This is Reddit, so taking any claims with a severely hefty earth sized grain of salt..
> Odd part 1: ... moving large numbers of VMs (100,000-500,000) over to Linux based virtualization in very short time frames.
> Odd part 4: Every one of these requests involves moving the VMs off VMWare or Hyper-V onto OpenShift, specifically.
As a Solution Architect at Red Hat, no sane sales rep would ever recommend or propose moving VMware footprints of that size onto OpenShift via OpenShift Virtualization[0]. As amazing as that payout would be, that would literally be account suicide if it ever got signed off on. The whole purpose behind OpenShift Virtualization is to aid in organization modernization as a way to consolidate workloads onto a single platform while giving app dev time to migrate their work to containers and microservice based deployments.
We are working on making OpenShift Virtualization as capable as we can (considering we're killing the Red Hat Virtualization product [upstream project: oVirt]) but it's not really meant, especially right now, to be a VMware replacement. That's what solutions like Nutanix are for.
This entire thing, if at all true which is unlikely, would smell of typical negotiation games to attempt to gain better pricing/discounts when it comes time for their VMware renewals. We see this a lot in attempts for customers to try and get better pricing when it comes Red Hat products, and potential customers the other way around with their existing vendors. Business is business and everyone will try to get the best deal they can, but the games do get annoying after a while.
> We are working on making OpenShift Virtualization as capable as we can (considering we're killing the Red Hat Virtualization product [upstream project: oVirt]) but it's not really meant, especially right now, to be a VMware replacemen
Didn't know RHEV was being killed. It makes sense, the enterprise virtualisation market is shrinking by the day, but it's still a bummer there's less competition. Is oVirt being maintained?
> That's what solutions like Nutanix are for.
Nope. Nutanix is for when you want to replace your hardware and software, have specific workloads that fit a hyperconverged hardware deployment, want a good piece of software with a ton of extras that don't really work all that well, being bash and random FOSS smushed together with duct tape. Oh, and you have money to burn.
>Didn't know RHEV was being killed. It makes sense, the enterprise virtualisation market is shrinking by the day, but it's still a bummer there's less competition. Is oVirt being maintained?
With the release of RHV 4.4 a few years back, it's become the last RHV release and will be maintained until its EOL in 2024 (ELS 2026). Like any open-source project, oVirt will be maintained by whoever wants to work on it, be it Red Hat engineers, other virtualization organizations, or just random contributors. But RH engineers won't be payrolled to work on oVirt on a daily basis.
> Nope. Nutanix is for when you want to replace your hardware and software, have specific workloads that fit a hyperconverged hardware deployment, want a good piece of software with a ton of extras that don't really work all that well, being bash and random FOSS smushed together with duct tape. Oh, and you have money to burn.
I don necessarily disagree, I was just pointing out one commercial virtualization solution that theoretically could operate large scale deployments. I don't typically see alternate products like Proxmox come up often in discussions (I honestly only know one person personally using it), but virtualization isn't my forté either, so there's that.
oVirt is open source, although it unfortunately doesn't have a large development community. But it would still be a good starting point if someone wanted to create an open source VMware replacement.
Perhaps the poster is using the term 'virtualization' imprecisely, if s/he is deep in the VMWare world. Another interpretation would be that companies are looking to move to containerization on OpenShift, which would make a lot more sense.
I didn't see the 14 on my first read through last night (I read this at like 1:30 in the morning), but that would make much more sense. I interpreted the "some" as a handful at most, which is why I said "footprints" and not "footprint". Even in that situation, I would probably still recommend not going the OpenShift Virtualization route. Obviously these groups would have different deployment sizes, but I would still personally be wary of moving several thousand VMs to OpenShift as part of a cost saving measure if there wasn't an intent to migrate to containers over time (based on the OpenShift Virtualization of today).
That's not to say it's not possible or a bad idea, just that each org would need to evaluate for themselves. We do have customers that have made this just and are running OpenShift clusters with >1k VMs on OpenShift Virtualization.
Remember, oVirt an upstream virtualization project, the product we derive from it is Red Hat Virtualization (RHV). From the development and deployment side of things, Red Hat has chosen a direction that is primarily container based going into the future, betting a lot of this on OpenShift. This decision was made a few years ago before anything with Broadcom/VMware was occurring.
OpenShift Virtualization (based on KubeVirt) exists to provide a path of migration for "legacy" VM environments to containers, allowing admins to maintain one platform in a consistent manner (Kubernetes resources) while giving the teams that can to evolve their applications to containerized deployments.
