I fully understand the need to offer greater security, performance guarantees, and isolation in a virtual infrastructure especially when there is multi-tenancy and I particularly like what VMware, NetApp, and Cisco have put together. However, are we not just "undoing" many of the efficiencies that virtualization brings by creating, once again, wasteful silos? There are now more and more layers of virtualization occuring which consequently increases the management overhead of the solution. We now have virtual virtualization - virtual dedicated resources or VDR if I can steal the term from a colleague. How far do we go until we're back in the same spot we were in before virtualization came along with too many resources and low utilization? Thoughts?
BTW, I posted a much more positive and supportive perspective on this topic on my blog yesterday. 🙂
Thanks for the question! We have heard many requests from our customers to ad FC & FCoE support for MultiStore. We have plans to provide that kind of functionality in future releases of Data ONTAP. Please contact your local NetApp NDA specialist to provide you more details.
I suspect we both share a passion for this technology, so I feel your pain.
But sharing sensitive info like that in a public forum such as this is both unwise from a competitive perspective as well as against corporate policy. If you want good detail on real futures, it must be in the context of an in-person NDA update.
Do you think Perez Hilton gets a lot of traffic because he is writing what he is 'allow' (however we define this) to write? Communities need juicy content too , otherwise no one will be bothered to look in here.
Although I appreciate posting everything is not very wise, bear in mind mostly NetApp, NetApp partners & NetApp customers are visiting Communities. And with sensitive info usually there is a big middle ground, between saying all & saying nothing.
We are all like Perez here - doing things which at first look seem to be unwise. E.g. should I, as a reseller, expose my knowledge & experience to make my competitors' life easier? Or shall I rather keep that to myself?
Again - thanks for your support and passion. You guys definitely keep our online communities vibrant! I think there are many "edgy" things we can openly discuss here (such as pioneering application deployments on NetApp, far-flung infrastructures or uncharted areas of performance, dedupe, etc...).
However, crossing the NDA line over here is simply a non-starter. These communities have been called out in a negative light in the past by probing journalists (see link below) so there is no upside and plenty of downside to your well-intentioned request. This is simply not the right forum for authoritative discussions on NetApp product futures, regardless of what Perez thinks
Check out the document 'Cisco, NetApp, VMWare Enhanced Secure Multi-Tenancy Design Guide' in NetApp Community.
Goal of This Document Cisco®, VMware®, and NetApp® have jointly designed a best-in-breed Enhanced Secure Multi-Tenancy (ESMT) Architecture and have validated this design in a lab environment.
This document describes the design of and the rationale behind the Enhanced Secure Multi-Tenancy Architecture. The design includes many issues that must be addressed prior to deployment as no two environments are alike. This document also discusses the problems that this architecture solves and the four pillars of an Enhanced Secure Multi-Tenancy environment.
The target audience for this document includes, but is not limited to, sales engineers, field consultants, professional services, IT managers, partner engineering, and customers who wish to deploy an Enhanced Secure Multi-Tenancy (ESMT) environment consisting of best-of-breed products from Cisco, NetApp, and VMware.
This document is intended to articulate the design considerations and validation efforts required to design, deploy, and backup Enhanced Secure Multi-Tenancy virtual IT-as-a-service.
I watched the presentation and have had a scan through the supporting documentation, which is very well written. I can think of two issues from the business risk team that have not been address.
In physically separate systems, issues in one environment can not effect or take the 2nd environment down, how do we 'know' this is the case with secure multi-tenancy
What would the auditors say?~Secure multi-tenancy needs to be "blessed" by professional auditing firms
I can see many technical solutions to question one but question two would just be the end of the design in the early stages in my environment.However I agree this is likely to be the future direction of the data centre.
1) We have architected the solution for each tenant container to be resilient from other tenant workloads or misconfigurations. We have vMware DRS and UCS classes at the compute layer, QoS, CAR and 10GBe in the network, and FlexShare (QoS for storage). This allows us to provision SLAs for each tenant and maintain them.
2) We are in the late stages of having an independant 3rd party security audit done and posted. Keep your eyes open. If there are any specific certifications you are interested in, drop us an email.