No, vCloud Director is not dead.

While my title is a little facetious, I’ve been meaning to discuss VMware vCloud Director from the big picture and what it means for our Providers and cloud consumers.

To start out, this is my opinion only and not a reflection of my employer. I am also going to stipulate that I’m bringing a newer opinion to vCloud Director as I’ve only immersed myself into vCD for the past year or so.

During my tenure at VMware, it seems there’s a common thread or opinion where many people (internally and externally) believe vCloud Director is no longer a viable or supported product. After understanding some of the past decisions, I can understand some of this perception, but this is definitely not the case. In this post, I’d like to “clear the air” on a few items I hear quite often.

This is going to be boiled down to the following points:

  1. So, is vCloud Director dead?
  2. vCloud Director is hard to use.
  3. But what about vRealize Automation / VMware Cloud on AWS vs. vCD?
  4. vCD is not about IaaS anymore.

So, is vCloud Director dead?

It is not. Currently, vCloud Director for Service Providers (vCD) is only available for new providers inside of the VMware Cloud Provider Program. There are some exceptions (entities that owned vCD before there was a directional change) but this is the only way to procure vCD at this time.

Moreover, the development lifecycle has significantly increased in the time I’ve been here. When I joined VMware, we just released vCD 8.20. Since then, we’ve had version 9.0 and 9.1 come out with some significant additions – this presents a picture that one should expect vCloud Director additions every six months. Below is what we’ve delivered in the past few years –

While I won’t comment about futures of vCD, one can already see the direction VMware is going with vCloud Director – enabling ease of consumption in a multi-tenancy architecture.

vCloud Director is hard to use.

I’ll agree with this commentary – in the past. Starting with 8.20, VMware introduced the Advanced Networking HTML5 interface as the first foray into a newer, streamlined interface that’s not based on Flash.

Within version 9.0, the first phase of the HTML5 Tenant UI was rolled out. 9.1 added additional content along with the first (albeit limited) release of the Provider UI. 9.1 added the HTML5 web console, HTML5 OVA import, and integration with the VM Remote Console – mitigates most of the complaints I hear from end-user experience.

The overall goal of the interface is to provide a streamlined user experience. Currently, there are advisory boards going on reviewing what’s needed from the provider and tenant UI experience. I can tell you this is top of mind for everyone in the team.

Here are some of the tenant experiences from the 9.x interface –

We can see the multi-site view from here – 

While 9.1 now has the Provider UI. Again, the first iteration but gives you a feel for what’s available today –

As you can see above, I’m highlighting the new integration of vRealize Orchestrator (vRO) inside of vCloud Director. This allows us to provide XaaS which many of you are well aware of its comprehensive capability inside of vRA and other automation solutions.

But what about vRealize Automation / VMware Cloud on AWS versus vCloud Director?

Let’s nip this in the bud – it should NOT be about competing solutions when we discuss use cases. Today, many of our Providers run BOTH vCD and vRA in their environment serving different use cases! Both have great use cases and are based on what the design requirements dictate. I can think of one provider I collaborate with that utilizes vRA for dedicated private cloud environments while allowing their tenants to carve out VM’s when required in their vCD environment.

With the newest release of the VMware Cloud on AWS Managed Service Provider (MSP) platform, this will also be another function for Providers.  It should not be about either-or, but more of how does it solve X…

Ultimately, this comes down to two things:

  1. Use Cases
  2. Customer Experience and Expectations

First, let’s cover vRA –

Today, vRealize Automation and vCloud Director can integrate with one another. vRA can call vCD as an endpoint and automate vApp/VM creation. Moreover, they serve two different landscapes from a provider experience. I wouldn’t disagree that vRA has refined services platform capability but today it cannot provide provider-level multi-tenancy. Let me make this clear – vRealize Automation and vCloud Director are great products. It just boils down to what you’re trying to achieve.

Below is a comparison sheet I’ve used in the past when talking to Providers about the differences between vCD and vRA – some of the points can be argued either way but gives a high-level idea of the capabilities between the two solutions. Advanced Services Designer (XaaS) has a half check mark for vCD since it’s not as comprehensive as vRA.

Let’s briefly talk about VMware on AWS. This is an amazing way of providing an entire Software-Defined Data Center (SDDC) stack inside of a hyperscale environment in a matter of a few hours – from start to finish. This also fills a need for Virtualization teams that want a vCenter-like user experience in a cloud environment.

However, in the context of vCloud Director, couldn’t this just be another Provider VDC we could call on to gain additional resources? Please do not take this as a directional statement as it’s not (and not supported today) – but the point I’m making here is vCD with VMware Cloud brings quite a bit of possibility.

The point is vCloud Director can add value to any type of elastic model. Who knows what the future can bring?

vCD is not about IaaS anymore.

Sure, vCloud Director got its start around Infrastructure as a Service. I think we can all agree that the technology field as changed quite a bit when the first iteration of vCD was released.

