VMware Aria Archives

VMware Cloud Foundation Spotlight – February 2024

Feb 16, 2024 | ESXi, NSX, VMware Aria, VMware Cloud Foundation, vSAN, vSphere

I remember during all those years when I told customers that “VMware Cloud Foundation is the new vSphere”, and in my opinion, Broadcom is preparing the way that VMware Cloud Foundation (VCF) becomes long-term the new de facto standard in data centers (and public clouds). With this first spotlight, I would like to highlight some of the new information from VMware by Broadcom.

End of General Availability of the Free vSphere Hypervisor

In case you missed the information in the blog VMware End Of Availability of Perpetual Licensing and SaaS Services:

There is no “replacement product” for the “VMware vSphere Hypervisor free edition”. The recently published KB2107518 confirms it:

As part of the transition of perpetual licensing to new subscription offerings, the VMware vSphere Hypervisor (Free Edition) has been marked as EOGA (End of General Availability). At this time, there is not an equivalent replacement product available.

VMware Data Services Strategy

VMware announced at VMware Explore 2023 that Data Services Manager 2.0 (DSM 2.0) is going to be a key component of their strategy and that it will be tightly integrated with VMware Cloud Foundation. Back in November, VMware expected the next generation of DSM to be available in Q4 FY24 (aka Q1 calendar year 2024 for us), which would be soon.

In response to a growing need from customers to deliver and support next-gen cloud native and AI-powered applications in their private cloud, we are now including Data Services Manager in VMware Cloud Foundation to deliver a native infrastructure automation and management experience for data services.

Learn more about DSM 2.0 on Cormac Hogan’s blog: https://cormachogan.com/dsm/

Important: Data Services Manager is available for VCF customers only.

VCF – vSAN Capacity

The script and license calculator from VMware show no more 8 TiB minimum requirement per CPU socket. Have not seen any official announcement yet.

Any news about the VMware Firewall and VMware Firewall with ATP add-ons?

No. It is still the case that customers, who need NSX’s distributed firewall or ATP (advanced threat prevention) capabilities, need to purchase these add-ons to VCF. In other words, you need to have VMware Cloud Foundation and you cannot get these add-ons as standalone products independently from VCF.

ROBO and Edge Compute Stack

VMware announced last week two new Edge Compute Stack (ECS) editions:

ECS Advanced Edition: VMware Edge Cloud Orchestrator (VECO), VMware vSphere Foundation (VVF)
ECS Enterprise Edition: VECO, VMware Cloud Foundation (VCF)

This is not a replacement for ROBO customers and use cases, but the new ECS offerings are specially made for edge use cases and hence might be the right solution for your needs.

Important: Not all VVF and VCF products and features are included in the ECS Editions. Example: With ECS Enterprise customers will manage their environments with VECEO instead of using SDDC Manager.

What happens if my VVF or VCF subscriptions expire?

The new subscription licenses customers get, have no expiration date. An expiring license should have no impact on your infrastructure, deployed VMware products continue to run as expected. After expiration, customers will not be able to receive support.

VMware Cloud Foundation – What is a Workload Domain?

https://www.youtube.com/watch?v=kwn1fqb3lts&ab_channel=VMwareCloudFoundation

Updated VMware Cloud Foundation Datasheet

We finally can find an updated VCF datasheet here.

What happened to the Avi Basic Edition?

It looks like the NSX Advanced Load Balancer (ALB) Basic Edition is not available anymore.

VMware is announcing the End of Availability of NSX Advanced Load Balancer (ALB) Basic Edition for new deployments and End of General Support (EoGS) for existing deployments.

Note: NSX ALB is now referred to as VMware Avi Load Balancer.

What about the future of Tanzu Kubernetes Grid (TKG)?

Please ask your VMware contact to organize a meeting with Timmy Carr, who can share more information about the TKG roadmap.

Hint: The roadmap for this year looks VERY promising!

Is VMware by Broadcom working on a VCF roadmap?

Yes, definitely. While I am not allowed to share any detailed information, here are some items my customers have on their wishlist:

Easier deployment and lifecycle management
Brownfield support (import existing vSphere, vSAN, NSX and Aria deployments)
Improvement of authentication and single sign-on
Decouple TKG and Kubernetes releases from vCenter
Include AI and cybersecurity capabilities
Reduce the number of needed VMware appliances
Single license and same version numbers for all VCF components
Improve certification management in all products

Note: In case you are looking for more technical information about VMware Cloud Foundation, have a look at my most recent technical overview.

VMware Cloud on AWS – Advanced Security Features

Let us talk about VMware Cloud now since we have not heard that much about it during the past months.

Today, we are happy to announce that to address these challenges, we are providing some advanced security features out of the box as part of VMware Cloud on AWS core service. Now customers can strengthen the security posture of their hybrid cloud infrastructure with advanced security capabilities such as Layer 7 Application ID, FQDN Filtering, and User Identity-based Firewall (IDFW). Starting Feb 1, 2024, these features are available at no extra cost in all the SDDCs (new and existing SDDCs). These features are available via VMware Direct as well as AWS Resell routes to market.

All customers will be automatically entitled to the advanced security features on Feb 1, 2024. To avail these features, customers simply need to activate the ‘NSX Advanced Firewall’ service from the Integrated Services Tab under the NSX Advanced Firewall tile on VMware Cloud Console.

