Posts Tagged Cloud

Understanding the Ways of the VMforce

Posted by Chris in Cloud, Server Virtualization, VMware on April 29th, 2010

On Tuesday VMware and Salesforce.com announced their joint venture – vmforce.com. Both vendors offered informative blog posts about the announcement, and I recommend reading the following:

VMforce and VMware’s “Open PaaS” Strategy (Steve Herrod)
VMForce: Why? What? How? (Anshu Sharma)
VMforce Provides Spring Cloud Platform (Rod Johnson)

These posts are also worth reading:

Analyzing the VMforce announcement and PaaS portability challenges and the VMforce example (William Vambenepe)
Duncan Epping’s wrap up post

The move makes sense for both vendors. VMware understands that existing as a virtual infrastructure platform for Windows applications – where Microsoft is a direct competitor – is a losing battle. Many vendors have tried and failed in their efforts to take down Microsoft. In the end, the problem for Microsoft’s competitors was always the same – integration across the Microsoft stack would always win out. Paul Maritz realizes this and understands that without challenging Microsoft’s dominance in the application space, VMware will eventually succumb to Microsoft as the preferred virtual infrastructure platform for Windows applications. Partnering with providers such as Salesforce.com is a logical move for VMware. The more VMware can help Salesforce.com and Force.com pick up customers, the more they may see Microsoft’s dominance in the application space erode. This isn’t a strategy that plays out overnight, but over the next 10+ years. Along the way, I expect VMware to partner with key Microsoft rivals such as Google. Such a move is too sensible for both companies not to happen at some point.

For Salesforce.com, the VMware partnership and integration with VMware’s SpingSource Spring Framework offers the potential to bring in a large number of new customers. In addition, the combined VMforce.com solution utilizes VMware vSphere backend infrastructure. As standard cloud API and data models emerge over the coming years, close alignment with VMware should remove concerns of VMforce.com being perceived as a niche solution, and will be one that leverages known and trusted back end virtual infrastructure. This is important when you consider factors such as regulatory compliance. Large enterprises turning to the cloud are wary of lock-in, and the more providers can offer secure solutions that are compatible across numerous cloud solutions, the more likely enterprises are to invest.

While I like the move, there are still many unanswered questions. For starters, making it easy for Java developers to run complex application stacks in the cloud is a good start, but what about the .NET developer ecosystem? If VMware and its competitors want to take market share from Microsoft, they’re going to have to entice .NET developers to come their way. I have said for some time that I see Azure evolving to be both a cloud and on-premise solution. So in time Microsoft will be offering even more compelling reasons to to come their way or stay with them, and Microsoft’s competitors will need a very good answer to counter. If VMware succeeds with “Open PaaS”,” they may have the answer – a Java-based PaaS platform with choice on par with VMware’s vCloud ecosystem (1,000+ providers).

It’s also important to note that VMforce.com is not a pure infrastructure-as-a-service (IaaS) play. You can’t package any app as a VM and deploy it to VMforce.com. Instead, the solution is positioned to support Java apps, a Force.com backend database, and leverage VMware vSphere plumbing. As a joint venture, VMware couldn’t get into IaaS for the simple reason that it would position VMware as a competitor with the providers in its vCloud ecosystem.

Finally, if you go back to Steve Herrod’s original post on the VMforce.com announcement, I couldn’t help but focus on the fact that “Open PaaS” was placed in quotes. In the past, I have asked vendors if some of their “features” should be in quotes, insinuating that a particular feature was a bit misleading. If you’ve been in IT long enough, you already know that “open” is a relative word, with openness subject to the number of supported vendor or provider alternatives out there. In the case of VMforce, “open” does not have to imply open source, but rather a defacto standard for PaaS with a large choice of provider solutions.

The following statement from Steve Herrod’s post alluded to VMware’s plans for Open PaaS.

One thing in particular mention here should strike you … we will wholeheartedly enable deployment of these cloud portable applications to clouds that are not based on our underlying vSphere virtualization technology. This support is a key aspect of openness and will enable a broader and more competitive ecosystem of compatible Spring PaaS offerings. And this in turn will be the reason why developers will bet on Spring-based applications for maximum flexibility. Stay tuned as you’ll see many more announcements around this very soon.

