Tip - ctrl +/- to increase/decrease font size
Introduction and Research Premise
Senior IT and business management should understand that virtualization and cloud computing represent the single most important re-architecting of the information infrastructure in the history of computing. The impacts of this trend will be seen over the next decade and these technologies will be key enablers for delivering infrastructure-as-a-service. In order to achieve this vision, all the component technologies in the data center will need to be integrated and delivered as a cohesive and consistent virtualized infrastructure stack. The higher the level of integration achieved within the stack, the less time spent on managing infrastructure, the more efficient the entire IT environment. This translate into a greater ability for IT to deliver lower cost services, higher availability, faster time to deploy, and improved business continuity.
Our research shows that an organization with $1B in revenue that spends 4% of that revenue on IT will save $20M over a five-year period by pursuing an integrated virtualization approach. That figure will nearly triple over the period of a decade. While we don't normally attempt to quantify initiatives over such long periods of time, when it comes to virtualization and cloud computing it is appropriate to think about the impacts in this timeframe.
This series of research notes is based on in-depth practitioner interviews, technology research and financial modeling. Our goal is to define in these notes the virtual integrated stack, the most important integration points, key integration requirements and the value an integrated stack can deliver to IT organizations embarking on a virtualization and cloud computing journey. Importantly, our research will project the functional attributes of key infrastructure components over a near-, mid- and long-term time horizon.
Wikibon interviewed 22 practitioners (12 in-depth) to understand the challenges and opportunities of exploiting virtualization infrastructure generally and VMware specifically. This research is largely based on the findings of these interviews. The interviewed individuals included:
- Systems architect, financial services,
- Chief information security officer, large bank,
- VMware administration, manufacturing,
- Two (2) storage architects, one in a retail organization and one in financial services,
- Application owner, hospitality organization,
- Risk manager/auditor, services organization,
- Security professional, consumer products,
- Four (4) practitioners from cloud service providers using VMware from both IT operations and facilities management,
- Approximately ten practitioners surveyed at the New England VMware Users Group meeting in January 2010.
Our research focuses on five areas of integration within the virtualization infrastructure stack; and forecasts the integration enhancements users should expect. These areas are:
- Storage infrastructure,
- Network infrastructure,
- Infrastructure management,
- Backup, and,
Integration is required to ensure that the stack works efficiently, can be effectively managed, and can be secured and proven to be secure. Wikibon used the results of the practitioner interviews to developed a financial model that quantifies the business value of a virtualized integrated stack. That model is presented in this research note.
Milestones and Definitions
Based on practitioner interviews and economic research, Wikibon defined four milestones to achieve the virtualized integrated stack. Reaching each integration milestone realizes more value and enables virtualization of more applications. Over the journey the savings change from mainly hardware, to IT staff cost reduction, to IT agility, and finally to deeper business integration and risk reduction. We believe IT organizations should evaluate key vendor products and technologies against these roadmaps. As part of this effort we have also included ten questions users should ask vendors about their VMware integration strategies (see conclusions). Detailed Definitions Here. The steps in the journey are:
- Resource Virtualization: The resources of a data center are virtualized, including servers, storage and networking. Initially applied to test and development, this approach is evolving to support more applications. Improvements in areas such as IO and backup are supporting this trend. Resource virtualization allows virtual machines (VMs) to run applications and be mapped against real resources. The key value proposition is better utilization of resources including servers, space, cooling, and power. Our research shows software-as-a-service (SaaS) adoption is on the rise beginning in this phase of the journey; although SaaS is currently not substantially integrated into virtualized data center infrastructures.
- Application Encapsulation or creation of vApps (virtual applications): vApps are created together with the data and metadata required to define the resources and service levels needed to execute the vApp. The virtual infrastructure is seen as a set of services that are shared by the vApps. The main value propositions for this stage of the journey are improved agility, mainly a decrease in the time needed to deploy a new application or change existing applications.
- Internal Cloud enables location independence of the vApp, so that it can be moved between virtual machines, physical machines, and internal locations: This stage is the realization of the virtual data center (internal cloud). The key benefit of this milestone is improved resilience, so that if IT resources become unavailable or are fully utilized, other resources across the enterprise can be deployed to meet service level requirements.
