From Cloud-First to Cloud-Smart to Repatriation

From Cloud-First to Cloud-Smart to Repatriation

VMware Explore 2024 happened this week in Las Vegas. I think many people were curious about what Hock Tan, CEO of Broadcom, had to say during the general session. He delivered interesting statements and let everyone in the audience know that “the future of enterprise is private – private cloud, private AI, fueled by your own private data“. On social media, the following slide about “repatriation” made quite some noise:

VMware Explore 2024 Keynote Repatriation

The information on this slide came from Barcley’s CIO Survey in April 2024 and it says that 8 out of 10 CIOs today are planning to move workloads from the public cloud back to their on-premises data centers. It is interesting, and in some cases even funny, that other vendors in the hardware and virtualization business are chasing this ambulance now. Cloud migrations are dead, let us do reverse cloud migrations now. Hybrid cloud is dead, let us do hybrid multi-clouds now and provide workload mobility. My social media walls are full of such postings now. It seems Hock Tan presented the Holy Grail to the world.

Where is this change of mind from? Why did only 43% during COVID-19 plan a reverse cloud migration and now “suddenly” more than 80%?

I could tell you the story now about cloud-first not being cool anymore, that organizations started to follow a smarter cloud approach, and then concluded that cloud migrations are still not happening based on their expectations (e.g., costs and complexity). And that it is time now to bring workloads back on-premises. It is not that simple.

I looked at Barclay’s CIO survey and the chart (figure 20 in the survey) that served as a source for Hock Tan’s slide:

Barclays CIO Survey April 2024 Cloud RepatriationWe must be very careful with our interpretation of the results. Just because someone is “planning” a reverse cloud migration, does it mean they are executing? And if they execute such an exercise, is this going to be correctly reflected in a future survey?

And which are the workloads and services that are brought back to an enterprise’s data center? Are we talking about complete applications? Or is it more about load balancers, security appliances, databases and storage, and specific virtual machines? And if we understand the workloads, what are the real reasons to bring them back? Figure 22 of the survey shows “Workloads that Respondents Intend to Move Back to Private Cloud / On-Premise from Public Cloud”:

Barclays CIO Survey April 2024 Workload to migrate

Okay, we have a little bit more context now. Just because some workloads are potentially migrated back to private clouds, what does it mean for public cloud vs. private cloud spend? Question #11 of the survey “What percentage of your workloads and what percentage of your total IT spend are going towards the public cloud, and how have those evolved over time?” focuses on this matter.

Barclays CIO Survey April 2024 Percentage of Workloads and Spend My interpretation? Just because one slide or illustration talks about repatriation does not mean, that the entire world is just doing reverse migrations now. Cloud migrations and reverse cloud migrations can happen at the same time. You could bring one application or some databases back on-premises but decide to move all your virtual desktops to the public cloud in parallel. We could still bring workloads back to our data center and increase public cloud spend. 

Sounds like cloud-smart again, doesn’t it? Maybe I am an organization that realized that the applications A, B, C, and D shouldn’t run in Azure, AWS, Google, and Oracle anymore, but the applications W, X, Y, and Z are better suited for these hyperscalers.

What else?

I am writing about my views and my opinions here. There is more to share. During the pandemic, everything had to happen very quickly, and everyone suddenly had money to speed up migrations and application modernization projects. After that, I think it is a natural thing that everything was slowing down a bit after this difficult and exhausting phase.

Some of the IT teams are probably still documenting all their changes and new deployments on an internal wiki, and their bosses started to hire FinOps specialists to analyze their cloud spend. It is no shocking surprise to me that some of the financial goals haven’t been met and result in a reverse cloud migration a few years later.

But that is not all. Try to think about the past years. What else happened?

Yes, we almost forgot about Artificial Intelligence (AI) and Sovereign Clouds.

Before 2020, not many of us were thinking about sovereign clouds, data privacy, and AI.

Most enterprises are still hosting their data on-premises behind their own firewall. And some of this data is used to train or finetune models. We see (internal) chatbots popping up using Retrieval Augmented Generation (RAG), which delivers answers based on actual data and proprietary information.

Okay. What else? 

Yep, there is more. There are new technologies and offerings available that were not here before. We just covered AI and ML (machine learning) workloads that became a potential cost or compliance concern.

The concept of sovereign clouds has gained traction due to increasing concerns about data sovereignty and compliance with local regulations.

The adoption of hybrid and hybrid multi-cloud strategies has been a significant trend from 2020 to 2024. Think about VMware’s Cloud Foundation approach with Azure, Google, Oracle etc., AWS Outposts, Azure Stack, Oracle’s DRCC, or Nutanix’s.

Enterprises started to upskill and train their people to deliver their own Kubernetes platforms.

Edge computing has emerged as a crucial technology, particularly for industries like manufacturing, telecommunications, and healthcare, where real-time data processing is critical.

Conclusion

Reverse cloud migrations are happening for many different reasons like cost management, performance optimization, data security and compliance, automation and operations, or because of lock-in concerns.

Yes, (cloud) repatriation became prominent, but I think this is just a reflection of the maturing cloud market – and not an ambulance.

And no, it is not a better moment to position your hybrid multi-cloud solutions, unless you understand the services and workloads that need to be migrated from one cloud to another. Just because some CIOs plan to bring back some workloads on-premises, does it mean/imply that they will do it? What about the sunk cost fallacy?

