beawolf - Fotolia

Tip

Management tools emerge from VMware-AWS partnership

VMware provides a series of tools, including Discovery, Cost Insight and Wavefront, to lighten the multi-cloud management burden for VMware Cloud on AWS customers.

Cloud environments pose unique monitoring and management hurdles, and hybrid cloud deployments exacerbate these challenges. Busy IT professionals often struggle to master multiple tool sets, let alone one for local data centers and private clouds and another one for public clouds.

It's hardly a new idea to use a single tool set to monitor and manage multiple clouds, but concerns like interoperability and feature set availability hinder many third-party hybrid cloud tools.

Cloud provider partnerships drive a new crop of tools that can organize, monitor and manage hybrid infrastructures as a unified entity. The VMware-AWS partnership opened the door to build and deliver a full-featured software-defined data center within a hybrid cloud environment. This product, VMware Cloud on AWS, enables IT teams to run workloads across vSphere private, public and hybrid clouds.

The VMware-AWS partnership also spawned a series of unified tools that work across clouds as a single, ubiquitous environment. Let's review some noteworthy tools for VMware Cloud on AWS that ease multi-cloud management.

VMware Discovery

Cloud infrastructure management starts with a comprehensive understanding of the available resources. Administrators need to see VMs, containers, storage instances and CPU usage along with billing data and other account-related information. Assure accurate inventory -- and the performance metrics that accompany inventory items -- for successful cloud management and cost assessment.

VMware's Discovery tool tracks and reports inventory changes over time and enables administrators to tag, organize, filter and search inventory according to business needs. The SaaS tool supports automated inventory and metrics for private clouds via platforms such as vCenter Server, as well as public clouds, like AWS and Azure.

Discovery relies on cloud credentials and APIs to manage integration and interoperability between private and multiple public clouds. Use on-premises agents to collect local inventory and metrics within the vSphere environment. Discovery interoperates with other VMware cloud services, including Cost Insight, which enables organizations to build more comprehensive snapshots of cloud resources and associated costs.

Admins can add AWS accounts to VMware Discovery via an AWS Identity and Access Management role or IAM user configuration. For example, an IAM role applies Amazon Resource Names to uniquely identify every AWS resource and boost Discovery security. On the other hand, an IAM user configuration only uses individual AWS security credentials and is a less secure option. After you add AWS accounts, Discovery will gather and report AWS resources and billing data and provide that data to VMware Cost Insight and VMware vRealize Network Insight.

VMware provides Discovery at no cost for users of other VMware tools, such as Cost Insight or NSX Cloud, and it includes VMware SaaS production support.

VMware Cost Insight

In any cloud environment, effective usage and costs are tightly coupled together. Public cloud providers bill users according to a carefully crafted a la carte cost system for resources and services. Private cloud providers typically perform cost analysis to charge each user, group or department accordingly.

VMware Cost Insight is a SaaS tool that tracks, analyzes and reports expenditures across public and private clouds, including AWS and Azure. Cost Insight can assist a business in several ways. The tool can help identify cost drivers -- including which resources or workloads cost the business the most money -- and report across different cloud regions, services and instance types. Cost Insight interoperates with other VMware tools, such as Discovery, for inventory group analysis.

The tool also enables organizations to make more strategic deployment decisions that minimize cloud costs. For example, it might be more cost-effective to deploy a workload with certain resource needs on AWS, while Azure might be more beneficial for other workload demands.

Finally, Cost Insight can identify powered-off and unused VMs, as well as associated storage instances in public and private clouds that still generate unnecessary costs every month.

If they want to add an AWS account to Cost Insight, administrators need AWS login credentials and an S3 bucket to hold data generated by the tool.

VMware Cost Insight charges users $0.0161 per instance per hour with no minimum commitment or fee. Organizations can also make a long-term commitment to the tool for one or three years, which is payable in full and upfront. VMware includes production support in both consumption models.

VMware vRealize Network Insight

Complex workloads that run and freely migrate across public and private clouds vastly complicate security procedures, especially as firewalls and other traditional perimeter security strategies don't always work well in the cloud.

Complex workloads that run and freely migrate across public and private clouds vastly complicate security procedures, especially as firewalls and other traditional perimeter security strategies don't always work well in the cloud.

