Over the last couple months, we’ve encountered confusion about the distinction between VMware and HyperCloud with a few customers, and thought it would be best to lay those differences out in this blog post.
These differences are important, because your organisation’s choices around cloud computing technologies are the foundation for your operational resilience long-term.
While VMware and HyperCloud do have some overlap, they are still very different things. VMware is primarily focused on virtualisation, whereas HyperCloud is a full stack cloud solution. Here’s a few key advantages HyperCloud brings to the table when it comes to building a cloud platform.
Advantage 1: ‘out of the box’ functionality versus spiralling licensing and operational costs
A traditional VMware ‘cloud’ is complex to architect, slow to deploy, requires many software components and licences, and limits how much of your hardware can actually be used for workloads.
There is notable complexity involved in upgrading VMware elements, which we’ll get into with a later point. VMware has attempted to address this complexity with SDDC manager - but this involves adding yet another component to your solution, taking up more RAM, CPU and disk space. And of course, you need another VM for that, and a paid licence too.
Additionally, VMware requires four nodes for management - for example, your organisation could purchase 12 nodes, but only use eight of those for actual workloads. And you can expect to pay around $12K per CPU socket. Plus an additional licence for SDS, L3 and L2 networking, automatic upgrades - hitting $60K per CPU core per year is easy.
Don’t forget the vRealize suite for access to a marketplace - now we’re at ~$70K per socket per year. On top of this cluster and disk sizes will eventually reach a hard limit. All increasing the cost to plan, build, operate and upgrade.
With:
- multiple specialist SMEs required to keep lights on,
- fractured upgrade cycles,
- NSX networking totally separate from classic ESXi/vCenter networks,
- vCenter tuning and monitoring,
- vRealize Automation Windows and SQL Administration,
- active/active failover requiring complex CPU mirroring,
- and licence upon licence to get everything working like a true cloud,
the costs of using VMware to run a cloud service quickly add up.
HyperCloud is delivered with full access to all its capabilities “out of the box”, with no additional licensing required to access any features, compute or storage capacity.
You don’t need extra licences for SDS, L3 and L2 networking or live migration. Automatic upgrades are included, along with a marketplace. And your cluster and disk size is practically unlimited. It’s also worth noting that HyperCloud’s efficient approach to management allows the customer to use all nodes - not eight out of 12!
HyperCloud’s modular nature and the simplicity with which new compute and storage resources can be added means your clouds do not require needless overprovisioning, reducing financial outlay and improving the overall efficiency of the platform. And because it uses task-specific building-blocks, you can scale your cloud asymmetrically, growing your compute or storage resources independently.
HyperCloud’s fully integrated software stack leads to seamless hardware upgrades, easier to plan, build, operate, and upgrade compared to VMware clouds.
HyperCloud delivers powerful features as standard
| Features | HyperCloud | VMware |
|---|---|---|
| Software Defined Storage | Included for HDD & SSD | additional vSAN license (extra for SSD) |
| L3 and L2 Networking | Included LB, L3, DHCP, QoS…. | NSX license |
| VM migration | Included Live migration | vMotion |
| Automatic Upgrades | Included Auto Upgrade | SDDC Manager license |
| Cluster Size | Practically unlimited1 | Max 96 (64 with vSAN) |
| Disk Size | Practically unlimited2 | 62TB |
| Marketplace / Catalogue | Included Marketplace | vRealize Suite (complex setup) |
Avoid licensing sprawl with the features you need included by default.
Advantage 2: Streamlined efficiency vs a cluttered, complex UI
Navigating VMware, or, “now, where do I change that…?”
Since their inception in 1999, VMware has grown to dominate the Hypervisor market in much the same way that Microsoft dominates sales of desktop operating systems. In fact the parallel goes deep - Microsoft cannot drop its ancient DOS and Win32 beginnings, so customers are left with a bewildering array of Control Panel items straight from Windows 95.