I believe there are plans to get the management capabilities of RHV into OpenShift Virtualization, I'm not quite sure how far that's gotten. In terms of virtualization solutions from Red Hat, we have the following:
- KVM on RHEL. With the announcement of the RHV EOL, we removed the restrictions on how many guest VMs you can run simultaneously on RHEL. Note that this is different from the RHEL for Virtual Data Center (VDC) subscriptions we sell; it's just the removal of the contractual limitation, it doesn't entitle your guests.
- Red Hat OpenShift Virtualization: already discussed.
- Red Hat OpenStack: If you need to be running a broad private cloud platform that has a virtualization component.
KubeVirt is the upstream. Essentially so there is common management/operational model between virtualization and containers rather than having a Kubernetes-based one and a largely independent virtualization one.
My suspicion: these CEOs are trying to scope out the cost of adopting OpenShift, so that, when they're negotiating prices with VMWare, they can show how much money they would save with OpenShift in the long term. This may be essentially just an attempt to gain some negotiating leverage in the face of potential VMWare price hikes.
Not to mention that you need to have the ability to switch anyway in case there is some other problem with VMWare. Anytime you have a single supplier that you depend on you should have some mitigation plan ready to go should that supplier fail you. The mitigation plan may be a lot more expensive than the supplier you are using, the goal isn't to use them it is just to ensure you have an option.
Interesting, it does seem plausible that the cause is the VMWare price hike; as they specifically stated aiming at large enterprises because they’re slow to move, I wonder whether they may be overplaying their hand.
On the other hand, it’s hard to imagine these enterprises moving have a million of VMs before the end of the year, so they probably do have a point. But it just seems like short-sighted short-term thinking here, giving up enterprise market share in exchange for some additional $ now.
Any reduction in memory managed by VMWare would be savings though. Say they need 50% of the VMWare license this year and 5% next year they're probably still happy.
At least happy until whatever IBM has been promising behind closed doors runs out, and then IBM start turning the screws.
I am struggeling so hard... IT departments of two customer companies just moved VMs with a one week deadline to Azure and everything stopped working and I have the responsibility as external developer...
Weird SSL errors I have no clue how to fix. I think they are talking about my clients in this reddit post.
Wild stab in the dark: the only things that would kill SSL/TLS on a disk-image based lift & shift where the certificates and associated config moves with the VM are:
- An internal Certificate Revocation List (CRL) Distribution Point (CDP) was forgotten about and not moved along with everything else. These are often Enterprise PKI certificate authorities on servers like AD domain controllers. Admins will typically deploy new domain controllers in the cloud, and move everything else. They'll forget the old CAs and maybe even turn them off. This then causes SSL issues after... about a week.
- Another possibility is that they incorrectly moved an outbound access restriction. Again, overzealous network security admins tend to block Internet access on servers and forget about CRLs. It's an especially common issue on "secure" environments where someone decides to block HTTP outbound and only permit HTTPS because it's "secure". However, CRLs (and OCSP) absolutely require HTTP and will never work via HTTPS by design.
This seems unfair, it isn't necessary to attack the author just because the tone is a little conspiratorial. I'm sure there is a little embellishment in the post, but there doesn't seem to be any reason to doubt the author has noticed a real effect that may have a reasonable explanation. The VMware price hike idea seems like a very reasonable explanation
I lived through EMC's VMware tightening their grip, killing off our vendor "reflex firewall" by restricting their use of network APIs (to boost their Nicira acquisition which became NSX), then making us pay the vRAM vtax as part of the VSPP program (public cloud), and launching project Zephyr (vCloud Air) where they directly competed with us.
RIP VMware. Been getting Novell vibes from them for the last 10 years.
Fortunately it's quickly nipped in the thread on reddit. The news isn't new, and companies already had shy of a quarter to work on it, but not that we hit Q3 and forecasting for Licensing is now kicking in for Q1-Q2 23' it's now sudden that the capex will be $$$ so there is a huge rush to migrate to mitigate licensing cost and sunk cost of a yearly licensing option.
Most IT/Sysadmins do not communicate with Finance/FPA, but the ones that do are really ahead of the game. I'm fortunate that in my past and present org(s) I always include them on talks, and once they are on your side they are an invaluable ally. Money talks, finance talks.
IT and Finance are back office administration, or the other side of the house in many orgs and should be talking about all terms of licensing and proper forcasting, but I do see it strained because IT focuses on what the tech can do, and finance only understands money and liability.
But IT can also mitigate liability if it's framed properly. This MSP sysadmin is clearly only in tech and never went out of it. Which isn't bad. But it is a very, very common silo and trope for external IT partners.
What’s strange here is OpenShift as a target. The last I looked, VMs were just getting initial support - certainly not enough functionality or proving to encourage one to rehost 100k VMs onto it as a platform. Also why the assumption that IBM would treat them better than Broadcom/CA?