- Hybrid Cloud enables external location independence of the vApp: This allows the application or part of the application to be moved outside the organization into externally available resources; and back internally when necessary. This stage is the realization of the hybrid cloud (internal and external cloud). This allows IT services to be provided either externally or internally, according to availability, capability, and cost. The key benefit of this stage is improved efficiency, so that external computing resources can be leveraged to supplement or replace internal computing assets during peak periods or for other business reasons (e.g. cost reductions).
Greater specificity of this journey can be found in a more detailed research note: Milestones in the Virtual Computing Infrastructure Journey
Wikibon looked in detail at each of the integration points that require attention on the virtualized journey. We discuss these issues using VMware as the basic reference model. (Note: the vast majority of our interviews were with VMware practitioners). We believe other virtualization platforms and integrated stacks will need to address the same or similar issues as they mature.
The following sections summarize the integration roadmaps for each technology we researched. Each section contains a link to the detailed roadmap with significant information organized by each milestone type with a visual graphic of the timeline. For convenience, the links to these roadmaps are included as follows:
Storage Integration Road Map
The introduction of virtualization on servers has brought significant challenges to storage and IO and further integration is required to allow organizations to realize full value from virtualized infrastructures. Simply put, server virtualization stress storage platforms because the rapid creation of VMs overwhelms the backend storage infrastructure and processes. The vStorage APIs for Array Integration (VAAI) address this problem by allowing the array to be 'virtualization aware' and enabling VMs to offload specific storage functionality to the array. On balance, exploitation of VAAI will dramatically improve performance storage performance and simplify provisioning and eliminate waste.
Furthermore, a “layer of obscurity” is introduced, where storage teams have no awareness of virtual machines (only the hypervisor). Looking from the other direction, the VMware team is highly dependent on storage capacity and performance, yet have no visibility into the underlying infrastructure. and As virtualization becomes pervasive, ultimately progressing to cloud operational model – the “layer of obscurity” needs to become transparent, and ultimately invisible. The roadmap for integrating storage into the virtualized infrastructure journey will focus on greater flexibility to meet rapidly changing demands. Storage itself will essentially become invisible whereby the days of carving out and manually managing LUNs and filesystems to support virtualization will come to an end.
Additional detail on the storage integration roadmap is available in the following research note on the Storage Road Map to meet the Virtualization Infrastructure Milestones
Backup Integration Road Map
As with primary storage, placing backup processes from the physical world into a virtualized environment challenges performance. The reasons are fairly intuitive. Pre-virtualization, servers are very much underutilized (e.g. 10% or so). As such backup jobs, which are very resource-intensive, have plenty of excess capacity to draw upon. In a virtualized world this overhead is diminished as utilization rates escalate dramatically (e.g 50-60%). With less free resources (CPU power, bandwidth, IO cards, etc) backup windows in a virtual environment become constrained.
Furthermore, customers look to leverage the encapsulation to minimize backup agents – ideally they would like to only have backup agents in virtual machines that require specific application-level integration
There are three broad choices users have to backup virtual environments:
- Traditional “bare-metal” backup of the entire ESX. This is not effective because to recover a single VM you need to recover an entire ESX; which is time-consuming and inefficient.
- Use VMware Consolidated Backup (VCB), which enables third party backup software to protect each VM. The problem with this approach is third party backup software is difficult to optimize for virtual machines because it lacks access to bare metal knowledge that allows vendors to optimize in a physical world. As a result, few organizations are using VCB.
- Deploy a backup agent inside each virtual machine guest OS. Backup using agents in each of the VM systems is a viable approach, but can be complex to setup, especially if vApps get migrated from one machine to another. In addition, agents are notorious for failing and often need to be restarted.
In the near term, VMware has delivered vSphere 4, the vStorage API for Data Protection (VADP). VADP supports changed block tracking (CBT) which allows the backup software to see what blocks have changed since the last backup. This enables backup software to directly read and write the contents of a virtual disk without being a complete guest (i.e. direct bare metal restore at native speed). Both traditional backup software such as Symantec NetBackup and source-side deduplication software such as Avamar should be able to exploit CBT to improve backup and recovery performance.
Additional detail including a visual timeline of function is available in the following research note detailing the Backup Road Map to meet Virtualization Infrastructure Milestones.
Network Integration Road Map
Virtualization has a severe impact on the data network infrastructure. The data network infrastructure has two components, a storage network infrastructure and an end-user or web infrastructure component. The focus of the storage network is performance and reliability with relatively few connection points. Fibre Channel is the main end-to-end protocol used within storage networks. Ethernet is almost exclusively used for the end-user networks, because of its suitability for managing large numbers of connection points and dynamic reconfiguration of the network. In large IT data centers there are currently two separate networks with different switches, cabling and management. In smaller IT data centers, iSCSI over Ethernet is used instead of Fibre Channel, often over a separate Ethernet network.