VMware’s virtual network editor, VM wizard and similar configuration tools suffer from similar flaws. Sprawling virtual machine folder structures add to the clutter. Hardware updates can break compatibility with software packages. VMware requires expert installation - it is not a boxed solution!
HyperCloud streamlines routine tasks.
HyperCloud’s origins lie in SoftIron’s desire to rethink cloud infrastructure as a whole. One platform on which everything could efficiently be built, sharing consistent design elements that support flow from one task to the next.
The HyperCloud dashboard presents an uncluttered pathway for all users to the configuration settings and management tools they require. The initial, summary view of the dashboard displays a clear picture of the health and state of the cluster at a glance, along with all the virtual machines running on it:
Your instances, networks, templates, storage and more can be managed from within this single dashboard through a straightforward menu. The control plane streamlines life cycle activities such as deployment and maintenance by automating low-level networking configuration, firmware deployment, and OS installation for all resource nodes helping to simplify DCOps and break/fix.
HyperCloud gives you power to easily stand-up new virtual Instances to test your application as part of a CI/CD workflow, and to flexibly expand successful applications and grow with you.
Advantage 3: Endless scalability vs hard limits
IaaS features from VMware often involve creating another VM, leaving virtual administrators shepherding a complex web of interdependent compute instances.
New VMware features bring not only their own virtual machines but their own user interfaces, upgrade schedules and compatibility requirements. Horizontal scaling is often impossible. This is in part due to the fact that vCenter and related feature VMs were designed as single non-distributed Java applications - scaling means increasing the CPU and RAM for a single VM. During maintenance these virtual machines must be carefully relocated - hoping that VM storage and networking remain intact to avoid service disruption.
OpenStack was the hope for many looking for a more modular, resilient and scalable solution. Unfortunately the problems of administering and upgrading OpenStack limited the longevity of these efforts. OpenStack embraced modular architecture but did so before containers gained popularity, leading to ever more complex upgrade processes.
HyperCloud is designed from the ground-up for scalability.
From day one, SoftIron’s goal was to create a solution allowing organisations to build on-premises infrastructure that behaved like a true cloud, not legacy data centre infrastructure, enabling essentially limitless scale.
HyperCloud’s scalability is built around these core features:
Independent scale-out: scale different resources independently of other resources. For example, you can increase storage without increasing compute.
Smooth scale-out: scale in whatever increment you require. You are not limited to a few predetermined levels.
Limitless scale-out: scale as much as required. There are no maximum levels of things like storage or compute.
Service auto-scaling: define and manage services as a group of related VMs, including their interconnection networks and elasticity rules.
Advantage 4: Unified networking versus no hardware networking options at all
VMware does not support or integrate with hardware network features that are available on switches and routers.
In the old world, data centre networking was a tax. Largely unchanged in decades, except for how fast it can shift packets, yet with an ever increasing number of crucial but complex and temperamental parameters to configure, the plumbing of the data centre has become the single biggest headache for IT teams.
Networking was almost always left out of HCI solutions, as they were unable to effectively automate hardware networking. Part of this came down to the lead players, VMware and Nutanix, lacking hardware network offerings and being unwilling to commit to partners. Without networking many installations fell at the first hurdle when easy wizards failed to see servers and traffic was unexpectedly blackholed.
HyperCloud relies on a simple and easy-to-support physical/virtual appliance that delivers high-speed 10/25/100G Ethernet networking.
High-speed HyperCloud networking is piped all the way through to guest instances, enabling VMs, containers, and multi-VM services to use as much bandwidth as an operator will allow the tenant, with tenant security groups enabling granular firewall management.
HyperCloud handles networking configuration changes in a unified way; by integrating the networking into our Interconnects, changes to the virtual network layer automatically propagate to the physical networking layer. As changes are made, whether by the API, CLI, or GUI, those changes instantly take effect where needed physically. No more trunking VLANs to compute nodes and upstream switch ports.
HyperCloud has IP Address Management functionality built-in, allowing IP address assignment to guest workloads automatically without requiring any guest VM or container configuration.