Google Cloud VMware Engine License Portability

VMware by Broadcom announced in December 2023 that they are working on license portability and a bring-your-own-license model for VMware Cloud.

From now on customers will be able to purchase subscriptions of the new VMware Cloud Foundation software from Broadcom and flexibly use those subscriptions in Google Cloud VMware Engine, as well as their on-premises data centers. Customers will retain the rights to the software subscription when deploying VMware Cloud Foundation on Google Cloud VMware Engine and have the ability to move their subscription between supported environments as desired.

Google Cloud is the first partner that is going to support VMware Cloud Foundation license portability!

Note: Broadcom and Google Cloud expect VMware Cloud Foundation license portability to Google Cloud VMware Engine to be available publicly in the second quarter of the calendar year 2024.

Azure VMware Solution

The partnership with Microsoft continues under VMware by Broadcom: https://azure.microsoft.com/en-us/blog/continued-innovation-with-azure-vmware-solution/

VMware Private AI Foundation with NVIDIA

VMware Private AI Foundation will become available this quarter. In the meanwhile, have a look at this IDC whitepaper about “For Generative AI, Private Data Is the Differentiator But Poses Security Concerns“.

VMware vSphere Foundation and VMware Cloud Foundation Overview

Dec 22, 2023 | Edge Computing, ESXi, Kubernetes, NSX, Tanzu, VMware Aria, VMware Cloud Foundation, vSAN, vSphere

As some of you already know, VMware by Broadcom is moving forward to primary offers only: VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF). If you have missed this announcement, have a look at my blog A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing.

Since a lot of solutions and different editions from before are included, I thought it might be helpful to summarize in a little bit more detail what is known to partners, analysts, and some customers already. I am also adding some screenshots from VMware websites and presentations, which should help everyone get a better understanding of VVF and VCF.

vSphere Foundation and VMware Cloud Foundation

I have included the vSphere editions for smaller use cases and projects as well.

Please note that ROBO licenses are not available anymore and I expect the edge division at VMware by Broadcom to come up with additional bundles in the future.

VVF and VCF Products

More details about the different products and the features included in the Aria suites can be found here: VMware Aria Suite Editions and Products

If you are looking for more information about the Aria Operations management packs (formerly known as True Visibility Suite or Aria Operations for Integrations), have a look here: VMware Aria Operations for Integrations Documentation

Add-ons for VVF and VCF

The table below gives you an overview of which add-ons are available at the time of writing this blog.

Make sure to contact your VMware representative to understand which add-ons are available for VVF and VCF.

Note: Available add-ons are the text in bold.

VVF and VCF Add-ons

Tanzu Guardrails (formerly VMware Aria Guardrails)

Looking at the official Tanzu Guardrails product website we can learn the following:

Note: It seems that Tanzu Hub is part of Tanzu Guardrails Advanced and Enterprise

SRE Services for VMware Cloud Foundation

VMware Site Reliability Engineering (SRE) Services for VMware Cloud Foundation provide VMware expertise to create highly reliable and scalable cloud environments. The services provide a range of capabilities from patching and upgrades to security hardening to automated management and operations.

The SRE Services for VCF datasheet can be found here.

How to count cores for VVF/VCF and TiBs for vSAN add-on?

Please have a look at this updated knowledgebase article: KB95927

What about VMwara Aria SaaS?

Customers have no more option to buy VMware Aria products as standalone products or as SaaS: https://blogs.vmware.com/management/2024/01/dramatic-simplification-of-vmware-aria-as-part-of-vmware-cloud-foundation.html

The Aria cloud management capabilities are available only as components of VMware vSphere Foundation and VMware Cloud Foundation, which are sold for deployment on-premises or on certain public cloud providers including VMware Cloud on AWS. Existing Aria SaaS subscriptions will continue through the end of their term. At time of renewal, customers should purchase VMware vSphere Foundation and VMware Cloud Foundation.

Use this KB96168 to understand which products are impacted by this new policy.

What about Tanzu products?

For some of us, it seems that the Tanzu products are only available as VVF/VCF add-ons, which is not true.

Based on the different comments on various social media platforms and the interviews we have seen from VMware by Broadcom executives, we can say the following:

vSphere with Tanzu (aka TKGs) with its Supervisor architecture is going to be the long-term strategy (part of VVF and VCF)
Heavy focus on Tanzu Application Platform (TAP) and Tanzu For Kubernetes Operations (TKO)
We can expect continued support for TKGm and TKGi

Tanzu Portofolio and Strategy Recap

At VMware Explore 2023, VMware presented the “develop, operate, optimize” approach when they talk about platform engineering:

Develop – Secure paths to production
Operate – Deploy, managed and scale applications seamlessly
Optimize – Continuously tune cost, performance and security of applications at runtime

We learned that VMware (by Broadcom) is going to invest in TAP, Spring, TKO and data services. What’s the difference between TAS and TAP again?

