VMworld 2017 US General Session Day 2

….. This update is a bit late going up because Tuesday evenings is 5-a-side footie for me…. =)

So what was the General Session on Day 2 all about… well it kicked off with a fireside chat between Pat Gelsinger and Michael Dell, answering a few questions that were submitted the previous evening from attendees. In my opinion there wasn’t any major revelations or probing questions asked/answered, what we do know is that Michael Dell likes Peanut Butter & Chocolate… =P

It’s interesting that Dell thinks that we’re in for some exciting times with AI and machine learning…. although he didn’t quite pin his flag like Zuckerberg and Musk recently… =)
The amount of data created from IoT is stupendous, and the possibilities of using that data are endless – however, companies need to start thinking about how to use the vast amounts of data they have to try and improve processes, products and services – if they don’t then they could be left behind (Just like Elastic Sky Pizza were)!

However, one of the more memorable quotes from Pat was that “Today is the slowest day of technological evolution of the rest of your life!” Great quote, and how true it is…. In IT we live in an ever-changing world!

One thing I did pick up on was VMware Skyline – a new and innovative support technology which will offer pro-active support for VMware solutions. It will consist of a Collector appliance that end-users deploy, it then sits there securely collecting environmental-data from different VMware components (such as configuration, performance, and product usage) whilst performing machine-learning analytics to ensure the overall solution functions correctly. If it detects any changes, events or patterns that will cause a deviation from best practices or validate designs then it will alert the customer. Skyline is aimed at improving support experience through data analytics.

Both Pat and Dell were then joined on stage by Rob Mee (CEO of Pivotal) – it was really interesting to hear that Pivotal Cloud Foundry was being used in over 50% of the Fortune 500 – I wonder what the percentage is in the UK FTSE? Pivotal has be “pivotal” (excuse the pun) in helping enterprises and their digital transformation – how to run legacy production workloads alongside developing new cloud-native applications, yet still providing the availability and security whilst also reducing cost! Pivotal Cloud Foundry addresses all these issues.

The biggest announcement of the day was the unveiling of Pivotal Container Services (PKS) – a partnership between VMware, Pivotal and Google Cloud. Pivotal has been working with Google for a while – Project Kubo – and now with the partnership with VMware, PKS will enable enterprises to deliver production-ready Kubernetes on VMware vSphere and Google Cloud Platform (GCP), with compatibility to Google Container Engine (GKE) – all secured by – yup you guessed it – NSX. Pat went on to say that they’re not stopping there and will start to integrate other VMware products such as vRealize Automation and Operations, along with Wavefront (who VMware acquired in May – it’s a “real-time metrics monitoring and streaming analytics platform designed for developers to optimize their clouds and modern applications that rely on containers and microservices”)

PKS-Image

Pat, Dell and Rob were joined on stage by Google’s Sam Ramji (VP of Product Management – Developer Platforms). It’s interesting how Google are pouring in vast amounts of their knowledge on containers into Kubernetes – a way of giving back to the community! Sam also announced that Pivotal and VMware were to become as Platinum Members of the Cloud Native Computing Foundation – home of Kubernetes.

The rest of the General Session involved a fictitious company called “Elastic Sky Pizza” which was stuck in the past and needed assistance in transforming their business. Loads of demos and presentations showing how VMware’s suite of Cloud products work – including PKS, AppDefense, NSX, Pulse IoT (Edge LIOTA).

 

PKS looks amazing, but I do still think that containers is an enterprise play – which kind of goes against one of the questions during the fireside chat about looking after the SMB market… this is probably going to be priced above what SMBs can afford!

Advertisements

VMworld 2017 US General Session Day 1

If like me, you’re stuck in a sweltering London enjoying the bank holiday and watching the Game of Thrones season 7 finale, you may have forgotten that over in Vegas the city is just getting over the big fight of Mayweather vs McGregor and is now inundated with people looking to attend VMworld 2017 US.

It’s great that VMware live stream their keynotes, as it gives everyone an opportunity to hear first hand what VMworld will be about this year and also what is being announced!

And it’s of no surprise that VMware have continued to strengthen their vision on “Any Device, Any Application, Any Cloud” with the keynote by Pat Gelsinger. Whilst heterogeneous is a great thing that leads to the consumerisation of IT, it plays havoc with IT admins who’s key focus is to contain and secure a company’s data – and it’s worth noting how much emphasis is being placed on security within VMware – NSX is intrinsic to every solution that was mentioned during the keynote!

