Virtualization created a lot of change in the technological landscape, and continues to do so. It’s also made large impacts in other areas; processes and roles. Back when everything was physical, people knew their roles and what they were responsible for. The server guys owned the server; the network guys owned the network and so on. But today, those clear lines are blurred; there is no clear demarcation anymore. Blade chassis can now house Cisco network and fiber switches, ESX handles virtual switching through vDS or the Cisco 1000V, and now there are virtual firewalls that run on the hypervisor as well, for managing traffic between VMs. This fundamental shift creates huge implications for ownership, especially in a word were Enterprise Security groups are pushing Role Based Access Control. It simply boils down to “Who Owns What?”
When ESX was first introduced and became an industry norm, ownership for everything beyond where the network cable plugged into the server was handled by the server administrator. This meant that configuration, management and ownership of the Virtual Switches were handled by the ESX Admin. However, as those technologies have grown, should that still be the case today? And with the introductions of blade chassis with L2 switches attached, the clear lines become even more blurred.
It’s becoming more and more apparent that there is a need to rethink the approach for delegating the management of entities. There seems to be two clear choices in the approach for this. The first choice is to migrate from silos of technologies and create all encompassing groups around services in the enterprise. The second is to shift the demarcation of roles to encompass end to end technologies.
The first approach requires the largest shift inside an organization. Typically, groups manage technologies, not the services that use those technologies. Virtualization, however, needs to be looked at as a service that uses multiple technologies. Instead of having a separate server, network and storage team that manages those technologies for virtualization, why not create a Virtualization Team that includes SMEs in the areas of server, network and storage management. This allows the SMEs in each group to not only bring expertise in that specific technology to the table, but also the knowledge of how to best use the technology to better the virtualization service. This approach becomes even more paramount when you start looking at advanced virtualization initiatives such as cloud or VDI.
The second approach is to no longer use the physical connection to the server as the demarcation zone. This approach falls more in line with the thought processes behind Role Based Access Control. By taking this approach, you extend ownership and management of a technology from end to end. In the case of an ESXi environment running on a blade chassis w/ Cisco B22HP FEX devices, and using the Cisco 1000v Virtual Switch, you grant access and ownership to the network team to be responsible for the networking from the core down to the 1000v. This allows not only insight to what is being done down to a port level in a virtual environment, but it allows for standardization of the network technologies and places the management of that technology in the SMEs in an organization. It also allows for end to end impact analysis of a change anywhere in the network environment.
While both approaches have their merits, choosing the one that works best will be dependent on your organization. The first method will require a shift in the general thinking, and any major organization change like that takes time to step through. However, I do feel it’s the better approach, especially for managing future technologies such as vBlock and Cloud. However, given the challenges around the changes required to get to this model, it may not be easily executable. The second model will be simpler to adapt to, and still accomplish a major goal. However it will still have all the flaws of a silo’ed approach and may prevent the collaborative thinking that designing and managing a service such as virtualization can benefit from. At the end of the day, communication is key when working with a technology like virtualization, and I feel that it isn’t up to the standard that it should be in most enterprises. Either by following the recommendations here, or creating your own that works best for your organization, as long as some change is occurring, then I believe the mission is accomplished, because continuing to have the mindset of the ‘IT Organization’ from 10 years ago is nothing but a recipe for disaster.
For those of you that follow the many talented bloggers that focus of virtualization with VMware, you are aware of Vsphere-Lands top 25 blog voting. Well, its that time again and I truly believe is supporting my colleagues in this. There are a lot of great blogs out there and I think they need to be fully recognized.
Here is a brief excerpt on the suggested guidelines for voting:
Longevity – Anyone can start a blog but it requires dedication, time & effort to keep it going. Some bloggers start a blog only to have it fall to the wayside several months later. Things always come up in life but the good bloggers keep going regardless of what is happening in their life. Length – It’s easy to make a quick blog post without much content, nothing wrong with this as long as you have good content in the post that people will enjoy. But some bloggers post pretty long detailed posts which takes a lot of time and effort to produce. The tip of the hat goes to these guys that burn the midnight oil trying to get you some great detailed information. Frequency – Some bloggers post several times a week which provides readers with lots of content. This requires a lot of effort as bloggers have to come up with more content ideas to write about. Frequency ties into length, some do high frequency/low length, some do low frequency/high length, some do both. They’re all good and require a lot of time and effort on the bloggers part. Quality – It all comes down to whats in the blog post regardless of how often or how long the blog posts are. After reading a blog post if you come away with learning something that you did not previously know and it benefits you in some way then you know you are reading a quality post. Good quality is usually the result of original content, its easy to re-hash something previously published elsewhere, the good bloggers come up with unique content or put their own unique spin on popular topics.
If you want to have an idea of who I voted for, feel free to visit my LINKS section and you will find a list of blogs that I visit often, if not daily.
I also want to state that this post isn’t an attempt to get votes for my site (as Im not even listed as an option), but a plea to ask you to support the community and vote for whoever you think is deserving. No matter who gets the votes, the community itself will be better because of all the bloggers who contribute, and the readers who support us.