Last week VMware debuted their new annual event, VMware Explore. Gone was the VMworld banners of years gone by, replaced with a slick new brand, promising inclusivity for developers, security folk and others alongside the thousands of VMware followers. Aside from the clientelle though, whats new?
VMware Explore made its debut last week, and as the annual (US based) event, it’s the time for VMware to show what they’ve been working on that is going to drive value for their customers and I have to say, the choice of speakers was superb. Yes they’ve stuck to the obvious headliners such Raghu Raghuram (CEO) and Kit Colbert (CTO), but also recognition for some of the incredible talent VMware have in their ranks such as Amanda Blevins (CTO for Americas) and the ever-so-popular William Lam. This for me, is a perfect example of why VMware keep achieving, a seemingly Mary Poppins style bag full of top talent. Anyway, lets get to the juicy bit – the announcements.
Raghu talked us through this as part of his opening keynote, and as a ‘product guy’ detailed that this version has been over 2 years in development, and boy can you see why.
Distributed Services Engine
Remember Project Monterey that was announced back in 2020? Well its got a new name: vSphere Distributed Services Engine, or DSE for short. For those of you who don’t know what this is, essentially SmartNICs or data processing units (DPUs) are the Ferrari’s of the NIC world, with tonnes of CPU, RAM and bandwidth giving you the ability run things on them, other than just pushing packets around a network.
What is that something? Well you can run another instance of ESXi on it, linked to the host its on, managed by vCenter and can be upgraded in the same way too. Initially you can offload services to that, such as NSX – putting virtual networking where it should always be – close to the network. Down the line though – think of the possibilities…
This doesn’t sound like the sexiest thing to come out of VMware Explore, but seeing the number of customers who let hosts fall out of support, or when I read horror stories of breaches due to unpatched infrastructure – anything that makes the process quicker and easier in a winner in my book.
Well vLCM which arrived in vSphere 7 can now remediate hosts that are standalone via API, but also remediate hosts in parallel reducing the time-to-upgrade and therefore the maintenance window needed with your business.
Next is the replacement for Host Profiles; Configuration Profiles. On the face of it, not the most exciting but vSphere has to move with the times and work to a ‘desired state’ model. Effectively this allows you to define the state you wish a host to be in, apply to a cluster and it applies. Any drift or change away from the desired state is monitored to prevent issues occuring. This is in Tech Preview and should be a nice cherry on the top for lifecycle management in my opinion.
Device Groups: Link together two logical components, such as NIC & GPU on the same PCIe switch for example so you can assign them to a VM, the same as you do for other virtual hardware to optimise IO and throughput.
Windows 11 Support: Windows 11 at scale can now be achieved as vSphere can ensure each VM has a unique vTPM device when cloned
If you’re going to announce vSphere 8, you might as well release vSAN 8 right? And my oh my have the vSAN team been busy announcing vSAN Express Storage Architecture (ESA) – which is optional, it all depends on the hardware you’re running it on. This infographic best describtes the two architectures and where you’d use them:
Essentially though, ESA exists to take full advantage of modern hardware – unlike 2012 when the original architecture was designed, flash was new and expensive, people wanted tiered storage to offload workloads onto cheaper hardware. In 2022 though, customers want a single tier, high throughput and excellent compression. Duncan Epping explains it in far more detail than me over at YellowBricks.com – but suffice to say – its a huge jump in just about every metric you’d look at in the storage world.
The vRealize name has gone, and replaced with Aria but this is far from just a rebrand – based on Project Ensemble announced last year is the way to manage your apps across clouds and platforms, brought into VMware Aria Hub to have a single view. All running on a graph-based datastore its designed to scale to millions of objects and understand the millions of dependancies objects have. And just like all modern apps, is designed to integrate with third-party tools to make it as easy as possible to get your data in a single place.
In addition to the more familiar product set, 3 new services come alongside Aria Hub and Aria Graph.
Aria Guardrails for enforcement of networking, security for code-based multi-cloud enviroments
Aria Migration to automate the assessment, planning and migration to cloud alongside HCX.
Aria Business Insights leveraging AI/ML analytics to give actionable business insights from discovered symptoms and issues across apps and infrastructure – a benefit of having all the data in 1 place!
i4: VMC on AWS
The much anticipiated I4i host type is soon to be available. I4i hosts come with the Intel Ice Lake Processors, so have nearly twice the number of physical cores, twice the memory, three times the storage capacity, and three times the network bandwidth. They are perfect for workloads that are particularly IO intensive, and although pricing isn’t out yet, I suspect they’ll be VERY competitive.
Amazon FSx for NetApp ONTAP is an external NFS based storage service jointly engineered between NetApp & AWS that can be attached to a cluster allowing customers to scale their storage separately. Perfect for bulk storage for things such as VDI, or data warehousing where storage is key.
VMware Cloud Flex Storage much like the above is external storage to compliment VMC on AWS but managed by VMware and is native to the VMware ecosystem. Commercially its super flexible too, allowing customers to simply pay for what they use. Both of the above 2 releases give customers huge opportunity and flexibility to keep costs down as they move from on-prem to the cloud.
