VMworld 2014: SDDC VCDX Panel

Session: INF1736

Jon Kohler (Nutanix), Josh Odgers (Nutanix), Matt Cowger (EMC), Scott Lowe (VMware), Jason Nash (Varrow)

This was a very lively session with a panel of five VCDXs from  a variety of companies. I was taking real time notes, so I didn’t capture all of comments and some of the grammar and wording may be a bit awkward. If you attended VMworld, then you can listen to the sessions and get all of the comments and friendly banter among the panelists.

Q: If you are converging multiple datacenters (and multiple vCenters) with NSX in the future, how would you design your datacenter today? What do I do to avoid problems?

A: Scott – NSX manager has a one to one relationship with vCenter today. VMware is actively engaged in fixing this problem. The plans for converging multiple NSX domains into one hasn’t been finalized yet, so can’t answer it. It would be ideal to not having overlapping VDIs.

Q: It used to be with DVS that you couldn’t migrate between vCenters. What is the story with NSX?

A: Scott – If I have a set of logical constructs how do you take that grouping and pick it up and put it into another domain? The answer is that you don’t right now. Not a product feature. There is no solution today. Too early to tell what the real solution will be. Stay tuned for future NSX enhancements.

Q: What are the panel’s thoughts on the datacenter in 5 years? What is the next challenge?

A: Jon – There are always customers that can’t overcome today’s challenges. Maybe extensibility? Federation?

Matt – I’m not confident that’s is the right question to ask. I would hope in 5 years we aren’t talking about hypervisors or storage platforms. We should be talking about how to deploy applications. “I’m over the infrastructure”. I don’t care about OpenStack. I don’t want a VM from OpenStack, I want a VM that is used for my application.

Josh – We focus a lot on infrastructure. We should look towards the application layer. Storage, networking all enable apps. Infrastructure solves challenges that shouldn’t be there. Maybe we won’t need SRM or stretched clusters, with smart apps. The further we get away from infrastructure, the less constrained we will be.

Jason – What we are seeing is a big shift towards software as a service. We have a challenge coming ahead to simplify our ways. Shrinking the datacenters that my customers have today. We have fights ahead about software migrations (e.g. EPIC to something else if hosted in the cloud). It’s about where you host applications. Can you get your data out of the cloud?

Scott – I think we are going to see increasingy a wide adoption of cloud services and hosted application. The ability to migrate data between providers is a big problem. While the tools we use to provide the infrastructure will fade away, the reality is that someone somewhere will have to manage it. If you own some level of infrastructure, we will  need tools that will do mapping and identification across the layers of applications abstraction. Those points will  be relevant regardless of the underlying infrastructure. We will have a large distribution of micro applications, and understanding the dependencies is a huge piece that the industry has not yet come to terms with.

Q: What’s the impact you are seeing about containers? A year ago people didn’t know about containers. People are talking a lot about containers today.

A: Scott – Great question. Right now we still have challenges managing a VM. It is a collection of services (e.g. SSH, web server, DB, etc.). In the Docker world that would be three different containers. Now you have hundreds of VMs. With containers you will mushroom to thousands. We have no tools today to manage them at this scale. Until you can do service discovery, you can’t wire in the app to the rest of the business. How do you tell the containers where to go and who to talk to? If you do DNS, then that uses a lot of IP address. This is a challenge is that the vast majority of companies won’t be using containers. Only large web scale companies like twitter will be using it. Today the maturity is not there today.

Jason – Customers are thinking about containers, but aren’t changing their app model today.

Jon – People dive in head first to containers, but they still haven’t gotten down pat managing VMs.

Josh – Don’t use technology just for the sake of technology. If what you are using today is working, then don’t change what you are doing.

Matt – Docker is not a container. Docker is an orchestration method for various kinds of containers. The reason why Docker matters is that they figured out how to solve prolems like service binding, etc. Docker fixed a lot of that. I want to make that distinction. Containers are only now relevant because the tools to manage them at scale are now relevant.

Q: You shouldn’t jump into something new just because it sounds good. I have several IT managers that do just that. We get overruled every day. How can I prevent that?

A: Scott – We can all agree layer 8 has a lot of problems that need to be addressed. We as architects need to make sure business requirements map to technology. IT exists to serve the business. Are we decreasing time to market, increasing revenue, etc. If we aren’t doing that then why are here.

