 Hey, welcome back everybody. Jeff Frick here with theCUBE. We are having a very special CUBE conversation and kind of the ongoing unveil, if you will, of the new VMware vSphere 7.0. We're going to get a little bit more of a technical deep dive here today and we're excited to have a longtime CUBE alumni. Kit Colbert here is the VP and CTO of cloud platform at VMware. Kit, great to see you. And new to theCUBE, Jared Rosoff. He's a senior director of product management at VMware and I'm guessing had a whole lot to do with this build. So Jared, first off, congratulations for birthing this new release and great to have you on board. It feels pretty good, great to be here. All right, so let's just jump into it. From kind of a technical aspect, what is so different about vSphere 7? Yeah, great. So vSphere 7 bakes Kubernetes right into the virtualization platform. And so this means that as a developer, I can now use Kubernetes to actually provision and control workloads inside of my vSphere environment. And it means as an IT admin, I'm actually able to deliver Kubernetes and containers to my developers really easily right on top of the platform I already run. So I think we had kind of a sneaking suspicion that that might be coming with the acquisition of the Heptio team. So really exciting news and I think Kit, you teased it out quite a bit at VMware last year about really enabling customers to deploy workloads across environments regardless of whether that's on-prem, public cloud, this public cloud, that public cloud. So this really is the realization of that vision. It is, yeah. We talked at VMworld about Project Pacific, this technology preview. And as Jared mentioned, what that was was how do we take Kubernetes and really build it into vSphere. As you know, we had a hybrid cloud vision for quite a while now. How do we proliferate vSphere to as many different locations as possible? Now part of the broader VMware Cloud Foundation portfolio. And as we've gotten more and more of these instances in the cloud, on-premises, at the edge, with service providers, there's a secondary question of how do we actually evolve that platform so it can support not just the existing workloads but also modern workloads as well. Right. So I think you brought some pictures for us, a little demo, so why don't we jump over to there and let's see what it looks like. You guys can queue up the demo. Yeah, so we're going to start off looking at a developer actually working with the new VMware Cloud Foundation for vSphere 7. So what you're seeing here is a developer is actually using Kubernetes to deploy Kubernetes. It's the self-eating watermelon. So the developer uses this Kubernetes declarative syntax where they can describe a whole Kubernetes cluster and the whole developer experience now is driven by Kubernetes. They can use the kube control tool and all of the ecosystem of Kubernetes APIs and tool chains to provision workloads right into vSphere. And so that's not just provisioning workloads though, this is also key to the developer being able to explore the things they've already deployed. So go look at, hey, what's the IP address that got allocated to that or what's the CPU load on this workload I just deployed? On top of Kubernetes, we've integrated a container registry into vSphere. So here we see a developer pushing and pulling container images. And one of the amazing things about this is from an infrastructure as code standpoint, now the developer's infrastructure as well as their software is all unified in source control. I can check in not just my code, but also the description of the Kubernetes environment and storage and networking and all the things that are required to run that app. So now we're looking at a sort of a side-by-side view where on the right hand side is the developer continuing to deploy some pieces of their application and on the left hand side, we see vCenter. And what's key here is that as the developer deploys new things through Kubernetes, those are showing up right inside of the vCenter console. And so the developer and IT are seeing exactly the same things with the same names. And so this means what a developer calls their IT department and says, hey, I got a problem with my database. We don't spend the next hour trying to figure out which VM they're talking about. They got the same name. They see the same information. So what we're gonna do is we're gonna push the developer screen aside and start digging into the vSphere experience. And what you'll see here is that vCenter is the vCenter you've already known and loved. But what's different is that now it's much more application focused. So here we see a new screen inside of vCenter, vSphere namespaces. And so these vSphere namespaces represent whole logical applications. Like the whole distributed system now is a single object inside of vCenter. And when I click into one of these apps, this is a managed object inside of vSphere. I can click on permissions and I can decide which developers have the permission to deploy or read the configuration of one of these namespaces. I can hook this into my Active Directory infrastructure so I can use the same corporate credentials to access the system. I tap into all my existing storage. So this platform works with all of the existing vSphere storage providers. I can use storage policy-based management to provide storage for Kubernetes. And it's hooked in with things like DRS, right? So I can define quotas and limits for CPU and memory and all that's gonna be enforced by DRS inside the cluster. And again, as an admin, I'm just using vSphere but to the developer, they're getting a whole Kubernetes experience out of this platform. Now vSphere also now sucks in all this information from the Kubernetes environment. So