Home > Blogs > VMware vCloud Blog > Tag Archives: vCloud Hybrid Service

Tag Archives: vCloud Hybrid Service

Meet Your VMworld Speaker Jay Marshall

I’m doing something new this year before VMworld 2014.  I decided that there is so much good content coming from my co-workers, that it might be helpful to get introduced to them as speakers before the event.  My goal is that people who enjoy my presentations will start following and listening to the presentations by some other very good people.  The problem is, you may just knot know who the people are when you see the presenter names in the catalog.  Here is the first of a few online interviews I am doing to help you get introduced to some new speakers!
Continue reading

New and Improved vCloud Hybrid Service vSphere Client plug-in

The VMware vCloud Hybrid Service team is continuously expanding on our vision of hybrid management. Last week, we announced general availability of vCenter Operations Management pack for vCloud Hybrid Service. Today, we are happy to announce general availability of vCloud Hybrid Service vSphere Client plug-in 1.5.

The plug-in extends familiar vSphere Web Client UI to vCloud Hybrid Service, allowing you to:

  • View and administer vCloud Hybrid Service cloud services such as Dedicated Cloud, Virtual Private Cloud and Disaster Recovery
  • Manage an inventory of virtual data centers (VDC), gateways and networks
  • Create virtual machines (VMs) from catalog templates and modify existing VMs
  • Receive automatic updates on any changes made in your account via the vCloud Hybrid Service web portal

… all from the vSphere Web Client.

In the 1.5 version of the plugin, we have added support for Storage tiers and Disaster Recovery.  Now you can manage storage allocation per tier for VDCs and VMs, or migrate VMs from one storage tier to the other simply by adjusting the tier of disk allocated.



The new version of the plug-in also allows you to view vCloud Hybrid Service Disaster Recovery (DR) resources (VDC, VMs) and their attributes (VM state, replication status and storage used in the DR VDC). You can also perform DR-specific actions such as Test and Clean Up from the plug-in.



The plug-in comes with an installer that is available natively from the vSphere Web Client. This makes the install and upgrade process sweet and simple.


Watch this video for an overview of the new features in vCloud Hybrid Service vSphere Client plug-in.

To learn more about our upcoming features and capabilities, follow this vCloud blog with your favorite RSS reader, or follow our social channels at @vCloud and Facebook.com/VMwarevCloud.

To get started with the vCloud Hybrid Service, visit vCloud.VMware.com.

Q&A with Gavin Jackson on the future of VMware vCloud Hybrid Service in Europe – Part One

This is a cross-post from the EMEA Blog. You can find the original post here.

Last week, we announced the launch of vCloud Hybrid Service in the APJ region, and this week, as part of the growing global momentum around vCloud Hybrid Service (vCHS), we’re able to announce a second vCHS data centre located just outside of Chessington in the UK. We asked Gavin Jackson, Vice President and General Manager for Cloud Services EMEA at VMware, to explain why the demand for vCHS is growing in Europe and why it has received such a positive reception from VMware’s customers.  

vCloud Hybrid Service is clearly engaging customers in Europe. Can you tell us a bit more about this?

You’re right, there has been a strong appetite among customers for vCHS in Europe, and it is resonating because it fundamentally helps organisations solve genuine business problems, with ease and without infrastructure investment. While I can’t talk about all of the customers we’re now working with, we’re seeing customers of all sizes, across sectors and industries and across European countries take up the service to help them solve some very common business problems.

For example, we’ve started working with BlueFin, an SAP implementation partner, and this is what the head of IT, Kevin Turnbull, had to say about vCHS: “With vCloud Hybrid Service, VMware has provided a solution to a problem which we had been trying to solve for years; how to have a true hybrid cloud which enables you to seamlessly move data and applications freely across private and public cloud environments, without having to learn a new set of tools. We can now create a full hybrid cloud model based on a technology we know and trust, in support of crucial enterprise workloads. We can see the value of vCHS for years to come. Currently, all our core systems are on-premises, but once the supporting hardware comes to its end of life, we are looking to move everything – including business critical applications – to a completely hybrid cloud environment with VMware.”

