VMware is making a major play to control the cloud via a new product known as its vCloud Director.
“For anyone using vSphere, vCloud Director enables the creation of a virtual data center,” said Bogomil Balkansky, vice president of product marketing at VMware.
The idea is to pool virtual infrastructure resources within an existing datacenter in order to deliver them to users over a private cloud. vCloud Director serves them up as a catalog-based service, thereby shifting the way that infrastructure services are delivered, managed and consumed. According to Balkansky, pre-configured or custom-built services can be provided with the click of a button. This reduces costs by making it easier to consolidate servers within a virtual infrastructure. As it is based on open standards, it fosters interoperability and application portability between clouds.
When coupled with VMware vSphere, it allows IT to build add much needed security to the cloud. IT managers can use its policy-based controls to maintain security over a multi-tenant environment. This is supplemented by VMware vShield security technologies. This technology also permits organizations to add to private clouds with elements from the public cloud. Security policies and practices can be extended into this hybrid arrangement without losing control.
“vCloud Director scales up to 10,000 VMs and 25 vCenter servers,” said Balkansky.
The software takes virtualization a step further than virtual machines (VMs). A VM is basically a virtual server which consists of a certain amount of processing power, RAM and disk. vCloud Director virtualizes these individual components so you can gather than into one pot and serve them up as individual units of consumption – a certain amount of processing, RAM, disk space, bandwidth, etc.
“Users don’t need to know about the physical side,” said Balkansky. “They request the resources they need and they are their automatically.”
He said that this facilitates the easy tiering of levels of service. IT can assign a price to certain combinations of bandwidth, RAM, disk and CPU amounts so that users can pick and choose the service plan that suits them in terms of features and cost. Chargeback systems can be set up where the user can type in their needs, see the cost and determine whether to accept the price tag or tune down the requirements. Once finalized, the user submits the configuration which goes through any necessary approval processes before going live. Instead of weeks or months to provision, it takes hours using this service catalog approach – mainly due to any delay in obtaining finance sign off or other approvals.
Securing the Cloud
VMware has added vShield security technologies to ensure its cloud vision is backed up by the appropriate degree of protection. As virtualization has blossomed, it has begun to infiltrate all aspects of the infrastructure. But there has been a downside in terms of security. Traditional tools have started to break. They can secure the physical server, but sometimes struggle with the VM. They can secure an application, but might not do so well with that same app if it is virtualized.
vShield is broken down to a suite of applications. vShield App protects applications against network-based threats. vShield Edge adds security to the edge of the network. vSheild Endpoint is where anti-virus program (AV) runs. AV vendors are now coming out with software that now runs inside VMs seamlessly. This is proving to be a more effective method of safeguarding virtual environments. vShield Zones deals with other threats coming in over the network. This is all administered by vShield Manager.
“vShield can be built into vCloud Director,” said Balkansky. “These security tools enable strict isolation and multi-tenancy between customers who are using the virtual data center.’
In other words, a cloud can be established with multiple users or customers without security concerns. This set of tools provides the means to house data from multiple organizations, for example, on one virtualized system without fear of compromising their data.
“Organizations can be divided up into groups such as developers, marketing staff, finance, and so on,” said Balkansky. “Each group is set up with its own unique security characteristics, directories, service catalogs and policies.”
VMware has also created the vCloud Application Programming Interface (API) as part of its work on vCloud Director. This API makes it possible to automate the creation of virtual data centers so you don’t have to remake clouds.
“Once you have made a type of cloud, you don’t have to remake it as you have it on file,” said Balkansky. “vCloud Director helps organizations graduate up to the ability to deliver IT as a Service.”