VMware Cloud on AWS Outposts: Cloud Managed SDDC for your Data Center

Background

Hybrid cloud is a reality for our customers and VMware’s mission is to support our customers by delivering infrastructure to wherever workloads are running – in the cloud, in the datacenter, or at the edge. VMware Cloud on AWS has been a critical part of this approach, as it delivers consistent VMware SDDC infrastructure on AWS with proximity to AWS services. Since we launched VMware Cloud on AWS in August 2017, we have seen tremendous customer success. Customers love the operational simplicity of VMware Cloud on AWS, which is delivered as-a-service, running on AWS elastic bare metal instance types and provided in a growing number of AWS Regions globally. Customers can instantly deploy a new software-defined data center (SDDC) and scale up or down capacity without having to worry about managing the underlying infrastructure or patching the SDDC software. Instead, they can focus their efforts on managing what is important to their business i.e. their applications.

Many of our customers have already seen the benefits of this jointly engineered service from VMware and AWS. One of our favorite customer quotes is from Lesley Ashman, CIO at Stagecoach Group.

“VMware Cloud on AWS supports our new cloud-first strategy by providing Group Technology and Change with a VMware environment in the cloud to support our business-critical applications. With VMware Cloud on AWS we have gained new levels of agility, scale, and resiliency through a multi-Availability Zone deployed platform. VMware Cloud on AWS mitigated our risk of moving business-critical apps to the cloud because we could leverage a consistent infrastructure and operational model.” Full video here.

This year at VMworld, we launched another key building block in our hybrid cloud strategy: Project Dimension. We’ve heard many times about how they appreciate the simplicity of the cloud-delivered as-a-service model of VMware Cloud on AWS, but these same customers also talked about how they will continue to need on-premises infrastructure for a long time. Whether in their data centers or edge locations, they needed local compute for reasons of latency, business continuity, compliance, or cost. In other words, customers want all the benefits of a cloud experience, delivered to their on-premises datacenters. This is what Project Dimension is about – its goal is to deliver the VMware Cloud experience “as-a-service” to on-premises environments, driving new levels of operational simplicity and allowing customers to focus on applications that differentiate their business.

With this feedback in mind coupled with the increasing success of VMware Cloud on AWS and the new announcements from AWS, VMware will be extending the VMware Cloud on AWS “as-a-service” model directly to customers on-premises data center.

Introducing VMware Cloud on AWS Outposts!

What is VMware Cloud on AWS Outposts?

VMware and Amazon are expanding their partnership to deliver a new, as-a-service, on-premises offering that will include the full VMware SDDC stack (vSphere, NSX, vSAN) running on AWS Outposts, a fully managed and configurable server and network installation built with AWS-designed hardware. VMware Cloud in AWS Outposts is VMware’s new As-a-Service offering in partnership with AWS to run on AWS Outposts – it will leverage the innovations we’ve developed with Project Dimension and apply them on top of AWS Outposts. VMware Cloud on AWS Outposts will be a subscription-based service and will support existing VMware payment options.

Below are the list capabilities that VMware Cloud on AWS Outposts will offer:

1. AWS hardware in your datacenter: Customers can choose from a wide selection of Entry Level, General Purpose, Compute Optimized, Storage Optimized, and Memory Optimized EC2 instance families (e.g. M5a/M5, C5, R5/R5a) and storage options (EBS volumes, local instance storage) to create the ideal configuration for their applications. Customers can start small with a single entry-level server and grow to full racks of servers as they scale. Customers can also purchase sub-rack units such as quarter and half racks based on their needs.
2. Unified management interface: The existing VMware Cloud Console will be used to perform lifecycle management of VMware Cloud on AWS Outposts instances. The VMware Cloud Console will also enable customers with visibility into their existing on-premises deployments and other VMware managed infrastructures including VMware Cloud on AWS and Edge deployments.
3. Resiliency to transient network failures: From a network connectivity standpoint, customers will be required to have either a Direct Connect (DX) or VPN from their VMware Cloud on AWS Outposts infrastructure to the nearest AWS region for management purposes. If network connectivity is lost, VMware Cloud on AWS Outposts and its workloads will continue to run, and resources will be provisioned to enable all events/metrics can be re-played when connectivity is re-established.
4. Integrated on-premises AWS Services: A subset of AWS Services can be made to run locally as part of VMware Cloud on AWS Outposts. For example, customers who require storage-optimized hosts for their SDDC which provides the Elastic vSAN capability (EBS-backed storage for vSAN), will receive the additionally required infrastructure that would normally run in AWS Cloud, as part of VMware Cloud on AWS Outposts. Other region-specific AWS Services such as S3 or EFS will continue to run in AWS Cloud. AMIs used during provisioning will also be streamed to the VMware Cloud on AWS Outposts infrastructure and then cached locally to reduce bandwidth usage and for disconnected scenarios.
5. Consistent and familiar VMware SDDC Software Stack – Once an SDDC is deployed on VMware Cloud on AWS Outposts, customers will be able to access the vSphere UI/API just like they do in VMware Cloud on AWS and immediately start consuming the infrastructure. The same SDDC software stack running in VMware Cloud on AWS will be running in your on-premises datacenter, which means you will have access to all the latest features and enhancements. You will be able to use familiar tools such as the vSphere API, SDKs and CLIs to manage and operate SDDC with no additional skillsets required.



