In-Depth
VM(be)ware
VMware is at an exciting and dangerous point in its existence. It can potentially dominate some emerging markets, but can also lose out in several key areas. Choosing wisely is paramount.
As we prepare for VMworld 2017, it's time to reflect on VMware's place in the world. VMworld itself seems to have less draw than its previous incarnations. The backroom deals that make or break alliances are happening more at AWS re:Invent than at VMworld. VMware is now a mature technology company facing increased competition from all sides. So, what all does that mean?
The short version is that VMware is in for a period of slower growth. This isn't as dire as it sounds, and it isn't unexpected. It would be irrational to expect that VMware could maintain the year-over-year revenue growth it's seen over the past 15 years; VMware built an empire on an industry-redefining product that everyone needed. It has no such product now.
This isn't to say that VMware doesn't have desirable and valuable products. Nor is it to say that VMware is doomed, or even that it will shrink or otherwise diminish. VMware's revenue will continue to grow. It simply won't grow as fast as it once did, for a little while at least.
Empires Are Hard
Wall Street demands growth. It's not enough to make a profit; you must make more profit than last year. In the case of VMware, which had grown explosively for a decade, its current steady yet modest growth makes it a stock-picker's has been.
This is no reflection on the quality of VMware's products—which largely maintain their technological edge against the competition—but instead is a sober assessment of how much room for growth is left without a change in strategy. VMware is an organization dedicated to meeting the needs of enterprise and government users. By and large, it has met them. There aren't exactly a lot of organizations in VMware's target market that aren't already VMware customers, so where does it go from here?
Maintaining growth can be done two ways: The first is to expand market share by appealing to a wider audience. The second is to move into adjacent markets and attempt to claim more of your existing customers' IT budgets.
VMware has already made it perfectly clear that it has next to zero interest in the mass market. If organizations that don't qualify as governments or large enterprises want to buy VMware's software that's great, but VMware isn't going to do much of anything to reach out to them. VMware feels that doing so would jeopardize its pricing structures and carefully maintained balance with enterprise customers, so smaller organizations will remain an afterthought for the foreseeable future.
This leaves expansions into adjacent markets. VMware did well for itself as an enterprise software company, and it plans to double down on that success by creating more and different software offerings.
VMware built its empire on its hypervisor and virtualization management software. x86 virtualization solved some very real problems in the datacenter and provided extraordinary benefits to customers of all sizes, niches and industries. It was a runaway success for a very good reason; now what are VMware's attempts to repeat this success, and how likely are they to succeed?
The Potential of NSX
NSX is arguably the burgeoning VMware solution with the largest potentially addressable market. A software-defined networking (SDN) solution, NSX solves numerous problems facing organÂizations running networks at scale. The microsegmentation approach, coupled with mostly usable management software, has reduced the management burden of managing certain aspects of networking.
NSX also has huge potential to be an important part of next generation network security. Wholly apart from the segmentation and isolation offered by NSX, the idea of making network functions virtualization easy(ish) to use, and of allowing for its automation, is transformative.
Future generations of NSX could, hypothetically, be the basis of a powerful automated incident response platform. I could also see a "network security marketplace" wherein organizations could purchase applications or services that operate on network streams and workloads with the ease of use of a smartphone's app store.
There's huge potential with NSX. There are also some very large hurdles to overcome.
While there aren't a large number of competitors for the SDN market, one of those competitors is Cisco. If NSX succeeds, Cisco becomes irrelevant. As you can imagine, Cisco isn't going down without a fight. Being a tech titan, it has a lot of technological and patent nukes at its disposal, and signs are pointing to a very dirty war breaking out over this space.
NSX also has to overcome resistance from within potential customer organizations. NSX puts control over networking into the hands of virtualization administrators, reducing the imporÂtance—and in many cases the need—for dedicated network administrators. As a rule, people don't like being made irrelevant, especially when it endangers their jobs, so it isn't hard to find examples of network administrators fighting against NSX by promoting alternative SDN solutions.
The greater hurdle to overcome, however, is simply convincing organizations that SDN is even necessary. For all that it can help solve certain management problems, many of those management problems aren't technological, but rather procedural or human.
By putting power over networking into the hands of virtualization administrators (and automation software), NSX functionally bypasses network administrators. This can eliminate layers of bureaucracy, communications problems and so forth; but more often than we like to admit, this red tape exists for a reason.
Many large organizations are highly risk-averse, especially when it comes to IT. There's a great deal of market education and proving out to be done before these organizations accept the potential utility of NSX, let alone the applicability to their circumstances.
