VMware CEO Pat Gelsinger used his Interop keynote to lay out a four-pronged strategy for building what the company has coined the software defined data center, adding details and customer testimonials to a concept he initially described last year. Besides the firm’s ubiquitous server virtualization products, which abstract compute resources into customizable chunks that can be reconfigured and reallocated as needed to suit specific application needs, the strategy includes virtual networks, using NSX technology released last fall, storage virtualization provided by the recently shipping and Interop award-winning VSAN product and software to centrally and programmatically automate configuration, deployment and deployment of the entire infrastructure stack.
It’s an expansive vision that could put VMware in the middle of enterprise IT application and service design, construction and delivery. Indeed, if fully adopted by VMware’s customers, which includes well over half of all organizations according to both an InformationWeek virtualization report and Opsview survey,, it would make VMware the hub around which all business application and IT infrastructure decisions revolve. Meaning that in an era of cloud computing and software as a service, the SDDC could do for VMware what the Windows family of PC and server software did for Microsoft in the age of client-server computing.
Four Pillars of the SDDC
In an exclusive interview after his keynote, Gelsinger provided detail and color to the strategy, addressing several issue I raised in a wide-ranging conversation. Starting with the most mature piece of the SDDC strategy, server virtualization, he said that VMware’s efforts are focused on enhancing the product’s scalability, performance and application compatibility with the goal of making it suitable for any enterprise workload: from mundane Web servers to transaction-heavy databases. Speaking of compute virtualization, Gelsinger says “We’re going to keep plowing ahead forever” with a goal of very high market share in a world where every workload is virtualized. One focus is continuing to eliminate reasons not to virtualize by addressing the reasons customers cite for keeping applications on dedicated servers. These include: very large, mission critical applications, HPC or any performance- and hardware-centric software, Hadoop and other big data systems, and the myriad of legacy applications that are currently orphaned on dedicated physical servers.
NSX, which adds network virtualization to VMware’s technology portfolio, opens up an entirely new set of application categories in the telco and service provider markets to the SDDC. Gelsinger sees a big opportunity in so-called network function virtualization (NFV), with approximately six million servers used in the telco business, “Almost none of which are virtualized today. It’s another Greenfield opportunity for us to pursue,” he adds.
After server virtualization, Gelsinger says the next most mature segment of the SDDC strategy is the management software stack. VMware’s goal is to bridge the private and public cloud worlds by providing a single software suit for application provisioning, workload orchestration and financial management. The vehicles are the vSphere and vCloud products, which VMware continues to enhance to address a wider variety of virtualized services and hybrid public, private cloud deployments. Starting with its baseline product, vSphere manager, which is designed for VM configuration and runtime administration, VMware has built a suite that simultaneously encroaches on products from traditional IT management powerhouses like BMC, CA and IBM/Tivoli, while also mirroring features of newer cloud software platforms like OpOpenStack. Speaking of the management software hodgepodge common in many enterprises, Gelsinger says “Every customer has a problem here. They’ve got some legacy BMC, they got some point tools here and there, they’ve got CA and Tivoli, they’ve got ITIL [products], but every customer needs to transform their management environment.” He describes the endpoint as an IT environment with automated operations and capable of spanning hybrid, multi-cloud infrastructure as a message that “really resonates with customers.”
Given the preponderance of networking pros, the pillar of VMware’s strategy Interop attendees were most interested in was NSX, the company’s network virtualization software overlay that works with multiple hypervisors and in any cloud environment: vCloud, OpenStack, CloudStack. See my early column on network virtualization for background. Gelsinger left the details to CTO and co-inventor of the NSX technology, Martin Casado, but the key new message is around security. Casado, who has a background in security research, says he has been thinking about the opportunity to use the combination of network and server virtualization as a ubiquitous enforcement layer to bridge what he calls the “context-isolation divide.”
He believes that virtual layer abstractions, the hypervisor on servers or virtual interfaces on networks, is the “Goldilocks zone” that provides the ideal combination of insight into application activities and security requirements (context) with enough isolation to shield applications from one another and the underlying operating system. In a blog post describing his ideas, Casado writes of the debate between host- and network-based security and how virtualization bridges the gap:
Host-based proponents argue that integration into the OS and application enables a higher degree of context — which is true. It also puts security controls smack-dab into the attack zone. What is the first thing malware does when it lands? It disables anti-virus. Network-based controls avoid this problem by being outside the attack zone. But for the most part, they have no idea what is happening with the application/process/file/user. So you have to make a choice. Do you want meaningful controls (context) or do you want effective controls (isolation)? Clearly we need both, and the virtualization layer — i.e., the hypervisor — is in a unique position to provide visibility into the guest from a trusted position isolated from the guest’s domain. In other words, it provides both context and isolation.
Placing security in the virtual layer allows a unified set of security policies to be consistently applied across an SDDC. As a proof of concept, Casado cited VMware’s work with Rapid 7 to integrate its vulnerability management software with NSX [PDF]
Storage is the final piece of VMware’s SDDC architecture and here the Interop community presented Gelsinger with some surprisingly good news: naming its recently released VSAN product both best in the storage category and audience choice for best overall. “I wasn’t expecting that we’d get two awards at Interop for V-SAN,” says Gelsinger. One reason the product resonates with hands-on practitioners like those at Interop is that it eliminates a major source of inefficiency and frustration: provisioning storage for new applications, where traditionally server admins had to work through a separate storage team. With storage virtualization, “Now he [the virtual server admin] essentially is in control of being able to have to have VMDK storage that can be spun up and managed in a dramatically elegant way,” says Gelsinger.
Translating technology to business benefits
IT is only as good as the business advantages it provides, so I asked Gelsinger how he talks about the SDDC to his C-level peers. How to translate cool new technology into cold hard cash. He said the discussion usually centers on agility: being faster to react to changing conditions and implement new IT services. “It almost always pivots around a business discussion, usually around speed, agility, being able to monetize infrastructure and/or data in new ways, or reach customers through mobility and social in new ways. That’s sort of where those C conversations start,” Gelsinger explains.
Gelsinger points out what is still painfully obvious to most IT pros, that business executives view them as an overhead cost, not business enabler. From that baseline he says the discussion pivots to, “How can those IT investments become business enablers as opposed to costs that affect your bottom line?” One example Gelsinger cites of using IT agility to capitalize on a business opportunity is work VMware and EMC did with Visa to develop a mobile credit and payment service to compete with PayPal. “We essentially built the mobile based-credit environment with Visa in nine months.”
Summing up, Gelsinger says, “I feel good ending Q1, because I now have the full SDDC components in place. We laid out the vision about a year and a half ago, and the vision resonates. We talked to a customer, the conceptual sale is done in the first two minutes of the customer meeting. Now I can actually execute on all the legs of it, and really say, ‘Yep, we have all the components and we can truly change the way that you build data centers,’ and that’s exciting.” 2014 then will be the year VMware turns its software-defined vision into reality. It will be interesting to watch since the vision is almost universally accepted, however, as evidenced by the array of competing products and technology stacks across the four SDDC categories, the implementation details are anything but.Look for a Q&A with highlights from my interview with Gelsinger later this week