Expert Reference Series of White Papers

Automation in the
Cloud:
vCloud Automation Center
vs. vCloud Director

1-800-COURSESwww.globalknowledge.com

Automation in the Cloud: vCloud

Automation Center vs. vCloud Director
John Hales, Global Knowledge VMware Instructor, A+, Network+, CTT+, MCSE, MCDBA,
MOUS, MCT, VCA-DCV, VCA-Cloud, VCA-Workforce Mobility, VCP, VCP-DT, VCAP-DCA, VCI,

Introduction
Automation is the next big frontier in IT as we look to reduce costs and increase productivity. There are many
tools and products that can enhance efficiency, and we have previously discussed many, such as Log Insight and
vCenter Operations Manager. In this white paper, well focus on self-service provisioning, which is the ability of users (typically not end users, but rather IT administrators and developers) to deploy the VMs they need
quicklywithout the long delays that include provisioning new VMs, waiting for management approvals, and
configuring storage and networks.
VMware has two primary tools in this category today: vCloud Director (vCD) and vCloud Automation Center
(vCAC). Before we begin examining the products, well explore VMwares new strategic direction as it relates
to vCD and vCAC, which will serve as a framework for the remaining content of this white paper. After that, we
will review vCD and then discuss the newer vCAC.

Strategic Directions
According to VMware Knowledge Base (KB) article 2057589, VMware announced the following changes to vCD 5.1:

vCloud Director 5.5 will be available only as part of vCloud Suite 5.5. This includes the following
products:
- vSphere 5.5 Enterprise Plus
- vCenter 5.5
- vCD 5.5
- vCAC
- v C OPS Suite (which comprises multiple products; additionally, its edition and features are based on
the edition of the vCloud Suite purchased)
- Site Recovery Manager (SRM) 5.5 (included in the Enterprise Edition of vCloud Suite only)
- vCloud Networking and Security
- vCloud Connector

Effective September 19, 2013, VMware vCloud Director 5.1 is not available for sale as a stand-alone
product.

Existing vCloud Director customers can maintain their software through the entitlement program (if
they already have vCloud Suite and just want to upgrade to 5.5) or while converting from the standalone product to the vCloud Suite with the Fair Value Conversion Program.

Copyright 2013 Global Knowledge Training LLC. All rights reserved.

VMware will extend support for vCloud Director 5.5. Beyond their usual practice of providing support
for two years from the general availability of the major release or for 12 months for the latest released
version, VMware will provide support for vCloud Director 5.5 for four years from general availability.
Customers will be able to get telephone and Internet support for vCloud Director 5.5 until Q3 2017 or
when their current support contract expires, whichever is earlier.

The last bullet point is the most interesting, especially in light of the first two points. It seems that VMware is
making vCD harder to obtain (or at least more expensive to do so for many customers), and the current version (5.5) has an extended support policy. Does that mean that vCD will eventually vanish? Much speculation
occurred about that, so in a blog post (http://blogs.vmware.com/vsphere/2013/09/vcloud-director-convergenceand-transition-plan-whats-the-scoop.html), they clarified the future of both vCD and how they are addressing
the needs of their customers.
For anyone concerned about current vCD capabilities (that vCAC doesnt address in the enterprise space), this
statement provides VMwares strategic direction: Over the course of the next several release cycles for vCAC
and vSphere product lines VMware expects all the use cases of vCD in the enterprise to be fully accommodated. VMware also provided some guidance on current vCD functionality and their plans on its target use case
(present plans are subject to change at any time). They are also working on tools to migrate from vCD to vCAC.
vCD features that are moving into the hypervisor/vCenter:

Content catalogs: A collection of VMs that can be used as templates to create other VMs or groups of
VMs.

Virtual data centers: The datacenter object can be used in this way currently but was designed to support islands of connectivity (different physical locations) instead.

Intelligent placement of VMs: Presently this is done through DRS and Storage DRS, along with Profile
driven storage; enhancements could make this more seamless and automatic.

Network virtualization: VMware has begun doing this through NSX in 5.5, and it will probably become
simpler and more integrated with the rest of the system in the way that Distributed Switches are today
over time.

vCD features that are moving into vCAC:

Governance: Some basic functionality in this area is currently available, such as the ability to have
automated policies that define who can access what, what they can do with the VMs, and which other
VMs they can interact with.

