VMware's Project Monterey expands its capabilities, use cases

With updates to Project Monterey, VMware customers can now use DPUs for networking, security and bare-metal deployments from the vSphere interface.

Project Monterey made a splash at VMworld 2020 as admins learned about the vendor's plans for a new vSphere architecture. One year in, the virtualization giant has made updates to the project and solidified use cases for organizations to implement data processing unit architecture for networking and storage.

In "10 Things You Need to Know About Project Monterey," Sudhanshu Jain, director of product management and Niels Hagoort, staff technical marketing architect at VMware showcased some of the latest developments of Project Monterey, and how admins can use it within vSphere.

The 'why' and 'what' of Project Monterey

Project Monterey is designed to meet certain operational trends and customer needs. Jain highlighted that the industry is seeing more heterogeneous infrastructure architectures, increased demand for infrastructure services and an expanding enterprise perimeter as organizations adopt multi-cloud and scale out their architecture.

This can lead to inconsistent operating models across clouds; more CPU capacity consumption from infrastructure services; and CPU-centric security models exposing single-points of failure for workloads.

Specifically, the project uses data processing units (DPUs) and a distributed architecture for processing hardware to streamline infrastructure and workload management; it also uses a zero-trust model to increase security and boost overall performance.

"We are going with a very open ecosystem approach. We are taking the best of DPU vendors ... and making sure as our customers buy their servers from their favorite vendors, it's fully integrated. You get the software from us and the hardware from your favorite server vendor," Jain said.

Typical Project Monterey use cases

DPUs are at the core of Project Monterey, but the idea of network chips and CPU offloading is something that the industry has done for a while.

Beyond the benefits and intended goal of the project, organizations may wonder where this technology can fit into its infrastructure and what specific areas can benefit from DPU hardware.

"It is early, and we believe it will take at least five to 10 years [for DPUs] to achieve mainstream enterprise adoption. Initial adoption will likely be for specific niche use cases initially, including high-performance storage, but it is high growth," said Andrew Lerner, research vice president at Gartner.

There are a few categories that admins can investigate, such as network performance and security, cloud-scale storage and bare metal and composability.

For network performance and security use cases, the use of DPUs can increase network bandwidth with no x86 CPU overhead; help implement distributed firewalls; and enhance visibility of network traffic and boost security encryption.

Cloud-scale storage use cases allows admins to offload most storage functions to the DPU, which means that admins can compress and encrypt storage at a faster rate than before or run DPU-as-HBA and diskless compute.

If an organization runs bare-metal VMs, Project Monterey can help with bare-metal as a service, NSX networking and vSAN storage virtualization and bare-metal workload provisioning.

"VMware can use the DPU to offload processing from the x86 host, to run things [such as] vSAN and NSX. Think of the DPU as a new hardware platform to host a lot of VMware's core technologies going forward, so the potential is huge. DPUs alone could start eating into a lot of existing network stuff like load-balancers, firewalls and even start to eat away the top of rack switch itself," Lerner said.

New advancements and capabilities

Over the past year, VMware has started to build out how admins can use Project Monterey technology across their virtualized infrastructure. Updated project components include:

Integration with vSphere Lifecycle Manager. VMware will continue to add integrations and updates to make Project Monterey easier to manage. One of these advancements is support from vSphere 7.0's Lifecycle Manager, which ensures a consistent deployment and all hosts within the same cluster are on the same version of Project Monterey.

Network offloads with NSX-T. A main use case of Project Monterey is improved network traffic. When paired with VMware's main software-defined network offering, admins can use SmartNICs and full datapath offload capabilities to increase performance but reduce latency. This reduces the number of necessary software layers to divert network traffic the CPU must process and moves it to the hardware instead.

"We now have this full datapath offload into the SmartNIC, so all the things we've done before we can do on the DPU -- or SmartNIC itself. It's basically taking away the entire CPU load from the x86 CPU into the DPU," Hagoort said.

Distributed security and observability. NSX provides segmentation, microsegmentation, visibility and policy formulation and threat detection and prevention. Admins can run these tasks on the SmartNIC with Project Monterey, which provides another level of isolation between the ESXi host and workloads.

Storage offloading with DPUs. This is something that VMware is looking into, but the goal is to use DPUs for storage offloading and disaggregation with NSX to enhance performance and security. Hagoort mentions there's plenty of use cases for storage security and performance when it comes to vSAN on remote hosts.

For those that are interested in the project, VMware has launched an Early Access Program for organizations to test out the technology.

Dig Deeper on VMware updates, certifications and training