Perhaps IT leaders are going to be more careful in the future and are trying to find other ways for potential cost savings and strategic benefits to achieve their business outcomes – and keep their workloads in the cloud versus repatriating them.

Businesses are adopting a more nuanced workload-centric strategy.

What’s your opinion?

Distributed Hybrid Infrastructure Offerings Are The New Multi-Cloud

Distributed Hybrid Infrastructure Offerings Are The New Multi-Cloud

Since VMware belongs to Broadcom, there was less focus and messaging on multi-cloud or supercloud architectures. Broadcom has drastically changed the available offerings and VMware Cloud Foundation is becoming the new vSphere. Additionally, we have seen big changes regarding the partnerships with hyperscalers (the Azures and AWSes of this world) and the VMware Cloud partners and providers. So, what happened to multi-cloud and how come that nobody (at Broadcom) talks about it anymore?

What is going on?

I do not know if it’s only me, but I do not see the term “multi-cloud” that often anymore. Do you? My LinkedIn feed is full of news about artificial intelligence (AI) and how Nvidia employees got rich. So, I have to admit that I lost track of hybrid clouds, multi-clouds, or hybrid multi-cloud architectures. 

Cloud-Inspired and Cloud-Native Private Clouds

It seems to me that the initial idea of multi-cloud has changed in the meantime and that private clouds are becoming platforms with features. Let me explain.

Organizations have built monolithic private clouds in their data centers for a long time. In software engineering, the word “monolithic” describes an application that consists of multiple components, which form something larger. To build data centers, we followed the same approach by using different components like compute, storage, and networking. And over time, IT teams started to think about automation and security, and the integration of different solutions from different vendors.

The VMware messaging was always pointing in the right direction: They want to provide a cloud operating system for any hardware and any cloud (by using VMware Cloud Foundation). On top of that, build abstraction layers and leverage a unified control plane (aka consistent automation and operations).

And I told all my customers since 2020 that they need to think like a cloud service provider, get rid of silos, implement new processes, and define a new operating model. That is VMware by Broadcom’s messaging today and this is where they and other vendors are headed: a platform with features that provide cloud services.

In other words, and this is my opinion, VMware Cloud Foundation is today a platform with different components like vSphere, vSAN, NSX, Aria, and so on. Tomorrow, it is still called VMware Cloud Foundation, a platform that includes compute, storage, networking, automation, operations, and other features. No more other product names, just capabilities, and services like IaaS, CaaS, DRaaS or DBaaS. You just choose the specs of the underlying hardware and networking, deploy your private clouds, and then start to build and consume your services.

Replace the name “VMware Cloud Foundation” in the last paragraph with AWS Outposts or Azure Stack. Do you see it now? Distributed unmanaged and managed hybrid cloud offerings with a (service) consumption interface on top.

That is the shift from monolithic data centers to cloud-native private clouds.

From Intercloud to Multi-Cloud

It is not the first time that I write about interclouds, that not many of us know. In 2012, there was this idea that different clouds and vendors need to be interoperable and agree on certain standards and protocols. Think about interconnected private and public clouds, which allow you to provide VM mobility or application portability. Can you see the picture in front of you? What is the difference today in 2024?

In 2023, I truly believed that VMware figured it out when they announced VMware Cloud on Equinix Metal (VMC-E). To me, VMC-E was different and special because of Equinix, who is capable of interconnecting different clouds, and at the same time could provide a baremetal-as-a-service (BMaaS) offering.

Workload Mobility and Application Portability

Almost 2 years ago, I started to write a book about this topic, because I wanted to figure out if workload mobility and application portability are things, that enterprises are really looking for. I interviewed many CIOs, CTOs, chief architects and engineers around the globe, and it became VERY clear: it seems nobody was changing anything to make app portability a design requirement.

Almost all of the people I have spoken to, told me, that a lot of things must happen that could trigger a cloud-exit and therefore they see this as a nice-to-have capability that helps them to move virtual machines or applications faster from one cloud to another.

VMware Workload Mobility

And I have also been told that a lift & shift approach is not providing any value to almost all of them.

But when I talked to developers and operations teams, the answers changed. Most of them did not know that a vendor could provide mobility or portability. Anyway, what has changed now?

Interconnected Multi-Clouds and Distributed Hybrid Clouds

I mentioned it already before. Some vendors have realized that they need to deliver a unified and integrated programmable platform with a control plane. Ideally, this control plane can be used on-premises, as a SaaS solution, or both. And according to Gartner, these are the leaders in this area (Magic Quadrant for Distributed Hybrid Infrastructure):

Gartner Magic-Quadrant-for-Distributed-Hybrid-Infrastructure

In my opinion, VMware and Nutanix are providing a hybrid multi-cloud approach.

AWS and Microsoft are providing hybrid cloud solutions. In Microsoft’s case, we see Azure Stack HCI, Azure Kubernetes Service (AKS incl. Hybrid AKS) and Azure Arc extending Microsoft’s Azure services to on-premises data centers and edge locations.

The only vendor, that currently offers true multi-cloud capabilities, is Oracle. Oracle has Dedicated Region Cloud@Customer (DRCC) and Roving Edge, but also partnerships with Microsoft and Google that allow customers to host Oracle databases in Azure and Google Cloud data centers. Both partnerships come with a cross-cloud interconnection.

