What is Next-Gen Workload Mobility for the Private Cloud?
Enterprises across the globe have been asking for simpler ways to provide multi-site Business Continuity and Workload Mobility for applications hosted in their Private Cloud. The Cloud promises a more agile operational environment and that promise has been fulfilled to a large extent within their data centers. But many Enterprises are challenged to unlock this same agility across multi-site Cloud topologies. For example, Enterprise CTOs and CIOs have asked us directly to provide simplified Workload Mobility of critical apps between sites to give their operations teams more flexibility.
Many competitive solutions offer basic VM mobility between sites and storage replication, but do not address the rest of the application environment including: security, stateful services, network containers, tenancy, and most importantly both physical and virtual resources.
What good does it do to move a VM to a new site if the rest of the application environment is left behind causing a potential security hole?
How to move a LIVE 3-tier app like Microsoft SharePoint to a new site (without impacting users)
As we all know, business critical applications require a robust service environment to operate securely across the cloud. In our example below, the application environment provides firewall and load balancing services for each tier of the SharePoint application; web, app, and database tiers. These services are stitched together using a secure Network Container that carve out a slice of resources across the data center for SharePoint. Most Enterprises and SPs use a mix of physical and virtual resources including firewalls, load balancers, VPN termination, IDS, and network switching. Many of these services create stateful connections to users, so….
If you perform a live migration of SharePoint to a new site, stateful connections to firewalls and load balancers need to be preserved to maintain security and TCP connections to active users.
Broken user connections = Service disruption (that’s not good)
You must also provide identical security and services for new SharePoint users even though the application has moved to a new site.
Broken Network Services = Potential Security hole (that’s even worse)
How does Next-Gen Workload Mobility actually work?
Let’s share some test results from our new Business Continuity and Workload Mobility Solutionto illustrate how we performed live SharePoint migrations to a new site (75 km away) while maintaining security, stateful services, and user connections. Oh yes, automatically without manual intervention.
Baseline topology for Microsoft SharePoint deployed in our Private Cloud
We first deployed the SharePoint Web, App, and Database tiers in a secure network container in Data Center 1 using service orchestration, simple and easy. Refer to the figure below for a topology picture.
SharePoint Web Tier is in a Public Zone, and uses a virtual firewall (VSG) and Citrix load balancer
SharePoint App Tier and Database Tier (SQL) are in a Protected Zone and use an ASA Firewall and Citrix load balancer
Our validated design provides LAN extensions, extended clusters, secure network containers, virtual switching, and storage replication between Metro sites
SharePoint is up and running in Data Center 1, supporting hundreds of users with secure connections. Now let’s move SharePoint to a new site without the users knowing it.
Step 1: Perform Live SharePoint Migration to Data Center 2….while maintaining secure user connections!
We performed a Live vMotion of SharePoint (Web, App, Database) to new hosts in Data Center 2, described in the figure below. Data Center 2 is 75 km away. Our SharePoint migration had minimal disruption (2 seconds or less) and maintained security, stateful services, and all user connections across our multi-site Cloud. Pretty sweet! A few highlights from our validated design are provided below.
Our virtual switch (Nexus 1000v), virtual firewall (VSG), and UCS automatically updated Port and Security Profiles at the new site, so our virtual switching and application firewalls were preserved without lifting a finger.
Layer 2 Extensions permit tromboning back to Data Center 1 to maintain connections to physical appliances (stateful firewalls and load balancers), also without manual intervention.
Our Network Container was automatically extended between Metro sites, maintaining security, tenancy, QoS, IP addressing, and user connections. SharePoint was discovered on the new host in Data Center 2 within seconds, using this extended Network Container.
Now let’s move the rest of the network container to Data Center 2 in less than one second!
Step 2: Redirect users to a new Network Container in Data Center 2….in less than 1 second!
With the aid of service orchestration, we simply created a new network container in Data Center 2. This new container included the same configuration, connections, and services (firewalls, load balancers) as the original container in Data Center 1. Once created, we simply redirected external users to the SharePoint application running in Data Center 2, as described below. The redirection of users happened in less than one second, pretty amazing. A simple routing update delivered through service orchestration performed the redirection. In this step, user connections were broken and new connections were re-established to the already running SharePoint application in less than one second! A few highlights from our validated design are provided below.
Layer 2 Extensions allowed the preservation of IP Addressing for Apps and Services during migration. There is no need to “re-IP” your applications just because they’ve moved to a different city.
The complete Network Container including physical and virtual resources was moved with minimal disruption (sub-second) to users
Our Multi-site Cloud solution supports a typical application environment, including both physical and virtual resources, with scaling for large and small private clouds
We also support Cold workload moves of less critical workloads that don’t require these stringent stateful requirements.
For More Info:
We encourage you to follow my blog series and check out our new business continuity and workload mobility solution (VMDC DCI), which describes key business drivers, Cisco DCI innovations, and validated designs that our customers are deploying in their private clouds.
Deploy with confidence! (and sleep better knowing your Cloud is more reliable and secure)
CVD Design Guide -- Cisco Business Continuity and Workload Mobility solution (VMDC DCI )
Solution Overview -- Cisco Business Continuity and Workload Mobility solution (VMDC DCI)
BrightTalk Session -- VMDC DCI for Business Continuity and Workload Mobility in the Private Cloud (webcast)
In my previous blog, we provided an overview of the critical use cases and innovations we included in our new Business Continuity and Workload Mobility Solution for Private Cloud. This blog highlights the critical trends and challenges driving new multi-site Cloud designs.
Two important trends are driving CTO’s and CIO’s to deploy new multi-site Cloud solutions that provide better Business Continuity, Workload Mobility, and Disaster Recovery.
