As businesses expand their global footprint, the need for a flexible, scalable, and secure networking solution becomes paramount. Enter Azure Virtual WAN (VWAN), a cloud-based offering designed to simplify and centralize network management while ensuring top-notch performance. Let’s dive into what Azure VWAN offers and how to set it up effectively.

What is Azure Virtual WAN (VWAN)?

Azure Virtual WAN, or VWAN, is a cloud-based network solution that connects secure, seamless, and optimized connectivity across hybrid and multi-cloud environments.

It provides:

I. Flexibility for Dynamic Network Requirements

• Adaptable Connectivity: Azure VWAN supports various connectivity options, including ExpressRoute, Site-to-Site VPN, and Point-to-Site VPN, ensuring compatibility with diverse environments like on-premises data centers, branch offices, and remote workers.
• Scale On-Demand: As network requirements grow or change, Azure VWAN allows you to dynamically add or remove connections, integrate new virtual networks (VNets), or scale bandwidth based on traffic needs.
• Global Reach: Azure VWAN enables connectivity across regions and countries using Microsoft’s extensive global network, ensuring that organizations with distributed operations stay connected.
• Hybrid and Multi-Cloud Integration: Azure VWAN supports hybrid setups (on-premises + cloud) and integration with other public cloud providers, providing the flexibility to align with business strategies.

II. Improved Management with Centralized Controls

• Unified Control Plane: Azure VWAN provides a centralized dashboard within the Azure Portal to manage all networking components, such as VNets, branches, VPNs, and ExpressRoute circuits.
• Simplified Configuration: Automated setup and policy management make deploying new network segments, traffic routing, and security configurations easy.
• Network Insights: Built-in monitoring and diagnostic tools offer deep visibility into network performance, allowing administrators to quickly identify and resolve issues.
• Policy Enforcement: Azure VWAN enables consistent policy enforcement across regions and resources, improving governance and compliance with organizational security standards.

III. High Performance Leveraging Microsoft’s Global Backbone Infrastructure

• Low Latency and High Throughput: Azure VWAN utilizes Microsoft’s global backbone network, known for its reliability and speed, to provide high-performance connectivity across regions and to Azure services.
• Optimized Traffic Routing: Intelligent routing ensures that traffic takes the most efficient path across the network, reducing latency for applications and end users.
• Built-in Resilience: Microsoft’s backbone infrastructure includes redundant pathways and fault-tolerant systems, ensuring high availability and minimizing the risk of network downtime.
• Proximity to End Users: With a global footprint of Azure regions and points of presence (PoPs), Azure VWAN ensures proximity to end users, improving application responsiveness and user experience.

High-level architecture of VWAN

This diagram depicts a high-level architecture of Azure Virtual WAN and its connectivity components.

• HQ/DC (Headquarters/Data Centre): Represents the organization’s primary data center or headquarters hosting critical IT infrastructure and services. Acts as a centralized hub for the organization’s on-premises infrastructure. Typically includes servers, storage systems, and applications that need to communicate with resources in Azure.
• Branches: Represents the organization’s regional or local office locations. Serves as local hubs for smaller, decentralized operations. Each branch connects to Azure to access cloud-hosted resources, applications, and services and communicates with other branches or HQ/DC. The HQ/DC and branches communicate with each other and Azure resources through the Azure Virtual WAN.
• Virtual WAN Hub: At the heart of Azure VWAN is the Virtual WAN Hub, a central node that simplifies traffic management between connected networks. This hub acts as the control point for routing and ensures efficient data flow.
• ExpressRoute: Establishes a private connection between the on-premises network and Azure, bypassing the public internet. It uses BGP for route exchange, ensuring secure and efficient connectivity.
• VNet Peering: Links Azure Virtual Networks directly, enabling low-latency, high-bandwidth communication.
  • Intra-Region Peering: Connects VNets within the same region.
  • Global Peering: Bridges VNets across different regions.
• Point-to-Site (P2S) VPN: Ideal for individual users or small teams, this allows devices to securely connect to Azure resources over the internet.
• Site-to-Site (S2S) VPN: Connects the on-premises network to Azure, enabling secure data exchange between systems.

Benefits of VWAN

• Scalability: Expand the network effortlessly as the business grows.
• Cost-Efficiency: Reduce hardware expenses by leveraging cloud-based solutions.
• Global Reach: Easily connect offices and resources worldwide.
• Enhanced Performance: Optimize data transfer paths for better reliability and speed.

Setting Up VWAN in Azure

Follow these steps to configure Azure VWAN:

Step 1: Create a Virtual WAN Resource

• Log in to the Azure Portal and create a Virtual WAN resource. This serves as the foundation of the network architecture.

Step 2: Configure a Virtual WAN Hub

• Make the WAN Hub the central traffic manager and adjust it to meet the company’s needs.

Step 3: Establish Connections

• Configure VPN Gateways for secure, encrypted connections.
• Use ExpressRoute for private, high-performance connectivity.

Step 4: Link VNets

• Create Azure Virtual Networks and link them to the WAN Hub. The seamless interaction between resources is guaranteed by this integration.

Monitoring and Troubleshooting VWAN

Azure Monitor

Azure Monitor tracks performance, availability, and network health in real time and provides insights into traffic patterns, latency, and resource usage.

