Horizon Cloud on Azure – GA

Interesting tie up between VMware and Microsoft…. is this the beginning of a new relationship? Have Microsoft woken up (post-VMworld) to the awesome VMware Cloud on AWS and realised they also want in on the party? (although if i’m honest this partnership has been bubbling in the background for a while now).

Anyways, after a round of beta testing in the US, Horizon Cloud has now gone GA on Azure: https://blogs.vmware.com/euc/2017/10/vmware-horizon-cloud-on-microsoft-azure-now-available.html

When Horizon Cloud was launched earlier this year, the concept of enabling end-user organisations the ability to deploy feature-rich VDIs and applications across multiple deployment options was very promising. From a single management console, end users are able to deploy virtual desktops onto on-premise infrastructure, to the Cloud, or a hybrid combination of both. TBH, some of this concept was already available in Horizon Air (which came out of the Desktone acquisition), but this is an evolution of that product.

Horizon Cloud is a cross-cloud architecture for VDI – much like how Cloud Foundation is for SDDC – however, in the case of Horizon Cloud, the Portal which acts as the control/management plane resides solely in the cloud (you get a choice with Cloud Foundation’s SDDC Manager), administrators log into this portal to deploy and manage their VDI sessions – whether on prem or cloud.

3 offerings currently:

  1. Horizon Cloud Hosted – so VDI infrastructure provided by VMware (IBM Cloud is currently the only provider), where you just choose the type of desktop and apps to deploy via the portal – DaaS. Infrastructure management/maintenance/SLAs are fully undertaken by VMware.
  2. Horizon Cloud On-Premise – based on HCI technology and acts like a stepping stone to Cloud VDI. VDI stored locally on prem, but management is all from the Cloud, perfect for data-residency issues, for end-users who require high performance VDI, and for IT admins who wish to have greater control over their VDI infrastructure.
  3. Horizon Cloud on Microsoft Azure – delivering RDS VDI and apps hosted in Azure datacentres. Connecting a customers Azure IaaS subscription to Horizon Cloud. So VMware manages the VDI aspects and Microsoft the underlying infrastructure. Also worth noting that currently only Azure deployments support vGPU-accelerated infrastructure.

Whatever the deployment option, customers will get a VDI infrastructure that’s easily scalable (whether cloud or on-prem) and easy to deploy. The best part is you get the flexibility of subscription based pricing.

With Horizon Cloud on Azure, you can import gold images from Azure marketplace which will then be configured and deployed for Horizon.

One key element of the Horizon Cloud technology is justin-time (JIT) provisioning of virtual desktops and applications. Using the configurations made in the cloud-control
plane, Horizon Cloud leverages VMware App Volumes, User Environment Manager, and VMware Instant Clone technologies to assemble personalised virtual desktop and application environments when an end user logs in, giving IT administrators high flexibility in leveraging the infrastructure.

I like the idea that if I have a persistent VDI deployed in Horizon Cloud, then I can access that VDI or hosted apps whether I’m in the office or on the move (as long as there is data connectivity). I can start writing a document in the office, then leave it open mid-sentence as I leave the office, or jump on a train – I can even power off my endpoint device – then I can re-establish the session and carry on without any interruption… an Always On desktop!

I also like the idea that with Azure, I could deploy a VDI session to the datacentre in the UK, then as I jump on a flight to the US I can re-deploy that VDI session to an Azure datacentre in the US. Although, I’m not quite sure you can migrate live VDI sessions between datacentres yet – I haven’t seen any articles that say you can live-migrate VDIs (but one would think this would be the ideal end-goal).

 

Hopefully this new VMware-Microsoft partnership will lead onto Microsoft accepting to run Cloud Foundation on Azure (VMware Cloud on Azure) which will then give end users the freedom to move their workloads from on prem to either AWS or Azure!! Almost Cross-Cloud (just need GCP to step up).

Advertisements

VMworld 2016 US – Day 2 General Session Overview

One of the issues with working and having a young family is you end up doing a full days work and going home to a baby who wants loads of attention who then doesn’t let you sleep because she’s teething….. Yup, the joys of being a parent…. but I wouldn’t give it up for anything!!

So this blog comes a few days late because I didn’t have much time to finish watching the replay of Tuesday General Session and write a blog due to already mentioned circumstances. =)

Tuesdays’ General Session replay is now available here:

So Monday was all about the transformation of the data centre, making it cloud friendly and able to support workloads wherever they’re deployed (so Any Cloud).

Tuesdays’ session was more around the End Users experience, Any Application on Any Device and I have to admit that I thought Sanjay Poonen’s demo of Workspace ONE was pretty awesome – I’ve not seen a full demo of the products capabilities but I was struck by how much you could do with the suite of products and how integrated it all was – Infrastructure, VDI, Mobile Device Management, Identity Management, Security…… Control yet Choice!!

