Vyatta: A Brocade Company

Today Brocade announced plans to acquire Vyatta… and we couldn’t be more proud!

It’s been a fascinating journey to get to this next level.  They say you can always tell the pioneers by the number of arrows in their back, but for the record will clearly show these three forces that drove us:

1 million downloads.  It all started with our pioneering belief that software networking could go viral.  It did, and the Vyatta community grew in the way self-organizing communities do.  Today Vyatta has the largest software networking footprint on the planet.

Virtualization.  This was the fuel that powered our strongest commercial adoption.  It changes what network infrastructure needs to do, and software is the clear answer to a rapidly-growing problem.  Now Vyatta is in live production datacenters, and in test and dev around the world.

SDN.  A cool concept – software networking – got even cooler by becoming software defined networking.  Central controllers and distributed forwarding planes, northbound APIs… in all, a huge new wave of innovation crashes up on the shore.

All of this excitement has been in pursuit of the next frontier of IP networking.  No longer is networking something that happens only outside the server; now it extends into the server itself, creating a new world of virtual topologies that complement the physical ones surrounding them.  And the world is rapidly waking up to this exciting new frontier.

So why choose Brocade as the place for our next act?  Because our products and strategies are incredibly synergistic, we have a shared vision for networking’s role in the agile datacenter and a common commitment to openness, they’re healthy,  and they have a global reach that we can leverage.

As Brocade’s Software Networking business unit, we get the best of both worlds:  The solidity of a multi-billion-dollar network infrastructure player with the agility of an innovative software group.

More importantly, our customers and partners get an even more aggressive partner for their SDN strategies – one that truly understands both the technology and the business of IP networking, and one that isn’t the least bit afraid of wielding an aggressive software strategy.

This is an exciting new phase and we will hit the ground running.  We cherish our heritage and look forward to continuing to make our mark on the industry as Vyatta, a Brocade company.

Virtualization, SDN and Vyatta

“That’s how change happens:  Slowly first, then all at once.”
   – Ernest Hemingway, The Sun Also Rises
__________________________________

Virtualization is driving a very interesting dichotomy in adoption of software-based networking.

On the one hand there’s the adoption of discrete networking components within virtualized servers.  It started with virtual switches, and moved up to virtual routers/firewalls/VPNs.  That adoption pattern has taken off like a scalded cat; vSwitches are everywhere these days, and Vyatta has gone from selling our first virtual router 18 months ago to now closing in on 10,000 virtual routers under contract with large customers around the world.

Then there’s Software-Defined Networking (SDN).  This movement is much earlier in the adoption cycle, but because of the broad architectural implications it’s producing an overwhelming noise level in the industry.  One thing is clear, however:  The adoption of SDN technologies is following a pattern similar to the former trend in that it’s starting at Layer 2, the lowest level of IP networking.

What’s interesting is how these two movements are so highly complementary to each other.  SDN controllers typically control virtual switches, and virtual routers are a natural extension to enable connectivity between the new virtualized L2 segments.

We often get asked if Vyatta competes with other SDN players.  The fact is Vyatta is a key and growing element of SDN environments because Vyatta VMs pick up where SDN network segments naturally leave off. 

This is why this week we launched our “Empowering SDN” initiative.  By leveraging Vyatta’s highly stable networking platform customers can build out their network connectivity using trusted, mature protocols for routing and security with the flexibility and agility of software.  This can be confidently deployed today while the SDN underpinnings are being architected at Layer 2, which takes time.

It’s a bit like building a new home.  Roofs are quickly put up so the builders can continue the work inside, protected from changing weather.

This is undoubtedly the most exciting time the networking industry has seen in ages.  Vyatta was founded on the premise that networking software and hardware would decouple as it did in computing.  And when systems decouple, brand new architectures are envisioned and enabled.  With Virtualization and SDN now firmly in play, Vyatta is right in the middle of it.

VMware Buys Nicira… and…

“The times, they are a-changin’…”
– Bob Dylan
____________________________

Today, VMware announced the price they’re willing to pay to get into the rapidly-growing Software Defined Networking space: $1.2 billion to acquire Nicira.

This underscores just how phenomenal the surge is that’s powering interest in SDN. The simple facts are irrefutable: Virtualization and Cloud have fundamentally altered compute and storage architectures, and networking now must adapt.

