2011.05.24 F5 Solution Day - VMware Solution by networkmagazine taiwan

如何實現雲端SLA管理 Steve Sue VMware PSE ssue@vmware.com

針對台灣虛擬化程度現況調查結果

雲端運算之旅三部曲 – 協助客户實現服務價值成本效率

雲端運算

服務品質企業服務靈活性 IT 生產

IT 即服務

商業生產

100%

70%

30%

15%

如何實現？

忽略關鍵成功因素將降低雲端之旅的速度 Ownership/ Sponsorship

有限度的影響力缺乏業務相關單位的關注缺務單注

Business Value

降低採用的速度

很難衡量導入效益很難取得有效的贊助者

Adoption

Business Triggers

Value

技術錯誤錯誤的架構設計

Confidence

失去信用 IT Capabilities from Virtualization

二部曲導入的重點將重要關鍵應用程式轉移到雲端作業系統平台 • SQL/Oracle/Exchange •

Java / .NET NET App

1. 企業關鍵應用程式導入異地備援解決方案 • Storage異地備援解決方案 •

VMware 異地備援SRM

2. 如何強化關鍵應用程式的如何強化關鍵應用程式的SLA • 安全管理 vShield •

效能管理 AppSpeed

•

營運管理 vCenter Operation

3. 如何提高整合比率和有效預估資源使用量來降低資本資出成本 • 容量管理 Capacity IQ 4. 延伸主機雲端平台到桌面雲端平台 • 強化終端用戶的SLA 強化終端用戶的 View4.5 & ThinApp4.6

為何關鍵性應用程式須放在來雲端平台 1. 降低高可用度解決方案的建置成本降高建成  企業級軟體授權和備援主機授權  不同的應用程式需要不同的叢集備援解決方案  備份軟體

•

VMotion/Storage VMotion

•

HA/FT

•

Data Recovery

2. 電腦資源可隨業務成長動態增加或調配電腦資隨業務成動態增加或 •

Hot Add

•

DRS

•

Provision 快速複製

3 加速異地備援的RTO 3. •

SRM

為何關鍵性應用程式須放在來雲端平台 4. 降低軟體開發週期的管理成本  開發主機硬體採購成本  QA主機採購成本  軟體授權  快速複製線上環境當作訓練環境

5. 可定期複製線上環境當作稽核或版本控管

實際雲端之旅專案導入案例

實際雲端之旅專案導入案例 Q1 2010

Q4 2010

Q1 2011

Q4 2011

Q1 2012

Q1 2013

Virtualization Hardening Effort UNIX to Linux

Phase I

Governance Committee (Standards, Capacity Planning) I f t t Infrastructure Strategy St t

Virtualization

Cisco 1000V Application Strategy

Virtualization Strategy

Pilot SQL Server Solution

Pilot 1 - vCSD Management Strategy

Phase II

Pilot vCenter Configuration Manager Pilot vCenter Capacity IQ

Service Level Classifications Pilot 2 - VMware Cloud Director

IaaS

BCP Strategy Pilot Site Recovery Manager Pilot vStorage API

Pha ase III

Provide e 100% Virtualizat V tion of

Phasse 0

Steady State Steady-State

Development Strategy S lf S Self Service i St Strategy t

Spring Source Integration Strategy vCloud API

P i it 1 project Priority j t

I fli ht Inflight

POC

Self Service IT Self-Service as a Service

VMware Cloud Director vCenter Chargeback

O Ongoing i activity ti it

Milestone

改善傳統異地備援架構

ArrayServer SRM Manager

vCenter Server

Array SRM Server Manager

SRA

ESX

Block Replication Software

VMFS

SAN Array

ESX

1. 縮短RTO Block Replication Software 2. 降低人為操作錯誤 VMFS

VMFS

SAN Array

新一代雲端防毒架構-vShield Edge & vShield App

Firewall

VPN

Virtual Datacenter 1 DMZ

DISA & PCI

Load Balancer

Virtual Datacenter 2 CIS & PCI

VMware vSphere + vCenter ESX Hardening

Cluster B

Cluster A

新一代雲端防毒架構-vShield Endpoint

 整合vShield Endpoint API, 無須於 Guest OS上安裝AV Agent, 採用Virtual Appliance針對 Windows-Based Guest OS做即時掃描,排程掃描,立即掃描等, 僅需於Windows-Based Guest OS上安裝vShield Guest Driver,就能將File Event送給Virtual Appliance

