Network Management, VMware and Who's Coming to the Party?

In this post by David Davis, there are a number of good observations and a couple of issues worth pondering.   

First might be what it means to "manage and monitor" virtualized infrastructure.  If Packttrap or Solarwinds permits that part of the IT organization responsible for the network to manage virtual network componentry, at what point do they pull it all together into a unified view of "the network"?  How does this happen without the network guys encroaching on the territory usually reserved for the "server tribe"?

One might argue that Cisco's Nexus 1000V recreates for the network organization a distributed virtual switch that, for all intents and purposes, acts like and is acted upon in a manner with which the network guys are familiar.  The question will be whether this is ultimately a case of defining the use of new, disruptive technology (server virtualization) in terms of the old established technologies (physical switching a la IOS). (You can see one point of view here, in which Davis sets out his take on the 1000V.)

As for the challenges he lays out ... well, we think we know the answers to some of this, and intend to prove it.  Answering the question about whether to support VMware ESX only, or other platforms is an interesting commercial decision for most players and bespeaks an understanding of the customer base. (When does Hyper-V have enough of a market share to justify the attention? Do customers have a requirement to manage both ESX and Hyper-V in the SAME virtualized datacenter?)

Yeah ... by all means, stay tuned.

Does your network management utility manage VMware? - David’s Cisco Networking Blog

More and more of the typical “physical computer” management & monitoring tools are being retooled to manage the new virtual infrastructure. I have talked with both Packettrap and Solarwinds and both have rumored that they will soon offer versions of their well known network management tools that will now recognize, not only network devices and physical servers, but the virtual guest operating systems that are on those physical servers.

For example, your network management & monitoring tool could query either each individual ESX server using traditional SNMP calls or it could query the VMware Virtual Center server using VMware’s API to obtain an inventory of what virtual guest is on what physical server, performance statistics for both host and guest systems, and status of guest systems (ie: which are powered on or off).

There are a few challenges that these vendors face:

    * do you go directly to each virtual host or to a centralized management server?
    * do you support only VMware ESX Server or do you try to support other virtualization platforms such as Microsoft’s Hyper-V?
    * how do you learn about guest VMs that have been “VMotion’ed” (for lack of a better term) from one host system to another? And what about the performance statistics when the storage for a guest is “SVMotion’ed” from one datastore to another?

So, “stay tuned”, as they say, for physical tools to now recognize the virtual world. And, if your vendor isn’t already doing this or doesn’t have plans to do it, I recommend that you pressure that vendor to make their product “virutalization ready” (or else you may have to go find another vendor).

Next Generation Infrastructure ... and its Management

Greg Ness is extending and enlarging his theme regarding the demands that next generation datacenters and cloud computing make on infrastructure... and particularly network infrastructure.  Notwithstanding the fact that he's now employed by a vendor of appliances and technologies that offers network services (like DNS, DHCP, IPAM, RADIUS, ...), the theme has merit -- it's not just a salespitch, folks.   So, while I might argue with his analysis of VMware's fortunes, the basic message ... new approaches to infrastructure for next generation IT ... is dead on, and with it the requisite new approaches to infrastructure management.

The Cloud will need Infrastructure 2.0 « ARCHIMEDIUS

... While many pundits have their heads in the clouds proclaiming the next big thing, there are a few issues that need to be resolved first. And those issues promise to fuel new demand for new types of networking solutions.

These new demands of scale and complexity and availability were beyond the wildest dreams of the creators of the core network services that support today’s increasingly strained network infrastructure. Many of these services, like DNS and DHCP are decades old. They were created in simpler days, usually in silos and with no concept of a need for interoperability between the protocols. Those days are now gone. DHCP servers, for example, now do dynamic DNS updates.

Ed Bugnion on Server Virtualization

Peter Christy placed a terse post on his blog about Cisco and their Nexus 1000V.  I loved the Ed Bugnion reference.

Peter Christy

Cisco announced some of the anticipated fruits of their partnership with VMware and their acquisition of Nuova (remember that Nuova's CTO Ed Bugnion was a VMware founder). As Ed says so well, server virtualization didn't break the applications but it certainly broke the infrastructure.