We’ve all seen the demos of AirWatch integration, how single sign on has been implemented, we’ve seen the demos of Horizon View on tablets, etc…. what I’ve not seen before was how security could be implemented to prevent unauthorised data being published…. like the conditional-access demo of how financial data taken from a spreadsheet in Office 365 was blocked from being copied into Twitter (which was an unmanaged application). What was even more impressive was the NSX integration to use conditional-access policies (ie changes to firewall rules for a particular group of people) to prevent data being presented in a dashboard depending on whether the user is accessing it inside the corporate firewall or externally.

And I was impressed with the VMware Trustpoint demo of endpoint visibility and management, looked very simple to use to implement endpoint security.

Finally, VMware introduced a brand new technology that represents the next phase of their digital workspace vision – VMware Unified Endpoint Management (UEM) – a new architecture that brings app, desktop and mobile management together with next-gen security and identity interwoven throughout, delivering a simpler but more secure digital workspace!

 

Next up was Ray O’Farrell and Kit Colbert to talk about containers…. and how admins can extend management, monitoring and security to containers. It looks like VMware vSphere Integrated Containers will have 2 new features:

  • Admiral – which is a Container Management Portal to allow developers and app teams to manage their repositories and images.
  • Harbor – which is a Container Registry (based on Docker Distribution) which allows developers and app teams to securely store their images including management and access control.

The demo was interesting as it showed the integration between VIC and NSX and how network security can be applied to containers, as well as the integration between VIC and vROps for monitoring of containers. The demo went one step further and showed how vRA was used to automate the deployment of container hosts as well as showing access to the Container Management Portal.

There wasn’t much on Photon Platform that we didn’t already know – VIC allows IT to extend the existing infrastructure to accommodate container-based applications alongside traditional apps, and Photon Platform allows IT to build a complete computing platform solely for containers and cloud-native apps.

 

Next up was the new GM/EVP of Networking and Security to talk about NSX. If I’m honest, I found Rajiv Ramaswami a bit wooden – far different from the charisma of Matin Casado…. which is a shame as the one product everyone should get excited about this year is NSX! I have to agree with Rajiv when he says that “the single greatest infrastructure transformation he has seen” is with Network Virtualisation. Networking is undergoing a huge transformation with vendors and customers looking at transitioning from hardware-centric to software based solutions.

Not much was said about NSX that we didn’t already know….

  • Security – it does Micro-segmentation to allow you to provide fine-grained security to every VM and helps you architect security as an essential part of the data centre
  • Automation – it allows you to automate workload provisioning and cuts down deployment time because network and security can be quickly provisioned in software and attached to VMs (policy-based management)
  • Application Continuity – it enables your applications and data to reside and be accessible anywhere. In addition it can reduce your RTO when integrated into your Disaster Recovery solution.

One thing that was new was the demo of vRealize Network Insight used to create NSX pre-assessment reports. Those of you following the news will know that this has come about from the acquisition of Arkin a few months back. I’ve had a play with the Arkin tool as the VMware NSX SEs in the UK were recommending it as a Network Assessment tool for partners to use when trying to sell NSX (prior to the acquisition and release of vRNI). I really like how it graphs traffic flow and patterns, tracing network traffic between VMs and giving you deeper insight into what goes on inside your virtual environment (ie the East-West traffic flows). The other clever thing is how it is able to carry out flow analytics to provide recommendations for grouping VMs together when planning for micro-segmentation. The only issue is it needs vSphere Distributed Switches!

I quite liked the NSX Planning tool tech preview – how flows can be captured, then analysed and grouped into traffic patterns and security groups. The application map can then be used to create firewall rules based on what the tool discovered. Very clever stuff!

 

 

Finally Yangbing Li talked about Hyper Converged Infrastructure and VSAN. VSAN has come a long way since its launch a few years ago, and I see it as an enterprise-ready storage offering! HCI is a very hot topic this year, customers are now looking at HCI solutions when it comes to new projects or hardware refreshes. Hardware vendors are aware of this and there are so many different types of HCI solutions in the market today! I’ve been involved in a number of discussions with my customers around HCI and EMC/VCE VxRail in particular!

A couple of new features were introduced during the VSAN demo: software-based Encryption and Analytics. The VSAN demo with vRA showed how the performance analytics engine could pro-actively inform users that a VM should be migrated from a VSAN hybrid cluster to an all-flash cluster, and through changing the storage policy in vRA the VM was automatically migrated (in the demos case, the VM was migrated to a public cloud!). What this also underlined was how NSX was also involved in moving the network and security policies as the VM was migrated to the public cloud (although you didn’t see it in the demo). So not only did the demo show the analytics engine working, it also showed how the VMware Cloud Foundation platform could be used.

 

I don’t know if it’s just me, but it seems that everything mentioned during the two keynote sessions always reverted back to network and security, it felt that NSX was underpinning everything (Cross-Cloud Services, Workspace ONE, containers, etc). VMware are putting a lot of emphasis on Cross-Cloud capabilities and how data management and governance will play a key part of cloud consumption. I guess the VMware vision of Any Device, Any Application, Any Cloud really does require something that can govern where data sits and how it’s being consumed!