A commenter on the thread mentioned the VMWare price hikes, so it could be as simple as IBM sensing an opportunity to poach customers from VMWare (probably more overlap in potential customers than AWS/GCP/Azure) and aggressively selling OpenShift to the C-suite with a promise of "if we can get a deal done this year, we'll give you heavily discounted pricing for X years".
It does seem a bit strange that all of these requests supposedly come specifically "from the CEO" though, as I would expect most companies would have CTOs making purchase decisions like this.
Not strange at all, CEO and Finance talk about budget. If cost is going to 10x, by doing nothing then it is going to be an quick decision. Most CTO's would've brought it up in the last quarter and be working on it now.
This reddit post is just a late canary in the minefield that shows a what one sysadmin is doing at one MSP.
Unless something has changed recently, IBM doesn't push OpenShift but rather Cloud Paks which are tailored solutions built on OpenShift. IBM sellers don't get paid on vanilla OpenShift.
I think if the story is to believed, the Red Hat sellers dedicated to big Fortune 500 accounts were given marching orders to reach out about recent negative publicity regarding vmware and the c-suite is asking for pricing/feature comparisons. This doesn't seem sudden or disturbing but rather what happens multiple times a year.
For what it’s worth, I’ve heard that when the current war in Ukraine started the Moscow/Russian employees of a big US networking hardware company of which everyone on this forum has heard about had their access cut off instantly, as in the invasion started at around 2AM and when the employees tried to get to work that morning they found out they could no longer access the company’s resources.
Which tells me that that company’s HQ had already put a sort of kill switch in place for cases like this.
2 AM Moscow time is 3 PM Pacific time - if they had someone working west coast times it could be done in regular working hours. Dropping users from their VPN LDAP group (or directly from the VPN servers) doesn't take long.
I know of another SW company that did the same thing. Everybody at the company was then told not to contact or communicate with any of the employees in Russia. Then one of the executives told everybody that it was a vendor who was providing the remote access solution who pulled out of the country in a blame shift we saw right through.
Readit News
> Odd part 1: ... moving large numbers of VMs (100,000-500,000) over to Linux based virtualization in very short time frames.
> Odd part 4: Every one of these requests involves moving the VMs off VMWare or Hyper-V onto OpenShift, specifically.
As a Solution Architect at Red Hat, no sane sales rep would ever recommend or propose moving VMware footprints of that size onto OpenShift via OpenShift Virtualization[0]. As amazing as that payout would be, that would literally be account suicide if it ever got signed off on. The whole purpose behind OpenShift Virtualization is to aid in organization modernization as a way to consolidate workloads onto a single platform while giving app dev time to migrate their work to containers and microservice based deployments.
We are working on making OpenShift Virtualization as capable as we can (considering we're killing the Red Hat Virtualization product [upstream project: oVirt]) but it's not really meant, especially right now, to be a VMware replacement. That's what solutions like Nutanix are for.
This entire thing, if at all true which is unlikely, would smell of typical negotiation games to attempt to gain better pricing/discounts when it comes time for their VMware renewals. We see this a lot in attempts for customers to try and get better pricing when it comes Red Hat products, and potential customers the other way around with their existing vendors. Business is business and everyone will try to get the best deal they can, but the games do get annoying after a while.
[0] https://www.redhat.com/en/technologies/cloud-computing/opens...
Didn't know RHEV was being killed. It makes sense, the enterprise virtualisation market is shrinking by the day, but it's still a bummer there's less competition. Is oVirt being maintained?
> That's what solutions like Nutanix are for.
Nope. Nutanix is for when you want to replace your hardware and software, have specific workloads that fit a hyperconverged hardware deployment, want a good piece of software with a ton of extras that don't really work all that well, being bash and random FOSS smushed together with duct tape. Oh, and you have money to burn.
With the release of RHV 4.4 a few years back, it's become the last RHV release and will be maintained until its EOL in 2024 (ELS 2026). Like any open-source project, oVirt will be maintained by whoever wants to work on it, be it Red Hat engineers, other virtualization organizations, or just random contributors. But RH engineers won't be payrolled to work on oVirt on a daily basis.
> Nope. Nutanix is for when you want to replace your hardware and software, have specific workloads that fit a hyperconverged hardware deployment, want a good piece of software with a ton of extras that don't really work all that well, being bash and random FOSS smushed together with duct tape. Oh, and you have money to burn.
I don necessarily disagree, I was just pointing out one commercial virtualization solution that theoretically could operate large scale deployments. I don't typically see alternate products like Proxmox come up often in discussions (I honestly only know one person personally using it), but virtualization isn't my forté either, so there's that.
A dozen or more companies (poster claims it's exactly 14) can move 100k-500k VMs in a short time frame, without killing anything.