That is one of the big differences and changes for me at the moment. Multi-cloud has become less about mobility or portability, a single global control plane, or the same Kubernetes distribution in all the clouds, but more about bringing different services from different cloud providers closer together.

This is the image I created for the VMC-E blog. Replace the words “AWS” and “Equinix” with “Oracle” and suddenly you have something that was not there before, an interconnected multi-cloud.

What’s Next?

Based on the conversations with my customers, it does not feel that public cloud migrations are happening faster than in 2020 or 2022 and we still see between 70 and 80% of the workloads hosted on-premises. While we see customers who are interested in a cloud-first approach, we see many following a hybrid multi-cloud and/or multi-cloud approach. It is still about putting the right applications in the right cloud based on the right decisions. This has not changed.

But the narrative of such conversations has changed. We will see more conversations about data residency, privacy, security, gravity, proximity, and regulatory requirements. Then there are sovereign clouds.

Lastly, enterprises are going to deploy new platforms for AI-based workloads. But that could still take a while.

Final Thoughts

As enterprises continue to navigate the above mentioned complexities, the need for flexible, scalable, and secure infrastructure solutions will only grow. There are a few compelling solutions that bridge the gap between traditional on-premises systems and modern cloud environments.

And since most enterprises are still hosting their workloads on-premises, they have to decide if they want to stretch the private cloud to the public cloud, or the other way around. Both options can co-exist, but would make it too big and too complex. What’s your conclusion?

VMware vSphere Foundation and VMware Cloud Foundation Overview

VMware vSphere Foundation and VMware Cloud Foundation Overview

As some of you already know, VMware by Broadcom is moving forward to primary offers only: VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF). If you have missed this announcement, have a look at my blog A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing.

Since a lot of solutions and different editions from before are included, I thought it might be helpful to summarize in a little bit more detail what is known to partners, analysts, and some customers already. I am also adding some screenshots from VMware websites and presentations, which should help everyone get a better understanding of VVF and VCF.

vSphere Foundation and VMware Cloud Foundation

I have included the vSphere editions for smaller use cases and projects as well.

Please note that ROBO licenses are not available anymore and I expect the edge division at VMware by Broadcom to come up with additional bundles in the future.

VVF and VCF Products

More details about the different products and the features included in the Aria suites can be found here: VMware Aria Suite Editions and Products

If you are looking for more information about the Aria Operations management packs (formerly known as True Visibility Suite or Aria Operations for Integrations), have a look here: VMware Aria Operations for Integrations Documentation

Add-ons for VVF and VCF

The table below gives you an overview of which add-ons are available at the time of writing this blog.

Make sure to contact your VMware representative to understand which add-ons are available for VVF and VCF.

Note: Available add-ons are the text in bold.

VVF and VCF Add-ons

Tanzu Guardrails (formerly VMware Aria Guardrails)

Looking at the official Tanzu Guardrails product website we can learn the following:

Tanzu Guardrails Editions

Note: It seems that Tanzu Hub is part of Tanzu Guardrails Advanced and Enterprise

SRE Services for VMware Cloud Foundation

VMware Site Reliability Engineering (SRE) Services for VMware Cloud Foundation provide VMware expertise to create highly reliable and scalable cloud environments. The services provide a range of capabilities from patching and upgrades to security hardening to automated management and operations.

The SRE Services for VCF datasheet can be found here.

How to count cores for VVF/VCF and TiBs for vSAN add-on?

Please have a look at this updated knowledgebase article: KB95927

What about VMwara Aria SaaS?

Customers have no more option to buy VMware Aria products as standalone products or as SaaS: https://blogs.vmware.com/management/2024/01/dramatic-simplification-of-vmware-aria-as-part-of-vmware-cloud-foundation.html

The Aria cloud management capabilities are available only as components of VMware vSphere Foundation and VMware Cloud Foundation, which are sold for deployment on-premises or on certain public cloud providers including VMware Cloud on AWS. Existing Aria SaaS subscriptions will continue through the end of their term. At time of renewal, customers should purchase VMware vSphere Foundation and VMware Cloud Foundation.

Use this KB96168 to understand which products are impacted by this new policy.

What about Tanzu products?

For some of us, it seems that the Tanzu products are only available as VVF/VCF add-ons, which is not true.

Based on the different comments on various social media platforms and the interviews we have seen from VMware by Broadcom executives, we can say the following:

  • vSphere with Tanzu (aka TKGs) with its Supervisor architecture is going to be the long-term strategy (part of VVF and VCF)
  • Heavy focus on Tanzu Application Platform (TAP) and Tanzu For Kubernetes Operations (TKO)
  • We can expect continued support for TKGm and TKGi

Tanzu Portofolio and Strategy Recap

At VMware Explore 2023, VMware presented the “develop, operate, optimize” approach when they talk about platform engineering:

  1. Develop – Secure paths to production
  2. Operate – Deploy, managed and scale applications seamlessly
  3. Optimize – Continuously tune cost, performance and security of applications at runtime

We learned that VMware (by Broadcom) is going to invest in TAP, Spring, TKO and data services. What’s the difference between TAS and TAP again?