Cloud Flex Compute
This is a ‘preview’ release meaning it not yet generally available but this, for me, is one of the more exciting announcements. Getting started in VMC on AWS for customers to this point is buying a set amount of compute and storage in the form of a hardware-defined model using hosts, much like we do on-prem. CFC lets you get started using a resource-defined model, in other words a far lower entry point. You choose the resource you require and VMware will manage all the underlying hardware. Because you’re not tied to AWS t-shirt sized instance types, you can grow your environment in the sizes that your business needs. Looking forward to customers getting their hands on this
Another of my most favourite announcements. One of the big challenges of going true multi-cloud is networking and security. How do you ensure consistency of access using a global WAF? How do you ensure access is load balanced across those clouds? Simple – ask VMware for SaaS-based offering, that provides WAF, load balancing, network detection and response amongst others. This will support VMware Cloud deployments as well as on-prem and be backed with NSX Intelligence too for visibility across it all. There’s more info here, but if you can’t get excited about this, then what can you get excited about? 😛
Another particularly interesting area of focus for me, and VMware didn’t disappoint here either:
Edge Compute Stack 2.0
Edge Compute Stack 1.0 went live 12 months ago, and the devs have been fast enhancing it with a slurry of new features. The biggest one is the fact that you don’t need to have x86 hardware anymore, it supports ARM, Atom and Core hardware. Alongside the smaller clusters that TKG 2.0 now supports (1 control node & 1 worker node) this makes the edge more powerful than ever.
For those in the know, Tanzu is VMware modern apps platform to look after containised workloads and there was a plethera of announcements
Tanzu Application Platform 1.3
Support for RedHat OpenShift, running on vSphere on bare metal, giving flexibility for deployment options and making sure any investiment into Openshift isn’t wasted.
Air-gapped installations can now be achieved, ensuring that all components and upgrades can be achieved without comprimising data security. Perfect for heavily regulated businesses!
Supported vulnerability scanners includes Carbon Black (in beta) alongside Grype and Snyk. This alongside a new vulnerability dashboard to help ensure that released code is a secure as can be.
Tanzu Mission Control
In preview is support for AWS EKS clusters, meaning you can provision and manage EKS clusters
Tanzu Kubernetes Grid
TKG 2.0 is here which now includes a unified declarative API for the TKG service whether that is on-prem or in public cloud. What that means is that the process is identical to deploy clusters, alongside consistent tooling, etc.
The creation of a cluster can be defined in a declarative sense, and then be reused to create, scale, upgrade and delete clusters and because the experience is the same no matter where you’re deploying to, it streamlines and simplifies the process.
Tanzu is introducing Carval-based tooling which are a number of reliable tools used to build applications, configure and deploy to k8s.
Tanzu Service Mesh
This year the focus was on more enterprise-ready capabilities and that has definitely arrived based on the popular Istio technology amongst others.
It now supports customer-owned certificate authority with an integration with Venafi meaning that certificates that you generate can be part of the org CA trust chain.
Aria Operations for Applications
What was formerly known as Tanzu Observability now offers unified observability combining metrics, traces and logs together. In the real world, this means you have a single view of all the data to reduce time to fixing issues or incidents.
The next generation of Horizon has landed which doesn’t only simplify the infrastructure but can result in significant cost savings which also making things scale easier and increases reliability. This is all generally available now for all Horizon Cloud environments on Microsoft Azure
In comparison to the previous generation, means far less infrastructure is required. So components such as pod managers, Azure PostgreSQL services and multiple UAGs (Unified Access Gateway) per subscription have gone moving these to a VMware-managed Horizon control plane. That control plane has a single edge gateway and the numbers of UAGs scale up and down as required.
The next-gen architecture isn’t just super-scalable, but it’s completely API driven, meaning everything that is in the Horizon console can also be done via API. This is available to third parties as well as customers, for managed services etc – so everyone wins here!
Because a larger percent of the infrastructure is looked after by VMware, VMware have greater visibility over each component meaning they can proactively monitor and resolve component issues before you, as a customer experience any issues. Oh and new alerting and reporting capabilities gives you better visibility as to what is going on.
Freestyle Orchestrator, the low-code platform for Workspace One now support mobile devices, so you can create workflows for iOS and for Android. Pretty awesome video showing you this below:
Windows Multi-user Support
One of the challenges I’ve experienced as a customer are shared devices being assigned to a single user within Workspace One. Good news, is that support for Windows devices that have multiple users’ using them exists in Tech Preview for Azure AD-based deployments with AD-based deployments coming later.
Workspace One Cloud Marketplace
The tech preview of the marketplace is coming too, which allows you to import ready made widgets, dashboard, reports and freestyle orchestrator workflows. This will be pretty awesome, especially for freestyle, when you could use it for something like upgrading an OS on a device based on a hardware sensor for example. Looking forward to this.
I’m sure they’ll be plenty of announcements I’ve missed, but