Steve is implying that apps deployed to VMforce.com can be moved to non-VMware infrastructure without a Force.com backend, which I mentioned earlier when discussing Open PaaS. If VMware succeeds with VMforce and gets numerous other providers to support Open PaaS along the way, they will have a serious alternative to Azure, and one that is devoid of provider lock-in.

As James McBride once said, the details always tell the story. Right now, we have a story. Whether or not the story will be remembered depends on the details. Give us standard APIs, application models, metadata sets, security frameworks, and modernized service-level definitions that apply to emerging cloud-based architectures, and we have a very compelling story. So far, the book on VMforce.com has a nice cover, but the meaningful content remains a mystery.

Cloud, vmforce, VMware

1 Comment

RSA, Intel, and VMware Take a Big Step Forward in Cloud Security

Posted by Chris in Cloud, Server Virtualization, Storage, Xen on March 3rd, 2010

Yesterday RSA announced new controls for virtual infrastructure security in cloud environments. Concerns regarding security and compliance have been primary factors preventing large enterprises from placing production workloads on shared virtual infrastructure in the cloud. Yesterday’s announcement and proof-of-concept didn’t solve all of public cloud’s security woes, but it brought us closer to a practical solution. In case you missed it, you can read a detailed overview of the solution in the RSA security brief “Infrastructure Security: Getting to the Bottom of Compliance in the Cloud.” Even if you’re not ready for public cloud, many of our clients have expressed concerns over mixing security zones or subzones on internal private cloud infrastructure. Instead of supporting multi-tenancy (i.e. multiple departments traversing multiple security boundaries), the conservative IT organization isolates security zones using dedicated physical infrastructure (e.g., separate physical clusters, network ports, and storage). Even if you build in security controls in the virtual infrastructure, how do you expose them to the auditor? To date, that has been a problem.

In the past, I have talked about this security dilemma in a couple of couple of key areas. First, we need a standardized set of cloud isolation levels. We also need standard metadata (either de facto or industry standard) so that third party audit tools can properly query an application’s relationship to cloud security policy in relation to virtual and physical controls that are in place. I covered those issues in more depth in the post “The Cloud Mystery Machine: Metadata Standards.” In addition, virtual resources need to be able to answer the question “Where are you?” That applies to both the runtime location and data location. It’s important to ensure that data privacy and governance concerns are met, and regulatory compliance issues such as data export restrictions are satisfied. Ideally, the answer to the question will provide details on the hardware root of trust (the hypervisor and physical infrastructure is secure), relationship to defined pre-defined security tiers (the RSA POC uses “platinum,” “gold,” and “silver",” and “bronze,” for example), and provides the detail needed to prove that both data and application runtime security requirements are satisfied.

Rather than summarize all of the goodness in the RSA announcement, I’ll focus on the areas where it still falls short. For starters, neither EMC nor Cisco were part of the POC. So the existing model does not detail concerns such as data location and the privacy of data at rest. Naturally, there is quite a bit that you would expect Cisco to offer too. The Nexus 1000V has plenty to offer when it comes to security inspection and enforcement on shared virtual infrastructure: L2-4 ACLs, SPAN, ERSPAN, AAA, and more. Naturally, any de facto tiered security models offered by RSA and its partners should go as far as to include advanced network and storage requirements, and I expect them to do so over time.

Now that RSA, VMware, and Intel have taken this big step toward satisfying the security concerns associated with shared infrastructure-as-a-service (IaaS) architectures, it’s time to be transparent on metadata structure. If each service provider builds its own proprietary metadata schema, we’re in trouble. Instead, vendors such as VMware need to define a more robust metadata schema within the .vmx configuration file. In a perfect world, VMware would toss .vmx to the side and work with the DMTF to take the XML-based .ovf standard from a standard for VM importing to a standard for runtime metadata. If we had that, RSA, VMware, and Intel can continue on their current path, and third party vendors could add their own custom controls as well. In addition, the standard could be applied to all hypervisors, such as Hyper-V and XenServer.