HyperCloud tenants are free to use networking without posing a risk to other tenants, Quality of Service is automatically enforced and broadcast traffic is safely scope to a single tenancy or part of the tenants network.
Advantage 5: Flexible highly integrated cloud versus piles of disparate management VMs
VMware’s tendency towards Management Appliance sprawl can lead to reduced efficiency, compliance issues and increased attack surfaces.
Over these years VMware has added multiple large apps to their portfolio with Chargeback, Monitoring, Service Catalog and others running as additional VMs alongside vCenter. Taking a leaf from Microsoft’s playbook, VMware acquired numerous smaller companies and relabelled products to build a suite of products around the core ESX/vCenter offering. A simple small vCenter management stack grew into a sprawl of specialised applications.
A complete VMware management stack allowing developers to order from a Service Catalogue and providing storage and network services has now grown to consume over 170 CPU cores, more than 512GB of RAM and in excess of 10TB disk space. You might think numbers like these are a fanciful work of fiction, but these are the mandated VMware Validated Design for vRealize, NSX and vCenter in vCloud Foundation.
A single vCenter instance can require in excess of 4TB of disk space!
Let’s talk numbers - management stacks
| HyperCloud (Management stack only) | VMware with NSX & vRealize (Management stack only) |
|---|---|
| CPU: 4 cores | CPU: 172 cores |
| RAM: 8 Gigabytes | RAM: 578 Gigabytes |
| Disk: 10692 Gigabytes | Disk: 80 Gigabytes |
Typical VMware deployments require 2-4 physical servers entirely dedicated to management.
Customers WASTE significant hardware just to manage VMware!
HyperCloud brings both flexibility and control to your cloud’s service catalogue
HyperCloud features an included marketplace for cloud apps and images. This is included by default in HyperCloud and doesn’t consume additional RAM and CPU.
Teams can build and deploy virtual machines and containers from:
- HyperCloud’s public marketplaces
- Docker Hub
- Linux Containers
- Owner-created and hosted marketplaces
- Templates and Instances imported from other Clouds
- Manually created templates and instances
You can keep it simple, or get as sophisticated as you like. Whether you’re an internal or external service provider, the suite of templates, services and apps you provide will enable your tenants to get rapid and full utilisation of your cloud.
The HyperCloud Marketplace includes a number of pre-made templates specially designed to be used inside a HyperCloud deployment, including Microsoft Windows, virtual network appliances, and more. You can even snapshot live virtual machines and add them as templates for other tenants to use.
The SoftIron team also maintains a GitHub repository of examples of ways in which you use and integrate with HyperCloud’s capabilities.
Advantage 6: Service provider readiness out of the box versus limited multi-tenancy options
VMware products do not deliver a simple multi-tenant process; you have to pay twice and build twice to manage one workload.
Two VMware management deployments are needed for every deployment. VMware requires an entirely separate installation for administration and management components due to the lack of true multi-tenancy. This leads to more challenges and additional configuration required to achieve resource isolation, security, compliance and management tasks (such as billing, provisioning and support).
VMware’s scalability challenges also come into play here, as multi-tenant environments can quickly become very large and complex. Without the ability to easily scale, strain on the underlying infrastructure increases.
Even if you choose to spend additional money to acquire a purpose-built multi-tenancy solution to use with VMware, this won’t address these issues of scale and performance.
HyperCloud is service-provider ready, which means it supports strict tenant separation and granular access controls and permissions.
Out of the box, owners can take advantage of:
User and Group ACLs: granular access control lists for users and groups for every resource available across virtualisation, containerisation, storage, virtual networking, and marketplaces.
An accounting toolset: consistent hypervisor reporting of CPU, memory, storage, and network bandwidth usage per user, which can be linked to cost and billing systems.
Showback: built-in showback systems that enable chargeback and billing for users, groups, and tenants.
Resource quotas: configurable quotas for all resource types, including rate limiting, to restrict user overconsumption of specific constrained cloud resources.
