AWS re:Invent 2018 – Day 1

This is where things really get moving. I’m happy to say I didn’t regret gorging myself with wings the night before and was ready to hit the ground running to see re:Invent in full swing. Day 1 step count…15,308 (7.57 mi). I started off the morning by attending everyone’s favorite topic….SECURITY!!! This session was spent debunking 13 Cloud Security Myths. A few things that I already knew were reinforced. One, public clouds are more secure that on-prem data centers. Two, security should be the first thing you think about when deploying everything from applications to infrastructure. Three, if you continue to follow older security models that have been around for years, you are missing the entire point of the cloud!

 

IMG_5143IMG_5144

Next up was a two-hour workshop getting some hands-on experience with the AWS Virtual Private Cloud (VPC). VPCs are the backbone to everything AWS including VMware Cloud on AWS. Although I have taken some online classes via AWS and A Cloud Guru, it was great to spend more time setting up VPCs as it is core to understanding how AWS works. We worked in groups of six where we set up VPC peering with each other. My main takeaway….have a concrete plan for the CIDR blocks you choose for your VPCs. If you don’t plan correctly, you will have to start over. A tool given out by the architects running the session was http://subnet-calculator.org/cidr.php . Bookmark it! An added benefit to the workshop was $25 in AWS credits!

Next stop was the Expo Hall and welcome reception. Of course, the hall was massive with hundreds of booths and all the SWAG you can handle. I decided to take a look around beforehand so I knew where to get “the good stuff.” Since I’m a VMware guy, it was awesome to see us well represented we even have our newest members of the family in Heptio (met Joe Beda at the booth) and Cloud Health with booths of their own.

The last session of the day was a VMware Cloud on AWS Deep Dive with Andy Reedy and Jin Zhang. If you ever get a chance to spend time with Andy, I would recommend it. I met him two years ago at some customer meetings and he is a fantastic architect. He got into the weeds with VMWonAWS regarding the host hardware and the interconnectivity between the vSphere hosts and AWS native services. We even went into the i3 and r5 models for EBS backed VSAN. It was a great session. As I have said before, AWS and VMware have a deep partnership to make this service available. The pace of innovation is blinding! Day 2 is next!!

This slideshow requires JavaScript.

Advertisements

AWS re:Invent 2018 – Day 0

Being my first year at re:Invent I wanted to give my insights regarding the conference. First and foremost….like most conferences this size….WEAR COMFORTABLE SHOES! With 50K+ attendees spread across 5 different venues up and down the strip, you will definitely hit your step goals for the week. Day 0 count = 16,230 (8.03 miles).

Check-In 

Compared to some conferences I have been to, AWS pulled registration off beautifully by allowing you to register at Terminals 1 and 3 at McCarran International Airport plus the Aria and Venetian. I only had to wait about 5 minutes at the Aria. The SWAG pick up at the Venetian was a snap and there was even a place to try on the famous AWS re:Invent hoodie beforehand. No more guessing on the fit.

img_5132

Midnight Madness

Next, it was back to the hotel for some rest before the night’s activities. I can attest that while at the conference, use the shuttles!!! Saves your legs and feet, you may even have some interesting conversations with others along the way. Once back at the Venetian, I waited in line for what I thought was going to be a cheap easy way to get a free meal…..the Tetonka Challenge! AWS re:invent was at it again with trying to break last year’s Guinness World Record for the largest chicken wing eating competition.  400+  waited in line to compete to see who would take home the crown. I met some great people as I waited in line but I am sorry to say that after only 22 wings I bowed out. Something about soggy-ish wings didn’t quite hit the spot. The winner ate 70+ which is absolutely insane! I even got my one second of fame. You can see me standing behind the man in the green jacket off to the left when they awarded the winner.

Coupled with the Tatonka Challenge were Portlandia’s Carrie Brownstein and Fred Armisen’s best attempt at live comedy. In my opinion, it fell pretty flat but at least they tried. They were the on-stage cheerleaders for two more world record attempts in the largest Air Drum Ensemble (Phil Collins’ “In the Air Tonight” was selected for the Air Drumming) and Most People Lighting Glow Sticks Simultaneously. I have no idea if we broke all three but I think we did!! It was a good time but if it weren’t for the Tetonka Challenge I would not have missed much by not attending. Let’s see what Day 1 brings!! All I know is that I will not be eating wings for the rest of the week!!!

 

VMC Sizer: Understand your VMware Cloud on AWS Costs

As multi-cloud strategies continue to evolve, the cost of moving to the cloud will continue to be an important topic among decisions makers. In order to better understand the total cost of ownership (TOC), VMware Cloud on AWS has created a simple cost estimating tool for customers. Introducing VMC Sizer. With VMC Sizer, you can choose your workload type (VDI, Databases (Oracle or MSSQL), or General VMs), as well VM specifics such as vCPU, vRAM, IO, storage requirements and much more. With this tool, we have taken the guesswork out of understanding the costs associated with running workloads in VMware Cloud on AWS. In order to get a holistic view of costs, you have the option of adding several workload profiles to your profile where you can see all the costs of your Oracle, Microsoft SQL, VDI, and General Purpose VM configurations.

Getting the recommendations and TCO for your workloads only takes three simple steps.

  • Define your workloads
  • Review the recommendations based on your inputs
  • Create an account and review your VMConAWS TCO.

Workload Profiles

This is where the rubber meets the road but it’s important for you to understand that the information you enter from this point forward will determine the results of the recommendations and TCO of your SDDC in VMConAWS. The first settings you need to verify is your Cluster Settings, specifically your desired CPU Headroom and Fault Tolerance. The Server Configuration is static as all VMware Cloud on AWS hosts are all i3 instances.