While I expect this announcement and forthcoming innovations to be a boost to public cloud providers, the work of RSA, VMware, and Intel will pay immediate dividends for each organization’s internal cloud plans. The more compute resources that can be shared, the lower the capital and operational expenses to run the data center. Solutions that enhance visibility, improve security, and create opportunities to share more physical infrastructure are no-brainers, in my opinion. I could spend much more time discussing the details of the RSA POC, but I’ll leave that for the RSA white paper. Also, if you would like to hear more about where this solution is going, I encourage you to attend Catalyst Europe next month. RSA CTO Bret Hartman will detail RSA’s vision for cloud security at the conference, and will be on-hand to answer your questions as well.

Cloud, intel, rsa, VMware

2 Comments

The Next Gen Desktop’s Cloudy Future

Posted by Chris in Cloud, Desktop Virtualization, Server Virtualization on March 2nd, 2010

Over the past few years, I have talked with several dozen Burton Group clients who are struggling with defining their next generation desktop and application delivery architecture. They often like the idea of the server-hosted virtual desktop, but not the cost. In addition, many of our clients are increasingly looking at cloud-based application delivery frameworks such as software-as-a-service (SaaS) and platform-as-a-service (PaaS). For example, several of our clients use the Salesforce.com customer relationship manager (CRM) SaaS-based application. The result- users get a rich application assessable from anywhere with a web browser, and IT sees a low total cost of ownership (TCO) for the CRM application. Other Burton Group clients have evaluated Microsoft Exchange via SaaS services, while others are keeping an eye on PaaS offerings such as Microsoft Azure.

Besides SaaS and PaaS, infrastructure-as-a-service (IaaS) is increasingly growing in popularity. One of the most common ways to deliver IaaS is by leveraging hardware-infrastructure-as-a-service (HIaaS) platforms (e.g., VMware vCloud, Amazon EC2, or Citrix Cloud Center). For the majority of our clients, their initial entry into HIaaS has started by building private clouds to host applications in virtual machines. HIaaS as a backend for desktop-as-a-service (DaaS) is on the radar of many of our clients. For several, 2010 plans include virtual desktop pilot projects, and small deployments by the fall. Note that while I’m being relatively light on the definitions, you can read Burton Group’s detailed perspective on cloud in the following free report “Cloud Computing: Transforming IT.”

If you’re wondering “What’s the point?” here it is. Application delivery does not have to begin and end at the virtual desktop, and in many cases will not. SaaS and PaaS services will increasingly play a role in delivering applications to end users. Presentation virtualization technologies such as Citrix’s XenApp will do so as well. XenApp as the delivery mechanism for internal SaaS, combined with the Citrix Receiver, for example, provides the framework to publish Windows applications to a variety of endpoints (e.g., notebook, netbook, iPhone, iPad, thin or zero client, and thick client). So in the end we’re winding up with several layers of application services that need to be seamlessly delivered to the end user. This means that security policy enforcement and identity management, for example, will need to traverse each service layer. For most organizations today, leveraging SaaS applications requires users to maintain a separate login for each provider. Identity federation in support of single sign-on access to cloud services will be a key enabler in the delivery of converged cloud services. Others (e.g., Microsoft and Novell) have tried and failed in the past, but this time the stakes are different. Strong interest in cloud services provides the use case waiting for a solution.

If we take the delivery of converged cloud services to the client endpoint, we get to what should be a divide between two user experience domains: personal space and work space. The endpoint device may include a client hypervisor to securely separate both personal space and work space, as shown below.

Granted, what I’m talking about here isn’t revolutionary. Many vendor examples relating to a bring-your-own-device delivery model highlight the need to separate personal space and work space, but they fall short in their inclusion of other relevant cloud application delivery services. In fact, I blogged about this approach a year ago. Independent analyst Brian Madden went a step further and predicted that 90% of virtual desktops will run on client endpoints.