 病毒碼和防毒引擎的更新只需針對SVA 作異動即可

APP

Kernel

Hardened

BIOS

SVM

Introspection

VM S h VMware vSphere

透過AppSpeed作到有效率的效能監控 vCenter AppSpeed Server 1. Monitor application transaction performance across your virtual i t l infrastructure i f t t

2. Set baselines & detect performance f iissues

Analyze application performance from inside vCenter

AS WS

DB OS

• Latency

• Usage • Throughput 3. Troubleshoot and localize performance problems

Track performance from browser-based application dashboards

Where’s the problem? • Server S • Network round trip time • Network overhead (retransmissions, error, packet loss)

Drill-down on application transactions, tiers, and queries

應用程式交易監控分析  AppSpeed A S d monitors it application li ti transaction t ti performance f

 HTTP, HTTPS and Web Services – monitors the applications and transactions that participate in every application. 網站伺服器  Database protocols – maps the databases, tables, methods and queries for Oracle, MSSQL and MySQL 資料庫伺服器

Monitor specific application transactions and analyze granular performance

應用程式交易監控分析

應用程式 Latency 分析 – 快速判斷是網路還是主機資源問題

Break application latency down to localize the problems

透過Capacity IQ作到精確的容量規劃提高整合比

透過“What-If” 作採購預估

採購預估

Capacity Modeling 分析多種 Host and VM What-If 情境預估 Virtual Machine 虛擬機器Capacity 預估虛擬機器或主機現況組態變更最多五種情境交叉比對分析

“What-If” 分析模型 Capacity state today Now, run summary report on overall virtual machine optimization

New capacity shortfall h tf ll if I add dd 10 new VMs VM count capacity p y

Actual VMs deployed

Report identifies that 95% of VMs are overprovisioned! Current capacity cross-over p point

透過vCenter Operation了解你的虛擬環境狀況 - Workload

管理資源 • CPU

• Network I/O

• Storage I/O

• Memory (VM and ESX Allocation)

透過vCenter Operation了解你的虛擬環境狀況 - Health

GRAY BAR Upper and Lower band of Dynamic Threshold - “Normal” BLUE LINE Metric’s Current Value RED BAR Breached Dynamic Threshold – “Abnormal”

透過vCenter Operation了解你的虛擬環境狀況 - Capacity

 30 Days Left = RED  60 Days Left = Orange .

直覺化的Dashbaord管理介面

Performance scores

“Details” for further analysis Visualize impact

細部的問題展開

Key metrics of interest based on continuous learning of “normal” behavior Stress caused by net I/O

Quickly identify problem source

可透過交叉分析快速找出問題

Check health of related objects in the hierarchy

Correlate events that occurred at the same time

可快速深入 Disk 和 Network IO 效能問題

Disk subsystem performance details by datastores and LUNs

Network statistics for every NIC

透過容量預估可在問題發生前提早預防

Proactive warning related to capacity shortfall

Correlated workload metrics forecast a potential breach

Project forward f t future issues i hours or days in advance

Analysis 方塊顯示方式

Move VMs to another host?

This host looks healthy…

This host seems to be overloaded!

可交叉比對效能參數

Single view that correlates multiple metrics

Detailed list of all metrics indicating smart alerts

傳統企業個人PC維護管理遇到的挑戰  使用者經驗

 修正程式的更新

 預算

 安控與認證

 使用者資料備份  不同的工作地點

 不同的作業系統

USERS

 不同的工作型態 Task vs. knowledge worker o General vs. power user o Stationary vs. mobile user o

