F5 and VMware Solution Guide by linxiaoqin


									F5 and VMware Solution Guide

Virtualization solutions to optimize
performance, improve availability,
and reduce complexity
>>   Increased VM density by up to               >>   Integration with vCenter Server
     60 percent
                                                      Respond to infrastructure changes
     Free up server resources to by offloading        with VMware and F5 integration.
     CPU-intensive operations.
                                                 >>   Integration with SRM for global
>>   Long distance vMotion                            traffic management

     Enable fully automated long distance             React quickly to SRM events by
     vMotion and Storage vMotion between              redirecting application traffic to the
     data centers.                                    failover site.

>>   Load balancing and traffic                  >>   Improved manageability
                                                      Simplify the management of
     Provide advanced load balancing and              application networking devices
     traffic management for virtual servers.          with the F5 Management Plug-In
                                                      for VMware vSphere.
Unlock the power of virtualization
with F5 and VMware solutions

The benefits of virtualization with VMware are clear. However many organizations
continue to expect more from their virtualization initiatives, including:

· Tighter server consolidation
· Simplified management
· Higher application performance
· Increased network agility
· Greater operational efficiency and automation
· Greater virtual desktop security
· Improved virtual desktop user experience

The combination of F5 and VMware unlocks new opportunities to meet these demands.

F5 and VMware have worked closely to integrate solutions, such as:
·   vSphere                                     ·   F5 BIG-IP® Local Traffic Manager™
                                                    Virtual Edition (LTM VE)
·   vCenter Server
·   vCenter AppSpeed                            ·   F5 BIG-IP® Global Traffic Manager™ (GTM)

·   vCenter Site Recovery Manager               ·   F5 BIG-IP® Optimization Module™ (WOM)

·   VMware View                                 ·   F5 ARX® File Virtualization Solution

·   F5 BIG-IP® Local Traffic Manager™ (LTM)
Data Center Efficiency
Reduce hardware, power, and facility costs


One of the most compelling advantages of virtualization is building greater efficiency.
Within data centers of all sizes, server consolidation delivers reductions in physical server
infrastructure and power consumption. Organizations commonly see consolidation rates
of 10 times or more. But what if it were possible to increase your consolidation rates
even further? Certain computational transactions like SSL are more efficiently performed
in ASICs than general-purpose CPUs. This opens the door to even greater server
consolidation rates, often up to 60 percent greater than server virtualization alone.

But consolidation will only get you so far in meeting the growing expectations of your
IT organization. There are also more and more demands on your applications that
affect performance and availability. However, it is possible to simultaneously improve the
performance and availability of your virtualized applications even while consolidating your
servers. Optimizing application traffic using techniques like load balancing, acceleration,
transformation, rate shaping, and connection persistence can yield great improvements
in application performance and availability.

Organizations often face new VMDK (Virtual Machine Disk Format) storage challenges
as they move forward with their virtualization initiatives. As a result, file management
becomes more complex, storage bottlenecks appear, and storage costs increase.

Key benefits
·   Improve server consolidation by offloading
    CPU-intensive tasks from the servers
·   Increase performance and availability by
    optimizing application traffic
·   Optimize file storage infrastructure and
    reduce costs
                                                                    VM VM VM VM

                                                                     VMware ESX

                                                                    ESX SERVER

                                                                    VM VM VM VM

                                                                     VMware ESX

                                            BIG-IP LTM                                               ARX
                                                                    ESX SERVER

                                                                    VM VM VM VM
         F5 SOLUTION BENEFITS:                                       VMware ESX                                NFS
                                                                    ESX SERVER

                 THE SOLUTION

                 BIG-IP Local Traffic Manager optimizes connections, routes traffic, and balances loads
                 across virtual machines (VMs), offloading many of the functions that create CPU and
                 memory strain. Offloading these functions to a purpose-built appliance can free up to
                 40 percent1 of server CPU and memory resources, creating a 60 percent increase in
                 VM guest density on the same host. This enables servers to operate more efficiently and
                 frees up server capacity.

                 Availability gains from BIG-IP LTM apply equally well to virtual servers. They include:

                 ·   Application acceleration up to 3X

                 · Improved security for applications and data
                 · Reduced bandwidth usage
                 · Full control of traffic to handle changing business, infrastructure, and
                     application demands

                 Organizations can address their virtualization storage challenges by taking advantage of
                 intelligent file virtualization with the F5 ARX series. ARX abstracts the virtual file location
                 from the physical storage location. Enabling transparent and automated policy-based
                 allocation of files across different storage tiers.