Network Watcher

Diagnose network issues with tools like packet capture and connection troubleshooting. Quickly identify and resolve any bottlenecks or disruptions.

Alerts and Logs

Set up alerts for critical issues such as connectivity drops or security breaches. Use detailed logs to analyze network events and maintain robust auditing.

Final Thoughts

Azure VWAN is a powerful tool for businesses looking to unify and optimize their global networking strategy. Organizations can ensure secure, scalable, and efficient connectivity by leveraging features like ExpressRoute, VNet Peering, and VPN Gateways. With the correct setup and monitoring tools, managing complex networks becomes a seamless experience.

This is Part 2 of a two-part series on Connectivity for Azure VMware Solution (AVS). 

In this article, we’ll review Network Extensions with HCX and managing AVS networking with NSX.

Read more about AVS, its use cases, and benefits in my previous blog article – Azure VMWare Solution: What is it?

VMware HCX Network Extension

Although HCX has a few different capabilities, today we are going to focus on Network Extension. Network extension allows a Layer 2 network that exists in a vSphere distributed switch, NSX segment, or NSXv logical switch to be extended to AVS. Once the extension is in place, traffic is tunneled so that virtual machines in both the source and AVS environment are on the same Layer 2 network and utilize the network gateway at the source to traverse to other networks.

An important note: Matching segments are automatically created in NSX once networks are extended to AVS. But when unextending a network, the segment in NSX is not automatically removed.

Appliance Deployment

When a Service Mesh is configured in HCX, multiple appliances are deployed to facilitate the specific functionality that has been enabled. For each appliance deployed at the source, a partner appliance is deployed in AVS.

As part of the service mesh configuration, you’ll set the number of network extension appliances required. Each appliance for Network Extension can support up 8 extended networks. Network Extension does support high availability for the appliances, so if needed, set the number of appliances to twice the required amount needed to support the number of networks being extended.

The appliances cannot have extended networks associated with them when enabling HA, so be sure to configure HA first. The HA setup process automatically selects an unused appliance to be the second member of the active/standby HA group.  Networks to be extended will then be associated with the group instead of a specific appliance. 

Mobility Optimized Networking (MON)

The traffic flow for VMs in AVS on extended networks may be undesirable since all traffic is traversing the on-premises gateway. This is especially true when workloads are micro segmented and multiple parts exist in AVS, but on different networks.

Mobility Optimized Networking (MON) can be enabled in HCX to improve network traffic flow. With MON enabled, traffic can route to different networks within AVS without flowing through the on-premises gateway. In addition, MON policy routes can be created to define traffic that will flow through the cloud gateway for things outside of AVS like Azure services, and internet egress. 

Figure 1 demonstrates how communication between two virtual machines on separate networks in AVS would behave with and without MON enabled. As you can see enabling MON optimizes the flow so that communication between the two virtual machines remains local to AVS.

Figure 1: Traffic flow with and without Mobility Optimized Networking.

VMware NSX

NSX is included in the Azure VMware Solution deployment and is utilized to manage the networking within the VMware private cloud environment. Networks within the environment are referred to as segments. Segments define the subnet, gateway, and DHCP settings.

NSX can be configured to run a DHCP server or relay if a DHCP server already exists. If relaying to a DHCP server across a network extension, the traffic must be allowed since all DHCP requests are blocked by default. This can be completed by creating a segment profile and assigning it to the segment where the DHCP server exists.

NSX Gateways

The default deployment of NSX in AVS includes a Tier-0 gateway in active/active mode which connects to the edge to provide North/South connectivity. The Tier-0 gateway is managed by Microsoft and should not be altered.

Connected to the Tier-0 gateway is a Tier-1 gateway in active/standby mode which provides East/West connectivity and is where segments for your virtual machines will be added.  Additional Tier-1 gateways can be created if desired to further segment traffic.  Multiple Tier-1 gateways can be connected to a single Tier-0 gateway.

There are two management options available for the default Tier-1 gateway. Azure provides a simplified interface in the Azure portal for creating segments, configuring DHCP, setting up DNS forwarding, and configuring port mirroring. Alternatively, NSX has its own interface that can be used to manage all aspects of the platform. If additional Tier-1 gateways were added, they can only be managed via the NSX interface and are not available in the Azure portal.

Figure 2 displays a high-level layout of connectivity from the NSX gateways to external networks.

Figure 2: NSX Gateway Connectivity

Interested in taking Azure VMware Solution for a test drive?

Take part in a Proof-of-Concept (POC) to learn more about Azure VMware Solution and how it functions. Undoubtedly, you’ll quickly learn that functionality isn’t much different from what you use every day in your own datacenter, just with less management overhead. A POC is the perfect opportunity to not only validate the solution, but also get familiar with tools included in AVS that may be new to your organization such as VMware NSX for networking and HCX for inter-site connectivity and migrations.

Our dedicated Microsoft Azure practice can get you started. Our team of Azure experts will lead you through a Proof-of-Concept deployment to validate the solution in your environment. Through Perficient’s extensive Microsoft partnership, there may be funding available to cover part of the cost of the POC.

This is Part 1 of a two-part series on Connectivity for Azure VMware Solution (AVS). 

In this article, we’ll review network connections for integrating AVS into other Azure services and systems outside of Azure. We’ll also cover how to provide AVS virtual machines access to the internet. 

Read more about AVS, its use cases, and benefits in my previous blog article – Azure VMware Solution: What is it?

