SaaS over a IaaS VMware platform
Deathmage
Banned Posts: 2,496
Hey guys,
So I'm venturing into the realm now of making a public cloud on a private cloud. Basically not to get into too much gorey detail, my employer wants to offer our ERP system as a SaaS plaform over a IaaS private cloud.
Basically I think I got the basis of how to do it: with our firewalls we'd expand out small block to like say a /27 from our ISP for static public addresses then assign NAT to the firewall with ACL's to certain vLAN's on specific VM's. Obviously if I make a private name space for a IaaS Plaform like Windows Terminal Services then I'll need to register the public address from our ISP to a TLDN registrar so the RDC can negotiate the address correctly back to the farm's primary server or servers that will have round robin load balancing ie: 'remote.mynewcloudservice.com' would map to a private address in the block and then routed to a internal address. This much I got down cold.
As for the private cloud acting as a public cloud I'm leaning more towards multiple Windows Server 2012 Terminal services farms, each farm with a server or servers depending upon SaaS demand. I might need a file server per farm to store roaming profiles and documents, but again this is based off demand of the IaaS platform, so it's just a thought.
What I'm curious about is could the individial farms be apart of say 'mynewcloudservice.com' domain or would they be apart of the 'companya.mynewcloudservice.com' or 'companyb.mynewcloudservice.com' domains per farm with their own domain controllers per domain that is apart of the parent forest? Obviously each farm would be in it's own vLAN so that traffic won't be able to see the other farms. I'm just curious what would be a better design.
Too me this is the simplest approach to making a public cloud over a private cloud infrastructure.
Any sugesstions?
So I'm venturing into the realm now of making a public cloud on a private cloud. Basically not to get into too much gorey detail, my employer wants to offer our ERP system as a SaaS plaform over a IaaS private cloud.
Basically I think I got the basis of how to do it: with our firewalls we'd expand out small block to like say a /27 from our ISP for static public addresses then assign NAT to the firewall with ACL's to certain vLAN's on specific VM's. Obviously if I make a private name space for a IaaS Plaform like Windows Terminal Services then I'll need to register the public address from our ISP to a TLDN registrar so the RDC can negotiate the address correctly back to the farm's primary server or servers that will have round robin load balancing ie: 'remote.mynewcloudservice.com' would map to a private address in the block and then routed to a internal address. This much I got down cold.
As for the private cloud acting as a public cloud I'm leaning more towards multiple Windows Server 2012 Terminal services farms, each farm with a server or servers depending upon SaaS demand. I might need a file server per farm to store roaming profiles and documents, but again this is based off demand of the IaaS platform, so it's just a thought.
What I'm curious about is could the individial farms be apart of say 'mynewcloudservice.com' domain or would they be apart of the 'companya.mynewcloudservice.com' or 'companyb.mynewcloudservice.com' domains per farm with their own domain controllers per domain that is apart of the parent forest? Obviously each farm would be in it's own vLAN so that traffic won't be able to see the other farms. I'm just curious what would be a better design.
Too me this is the simplest approach to making a public cloud over a private cloud infrastructure.
Any sugesstions?
Comments
-
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
vCloud Direktor
My own knowledge base made public: http://open902.com
-
Deathmage
Banned Posts: 2,496
does vExpert offer a key for it? - I'd try it at home to see what it does.
-
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
does vExpert offer a key for it? - I'd try it at home to see what it does.
I could send you an install guide if you want. It's for 5.6.4 but identical for 5.5 (which you will have access to).My own knowledge base made public: http://open902.com -
Deathmage
Banned Posts: 2,496
Sure!
That would be awesome, ya I'm redesigning my home-lab this weekend to follow suit with my CCNA/CCNP R&S/S/DC studies as-well as for placement of vlans for the ESXi cluster. So any guide would be wonderful, will give me things to read into about vCloud.
Maybe I'll add VCP-Cloud to my list, lol. -
Deathmage
Banned Posts: 2,496
Thanks jibba, will do this on Sunday, tonight and tomorrow is ICDN2 study and wiring. I got a new rack, check out the CCENT in two days posting, it's perdy looking. I have off on Monday and Tuesday so a 4 day weekend of labbing and then the following weekend another 4 day weekend for more labbing, it's a company holiday.