                  F5 tests performed on Microsoft Exchange and vSphere 4 yielded a 40% reduction in CPU
                  utilization from BIG-IP LTM, thus an equivalent 60% increase in VM guest density on
                  the same host. See www.F5.com/vmware a detailed overview of the test plan and results.
Long Distance vMotion
Linking data centers across the city or thousands
of miles apart


VMware vMotion enables users to move an entire running virtual machine from one
server to another and with VMware Storage vMotion, you can migrate VMDK files
across storage arrays. However, getting reliable and rapid performance of vMotion
and Storage vMotion events typically requires their movement to be restricted within
a single local vCenter Server cluster and a single layer 2 broadcast domain. Their
performance is naturally sensitive to poor network conditions like latency and packet loss,
which historically prevented long distance vMotion events. Furthermore the cost and
complexity of encrypting vMotion traffic over the WAN adds to the difficulty.

Key benefits
·   Application migration between
    data centers
·   Disaster avoidance
·   Capacity expansion

 DATA CENTER 1                            BIG-IP GTM                  DATA CENTER 2

         BIG-IP LTM                                                         BIG-IP LTM
                                WAN OPTIMIZATION
        VM    VM   VM     VM                                               VM    VM   VM     VM

             VMware ESX                                                         VMware ESX

             VSPHERE             VMOTION               VM   VM   VM             VSPHERE

                                 VMOTION               VM   VM   VM
          STORAGE                                                            STORAGE


F5 and VMware have developed a complete solution for running vMotion and Storage
vMotion events together, between vSphere environments and over long distances.

The solution components enable vMotion migration between data centers without
downtime or user disruption. Key solution components include:

· Encryption and compression of vMotion traffic between sites using BIG-IP LTM
  iSessions feature

· Byte-level data deduplication of vMotion traffic between sites using BIG-IP WAN
  Optimization Module

· Client traffic management with BIG-IP LTM to direct user traffic to the correct VM
· Data center traffic management with BIG-IP GTM

One example is a Windows Server guest vMotion event across a 622 Mbps link with
40 milliseconds of round-trip time and zero packet loss, which would normally take more
than five minutes to complete. With BIG-IP WAN Optimization Module it takes less than
30 seconds. The worse the WAN conditions, the greater the potential improvement.

And when the vMotion event acceleration is combined with dynamic global and traffic
management, newly migrated VMs are recognized quickly, without disrupting existing
user sessions.
Data Center Automation
Automate your Application Delivery Network


Unexpected traffic spikes can wreak havoc on application availability. Yet providing server
capacity to cover all conceivable scenarios is simply too expensive. Fortunately vSphere
simplifies provisioning new VMs on demand. In order for these newly provisioned virtual
machines to properly integrate into the application network and assist in improving
availability, the network must typically be manually adjusted. This function is not handled
by virtualization solutions, and as a result it can take IT staff additional time to respond.

In addition, as the number of virtual machines increases, so can the amount of
time required to manage them. IT staff are often required to perform routine network
management and maintenance tasks that could otherwise be automated.

Key benefits
·   Improve network responsiveness to
    the virtualized applications
·   Reduce management complexity in the
    virtualized environment
·   Improve IT staff efficiency with automation
·   Minimize manual configuration errors
  MANAGEMENT                                                       CLIENTS                CLIENTS

                            iCONTROL API
                                                                        BIG-IP LTM

 VMWARE VCENTER                                               APP SERVER VIRTUALIZATION

                                            VM    VM   VM     VM        VM    VM   VM     VM         VM    VM   VM     VM

                                                 VMware ESX                  VMware ESX                   VMware ESX

                                           APP SERVER                  APP SERVER                   APP SERVER

                                                               STORAGE VIRTUALIZATION


                                           NFS                                 NFS                                          NFS


F5 solutions greatly simplify network deployment, management, and maintenance tasks
through automation. Specifically, BIG-IP LTM integrates with vCenter via the F5 iControl®
API to receive instructions that enable it to adjust network traffic in response to changing
application conditions.

When new virtual machines are provisioned by vCenter, BIG-IP LTM can automatically add
those new servers to its load balancing pool and can direct traffic to them. BIG-IP LTM
waits until the VMs are responsive before sending traffic. At the same time, BIG-IP GTM
knows when virtual machines or entire data centers are overloaded or unavailable and
reroutes traffic accordingly. BIG-IP LTM and GTM can respond to fluctuating traffic
without the need for manual intervention.

