I traveled to VMworld 2018 to explore VMware, its ecosystem and where it is heading. VMware is a pretty much new world to me and my main goal was to learn how can businesses benefit from VMware through their journey to the public cloud and to AWS in particular. As one who finds “lift & shift” as a less attractive strategy (being gentle here..) and who strongly believes in never-ending software modernization, I was thrilled to find some promising messages coming from VMWare. Pat Gelsinger, CEO, VMWare: …”Our vision is simple: Empower people to access any app on any device, from any cloud, with intrinsic security architected-in across every layer.” and “VMware observes a transition from Data Centers to Centers of Data that need to be connected, operated and secured together.” These two inspiring statements well summarize VMware’s overall strategy. Despite VMware’s strategy is referring to “any cloud”, in this post, we will focus on VMware Cloud on AWS.
#1 The Variety of Use Cases for Public Cloud
The journey to the public cloud begins with the understanding of how VMware Cloud fits into your cloud strategy. According to VMware, there is an hybrid-cloud trend to run workloads in the public cloud while continue running workloads on-premise. That brings tighter integration across cloud providers and significant cost saving for hardware. However, the main business challenges are operational inconsistency, acquiring new methodology and tools, monitoring and security, and budget constraints.
Data Center Extension
There are various scenarios for which you may choose to extend your data center in the public cloud. Whether you need to meet any regional footprint expansion and growth needs of the business, provisioning of temporary capacity for development and testing – take advantage of the on-demand capacity and the global infrastructure public cloud provides you with. It allows you to expanse your footprint in new regions around the world with all the capacity you need. If you are looking to reduce cost / modernizing your disaster recovery & backup then VMware site recovery & AWS S3 may become handy.
VMware provides you with various capabilities to support live migration of existing workloads to the public cloud.
- HCX for VM bi-directional migration
- vSAN backed by AWS EBS scaling compute and storage independently
- High-performance hybrid connectivity via NSX micro-segmentation & AWS Direct Connect.
- CPU Core & VM Compute Policies supports applications licensing requirements (ideal for enterprise applications from Oracle and Microsoft).
- AWS global presence supports various compliance requirements
Next Generation Applications
Next generation applications can further benefit from modern cloud-native architecture, e.g.:
- DNS Management (AWS Route53 in a customer’s owned AWS account routes traffic goes through its VPC DNS and from there to VMware CLoud on AWS’s SDDC account enabling DNS management via AWS Route53 & AWS directory service)
- AWS ELB integration with SDDC
- SDDC integration with AWS S3 or EFS storage
- SDDC integration with AWS RDS
#2 Becoming Cloud Agnostic Via Consistent Multi-Cloud Support
The multi-cloud strategy is really an interesting one and can bring a lot of value if it is well supported. Is such a tremendous level of abstraction is indeed achievable and how smooth can it get (e.g., with native integrations, with no swivel chair across public cloud providers, etc.)?
#3 Containerization & The Bet on Kubernetes
The acquisition of Heptio and VMware new capability around Kubernetes as a service (VMware cloud PKS) on top of various public cloud providers is exciting for cloud-native app developers as well as for those who are interested in leveraging VMware multi-cloud strategy. However, it is not clear when/if service-mesh (e.g., Istio) will be part of this service managed offering. Also, in VMworld 2018, I did not have the chance to learn more about it and compare it with AWS EKS for example.
#4 VMWare on AWS – Extended Integration & Serverless
Another great news for cloud-native developers is the appearance of new application services in the VMware’s arsenal.
Hold on! You can’t cross a river without getting wet… In other words, how come VMware is not sharing responsibility for the new managed services, like AWS RDS (the VMware side of it), Project Dimension, VMware Cloud PKS, VMware Blockchain, etc. ? The shared responsibility illustrated below would make more sense back then in 2004 when VMware was an IaaS provider….
VMware Cloud on AWS – Security Tools
- Even though it is not an exhausting list, we are all curious to know what technology stack others use aren’t we 🙂
- PCI compliance is not yet available but it is in the roadmap
- Host systems removed from a cluster are cryptographically wiped
- VMware is a processor – the customer is the controller (GDPR)
- VMware password strength is 4 characters (!?#%) but it is in the roadmap to fix it
- VMware has a whole bunch of advanced security capabilities (e.g., NSX Micro-Segmentation) mainly around networking that I did not cover here and it is not news.
VMware strategy is impressing indeed as well as some of the demos that were presented during VMworld 2018. Customers who already use VMware and interested in hybrid-cloud may find VMware on AWS quite appealing. However, I was left with some open questions:
- How much operational consistency will eventually be achieved?
- What is the give and take comparing VMware’s multi-cloud abstraction to native integration with a public cloud like AWS?
- What are the pros & cons of VMware Cloud managed services comparing to the equivalent public cloud offering (e.g., VMware Cloud PKS vs. AWS EKS)?