Tanzu Application Service – Opinionated platform built on Cloud Foundry
Tanzu Application Platform – Modular and portable PaaS for any conformant Kubernetes

Tanzu Portfolio Jan 2024

Tanzu for Kubernetes Operations Refresher

TKO comes in two different editions:

Tanzu for Kubernetes Operations Foundation (TKO-F)
- Tanzu Mission Control (includes TMC self-managed)
- Tanzu Service Mesh
Tanzu for Kubernetes Operations (TKO)
- Tanzu Mission Control (includes TMC self-managed)
- Tanzu Service Mesh
- Tanzu Observability (aka Aria Operations for Apps, formerly Wavefront)
- Antrea (CNI)
- TKGm
- Harbor, HA Proxy, Calico, FluentBit, Contour, Prometheus, Grafana
- Avi Essentials (NSX ALB)

Note: NSX Advanced Load Balancer (aka NSX ALB) is no longer part of TKO since NSX ALB can be purchased as an add-on

Last Comments

While I was waiting to publish this blog, William Lam wrote a more detailed blog about VMware vSphere Foundation and VMware Cloud Foundation as well.

It is still early days and we can expect more updates from VMware by Broadcom soon. 🙂

VMware Explore 2023 – The Bigger Picture

Aug 29, 2023 | Edge Computing, Tanzu, VMware Aria, VMware Cloud, VMware Cloud Foundation, VMware Data, VMware Explore, vSphere

I was in Las Vegas last week to attend VMware Explore 2023 and I heard great discussions about multi-cloud and generative AI, and the future of VMware. There were also interesting opinions and some concerns about the Tanzu and Aria product lines – a few Aria products have been moved to the Tanzu portfolio and VMware rebranded four Aria products as Tanzu Intelligence Services. I understand that a portion of these announcements and changes might be confusing for customers and partners, and some people say everything which has been announced last week has something to do with the alignment to Broadcom’s strategy.

VMware Tanzu Doo

While a part of the above guesses/speculation might be true, I see a lot of potential, new opportunities, and enhancements. Yes, the future seems to be about multi-cloud and generative AI, but there is more than meets the eye.

Less Complexity

If you want to get subscriptions for vSphere, vSAN or VMware Cloud Foundation, there are different vSphere/VCF editions, HCI kits, and vCloud Suite editions (combination of the VMware Aria suite with vSphere) available – around 20 choices I would guess. That is why VMware announced five prescriptive VMware Cloud editions to reduce complexity and provide customers with more flexibility. The Aria Universal Suite can be found in all editions (essentials, standard, pro, advanced, enterprise). The VMware Cloud Foundation (VCF) components (vSphere, vSAN, NSX) are included in the VMware Cloud Advanced edition and above.

Do not forget: The whole VMware Cloud aka VMware Cloud Anywhere story builds upon VMware Cloud Foundation.

Operational Efficiency

With VMware Cloud Foundation and a VMware Cloud approach, customers and their IT teams can become cloud providers for their business and internal customers. It was mentioned during the general session and one of the solution keynotes and the whole crowd laughed and clapped after:

Recently, VMware announced VCF 5.0, which was a very big step forward. It took a while, but again, it is a very big step forward! Previous major VCF version upgrades required full migrations and upgrades can now be done three times faster. VMware also mentioned a 60% increase in workload capacity scale per VCF instance.

VMware One Click

This tells me that customers can soon build their own hyperscaler cloud on-premises and that VMware makes the life of partners like AWS, Microsoft, and Google Cloud easier for their own VCF-based implementation (VMware Cloud on AWS, Azure VMware Solution, Google Cloud VMware Engine).

VMware Cloud Foundation finally gets closer to the enterprises-readiness to become the “new vSphere”.

Compute

So far only been announced as early availability, VMware also wants to provide simpler ESXi fleet management, which focuses on benefits like:

Standardization across vCenters and data centers
Faster upgrades and reduced overall maintenance windows
Higher chances for upgrade success
Better guidance (e.g., knowledge base articles) and faster resolution with telemetry and logs
Reduction of potential security breaches (patching)

ESXi Fleet Mgmt

With the upcoming release of vSphere 8 Update 2, VMware provides significant improvements to several areas of maintenance to reduce the need for downtime and make those maintenance changes/improvements less disruptive.

Storage

Last year, with the release of vSphere/vSAN 8, VMware introduced the new vSAN Express Storage Architecture (ESA) as the next generation of hyperconverged infrastructure software. vSAN ESA enables new levels of performance, scalability, resilience, and simplicity with high-performance storage devices.

Note: This new architecture promised RAID-5/6 to perform equal to RAID-1!

With the announcement of the upcoming release of vSAN 8 Update 2, VMware introduced vSAN Max as the new (optional) solution for disaggregated storage deployment models.

Note: Disaggregation is about the non-linear scaling of compute and storage

vSAN Max

Customers get the ability to provision a vSAN cluster to be used as shared storage for vSphere-based (aka compute-only) clusters. Therefore, one can expect better scale-out scenarios and better cost efficiency.

Note: Storage disaggregation with vSAN ESA has been introduced with vSAN 8 Update 1 already.

What is the difference compared to vSAN 8 Update 2? Better scalability (capacity), better performance, and simpler operations with a single interface across the entire environment.

Networking – First-Ever Enterprise-Grade VPC for Private and Multi-Cloud

Starting with NSX 4.1.1, VMware introduces “NSX Virtual Private Clouds” (VPCs), which is an abstraction layer that simplifies setting up self-contained VPC networks within an NSX project to consume networking and security in a self-service model.