To summarize, we need to keep the focus of application delivery on the application. If a call center’s application delivery requirements is best suited by a low-end device that uses a web browser to present applications to users via SaaS, then so be be it. If the application delivery requirements warrant a server-hosted virtual desktop, then that’s OK too. Still, in my opinion, IT’s future is about managing each user’s work space, and we should be looking at technologies that simplify delivery and presentation of converged cloud services. The winning vendor, and the one that drives a user’s work and/or personal space, is the one that nails the presentation of converged cloud delivery. I’m not sure who the winner will be, but I know that the winner won’t be the vendor going after this problem with a narrow view of the typical enterprise’s application delivery requirements. What do you think? We will be talking about these topics at Catalyst Europe in Prague next month, and I hope to see you there.

Cloud

3 Comments

The Cloud Mystery Machine: Infrastructure Matters

Posted by Chris in Cloud on February 11th, 2010

This post continues the discussion in my “The Cloud Mystery Machine” post.

Contrary to the utopian cloud model many espouse, underlying infrastructure still matters, especially when you consider application performance and the ability to satisfy SLAs. Most folks are well aware of virtualization live migration incompatibilities between Intel and AMD platforms, but what about substantially reduced performance between Intel platforms? For example, consider an enterprise application that realizes a substantial performance benefit from Intel’s hardware-assisted memory virtualization – Extended Page Tables (EPT). XenApp, Exchange, and SQL are among the many applications that benefit from EPT. Moving the application to a cloud platform without EPT support could result in significantly degraded performance. If you have no information on a cloud service’s underlying hardware infrastructure, you may not know about the lack of EPT support until you start getting complaints about application performance. Then what do you do? Ideally, when a user or application requests infrastructure services from a cloud provider, there should be a mechanism for specifying low-level hardware requirements such as EPT.

When it comes to trusting critical applications to cloud service providers, not all organizations are keen on the idea of trusting an application to a white box server with memory acquired from the lowest bidder. Ditto for back end storage. This is one of the reasons why initiatives like VCE are important. A cloud provider offering services on known and trusted hardware is important to many decision makers. Sure you may pay a little more for the service, but for many IT decision makers, that’s OK. SLAs are only as good as a provider’s capability to honor them. Without knowledge of the provider’s infrastructure, you may be rolling the dice. Take the recent HostV failure as an example. While phrases such as “All you need to worry about is the SLA” sound good in theory, today they’re simply not practical. If cloud providers truly want to enable services such as application bursting to cloud, then they need to provide interfaces that accept very specific infrastructure requirements. Open Virtualization Format (OVF) is the best option we have for importing VMs to foreign infrastructures, and it’s extensibility allows room for custom metadata today. So there’s really no reason why service providers can’t offer such capabilities today. Also, there’s no reason why a service provider shouldn’t be transparent about their physical and virtual infrastructure. If a provider isn’t offering the detail you need to feel comfortable, then move on. There are plenty to choose from.

Cloud, Private Cloud

1 Comment

The Cloud Mystery Machine: Metadata Standards

Posted by Chris in Cloud on February 11th, 2010

This post continues the discussion in my “The Cloud Mystery Machine” post.

Open Virtualization Format (OVF) is a good start for standardizing definitions for VM metadata; however, let’s not forget that today OVF is only used to import VMs to a proprietary virtual infrastructure, and has no use at runtime. That being said, if you move a workload to the cloud, do you know where it is? You may think “Why do I care?” Organizations concerned with issues such as data export restrictions and data privacy care. When using virtualization platforms in the cloud, some workloads will require the identification of the physical runtime location and physical data location. In addition, the location of the application execution in relation to other systems within the shared physical infrastructure is also important. An auditor should be able to collect such information via a standard query. Unfortunately, that’s not possible today. Today, thanks to OVF’s extensibility, it’s technically possible for a VM to communicate its security requirements to a service provider, although I have yet to see a cloud service provider use OVF in such a way.

Providing simple and industry recognized methods for identifying VM and data location in the cloud is a difficult problem to solve. Again, the question isn’t just about where, but also about the relationship to required isolation mechanisms, whether they be virtual or physical firewalls, isolated virtual or physical network segments, or isolated storage, for example. Of course, how the provider defines “isolated” is equally important. Last year, I talked about the need for standardized cloud security models in this post. This is a difficult problem to solve, and that’s why all vendors that have a stake in cloud computing need to begin working on such standards today. And speaking of standards, unfortunately I doubt we’ll see an industry standard that addresses cloud infrastructure location and isolation issues anytime soon. Instead, I’m looking at vendor combinations such as VMware/EMC/RSA or Microsoft/Citrix/HP to deliver solutions that emerge as de facto standards in the coming years.