besides seeing the VMs and things that developers have deployed, I can see all of the desired state specifications, all the different Kubernetes objects that the developers have created, the compute network and storage objects. They're all integrated right inside the vCenter console. And so once again, from a diagnostics and troubleshooting perspective, this data is invaluable. It often saves hours just in trying to figure out what we're even talking about when we're trying to resolve an issue. So as you can see, this is all baked right into vCenter. The vCenter experience isn't transformed a lot. We get a lot of VI admins who look at this and say, where's the Kubernetes? And they're surprised that like, they've been managing Kubernetes all this time. It just looks like the vSphere experience they've already got. But all of those Kubernetes objects, the pods and containers, Kubernetes clusters, load balancers, stores, they're all represented right there natively in the vCenter UI. And so we're able to take all of that and make it work for your existing VI admins. Well, that's pretty wild. It really builds off the vision that again, I think you kind of outlined kit teased out at VMworld, which was the IT still sees vSphere, which is what they want to see, what they're used to seeing, but they have see Kubernetes and really bringing those together in a unified environment. So that depending on what your job is and what you're working on, that's what you're going to see in this kind of unified environment. Yeah, as the demo showed, it is still vSphere at the center, but now there's just two different experiences that you can have interacting with vSphere. The Kubernetes base one, which is of course great for developers and DevOps type folks, as well as the traditional vSphere interface APIs, which is great for VI admins and IT operations. Right. And then, and really it was interesting too, you tease that a lot. That was a good little preview of people knew they're watching. But you talked about really cloud journey and kind of this bifurcation of kind of classic old school apps that are running in their classic VMs and then kind of the modern, you know, kind of cloud native applications built on Kubernetes. And you outlined a really interesting thing that people often talk about the two wins of the spectrum and getting from one to the other, but not really about kind of the messy middle, if you will. And this is really enabling people to pick where along that spectrum they can move their workloads or move their apps. Yeah, I know. I think we think a lot about it like that, that we look at, we talked to customers and all of them have very clear visions on where they want to go. They're a future state architecture. And that involves embracing cloud and involves modernizing applications. And as you mentioned, it's challenging for them because I think what a lot of customers see is this kind of these two extremes. Either you're here where you are, kind of the old current world and you've got the bright nirvana future on the far end there. And they believe that the only way to get there is to kind of make a leap from one side to the other. That you have to kind of change everything out from underneath you. And that's obviously very expensive, very time consuming and very air prone as well. There's a lot of things that can go wrong there. And so I think what we're doing differently at VMware is really to your point, as you call it, the messy middle, I would say it's more like, how do we offer stepping stones along that journey? Rather than making this one giant leap, we had to invest all this time and resources. How can we enable people to make smaller incremental steps, each of which have a lot of business value, but don't have a huge amount of cost? And it's really enabling kind of this next gen application where there's a lot of things that are different about it. But one of the fundamental things is we're now the application defines the resources that it needs to operate versus the resources defining kind of the capabilities what the application can do. And that's where everybody is moving as quickly as makes sense. You said not all applications need to make that move, but most of them should and most of them are and most of them are at least making that journey. You see that? Yeah, definitely. I mean, I think that certainly this is one of the big evolutions we're making in vSphere from looking historically at how we managed infrastructure. One of the things we enable in vSphere seven is how we manage applications. So a lot of the things you would do in infrastructure management of setting up security rules or encryption settings or your resource allocation, you would do this in terms of your physical and virtual infrastructure. You talk about it in terms of this VM is going to be encrypted or this VM is going to have this firewall rule. And what we do in vSphere seven is elevate all of that to application-centric management. So you actually look at an application and say I want this application to be constrained to this much CPU or I want this application to have these security rules on it. And so that shifts the focus of management really up to the application level. Right. Yeah, and like I would kind of even zoom back a little bit there and say, you know, if you look back, one thing we did with something like vSAN, before that people had to put policies on a LUN, you know, an actual storage LUN and a storage array. And then by virtue of a workload being placed on that array it inherited certain policies, right? And so vSAN really turned that around and allows you to put the policy on the VM. But what Jarrah's talking about now is that for a modern workload, a modern workload is not a single VM. It's a collection