NSX VPC

The idea is to hide the complexity of the underlying NSX infrastructure, network topology, networking objects, and IP address management from the application owners. Meaning, that changes made within VPC environments have no impact on other tenants.

With these changes and enhancements in vSphere, vSAN, and NSX, VMware is moving in the right direction to provide a superior cloud stack.

Multi-Cloud and Generative AI

The main topic of the general session at VMware Explore was about the next generation of applications that are powered by generative AI. As always, VMware is far ahead and most customers are still struggling with the right multi-cloud approach before they can take care of this generative AI beast.

All of the major public cloud providers are VMware partners and the VMware Cloud (or supercloud) approach is gaining momentum.

After multi-cloud, one of the next trends is generative AI and VMware partners up with Nvidia to provide a so-called VMware Private AI Foundation that provides solutions for concerns and challenges like:

Data Access and Control
Regulatory Compliance
Data Sovereignty
Data Privacy
Ethical Considerations
(Vendor) Lock-In
Third-Party Dependencies

Addressing these concerns involves a combination of different vendors and cloud providers.

The Future

I first thought that VMware’s announcements were not very groundbreaking, but I can see the bigger picture now. Just needed more time to digest all the information.

It is about reducing complexity, increasing flexibility, making the consumption of VMware products easier, and preparing for the future (besides correcting mistakes). And it looks like the future of VMware is less about abstraction layers and more about providing control planes with the right platforms underneath.

If Broadcom can further improve the core products together with VMware and continues to work on workload mobility and application portability-related topics, I see golden times for VMware! And sunshine, unicorns and rainbows for all of you! 😉

More to come in November 2023 at VMware Explore Europe. 🙂

PS: In case you would like to read more about all the VMware Explore 2023 announcements, have a look at this article.

VMware Explore 2023 US – Day 1 Announcements

Aug 22, 2023 | AWS, Azure, Carbon Black, Cloud Native Apps, Data Protection, Edge Computing, Equinix, Google Cloud, HCX, Kubernetes, NSX, Oracle Cloud Infrastructure, Tanzu, VCPP, VMware Aria, VMware Cloud, VMware Cloud Foundation, VMware Data, VMware Explore, vSAN, vSphere

VMware Explore 2023 US is currently happening in Las Vegas and I am onsite! Below you will find an overview of the information that was shared with us during the general session and solution keynotes.

Please be aware that this list is not complete but it should include all the major announcements including references and sources.

VMware Aria and VMware Tanzu

Starting this year, VMware Aria and VMware Tanzu form a single track at VMware Explore and VMware introduced the develop, operate, and optimize pillars (DOO) for Aria and Tanzu around April 2023.

VMware Tanzu DOO Framework

The following name changes and adjustments have been announced at VMware Explore US 2023:

The VMware Tanzu portfolio includes two new product categories (product family) called “Tanzu Application Platform” and “Tanzu Intelligence Services”.
Tanzu Application Platform includes the products Tanzu Application Platform (TAP) and Tanzu for Kubernetes Operations (TKO), and the new Tanzu Application Engine module.
Tanzu Intelligence Services – Aria Cost powered by CloudHealth, Aria Guardrails, Aria Insights, and Aria Migration will be rebranded as “Tanzu” and become part of this new Tanzu Intelligence Services category.
- Tanzu Hub & Tanzu Graph
- Tanzu CloudHealth
- Tanzu Guardrails
- Tanzu Insights (currently known as Aria Insights)
- Tanzu Transformer (currently known as Aria Migration)
Aria Hub and Aria Graph are now called Tanzu Hub
VMware Cloud Packs are now called the VMware Cloud Editions (more information below)

Note: VMware expects to implement these changes latest by Q1 2024

The VMware Aria and Tanzu announcement and rebranding information can be found here.

Tanzu Mission Control

After the announcement that Tanzu Mission Control supports the lifecycle management of Amazon EKS clusters, VMware announced the expansion to provide lifecycle management capabilities of Microsoft AKS clusters now as well.

Tanzu Application Engine (Private Beta)

VMware announced a new solution for the Tanzu Application Platform category.

VMware Tanzu for Kubernetes Operations is introducing Tanzu Application Engine, enhancing multi-cloud support with lifecycle management of Azure AKS clusters, and offering new Kubernetes FinOps (cluster cost) visibility. A new abstraction that includes workload placement, K8s runtime, data services, libraries, infra resources, with a set of policies and guardrails.

The Tanzu Application Engine announcement can be found here.

VMware RabbitMQ Managed Control Plane

I know a lot of customers who built an in-house RabbitMQ cloud service.

VMware just announced a beta program for a new VMware RabbitMQ Managed Control Plane which allows enterprises to seamlessly integrate RabbitMQ within their existing cloud environment, offering flexibility and control over data streaming processes.

What’s New with VMware Aria?

Other Aria announcements can be found here.

What’s New with VMware Aria Operations at VMware Explore

Next-Gen Public Cloud Management with VMware Aria Automation

VMware Cloud Editions

What has started with four different VMware Cloud Packs, is now known as “VMware Cloud Editions” with five different options:

VMware Cloud Editions

Here’s an overview of the different solutions/subscriptions included in each edition:

VMware Cloud Editions Connected Subscriptions

More VMware Cloud related announcements can be found here.