Cloud, Private Cloud

3 Comments

The Cloud Mystery Machine: Licensing

Posted by Chris in Cloud, Licensing and Support on February 11th, 2010

This post continues the discussion in my “The Cloud Mystery Machine” post.

Cloud computing and hardware infrastructure as a service (HIaaS), in theory, should allow organizations to move workloads to the cloud and manage licensing just as they always have with managed hosting services in the physical world. However, the problem with current licensing models such as Microsoft’s Service Provider Licensing Agreement (SPLA) is that they require licenses to be bound to physical hardware. Physical hardware bindings removes the capability of IT organizations to manage licenses when they have no idea of the hardware on which their applications reside (it may change from day-to-day). So far, service providers have dealt with the licensing issue by building licensing costs into their service fees. In other words, you need to tell the service provider your application needs and the provider must manage licensing compliance on your behalf. If you want to take your already-purchased Microsoft licenses to the cloud, you’ll need to lease dedicated physical hardware from the service provider.

Asking service providers to take on license management for thousands of applications is impractical and is one more barrier to public cloud infrastructure adoption. Some service providers may support a few dozen applications today, but many organizations have thousands of applications. 2010 marks a year where Microsoft can show industry leadership and change licensing so that application license management is transferred from the service provider to the end user organization. The SP provides the virtual infrastructure, the organization uses it. Application licensing based on concurrency or user seats has always been infrastructure agnostic. Heck, Microsoft already has a similar model with its Client Access License (CAL). All that’s needed is to remove the physical binding requirement for application server licenses. As I’ve said before, we are moving away from device-centric computing. We’re shifting away from hardware as the definition for a user’s working environment, and that includes both client and server applications. It’s time the major players in the enterprise application market evolve their licensing policies to meet the agility requirements of today’s enterprise.

Cloud, Private Cloud

1 Comment

The Cloud Mystery Machine: The Need for an Infrastructure Authority

Posted by Chris in Cloud on February 11th, 2010

This post continues the discussion in my “The Cloud Mystery Machine” post.

Private cloud is a key 2010 objective for many Burton Group clients. However, our clients are consistently frustrated by the difficulties of on-demand service and mobility in virtualized environments. Until we get closer to having a virtual infrastructure center of the universe, these problems will persist. For example, suppose you setup soft security zoning using VMware’s vShield Zones. Does your third party orchestration product consider zoning restrictions prior to moving a VM to a particular server? Considering that VMware’s own Distributed Resource Scheduler (DRS) service doesn’t have such capabilities, it’s unlikely that any third party tool will either. In fairness, VMware hasn’t exposed such features through their SDK, so its unfair to ask vendors to support something in which they have little control.

When it comes to orchestration, everything falls apart without a central metadata store. Call it an infrastructure authority (IA), or whatever you like. The bottom line is that if a tool wants to place an object somewhere within a cloud infrastructure, there needs to be a central place where it can check to make sure the physical location offers the necessary resources (compute, memory, networking and storage I/O) and security policy isn’t violated in the process, among other concerns. We don’t need to re-invent the wheel. Instead, we need to take existing virtual infrastructure management databases and evolve them so that they can act as the central authority for all infrastructure decisions. Microsoft’s System Center suite of products already supports some extensibility and third party integration. VMware’s Virtual Center (VC) supports third party plug-in integration, but extensibility is taboo. If the VC database was extensible, issues such as downstream storage I/O would factor into VM placement decisions today. Virtual Instruments, for example, has the technology to do it, but their hands are tied. I’m hopeful that the infrastructure authority is something that VMware and Microsoft can lead in 2010. No vendor can own the universe. How many have to try and fail to prove it doesn’t work? Server hardware vendors acting as though each enterprise infrastructure should be homogeneous is a perfect example. VMware, Microsoft, Citrix, and other members of the virtualization community need to get serious about the complexities of managing an increasingly agile infrastructure, and give their software partners the APIs and meta database extensibility they need to fuel innovation.

