As organizations look to private cloud solutions to reduce cost and complexity it is fundamental that the solution provides simple as-a-service offerings to help with agility and flexibility. As-a-service offerings can include virtual infrastructure, containers, and platform applications. IT organizations are looking for an integrated platform with a single operating model that encompasses all of these as-a-service paradigms. VMware Cloud Foundation does just that – providing a set of APIs that are consumable through CLI, UI, programmatically or even through Infrastructure as Code(IAC) methodologies.
VCF was built to deliver compute, networking and storage. Enabling the vSphere Supervisor abstracts these core virtual services – and adds additional services – so that non-administrator teams have access to them. They can be consumed directly via Kubernetes and/or VCF Automation and we will look at both options in this blog.
Setting up the As-a-Service offerings starts with Supervisor enablement which instantiates the core services, including the VM Service, vSphere Kubernetes Service (VKS) as well as Networking and Storage Services. Administrators can then enable additional Platform Services – called Supervisor Services – that might include things like a container registry, backup, DNS, certificate store or continuous delivery. The screenshot from the vSphere Client shows the core services as well as some user enabled services like ArgoCD and the consumption interface.
Supervisor Services can be created by users with appropriate development skills, but we have also curated a library of other services that can be easily enabled by administrators here: https://vsphere-tmm.github.io/Supervisor-Services/ .
Defining As-a-Service in Private Cloud
The general idea of IaaS is to provide compute, networking and storage as a service along with costing, monitoring and the ability to manage the lifecycle of the services deployed on top of the infrastructure. The other primary idea is that IaaS can be designed using IaC methodologies to treat infrastructure like software using scripting languages like YAML or JSON. It is important when managing the cloud to be able to declaratively and iteratively define and consume infrastructure. However this requires a cloud framework, an operating model and the appropriate methods to consume the underlying infrastructure investment. VCF provides a private cloud model that can accelerate your IaaS delivery, some of the benefits we will focus on in this blog are:
- Deliver the underlying vSphere Service for easy consumption via UI/CLI/API.
- SDDC components like NSX, VSAN, vSphere are easily discovered and consumed by management tools like VCF Automation.
- Rich set of supervisor services provide solutions for niche use cases along with traditional VM delivery.
- The out-of-the-box catalog provides a way for users to request applications and services via an easy to use interface. Admins can provide governance and policies such as approvals and leases.
- Rightsizing and Optimization data provides admins and app owners with the information they need to eliminate wasted compute and provide enough compute for their applications.
Private Cloud Consumption
Beyond the availability solutions that are inherent in the virtualization platform, Availability Zones can now be configured to provide resilience to container and VM workloads running at scale. Zones isolate infrastructure so that single outages don’t impact application availability. Consumption interfaces enable choice across user interfaces – whether its UI, CLI or directly through Kubernetes. The self-service catalog powered by DevOps principles, including Infrastructure as Code (IaC) via VMware Cloud Templates deliver a true cloud consumption experience.
For instance, you can use kubectl commands and initiate a VM creation using the VM Service, however you can also use the UI to create a Virtual Machine. The corresponding Kubernetes YAML manifest will be automatically created and updated with configuration options.
The UI creation flow seamlessly integrates with additional services of the platform. Users are able to create load-balancers using Network Service, to expose the VM on external ports. Users can also create Persistent Volumes using Volume Service to provide persistence for their workloads.
Consumers can also pass configuration to the VM using cloud-init. This configuration data is stored in a secret, and executed on the VM during its first boot.
All corresponding YAML manifests can be then downloaded and reused for consistent configurations across deployments.
Self-Service Kubernetes Clusters
vSphere Kubernetes Services (VKS, formerly TKG) is simply the service that lets you deploy upstream aligned, conformant Kubernetes clusters on demand. vSphere Kubernetes Service makes Kubernetes cluster deployment very quick and easy which means that it is easily repeatable and it’s only up to you whether you decide to deploy one big cluster with lots of resources allocated to it, or you prefer to deploy smaller clusters to provide better fault isolation for your applications.