Vision

The first thing that was covered was how the digital transformation is affecting end users – the goal for any company is to ensure that their employees are well connected, yet the challenge is a complex one when you realise how many different technologies an end user has access to – smartphones, tablets, laptops – even smartwatches and cars now! So how do you deliver an unified workspace securely across multiple technologies?

Simple – Workspace ONE – piecing it all together to give companies a “consumer simple but enterprise secure” solution. Delivered in 3 areas:

  1. Apps and Identity – applications with a consistent feel across multiple devices. Secured by a common identity framework with a simple Single Sign-on experience.
  2. Management and Security – IT in control, delivering consistent management & security. Drastically improving  tasks that were previously costly, time consuming, and resource intensive, whilst still in control of data by combining identity and device management to enforce Data Security and Endpoint Compliance.
  3. Desktop and Mobile – Device Management and Compliance provided by AirWatch Unified Endpoint Management, protecting sensitive data as well as conditional access to how that data can be consumed by end-users.

workspaceone

Next Pat went on to explain that virtualisation has led to end-users deploying a private cloud within their own data centres, yet making such a transition is not an easy step – deployment isn’t straight forward, lifecycle management and day 2 operations isn’t always easy, and trying to secure different technologies of a private cloud is painful!

VMware’s goal is to “make Private Cloud Easy and that’s where Cloud Foundation comes along – a fully integrated SDDC stack that ‘just works’…. simple… agile… secure! version 2.2 was announced and is now GA.

Pat was then joined by Andy Jassy, CEO of AWS, to announce the General Availability of VMware Cloud on AWS. Announced as a tech preview at last years VMworld, it should be noted that it’s currently only available today in the US West Coast region Availability Zone, it will then be rolled out across the East Coast AZ before rolling out to the rest of the AWS global AZs by the end of 2018. So I guess we’re going to expect it in the UK late 2017/early 2018!

VMware Cloud on AWS allows you to seamlessly take a workload running on vSphere in your data centre and migrate it to AWS Public Cloud running a VMware stack – using the same tools (vCenter Server) to manage both your private and your public cloud workloads from a single pane of glass! A consistent feel no matter where your workload resides. What Andy Jassy said was correct – in the past customers hated the fact that if they wanted to consume public cloud, there was no easy way of migrating workloads across without some form of translation occurring. It was also painful and costly to manage as you couldn’t use a single tool to manage both private and public cloud.

VMware’s Cloud Strategy is as follows:

cloud

The first 7 VMware Cloud Services were announced as available for consumption.

VMware Cloud Services

NSX Cloud is an interesting service that addresses networking and security operational challenges inherent with using multiple public clouds. Unfortunately at launch it’s only available on AWS to protect EC2 workloads (ie native AWS workloads – not vSphere workloads which is what VMware Cloud on AWS gives). It differs from on-premise NSX as it is delivered as a service and managed by VMware.

As I previously said, NSX is a key foundation to every solution at VMware currently:

nsx

Security is hugely important… and Pat breaks it down into 3 components:

  1. the need to build it into the infrastructure
  2. the need to integrate with the current security vendor ecosystem
  3. the need to ensure good cyber hygiene and ensure security policies are in place. The 5 pillars of Cyber Hygiene are:
    • Least Privilege
    • Micro-segmentation
    • Encryption
    • Multi-factor authentication
    • Patching

Two years ago, VMware first began talking about the concept of the “Goldilocks Zone” where the hypervisor sits at the ideal location in the network to improve security. During the keynote VMware announced a new product named AppDefense which looks to be the fruition of Project Goldilocks.

AppDefense allows a virtual machine to learn its manifest and understand what is a good and secure process, it’s then able to determine whether the runtime behaviour of a VM or application deviates from its intended state. Finally it’s able to trigger an automated/orchestrated response to remediate or quarantine any detected anomalies.

appdefense

 

Strange that searching the VMworld Europe Content Catalog for AppDefense doesn’t bring up any sessions…. which is a shame as I was hoping to schedule a session after hearing the keynote and reading about it.

Roll on Day 2….

 

Goodbye vCenter Server for Windows and Flash-based vSphere web client!

Hmm…. it’s not even VMworld yet and VMware decide to make 2 big-ish announcements.