Self-service portal: Presently available, this portal restricts available actions based on permissions and
allows administrators to provision VMs with unique characteristics that are specified by them.

VM lifecycle management: Currently available, this feature provides the ability to define a life span for
a VM, after which, the VM automatically expires; it is controlled by various policies and e-mail notifications before an automated action occurs.

Multitenancy: This feature is in its early stages and allows VMs from different departments and divisions to coexist on the same infrastructure but limits or disallows access to VMs from other divisions/
departments, if an administrator desires such.

Copyright 2013 Global Knowledge Training LLC. All rights reserved.

What does this mean in practical terms? vCD was perceived as too difficult to use and too expensive (it required
an Oracle database), and it was just too cumbersome for many users. It also was deeply tied to the vSphere
platform. It did, and does, excel as a tool for public cloud providers (which as VMware stated, is the future for
vCD), while VMware now also provides a simpler, cross-platform tool in vCAC. This tool is much less expensive
to deploy and maintain and is based on Windows and Windows technologies (such as SQL Server and IIS), while
fully supporting vSphere and vCD. Many organizations use other technologies, such as Citrix, Hyper-V, Red Hat
/ KVM, and Amazon Web Services (AWS), and vCAC embraces them all. VMwares blog post recommends these
transition plans:

Enterprise customers:
- If you have already adopted vCD, you should move to 5.5 and use the extended support window to
allow for the vCAC and vSphere updates (described above) to become publicly available. The next
version of vCD, tentatively 5.6, will be available to Cloud service providers only.
- If you havent already adopted vCD and are looking at cloud technologies, migrate to CAC instead.

Cloud service providers will still be able to get vCD, and future upgrades (5.6 and later) will be aimed
specifically at them; this is not the primary focus of this document and thus will not be discussed further.

Now that we have briefly reviewed the benefits and limitations of vCD and vCAC, lets examine each more
carefully.

What is vCloud Director?

vCD transforms the basic vSphere virtualization platform into a cloud-based one, using vSphere, vCenter, and
so forth, to create what VMware calls the software-defined data center. The basic virtualization of storage,
networking, CPU, and memory that is provided by the vSphere platform is enhanced by vCD with self-service
provisioning (with a variety of roles to provide the right combination of privileges and security), as well as automation and strong security boundaries to enable multiple departments, divisions, or even companies to coexist
on the same physical hardware. This occurs without any of them knowing that any of the others exist or having
any access to them (unless its allowed by an administrator, for example, within a company). Quotas on space
consumption and leases can be created to control resource utilization and ensure that provisioned resources are
actually used. Quotas also provide a way to prevent billing surprises at the end of the month.
Security boundaries are strictly enforced by adding to each VM (or group of VMs deployed) a virtual network
appliance that provides DHCP, NAT, firewall, and other network and security services, allowing or preventing the
VM(s) access to other VMs that have been likewise configured. This is critical in public cloud environments, but
not as much within a company.
Billing is part of the product as well, allowing for internal show back that explains to the various departments/divisions the value of the IT services provided (or actual chargeback to either internal or external customers). The billing capabilities allow for integration with various third-party billing solutions to automate the
billing and payment process and to allow for centralized billing solutions used by accounting. Customers can
also select any resource consumption model they preferfrom a guaranteed amount of resources that you pay
for no matter what (making for easy budgeting month-to-month), to a pay-as-you-go model that bills for actual
resource consumption. This makes it simple and easy to control costs, while allowing for additional resources as

Copyright 2013 Global Knowledge Training LLC. All rights reserved.

needed. There is a great deal of granularity in what can be billed, allowing for both variable (such as GHz or GB
of disk space used) and fixed (such as license costs for the OS or any installed apps) costs.
Utilizing vCD, IT departments and cloud service providers can create Infrastructure-as-a-Service (IaaS) clouds.
vCD is powerful but also very complex and expensive to set up and configure. The cost and complexity involved
are not difficult for large organizations to undertake (especially service providers that require all the vCD features), but those requirements are a very high barrier for smaller companies that wish to get into cloud computing. That leads us to why VMware bought from Dynamic Ops, and then rebranded and enhanced the other
cloud-related product, vCAC.

