While the rest of the world debates the sticky subject of whether the container ecosystem should be a center of gravity, the company at the axis of the world of virtualization portrays itself as the caretaker of neutral territory, and the harbinger of peace.
During day two of VMworld 2016 in Las Vegas, VMware presented the production-ready version of vSphere Integrated Containers as the only practical solution to the disarray and disorganization that developers inadvertently brought into the enterprise with the introduction of containerization.
“I can guarantee you, with every single one of the organizations that’s in this audience today, someone there is starting to play with containers,” said Kit Colbert, VMware’s chief technology officer for cloud platforms. “That creates both opportunities as well as challenges.
“Containers for developers, and in development, super-easy. This is one of the big value propositions: A developer can grab a laptop, get Docker, and they’re off and running. Seeing value immediately. But you guys know that in order to run anything in production, there’s a set of enterprise operational requirements that have to be met. And we see a lot of customers struggle with how to meet these challenges for containerized apps,” Colbert said.
Dude, You’re Not Hyperconverged!
Colbert told the story of one VMware customer running one, and only one containerized app in production. He asked this customer how the operations team accomplishes monitoring and was told they don’t.
“‘You don’t do monitoring with a production application? Dude, that’s not good!’ He said, ‘Dude, I know!’ And I was like, ‘Dude!’ And we had kind of a bonding moment. The reality is, customers struggle with these things.”
The CTO’s story preceded his demonstration of the latest version of vSphere — which customers will soon see as part of VMware Cloud Foundation — creating virtual container hosts for the staging of container-driven applications. These hosts appear in vSphere as ordinary virtual machines, until the operator drills down for details. This co-existence is supplied courtesy of a wrapper that vSphere applies to containers once they are deployed in these hosts, in a manner that developers don’t have to fiddle with.
VMware appears to have realized that it won’t be able at this point to sell its brand into the developer community … Instead, it’s content to treat developers and operators not only as different markets, but as inhabitants of separate worlds that orbit the same axis of infrastructure.
VMware’s message here is that developers should be allowed to use whatever tools they’re going to use anyway — Docker being the principal example — and IT operators should facilitate developers’ methods in a way that minimizes their interaction with security controls and compliance protocols. Developers don’t care about these subjects anyway, the message goes, so why make developers worry about matters that CIOs expect operators to manage and control?
“If it’s running in production, what’s the first thing we need?” asked Colbert rhetorically. “Right, networking and security. You’re gonna really want to lock this thing down, and make sure that it’s secure.”
That allowed Colbert to inject VMware’s NSX network virtualization into the picture, creating a security group around a containerized application and an associated database. Next, it let him bring vRealize Operations into the same picture as a management console. He could see network congestion between the components in the security group, and apply remedial re-routing — all without involving the developer.
Some Familiar Partners
Colbert also revealed Tuesday that VMware’s strategy for implementing Integrated Containers was aided by two very container-centric partners: CoreOS and Mesosphere. A forthcoming version of Vmware’s container platform Photon, co-produced with Pivotal, will integrate VMware’s NSX, plus Kubernetes as the container orchestrator.
“When we talk about the speed and velocity of application delivery, a number of businesses are looking at how to rethink everything to dramatically improve that velocity,” stated Colbert, bringing up the topic of Photon Platform. “That rethinking goes top-to-bottom, all the way down the infrastructure… They take all the physical resources that they have, and pool them into logical pools of compute, network, storage, they layer on top a distributed control plane and scheduler with a single, logical API endpoint for the application teams to leverage. Then they break infrastructure into pieces, into availability zones. There’s no assumed availability of any individual host, and in fact, many whole data centers can go down. So you have to expose that availability concept up to the application.”
This is where Colbert acknowledged that new classes of applications are being crafted for multi-tenancy and security — where developers do care about performance, availability, and the other key performance indicators that, in VMware’s mainstream, exist on the opposite world from developers. “The idea of Photon Platform,” he said, “is to drive radical simplicity into that infrastructure aspect of those architectures.”
Photon Platform will enable software-level hyper-convergence, where the entire data center resources — including from the public cloud — are pooled together. But while this is outside the realm of vSphere and Cloud Foundation, it will still bring NSX into the mix, as the facilitator of connections between resources in these pools.
VMware appears to have realized that it won’t be able at this point to sell its brand into the developer community. So it should not try; instead, it’s content to treat developers and operators not only as different markets, but as inhabitants of separate worlds that orbit the same axis of infrastructure, but otherwise have limited contact with one another.
Rather than position vSphere management as a substitute for the container orchestrator, VMware has chosen to portray orchestration and management as orthogonal topics, each for its own department. It may not be DevOps per se, but then again, VMware has no qualms about omitting the word “DevOps” in its current marketing strategy. Indeed, its entire message is an appeal to operators that developers will be developers, and building processes around them is easier than continuing to re-educate them.