Although tbh, since vSphere 6.5 was released these 2 announcements have long been coming!

Finally, after loads of speculation, VMware had announced that vCenter Server for Windows and the Flash-based vSphere web client is to be deprecated with the launch of the next version of vSphere. Updates to 6.5 will continue supporting the 2 features, but come vSphere 7.0 it will be no more….

https://blogs.vmware.com/vsphere/2017/08/farewell-vcenter-server-windows.html

 

“vCSA-exclusive capabilities such as file-based backup and restore, unified update and patching, native vCenter High Availability, and a significant performance advantage mean that the VCSA has become the platform of choice for vCenter Server.  Additionally, due to the integrated nature of appliance packaging, VMware is able to both better optimize and innovate vCenter Server at an accelerated pace.  Finally, with the VCSA, VMware can provide support for the entire vCenter Server stack including the vCenter Server application, the underlying operating system (Photon OS), and the database (vPostgres). By doing so, VMware can ensure that customers can focus on what matters most while having a single source for updates, security patches, and support.  The VCSA model is simply a better model for vCenter Server deployment and lifecycle management.”

That pretty much sums up why VMware are 100% behind the vCSA, although they miss out the whole “screw you Microsoft licensing!!” part! Plus given that 6.5 ships with a migration tool that helps you move/upgrade from a Windows vCenter to an Appliance vCenter, it’s no surprised that more and more people are moving over when it comes round to upgrade time!

In fact ever since 6.5 was released, I’ve not even deployed a single Windows vCenter Server – all my customers have been moved over to the vCSA.

https://blogs.vmware.com/vsphere/2017/08/goodbye-vsphere-web-client.html

With regards to the vSphere Web Client, loads of people found the flash-based version was frustratingly difficult to use – it was slow, it was notoriously prone to crashing and frankly it was based on in-secure Flash technology (not to mention that Adobe themselves are dropping flash). HTML5 is the way to go baby!

So with those announcements in mind….. I may think about changing some of my VMworld sessions to jump on the vCSA and Web Client update sessions!!

 

RIP…..

vExpert 2017 Announcements

Congratulations to those who have been recognised as vExperts and will be joining the group for the 2nd half of 2017!

https://blogs.vmware.com/vmtn/2017/08/vexpert-2017-second-half-announcement.html

Also congratulations to existing vExperts who have been recognised as experts in the 2 sub categories – NSX and vSAN!

https://blogs.vmware.com/vmtn/2017/08/vexpert-nsx-2017-award-announcement.html

https://blogs.vmware.com/vmtn/2017/08/vexpert-2017-vsan-announcement.html

 

I’m fortunate enough to be once again considered as a vSAN vExpert for this year! =)

HCIBench 1.6.2 – Testing vSAN performance

Over the past month or so I’ve been running a number of performance tests on VxRail and vSAN solutions.

HCIBench is a brilliant tool to help end-users understand the type of performance that they can achieve with their vSAN solution.

It’s essentially an automation wrapper around the popular Vdbench tool. Vdbench is an utility specifically created to help engineers and customers generate disk I/O workloads to use for validating storage performance and storage data integrity. Vdbench is a complex beast to run, with lots of different variables that can be configured via CLI… so the HCIBench wrapper helps simplify workload profiles and makes it so much easier to run benchmark tests!!

Please note, HCIBench is a VMware Labs Fling and so there’s limited support available and it shouldn’t be used in production environments (although the latter is just to cover themselves). If I’m honest, the creators of HCIBench are pretty good at replying to comments and feedback!

https://labs.vmware.com/flings/hcibench

It’s definitely worth remembering that as a benchmark tool, it can’t quite simulate real-world workloads! However, if you understand how your workload behaves (ie block size, read/write ratio, etc) then you can get pretty close to creating a workload profile that matches your workload (albeit running a test at max. workrate rather than the bursty rate we see in real-life).

 

HCIbench was updated 2 days ago in response to the recent release of vSphere 6.5u1, and in my opinion is even cooler now that it can utilise the new vSAN Performance Diagnostic feature of vSAN 6.6.1 (API integration with the new Performance Diagnostics part of vSAN Cloud Analytics).

You can now run an HCIBench test and view detailed results of the test in Performance Diagnostics with supporting graphs – you’re able to select a goal for the test based on “Max IOPS”, “Max Throughput” or “Min Latency”, and then get details on potential issues found in the analysed data which you can then use to improve the workload profile you’re using in HCIBench.