Why do you think vCHS is getting such as positive response?

Ultimately, it is the answer to the cloud dilemma. Businesses are challenged in moving their apps to the public cloud because of the perceived problems it can pose – such as security, compliance and compatibility. What vCHS allows you to do is smoothly and incredibly easily move your apps from your internal IT environment to a public cloud  - and back again if required – providing you with the benefits of the public cloud (scalability, compute power etc), but with the levels of security and compatibility that is needed in a private cloud environment. vCHS means you can scale to the cloud without the risk, and

it’s an example of where highly innovative and trustworthy technology is meeting the needs of increasingly demanding companies and truly responding to business problems.

Let me give you an example from one of our vCHS customers. This organisation had a very important revenue generating legacy application – which wasn’t even virtualised, and which created problems as its importance and complexity meant it couldn’t be easily ported to the public cloud or another location.

However, due to the advanced functionality of vCHS the firm was able to move this application to the cloud – in one step turning it into a virtualised application, freeing up on-site resources and opening up the application to further revenue opportunities. This demonstrates while legacy IT systems can sometimes seem unwieldy when they come face to face with the public cloud, a true hybrid cloud provides you with a fantastic solution, giving firms a way around some of the restrictions they can often face with legacy technology.

Don’t forget to visit the blog next week to see the second part of Gavin’s thoughts on the success of vCHS in Europe. In the meantime, why not check out our Fast Lane Racer game

Announcing VMware Cloud Academy: The Place to Go to Learn More About vCloud Hybrid Service

Ready to add hybrid cloud to your resume? Or want a chance to win a ticket to VMworld 2014? Visit the newly launched VMware Cloud Academy—a new site designed to help VMware vSphere administrators become more cloud-ready. The site includes a complete 7-part technical video series, a downloadable eBook featuring Dilbert cartoons by Scott Adams, and an opportunity to connect with your peers on cloud best practices—either online or at VMworld.

The cloud is here to stay, so take advantage of your VMware knowledge and see how easy it is to use the Hybrid Cloud as another target for your vSphere workloads. Check out the videos presented by our cloud experts to learn more about how Infrastructure-as-a-Service can solve your data center capacity problems or how Recovery-as-a-Service can give you a low cost and easy-to-manage disaster recovery solution. Then pass the quiz to enter a raffle to win a free ticket to VMworld 2014 in San Francisco.

Here are the details:

  • The quiz runs from July 18th to July 31st.
  • To enter, complete the quiz, get 18 out of 20 questions correct to pass, and fill out the drawing entry form. (If you don’t pass the first time, you can try again.)
  • The quiz is  based on our 7-part video series, so watch the videos. We kept them short and easy to consume. Hint: Download the eBook prior to taking the quiz.
  • Five winners will be randomly selected.
  • Winners will be announced on August 4th.

We’re looking forward to helping you on your cloud journey. Keep an eye out for upcoming Google Hangouts with cloud subject matter experts, more videos, and other opportunities to connect and expand your hybrid cloud knowledge. So bookmark VMware Cloud Academy today!

Good luck, and we hope to see you at VMworld 2014!

For future updates, follow us on Twitter at @vCloud and on Facebook at Facebook.com/VMwarevCloud.com.

For more information about VMware vCloud Hybrid Service, visit vCloud.VMware.com.

Why Run Your Exchange Environment In A Hybrid Cloud Model?

By David Hill

VMware vSphere has always been a premier destination for virtualizing packaged applications like Microsoft SharePoint and Exchange. Being built on the same trusted foundation of vSphere, vCloud Hybrid Service continues to see the hosting of these packaged applications as one of the five common starting points to hybrid cloud.

I thought I would expand on this, specifically around why would you would host Microsoft Exchange in VMware vCloud Hybrid Service.

Let’s initially think about the use case of Exchange itself. Microsoft Exchange provides email services to users. Exchange is sometimes considered a static workload that is not a suitable candidate for cloud deployment. However by the very nature of the Exchange use case where users are the key, it becomes a great candidate for deployment in a cloud.


