Tuesday, March 10, 2020

What's New in vSphere 7.0 Overview

Not going in-depth of new features but some overview so that everyone gets a quick glimpse and here is the link to VMware Blogs.

Will update this article (if any) with links when it becomes available.

vSphere 7.0 Overview.

vCenter Server Simplified SSO Topology
  • vCenter Server upgrade for customers with external PSC will enjoy the consolidated topology through this upgrade.
  • embedded PSC will be the only topology moving forward.
  • External PSC topology will be deprecated.

vCenter Server Profiles (link)
  • Just like how Host Profiles works. You can now compare and export the settings in JSON format as a backup or apply them to a new vCenter via REST API

vCenter Multi-Homing (link)
  • up to 4 vNIC where vNIC 1 is reserved for vCHA
  • Maximum limit increased refer to configmax.vmware.com

Content Library
  • There is a new view which you can enable.
  • To help in managing templates, there is Check In/Out function to control versioning and revert to the previous version
  • Control replication on any template and selective objects to be replicated

vSphere Lifecycle Manager (vLCM) (link)
  • Cluster Image Management which includes firmware, driver, ESXi version.
  • Initial release with support for Dell OpenManage and HP OneView

vCenter Server Update Planner
  • Help to do discovering of current vSphere landscape
  • With information, this can help in planning, upgrading successfully.
  • Receive notification of upgrade available.
  • Able to show VMware Product interoperability if a "What-If" workflow to show what can change after an upgrade. This is the most wanted feature for many.
  • Perform a pre-upgrade check on selected vCenter Server.

Improved DRS (link)
  • It runs every 1 min instead of 5 mins
  • Uses VM DRS score
  • Workload centric instead of the cluster, placing workload priority first instead of the host utilization baseline.
  • Based on granted memory instead of cluster-wide standard deviation
  • Scaleable Shares which improve how Resource Pool allocate Share of resource better balanced. (link)

Assignable Hardware (Tech Preview) (link)
  • vSphere DRS initial placement and vSphere HA support which are equipped with PCIe passthrough and Nvidia GRID.
    • Finding a suitable host for a VM with certain hardware requirements such as vGPU and PCIe.
vMotion (link)
  • Improvement for monster VM by having a higher success rate.
  • Uses one vCPU for page tracer instead of all vCPU.
    • lower performance impact during vMotion
  • Reduce stun time to less than one second as only compacted memory bitmap is transferred instead of the full bitmap to destinate host.

Application Acceleration (Tech Preview)
  • from the acquisition of Bitfusion
  • optimize the use of GPU in a pool set up via network where partial vGPU can be utilized and shared by multiple VMs.
    • Use cases to apply for AI/ML applications.

Certificate Management
  • New wizard to do certificate importing.
  • Certificate API introduced to manage certificate programmatically

Identity Federation (link)
  • ADFS will be supported out of the box initially and later to support more IDP which utilizes OAUTH2 and OIDC.
    • ADFS will allow MFA which leverage on ADFS.

vSphere Trust Authority (vTA) (link)
Today
  • vCenter Server manages VM encryption and cannot encrypt itself.
  • Attestation in vSphere 6.7 is in view only done via vCenter Server, after check VM still run on the untrusted host.
  • The principle of Least Privilege is hard to implement.
New
  • vTA uses a separate ESXi host cluster to create hardware root of trust.
  • This cluster will be able to encrypt the compute cluster where vCenter Server sits on and all management VM.
  • Attestation can be ensured when encryption keys are required.
  • Principle of Least Privilege is not easily achievable.
  • Audit scope and risk is greatly reduced.

vSGX / Secures Enclaves (Intel) (link)

  • Intel Software Guard Extensions (SGX) allows an application to create a secure enclave to move sensitive logic and storage which cannot be view by guest OS or hypervisor.
  • Operations challenges exist where memory functions such as vMotion, Snapshots, Fault Tolerance to name a few cannot be leveraged.
  • Weight the cost vs the requirement

vSphere with Kubernetes (Project Pacific) (link)
vCenter Server provides update to each k8s cluster and any cluster old than n-2 will be auto-updated.
Harbor is integrated and can be enabled which will be created for each Namespace.


VMware Tools
Extending Guest Store to Guest OS such as updating VMware Tools in Guest OS.


VM Hardware v17
  • Virtual Watchdog Timer
    No physical hardware requirement and help to reset VM is the guest OS is no longer responding.
  • Precision Time Protocol (PTP) (link)
    For time-sensitive applications often found in financial institutes, this allows the use of PTP instead of NTP and assign it to the VM when enabled on ESXi host.

vSphere Client
  • Searches' history is saved.
  • Developer Center
    • API Explorer: Better visibility of the available APIs.
    • Code Capture with the language of choice: PowerCLI, Javascript, Python, Go


No comments:

New Certification: VMware Certified Technical Associate (VCTA)

 VMware just release a new start of certification targeted on operators, VMware Certified Techical Associate (VCTA). This is not a replacem...