When migrating private cloud workloads to a public or hosted cloud provider, the methods used to facilitate customer onboarding can provide some of the most critical challenges. The cloud service provider requires a method for onboarding tenants that reduces the need for additional equipment or contracts that often create barriers for customers when moving enterprise workloads onto a hosting or public cloud offering.
Customer Onboarding Scenarios
When a service provider is preparing for customer onboarding, there are a few options that can be considered. Some of the typical onboarding scenarios are:
- Migration of live workloads
- Offline data transfer of workloads
- Stretching on-premises L2 networks
- Remote site and user access to workloads
One of the most common scenarios is workload migration. For some implementations, this means migrating private cloud workloads to a public cloud or hosted service provider’s infrastructure. One path to migration leverages VMware vSphere® vMotion® to move live VMs from the private cloud to the designated CSP environment. In situations where this is not feasible, service providers can supply options for the offline migration of on-premises workloads where private cloud workloads that are marked for migration are copied to physical media, shipped to the service provider, and then deployed within the public cloud or hosted infrastructure. In some cases, migration can also mean the ability to move workloads between private cloud and CSP infrastructure on demand.
Providing Connectivity for Customer Onboarding
When contemplating the method of migrating workloads during customer onboarding, one of the critical enablers of the migration effort is network connectivity. Some enterprise workloads might require access to Layer 2 segments that exist on-premises, while others might require access to essential underlying infrastructure systems, such as Active Directory/LDAP, DNS, CMDBs, and other systems that cannot be moved due to internal policy mandates, or the perceived increased cost and management of duplicating these components. In some cases, this access is needed only during the migration, while in others, the access might be required over a longer period of time. For example, with workloads that require on-premises Active Directory or LDAP access.
NSX Edge Service for vCloud Air Network Onboarding
VMware NSX® brings many of benefits of SDN to vCloud Air Network service providers, including increased security through micro-segmentation, reduced hardware costs, and the programmatic control of networking functions and services. VMware NSX provides a useful set of features for vCloud Air Network partners and customers alike. In addition to these capabilities, VMware NSX also provides essential services such as Virtual Private Networking (VPN) and Network Address Translation services that can be leveraged to facilitate the onboarding of customers to a vCloud Air Network partner infrastructure.
One feature example of VMware NSX built-in VPN functionality is the Layer 2 virtual private network (L2VPN) service. With the L2VPN service, vCloud Air Network providers implementing VMware NSX can provide customers with the ability to extend Layer 2 networks from their on-premises data centers to the VMware NSX environment of their chosen vCloud Air Network service provider. This functionality can even be extended to customers that need the benefits of hosting enterprise workloads on the public cloud, but have not yet implemented VMware NSX within their on-premises data centers.
This powerful VMware NSX Edge™ service provides an SDN solution for workloads that must be migrated to a vCloud Air Network public cloud or hosting provider, while maintaining original IP address and L2 connectivity. The L2VPN feature of VMware NSX is also an efficient way to enable long-distance vSphere vMotion between on-premises and vCloud Air Network hybrid clouds. The combination of these features can be leveraged in scenarios for a one-time vSphere vMotion based migration or ongoing workload mobility between on-premises and the vCloud Air Network infrastructure. For one approach to accomplishing the migration of live workloads, see the Live Workload Mobility to a vCloud Air Network IaaS Provider blog.
Example of vCloud Air Network Workload Migration with L2VPN
There are also situations in which a customer will simply need the ability to remotely access their workloads that have been migrated or deployed to their chosen vCloud Air Network partner. Customers want an encrypted connection to maintain the security standards they expect when accessing these critical enterprise workloads. In these scenarios, VMware NSX Edge™ can provide IPsec and SSL VPN services to extend site-to-site and remote user-to-site access to workloads residing behind the NSX Edge appliance within the vCloud Air Network provider’s data center. Additionally, VPN services such as IPsec can be leveraged to enable workloads that are deployed to a vCloud Air Network service provider to access on-premises systems that will not be moved during migration efforts.
Example of Remote Management of vCloud Air Network Workloads with SSL VPN
Using VMware NSX, vCloud Air Network partners are able to take an SDN approach to streamline the onboarding of customer workloads to vCloud Air Network public cloud and hosting environments. From extending L2 networks from a customer’s on-premises data center to a vCloud Air Network powered Hosting provider to enabling remote access to deployed workloads, VMware NSX can be leveraged to assist with customer onboarding without the need for additional hardware. In turn, customers of VMware vCloud Air Network partners benefit from this by being able to efficiently migrate existing workloads to a vCloud Air Network partner’s vSphere based infrastructure.
This blog post has outlined some of the features that VMware NSX can provide to VMware vCloud Air Network partners and their end customers for onboarding. Stay tuned for follow-up posts that expand on these use cases and for additional ways that VMware vCloud Air Network partners can ease the path for customer onboarding with VMware NSX.