And it’s early. Recent research from Information Week highlighted many important points about the adoption of cloud. As it relates to networking, here are some key takeaways:

• 20% of customers surveyed have a cloud, and 30% more are planning theirs now
• Of that 30%, only 1/5th have designed their network architecture
• 80% are building clouds from individual components vs vendor bundles

I often get asked how I think the hardware networking vendors will weather this storm. While I have my thoughts, the fact is that question is laden with rear-view-mirror history… and I think the more interesting question is what looms out the front windshield. What I see:

1. Virtualization is driving massive change. Over 50% of the x86 installed base is now virtualized and this is causing major ripple effects.

2. System architectures are opening up.  Monolithic designs are giving way to modular ones.

3. Openness matters.  Modular architectures are defined by multiple interoperable elements.

4. Software is eating the world.  COTS hardware continues to demonstrate its ability to absorb different workloads.

Perhaps it’s ironic that on the day of this major acquisition that targets the future, Cisco announced another 2% cut to its workforce to “continue its restructuring plan.” You can’t shrink to greatness.

Which brings up a separate topic, which I’ll have to address later: How does the Nicira acquisition gum up the VMware / Cisco relationship?

In the meantime Vyatta will continue to grow our customer base of Enterprise and Cloud customers who have seen the brilliance of light shining from a network powered by software.

Mythical, Magical SDN

“The best way to sound relevant is to put ‘dot-com’ after everything you say dot com.”
    – Conventional wisdom circa 1995
__________________________________

Last week at Interop you couldn’t swing a stick without hitting a vendor booth emblazoned with “SDN” or “Software Defined Networking.” Clearly the hype cycle is still in ascension phase and buzzword compliance is in full swing.

It’s not letting up, either. Some vendors are leapfrogging their own SDN messaging by now declaring the era of the Software-Defined Datacenter. What happened to Network? Forgive my pragmatism, but I’d like to focus on some details of the networking part, which is yet to come to fruition.

It’s obvious that we at Vyatta are big believers in software networking, as are our 1,000+ customers around the globe. And we can attest to the R&D challenges of creating a feature-rich, scalable and reliable system; it’s hard and takes time. Now add in the separation of control plane and forwarding plane (or “pitcher and catcher” as I think of it) to achieve the distributed functionality required to enable SDN concepts, and it’s no wonder there’s hype and confusion.

To that end, I offer my top 5 candidates of SDN Myths that I’ve encountered in the wild over the past few months:

1. SDN = Switching
The stated objective is “networking,” which runs up and down the OSI stack. Switching solves one type of networking issue; routing another; security and load balancing yet more. Envisioning an SDN architecture that stops at Layer 2 is like putting low-profile sport tires on a bulldozer.

2. It’s All About the Controller
A controller without a forwarding plane is like a pitcher without a catcher. Somewhere, something has to receive the distributed instructions. Critically important point: The forwarding plane needs to be architecturally linked to the remote controller. They need to sprechen.

3. Top of Rack Forwarding Is Good Enough
The root driver of SDN is compute virtualization. Over 50% of the x86 installed base is virtualized, which is atomizing the compute layer. The new Sandy Bridge Intel servers have 24 cores; you can easily assume 10-20 virtual machines per server (Gartner told me they’ve seen densities up to 70 VMs). This means the forwarding challenge goes past TOR… it needs to penetrate all the way into the server.

4. Virtual Switches Are The New Forwarding Plane
vSwitches work at Layer 2. They don’t segment or secure traffic; that happens at Layer 3 and above (See Item #1 above).

5. SDN = OpenFlow (and Vice Versa)
SDN is an architectural concept and construct. OpenFlow is a potentially enabling collection of protocols. Vyatta is pulling for OpenFlow to succeed, but we think it will take time.

I’ll give it a few months and maybe more myths will crop up. Past the myth, however, there is magic and immense benefit to come from SDN. It will evolve in waves over time. And it’s getting very interesting right now…

 

vPlane: Scaling The Virtualized Network World

“The world is moving so fast these days that the man who says it can’t be done is generally interrupted by someone doing it.”
     – Elbert Hubbard
______________________________________________

Silicon Valley is so hip it can barely see over its own pelvis.

Take a look at two events just this week: the Open Network Summit and the OpenStack Conference. Both are very interesting, but the attendees are typically not mainstream enterprises. The discussions are all around great and promising things like cloud, OpenFlow and SDN – things that are still very early or even nonexistent in the enterprise adoption cycle.

With that in mind, let’s talk about what Vyatta announced today: vPlane technology. This is, to put it mildly, A Big And Real Deal. We believe vPlane will be a significant agent of change for virtualized networking because it solves real problems and coexists seamlessly with existing infrastructure.

