I spend a good amount of time thinking about how multiple technology strategies from market leaders coalesce into a reasonably homogenized version of reality in the networking and security space in order to decide where to place bets; it's akin to reading a tell and analyzing a player's betting strategy at a poker table.
I look at Cisco and VMware and can't help to chuckle at the moves being made in the name of "partnership" on the virtualization front and there's an awful lot of twitching going on that doesn't require Phil Hellmuth to decode.
Partnerships are nothing new, but usually they are couched with certain modicum of suspicion and cynicism. However, speaking with folks at VMworld, either folks were high from the Oxygen Bar at the airport, or they were adding naiveté syrup to the drinks because I seemed alone in my concerns...
I've put together a couple of summary points on the matter -- more for my own personal enjoyment and note taking than anything else -- and framed them in terms of what I find to be really annoyingly obvious examples of these two strange bedfellows' behaviors:
1) The purported cohesion of Cisco's and VMware's virtualization strategies is a simply a matter of converged parallelism and forced perspective.
You've seen diagrams that demonstrate the notion of converged parallel lines, right? If you haven't here's an example:
You'll notice that in this diagram there exists a series of parallel lines which seem to converge at a "vanishing point" on the horizon.
This in fact is not the case. The lines don't actually ever converge, they just look like they do. It's all a matter of perspective. Imagine these lines as Cisco's and VMware's virtualization strategies.
Similarly, the notion of forced perspective is a method by which the manipulation of perspective employs an optical illusion to make something appear closer, father away, larger or smaller than it actually is (see the title image above*.)
The announcements from Cisco and VMware are very much like these examples. Whilst they offer excellent opportunities for improving the management and security of virtual infrastructure, it's very much Machiavellian marketing -- the end is going to justify the means.
Speaking to either Cisco or VMware you're asked to suspend disbelief and accept that these two companies share a common blueprint for a datacenter OS, but they don't. In fact, they're quite different, and the balance of who needs whom more is also very lopsided.
Despite the close technical partnership needed to pull off the integration of the Nexus 1000v as the first third party virtual switch (which we've been talking about for almost two years,) Cisco and VMware really are on parallel trajectories in terms of their visions regarding the datacenter OS; how it's designed, provisioned, deployed, managed and governed...and by whom.
Cisco is approaching this primarily as an infrastructure transformation play as a way of clawing back what they lost when the network access layer become absorbed into the virtual hosts while VMware is busy distancing itself from the infrastructure and elevating the discussion to that of the cloud in an effort to stave off Microsoft and Citrix.
Each want to own your datacenter, and while they play nice on the surface, there's really a nasty game of tug of war going on here. This is a marriage borne of convenience, nothing more.
You try and unify Cisco's DC 3.0 vision with VMware's Virtual Datacenter OS blueprint and tell me how they mesh.
2) Dear Virtual SysAdmin: You're fired as the network admin. You're cool with that, right?
It's funny how both Cisco and VMware's marketing folk in the sessions discussing the release of the Nexus 1000v vSwitch, both snarkily (and rhetorically) posited "How many of you Virtual SysAdmins have coordination and communication issues between your virtualization and network teams?"
Leading the witness further, the next question was "Don't you just hate having to fight to get the network teams to give you a trunk port on an access switch?"
They followed that up with "Your prayers are answered! The 1000v will allow you to give the network provisioning back to the network teams and let them control the networking and connectivity. Isn't that great?"
While most nodded away in the affirmative to the first and second questions, I didn't see one audience member who answered positively on the latter. What makes anyone think the vSysAdmins *want* to give up the control of the virtual networking layer and be at the mercy of the networking teams again?
Interesting battle ground for sure. Now, please don't misinterpret my commentary as a suggestion that this is a bad thing, but we're already in the middle of a "West Side Story" turf war over organizational fiefdoms. This will, depending upon what sort of contention exists already, make a really tenuous issue even more so.
3) Software Sucks. Hardware Rules. I hope you like ping pong.
I hinted at this point in my post titled (The Network is the Computer...) The reality is that much like point #1, Cisco could care less in the long term about the Nexus 1000v as a software switch running in someone else's backyard operating environment, but rather introduces it to enable the landscape clawback it gets to enjoy in the short term and make relevant once again it's big network iron in the longer timeframe.
A telling slide was the announcement of what's coming AFTER the Nexus 1000v in one of the sessions that I have not seen presented in detail elsewhere -- that is Cisco's goal to extract networking out of the host completely.
The plan as discussed is to utilize what Cisco calls an "initiator" to replace the 1000v and force traffic, after specialized tagging which denotes affinity of flows to specific VM ID's, and ship them straight back out the network interfaces to a waiting Cisco 5000/7000 switch for processing. Hence the ping-pong mention above.
Sorry for the quality of the picture as I took it sitting behind somebody, but here's a slide denoting just this very thing:
The notion of a third party switching capability is really just a way for Cisco to push the access layer back to where they think it rightfully belongs -- in the physical switch.
Cisco claims that VMware and they have submitted this tagging specification to the IEEE for review/ratification. I find that very interesting.
I wrote about the need for such a technology at both the virtualization layer and more importantly the application/data level in June of 2007.
Check out my post which described how I suggested Crossbeam do the exact same thing by way of something I called ADAPT (Applied Data and Application Policy Tagging) which describes this very thing. What's next, they're going to announce vNAC? ;)
--
All in all, the Cisco/VMware relationship is about as natural looking as the Microsoft/Citrix version -- it's sort of like a midget dating a six foot supermodel...someone's getting the better end of the footrub in that relationship, too.
So, how about it? Am I stating the obvious again -- and does it need to be stated?
/Hoff
*image from "The Eye of Brad" flickrstream
Recent Comments