of different things. We've got some containers in there, some VMs probably distributed, maybe even some on-prem, some in the cloud. And so how do you start managing that more holistically? And this notion of really having an application as a first-class entity that you can now manage inside of vSphere, it's a really powerful and very simplifying one. Right. And why this is important is because it's this application-centric point of view which enables the digital transformation that people are talking about all the time. That's a nice big word, but the rubber hits the road is how do you execute and deliver applications? And more importantly, how do you continue to evolve them and change them, you know, based on either customer demands or competitive demands or just changes in the marketplace? Yeah, well, you look at something like a modern app that maybe has 100 VMs that are part of it and you take something like compliance, right? So today, if I want to check if this app is compliant, I got to go look at every individual VM and make sure it's locked down and hardened and secured the right way. But now instead, what I can do is I can just look at that one application object inside of vCenter, set the right security settings on that, and I can be assured that all the different objects inside of it are going to inherit that stuff. So it really simplifies that. It also makes it so that that admin can handle much larger applications. You know, if you think about vCenter today, you might log in and see 1000 VMs in your inventory. When you log in with vSphere 7, what you see is a few dozen applications. So a single admin can manage a much larger pool of infrastructure, many more applications than they could before because we automate so much of that operation. And it's not just the scale part, which is obviously really important, but it's also the rate of change. And this notion of how do we enable developers to get what they want to get done, done, i.e. building applications, well, at the same time, enabling the IT operations teams to put the right sort of guardrails in place around compliance and security, performance concerns, these sorts of elements. And so by being able to have the IT operations team really manage that logical application at that more abstract level and then have the developer be able to push in new containers or new VMs or whatever they need inside of that abstraction, it actually allows those two teams to work actually together and work together better. They're not stepping over each other, but in fact now they can both get what they need to get done, done, and do so as quickly as possible, but also being safe and in compliance and so forth. So there's a lot more to this, this is a very significant release, right? Again, a lot of foreshadowing if you go out and read the tea leaves, it's a pretty significant rearchitecture of many, many parts of vSphere. So beyond the Kubernetes, what are some of the other things that are coming out in this very significant release? Yeah, it's a great question because we tend to talk a lot about Kubernetes, what was project Pacific, but is now just part of vSphere. And certainly that is a very large aspect of it, but to your point, vSphere 7 is a massive release with all sorts of other features. And so instead of a demo here, let's pull up some slides and take a look at what's there. So outside of Kubernetes, there's kind of three main categories that we think about when we look at vSphere 7. So the first one is simplified lifecycle management and then really focused on security as a second one. And then applications as well, both including the cloud native apps that fit in the Kubernetes bucket, as well as others. And so we go on the first one, the first column there, there's a ton of stuff that we're doing around simplifying lifecycle. So let's go to the next slide here where we can dive in a little bit more to the specifics. So we have this new technology, vSphere lifecycle management, VLCM. And the idea here is how do we dramatically simplify upgrades, lifecycle management of the ESX clusters and ESX hosts? How do we make them more declarative with a single image that you can now specify for an entire cluster? We find that a lot of our vSphere admins, especially at larger scales, have a really tough time doing this. There's a lot of in and out today. It's somewhat tricky to do. And so we want to make it really, really simple and really easy to automate as well. So if you're doing Kubernetes on Kubernetes, I suppose you're going to have automation on automation, right? Because upgrading to the seven is probably not an inconsequential task. And yeah, and going forward and allowing, as we start moving to deliver a lot of this great vSphere functionality at a more rapid clip, how do we enable our customers to take advantage of all those great things we're putting out there as well? Right. Next big thing you talk about is security. We just got back from RSA. Thank goodness we got that show in before all the badness started, but everyone always talk about security's got to be baked in from the bottom to the tops. Talk about kind of the changes in the security. So I've done a lot of things around security, things around identity federation, things around simplifying certificate management, dramatic simplifications there across the board. One I want to focus on here on the next slide is actually what we call vSphere trust authority. And so with that one, what we're looking at here is how do we reduce the potential attack surfaces and really ensure there's a trusted computing base? When we talk to customers, what we find is that they're nervous about a lot of different threats, including even internal ones, right? How do they know all the folks that work for them