Home > Blogs > vCloud Architecture Toolkit (vCAT) Blog > Monthly Archives: April 2018

Monthly Archives: April 2018

VMware Cloud on AWS Base Reference Architecture for Managed Service Providers

Reference Architecture

VMware Cloud on AWS is an on-demand cloud service that enables you to run applications consistently across VMware vSphere-based cloud environments across AWS’s global infrastructure with additional access to a broad range of native AWS services. Powered by VMware Cloud Foundation, this service integrates vSphere, vSAN and NSX along with VMware vCenter management, and is optimized to run on dedicated, elastic, bare-metal AWS infrastructure. With this service, IT teams can manage their cloud-based resources with familiar VMware tools and processes wherever they are running.

With the recent release of VMware Cloud on AWS through the Managed Service Provider program, MSP’s can now add the cloud service to their portfolio and offer it to their end-customers with advanced consulting and managed services to help accelerate successful adoption of the platform.

The reference architecture represents a base on which to offer VMware Cloud on AWS as part of your broader VMware Cloud Provider Platform services and your end-customers on-premises datacenter environments. The solution leverages IPsec VPN connectivity for both management and compute layers but could easily be adapted to leverage L2 VPN connectivity or direct-connect where required.

Offering VMware Cloud on AWS through the MSP program gives both the cloud provider and their end-customers additional choice, flexibility, geographical coverage, elastic scalability in a pay as you go model. This, coupled with the advanced services available from native AWS makes VMware Cloud on AWS a fantastic choice to expand your managed services portfolio.

Integrating in to cloud provider platform hosted vDC’s

The Cloud Provider Platform is the core cloud services platform that the cloud provider offers to their end-customers to consume compute, containers, networking, security, storage, applications, disaster recovery, backup and recovery etc.

The CPP platform is based on the same technologies as VMware Cloud on AWS (vSphere, NSX and vSAN) with the addition of vCloud Director for multi-tenancy. With vCloud Director each Virtual Datacenter is connected to an edge gateway for north / south network routing and advanced networking services. The cloud provider can connect the end-customers edge services gateway to the VMware Cloud on AWS’s compute gateway over either layer 2 (L2 VPN) or layer 3 (IPsec VPN). In the reference architecture we have leveraged layer 3 (IPsec VPN) for simplicity.

Integrating in to managed on-premises

The on-premises environment simply needs to be running VMware vSphere and have access to a VPN termination point. The VPN termination point can either be something that exists in the end-customer’s environment or we can leverage the NSX standalone edge device to provide VPN services.

To support advanced features such as hybrid linked mode the on-premises vSphere version would need to be at vSphere 6.0 Update 3 patch c and later.

Building professional services portfolio

Once the cloud provider has a reference topology of how you are going to connect your customers in to their newly provisioned VMware Cloud on AWS SDDC’s you can start to think about what professional services you would like to deliver to accelerate your customers on-boarding and success leveraging the cloud service.

Here are a few examples:

  • Connectivity and readiness – which is helping your customers connect their networking in to the target environment leveraging their existing investments.
  • Architecture and design – supporting your customers in architecting their cloud deployments to maximize their business impact.
  • Develop, deploy and build – support your customers in enhancing their development lifecycles, environments management, build processes, application modernization etc.
  • Plan and migrate – support your customers on-boarding workloads to the new VMware Cloud on AWS SDDC environments.

Building managed services portfolio

A key differentiator of working with a cloud provider is being able to take advantage of their advanced managed services portfolio, which can now be extended across VMware Cloud on AWS.

Here are a few examples:

  • Application support – as well as providing the support for the VMware Cloud on AWS environment, the MSP can offer advanced support and SLA’s across their customers applications.
  • Patching and lifecycle – support customers with lifecycle of applications.
  • Proactive reporting – plug service in to existing OSS and BSS systems to offer advanced capacity and performance reports.
  • Operate and optimize – support the customer by operating the whole environment for them and optimizing for cost and performance.

Architecting for the core MSP use-cases

VMware Cloud on AWS is a unique cloud service that enables many use-cases that meet many of your customers business drivers, from existing applications through to a new cloud native applications.

Here are a few example use-cases that you can help your customers architect as part of their cloud adoption business drivers:

  • Application migrations
  • Geographic expansion
  • Vertical extension
  • Disaster recovery
  • Elastic scalability
  • Application development
  • Application modernization

Call to action

To get started with VMware Cloud on AWS please visit https://cloud.vmware.com or contact your VMware partner business manager to discuss how you could add this managed service to your portfolio.

VMware Cloud on AWS – Managed Service Provider (MSP) Program

It is without doubt, that one of the most significant announcements that came from VMware during 2017 was the launch of VMware Cloud on AWS. While many enterprises and organizations are deliberating their specific use cases for this service, it is absolutely clear, that providing VMware customers and partners the ability to have a vSphere Cloud Platform running on AWS hardware, with a low latency and high bandwidth interconnect into AWS’ native services is highly appealing. This is because, as we all know, the public cloud is often not the most appropriate location for every workload type.

During 2018 we will see significant growth of this service across the multiple global regions, in which it will be made available, in addition to gaining visibility into the wide-ranging customer use cases, that will become key drivers for customer adoption.

Also in 2018, we will see VMware Cloud on AWS being made available through the VMware Cloud Provider ‘Managed Service Provider’ (MSP) program, allowing VMware’s cloud provider partners to deliver this service to their end consumers, as part of any fully managed service offering.

