSX’s BGP, but that has not been officially announced. It may be through a different setting, as VMC on AWS may be different. Time will tell, but one thing is for sure: VMware is dedicated to bringing Tanzu to all their hybrid-cloud solutions. This flows well with Tanzu Mission Control (TMC), which is VMware Cloud’s service to connect multiple Kubernetes clusters to VMware cloud service.
TMC allows operators to log into one site (TMC) and enable policies to multiple clusters, allowing the negation of configuration drift, and keeping clusters in their standard, required settings, which in turn leads to an easier flow between all the services and your SDDC within AWS. VMC on AWS has always been the first to enable VMware’s powerhouse services, but after these capabilities have proven their worth and stability, it will be extended to all the other public cloud vendors.
It is worth noting in this section that Tanzu services do not incur additional costs. Instead, VMC on AWS (including the Tanzu portfolios all the same price in VMC on AWS. It would be awesome if Tanzu could become part of vSphere and not a bolt-on solution on-premises, as well as keeping the hypervisor the home for both container workloads as well as VM workloads.
VMC on AWS Outposts
AWS Outpost is a new compute-and-storage solution utilizing VMC on AWS. Customers purchase a rack of servers that are configured via AWS, then stacked or racked in an on-premises data center. Outpost is connected to an AWS region and maintained by the data center yet still retains support from AWS. Not only do you get the rack of servers with connections to AWS but you get the SDDC software with vSphere, vSAN, NSX-T, and Tanzu on the same solution.
This is a great option for those looking to do a full data-center refresh. I really like the idea of Outposts, as they introduce the simplicity of the cloud into your local environment, while at the same time helping you maintain and manage VMC on AWS Outposts as you would like if your security and compliance require it. This comes with specific requirements based on the temperature, humidity, power backup, etc., of the data center, as well as the network connectivity. You will need to maintain a latency requirement to an AWS region. If you are thinking a direct connection is required —it’s not. This is basically a VPN connection. But if you would like a direct connection, one is always available.
VMware Cloud Disaster Recovery (VCDR)
VCDR is a great disaster-recovery solution. For a refresher, VCDR pulls data from your local data center and stores it within the VMware cloud solution. This acts as storage for your data that can then be utilized for recovery in the event of a disaster. A couple of things to keep in mind with this solution: VCDR is only recovery to VMC on AWS.
VMware Cloud Disaster Recovery (VCDR)allows a recovery to VMC on AWS, but then when you need to migrate the data back to your on-premises location, you only pay for the change of the data, thus making egress charges much cheaper. You have three options to utilize VCDR: pilot light, cold, and hot site. “Cold” is when the VMC on AWS does not exist and would have to be built in the event of a disaster (remember all services are stored within VMware cloud and not on-premises). This would end up taking over 90 minutes for recovery and may not suit many service-level agreements (SLAs). “Hot” is when you are using VMC on AWS for workloads and then only pushing the workloads to that site. The “pilot light” option is interesting, as it’s not cold or hot, but instead is simply built for priority workloads to be recovered and can be expanded after high-priority workloads are recovered. Building a VMC on AWS can take 90 minutes but adding a host to a VMC on AWS cluster can take as little as 15 minutes — making it much more tolerable. This, along with the pilot light being available for only a two-node cluster, makes it very intriguing for customers looking for a business continuity and disaster-recovery (BCDR) tool.
For this release, VMware is updating their Return Point Objectives (RPOs) to be able to run 30 minutes. This is critical for priority workloads that need to be updated regularly. VCDR will also look to add capabilities such as File/Folder Restore in the fourth quarter. VCDR also now has a QuickStart function to set up VCDR functionality through a GUI (just swipe a credit card). This does away with the complicated and vague way to set up VCDRs that has plagued some discussions since it was launched. and allows customers to easily get into VCDR for their workloads.
Conclusion
To summarize the announcements coming from VMware: They are dedicated to the hybrid cloud solution in AWS, Oracle, Azure, GCP, or wherever you place the solution. They are updating the software for their new flagship version and granting key capabilities that were previously only on-premises to the cloud version itself. Some people have stated that this isn’t truly hybrid-cloud but more of an extension of VMware’s software. Whether you believe it is, or it isn’t, one thing is clear: It removes the problem of purchasing hardware during the worst chip crisis we have seen and helps customers extend their environment in the cloud. This is basically what the adage tells us – that “There is no ‘cloud’, it’s just someone else’s computer”. When that computer’s hardware is already existing, and you need to extend it today, why not use it for your workloads, especially if it meets the needs of the workload, the business, and the customers it’s going to serve.
At Sterling, we’ve been watching VMC on AWS for a while and celebrated when it received FedRamp High ATO, as this had been a clear roadblock for government procuring-entities. VMware has not only improved its solutions but opened a new frontier — across which customers can expand their own environments and business potential.