Episode 12 - Cloud Director 10.5 - What's new, VMware Explore outlook
Speaker 1: Hello and welcome.
It's been a while. We have been
busy doing some Cloud Director
news, but we are now back with
the VCD Roundtable almost the
same group as in the past, a few
changes, but we are getting
back on track in preparation for
VMware Explorer in Las Vegas. I
still need to get used to the
new name. I still am trying to
not say VMworld, but maybe let's
see how good we get that to be
done today. We are going to
shortly do an introductory round
in a second, but before we do
that, today's episode is going
to cover nearly everything
around VCD 10.5, except for a
good part of the networking
features, because it's so much
that we will dedicate a separate
episode just to the VCD 10.5
network sections. With that
being said, my name is Yves
Sanford, CEO of the Comm
Division Group, one of the lead
architects in our service
provider division, taking care
of not only the technical but
more the business advisory
services for service providers
all around the globe. And, with
that being said, I'm allowed to
pick who is going to introduce
himself next and I'm going to
throw it over to Toby, who has
already the bridge behind him.
But you should actually have
Vegas behind you.
Speaker 2: Yeah, it's the wrong
bridge. We are not going to San
Fran, we are going to Vegas.
Yeah, good morning, good
afternoon, whatever time zone.
You are listening. My name is
Tobias Barschek. I'm a solution
architect for the whole
networking stuff inside Comm
Division. I'm a partner at Comm
Division and, as already said,
focusing on the whole networking
story. Yeah, and I would like
to hand over to Jörg.
Speaker 3: Hey, yeah, my name is
Jörg Lief. I'm a technical
product manager at VMware and
VMware's cloud provider division
and I'm working educating
people around cloud director and
all the different integrations
and extensions that we have. And
with that, over to Matthias.
Speaker 4: Yeah, hi, matthias.
Partner at Comm Division cloud
architect taking care of cloud
director NSX and the automation
around all those products, sasha
.
Speaker 5: Hi, my name is Sasha
Schwung, partner and cloud
architect at Comm Division,
working a lot around of designs,
cloud director working with
container service extensions and
a lot of NSX V2T migrations
still.
Speaker 1: Okay, thanks for the
introduction. Yeah, 10.5 Cloud
Director came out. I think,
especially when we look in the
next episode on the networking
features, quite a lot of very
good enhancements. Let me just
browse over the list of some of
the changes we have ahead of us.
Or we got with this release,
one of them which I found
interesting because we although
it's not necessarily a daily
feature, but the feature set to
utilize the VM discovery is
quite an important one for many
customers because it's a good
way, especially when we migrate
or set up new service providers
who have never used VCD before,
and we kind of solve the whole
story on how do we get the
existing customers onboarded. I
mean, there's always the way to
use tools like Cloud Director,
availability for it as well, but
very often it's hey, how can we
onboard customers without
having any interruption? And one
of the very easy ways is to
just actually create the
resource pools and move virtual
machines in. In the past, one of
the challenges was that this
was a very, very generic setting
you could only turn off, on and
turn off, and so I'm definitely
looking forward to having a
finally feature which allows me
to do that on an organizational
work VDC level, which also
allows me to be a bit more
secure that not by mistake
things jump into the wrong VCD
instance. So I definitely look
forward to utilizing that
feature in the next few days and
in weeks on our next projects.
But there are a few other
features as well. So, sascha,
what do you want to point out
from the feature list?
Speaker 5: Yeah, so for me it's
very interesting the complete
network stuff with NSX
Federation, because we talked in
the last few months with a lot
of cloud providers about NSX
Federation and the possibilities
in the future. Though, no, we
have the first supported way
with NSX Federation, so I think
that will be a big part for many
cloud providers working
international and with many
locations.
Speaker 1: Okay, but I think
that's something we are going to
cover in the separate episode.
So there are also the changes
around the catalogues and
catalogues synchronization,
which I think are a very
interesting storyline overall,
because synchronization has
always been a big topic for
service providers on how we do
that, how we can speed things up
, and I think that's a very good
scenario. Jörg, do you want to
throw some more details behind
some of those features, maybe?
Speaker 3: Yeah, there have been
a lot of improvements on the
mechanics of the catalog system.