What is vCloud Automation Center?

vCAC is designed to quickly provision physical and/or virtual infrastructures across hypervisors (including
vSphere, Hyper-V, and Xen Server) and clouds (whether or not they are based on VMware technologies, including VMwares vCD, or Amazons E2C or Microsofts Azure), as well as physical servers from Dell, HP, and Cisco. It
can be used to deploy desktops as well as servers, unlike many other tools that are primarily focused on one or
the other. It can be used to deploy IaaS, PaaS, and/or Database-as-a-Service (DaaS) cloud platforms. The automation capabilities are designed to span tools and technologies to make management and deployment as simple
as possible. It is designed with policies in mind to meet the needs of business, user requirements, and corporate
governance. It also has a catalog of servers and software available that can be deployed easily from the webbased self-service portal.
With basic billing support, it allows you to bill for vCPUs and GB of RAM allocated to a VM, but it does not provide resource-based billing, such as the amount of GHz or GB of RAM actually used. It does not integrate with
third-party billing tools, which primarily affects companies that do not offering hosting services to external customers, but there is often not a bill-back process for IT services within the company, so this is not a limitation.
vCAC depends heavily on Windows and Windows-related features and products, such as IIS and SQL Server. For
many companies, this makes it much less expensive to install and configure than vCD. Smaller mid-size companies, in particular, often have experience with Windows but may have limited experience with Linux, Oracle, and
other components used by vCD.
vCAC uses Role-Based Access Control (RBAC) to determine who has what permissions to do which tasks. The
self-service portal is used by everyonefrom the administrators who set it up, to policy administrators, to the
actual users of the portal to deploy VMs. It has a simple dashboard interface for users to see what they have deployed, but, it does not provide VM console access like vSphere and vCD. It also does not have a strong network
component like vCD does, utilizing instead VLANs and other native methods (of the hypervisor or cloud provider)
for network control.

Copyright 2013 Global Knowledge Training LLC. All rights reserved.

Conclusion
vCAC is a relatively new product in VMwares portfolio and thus not as full featured yet. However, as vCAC progresses, it looks to be a worthy successor to vCD in the private, hybrid cloud spaceone that really showcases
VMwares strategic direction of being a management company for everything virtual, regardless of the vendor.
vCD is a good product that has gotten better over the years, but it has never quite gotten the ease-of-use issues firmly under control and is tightly tied to VMwares own virtualization platform. As such, it makes sense to
migrate this into an industrial strength public cloud platform and then let vendors use the APIs it provides, along
with PowerShell and other mechanisms, to customize it as necessary.
VMwares two-prong strategy seems to be a much better fit with reality than a one-size-fits-all strategy that
they previously espoused. If you havent looked into vCAC yet, now might be a good time.

More information on the vCloud Director can be found at: http://www.vmware.com/products/vclouddirector/

More information on vCloud Automation Center can be found at: http://www.vmware.com/products/

vcloud-automation-center/

Learn More
Learn more about how you can improve productivity, enhance efficiency, and sharpen your
competitive edge through training.
VMware vCloud Automation Center: Install, Configure, Manage
All VMware Courses
Visit www.globalknowledge.com or call 1-800-COURSES (1-800-268-7737) to speak with a Global
Knowledge training advisor.

About the Author

John Hales (A+, Network+, CTT+, MCSE, MCDBA, MOUS, MCT, VCA-DCV, VCA-Cloud, VCA-Workforce Mobility,
VCP, VCP-DT, VCAP-DCA, VCI, EMCSA) is a VMware instructor at Global Knowledge, teaching all of the vSphere
and View classes that Global Knowledge offers. John has written a book called Administering vSphere 5: Planning, Implementing, and Troubleshooting, which is published by Cengage, as well as other technical books
from exam-preparation books to quick-reference guides, as well as custom courseware for individual customers.
John lives with his wife and children in Sunrise, Florida.

Copyright 2013 Global Knowledge Training LLC. All rights reserved.

Copyright 2013 Global Knowledge Training LLC. All rights reserved.