Michael Morris on Cisco's Nexus 1000V

Michael Morris has a very succinct and informative post on Cisco's Nexus 1000V.  The overview puts into perspective VN-link and includes a short interview with Doug Gourlay who mentions a few additional technology initiatives and goodies that weren't mentioned during the VMworld 2008 presentation.

Cisco's First Software Switch - the Nexus 1000V | NetworkWorld.com Community

Conforming to the axiom that it's easier to join 'em than fight 'em, Cisco launched its first software based network switch this week - the Nexus 1000V - as an integrated component of VMware's ESX platform.

Bittman (Gartner) on VDC Infrastructure Management

Tom Bittman of Gartner has recently started blogging on cloud computing and virtualization. In a post made after the opening gun at VMworld 2008, he comments on two strategic shifts evident in the VMware story: infrastructure management (which he characterizes as throwing down the gauntlet with IBM, HP and MSFT) and cloud computing.

What interested me in the post are some of the presuppositions and his conclusions:
(a) it's inevitable that the datacenter becomes a virtualized
(b) in becoming virtualized, the virtual machine environment (in this case VDC OS) becomes the natural locus of end-to-end datacenter infrastructure management
(c) by adding service governance to the mix, one has a management system that competes directly with adaptive, utility computing management strategies promoted by IBM, HP and Microsoft

While this analysis of VMware's strategy makes sense on its face, it also seems to couch the competition in terms of failed or stalled initiatives at (some of) the competitors.  Bittman alludes to this in his commentary.  For some reason, when thinking about datacenter operation, administration and management, I would have been more likely to set the competition as being between VMware (and its hoped-for coterie of infrastructure management partners) and the Big 4 (and Little 4) systems management providers. 

The point worth noting: we need a more thorough discussion and definition of datacenter service governance (to use Gartner's terminology).  This becomes critical, for example, when considering the discussion of VMware and virtsec and even more so when reading Hoff's consideration of network issues in the virtualized datacenter.  Then, we'll be able to have a better conversation about how systems management in the datacenter actually comes to pass, and how VMware will compete with the Bigs.

VMware Strategy Reaches for the Clouds

VMware includes in their concept what Gartner calls a service governor, which adds policy-based management on top of a meta OS. Combined, these two create what Gartner calls a real-time infrastructure. The service governor is the real challenge for VMware, which is one reason they haven’t called it out.

What is interesting is that VMware is finally describing a larger strategy that is completely competitive with IBM (remember the On Demand Operating Environment?), HP (Adaptive Infrastructure) and Microsoft (Dynamic IT). The strategy is credible, but there are many, many gaps that need to be filled. In particular, while VMware is strong in virtualization, they are very weak in service management. Regardless, it will be difficult for IBM and HP to miss the competitive threat (which, of course, they should have seen starting in 2001). This is the only natural evolution for VMware, but the road is littered with challenges.

And, meanwhile, in Gotham City ...

Network World reports on a presentation at InterOp in New York by Joshua Corman, principal security analyst for IBM/ISS.  The major message seems to be that virtualization requires significantly greater attention to management discipline and the enforcement of policies.  Without this attention, virtualization in the datacenter represents a serious security risk.

In defining Replicate's products, this very issue ... the sociology and organizational impact of multiple management domains ... has played a big part in our thinking, as has the means by which to reduce the complexity inherent in managing the virtualized datacenter.  Corman's characterization of the tribal nature of the datacenter organizations is spot on, as is his assessment of the problems that result from it.

People a big security threat to virtualization, Interop speaker says - Network World

Just as teams of server, network, security and application specialists typically oversee the deployment of traditional physical server farms, the same group should plan virtual rollouts, Corman said. But often, the security team is left out and server administrators may inherit the responsibility without the proper expertise. “Before there was a healthy balance of skill sets distributed well [among a variety of administrators],” he said.

This lack of balance generates unproductive finger pointing when things go awry and in some cases creates grabs for power as IT staff recognizes a shift in how work is being distributed. In either case, security can suffer, Corman said.

What happens in Vegas ...