Let’s think about an actual business and how they grow. No company wants to remain static, so one of their ultimate goals is growth. As a company grows, they take on more and more staff, and maybe then acquire companies, which again brings in even more staff. This in turn causes growth in your messaging systems; more staff equals more users, more users equals more data, more data equals more resource requirements and so it continues until your current infrastructure becomes too constrained and more capital investment is needed. This is where the potential for cloud comes in.

Cloud or IaaS provide the speed and agility IT departments need today. Gone are the days where a project to increase Exchange capacity could take 6 months. Businesses need to expand quickly and need IT to keep up with this expansion as quickly as possible. By leveraging cloud, you get the flexibility to grow your environment as you need to.

Leveraging Your Existing Infrastructure Through Hybridity

By leveraging a hybrid cloud model, you have the ability to leverage your existing investments in your on-premises environment. For example, consider backups that are typically a big investment for your Exchange environment. If you have invested in on-premises backup infrastructure, you will want to continue to leverage this investment. You’re not going to throw it away. This is one of the key benefits of hosting Exchange in a cloud. By designing and building a hybrid cloud, you can continue to leverage this existing infrastructure, while gaining the benefits like agility and ultimately reducing the time to resolve your capacity issues.

Disaster Recovery

Out of all the tools that are used for communication and collaboration, email services are probably the most critical of them all. Ensuring that a robust disaster recovery plan is in place for email is critical for most businesses.

In my personal blog, I talk about how you can leverage the built-in disaster recovery features of Exchange to build a fully redundant email infrastructure across multiple sites. Not all companies have multiple data centers and data centers are expensive to build and maintain, even if we use data center colocation. By leveraging a hybrid cloud model, you gain geographic diversity without the high costs and outlay of capital expenditure required to build multiple locations and data centers. You can simply purchase the amount of resources you need when you need them.

See the diagram below for a high level overview of how you might achieve this.


Why Not Office 365

Microsoft offers Exchange Online and Office 365 as their cloud-based email solution. They recommend you use this service alongside your current existing on-premises Exchange environment instead of hosting Exchange in the cloud. So why would you host Exchange rather than just pay for a SaaS offering? It comes down to three concerns: investment, control and compliance. Many companies have invested heavily in 3rd party tools and utilities that improve their existing on-premises Exchange environments. These include spam-filtering tools and backup solutions as described earlier. Some of these tools are used specifically to meet compliance and regulation standards. You cannot install these 3rd party tools in an Exchange Online environment – and the ecosystem is not yet mature enough to offer the same capabilities that are offered by an on-premises solution today. Also, some companies need control over when software is upgraded or patches are applied in order to conform to company policies. These companies need access to the Exchange server while still gaining the geographic reach and scale of a cloud-based solution. That is possible in a hosted environment.


The key to hosting a successful Exchange environment in the cloud is to understand all the benefits of that move. Some of the benefits that we have mentioned are:

  • Agility
  • Speed
  • Cost
  • Ability to leverage existing infrastructure

When making your decision on where to host Exchange, it’s important to consider supportability. Not all vendors and providers support Microsoft Exchange running in their clouds, so making sure that your environment and design is supported by both is critical. With vCloud Hybrid Service, you can run Exchange in one of the five different data centers across the United States or two data centers in the UK and still call the same Global Support team that you’ve always worked with – a great example of true hybridity.

For more information on migrating Exchange to vCloud Hybrid Service and to see how VMware’s own IT department deployed this, come to my VMworld breakout session “Architect the Hybrid Cloud for Microsoft Exchange and Lync”.

For future updates, follow us on Twitter at @vCloud and on Facebook at Facebook.com/VMwarevCloud.

For more information about VMware vCloud Hybrid Service, visit vCloud.VMware.com.

Introducing vCenter Operations Management Pack for vCloud Hybrid Service

VMware is excited to announce general availability of vCenter Operations Management Pack for vCloud Hybrid Service. Now you can get operational visibility of both on-premises and vCloud Hybrid Service resources from a single vCenter Operations Manager console.

