Thought Leadership VMware Cloud on AWS

VMware Cloud on AWS keeps charging ahead – Asia Pacific Expansion and New Capabilities to Accelerate Enterprise Cloud Migration Projects

Updated on August 29, 2018.

VMware Cloud on AWS turns 1 today! And with its anniversary, we are very pleased to announce service availability in AWS Asia Pacific (Sydney) Region. And we have a whole set of exciting sessions lined up at VMworld US 2018 starting tomorrow that our customers and partners can take advantage of.

We also couldn’t be more excited to unveil the new capabilities being introduced to empower organizations around the globe to rapidly migrate applications and data centers to a secure cloud service that meets enterprise application needs.

In our usual style, let us jump right in:

Rapid migration to a globally available cloud service

Customers want a cloud service that supports the demands of their workloads wherever their business operates. Since workloads may be constrained by various factors including memory and storage, picking the right infrastructure for optimal price to capacity and/or performance is crucial. They also want a cloud that is simple to operate with capabilities that abstract challenges in cloud migration. Furthermore, customers want choice in how they get started with and consume the cloud service. With new capabilities in VMware Cloud on AWS, we are addressing these requirements and more, enabling customers to migrate individual applications or entire data centers to the cloud with minimal business disruption.

New Regional Expansion

With our services now available in Amazon Web Services (AWS) Asia Pacific (Sydney) region, customers can now deploy VMware Cloud on AWS environments in US, Europe and Asia-Pacific. This serves the infrastructure needs of our regional and multi-national customers – be it cloud migration, data center extension or DR to a region where their business operates in. In addition, Pat Gelsinger and Andy Jassy also announced the global roll-out plan for VMware Cloud on AWS.

 

New high-storage capacity option with VMware vSAN utilizing Amazon Elastic Block Store (Amazon EBS)

Customers will be able to independently scale compute and storage resource requirements, and reduce costs for storage-capacity demanding workloads with new clusters for storage-dense environments. These clusters deliver cost-effective, scalable enterprise-class storage capabilities with VMware vSAN utilizing Amazon Elastic Block Store and run on new Amazon EC2 R5.metal instances.

  • Amazon EC2 R5.metal: R5.metal instances are based on 2.5 GHz Intel Platinum 8000 series (Skylake-SP) processors. Each host has 2 sockets, 48 cores, 96 hyper-threads, 768 GiB RAM, and 25 Gbps network bandwidth.
  • Initial VMware Cloud on AWS SDDC cluster will be deployed on I3.metal instance type. With subsequent clusters, customers have the option to choose I3.metal or R5.metal as the instance type. If they choose R5.metal, vSAN will use EBS storage by default.
  • In this topology, when a cluster based on R5.metal is provisioned, a customer chooses the storage capacity they need per host and this configuration is used for all hosts within the cluster – storage per host can range from 15 to 35 TB in increments of 5 TB. Note that in this release, the cluster has to be added to an existing SDDC and cannot be the first cluster that is provisioned in the customer environment. This can also be used in conjunction with VMware Site Recovery for right-sizing the amount of storage capacity needed for DR scenarios.

50% lower entry-level price with new three host SDDC minimum configuration

VMware Cloud on AWS now offers a 3-host minimum SDDC configuration as a starting point for production workloads to compliment the original 4-host SDDC configuration, enabling customers more flexibility in selecting the right environment size to migrate and run their workloads in. VMware is currently offering the 3-Host SDDC environment for the cost of a two-host configuration. In addition, for a limited time period, customer could take advantage of a new promotion that offers three hosts at the price of two. For the start, duration and terms and conditions of the promotion – please refer to our website for more details.

Accelerated, predictable live migration of 1000’s of VMs

VMware Cloud on AWS is constantly improving the cloud migration experience on behalf of our customers. Back in April of 2018, we made VMware Hybrid Cloud Extension (HCX), our large-scale migration technology, part of VMware Cloud on AWS core service at no additional cost. In this release, we are introducing new capabilities that will further abstract the challenges customers face when migrating their environments to the cloud.