In the end, the IA may not comprise just a single vendor solution, but involve collaboration from multiple vendors on what may emerge as one or more de facto standards. Many technical (e.g., CPU, memory, network, and storage requirements) and non-technical (e.g., security, location, organizational policy, and SLA) requirements determine the feasibility for VM mobility and placement. In my opinion, enterprises will continue to lack confidence in true virtual infrastructure/private cloud self-service and automation until we have some type of centralized infrastructure authority. What do you think?

Cloud, Private Cloud

1 Comment

Thoughts on the VMworld Day 2 Keynote

Posted by Chris in Cloud, Desktop Virtualization, ESX, Network Virtualization, Security, Server Virtualization, VMware, VMware CVP on September 3rd, 2009

I was very impressed by the information disseminated in the second VMworld keynote, led by CTO Steve Herrod. Here’s a summary of the thoughts I tweeted during the morning keynote (in chronological order).

Steve Herrod talked about a “people centric” approach. VMware’s technology needs to understand desktop user behavior. The existing offline VDI model (requiring a manual “check-out”) is not people centric.
VMware’s announcement to OEM RTO Software’s Virtual Profiles was a good move. Burton Group considers profile virtualization a required element of enterprise desktop virtualization architecture.
VMware’s Steve Herrod and Mike Coleman discussed VMware’s software-based PC-over-IP (PCoIP) protocol. Feedback from Burton Group clients who were early PCoIP beta testers indicates that the protocol’s development is progressing well.
Herrod showed a picture of “hosted virtualization” for employee owned PCs on a MacBook. Is that a hint of a forthcoming announcement?
I would like to know if VMware’s Type I CVP client hypervisor will have VMsafe-like support in the 1.0 release. VMware has made few public statements regarding CVP architecture.
VMware’s CVP demo looked good, but it didn’t reach the “wow factor” achieved by Citrix when Citrix demoed a type I client hypervisor on a Mac at their Synergy conference.
The Wyse PocketCloud demonstration was impressive. PocketCloud is VMware’s first answer to the Citrix Receiver for iPhone.
VMware demonstrated the execution of a Google Android application on a Windows Mobile-based smart phone. Many opportunities exist for VMware and Google to collaborate in the user service and application delivery space.
Burton Group client experience backs VMware’s claims that vSphere 4.0 is a suitable platform for tier 1 applications. We recommend that x86 virtualization be the default platform for all newly deployed x86 applications, unless an application owner can justify why physical hardware is required (e.g., for a proprietary interface that is unsupported by virtualization).
To support tier 1 application dynamic load balancing, storage and network I/O must be included in the DRS VM placement calculations. It’s good to see that VMware is heading in that direction. DRS will also need to evaluate non-performance metrics such as vShield Zone membership as part of the VM placement metric (no word on this yet).
I would like to hear more from folks who have tested AppSpeed. Burton Group clients I have spoken with to date have not been impressed.
The DMTF needs to start doing more to evangelize the role of OVF as it pertains to cloud computing and service manifests.
I like vSphere’s VMsafe security API, but I want to see tighter integration with external management (exposed via the SDK), and better integration with VMware’s DRS and DPM services.
VMware talked about Lab Manager as a tool to promote user self-service for server VMs and applications, but I haven’t heard mention of a similar interface for desktop applications (like Citrix Dazzle). A user application service catalog is a missing part of VMware’s current virtual desktop architecture, and will need to be addressed by either VMware or a third party.
The data center on the show floor running 37,248 VMs on 776 physical servers would be more impressive if VMware disclosed the applications running on the VMs, along with the application workloads. Otherwise, the demonstration is really just a density science project.
I liked VMware’s coverage of virtual data centers. They are also defined in Burton Group’s internal cloud hardware infrastructure as a service (HIaaS) reference architecture.
Herrod mentioned forthcoming network L3 improvements that will make it easier to separate location and identity. This is something to follow.
Both Cisco and F5 are enablers for VMware’s long distance VMotion and are vendors to follow as this technology further matures.
VMware’s cloud layered architecture is very similar to the architecture defined in the Drue Reeves’ report “Cloud Computing: Transforming IT.”
Herrod did a great job articulating the importance of SpringSource to the VMware software solution. VMware needs an application platform to have a chance at holding off Microsoft long term, and SpringSource gives them that.