  • Tanzu Application Service – Opinionated platform built on Cloud Foundry
  • Tanzu Application Platform – Modular and portable PaaS for any conformant Kubernetes

Tanzu Portfolio Jan 2024

Tanzu for Kubernetes Operations Refresher

TKO comes in two different editions:

  • Tanzu for Kubernetes Operations Foundation (TKO-F)
    • Tanzu Mission Control (includes TMC self-managed)
    • Tanzu Service Mesh
  • Tanzu for Kubernetes Operations (TKO)
    • Tanzu Mission Control (includes TMC self-managed)
    • Tanzu Service Mesh
    • Tanzu Observability (aka Aria Operations for Apps, formerly Wavefront)
    • Antrea (CNI)
    • TKGm
    • Harbor, HA Proxy, Calico, FluentBit, Contour, Prometheus, Grafana
    • Avi Essentials (NSX ALB)

Note: NSX Advanced Load Balancer (aka NSX ALB) is no longer part of TKO since NSX ALB can be purchased as an add-on

Last Comments

While I was waiting to publish this blog, William Lam wrote a more detailed blog about VMware vSphere Foundation and VMware Cloud Foundation as well.

It is still early days and we can expect more updates from VMware by Broadcom soon. 🙂

 

A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing

A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing

Krish Prasad, VMware Cloud Foundation division General Manager, published this blog a few hours ago: https://news.vmware.com/company/vmware-by-broadcom-business-transformation

He announced a massive simplification of the VCF division’s product portfolio, which should help customers get more value for their investment in VMware solutions. To summarize Krish’s announcement:

  • There are going to be two primary standardized offers only from now on: vSphere Foundation and VMware Cloud Foundation (VCF)
  • End of sale of perpetual licenses and Support and Subscription (SnS) renewals
  • Bring-your-own-subscription license (BYOL) option, which provides portability to VMware-validated hybrid clouds running VMware Cloud Foundation

Disclaimer: This blog should provide customers and partners with a summary and some additional information from Krish’s announcement. There is also a chance that some of my understanding is incomplete or wrong. This article reflects my personal opinion and understanding, not Broadcom’s.

I will update the blog over the next few days and weeks.

vSphere Editions

The primary vSphere edition moving forward is called “vSphere Foundation”:

The new VMware vSphere Foundation delivers a more simplified enterprise-grade workload platform for our mid-sized to smaller customers. This solution integrates vSphere with our intelligent operations management to provide the best performance, availability, and efficiency with greater visibility and insights.

In other words, from now on vSphere customers get Aria Operations Advanced (formerly known as vRealize Operations) and Aria Operations for Logs (formerly known as vRealize Log Insight) together with vSphere (which has vCenter and Tanzu Kubernetes Grid included).

vSphere Essentials Plus Kit

Components:

  • vSphere Essentials Plus
  • vCenter Essentials
  • Per 96-core Kit (3 host max. / 6 CPU limit / 192-core limit; a host can have either 1x 64 cores or 2x 32 cores max.)
  • Includes Production Support

vSphere Standard

Components:

  • vSphere Standard
  • vCenter Standard
  • Includes Production Support

vSphere Foundation (VVF)

Components:

  • vSphere Enterprise Plus
  • vCenter Standard
  • Tanzu Kubernetes Grid (TKG)
  • vSAN Enterprise 100 GiB free (see FAQ below)
  • Aria Suite Term Standard
    • Includes Aria Operations Advanced and Aria Operations for Logs
  • Includes Production Support
  • Plus Available Add-ons

Add-on Offerings

VMware vSAN Enterprise (add-on for VCF and vSphere Foundation only)

VMware Cloud Disaster Recovery / Ransomware Recovery  (add-on for VCF and vSphere Foundation only)

Site Recovery Manager Enterprise

VMware Advanced Load Balancer (aka Avi)

VMware Firewall (add-on for VCF only), aka NSX Distributed Firewall

VMware Firewall with Advanced Threat Protection (ATP) (add-on for VCF only)

Tanzu Intelligence (details not clear yet)

Tanzu Mission Control (SaaS and self-managed)

Tanzu Application Platform / Spring Runtime (details not clear yet)

More add-ons coming in future (for example Private AI Foundation)

VMware Cloud Customer Journey

Existing VCF or future vSphere Foundation customers would go for the new VMware Cloud Foundation now, which can now be considered a true full-stack private and hybrid cloud stack:

VMware Cloud Foundation, our flagship enterprise-class hybrid cloud solution for customers to run their business critical and modern applications – in a secure, resilient and cost efficient manner. To allow more customers to benefit from this solution, we’ve reduced the previous subscription list price by half and added higher support service levels including enhanced support for activating the solution and lifecycle management.

Very important in case you missed that from the vSphere Foundation section above: Moving forward, VMware Cloud Foundation only includes NSX for network virtualization (overlay), with no more micro-segmentation or distributed firewalling (DFW) capabilities.

In other words, customers who need NSX’s DFW (VMware Firewall add-on) capabilities, need a VCF subscription first, which includes NSX.

Note: Currently, all new licensing bundles are coming in a “disconnected” fashion (no VMware Cloud connectivity)

While Krish mentioned BYOL and license portability in the future, there seem to be no immediate changes about the VMware Cloud and other hyperscaler offerings.