VMware Cloud Motion with vSphere Replication, a new feature of HCX enables predictable, live migration of thousands of virtual machines with zero downtime. Customers can now perform large-scale, SD-WAN optimized, replication-accelerated live migrations between on-premises running different vSphere versions and VMware Cloud on AWS, something that was previously not possible.

  • Previously, if a customer wanted to live migrate a large number of VMs, the customer incurred data synchronization overhead during vMotion that could affect the reliability of the migration. Further, they could not pre-schedule their bulk live migrations.
  • With the new capability, customers can bulk live migrate workloads with zero compromise:
    • Customers can schedule bulk live migrations from on-premises vSphere 5.5 and above environments
    • vSphere replication proactively replicates data and changes until the scheduled time in the background
    • At the scheduled time, vMotion happens with no reboot of VM required
  • This capability supplements already available bulk warm and cold migration capabilities that were available as part of the HCX service.

Migration assessment with Cost Insight, now part of VMware Cloud on AWS core service

VMware Cost Insight now provides a free assessment of migration and costs to run workloads on VMware Cloud on AWS. Customers can calculate VMware Cloud on AWS capacity required to migrate applications / clusters / VMs from their on-premises private clouds. Learn more about this assessment and the latest news by visiting the Cost Insight website

Credits for VMware Cloud on AWS

VMware also announced a new edition, vSphere Platinum, for our on-premises customers. This edition delivers advanced security capabilities fully integrated into the hypervisor. In order to enable customers accelerate their path to hybrid cloud, customers purchasing 5 or more CPUs of vSphere Platinum licenses will get $10,000 worth of credits for VMware Cloud on AWS. Details as well as terms and conditions for this promotional offer will be available here, once vSphere Platinum reaches general availability.

VMware NSX / AWS Direct Connect integration for simplified, high-performance connectivity

VMware Cloud on AWS can now leverage AWS Direct Connect for management appliance and workload traffic, eliminating the need for separate VPN tunnels for this traffic. This feature is very helpful for customers with traffic-heavy workloads that they either need to migrate or operate in a hybrid manner. Key capabilities include high bandwidth, low latency connectivity for all traffic types, dynamic advertisement of NSX logical networks and management networks over AWS Direct Connect Private VIF and optional IPSec VPN for encrypted traffic. Further, for VPN-based connectivity, new enhancements reduce complexity for networking across sites while improving performance and resiliency. Key capabilities include simplified VPN deployment – dynamic route sharing via BGP, dual-homed tunnels across unique VPN endpoints enable inter-site resiliency and accelerated throughput and performance for IPsec tunnel traffic using DPDK technology.

Custom CPU core counts:

We are also announcing the ability for customers to configure their environments with the number of physical cores per host that they want to enable in a cluster. This feature enables customers to optimize their environments for applications that are licensed per physical core.

Purchasing enhancements:

VMware Cloud on AWS has flexible purchasing methods that included VMware SPP/HPP credit funds as well as credit cards. We are now adding the support for buying VMware Cloud on AWS using purchase orders to better serve the needs of our enterprise customers.

Deliver a secure, hybrid cloud service for your enterprise

VMware Cloud on AWS provides a robust and hardened cloud infrastructure with rich security features built-in. From an operations standpoint, VMware protects the information systems used to deliver VMware Cloud on AWS. The service is also monitored for security events involving the underlying servers, storage, networks and information systems used in the delivery of this service. Further, VMware performs routine vulnerability scans to surface critical risk areas and addresses them in a timely manner. Security configurations and operational procedures have been audited resulting in VMware Cloud on AWS obtaining industry certifications, such as SOC and ISO. From a technical standpoint, we have delivered the ability to use self-encrypting NVMe flash storage that vSAN leverages for securing data at rest. For data in motion, we delivered encrypted vMotion. For network traffic, we delivered the ability to control north-south network traffic to and from application workloads with the NSX edge firewall service. In addition, we also block all network traffic attempting to use TLS 1.1 and below as the communication protocol since these protocols were found to be vulnerable. Recently, we have also enabled multi-factor authentication for access of the VMware Cloud on AWS console.

