VMware PEX 2015: New Stuff With vSphere 6
With version 6.0 of VMware’s flagship product comes plenty of enhancements. According to VMware’s press release, there are more than 650 improvements, but I have not seen a master list yet. The maximums of vSphere are leapfrogging the maximums of Hyper-V. Unless you are planning on running SAP HANA in a virtualized environment, you could probably not give a crap about some of the scalability enhancements. They may be nice to have but how often will you use them. Here are some of the improvements to vSphere 6.0:
Scalability Improvements
There are some nice scalability improvements, like 64 nodes per cluster, 8000 VMs per cluster, 480 vCPUs, and 12 TB vRAM. If that is your game, here ya go. Realistically, a larger cluster should give you better consolidations ratios and allow for more efficient use of Dynamic Resource Scheduler (DRS). To many, this may be significant, but to some, they still won’t believe that their Exchange and SQL servers are too big for VMware.Because of these improvements, VMware claims to increase Hadoop performance by 12% with its Big Data Extensions. This could drive the adoption of running Hadoop on vSphere, especially if you consider what EMC is doing with ViPR and Isilon running HDFS.The new version of VM hardware enables most of the scalability improvements mentioned above along with enhancements to adding vRAM ion a vNUMA setup, WDDM 1.1 GDI acceleration, USB 3.0, and Serial / parallel port functionality.
What this means to you
Bigger, badder VMs on bigger, badder clusters. You can run things like SAP HANA in a virtualized environment.
Security Improvements
There are several improvements under the covers that help with managing access to ESXi with local user accounts. I don’t like local accounts, but they are a necessary evil. One really nice improvement is the idea of passing the vCenter Server user identity to ESXi for logging purposes. Previously, all Syslog actions from ESXi appeared under the “vpxuser” account, regardless of who initiated an action on vCenter. Now, the user identity will pass through to the logging with a “DOMAIN\User” string. There are also improvements to Lockdown Mode so that access to the DCUI is a little more secure. If you work for the gubment, there is also the ability to use smart card authentication to the DCUI, because, well, it’s the gubment and we like to complicate things more than ‘normal” people.
What this means to you
Better tracking of “who did what and when.” Better access security on the DCUI.
Changes to vCenter Server Architecture
First and foremost, the vCenter Server Appliance (vCSA) is now a first-class citizen. Whether running the Winders version or the vAPP version, you can call to 1,000 hosts, 10,000 VMs, 64 Hosts in a cluster and 8,000 VMs in a cluster.Second is the idea of a “platform Services Controller” (PSC), which handles the common services of the entire vCloud Suite, such as Single Sign-On (SSO), certificate management, and license management. You can deploy the PSC “embedded” with the vCenter Server or “external” to the vCenter Server. The PSC also handles much of the former vCenter Server Linked Mode functionality and will replicate all information to other PSCs for availability (YAAAY).The traditional vCenter-specific services, such as vCenter Inventory Service, vSphere Web Client, Autodeploy, etc., are deployed on the vCenter server. There are no more separate installers for these services. All deployment models support the embedded PostgreSQL database or Oracle databases. For Windows-based vCenter Servers, you can also link to external Microsoft SQL.The vSphere Update Manager services still require Windows Server to function. Hopefully, VMware will eventually get this deployed as a vApp at some point as well.Clustering of the vCenter Server services, in addition to the backend database, will be supported with Microsoft Cluster Server (MSCS).
What this means to you
Keep your platform services separate from your vSphere services. Just do it. The PSC will become the security foundation for all of VMware’s software as time goes on. The separated PSCs can replicate all of their information across data centers for redundancy.The ability to use MSCS to protect your stuff is huge because the vCenter Services are becoming more critical, especially with vCloud and View. Until VMware can figure it out with the vCSA, it is the only way to go.
Improvements to the vSphere Web Client
The vSphere Web Client has several usability and performance improvements.
What this means to you
This will make your day-to-day life a little bit better.
Instant Clones
With this new feature, you can now clone up to ten times faster than what was possible before.
What this means to you
Faster cloning means better response times to demand based automation.
NVIDIA GRID vGPU
This new feature allows you to deliver full hardware-accelerated NVIDIA graphics performance to VMs.
What this means to you
In a View VDI environment, you can offer better graphics to desktops for 3D and 4D rendering.