VMware vCenter Operations Management Suite solves the cloud operations challenge with an innovative approach that is:

  • Automated – Patented, self-learning analytics enable a much higher degree of automation than traditional management tools, delivering nearly 70% productivity gains and 30% reduction in resource consumption.
  • Integrated – An integrated approach to performance, capacity, configuration management, delivered as an integrated suite.
  • Comprehensive – Built on an open and extensible operations platform designed for dynamic hybrid cloud environments, vCenter Operations delivers comprehensive performance, capacity, change, configuration and compliance management, application discovery and monitoring, and cost metering capabilities.

The vCenter Operations Management Pack for vCloud Hybrid Service extends these Operations Management capabilities of vCenter Operations Manager to vCloud Hybrid Service, providing a consistent user experience across clouds. This pack includes an embedded adapter that collects metrics, change events, and resource topology information from your vCloud Hybrid Service account and displays this information in your on-premises vCenter Operations Manager dashboard. Now you can monitor, isolate, and resolve performance bottlenecks across your hybrid cloud environment faster by leveraging the existing vCenter Operations capabilities that you already use.

The management pack includes in-depth VM level performance metrics, utilization metrics for vCloud Hybrid Service resources and out of the box dashboards for troubleshooting. You can get 40 metrics on VM performance (related to CPU, memory, disk, and network usage support) at 5-minute intervals to give you an internal view of resource statistics.

Example 1: Top 25 VMs by CPU, Memory, Network performance, etc.



Example 2: VM heat map view based on CPU, memory, storage and network:



The management pack provides utilization metrics for vCloud Hybrid Service resources, such as Region, Virtual Data Center, vApp, VM, and Cloud Type:

vcops3The management pack also provides several out of the box dashboards (symptoms, abnormal metrics, mash-up charts) for troubleshooting:



vCenter Operations Management Pack for vCloud Hybrid Service is available at no extra cost, works with vCenter Operations Manager 5.8 and 5.8.1, and can be installed on Advanced and Enterprise Editions of vCenter Operations Manager. Download the Management Pack here.

In addition to the Management Pack, vCloud Hybrid Service vSphere Client Plug-in 1.5 will be generally available in a few days. In this version of the plug-in, we have extended the integration of vCloud Hybrid Service into the vSphere web client with added support for vCloud Hybrid Service Disaster Recovery and Storage Tiering.

VMware is continuing to enable additional hybrid management capabilities so that you can write, deploy, and manage workloads on vCloud Hybrid Service the same way you do today in your onsite data center, without making any changes or additional investments.

To learn more about our upcoming features and capabilities, follow this vCloud blog with your favorite RSS reader, or follow our social channels at @vCloud and Facebook.com/VMwarevCloud.

To get started with the vCloud Hybrid Service, visit vCloud.VMware.com.



Think You Know VMware vCloud Hybrid Service — Disaster Recovery? Prove It and Win a Ticket to VMworld 2014!

Earlier this year we launched VMware vCloud Hybrid Service — Disaster Recovery. Since then, organizations and IT teams have had plenty of time to poke, prod and otherwise analyze our disaster recovery solution.

To see how well you know your VMware vCloud Hybrid Service — Disaster Recovery, the vCloud team has created a few quizzes where you can put your knowledge to the test.

Starting July 10th, you’ll be able to answer a few questions on vCloud Hybrid Service — Disaster Recovery and prove your mastery! Don’t worry about getting stuck; there will be hints along the way. If you succeed, we’ll enter your name into our drawing for a free pass to the ultimate cloud conference: VMworld 2014! No boss permission necessary!

We’ve set up three disaster recovery quizzes, giving you three chances to win a free pass to VMworld 2014.vmworldse

To participate, just sign up and opt into our contest email list. By being on the list, you’ll be one of the first to know when our VMware vCloud Hybrid Service — Disaster Recovery challenges are available.

Click here to sign up! Participants will be able to register by email before July 10th and will be able to take the test through a link in the registration email.

