Introduction
With diverse applications deployed across multiple clouds, your IT portfolio is becoming increasingly complicated. Simplify your multi-cloud operations with VMware.
The VMware Cloud Operating Model is a framework that binds your business, application, and cloud strategies together to accelerate agility, optimize performance, and control your multi-cloud environment. It brings people, process, and technology together for consistent service delivery, operations, and governance wherever workloads reside, for today and the future by:
- Transforming IT Ops by delivering self-service clouds, with rapid elasticity and a full set of consumable APIs.
- Align to CloudOps and embrace your existing clouds to optimize your investments, strengthen security and governance, and deliver a framework for accountability and clarity.
- Efficiently extend cloud management processes and capabilities to new public cloud services and environments through a repeatable on boarding process.
With the emergence of Multi-Cloud adoption for a myriad of reasons by organizations of all sizes, we can see even clearer the challenges that abound when managing workloads in multiple environments, by different teams attempting to ensure governance and organization policy adherence, while using different tools, each dedicated to a given environment. With the VMware Cloud Operating Model you use traditional VMware On-Premises Operations Management tools which have now been optimized for Cloud Management as well, to mange your On-Premises environment, VMware assets, running in one or more Hyper-Scalers (AWS, AZURE, Google Cloud, IBM Cloud, etc...), as well as Native Cloud workloads and services
TASKS
PowerCLI is a PowerShell-based command-line interface for managing VMware vSphere. VMware describes PowerCLI as "a powerful command-line tool that lets you automate all aspects of vSphere management, including network, storage, VM, guest. PowerCLI can also be used to manage and automate other VMware Technologies such as:
- HCX
- VMC on AWS
- NSX-T
- etc...
In Multi-Cloud scenarios PowerCLI is a compelling tool that can be used for Day-0 through Day-2 operations. Everything from Creating a new SDDC, to adding adding Clusters, and even deploying and managing workloads.
In this lab task we will use PowerCLI to:
- Create a Content Library
- Upload an OVF to the content library
- Deploy a Virtual Machine
- From your Virtual Desktop, launch the Web Browser (Google Chrome Preferred)
and go https://vmc.vmware.com/console/sddcs
NOTE: For instructions on accessing your Virtual Desktop please see "Lab 1 - Accessing the Environment"
- Login with your VMC on AWS console credentials provided by your instructor.
- Type <Your Assigned login Credentials> in the email address field i.e. vmcexpert#[email protected] (where # is your Environment ID, and XX is your assigned student number)
- Click NEXT
- Type VMware1! in the Password field
- Click SIGN IN
If you didn't do so in Lab 1, bookmark this page so you can access it quicker in subsequent steps
NOTE: Upon signing in you'll notice there are two or more SDDCs named VMCExpert#-XX (Where XX indicates your student number). Unless instructed to, only use the SDDC that matches your assigned Student number
Identify your SDDC, (VMCexpert#-XX, where XX is your Student Number). At the top left of the SDDC tile (i.e. VMCExpert3-31).
- Click VIEW DETAILS on your SDDC Tile. WARNING: Never click on the SCALE UP button.
- Click the Settings Tab
- Under vCenter Client information, identify and record the Cloud vCenter FQDN and/or Public IP (I.E. vcenter.sddc-xx-xx-xx-xx.vmwarevmc.com)
- Under Default vCenter User Account, identify and record the User name and Password
NOTE: You will use this FQDN and credential with PowerCLI in the next task
- From your Virtual Desktop, launch PowerShell 7. Note: Do NOT use "powershell" nor the powershell ise as these will launch powershell 5.
- Type the following commands to confirm the PowerCLI Configuration and PowerShell Execution Policy
<p>Connect-VIServer {Your_Cloud_vCenter_FQDN or IP} -Username [email protected] -Password {Your_Default_vCenter_User_Password}
Get-PowerCLIConfiguration
Get-ExecutionPolicy </p>
If the Connect-VIServer command returns an error message, the vSphere PowerCLI modules need to be installed.
Install-Module -Name VMware.PowerCLI -AllowClobber
Answer Y to the prompt. Once the installation completes, re-run the Connect-VIServer command.
- In PowerShell or Windows Terminal type the following command to create a Content Library and Upload an Ubuntu Desktop Virtual Appliance
<p>New-ContentLibrary -Name {YourStudentName}_CL -Published -Datastore 'WorkloadDatastore'
New-ContentLibraryItem -ContentLibrary {Your_Content_Library} -Name 'Ubuntu-22_Desktop' -Files @("E:\Lab_Files\OVAs\Ubuntu-22-OVF\Ubuntu-22_DT.mf", "E:\Lab_Files\OVAs\Ubuntu-22-OVF\Ubuntu-22_DT.ovf", "E:\Lab_Files\OVAs\Ubuntu-22-OVF\Ubuntu-22_DT-1.vmdk", "E:\Lab_Files\OVAs\Ubuntu-22-OVF\Ubuntu-22_DT-2.nvram") -ItemType 'ovf'</p>
Note: Should the New-ContentLibraryItem task fail, it can be corrected in one of two ways. Log into your vCenter server and delete the Content Library Item, or execute the command remove-ContentLibraryItem -ContentLibraryItem 'Ubuntu-22_Desktop' then rerun the New-ContentLibraryItem command above.