can be fully trusted? And obviously if you're hiring someone, you somewhat trust them, but you know, how do you implement the concept of least privilege? Right, right. Or zero trust, right? This is very hot topic. Yeah, exactly. So the idea with trust authority is that we can specify a small number of physical ESX hosts that you can really lock down and ensure fully secure. Those can be managed by a special vCenter server, which is in turn very locked down, only a few people have access to it. And then those hosts in that vCenter can then manage other hosts that are untrusted and can use attestation to actually prove that okay, these untrusted hosts haven't been modified. We know they're okay, so they're okay to actually run workloads on, they're okay to put data on and that sort of thing. So it's this kind of like building block approach to ensure that businesses can have a very small trust base off of which they can build to include their entire vSphere environment. Right. And then the third kind of leg of the stool is just better leveraging kind of a more complex asset ecosystem if you go with things like FPGAs and GPUs and kind of all of the various components that power these different applications, which now the application can draw the appropriate resources as needed. So you've done a lot of work there as well. Yeah, there's a ton of innovation happening in the hardware space. As you mentioned, all sorts of accelerators coming out. We all know about GPUs and obviously what they can do for machine learning and AI type use cases, not to mention 3D rendering, but FPGAs and all sorts of other things coming down the pike as well there. And so what we found is that as customers try to roll these out, they have a lot of the same problems that we saw in the very early days of virtualization, i.e. silos of specialized hardware that different teams were using. And what you find is all things we found before, you find very low utilization rates, inability to automate that, inability to manage that well, putting security and compliance and so forth. And so this is really the reality that we see at most customers. And it's funny because in some ways you think, well, wow, shouldn't we be past this as an industry? Shouldn't we have solved this already? We did this with virtualization. But as it turns out, the virtualization we did was for compute and then storage and network, but now we really need to virtualize all these accelerators. And so that's where this bitfusion technology that we're including now with vSphere really comes to the forefront. So if you see it in the current slide we're showing here, the challenges, that just these separate pools of infrastructure, how do you manage all that? And so if you go to the next slide, what we see is that with bitfusion, you can do the same thing that we saw with compute virtualization. You can now pool all these different silos of infrastructure together so they become one big pool of GPUs of infrastructure that anyone in an organization can use. We can have multiple people sharing a GPU. We can do it very dynamically. And the great part of it is, is that it's really easy for these folks to use. They don't even need to think about it. In fact, integrates seamlessly with their existing workflows. So it's pretty interesting because the classifications of the assets now are much larger, much varied and much more workload specific, right? That's really the opportunity slash challenge that you guys are addressing. They are, they're getting a lot more diverse. Yep. And so like, you know, a couple of other things, just, I don't have a slide on it, but just things we're doing to our base capabilities, things around DRS and VMotion. Really massive evolutions there as well to support a lot of these bigger workloads, right? So you look at some of the massive SAP HANA or Oracle databases. And how do we ensure that VMotion can scale to handle those without impacting their performance or anything else there? Making DRS smarter about how it does load balancing and so forth. A lot of this stuff is not just kind of brand new, cool, new accelerator stuff, but it's also how do we ensure the core apps, people who have already been running for many years, we continue to keep up with the innovation and scale there as well. Right. All right, so, Jared, I'll give you the last word. You've been working on this for a while. There's a whole bunch of admins that have to sit and punch keys. What do you tell them? What should they be excited about? What are you excited for them in this new release? I think what I'm excited about is how, you know, IT can really be an enabler of the transformation of modern apps, right? I think today you look at a lot of these organizations and what ends up happening is the app team ends up sort of building their own infrastructure on top of IT's infrastructure, right? And so now I think we can shift that story around. I think that there's an interesting conversation that a lot of IT departments and app dev teams are going to be having over the next couple of years about how do we really offload some of these infrastructure tasks from the dev team, make you more productive, give you better performance, availability, disaster recovery and these kinds of capabilities. Awesome. Well, Jared, congratulations to get both of you for getting the release out. I'm sure it was a heavy lift and it's always good to get it out in the world and let people play with it. And thanks for sharing a little bit more of a technical deep dive. I'm sure there's a ton more resources from people that even want to go down into the weeds. So thanks for stopping by. Thank you. Thank you. All right, he's Jared. He's Ken, I'm Jeff. You're watching theCUBE. Thanks for watching. We'll see you next time.