VMworld 2017 VMware CEO Pat Gelsinger last week introduced the company's second quarter results by saying the company has embarked on a “multi-year journey from a compute virtualization company to offer a broad portfolio of products driving efficiency and digital transformation.”
And today at VMworld the company began to explain what that mouthful of jargon meant: a strategy to put the company at the center of multi-cloud management.
The clearest expression of Gelsinger's words is its half-dozen new software-as-a service offerings, namely:
- AppDefense – the new security product formerly known as Project Goldilocks, and which creates a manifest of expected behaviours for VMs, then gives businesses options to deal with them if they diverge;
- Cost Insight – a cost monitoring and optimization service that knows the AWS, Azure and Google's price lists inside out and can make cost saving recommendations;
- Discovery – a tool that figures out what you have running, in what clouds, and lets you organise them into logical groups;
- Network Insight – a network and security analysis service that leans heavily on NSX;
- NSX Cloud – NSX-as-a-service;
- Wavefront – a performance monitoring service for cloud-native apps.
All six are subscription services, accessible through existing VMware accounts. And all six are new stuff for your VMware account manager, or channel partner, to suggest. If you're one of the few who resisted the company's No Naked vSphere push, VMware's going to come at you again, this time as a software-as-a-service vendor.
The Register expects the company will come hardest with AppDefense, because it's created a new business unit to back a product it feels is genuinely new to offer. “Most security is about finding bad, we are about ensuring good,” says Tom Corn, senior veep of the Security Product group at VMware.
The Register revealed the basics of AppDefense well before its announcement. We had to wait for today to learn that it can build its whitelist of acceptable VM behaviour by interacting with either vCenter or automated provisioning tools like Jenkins or MAVEN. Linking with those tools is an effort to make AppDefense offer something to DevOps practitioners. It's also trying to impress line-of-business types by offering them a mobile app that alerts them when applications misbehave, so that all stakeholders can participate in decisions about how to respond.
AppDefense will be sold as SaaS or on-premises software. Either way, it should do well: security types The Register's virtualization desk have spoken to feel Virtzilla is onto something here!
VMware on AWS costs what?
VMware's favourite news from this year's event is that the company's deal with Amazon Web Services has come to fruition. AWS now hosts servers running Cloud Foundation, the bundle of vSphere, VSAN, NSX and vCenter that is intended to mirror on-premises implementations.
It's all available as of today, to run in AWS alone or in a hybrid cloud spanning an on-premises implementation.
KVM plans big boosts to storage and nested virtualizationREAD MORE
For how it's only in one AWS Region, US West, and you can only buy by the hour. One-and-three-year subscriptions are due soon, as is a global rollout that will start soon and continue deep into 2018. There's just one server type, too, and while vSphere lets you slice and dice that as it would any other server, there's no hint of the varied instance types AWS and other clouds offer.
At least the server is pleasingly grunty. Each host has a pair of CPUs, 36 cores, 72 hyper-threads, 512GB of RAM, local flash storage (3.6TB cache, 10.7TB raw capacity tier). But you'll need four hosts to build a cluster!
There is integration between VMware-on-AWS and some AWS services.
VMware will run and support the service, in contrast to the arrangement it has with IBM and the other ~4,300 vCloud Air Network partners that run vSphere-based clouds. Those partners get a new version of vCloud Director, plus more hardware partners ready to sell them servers ready to roll with Cloud Foundation. And perhaps some worry beads, for stress relief and/or prayer as VMware challenges them like never before, because the new service integrates with some AWS services. We're told that the VMware service lives in the same data centres as services like Lambda, so piping them into apps will be low-latency.
In the past VMware partners have told El Reg they feel VMware's cloud partnerships aren't bad for business, because they get users talking about vSphere-powered clouds. Now we hear some are re-thinking that position, but the pricing for VMware on Amazon may well crimp their concerns, because it isn't super-cheap.
Here's the pricing scheme.
|On-Demand (hourly)||1 Year Reserved||3 Year Reserved|
|List Price ($ per host)||$8.37||$51,987.00||$109,366.00|
|Savings Over On-Demand||30.00%||50.00%|
Remember: you'll probably need at least four hosts, so actual costs will be rather more than the single-host cost.
VMware justifies these prices by saying they stack up well when compared to the total cost of ownership compared to either on-prem or public clouds.
Here's the company's math.
|Estimated TCO ($/VM/hour) over 3 Years|
|VMware Cloud on AWS (3 Year Reserved)||$0.06 – $0.09, depending on consolidation ratio|
|Traditional On-Premises||$0.10 – $0.17, depending on customer environment|
|Native Cloud Instances||$0.06 – $0.09, depending on instance type and storage|
That calculation excludes bandwidth and IP address charges, and assumes VMs have a pair of vCPUs, 8GB RAM and 150GB of storage.
What does it all mean?
VMware's attempt to build a public cloud failed, as did its early SaaS forays.
The company's now turned that around, because the AWS deal gives it unrivalled scale, with perhaps-unsettling price.
The new SaaS offerings do two things:
- They give VMware a way to sell subscription software, which Wall Street wants to see in these cloudy times.
- More importantly, the SaaS offerings defend against Azure Stack, the most potent threat yet to on-premises vSphere.
VMware has done astoundingly well to keep Hyper-V's market share small. But anyone who needs new servers or storage now has to consider either hyperconverged infrastructure or Azure Stack because both offer strong alternatives to traditional infrastructure. Azure Stack also makes hypervisors irrelevant and therefore also makes the idea of Windows-on-VMware look a bit archaic.
Starting with last week's earnings call and already in pre-VMworld briefings, VMware's counter argument is that it's happy for you to use Azure in any form. So long as you don't needlessly rip and replace perfectly good vSphere in order to buy in to Microsoft's hybrid vision.
The new SaaS tools give you reasons not to ditch vSphere, by making multi-cloud wrangling easier and making vCenter the place you'll do it. AppDefense helps, too, because it looks a useful tool that won't hurt even if only deployed as one layer of a defense-in-depth strategy. It needs vCenter, too. And if vCenter is the place to do some security, and do multi-cloud management, it's a lot harder to contemplate ejecting it. That the VMware/AWS tie-up has quickly gone beyond IaaS and into AWS' services also suggests Virtzilla has found its way into a position of cloudy strength.
For now, anyway. Clouds move fast, and so do strategies to catch them. ®