Connectivity to Azure Resource

The Azure VMware Solution deployment includes an ExpressRoute Circuit which is used to connect to entities external to AVS. A gateway of type ExpressRoute is required to connect the AVS circuit to Azure and is not included in the AVS deployment. Since AVS supports both, the gateway can be deployed in either a Hub & Spoke topology or Virtual WAN. Once you obtain the resource ID and authorization key from the AVS Private Cloud Connectivity page in the Azure portal, the circuit can be connected to the newly created gateway. 

Although AVS supports connectivity via Virtual WAN, leveraging it for connectivity from AVS to Azure NetApp Files (ANF) is not yet fully supported by Microsoft.  Even though ANF connectivity through Virtual WAN will function, it will have reduced performance and increased latency. This is due to the lack of FastPath support in Virtual WAN for partner ExpressRoutes.  If you want to use Azure NetApp Files as additional storage for AVS, the connectivity will require a Virtual Network Gateway to be deployed to the same VNET as ANF. A gateway SKU of either Ultra Performance or ErGW3AZ should be used so that FastPath can be enabled on the AVS circuit connection. In addition, be sure to place ANF volumes and the Gateway in the same availability zone as AVS when deploying to a region with availability zone support.

Figure 1 includes a sample architecture using Virtual WAN.  Connectivity is established between AVS and the Virtual WAN by connecting the AVS ExpressRoute circuit to the Gateway in the Virtual Hub.

Figure 1: Connectivity into an Azure Virtual WAN.

Connectivity to Remote Locations

Connections to locations outside of Azure can be established with either an existing ExpressRoute circuit or VPN Connection. To connect to an existing circuit, enable Global Reach between the AVS circuit and the existing circuit. Global Reach should be enabled on the AVS side where the non-AVS circuit resource ID and authorization key are provided. Global Reach is required since Gateways are not transitive, which means that the traffic cannot travel into the gateway on one circuit and exit back out the same gateway for a different circuit. 

While VPN connections do not support Global Reach, they are functional since a VPN gateway and ExpressRoute gateway are two different resources. This means that the traffic can flow from AVS through the ExpressRoute Gateway and back out the VPN Gateway.

BGP is used to distribute routes in and out of AVS and requires 4-byte ASN support. A default route (0.0.0.0/0) can be advertised from on-premises or other Azure environments into AVS for virtual machine routing. Management systems within the AVS environment will not honor the 0.0.0.0/0 route.  Consequently, more specific routes such as RFC1918 network summaries should be advertised into AVS to allow external systems management access. In addition to management access, routes will need to be included for networks that contain other systems that are intended to be integrated with AVS for things like backups or monitoring.

The diagram below expands on Figure 1 to add on-premises connectivity via global reach.  Global Reach is enabled between the ExpressRoute circuits that connect to the on-premises datacenters and the AVS circuit.

Figure 2: Connectivity to On-premises with Global Reach.

Connectivity to the Internet

There are three different options for establishing internet connectivity, each of which have their own capabilities. Some may be more desirable over others depending on internal security requirements, and infrastructure already in place.

AVS Managed SNAT Service.

The SNAT service can be quickly and easily setup to provide outbound access to the internet by setting a radio button in the AVS Internet Connectivity page in the Azure portal. However, the simplicity results in no control over SNAT rules, no visibility into connection logs, and no inbound DNAT capabilities.  Two public IPs are associated with the service which provide a max of 128k simultaneous connections.

Default Route Advertisement.

A default route can direct traffic to an internet egress located in Azure or on-premises. Cloud native services like Azure Firewall or another device of your choosing can be leveraged to provide SNAT, DNAT, and security services. Internet access could be centrally managed for all resources across AVS, Azure native, and on-premises.

NSX Data Center Edge with an Azure Public IP.

Azure Public IP addresses can be consumed by NSX Edge and leveraged for NSX services like SNAT, DNAT, or Load Balancing.  In addition, the IP addresses can be associated with an NVA or virtual machine. This option is very flexible and scalable supporting thousands of public IP addresses.

Interested in taking Azure VMware Solution for a test drive?

Take part in a Proof-of-Concept (POC) to learn more about Azure VMware Solution and how it functions. Undoubtedly, you’ll quickly learn that functionality isn’t much different from what you use every day in your own datacenter, just with less management overhead. A POC is the perfect opportunity to not only validate the solution, but also get familiar with tools included in AVS that may be new to your organization such as VMware NSX for networking and HCX for inter-site connectivity and migrations.

Our dedicated Microsoft Azure practice can get you started. Our team of Azure experts will lead you through a Proof-of-Concept deployment to validate the solution in your environment. Through Perficient’s extensive Microsoft partnership, there may be funding available to cover part of the cost of the POC.

When company’s make large investments in a particular technology like VMware, it can be difficult to pivot to something new. This can lead to slow adoption of the public cloud and missing out on the benefits that come with it.  Azure VMware Solution (AVS) bridges the gap between on-premises virtualization and cloud-native IaaS or PaaS services by allowing you to move or extend on-premises VMware environments to Azure.

What is Azure VMware Solution?

Azure VMware Solution provides a private cloud that is VMware validated and built on dedicated, fully-managed, bare-metal Azure hardware. The private cloud is comprised of VMware vCenter Server, VMware vSAN, VMware vSphere, and VMware NSX (previously known as NSX-T Data Center). VMware HCX is an optional component that can be enabled during the provisioning process.  