You can get more specifics on vPlane here and here, but here’s the upshot: Vyatta has architecturally decoupled our system into its sum parts: controller and forwarding plane. As a distributed forwarding technology, vPlane now scales to staggering speeds — over 8 million packets per second per core, and counting — and enables some very exciting (yet rational) use cases.

Follow the logic of an existing datacenter going through server upgrade cycles. Pop the hood on those 3-year-olds that are being decommissioned: two cores, non-virtualized, a single application and 1Gb/s interfaces. Each produces a relatively small amount of simple, homogeneous traffic. Now take a look at the new ones going in: 24 cores, virtualized with anywhere from 5-50 VMs and 10Gb/s interfaces. As the networker, here’s what you’re now dealing with on a per-server basis:
1. Heterogeneous in/out traffic patterns from a single server due to the different VMs it contains
2. New side-to-side traffic patterns within the server itself as VMs communicate with each other
3. Blended I/O speed requirements of multiple 10Gb/s NICs.

Vyatta has been solving problems 1 and 2 with our virtual machine since 2010, with production customers all over the world. But add in problem 3… and enter Vyatta vPlane.

The increased VM density and resulting multi-tenancy are driving a need for dramatically more scalable software-based networking. With vPlane, Vyatta deployments will easily scale to multiple 10Gb/s line rate speeds for traffic at Layer 3 and above.

Large organizations need to adapt networks to the increasing pace of virtualization deployments. They simply cannot walk away from the network and security controls they’ve relied on for years and accept a simple flat network — it’s a blatant violation of a wide range of compliance issues and an unmanageable scenario for the CIO and team.

The traffic explosion is on the immediate horizon. Intel’s Sandy Bridge servers are now shipping: 24 very fast cores and 10Gb/s NICs. The virtualization team will not let this go unutilized.

It’s time for Vyatta vPlane.

Software-Networking-Palooza

“Software’s eating the world.”
   – Steve Mullaney, Nicira CEO
__________________________

It’s clear by now there’s a revolution occurring in datacenter networking and software-based solutions are at the forefront of this charge.

Networking is a vast technology area and virtualization creates multiple problems that need to be solved. However, regardless of what part of the problem it’s solving software-based networking has many fundamentals in common. This is true for implementation models…

• Extend: Pick up where the physical network leaves off
• Enable: Deliver additional network services inside the servers themselves

… as well as business benefits:

• Flexibility: Operational speed, granular control
• Economics: Higher server utilization, near-zero hardware cost

While this newly awakened market is becoming huge and there are common themes behind different software-based networking solutions, there are also differences / segments among customers.

Some (like the web monsters) are in “land grab” mode. If server racks were skyscrapers, they are in a race to build entire cities. Their first networking need? Enable basic connectivity for each “building” (i.e., server rack) on the fly. If those new “buildings” aren’t on a network, they’re not ready to be occupied … and time is money.

By contrast, most enterprises are not in land-grab mode with their datacenters. They are focused on safe evolution — successfully migrating to virtualized architectures so IT can be more cost-effective and responsive. Their primary network need is to get to that modern architecture without losing the critical, rich network functions they rely on in the process.

Though the needs of two customers may differ from a “top priority” standpoint, what’s exciting is how well the hot new software-based solutions complement each other. Take Nicira and Vyatta as examples: Nicira enables rapid scale-out of Layer2; Vyatta picks up where that leaves off and enables network services at Layer3 and above.

Both are highly advantageous and easily co-resident since both leverage the server virtualization layer.

Networking is a broad discipline and virtualization is pulling new solutions in at an amazing pace. Problems are being solved quickly and servers are getting stuffed full of VMs faster than ever.  (Which, of course, means additional bottlenecks will eventually loom. More on that later.)

The software-networking-palooza is just getting its legs now…

2012 Predictions

“To prophesy is hard, especially with respect to the future.”
   – Mark Twain
_________________________________

Network Virtualization, Phase I: VM Adoption
The “virtualization tipping point” occurred at the end of 2011. Gartner recently reported that now 50% of the installed base of x86 server workload is virtualized. They also report that only 5% of network security is virtualized. Uh-oh.

This has created a measurable and immediate driver behind my first prediction: 2012 will witness the explosive adoption of network/security virtual machines. This is Phase I of network virtualization, because a) the need is immediate and b) solutions are available. It’s so inevitable I feel a little guilty about calling it a prediction, but since Vyatta pioneered this dynamic I hope you’ll give me a pass on the easy one.

