Azure or AWS – Which to Choose if Running vSphere On-Premises?
VMware accounts for a major chunk of the modern-day infrastructure virtualization landscape. It is often the vendor of choice for organizations because of best-in-class features and services. With the proliferation of cloud computing, there is a major shift is underway in the IT strategies of organizations toward integrating cloud platforms with their existing infrastructure. Native VMware organizations are heavily dependent on technologies like vSphere, ESXi, vCenter, vSphere HA, vSphere DRS, vMotion, FT etc.
For such organizations, cloud migration often boils down to a choice between the two public cloud service vendors: Microsoft Azure or AWS.
This blog reviews the various features of Microsoft Azure and the options for VMware on AWS, with the aim of identifying the best solution for organizations looking to shift their VMware environments to the cloud.
Integrating VMware Environments with the Cloud
The use cases for integrating VMware environments with the public cloud are often closely related to the organization’s long-term IT roadmap. Below are some common use cases for a VMware integration with the cloud:
- Minimize investment in hardware by utilizing the hyper-scale computing capacity of the public cloud.
- Burst workloads to the cloud on demand.
- Lift and Shift legacy applications.
- Extend on-premises technologies to the cloud and use the existing management tools.
- Minimize turnaround time and maximize ROIs.
- Convert CapEx to OpEx wherever possible.
Azure Site Recovery for VMware
Azure Site Recovery (ASR) is a DRaaS offering from Microsoft Azure that caters to heterogeneous environments. While proprietary DR solutions focus on specific technologies, ASR provides DR capabilities for on-premises VMware, Hyper-V, bare metal physical infrastructure, as well as workloads hosted in public clouds like AWS. VMs running on VMware vSphere environments starting from Version 5.5 can be protected using ASR.
It also supports integration with vCenter Server, again with a minimum version requirement of 5.5. The VMs can be continuously replicated to Azure using policies that are created and managed from the Azure portal.
Components
The VMware environment should be connected to Azure by deploying certain components on-premises. The remaining configuration can be done from the central Azure portal.
Configuration Server
This machine is the heart of an ASR deployment for VMware. It coordinates all activities of ASR including data replication and discovering machines.
Process Server
This server manages the caching, compression, and encryption of data being sent to Azure.
Master Target Server
If you are planning for a failback to on-premises, the failback is handled by a Master Target Server. All the above three roles come bundled in a single (Open Virtualization Format (OVF) that can be downloaded from the Azure portal. Another component known as Mobility Service is deployed by ASR on the replicated VMs.
Azure Recovery Services Vault
This is the logical container for holding all the replicated data from on-premises VMware vSphere infrastructure. It uses Azure storage in the backend to store the data. The frequency of replication is determined by the settings in replication policy which can be associated with a single VM or multiple VMs for tiered application stacks.
Azure Storage and Network
Azure VNet and Storage should be provisioned to connect the VMs that will be failed over from VMware.
The architecture for an Azure Site Recovery setup for a VMware environment is illustrated below:
Features
Workload Migration
ASR helps migrate workloads by replicating VMs to Azure storage followed by a planned failover.
Automation
Azure Automation runbooks and PowerShell scripts can be integrated in the failover plan to automate pre- or post-failover activities.
Disaster Recovery as a Service (DRaaS)
In the event of a disaster, a failover can be initiated from the Azure portal and the workloads will be made available from VMs running in Azure.
Management
The Azure portal acts as single pane of management for ASR. All ASR-related tasks like orchestration, replication, and management can be managed from the Azure portal.
VMware Cloud on AWS
VMware Cloud on AWS is a joint offering from AWS and VMware that provides an integrated suite of VMware products that run on bare-metal AWS infrastructure. The service is powered by an enterprise-class VMware product selection that includes VMware vSphere, VMware vSAN, and VMware NSX to provide compute, storage, and networking, respectively. The management layer is handled by VMware vCenter.
This solution brings together the best of both AWS and VMware. It leverages the global footprint of AWS services and enables optimized on-demand access to AWS services, while integrating the SDDC cluster benefits of the familiar VMware vSphere.The service is currently available in AWS EU (London), AWS U.S. East (N.Virginia), and AWS U.S. West (Oregon) geographic regions.
Components
vSphere Cluster
Computing capacity is provided by a dedicated vSphere Cluster. The base cluster configuration is 4 hosts, each with 512MB memory and dual 18 core CPUs. The maximum computing capacity can reach 576 CPU cores and an 8TB memory in a scale-out model by increasing to 16 hosts. These clusters provide Distributed Resource Scheduler (DRS) for optimal placement of VMs based on the availability of computing resources on the host machines. VMware High Availability (HA) protects against host failures by restarting the VMs in a different host in the cluster.