Host overcommitment: configure the compute layer to overcommit CPU and memory resources according to a users’ workload.
There is also the option to build underlying consumable storage and templates that can optionally be shared across tenants as operator-provided functionality. Templates enable the configuration of capacity, networking, persistent storage, and granular instance configuration (boot order, memory, ssh-keys), with full support for cloud-init.
Advantage 7: Security vulnerabilities versus secure provenance
With a proprietary tangle of 20+ year old code, VMware is subject to multiple CVEs (Common Vulnerabilities and Exposures) in 2023 alone.
VMware is a complex platform, so it can be difficult to configure and manage it securely. To date, VMware has had four CVEs rated 9.8/10 severity in 2023 (CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895 all affect vCenter and are rated 9.8./10) with a total of 48 CVE vulnerabilities identified overall. Notably, CVE-2023-20887 allows remote code execution and is actively being used to attack systems.
Security - Common Vulnerabilities & Exposures
| HyperCloud | VMware |
|---|---|
| Small attack surface, no known CVEs | 4x CVEs rated 9.8/10 severity discovered in just first 8 months of 20233 |
| KVM proven in Internet Public Cloud | Unauthenticated Remote Code Execution vulnerability actively being used4 |
| Built on Cloud OSS by experts | Proprietary tangle of 20+ year old code |
| Tighter code, many eyes on code | Larger codebase, fewer developers viewing the code |
VMware may face an uncertain future following Broadcom acquisition. Increasing numbers of VMware vulnerabilities speak to lowering software quality over time5.
VMware’s complexity can also lead to additional human error via misconfiguration, which can lead to unauthorised access, data breaches, and other problems. A lack of robust automated monitoring also makes it difficult to detect and respond to security incidents promptly.
Because of these challenges, multiple products exist to assist with the correct configuration and monitoring of VMware solutions - all of course adding additional costs to run, set up and licence.
HyperCloud offers unique secure provenance through its nature as a full stack solution, along with data immutability features and nodes that are stateless by default.
Apple brought the concept of true vertical integration to compute products. By designing their hardware in-house, Apple ensures that their hardware is a perfect fit for their software. I won’t say we can lay claim to the lofty heights that Apple has reached, but by designing and manufacturing a modern compute hardware platform in-house along with our own cloud software - SoftIron has been able to ensure exceptional security along with a streamlined user experience that makes installation and upgrades fast, simple, and much less prone to complexity-driven misconfiguration.
Pushing the analogy further, SoftIron uses a custom Linux OS, while Apple uses customised BSD Unix in their products - allowing a secure starting point instead of relying on obfuscation to provide security like proprietary Windows and vSphere solutions.
HyperCloud nodes are not directly accessible to VM consumers, which further limits security risks, along with the fact that virtual machine networking is conducted entirely apart from hypervisor communication traffic.
Since HyperCloud nodes are stateless by default, protecting against modification or attacks on the system is as easy as reverting clusters to a “known-good” state. Recovering compromised nodes is as simple as bouncing and rebooting them.
Furthermore, HyperCloud is certified for data immutability. An immutable backup means that your data is fixed and unchangeable for a specified period of time. If your backup is immutable, then it is impervious to new ransomware infections.
So, what are you trying to achieve? And are you using the right tool to achieve it?
If you’ve been struggling with the obstacles to running modern cloud infrastructure with VMware, we’ve been developing a tool for those looking to migrate their solution to HyperCloud. Watch this space - we’ll be posting a walkthrough of this tool in the weeks to come.
tested to 128 nodes, ephemeral stateless nodes effectively have no scaling limitation. ↩︎
tested 1PiB disk, effectively unlimited. ↩︎
CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895 all affect vCenter and are rated 9.8./10 ↩︎
CVE-2023-20887 allows remote code execution and is actively being used to attack systems. ↩︎
VMware has a total of 48 CVE vulnerabilities in 2023 with 11 CVEs rated threat 9.8/10 as of 1st August 2023 ↩︎