Let us look at the new capabilities we are introducing for hybrid management and security:

Seamless hybrid management from on-premises with vCenter Cloud Gateway

Offering an additional option for customers who want to manage their VMware Cloud on AWS from their on-premises environments, we announced the preview of vCenter Cloud Gateway back in June 2018. vCenter Cloud Gateway, a new on-premises virtual appliance that delivers a single logical view and hybrid management of both on-premises and VMware Cloud on AWS resources, is now available. Key highlights include:

  • Hybrid management from on-premises: Manage VMware Cloud on AWS resources as extension of on-premises data centers
  • Simplified set up for improved user experience:
    • Integrated configuration of vCenter Hybrid Linked Mode as part of the Cloud Gateway installation
    • With vCenter Cloud Gateway, customers do not need to configure Active Directory (AD/LDAP) in the cloud vCenter Server instance or enter their on-premises vCenter admin credentials

Secure data with native, software-based vSAN encryption for data at rest with AWS Key Management Service (KMS)

Customers can now take advantage of built-in vSAN encryption with AWS Key Management Service. This enables encryption of data at rest with AWS’s managed service for creating and controlling the encryption keys. All data in VMware Cloud on AWS is encrypted at no additional cost.

Application-centric Security and Micro-Segmentation with VMware NSX

VMware NSX now enables powerful, yet simple micro-segmentation policies, providing granular control over east-west traffic between application workloads running in a VMware Cloud on AWS. Security policies are dynamically enforced at the VM-level, enabling organizations to prevent threats from spreading across the network. Administrators can define policies based on workload attributes (e.g., VM names, OS versions) and user-defined tags. These security policies will follow the workloads wherever they are moved inside VMware Cloud on AWS, providing increased operational simplicity compared to traditional IP-based firewall rules.

Granular network visibility for monitoring, security, and troubleshooting with flow and packet level visibility

IPFIX provides flow-level visibility and port mirroring provides packet-level visibility across all VMs running on an overlay network inside the SDDC. Flow and packet data can be consumed by third-party tools for application performance monitoring, security analysis, and troubleshooting.

Enhanced connectivity within SDDCs enables automation and partner solutions

VMware Cloud on AWS now provides native connectivity across workloads, management appliances (i.e., vCenter Server), and ESXi hosts. The native connectivity improves performance, enhances throughput and simplifies configuration for automation and partner solutions (e.g., PowerCLI scripts accessing vCenter Server and automating common VM operations, or partner solutions deployed as Proxy VMs connecting to vCenter Server and ESXi for backup-restore operations).

Real-Time Log Management included at no additional cost

VMware Log Intelligence audit log collection capabilities for VMware Cloud on AWS audit logs have been added to the VMware Cloud on AWS service at no additional cost. Within the VMware Cloud on AWS core service, customers can now get real-time alerts on anomalies based on custom triggers, custom dashboards to visualize trends, effective notifications on custom alerts and high-performance search within logs for faster root cause analysis. Customers can increase their security by being able to monitor VMware Cloud on AWS deployments for potential security breaches or internal misuses of infrastructure. They can demonstrate compliance with regulations and auditing requirements and gain visibility into activities in their VMware Cloud on AWS deployments. Learn more about this announcement in the Log Intelligence blog here.

Expanding ecosystem of over 100+ technology solutions that are validated with VMware Cloud on AWS

One of the really great benefits of VMware Cloud on AWS is that technology solutions that our customers have built their infrastructure on, continue to work with the industry-defining hybrid cloud service. We have been working with our VMware Technology Alliance Partners to test and validate solutions in cloud migration, data protection, DevOps, security, networking, key management system and many more categories – over 100+ technology solutions have been validated to work with VMware Cloud on AWS to date. To learn more about our joint solutions on VMware Cloud on AWS, please visit the VMware Solution Exchange. If you are a partner and would be interested in validating your solution, email [email protected].