VMware Cloud Foundation (VCF)

Components:

  • vSphere Enterprise Plus
    • Includes TKG and vCenter Standard
  • vSAN Enterprise per TiB per X amount of cores
  • Aria Suite Enterprise
    • Aria Operations Enterprise (includes Aria Operations for Logs)
    • Aria Automation
  • NSX Networking for VCF
  • HCX Enterprise
  • Aria Operations for Networks Enterprise (formerly known as vRealize Network Insight)
  • SDDC Manager
  • Includes Select Support
    • Includes SRE (customers must deploy SDDC Manager to be entitled to SRE)
  • Add-ons: See above

Note: Going forward, standalone offerings are being EOA-ed (end of availability) – no more VCF components “a la carte”

VMware Cloud on X

We can expect that long-term these VMC or hyperscaler subscription offerings will converge to VCF.

Final Comments

Look, I do not have all the answers and information yet, because it is a lot to unpack. That is all I can share with you right now. Be patient. 🙂

But, this announcement from Broadcom (Krish) was an unexpected surprise since almost everyone was expecting price increases after the acquisition. Instead, Broadcom is cutting the subscription pricing in half!

An update of the above content can be found here: VMware vSphere Foundation and VMware Cloud Foundation Overview

Additional Resources

Unofficial Licensing FAQ

  • Q: What if I am a vSphere Essentials customer?
    • A: I would recommend the vSphere Essentials Plus Kit
  • Q: What if I only need vSphere Enterprise Plus?
    • A: Your best option is vSphere Foundation. There are no more standalone products.
  • Q: Do I need VCF if I want NSX distributed firewall?
    • A: Yes, at the moment this seems to be the case that the “VMware Firewall” (distributed firewall aka micro-segmentation) add-on cannot be subscribed as a vSphere Foundation customer. The same is true of other features like security or gateway firewall.
  • Q: What if have/need vSphere for Desktop?
    • A: The recommended solution is vSphere Foundation
  • Q: What if I am a vCloud Suite customer?
    • A: VMware Cloud Foundation makes sense for vCloud Suite Enterprise and Advanced editions. If you have vCloud Suite Standard I recommend vSphere Foundation going forward.
  • Q: How many vCenters are included?
    • A: To my knowledge, it is one vCenter per core. So, one could say that this means “unlimited”.
  • Q: What happens to the Avi (NSX ALB) Basic edition?
    • A: It seems there will be no Avi Basic anymore. Customers need to go for the add-on.
  • Q: Do customers from now on need to deploy SDDC Manager as part of VMware Cloud Foundation?
    • A: No, they do not. But to be entitled to SRE, you need to deploy the full stack.
  • Q: How is Site Recovery Manager (SRM) Enterprise licensed?
    • A: Per protected 25-VMs
  • Q: What about the True Visibility Suite (TVS)?
    • A: These management packs will be enabled as part of the Aria Suites which are included in vSphere Foundation and VMware Cloud Foundation.
  • Q: What about (vSAN) ROBO licenses?
    • A: ROBO licenses are EOA as well, but all vSphere Foundation customers will receive vSAN Enterprise 100 GiB (for free) for every core purchased.
  • Q: What is included in the Tanzu Intelligence add-on?
    • A: Tanzu Guardrails (Advanced or Enterprise), Aria Operations for Apps (formerly known as Tanzu Observability (aka Wavefront)), Tanzu Application Catalog, Tanzu CloudHealth Enterprise, Tanzu Insights
  • Q: What happened to SaltStack Cionfig and SecOps?
    • A: Both are part of the Tanzu Guardrails Enterprise add-on
  • Q: Can customers mix perpetual and new offerings?
    • A: In general yes.
  • Q: Can you tell me more about the vSAN free tier included with vSphere Foundation?
    • A: It seems you are going to be entitled to a maximum of 100GiB per core in the vSAN storage cluster. Example: 4 hosts with 32 cores each * 100GiB = 12.8TiB (without paying for any vSAN add-on!).
      • Important: This feature will be available in one of the upcoming releases. Hopefully in vSphere 8.0U3 🙂
VMware Cloud Foundation 5.1 – Technical Overview

VMware Cloud Foundation 5.1 – Technical Overview

This technical overview supersedes this version, which was based on VMware Cloud Foundation 5.0, and now covers all capabilities and enhancements that were delivered with VCF 5.1.

What is VMware Cloud Foundation (VCF)?

VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. VCF is based on different components like vSphere (compute), vSAN (storage), NSX (networking), and some parts of the Aria Suite (formerly vRealize Suite). The idea of VCF follows a standardized, automated, and validated approach that simplifies the management of all the needed software-defined infrastructure resources.

This stack provides customers with consistent infrastructure and operations in a cloud operating model that can be deployed on-premises, at the edge, or in the public cloud.

What software is being delivered in VMware Cloud Foundation?

Update February 16th, 2024: Please have a look at this article to understand the current VCF licensing. I will publish an updated version of this blog as soon as VMware Cloud Foundation 5.2 has been released.