For that that's already going
on for the last couple of
versions, but now with 10.5,
there hasa big change in the
user experience as well. So in
the past we are working towards
revamping the catalog system of
Cloud Director, which has been
there since the very first Cloud
Director release and it's just
not up to date anymore in terms
of multi-site installations or
more global installations where
you have multiple VCD
installations or different data
centers managed by the same
Cloud Director. So there are a
bunch of mechanical improvements
how the catalog system works,
and improved support for shared
storage, for example, so that
VCD recognizes templates or ISO
images in the catalog that are
available to multiple V centers
and managed by the same Cloud
Director instance. So it avoids
a lot of cloning and data
transfer steps that are needed.
You share catalogs between
different organizations or
between different locations in a
Cloud Director environment. And
then from a user experience
perspective, that's likely one
of the biggest changes for the
tenant end user that we have in
VCD 10.5 is that we included a
lot of functionality from App
Launch Pad into the core VCD
yeah tenant UI. So that means
that in earlier versions where
you installed App Launch Pad as
an extension to offer more
service catalog style user
experience to your tenant users
as a provider. With VCD 10.5,
you now can do that out of the
box. So with the VCD 10.5,
Content Hub is a very prominent
menu item in the main navigation
menu of the VCD UI, the
Provider Portal and the Tenant
Portal, and it allows you to
offer not only the V app
templates or ISO images but also
new container-based
applications, like based on Helm
charts, as items for the
tenants to use. So this
integrated with the catalog
systems. You can publish your
own V app templates if you want
to. So the catalog workflows
that you had in past with
capturing existing V apps into
the catalog that, of course, all
still works as it was before,
but it's also integrated nicely
with the new UI so that you can
add additional information about
the V app and you can
synchronize from external
repositories like the VMware
Marketplace, Bitnami Helmchart
repository or even external
repositories like the NVIDIA NGC
catalog for AI workloads. So a
very good way for US service
provider to very quickly offer
new content for your tenant
users to consume and, of course,
with the very easy consume
interface, for your tenant user
to very quickly deploy new
workloads into their
organization VDCs or even their
Kubernetes clusters, in terms of
their container and
Helmchart-based applications.
Speaker 1: Good, matthias,
anything you want to point out
from the long list of VCD
enhancements we got with 10.5?
Of course I want.
Speaker 4: So first of all, I
would like to add a little bit
of information in terms of
virtual machine import
functionality because, to be a
bit more precisely, we now have
the ability to turn it off
globally and enable it on a per
organization base. In the past
we could enable it globally but
turned off, but now we have
exactly the other way around,
which makes it more flexible, as
you have already pointed out.
The second I would really love
to mention is the improvement in
terms of IP spaces. Short
summarization what is IP spaces
enabling us? It allows the
service provider to manage IP
addresses and ranges and provide
IP address and ranges to their
tenants. The tenants are able to
consume those IP addresses or
ranges as they like and we can
just charge for it, because
that's what we want to do. The
cool thing in 10.5 is we now
have the ability to migrate
existing assigned IP ranges into
IP spaces to enable the
automated consumption or the
better or easier consumption for
the tenants. I think that's a
big improvement and will provide
a very easy way for service
providers to add additional IP
addresses, because in the past
it was always a manual approach,
adding additional IP addresses
to educate, raise for their
tenants. So I think that's a
very good and important
enhancement On top BGP and I'm
currently looking at Toby and
his bridge. Toby, what are you
thinking about? The new BGP
enhancements having the ability
to deal with route maps and
stuff from the VCD?
Speaker 2: UI perspective
Dealing with the whole BGP story
. So we can now create route
maps, we can do prefix filtering
in the VCD UI, we can utilize
as you have mentioned it before
already the new IP spaces also
on our dedicated BGP
configuration. So this is or we
need to use it, to be fair,
because we can utilize the route
maps only if we have the IP
spaces already enabled. But, as
mentioned before by Eve and by
Sasha, we will cover this in our
dedicated networks session a
little bit deeper. What I would
like to add, and what is really,
from my perspective, an
interesting feature and what was
a little bit pain in the ass in
the past, is that we now have
the ability to leverage shared
data stores across V centers for
migration and that we now don't
need to export the whole VM in
an OVF on our VS transfer share
and we import it because now we
have the ability to leverage
shared data stores across
multiple V centers and VCD is
now capable of discovering hey,
there is the same data store map
on different V centers. So this
is also a nice and then big
improvement from my perspective.
What else do we have? Sorry,
time saver, time saver, yeah.
