HPE Self-Managed Private Cloud with VMware Cloud Foundation and VMware Aria

Problem statement

Over the last decade, public cloud has ushered in a new era of speed and agility. Many organizations are turning to private cloud to provide public cloud–like experience for their users. However, building and managing private cloud systems is complex and time consuming. IT teams are also challenged with customizing the private cloud to meet the diverse and evolving applications’ needs that extend beyond virtual machines (VMs). It is no longer sufficient to provide VMs in a standalone private cloud system—it is critical that these systems are fully integrated into the customers’ IT operations ecosystems and the business workflows.

As a first step to a cloud adoption, many customers are eager to deploy an on-premises private cloud, reap the benefits, and then look at extending to public cloud. The most common asks from customers in building a private cloud are:

• How do I deploy a private cloud faster on validated architecture?
• How can I integrate my existing IT operations tool set such as backup, monitoring, and logging tools with private cloud?
• How do I ensure lifecycle management of my infrastructure?
• How can I make sure my infrastructure supports diverse applications that require physical and virtual resource support?
• How can I seamlessly scale my resources?
• How can I provide better workload isolation and network microsegmentation?

The adoption of new technology driven by the demands of customers and business needs has forced IT organizations to assess their ability to procure, provision, operationalize, manage, and scale solutions to help drive time to value. VMware Cloud Foundation solves some of these challenges, but there is still some work to be done to make the HPE Self-Managed Private Cloud efficient and deploy at scale.

Hewlett Packard Enterprise and VMware have worked together to help customers build their own private cloud environments and captured common use cases and pain points customers want to address in their data centers. We have come up with an easy-to-use automated solution framework using VMware software stack to deploy and set up the VMware Cloud Foundation private cloud on HPE infrastructure, along with essential services customers need in a private cloud environment. HPE Self-Managed Private Cloud is an automated enterprise-grade, cloud-ready solution for deploying customizable private cloud environments.

This solution would be relevant to all customers who are planning to build a new private cloud environment using VMware Cloud Foundation or simplifying management of their existing VMware ESXi–based environments with better automation capabilities.

General summary of the solution

Self-managed private cloud solution is based on the VMware software-defined data center (SDDC) stack on HPE infrastructure. It includes the automation to simplify build and management of private cloud, customizable self-service catalogs to provision bare metal, virtual compute and storage resources, and prebuilt integrations into several enterprise IT operation tools and software.

Figure 1. HPE Self-Managed Private Cloud four pillars

HPE Self-Managed Private Cloud rests on four pillars:

• Automated deployment: Performs the task of automated infrastructure provisioning for compute, network, and storage on HPE infrastructure. This assists in resolving the deployment complexities of provisioning and management by providing an automation framework.
• Lifecycle Management: Simplifies typical data center administrator tasks by performing the compute and storage lifecycle operations at length with seamless upgrades.
• Integrations with IT operations: Enables integration of the private cloud environment with existing IT landscape of applications, infrastructure, and tools by providing simplified management through operations.
• Self-service catalogs: Provides a self-service catalog to end users for provisioning resources without admin intervention. Leveraging this solution enables IT administrators to curate cloud templates and make them available as services for on-demand consumption.

The solution in depth and the advantages

HPE Self-Managed Private Cloud provides:

• Accelerated time to value with a simplified private cloud deployment
• Ease of management with automated workflows
• Customizable service catalogs for bare-metal, VMs, and storage resources
• Prebuilt integrations to enterprise IT operations
• Extendable automation
• Integration through HPE Services

Figure 2: HPE Self-Managed Private Cloud building blocks

The solution building blocks as depicted in Figure 2, include:

1. Infrastructure: HPE Compute and Storage is hosted on either HPE ProLiant or HPE Synergy with storage carved out from HPE Nimble, HPE Primera, and HPE Alletra arrays.
2. Hypervisor/OS: VMware ESXi Hypervisor and Red Hat RHEL OS
3. Platform automation: Red Hat Ansible framework for private cloud deployment. Software installation ISOs are hosted on the web server and playbooks on the configuration management system.
4. Cloud platform: Through the power of the platform automation layer, the VMware Cloud Foundation Private Cloud Platform is deployed on HPE enterprise-class infrastructure.
5. Orchestration and automation: Provides a list of catalog items curated on the (formerly vRealize) suite framework. These are offered through the VMware Aria automation self-service portal (Service Broker). This provides a public cloud–like experience for on-premises users.
6. Integration with IT operations: Aligns with the business and IT processes of the organization. Integration logging, monitoring, and service management  are critical to a successful enterprise operations strategy.

HPE Self-Managed Private Cloud is composed mainly of two solution components:

1. Platform automation
2. Service automation

Platform automation

Figure 3: Platform automation architecture

The platform automation solution component deploys the VMware Cloud Foundation Private Cloud, using Ansible playbooks that are run as workflows through the AWX framework.

The playbooks are built using Python and Ansible and have built-in integration with software-defined infrastructure (SDI) tools such as HPE OneView, HPE iLO Redfish, and VMware cloud components such as VMware Cloud Builder SDDC manager through associated APIs, where associated playbooks integrated into workflows are delivered as part of platform automation. Multiple playbooks are combined to form workflows and are offered as an Ansible template to the users. These templates allow admins to quickly build the infrastructure components and orchestrate end-to-end automation that is based on best practices.