What are some common use cases?

• Migration: Jump start your cloud journey by performing Lift and Shift migrations to Azure. Migrating to AVS allows you to integrate existing VMs with Azure Native resources and cloud-native VMs without any change requirements. Leverage HCX to perform system migrations via vMotion, offline bulk migrations, or multiple other options.
• Reduce Hardware Footprint: If you have a goal to “Get out of the datacenter business” or its time for a hardware refresh, leverage Azure’s hardware instead.  AVS can be scaled as needed without long term commitments or large capital expenses. The initial cluster deployment takes 3-4 hours, but any additional host can be available in about 30 minutes.
• Business Continuity / Disaster Recovery: Leverage Azure as a recovery site by utilizing native VMware or 3rd party tooling for virtual machine replication and backup. Activate systems in the cloud without requiring any changes to make them work. Even IP addresses can remain the same by leveraging VMware HCX to extend layer 2 networks into AVS.
• Modernization: Move systems to Azure VMware Solution that need to be close to workloads that have been modernized. Azure VMware Solution can integrate with cloud native resources to provide monitoring, security, and networking capabilities. By taking advantage of Azure tools and services, you can provide a path to modernize applications.
• Extended Support: Windows Server operating systems that have reached the end of Extended Support can qualify for the Extended Security Update (ESU) program which provides Security Updates for an additional period.  If the server resides in Azure, which includes the Azure VMware Solution, then ESU is provided for free. Additionally, the ESU period for 2008 has expired for systems hosted outside of Azure. However, if the system is hosted inside of Azure the ESU program is still active until January 9, 2024.

What other benefits are there?

• Simplified Licensing: All VMware licensing for products included in the AVS private cloud are included in the host consumption cost, so there are no VMware contracts or renewals to manage. Previously HCX Advanced was available, but now HCX Enterprise is included on all new deployments.
• Single Support Entity: Microsoft manages the support for the Azure VMware Solution, so there is only one vendor to contact if issues occur.  If needed, Microsoft will engage VMware support for issue resolution.
• Reduced Burden: Through the public cloud shared responsibility model, Microsoft is responsible for the lifecycle management of the VMware software and hardware it runs on, thus reducing the burden on internal staff.
• Options: There are currently three host hardware SKUs available for scaling the AVS environment, although not all SKUs are available in every Azure region. Besides the built-in storage on the host, Azure NetApp Files can be attached as AVS datastores. This allows for scaling storage without requiring additional hosts.

Interested in taking Azure VMware Solution for a test drive?

Take part in a Proof-of-Concept (POC) to learn more about Azure VMware Solution and how it functions. Undoubtedly, you’ll quickly learn that functionality isn’t much different from what you use every day in your own datacenter, just with less management overhead. A POC is the perfect opportunity to not only validate the solution, but also get familiar with tools included in AVS that may be new to your organization such as VMware NSX for networking and HCX for inter-site connectivity and migrations.

Our dedicated Microsoft Azure practice can get you started.  Our team of Azure experts will lead you through a Proof-of-Concept deployment to validate the solution in your environment. Through Perficient’s extensive Microsoft partnership, there may be funding available to cover part of the cost of the POC.

Application modernization is a growing area of focus for enterprises, especially in the wake of the COVID-19 pandemic.

Why? Because business leaders feel increasing pressure to drive innovation. Digital trends, remote work, and escalating customer expectations are among the reasons. No industry is immune to these dynamics. Businesses must evolve to succeed, which is why so many organizations opt for digital transformation.

When businesses modernize applications, it drives new processes and the necessary infrastructure that supports them. A robust app modernization strategy can reduce resources needed to run an app, increase frequency and reliability of deployments, improve uptime and resiliency, and more. Ultimately, app modernization allows organizations to accelerate innovation and go to market faster by updating business processes, reducing maintenance costs, and making data more accessible.

What are common types of app modernization?

The most common methods of application modernization include:

• Rehosting: Also known as “lift and shift,” rehosting involves transferring servers or software from the current environment to a public cloud infrastructure. For enterprises that are just starting a modernization journey, rehosting is the standard strategy. This option doesn’t require modifications to code, features, or functions. Business logic is preserved and data is migrated to the cloud.
• Refactoring: This approach to application modernization entails taking a legacy application and retooling significant chunks of its underlying code to better run in a new environment, usually the cloud. It helps remove technical debt and improves nonfunctional attributes.
• Replatforming: Similar to rehosting and refactoring, replatforming moves applications that are already in the cloud to a different cloud environment without making any major changes to the application. Examples of replatforming include upgrading the application to work with a cloud-native managed database, changing the operating system(s) or middleware it will work with, or containerizing applications. Replatforming enables enterprises to increase scalability and improve developer productivity.
• Replacing: When an application is no longer needed in a cloud environment, it is worth considering decommissioning it. Reasons for replacing an application include limited value, its capabilities are duplicated elsewhere in the environment, or it is more cost-effective to replace it with a different application than to migrate it.

What are the key technologies involved in app modernization?