Network Virtualization, Phase 2:  SDN
2011 had more noise on the wire about SDN-ish topics than ever before. OpenFlow! Controllers! Flat networks or not?! Well, get ready … it’s going to keep building steam.

As the discussion continues, however, it will begin turning to a critical but heretofore almost-undiscussed topic. Until now it’s been, “A new kind of controller…” [from emerging vendors] “… communicates over a new kind of protocol … [OpenFlow or others] “…to some forwarding plane that will support that protocol.” [Empty space.  Who?] It’s that last part that now must begin to take center stage of the discussion.

The SDN concept is stillborn until the forwarding plane component is resolved. If you think the big incumbent switch vendors are going to concede power and let someone else control their kit, I have a bridge I’ll sell you. This is behind my second prediction for 2012: Discussion of open forwarding planes will begin to take center stage in the SDN movement. Otherwise the whole concept has legs but no wings.

Network Virtualization Made Real:  The New IT Pro
As networking becomes software-based, the skillset needed to design, deploy and manage networks needs to change. The networking team needs to learn about software (hypervisors and operating systems), and the compute team needs to learn about networking. APIs, SDKs and the like are going to cross IT organizational boundaries.

I predict that 2012 will demonstrate the skillset evolution of networking pros becoming software pros as well. Training and coursework in this area will explode. Articles will begin publishing on specific topics. Heroes will be identified by their best-in-class virtualized network designs, with their faces and stories splashed all over the media and onstage.

So that’s it: It’s all about network virtualization for 2012, and it’s going to be a wild ride…

Vyatta In High Gear

“You hang out with smart people, you get smart friends.”
   – Rocky Balboa
_____________________________

Anyone who reads this blog knows why they’re reading it.  They don’t need their advanced perspectives to be validated.  That said…

The news broke this week that Vyatta received a significant financing round from an investment firm comprised of operating executives who know a thing or two about networking, infrastructure and technology disruptions.

This is fantastic news at a fantastic time.  Things are moving so fast for Vyatta & Friends that it’s starting to blur together.  In the span of 2011 alone Vyatta has substantially spread its wings, including:
+ First major clouds announcing adoption of Vyatta (Dell, Carpathia, DinCloud)
+ Continued Enterprise adoption (Boeing, EMC, Honeywell, CBS, Toyota)
+ Our one millionth download of the Vyatta Network OS
+ International distribution partners Zycko (Europe) and CTC-Itochu (Japan)
+ Playing a key part of the live network at InterOp
+ Crossing over the 1,000 customer mark
+ Winning even more industry awards
+ Advancements in multi-platform environment suport (Red Hat KVM, Amazon)
+ World-class executive additions
… and that’s just some of the high points.

2012 will be the year virtual networking explodes in adoption.  The data points are all over the map.  It started by looking like a jungle out there… then a dirt road emerged.  Now there is nothing but highway in front of us, and Vyatta is shifting into high gear.

We continue to be awed by the power of the Vyatta Community that is at the root of our inexorable drive.  Right now there are over 300,000 registered members worldwide. Vyatta Users groups continue to spring up around the world (Poland, Latin America, Japan) and the Vyatta Japan Users Group published their first book on Vyatta this year.  The Vyatta Network OS has been downloaded by over 50% of the Fortune 500 and running in datacenters around the globe.  It’s amazing to watch.

There’s more to do, but we’re all in the right place at the right time.  Viva Vyatta!

Response Bias or Who owns the virtual network

“Only when the tide goes out do you discover who’s been swimming naked.”
Warren Buffett, famous investor
____________________________________

I was recently asked by a respected Silicon Valley figure, “Why is it that Vyatta’s customers know exactly what virtualized networking problem they’re solving, but when I speak to other IT people I know in  the virtualization arena they say they don’t have that problem?  Or they tell me the networking problem is solved by the vSwitch that every hypervisor now has?  I don’t understand this dichotomy.”

I was set back for a moment.  It was a strange question to hear because at Vyatta we are so deeply in tune with “the problem” that we assume everyone naturally understands it.  It took a moment, then the answer hit me like a brick:  It was what market researchers call response bias:  He was asking the wrong people.

“Forget about virtualization for a moment,” I said.  “Go back to the previous model where a member of IT staff is tasked to bring up a new application server.  Within the IT team, that person is a compute professional, right?  Not a network architect or manager.”

“Of course,” he said.