What’s New in vSphere 8 Update 2

As always, VMware is working on enhancing operational efficiency to make the life of an IT admin easier. And this gets better with the vSphere 8 U2 release.

In vSphere 8 Update 2, we are making significant improvements to several areas of maintenance to reduce and in some cases eliminate this need for downtime so vSphere administrators can make those important maintenance changes without having a large impact on the wider vSphere infrastructure consumers.

These enhancements include, reduced downtime upgrades for vCenter, automatic vCenter LVM snapshots before patching and updating, non-disruptive certificate management, and reliable network configuration recovery after a vCenter is restored from backup.

More information about the vSphere 8 Update 2 release can be found here.

What’s New in vSAN 8 Update 2

At VMware Explore 2022, VMware announced the new vSAN 8.0 release which included the new Express Storage Architecture (ESA), which even got better with the recent vSAN 8.0 Update 1 release.

VMware vSAN Max – Petabyte-Scale Disaggregated Storage

VMware vSAN Max, powered by vSAN Express Storage Architecture, is a new vSAN offering in the vSAN family delivering
petabyte-scale disaggregated storage for vSphere. With its new disaggregated storage deployment model, vSAN customers can scale storage elastically and independently from compute and deploy unified block, file, and partner-based object storage to maximize utilization and achieve lower TCO.

VMware vSAN Max

vSAN Max expands the use cases in which HCI can provide exceptional value. Disaggregation through vSAN Max provides flexibility to build infrastructure with the scale and efficiency required for non-linear scaling applications, such as storage-intensive databases, modern elastic applications with large datasets and more. Customers have a choice of deploying vSAN in a traditional model or a disaggregated model with vSAN Max, while still using a single control plane to manage both deployment options.

The vSAN Max announcement can be found here.

VMware Cloud on AWS

VMware announced a VMware Cloud on AWS Advanced subscription tier that will be available on i3en.metal and i4i.metal instance types only. This subscription will include advanced cloud management, networking and security features:

VMware NSX+ Services (NSX+ Intelligence, NDR capabilities, NSX Advanced Load Balancer)
vSAN Express Storage Architecture Support
VMware Aria Automation
VMware Aria Operations
VMware Aria Operations for Logs

Note: Existing deployments (existing SDDCs) will be entitled to these advanced cloud management, networking and security features over time

The VMware Cloud on AWS Advanced Subscription Tier FAQ can be found here.

Introduction of VMware NSX+

Last year, VMware introduced Project Northstar as technology preview:

Project Northstar is a SaaS-based networking and security offering that will empower NSX customers with a set of on-demand multi-cloud networking and security services, end-to-end visibility, and controls. Customers will be able to use a centralized cloud console to gain instant access to networking and security services, such as network and security policy controls, Network Detection and Response (NDR), NSX Intelligence, Advanced Load Balancing (ALB), Web Application Firewall (WAF), and HCX. It will support both private cloud and VMware Cloud deployments running on public clouds and enable enterprises to build flexible network infrastructure that they can spin up and down in minutes.

This year, VMware announced the initial availability of the NSX+ service. VMware NSX+ is a fully managed cloud-based service offering that allows networking, security, and operations teams to consume and operate VMware NSX services from a single cloud console across private and public clouds.

NSX+ Architectural Diagram

The following services are available:

NSX+ Policy Management: Provides unified networking and security policy management across multiple clouds and on-premises data centers.
NSX+ Intelligence (Tech Preview only): Provides a big data reservoir and a system for network and security analytics for real-time traffic visibility into applications traffic all the way from basic traffic metrics to deep inspection of packets.
NSX+ NDR (Tech Preview only): Provides a scalable threat detection and response service offering for Security Operations Center (SoC) teams to triage real time security threats to their data center and cloud.

There are three different NSX+ and two NSX+ distributed firewall editions available:

NSX+ Standard. For organizations needing a basic set of NSX connectivity and security features for single location software-defined data center deployments.
NSX+ Advanced. For organizations needing advanced networking and security features that are applied to multiple sites. This edition also entitles customers to VMware NSX+ Advanced Load Balancer Cloud Services.
NSX+ Enterprise. For organizations needing all of the capability NSX has to offer. This edition also entitles customers to VMware NSX+ Advanced Load Balancer Cloud Services.
NSX+ Distributed Firewall. For organizations needing implement access controls for east-west traffic within the network (micro-segmentation) but not focused on Threat detection and prevention services.
NSX+ Distributed Firewall with Threat Prevention. For organizations needing access control and select Threat prevention features for east-west traffic within the network.

An NSX+ feature overview can be found here.

Note: Currently, NSX+ only supports NSX on-premises deployments (NSX 4.1.1 or later) and VMware Cloud on AWS

VMware Cloud Foundation

VMware announced a few innovations for H2 2023, which includes the support for Distributed Service Engine (DSE aka Project Monterey), vSAN ESA support, and NSX+.

Generative AI – VMware Private AI Foundation with Nvidia

VMware and Nvidia’s CEOs announced VMware Private AI Foundation as the result of their longstanding partnership.

Built on VMware Cloud Foundation, this integrated solution with Nvidia will enable enterprises to customize models and run generative AI applications, including intelligent chatbots, assistants, search, and summarization.