 不同的工作裝置  使用者自己管理裝置

DEVICES

APPS

 多種應用程式的安裝

 週邊設備的管制  桌面管理

 應用程式衝突

 資訊服務水平SLAs

 應用程式更新

o 快速部署個人作業環境 o 個人電腦的修復和汰換

S-31

Confidential

革新的桌面雲架構 – 一種托管服務模式集中式管理

使用者應用程式作業系统

桌面雲

透過View提供個人Service on Demand的個人運算平台

 Simplicity設定簡單  Efficiency效率管理  Security高度安全

 Availability高可用度  Reliability 高穩定度  Scalability高延展性

Management 管理設定

Platform 平台架構

 View Client  PCoIP Protocol  Local Mode

 View Manager  View Composer  ThinApp

 vSphere for D kt Desktops

降低管降管理成成本

 Usability使用性 y  Flexibility彈性

User Experience 使用經驗

VMware View 4 架構 VMware View Vendor Client

View Agent

G Guest t Desktop OS

View Manager 

View LDAP

ThinApp Packaged Application

Thin Client

vSphere/VI

View Client  

ESX/ESXi Hosts

ThinPrint device driver Extended USB redirect support

Desktop

Active Directory

View Portal

vCenter Server 

View Client with Offline Desktop Laptop

  

ThinPrint device driver Extended USB redirect support Hypervisor for offline capability

View Administrator

View Composer Database

Blade PCs Standalone VMs Terminal Servers Physical PCs

View Composer

vCenter Database

vSphere/VI Client

支援各種不同的終端設備

Native Windows Client

Thin- Client Support

Native Mac Client (RDP)

Thick clients or refurbished PCs

Broad industry support

Mac OS 10.5+ 10 5+

Now with Local Mode

NEW

支援不同的認證模式 Single Sign On 單一簽入認證 •

Windows U Username/Password /P d

•

Smart Cards/Proximity Cards

•

Client Based (MAC Address)

•

USB connected biometric devices

Simplified Sign-on

可和MS AD認證作整合 •

不會異動任何 Domain Schema

Connection C ti Server

VMware View Client 使用者登入介面

支援離線使用 1. 行動使用者 checks out 他們自己的虛擬桌面 (encrypted with AES) 2. 可在 disconnected 離線狀態使用 3 可隨時同步異動的部分 3. 4. OH NO! 咖啡災難我的電腦毀了! 5. 重新去電子商店購買新的電腦 6 重新將自己的虛擬桌面 Checks out 出來所有的資料都還在 6. 7. 管理者可以設置策略，規定用戶端每隔多久時間必须和主機認證一次，以否則將被禁用

IT 管理更簡單. 使用者使用更放心

支援平板電腦使用

VMware View Client for iPad - Gestures

Gestures for quick and easy desktop navigation

VMware View 4 平台特性 VMware View 4.0

User Experience 使用者經驗 PC IP Protocol PCoIP P t l View Multimedia View Display View Direct View Print Offline

Management 資訊管理 View Manager View Composer vCenter ThinApp

Platform 系統平台

vSphere for Desktops

特性  高可用性  高延展性  高度效能

VMware View 4 平台特性 (全球市占率第一名 84%)  降低主機停止服務時間 • • • •

High Availability (HA) VM ti VMotion Storage VMotion Fault Tolerance

 保護企業用戶重要使用者資料 •

Data Recovery

 提供企業級的高延展功能 •

可管理10,000 台的虛擬桌面機器

 桌面負載最佳化 •

較高的虛擬桌機整合比機 ((VM density) y)

•

可自動做DRS負載平衡

•

效能針對同時大量的同時開機或暫定情境有作最佳化

技術領先的雲端作業平台 VMware is VM i placed l d as a leader in x86 virtualization

5 of 5 Cloud Providers named Leaders are VMware-based!

This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from VMware Th M The Magic i Q Quadrant d iis copyrighted i h d 2010 b by G Gartner, IInc. and d iis reused d with i h permission. i i Th The M Magic i Q Quadrant d iis a graphical hi l representation i off a marketplace k l at and d ffor a specific ifi time i period. i d IIt d depicts i G Gartner's ' analysis l i off h how certain i vendors d measure against i criteria i i ffor that h marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

VMware View 4 平台特性 VMware View 4.0

User Experience 使用者經驗 PC IP Protocol PCoIP P t l View Multimedia View Display View Direct View Print Offline

