VMware vCloud Director – A Short Overview – NAKIVO

VMware

has always released excellent new virtualization software for individual users, organizations, and MSPs. VMware’s virtualization products aim for an application-centric approach in data centers rather than the traditional hardware-centric approach. You can use a suite of VMware virtualization solutions to create a software-defined data center. VMware vCloud Director is one such product that can be used in large data centers. This blog post describes the key features and use cases of VMware vCloud Director.

What is vCloud Director?

VMware

vCloud Director (VMware vCD) is a platform with multi-tenant support for managing software-defined data centers (SDDCs) and providing infrastructure-as-a-service (IaaS) to customers. This solution is tailored for managed service providers (MSPs). The IaaS provider can create a private or public cloud and use VMware vCloud Director to manage the virtual data center flexibly and efficiently.

You can create a virtual datacenter based on multiple physical data centers, allocate resource groups, and provide the appropriate services to customers. Customers then consume the provided resources and use virtual machines that reside in the data center. At the time of writing, the latest version of VMware vCloud Director is VMware vCloud Director 10.2, now renamed to Cloud Director (without “v”).

How VMware vCloud Director VMware vCloud Works

Director is installed

as a device containing the embedded PostgreSQL database or installed manually on a Linux machine (in this case, an external database must be configured). After installation, you can integrate vCloud Director with other VMware components and deploy multiple vCloud Director servers or appliances to ensure high availability. The VMware Director appliance is distributed as an OVA template and contains a VMware Photon operating system, service groups, and PostgreSQL.

<img src="https://www.nakivo.com/blog/wp-content/uploads/2021/07/VMware-vCloud-Director-architecture.png" alt="VMware vCloud Director Architecture

” /> VMware vCloud Director

provides a dashboard with a graphical user interface (GUI) to enable self-service for clients. The web interface is based on HTML5. The global administrator creates accounts for tenants with the appropriate permissions. Tenants can then create virtual machines, provision resources for virtual machines, run virtual machines, and so on. At first glance, Cloud Director seems too complex for new users who have no experience with such enterprise-level products. However, after a little practice, users appreciate the power and convenience due to the rich functionality and variety of options.

VMware

vCloud Director is integrated with VMware vSphere and VMware vCenter to provide resource pools for creating and running virtual machines. All physical resources in a data center, such as compute, storage, and networking, are grouped into resource pools for use by tenants in vCloud Director. VMware vSphere provides all resources to vClo

ud Director to create a primary shared group, which is called the vendor’s vDC (virtual data center). The abstracted provider vDC is used to allocate resources as separate units that are called Organization Virtual Datacenter (vDC) Org to tenants. Organization vDCs are connected to one or more networks and can use resources from different vendor vDCs to provide services of different kinds (depending on storage speed, availability, costs, and so on).

Organization vDCs use vDCs from vendors of different classes

VMware

vCloud Director vs VMware vSphere: What’s the difference? VMware vSphere

includes ESXi hosts

that run directly on physical hardware and vCenter servers, which are used to manage ESXi hosts. VMware vSphere is used to allocate resources such as CPU, storage, memory, and networking. Therefore, vSphere components operate at a lower level. You must add hosts, create clusters, distributed virtual switches, and other virtual infrastructure components in VMware vSphere.

VMware vCloud Director

operates at a higher level and is used to abstract underlying physical resources, ESXi hosts, virtual machines, vCenter, and so on. vCloud Director end users do not know the underlying physical infrastructure, ESXi hosts, and vCenter servers. VMware vCloud Director is used to create a cloud that end customers can use. VMware vCloud Director interacts with the underlying vSphere components and infrastructure, and synchronizes with vSphere periodically. At the vCloud Director level, resource provisioning is automated. A user enters input parameters, then virtual machines, networks, and other resources are deployed to an optimal secure location automatically and seamlessly for a tenant. Fast, transparent and automated provisioning is performed.

While a vCenter administrator can view virtual datacenters,

which are logical units for management, a vCloud Director user (tenant) can only view the organization’s datacenters, catalogs, users, and options for managing a virtual organization’s datacenter. VMware vCloud Director administrators can view multiple organizations and underlying resources, but they cannot perform all management operations for these resources as they do in vSphere.

Components and Concept

Let’s explore the main terms and concepts of VMware vCloud Director

. A virtual data center

(vDC) is the environment where you can create virtual machines, vApps, VM folders with templates, and so on

.

A virtual machine is the basic unit of the virtual data center. You can create virtual machines from templates, create new virtual machines, and install a guest operating system from an ISO image.

Virtual Applications (

vApps) is a container for storing multiple virtual machines that work together to run a multicomponent application (whose components run in multiple virtual machines). VMware vApps is used to group and manage multiple virtual machines that perform common tasks. You can create vApp templates for rapid deployment of vApps and virtual machines.

Libraries and catalogs are used to store virtual machines, templates, ISO installation images, and so on. Users can upload their ISO files to catalogs.

The Org vDC network is the network of a virtual data center that is available to all vApps and virtual machines. The Org vDC network can be isolated without Internet access and routed with Internet access.

The vApp network

is a network that only works within a vApp for vApp components (VMs). Virtual machines from other vApps cannot access this vApp’s network. This approach provides an additional level of isolation between vApps. The vApp network has its own gateway to connect to the Org vDC network.

An external network is a network connected to a virtual machine directly without using the cloud edge gateway.