Similarly, BIG-IP LTM can identify and distinguish between different “classes” of users.
For example, requests from high-priority users can be served up from a higher
performance VM pool. This and other similar functions maximize the performance and
availability of physical and virtual application resources.
Business Continuity
Protect your business and minimize application downtime


Businesses cannot afford to be without their core applications and web-based services.
In traditional IT environments, it is difficult to move an application from one data center
to another or even from one server to another. To compensate, many companies install
more hardware, which also increases the cost.

Virtualization dramatically improves failover and disaster recovery (DR) capabilities by
making packaged application files easy to clone, migrate, and reboot. Solutions like
VMware vCenter Site Recovery Manager (SRM) further simplify the process of planning,
testing, and recovering a single application or an entire virtualized infrastructure. Despite
the automation of SRM, the DNS server must be manually configured to re-route
incoming traffic to the new site. It is difficult to fully automate the process, and can result
in delays and mistakes during failover.

Because application traffic must be redirected in after DR events, many organizations rely
on IT staff to manually implement the steps contained in their pre-defined DR run books.
Under stress, such as in a true DR scenario, any manual process can be subject to error.

Key benefits
·   Load balance across data centers
·   Maximize application availability and
    minimize the impact of downtime
·   Increase the speed of large data
    transfers over the WAN

        SITE 1 (PRIMARY)                                                                                             SITE 2 (BACK-UP)

                ROUTER                                                                                                      ROUTER
                                                              BIG-IP GTM                      BIG-IP GTM

               BIG-IP LTM                                                                                               BIG-IP LTM
                                                                      APPLICATION DELIVERY

  VMWARE        VM    VM   VM     VM   VM    VM   VM     VM
                                                                           VM REPLICATION                      VMWARE       VM    VM   VM     VM   VM    VM   VM     VM

VCENTER SITE         VMware ESX             VMware ESX
                                                                                                             VCENTER SITE        VMware ESX             VMware ESX
 RECOVERY                                                                                                     RECOVERY
 MANAGER                                                                                                      MANAGER

                                                                           DATA REPLICATION

                                                                                                           BIG-IP LTM SUPPORTS DISASTER RECOVERY
                                                                                                           - AT THE DATA CENTER LEVEL
                                                                                                           - AT THE SERVER LEVEL
                                                                                                           - AT THE VIRTUAL MACHINE LEVEL

                             THE SOLUTION

                             F5 BIG-IP Global Traffic Manager offers holistic control of global traffic to ensure
                             maximum availability and performance of applications running across multiple data
                             centers. It reacts based on predefined business policies and varying infrastructure

                             The integration of BIG-IP GTM and VMware SRM provides a complete solution for
                             automated disaster recovery between two data centers, or to the cloud. In the event
                             of disaster, SRM automatically orchestrates the failover of VM guests and virtual
                             infrastructure between the two sites, while BIG-IP GTM redirects all incoming client
                             application traffic to the secondary site. BIG-IP GTM and SRM are easily integrated via
                             the F5 iControl API.

                             Because BIG-IP GTM sits in both the source and target sites, failover can happen
                             automatically even if one device suddenly disappears. Furthermore, while waiting for
                             suspended VMs to come online, BIG-IP GTM can respond back to clients with a
                             custom HTML page.

                             In addition, F5 BIG-IP WAN Optimization Module improves the transfer of data over
                             the WAN during a failover. This module enables large volumes of data to be transferred
                             from a source to a target data center quickly using compression and deduplication.
                             BIG-IP WAN Optimization Module encrypts traffic before transmission and decreases
                             bandwidth requirements.
Virtual Desktops
Provide a consistent, secure user experience with
high application availability


Over recent years, many organizations have elected to replace their desktop PCs with
simple client terminals and give users access to centrally stored applications and services
over the LAN or WAN. In addition to the hardware cost savings, virtual desktop solutions
such as VMware View are easier and more cost-effective to manage and secure.

For such a solution to succeed however, users expect the same performance from virtual
desktops as physical desktops. In addition, scaling the centralized connection servers can
be expensive. Finally, organizations need to ensure that the connections are secure, but
without sacrificing simplicity of the user’s access and authentication experience.

