Ultima Blog

Everything You Need to Know About VMworld 2017

Written by Ultima | 26-Sep-2017 14:30:00
VMware is a fabled name amongst IT administrators and infrastructure architects, however they have traditionally had very little to no presence in the end user space. With announcements into Workspace ONE, Horizon View and AirWatch at VMWorld 2017, VMware is making great progress in changing that picture.While there were no ground-breaking announcements or technical product releases, there is a clear move towards a strategic vision - and a more mature packaging of their technology products. What was obvious is that VMware’s message is now clearer, with more depth in each technology platform focus area. After a couple of years of uncertainty, they have a more unified and certain direction.

Workspace ONE

Workspace ONE brings a one stop shop for end users to access any application regardless of the application type, be it a Windows, Apple iOS or Google Android based application - or even virtual applications such as ThinApps - and published apps using server based computing for example.

End users will simply access the Workspace ONE console, and all the applications based on the device type that is being used to access the Workspace ONE console will be made available to them. Using VMware Identity Manager (VIM) in the background, the end user will be able to single sign-on to the application - based on the access provided. Leveraging the power of AirWatch, the device compliance will be fully validated before the application can be accessed on that device.

AirWatch administrators will be able to enforce compliance policies via Workspace ONE based on user, device, application or location type. Users will be prompted to apply these compliance policies once they launch their desired application from the Workspace ONE console, failing which could restrict their access to the application on that device.

AirWatch

AirWatch has been the industry leader for quite some time for Mobile Device Management, however it always had very limited ability to manage on premise Windows devices such as Windows 7 or Windows 8/8.1 etc. However, with Windows 10, AirWatch is changing the game yet again and is bringing full scale PC lifecycle management built into AirWatch. You will be able to manage Windows 10 enrolment into Azure Active Directory from the OOBE (out-of-box experience), install applications, enforce group policies to non-domain joined devices and manage Windows Updates from the same pane. You will also be able to granularly control Windows 10 Upgrades from the AirWatch console.

Just as a non-tech person these days can easily configure their Apple or Android based mobile devices with just an email address and a password, AirWatch envisions bringing the same experience to Windows 10. SCCM (System Center Configuration Manager) beware - you have serious competition coming, at least in the PC lifecycle management space.

VMware are changing the licensing model for AirWatch and bringing it all under one package. Workspace ONE will have AirWatch and Identity Manager at its core for the Standard and Advanced offering; adding Horizon VDI to the mix with the Enterprise offering.

Horizon View

With Horizon View 7, VMware brings instant cloning to RDSH (Remote Desktop Session Host) servers - giving more power to Just-in-time delivery, leveraging other JMP (Just-in-Time Management Platform) technologies such as AppVolumes and User Environment Manager to hosted desktops and hosted applications. Horizon Apps brings hosted apps delivered through the Just-in-time delivery model over HTML 5, together with SaaS (Software as a service) and other mobile apps all under the same roof.

VMware BLAST has been made even more powerful with Horizon View 7. It is quickly becoming the protocol of choice for lots of customer, and is inching closer to PCoIP (PC-over-IP) in terms of features and functionality.

VDI 2.0, as VMware likes to call it, is the sneak peek into what lies ahead for VDI:

  • Horizon on Cloud: VMware is partnering with Microsoft Azure to provide Horizon View VDI access in the cloud. With only a few clicks the administrators will be able to provision Windows desktops using Horizon View VDI for end users. Using the JMP platform in the cloud, performing updates to the cloud based Windows virtual desktops, such as upgrading from Anniversary update to Creators update, will truly be a few clicks job.
  • Session Collaboration: VMware BLAST protocol in Horizon 7 introduces session collaboration which will enable multiple users to share and interact with the same Virtual Desktop Session, bringing true collaboration to the VDI infrastructure
  • Just-in-time Management Platform (JMP): Horizon 7 allows you to isolate the Platform Layer (OS) completely from Application layers using AppVolumes and further isolate User Data layers using User Environment Manager. This allows IT administrators to deliver various applications to multiple user types without the need to create and maintain multiple underlying specialised OS images. Using the Instant Clone technology, IT can quickly scale up and down the Virtual Desktop and Hosted application deployment as business demands.

Pay monthly for your VDI solution:

Dell and VMware are making it easier for customers to adopt Horizon View VDI by offering per user monthly subscription models - be it in the cloud or on premise (yes you heard me right). With Dell EMC VxRAIL hyper-converged VMware VDI optimised appliances, Dell is preparing to offer a subscription based model of payment which will include a Horizon View license, providing customers more flexibility when choosing on premise or cloud based VDI solutions.

Cloud

VMware have taken an agnostic approach to cloud; which gives them greater versatility when it comes to areas such as legacy support for applications or interoperability between different platforms.  This multi-cloud approach enables VMware to stretch the enterprise private cloud platforms into areas of public cloud that other providers cannot provide.  This partnering with multiple vendors is a core strength that should not be underestimated.