Keep in mind there are only three chances to participate in the Disaster Recovery challenge, but you’ll have a large window of opportunity to complete the challenge, so don’t fret!

The challenge starts on July 10th, and runs through the following dates:

  • Quiz 1: July 10 through July 17
  • Quiz 2: July 18 through July 25
  • Quiz 3: July 26 through August 4

Winners will be announced at the end of each challenge period. Good luck, and we hope to see you at VMworld 2014!

For future updates, follow us on Twitter at @vCloud and on Facebook at Facebook.com/VMwarevCloud.

For more information about VMware vCloud Hybrid Service — Disaster Recovery, visit vCloud.VMware.com.

VMware Continues to Expand Hybrid Cloud Data Center Presence in U.S. with New Jersey Location

We continue to expand vCloud Hybrid Service and broaden our footprint in the U.S., with the addition of a new data center in Jersey City, NJ. In close proximity to the New York and New England markets, the New Jersey data center is attractive to companies seeking greater resiliency and proximity to their customers, partners and existing data center locations. New Jersey is our sixth data center opened to date, with plans for additional data centers later this year as we continue to expand to meet customer demand. You can purchase cloud capacity in the New Jersey location immediately. Pricing is the same as our other U.S. data centers, and is available here.

VMware vCloud Hybrid Service, built on VMware vSphere, enables customers to extend the same applications, networking, management, operations and tools across both on-premises and off-premises environments. Customers can manage and automate vCloud Hybrid Service from their vSphere console, vCloud Automation Center, vCloud Application Director and their own tools using the vCloud API.

Designed to serve the growing demand for vCloud Hybrid Service, the New Jersey data center delivers a high performance software-defined data center architecture including:

  • Redundant VM Service – Unlike other clouds, VMware provides a service level agreement for VM availability, backed by fully redundant server infrastructure using VMware vSphere vMotion. This maximizes the performance and uptime of customer applications, automatically live migrating them to other compute nodes if there is server congestion or equipment failure.
  • Enterprise-class Storage – VMware uses flash-accelerated disk storage, 10G networking and congestion control to meet the performance demands of today’s enterprise applications cost-effectively.
  • Full Network Virtualization At no extra cost, VMware customers can deploy a rich set of load balancers, firewalls and VPNs using virtual networks, switches and routers to replicate their physical networking configuration.

Our hybrid approach helps enterprise customers use the public cloud with an infrastructure that matches their existing architectures and data location, giving IT all the freedom of the public cloud with the manageability and security they expect from their existing data center or private cloud.  For IT departments, a hybrid cloud can remove traditional barriers to innovation and radically change the relationship between IT and the business.

To get started with the vCloud Hybrid Service, visit vCloud.VMware.com.

For future updates, follow us on Twitter at @vCloud and Facebook.com/VMwarevCloud.

Journey To A Full Scale Hybrid Architecture with vCloud Hybrid Service – Part 3

By: Chris Colotti

In the first post I talked about the basic architecture of a large scale hybrid cloud build out, as well as integrating an on premises view environment into the vCHS hybrid cloud.  We extended that Horizon View environment into the vCloud Hybrid Service by adding security servers and global load balancing on the top layer.  You may be asking yourself “why” did we do that?  Well, the ultimate goal of building this out was to mesh together vCloud Hybrid Service – Disaster Recovery and desktops to access those applications.  With the next stage we set out to replicate an internal only application to vCHS-DR and use DaaS on vCHS to give the users access to it once it was failed over.

The Use Case Background

Before we go into the architecture solution we need to understand the problem we are trying to solve.  Many times in the past I have shown how you can fail over public facing applications.  However, not every application is web-based, public facing, or of a “Next Generation” architecture.  In a lot of cases many applications are still internal only and although may be web based, need a desktop on the corporate side to access it.  This is also the case for legacy fat client applications.  So the goal in this architecture was to show how a user can connect to an application on premises and also connect to that same application once vCHS-DR is invoked to fail it over.  The solution will comprise a few components for illustration, refer to the original overview diagram to understand all the connection points.