When a user creates a virtual machine clone or creates a virtual machine

from a template, VMware enables the use of the guest customization mechanism to change the GUID, virtual machine name, host name, user password, virtual hardware options, and so on, so on to make the new virtual machine unique.

A managed service provider can assign tenant administrator permissions to a customer to allow them to create users, allocate resources within an organization, configure services, and so on. A tenant administrator can configure public catalogs with virtual machines and virtual machine templates and provide access to users. One of the main concepts of using the cloud configured with vCloud Director is isolation. Your organizations’ tenant environments and virtual data centers are completely isolated from each other. In addition to high security, VMware Director is optimized for resource consumption.

Each tenant has a specific link for the partner organization to log in to the VMware Director web interface using its own user account. MSPs can use VMware vCenter Chargeback Manager to calculate costs and provide billing.

When

resources are needed for a tenant, they are allocated from an abstract provider vDC layer (for example, a user is starting a virtual machine running a heavy application). When no resources are needed, they are returned to the pool (for example, a virtual machine is shut down).

There are three types of resource allocation for Organization vDC that VMware vCloud Director uses: allocation group, reservation group, and pay-as-you-go.

Allocation pool. The predefined percentage of resources is guaranteed and the maximum available limit is set. The percentage of CPU and memory resources is defined.

Book a pool. All resources are allocated. The guaranteed resources and the ceilings are equal. A user can edit limits and allocate resources for virtual machines at any time (limits are not set at the virtual machine level by default).

Pay as you go. There are no guaranteed resources, and defined limits are set for the reservation in the resource group (resources appear unlimited for the resource group). Resources are limited at the virtual machine level. Use this option if you do not know how many resources should be consumed.

The maximum number of virtual machines

is set for each resource allocation model to limit the number of virtual machines in a vDC. From an MSP’s point of view, the vendor can use elastic pool resources rationally and purchase new hardware when there are no free resources.

Additional Components

vCloud Director functionality can be extended using APIs, SDKs, and plug-ins. VMware vCloud Director provides APIs and SDKs for building custom applications and automating workflows. The APIs were changed with the release of different versions of VMware Director. VMware recommends using the latest version of the API.

VMware

vCloud Director plug-ins are available to extend the functionality of VMware Director, the service provider management portal, and the tenant portal. Developers can create their own plug-ins using the tools mentioned above.

VMware

vShield (VMware vCloud Networking and Security) is supported to enhance the security of network services.

Kubernetes and containers are supported on the latest versions of VMware vCloud Director with VMware Container Service Extension (CSE). An MSP provides Kubernetes as a service with these characteristics to tenants. In VMware vCloud Director v.10.2, the Container Service Extension plug-in is enabled by default and does not need to be installed manually (just publish the plug-in for tenants).

VMware

Director and NSX VMware

vCloud Director is integrated with VMware NSX, allowing you to configure a complex virtualized network in a software-defined data center (NSX-V and NSX-T are supported). As a result, users can create a custom network topology in a virtual datacenter to connect virtual machines to the network without needing to know the underlying physical network equipment. The NSX network consists of logical switches, routers, firewalls, load balancers, VPNs, and additional security features. NSX-T Migration Tool enables you to migrate from VMware NSX-V to NSX-T.

Integrating vCloud Director with NSX provides the following features.

Distributed firewall. Manage security policies granularly, including rules for Org vDC traffic. Tenants can configure rules for north-south and east-west traffic management.

Dynamic routing. Use Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF) to automatically and dynamically create routing tables for routing between VMware NSX edge gateways. Dynamic routing eliminates the need to manually configure routes, saving time when virtual machines from different organization vDCs must communicate with each other.

Tenant layer 2 VPN (virtual private network) is used to create hybrid clouds. This feature enables tenants to create a tunnel between an organization’s vDC network and an organization’s physical network (on-premises).

Tenant SSL2 VPN is an additional option for remote access.

Load balancing allows service providers to distribute incoming traffic to meet the SLA (Service Level Agreement).

Benefits

of vCloud Director

Let’s summarize the benefits of VMware vCloud Director:

  • Rapid and automated provisioning of virtual machines and
  • their resources

  • Multi-tenancy is the core concept for MSPs that reduces management efforts
  • Integration with other VMware products
  • A wide range of configurations, operational efficiency
  • Flexible resource management
  • High security and logical isolation of virtual data centers, vApps,

VMware

vCloud Director is a useful solution for managed service providers who provide infrastructure as a service (IaaS) by using the VMware vSphere virtualization platform to run virtual machines and containers. Multi-tenant support is ideal for MSPs due to streamlined management efforts, cost-effectiveness for providers, logical isolation, and high security for tenant (customer) resources in the cloud. Integration with VMware NSX allows users to configure virtual networks for their virtual machines. The wide range of configurations makes VMware vCloud Director an excellent solution for MSPs and their customers.

If an MSP provides IaaS for customers to allow them to run virtual machines, it’s a good idea to provide infrastructure as a service in combination with backup as a service (BaaS), replication as a service (RaaS), and disaster recovery as a service (DRaaS) to enable customers to protect and recover their data. NAKIVO Backup & Replication is a universal data protection solution that supports multi-tenant installation and can be used by MSPs to provide BaaS, RaaS and DRaaS for VMware vSphere and VMware Cloud Director environments. Download the free trial that supports multi-tenant for MSPs from the official NAKIVO website and try VMware vSphere backup and VMware Cloud Director backup along with the full set of features in your own environment.