Enterprise Hybrid Cloud

Project
March 6 2015
By
SridharKumar.T
Balaji Kesavan
Ganesh Ram

Table of Contents
1. Executive Summary ............................................................................................
1. Architecture
1.2 End to End
1.3 Hybrid Cloud
1.4 Physical & Logical Representation - Virtual Switches and Networks
2. Technical Information
4.1 Virtualization Software
4.2 IP address
3. Team Organization & Responsibilities
2.

Project Discussion
2.1 Project Deliverables and Results
Install & configure vCC server

3.

Catalogue

NAT

Firewall, ping & web browser

problems encountered & solutions

Install vCC Node

o

Catalogue

NAT

Firewall, ping & web browser

Problems Encountered

Conclusion
Recommendations

1. Executive Summary
The objective of this project is to expose the student team to the tools of
and methodology for the implementation of hybrid clouds. The tools that
were available to the students are:

VMware vCenter Server

VMware vCloud Director
VMware vCloud Connector

A scenario was presented to the students. High Enterprise (HyEnt) is

testing a new way to manage peak demand for resources by federating
their private vCloud with a public vCloud Provider in their region, thus
creating a Hybrid Cloud solution. This Hybrid cloud setup will ensure that
there are sufficient web traffic resources that will continue to be available
to HyEnt customers during periods of high web traffic activities.
The front end web servers are connected to the Organizational networks
in HyEnt Private Cloud. A protected vApp network is also connected to the
same Organizational network. A database server housed within this
protected vApp network. As the web servers in the Organizational
network needs to connect to the Public network / Internet, a vShield Edge
device was deployed to protect the Organizational network from the
Internet.
A similar Virtual DataCenter is setup in the Service Center. This Virtual
Data Center is connected to the HyEnt Private Cloud via a private VPN
across the Internet, utilizing the vShield Edge devices in both Organization
networks as the VPN end-points. This is the fastest, least expensive and
most flexible way to implement a secure connection with both Virtual Data
Centers.
A Load Balancer in the HyEnt Private Cloud monitors the web traffic going
to the web servers in HyEnt Private Cloud. Once the Load Balancer
detects that the web servers are not able to handle the increasing load of
customer traffic, the Load Balancer will start up Web Servers in the
Service Provider Virtual Data Center to handle the excess customer web
traffic.

1.2

Architecture

2. Technical Information
Virtualization Software

vSphere client v 5.5

vSphere ESXi v5.5 server (mgmt., Res 1/2)

vCC Server & Node OVF v#?

vCloud Director v5.5

Control center v#?

vCenter Server v#?

IP Address

3. Team Organization & Responsibilities

Table 1: Project Responsibility Assignment Table

Name
Sridharkumar

Ganesh Apavu

Admin #
14B420X

14B392R

Topic
1. Executive Summary
2. Project Discussions

5. Conclusion
Report writing
2. Project Discussions

Section
2.1 configuring hybrid cloud &
connectivity QA Org, vCC
Servers/Nodes/UI
2.4 Reconfig infra- drive EU reqs
via public vCloud resources
2.6 Configuring secure
connectivity to public vCloud
(Advanced)

Remarks
Chief editor

2.1 configuring hybrid cloud &

connectivity QA Org, vCC
Servers/Nodes/UI

Editor

2.5 Decommissioning public

vCloud resources
vCloud System Install &
Setup Procedure ? 1 page
summary?

Balaji Kesavan

14B444S

Annex A bibliography
Annex C IP Address
Design & Configurations
PPT
2. Project Discussions

Annex B Cloud
Architecture Diagram

2.1 configuring hybrid cloud &

connectivity RD Org, vCC
Servers/Nodes/UI
2.2 Moving clones into public
vCloud (from RD vDC)

Leader

Table 1: Project responsibility

assignment table

Project Discussion
The students prepared the ESXi hosts that were assigned to them
using the VCenter Server. Virtual Distribution Switches (VSD) were
created for the various networks that were required for the setup. VCloud
Director was used to create a Provider Virtual Data Center (VDC), 2
Organizations and 2 Organizational VDC.

Project Deliverables and Results

SN
O
1
2
3
4
5
6
7
8
9
10

11
12
13

Tasks

Category

Install and Configure VCC

Server,Nodes
Created Organization (RD, QA)
Created and Configured Provider
VDC
Created and Configured Organization
VDC
Created New VM and Guest OS
Created VApps
Moved VApps to Cloud
Private Cloud and Public Cloud
Moving Workloads into public vCloud
Reconfig infra to drive end-user
request through pub Vcloud
resources
Decommision public vcloud
resources
Resource allocation of resource pool
Vapps usability from public to private
cloud

Configuration and Setup

Hybrid Cloud and connectivity
Hybrid Cloud connectivity
Hybrid Cloud connectivity
VM creation
VApps Creation
Cloud Apps
Private and public Cloud
Migration of workload to public cloud
Resource management

Resource management
Scalability
Scalability

On the next page is the Physical / Logical diagram of the ESXi and the
networks that were setup for this project:

Physical / Logical Diagram of the ESXI

Two Organization created named as QA and RD. Qrganizations were

then setup together with their respective Organization VDC along with
Provider VDC.
Red Hat Enterprise servers and Windows 2008 servers were then built
as vApps in both QA and RD Organization VDC. These vApps were
also added into the catalogs so that other Organization VDCs are able
to use those vApps.
vShield Edge devices were deployed at the external interfaces of
the Organization VDC. These Edge Devices will help protect the
8

Organization VDC using their Firewall policies. Firewall rules need to

be configured properly to ensure proper data traffic was allowed
through it.
Network Address Translation (NAT) were used in vShield Edge
devices to mask the IP subnet in the Organization VDC.
With NAT activated on the vShield Edge device, external networks will
not be able to view or connect to the servers/vApss in the
Organization VDC unless it is permitted by the vShield Edge device.
This is a security feature provided by the vShield Edge device.
Several servers can be setup with a vApp and a small internal vApp
network be used to connect these servers together. As the vApp
network is connected to the Organization network, a vShield Edge
device can be deployed at the junction where both vApp network and
Organization network meets.
The vShield Edge devices serve as a security device, masking the
vApp servers and network from Organization network. At the same
time, the NAT functionality of the vShield Edge device also enable the
vApps to be deployed easily to other Organization networks, this is
especially useful in failover situations.

3. QA and RD organization creation

This is the home page of vsphere

This is the home page of vCloud Director,we logged with assigned IP

address
9

In here we created dedicated host address

10

Created provider vDC

Settings for the Generic vDC

11

In here we created 2 organization

For the RD, we created 3 vApp,in here we can see the two VM which are
belongs to RD vApp1

12

Here RD-vApp2

13

After that check the QA catalog

Power on the VM

14

Setup storage policy for the VM

These are the vApp created under RD external

15

Created Organization vDC

16

We created two gateway

Finally check the VM

17

3. Problems Encountered
Below are some of the problems the team has encountered

18