There are several technologies fundamental to application modernization:

• Cloud Computing: Cloud technologies support and fuel an increasing amount of digital transformation initiatives, and application modernization is no exception. Today’s primary destination for application migration efforts is indisputably the cloud. This includes public cloud platforms, private clouds, and hybrid clouds.
• Containers: Software containers and container management platforms, specifically Kubernetes, have quickly become an industry standard for strategic modern application delivery. With companies deploying a wide range of infrastructure across multiple clouds and operating environments, it is essential that applications remain portable and able to be run efficiently in multiple places.
• Microservices: Microservices involve decoupling different components of an application into smaller, discrete pieces that can be deployed, updated, and operated independently.
• Orchestration and Automation: Orchestration in software development refers to the automation of many of the operational tasks associated with containers, including deployment, scaling and networking.

What are trends in app modernization?

 When strategizing your application modernization endeavors, keep the use of the following trends in mind:

• Multi-cloud environments: Multi-cloud refers to the use of more than one public cloud service provider for virtual data storage or computing power resources, with or without any existing private cloud and on-premises infrastructure. According to Gartner, multi-cloud strategies are now a matter of when rather than if, with many organizations having 70% of their cloud portfolio with one provider and diversifying the other 30% of their portfolio. For more information on multi-cloud environments, read one of our latest blog posts.
• Hybrid-cloud environments: Hybrid-cloud involves the use of public cloud in conjunction with private cloud and on-premises infrastructure. According to Forrester, with data already stored in on-premises data centers, 77% of enterprise global infrastructure decision-makers that are planning, implementing, or upgrading cloud say that are in a hybrid-cloud environment.
• Containers and orchestration: Containers and orchestration are a popular means for packaging, deploying, and managing applications and workloads. While you can containerize a legacy app, containers are viewed as an optimal fit for a more decoupled approach to development and operations (i.e. microservices).

How can we help with app modernization?

Succeeding in 2022‘s competitive market means you have to disrupt it in one way or another by offering the latest technology.

But that is not all, application development and innovation have evolved. What used to be a project-by-project methodology with periodic software updates has been replaced by DevOps, a philosophy of collaboration and continuous innovation.

We understand these challenges and partner with industry innovators to bridge the gap.

One way we achieve this is through our solution that integrates your Microsoft Azure infrastructure with VMware’s open-source Tanzu platform. This solution provides you with the reliability and elasticity of Azure while leveraging VMware’s platform, so your organization can reap the benefits of app modernization–faster time market, agility, reduced costs, and full automation.

Learn how we helped Intrado accelerate online transaction times by building microservices-based applications on the VMWare Tanzu platform, and how we equipped its team to maintain the platform in the future. Read the story here.

Why Perficient

Determining which applications and workloads to migrate – and how to do it – can be a challenge, and that is why working with an experienced partner, like Perficient, will ensure your application modernization journey is successful.

As a Gold-Certified, award-winning Microsoft partner and one of just a handful of National Solution Providers, we are a recognized cloud expert with years of experience helping enterprises make the most out of the Microsoft cloud. Coupled with our expertise in VMware’s suite of cloud-native solutions, we are uniquely equipped to provide application development services and end-to-end delivery.

Additionally, our team of experts has helped Fortune 1000 companies across industries with cloud transformation projects. Forrester has also listed Perficient among the top service providers in its report, Now Tech: Application Modernization And Migration Services, Q1 2021.

Closing notes

For more information on the latest in application modernization and cloud technologies, make sure you register for VMware’s SpringOne event, a hybrid conference taking place Dec 6–8, 2022 onsite in San Francisco as well as online.
(Tip: The early bird gets the discount when they register before June 28.)

Application modernization and innovation has remained a top priority of enterprises for the past several years. The economic disruption caused by the COVID-19 pandemic (and subsequent aftershocks) has only escalated this priority.

In a related post, we recognize the challenges of modernizing and migrating legacy applications, which include “legacy knowledge, custom-built processes, databases, and solutions that easily break and lead to unnecessary downtime.”

Additionally, the current market trends for application modernization and migration services reveal a “continuing shift toward modernization enabled by advanced cloud-native technologies,” according to Forrester.

This market and the dynamics at play have created an opportunity for our partners Microsoft and VMware. Announced at SpringOne last week, Microsoft is previewing an enterprise Java service called Azure Spring Cloud Enterprise Tier.

Azure Spring Cloud Enterprise Tier (with VMware Tanzu Technology) is “a Microsoft managed service for Spring that offers enterprise-grade support, configurability, flexibility, and portability for enterprise developers.”

What This News Means for Enterprise Developers

Because Spring is among the most popular application development frameworks for Java, Microsoft has Basic and Standard Tiers of Azure Spring Cloud for environments ranging from development to production.

These services help developers build Spring Boot applications with a “focus on building application code (e.g., microservices) rather than pedestrian tasks like configuring infrastructure.”

Azure Spring Cloud Enterprise Tier is designed to ease pain points for enterprise software development processes such as:

• Increased expectations (from developers) for managed services that allow them to modernize applications under highly complex processes
• An understanding of what developers can and cannot use, especially with increasing shifts to public cloud and balancing that with on-premises environments

Learn more about The Importance of Application Modernization for Businesses in 2021

Ready to Help With Your Application Modernization and Innovation

As Microsoft Azure support for open-source platforms and services have increased, cross-platform expertise is a critical factor for successful cloud transformation. Considering the widespread adoption of Azure and popularity of Spring, Perficient offers a solution specifically for Azure Spring Cloud Application Modernization.