“Now,” I said, “walk through the steps that server pro has to take.  He gets the hardware, loads an OS and the desired application, and tunes it to the required levels.  Right?”

From his expression it’s clear I’m boring him.  I go on.

“Once the application server is set up, he takes an ethernet cable and plugs it into a port on the server.  What does he do with the other end?”

“Obviously,” he said, “he plugs it into a port on a nearby switch.”

“Who provided the switch?” I asked.

“The networking side of IT of course,” he said hesitantly.

I pressed:  “What’s going on on the other side of that switch?”

He waited a moment, then said, “I’m not sure.”

“Does our server pro in question know what’s going on beyond the switch?” I asked.  “Does he know that the network was architected into subnets for a reason?  Does he know how it’s routed?  Or where the firewalls are, and why they’re configured the way they are?  Or where the VPNs are terminated?”

“Probably not.”  It came out of his mouth almost like an admission.

“So by definition of his role and knowledge base, it’s not his responsibility to know what’s happening from that port on the switch out into the rest of the network, right?”  Now I can see the light bulb over his head.  “The networking team has already established all of that for him before the server is allowed onto the network.”

“That’s right…”  His voice trailed off.

“Well, that’s what it was like before virtualization.  So now,” I pushed, “what’s it like in the virtualized world?  That same person is asked to bring up multiple virtual machines on a server.  He knows that the cable goes from the physical switch port into the server port like before.  But virtualization requires one last connection:  He also has to  logically assign the VMs to the vSwitch in the hypervisor to complete the connection.  It’s the exact same thing he did before.  He think’s he’s done.”

“So,” he began slowly, “you’re saying that if I’m talking to an IT pro about virtualization, it’s highly likely that they’re from the compute side of IT.  So there’s little reason to believe they know any more about the fundamental networking requirements beyond the server-to-switch connection than they did before virtualization.”

“Bingo,” I said.  “You’re getting respondent bias.”

“But wait,” he said, “all of that other network infrastructure is already in place!  The routers, subnets, firewalls and VPNs… they were there before virtualization and they’re still there under your example!”

“Yes they are,” I said.  “But external networking gear can’t effectively or efficiently manage the traffic at the VM level because the hypervisor blinds them.  All of those other networking functions need to be performed inside the server.  That’s what Vyatta’s customers know.  They’ve learned to meld compute and networking disciplines into a single architectural vision.”

While he thought about that, I mentioned Integral Networks, one of Vyatta’s customers recently in the press.  “Their CEO said their goal was to get to a 100% virtualized environment but they couldn’t with their existing networking gear.  He said, ‘We were happy with the security we were getting from our firewall and VPN infrastructure, but we couldn’t deploy those vendors as a virtual machine.’  Now, using Vyatta, Integral is delivering granular control and complete isolation of VM resources, as well as secure remote access for managing cloud-hosted data externally.”

“I’m getting it now,” my colleague said.

I concluded, “At a high level, it’s simple:  It’s all about applications.  They’re virtualizing, so therefore your network needs to have the same agility as the virtualized applications.  That’s a networking VM.”

QED

Best Datacenter and Cloud Software

InfoWorld Magazine’s test center honored Vyatta with our fourth BOSSIE award this year for our unique ability to solve the networking and security needs of the Cloud & Virtual Datacenter.

It’s an honor to be recognized as a leader in this space and to be among great company (Xen, Eucalyptus, Gluster). There is something extra special about winning awards when nominations are sent in by readers and users. Thank you to the huge (500,000+) Vyatta community for recognizing our accomplishments, advancing our product, and spreading the word about Vyatta’s ability to connect and secure virtual datacenters and clouds.

As the industry’s only software networking solution we’ve come a long way in the past five years and we’re thrilled that IDG has continuously recognized our ability to evolve our solutions to meet the changing needs of the enterprise network.

Summary of Vyatta BOSSIE awards:

2008:  Vyatta – Best Networking Software
”Logging in to a Vyatta router can closely resemble the console of a Cisco or Juniper router…”
2009:  Vyatta – Best Networking Software
”The amazingly useful Vyatta Core distribution…”
2010:  Vyatta – Best Networking Software
…”an open source David to Cisco’s Goliath…”
2011:   Vyatta – Best Cloud and Datacenter Software
”For all of the talk about the wonderful advances of computing, many savvy enterprise managers are scraping their heads and wondering about security. How can they lock down their machines if they don’t know where they are? One solution is Vyatta..”

Vyatta will keep the hits coming… watch this space!