VMware vSAN
All nodes in a four-node base cluster will have 10TB of capacity provided by an all-flash array of NVMe devices. The total available raw capacity is 40TB, aggregated and made available to all VMs in the cluster by VMware vSAN technology.
VMware NSX
Software-defined networking (SDN) for VMware cloud on AWS is provided by VMware NSX. It abstracts the Amazon Virtual Private Cloud (VPC) networks and connects provisioned VMs in logical networks. Connectivity to an on-premises vCenter can be enabled by NSX using a Layer 3 IP Security (IPSec) VPN. Alternatively, if you have an existing on-premises Layer 2 VPN solution, NSX can integrate with that solution to provide a L2VPN connection that extends on-premises networks to cloud SDDC.
The chart below diagrams the high-level architecture of the VMware cloud on AWS.
Features
Workload Migration
Live migration of workloads from an on-premises vSphere Cluster to an AWS Software-Defined Data Center (SDDC) can be performed in architectures that use AWS Direct Connect. For configurations that use only IPSec VPN, a cold migration of a workload from on-premises to AWS SDDC can be performed after powering off the VMs.
Automation
Customers with an existing investment in the vRealize Automationsuite can connect the same tool to the AWS SDDC, and deliver custom blueprints and catalogs for users.
Disaster Recovery as a Service (DRaaS)
VMware Site Recovery can be used for protecting the workloads in AWS SDDC and on-premises vSphere Clusters in the event of a disaster. It provides Disaster Recovery as a Service with single click, as well as failover and failback capabilities.
Management
VMware vCenter is the management layer for SDDC hosted in AWS as well as on-premises. The Hybrid Linked Mode (HLM) offers a single pane of management for SDDC clusters deployed in AWS, as well as hosted in customer-owned data centers by linking them to the same Single Sign-On domain.
Cost-Benefit Analysis
While using VMware cloud on AWS, customers can choose between an on-demand (hourly) pricing or reserved up-front pricing for one to three years per host.
Reserved pricing is beneficial for long-term savings and can be combined with a Hybrid Loyalty Program to further reduce the TCO. Existing VMware customers can get up to a 25 percent discount per host based on eligible on-premises product licenses. VMware vSphere, VSAN or NSX licenses each can fetch a 10 percent discount per product, with the total benefit capped at a 25 percent discount per host. The billing on VMware components as well as AWS is handled by VMware and delivered as a single bill to the customer. When it comes to licenses for workloads hosted in a VMware cloud for AWS, customers should consider license mobility options to leverage their existing licenses to reduce the TCO. For example, theMicrosoft License Mobility program can be used for Windows OS and software licenses.
Azure Site Recovery charges a flat rate for the service on a per instance/per month basis in addition to the cost of the Azure storage for the replicated data. The Block Blob storage used by ASR for storing the data is comparatively cheap and the customer is charged on a per-GB per month basis of used storage. The VM charges will kick in only in the event of a failover and will be charged on an hourly basis depending on the VM instance type used. The charges incurred by Windows VMs that are failed over to Azure can be further reduced by combining Azure Hybrid Benefit with ASR. It can yield a cost savings of up to 40 percent by allowing customers to use on-premises Windows licenses in Azure.
Leveraging Managed Cloud Services
Organizations that do not have expertise in cloud technologies often prefer to outsource cloud infrastructure management to a Managed Cloud Service Provider. Navisite is a Managed Cloud Service Provider with expertise in multiple technology areas including Microsoft Azure, 20+ years of managed services experience, along with more than 1,440 certifications. Navisite’s Elite 5-Star Managed Services team, utilizing ITIL-based processes, can be a powerful partner, whether for setting up a new environment in Azure or for implementing hybrid cloud architectures to protect VMware workloads using ASR.
Summary
Depending on the use cases, timelines, and budgets, customers can choose to use VMware cloud on AWS, to lift and shift workloads to Microsoft Azure platform, or to leverage Azure Site recovery for workload migration and disaster recovery.
VMware cloud on AWS may be more useful for organizations that require a tighter integration with their existing VMware infrastructure because many of the same technologies are deployed in AWS, providing a nearly seamless extension of existing infrastructure – however it’s worthwhile remember that organizations will still have to pay for VMware licenses on AWS. Microsoft Azure, on the other hand, will be a more cost-effective solution if the target use cases are mostly workload migration and disaster recovery.
Navisite’s Elite 5-Star Managed Services help organizations accelerate their cloud integration, no matter what the scenario. To learn more, contact us to learn how Microsoft Azure might fit into your cloud migration needs.