What’s New in vSAN 7.0 U1?

Earlier this year, VMware brought a dramatic chance to their virtualization platform with vSphere 7.  Now its time to bring in bug fixes as well as usher in new features with the U1 update.  This post will focus on changes coming to the vSAN software.  This software was designed with enhancements in 4 key areas:

  • Deliver a developer ready architecture
  • Increased scalability
  • Simplify day to day operations
  • Extend File Services

Developer Ready Architecture

Building on an already powerful Kubernetes offering with Tanzu, VMware has enhanced VSANs ability to work with containers and stateful cloud native applications thought the use of a Data Persistence platform (DPp).  This service provides the proper framework required for integrating stateful apps into vSAN.  By utilizing this framework, applications can assume the resilience responsibilities, cutting down on the overhead required by VSAN and allowing the applications to consume storage that would be equal to VMFS & RDMS.

Increased scalability

One of the biggest issues I’ve had with vSAN storage was that it was only dedicated to the same compute cluster.  This meant that things had to be incredibly right sized.  Otherwise, you had a lot of wasted space or had to add extra compute just to add storage.  This is where HCI Mesh comes into play.  Now you can share empty storage from one vSAN cluster with another cluster and make efficient use of the space.  Other enhancements have come in the form of customization settings for DD&C.  Now you can turn of the deduplication service in clusters that run workloads that wouldn’t benefit from it.  This frees up compute cycles that would otherwise just be wasted.  This setting also has the benefit of not taking out the entire disk group if a single disk fails.

Capacity management has also improved with more details being displayed about the cluster consumption.  Now users can get a more accurate depiction of just what is using up the space and can plan accordingly.  Increased efficiency also came to large clusters where the amount of reserved overhead space actually reduces as more nodes are added.  On the flip side, for smaller 2 node clusters, a single vSAN Witness can handle up to 64 2-node clusters (instead of requiring one per cluster).  This is great news for companies adopting vSAN for both their core datacenters as well as smaller remote sites.  And finally, VMware brings an overall performance increase to vSAN services, especially those utilizing erasure coding for increased capacity efficacy over a mirrored storage policy.

Simplify Day to Day Operations

One of the other big issues with vSAN has been maintenance.  Effectively faulting the system if you want to put a host into maintenance mode right away (or wait a while for data to be evacuated).  Now enhancements have been put in place to help get the last writes done quicker and the hosts in and out of maintenance mode even faster. The in-memory metadata tables are now being written down to cache in a “Save and Restore” method to allow hosts to reboot and come back into service faster, which allows for a quicker rolling reboot upgrade scenario.

Extend File Services

The biggest, and probably best, enhancement that comes to file services is the support of SMB.  Especially in smaller sites that need file services, a single VSAN cluster can now replace all the specialized storage services that normally needed a stand-alone array.  With support for both NFS and SMB, multiprotocol is now being offered and these can be shared back into applications.

Final Thoughts

These are all welcome changes and enhancements to VSAN and address a lot of things users have been bringing up for a while now.  Hopefully with the release of U1, users will now start upgrading from 6.7 sooner rather than later.

What you need to know about vSAN 7.0

As with my previous post, I wanted to take a moment to focus on some coming changes to vSAN 7 (something I work with on an almost daily basis).  Now, most of you are probably aware of vSAN and hopefully a good amount of you are using it for some of your workloads.  VMware has announced today it plans to bring some enhancements to bolster the offering and cement this as a product to handle the workloads of the future.

Integrated File Services

One of the early features of vSAN was to support an iSCSI connection to VMs or non-ESXi hosts, most of this being used for workloads that still needed a block based storage device.  Well now, VMware is implementing File Services into the mix.  Now, before you throw away your NAS device, this is just NFS support (Sorry CIFS users, you’ll have to wait until next time).  This support allows vSAN to be better suited for cloud native workloads and those that need a file based persistent volume to be shared with VMs.

