文档详细内容(约740页)
volution to vSphere 6.7 Chapter 1 Container management portal: This portal is designed to allow apps teams to manage the container repositories, images, hosts, and running container instances. It provides role-Based Access Control(RBac) with rt for Lightweight Directory Access Protocol/Active Directory(LDAP/AD) Container Registry: This securely stores container images with built-in RBAC and image replication. The container registry provides vulnerability canning, content trust with security policies, and also supports third-party registries: Linux Kernel Provisioning Scheduling Physical Hardware Using VIC, vSphere administrators can provide a full Docker-compatible interface to their developers, using the existing vSphere infrastructure with native capabilities and features, including VMware NSX for security and VMware VSAN for storage The new version 1.2 (released in September 2017) adds a native Docker container host from a unified management porta A second product that focuses on containers is the Pivotal Container Service(PKs) In contrast to ViC, PKs focuses on multi-cloud deployments where you can native run your containerized applications using a Kubernetes engine. Kubernetes is an orchestration platform for run Docker containers, but compared to Docker Swarm, it provides more functionality With PKS, you can efficiently manage one homogeneous nt same compute, network, or storage capabilities for your containerized workloads in multi-cloud environments [14]
Evolution to vSphere 6.7 Chapter 1 [ 14 ] Container management portal: This portal is designed to allow apps teams to manage the container repositories, images, hosts, and running container instances. It provides Role-Based Access Control (RBAC) with support for Lightweight Directory Access Protocol/Active Directory (LDAP/AD). Container Registry: This securely stores container images with built-in RBAC and image replication. The container registry provides vulnerability scanning, content trust with security policies, and also supports third-party registries: Using VIC, vSphere administrators can provide a full Docker-compatible interface to their developers, using the existing vSphere infrastructure with native capabilities and features, including VMware NSX for security and VMware vSAN for storage. The new version 1.2 (released in September 2017) adds a native Docker container host from a unified management portal. A second product that focuses on containers is the Pivotal Container Service (PKS). In contrast to VIC, PKS focuses on multi-cloud deployments where you can natively run your containerized applications using a Kubernetes engine. Kubernetes is an orchestration platform for running Docker containers, but compared to Docker Swarm, it provides more functionality. With PKS, you can efficiently manage one homogeneous environment, providing the same compute, network, or storage capabilities for your containerized workloads in multi-cloud environments. |||||||||||||||||||| ||||||||||||||||||||
volution to vSphere 6.7 Chapter 1 PKs is structured into the following different components PKS Control Plane: This is a critical component of the PKs infrastructure that is responsible for self-service access, life cycle and on-demand deployment of the Kubernetes clusters Using APIs, the requests are sent to BOSH, which is responsible for the automation itself Kubernetes: Kubernetes is an open source, portable, extensible orchestration framework for managing containerized workloads and services. Applications are run within Kubernetes clusters, providing optimized resource access and maintaining a consistent application state within clusters BOSH: This is an open source tool for maintaining large-scale distributed deployments. Using BOSH, you can deploy applications to many Infrastructure as a Service solutions from supported partners to on- premises infrastructure. BOSH allows interconnection with Open Stack, VMware vSphere, AWS, Microsoft Azure, or Google Cloud Platform (GCP) VMware NSX-t: This is a network virtualization tool from vmware that can be deployed not only within VMware vSphere but also within other hypervisors. NSX provides sophisticated network functions from layer 2 up to layer 7. This includes micro-segmentation, load balancing, or transparent L2 bridging, for example Project Harbor: This is an open source tool that acts as a centralized cloud registry for your application images as well as providing rbac to your users using LDAP or AD integration Here is an overview of the components of PKs Pivotal Container Service PKS Control Plane Harbor Container NSX-T VSAN [15]
Evolution to vSphere 6.7 Chapter 1 [ 15 ] PKS is structured into the following different components: PKS Control Plane: This is a critical component of the PKS infrastructure that is responsible for self-service access, life cycle and on-demand deployment of the Kubernetes clusters. Using APIs, the requests are sent to BOSH, which is responsible for the automation itself. Kubernetes: Kubernetes is an open source, portable, extensible orchestration framework for managing containerized workloads and services. Applications are run within Kubernetes clusters, providing optimized resource access and maintaining a consistent application state within clusters. BOSH: This is an open source tool for maintaining large-scale distributed deployments. Using BOSH, you can deploy applications to many Infrastructure as a Service solutions from supported partners to onpremises infrastructure. BOSH allows interconnection with OpenStack, VMware vSphere, AWS, Microsoft Azure, or Google Cloud Platform (GCP). VMware NSX-T: This is a network virtualization tool from VMware that can be deployed not only within VMware vSphere but also within other hypervisors. NSX provides sophisticated network functions from layer 2 up to layer 7. This includes micro-segmentation, load balancing, or transparent L2 bridging, for example. Project Harbor: This is an open source tool that acts as a centralized cloud registry for your application images as well as providing RBAC to your users using LDAP or AD integration. Here is an overview of the components of PKS: |||||||||||||||||||| ||||||||||||||||||||
Evolution to oSphere 6.7 Chapter 1 VMware vSphere ecosystem As well as the well-known vSphere product line, VMware has plenty of products available today. Let's have a look at the different segments that Vmware currently Data centers and cloud computing VMware vSphere is a flagship in VMware's portfolio. However, there has been a rise in popularity of other products, as enterprise companies already broadly adopted VMware vSphere as a virtualization platform VMware vSphere has been around for more than 15 years now(the first version of a vCenter server with VMotion was released in 2003), yet with every new release, there are significant improvements Gartner named VMware as a leader in x86 virtualization Gartner's Magic Quadrant companies as wello roving that this technology was broadly adopted by enterprise MQ)many times, honoring VMware's clear vision of the product itself There is not much more to say here except that VMware vSphere was, is, and will lways be one of the most commonly deployed and trusted platforms for data center and cloud computing Storage and availability Storage and availability products focus on the improved reliability of your storage subsystem and the overall uptime of your data center, utilizing business recovery and disaster recovery avoidance technologies [16]
