F5 Cozies Up to VMware; Clears Up Two VMware View Shortcomings

Among the announcements at last week's VMworld came news that F5 is joining the VMware Ready Program for Networking and Security and will integrate its Big-IP with VMware's vCloud product suite. The company has also made two small but vital enhancements that ensure a seamless and consistent VMware View experience, all of which showcase VMware's ability to rely on partners to provide necessary functions that its products lack.

Getting to a private cloud means automating the configuration and management of all the elements required to deploy and manage an application. Early attempts at adding load-balancing features via orchestration software have been limited to selecting an application pool or virtual IP. Automatically configuring network devices like load balancers and firewalls often means configuring devices in preparation for an application deployment--a manual process that stops automated deployment in its tracks.

When Microsoft announced its Azure Private Cloud software, the company also announced F5's support for load balancing Azure Private cloud instances. However, that support is limited to merely adding a host to a server pool in System Center 2012, and meant Big-IP administrators had to ensure that configurations were preset in its appliances. We got the sense at the time that F5 was frustrated with Microsoft relegating Big-IP to simple load balancing. In contrast, the partnership with VMware makes 100% of the Big-IP programmable features available to vCloud Director, such as load balancing, application delivery, SSL VPN, SSL offload and Web application firewall.

Application policies using Big-IP's ADC features are defined in F5's centralized management application Enterprise Manager as iApps. The iApps are presented to vCloud Director in a catalog; when a new application is created on vCloud, the user selects the iApp from the catalog and it will be applied to any physical or virtual Big-IP appliance. As applications move from location to location, such as between data centers, the iApp policy is applied to the Big-IPs that will be serving the application. IT no longer needs to maintain consistent policies across Big-IP appliances because the iApps will be applied on demand.

The next step is for VMware, or some other vendor, to provide an abstraction layer that ensures that an application policy can be applied to network appliances, regardless of which product actually executes the policy. If VMware can get network device vendors that make firewalls, content managers, load balancers, etc., to provide similar template-based configurations, the resulting combination of vCloud and integrated products will let customers swap appliances without disrupting the applications that rely on them. For example, both F5's Big-IP and Citrix's NetScaler offer similar ADC features, and an application policy could be carried out by either one. Obviously, different products have unique features, so 100% feature parity won't happen--but there is a lot of commonality that can be leveraged.

Next: Getting a Better View of VMwareF5 also announced feature enhancements supporting VMware View:

Single Namespace: VMware View doesn't use a single namespace across more than one pod, which means if a user's pod isn't available, the user has to select a different pod to connect to. It's an extra step that could result in them selecting the less optimal pod. F5's Single Namespace presents a unified namespace to users so that once they log in, they're directed to the best pod for them based on response time and availability. Frankly, VMware should have provided a unified namespace in View, but didn't.

Username Persistence: F5's other new feature ensures that users have a consistent experience. When a user logs off View or the connection is dropped, he or she has to log in to the connection broker that set up the View session. There's no guarantee that a user will be connected to the same View connection broker, and he or she will be presented with a new desktop. The experience is similar to closing your laptop lid only to have it shut down, losing all of your current work. Username Persistence can keep track of users' sessions and, when users log back in, direct them to the last connection brokers they used and reconnect to their existing View sessions. Of course, if a user's View session expires, then a new session needs to be set up, but at least with temporary disconnections users will have a better experience overall.

If you're already a VMware and F5 customer, the partnership and enhancements to View will be welcome news. The application delivery market is competitive, with products like Brocade's ADX, Cisco's WaaS and Citrix's NetScaler vying for your business. Adding programmatic controls to prominent private cloud products like VMware's vCloud makes the transition from a virtualized data center to a private cloud possible for organizations. Vendors making cloud software, orchestration and automation products need to follow VMware and F5's lead and work together.