2-node and stretched clusters

Stretched clusters are gaining popularity as an alternative way to do active-active sites and disaster recovery with a low RTO.  A couple of key enhancements are coming that will definitely help.  First, there is going to be some enhancements with DRS in the event of a failover and recovery.  If the primary site comes back online, DRS won’t move the VM back until the resync is done, thus keeping the strain down on the ISL line having to try and pull data from the other side. Second, the “replace witness” command will start immediately repairing things.  Third, and probably the most interesting feature.  In the event that you run out of space in the secondary site, the system will allow the VM to keep running on the primary (with an alert) and will resync once space is added.

Management

VMware has also gone ahead and improved the reporting and management features of vSAN.  VM capacity reporting is now consistent across both the UI as well as APIs.  This will also take into account things like thin provisioning, swap and namespace objects as well.  You can also easily view how much memory consumption is being taken by VSAN (especially important for those of you with low memory hosts).  It is also easy to see objects created by vSphere Replication.

Hardware and Usage Enhancements

Lastly, let’s take a moment here to talk about some speeds/feeds related enhancements.  vSAN now supports 32TB drives (if ever one would exist in a cost effective version), but this also increases the max storage to 1PB in logical capacity.  One of the biggest new enhancements that is coming with vSAN 7 and vSphere 7 is that NVMe gains hot plug support.  What this means is it’s no longer a requirement to shut down the host to replace an NVMe drive (something I’ve been waiting over a year for since we starting going mainstream with NVMe drives in VxRail).

The last big change is actually for a very specific workload.  Those that are sharing a disk between VMs (Oracle RAC) no longer have to have that disk thick provisioned.  One thing that wasn’t shared with me, but may come up later is about the cache size.  In vSAN 6, the cache size is limited to 600GB (even if the disk is larger).  I’ve heard nothing on if this changes, but will update this post if it does at launch.

vSphere 7.0 is coming, are you ready?

It seems like just yesterday vSphere 6.7 was dropping (the 3rd installment in the vSphere 6 series).  Like a good book turned into a movie, it seems like even the final release was split into multiple parts.  Today starts a new adventure, and with that a major change to the to vCenter and ESXi.  Today I’m going to highlight just a few of the big changes coming.

vCenter Server Profiles

I know what you’re thinking … “OMG, Host profiles is coming to vCenter, why would I want this nightmare?”  I assure you, its not like that.  The idea behind this is for those of you who have multiple environments and require multiple vCenters.  We’ve all been there in just how complicated it can be to fine tune all the settings to meet security and integration needs.  Now you can do all that busy work on your first server, and just export that configuration to other vCenters, standardizing your implementation across the board.  There is even version control, so you can revert back to a previous known good if you mess something up (but of course you wouldn’t do that because you’re an expert!).  For those using automation platforms (puppet, chef, ansible, etc…) there is a wide range of APIs (4, just 4) that allow you to control this functionality as well as an exportable JSON configuration.  This API even has the built in ability to check if your changes are valid and will let you know which settings won’t work before you deploy.  While those in the SMB market may not need to use this functionality, those in the enterprise space will welcome it I’m sure.

vCenter Server Scalability

There have been a few improvements to vCenter server around it’s ability to scale up and out.  First and foremost, as expected with every major release, the number of hosts and VMs increase to 2500 and 30,000 respectively.  While were still limited to 15 vCenters in linked mode, the number of hosts that can be managed in that topology increased dramatically.  These will make great VCP test questions (They still ask for maximums on the exam, right?).  

Speaking of SSO, the CLI tools (cmsso-util) has been included for all your easy domain repointing and unregistering needs.

Content libraries are being improved and these are now considered the go to for template deployments.  One of the new features being included is a new version control system for templates, so you can roll back and deploy an early version if you need to.  It’s a simple check out / check in system to handle this.

Improved Performance

Several enhancements were made to the performance systems in a cluster.  First, DRS runs every 1 minute instead of every 5 to get better understanding of the workloads in an environment.  Also gone is the bubble level and instead a percentage score to show how optimized you are.  A lower score doesn’t necessarily mean a VM isn’t running properly, just that there are improvements to be gained. The other enhancement is around the concept of saleable shares.  This better aligns the amount of resource entitlements a VMs can get as determined by the resource pool they are in.  Now things dynamically adjust based on the number of VMs instead of a fixed share amount being granted.  No longer could a VM marked as normal be granted more shares than a Higher level VM.