AWS

VMware’s partnership with Amazon Web Services (AWS) has now come to fruition, with further announcements and meat on the bones regarding how this offering works:

  • ESX/NSX/vSAN/vSphere provisioned directly from bare metal using the AWS provisioning platform (no nesting)
  • Simple, fast setup (deploy usable cluster in hours)
  • Starts at 4 nodes, currently scales to 16, will scaler to larger clusters later
  • Each node has the following hardware profile
    • Dual 18 cores Intel CPUs
    • 512 GB RAM
    • 14TB SSD (All Flash Only) – Provided by 8 drives using NVMe (2 for caching)
    • 25Gbps networking
  • Hybrid license rights for customers who already own vSphere/NSX/vSAN licensing
  • Currently only available in Oregon, USA

All this is built using the same VMware platform used on-premise, so there is no need to retrain staff, learn new processes or rearchitect your applications and platforms.  You can run linked mode (hybrid) vCentres to ensure you have a single platform; even though some services are in the cloud.   

There are some really good use cases/advantages for using VMware on AWS and these include:

  • Move spending to an OPEX model
  • Set up data centres in remote regions (once available), without needing to set up local contracts with DC/network and hardware partners
  • DR platform with no need to re-architect applications/platforms - if it works on VMware on premise, it’ll work in VMware in AWS
  • Use to provide burstable capacity; again, without the need to re-engineer or re-architect your applications
  • Integration with AWS services, with “internal” networking with the vPC to these cloud services.  This means you can run your legacy servers/services right “next to” your new modern cloud applications; without latency or network charges.

There are of course a few pre-requisites, but these aren’t significant.  A few things to be careful of:

  • To get the full Hybrid experience, you must upgrade (if not already) to vSphere 6.5 on premise
  • You need NSX on premise to perform live vMotions to and from AWS, else migrations need to be with the server shutdown
  • All AWS regions will be enabled; but this is likely not going to be until the end of 2018; with a single EMEA region (spoiler alert - likely to be London) not until the first half of 2018

Cloud Interoperability

Other announcements around cloud interoperability were also forthcoming, with a new VMware cloud verified partner program. These are partners running the same platform as AWS VMware (ESX/vSphere/NSX/vSAN) who have been certified as on the same technology path. Currently, the following partners have this accreditation and provide services right now:

  • CenturyLink
  • OVH
  • Fujitsu
  • IBM
  • Rackspace

VMware have now (again, where previously lacking) caught up on containerisation, with some more information coming out regarding their Pivotal Container Service (PKS) offering. This service enables enterprises and providers to run Kubernetes on VMware vSphere or Google Cloud.  Both platforms are constant with compatibility to Google Container Engine. It’s likely the service will be available before the end of 2017; with more information coming soon.

Last thing on cloud at VMworld. VMware have a number of SaaS offerings in the cloud space. VMware cloud services which are available now/soon include:

  • Wavefront – Monitoring platform for analytics for cloud native applications
  • Network Insight – Essentially manage/monitor NSX deployments across any cloud
  • NSX Cloud – NSX for public cloud services
  • Cost Insight – Looks at cost models across public and private clouds to understand and project better placement and running of services
  • AppDefense – Security posture analytics; monitors server/network behaviour and changes security posture if anything “odd” is occurring
  • Discovery – VMware, AWS and Azure discovery and asset collection services.

VMware’s website has more information on these, or you can contact us as a Premier Solution Provider if you’d like to learn more.

Software Defined Data Centre

So, outside of cloud (well, public cloud), comes VMware’s end to end software defined data centre (SDDC) offering.  Called VMware Cloud Foundation, hardware providers are making verified systems that will run the familiar VMware stack of ESX, vSAN and NSX. This quick and simple-to-deploy hyper-converged stack, topped with a SDDC manager for automation, patching and lifecycle management, provides a simple on premise private cloud - with the same underlying architecture as VMware’s public cloud offerings (AWS/OVH/IBM etc). Cisco, Dell and HPE are the first vendors with supported nodes; however, more will come very quickly.

Strategy

VMware’s whole strategy at this point lines up. You can run consistent, predictable or security hardened workloads on premise in your data centres; and use the hybrid setup to connect to the public cloud (e.g. VMware on AWS) for burstable and scalable services (as well as cloud native services), development and test - or disaster recovery.  Benefit from all this while utilising a consistent familiar management platform and the same architecture, with no need to change your application estate.

NSX has been given an uplift, with investment to make it more multi-cloud ready - and updates that provide interoperability with Kubernetes and OpenStack. Being able to run NSX on any/most platforms and clouds results in a reduction of the number of different networking platforms required - and better enables portability of virtual machines and services.

vSAN has a few updates, mostly around data native snapshots with the ability to move these snapshots to secondary storage (or cloud storage). This will come in useful, as will the replication of these snapshots to a secondary vSAN deployment (maybe even into VMware in AWS?)  Support for docker and Kubernetes will also be added. We’ll have to wait until 2018 for these new features, unless the development is accelerated.

 - By Matt Hudson (Solutions Architect)

& Karan Diwan (Senior Consultant)