With great progress often comes great pain. When a tech giant wants to break into new arenas, it often breaks other things as well. In this case, some VMware partners say that company’s aggressive push into network (and storage) virtualization is stressing old relationships with its ecosystem partners. That was one piece of news that went unannounced at the VMworld 2013 conference this week.
At the show, VMware touted its new NSX networking controller and associated gear as a gateway to the virtualized network. It also stressed the importance of partner support for all that gear. As Stacey Higginbotham reported early this week:
“… VMware NSX will be the platform for network virtualization much like ESX and then Vsphere were the platform for server virtualization. VMware’s offering a slew of features including provisioning, a scalable software-based firewall and load balancing. But it’s also opening up the system to a variety of partners, form traditional network equipment vendors like Riverbed and F5 to newcomers like Cumulus and Arista.”
But here’s the issue. Some existing partners — those that had lined up behind the older and now end-of-lifed VMsafe APIs — are grumbling that the new API actually gives them less capability than they had before. VMsafe partners include security vendors like Trend Micro, McAfee, and Hewlett-Packard.
The partners who complained, and who would not be quoted by name, conceded that VMware had briefed them on proposed changes last year but are nonetheless peeved because the new APIs give them less ability to create innovative services than did the old set of APIs.
Tech changes can disenfanchise existing partners
One partner laid it out via email: “VMsafe gave full access to low-level packet traffic via a partner-built kernel model. Almost anything was possible including WAN optimization.”
NSX, on the other hand, in his view is what he termed a “reduced access model” which, in his words
“limits the efficiency of what can be done via a limited set of APIs and a generic VMware-provided kernel module. Sure a vendor can get packets but in NSX they have to process and manipulate those packets in a VM vs. the kernel. There is a big loss of efficiency and likely performance. There are tasks that make sense to be low level (at the kernel) and others that belong in a ‘service VM’ (e.g. Intrusion Prevention Systems] VMware has decided that kernel access is no longer allowed for vendors that wish to perform networking tasks.”
Not surprisingly, VMware has a different take on this. For one thing, NSX gives third parties access to both the data plane and the control plane, which is a big bonus, said Martin Casado, VMware’s chief architect of networking. That access gives them better ability to provision and manage their applications, is VMware’s take. “Our design on the ground is to extend all these capabilities to partners,” he said.
A VMware spokesman added that the number of partners that did deep kernel-level integration with VMsafe was small. Net, net, he said, the new NSX APIs (once known as NetX) will enable more partners to do much faster integration with NSX infrastructure.
A similar kerfuffle is shaping up on the storage virtualization side of the shop over VMware’s new vSAN product eliminates the Virtual Storage Appliance (VSA) layer that sat between the hypervisor and the actual storage. That change could cause analogous angst for VMware storage partners. Both the network and storage virtualization efforts are critical to VMware’s software-defined data center effort which it sees as the fundamental underpinnings to its cloud computing vision.
In any case, it’s not unusual for tensions to flare between big software vendors initiating a broad change in technology, and their ecosystem partners. Basically, when a technology shifts, the APIs and other integration points to that technology likewise shift. Such spats were and are common in the Microsoft universe, for example.
Navigating the tricky straits from server room to cloud
What’s tricky for VMware in particular at this point, is that it is trying to parlay its dominance in in-house server virtualization into the broader and super-competitive world of cloud computing at large. And it’s trying to do so when its bedrock technology — the hypervisor and management tools — is under siege by Microsoft (with Hyper-V and associated tools); Red Hat and others with KVM and its tools and Citrix with Xen et al.
VMware’s initial attempt to stretch from internal server rooms into cloud with vCloud Director didn’t go well. Now the company is pitching its new vCloud Hybrid Services , available in September, as a viable answer to Amazon Web Services and Microsoft cloud infrastructure. It’s safe to say that both those companies have a big head start on VMware here. And when it comes to providing massively scale infrastructure along with a full array of services, the availability of ready-and-willing tech partners will come in handy.
We’ll be sure to ask Joe Baguley, VMware’s CTO for EMEA about VMware’s cloud and SDDN vision at Structure:Europe in London on September 19.