Point your browser here for more info:
https://blogs.vmware.com/virtualblocks/2017/07/31/what-to-expect-from-hcibench-1-6-2/

Note: You need to have Customer Experience Improvement Program(CEIP) and vSAN Performance Service turned on to get this feature enabled

More on vSAN Encryption

So not long after my article was published on SearchVMware, the guys at Virtual Blocks (VMware’s own storage blog) released 2 articles which went into vSAN encryption in a bit more detail.

https://blogs.vmware.com/virtualblocks/2017/06/24/vsan-encryption-1/
https://blogs.vmware.com/virtualblocks/2017/06/24/vsan-encryption-2/

It’s definitely worth noting that using hardware encryption does have an overhead whenever you need to rekey (eg when you need to rekey every drive), obviously because vSAN encryption is within the hypervisor this overhead is significantly reduced.

The First article simply goes over what vSAN encryption is all about, the second dives into more detail on how it’s setup, the trust model of the KMS, and also how the disk format is changed when vSAN encryption is enabled. I find this 2nd article very informative in trying to understand how vSAN encryption works.

There’s also a new KB that briefly goes over the different between vSAN encryption and VM encryption: Understanding vSAN Datastore Encryption vs. VMcrypt Encryption

Enjoy…. =)

Voting now open for Top vBlog 2017!

top-vblog-2017

It’s that time of year again when the VMware community starts to cast their votes as to which blog should be crowned “Top vBlog” for 2017…!

This year Duncan Epping (http://www.yellow-bricks.com/) and Frank Denneman (http://frankdenneman.nl) have decided to withdraw their blogs from the voting, which is admirable as they both always feature in the top 5 (or #1 for the past 8 years in the case of Duncan!!). From what I’ve read, both wish that other people get the recognition as sometimes the voting is based on popularity rather than content.

Maybe there should be a hall of fame that the likes of Duncan and Frank could be inducted into?!? =)

Last year, much to my surprise, I ended up ranked #161.. if I’m honest I didn’t even think I would rank! Anyways, thanks to those who voted for me…. hopefully I’ll rank again this year… it’s always nice to be recognised by your peers, but blogging for me is a hobby as I’ve got a hectic work and family life (a 20mth baby takes up alot of time…).

Anyways, head along to vSphere-land to read more about the voting rules:
http://vsphere-land.com/news/voting-now-open-for-top-vblog-2017.html

If you’re looking for a list of all vBlogs, then head over to vLaunchPad:
http://thevpad.com/

Once you’re ready to cast your vote, head over to the voting site:
http://topvblog2017.questionpro.com/

And if you’re interested in last years results, then here they are:
http://vsphere-land.com/news/top-vblog-2016-full-results.html

Voting runs until the 30th June.

… and lastly, thanks again to Eric Siebert (http://vsphere-land.com) for running and managing the voting process and to Turbonomic (https://turbonomic.com) for once again sponsoring the whole event.

Yes, I know I’m a bit late with this announcement as voting opened on the 1st June… Unfortunately I’m on holiday and it’s been difficult trying to find decent network reception on the canals of Wales – it seems you can only get 4G network when you’re near a town… =(

20170603_093337

VMware vSAN 6.6 launched – so What’s New?

Earlier this year it was announced that vSAN had grown to over 7000 customers since launch, which is a pretty decent number given the product went GA just over 3 years ago and we’re on the 6th iteration! What’s even more impressive is how quickly VMware are turning these updates around (almost every 6 months we get an update of sorts), we only got vSAN 6.5 at VMworld last year and 6 months later we now have version 6.6 – what’s funny is half my customers haven’t even started implementing their 6.5 upgrade plan yet and now they will have to re-write that plan…. Lol… =)

In fact I see the number of customers growing quite significantly this year given the huge drive towards HCI – something that I’m seeing within my company’s customer-base (and in the market in general)!

