Background Image
Blog

Is it possible to replace VMware? There might be...

VMware is designed for hosting and managing in-house IT systems, whereas Safespring provides services for running applications and systems in the cloud. Each has distinct strengths and weaknesses.

Gabriel Paues

Gabriel Paues

Cloud Architect

With Broadcom's acquisition of VMware, many companies and organizations that have built their infrastructure on VMware have faced an unpleasant surprise: a new subscription-based model and overall higher prices.

TL;DR

  1. Broadcom’s acquisition of VMware has sparked concerns over subscription-based pricing and higher costs.
  2. While VMware excels at on-premises virtualization, Safespring offers a cloud-native alternative based on OpenStack (virtualization), Ceph (storage), and containers.
  3. It’s not a direct drop-in replacement; instead, Safespring enables modernization of IT infrastructure with tools for network security, resilient services (via Elastic IPs and Server Groups), and flexible VPN options like WireGuard.
  4. Built on open-source technologies, Safespring’s solutions avoid lock-in, empower administrators with hands-on control, and ensure predictable, transparent pricing over time.

Let's talk

The VMware Offering

For more than 20 years, VMware has been the most successful player in the market for virtualization solutions. VMware has offered flexibility (through virtualization) and other features and products to ease the workload of system administrators. Through good design choices, many customers have been able to migrate old physical systems directly into VMware. With robust monitoring, backend storage, and software-defined networking (SDN) solutions, VMware has enabled systems to be set up in a resilient and redundant way, requiring minimal changes to the actual software configuration of the systems. Additionally, VMware includes built-in network security features.

This functionality has allowed system administrators to manage complex IT environments with minimal overhead. IT administrators have also been relieved from having to address the intricate details of building robustness and redundancy, as the platform takes care of these tasks.

The Safespring Offering

Safespring offers a cloud-based virtualization and storage solution built on OpenStack and Ceph. Additionally, Safespring provides a container platform based on OKD and an S3-compatible object storage solution.

It’s important to note that Safespring’s offering is not a drop-in replacement for VMware. VMware is designed for hosting and managing in-house IT systems, whereas Safespring provides services for running applications and systems in the cloud.

Gabriel Paues (Cloud Architect)

Each has distinct strengths and weaknesses.

That said, there are several ways customers can modernize their application deployment to fit into a cloud environment, thereby eliminating dependencies on the underlying virtualization platform.

Network Security

Systems running on a VMware platform are often organized into internal and external network zones. External services are placed in an external network zone with stricter security constraints, while internal services operate in an internal network zone with more lenient policies. In this setup, many system administrators rely on the platform for network security instead of implementing it directly on each system.

Security update policies are often stricter for the external zone than for the internal zone. For example, systems in the internal zone might not be required to use encryption, whereas those in the external zone are.

More flexible than VPN Tunnels

Many system integrators use VPN tunnels to connect remotely to systems hosted elsewhere. The most common solution is IPSec, which is secure but has setup challenges and interoperability issues. IPSec is primarily designed for site-to-site or client-to-site connections and can be cumbersome to configure for system-to-system communication.

IPSec uses one channel for encryption and another for transmitting encrypted data, making it challenging to traverse firewalls. As a result, IPSec tunnels are often terminated directly at the firewall.

When securely connecting resources in a traditional hosting provider, the approach is to set up an IPSec tunnel between the customer’s internal environment and the hosting provider, aggregating all traffic through these two locations.

However, modern VPN solutions like WireGuard offer a more flexible approach. WireGuard is stateless, encrypting each packet separately, which simplifies traversal through diverse IT environments. Built on UDP for speed, it allows encapsulated TCP sessions to handle retransmissions and packet integrity.

Since Safespring’s network stack relies on IP-to-IP connectivity, the traditional site-to-site method is suboptimal. Instead, customers are encouraged to build an overlay network that spans both the internal and cloud environments. WireGuard’s stateless nature makes it ideal for such setups. Instead of connecting all systems through a single central IPSec tunnel, customers can establish a mesh network where each system directly connects to others as needed. Open-source projects like Netbird can simplify the configuration of such solutions.

Resiliency

Resiliency can be achieved in various ways. Organizations familiar with VMware likely rely on tools like load-based automatic live migration (DRS) and integrated software-defined networking (SDN) to ensure services remain accessible. In such cases, the virtualization platform handles resiliency, requiring minimal customization of the applications themselves.

Safespring’s OpenStack solution offers tools to achieve similar resiliency:

Elastic IP
These can be used with products like HAProxy and Traefik for load balancing and network resiliency.

Server Groups
These ensure that cluster members of a service run on different hardware nodes within the platform.

Using these tools, services can be configured for redundancy and resiliency. For instance, a service can run across multiple cluster members distributed across different hardware nodes using Server Groups. Elastic IPs can distribute traffic among the cluster members while maintaining a common IP address.

While this approach requires manual setup, it provides administrators with a better understanding of the solution, fostering confidence and peace of mind.

Conclusion

Safespring’s services empower organizations to transform their internal IT into modern cloud-based solutions while maintaining security, accessibility, and resiliency. Rather than relying on a platform to handle these tasks automatically, administrators gain the knowledge and tools to address potential issues.

Safespring’s solutions are built on open standards, and the principles used are transferable to other services. Furthermore, being based on open-source products ensures there are no unexpected billing changes due to revised licensing models.

Do you want to migrate your VMware workloads to Safespring?

Safespring offers a free assessment service to help you migrate workloads from VMware to our platform, tailored to your needs.


Start the assessment

In this post

In this post

Safespring offers flexible and high-performance cloud infrastructure services.

Our Nordic solution provides you with the confidence that you can meet legal and regulatory requirements, such as GDPR, with ease.

Optimize your service with:

Schedule demo

Let one of our Cloud Architects show you our platform.

Watch demo
×
Safespring Linkedin Safespring Twitter Safespring GitHub Safespring YouTube Safespring Facebook

Choose language

Safespring Sweden Safespring Norway Safespring English

© Safespring AB (559075-0245) 2017-2025