A distributed architecture is key to operating in multi-cloud: Kit Colbert, VMware

With a whole host of companies now operating in a multi-cloud environment, the key to facing these challenges lie in architecture and platformization. 

With the enterprise hurtling towards digital transformation at breakneck speeds, the adoption of cloud, both public and private, has accelerated. And working across different clouds across various platforms brings a whole lot of challenges in its wake.

Kit Colbert, VP and CTO–Cloud Platform, VMware, in a tête-à-tête with CIO discusses these challenges and throws light on what VMware brings to the table to help organizations mitigate these challenges.

A lot of companies today are operating in a multi-cloud environment. What are the key challenges working in this environment?

We see a lot of companies embracing multi-cloud, and that’s either happening as an explicit decision or as an organic outgrowth of the fact that a lot of their teams select different cloud technologies. 

In both cases, the sort of challenges that people have are around manageability of those offerings. Each cloud has different capabilities, and some of those capabilities are preferred by developers in terms of how they build their applications.

But fundamentally, you have challenges around what’s thrown in where and how much are you spending, and how you manage networking and security around all of that. So, we see a lot of operational challenges.

Kit, could you give us an insight into the cloud adoption scenario in India. What are the challenges most companies face?

We see a lot of similar challenges in the digital transformation space. Everyone worldwide has got the message that they need to transform as a business in order to be digitally engaged. 

We’re focusing on the cross-cloud architecture that could run on VMware infrastructure as well as non-VMware infrastructure. So it could support native AWS, Azure, or Google Cloud Platform.



Kit Colbert, VP and CTO–Cloud Platform, VMware

We see a lot of cross-pollination with these new technologies. It's a challenge for them to actually run these things in production. It's like how do they get all the production requirements around these newer technologies which don't really have a lot of those capabilities built in.Competition in the US is pretty fierce, and competition in India will turn out to be fierce as well, turning into something of an arms race.

One of the big differences in India is that for so many companies, the level of scale is so much bigger. And in many ways, it's more diverse as well. This makes building solutions a lot more challenging. 

How do you think containerization can solve these challenges?

When you talk about cloud native applications, that's more like an umbrella term for both technologies and practices people are using for modern applications.

The other aspect is more around the process - it's how you actually build and release software. This goes more towards DevOps or continuous integration and deployment.

Fundamentally what we're moving from is a waterfall-driven model that uses monolithic applications to update production once a year, to a situation where you do agile software development. 

You're making releases much more frequently based on distributed architecture. So instead of updating one giant thing once a year, you're updating these little pieces every few weeks or even in a few hours. This gives them the ability to respond much more quickly to changes in the marketplace.

The thing is if you're releasing yearly, it takes you a long time to get feedback and improvise. This is where containers are proving to be a fundamental business differentiator. 

With the influx of a multi-cloud environment, it’s getting hard to maintain a secure perimeter across all platforms.

I think the traditional notions of perimeter security are completely outdated at this point. The traditional model of network security for datacenters was putting up this huge wall with high security around the datacenter.

But inside the datacenter, things were pretty open ended. It’s a free for all and you couldn’t do anything about it. What’s needed though is to have multiple layers of security.

One of the big things we’re doing at the datacenter level is around networking and security. With our NSX technology and network virtualization, we create virtual networks. Now these are created on the fly as applications are created.

“If you're looking to get greater scale and greater agility in terms of provisioning, then you need to have more of a distributed architecture.”

Kit Colbert

VP and CTO–Cloud Platform, VMware

And those networks customized and secured on a per application basis, so the applications can talk to whoever is approved.

So this means that in addition to the really hard shell around the datacenter, we have a highly secure environment inside it. Each application has its own security boundaries, so even if one of them gets compromised for some reason, the other ones will be safe. 

Between our Airwatch portfolio of technologies and our Horizon virtual desktop, there’s a lot of different options there. One option with the virtual desktop is instead of actually running stuff locally, all you see is a virtual screen of machine running securely in the datacenter.

That’s one way of preventing the local access and corruption from happening. You can secure it, have surveillance and monitoring and ensure that the datacenter is running, without anything being compromised.

There are a lot of use cases where you do want locally running apps for phones as well as desktops. So the good news is that phones, both Android and iOS, have had many years of this sort of technology, where you can remotely manage them through MDM profiles.

And so what we look to do is to actually take one of these devices, and either lock down the whole thing, or you can support that kind of duality where some of the data is personal and some of it corporate.

What does VMware have in store for cross-cloud architecture strategy?

Differences across various public clouds means that companies are having trouble getting a common management paradigm with management capabilities. So instead of having all these different silos of clouds, the focus should be on how to bring those together under one unified entity.

Project Symphony, the cross-cloud architecture that we developed looks at costing, whereas NSX looks at networking and security across clouds and gives you an understanding into network topology.

That’s really good at understanding security vulnerabilities as you get to know where the misconfigurations are happening. Wavefront, on the other hand, is around performance management, and that again can operate across clouds.

So, if you want to add another cloud to your portfolio, you won’t need to figure out what new tools you need.