Servers in virtualization environments have had to be configured with many adapter cards for storage and Ethernet. These cards need to be connected to the network infrastructure (switches), and cabling has become the bottleneck in server racks and blades. The solution to this is to virtualize the adapters and provision fewer, higher speed adapters that can run multiple storage and network protocols. Converged Network Adapters (CNAs) are an important trend in networking and support virtualization. They allow servers to be configured in a general way to support workloads with either high storage traffic over the FCoE portion or user and Web traffic over Ethernet. In the long run this can lead to consolidation of networks and significant savings.
Another key simplification initiative is to connect the network logically to a vApp construct and make a virtual machine, not a port, the end-point of the network. In the same way that storage LUNs become invisible in a virtualized environment, so will ports.
Additional detail including a visual timeline of function is available in the following research note detailing the Network Road Map to meet Virtualization Infrastructure Milestones.
Security Integration Road Map
The security practitioners that Wikibon interviewed agreed in general that virtualization had a profound effect on security. The traditional approach to many areas of security is to create and police a security perimeter around different parts of the infrastructure stack; generally aligned with physical resources and more specifically endpoints of infrastructure (both network and host). Virtualization increases the number of connection points and makes it very difficult to police the physical boundaries. For example, how can port 80 be physically monitored if traffic between guests never touch the physical host? Virtualization also increases security integration requirements and potentially weak integration architectures and links.
Security could be a constraint in bringing mission-critical applications needing higher levels of security into the virtualized infrastructure. In the long run, different models of security may be needed for the Virtualized Infrastructure Stack, using emerging technologies that have yet to be completely vetted, including
- VM and Hypervisor firewalls
- Unified user and credential management
- Security content protocols (e.g., SCAP)
- Application encapsulation standards (e.g., OVF),
- On-chip cryptographic services
- Data dispersal and data slicing, and others
Security integration increases the economic value of virtual computing. Most value will come from the ability to encapsulate individual applications (including users, databases, and software) in the VM, allowing security, audit, transparecy and governance policies to stay in motion with application and data workloads, and effectively maintaining the confidentiality, integrity, and availability of the application/VM/OS container across processors and locations.
Security could also be transformed by virtualization – it represents a new, consistent control and management point which spans the entire infrastructure. If security policy, control, compliance and visibility was embedded, it would dramatically simplify the entire security challenge.
Additional detail is available in a research note detailing the The Security Road Map to meet Virtualization Infrastructure Milestones.
Infrastructure Management Integration Road Map
Another integration challenge in establishing a virtual infrastructure is the infrastructure management component. Low level data collection and analysis of individual components of the infrastructure, such as storage, network, backup and security, is required. These element managers are stovepipes, and sharing data between them is often difficult. There is a need for a common database and common management framework that understands the language of virtualization.
The element managers feed system resource managers that manage the allocation of resources to the vApps. And overall resource managers that manage the allocation of resources between data centers are required, both to meet service level agreements (SLAs), and to enable both planned and unplanned recovery. The key questions that need to be answered are:
- What resources are being consumed and how much is being consumed?
- For each vApp, how much is being comsumed, and how is it trending?
- Are the SLAs being met, and if not, why not (links to problem determination).
The core requirement for enabling this management capability is the encapsulation of the SLA data at the vApp layer. This allows the metadata to be available to a unified virtual infrastructure suite.
Additional detail is available in a research note detailing the Infrastructure Management Road Map to meet Virtualization Infrastructure Milestones.
Financial Modeling: The Value of Integration
For this research, Wikibon updated and enhanced the Standard Wikibon business model, which is based on an organization with $1 billion in revenues/budget, 4,000 employees, and an IT budget of approximately 4% of revenue/budget ($40M). This standard model represents a 'typical' mid-sized company. We built a financial model to assess the impact of increased levels of integration in the virtualized infrastructure following the roadmaps described above. An overall IT budget was modeled, using the budget line items shown in table 1.
We explicitly focused on hard dollar cost savings for this model. The impact of integration on "soft dollars" - e.g. end-user productivity, IT agility and risk reduction - is discussed in the findings, but these soft dollars were not included in the modeled savings.
