All about:virtualization

Thanks to the great community that has been build around virtualization, cloud, and everything that I’ve been writing about for many years, I have been given some great opportunities to create content to share in those communities.

In my role as Technology Evangelist for Turbonomic, I get to contribute to a very cool community blog which is called about:virtualization that features content related to virtualization, cloud, development, networking, and much more.

Just in case you didn’t already find that content, here is the link to be able to read articles there including some from me, and many other great content contributors from the industry.

about-virt

http://discopos.se/about-virt

Want to contribute to about:virtualization?

We are always looking for community content that can be hosted at the about:virtualization blog.  If you are interested in creating content and being able to get your voice out to the community, please email me to eric.wright {at} vmturbo.com with your contact information and I’ll get you on the road to being a published blogger!

 




Who has a conference? Everyone DOES! – DevOps Enterprise Summit 2014

It seems sometimes that we have a lot of conferences happening. This is a good sign for the strength of the technology sector, and the size of the audience who is prepared to consume this content. As a massive fan of DevOps and the great community wrapped around it, I was very happy to watch some of the recent DevOps Enterprise Summit 2014 which was

The great thing about this conference was that it can be watched virtually, which is exactly how I did it. Luckily the team has been kind enough to post the sessions on YouTube (https://www.youtube.com/user/DOES2014) for our enjoyment.

If I could suggest something to begin with, it’s my usual thing which is BUY THE PHOENIX PROJECT 🙂

Back to the conference though! The reason that I’m bringing up the book is that the Phoenix Project is that one of the co-authors, Gene Kim led sessions and was part of the opening session also. Gene is a phenomenal resource and a great speaker, so if you have to start anywhere, you should absolutely spend some time watching the opening of the Tuesday session here:

From there, I would say that any session is a great place to start. There are a lot of great user stories about how they had success and challenges with adoption of DevOps practices. This is all great stuff and even if you aren’t already on the road towards implementing a DevOps methodology in your organization, this is a good opportunity to spend a little time finding out how it may benefit you.




DevSecOps – Why Security is Coming to DevOps

With so many organizations making the move to embrace DevOps practices, we are quickly highlighting what many see as a missing piece to the puzzle: Security. As NV (Network Virtualization) and NFV (Network Function Virtualization) are rapidly growing in adoption, the ability to create programmable, repeatable security management into the development and deployment workflow has become a reality.

Dynamic, abstracted networking features such as those provided by OpenDaylight participants, Cisco ACI, VMware NSX, Nuage Networks and many others, are opening the doors to a new way to enable security to be a part of the application lifecycle management (ALM) pipeline. When we see the phrase Infrastructure-as-Code, this is precisely what is needed. Infrastructure configuration needs to extend beyond the application environment and out to the edge.

NFV: The Gateway to DevSecOps

Network virtualization isn’t the end-goal for DevSecOps. It’s actually only a minor portion. Enabling traffic for L2/L3 networks has been a major step in more agile practices across the data center. Both on-premises and cloud environments are already benefitting from the new ways of managing networks programmatically. Again, we have to remember that data flow is really only a small part of what NV has enabled for us.

Moving further up the stack to layers 4-7 is where NFV comes into play. From a purely operational perspective, NFV has given us the same programmatic, predictable deployment and management that we crave. Using common configuration management tools like Chef, Puppet, and Ansible for our regular data center management is now extensible to the network. This also seems like it is the raison d’être for NFV, but there is much more to the story.

NFV can be a confusing subject because it gets clouded as being L2/L3 management when it is really about managing application gateways, L4-7 firewalls, load balancers, and other such features. NFV enables the virtualization of these features and moving them closer to the workload. Since we know that

NV and NFV are Security Tools, not Networking Tools

When we take a look at NV and NFV, we have to broaden our view to the whole picture. All of the wins that are gained by creating the programmatic deployment and management seem to be mostly targeting the DevOps style of delivery. DevOps is often talked about as a way to speed application development, but when we move to the network and what we often call the DevSecOps methodology, speed and agility are only a part of the picture.

The reality is that NV and NFV are really security tools, not networking tools. Yes, that sounds odd, but let’s think about what it is that NV and NFV are really creating for us.

When we enable the programmatic management of network layers, we also enable some other powerful features which include auditing for both setup and operation of our L2-L7 configurations. Knowing when and how our entire L2-L7 environments have changed is bringing great smiles to the faces of InfoSec folks all over, and with good reason.

East-West is the new Information Superhighway

Well, East-West traffic in the data center or cloud may not be a superhighway, but it will become the most traffic-heavy pathway over the next few years and beyond. As scale-out applications become the more common design pattern, more and more data will be traveling between virtualized components on behind the firewalls on nested, virtual networks.

There are stats and quotes on the amount of actual traffic that will pass in this way, but needless to say it is significant regardless of what prediction you choose to read. This is also an ability that has been accelerated by the use of NV/NFV.