The BoM (bill of materials) is changing with each VCF release. With VCF 5.1 the following components and software versions are included:

 

Software Component

Version

Date

Build Number

Cloud Builder VM

5.1

07 NOV 2023

22688368

SDDC Manager

5.1

07 NOV 2023

22688368

VMware vCenter Server Appliance

8.0 Update 2a

26 OCT 2023

22617221

VMware ESXi

8.0 Update 2

21 SEP 2023

22380479

VMware vSAN Witness Appliance

8.0 Update 2

21 SEP 2023

22385739

VMware NSX

4.1.2.1

7 NOV 2023

22667789

VMware Aria Suite Lifecycle

8.14

19 OCT 2023

22630473

  • VMware vSAN is included in the VMware ESXi bundle.
  • You can use VMware Aria Suite Lifecycle to deploy VMware Aria Automation, VMware Aria Operations, VMware Aria Operations for Logs, and Workspace ONE Access. VMware Aria Suite Lifecycle determines which versions of these products are compatible and only allows you to install/upgrade to supported versions.
  • VMware Aria Operations for Logs content packs are installed when you deploy VMware Aria Operations for Logs.
  • The VMware Aria Operations management pack is installed when you deploy VMware Aria Operations.
  • You can access the latest versions of the content packs for VMware Aria Operations for Logs from the VMware Solution Exchange and the VMware Aria Operations for Logs in-product marketplace store.

What’s new with VCF 5.1?

Important changes mentioned in the release notes:

  • Support for vSAN ESA.vSAN ESA is an alternative, single-tier architecture designed ground-up for NVMe-based platforms to deliver higher performance with more predictable I/O latencies, higher space efficiency, per-object based data services, and native, high-performant snapshots.
    VCF 5.1 vSAN ESA
  • vSphere Distributed Services engine for Ready nodes. AMD-Pensando and NVIDIA BlueField-2 DPUs are now supported. Offloading the Virtual Distributed Switch (VDS) and NSX network and security functions to the hardware provides significant performance improvements for low latency and high bandwidth applications. NSX distributed firewall processing is also offloaded from the server CPUs to the network silicon.
  • Mixed-mode Support for Workload Domains​. A VCF instance can exist in a mixed BOM state where the workload domains are on different VCF 5.x versions. Note: The management domain should be on the highest version in the instance.
    VCF 5.1 Mixed Mode
  • Support for mixed license deployment. A combination of keyed and keyless licenses can be used within the same VCF instance.
  • VMware vRealize rebranding. VMware recently renamed vRealize Suite of products to VMware Aria Suite. See the Aria Naming Updates blog post for more details.
  • Increased GPU scale. VMware Cloud Foundation 5.1 provides increased support for VMs to be configured with up to 16 GPU devices.
    VCF 5.1 GPU Scale

What are the VMware Cloud Foundation components?

To manage the logical infrastructure in the private cloud, VMware Cloud Foundation augments the VMware virtualization and management components with VMware Cloud Builder and VMware Cloud Foundation SDDC Manager.

VMware Cloud Foundation Component Description
VMware Cloud Builder VMware Cloud Builder automates the deployment of the software-defined stack, creating the first software-defined unit known as the management domain.
SDDC Manager

SDDC Manager automates the entire system life cycle, that is, from configuration and provisioning to upgrades and patching including host firmware, and simplifies day-to-day management and operations. From this interface, the virtual infrastructure administrator or cloud administrator can provision new private cloud resources, monitor changes to the logical infrastructure, and manage life cycle and other operational activities.

VMware Cloud Foundation SDDC Manager Dashboard

vSphere

vSphere uses virtualization to transform individual data centers into aggregated computing infrastructures that include CPU, storage, and networking resources. VMware vSphere manages these infrastructures as a unified operating environment and provides you with the tools to administer the data centers that participate in that environment.

The two core components of vSphere are ESXi and vCenter Server. ESXi is the virtualization platform where you create and run virtual machines and virtual appliances. vCenter Server is the service through which you manage multiple hosts connected in a network and pool host resources.

vSAN

vSAN aggregates local or direct-attached data storage devices to create a single storage pool that is shared across all hosts in the vSAN cluster. Using vSAN removes the need for external shared storage, and simplifies storage configuration and virtual machine provisioning. Built-in policies allow for flexibility in data availability.

NSX NSX is focused on providing networking, security, automation, and operational simplicity for emerging application frameworks and architectures that have heterogeneous endpoint environments and technology stacks. NSX supports cloud-native applications, bare-metal workloads, multi-hypervisor environments, public clouds, and multiple clouds.
vSphere with Tanzu By using the integration between VMware Tanzu and VMware Cloud Foundation, you can deploy and operate the compute, networking, and storage infrastructure for vSphere with Tanzu, also called Workload Management. vSphere with Tanzu transforms vSphere to a platform for running Kubernetes workloads natively on the hypervisor layer. When enabled on a vSphere cluster, vSphere with Tanzu provides the capability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters within dedicated resource pools.
VMware Aria Suite

VMware Cloud Foundation supports automated deployment of VMware Aria Suite Lifecycle. You can then deploy and manage the life cycle of Workspace ONE Access and the VMware Aria Suite products (VMware Aria Operations for Logs, VMware Aria Automation, and VMware Aria Operations) by using VMware Aria Suite Lifecycle.

VMware Aria Suite is a purpose-built management solution for the heterogeneous data center and the hybrid cloud. It is designed to deliver and manage infrastructure and applications to increase business agility while maintaining IT control. It provides the most comprehensive management stack for private and public clouds, multiple hypervisors, and physical infrastructure.