Bild

Anywhere Workspace Announcements

At VMware Explore 2022, VMware shared its vision for autonomous workspaces.

Autonomous workspace is a concept (not an individual product) that is our north star for the future of end-user computing. It means going beyond creating a unified workspace with basic automations, to analyzing huge amounts of data with AI and machine learning, to drive more advanced, context aware automations. This leads to a workspace that can be considered self-configuring, self-healing, and self-securing.

VMware continued working on the realization of this vision and came up with a lot of announcements, which can be found here.

Other Announcements

Please find below some announcements that VMware shared with us during the SpringOne event or before and after the general session on August 22nd, 2023:

Supercloud – A Hybrid Multi-Cloud

Jun 7, 2023 | Alibaba Cloud, AWS, Azure, Cloud Native Apps, Edge Computing, Equinix, Google Cloud, Kubernetes, Oracle Cloud Infrastructure, Supercloud, VCPP, VMware Aria, VMware Cloud, VMware Cloud Foundation

I thought it is time to finally write a piece about superclouds. Call it supercloud, the new multi-cloud, a hybrid multi-cloud, cross-cloud, or a metacloud. New terms with the same meaning. I may be biased but I am convinced that VMware is in the pole position for this new architecture and approach.

Let me also tell you this: superclouds are nothing new. Some of you believe that the idea of a supercloud is something new, something modern. Some of you may also think that cross-cloud services, workload mobility, application portability, and data gravity are new complex topics of the “modern world” that need to be discussed or solved in 2023 and beyond. Guess what, most of these challenges and ideas exist for more than 10 years already!

Cloud-First is not cool anymore

There is clear evidence that a cloud-first approach is not cool or the ideal approach anymore. Do you remember about a dozen years ago when analysts believed that local data centers are going to disappear and the IT landscape would only consist of public clouds aka hyperscalers? Have a look at this timeline:

VMware and Public Clouds Timeline

We can clearly see when public clouds like AWS, Google Cloud, and Microsoft Azure appeared on the surface. A few years later, the world realized that the future is hybrid or multi-cloud. In 2019, AWS launched “Outposts”, Microsoft made Azure Arc and their on-premises Kubernetes offering available only a few years later.

Google, AWS, and Microsoft changed their messaging from “we are the best, we are the only cloud” to “okay, the future is multi-cloud, we also have something for you now”. Consistent infrastructure and consistent operations became almost everyone’s marketing slogan.

As you can also see above, VMware announced their hybrid cloud offering “VMware Cloud on AWS” in 2016, the initial availability came a year after, and since 2018 it is generally available.

From Internet to Interclouds

Before someone coined the term “supercloud”, people were talking about the need for an “intercloud”. In 2010, Vint Cerf, the so-called “Father of the Internet” shared his opinions and predictions on the future of cloud computing. He was talking about the potential need and importance of interconnecting different clouds.

Cerf already understood about 13 years ago, that there’s a need for an intercloud because users should be able to move data/workloads from one cloud to another (e.g., from AWS to Azure to GCP). He was guessing back then that the intercloud problem could be solved around 2015.

We’re at the same point now in 2010 as we were in ’73 with internet.

In short, Vint Cerf understood that the future is multi-cloud and that interoperability standards are key.

There is also a document that also delivers proof that NIST had a working group (IEEE P2302) trying to develop “the Standard for Intercloud Interoperability and Federation (SIIF)”. This was around 2011. How did the suggestion back then look like? I found this youtube video a few years ago with the following sketch:

Intercloud 2012

Workload Mobility and Application Portability

As we can see above, VM or workload mobility was already part of this high-level architecture from the IEEE working group. I also found a paper from NIST called “Cloud Computing Standards Roadmap” dated July 2013 with very interesting sections:

Cloud platforms should make it possible to securely and efficiently move data in, out, and among cloud providers and to make it possible to port applications from one cloud platform to another. Data may be transient or persistent, structured or unstructured and may be stored in a file system, cache, relational or non-relational database. Cloud interoperability means that data can be processed by different services on different cloud systems through common specifications. Cloud portability means that data can be moved from one cloud system to another and that applications can be ported and run on different cloud systems at an acceptable cost.

Note: VMware HCX is available since 2018 and is still the easiest and probably the most cost-efficient way to migrate workloads from one cloud to another.

It is all about the money

Imagine it is March 2014, and you read the following announcement: Cisco is going big – they want to spend $1 billion on the creation of an intercloud

Yes, that really happened. Details can be found in the New York Times Archive. The New York Times even mentioned at the end of their article that “it’s clear that cloud computing has become a very big money game”.

In Cisco’s announcement, money had also been mentioned:

Of course, we believe this is going to be good for business. We expect to expand the addressable cloud market for Cisco and our partners from $22Bn to $88Bn between 2013-2017.

In 2016, Cisco retired their intercloud offering, because AWS and Microsoft were, and still are, very dominant. AWS posted $12.2 billion in sales for 2016, Microsoft ended up almost at $3 billion in revenue with Azure.

Remember Cisco’s estimate about the “addressable cloud market”? In 2018, Gartner presented the number of $145B for the worldwide public cloud spend in 2017. For 2023, Gartner forecasted a cloud spend of almost $600 billion.

