Technologies, Architecture, and Deployment
Velostrata's unique architecture decouples compute from storage in virtualized workloads, and introduces a number of patented capabilities and technologies that make cloud workload mobility possible. Our architecture was purpose-built to support enterprise-grade mass migration to the cloud:
- Easy Deployment: Quick, simple, and straight forward: Install the Velostrata virtual appliances in just a few steps and without installing agents on the servers you’re migrating.
- Simple Management in vCenter: VMware vCenter plug-in reduces learning curve for VMware administrators. Migration operations are performed directly on your VM inventory (in vCenter) while tasks, events, and alarms provide full visibility and control over migration.
- Secure By Design: Data transfers between Velostrata virtual appliances use SSL and AES-128 encryption. Data at rest is de-duplicated, compressed, and encrypted with AES-256. Unlike SaaS-only migration tools, our appliance is fully controlled by the enterprise, which means cloud credentials are not shared with Velostrata.
Velostrata’s patented capabilities provide a frictionless path for enterprises to mass migrate their physical and virtual machines (VMs) from on-prem into the pubic cloud:
- Boot Over WAN: Velostrata performs a native boot from the on-premises operating system over the WAN, in just a few minutes— regardless of the image size. While the image boots, Velostrata adapts it on the fly to meet the target environment. No changes to the application, image, storage, drivers, or networking are required.
- Intelligent Streaming: Velostrata prioritizes necessary data for an application to run and moves that to the cloud first. Applications begin running in cloud within minutes, while less frequently accessed data can be streamed in the background while application runs in cloud.
- Multi-Tier Caching and Optimization: Velostrata includes a multi-tier, read-write cache in the cloud. This stores the working set of data needed by the application while it runs in the cloud. De-duplication, pre-fetching, asynchronous write-back and network optimizations further accelerate the migration and reducing migration bandwidth by up to 75% in production migrations.
- Resiliency: Each Velostrata Edge deployment incorporates active-active appliances deployed across two availability zones. Writes are acknowledged in both availability zones and then asynchronously transferred back to any on-prem storage to prevent data loss in the event of an outage. Optionally, new data writes can persist solely in the cloud, which is useful for dev/test scenarios. Velostrata’s architecture ensures a 30-second RPO for sync in S3 and a 1-hour RPO for sync on-prem.
Supported Operating Systems:
Windows Server: 2003, 2003 R2, 2008, 2008 R2, 2012, 2012 R2, 2016, 1709
Linux: RHEL 6.x, RHEL 7.x, CentOS 6.x, CentOS 7.x, SUSE Linux Enterprise Server 11 SP2 (or higher), SUSE Linux Enterprise Server 12, Ubuntu 12.x, Ubuntu 14.04.x, Ubuntu 16.x, Ubuntu 17.10.
Velostrata software is deployed within virtual appliances. Once the networking and GCP prerequisites are met, installation takes place in a few simple steps:
- Download and deploy the Velostrata Management Server (either on-prem, in GCP, or both - depending on your use case requirements).
- Leverage Velostrata to create a Virtual Private Cloud, and a Virtual Private Network to securely link the Cloud provider's Virtual Network to your Velostrata Management Server(s). It’s important to note that all traffic between these points is encrypted end-to-end, both in flight and at rest.
- Deploy your Velostrata Cloud Extensions into the locations that you'll be migrating to and from (on-prem and GCP, for example). A Velostrata Cloud Extension supports the migration of 50 concurrent VMs, and you can add more Cloud Extensions for scale or to enjoy multi-cloud provider diversity.
- During the migration, Velostrata provides comprehensive tracking and performance reporting, so you have a complete view of all your applications. In addition to pre-migration in-cloud testing and post-migration instant rollback capability options.
A typical Velostrata deployment consists of two parts:
- Corporate Datacenter
- Cloud(s) VPCs/VNETs
At the Corporate Datacenter:
When performing on-prem to cloud migrations, the on-prem datacenter will be a crucial part of the Velostrata architecture.
- In the corporate datacenter, a VMware vSphere environment is deployed, running workload VMs. Infrastructure services such as DNS and Active Directory also exist in the datacenter. A Velostrata Manager Virtual Appliance is deployed in the vSphere setup.
- The Velostrata Manager Virtual Appliance will access the Cloud provider API endpoints on the public Internet as well as the Velostrata Telemetry Service, used for monitoring information and performance graphs when Virtual Machines run in cloud.
- The Velostrata Manager Virtual Appliance also hosts the Velostrata Datacenter Edge service, which is responsible for establishing the secure Datapath with the Velostrata Cloud Extension Edge Virtual Machine nodes in the cloud, as well as performing storage operations on Virtual Machine disks (VMDKs) attached to Virtual Machines running in cloud. The VMware Storage API is used for VMDK access.
In the cloud VPC/VNET:
- The Velostrata Cloud Edge nodes (A, B) are deployed automatically as part of the Velostrata Cloud Extension creation. The Velostrata Cloud Edge nodes are deployed into a separate security group to those used for workload Virtual Machines. This allows the creation of security policies that restrict access to and from the Velostrata components, the workload Virtual Machines and the datacenter. In general, only inbound access from the corporate datacenter is required for the Velostrata Datapath to operate, allowing for further tightening of security policies. Inbound access from workload Virtual Machines running in cloud is only required for storage connections to their virtual disks. These are inbound iSCSI connections from workload VMs into the Velostrata security group in cloud (connections to the Cloud Edge), not to on-premises.
- The Velostrata Cloud Edge nodes are in a highly available configuration, where two nodes exist in separate zones or regions. This ensures that during either a planned or unplanned maintenance event at least one Edge node will be available.
- The subnet(s) where the Cloud Edge nodes are deployed must allow access to the services, such as GCP Storage services (or Amazon S3 for cloud-to-cloud migrations). This allows access to both cloud services as well as outbound Internet access to the Velostrata Telemetry service. Inbound access from the public internet is blocked.
- Workload Virtual Machines (VMs) that run in cloud, whether using the Velostrata solution or whether launched directly using the cloud console, typically should run in private subnets that are not routed to the internet. These VMs should be routed to the corporate datacenter using the VPN solution, or access the internet using a NAT Gateway option.
GCP Deployment Overview
The diagram above depicts a typical Velostrata deployment. On the left hand side is the corporate datacenter (aka on-prem), and on the right hand side, the GCP VPC. The two are connected using a VPN or the GCP Cloud Interconnect option. It is also possible to have a deployment that adds an AWS cloud, in order to migrate VMs from AWS into GCP. It is also possible to have a cloud-to-cloud only architecture, in which there are no on-prem components, just AWS and GCP environments which communicate together (for migration out of AWS and into GCP).
For more information on a recommended GCP VPC configuration, see GCP Account and VPC Setup Requirements.
For more information on other clouds, please refer below:
The diagram above depicts a typical Velostrata deployment. On the left hand side is the corporate datacenter (aka on-prem), and on the right hand side, the Amazon VPC. The two are connected using a VPN or the AWS DirectConnect option.
For more information on a recommended Amazon VPC configuration, see AWS Account and VPC Setup Requirements.
The diagram above depicts a typical Velostrata deployment in Azure. On the left hand side is the corporate datacenter (aka on-premises), and on the right hand side, the Azure Resource Group, VNETs. The two are connected using a VPN or Azure ExpressRoute.
For more information on a recommended Azure VNet configuration, see Azure Account and VNet Setup Requirements.