Whatever the reasons we attach to how DevSecOps will become a part of the new data center and cloud practice, it is absolutely coming. The only question is how quickly we can make it part of the standard operating procedures.

Just when you thought you were behind the 8-ball with DevOps, we added a new one for you. Don’t worry, this is all good stuff and it will make sense very soon. Believe me, because I’ll be helping you out along the journey. 🙂




Managed Clouds and Why SMB Customers Don’t Chase Unicorns

If we look at the economy and distribution of wealth, we can see that there are some interesting statistics about what many call the 1%. Stretch a little further into the top 10% and you will find what they refer to as the champagne glass effect. In other words, the top percentile of earners have a disproportionate percentage of the overall wealth. So what does this mean to what I’m talking about here?

Is There a Champagne Glass Effect in IT?

Gartner has a well laid out graph to illustrate the overall spend of technology that is available here: http://www.gartner.com/technology/metrics/

source: http://www.gartner.com/technology/metrics/

source: http://www.gartner.com/technology/metrics/

This is less of the illustration of a champagne glass effect with the graph than it is showing the distribution of spending by industry. As you can imagine, and as could be correlated by other data, there are certain industries and company sizes that spend more on services and IT resources.

What is different about the spending at the “enterprise” level, is that it is often done on hardware, software, and cloud resources, with a strong reliance on internal IT resources to manage those resources. While we often focus on those enterprise success stories with high trust and amplified feedback loops between the IT and business teams, what about the rest of us?

Small to Medium Business: The 99%

In using the economic champagne glass as the example to illustrate the 1% versus the 99%, we can take the same view of technology spending and reliance on internal resources for technology development and management. I don’t want say that everything in the SMB space can be painted with the same broad brush, but there are hundreds upon thousands of businesses ranging in size, and they will consume and provision IT resources much differently than the 1%.

We can even expand to the 90%/10% range really and still capture a lot of environments which are still heavily invested in the traditional IT model.

SMB Doesn’t Chase Unicorns

The elusive unicorn of IT is that internal IT staffer, or contractor, or even an entire team of people who are working magic in the technology backing the organization. That magic, is really not magical at all. But the ability to attain that seamless end-to-end success in providing IT resources to meet business needs is just as elusive as a unicorn when you aren’t staffed to be able to handle the tasks.

Cloud is often touted as the answer. It isn’t. Cloud is an enabling technology and methodology to deploy business applications into, but requires the ability to create, deploy, and manage these applications into that cloud environment. With many companies (especially SMB) this is as elusive as the fabled unicorn that so many seem to hold in high regard. So, what is the SMB customer supposed to do when they aren’t prepared to staff up with internal resources in hopes of building these environments?

Managed Cloud

To many cloud pundits and DevOps advocates, this is the antithesis of cloud. That being said, I’m a cloud advocate, but I also have the view of being inside the SMB market through experience and through my exposure in social networks, conferences, and various community organizations.

If managed cloud is often frowned upon by many leaders in the cloud industry, the question is why?

As a fan and customer of Rackspace, I have really loved their choice to heavily leverage the managed cloud as a key offering. For many SMB customers, this is precisely what we need. Some regard it as training wheels to get into the cloud, and if that is the case then I don’t think that is such a bad thing.

I’ve made a note of the great article by John Engates, CTO of Rackspace, here at VirtualizationSoftware.com and through conversations with other Rackers like Cody Bunch and Ken Hui (recently moved to EMC), you can see that the presence at VMUG conferences is really highlighting their plan to show their distinct capability to run big VMware and OpenStack clouds for their customers.

cody-vmug

Mike Kavis at Cloud Technology Partners wrote an article on the move by Rackspace here that talks about the concept and the shift towards more managed provisioning versus the panacea of self-provisioned IaaS.

More companies are rising up with the approach of bringing managed services as an offering to differentiate themselves from the big IaaS (Infrastructure-as-a-Service) providers like cloud juggernaut Amazon, as well as Google and Microsoft who are climbing the market share charts quickly behind them. It isn’t that IaaS isn’t good, but the point is that the market for IaaS business is shrouded by these three major players.

SMB + High Touch = High Trust

The path to adoption of more cloud resources and DevOps practices in the SMB market place is one that will be paved by the managed cloud route in my opinion. Organizations which have not got the resources nor the experience to create and consume services in cloud environments will find that the managed cloud path is one that leads to comfort with the new ways in cloud IT.

Is this a guaranteed path? No. Is this right for every company? No. That’s right, I said it. At this point in time and for a long time to come, public and private cloud environments, managed or self-provisioned, are not going to be appropriate for many organizations.

In a year or two we can reassess the landscape a bit and make a judgement on things then. For now, I like that managed cloud feeling. It’s nice when someone else is on pager duty for you 🙂