I see vCloud Director evolving into this Services Platform that is much more than just IaaS. I believe this is a fair term, especially on what was released with the most recent versions. Let’s go into some of the details on why I believe that.

vRealize Orchestrator Integration – XaaS anything

This is a big one. We can now provide native integration to any type of vRO workflow – think of the possibilities:

  1. Ticketing System
  2. Backup Request
  3. Provision a Service

All done through the native vCD HTML5 UI. 

I know our team is working on bringing additional examples to market, so stay tuned for those.

Container Service Extension / Python CLI and vCD CLI

To cover the Container Service Extension (CSE), vCD 9.1 introduced the ability to support lifecycle management of K8s clusters through this extension. Cluster nodes are treated the same as VM’s while adding provider and tenant authorization, authentication, and metering per tenant.

Moreover, this is another net new line of capability inside of vCloud Director that Providers can harness.

The Python SDK and vCD-CLI were revived with 9.1 and updated on the GitHub locations (Python SDK here and vCD-CLI here). This allows admins and tenants to perform operations from the command line while getting full support for these operations.

The intent was to open-source this to get community feedback. If there’s something you’d like to see, please tell us!

UI Extensibility

This will evolve as this will be a play for our ecosystem partners. As I understand it, this is an Angular framework that can allow integration for pretty much anything inside of vCloud Director. Below is an example of a Ticketing system integrated into vCloud Director.

This will continue to evolve, but a Provider can use this framework and integrate pretty much anything inside of vCloud Director to provide a seamless experience.


So for those of you that tl;dr’d this blog post, let me sum it up – #longlivevCD 🙂

In all honesty, I’m very excited to see what the VMware Cloud Provider team brings next to vCloud Director because it continues to get better and better. This isn’t just me saying it too – talk to your network of Cloud Providers.

Cheers, and long live vCD!


vCloud Director – Key Differences in Edge Gateway Services (1 of 2)

Two-part vCD series since it was longer than I expected!

I had a question come in from a Cloud Provider on what are the actual key differences between a standard Edge Gateway Service and an Advanced Edge inside of the vCloud Director (vCD) User Interface (UI). While I could explain a few things on my own, I decided to do a little bit of legwork to confirm my suspicions. While some of you may already know the following, I thought this was an interesting exercise and wanted to share my results.

Before I get to that, I’m sure everyone is aware vCloud Director started off with vCloud Network and Security (VCNS) and this was the network backing before NSX. With recent versions of vCloud Director, everything is backed by NSX.

With that said, the Advanced Gateway experience is what VMware will eventually migrate to. Therefore, get used to the nice HTML5 intuitive and speedy UI! 🙂


In my vCD 9.x instance, I have two edges deployed:

  1. SiteB-T1-ESG is my advanced edge. I can verify this by right-clicking on the edge and seeing that I do not have an option to Convert to Advanced Gateway 
  2. Moreover, you can see I am running version 9.x of vCD – I can convert it to a Distributed Logical Router! 
  3. However, with my SiteB-T1-ESG-2, I can see it’s not an Advanced Gateway as I’m able to convert it 

Let’s get to the comparisons now. Again, this is going to be in the context of the UI – not going to talk about the API right now. Going to state the advantage based on service in the title.

Firewall Services – Advantage: Advanced Gateway

Advanced Gateway

  1. I can create granular firewall rules using grouping objects associated with the HTML5 interface.
  2. This provides a very similar experience to NSX within vCenter. To be honest, anyone that has used NSX should be able to figure this out very quickly.

Standard Gateway

  1. From the standard interface, I can only create rules from a IP/CIDR and key words such as “any, internal, external.”
  2. Pretty limited to say the least.

DHCP Services – Advantage: Advanced Gateway

Advanced Gateway

  1. From the DHCP subtab, I am able to establish pools, bindings, and relay configurations. Moreover, configuring IP Sets and DHCP Relay Agents.

Standard Gateway

  1. We have the ability to add a DHCP pool that’s applied on an internal network that’s connected to this ESG. Pretty basic capabilities, but works.

NAT Services – Advantage: Tie

Advanced Gateway

  1. Ability to establish Destination or Source NAT’s. I see the same options between both Advanced and the Standard gateway, so it’s hard to call an advantage either way.

Standard Gateway

  1. As stated with the Advanced Gateway, I have the ability to establish a DNAT or SNAT. Seems like the same options to me.

Routing Services – Advantage: Advanced Gateway

Advanced Gateway

  1. This seems like a night and day difference in routing options. I’m able to get an NSX-like experience from an HTML5 interface (that’s been around for over 1 year or so!)
  2. Ability to set ECMP, Routing ID’s, utilize OSPF, BGP, and Route Redistribution with prefixes to boot.
  3. If you’re used to NSX and applying routing configurations to an Edge, this is a very similar experience.