VMware Cloud Foundation Architecture

VCF is made for greenfield deployments (brownfield not supported) and supports two different architecture models:

  • Standard Architecture
  • Consolidated Architecture

VMware Cloud Foundation Deployment Options

The standard architecture separates management workloads and lets them run on a dedicated management workload domain. Customer workloads are deployed on a separate virtual infrastructure workload domain (VI workload domain). Each workload domain is managed by a separate vCenter Server instance, which allows autonomous licensing and lifecycle management.

VMware Cloud Foundation Single Site Deployment

Note: The standard architecture is the recommended model because it separates management workloads from customer workloads.

Customers with a small environment (or a PoC) can start with a consolidated architecture. This allows you to run customer and management workloads together on the same workload domain (WLD).

Management Domain

The management domain is created during the bring-up process by VMware Cloud Builder and contains the VMware Cloud Foundation management components as follows:

  • Minimum four ESXi hosts

  • An instance of vCenter Server

  • A three-node NSX Manager cluster

  • SDDC Manager

  • vSAN datastore
  • One or more vSphere clusters each of which can scale up to the vSphere maximum of 64

VI Workload Domains

You create VI workload domains to run customer workloads. For each VI workload domain, you can choose the storage option – vSAN, NFS, vVols, or VMFS on FC.

VMware Cloud Foundation Storage Options

A VI workload domain consists of one or more vSphere clusters. Each cluster starts with a minimum of three hosts and can scale up to the vSphere maximum of 64 hosts. SDDC Manager automates the creation of the VI workload domain and the underlying vSphere clusters.

For the first VI workload domain in your environment, SDDC Manager deploys a vCenter Server instance and a three-node NSX Manager cluster in the management domain. For each subsequent VI workload domain, SDDC Manager deploys an additional vCenter Server instance. New VI workload domains can share the same NSX Manager cluster with an existing VI workload domain or you can deploy a new NSX Manager cluster. VI workload domains cannot use the NSX Manager cluster for the management domain.

What is a vSAN Stretched Cluster?

vSAN stretched clusters extend a vSAN cluster from a single site to two sites for a higher level of availability and inter-site load balancing.

VMware Cloud Foundation Stretched Cluster

Does VCF provide flexible workload domain sizing?

Yes, that’s possible. You can license the WLDs based on your needs and use the editions that make the most sense depending on your use cases.

VMware Cloud Foundation Flexible Licensing

How many physical nodes are required to deploy VMware Cloud Foundation?

A minimum of four physical nodes is required to start in a consolidated architecture or to build your management workload domain. Four nodes are required to ensure that the environment can tolerate a failure while another node is being updated.

VI workload domains require a minimum of three nodes.

Can I mix vSAN ReadyNodes and Dell EMC VxRail deployments?

No. This is not possible.

What about edge/remote use cases?

When you would like to deploy VMware Cloud Foundation workload domains at a remote site, you can deploy so-called “VCF Remote Clusters”. Those remote workload domains are managed by the VCF instance at the central site and you can perform the same full-stack lifecycle management for the remote sites from the central SDDC Manager.

VMware Cloud Foundation Remote Cluster

Prerequisites to deploy remote clusters can be found here.

Note: If vSAN is used, VCF only supports a minimum of 3 nodes and a maximum of 4 nodes per VCF Remote Cluster. If NFS, vVOLs or Fiber Channel is used as principal storage, then VCF supports a minimum of 2 and a maximum of 4 nodes.

Important: Remote clusters and remote workload domains are not supported when VCF+ is enabled.

How many resources does the VCF management WLD need during the bring-up process?

We know that VCF includes vSphere (ESXi and vCenter), vSAN, SDDC Manager, NSX and eventually some components of the vRealize Suite. The following table should give you an idea what the resource requirements look like to get VCF up and running:

VMware Cloud Foundation Resource Requirements

If you are interested to know how many resources the Aria Suite (formerly vRealize Suite) will consume of the management workload domain, have a look at this table:

VMware Cloud Foundation Resource Requirements vRealize

Does VCF support HCI Mesh?

Yes. VMware Cloud Foundation 4.2 and later supports sharing remote datastores with HCI Mesh for VI workload domains.

HCI Mesh is a software-based approach for disaggregation of compute and storage resources in vSAN. HCI Mesh brings together multiple independent vSAN clusters by enabling cross-cluster utilization of remote datastore capacity within vCenter Server. HCI Mesh enables you to efficiently utilize and consume data center resources, which provides simple storage management at scale.

Note: At this time, HCI Mesh is not supported with VCF ROBO.

Important: HCI Mesh can be configured with vSAN OSA or ESA. HCI Mesh is not supported between a mix of
vSAN OSA and ESA clusters.

Does VMware Cloud Foundation support vSAN Max?

At the time of writing, no.

How is VMware Cloud Foundation licensed?

Currently, VCF is sold as part of VMware Cloud editions.

How can I migrate my workloads from a non-VCF environment to a new VCF deployment?

VMware HCX provides a path to modernize from a legacy data center architecture by migrating to VMware Cloud Foundation.

VMware Cloud Foundation HCX

Can I install VCF in my home lab?

Yes, you can. With the VLC Lab Constructor, you can deploy an automated VCF instance in a nested configuration. There is also a Slack VLC community for support.

VCF Lab Constructor

Note: Please have a look at “VCF Holodeck” if you would like to create a smaller “sandbox” for testing or training purposes

VCF Holodeck Toolkit 

Where can I find more information about VCF?

Please consult the VMware Cloud Foundation FAQ for more information.