Management 資訊管理 View Manager View Composer ThinApp

特性  集中管理及部署署  單一影像媒體管理  應用程式虛擬化

Platform 系統平台

vSphere for Desktops

簡易的管理介面 View Manager – 簡易的 web 管理介面,部署,授權及安全政策

安控和延展性支援  可作大量的企業部署  資料儲存集中化 View Manager

 支援 AES128 SSL 加密連結  支援DMZ安全主機架構

Security Server

 可看其他廠商的資訊安全認證產品整合如 RSA  可透過WSWC Script或AD credential cache支援SSO單援一簽入認證

桌面安全政策 View 安全設定 • USB access

權限範圍 • Levels  Global  Desktop/pool  Individual user

可額外搭配GPO 群組原則限定只能使用某種USB裝置

透過 Composer 可快速部署好終端桌面支援 Re-Compose 和 Refresh

25 MB Clone

OS base image OS base image

Master VM

VM snapshot

25 MB Clone 25 MB Clone replica READ ONLY

OS delta disk

user data disk

OS delta disk

user data disk

Desktop B

OS delta disk

user data disk

Ratio

% Savings g

1:50

75%+

1:100

80%+

1:1000

85%+

永久和非永久硬碟

 Redirect paging and system temp files to a temporary disk removed upon VM powered off

Refresh 桌面作業影像回復到基本桌面  繼承原本的影像副本  登出所有對作業系統的改變都會消失  保留原本的使用者資料磁碟 (UDD) replica

Refresh

選項 • 可針對pool 的所有使用者或特定群組或使用者 • 可立即Refresh 或於特定時間Refresh • Refresh 時可強制所有時可強制所有人登出或等待使用者登出時再出或等待使用者出時再

replica

bloated OS delta disk

OS delta disk (refreshed)

Refresh

user data disk

user data disk (preserved)

Linked Desktop

透過Re-Composer p 可快速升級作業系統和應用程式級統應 OS base disk

WINXP SP2 + Office2003

WINXP SP3 + Office2007

Master VM 影像副本 replica 1

VM snapshot

Recompose

影像副本 replica 2

created after changes made to Master VM

bloated OS delta disk

user data disk

Linked Desktop

OS delta disk

user data disk (preserved)

Linked Desktop

ThinApp 應用程式虛擬化功能  透過virtual file system,virtual DLL. virtual registry 可將AP和作業系統作分離  無須安裝代理程式  支援多種應用程式  可和現有的管理機制作整合

效益  快速簡化應用程式的修正和部署作業  可讓多種版本的應用系統共存  部署一次即可支援多種作業系統

2009 Reader’s Choice Award 2010 Best product in category www.virtualizationreview.com

提供簡易的應用程式封裝技術

Log g in as local admin

Step 1: Take VM snapshot

Step 2: Pre-Install Scan

Step 3: Install App Run from shared location

Step 4: Post-Install Scan

Step 8: Revert to VM snapshot

Network Share

Step 5: Build App Package Step 6: Test App Package

可在任何存儲設備執行

可強化應用程式安全性和AD群組整合

只有特定群組才可以執行

可強化應用程式安全性和桌面整合

 Individual

desktop  Desktop pools

ThinApp的特點

不需要特別的硬體設備和資料庫體資 Low cost to adopt, p faster to rollout 終端設備無須安裝任何代理程式 Low cost to adopt adopt, faster to rollout 可和現有管理機制整合 Seamlessly fits into any existing ESD or process 解決軟體相衝突問題 Lower admin overhead by isolating conflicting apps 降低桌面移轉風險 Lower cost to upgrade desktops desktops, faster to rollout Copyright © 2009 VMware Inc. All rights reserved. Confidential and proprietary.

透過ThinApp 無痛升級Windows 7  透過 ThinApp 將 Windows XP or Vista 應用程式虛擬化  透過View部署Windows7虛擬作業系統

VMware View 4 平台特性 VMware View 4.0

User Experience PCoIP Protocol View Multimedia View Display View Direct View Print O Offline e

特性  彈性的桌面存取方式  顯示通訊協定  不改變使用者經驗

Management View Manager View Composer vCenter ThinApp

Platform

vSphere for Desktops

PCoIP針對網路提供高效能的顯示方式 • 專門為LAN和WAN設計的顯示通訊協定 • 不需要安裝特殊硬體設備純軟體架構設計

PCoIP提供漸進式的顯示方式

PCoIP PC IP 使用 UDP 以最佳方式實現音頻和圖像數據 PCoIP 能够跟據可用頻寬動態調整圖像質量和速率

Location Based Printing 隨選列印功能

Floor 3

 可透過GPO政策設定將虛擬桌面自動連到最近的印表機

使用個案  醫療人員從某個診間移動到其他診間  銀行人員分行調動 Floor 2

Floor 1

Questions