The recently announced beta release of OpenNebula 3.0 includes a new OpenNebula Zonescomponent that brings support for building multi-tier cloud architectures consisting of multiple OpenNebula instances (zones) and for defining Virtual Data Centers (VDCs) within each zone. In this article we elaborate on the VDC functionality that is helping many IT organizations make the transition toward the next generation of cloud infrastructures running multiple fully-isolated Virtual Data Centers. This article presents an overview of the VDC model, the VDC support available in OpenNebula 3.0, and some examples of deployment scenarios.

What Is a VDC?
A Virtual Data Center is a fully-isolated virtual infrastructure environment where a group of users, under the control of the VDC administrator, can create and manage compute, storage and networking capacity. VDCs are a powerful instrument to compartmentalize a cloud infrastructure and to support organizational isolation with advanced multi-tenancy. The cloud administrator creates a VDC by assigning a group of users to a group of physical resources and by granting at least one of the users, the VDC administrator, with privileges to manage all virtual resources in the VDC. The users in the VDC, including the VDC administrator, only see the virtual resources and not the underlying physical infrastructure. The physical resources allocated by the cloud administrator to the VDC can be shared among other VDCs or completely dedicated to the VDC, providing isolation at the physical level too.

A powerful ACL system behind OpenNebula's VDCs allows different authorization scenarios. The privileges of the VDC users and the administrator regarding the operations over the virtual resources created by the rest of users can be configured. In a typical scenario the VDC administrator can create virtual networks, upload and create images and templates, and monitor other users virtual resources, while the users can only instantiate virtual machines and virtual networks to create their services. The administrators of the VDC have full control over resources and can also create new users in the VDC.

Users can then access their VDCs through any of the existing OpenNebula interfaces, such as the CLI, SunStone, OCA, or the OCCI and AWS APIs. VDC administrators can manage their VDCs through the CLI or new tabs in SunStone. Cloud Administrators can manage the VDCs through a new CLI or the new SunStone Zones.

VDCs have three categories of users:

• Cloud administrator/s with full control over the cloud deployment including the creation and management of VDCs
• VDC administrator/s with full control over the virtual resources within their VDCs including the creation of users in their VDCs
• Regular users that can access their VDCs to manage their virtual resources

Examples of Enterprise Use Cases of VDCs
VDCs, and the underlying ACL system, can support many common enterprise use cases in large cloud computing deployments, for example:

• On-premise Private Clouds Serving Multiple Projects, Departments, Units or Organizations. On-premise private clouds in large organizations require powerful and flexible mechanisms to manage the access privileges to the virtual and physical infrastructure and to dynamically allocate the available resources. In these scenarios, the cloud administrator would create a VDC for each Department, dynamically allocation physical hosts according to their needs, and delegating the internal administration of the VDC to the Department IT administrator.
• Cloud Providers Offering Virtual Private Cloud Computing. There is a growing number of cloud providers, especially Telecom Operators, that are offering Virtual Private Cloud environments to extend the Private Clouds of their customers over virtual private networks, thus offering a more reliable and secure alternative to traditional Public Cloud providers. In this new cloud offering scenario, the cloud provider provides customers with a fully-configurable and isolated VDC where they have full control and capacity to administer its users and resources. This combines a public cloud with the protection and control usually seen in a personal private cloud system. Users can themselves create and configure servers via the SunStone portal or any of the supported cloud APIs. The total amount of physical resources allocated to the virtual private cloud can also be adjusted.

Are You Ready to Try the New OpenNebula Zones?

OpenNebula 3.0 is a fully open-source technology. You have the software, the guides and our support to deploy your cloud infrastructure with multiple VDC environments.

More info

• CommVault and Dell Collaborate to Simplify, Speed and Safeguard Virtual Data Center Deployments
• Green IT and Virtual Data Centers
• VMware Buys Blue Lane in Hush-Hush Deal
• Federating Multiple Cloud Instances with OpenNebula Zones