Key benefits
·   Simplify secure access with single sign-on
·   Deliver a high performance virtual desktop
    experience to users
·   Reduce the cost for large deployments by
    minimizing the number of servers required
·   Ensure network and application security

                                                                                             VCENTER SERVER

                                                                            VDM CONNECTION
   CLIENT                                                                       SERVERS

                                                                                             VIRTUAL DESKTOPS

                                                                                                VM    VM   VM     VM

                                                                                                     VMware ESX
                                         BIG-IP LTM   BIG-IP EDGE GATEWAY

                                                                                             ACTIVE DIRECTORY


                 THE SOLUTION

                 F5 BIG-IP LTM delivers load balancing, health monitoring, rate shaping, and server
                 resource offloading for the virtual desktop connection servers. This provides high
                 performance SSL termination and compression, and improves the overall solution’s

                 Additionally F5 BIG-IP Edge Gateway addresses security challenges by enabling secure
                 remote access using high speed SSL everywhere and integration with authentication and
                 directory services. Unlike many SSL VPN solutions, F5 can securely transport the PCoIP
                 protocol without degrading its performance. Finally, BIG-IP Edge Gateway streamlines
                 the authentication process into a single quick and easy step for users by ensuring high
                 endpoint security prior to login.
Application Virtualization
Ensure high performance for applications


Enterprise applications, such as Microsoft Exchange, OCS, SharePoint, SAP, and Oracle
are critical for day-to-day operations. But they can also be a source of inefficiency. In
traditional IT environments, these applications can require vast numbers of servers, not all
of which are fully utilized.

Virtualization can reduce some of this inefficiency through server consolidation, but
virtualization technologies are primarily focused on the hardware and operating system
layers—not the applications layer. Therefore, when organizations decide to pursue a
virtualization strategy, they need to take steps to ensure that the new environment does
not adversely impact application performance.

Key benefits
·   Reduce the risks associated with implementing
    an application virtualization strategy
·   Minimize hardware and power costs by
    maximizing the density of virtual machines
·   Optimize performance and application
    availability for users
·   Maximize the return on investment of a
    virtualization strategy
                                                                  PRE-DEFINED APPLICATION
 BIG-IP GTM                                                       CONFIGURATION OPTIONS
                                                                  - SHAREPOINT
                                                                  - EXCHANGE
                             HIGH PERFORMANCE                     - SAP
                             WEB ACCELERATION                     - ORACLE
                                                                  - IIS
                                                                  - VMWARE VIEW
                                                                  - ETC.
                                BIG-IP LTM

NETWORK-RELATED                  SERVERS             PERFORMANCE



F5 minimizes application-specific network risks when moving to a virtualized platform
by providing solutions that are optimized for specific applications and accompanied by
comprehensive, predefined profiles within BIG-IP devices. Often deployed in traditional IT
infrastructures, these predefined profiles are just as beneficial in virtualized environments.
Use of these application templates can lead to a 90 percent reduction in manual user
inputs, thereby reducing configuration time and data-entry errors. One of the predefined
application profiles provided in BIG-IP LTM is a VMware View (virtual desktop) profile.
Providing a best-practice configuration model, this template incorporates experience in
designing optimal VMware View systems and dramatically simplifies installation.

Additionally, organizations that rely heavily on web-based applications can take
advantage of F5 BIG-IP ® WebAccelerator.™ BIG-IP WebAccelerator speeds up access
and decreases web page load time. It also drastically reduces the CPU load on web
application servers in virtualized environments through a combination of intelligent
caching, connection pipelining, and exploitation of browser behavior.
Cloud Computing
Deliver reliable web-based services


Cloud computing presents a significant opportunity for increased data center agility
and cost savings. Along with the vSphere platform, VMware vCloud Director simplifies
the process for cloud providers or large IT organizations to offer self-service cloud
computing. However there are fundamental challenges to ensuring that these
cloud services offer the same security, availability, and performance as traditional
on-premise computing.

Key benefits
·   Keep control over authentication locally while
    running applications in the cloud
·   Ensure consistently high security, performance,
    and availability for virtual infrastructure
·   Deliver added network capacity on demand
·   Improve WAN performance between
    data centers

            CLIENTS          CLIENTS                         CLIENTS      CLIENTS


                                       BIG-IP ASM                 BIG-IP GTM

                               INTERNAL CLOUD                          EXTERNAL THIRD-PARTY CLOUD


                                       BIG-IP LTM




    F5 provides a number of solutions that enable organizations to leverage public or
    private cloud solutions from VMware easily, securely, and with maximum application
    performance and availability.

    BIG-IP GTM is used to direct traffic between multiple data centers in cases where
    the application may be running in more than one location at times (for example,
    cloud bursting).