  • On premises Horizon View Desktops previously configured
  • On premises “Wiki” based application with a local DNS Entry
  • On premises AD/DNS Servers
  • vCloud Hybrid Service – Disaster Recovery running on the Wiki server ONLY
  • VMware Horizon DaaS on vCHS
  • IaaS based AD/DNS with VPN connection to the DR Cloud
  • Cloud to Cloud VPN from Horizon DaaS Cloud to vCHS-DR Cloud
  • Access to External DNS system
  • A Horizon View Desktop Client

For the purposes of continuing we will assume that the VPN’s and networks are already configured and replication is running on the Wiki Server.  We will also assume from the previous article that the desktop image used for Horizon View on premises is available and ready to synchronize with the new Horizon DaaS cloud.  In order to make this all work we need to first ensure the same desktop image is available in DaaS on vCHS for the customer.  We will double click into a few of the virtual data centers above later on.

Synchronizing View and DaaS Images with vCloud Connector

For ease of deployment we created our Horizon View on premises desktop image in vCenter.  We set it up the way we wanted and then used vCloud Connector Content Sync to push a copy of that up to our DaaS on vCHS cloud.  This way we are able to subscribe the DaaS catalog to the vCenter version of the image.  vCloud Connector catalog sync then ensures that the DaaS cloud has the same copy available to use.  This is not required and there is other DaaS related things you need to do to utilize the image, but we won’t go into that.  The concept is just to build one image and sync to the cloud(s).  If you want to learn more about Content Sync with vCloud Connector you can watch this video.  Honestly it’s easy to setup and takes care of ensuring the image is always in sync.  Once you have the image in cloud you can use the admin tools of Horizon DaaS on vCHS to create and deploy a desktop pool with the exact same image.

The Fail Over Process (Run Book)

In normal running conditions, the user would connect to view.companyname.com with their Horizon View Client, access their corporate desktop and get to the Wiki Application using http://Wiki01/ from a desktop browser.  In order to ensure the client can get to the same application  during failure we need to invoke a process such as this:

  1. Failover the Wiki Application to the vCHS-DR cloud
  2. Re-IP the application in the new cloud and power on
  3. Update the local DNS Servers in the IaaS cloud for the Wiki Entry
  4. Re-Direct External DNS for view.companyname.com to point to the DaaS Cloud instead on on Premises View
  5. Clients can then log in and access the same application, 100% cloud based on desktop and IaaS.

For illustration purposes the logical diagrams below show the on premises environment along with the disaster recovery, and IaaS environments.  Remember that the assumption here is all these have the proper cloud to cloud VPN’s and firewall rules setup for network connectivity per the first image.

Below is the On Premises logical architecture.  Notice the desktops are are available behind Horizon View and can connect to “WIKI01″


Below is the Dedicated Las Vegas IaaS cloud that is where the AD/DNS is running for access to directory and name services once fail over occurs.  Recall that VPN connections here are in place between the DaaS cloud and the vCHS-DR cloud for access to these services.


Below is the Dedicated Las Vegas DaaS tenant logical architecture.  You can see the dtRAM gateways in place on the internet passing connection to the DaaS based desktops in vCloud Hybrid Service.  Remember this cloud is connected via VPN to the vCHS-DR cloud so it can access the application below upon fail over.


In the Texas Disaster Recovery Cloud shown below, we can do a full fail over or a test fail over.  In each case the WIKI01 server will be connected to one of the two networks.  Once it is given a new IP address and DNS is updated the DaaS desktops will be able to connect.


Using External DNS To Manage Connectivity

In order to quickly re-direct a user’s View Client from on premises Horizon View to the DaaS desktop and making it transparent to them you need to get creative.  In my case I created the following External DNS records to support this use case.

view.dyn.companyname.org = Public IP of View Secure Gateway (A-Record)
daas.dyn.companyname.org = Public IP of Horizon DaaS dtRAM Gateway (A-Record)
view.companyname.org = view.dyn.companyname.org (CNAME 30 Second TTL)

If you are an avid user of DNS for cases like this you should be able to see why I did this.  During normal operations the users always connect to view.companyname.com in their client.  However,  in a disaster event you FLIP the CNAME to use the daas entry on the back end and when the client connects it’s completely transparent to them they are now on a DaaS cloud based desktop.  Pretty simply a clean and easy way to manage this step in the run book.