Improvements to vMotion
You can now perform a live migration between separate logical Datacenters, vCenter Servers, and vSwitches. They have also announced support for live migration across separate physical data centers across distances with up to 100ms RTT. There is the ability for a “replication-assisted” migration. All of this assumes layer 2 connectivity between data centers.You can also create a separate IP stack for vMotion.
What this means to you
This allows you to perform a live migration across long distances. The best use case is for planned downtime in a data center. This will limit the needs for complicated stretched clustering.
Improvements to Fault Tolerance
VMware Fault Tolerance (FT) now supports up to 4vCPUs and 64GB vRAM. It also now allows you to use the vSphere Storage APIs for Data Protection to back up these VMs. Lockstep copies of the virtual disks are also maintained for greater availability. FT now supports any hardware that supports vMotion and it supports all virtual disk types.
What this means to you
Now you can provide lockstep availability in business-critical application servers. This is what I call a “Second 1.0” version. Everything is so new, it really needs some time to find the bugs and gotchas.
Multisite Content Library
This new feature allows you to centrally manage a published catalog of Templates, ISO images, and scripts. As the content is changed in the published catalog, it is replicated to all other subscribed catalogs across sites.
What this means to you
Assure that all data centers pull from a pool of common resources so that all sites are using standardized items.
Virtual Volumes
Virtual Volumes (VVOLS) is a new framework that integrates VM operations with a SAN or NAS array. Each VM is treated as a separate storage entity. Storage Policy-Based Management (SPBM) works in conjunction with VVols to allow for provisioning of resources according to SLAs. Using VMware vSphere API for Storage Awareness (VASA), the storage capabilities are communicated to the vCenter Server so that SPBM can recommend an array based on compliance requirements.This is a 1.0 product. Some features, such as support for array-based replication with Site Recovery Manager will not be immediately supported. You can, however, use vSphere Replication to protect VMs running on VVOLS in the interim.
What this means to you
Hopefully, this will mean that a storage engineer can present an array to a vSphere environment once. No need to get involved in every VM created and no need to create LUNs based on SLAs. This could piss off those storage control freaks though.
vSphere APIs for IO Filtering
According to VMware, the vSphere APIs for IO Filtering (VAIO, not VAIOF, just to piss off Sony I guess) is actually a filtering framework. It is not really a “feature,” but more of the ability for VMware Technology Partners to provide enhanced storage services. The key part of VAIO is the “F” which isn’t even mentioned in its acronym. It is a way to securely filter IO according to a policy. With VAIO, a partner can put their stuff directly into the IO stream, via a filter, and intercept data before it gets committed to disk. Expect to see replication and cache acceleration out of the gate.
What this means to you
The possibilities are really limited only by your imagination or the imagination of an engineer that works for a company that provides data services. Think about this: Storage Policy-Based Management (SPBM) provides a control plane that could potentially allow you to select services, such as the replication and caching services that will be coming out of the pipe very soon, along with things like deduplication, anti-malware, encryption, compliance tracking, etc.
Improvements to vSphere Data Protection
All of the cool Avamar based stuff is now in vSphere Data Protection (vDP). There are no more extra licensing costs for vDPA. This includes variable-length segment deduplication to vDP VMs that will store up to 8TB of deduplicated data. Other features, like Changed Block Tracking (CBT) integration, backup assurance, and DataDomain DD-Boost are also included.
What this means to you
If you are a 100% VMware-virtualized shop, you now get a really good data protection product. If you are mixed with Hyper-V and/or physical systems, you still need something else.
Improvements to vSphere Replication
You can replicate to local or remote sites and leverage multiple points in time. vR can integrate with Site Recovery Manager (SRM) and vCloud Air for off-site DR. The RPO is still selectable to anything from 15 minutes to 24 hours. The rumor of a 5 minute RPO was just that – a rumor. It is on the roadmap allegedly. You can now use multiple NICs and Network IO Control (NIOC) to secure and isolate replication traffic. Network traffic compression is also leveraged.
What this means to you
Separating and regulating replication traffic is makes things easier to manage. Having multiple point in time recovery is nice too.
Improvements to Networking
The latest version of Network IO Control (NIOC) allows you to guarantee bandwidth to a specific vNIC or and entire distributed port group. VMware now supports IGMP snooping for IPv4 packet and MLD snooping for IPv6 packets in Virtual Distributed Switches (VDS).
What this means to you
NIOC allows you to maintain SLAs for network bandwidth. Multicast snooping allows you to troubleshoot things easier.