6. Native Integration and Extension of VMware Cloud on AWS – VMware Cloud on AWS Outposts can take advantage of resources and capabilities from VMware Cloud on AWS. A perfect example is using VMware Cloud on AWS for disaster recovery which enables your workloads to be protected in the event of an on-premises disaster. Policies can be configured to allow workloads to burst from VMware Cloud on AWS Outposts to a specified VMware Cloud on AWS instance.
7. Eliminates customers burden of managing on-premises hardware and software – Both the physical and virtual infrastructure will be managed and monitored by VMware SRE’s. Customers will be notified in advanced for patching/upgrade of the infrastructure just like they do today in VMware Cloud on AWS. Using customer defined policies, VMware Cloud on AWS Outposts will be able to remediate failed hosts using spare capacity and automatically order a replacement system.

 

How does it work?

AWS Outposts hardware will be shipped to a customer’s on-premises datacenter and connected to their power and networking infrastructure. Once online, a similar workflow to VMware Cloud on AWS will take place where a VMware SDDC will be deployed directly on the AWS Outposts hardware.

Once the SDDC is up and running, customers will be able to migrate their existing workloads onto their new VMware Cloud on AWS Outposts SDDC using the new VMware Migration Center. VMware HCX is the underlying technology that enables seamless workload migration without any downtime to the Virtual Machine and its applications. Customers will have the ability to migrate specific groups of Virtual Machines based on SLAs and each migration group will have the ability to be scheduled in advance.

Post-migration, the VMware Migration Center will also help customers to better secure, monitor and protect their workloads. For example, customers can easily apply recommendations from VMware AppDefense to properly protect their workloads. With the help of VMware NSX, customers can quickly create micro-segmentation security policies which are applied across all workloads. Logging and monitoring can be enabled using VMware Log Intelligence and Wavefront by VMware and lastly, disaster recovery of workloads can be easily enabled with VMware Site Recovery.

As part of delivering VMware Cloud on AWS Outposts, customers will also be able to use the underlying AWS Outposts infrastructure to run native EC2 workloads within their on-premises environment. This is ideal for workloads that require access to on-premises infrastructure such as an Enterprise Datawarehouse where the frequency of access and latency can potentially affect the performance of the application. With AWS Outposts, developers will get the benefits of data locality while still being able to consume AWS services using the exact same workflows, application programming interfaces (APIs), and tools that they are familiar with.

From an operational and management standpoint, this new EC2 infrastructure can bring new challenges to an existing on-premises datacenter. How do you better secure, backup, monitor and provide access to this new infrastructure? VMware Cloud Foundation for EC2 will deliver exactly this.

VMware Cloud Foundation for EC2

VMware Cloud Foundation for EC2 is an integrated suite of VMware products and technologies that is natively built for all EC2 workloads including EC2 on AWS Outposts through partnership with AWS. This joint solution from VMware and AWS will enable enterprises to seamlessly integrate EC2 on AWS Outposts and EC2 on AWS Cloud with on-premises infrastructure and applications while utilizing their existing teams, skillsets, tools, and processes. In addition, customers will have the ability to quickly enable and consume pre-installed VMware Cloud Foundation software from EC2 cloud console.

VMware Cloud Foundation for EC2 will extend VMware enterprise-class capabilities to provide seamless network connectivity to on-premises network and AWS cloud, end-to-end network visibility and insights, consistent micro-segmentation and application security policies for both vSphere and EC2 workloads, and unified data protection and management with existing tools and investments. Below is a list of capabilities that VMware Cloud Foundation for EC2 will be able to deliver for all EC2 workloads including EC2 on AWS Outposts.