Otherwise, your concern would have been spot on.
That's not to say it's not possible or a bad idea, just that each org would need to evaluate for themselves. We do have customers that have made this just and are running OpenShift clusters with >1k VMs on OpenShift Virtualization.
OpenShift Virtualization (based on KubeVirt) exists to provide a path of migration for "legacy" VM environments to containers, allowing admins to maintain one platform in a consistent manner (Kubernetes resources) while giving the teams that can to evolve their applications to containerized deployments.
I believe there are plans to get the management capabilities of RHV into OpenShift Virtualization, I'm not quite sure how far that's gotten. In terms of virtualization solutions from Red Hat, we have the following:
- KVM on RHEL. With the announcement of the RHV EOL, we removed the restrictions on how many guest VMs you can run simultaneously on RHEL. Note that this is different from the RHEL for Virtual Data Center (VDC) subscriptions we sell; it's just the removal of the contractual limitation, it doesn't entitle your guests.
- Red Hat OpenShift Virtualization: already discussed.
- Red Hat OpenStack: If you need to be running a broad private cloud platform that has a virtualization component.
Like possibly a national security issue of some kind.
'We' are at 'war' with Russia, after all.
That said, I'd keep an eye on any future 0-day announcements ... if there's anything here, it has that kind of smell about it.
Deleted Comment
It installs virtio drivers into Linux & Windows guests and updates configuration and registry, so the VM will boot straight away on the target.
On the other hand, it’s hard to imagine these enterprises moving have a million of VMs before the end of the year, so they probably do have a point. But it just seems like short-sighted short-term thinking here, giving up enterprise market share in exchange for some additional $ now.
At least happy until whatever IBM has been promising behind closed doors runs out, and then IBM start turning the screws.
Weird SSL errors I have no clue how to fix. I think they are talking about my clients in this reddit post.
Wild stab in the dark: the only things that would kill SSL/TLS on a disk-image based lift & shift where the certificates and associated config moves with the VM are:
- An internal Certificate Revocation List (CRL) Distribution Point (CDP) was forgotten about and not moved along with everything else. These are often Enterprise PKI certificate authorities on servers like AD domain controllers. Admins will typically deploy new domain controllers in the cloud, and move everything else. They'll forget the old CAs and maybe even turn them off. This then causes SSL issues after... about a week.
- Another possibility is that they incorrectly moved an outbound access restriction. Again, overzealous network security admins tend to block Internet access on servers and forget about CRLs. It's an especially common issue on "secure" environments where someone decides to block HTTP outbound and only permit HTTPS because it's "secure". However, CRLs (and OCSP) absolutely require HTTP and will never work via HTTPS by design.
If these are old systems, it could be this... if they're running .NET apps compiled against framework pre... 4.7? 4.8? TLS ain't gonna work...
Dead Comment
RIP VMware. Been getting Novell vibes from them for the last 10 years.
Fortunately it's quickly nipped in the thread on reddit. The news isn't new, and companies already had shy of a quarter to work on it, but not that we hit Q3 and forecasting for Licensing is now kicking in for Q1-Q2 23' it's now sudden that the capex will be $$$ so there is a huge rush to migrate to mitigate licensing cost and sunk cost of a yearly licensing option.
Most IT/Sysadmins do not communicate with Finance/FPA, but the ones that do are really ahead of the game. I'm fortunate that in my past and present org(s) I always include them on talks, and once they are on your side they are an invaluable ally. Money talks, finance talks.
IT and Finance are back office administration, or the other side of the house in many orgs and should be talking about all terms of licensing and proper forcasting, but I do see it strained because IT focuses on what the tech can do, and finance only understands money and liability.
But IT can also mitigate liability if it's framed properly. This MSP sysadmin is clearly only in tech and never went out of it. Which isn't bad. But it is a very, very common silo and trope for external IT partners.
No. Everything on reddit is true.
(On the fence if this story is true or not, it could very well be)
It does seem a bit strange that all of these requests supposedly come specifically "from the CEO" though, as I would expect most companies would have CTOs making purchase decisions like this.
This reddit post is just a late canary in the minefield that shows a what one sysadmin is doing at one MSP.
I think if the story is to believed, the Red Hat sellers dedicated to big Fortune 500 accounts were given marching orders to reach out about recent negative publicity regarding vmware and the c-suite is asking for pricing/feature comparisons. This doesn't seem sudden or disturbing but rather what happens multiple times a year.
"Nobody ever gets fired for buying IBM".
https://www.itnews.com.au/news/newman-still-considering-lega...
Which tells me that that company’s HQ had already put a sort of kill switch in place for cases like this.
And these big brand companies with international offices are full of spies it's good cover.