Today sees vSAN 6.6 go GA, and it amazes me on how many new features VMware have packed into this release – features that make vSAN more faster, cost effective and much more secure! And to think that this is just a “minor” patch release! With vSAN 6.6, customers can now evolve their data centre without risk, control IT costs and scale to tomorrow’s business needs (sorry, that was a marketing blurb that I just had to fit in somewhere as it sounded good).

vSAN features

(Note: I know that slide says “Not for distribution”. However, the vSAN vExperts have been given permission to use the material in their blogs)

The biggest features in my opinion are vSAN Data-at-Rest Encryption, Unicast communication and Enhanced Stretched Clustering with Local Protection – these are the 3 features I’m going to concentrate on within this post, trying to expound on all the new features would involve me writing a lengthy technical whitepaper! =)

That said, other new features are as follows:

  • ESXi Host Client (HTML-5) – management and monitoring functionality available on each host in the case where vCenter server is offline.
  • Simpler installation/configuration – The ability to create a single node vSAN datastore by using the vCSA installer and then allowing you to deploy vCSA/PSC onto that vSAN datastore.
  • Enhanced rebalancing – allowing large components to be split up during redistribution.
  • Site Affinity in Stretched Clusters – a new Affinity policy rule allows users to request where a VM gets deployed to, although this is only applicable when the PFTT is set to 0. Although it’s worth noting that DRS/HA rules should be aligned to data locality!
  • Always-On Protection – Enhanced repairs with Re-sync traffic throttling – allowing vSAN to respond to failed disks/nodes more quickly, intelligently and more efficiently. New Degraded Device Handling (DDH) intelligently monitors the health of drives and proactively evacuates data before failures can happen.
  • Maintenance Pre-Check – enhanced checks to ensure there are enough resources for vSAN when entering maintenance mode (or decommissioning vSAN nodes).
  • Stretched Cluster Witness Replacement UI – simpler method of changing the Witness host without having to disable the Stretched Cluster.
  • vSAN Cloud Analytics – pro-active, real-time support notifications and recommendations with real-time custom alerts through the vSAN health Service.
  • API enhancements – vSAN SDK updated to handle all new features, with additional enhanced PowerCLI support.
  • vSAN Config Assist / Firmware Update – Enhanced health monitoring and HCL checks using health-check assistant to ensure the vSAN hardware has the latest firmware and drivers installed.
  • Enhanced Performance – up to 50% higher all-flash IOPs performance per host and Health Monitoring
  • New Hardware Support – Support for Intels new Optane technology, NVMe SSDs and larger 1.6TB SSDs for cache drives.
  • Support for Photon Platform 1.1 as well as a Docker Volume Driver – great for customers (ie DevOps) who prefer working with micro-services/containers. This allows customers to use vSAN as storage for Docker VMs giving them the ability to apply storage based polices (such as FTT, QoS, access permissions, etc) to the VM, it also gives customers the ability to support persistent storage to allow stateful container apps to be built (such as DBs).

 

Data-at-Rest Encryption

EMC love calling this by the acronym D@RE…. But this hasn’t quite filtered down to the VMware team…. =)

VMware vSAN 6.6 introduces the industry’s first native HCI security solution with software-defined data-at-rest encryption within the hypervisor. Data-at-rest encryption is built right into the vSAN kernel, and is enabled at the cluster allowing all vSAN objects to be encrypted (ie the entire vSAN datastore).

In my opinion this is one of the most important new feature in vSAN 6.6 – we all know that security within IT has become top priority, featuring very high on a company’s risk-register, but IT Admins have always been reluctant to either deploy encryption at the OS level or let application owners encrypt their apps and data. Data-at-rest encryption takes away that decision by encrypting when the data resides on your vSAN Datastore.

It’s hardware-agnostic which means you can deploy the storage hardware device of your own choice – it doesn’t require the use of expensive Self-Encrypting Drives (SEDs)!

vSAN DARE

vSAN Encryption is available for both All-Flash and Hybrid configurations and integrates with KMIP 1.1 compliant key management technologies. When vSAN Encryption is enabled, encryption is performed using an XTS AES 256 cipher and occurs both at the cache and capacity tier – wherever data is at rest, which means you can rest assured that if a cache or capacity drive is stolen the data is encrypted! Plus vSAN Encryption is fully compatible with vSANs all-flash space efficiency features, like dedupe, compression and Erasure Coding, delivering highly efficient and secure storage – as data comes into the cache tier it’s encrypted, then as it de-stages it’s decrypted and any relevant dedupe or compression occurs to the data (4k blocks) before it’s re-encrypted as it hits the capacity tier (512b or smaller blocks). As it’s data encryption at rest, I believe that vSAN traffic traversing the network maybe sent in the clear which means you will need to ensure vSAN traffic is protected accordingly.