The Role of SSL Certificates For Clients

Something you want to make sure of in this setup so that all clients, both desktop and tablet based work, is that you need to use proper certificates.  You have really two options here to maintain the transparency to the user

  1. Install the SSL certificate for view.comnpanyname.com on all View Security Servers AND all the DaaS gateway servers.
  2. Use a wildcard certificate on all the servers

In either case the client is always connecting to “view.companyname.com” so when you flip between Horizon View Servers and DaaS gateway servers, you need the client to be able to authenticate the cert with the same name.  The goal here is to make it easy for the end user by not requiring them to change URL’s for their client.

Example Fail Over Video


Summary and Conclusions

My entire goal in life with this very extensive lab setup is simply to prove that you can use vCloud Hybrid Service not only for IaaS, DaaS, and DR…..but most importantly you can pull all the parts together into one enterprise level architecture.  Instead of using vCHS-DR on the desktops themselves save yourself time and effort.  Focus on the applications for DR along with the infrastructure and just leverage vCHS based desktops in Horizon DaaS to connect to those applications you have failed over.

Announcing Availability of BIG-IP Global Traffic Manager from F5 on vCloud Hybrid Service

By: vCloud Hybrid Service ISV Team and Chris Colotti

(This blog is Part 2 in Chris Colotti’s series, “Journey to Hybrid Architecture.” Visit Part 1 of this series, “Journey To A Full Scale Hybrid Architecture with vCloud Hybrid Service.”)

Maintaining application availability and performance while moving workloads to the cloud can pose challenges in maintaining seamless user experience across a hybrid environment.  To address this challenge,  today F5 is making BIG-IP Global Traffic Manager (GTM) available for vCloud Hybrid Service. With this validated offering, F5 brings its comprehensive set of application delivery tools to the enterprise-grade vCloud Hybrid Service platform.

Some of the key benefits of this solution include :

  • Continuous availability of applications across globe to enable user transparent application failover and disaster recovery
  • High application performance across hybrid environment irrespective of changing network and user volume conditions
  • Simplified Management across hybrid environments provides a single, global namespace for user connections.

To learn more about how F5 and vCloud Hybrid Service enhance application availability, visit F5 on the vCloud Hybrid Service Marketplace.

You can also get a free 30 day trial license of F5 BIG-IP GTM, by sending an email to vchstrial@f5.com. If you are currently using F5 GTM on premise you can Bring Your Own License to vCloud Hybrid Service.

In the remainder of this post, Chris Colotti, Principal Technical Marketing Architect with the vCloud Hybrid Services team explains the necessary steps in utilizing F5 Global Traffic Manager as part of the hybrid cloud architecture in vCloud Hybrid Service. 

In the previous post Journey To A Full Scale Hybrid Architecture with vCloud Hybrid Service, I mentioned that we used both DYN.com and F5 Global traffic managers to test load balancing of the Horizon View Security Servers.  What I wanted to do was provide a little detail on how specifically you deploy the GTM appliances inside vCloud Hybrid Service and how you would use them instead of the vCloud Networking and Security built in load balancing.  What I will not do a lot of here is explain the actual F5 configuration options as those are pretty well documented on the F5 site, of most people with F5 experience know how to write them.  This is just how to get the appliance deployed and configured on vCloud Hybrid Service so you can use it.

Logical Architecture

Below is a diagram showing logically how you insert the F5 appliance into vCHS.  Bare in mind for the current use we are only leveraging the DNS capabilities and we have not yet deployed virtual machines behind the F5 itself, that will come later.


I want to point out a few important things about this deployment.  Generally when you deploy the appliance it will ask you to assign four network interfaces named:

  • Management
    • Used for device management on the “private” routable network
    • Internal
      • This is where web servers or other servers would sit and use the F5 as their default gateway.  This is a NON routable isolated network in vCHS so all outbound access is routed through the F5.
      • External
        • This is the “Public” subnet where other servers may live that also needs DMZ access.
        • HA
          • Used for Traffic Manager replication and is optional.