Speaker 1: I think another
important part is that we also
now got an yeah, I wouldn't
necessarily call it an
additional way to manage
infrastructure before you had,
when you had VCD as the service
provider, you always had the
choice you can actually either
provide a PVDC to a customer or
you could actually provide them
with a C-POM the ability to
directly access a V center. The
ability to get now used both on
the same infrastructure I think
is opening up an interesting
door for certain use cases where
, in the past, service providers
especially when it came also to
white label services, but also
for other features where you had
larger organizations typically
as customers and there was the
kind of end user basis who used
utilize self service they were
fine with the VCD interface, but
at the same point in time, you
also had to deal with their
existing IT team, which always
came back as like yeah, but VCD
is a complete new UI. We can't
actually leverage the same as
what we have in V center and
what we are used to, and now,
with the combination that for
one tenant, you can basically
give them both sides of the
story, I think that's a very
good addition, especially in
those use cases where we have
customers who are not running a
shared infrastructure. Because
when I look at the hundreds of
service providers we work with
on a regular basis by now, then
it's a very clear situation that
, yes, you have the shared
infrastructure where the
customers might have only 5, 10,
15, 20 VMs, but it's also a
good chunk of service providers,
not only in the US, who really
have dedicated V centers and
dedicated hosts for a specific
customer, and I think giving
them now the choice that they
don't no longer have to pick
between whether we do C-POM or
PVDC is a great story. Combining
that with the fact that we have
more flexibility from an import
perspective now makes the whole
onboarding story a lot easier,
because a lot of the service
providers where we onboard them
and do a greenfield VCD
deployment in the past still
have a lot of existing V sphere
and V center clusters out there,
because for them it's very hard
to transition the customers
from that behavior into the VCD
behavior, because every human
being, or most human beings, are
very reluctant for any kind of
change. So if users are used to
the fact that they can just
actually go into a system and
have V center access, it's very
hard to limit them down to VCD.
Having now the combination that
I can utilize the import feature
for organizations via resource
pools, et cetera. Combining that
with two different access
layers for it, I think is going
to make that onboarding piece
for especially existing service
providers a lot of easier.
Speaker 4: And we have a very
nice new feature in terms of
security troubleshooting. I know
we have a dedicated networking
recording, I know. But I want to
point out one very small detail
, because in 10.5 we now have
for the firewall rules a logging
ID element which contains the
NSX firewall rule ID which is
used for syslog. So if we now
need to troubleshoot firewall
rule sets, we can now access the
rule ID directly and go to I
wouldn't say be realized log
inside, but I think it's now
called ARIA operations for log
For log yes, yeah, I think
that's the correct name and use
that ID for filtering or
creating dashboards. I think
that's very interesting for
troubleshooting.
Speaker 1: Everybody imagine
ahead of behind Mattias screen,
a huge wall of all the new
product names so that he tries
to actually stick with them all
the time.
Speaker 4: Yeah, it's
challenging.
Speaker 1: So, although I know
it's not Mattias topic but I
know definitely it's York's
topic, we can't get around the
Terraform perspective. I know
this can could easily lead to an
hour-long discussion, but I
think it's just important to
cover the new features, updates
and everything else and don't
have a discussion about the use
of it or not?
Speaker 3: Yeah, so the
Terraform provider. That's an
adapter that allows users to use
well HashiCop's Terraform tool
to automate Cloud Director
environments and there are a lot
of different use cases for
service providers and for tenant
users to well create and manage
stuff in VCD through that
Terraform infrastructure as code
strategy. And the provider is
an open source provider so you
can find the source code on
GitHub and can also get directly
in touch with our engineers
through GitHub issues and the
community on GitHub, and it is
sponsored and maintained by the
Mware engineering team and the
Cloud Director team. But there
are also a lot of contributions
from service providers and
sometimes even from end
customers who contributes on
code or at least some feature
requests and bug mentions on the
GitHub issues, and that
Terraform provider has a release
cadence that's independent from
VCD, but of course, they try to
stick pretty close to the VCD
releases when it comes to new
features and new API versions.
So we do have a new version of
the Terraform provider as well
that came out a couple of weeks
ago and that now will add
support for IP spaces so that
you can consume IPs that are
managed through IP spaces
through Terraform, and it has
some improvements for container
services extension as well. So
it's now possible to really
create and manage Kubernetes
clusters that are managed
through container service
extension with the Terraform
provider as well. In addition to
that, there have been a lot of
smaller bug fixes and
improvements that really came
based on the feedback through
the GitHub issues on the
communities. That's it for
Terraform.
Speaker 1: Good, sasha, as I
know, you have compiled the
whole list. Did we miss anything
really on the 10.5 list for
features which are not
necessarily network related
because, as I said, we are going
to have a dedicated network
session overall?
Speaker 5: Yeah, I think we are
good with the New features.
