Terminology

If you’re not familiar with Velostrata or GCP yet, it’s important to understand the terminology that are going to be involved in this deployment. Let’s define some of the key terminology you’ll encounter throughout this guide:

Cloud Extension: An extension to customer virtual datacenter in the cloud.  an environment in the cloud into which customer vSphere VMs can be migrated as part of the "run-in-cloud" operation. The Cloud Extension configuration includes:

  • Selected cloud provider.
  • Cloud region/location.
  • Velostrata Role and User can be used for cloud API and resource access.
  • Velostrata Cloud Edge Nodes configuration including subnets, security groups, availability zones/availability set.
  • Configurations defaults to be applied on the workloads with the Run-in-Cloud wizard.

A Cloud Extension maps to a dual Cloud Edge Node setup.

Compute versus Storage: A Virtual Machine is defined by a set of associated resources of compute (for example, vCPU and RAM), storage as attached virtual disks and network interfaces. With Velostrata, a Virtual Machine can run in the cloud, where compute and networking resources are utilized from the cloud, while its virtual disks are kept in their original placement on-premises. Velostrata ensures storage consistency for the virtual disks on-premises as well as provides the expected storage performance required by the workload running in the cloud, even though the virtual disks are remote.

Velostrata Cloud Edge Node (A/B): The Velostrata Cloud Edge Virtual Machine is deployed in a dual-node configuration, where each node instance (A or B) is protecting the transient journal data (updates made to the data) of all VMs until it is persisted to the object store. The dual-node configuration exists in a highly available configuration (availability zones/set) which offers resiliency to cloud provider outages.

Velostrata Telemetry Service: Velostrata Cloud Edge and Velostrata Manager Virtual Machines report periodic performance and usage information to the Velostrata Telemetry Service, where this information is aggregated and processed at scale. The Velostrata Telemetry Service enables efficient monitoring of queries and activity graphing on-premises for Virtual Machines that are running in cloud.

Velostrata vSphere Web Client Plugin: A user-interface integration component, which registered with the vCenter Server to add Velostrata solution actions, operations summary and monitoring information to the vCenter user experience. Velostrata functionality is added to the vSphere Virtual Datacenter and Virtual Machine objects.

Velostrata Manager Virtual Appliance on vSphere: Includes the Velostrata Management Service and Datacenter Edge service. Deployed on vSphere where it has access to the vCenter Server, vSphere ESX hypervisors and the internet. The Velostrata Management Service is responsible for deployment, management and operations activity for Virtual Machines and Cloud Edge Virtual Machines.

Classless Inter-Domain Routing (CIDR): The set of IP addresses for the cloud.

Security Groups: Security groups act as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group. When deciding whether to allow traffic to reach an instance, all the rules are evaluated from all the security groups that are associated with the instance.

VPN: A Virtual Private Network (VPN) connection between your corporate datacenter and your cloud to create an extension of your corporate datacenter can be deployed on top of an internet connection or a DirectConnect/ExpressRoute connection.

GCP Specific Terminology

Regions and Zones: A region is a specific geographical location where you can run your resources. Each region has one or more zones. For example, the us-central1 region denotes a region in the Central United States that has zones us-central1-a, us-central1-b, us-central1-c, and us-central1-f.

VPC: Google Cloud Platform (GCP) Virtual Private Cloud (VPC) is a representation of your own network in the cloud. It provides networking functionality to Compute Engine virtual machine (VM) instances. It is a logical isolation of the Azure cloud dedicated to your subscription. You can fully control the IP address blocks, DNS settings, security policies, and route tables within this network. VPC provides global, scalable, flexible networking for your cloud-based services.

Cloud Deployment Manager: Deployment Manager is an infrastructure deployment service that automates the creation and management of Google Cloud Platform resources for you.

Firewall: GCP firewall rules protect your virtual machine (VM) instances from unapproved connections.

Network Tags:  Network tags are used by networks to identify which instances are subject to certain firewall rules and network routes. For example, if you have several VM instances that are serving a large website, tag these instances with a shared word or term and then use that tag to apply a firewall rule that allows HTTP access to those instances.

Edge Network Tags: Velostrata Cloud Edge Components are deployed using a default dedicated edge network tag.

Workload Network Tags: Workload VMs are deployed using the default workload network tag.