    BIG-IP LTM enables organizations to retain authentication and authorization locally,
    when running applications in the cloud, by redirecting incoming authentication requests
    to the home data center.

    BIG-IP LTM Virtual Edition enables clouds to provide full BIG-IP LTM services as virtual
    machines, which can be provisioned and configured on-demand.

    BIG-IP® Application Security Manager™ can provide application firewall security to a
    wide variety of applications running in the cloud.
Improved Manageability
Integrate BIG-IP with the VMware vSphere Client


VMware vCenter Server provides a powerful central point of control for virtualization
management. Many organizations are seeking to use the associated vSphere Client
as a single management control point for virtual machines. They need to reduce
administration complexity and provide basic task automation. This enables their
administrators to be more productive and efficient.

Key benefits
·   Streamline common networking tasks
·   Eliminate manual synchronization between
·   Simplify BIG-IP LTM configuration for new VMs
                                             PLUG-IN VCENTER           CLIENT
                                              LINUX SERVER

                                               VM    VM   VM     VM

                                                    VMware ESX

                           BIG-IP LTM


The F5 Management Plug-In for VMware vSphere allows virtualization administrators
to more easily manage their BIG-IP Application Delivery Networking policies as they
relate to VMware-virtualized applications. The F5 Management Plug-In for VMware
vSphere eliminates manual synchronization of information between BIG-IP devices
and the vSphere consoles. It also helps automate common networking tasks involved
in routine VM maintenance and administration. Finally it can automatically apply
Application Delivery Networking policies to newly provisioned VMs, and ease the
process of de-provisioning VMs. Overall, these features simplify and automate many
of the networking tasks common to VMs, thereby improving the agility of the
overall infrastructure.
F5 Solutions for Virtualized
Maximize the benefits of virtualization with F5 solutions

· Balances traffic to virtual servers and from virtual desktops
· Offloads processing-intensive activities like SSL termination, caching, or compression
  to reduce the strain on virtual machines and increase their capacity

· Includes a suite of security services that bolster network and application security
· Offers industry-leading layer 7 intelligence and many automated features for easier management

· Provides full feature parity with physical BIG-IP LTM appliances
· Available in trial, developer, or production editions
· Runs on any server compatible with VMware ESX or ESXi

· Directs traffic intelligently among virtual machines located at multiple data centers
· Redirects traffic automatically in the event of a disaster at one data center
· Provides a single framework for managing all application services across multiple sites
· Routes global traffic to the closest and most logical global data center to maximize
  performance and availability

· Enables single sign-on for users
· Securely manages PCoIP connections while maintaining the protocol’s native high performance
· Integrates with authentication and directory services
· Accelerates the transfer of files and speeds up data replication between data centers
· Reduces bandwidth usage by compressing and caching files
· Expands WAN capacity to improve application throughput
· Provides configurable site-to-site encryption using SSL

· Provides a single storage solution for virtualized environments
· Provisions new storage for virtualized environments quickly and easily
· Removes the need to pre-allocate large amounts of storage and distributes virtual machine
  files across multiple physical devices

· Enables non-disruptive data migrations, automated storage tiering, and optimal backup
Learn more about F5 and VMware virtualization solutions
For more information on the following topics, browse through the materials below or
visit the VMware page on f5.com.

Data Center Efficiency:
· Product Overview: BIG-IP Local Traffic Manager

Long Distance vMotion:

· White Paper: “Connecting to the Cloud with F5 BIG-IP Solutions and VMware vMotion”

Data Center Automation:
· Deployment Guide: Deploying F5 Automated Network Provisioning for VMware Infrastructure

Business Continuity:

· Solution Brief: Automated DR Traffic Management with VMware SRM and F5 BIG-IP

Virtual Desktops:
· Solution Brief: F5 and VMware Virtual Desktop Infrastructure

Application Virtualization:

· White Paper: Application Ready Solution Templates

Cloud Computing:
· White Paper: Global Distributed Service in the Cloud with F5 and VMware

Management Integration:
· Solution Overview: F5 Management Plug-In for VMware vSphere
       “VMware vSphere and VMware vCenter Server help
         customers respond rapidly and easily to application
         demands. F5 solutions extend this agility to the
         network to enable consistency in application state
         throughout the data center and in private clouds, for
         faster responses with less manual intervention.”
         Shekar Ayyar, VP, Infrastructure Alliances, VMware

For more information about F5 and VMware solutions, please refer to: www.f5.com/vmware
F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119   888-882-4447   www.f5.com

To top