vSAN Remote Office Deployment
Solution Overview
Native vSphere Storage for Remote and Branch Offices
VMware® vSAN™ is the industry-leading software powering HyperConverged Infrastructure (HCI) solutions. vSAN is optimized for VMware vSphere® virtual machines and natively integrated with vSphere. Since drives internal to the vSphere hosts are used to create a vSAN datastore, there is no dependency on expensive, difficult to manage, external shared storage.
Remote office environments can benefit from shared storage while reducing total cost of ownership. Deploy vSAN on two or more physical vSphere hosts using industry-standard server components to avoid large, up-front investments in purpose-built storage hardware. Lower operational expenses by automating management of storage services through policies. Services such as availability, performance, and capacity consumption are controlled on a per-VM basis. vSAN and storage policies are easily configured and managed using the familiar and user-friendly vSphere Web Client. There is no need for administrators and branch managers to learn a separate tool just for managing storage. Management can be performed from a central location or delegated using VMware vCenter Server™ roles and permissions.
Take advantage of exceptional performance and high availability. Built on an optimized I/O data path in the vSphere hypervisor, vSAN delivers better performance than basic local storage, virtual storage appliances, and external devices. Shared storage enables vSphere features such as VMware vSphere vMotion® and vSphere High Availability™ (vSphere HA) to minimize planned and unplanned downtime.
vSAN Two-Node Architecture
vSAN can be implemented with as few as two physical vSphere hosts at each office. A witness host – a virtual machine running ESXi – is the required third node in the vSAN cluster. Witness hosts are typically deployed to a vSphere environment at a central main data center. The diagram below shows what the high-level architecture might look like for an organization with one main data center and three remote offices.
The use of a virtual appliance as a witness host eliminates the need to deploy a third physical server, which reduces the overall cost of the solution without sacrificing the benefits of shared storage. The witness is designed specifically to provide quorum services in the event of a physical host failure or loss of network connectivity between the two physical hosts. A witness host does not contribute to compute and storage capacities. It is only supported for use in vSAN 2-node and vSAN Stretched Cluster configurations.
Since the witness host does not serve normal virtual machine read and write requests, network connectivity requirements are minimal. A WAN connection with 1.5Mbps of available bandwidth and latency as high as 500ms is sufficient to enable communication between the witness host and the two physical nodes of the vSAN cluster.
Hosts at the remote offices can be directly connected to eliminate the need for an expensive 10Gb network switch. This reduces deployment and management costs, minimizes complexity, and improves reliability.
vSAN is built on the concept of fault domains. Each of the physical hosts represents a fault domain. Replicas of the files that make up a virtual machine are stored in separate fault domains. By default, a replica is placed on each host of the 2-node configuration. If one of the physical hosts is offline, it is still possible for virtual machines to run using replicas located on the other physical node. In the case where the hosts in a 2-node cluster are unable to communicate across the network, the witness host serves as a “tie-breaker” to achieve a quorum and maintain data accessibility and integrity.
Configuring vSAN for a 2-node implementation is simple. The vSphere Web Client is used to first deploy a witness host to a location outside of the remote or branch office. This location is typically a primary data center. Following the witness host deployment, a short wizard is used to create two fault domains. A physical node is added to each fault domain followed by the selection and configuration of the witness host.
vSAN with vSphere Availability
The use of local disk datastores without vSAN introduces risk to application up-time. For example, only one copy of a virtual machine’s files is stored on a local disk. If that disk fails, the virtual machine files must be restored from backup media, which is time consuming and unreliable. It is possible to create a second copy of virtual machine files on another disk, but the process is not automatic and must be performed frequently. The recovery from this second copy would also be a manual process increasing risk and recovery time.
vSAN addresses these challenges by aggregating local disks into a shared datastore distributed across hosts in the cluster. vSAN features a storage policy rule called “Primary level of failures to tolerate” or “PFTT”, which defines the number of replicas of a virtual machine’s files to distribute across physical nodes in the vSAN cluster. For example, when PFTT = 1, vSAN will create and maintain two mirrored replicas of the virtual machine’s files and place them on separate hosts. If a disk or host containing one of those replicas is offline, the data is still accessible from the other replica.
vSphere HA requires shared storage and vSAN is tightly integrated with vSphere HA. If a host fails, virtual machines that were running on the failed host are automatically rebooted by vSphere HA on other hosts in the cluster to minimize downtime. vSphere HA can also monitor guest operating systems and automatically reboot a virtual machine in the event of an operating system failure such as a Windows blue screen.
vSphere Fault Tolerance™ is also compatible with vSAN and provides continuous availability for applications with up to four virtual CPUs in the event of a host failure.