That’s it for my thoughts on day 2. As always, I’d love to hear your feedback. VMworld 2009 was a great conference. I enjoyed my time meeting with Burton Group clients as well as the several conversations that I had with many attendees. See you next year!

Cloud, VMware, vmworld

10 Comments

VMworld Day 1 Keynote – A Few Thoughts

Posted by Chris in Cloud, Desktop Virtualization, Server Virtualization, VMware on September 2nd, 2009

VMworld got off to a strong start yesterday, with the Paul Maritz keynote setting an early tone for the day’s events. I used twitter to add commentary to the keynote and plan to do the same today for Steve Herrod’s morning keynote. Below is a summary of my thoughts/tweets on the day 1 keynote.

VMware’s clear goal is to provide a complete platform for cloud-based computing. I’m hopeful that VMware will spend more time helping customers build internal clouds, which focuses on their immediate needs. Public clouds, while intriguing, is a future initiative for most Burton Group clients.
Paul Maritz and VMware talk about vSphere as an enabler for choice; however, “choice” is a subjective word. To VMware, choice means choice of cloud providers. To others, choice means choice of virtualization platforms.
vSphere is a foundation for internal cloud, but to keep it in perspective, it’s just the foundation at this point. VMware and its partners need to build the walls. Improvements such as tighter integration between DRS, DPM, orchestration, and security zoning (i.e., vShield Zones) need to be made. vSphere APIs need to further evolve to communicate logical and physical zoning restrictions from either vShield Zones or VMsafe-enabled appliances to management and automation tools.
I was glad to see Maritz bring up context switching and its impact on x86 virtualizaiton. Many virtualization consolidation planning tools miss analyzing applications with high context switching and don’t consider it when determining VM placement. This oversight in planning tools can cause post-deployment performance problems.
Martiz clearly demonstrated his command of the VMware product suite and partner integration avenues. He’s a very technical CEO and his knowledge resonates well with the VMware user base.
The IBM demonstration of vSphere integration with hardware-assisted virtualization active power management was impressive. Many of our clients are looking at exploiting the Enhanced Intel SpeedStep and Enhanced AMD PowerNow! hardware technologies to save on power and cooling costs.
Maritz highlighted the importance of chargeback and service catalogs in cloud computing, and I agree. I discussed the importance of both of these technologies in the blog post “Cloud and the Wal-Martification of IT.”
vCenter Chargeback is a good first step, but I think it falls short of giving IT the complete picture of available capacity. Awareness of factors such as security zoning restrictions is required before vCenter Chargeback will accurately forecast available capacity across an enterprise ESX infrastructure.
Paul Maritz discussed the concept of a virtual data center. Burton Group agrees with this, as we’ve had virtual data centers in our hardware infrastructure as a service (HIaaS) reference architecture for several months. You can learn more about it here.
VMware’s running tally of more than 1,000 service provider partners is impressive, but I would like to see increased guidance for customers on how to build out internal clouds.
VMware submitted the vCloud API to the DMTF – a first step toward making the vCloud API an industry standard. That being said, VMware’s competitors would need to adopt the API for it to be a true standard. A standard with one implementation isn’t a true standard, but rather is a proprietary technology, but with good marketing.
I liked the vCloud Express demo, but would also like to see a service interface on the front end. I like the option of provisioning a server, but would also like to see a demo of the vCloud Express showing an interface that makes sense for the application developer or business professional.
Rod Johnson did a tremendous job with the SpringSource demo. Giving application owners an interface to provision an app locally, or to an internal or external cloud was spot-on. IT service delivery requires IT operations to give application owners and individual business units interfaces that they understand. Hyperic is also a key part of an integrated VMware cloud stack and is a technology VMware shops should begin working with in their labs.