Our quickstart solution for Azure Spring Cloud supports your multi-cloud deployment strategy so that you gain the benefits of faster time to market, agility, lower costs, and full automation.

“Our teams accelerate the development and modernization of web apps and microservices with Azure Spring Cloud,” said Steve Holstad, Director, Microsoft Azure at Perficient. “With our expertise in cloud infrastructure, PaaS services, data solutions, cross-platform architecture, and solution development, we’ve supported numerous clients in financial services, healthcare, and manufacturing. We’ve not only modernized applications but also developed comprehensive enterprise cloud strategy roadmaps to enable successful cloud adoption and expansion over time.”

Embracing Azure Spring Cloud provides flexible, native Azure integration and ease of managed services for Spring developers. This allows them to focus on providing business value and reducing time to market for new products and services.

Why Perficient

As a Microsoft Gold and VMware partner, we’re uniquely positioned to deliver application transformations using Java, open source, .NET, VMware Tanzu, and the Microsoft Azure platform. We’ve helped clients across industries develop strategic solutions and accelerate innovative cloud projects. Plug into our cloud, development, and application platform expertise to increase developer velocity and shorten delivery cycles.

Ready to advance your app innovation and modernization journey? Contact our team about this solution.

A healthcare experience upgrade – that’s the quest of so many healthcare organizations. Consumers expect better healthcare experiences. Government has even mandated it. And, below the surface, data serves as important connective tissue powering seamless, connected experiences for patients, members, and their care ecosystems.

Interoperability helps unlock data’s greater potential — healthcare innovation, more meaningful care touchpoints, and so much more.

The mechanics that support truly visionary interoperability initiatives require more than “a flip of the FHIR switch” though. It takes strategic thinking, reliable data, and architecture that supports the safe, rapid, secure, scalable, and compliant sharing of that data.

READ MORE: Deliver Fully Integrated Experiences In Healthcare

FHIR and API Know-How, Plus a Whole Lot More

Wanting to do more than simply meet the CMS interoperability mandate, our payer client seized the opportunity to build a scalable infrastructure that mobilizes data in ways that truly put the consumer first – giving all members secure access to their health information when they need it most and in a way they can best use it.

We grounded their solution in a pragmatic, holistic approach, evaluating when we could leverage the payer’s existing platforms as well as opportunities to modernize in ways that would benefit multiple organizational initiatives.

This approach encompassed three core tenants:

Interoperable Data = Modernization + Optimization + Democratization

Our integration and healthcare expertise equipped the payer to achieve faster time to market while leveraging its existing enterprise investments. We safeguarded a solution that meets all standards and rules when sharing protected health information (PHI). Additionally, our expertise in data governance ensured that data can be trusted and leveraged as a true strategic asset.

READ THE FULL SUCCESS STORY: Empowering Healthcare Consumers and Their Care Ecosystems With Interoperable Data

Healthcare Interoperability Solutions

Three areas of Perficient expertise – integration, healthcare, and data governance – together forged a solution that equips this payer client, its partners, and its members for more personalized, meaningful care experiences and better health outcomes.

Have questions? We help the largest payers and providers in the U.S. navigate integration strategy, data architecture, platforms, implementations, and change management. Contact us today, and let’s discuss your specific needs and goals.

EXPLORE MORE: Get to know the Senior Solutions Architect who helped lead this project

Enterprises are slowly realizing that they quickly need to adopt cloud-native technologies such as Containers and Kubernetes to accelerate their Digital Transformation initiatives. These technologies are the driving forces behind legacy application modernization and net new cloud-native applications that are needed to meet the ever changing demands of customers. These technologies provide various benefits for both Developers and Operators including:

• Portability: Portability is the key benefit of containers. Write once, package the code in a container image, and run it anywhere.
• Faster releases: Developers can ship the code and release new features faster allowing for better resource utilization on the platform.
• Declarative-style manifest approach: Kubernetes provides operators a consistent declarative-style manifest approach to manage the apps and the related resources/objects.
• Ease of use: Independent Software Vendors (ISVs) are also packaging their software as a cloud-native app to help operators easily run and debug their apps on Kubernetes platform.

According to Gartner, more than 75% of global organizations will be running containerized applications in production by 2022, which is a significant increase from fewer than 30% today.

Kubernetes Adoption Journey in an Enterprise

In a typical Enterprise, Containers and Kubernetes adoption is initially slow. Normally, it starts with a small team developing an app (not mission critical) that they plan to containerize and deploy on a k8s cluster in a single environment (typically using Managed CaaS offering on Public clouds) for PoC purpose.

However, when the adoption accelerates, more teams start working on identifying the apps that they would like to containerize and deploy on Kubernetes clusters in various environments (on-premise, Public cloud, or even on bare metal servers). Suddenly, the whole landscape gets crowded.

According to the IDC, Enterprises will build and deploy ~ 500 million apps in Production over next 5 years using cloud-native tools and technologies such as Containers and Kubernetes.

Kubernetes Adoption Reality – Growing Fragmentation

Fragmentation is being seen today within Enterprises. For example, say one team decided to deploy their app(s) on Amazon EKS cluster, and another decided to leverage Google GKE cluster. Although it is good for application teams to have the flexibility to deploy the applications on their choice of Kubernetes clusters, it causes problems for operators.