Data Gravity and Egress Costs

Another topic I want to highlight is “data gravity” coined by Dave McCrory in 2010:

Consider Data as if it were a Planet or other object with sufficient mass. As Data accumulates (builds mass) there is a greater likelihood that additional Services and Applications will be attracted to this data. This is the same effect Gravity has on objects around a planet. As the mass or density increases, so does the strength of gravitational pull. As things get closer to the mass, they accelerate toward the mass at an increasingly faster velocity. Relating this analogy to Data is what is pictured below.

Put data gravity together with egress costs, then one realizes that data gravity and egress costs limit mobility and/or portability discussions:

Source: https://medium.com/@alexandre_43174/the-surprising-truth-about-cloud-egress-costs-d1be3f70d001

By the way, what happened to “economies of scale”?

The Cloud Paradox

As you should understand by now topics like costs, lock-in, and failed expectations (technically and commercially) are being discussed for more than a decade already. That is why I highlighted NIST’s sentence above: Cloud portability means that data can be moved from one cloud system to another and that applications can be ported and run on different cloud systems at an acceptable cost.

Acceptable cost.

While the (public) cloud seems to be the right choice for some companies, we now see other scenarios popping up more often: reverse cloud migrations (also called repatriation sometimes)

I have customers who tell me, that the exact same VM with the exact same business logic costs between 5 to 7 times more when they moved it from their private to a public cloud.

Let’s park that and cover the “true costs of cloud” another time. 😀

Public Cloud Services Spend

Looking at Vantage’s report, we can see the following top 10 services on AWS, Azure and GCP ranked by the share of costs:

If they are right and the numbers are true for most enterprises, it means that customers spend most of their money on virtual machines (IaaS), databases, and storage.

What does Gartner say?

Let’s have a look at the most recent forecast called “Worldwide Public Cloud End-User Spending to Reach Nearly $600 Billion in 2023” from April 2023:

Gartner April 2023 Public Cloud Spend Forecast

All segments of the cloud market are expected see growth in 2023. Infrastructure-as-a-service (IaaS) is forecast to experience the highest end-user spending growth in 2023 at 30.9%, followed by platform-as-a-service (PaaS) at 24.1%

Conclusion

If most companies spend around 30% of their budget on virtual machines and Gartner predicts that IaaS is still having a higher growth than SaaS or PaaS, a supercloud architecture for IaaS would make a lot of sense. You would have the same technology format, could use the same networking and security policies, and existing skills, and benefit from many other advantages as well.

Looking at the VMware Cloud approach, which allows you to run VMware’s software-defined data center (SDDC) stack on AWS, Azure, Google, and many other public clouds, customers could create a seamless hybrid multi-cloud architecture – using the same technology across clouds.

Other VMware products that fall under the supercloud category would be Tanzu Application Platform (TAP), the Aria Suite, and Tanzu for Kubernetes Operations (TKO) which belong to VMware’s Cross-Cloud Services portfolio.

Final Words

I think it is important that we understand, that we are still in the early days of multi-cloud (or when we use multiple clouds).

Customers get confused because it took them years to deploy or move new or existing apps to the public cloud. Now, analysts and vendors talk about cloud exit strategies, reverse cloud migrations, repatriations, exploding cloud costs, and so on.

Yes, a supercloud is about a hybrid multi-cloud architecture and a standardized design for building apps and platforms across cloud. But the most important capability, in my opinion, is the fact that it makes your IT landscape future-ready on different levels with different abstraction layers.

VMware Cloud Foundation 5.0 – Technical Overview

Jun 5, 2023 | Cloud Native Apps, Edge Computing, HCX, Kubernetes, NSX, Tanzu, VMware Aria, VMware Cloud Foundation, vRealize, vSphere

Update: Please have a look at the VMware Cloud Foundation 5.1 Technical Overview.

This technical overview supersedes this version, which was based on VMware Cloud Foundation 4.5, and now covers all capabilities and enhancements that were delivered with VCF 5.0.

What is VMware Cloud Foundation (VCF)?

VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. VCF is based on different components like vSphere (compute), vSAN (storage), NSX (networking), and some parts of the Aria Suite (formerly vRealize Suite). The idea of VCF follows a standardized, automated, and validated approach that simplifies the management of all the needed software-defined infrastructure resources.

This stack provides customers with consistent infrastructure and operations in a cloud operating model that can be deployed on-premises, at the edge, or in the public cloud.

What software is being delivered in VMware Cloud Foundation?

The BoM (bill of materials) is changing with each VCF release. With VCF 5.0 the following components and software versions are included:

VMware SDDC Manager 5.0
vSphere 8.0 Update 1a
vCenter Server 8.0 Update 1a
vSAN 8.0 Update 1
NSX-T 4.1
VMware Aria

Note: Only one vCenter Server license is required for all vCenter Servers deployed in a VMware Cloud Foundation system.

VMware Cloud Foundation 5 Overview

What happened to the Tanzu entitlements?

With the release of VCF 5.0, VMware plans to retire the perpetual licensing for VMware Cloud Foundation in Q3 2023.

Around the same time, we can expect that VCF is only being sold as part of the “Cloud Packs” (connected and disconnected):

VCF Cloud Pack

As already mentioned here, customers have also no more option to buy “Tanzu Standard” and existing Tanzu Standard customers can “upgrade” to “Tanzu Kubernetes Grid” (TKG) and Tanzu Mission Control (add-on).