- Access your SDDC Console Browser tab, and log into your SDDC
- Click OPEN VCENTER
- Click SHOW CREDENTIALS
- Copy and Record the Default vCenter Credentials Password
- Click OPEN VCENTER
- Log into vCenter as:
- [email protected]
- {Default_vCenter_User_Password} (Copied from step 7)
- Bookmark this page and save the cloudadmin username and password for quicker access to vCenter
- In the upper left-hand corner Click the Hamburger Menu (3 vertical lines)
- Click Content Libraries
- Click {Your Content Library} to inspect it
- Click Templates, then OVF & OVA Templates. Your Ubuntu Virtual Appliance should be present and the size should be larger than zero
- Type the following command to create a Virtual Machine Folder in the vCenter Inventory
<p>New-Folder -name CloudProxies -Location (Get-Folder vm)</p>
- Back in the browser window for vCenter, go to the VMs and Templates view to confirm that the folder appears. Note: You will need to select the hamberger in the top left corner and select inventory.
We will now create a virtual machine from the Content Library
- Return to or launch PowerShell or Windows Terminal
- Type the following commands, first to create the Virtual Machine, then to Power it
Please wait for the 1st command to complete before running the 2nd command (Start-VM). Also, when prompted to confirm the VM power-on operation type Y
<p>Get-ContentLibraryItem -Name Ubuntu-22_Desktop | New-VM -name Ubuntu-DT -Location 'Workloads' -ResourcePool 'Compute-ResourcePool'
Start-VM -VM 'Ubuntu-DT' -Confirm -RunAsync</p>
- Back in the browser window for vCenter, confirm that the "Ubuntu-DT" VM deployed successfully and is powered-on
In Multi-Cloud scenarios, it is not uncommon to have multiple SDDC and Multiple vSphere clusters running across VMC on AWS, Azure VMware Solution, Google Cloud VMware Engine, IBM Cloud, just to name a few. The challenge however is to ensure each environment has a standardized inventory hierarchy, the required golden templates and virtual appliances needed to deploy workloads, customization specifications, and even the appropriate RBAC to control user access. In all these cases, standard PowerCLI commands (the same as those used on-premises) can be used to standardize these cloud-based vSphere environments.
VMware.VMC is a PowerShell Module for Managing VMware Cloud on AWS. Using this module you can do the following:
- Retrieve your AWS Account & VPC Information
- Connect to VMware Cloud
- Retrieve your VMC on AWS Organization Information
- Create and Manage SDDCs
- Create & Manage SDDC Clusters
- etc...
To use this module you must 1st generate an API Key. API Tokens are used to authenticate when authorized API connections are instantiated. Previously called an OAuth Refresh token, an API token is exchanged for an access token and authorizes access per organization. API tokens are generated from the account page in Cloud Services Console or through the VMware Cloud Services.
In this lab task you will do the following:
- Generate an API Token
- Retrieve your VMC on AWS Organization, SDDC and Cluster Information
- From your Virtual Desktop, go to your SDDC Console https://vmc.vmware.com/console/sddcs
and Login if required.
NOTE: Login steps can be found in steps 2 through 6 of Task 1
- In the Upper right-hand corner Click the {Username/Org} Dropdown
- Record your Organization name.
- Click My Account
- Click the API Tokens Tab
- Click GENERATE A NEW API TOKEN
- Select the following Options and Value(s):
- Token Name: {Your_Student_Acct}_API_Token (I.E. VMCExpert3-31_API_Token)
- Define Scopes: Select checkbox for All Roles
- Click GENERATE
- Click COPY
- Open Notepad, Paste in the API Key and save the file on the desktop
- Click CONTINUE
Make sure to save this refresh token in a safe place to be used in the next section when using API’s in Postman.
Now let’s attach to the VMC server, input the command below and append the refresh token after the -refreshtoken parameter
- From the Virtual desktop Launch Powershell 7, if it is no longer open
- Type the following command in the PowerShell Window
<p>Connect-VMC -RefreshToken {"Your_API_Token_From_Step_7"}</p>
If the command returns an error message, the PowerCLI VMC modules need to be installed. Type the following command:
Install-Module -Name VMware.VMC -AllowClobber
Answer Y to install. Once updated, rerun the Connect-VMC command.
- Type the following commands in the PowerShell 7 Window. If the Get-VMCOrg command fails, then run the Install-Module command mentioned previously and rerun the Get-VMCOrg command.
