This article is more than 1 year old
VMware builds narrow one-way road to move its crown jewels towards cloudy subscriptions
...but only on clouds it controls. Multi-cloud licensing is still all sorts of fun
VMware has taken another step towards turning its crown jewels into a subscription service, but the path it has chosen to walk is narrow.
The company has created a new product called "VMware Cloud" that bundles Cloud Foundation – VMware’s bundle of vSphere, VSAN, NSX, and the Tanzu container-wrangling suite. Doing so is very much on-strategy after VMware built Tanzu into vSphere 7. VMware Cloud matters because Cloud Foundation requires certain deployment patterns to ensure that Cloud Foundation implementations are compatible for hybrid cloud deployments.
There's also a new product called “VMware Cloud Universal”, however the expectation set by the name is a little misleading because it doesn’t really accord with VMware’s usual vision of running anything, anywhere.
The core of the Universal service is licence portability for VMware Cloud between on-premises rigs and either VMware Cloud on AWS or VMware Cloud on Dell EMC.
Today, users need discrete pools of licences for each environment in which they run VMware, an arrangement that in practice can lead to overprovisioning and shelfware as users buy all the licences they think they’ll need both on-prem and in the cloud, then hope they use the entitlements they’ve paid for.
The new Universal service means Cloud Foundation users can move licences from on-prem use to the two abovementioned clouds.
The new offer does not, however, apply to other hyperscale clouds that offer VMware, nor to the thousands of clouds run by service provider members of the VMware Cloud Provider Program.
The Register understands that’s because VMware operates and manages VMware Cloud on AWS and VMware Cloud on Dell EMC, making the new licence portability offer an internal accounting issue. VMware also understands how to map on-prem per-core licensing to the different servers used in the clouds it manages. The Register understands that making the same portability possible across the more diverse server fleets and instance types in other clouds would have been considerably more technically and financially complex and required talks with those clouds.
What a cluster-buck! Nutanix and Microsoft to swap licence credits under new Azure dealREAD MORE
There’s also a new Cloud Console to manage the VMware stack, wherever it is deployed. And Virtzilla has created a new service called “VMware Success 360” to help customers make the most of the Universal offering, the console, and whatever else it takes to help customers migrate apps to the cloud.
Another new service, “App Navigator”, sounds a lot like it’s Pivotal Labs consulting re-born as it promises assessment of an organisation’s application estate, followed by recommendations on how to improve them with cloudy moves, re-factoring, or a trip behind the shed with a loaded weapon.
It appears that VMware’s partners would get some action, too: the company last week referenced new “Customer Lifecycle Incentives” for partners that walk Virtzilla users through the process of modernising apps and/or infrastructure.
An urgent task for users of vRealize Operations is consideration of a newly disclosed pair of bugs that at the time of writing VMware’s advisory said were collectively critical, even though they are rated 7.2 and 8.6 on the ten-point CVSS scale and therefore usually considered “Important.”
CVE-2021-21975 involves a server-side request forgery in the vRealize Operations Manager API. The problem allows a malicious actor with access to the API to steal admin credentials.
CVE-2021-21983 applies to the same API and means “an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.”
Egor Dimitrenko of Positive Technologies found both bugs.
The problems exist in vRealize Operations Manager back to version 7.5.0, and as it’s a part of Cloud Foundation that needs fixing too. Patches have been created and are detailed on VMware’s advisory page. ®