Matt – Names a product that is stupidly cool but super expensive (Xsigo). Matt then tries to quantify the amount of time saved, and ho much money it would save. They then bought the tool (which was later bought by Oracle). As a VCDX you need to match business requirements to technology, not the other way around.

Jason – I’m doing a lot of roadshows for NSX and all flash arrays because they are cool new widgets. But you find way higher attach success by defining requirements and doing ROI analysis.

Q: As you look at the IT landscape, will the 20% of people running Solaris, HP-UX, AS/400. Is this going to be a hurdle and what’s the way forward?

A: Josh – This is the same process of virtualization 10 years ago where tier-1 apps would not be virtualized. VMware can do more than 80% of the task. Today it’s more a political challenge then technical. Michael Webster gets on stage – The most issues are not technical in nature. You can virtualize VAX and Alpha today.

Scott – It’s all about a business requirement.. If these new technologies don’t apply to your technology, then it’s not worth trying to fit a round peg in a square hole.

Matt – SDDC is not all about vSphere. You can implement SDDC without using vSphere.

Jon – If your biz requirement is people are 150 years old and you are using LPARS….ok that’s not funny.

Jason – Or do it for the 80% that VMware can do, and leave those other technologies alone.

Michael Webster – Many Unix platforms can be easily migrated to vSphere, even DB2 running from a mainframe.

Q: I lead a performance and management team. I’m afraid people will be pointing finger at me. What do you think is an approach that might work? App discovery, performance baselines, etc.

A: Matt – You job should be identifying performance issues and pushing that down to the app owners. You should make sure the environment is up and meets SLAs. Give the data to the app owners to manage.

Scott – I agree. Mange the expectations by SLAs. Did we violate the SLAs? The app owner can then drill down into the problems.

Matt – Manage SLAs around latency, bandwidth, CPU utilization, etc. Josh  – the goal is to find the problem.

Scott – I agree. The app folks will say TPS are running low, and they are asking you why. You do need to write the SLAs over what you have control with and a clear boundary. You need application metrics. Mutually agree at these SLAs.

Matt – Baselining is hugely important.

Jon – Baseline is super important. Get it in writing.

Josh – Manage the expectation so they don’t try and railroad you.

Q: I work in Federal. While we don’t have a public cloud that is approved. What can I do today when in the future the public cloud is approved?

A: Jason – Why do you want a hybrid cloud model? Will you be saving money, cloud bursting, etc?

Josh – There’s a perception that hybrid cloud is good. But the grass is not always greener on the otherwise. It’s about delivering a business requirement.

Matt – It’s not uncommon to say one thing because they think that’s what will get them what they want. But it could be because they want to go around IT.

Jason – Some people see shadow IT as an opportunity to improve. I get asked all the time what do you need to do to move to a hybrid cloud platform. Often the answer is better serving the customers you have now, better. This is better than just swiping your AWS credit card.

Jon – What can help when collecting business requirements that look good, is asking do you really need it super fast? Maybe they are unhappy with your existing service catalog.

Matt – Make sure you run the numbers. One of them will be cheaper, but you need to find out which it is.

Jason – Choose your internal platforms carefully, so you can better move to a hybrid platform in the future.

Jon – Ask the customer what they expect from a hybrid cloud. ROI of build vs buy.

A: There’s a lot of change in how we manage datacenters. What do you guys see as the changing role of an administrator in this new role?

Q: Scott – We were talking about networking at OpeningActs on Sunday. One of the comments was that you have three tiers of people IT. One tier that racks and stacks. Then the middle tier is like middle management, where the sysadmins fall. The third tier are architects. The middle layer will get eliminated. To add value you have to look beyond managing the widgets in your silo. You will need to be aware of business costs, how to manage, etc. and that will keep you relevant much longer. Don’t focus on specific technologies.

Matt – if you are retiring in 5 years, do nothing you are fine unless you want to. In 10 years you need to figure out things like hypererconverged, containers and NSX. For the next 10-20 years, you need to learn to write code. Through automation.

Scott – Not everyone will be a programmer. But you need to be able to use infrastructure as a code tool.

Matt – I am not a networking guy. I can’t route myself out of a paper bag. But I can pull up wireshark and know what’s happening. But I do know enough to poke and prod a little bit.

Jason – Trying to get people out of the mindest of just delivering their own widgets. Projects that use to take a month now take two weeks, with solutions like Nutanix or other systems that are easy to deploy. Integration with other systems is important.