For example, a single template like “VCF Management Domain Deployment” (Figure 4) consists of multiple playbooks such as bare-metal provisioning, hypervisor deployment, preparation of VMware ReadyNodes, and installation of VMware Cloud Foundation management and workload domains through VMware Cloud Builder API.

Figure 4: Private cloud deployment workflow
Additional workflows include:

• Provisioning of HPE Synergy or HPE ProLiant server bare-metal nodes using HPE OneView / HPE iLO Redfish API with custom-defined configuration, which includes boot/bios parameters, storage/network configuration, and firmware levels. Bare-metal nodes are provisioned in parallel with desired hypervisor/OS and placed into a static or DHCP network.
• VMware Cloud Foundation management domain deployment on VMware vSAN
• VMware Cloud Foundation workload domain deployment with an option to select the workload domain on storage carved from VMware vSAN or HPE Nimble using VMFS or HPE Primera leveraging vVOLS
• Lifecycle operations on management/workload domain support include:
•              Scale up/down management/workload domain
•              Add/delete management/workload domain cluster
•              Decommission and remove workload domain
•              Firmware management at the cluster level

Service automation

Figure 5: Service automation architecture

The service automation provides various services to the end user. These services are designed on top of the VMware Aria Orchestrator framework and are integrated into VMware Aria Automation Cloud Management Platform, where these services are offered as cloud templates in a catalog.

There are five different services offered:

• Bare-metal service: This service selects a free bare-metal node within a data center and provisions the node with a hypervisor along with placing it in a desired static/DHCP network. This is like the VM vending offering available in a typical public cloud along with storage carved and attached from HPE Nimble, HPE Primera, and HPE Alletra. Day 2 operations are also supported, such as power off/on. There is also a provision to launch the OS console from the same VMware Aria automation portal. Bare-metal service uses the HPE Ov4vRO plugin for configuring the nodes with the HPE OneView REST API.
• Storage Service: Storage service provides the capability to carve out a LUN (logical unit number) and attach it to a hypervisor node or vCenter cluster as a datastore. Day 2 operations such as create/delete host entry, export/unexport/grow/delete volume operations are also supported. The storage service works with the HPE vRO UNIFIED Storage plugin for supporting the above capabilities on HPE Nimble, HPE Primera, and HPE Alletra.
• Backup service: Offered through Veeam backup software. Custom vmoapp plugin was created for supporting this functionality. Through this service offered as a catalog item, the admin can establish an initial connection and create the backup job, which the end user can use to take instant backup/restore operations on a VM. Further, the user can perform the status check of the backup/restore operations on the fly. The backup service functionality is also integrated to VM service Day 2 operations as well.
• VM service: Implemented using the VMware vRA Cloud Assembly and its custom resources feature. Through this, an end user can create a VM and flavors based on S,M,L t-Shirt models and place the VM into a static or DHCP network. The end user can perform most of the Day 2 operations such as power on/off, reboot, shutdown, create-restore-delete snapshot, and add disks of a VM. Additionally, the backup of a VM is offered as a Day 2 operation integrated with Veeam software.
• Network service: Network service includes solutions offerings again implemented on top of the VMware Aria Automation Assembler feature. The service integration is focused on VMware NSX-T and includes use cases such as overlay segment, advanced firewall, and load balancer services provided as catalogs. Overlay segment service creates an on-demand segment and attaches the same to an application, in this case a VM along with an on-demand default gateway. The on-demand SMPC firewall service enables the end user to create an on-demand firewall with a security policy within which one can frame on-demand firewall rule set. The same can be stitched to any given workload, which also can also be created at the time of firewall service deployment. On-demand load balancer service creates a virtual IP server address, which balances a set of pool servers for load balancing. Additionally, the Day 2 operations against the offerings are supported as well.
• In summary, through the HPE Self-Managed Private Cloud solution, customers can easily deploy a greenfield or brownfield private cloud solution and offer multiple services such as bare-metal server instance, VM as a service, pre-integrated storage, and backup and network services leveraging their existing IT operations framework. This solution framework takes a building block approach, allowing customers to pick one or more of the services within the framework to help with integrating this solution into their existing environment.

Summary

HPE Self-Managed Private Cloud offers robust capability and flexibility for customers. From deploying the private cloud on VMware Cloud Foundation platform with ease along with seamless integration into the HPE infrastructure, both on HPE Compute and HPE Storage platforms, to providing a solution framework that can be customized to suit your specific use case needs and delivered as a turnkey solution by HPE and VMware consulting services professionals. This solution empowers users with an experience that mimics the ease of use and flexibility of a public cloud, with the security, customizability, and performance only achieved by a private cloud environment.

In addition, there are several ways for you to build a private cloud environment. HPE offers several choices from our HPE GreenLake portfolio to create hybrid and multiclouds or HPE Private Cloud Enterprise or to build a private cloud your way with HPE and VMware technologies, all of which can also be deployed, managed, and monitored with HPE Managed Services.

If you happen to be attending HPE Discover in Las Vegas from June 19–22, check out these sessions to learn more:

• Customer Panel: Hybrid by design, not by accident – Insights from the front lines of hybrid cloud transformation
• From zero to hero: Build a private cloud that fuels your enterprise with an integrated marketplace and partner ecosystem
• Hybrid cloud better than ever: HPE GreenLake and VMware Cloud Foundation
  
  

If not, please reach out to your HPE or VMware sales representative or contact us by visiting HPE and VMware Alliance – Virtualized Solutions for the Hybrid Cloud | HPE.