Private Cloud are coming into Microsoft System Center 2012 products Family but users will soon discover that deploying private cloud using SCVMM lacks good network infrastructure support that will be a huge blocker against wide deployment of Private cloud using SC 2012 for Private cloud service providers.
According to MS SCVMM documentation the definition of Logical network is:
A logical network together with one or more associated network sites is a user-defined named grouping of IP subnets, VLANs, or IP subnet/VLAN pairs that is used to organize and simplify network assignments. Some possible examples include BACKEND, FRONTEND, LAB, MANAGEMENT and BACKUP. Logical networks represent an abstraction of the underlying physical network infrastructure which enables you to model the network based on business needs and connectivity properties. After a logical network is created, it can be used to specify the network on which a host or a virtual machine (stand-alone or part of a service) is deployed. Users can assign logical networks as part of virtual machine and service creation without having to understand the network details.
You can use logical networks to describe networks with different purposes, for traffic isolation and to provision networks for different types of service-level agreements (SLAs). For example, for a tiered application, you may group IP subnets and VLANs that are used for the front-end Web tier as the FRONTEND logical network. For the IP subnets and VLANs that are used for backend servers such as the application and database servers, you may group them as BACKEND. When a self-service user models the application as a service, they can easily pick the logical network for virtual machines in each tier of the service to connect to.”
Although this definition is true and honored by SCVMM when deploying service to Host groups it is not quit true when it comes to deploying service to private clouds. Privet Clouds in SCVMM lacks the support of “Model the network based on business needs and connectivity properties” ,in this article below are steps that show how Private cloud don’t fully support logical Networks concept .
Private cloud in SCVMM honor the logical networks definition but does not provide Private cloud consumers with any control over the networking when deploying service to Private cloud neither in SCVMM console nor in App controller web interface.
Only flat logical networks or fully routed VLANS (no firewall) can be used when deploying service templates to Private cloud. In my opinion this will be a huge blocker in deploying Private clouds solution using SCVMM as Many Hyper-v Hosts would be equipped with trunked Network Adapters utilizing 10 GB Ethernet links that will be shared in multi-Tenant scenarios but also need network traffic isolation and has security separation requirement.
In a multi-tier service scenarios deployed to Private Cloud with requirement to have each tier into a separated zone due to security consideration and where each VLAN is separated from the other with Firewall rules. This type of service will fail to deploy as SCVMM will pick VLANS automatically Miss placing VM placement into the wrong VLAN.
The fact that, a Private cloud consumer has no control over private cloud network assignment during service template deployment will make adapting Private cloud less desired solution to consumers.
Also Deploying Service template to SCVMM host group and MS Private Cloud does not have a constant deployment methodology across SCVMM.
You can simulate this by creating a simple multi-tier service template and try to deploy it into Host Group then into a Private Cloud, consider the following case:
Let say that I have a Hyper-v Host with Trunk port that has 3 VLANS 40, 60,200
VLAN 40 (represent Internet DMZ zone)
VLAN 60 (Represent Application DMZ zone)
VLAN 200 (internal network)
Each VLAN has an IP pool:
I want to create a 2 tier service template the contains 2 VM , one of them will be a web server located in the internet DMZ zone VLAN 40 and the other would be in the Application Zone VLAN 60
After creating the service template and during the service deployment phases, user can control and select to which IP Poll each machine belongs and hence in which VLAN VM is allocated.
When deploying service template to host group:
I can select the properties of each VM tier and select the corresponding IP Pool and VLAN Configuration and VMs gets deployed to the correct VLAN.
Deploying service template to Cloud:
Now I have created a Private cloud on the Same Hyper-v Host that use the same Logical networks. The Private Cloud can be assigned whole logical networks with no further control. Users will not know to which network or VLAN their Virtual machines have been assigned
When deploying the same service template to cloud, user can’t select the IP Pool for VM tier
In the deployment configuration workspace users don’t have the option to select IP pool per VM
SCVMM will select random VLAN for each VM, which does not satisfy the deployment business requirement for this service.