What’s New in VMware vSphere 6.5
VMware announced vSphere 6.5 couple of days ago and everyone wants to know what’s new with vSphere 6.5 and I tried my best keep it simple rather posting all the content which is easy to remember for cracking Interviews. The vCenter Server Appliance is taking charge in this release with several new features. For starters, the installer has gotten an overhaul with a new modern look and feel. Users of both Linux and Mac will also be ecstatic since the installer is now supported on those platforms along with Microsoft Windows.
Scale Enhancements – New configuration maximums to support even the largest app environments
VMware vCenter Server Appliance – The single control center and core building block for vSphere
vCenter Server High Availability – Native vCenter Server high availability solution
vCenter Server Backup and Restore – Native vCenter Server Backup and Restore
vCenter Server Appliance Tool – Single step migration and upgrade of existing vCenter Server to vCenter Server Appliance
REST APIs – Simple, modern developer-friendly APIs
vSphere Client – HTML5-based GUI that ensures fast performance and cross-platform compatibility
Security-at-Scale – Policy-driven security that makes securing infrastructure operationally simple
Encryption – VM-level encryption protects unauthorized data access both at-rest and in-motion
Audit-quality logging – Enhanced logging that provides forensic information about user actions
Secure Boot – Protection for both the hypervisor and guest operating system by ensuring images have not been tampered with and preventing loading of unauthorized components
vSphere Integrated Containers – Virtual infrastructure platform for containers
Proactive HA – High availability capability that utilizes server health information and migrates VMs from degraded hosts before problem occurs
Cross-Cloud vMotion – Live migrate workloads between VMware based clouds
Virtual Volumes Replication – Native array virtual volumes replication
vCenter Server High Availability:
vCenter Server 6.5 has a new native high availability solution that is available exclusively for the vCenter Server Appliance. This solution consists of Active, Passive, and Witness nodes which are cloned from the existing vCenter Server. Failover within the vCenter HA cluster can occur when an entire node is lost (host failure) or when certain key services fail. For the initial release of vCenter HA an RTO of about 5 minutes is expected but may vary slightly depending on load, size, and capabilities of the underlying hardware.
What’s unique about vMotion encryption is that we are not encrypting the network. The encryption happens on a per-VM level. Enabling vMotion encryption on a VM sets things in motion. When the VM is migrated, a randomly generated, one time use 256-bit key is generated by vCenter (it does not use the key manager for this key). In addition, a 64-bit “Nonce” (an arbitrary number used only once in a crypto operation) is also generated. The encryption key and Nonce are packaged into the migration specification sent to both hosts. At that point all the VM vMotion data is encrypted with both the key and the Nonce, ensuring that communications can’t be used to replay the data. vMotion encryption can be set on unencrypted VM’s and is always enforced on encrypted VM’s.
vSphere HA Orchestrated Restart
vSphere 6.5 now allows creating dependency chains using VM-to-VM rules. These dependency rules are enforced if when vSphere HA is used to restart VMs from failed hosts. This is great for multi-tier applications that do not recover successfully unless they are restarted in a particular order. A common example to this is a database, app, and web server. In the example below, VM4 and VM5 restart at the same time because their dependency rules are satisfied. VM7 will wait for VM5 because there is a rule between VM5 and VM7. Explicit rules must be created that define the dependency chain. If that last rule were omitted, VM7 would restart with VM5 because the rule with VM6 is already satisfied
DRS now considers network utilization, in addition to the 25+ metrics already used when making migration recommendations. DRS observes the Tx and Rx rates of the connected physical uplinks and avoids placing VMs on hosts that are greater than 80% utilized. DRS will not reactively balance the hosts solely based on network utilization, rather, it will use network utilization as an additional check to determine whether the currently selected host is suitable for the VM. This additional input will improve DRS placement decisions, which results in better VM performance.
SIOC + SPBM
Storage IO Control configuration is now performed using Storage Policies and IO limits enforced using vSphere APIs for IO Filtering (VAIO). Using the Storage Based Policy Management (SPBM) framework, administrators can define different policies with different IO limits, and then assign VMs to those policies. This simplifies the ability to offer varying tiers of storage services and provides the ability to validate policy compliance
vRealize Operations Manager (vR Ops) has been updated to version 6.4 which include many new dashboards, dashboard improvements, and other key features to help administrators get to the root cause that much faster and more efficient. Log Insight for vCenter has been also updated, and will be on version 4.0. It contains a new user interface (UI) based on our new Clarity UI, increased API functionality around the installation process, the ability to perform automatic updates to agents, and some other general UI improvements.