Even vMotion is getting an enhancement.  By claiming a single vCpu during the vMotion process, great efficiencies can be had in the memory page tracing process, allowing for a decrease in the stun time.  While you may not notice this with a small VM, large workloads (such as SAP or Oracle) will greatly benefit from this and allow you to vMotion them without a huge impact.

Upgrades

Finally, probably one of the best announcements, the external platform controller is dead (and there was much rejoicing).  Any upgrades done with an external platform controller will be converged into an integrated, and its done as part of the upgrade so there is no longer a need to run the separate converged tool.  Even the upgrade planner gets some enhancements where it now gets notifications of the latest versions of vCenter server and has a what-if capability to validate as much as it can before an upgrade happens as well as checking interoperability between multiple VMware products.  To be honest, this is the simplest solution for everyone and I’m glad this is being built in to the installer and not just a KB article that has to be referenced.

The final piece of the upgrade enhancements revolves around the vSphere lifecycle manager.  Previously, upgrades were limited to the ESXi image (and any drivers that may be baked into an OEM image).  Now we can combine ESXi, Drivers, and even hardware firmware as part of the upgrade lifecycle (where have I seen this before … *cough* VRail *cough*).  Users will now be able to combine a base image, vendor add ons, firmware updates, and any additional components they deem necessary for the upgrade cycle.

So what do you think? Is this enough to take the plunge and upgrade right away?

VMworld 2019 Day 2 Keynote: Demo Extravaganza

Yesterday, Pat came out and did a great 1 hour set talking about the future of VMware and how the recent acquisitions fit into that picture.  Today, Ray O’Farrell is going to show us how that works.  As per the usual, Ray has come up with another great business to showcase the emerging technology.  In this case, Tanzu Tees.  Ray says there are 4 key things to guide an app: Build & Run, Connect & Protect, Manage, and Experience.

First up was June Yang, showing of a demo of VMware Cloud on DellEMC.  This managed services offering gives customers a fully managed infrastructure from the hardware all the way up through the software.  Embedded within this demo was also Project Pacific, showing off containers running side by side with VMs.  This is the future of vSphere and I can’t wait for this to go GA.  Expanding this with Tanzu Mission Control, you can manage multiple clusters across multiple clouds (both public and private), giving you full oversite over your environment.

Next up was Marcos Hernandez, CTO of network and security.  The first demo was to showcase the new NSX Service Mesh.  This technology allows administrators to set policies that will dynamically load balance and reroute traffic based on failures and slowdowns to ensure SLAs are met.  Next he showed off NSX Intelligence, which used machine learning to ingest telemetry data from multiple sources, make recommendations, and even let you preview the effects before pushing them into production.  He went on to showcase what is going to be coming from Carbon Black and leveraging it into App Defence.  It can go so far as to take warnings of high CPU and investigate deep into a virtual machine to find the cause of the issue and potential suspicious behavior (in this case a rouge Tomcat instance that shouldn’t have been there).

Purnima Padmanabhan is up next talking about WaveFront.  One of the interesting things here was that some of the new ways they can cut through all the noise of various telemetry sources to get at the root of the problem.  With Project Magna, they will leverage AI to automate a reaction and dynamically adjust settings for this.  CloudHealth was also featured with an interesting metric: Budget.  They showed off a demo where you can set alarms and early warnings when you are going to go over your cloud budget for the month and even make recommendations on resources that can be reclaimed to pull back on the costs.

VMware Horizon was next on the docket, and to showcase the latest innovations was Shikha Mittal.  VMware Horizon is expanding into the cloud.  Now you can spin up VDI instances quickly and easily in AWS.  Leveraging the image manager, you can have a consistent end user experience weather the desktop resides on prem or in the cloud.  WorkspaceOne has a new intelligence layer that is leveraging carbon black for VDI inspection.  You can monitor network traffic and suspicious process and automate locking down a system and alert operations.

Finally, Greg Lavender joined Ray on stage.  Greg has been working on the emerging technologies front.  One thing in particular he showcased was a new edge computing offering from DellEMC that included the use of “Smart NICs”.  These NICs were running a virtual machine that showed up in ESXi and could be managed directly (no nesting required).  This allows things like HA for an SD-WAN device.  They also showed off the power of HCX as they took two VMs (one running in AWS and the other running in Azure) and vMotioned them between the two cloud providers.