For those of you who are unfamiliar with the concept of Managed Services, this is the practice of outsourcing IT services based on the proactive management offered through pre-defined service-level agreements. With this model, a cloud provider takes responsibility for IT functions, and also in many cases, acts as a trusted advisor to the consumer, offering strategic solutions for improving IT operations and reducing costs.

In the VMC on AWS managed service provider model, the cloud provider has direct oversight of the VMC on AWS organization, and the systems being managed. This allows the cloud provider to deliver the solution, with the consumer being provided with a service-level agreement that defines the performance and quality metrics based on the overall service provider offering, which might include multiple different components. The key differentiator of this solution is that the cloud provider maintains the relationship with the end consumer at all times, while being backed by VMware support services.


One of the key advantages to the end consumer is that this is an efficient way to stay up to date with technology trends, and to have access to all of the necessary skills to manage and maintain this truly hybrid solution, which in turn, minimizes risk. A recent survey [2017 State of Cloud Adoption and Security] identified that it is a lack of knowledge and expertise in cloud computing, rather than reluctance, which appears to be the main obstacle to cloud adoption for many corporate organizations. Therefore, as a value-added managed service provider, VMware Cloud Providers can evolve to offer a higher level of service and adopt service models that are tailored to meet the needs of these organizations. In addition, managing day-to-day IT processes and reducing related business costs can provide a significant advantage for consumer organizations, and also provides efficiency to cloud providers through the centralization of technical expertise.

As a result, VMware Cloud Providers can be instrumental as the IT infrastructure components of some corporations are migrated to the cloud, making it easier than ever for them to capture these workloads. Also, for cloud providers who have been providing in-house cloud services or acting as brokers for cloud service providers, the VMC on AWS solution takes this approach to a whole new level of integration, opening the door to integrated cross-cloud services, which can meet the needs of the most demanding, complex or diverse application. For instance, a VMC on AWS managed service provider might stretch applications across the boundaries of the hybrid solution, allowing tenants to build solutions that can consume the best from both worlds, such as EC2/ECS applications querying an Oracle RAC database or SAP modules running on the VMC’s SDDC platform. There are unlimited use cases for customers to leverage solutions between the two environments, all of which can be provided as a fully managed infrastructure by a VMware Cloud Provider.

In all likelihood, the most common use cases and managed services that will be offered on a VMC on AWS solution will evolve around the low-latency and high bandwidth connectivity with AWS native services, and the disaster recovery solutions being made available through this offering. This takes application topologies and service development options beyond the capabilities of the traditional VMware infrastructure. As a result, cloud provider managed services can be extended significantly, and might include a wide range of new offerings, such as

  • Software – application production support and maintenance
  • Authentication solutions
  • Systems management
  • Secure mobile device management
  • Data backup and managed recovery services
  • Data storage, data warehouse and management
  • Network monitoring, overall operational management
  • End-to-end security services
  • Communications services (mail, phone, VoIP)
  • Managed video services

In addition, we also expect to see VMware cloud providers deploy VMC on AWS as a means of rapid deployment into new regions, versus building new co-locations, providing a significantly faster route to local markets. This use case will see VMware cloud providers deploying new infrastructure, while avoiding complex, expensive and time-consuming processes. Also, cloud providers who wish to provision one-off or multiple resources into a new global region, where AWS is present, can now do so in a matter of days, as opposed to months or years.

Also, managed cloud providers who wish to reduce their data center footprint and consolidate customer workloads, in what might be smaller regions, can employ VMC – reducing the need for some or all of their own facilities. Likewise, expanding resources for both short and long periods, based on the end consumer’s needs, delivers a new level of flexibility that cloud providers can offer. From the cloud provider’s perspective, this service delivers what you need, when you need it, with no upfront capital outlay – in effect, creating a cloud bursting model.

Managed disaster recovery services are also highly likely to be one of the key use cases for the managed cloud providers who offer this solution as part of their portfolio. Disaster Recovery-as-a-Service can, in a simplified architecture, deliver business continuity through an on-demand service solution, optimized by VMware Cloud on AWS. This solution allows VMware cloud providers to offer services that can provide the operationally consistent experience of a VMware data center, while also:

  • Accelerating time-to-protection
  • Simplifying disaster recovery operations
  • Reducing secondary site costs with cloud economics

This Disaster Recovery-as-a-Service is built, as you would expect, on established VMware solutions, including Site Recovery Manager, vSphere Replication, and optionally VMware vRealize Orchestrator, which together provides the application centric runbook, and removes the need for service consumers to require a dedicated disaster recovery data center.

Sold as an add-on service to VMware Cloud on AWS, the Disaster Recovery-as-a-Service solution offers multiple failure topologies, to provide flexibility to both the end consumer and cloud provider, as illustrated below:


In summary, the VMware Cloud on AWS solution provides VMware cloud service providers the means to offer a whole new range of service offerings based on the combined benefits of the VMware and AWS platforms, including:

  • Maintain your teams, tools & skills investments
  • Consumption based economics
  • Unique service architecture options
  •  Scale and elasticity with on-demand capacity and flexible consumption

It is important to recognise, that VMware Cloud Providers are uniquely placed to merge seamlessly, through the power of managed services, VMware SDDC platforms and Native AWS solutions, transforming entire IT service realities through a powerful combination of service offerings. However, to maximize the benefits of VMware Cloud on AWS, cloud service providers need a holistic cloud strategy, and a way to make it real. Also, to get there, cloud providers need to be ready to act. For this reason, over the coming months, I will be working with many of VMware’s key cloud providers to develop new service offerings based on VMware Cloud on AWS architectures. For more information as these services become a reality, watch this space…

Martin Hosken | Principal Architect | Office of the CTO, Global Field
AWS Certified Solutions Architect – Professional