There are several options available. Please contact your VMware representative.

VMware Cloud Foundation Architecture

VCF is made for greenfield deployments (brownfield not supported) and supports two different architecture models:

Standard Architecture
Consolidated Architecture

VMware Cloud Foundation Deployment Options

The standard architecture separates management workloads and lets them run on a dedicated management workload domain. Customer workloads are deployed on a separate virtual infrastructure workload domain (VI workload domain). Each workload domain is managed by a separate vCenter Server instance, which allows autonomous licensing and lifecycle management.

VMware Cloud Foundation Single Site Deployment

Note: The standard architecture is the recommended model because it separates management workloads from customer workloads.

Customers with a small environment (or a PoC) can start with a consolidated architecture. This allows you to run customer and management workloads together on the same workload domain (WLD).

Note: The management workload domain’s default cluster datastore must use vSAN. Other WLDs can use vSAN, NFS, FC, and vVols for the principal storage.

VMware Cloud Foundation Storage Options

What is a vSAN Stretched Cluster?

vSAN stretched clusters extend a vSAN cluster from a single site to two sites for a higher level of availability and inter-site load balancing.

VMware Cloud Foundation Stretched Cluster

Does VCF provide flexible workload domain sizing?

Yes, that’s possible. You can license the WLDs based on your needs and use the editions that make the most sense depending on your use cases.

VMware Cloud Foundation Flexible Licensing

How many physical nodes are required to deploy VMware Cloud Foundation?

A minimum of four physical nodes is required to start in a consolidated architecture or to build your management workload domain. Four nodes are required to ensure that the environment can tolerate a failure while another node is being updated.

VI workload domains require a minimum of three nodes.

This means, to start with a standard architecture, you need to have the requirements (and money) to start with at least seven physical nodes.

What are the minimum hardware requirements?

These minimum specs have been listed for the management WLD since VCF 4.0 (September 2020):

VMware Cloud Foundation Hardware Requirements

Can I mix vSAN ReadyNodes and Dell EMC VxRail deployments?

No. This is not possible.

What about edge/remote use cases?

When you would like to deploy VMware Cloud Foundation workload domains at a remote site, you can deploy so-called “VCF Remote Clusters”. Those remote workload domains are managed by the VCF instance at the central site and you can perform the same full-stack lifecycle management for the remote sites from the central SDDC Manager.

VMware Cloud Foundation Remote Cluster

Prerequisites to deploy remote clusters can be found here.

Note: If vSAN is used, VCF only supports a minimum of 3 nodes and a maximum of 4 nodes per VCF Remote Cluster. If NFS, vVOLs or Fiber Channel is used as principal storage, then VCF supports a minimum of 2 and a maximum of 4 nodes.

Important: Remote clusters and remote workload domains are not supported when VCF+ is enabled.

Does VCF support HCI Mesh?

Yes. VMware Cloud Foundation 4.2 and later supports sharing remote datastores with HCI Mesh for VI workload domains.

HCI Mesh is a software-based approach for disaggregation of compute and storage resources in vSAN. HCI Mesh brings together multiple independent vSAN clusters by enabling cross-cluster utilization of remote datastore capacity within vCenter Server. HCI Mesh enables you to efficiently utilize and consume data center resources, which provides simple storage management at scale.

Note: At this time, HCI Mesh is not supported with VCF ROBO.

What is SDDC Manager?

SDDC Manager is a preconfigured virtual appliance that is deployed in the management workload domain for creating workload domains, provisioning additional virtual infrastructure and lifecycle management of all the software-defined data center (SDDC) management components.

VMware Cloud Foundation SDDC Manager

You use SDDC Manager in VMware Cloud Foundation to perform the following operations:

Commissioning or decommissioning ESXi hosts
Deployment of workload domains
Extension of clusters in the management and workload domains with ESXi hosts
Adding clusters to the management domain and workload domains
Support for network pools for host configuration in a workload domain
Product licenses storage
Deployment of vRealize Suite components.
Lifecycle management of the virtual infrastructure components in all workload domains, and of vRealize Suite Lifecycle Manager components.
Certificate management
Password management and rotation
NSX-T Edge cluster deployment in the management domain and workload domains
Backup configuration

VMware Cloud Foundation SDDC Manager Dashboard

How many resources does the VCF management WLD need during the bring-up process?

We know that VCF includes vSphere (ESXi and vCenter), vSAN, SDDC Manager, NSX-T and eventually some components of the vRealize Suite. The following table should give you an idea what the resource requirements look like to get VCF up and running:

VMware Cloud Foundation Resource Requirements

If you are interested to know how many resources the Aria Suite (formerly vRealize Suite) will consume of the management workload domain, have a look at this table:

VMware Cloud Foundation Resource Requirements vRealize

How can I migrate my workloads from a non-VCF environment to a new VCF deployment?

VMware HCX provides a path to modernize from a legacy data center architecture by migrating to VMware Cloud Foundation.

VMware Cloud Foundation HCX

Can I install VCF in my home lab?

Yes, you can. With the VLC Lab Constructor, you can deploy an automated VCF instance in a nested configuration. There is also a Slack VLC community for support.

VCF Lab Constructor