Speaker 2: Yeah, but there is
one thing I would like already
to add Regarding having a
supported environment in the
future, because it is already it
is now starting, but service
providers should now have in
mind that they need to have a
successful SMDB outbound
connectivity configured. It
becomes required and all users
absolutely independent if they
are imported from an active
directory or from an IDP need to
have configured an email
address. In the next versions,
starting with 10.5, it is
already now the starting point,
but from the new, next releases,
if the user don't have
configured an email address,
some features will not be
available anymore. So this is
really, from a supported
perspective, an important part.
Please verify that your Cloud
Director has an SMDB
configuration and that all of
your users have an email address
configured.
Speaker 3: Yeah, that's a good
point. Thanks for before
mentioning that that's part of
our overall strategy to have
yeah, Not VCD taking on local
user management anymore in
further future, but really rely
on external identity management
systems and identity providers
to authenticate and manage users
. And well, all of these
technologies be that SAML or
OIDC or OOUT or whatever
protocol or mechanisms used they
all rely on having an email
address to identify the user and
as part of that, we now require
the users to have a configured
email address. There are also
some tools they are API only
that makes it easier to migrate
and import users and migrate
users between the local user VCD
management and pass through
external identity providers. So
that's something that you should
keep in mind for future that
eventually we are going to
deprecate the support for local
users in VCD.
Speaker 4: What I would like to
add is we should not only talk
about things which are new, the
new hotend nice stuff, also
things about being deprecated,
and VMware is pretty clear in
10.5 that it accelerates the
deprecation speed in the API. So
a few additional versions are
not deprecated on the API, and
especially the API version 38, I
think, is no longer supporting
slash API, slash sessions for
authentication. So that's a big
change and everybody using API
needs to revalidate if the
authentication has already been
moved to the JWT mechanism.
Speaker 3: Yeah, very important
point, because that, of course,
will finally break older API
clients that are not using this
new endpoint anymore for logging
in. By the way, that has been
deprecated, I think, for the
last three versions of VCD or
VCD API, so you had some time to
change your API clients, but of
course we know it's true. But
now they're really mentioning
yeah, it's accelerating yeah
please move Version 38, it
really breaks now if you don't
log in with the new endpoints.
Speaker 4: Yes, I think more and
more stuff is moving towards
the Cloud API. Everybody should
really start migrating towards
the new API instead of using the
old stuff, say, as Sasha
mentioned at the beginning,
still to be to the migration.
Speaker 1: Yeah, I was just
about to say who are you looking
at, matthias?
Speaker 4: Being honest at my
screen. Yeah, the middle.
Speaker 3: Yeah, there's one
other feature that's mentioned
in the release notes which is
likely not that important for
providers or end users yet, but
rather for ecosystem partners
who build integrations with VCD.
A couple of versions ago we
introduced the new solutions
add-on framework to make it
easier for ecosystem partners to
integrate with VCD and manage
their solutions through the
provider portal, and there have
been some additions and
improvements to that solution
add-on framework as well in 10.5
. So it's now possible for the
provider to upgrade solution
add-ons through the UI and API.
So the version control and the
life cycle management of these
extensions gets much easier. And
of course, you can now publish
solutions on the pertinent base.
So that allows you to really
offer some value add services
and monetize these services on
the pertinent base that you
offer them. I don't know backup
solutions or antivirus solutions
or what else we have in our
ecosystem integrating with VCD.
Speaker 1: Good, then, I think
we have mostly everything taken
care of for the 10.5 release. I
think those people who are going
to attend the VMware Explorer
in Las Vegas there's definitely
something going to be at the
VMware booth. There are
definitely going to be some
sessions around 10.5. So if you
haven't added them to your
calendar so far, then please
make sure to do so. Also, we are
happy to announce from the
CommDivision team that we have a
dedicated room where we can
meet, hang out etc. With all our
service provider friends. So if
you haven't made an appointment
yet with us, reach out to us
over social media or anything
else. We are more than happy to
welcome you, have a little drink
, a Coke or something else and
then actually enjoy the time in
our suite together and talk a
bit about VCD etc. We might even
do some ad hoc session
recordings from there for around
VCD and for the VCD roundtable.
So stay tuned, keep us posted
for everything you do during the
VMware Explorer 2023 in Las
Vegas. So I'm still getting used
to it and we are going to cover
in our next VCD roundtable
episode everything around 10.5,
networking and some of the other
changes which you just need to
be aware of around networking.
Hop until then, have a good day
and see you soon.
Creators and Guests