Evolution to vSphere 6.7 Chapter 1 [ 16 ] VMware vSphere ecosystem As well as the well-known vSphere product line, VMware has plenty of products available today. Let's have a look at the different segments that VMware currently covers. Data centers and cloud computing VMware vSphere is a flagship in VMware's portfolio. However, there has been a rise in popularity of other products, as enterprise companies already broadly adopted VMware vSphere as a virtualization platform. VMware vSphere has been around for more than 15 years now (the first version of a vCenter server with vMotion was released in 2003), yet with every new release, there are significant improvements. Gartner named VMware as a leader in x86 virtualization Gartner's Magic Quadrant (MQ) many times, proving that this technology was broadly adopted by enterprise companies as well as honoring VMware's clear vision of the product itself. There is not much more to say here except that VMware vSphere was, is, and will always be one of the most commonly deployed and trusted platforms for data center and cloud computing. Storage and availability Storage and availability products focus on the improved reliability of your storage subsystem and the overall uptime of your data center, utilizing business recovery and disaster recovery avoidance technologies. |||||||||||||||||||| ||||||||||||||||||||
volution to vSphere 6.7 Chapter 1 In storage and availability, you can find two major products VMware VSAN: This is an implementation of hyper-converged, software- defined storage. With this approach, you can utilize your local storage in your ESXi servers and form a uniform storage resource that is used as your shared storage. Together with VMware, vSphere, and VMware NSX-V VSan forms an SDDC 四」[wwc VMware vSphere VSAN F回吨 ③ VSAN Datastore VMware Site Recovery Manager (SRM): This is an orchestrator to simplify the site disaster recovery plan in a single-click procedure, with the capability to test it in safe mode and to handle not only the failover procedures(planned or unplanned), but also failback. Network and security sX--a product developed based on technology acquired from Nicira, enables the creation of entire networks in software. NsX is integrated with the distributed vSwitch and thus runs directly on the ESXi hypervisor. Using this approach you can easily abstracted the network functions from the underlying physical hardware [17]
Evolution to vSphere 6.7 Chapter 1 [ 17 ] In storage and availability, you can find two major products: VMware vSAN: This is an implementation of hyper-converged, softwaredefined storage. With this approach, you can utilize your local storage in your ESXi servers and form a uniform storage resource that is used as your shared storage. Together with VMware, vSphere, and VMware NSX-V, vSAN forms an SDDC: VMware Site Recovery Manager (SRM): This is an orchestrator to simplify the site disaster recovery plan in a single-click procedure, with the capability to test it in safe mode and to handle not only the failover procedures (planned or unplanned), but also failbacks. Network and security NSX—a product developed based on technology acquired from Nicira, enables the creation of entire networks in software. NSX is integrated with the distributed vSwitch and thus runs directly on the ESXi hypervisor. Using this approach you can easily abstracted the network functions from the underlying physical hardware. |||||||||||||||||||| ||||||||||||||||||||
Evolution to oSphere 6.7 Chapter 1 Any network component that is supported by NSX can be provisioned in minutes, without touching the application or the physical environment NSX Platform IT Automation Security App Continuity o-segmentation Disaster Recovery Developer Cloud DMZ Anywhere Hybrid Cloud Ba Multi-tenant Secure User Cloud Environment B: Metro Pooling There are two versions of NSX today NSX for vSphere(NSX-V): This is tightly integrated with vSphere components requiring both ESXi (used both as a data plane and also for hosting some NFV and VMs used as a control plane)and vCenter.(The NSX manager is paired with this, and the management interface is just an extension of the vSphere Web Client. NSX Transformers(NSX-T): This is a multi-hypervisor aware SDN stack brought to the likes of vSphere, KVM, Open Stack, Kubernetes, and Docker NSX-Tis designed to address emerging application architectures that have heterogeneous endpoints and technology stacks. One of the primary use cases for NSX-T is providing a network infrastructure for containers. In todays virtualization, we can see that more and more applications are ling in environments outside of virtual mach NSX Cloud: This is an NSX implementation that focuses on public clouds Using NSX Cloud you can manage both your private datacenter and public cloud as a single network and security entity App Defense: Datacenter endpoint security product. AppDefense is focusing on understanding the application logic and behavior rather then hard limits or rules [18]
Evolution to vSphere 6.7 Chapter 1 [ 18 ] Any network component that is supported by NSX can be provisioned in minutes, without touching the application or the physical environment: There are two versions of NSX today: NSX for vSphere (NSX-V): This is tightly integrated with vSphere components requiring both ESXi (used both as a data plane and also for hosting some NFV and VMs used as a control plane) and vCenter. (The NSX manager is paired with this, and the management interface is just an extension of the vSphere Web Client.) NSX Transformers (NSX-T): This is a multi-hypervisor aware SDN stack brought to the likes of vSphere, KVM, OpenStack, Kubernetes, and Docker. NSX-T is designed to address emerging application architectures that have heterogeneous endpoints and technology stacks. One of the primary use cases for NSX-T is providing a network infrastructure for containers. In today's virtualization, we can see that more and more applications are running in environments outside of virtual machines. NSX Cloud: This is an NSX implementation that focuses on public clouds. Using NSX Cloud you can manage both your private datacenter and public cloud as a single network and security entity. AppDefense: Datacenter endpoint security product. AppDefense is focusing on understanding the application logic and behavior rather then hard limits or rules. |||||||||||||||||||| ||||||||||||||||||||