VMware Explore 2023 – Major Announcements

VMware Explore 2023 – Major Announcements

After Las Vegas, I was lucky enough to attend VMware Explore 2023 in Barcelona as well. This article gives you an overview of some of the major announcements. In case you missed the announcements from Las Vegas in August 2023, have a look here: https://www.cloud13.ch/2023/08/22/vmware-explore-2023-us-day-1-announcements/

VMware Sovereign Cloud

Today, VMware announced new innovations and technology partnerships that will help accelerate sovereign digital innovation and enhance security for customers around the world. Today, more than 50 VMware Sovereign Cloud providers in 33 countries are part of a powerful, interconnected, and diverse ecosystem that supports customers’ sovereign cloud requirements. Together, VMware and VMware Sovereign Cloud partners are helping organizations unlock the innovative power of their data while remaining compliant with data privacy regulations.

Details can be found here: https://news.vmware.com/releases/vmware-explore-2023-barcelona-sovereign-cloud 

Software-Defined Data Center

Since VMware announced vSphere 8.0 U2 and vSAN 8.0 U2 in Las Vegas, and NSX 4.1.2 in October 2023, we only heard about the future VMware Cloud Foundation 5.1 release in Barcelona.

VMware Cloud Foundation (VCF)

VMware announced VCF 5.1 with the following BOM:

VMware Cloud Foundation 5.1 BOM

Here is a list with other enhancements:

  • VCF Support for vSAN Express Storage Architecture (ESA)
  • Networking and Security Enhancements
  • vSphere Distributed Services Engine for VCF environments (support for DPUs)
  • GPU Enhancements for Performance and Scale (up to 16 GPUs/vGPUs per VM)
  • Mixed-mode Support for Workload Domains (run VCF 5.x workload domains of different versions)
  • Terraform Provider for VMware Cloud Foundation
  • Run VCF 5.x workload domains of different versions (key-based & keyless licensing options for brownfield deployments)

VCF Mixed Mode

Note: VMware Cloud Foundation 5.1 is now available for perpetual deployments, subscription environments will be supported with VCF 5.1 at a later date.

Ransomware

VMware announced the upcoming launch of VMware Live Recovery, a new solution that provides protection against ransomware as well as disaster recovery across VMware Cloud in one unified console. VMware Live Recovery is designed to help organizations protect their VMware-based applications and data from a wide variety of threats, including ransomware attacks, infrastructure failure, human error, and more. By bringing together the functions of established products VMware Site Recovery Manager and VMware Cloud Disaster Recovery with Ransomware Recovery – and combining them under a unified, flexible, and SaaS-based console – customers can realize comprehensive enterprise protection within a single solution.

VMware Live Recovery provides:

  • Secure Cyber Recovery. VMware Live Recovery will enable organizations to recover from ransomware attacks confidently and quickly.
  • Unified Protection. VMware Live Recovery will provide a single console to manage ransomware and disaster recovery functionality, simplifying administration across the enterprise.
  • Simplified Consumption. VMware Live Recovery will offer flexible licensing across use cases and clouds, making it easy for organizations to get the protection they need.

Modern Applications

Have a look at this blog to understand the enhancements made to Tanzu Hub and Tanzu Intelligence Services: https://tanzu.vmware.com/content/blog/tanzu-hub-integrations-explore-2023 

Tanzu Application Platform 1.7

If you are interested in TAP, have a look at this blog: https://tanzu.vmware.com/content/blog/tanzu-application-platform-1-7-release-news

Tanzu Application Service 5.0

Should you be looking for the TAS 5.0 announcement, have a look at this blog: https://tanzu.vmware.com/content/blog/tanzu-application-service-5-release-news 

Tanzu Application Catalog

After Tanzu Application Catalog was renamed to VMware Application Catalog in November 2021, it now seems to be called Tanzu Application Catalog again. 😀

I think the same is true for Tanzu Data Services, which was renamed to VMware Data Services, which now seems to be known as Tanzu Data Services.

Tanzu Data Services

VMware announced the next major release for Data Services Manager (DSM) and two new partnerships.

Data Services Manager 2.0 (DSM)

VMware vision is to make data easy to store, manage, and consume on any VMware cloud.

The upcoming release of Data Services Manager will be tightly integrated with VMware Cloud Foundation, with built-in database visibility and resource controls accessible through vSphere UI and APIs. Data Services Manager 2.0 will also support enhanced automation for data services lifecycle management, including non-disruptive patching and upgrades. Finally, it will deliver cloud-native self-service capabilities for application teams through tools of their choice, with support for VMware Aria Automation and Kubernetes. Last but not least, with version 2.0, Data Services Manager will become a platform for managing different data services, based not only on data engines that come from VMware (currently Tanzu SQL), but also engines from 3rd parties.

That is why they announced the initial key partnerships with Google Cloud for AlloyDB Omni and MinIO for Object Storage on VMware Cloud Foundation. All managed by DSM with the same features, workflows, and user experience. This includes deeper integration with vSphere as well as VMware vSAN with data path optimizations and the use of features like snapshots and clones.

VMware Data Services Manager 2.0

Note: Expected GA date is January 2024

Anywhere Workspace

The end-user computing related announcements are summarized in this blog: https://blogs.vmware.com/euc/2023/11/whats-new-in-anywhere-workspace-at-vmware-explore-barcelona-2023.html