Finally Pat (wearing his Tanzu Tee) made a bombshell of an announcement, Greg is going to be the new CTO of VMware!

VMworld 2019: Day 1 Keynote

Pat’s theme this year to open the VMworld 2019 main keynote was “Tech in any age”.  He talked a lot about the good that technology has done for the world.  Things like the Mercy Hospital ship and Angel Medical Flights use technology to bring help to people in need.  He also talked about the unintended consequences of technology.  He mentioned BitCoin in particular being used for nefarious purposes and I think he may have hit a nerve with a few members in the audience, but he has a point.  Blockchain as a technology is a great way to keep a chain of evidence/integrity end to end, but it’s when people use it for bad things does it spoil the concept for everyone.

Pat then went on to start to lay out the vision behind some of this year’s acquisitions and where they fit in the portfolio.  Starting off with the announcements behind containers, Pat introduced Joe Beda who let everyone about Tanzu, VMware’s answer to containers leveraging IP from Heptio and Pivotal.  One of the offshoots of this was Project Pacific, which is a way in which they are embedding Kubernetes and containers directly into vSphere.  They claimed there is an 8% performance increase over running on bare metal and 30% faster than running inside linux VMs.

Next Pat went on to talk about the multi cloud world we live in.  He showed off some very impressive stats highlighting VMware Cloud Foundation being the #1 software to build out a hybrid cloud platform.  VMware’s cloud health is now managing over 7000 customers and helping drive down costs.  Pat then attempted to do the impossible, unite Star Trek and Star Wars fans.  Unfortunately, that’s like mixing water and oil, it just wont happen.

Speaking of hybrid cloud, Project Dimension is a GO!  This is a managed services offering for those that want to have a public cloud like operating model, but not have it running out in the public cloud.  A fully managed environment leveraging VCF on top of DellEMC VxRail with a monthly metered billing is going to be available and is already being leveraged by a few customers in the pilot program.  Interested as well is that VMware is going to be offering DRaaS, leveraging DellEMC Power Protect.  I’m sure we’ll be hearing more about this later.

Finally, Pat talked about some recent acquisitions that are being folded into the NSX platform.  AVI networks is going to be adding Application Intelligence to the mix.  Rounding out the robust security platform that NSX is becoming was the Acquisition of Carbon Black (announced just the week before).  To help with that message, Sanjay Poonen came up and explained the 5 points of intrinsic security: Network, Endpoint, Cloud, Identity, and Analytics.  Carbon Black as part of VMware and the security ecosystem (Think Dell SecureWorks) is going to make a strong platform for full stack security in the hybrid cloud era.

You can catch the full replay of the Day 1 Keynote here

Thoughts on the VMworld 2018 Day 1 Keynote

Today, with some assistance from the VMware Blogger program, I was able to get front and center for the VMworld 2018 keynote.  They shared some interesting updates with us.  First and foremost, Pat has a new tattoo

But seriously, VMware has seen their transition over the years in 5 acts.  First, it was all about ESXi.  Then came the ByoD (Bring your own Device revolution.  Followed closely by SDN (Software Defined Networking).  Then the entrance into public/hybrid clouds.  Most recently, they are getting into the Artificial Intelligence / Machine Learning space.

As Pat put it, cloud is all about consistent infrastructure and consistent operations.  And the best way to do that on prem is with Cloud Foundation

When it comes to Public Cloud, there were some new announcements around integration with AWS.  Andy Jassy from Amazon came up on stage and talked a bit about road maps.  They’ve been getting high demand for their new fed cloud and will be opening and eastern US location soon.  However, the biggest announcement was around support for RDS (Relational Database Service) on VMware.  This is really going hard after the database market and is a great way to make a splash.

Next up was Project Dimension.  This is like a reverse hybrid cloud option.  The idea is going with a cloud first initiative that then stretches into on prem.  So what you can do now, leveraging VMware on AWS, is give your developers and AWS availability zone that is running on your own local hardware.