We deiced we only need three as you see pictured and the mappings from the appliance names above to the networks shown is pretty simple to follow and these were the IP addresses assed to the interfaces on the F5 appliance itself as I deployed it in vCHS.

  1. Management =
  2. External =
  3. Internal =
  4. HA = Not Used

vCloud Hybrid Service Firewall Rules

Once deployed you need to forward traffic from external IP addresses you chose to the F5.  In our case we only needed to use a single one for now so the firewall rules are pretty simple as you can see below.

DNAT Rule:

Original         Translated   Protocol:Any

Firewall Rule:

Source Any:Any                                 Destination    Protocol:Any

Essentially what this rule does is allow all traffic on any port through the Edge Gateway on the selected external IP to the “External” port of the F5.  From there we are able to write all the rules you want on the F5 for pools of servers or the DNS functionality.  If you needed additional Public IP’s to map to additional internal public IP’s you can do so as needed but the premise is the same.

Configure External DNS for GTM DNS Load Balancing

One thing I learned in using the F5 for DNS load balancing is you do need to delegate the F5 as the authoritative DNS server for a Wide IP sub domain.  This is all actually documented by F5 in this article about delegating sub domains, but for my personal purposes I will explain what I did.  We host the external DNS for a lab domain on DYN.com.  So the process was pretty simple and once complete you can use the F5 documentation to configure the actual Wide IP Pools.

  • Create a DNS A-Record for gtm1.companyname.com on external DNS
  • Create a Subdomain zone called wip.companyname.com
  • Delegate NS (Name Server) Authority for the new subdomain to gtm1.companyname.com

What this does is tell all DNS lookups that anything looking for *.wip.companyname.com that the name server to go to is gtm1.companyname.com.  This is pretty standard if you understand DNS management.  Then you will configure wide IP pools and other DNS related records in the F5 itself since it is now the authoritative DNS server for all records in the subdomain.

Routing Traffic For Load Balanced Pools

Now here is the trick, which I have not yet deployed.  If you want to use this F5 to place servers actually behind it, you need to manually assign IP addresses on the isolated network.  When created an isolated network is configured for DHCP which actually deploys an Edge to do DHCP.  If you disable DHCP the Edge will be removed, but your static IP pool cannot be configured to push the F5’s interface as the machines Default Gateway.

In this case you would use the “Static – Manual” setting on the virtual machine and simply assign an IP, DNS, and Default Gateway of the F5 in the machine.  Then traffic will route out from the machine, to the F5, and off through the primary Edge Gateway, finally out to the Internet.  At some point I will put a machine behind the F5 and do this very thing and setup a local load balanced pool on the 10.10.10.x network.

Once you get through the basics you can see that this is pretty straight forward and allows you to now use F5 traffic managers in vCHS for multiple use cases.  Please see the F5 documentation for more specific configuration details.

For more information about VMware vCloud Hybrid Service, visit vCloud.VMware.com.

Follow us on Twitter and Facebook at @vCloud and Facebook.com/VMwarevCloud for future hybrid cloud updates and resources.

Chris is a Principal Technical Marketing Architect with the vCloud Hybrid Services team with over 10 years of experience working with IT hardware and software solutions. He holds a Bachelor of Science Degree in Information Systems from the Daniel Webster College. Prior to VMware he served a Fortune 1000 company in southern NH as a Systems Architect/Administrator, architecting VMware solutions to support new application deployments. At VMware, in the roles of Consulting Architect, Chris has guided partners as well as customers in establishing a VMware practice and consulted on multiple customer projects ranging from datacenter migrations to long-term residency architecture support. Currently, Chris is working on the newest VMware vCloud Hybrid Service solutions and architectures for vSphere customers wishing to migrate to the VMware Hybrid Cloud Service. Chris is also a VMware Certified Design Expert, (VCDX #37).