An existing cloud provider infrastructure needs to be transformed to enable self-service for their customers. The current solution uses virtual machine-based firewalls for network separation, and the virtual machines are managed by the Service Provider (SP) using a vCenter Server. Customers consumed all services as a managed offering.
A summarization of the customer‘s Head of cloud solutions & managed services: “Customers would like to leverage self-server to manage their virtual machines and networking features. Furthermore, enabling customers taking over basic management tasks frees up resources to increase infrastructure development speed.”
Matthias Eisner, comdivisions lead architect for this customer, knows about the idea: “Many Service Providers need to reduce the workload on the internal IT staff to accelerate infrastructure development, enabling the SP to offer more advanced services like Kubernetes clusters to onboard cloud-native applications. Automation and self-service are key components of achieving a workload reduction.”
The current workloads are running native on vSphere and are connected to virtual switches. Centrally managed virtualized firewalls provide needed networking services, like a VPN tunnel to the on-premises workloads. These customer workloads need to be migrated into the new self-service portal. A maintenance window per customer to switch over networking features is possible. Many customers also consume physical AS400 hosted in the Service Provider’s datacenter.
“Finding a partner understanding the cloud provider business on the one hand and having knowledge and experience in NSX-T is key. Just a design and the implementation of additional products is not solving the needs of the internal IT department. Knowledge transfer and ongoing support is mandatory” says the customer’s leading cloud architect.
Introducing VMware Cloud Director together with NSX-T for software defined networking provides the base layer for the first step in the journey. Having multi-tenancy, the introduction of managed service interfaces per customer to connect physical workloads as close to virtual workloads as possible provides a seamless multi-tenant experience.
Designing and implementing the new solution together was a great foundation starting an intensive knowledge transfer session, bringing the internal IT folks to the next level and closer to the cloud-native vision of the management.
Using virtualized default gateways even for physical workloads was a game changer. The integration of physical workloads into virtualized VPN tunnels, routing processes and firewalling was straight forward and easier than initially thought” says the lead of the operations team. “The network management services used in the customer environment reduce complexity.”
Working with us as a team, comdivision understood our needs and was able to provide a design fitting our needs. The ongoing knowledge transfer was a valuable experience.