Additionally, a great deal of the potential of NSX lies in its ability not to be a solution in and of itself, but to serve as a platform. Third-party integration into NSX in the form of advanced security features and network services is the biggest reason to hope that NSX could win the SDN wars, but this is also an area where VMware hasn't shown much strength.
VMware has never successfully run an app store-like marketplace, and there are open questions about its ability to keep partners happy. Like any tech titan, it has been known to compete directly with its own partners, with many VMware ecosystem partners describing VMware's approach as "eating its young."
NSX is absolutely a transformative technology, but the barriers to it becoming the foundation of VMware's second empire aren't technological. For NSX to become the next vSphere, VMware's marketing, community outreach and partner ecosystem politics all have to level up.
Where vSAN Fits
VMware's vSAN is an interesting contrast to NSX. Like NSX, the technology behind vSAN is sound. I've followed hyper-convergence closely for years, and have taken the time to test, review and otherwise beat up dozens of different solutions.
I'm willing to state without reservation that vSAN is one of the best software-defined storage (SDS) solutions currently available. It may not be the most feature-rich, and it's certainly not the least expensive, but it's rock solid, reliable, and does most of the things enterprises need it to do to host VMs in various scenarios.
Compared to NSX, vSAN is an easy sell. Hyper-convergence is straightforward, easy to understand, offers price benefits when compared to traditional SANs and generally is a rational evolution for most datacenters. VMware's competitors are, for the most part, also obsessed with the exact same large enterprise-plus-government market on which VMware built its hypervisor empire. This gives VMware the sales advantage, as it already owns all those accounts.
vSAN may seem like a slam dunk, but it isn't without its challenges. There's intense competition in the SDS market, leading many customers to balk at the prices VMware asks for vSAN. Additionally, VMware licenses and otherwise treats vSAN as its own product when, in reality, hyper-convergence isn't a product, but a feature.
This last is important: vSAN is not now, nor will it ever be, the basis upon which to build VMware's next software empire. It simply isn't that important, and there's too much competition for it to ever get to the near-monopoly levels of market share vSphere has traditionally enjoyed.
The Container Challenge
If vSAN isn't to be the foundation of VMware's next empire, then Photon—VMware's container management solution—very well might be. Containers are an efficient way to isolate workloads. Unfortunately, container management software is largely designed for developers, not systems administrators.
This makes containers a pain to administer, especially at scale, and doubly so if the workloads you're trying to containerize aren't both mostly identical and ephemeral. It's this latter part that's the problem.
Containers are great if you want to stand up 5,000 Web servers but don't care where the configuration of those Web servers is defined before the workloads are instantiated, and they don't store any important data. The traditional approach to containers is that if a configuration change needs to be made, you make that change to the recipe for that workload, light up a new workload with the new configuration and tear down the old one.
Storage—be it files, objects or database access—is generally handled separately from containers. Storage needs to be stateful and permanent, something containers have traditionally not been. Of course, not all workloads can be engineered in this manner, and there is a demand to use containers for stateful workloads. This is where VMware comes in.
What many organizations desire are containers that behave like VMs: stateful, capable of vMotion, high availability, distributed resource scheduler (DRS) and all the things that are taken for granted about vSphere. What isn't wanted is the overhead that comes with lighting up a complete OS environment for each and every workload. RAM is pricey and not likely to come down anytime soon, so organizations are looking for someone to sell a widget that crams more workloads into a smaller space without having to completely reengineer how everything is done.
VMware has two separate approaches to containers. The first approach, vSphere Integrated Containers (VIC), is a workable middle ground. Basically, VMware puts each container inside its own VM. This VM contains just enough of an OS to work, but is significantly lighter than having a complete OS wrapped around each container. You get all the vSphere workload protection magic, because what you're dealing with are just VMs on top of vSphere. Not perfect, but it'll do for now.
The second approach, based on Photon Platform, is much more like a traditional container setup. Large quantities of containers are crammed onto a bare metal host. No vMotion, no HA, no DRS, but the management has been juiced to be slightly less awful than other container players.
Ultimately, the solution needed lies somewhere in the middle: to cram multiple containers that can live with the same kernel into a VM and provide virtualization services to that VM. This gains efficiency without putting all of the workload eggs in a single basket. This can be done today without needing anything special from VMware; however, managing this at scale is a nightmare.
If VMware pulls the management pieces together to bridge the gap between the ephemeral workload efficiency junkies and risk-averse stateful administrators, it absolutely could build an empire on top of Photon. The real question is whether this is VMware's intention.