Jon – It’s not about if you can read wireshark. It’s about how you can apply technology to solve a problem. I can solve a business problem with ‘that’. Until people break out of the silos, then they won’t understand what’s happening in the datacenter. You will need to look at the macro picture.

Josh – Break out of the silos.

VMworld 2014: VCDX Architecture Panel

Panel: Mark Gabryjeski, Mostafa Khalil, Chris McCain, Michael Webster

VCDX Objective of the defense

  • Design judgments and technique
  • Successful interactive design exercise
  • Successful interactive troubleshooting exercise

The Art of Infrastructure Design

  • Discover inputs – Conceptual model
  • Develop solution – Logical model
  • Design Architecture – Physical model
  • Determine success – Validation

Goals of VCDX Methodology

  • Design creation meeting VCDX minimally qualified candidate (MQC)

Perspective – Conceptual Model, Logical Design, Physical Design

Design area and attributes: Design consideration, design choice, design pattern, justification, impact, risk and risk management

VCDX Overview

  • VCDX Defenses – Generally 75 minutes. Do mock defenses, and understand your design. Do not implement technology just for the sake of it. “Cool” is not a good reason to implement a technology.
  • Design area and choices: Budget, constraints, timelines, requirements

Panel Discussion

Q: How does the long term vision of the SDDC impact your design?

A: Depending on your environment you can prepare for it, if you know what changings are coming. For example, if you want to use vVols, pick a storage array vendor that you know now will support it. Or you can plan for a more modular design, where you can plug-and-play pieces. Or maybe go with a hyperconvered solution like Nutanix or EVO RAIL to help plan for your SDDC. Think of “in x number of years where do you want to be?” and start planning. The networking is the fastest changing aspect of the SDDC. You want to move towards spine/leaf design and away from the three tier model. Even if you won’t be using NSX now, if you set your physical layer in preparation for it then you will make your life easier in the long run. SDDC is all about policy based management, such as settings, security policy, etc. It’s all about applying policy out. With policy you define it once, and apply it consistently down to end devices.

Q: How does network virtualization and storage virtualization change infrastructure design?

A: The biggest hurdle is IT culture. NSX is eliminating the demarcation point between networking and the vSphere admins. A big question is “who is going to manage this?” (NSX, etc.). Network guys are wondering where their job is going. Network guys are not so sure they are ready for SDN, since NSX may take away their power and job security. A new job role: A network virtualization administrator. On the storage side, bring in the storage admin into the virtualization team. The storage assigned to a VM is now defined by policy. The storage admin administers the physical box, but the virtualization administrator will do most of the rest of the storage admin tasks. The big change is SDN and SDS. The different IT groups all blend in the SDDC vision, and don’t continue to work in silos This breaks down boundaries in the IT admin word. SDDC is very dynamic, and enables you to be more flexible and elastic.

Q: With the changing of the roles, do you where the different silo admins now determine policy and need to get more involved in the compute side. Or do you see

A: The goal of SDDC is to define policy once, and let it move around with the object. If you can get your network and security folks to define policy, then it’s defined. Shifting of a job role into a “policy definer”. The work of trunking VALANs on a daily basis is now GONE. As an organization you have to figure out the shifting job roles, and that you aren’t trying to kill of networking administrator jobs. But you will still be doing “this” part of a job, but it won’t be CLI based. The same story goes for the storage side as well. Storage admins will help define policy, but now won’t be carving up LUNs on a daily basis.

Q: Question is regarding L2 network spanned across multiple sites.

A: Today managing ingress is a PITA, and there is a road map planned to address this issue in the future.

Q: For people that become VCDXs where do you see them falling into rules?

A: It runs the gamut. VCDXs specialize in many different areas. Some work for consultants, some work in large organizations. Other roles include SEs, support staff, etc. Don’t lead with the technology, lead with good business driver questions. VCDX gives you different career opportunities. It can help you search for your ideal job, and opens up the door for opportunities. VCDX opens up doors at different levels, and up to the executive levels. The VCDX certification bar has remained high, even as a lot of people come on board.

Q: Is VMware thinking about a single management pane?

A: VMware is offering NSX training, and separate tracks for both vSphere admin and CCIE type of folks. Check out the VMware site. VMware is trying hard to attract networking people into the NSX program. CCIEs and other certs can enable you to directly take VMware tests, and skip taking classroom training. You still need hardware to run your SDDC and SDN. It’s just the role of hardware that is changing.

Author Note: For a long list of VCDX study materials check this out.