Future-proof your enterprise application needs

In my previous blog – VMware Cloud on AWS – THE Hybrid Cloud to run your enterprise applications on, I had written about how VMware Cloud on AWS is the only hybrid cloud solution that allows VMware vSphere customers to modernize, protect, and scale mission-critical applications leveraging AWS, the world’s leading public cloud. We are continuing to enhance the service by delivering auto-scaling, enhancing resource management with compute policies and enabling just-in-time management capabilities for desktops. New capabilities include:

  • Auto-scaling with Elastic DRS: Announced in preview back in July at the AWS NYC Summit, this eagerly awaited feature, allows users to automate VMware Cloud on AWS cluster scaling. Elastic DRS enables automated scaling up or scaling down of hosts and rebalancing of clusters, based on the needs of the applications and the policies the customer defines. This capability is useful across the board, be it handling demand spikes and troughs in the general course of business or for disaster recovery with VMware Site Recovery, where customers can optimize DR costs with resource management of the DR cluster after failover, by automating cluster scaling with Elastic DRS.
  • Compute policies: New compute policies provide a higher level of abstraction beyond cluster rules to capture customer intent at an SDDC level rather than at a cluster level. A compute policy consists of a capability and one or more vSphere tags. vSphere tags identify the vCenter objects to which a policy applies, whereas the capability describes the intended behavior for the objects identified by these tags. As part of this framework, we are introducing a set of policies that the customer can now take advantage of to improve workload performance and uptime as well as simplify management of licensing cost.
    • Affinity rules: Enable policy-based control of VM placement and resourcing decisions based on user intent
      • VM-Host Affinity: Ability to associate VMs to a specific host group within a VMware Cloud on AWS SDDC cluster. This capability enables customers to optimize their application software licensing costs and TCO. It allows customers to implement VM-Host placement constraints as preferential policies at the SDDC level by leveraging inventory tags. Note: These preferential policies allow failovers and evacuation of VMs when a host is placed into maintenance
      • VM-VM Anti-Affinity: Ability to spread a specific group of virtual machines across multiple hosts for higher availability for mission-critical applications. This prevents simultaneous failure of those virtual machines in the event that a host fails.
    • Disabling DRS vMotion: Ability to inhibit DRS initiated vMotion for load balancing purposes. This is useful for vMotion-sensitive workloads such as large real-time/latency sensitive transactional databases and real-time transaction processing applications.
  • VMware Horizon 7 JMP support on VMware Cloud on AWS for just-in-time provisioning of desktops with instant clones, App Volumes and User Environment Management that provide the following benefits:
    • Fast provisioning: 1-2 seconds per desktop on average
    • Space efficiency: instant clones share a base image, thus reduces storage consumed by up to 80%
    • Simplified maintenance: Rolling desktop patching as user logs off, eliminates maintenance window associated desktop patching operation

Get started now

  1. You have the option of proving the value of VMware Cloud on AWS with our Single Host SDDC offering for non-production environments – for effective price of as low as $5.60/hour! As a reminder, the Single Host SDDC offering is time-bound to 30-day intervals and is designed for customers who want to prove the value of VMware Cloud on AWS in their environments be it for migrating to the cloud, extending your data center or modernizing your applications with native AWS services. Get started now by clicking here.
  2. You can also get started with the 3 host configuration for production environments for the effective price of 2 hosts for a limited time. Click here to learn more.

Availability

The following features mentioned in this blog post are Available: VMware Cloud on AWS service in AWS Asia-Pacific (Sydney); Elastic DRS; Cost Insight migration assessment at no additional cost; Log Intelligence audit log viewing capability with VMware Cloud on AWS at no additional cost; purchasing with PO;

The following capabilities are in Preview(1): vSAN with EBS support; the new Amazon EC2 R5.metal instance type; Three host SDDC configuration for production environments; VMware Cloud Motion with vSphere Replication delivered by HCX; NSX and AWS Direct Connect integration; NSX Edge IPSec VPN with BGP routing support; Custom CPU Core Count, vSAN encryption with AWS KMS integration; NSX micro-segmentation; NSX IPFIX and Port Mirroring; Enhanced connectivity with SDDCs across workloads, management appliances (i.e., vCenter Server) and ESXi hosts; vCenter Cloud Gateway; Compute policies; Horizon 7 JMP support for VMware Cloud on AWS

To view the latest status of features for VMware Cloud on AWS, visit: https://cloud.vmware.com/vmc-aws/roadmap.

Resources:


  1. Preview: Feature(s) released in preview may not be available to all applicable customers or in all AWS regions. The information in this document is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation that items in ‘Preview’, ‘’Developing’, and ‘Planning’, will become ‘Available’.