Operational Challenges with Fragmentation

If your team has struggled to resolve the following questions, you are facing challenges with fragmentation:

• How can we gain visibility into all the clusters from a centralized console?
• How can we troubleshoot containerized workloads across disparate environments?
• How can we quickly enforce Network and Security policies across the board and comply with the Enterprise guidelines?
• How can we efficiently provision the Clusters and manage it’s lifecycle?

Unfortunately, operations tools that companies have today, do not solve these questions. Each vendor provides their own tools to provision clusters, manage it’s lifecycle, and troubleshoot workloads. To solve this problem, you either need to hire an army of resources with a specific skill-set or push your existing resources to learn all these tools to support the infrastructure and app, both of which are not realistic approaches.

However, now there is a better solution, and the solution is VMware Tanzu Mission Control.

What is Tanzu Mission Control?

VMware Tanzu Mission Control (TMC) is a centralized management platform for consistently operating and securing your Kubernetes infrastructure and modern applications across different teams and clouds. As an API-driven service, TMC enables you to declaratively manage all your clusters through its API, the CLI, or the web-based console. From the TMC console, you can see your clusters and namespaces, and organize them into logical groups for easier management of resources, apps, users, and security. Some of the cluster management capabilities of TMC include:

• Cluster Lifecycle Management: Using TMC, you can connect to your own cloud provider account to create new clusters, resize and upgrade them, and delete clusters that are no longer needed. 
• Cluster Observability and Diagnostics: See the health and resource usage for each of your clusters from a single console. View cluster details, namespaces, nodes, and workloads directly from the TMC console. 
• Cluster Inspections: Run preconfigured inspections against your clusters using Sonobuoy to ensure consistency over your fleet of clusters. 
• Data Protection: Back up and restore the data resources in your clusters using Velero to ensure the protection of the valuable data resources in your clusters. 
• Access Control: TMC starts with a secure by default service, and allows you to use federated identity management and apply granular role-based access control to fine tune your security requirements. 
• Policy Management: Rather than manually dealing with the many aspects of managing your Kubernetes resources and the apps that use them, you can create policies to consistently manage your clusters, namespaces, and workloads.

Key Takeaways

VMware Tanzu Mission Control allows you to manage all your Kubernetes clusters–across packaged Kubernetes distributions, managed Kubernetes Services, and DIY footrpints–from a single control point.

If you are an operator, you will have complete visibility into all the clusters, be able to enforce Enterprise policies related to Container registry, Network, Security and more. That allows exceptional control over diverse environment.

If you are developer, you will have the freedom to use modern constructs and self-service access to Kubernetes resources. You do not need to worry about Kubernetes infrastructure but focus on what you do best–writing quality code.

In our previous blog VMware Tanzu: Highlights of the Basic Edition, we explored the benefits of the VMware Tanzu Basic edition and how it is optimal for enterprises at the beginning stages of their application modernization journeys because it allows you to run containerized-off-the-shelf (COTS) workflows on-premise as part of vSphere. In our Key Takeaways of the VMware Tanzu Standard Edition blog, we explored the benefits surrounding the VMware Tanzu Standard Edition and how it builds off of the functionality of the Basic Edition, allowing you to operate a Kubernetes-based container solution across multiple clouds. Today’s blog will focus on the capabilities of Tanzu Advanced.

VMware Tanzu Advanced simplifies and secures the container lifecycle and enables teams to rapidly deliver modern applications at scale, on-premises and in the cloud. Tanzu Advanced achieves this through:

• Full support of Spring Runtime: Spring Runtime is a framework that makes best use of microservices, data pipelines, and distributed systems. Customs apps are automatically packaged with dependencies, containerized, and maintained. When you need base runtimes or preset components, developers can self-serve from a curated catalog of validate open source software.
• Security: Source code provenance in your applications allows for tracking and auditing. Your curated catalog of base runtimes and preset components is always up to date, and application connectivity policies are intelligently enforced. All container images are stored in a private registry, encrypted and, continuously delivered to your Kubernetes clusters across clouds. Also, container networking and service mesh are enabled for consistent, secure connectivity between services.
• Streamlined management of Kubernetes at scale: You can manage your Kubernetes estate from one, central control plane. Management, policy control, and visibility into service connectivity across clouds can be done from a centralized management platform.
• Automatic custom code containerization: Custom code is automatically containerized, and ready-made images and runtimes are always available in a curated, private repository. As a result, you will realize shorter development cycles.

Tanzu Advanced offers the modular capabilities that enable you to build a developer-centric platform for modern apps that works for your organization. Whether your organization is starting out or already has many pieces of the container lifecycle in place, Tanzu Advanced capabilities can be added as needed to address your most pressing challenges today and support your overall modernization journey going forward.

Credit: tanzu.vmware.com

Our team of VMware Tanzu Application Service certified consultants, who have received advanced training at the VMware Tanzu Master Class, are equipped to enable Tanzu on your multi-cloud environment. Contact us today to get started.

Learn more about our VMware partnership

With a team of more than 100 certified experts, Perficient combines the power of VMware technology with strategy and delivery expertise to help solve critical business challenges.

Learn more about our VMware partnership here.

In our previous blog VMware Tanzu: Highlights of the Basic Edition, we discussed the benefits and considerations of implementing VMware Tanzu Basic in your organization. In today’s blog, we will discuss the Standard edition, which builds off of the functionality of the Basic edition, and how it can support your infrastructure and application modernization journey.