A variety of data protection solutions are available to back up and recover virtual machines and applications in a vSAN cluster. Check with your data protection vendor to verify support and look for the “VMware Ready for vSAN” logo. Virtual machine replication solutions such as Dell EMC RecoverPoint® for Virtual Machines and VMware vSphere Replication™ works seamlessly with vSAN to enable rapid, reliable per-virtual machine recovery.
vSAN Performance
vSAN is uniquely embedded in the vSphere hypervisor kernel and sits directly in the I/O data path. It can deliver the highest levels of performance without taxing the CPU or consuming high amounts of memory resources, as compared to other virtual storage appliances that run separately on top of the hypervisor. All-flash vSAN configurations provide excellent performance with predictable, low latencies. A combination of magnetic and solid state drives can be used to enable flash-accelerated hybrid configurations.
Specific rules such as “Number of disk stripes per object” and “Flash read cache reservation (%)” can be used to accelerate read-intensive workloads – especially in hybrid vSAN configurations. With vSAN, it is possible to apply policies with precision. For example, database servers are commonly deployed with the guest OS on one virtual disk and databases on other virtual disks. A storage policy that reserves a higher percentage of flash read cache could be assigned specifically to the virtual disks containing databases to help guarantee performance.
Visibility and Proactive Notifications with vRealize Operations
vSAN includes a health check feature to monitor items such as network connectivity, disk capacity, component metadata, and compliance with the hardware compatibility list (HCL). While this might be sufficient in many cases, enhanced visibility and management capabilities across vSAN clusters at multiple locations are available with VMware vRealize® Operations™. vRealize Operations Manager includes dashboards for vSAN such as Capacity Overview, Optimize vSAN Deployments, and Operations Overview.
vRealize Operations features predictive analytics and smart alerts to help ensure optimum performance and availability of applications and infrastructures. vRealize Operations Manager enables administrators to monitor several factors such as read and write IOPS, throughput, latency, capacity, cache hits, write buffer utilization, and bus resets. If there is an issue in the environment, vRealize Operations makes it easy to review symptoms and recommendations for remediation.
Capacity utilization and time remaining metrics are also included. vRealize Operations analyzes consumption trends and provides estimates on the amount of time remaining before resources are exhausted. This makes it easier for administrators to procure additional capacity in a timely manner to avoid project delays and more serious issues such as application downtime due to lack of free space.
Add Capacity without Downtime
vSAN is a distributed architecture that allows for elastic, non-disruptive scaling. Compute and storage capacity is scaled out simply by bringing a new host into the cluster. Storage capacity and performance can be scaled up independently by adding new drives to existing hosts. This “grow-as-you-go” model provides predictable, linear scaling for remote office environments with affordable investments spread out over time.
vSAN for ROBO Licensing
vSAN for ROBO is a per-virtual machine licensing model. vSAN for ROBO licenses are sold in packs of 25. A pack can be used in a single site or across multiple sites. For example, five sites running five virtual machines at each location can be licensed with one pack of 25 licenses. This model reduces the overall cost of the solution and provides deployment flexibility.
It is important to note that a site is limited to one 25-pack of licenses. As an example, a site with 30 virtual machines cannot use vSAN for ROBO licenses. If a site starts with vSAN for ROBO licensing and grows beyond the 25-virtual machine licensing limit, the change to vSAN Standard, Advanced, or Enterprise licensing is easily performed with no virtual machine downtime.
Summary
vSAN and vSphere are the ideal, cost-effective HCI platform for running nearly any virtual machine workload that requires predictable performance and availability in remote office environments. Important services such as email, DNS, databases, and business-critical applications can benefit from shared storage without the cost and complexity of dedicated storage hardware. Virtual machine storage policies are created, assigned, and modified, as needs change in the environment. vSAN makes it simple to add capacity using a scale up or scale out approach without incurring downtime. Maintenance windows are easier to schedule and there are features such as vSphere HA and vSphere Replication to enable rapid recovery from unplanned downtime. vSAN health monitoring is included and, optionally, vRealize Operations provides multiple vSAN dashboards for proactive alerting, heat maps, device and cluster insights, streamlined issue resolution, and capacity management.