The key findings of this research include:
- The journey to an IT services-based infrastructure based on a virtualized integrated stack will develop over the next decade. The key integration points that require continued innovation and development include storage, backup and network infrastructure, infrastructure management and security.
- A $1B organization that spends 4% of its revenue on IT ($40M) will reduce IT costs by 10% over five years, and 14% over 10 years. The five year savings are calculated to be $20.4M, with a Net Present Value (NPV) of $17.2M.
- More than 75% of IT budget savings will come from five areas: Operations (25%), Servers (16%), Facilities (14%), Backup (11%) and Software Development (10%).
- The integration areas of storage, network and backup infrastructure are generally understood and we believe can be achieved with known technologies.
- The areas of integration that are the most challenging are infrastructure management and security. Practitioners believe security in particular will require new architectures to provide a “trusted platform.”
Figure 1 shows the IT budget items broken out for a non-integrated stack, and for an integrated stack which implements the roadmaps that were detailed earlier.
*Major benefits from operational savings derived from integration.
*Significant savings come from the server, storage and networkinfrastructure, and from lower facilities cost (power, cooling, etc).
*Minor impact of client infrastructure costs (virtualization using VDI and other techniques are outside the scope of this report).
*Application software costs are unlikely to come down. Although it is tempting to try to reduce application software costs with tactical use of virtualization, software vendors have the upper hand in this arms race and will respond with changed charge models that will preserve the value of the solution.
*However, the use of SaaS resources to outsource some components of the cloud and retain the ability to integrate the application with the other applications could be an effective way of reducing application software costs.
*Excludes soft dollars - e.g. improved availability, better agility, improved business productivity and reduced fraud.
Additional information and the assumptions behind the models are available at the research note entitled Wikibon Virtual Infrastructure Adoption Projections.
Conclusions & Recommendations
A highly virtualized infrastructure that leverages an integrated stack across storage, backup, networking, management and security will cut IT costs dramatically over the next five years. Organizations should expect such a strategy to reduce overall IT budgets by more than 10%. The majority of savings (75%+) will come from operations (25%), servers (16%), facilities (14%) and software development (10%).
The journey to a virtualized infrastructure is a multi-year initiative. Many organizations already have aggressive strategies to virtualize applications such as development and test and are moving to virtualizing additional workloads such as database, CRM, and data marts. SaaS offerings are early adopters of virtualization, as the management and security tools and processes can be provided at the application level. The roadmap will allow applications with very high performance and security requirements, and eventually applications that support life and death process control system, to move onto the virtualized stack. There will always be some systems that for specific reasons will be unsuitable to be transferred to a virtualized infrastructure, but over the next decade they will become increasingly rare.
The likely benefits to both the IT budget and to the business of a more flexible, service-led strategy providing solutions more quickly at lower cost with better business resilience and lower business risk, are real. One of the most difficult things to maintain during in this transition is a clear strategic direction. Selecting appropriate business partners and technologies for the journey in each of the five areas will be crucial to realizing those benefits and avoiding costly redesigns.
10 Questions to ask your vendor
In order to minimize the time to create the virtualized infrastructure stack and drive the maximum business efficiency, users should be ensure that the products and services consumed by IT are compatible and complementary to the journey. Here are ten questions that strategic IT leaders should be asking of IT vendors:
- What is your roadmap with respect to integrating with VMware API’s?
- What is your vision for delivering infrastructure as a service?
- Can your software tell me what resource the virtual environment is consuming, how much is it consuming, from where and how is that trending over time?
- Can you help me manage SLAs and specifically tell me if I am meeting SLAs, and if not why not?
- When will you be able to exploit the vStorage APIs for Data Protection (VADP) and specifically changed block tracking (CBT)?
- What are your committed deliverables on the vStorage API for Array Integration (VAAI), and can one see across the “layer of obscurity” between the storage team and the virtualization team through integration with VMware??
- When will you support thin provisioning and automated tiered storage transparently, and will this integrate with VMware?
- What is your multi-pathing strategy and roadmap?
- Can you demonstrate how to put together a cohesive security platform to achieve compliance, transparency in operations, recoverability, and data assurance?
- When will you be able to demonstrate that you can support a virtual app as the endpoint of the network versus a port?
Crisp answers to these questions is a clear indication that the supplier is investing in VMware integration and can potentially deliver the type of value we've projected in this research. Unclear answers should be a red flag.