The Path Home
“The Greek word for “return” is nostos. Algos means “suffering.” So nostalgia is the suffering caused by an unappeased yearning to return.”
― Milan Kundera
With the rise of hybrid cloud computing and multi vendors/SAAS everywhere, the Cloud is coming back into Data-centers. The next evolution as seen from things like AWS Outpost and Azure Stack Hub seems to be bringing cutting edge formally cloud only technologies back to the Data center. It’s a dream come true for most of the traditional IT staff a way for the DevOps community to align with them and a nightmare for the security groups who probably just things under control.
Connectivity – Your vSphere cluster must have outbound connectivity to the Internet, and must be able to make HTTPS connections to the public AWS endpoints.
Heres the FAQ page from AWS – README
VMware Resources – Each cluster must have at least 24 vCPUs, 24 GiB of memory, and 180 GB of storage for the on-premises management components of RDS on VMware, along with additional resources to support the on-premises database instances that you launch.
Setting up Amazon RDS on VMware
Prepare Environment – Check vSphere version (6.5 and UP), confirm storage device & free space, provision resource pool.
Configure Cluster Control Network – Create a network for control traffic and monitoring. Must be a vSphere distributed port group with 128 to 1022 ports.
I can see my existing custom AZs and their status. I click Create custom AZ to proceed:
With the preparatory work out of the way, the next step is to bring the cluster onboard by creating a custom (on-premises) Availability Zone and using the installer to install the product. I open the RDS Console, choose the US East (N. Virginia) Region, and click Custom availability zones:
I enter a name for my AZ and for the VPN tunnel between the selected AWS region and my vSphere data center, and then I enter the IP address of the VPN. Then I click Create custom AZ:
My new AZ is visible, in status Unregistered:
To register my vSphere cluster as a Custom AZ, I click Download Installer from the AWS Console to download the RDS on VMware installer.
Deploy the installer in my cluster and follow through the guided wizard to fill in the network configurations, AWS credentials, and so forth, then start the installation. After the installation is complete, the status of my custom AZ will change to Active. Behind the scenes, the installer automatically deploys the on-premises components of RDS on VMware and connects the vSphere cluster to the AWS region.
Some of the database engines require me to bring my own media and an on-premises license. I can import the installation media that I have in my data center onto RDS and use it to launch the database engine.
Back over to AWS
The steps above must be done on a cluster-by-cluster basis. Once a cluster has been set up, multiple Database instances can be launched, based on available compute, storage, and network (IP address) resources.
Use the RDS Console, and click Create database to get started. I choose On-premises and pick my custom AZ, then choose a database engine:
I enter a name for my instance, another name for the master user, and enter (or let RDS assign) a password:
Then I pick the DB instance class (the v11 in the names refers to version 11 of the VMware virtual hardware definition) and click Create database:
Here’s a more detailed look at some of the database instance sizes. As is the case with cloud-based instance sizes, the “c” instances are compute-intensive, the “r” instances are memory-intensive, and the “m” instances are general-purpose:
The status of my new database instance starts out as Creating, and progresses though Backing-up and then to Available:
Once it is ready, the endpoint is available in the console:
On-premises applications can use this endpoint to connect to the database instance across the Application Network.
Before I wrap up, let’s take a look at a few other powerful features of RDS on VMware: Snapshot backups, point-in-time restores, and the power to change the DB instance class.
Snapshot backups are a useful companion to the automated backups taken daily by RDS on VMware. I simply select Take snapshot from the Action menu:
You also get all of the benefits of things like CloudWatch on your database as well
Standard vSphere Constructs
The RDS instances generated are regular vSphere VMs that the vSphere Admin can see on the vCenter inventory. The vSphere Admin can decide how to assign infrastructure resources by leveraging well-known vSphere Resource Pools.
For the entire on boarding operation, the installer uses the vSphere Administrator Credentials only once to create a vSphere Solution User with extremely limited privileges on the vSphere infrastructure that will allow AWS the ability to manage the custom Availability Zone that has been created
RDS on VMware keeps all customer data on the managed database within the data center. Amazon RDS on VMware is inherently secure by design. Lastly have a good Internet connection!!
Until next time