Tanzu Standard is for organizations that want to operate a Kubernetes-based container solution across multiple clouds with centralized observability and governance. Whereas Tanzu Basic is tied to vSphere, Tanzu Standard provides you the flexibility to extend a consistent, open source-aligned Kubernetes distribution across on-premises, public cloud(s), and edge.

With open-source aligned Kubernetes, you can run the same distribution across any cloud. Centralized governance allows the platform operator to manage your organization’s Kubernetes footprint across multiple environments with consistent governance over configuration, access, security, and data protection, while providing development teams the freedom to access and build on resources. Additionally, Tanzu Standard includes leading open source projects, Prometheus and Grafana, with out-of-the-box dashboards that emphasize platform monitoring and full VMware support.

With Tanzu Standard, you can avoid operating multiple Kubernetes distributions with varied configuration controls. You will observe consistent deployments and operations across on-premises, public cloud(s), and edge. Tanzu Standard can be deployed as an add-on for vSphere 6.7u3, vSphere 7, or on public clouds. It can also be licensed with VMware Cloud Foundation to deploy Kubernetes as part of a larger, integrated stack. Tanzu Standard’s global control plane is available as SaaS.

Our team of VMware Tanzu Application Service certified consultants, who have received advanced training at the VMware Tanzu Master Class, are equipped to enable Tanzu on your multi-cloud environment. Our quick-start offering involves:

• Configuring TKG and TMC integration
• Setting up TKG in a multi-cloud environment
• Configuring TMC policies to manage K8 clusters
• Configuring ingress for deploying contour
• Ensuring load balances are working
• Backing up cluster in application using Velero
• Deploying a containerized application using HelloWorld
• Migrating an existing containerized app from another platform

Learn more about our VMware partnership

With a team of more than 100 certified experts, Perficient combines the power of VMware technology with strategy and delivery expertise to help solve critical business challenges.

Learn more about our VMware partnership here.

Built on VMware Tanzu Application Service, VMware Tanzu allows organizations to build modernized applications with speed, simplicity, high availability, and control. VMware offers three VMware Tanzu editions to support your organization at any point in your application modernization journey. In this blog, we will focus on the capabilities of Tanzu Basic, but future blogs will explore the Tanzu Standard and Tanzu Advanced editions.

Tanzu Basic is a cost-effective way to begin your infrastructure modernization journey. It allows enterprises to run containerized-off-the-shelf (COTS) workflows on-premise as part of vSphere. Tanzu Basic can be licensed as a bundle with vSphere 7 Ent+ or as an add-on to be deployed on vSphere 6.7u3.

With Kubernetes embedded in the vSphere control plane and integrated into operations via vCenter UI, developers can leverage existing infrastructure and familiar tools while capturing the benefits of the leading container orchestration platform. Kubernetes-based container management allows vSphere users to run VMs and containers side by side while also providing developers self-service access to resources and environment via Kubernetes APIs.

How to get started with Tanzu Basic

Our team of VMware Tanzu Application Service certified consultants, who have received advanced training at the VMware Tanzu Master Class, are equipped to enable Tanzu on your vSphere production deployments. Our quick-start offering involves:

• Installing VMWare Tanzu Kubernetes Grid (TKG) Management and Workload clusters on vSphere using best practices
• Training operators and developers on how to leverage vSphere UI to create storage, networking, and RBAC policies
• Working closely with the Application Team to containerize existing applications
• Loading the container images either into Harbor or an image registry of your choosing
• Creating Kubernetes manifests (.yaml files) to deploy the applications on the TKG workload cluster

Learn more about our VMware partnership

With a team of more than 100 certified experts, Perficient combines the power of VMware technology with strategy and delivery expertise to help solve critical business challenges.

Learn more about our VMware partnership here.

The following is the twelfth blog in a series about why businesses are moving to the cloud to modernize and improve business performance.

Throughout this series, we have discussed the many benefits of cloud, including increased velocity for innovation, enhanced security, and the opportunity for ROI. Now, we want to discuss how the cloud can help businesses in their specific circumstances by looking at different industries. In our last blog, we highlighted a financial services example of giving customers a unified experience by bringing data together in the cloud. In this blog, we’re going to dive into an automotive maker use case in which we gave drivers a connected experience with cloud.

Providing a connected car experience with cloud

People today can connect more devices than ever – and that includes their car. An international car manufacturer wanted to take advantage of that by providing a more cost-effective connected vehicle experience for its customers, while also wanting to monetize its connected features. It was unable to implement this, though, due to its existing platform relying on disparate legacy systems that lacked a robust user experience.

To modernize the client’s platform, we developed an API-driven, cloud-native platform, built on Pivotal Cloud Foundry. With the capabilities of the new platform in mind, we also implemented a rigorous, test-driven development approach in combination with CI/CD practices to streamline future development. This enabled the multi-channel connected capabilities that the client was looking for, while they were also able to monetize it.

With this new platform, the client was able to monitor applications globally, enjoy greater flexibility, speed to market, and development effectiveness. Customers, meanwhile, enjoyed an easy-to-use, connected experience thanks to the cloud platform.

Learn more

Do you want to learn more about the cloud’s benefits? Click here or fill in the form below to read the guide Transform Your Business with Cloud and learn what cloud can do for you.