Services such as Network Service and Storage service can integrate with your underlying infrastructure, and by using VM class definition you can pass through additional devices such as GPU cards. You can also deploy multiple Kubernetes versions into your clusters so your teams can use them for your experimentation and testing, for example when you are trying to validate your application on a newer version of Kubernetes.
Using VCF Automation to Deliver IaaS
So far we have discussed the core IaaS services delivered by VCF, in this next section we will look at how to provide a private cloud consumption model using VCF Automation. The VCF Automation approach is to deliver a cloud infrastructure automation solution that delivers a self-service private cloud with control, security, and compliance. The solution empowers users with self-service consumption of Kubernetes and cloud infrastructure resources “as a Service.”
Providers of IT Services, such as Cloud Admins, can deliver a true cloud consumption experience to Cloud Consumers, including developers, DevOps teams, and Platform Engineering teams.
The solution helps organizations release new and updated applications more frequently, enabling the business rollout of new products and services that supports business growth and global operations. The solution also makes better use of existing resources, making both IT and development teams more productive. Some of the benefits of using VCF Automation:
- Self-Service Curated Content Catalog
- Extensibility via workflows and scripts
- Infra-as-Code Templates provide a declarative YAML based method to configure infra and apps
- Ongoing lifecycle management and Day 2 Operations
- Governance and Policies such as Approvals, Lease Times, Costing and much more
Self-Service Curated Content
VCF Automation provides an enhanced consumption experience where admins and application teams are given a modern private cloud experience. All the while organizations can benefit from increased productivity and innovation to power a new generation of AI-enabled applications by significantly enhancing worker productivity and driving transformation across significant business functions.
It is also important to provide proper RBAC so users only see entitled catalog items. Ensure that each user has access to the required resources by implementing a cloud access model organized according to roles, projects, and regions, with clearly defined policies.
When providing self-service to your organization it is important to have some guardrails in place. Policies such as approvals, leases, quotas and more are available out-of-the-box.
Declaratively Define IaaS using Infra-as-Code
Define machines, applications, and services created on VCF infrastructure resources. Standardized, reusable templates can be designed and deployed on any supported endpoint based on inputs and variables that define the placement logic. Admins can also add ecosystem constructs, including VMware networking and security objects, Kubernetes clusters and namespaces, and custom resources.
Start by adding resources in the design canvas and then complete the details using the code editor. The code editor allows you to type code directly or enter values in a form.
VCF Automation supports integration with various flavors of Git repositories so that you can manage VCF Automation templates and action scripts under source control.
Below is a portion of a YAML template that was built in VCF Automation. In this example a VKS Cluster will be deployed using the CCI.Supervisor.Resource object type within the template.
Once the template is created then you may want to add extensibility subscriptions which can run scripts during events that occur during the deployment such as pre- or post-provisioning of a workload. For example, if you want to run a script after the deployment then you can choose a subscription for posts deployment then you can choose a VCF Orchestrator workflow or a ABX action.
Day 2 and Ongoing Management
Up to now we have discussed building and delivering IaaS services, however post-deployment and during setup it is important to be able to manage, troubleshoot and optimize the full stack. The integration between VCF Automation and VCF Operations is a powerful way to monitor and manage the deployments during the lifecycle of the application. Below is a screenshot showing a VCF Operations topology mapping that displays the infra and application services that make up a deployment. From this page you can see metrics, alerts, capacity trends and more.
The information provided via VCF Operations also includes rightsizing and cost information about the deployment along with historical and trending metric data. VCF Operations and VCF Automation working together provides a comprehensive set of tools to manage and automate workloads and applications.
How to get started
With the power and flexibility of automated Infrastructure as a Service your customer’s admins can satisfy the consumers demands for frictionless self-service while adhering to the mandates for governance, compliance and control. VMware Cloud Foundation provides a rich set of services to build and deliver true IaaS services to help with speed and agility in deploying applications. To learn more about VMware Cloud Foundation click here.