... doesn't stay in Vegas.  Between the editorial blogging, live-blogging and micro-blogging coming out of Las Vegas this past week, anyone with an RSS feed reader and a twitter habit was probably well informed.  I'm still trying to review the week's events and announcements in light of our company's product and business plans, not to mention the impact on the virtualization market ecosystem.  Heady stuff, because there was so much.

What seems undeniable:

Maritz and the VMware organization has proven their ability to retake some thought leadership and generate momentum.

What struck me:

The theme I noted most at VMworld 2007 a year ago was "security."  This year, it seemed noticeably absent.  My sense is that the industry has yet to catch up and capitalize on VMsafe. Because all of the "next generation" of offerings from VMware and the independent providers are still in development, no one made too much of security issues.

I heard and saw a lot of backup and DR.  Storage is big, and the converged I/O required to make it sing within the virtualized datacenter made a pretty significant showing at VMworld 2008.

I assume that it wasn't just my own interest in network technologies, but this was the show at which the networking of the virtualized datacenter really got its props.  VMware's distributed virtual switch and Cisco's Nexus 1000v are the two most apparent indicators.  And, there seems to be an appreciation for the importance and complexity of "getting the networks right." -- access networks and storage networks, but no mention of the VOIP nets... yet.

And then, there's "cloud computing."  The term itself is now close to useless, since there are so many takes on it.  That said, I've enjoyed the secondary effect of terminology like "cloud bursting" (spanning the enterprise datacenter and the to-the-public utility service in order to scale-out / scale-up in response to demand or need) or "cloud formation" (the level at which condensation occurs -- the requirements and resources encourage the formation / adoption of utility computing.)

I'll continue to mine the feeds and articles over the next week or so to see what resonates and see if I can't also tease out some early indicators.

The fog around Cisco's announcement starts to dissipate

I made it to Las Vegas and VMworld, despite delays.  On firing up the browser, I see that the contents in Hoff's schwag bag, includes a flyer entitled "Introducing Cisco's Virtual Switch for VMware ESX."  He's set out a few more of the questions we're all asking ourselves.  Should be a fun couple of days here in Vegas.

Rational Survivability

I have dozens of questions like: I wonder how much of the Nexus (7000 series)/IOS-XE code cross-pollinates over (if any) to this solution and if we'll see capabilities such as STP/PVST+/Private VLANs, HSRP, Multicast, etc. make their way into Cisco's vSwitch.

Further, as Ed Haletky and I unofficially bet over drinks this evening, I wonder if it will be a direct replacement for VMware's at-boot loadable module or it will co-exist? I bet the former. ;)

In addition to the "cSwitch," there are a couple of sessions I am very, very interested in attending given my exposure to VFrame and some Cisco engineers/architects at last year's show:

Simplify VMotion with Virtual Machine–Aware Network and Storage Services
See how network and storage services can be linked to a virtual machine so they move with VMotion events.

ESX Server in a Unified Fabric Environment
See how ESX Server works in a unified fabric environment with ESX 3.5 U2, Emulex Converged Network Adaptors, and the Cisco Nexus 5000.

VFrame: Enriching ESX Deployment with End-to-End Orchestration
Cisco’s VFrame DC 1.2 provides an easy-to-use template-based provisioning approach for rapid, repeatable, and compliant provisioning of ESX Servers. Through a rich set of networking and storage orchestration capabilities, it reduces the time required to bring up ESX clusters while providing operational scalability to manage large clusters effectively.

Valovic on Cisco's Approach to Virtualization

Tom Valovic posts a column in advance of VMworld announcements.  I like his critique of "network virtualization 2.0."   

I do agree with the statement: '... the dynamic data center is going to need to have all of these “resource pools” work interactively and flexibly as system requirements change on a daily or even hourly basis. The network, obviously, is an important but often underestimated link in this holistic value chain.'

But, as for Cisco's VFrame as having an important role?  No, I don't think VFrame's going to be a starter.  Cisco has, with the re-absorbtion of Nuovo and the imminent additions to the Nexus switch family, a different potential path to take.  I believe that we'll see one show up this week as a fully virtualized distributed switch as part of the Nexus family.