Project: GCP projects form the basis for creating, enabling, and using all Cloud Platform services.

Service Account: A service account is the identity an instance or an application runs with. The Velostrata GCP deployment uses a management service account and a cloud edge service account.

For terminology related to other clouds which you may encounter, use the drop downs below.

AWS Specific Terminology

AWS Region: Amazon EC2 is hosted in multiple locations world-wide. These locations are composed of regions and Availability Zones. Each region is a separate geographic area. Each region has multiple, isolated locations known as Availability Zones. Amazon EC2 provides the ability to place resources, such as instances and data in distinct locations. Resources aren't replicated across regions unless selected to do so specifically.

AWS Availability Zone: An Availability Zone runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Common points of failures like generators and cooling equipment are not shared across Availability Zones. Additionally, they are physically separate, such that even extremely uncommon disasters such as fires, tornados or flooding would only affect a single Availability Zone.

AWS VPC: Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS. A Virtual Private Cloud (VPC) is a virtual network dedicated to your AWS account and is logically isolated from other virtual networks in the AWS cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. You can configure your VPC; you can select its IP address range, create subnets, and configure route tables, network gateways, and security settings.

AWS EC2: Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.

AWS EC2 Spot Instances: Amazon EC2 Spot instances allow you to bid on spare Amazon EC2 computing capacity. Since Spot instances are often available at a discount compared to On-Demand pricing, you can significantly reduce the cost of running your applications, grow your application’s compute capacity and throughput for the same budget, and enable new types of cloud computing applications.

AWS IAM: AWS Identity and Access Management (IAM) is a Web service that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization).

Velostrata Security Group: The Velostrata Security Group in AWS/Azure includes the dual-node Velostrata Cloud Virtual Appliance. All Velostrata Cloud Edge Components are deployed into this dedicated security group that is separate from the security group for generic workloads.

Workload Security Group: The security group used for generic workloads.

Azure Specific Terminology

Azure Location: The Azure Platform is supported by a growing network of Microsoft-managed datacenters. The datacenters are grouped into what is referred to as locations. There are several different locations around the world.

Azure Resource Group: A resource group is a container that holds related resources for an application. The resource group could include all of the resources for an application, or only those resources that are logically grouped together. You can decide how you want to allocate resources to resource groups based on what makes the most sense for your organization.

Azure Availability Set: Microsoft periodically updates the underlying Azure fabric that is used to host VMs to patch security vulnerabilities and improve reliability and performance. These updates, which are referred to as planned maintenance events, are often performed without any impact on guest VMs. Sometimes, however, guest VMs must be rebooted to complete an update. To reduce the impact on guest VMs, the Azure fabric is divided into Fault Domains to ensure that not all guest VMs are rebooted at the same time. Each Application tier VM should be placed in an Availability Set. Velostrata uses an Availability Set to protect the availability of its core infrastructure VMs.

Azure VNet: An Azure virtual network (VNet) is a representation of your own network in the cloud. It is a logical isolation of the Azure cloud dedicated to your subscription. You can fully control the IP address blocks, DNS settings, security policies, and route tables within this network. You can also further segment your VNet into subnets and launch Azure IaaS virtual machines (VMs) and/or Cloud services (PaaS role instances). Additionally, you can connect the virtual network to your on-premises network using one of the connectivity options available in Azure. In essence, you can expand your network to Azure, with complete control of IP address blocks with the benefit of enterprise scale Azure provides.

Azure VM: Azure Virtual Machines lets you deploy a wide range of computing solutions in an agile way. Deploy a virtual machine nearly instantly, and pay by the minute. With support for Microsoft Windows, Linux, Microsoft SQL Server, Oracle, IBM, SAP, and Azure BizTalk Services, you can deploy any workload and any language on nearly any operating system. Provides persistent, durable storage volumes for use with virtual machines, and offers the option to select different underlying physical storage types and performance characteristics.

Azure AD/RBAC: Let’s users securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.

Velostrata Security Group: The Velostrata Security Group in AWS/Azure includes the dual-node Velostrata Cloud Virtual Appliance. All Velostrata Cloud Edge Components are deployed into this dedicated security group that is separate from the security group for generic workloads.

Workload Security Group: The security group used for generic workloads.