It’s worth mentioning that whist the cryptographic mechanics are similar to VM encryption that was introduced in vSphere 6.5 (ie it requires a KMS and uses the same encryption modules), there is a vast difference in the way they’re implemented – VM encryption is per-VM (via vSphere API for IO filtering – VAIO), whilst with vSAN encryption it is the entire datastore. Also you get space-saving benefits from vSAN encryption as previously mentioned. The other major difference is that vSAN encryption can carry on functioning if vCenter Server is lost or powered off because the encryption keys are transferred to each vSAN host and via KMIP each host talks directly to the KMS, whereas VM encryption requires you to go through vCenter Server to communicate to the KMS. Not to mention VM-encryption does have some performance impacts and requires Ent Plus licenses.

Turning on vSAN encryption is as simple as clicking a checkbox within the settings of the vSAN cluster and choosing your KMS (which does need to be setup prior to enabling encryption). However, it’s worth noting that a rolling disk reformat is required when encryption is enable which can take a considerable amount of time – especially if large amounts of data residing on the disks must be migrated during the reformatting.

vsan-encrypt

With the enhanced API support, customers who like to automate their infrastructure will be able to setup an encrypted vSAN cluster with all the relevant KMS configuration via scripting – great for automating large scale deployments!

 

Removal of Multicast

vSAN Multicast

Another big announcements with vSAN 6.6 is that VMware are switching from multicast to unicast for their communication mechanism. This obviously makes networking a lot simpler to manage and setup as customers won’t need to enable multicast on their network switches, or IGMP snooping, or even PIM for routing. It may even mean that customers could use cheaper switches (which may not handle Multicasting very well).

Bit of background:

Typically IP Multicast is used to efficiently send communications to many recipients. The communication can be in the form of one source to many recipients (one-to-many) or many sources to many recipients (many-to-many).

vSAN used multicast to deliver metadata traffic among cluster nodes for efficiency and to optimise network bandwidth consumption for the metadata updates. This eliminates the computing resource and network bandwidth penalties that unicast imposes in order to send identical data to multiple recipients. vSAN depended on multicast for host discovery – the process of joining and leaving cluster groups, as well as other intra-cluster communication services.

While Layer 3 is supported, Layer 2 is recommended to reduce complexity. All VMkernel ports on the vSAN network subscribe to a multicast group using IGMP. IGMP snooping configured with an IGMP querier can be used to limit the multicast traffic to only the switch ports where the vSAN uplinks are connected to – this avoids unnecessary IP multicast floods within the Layer 2 segments.

Although one of the issues that could occur was when multiple vSAN clusters reside on the same layer 2 network – the default multicast address should be changed within the additional vSAN clusters to prevent multiple clusters from receiving all multicast streams.

I believe vSAN now relies on vCenter Server to determine cluster membership, however I haven’t yet read about how the vSAN team have managed to implement unicast communication as that information is still in limited supply. It’ll be interesting to understand how they have done it considering multicast was an efficient and easy way of replicating instructions to multiple nodes within the vSAN cluster when a node needed to perform an action. Although one thing worth noting is that unicast communication probably lends itself to cloud platforms a lot easier than trying to implement a multicast solution!

 

Local Protection for Stretched Clusters

Stretched vSAN Clusters were introduced back with vSAN 6.1 and built on the foundations of Fault Domains, it was basically a RAID-1 configuration of a vSAN object across two sites – which basically means a copy of the data in each site with a witness site for cluster quorum type services during failure events. The problem was if 1 site failed you would only have a single copy left and an additional failure could lead to data loss. It also meant that if a single host failed in any of the sites then the data on that host would need to be resynced again from the other site (to rebuild the RAID-1).

vSAN ESC

This new enhancement to Stretched Clusters now gives users more flexibility with regards to local and site protection. For example, you can now configure the local clusters at each site to tolerate two failures whilst also configuring the stretched cluster to tolerate the failure of a site! Brilliant news!

When enabling Stretched Clusters, there are now two protection policies – a “Primary FTT” and a “Secondary FTT”. Primary FTT defines the cross-site protection and is implemented as a RAID-1. It can be set to 0 or 1 in a stretched cluster – 0 means the VM is not stretched whilst 1 means the VM is stretched. Secondary FTT defines how it is protected within a site, and this can be RAID-1, RAID-5 or RAID-6.