What has prevented containerization from simply wiping out virtualization is the attitude of containerization developers, vendors and practitioners. They view containers as the future, the "proper" way to do IT, and advocate for separate infrastructures with massive changes in business practices, expensive migration projects and in many cases abandoning decades of sunk costs in existing IT.
Forging an empire on the back of Photon means delivering the product customers are really looking for. It means taking a workload-centric (as opposed to VM-centric) approach in VMware's administration and management software, and it can't mean treating containers and VMs as separate products.
Of course, this would make containers a feature, not a separate product. On the other hand, it would allow VMware to dominate enterprise usage of containers in a relative hurry, as its competition in this area is so busy evangelizing radical change that those companies aren't delivering the sort of transitional product that will bring money, market share and power.
Finding the Right Cloud Strategy
VMware has tried to make cloud computing into an empire built on, yet separate from, vSphere on multiple occasions. It has failed, sometimes dramatically, at each attempt. VMware simply doesn't get cloud computing—and, I suspect, its own customer base—and as a result the company keeps missing the target.
Contrary to marketing, cloud computing hasn't taken off because it was somehow less expensive than traditional, on-premises IT. In most cases, it's not. Cloud computing is easier than traditional IT. That's why people use it.
Don't mistake the use of the word "easier" in this context for an implication that most cloud management interfaces have superior ease of use to vSphere. Most don't. They do, however, make a whole lot of other things easier that are far more important.
Anyone with a credit card and some time to learn the UI can get an arbitrary set of workloads up and running on a public or service provider cloud environment. No red tape, no "department of no" from IT, no waiting for approvals, provisioning or oversight. Shadow IT is enormously attractive.
Organization-sanctioned private and hybrid cloud solutions provide much the same freedom. Resources are provisioned to an end user or department and they then decide what to do with it. They only have to fight their own intra-departmental political battles; there's no trying to figure out exactly which dark magic incantations are required to make the nerds obey.
VMware's cloud attempts have been anything but easy. They've been nightmarish to set up and configure, finicky to maintain and expensive enough to make getting approval to implement them a pain. Until recently, VMware hasn't put more than a token effort into an application marketplace, nor made upkeep for templates or recipes easy.
VMware has always been focused on making it easy to create a VM. It has been flat out awful at providing the ability to manage what's inside it, and it certainly hasn't invested in the kind of workload-level integration that gives you inexpensive virtual private server-style shared Web servers, databases, or e-mail of the sort that public and services provider clouds offer.
The result of this are that VMware-based clouds tend to be very limited in terms of the variety of workloads available to end users. They're generally more restrictive in terms of what users can do and aren't as feature-rich.
Slowly, this is starting to change. The latest vRealize release is a good start, but it's only a start. For VMware to build cloud computing into an empire, it needs to realize that the primary selling feature of cloudy anything is that it reduces or removes the need for end users to interact with IT.
Getting there means baking a lot more OS and application management and integration into VMware's cloud offerings. It also means dramatically expanding on their workload marketplace efforts, both in terms of officially supported recipes and making the creation and support of organization-built workloads easier.
A Mature Tech Titan
VMware is a company with plenty of opportunity ahead of it. NSX has the potential to be the foundation of an entirely new empire. vSAN can drive up average revenue per unit for vSphere, while Photon could lead to redefining the entire on-premises and hybrid workload management space, re-entrenching VMware's market dominance for the next decade.
VMware's cloud ambitions are significantly more problematic, but progress is being made. With a focus on the right places, VMware could earn and retain most of the enterprise on-premises and hybrid cloud market share. Competition in this space is heating up, however, and the window for a definitive victory is closing.
Each segment discussed here represents a difficult battle against competent and capable opponents. Some of those oppoÂnents are rival vendors, some are risk-averse IT practitioners afraid of change. And some of the opposition facing VMware is VMware itself.
Amazon Web Services Inc. has shown the world a vision of IT that "just happens." A software-defined world where systems administrators are paid not to keep the lights on, but to advance company interests by focusing on applications, integration and automation. In other words, turnkey IT.
VMware has the technology and/or the bright engineers to entrench itself so firmly in multiple markets that not even Microsoft would have the resources to come along and dig the company out. VMware can bring this to the on-premises datacenter, marry it to the public cloud and reign over the next decade as the unchallengeable king of hybrid IT, but no victories are guaranteed.
(Editor's Note: this article originally appeared in the August 2017 issue of Virtualization & Cloud Review).