VMware vRealize Network Insight is a SaaS tool designed to provide visibility and context for traffic flows between applications. Use Network Insight to improve security, especially as you migrate workloads between AWS and vSphere-based private clouds. The tool also bolsters workload availability and enhances network planning. Network Insight supports VMware NSX administration and checks for best network and security practices. And it alerts admins of potential network configuration improvements.

Network Insight can help admins implement microsegmentation and maintain security postures as workloads migrate between AWS and private clouds. It also helps troubleshoot, resolve application connectivity issues and remediate network bottlenecks. Audit features enable organizations to meet compliance, as acceptable network and security configurations take place over time. Network Insight can also detect poor or incorrect network configurations that could impair performance or security.

VMware Cloud on AWS enhances disaster recovery, network connections

In March, VMware and AWS unveiled new features for its joint service to help users boost availability and automatically provision resources. Still, some users desire more interoperability between the two cloud environments, which could be part of the long-term VMware-AWS partnership plans. Read Trevor Jones' report on new VMware Cloud on AWS features and what they mean for IT teams.

Let's say you want to add an AWS account as a data source through Network Insight. This process requires an appropriate Amazon access key ID and corresponding secret access key. After they add a connected and validated AWS account, admins can enable flows to start AWS network data collection.

Users pay $0.0089 per virtual CPU (vCPU) per hour under AWS and $0.1369 per CPU per hour under VMware Private Cloud -- both with no minimum commitment or fee. Organizations can also make a long-term tool commitment for one or three years and receive production support whether they pay on demand or upfront.

Wavefront by VMware

Metrics are vital assets in software development and deployment, as they help ensure proper software code functions and verify adequate software performance. But it's not always easy to gather metrics, especially when software is designed and built specifically for deployment in high-volume, multi-tenant systems, such as the AWS cloud.

Wavefront by VMware is a metrics-gathering and analysis tool that can capture millions of data points per second in private, public and hybrid cloud environments. Developers can use existing metrics or add custom instrumentation within the code to watch behaviors and spot anomalies for remediation. Operations teams can also use these metrics to verify performance and make informed decisions about scaling cloud resources for workload growth. Alerts can help teams find and address issues before they affect users.

Wavefront supports the VMware-AWS partnership through integration with:

  • Amazon billing;
  • Amazon CloudWatch;
  • Amazon DynamoDB;
  • Amazon Elastic Block Store;
  • Amazon EC2;
  • Amazon Elastic Container Service;
  • Amazon Elastic Load Balancing;
  • Amazon Linux;
  • Amazon Redshift;
  • Amazon Simple Queue Service;
  • AWS CloudTrail;
  • AWS Lambda.

Users should contact VMware directly for Wavefront demonstrations, evaluations and pricing information.

NSX Cloud

Network virtualization provides a natural and important complement to VMs and other resources. When an organization virtualizes its entire network, it can exercise comprehensive control over the network's organization, use and workloads.

VMware developed NSX for network virtualization and security in on-premises vSphere environments, and it added the tool to the VMware Cloud on AWS suite. NSX Cloud provides network control and security features for AWS cloud-native workloads. Admins can create and scale virtual networks to accommodate workloads, while also managing availability zones, regions and clouds.

NSX Cloud controls interworkload traffic in accordance with user-defined security policies that stick with workloads across cloud deployments. This enables an organization to consistently deploy applications across multiple clouds. Admins can base policies on workload attributes and user tags. Templates can reduce errors, boost consistency and automate many of the routine provisioning tasks. NSX Cloud also controls network topologies, traffic, IP addresses and the protocols used within the cloud network.

NSX Cloud also provides network visibility and metrics to help determine cloud workload health and availability. This enables a comprehensive view of traffic and packet flow within and between virtual networks, as well as across an entire AWS cloud environment. The service also integrates with tools like IP Flow Information Export, Traceflow, Port Mirroring and Syslog to help monitor, troubleshoot and audit environments.

Users pay $0.0125 per vCPU per hour with no minimum commitment or fee, and it is available with the same long-term commitment and support for tools listed above.

Dig Deeper on AWS management