One thing to note is that the witness must still be available in order to protect against the loss of a data site!

This new feature doesn’t increase the amount of traffic being replicated between sites as a “Proxy Owner” has been implemented per site, which means instead of writing to all replicas in the second site, a single write is done to the Proxy Owner and it’s then the responsibility of this Proxy Owner to write to all the replicas on that local site.

 

So that’s about it for now…. if you require more information then pop along to the following sites:

Duncan Epping (Chief Technologist in the Office of CTO for the Storage & Availabiliy BU at VMware) has created some great demos of vSAN 6.6 which can be found on his blog site: http://www.yellow-bricks.com

Things to Note

The underlying release for vSAN 6.6 is vSphere 6.5.0d which is a patch release for vSphere 6.5. For existing vSAN users upgrading to vSAN 6.6, please consult VMware Product Interoperability Matrices to ensure upgrading from your current vSAN version is supported.

Please note that for vSAN users currently on vSphere 6.0 Update 3 – upgrade to vSAN 6.6 is NOT yet supported.

The parent release of vSAN 6.6 is vSphere 6.5 and as shown by VMware Product Interoperability Matrices, an upgrade from 6.0 U3 to vSphere 6.5 (and hence vSAN 6.5) is NOT supported. Please refer to this KB Supported Upgrade Paths for vSAN 6.6 for further details.

 

p/s: I’ve always liked Rawlinson Rivera‘s Captain vSAN cartoon!! =)

VMware sells off vCloud Air to OVH

Hmm…. so that was an interesting announcement from VMware last week!….. although if I’m honest it makes perfect sense!

OVH Group announcing it’s intent to acquire the vCloud Air Business from VMware: https://www.vmware.com/radius/vmware-cloud-air-evolves/

Last year when VMware announced their tie up with AWS – vCloud on AWS – many had already started wondering what that partnership would do to VMware’s own cloud offering. The talking point was made more real when VMware also announced their Cross-Cloud Architecture which would allow a customer to choose which cloud platform to deploy their workloads onto – all from a single common operating environment. Then to make things worse, VMware announced VMware Cloud Foundation on IBM Cloud (or what was Softlayer)… an SDDC stack running VMware goodies on IBM Cloud compute!

That triple whammy pretty much made everyone think that vCloud Air’s time was up!!

I had a number of discussions at VMworld Europe last year where we talked about whether VMware would just shut down vCloud Air, or would they migrate it all onto AWS. Although the general consensus was that maybe they would sell off/spin off that part of their business – after all, VMware is a software business and vCloud Air was always seen as a ‘weird’ sibling…. not to mention that it competed against all it’s vCAN (VSPP) partners who were offering their own cloud services built on VMware technology!

I guess there’s no shame in what VMware are doing, Cisco, Dell and HP tried and failed to do what Amazon and Google are doing well at… although surprisingly Microsoft have managed to get Azure up and running well!

In a way, VMware are getting rid of what they probably saw as a hefty investment on infrastructure and hosting for little returns (I doubt there were many customers using vCloud Air to justify the expense of keeping it). Makes more sense to sell it to an existing cloud provider who knows how to sell Public Cloud services and IaaS! Although, I kind of have to wonder what OVH will do given VMware hosted vCloud Air in Equinix/Telstra data centres around the world….. guessing they’ll run down the contract with those providers and bring it all back in house!

In my opinion, selling off vCloud Air is probably a smart move….. VMware’s vision is to enable a customer to run “Any Application on Any Cloud, accessed by Any Device”, and it was going to be difficult to be Cloud-Agnostic if they owned a Public Cloud service! The whole Cross-Cloud Architecture would have produced a conflict of interest if they kept vCloud Air…. now that they’re shot of it, they can concentrate on pushing out their vCloud stack onto Azure and maybe even GCP given that they’re well on their way with the AWS partnership. Why try and beat them at their own game? It’s far easier to embrace them and partner!!

VMware are positioning themselves to be the broker of cloud services…. a single management point that allows end users to decide which public cloud is best for their workloads! In a way it’s a clever move, firstly because it puts the decision-making back with the end user, and secondly it now means that VMware can state that it’s the only virtualisation company that doesn’t tie you into a single cloud vendor (much like how Microsoft tries to ram Azure down the throat of Hyper-V customers).

Interesting times ahead……