More workloads are moving to the Private and Public Cloud versus the traditional data center
Cloud Data Centers have a higher density of workloads per server than traditional data centers due to increased virtualization.
This ever increasing volume of Cloud hosted workloads is placing serious pressure on operations teams to manage larger scale data centers, and insure that they keep these workloads up and running, avoiding costly downtime or a nightmare service outage. Many of the CTO’s and CIO’s we’ve worked with are re-assessing their Multi-site strategy to insure they can answer some tough questions:
What are the common weak points of multi-site Cloud designs that could prevent us from achieving our Business Continuity goals for our critical apps? Can we avoid them?
How can we provide Workload Mobility between sites to provide a more agile Cloud environment?
In the event of site outage, can our Private Cloud reduce the time it takes to recover critical applications to a new site?
How can our Private Cloud deliver these critical services (Business Continuity, Workload Mobility, and Disaster Recovery) with lower cost and complexity?
The number of mobile devices in our companies are exploding -- and one of the fastest and best ways to deliver all those existing Windows-based apps to these devices is using app virtualization. At the same time many of you are probably thinking about upgrading and expanding your Citrix XenApp deployment to Citrix XA 6.5 or XD 7 in any case.
But can your Citrix XenApp infrastructure support this upgrade and all these new users? When customers started asking us these questions we decided we needed to check it out. So we asked Principled Technologies to look at helping us test out how well our Cisco UCS architecture with Cisco UCS VM-FEX would cope with these stresses.
Desktop Virtualization On Your Terms – Flexibility and Choice with Architectures That Fit
I recently had the opportunity to host several customers in a roundtable discussion, exploring their experiences in deploying desktop and application virtualization, the challenges encountered, and the benefits they’ve reaped. It was an engaging dialog with organizations spanning mid-market, enterprise to large service provider environments deploying either Citrix XenDesktop or VMware Horizon View desktop virtualization software. In case you missed it, you can check out the event here. I mention this because it provides a valuable backdrop to some important news Cisco is sharing today, centered on helping IT organizations (like those I met with) more quickly achieve success in VDI.
Over the last few years, Cisco UCS has rapidly established itself as a leader among competitors with a much longer history in the server marketplace. Why is that? If you talk with anyone who’s implemented UCS in their data center, they’ll instantly tell you about the operational streamlining and simplification that UCS Service Profile Templates offer, the value of a unified data center fabric for LAN and SAN, and the performance derived from a platform that was purpose built for highly scalable, virtualized environments.
It should be no surprise then, that when organizations evaluate their options for server infrastructure to host virtual desktop workloads, the same UCS core value proposition extends nicely to desktop virtualization – the benefits of which are multiplied, in fact, given that virtual desktops can consume infrastructure resources and capacity in unique ways compared to other mission critical enterprise applications. We’ve therefore seen great response from our customers (as demonstrated in our webinar/panel discussion) when it comes to the fitness of UCS in hosting virtual desktops.
What we’ve come to find through our customer’s experiences, is that the vendor marketplace has traditionally taken a one-size-fits-all mentality around VDI architectures that either forces organizations to overspend CAPEX on approaches that are tuned for much larger environments, or wrestle with an economized approach that results in poor desktop user experience. Clearly, there’s a spectrum of IT implementation use cases that apply, when we’re talking VDI. Persistent desktops vs. floating, SAN in place vs. greenfield, one-hundred seats vs. tens of thousands, etc. so one size will never adequately fit all!
For this very reason, we’re expanding our portfolio of desktop virtualization solution architectures, along with the ecosystem of technology partners who are helping us accelerate the path to VDI success for environments of all sizes. While Cisco enjoys a strategic relationship with NetApp and EMC, we’re now offering desktop virtualization solutions that also include technologies from partners such as Nimble Storage, Nexenta, Atlantis Computing, Fusion-io, Tegile and others in process.
With these partners’ technologies come new capabilities that exploit key trends in the VDI and data center marketplace, including the proliferation of flash-based storage solutions, and appliance based approaches that mitigate the need for embedded SAN infrastructure and expertise (especially in smaller environments). Additionally, unlike our competitors who are narrowly focused on their own storage portfolio, Cisco can offer our customers the flexibility and choice they desire in selecting the storage technology and solution for VDI, that best fits their environment.
I encourage you to learn more about this exciting new portfolio of architectures by checking out the assets below.
Today Cisco is introducing an expanded architectural portfolio and partner ecosystem in support of our successful desktop virtualization solution built on Cisco Unified Computing System (UCS). Cisco UCS market traction has been phenomenal over the last 3 years. In fact, desktop virtualization has been one of the top workloads deployed on UCS as IT organizations apply the benefits of our stateless, simplified operations model, expansive I/O, and scalable performance to desktop workloads in the data center. Combined with unique product integration and the software eco-system partners such as VMware, Citrix and Microsoft, Cisco has delivered a number of reference designs with our strategic storage partners such as EMC and NetApp. Typically, these architectures were based on designs that easily scale from supporting a few hundred virtual desktops to thousands of desktops.
We have seen an inflection point with the perfect storm of the evolution of storage options, desktop software maturity, and data center architectures. One of the important changes in the storage market is the emergence of flash storage to address performance problems.
Taking advantage of enhanced UCS features and expanding the eco-system of storage partners including Atlantis Computing, Fusion-io, LSI, Nexenta, Nimble Storage and Tegile, Cisco is defining a broader portfolio of data center architectures for delivering desktop virtualization solutions – on-board architecture, simplified architecture and scalable architecture. “Converged” or “Unified” infrastructure stacks such as FlexPod and vBlock have, and will continue to be another successful option for desktop delivery infrastructure. Let me walk you through each of these architectural approaches.