One of the cooler demos i saw was around “Cloud Motion”.  The idea of being able to bulk move VMs right into the could.  It starts by using vSphere Replication, and then when that’s done it does a vMotion right up into the cloud.  This makes it real easy to fling workloads into the cloud when the time is right.

There were also some great announcements around integration with Dell.  All new business laptops will ship ready to work with VMware workspace one.

We also got to see some cool new tech.  Coming soon you will see a version of ESXi that runs on ARM64 chips.  We are finding these embedded in more and more IoT devices, and this is a great way to do development and high availability.

And finally something new called vSphere Pro, which is a version of vSphere that has AppDefense built right in.  Now you can start building your firewall rules, segregation, and app security right in vSphere and be protected much more easily.

All in all, i think this is a strong showing from VMware that is in an area of growth.  I’m looking forward to the rest of the conference.

Come visit me at the Philadelphia VMUG Usercon

philly_VMUGI wanted to give a quick shoutout to the Philadelphia VMUG Usercon coming up on Thursday, June 21st.  At 10:30 AM I’ll be presenting “If VSAN powered the Matrix”.  This presentation was originally created by Nick Korte but I plan to my spin on it.  I hope many of you can make it.  For more information about the usercon (or to register to attend), check out the site here: https://www.vmug.com/Attend/VMUG-UserCon/2018/Philadelphia-VMUG-UserCon-2018

One VxBlock to Rule Them All: Introducing the VxBlock 1000

imageToday marks the release of the next evolution to the VxBlock, the VxBlock 1000.  With this release, comes a departure from a few of the norms. Before I dive into the architectural changes, I want to highlight one of the biggest changes on the operations side. As of this announcement, the VxBlock 1000 is Ready to Ship (RTS). This means you can order it today. This is a change to the processes & procedures of old and one of the benefits of the new business model of DellEMC. Going forward, I would expect to see same day availability during future announcements as well.

So what is it? Well as I hinted to it in the title, this is a change from the previous VxBlock designs. Last week, there were 3 you could choose from (350, 540, & 740) and each came with a storage option, the 350 came with rack mount servers, and you could get various data protection options through tech extensions. Going forward, there will be only 1, the VxBlock 1000. With this new architecture you can combine various storage and server options to get exactly what you need. Compute options include both blade and rack mount cisco M4 & M5 servers. Storage options include the new Unity X50F, VMAX X50F, XtremIO X2 (coming later this year), and Isilon Gen 6. Combine in Avamar, Data Domain, and the DPS Suite as fully baked in supported options (which means tech extensions are no longer required). All of this is now covered under a single RCM as well. Changes also come to the management appliance (known as the new AMP-VX). It’s now smaller, cheaper, based on VSAN, and comes with integrated data protection.

VxBlock 1000 Options

Think of this as a simplification. No longer do you need to design a VxBlock for one or two workloads, you can now consolidate multiple solutions into a single system, allowing it all to be managed and supported together. Even if you need to have multiple VxBlock 1000s (which already scale to 14 cabinets each), a single AMP-VX cluster can manage up to 8 systems in total.

VxBlock 1000 Consolidation

Personally, as a vArchitect for New England, I’ve been looking forward to this since I first heard about it internally. I think the simplification of the design means I can get exactly the right solution for my customer’s needs.

Join me at VMworld with Tech Field Day Extra!

TFD-Extra-VMworld-300Hello Everyone!  This is a quick post to let you know that I will be a delegate this year at Tech Field Day Extra @ VMworld.  Join me and my fellow #TFDx delegates Tuesday afternoon where we will be hearing from Kingston, Druva, Pluribus, and NetApp.  Be sure to join in the conversation by using the hash tags #TFDx & #VMworld!

Below is the current schedule of presentations:

August 29, 2017
11:00-12:00
Kingston Presents at Tech Field Day Extra at VMworld US 2017

August 29, 2017
13:00-14:00
Druva Presents at Tech Field Day Extra at VMworld US 2017

August 29, 2017
14:30-15:30
Pluribus Networks Presents at Tech Field Day Extra at VMworld US 2017

August 29, 2017
16:00-17:00
NetApp Presents at Tech Field Day Extra at VMworld US 2017