Cluster Settings

Once you are comfortable with your cluster settings, you have the option of creating more than one workload profile so why not create one for your General VMs as well as your databases and VDI?! After selecting your workload type and VM count, you have two options for calculating storage. You can enter the amount of storage per VM or, if you are unsure how much you need per VM, you can enter the cluster storage requirement.

Workload ProfileStorage-Cluster

The next step in the process is to define additional workload settings such as vCPU, vRAM properties as well as IOPs and Dedup.  Keep in mind that your choices around IOPs and Dedup will change the size of your SDDC clusters.

Sizer-Workload

Once all the data has been entered, select “Recommendation” to move to Step 2. I will cover the Recommendation and TCO section in Part 2. In the meantime, take the tool for a spin and enjoy!! VMCSizer

 

 

VMware Cloud on AWS Connection Options

Happy New Year!!! This is going to be an exciting year for VMware Cloud on AWS and I wanted to kick off 2018 by highlighting the way in which you are going to connect into and out of VMware Cloud on AWS.

First of all, VMware Cloud on AWS is optimized (VMware Cloud Foundation) to run on dedicated, elastic bare metal infrastructure at a very high level inside Amazon’s data centers. For security purposes, the VMware Cloud on AWS SDCC is bifurcated to the components that manage the SDDC itself such as ESXi, VSAN, NSX, and vCenter.

Here’s a simple explanation of how you can setup the connectivity framework.

The first thing you need to setup is a connection to the management components of the SDDC.  You will first need to create a Management VPN and choose a set range of IP addresses that will be used by management components such as the ESXi hosts and vCenter. This range will be in the form of a simple CIDR block. We recommend using a /20 CIDR block for management purposes. After you connect the management portion of the SDDC, you will then need to setup an IPSec VPN between your on-prem data center and management components. This VPN can be setup over the Internet or AWS Direct Connect (DirectX). After this connection is established, you can then build firewall rules on the VMware Cloud on AWS Console. With these rules you can control access to the  vCenter from your on-prem data center.

VMCMgtVPN

There is an optional connection you can setup if you need access to your vCenter Server directly from the Internet. A public IP is automatically provided during the provisioning process. It is important to note that all access to this IP is restricted. To provide access, you will need to configure firewall rules in the VMware Cloud on AWS console to allow this direct type of Internet access.

PublicAccess

The second VPN you will need to setup is between your compute workloads and your on-premise data center. Several logical networks are required to provide the IP addresses for the workloads you plan on migrating or build in VMware Cloud on AWS. This VPN secures these workloads and allows them to connect back to your on-prem data center. This can be an IPSec VPN or L2VPN. The L2VPN advantage is that you can stretch a single L3 IP space from on-prem to the cloud and is also required for live migrations. This VPN can go over the Internet or AWS DirectX. You can again create firewall rules as needed to access on-prem workloads.

ComputeVPN

The next connection is between your SDDC workloads and your Amazon VPC. This is automatically configured and built during the SDDC provisioning process. Once you select the Amazon VPC subnet that will be associated with your VMware Cloud on AWS SDDC an elastic network interface (ENI) will be created allowing traffic to flow between both environments.  In order to control security, you will need to configure AWS IAM policies as well as firewall rules on the VMware Cloud on AWS side to allow access between both. Lastly, you will likely need to give direct public internet access to some of your SDDC workloads. To make these accessible to the Internet, you will need to leverage AWS elastic IPs along with NAT and firewall configurations to allow this type of access.

ENI

That’s it! Now you are ready to leverage your SDDC on VMware Cloud on AWS!

Also, here’s a video that covers the content discussed above.

-SL

If You Build It, Will They Come?

Some of you may remember the movie Field of Dreams where Kevin Costner’s character Ray Kinsella hears the phrase “if you build it, they will come.” Ray interprets this to mean he needs to plow under a portion of his corn field to build a baseball field and risk the economic and emotional stability of the family he loves dearly. The ending of the movie is open to interpretation but we assume Ray and his family lived happily ever after even if seemed like a crazy idea to everyone else.

With all the industry buzz around Cloud, many customers believe that if they build a Cloud solution (on or off premises) people will adapt and use it. This could not be further from the truth. Those of you wanting to disrupt the status quo need to first ask the question “what problem am I trying to solve”? Without specific use cases, you can end up wasting hundreds of thousands of dollars building a solution that no one will use. Once you have determined the problem(s) you would like to solve and fully understand what the goal is, you can then begin looking at solutions.  Without a true problem to solve and full understanding of the cloud solution of choice, you risk building a cloud solution with no customers.

This past week VMware Staff Solution Architect Sudhir Balasubramanian authored a blog covering Oracle RAC on VMware on AWS.  One of the  most compelling things around VMware Cloud on AWS is the fact that it’s underlying architecture is built on vSphere, VSAN, and NSX. This makes moving  Business Critical Application  workloads to a public cloud easier.

Welcome to Street 2 Clouds!

As we discussed what we wanted to accomplish with this website, we discovered we are very passionate about what we do. We like to see customers SUCCEED! Our roles place us very close to customers who have already adopted virtualization as a core platform and are now moving forward into the new world of cloud computing. By definition, cloud computing is an information technology paradigm, a model for enabling ubiquitous access to shared pools of configurable resources (such as computer networks, servers, storage, applications and services), which can be rapidly provisioned with minimal management effort, over the Internet or on premises. While cloud computing is a simple concept, the implementation of such is anything but easy. Technology is great, but it’s people and processes that make the magic happen. Our goal is to bring our “street” experience as consultants and customer advocates and help you all become even more “cloud” ready. Come back often as we will be updating content frequently.

-SL