I heartily concur with the sentiment on which he concludes:  "The network, obviously, is an important but often underestimated link in this holistic value chain."  Right.  It's an important, vital aspect of a holistic view of the next generation, virtualized datacenter. 

Virtualization Review | Valovic on Virtualization: Cisco’s Approach to Virtualization

...
As discussed in my last Cisco blog, there’s really a bright dividing line between doing network virtualization (NV) 1.0 via VLANs, VSANs, and other products, many associated with the Catalyst line of network switches and what I’ve somewhat unimaginatively called NV 2.0.

NV 2.0 (my construction) appears currently to consist of a ragbag of disparate elements. There’s I/O virtualization along the lines of what Neterion, 3Leaf, and Xsigo are doing -- basically products designed to virtualize NICs or HBAs and offering what is essentially dynamic provisioning of I/O capacity. Cisco does not currently have an offering in this market.

Other NV 2.0 products appear to be being developed specifically to support other types of virtualization such as server virtualization by basically making the supporting network more flexible. When we look at all of the resources in a data center being virtualized (i.e. servers, storage, networks, and applications) then it’s easy to see how the NGDC is going to need flexibility at all these levels. Cisco’s VFrame product has an important role here.

In other words, the dynamic data center is going to need to have all of these “resource pools” work interactively and flexibly as system requirements change on a daily or even hourly basis. The network, obviously, is an important but often underestimated link in this holistic value chain. 

Bottom line: I’d like to see network virtualization mainly discussed in this context. In other words, as either a) existing or future products supporting other types of virtualization or b) existing or future products supporting the next generation data center or NGDC. Put another way, I’d like to see the water not get muddied by Cisco and other vendors claiming in effect: “we’ve been doing virtualization for years, what’s the big deal?”

What will Cisco announce at VMworld?

Allen Leinwand makes an interesting prediction in GigaOM that Cisco will support VMware VMs on their networking hardware.  He then goes on to outline why it would be an important move for Cisco in their efforts to remain not only relevant, but central in the enterprise-class virtualized datacenter.  He also lays out some of the downside for enterprise customers -- most specifically the inability to leverate the Intel X86 server ecosystem to their complete advantage.

As I was pondering this, I noticed a "tweet" from Doug Gourlay (and I quote):

Allan Leinwand had a good guess on GigaOm, but not quite :). Keep 'em coming

OK, so that's "not quite" what Cisco has up its sleeve. 

What's my guess?  I don't think I have enough insight to put myself in the role of the product management powers-that-be at CSCO.  I'm not a network hardware guy.

What might make an interesting offer?  From my point of view, anything that Cisco can deliver that unifies the virtual network infrastructure now available within the VMware virtual machine environments and the physical (Cisco) server access network would be welcome. 

Hey... Where is that distributed virtual switch we heard about a little over a year ago?  Yeah... that would be interesting.  Oh, and while you're at it ... could you please make the virtual switch to which I associate VMs a "stackable" switch for the purpose of making network configuration for production computing more viable?

Well... hardly a prediction.  More a wishlist, isn't it?

Update:

I just saw this on the VMworld Underground site:

After the weekend the Nexsus 1000 will be launched by Cisco, this virtual switch has 255 ports and it's own IP-address. Eric Sloof

Hmmm.  Be careful what you wish for!

Cisco to Support VMware? - GigaOM

Cisco Systems will support VMware virtual machines on their networking hardware? There’s buzz around Silicon Valley that there will be a big announcement made at VMworld next week in Las Vegas, and that’s my prediction as to what it will be. The integration of virtual machines and networking, which was signaled last year when Cisco invested heavily in VMware just prior to the virtualization company’s IPO, would have numerous ramifications, not only for the two companies, but the networking industry overall.

If my prediction comes true, it would help Cisco remain relevant in the data center, allowing it to do more than move IP packets between servers. It would also entrench the company into the enterprise, distancing themselves even further from the likes of Juniper Networks and 3Com, both of whom have struggled against Cisco to gain some toehold in the enterprise infrastructure marketplace.