Running a software company requires a hefty IT budget, especially when you are company the size of VMware. IT Development and R&D teams need several environments to produce quality software—from sandboxes, collaborative development environments, functional test, performance test, and of course production environments. These environments are required for each feature and product developed. In addition, sales and marketing teams need websites, demo environments, sales and marketing automation solutions, etc. Then layer on all the backend systems like analytics, Finance, and HR systems—you end up with server sprawl. VMware is not immune to this type of challenge. But, we do have a plan to cut costs by $5-6 million this year through something called policy based provisioning and management. In this article, we will cover:
- What is policy-based provisioning management?
- Provisioning resources by cost
- Provisioning as a lease model
- Provisioning with built-in monitoring and analytics
- Building policy management into the datacenter
- How provisioning and de-provisioning work
What is Policy Based Provisioning Management?
Last year, VMware managed to cut provisioning times by up to 90% and trim costs by 30% by deploying the vFabric Application Director provisioning solution. This approach automated all the steps to request and provision business application workloads, eliminating most of the manual IT work and speeding up the process to deploy fully configured environments and running applications across the company.
This year, VMware IT is starting the second phase of this transformation toward the Software Defined Datacenter, and integrating vCenter Automation Center (vCAC) and VMware Directory to create policy based provisioning and management of business workloads. In this model, three things will provide significant savings:
1. Provisioning Resources by Cost and Performance Needs
First, the type of deployed compute, storage and load balancer resources will vary based on the type of environment requested. Depending on the policies set and based on the request from the service catalog, different tier’s of storage (either VMAX, VNX or NAS-based storage) will be assigned to the deployment with different tiers of load balancing and security like F5, vShield, etc.
As many sysadmins recognize, VMAX or VMAX with VPLEX storage is more expensive, so policies will work to target only systems that truly need this level of storage to function. Under this policy-based provisioning, development environments will be automatically assigned low level VNX or VNX NFS or ISILON NAS storage since they will likely have a low user base and load. For productions systems that are demanding on performance, more sophisticated storage solutions will be provided. Similarly, different tiers of load balancing, firewall, and compute resources will be provisioned depending on the needs and policies set.
2. Provisioning as a Lease Model
Second, the entire provisioning process moves to a lease model. When users request a deployment, a duration term is given. Upon the end date, the deployment will automatically be torn down with the right approval process. Of course, you can also support term extensions to delay tear-downs. The lease model strategy optimizes capacity and reduces infrastructure costs. By reclaiming resources back into the resource pool, virtualization and cloud admins can run their infrastructure more efficiently.
3. Provisioning with Built in Monitoring and Analytics
Integrated monitoring, analytics, and correlations are captured using VCOps and vFabric Hyperic to provide a detailed insight into all the events. By using these together in a time over-lay, we can find root cause issues much faster. This also helps reduce OPEX costs and reduce downtime.
Building Policy Management into the Data Center
In the new deployment, policies are managed in vCAC. Different deployment profiles are outlined that govern the selection of storage, load balancer, firewalls, and the duration of the lease. There are three different profiles currently—a low-cost, medium-cost and high-cost-performance. For the majority, this simplification of deployment profiles works.
For users that require more sophistication, roles will be used. For the majority of use cases, the standard profiles will suffice. For more sophisticated and one off needs, users with cloud admin roles can add additional policies and define new deployment profiles.
How Provisioning and De-provisioning Works
The Cloud Application Admin can define and design blueprints for their applications using vFabric Application Director. For example, Zend Server can be deployed automatically through blueprints or any app—see video example with Spring and vPostgres. Within Application Director, you can define various deployment profiles along with the dependencies and information to share across the blueprints. You can also create a service bundle workflow using vCenter Orchestrator (vCO or Orchestrator)—as an aside, Orchestrator workflows can be started many ways. These service bundles can be made available from the Service Catalog in vCAC.
End users can request for a specific service bundle and, once approved by the right authority, the requests are automatically sent to Application Director at the beginning of the request via a workflow in Orchestrator. Once the execution of application blueprints is complete, a complete, end-to-end, fully-configured environment will be ready. As part of the application director blueprint, a set of execution instructions will be sent to vCloud Director. These directions will ensure provision requests are made to the correct virtual datacenter with the correct deployment profile. Also, the 3rdparty component provisioning tasks and other post provisioning tasks will be orchestrated using vCO workflows and messaging.
VMware Directory will have the cloud structured, provisioned computer information. This directory information will also be used for de-provisioning tasks.
To tear it down, the platform keeps track of the leased term and will trigger the de-provisioning workflow using the VM identity information from the directory. Then, it will initiate the clean-up all resources including the DNS, load-balancer, storage, etc. Then, it will initiate Application Director to tear down all the resources. By interacting with vCloud Director, it will also release the resources back into the pool.