1. Connectivity to on-premises network and AWS cloud (Available now for EC2 on AWS Cloud and 2H 2019 for EC2 on AWS Outposts): VMware NSX provides highly reliable and optimized connectivity from EC2 workloads on AWS Outposts to customer on-premises network, internet, and AWS cloud. NSX which is part of VCF for EC2 offers the following benefits and more:
   1. Provides hybrid connectivity (Direct Connect or VPN) between on-premises, including EC2 on AWS Outposts, and AWS Cloud.
   2. Seamlessly connects all EC2 workloads, including EC2 on AWS Outposts, to customer network through existing routing protocols and policies without the need to introduce intermediate gateway.
   3. Prioritizes traffic between on-premises workloads and EC2
   4. Enables customers to use existing Day 2 operation tools to gain visibility into network traffic within and across EC2 on AWS Cloud and AWS Outposts.
   5. Enables customers to leverage existing investments in IDS/IPS, LB, and other hardware and software network and security products through NSX integration with partner eco-system.
   6. NSX can stretch subnets between on-premises network and EC2 network, both EC2 on AWS Cloud and EC2 on AWS Outposts, for workload migration and many other use cases.
2. Consistent micro-segmentation security policies across all workloads (Available now for EC2 on AWS Cloud and 2H 2019 for EC2 on AWS Outposts): VMware NSX has been widely used to better secure on-premises workloads. The same micro-segmentation security policies are extended to EC2 on AWS outposts and AWS cloud workloads. The NSX cloud already supports EC2 on AWS cloud. Please follow this link https://www.vmware.com/products/nsx-cloud.html for more details. NSX allows enterprises to create a single micro-segmentation policy that spans across native EC2 on Outposts, on-premises vSphere workloads, EC2 on AWS cloud, and on-premises physical workloads. The security policy is automatically applied and enforced based on instance attributes and user-defined tags, and it follows workloads when they are moved within and across EC2 environments.
3. Application security using VMware AppDefense (Expect to be available in 2H 2019): VMware AppDefense understands an application’s intended state and behavior, then monitors for changes to that intended state that indicate a threat. When a threat is detected, AppDefense automatically responds. VMware intend to extend this capability to native EC2 workloads on Outposts and AWS cloud.
4. Enterprise-compatible data protection and management API for EC2 (Expect to be available in 2H 2019): Many enterprises use VMware and partner solutions for data protection, disaster recovery, and workload mobility. Using VMware vSphere Storage APIs for Data Protection (VADP), customers can use their existing solutions and investments for all EC2 workloads including EC2 on AWS Outposts. The huge data protection ecosystem of VMware gives customers many options for enterprise-focused solutions and feel confident that they can leverage their existing investments as they deploy EC2 on AWS Outposts.
5. Unified management and operations for both vSphere and EC2 workloads (Available now for EC2 on AWS Cloud and 2H 2019 for EC2 on AWS Outposts): VMware’s management and operation products and services are heavily deployed and used by to manage on-premises and native public cloud environments. Our portfolio enables automated application provisioning, monitor and troubleshoot infrastructure and application issues and provide visibility, cost and resource optimizations for both vSphere and native EC2 on AWS cloud. Through partnership with AWS, these products will be further enhanced to support EC2 on AWS Outposts, so mutual customers can continue to use familiar constructs, skillsets, and processes to manage all EC2, both AWS Cloud and AWS Outposts, and vSphere workloads.
6. Common application development platform for modern apps (Available now for EC2 on AWS Cloud and 2H 2019 for EC2 on AWS Outposts): VMware is working to extend its Kubernetes services to EC2 on AWS Outposts, that will enable customers with a common application development platform across on-premises and public cloud environments with access to rich VMware, AWS, and partner services.

How will it work?

Using the familiar VMware Cloud Console, customers will be able to easily discover and manage new AWS Outposts infrastructure. With a click of a button or API call, customers can enable VMware Cloud Foundation for EC2 capabilities for their current EC2 workloads, either running in the AWS public cloud or on AWS Outposts.

Customers will be able to provide secure access from their existing EC2 workloads to both on-premises and VMware Managed Clouds, using VMware NSX.

Similarly, customers will also be able to take advantage of their existing investments in vRealize and Wavefront and expand it seamlessly to this new environment. In addition, the recent addition of CloudHealth enables us to provide customers with visibility on usage, active cost management and optimization across their cloud environments to achieve their business outcomes. Each configuration category provides a guided experience that enables EC2 workloads to take full advantage of the VMware SDDC capabilities.

Summary

VMware’s cloud vision is to deliver consistent infrastructure and operations across the data center, public / hybrid cloud and edge. VMware Cloud on AWS Outposts and VMware Cloud Foundation for EC2 will enable customers to have a consistent and unified experience for managing both existing workloads running on VMware-based infrastructure as well as extending the benefits of VMware’s SDDC to on-premises EC2 workloads.

You can get a taste of VMware Cloud on AWS Outposts by trying VMware Cloud on AWS. In addition, try NSX Cloud on EC2 to get a taste for what VMware Cloud Foundation for EC2 can do to streamline your hybrid cloud with consistent network and security policies across private and public clouds.

Read our press release or visit our website for more information. On our website you can also sign up to stay tuned for updates on these exciting offerings.