The new client helps deliver a simplified and efficient user experience. It also includes additional functionality to support more than the traditional workflows. Management functions for key features such as VUM, vSAN and NSX, as well as third-party components, have been enhanced or improved with the latest upgrade.
vCenter Server Appliance (vCSA)
For those looking to upgrade to the vCSA, VMware has made the endeavor click-through easy. The vCenter 6.7 appliance uses a graphical interface (GUI) upgrade process.
vCenter 6.7 GUI
When performing an upgrade, the GUI guides you through a two-stage process of first deploying a new appliance and then transferring the services and configuration data from the old to the new appliance. I used this process to upgrade our v6.5 appliance to v6.7 and I was surprised with how seamless it was as long as you followed the normal prerequisites.
VMware also overhauled the vCSA backup process in v6.7. Yes, you could backup the v6.5 appliance but it was a bit cumbersome at best. Now, backup scheduling is easy, allowing you to setup a backup location, schedule and encryption, as well as the number of backups to retain and the type of data you want to backup including stats, events and tasks.
VMware also boasts significant performance gains in the new v6.7 client over its v6.5 predecessor across multiple client scale limit metrics. It offers up to a threefold reduction in memory usage and a threefold improvement in DRS-related operations. It provides a twofold improvement in the performance of vCenter operations per second. The client speed improvements will only help maximize the client experience.
The upgraded client opens up a number of new management features and enhancements I would encourage you to take a look at:
- Embedded platform services controller in enhanced linked mode: This allows for multiple vCenter links without an external platform services controller or load-balancer requirement.
- Instant clone: A very powerful operation and explained in great detail by a number of great bloggers like William Lam. Check out this great series of blog posts for the detailed workflows and use cases.
- Per-VM enhanced vMotion (EVC): This allows for easier cross cluster migrations between different processor types and persistence on a per-VM basis.
- Monitoring and management: This covers backup management, disk monitoring, appliance monitoring, syslog configuration and new alarms focused on resource and service failures.
- ESXi Quick Boot: If you hate waiting for hardware initializations, Quick Boot restarts the ESXi hypervisor without rebooting the physical host as long as your hardware supports it.
- ESXi Single Reboot: This allows major upgrades completed in a single reboot, saving countless hours on large cluster upgrades that often required two or more reboots for major upgrades.
Increased Configuration Maximums
Each version of vSphere continues to push the limits of VM and server level maximums and v6.7 doesn’t disappoint in that aspect.
VM and Server Maximums
Comprehensive Security Improvements
With vSphere 6.7, VMware continues to stress the importance of security in their offerings. Security has been top of mind for VMware since they introduced their very first hypervisor, and this release has added a number of new enhancements and features to that portfolio:
- Trusted Platform Module (TPM) 2.0 support for ESXi hosts: TPM 1.2 has been supported for many years on ESXi, but the upgrade to 2.0 will enhance the security of the encrypted data such as keys, credentials and hash values stored on multiple devices such as servers, laptops and desktops. Not backwards compatible with version 1.2, clients will need to upgrade all new device drivers and APIs.
- Virtual TPM 2.0: TPM 2.0 for VMs helps prevent VMs and hosts from being compromised by the loading of unauthorized components through unauthorized access. Guest and host level security is of utmost importance to VMware, and the ESXi and VM TPM 2.0 enhancement is a direct response to their consumer security teams’ requests.
- Support for Microsoft virtualization-based security: The entire range of Microsoft’s virtualization-based security technologies will be supported in vSphere 6.7. Guest-level security improvements within a Microsoft operation system in this version were a direct result of an increased collaborative partnership between VMware and Microsoft. VMware has been a very partner-focused company and this feature enhancement is proof of those efforts.
- Transport Layer Security protocol (TLS) 1.2: v6.7 adopts the latest version of the TLS protocol out of the box; older versions will be disabled by default.
- FIPS 140-2: Similar to TLS 1.2, v6.7 includes FIPS 140-2 as the default setting. Although this feature is turned on by default, VMware does not currently have the FIPS certification on their vSphere platform. Encrypted vSAN and VM Encryption utilize the VMware Kernel Cryptographic Module. TLS connections and certificate generation utilize the OpenSSL module, and both modules passed the FIPS 140-2 validated.
Still on the fence as to whether you should upgrade, no need to be shy. The new vCSA and HTML5 web client improvements alone are worth the price of admission. I just started to scratch the surface on what I felt were the most compelling new enhancements in vSphere 6.7. Unfortunately, I did not even get a chance to touch on some of the major storage enhancements like 4k Native Drive and RDMA Support. Be sure to check them out as well as the others.
Major improvements to the core functionality, UI, security and API integration for application development allow for easier administration. VMware vSphere continues to be the market leader in virtualization technology and this major version upgrade only cements them further on top. Your CDW team consists of experts on the entire VMware portfolio of products and we are waiting to assist you in utilizing our expertise on VMware’s product line to help you solve your most challenging business problems.