by: VMware Solution Services Manager Preethy G, VMware Senior Director of Network and Multi-Cloud Services Swapnil S. Hendre, and VMware Sr. Solutions Engineer Shamika Mukane
Like many paradigm shifts, the VMware journey to multi-cloud was born out of necessity. Our applications had a hard dependency on an on-premises infrastructure, and this impacted our goal of providing the highest availability for mission-critical apps when planned and/or unplanned outages occur. Other demands included a faster time to market, improved customer satisfaction, and increased scalability, security, performance and resiliency.
Prerequisite: refactored applications
To start, our teams refactored applications to support the cloud-native deployment, and gradually built new applications that incorporated microservices. These microservices were deployed on the VMware Kubernetes platform (known as the VMware Tanzu® Kubernetes Grid™). This was a major foundational step towards achieving a distributed and cloud-agnostic deployment.
Next, we tackled the aforementioned challenges as we undertook our journey to multi-cloud.
And the multi-cloud journey begins
Our team’s journey to building a true multi-cloud (vendor-agnostic) solution was based upon four foundational pillars—security, cloud agnosticism, self-service, and cost optimization.
Security
This pillar ensures every traffic flow is inspected, protected, and logged. We achieved this by building a virtual private cloud (VPC) architecture consisting of an Application VPC, Core Services VPC and Security VPC. The Application VPC contained application workload, the Core Services VPC contained Tier 0 services such as NTP, DNS and authentication services, and the Security VPC contained the firewalls. We then ensured that all the traffic flows are routed via the Security VPC.
Cloud agnosticism
A cloud-agnostic solution increased our portability and supportability, in addition to ensuring smooth operations in any cloud. We achieved this goal via a variety of VMware products including Tanzu Kubernetes Grid, VMware Aria Hub™, VMware Aria Operations™ for Logs, VMware Aria Operations™ for Networks, VMware SD-WAN™ by VeloCloud®, VMware Aria Cost™ powered by CloudHealth®, VMware Aria Operations™ for Applications, VMware Aria Automation™, and VMware NSX® Advanced Load Balancer™. See Figure 1.
Figure 1. Overview of the VMware cloud-agnostic approach
- Tanzu Kubernetes Grid provided a consistent, upstream-compatible regional Kubernetes substrate. Both our on-premises applications in VMware vSphere® and the public cloud applications run on Tanzu Kubernetes Grid, thereby providing a standardized deployment platform.
- VMware Aria Hub enabled us to have a single management console for our multi-cloud deployment.
- VMware Aria Operations for Logs enabled us to channel all logs from the native cloud to a centralized logging solution.
- By adding our various public clouds to VMware Aria Operations for Networks, we were able to expediate application discovery, network optimization, analytics, and single-pane-of-glass, top-down troubleshooting.
- VMware Aria Cost powered by CloudHealth provided public cloud insight which, in turn, helped optimize costs, improve governance, and enhance the efficiency of our cloud deployment.
- VMware Aria Operations for Applications enabled us to effectively monitor and troubleshoot our Kubernetes environments deployed in multi-cloud.
- VMware SD-WAN enabled multi-cloud connectivity for VMware branch offices.
- NSX Advanced Load Balancer provided the ability to seamlessly load balance our applications in the cloud via direct integration with the underlying Kubernetes infrastructure for near zero-touch provisioning and deprovisioning.
Self-service
We built a self-service multi-cloud platform using a combination of VMware Aria Automation, Terraform, Python, and Angular in order to ensure operational excellence and automate Day 2 operations. This cloud-agnostic platform consisted mainly of four portals—an application onboarding portal, public cloud cost estimation portal, administration and provisioning portal, and an executive summary portal for publishing showbacks and chargebacks.
Cost optimization
To optimize cost, we added on-demand scaling of workloads, deployment of core services (foundational services) locally in cloud, and chargeback/showback implementation.
All aboard!
With the multi-cloud platform ready, we began application onboarding. This multi-phased process consisted of application deployment, functional/resiliency/performance testing, and sign-off in development, staging and production.
We identified one of the most high-priority mission-critical applications for the first deployment on our multi-cloud platform. The solution enabled us to keep the application secure and deployments seamless via end-to-end automation. These efforts also significantly advanced the overall VMware SaaS transformation.
Validation of this part of the journey occurred when our team went live with six mission-critical applications and immediately achieved 99.99 percent availability See Figure 2.
Figure 2. Multi-cloud deployment logical architecture
What’s next?
Our ongoing goal is to continue to provide the ability to deploy our applications on any cloud depending on business requirements, while always adhering to our original pillars—security, cloud agnosticism, self-service, and cost optimization. We will continue to expand this offering on other public clouds such as Google Cloud Platform (GCP) and Azure. Figure 3 below outlines our end-state architecture.
Figure 3. Next up is continued distributed deployment of mission-critical apps on our multi-cloud platform
There’s a lot more to this topic than is presented here. That’s why we encourage you to contact your account team to schedule a briefing with us. No sales pitch, no marketing. Just straightforward peer conversations revolving around your company’s unique requirements.
VMware on VMware blogs are written by IT subject matter experts sharing stories about our digital transformation using VMware products and services in a global production environment. To learn more about how VMware IT uses VMware products and technology to solve critical challenges, visit our microsite, read our blogs and IT Performance Annual Report and follow us on SoundCloud, Twitter and YouTube. All VMware trademarks and registered marks (including logos and icons) referenced in the document remain the property of VMware.
