We are pleased to announce that VMware Cloud Director™ 10.1 is now Generally Available packed with new capabilities. We have also re-branded from vCloud to drop the small ‘v’ in line with the rest of VMware’s portfolio and brand direction.
VMware Cloud Director has a few core updates in this release, such as VM encryption exposed in the UI and a lot of ancillary capabilities including: App Launchpad, Container Service Extension (CSE) update to 2.6, Object Storage Extension (OSE) update to 1.5, Terraform update to 2.7, Tenant App update, NSX-T Migration tool and NSX-T enhancements.
Want to be able to offer your tenants a curated portfolio of applications for their consumption, without them having to know VMware Cloud Director infrastructure? Want to elevate your portfolio from IAAS to application (a)PAAS? Offer in-house applications suited to verticals or solution areas? App Launchpad provides exactly this – making it easy for all customer personas to access and deploy applications to VMware Cloud Director.
From our acquisition of Bitnami the CPSBU has prioritized this important update to enable our Cloud Provider partners to realize more revenue from new personas and new application offerings.
App Launchpad can be used for in-house or ISV apps, and is optimized for use with Bitnami Community Catalog VM images. Using the MSP program, Cloud Providers can subscribe to Bitnami Community Catalog as a service. They can then selectively sync a portfolio of applications to their VMware Cloud Director instance, and offer these to their tenants via App Launchpad which is optimized for Bitnami. Find out more about Bitnami here.
App Launchpad is a free component for VMware Cloud Director, and doesn’t necessitate the use of Bitnami, so go ahead and give it a try, start delivering aPAAS solutions to your customers.
Offering more developer ready services is key to addressing this new persona’s needs and VMware Cloud Director is pushing limits with our new developer ready portfolio. CSE is the main interface to either native K8 Kubernetes Clusters or PKS Kubernetes Clusters for VMware Cloud Director. In previous versions this was just CLI, but now we have built a plugin to expose some of the infrastructure cluster and node details into VMware Cloud Director.
Other enhancements to CSE have also been introduced to improve configuration security via encryption of configuration files, and operational streamlining with in-place K8 upgrades, patching and minor version updates.
The Object Storage Extension for VMware Cloud Director provides a set of S3 compatible APIs for bucket and object operations. With the success of VMware Cloud Director support for Cloudian S3 compliant Object Storage virtual and physical appliances, we have introduced Dell EMC ECS support also. Now Cloud Providers can utilize Dell ECS EX series object storage platforms to build their own S3 services in their data centers if they wish.
Both Cloudian and Dell support physical storage and Cloudian also includes virtual appliances also and is chargeable. Please note that using Dell physical hardware is an additional cost outside the program scope.
Using the Terraform VMware Cloud Director Provider a Cloud Provider can deploy all infrastructure from code, such as create virtual datacenters, publish networking policies etc. Terraform VMware Cloud Director Provider supports all VMware Cloud Director objects required to deploy VM and now vApp apps. This simplifies infrastructure provisioning and provides essential automation that can help deliver services faster to customers.
Using Infrastructure-as-code, Cloud Providers and Tenants can ensure consistency across staging environments and automate deployment of multi-tier VM and containerized applications.
This release of 2.7 focused on feedback from the community as well as focusing on the completeness of existing workflows and support for the flex allocation model in VMware Cloud Director.
The Tenant App provides coverage for metering and chargeback, as well as reporting performance and providing dashboards to tenants.
The Tenant App appliance and vRealize Operations appliance together help service providers meter their infrastructure. vRealize Operations acts as the data collection engine talking to endpoints such as vCenter, NSX and VMware Cloud Director using its management packs.
The Tenant App adds pricing and billing for VMware infrastructure on top of these metrics, wherein a rate card can be assigned against these collected metrics and bills can be generated. These are used by service providers who want to perform pricing and billing in addition to metering the infrastructure using VMware solutions.
Now in version 2.4 of the Tenant App there is new monitoring and metering capability with closer integration with NSX data collection, more network metrics and sizing profile-based metering. New pricing and billing capability is provided in conditional rate factors for selective discounts and premiums, 95th percentile billing for network bandwidth, one time fixed costs for initialization costs, configurable volume discounts, and conditional policy over-rides for special VMs. Lastly, 2.4 also brings scheduling and exporting for bills.
As NSX-T becomes more and more feature parity to NSX-V we are now advising for net new cloud deployments to use NSX-T, and existing deployments can use NSX-T alongside NSX-V. Ready to migrate over completely? The new NSX-V to NSX-T migration script is now at Available with VMWARE CLOUD DIRECTOR 10.1.
The NSX-T migration tool provides per VMware Cloud Director Org Migration to a New Cluster under NSX-T management. The amount of service disruption is limited to BGP Convergence Time (from switch to T0 (external network)) and network downtime is minimized using bridged networks during migration. Migration uses live migration with vMotion to ensure non-disruption to user workloads and rollback is also available via vMotion, if needed.
Find out more about the NSX migration capability from Tomas Fojta’s Blog here.
To further help NSX-T adoption, there have been a number of improvements in VMware Cloud Director. IPSec is no longer a multi-screen setup process and further certificate management manual tasks, now IPSec Service will automatically be created if IPSec is enabled on a specific Edge. VMWARE CLOUD DIRECTOR does this by aggregating all the necessary data tunnel, local endpoint, any associated compliance suite, associated profiles in a single screen. Then VMWARE CLOUD DIRECTOR makes all the necessary NSX-T API calls.
Further security enhancements involve creation of groups of type IPSets and now in 10.1 Security Groups for routed networks. This provides a flexible security topology where a user can easily assign tags to certain entities such as a network based on the functionality/architecture topologies. VMs that are connected to a given network will follow the same sets of rules based on group/tag membership.
In order to make networks within the tenant vdc become directly addressable from either a branch office or corporate datacenter there is typically MPLS configuration and the need for a fully routed networking topology. Now the T0 router associated with the external network can advertise routes connected to a tenant’s edge gateway by the T0 being part of the tenant networking stack and the provider dedicating a specific external network to a specific Edge Gateway. BGP configuration can now be applied to the T0 uplink so external networks can be backed by a T0-VRF.
Finally Cloud Providers can now make use of vSphere Encryption from VMware Cloud Director. Encryption requires certificate keys that require a key management server (KMS) and Cloud Providers can choose from partners such as Fortanix or Dell Cloudlink. Whichever vendor chosen, the KMS must support the Key Management Interoperability Protocol (KMIP) 1.1 standard.
Encryption is provided using encryption on a storage policy. Storage policies are assigned each time you encrypt a virtual machine or virtual disk. Within VMware Cloud Director Service Provider Admin Portal one or more encryption-enabled policies can be applied to a provider VDC and add one or more encryption-enabled policies to an organization VDC. Providers can offer this service to tenants who can self-serve and associate their VM or disks with the available storage policies with enabled VM Encryption.