<p>Get-VMCOrg
Get-VMCOrganization -Name {Your_VMC_Organization_Name}
Get-VMCSDDCCluster
Get-VMCSDDCDefaultCredential -Org {Your_VMC_Organization}</p>
The VMC on AWS APIs allows you to Build, Automate and Manage your Software Defined Data Centers (SDDCs) running on VMware Cloud on Amazon Web Services
The VMware Cloud on AWS APIs are organized around REST (“Representational State Transfer”) operations for performing create, retrieve, update and delete operations on VMware Cloud on AWS resources. For ease of use and security, REST builds on the standard web protocols HTTP and HTTPS, using the normal network ports 80 and 443, which are both open in most data centers, and uses standard HTTP response codes and verbs.
As a Cloud Service VMware Cloud on AWS APIs are not publicly available and require an API Token for programmatic use. You will need a VMware Cloud Services account to generate an API Token which you will use to programmatically call APIs from your programming language of choice.
In this task we will be using the VMware Cloud on AWS REST API to get some basic information about your VMware Cloud on AWS Organization and SDDC deployment. To do this we will be using the new Developer Center feature in VMware Cloud on AWS. This was built specifically to focus on using APIs and scripts to create SDDCs, add and remove hosts, plus connect to and use the full vCenter API set. To get started, let go back to your VMC environment.
- From your Virtual Desktop, launch the Web Browser (Google Chrome Preferred)
and go https://vmc.vmware.com/console/sddcs if prompted - If your Browser window is still logged in from Task 3, click Services, then VMware Cloud on AWS. If not, you can skip this step
- Click Developer Center
- Click Code Samples
- Type Powershell in the Filter Samples Textbox
- Click on Download in the “PowerCLI - VMC Example Script” Tile
- After the Download Completes, Click on the File and Extract its Content
- In the extracted folder navigate to PowerCLI-Example-Scripts-master\Scripts\VMware_Cloud_on_AWS
- Right-Click the VMC Example Script File and Click Open
Now you can see the PowerShell commands you used in the previous task as well as other commands you can use with your SDDC. Review the commands and close the Notepad window
- In the SDDC Console browser window, click on the API Explorer tab, under Developer Center
- In the SDDC Drop-Down, Select your SDDC (I.E. VMCExpert3-31)
- Expand the VMware Cloud on AWS Menu, Click General
- Under API Category expand orgs, then expand the GET section for /orgs
- Click Execute, your VMC Organization(s) will be displayed
- Expand the Response for your Organization and Inspect the output
- Take note of and save the organization ID
- Scroll down and expand sddc
- Expand GET /orgs/{org}/sddcs
- Confirm that the correct org id is displayed in the org field, if not, please input the correct ID
- Click Execute
- Review the Response Output
Conclusion
Organizations must decide on a cloud strategy that meets the needs of their business, whether that is hybrid cloud and/or multi-cloud. Hybrid cloud is defined as the use of private cloud, and public cloud platforms to provide a flexible mix of cloud computing services, allowing for consistent infrastructure, simplified workload migration and placement. Multi-cloud, by comparison, is defined as the use of two or more public cloud providers with or without any existing private cloud infrastructure. Multi-cloud is an emerging strategy employed by organizations that need to meet specific technical requirements and business outcomes by leveraging services across multiple cloud providers simultaneously. Organizations adopt this approach when faced with a scenario where no one cloud platform is able to meet all their technical requirements or deliver all the necessary outcomes for the business. This often occurs through mergers and acquisitions (M&A), where businesses find themselves with application, operational and financial ownership across clouds that may not align with their initial cloud strategy. This model affords organizations the flexibility, choice, and unique opportunity to be intentional about their approach to infrastructure and application modernization (e.g., refactor/build, replatform, rehost/migrate, retain, or retire)
- Refactor / Build involves changing the application at the source code level. Typically, applications are re-written to take advantage of cloud micro-services architecture and to incorporate new services such as IoT, machine learning, and others.
- Replatform involves changing the operating system, such as going from Windows to Linux, modifying the application middleware, such as going from a self-managed database to a cloud provider managed database or from a virtual machine to a container image.
- Rehost / Migrate involves either changing the hypervisor. (e.g., migrate applications from one virtualized environment to another) which is known as Rehost or moving an application without changing the underlying hypervisor or application at a source code level (e.g., migrate VMs from one virtualized environment to another without requiring changes) which is known as Relocate.
- Retain means leaving workloads in a private cloud environment
- Retire means decommissioning workloads and/or converting to SaaS
For most organizations, the need for a multi-cloud strategy is rapidly becoming an inevitability. Considerations for multi-cloud are not limited to just technical decisions. Service level agreements (SLAs) and service level objectives (SLOs), instance types or node specifications, region/availability zone (AZ) placement, storage, and network performance characteristics are important factors, but do not stand alone. Business considerations such as existing commercial agreements, regulatory compliance requirements, organizational culture and cloud perception, skills availability, and many others are also critical concepts to weigh in when building out a complete multi-cloud strategy. The VMware Multi-Cloud Management Framework provides cross-cloud/cross platform tools for system-wide management.