Standard Gateway

  1. Yeah, how do static routes sound to you? That’s all I can apply here from the UI.

Load Balancer – Slight Advantage: Advanced Gateway

Advanced Gateway

  1. The Advanced Gateway is very similar to what we see in NSX – just in an HTML5 format.
  2. We get to see our Global Configuration, Application Profiles, Monitoring, Rules, Pools and Virtual Servers.
  3. I also see we have additional algorithms available from an LB perspective. I wouldn’t say it’s a stark difference between Advanced and Standard, but more comprehensive than the Standard Gateway.

Standard Gateway

  1. Standard Gateway has very similar options as the Advanced UI, just in a different UI format.
  2. As stated above, we don’t have UDP available as a type and fewer algos for the Pool configuration. With that said, it’s very comparable, but giving a slight advantage to Advanced for some of the other options available.

More to come on Part 2 here.

VMware vCloud Director 9.1 is out!

So the VMware Cloud Provider BU has dropped the next release of VMware vCloud Director – version 9.1.

Release notes are posted here, but I’d like to summarize some of the great additions to vCD. I’ll probably miss a few things, but the below is what’s very interesting and shows the power of vCloud Director as we expand the platform.

vCloud Director 9.1 Release Notes

vCloud Director 9.1 Download

New Features

  1. Continued HTML5 transition – while this is a multi-phased approach, the following have been accomplished in this release. Quite a bit has been accomplished on the tenant side. Next release will focus on finishing the Provider side of the vCD management.
    1. Client Integration Plugin (CIP) for upload management – yay!!! Ability to upload OVF/OVA. 
    2. Multi-Site Navigation Portal – check it out. Very clean looking. I can also provide the organization association through the portal. 
    3. Create VM or vApp – nice simple workflows 
  2. Standalone VMRC Availability – great addition rather than the previous console access, which was always a pain. 9.0 released the HTML5 VM Console and now we have the standalone VM Remote Console support in 9.1. Again, no need for the vSphere CIP anymore with the HTML5 portal. 
  3. vRealize Orchestrator Integration – in my opinion, great addition to the vCD platform. Now we can provide direct vRO integration to vCD to kick off workflows. This is all done through the Content/Service Library.
  4. Python SDK and vCD-CLI – embracing the automation community. The SDK supports automation with Python, and the CLI enables Providers and tenant operations to integrate services within vCD. All open-sourced. Check it out here:
  5. Container Service Extension – vCD will now support lifecycle management of K8s clusters through the Container Service Extension (CSE). K8s cluster nodes will be treated the same way as VM’s. One platform for both VMs and containers. Will be documented on the GitHub page also: 
  6. Support for SR-IOV / NFV Requests – this is a big item for our NFV friends, especially to guarantee network resources for low-latency demanding workloads. To add to this, we also added support for Large Page VM’s, guaranteed VM latency sensitivity for specific VMs.
  7. FIPS Mode for NSX – FIPS was introduced in NSX 6.3.0, but now we have the ability to toggle this within the vCD UI on per edge gateway. Obviously, you must be running NSX 6.3x or later for this to work.

Topics of Interest

  1. Moving to Cassandra 3.x for metric data – any legacy upgrade using KairosDB has Cassandra 2.2.6 support. Be aware of this for new installations.
  2. End of Support for Oracle Database – 9.1 will be the last release to support Oracle databases. I don’t see Oracle that often, but be aware of this for future releases!
    1. I would also advise all of my providers to get used to Postgres as the database option. We are trying to simplify vCD further….hint here.
  3. End of Support for vCloud API 1.5 and 5.1 – if you are using the 1.5 or 5.1 API for any API calls, it will not work in 9.1. Ensure you are changing any code before upgrading to vCD 9.1. Moreover, any API versions earlier than 20.0 will be not supported in future releases, so plan accordingly.
  4. Note that the SP Admin HTML5 UI is still underway. You will still continue to use the Flex UI for everything except the vRO registration and content library creation.
  5. There will be a patch release for Usage Meter and vCloud Director Extender shortly to support this release. Please be aware of this before any upgrades.

Another solid release from our team. I look forward to seeing this in production at our Cloud Providers!


vCloud Availability for vCloud Director – Tenant Walkthrough Video

I recently created a vCloud Availability demonstration video and wanted to share this out with others.

vCloud Availability (vCAv) for vCloud Director is a very powerful solution that provides Disaster Recovery as a Service (DRaaS) that’s built on top of vCloud Director. What’s great about vCAv is the ability to protect, migrate, and failover workloads from a tenant environment just from vCenter.

vCAv utilizes vSphere Replication as its replication engine while our Cloud Provider Business Unit built the architecture around vCD to provide scalable multi-tenancy. Granular selection of VM’s is possible that correlate to a DR-enabled VDC.

For VMware Cloud Providers that are interested in further details, here are some good links to start on vCAv:

Well, here’s the video. Enjoy!