Say hello to vSphere 6.5
Finally, the latest incarnation of the vSphere platform was announced this October at European VMworld event held in Barcelona.
Without further ado, let’s go over the salient features and improvements you’ll find in vSphere 6.5. To start with, vCenter Server Appliance 6.5 (vCSA) seems to be running on steroids given the major additions now gracing it. Some nifty features have also been added to VSAN and to storage in general. The security department has been given a much needed overhaul and indeed, VM and vMotion encryption is now available right out of the box.
At the time of writing, vSphere 6.5 is not available for download so this post is mainly a summary of the information gathered from some prominent blogs and VMware site. Credit goes to all the authors whose links you’ll find listed at the bottom.
Update: Roll on a year or so later and vSphere 6.5 Update 1 is now available. You can read about it here.
What’s new in vCSA 6.5
Some very interesting and new vCSA features make 6.5 one of the most worth-waiting-for releases to date in my opinion. Drooling over the list of goodies, it is glaring obvious that VMware’s plans for vCenter Server for Windows is to lay it to rest for good. I dare guess that with vSphere 7.0 released, the Windows version will be no more.
Regardless, here’s a rundown of what’s new in vCSA 6.5.
Native High Availability
There are a few HA options available for vCenter Server. Some of these include Fault Tolerance where the vCenter Server VM is replicated to another VM. Watchdog protection is enabled by default as is the ability to deploy vCenter on a 2-node Microsoft cluster.
With vSphere 6.5, VMware raises the bar even higher. The good news is that HA is now natively supported on vCSA. Note, however, that the option is not available on the Windows version. From what I understood, there are 2 deployment options, Basic and Advanced. The basic option is all wizard driven. Advanced, on the other hand, requires manual cloning of an instance of VCSA 6.5 which you’ll then use to set up a vCenter Server Active-Passive cluster. The good thing about the Advanced deployment option is that nodes participating in the vCenter cluster can reside in disparate physical data centers or sites. The cluster must include a witness node which is an appliance in itself but with a smaller resource footprint; 1GB RAM and one vCPU. Failover kicks in whenever the entire node or a number of key services fail. Again, I have yet to try this out but on paper it looks fantastic.
vSphere Update Manager (VUM)
Prayer, it seems, does work after all. VUM, has finally been embedded in vCSA which means that you will not be needing a separate Windows box running VUM. Time to party!
Native Backup and Restore
Yet another feature that warrants a big round of applause. In-built backup and restore functionality is now native to vCSA. Using VAMI or API, the following items can be now be backed up, using streaming protocols such as SCP, to a supported storage device; PSC, VCSA, VUM and Auto Deploy.
Update: Here a follow-up article describing one such method.
The HTML5 based client UI which I wrote about here, is now officially included with vCenter Server 6.5. The bad news is that it is nowhere up to par with the vSphere Web client in terms of features and functionality offered. This means we’re still stuck with the Flash-based client in the short term. On an equally discordant note, the C# thick client is now officially dead except that you can still connect to ESXi 6.5 but not to vCenter Server 6.5. This should not come as a surprise as we all saw this one coming.
The silver lining is that the vSphere Web Client has been revamped to offer better performance, a live refresh and an overall improved layout. Still, from a marketing standpoint, I can’t understand the logic of introducing a semi-baked feature. My guess is that the release dates were not met and VMware decided to compromise.
Little has changed as far as the remaining management tools are concerned. The embedded ESXi Host and Appliance Management tools remain unchanged except that the latter exposes additional statistics and health information compared to previous versions.
Using content libraries, you will now be able to mount ISOs on VMs stored in the library as well as being able to carry out guest OS customization. I had included both in my wish list here.
Last but not least, the client integration plug-in has been finally dropped. Thanks for that!
Installer and Migration Tool
A revamped installer now includes the much coveted migration tool. Although recently released, the tool has nevertheless been improved to cater for a number of migrations paths including vCenter for Windows v5.5 and 6.0 to vCSA 6.5. Apart from being accessible from the vCSA installer, you also get to fine tune what actually gets migrated, VUM baselines and updates included.
Another novelty is that vCSA now runs on Photon OS as opposed to SUSE Enterprise Server. One great feature of this new OS is the ability to run and deploy containers such as Docker and vSphere Integrated Containers (VIC).
So, what’s new with vSphere 6.5 in general?
Here’s a summary of what you’ll find included in vSphere 6.5.
- An overhauled and simpler HA Admission Control settings screen. I’m referring to the HA settings for a vSphere cluster.
- A performance degradation warning prior to HA restarting a vm.
- Two new levels of vm restart priorities these being Highest and Lowest.
- Improved HA orchestrated restart.
- Proactive HA where the vCenter server makes HA related decisions based on alerts received from 3rd parties such as a server’s hardware monitoring framework.
- Quarantine or Mixed mode – These are 2 new modes in addition to maintenance mode. A degraded ESXi 6.5 host can now decide to either evacuate all hosted vms or simply keep them running while refusing to hosting new ones. The chosen mode depends on the severity of the failure. This allows an admin to carry out specific tasks which are otherwise impossible to perform when the host is in maintenance mode.
- New options including VM Distribution, Memory Metric for Load Balancing and CPU Over-commitment. These new features are explained in great detail here.
- Network-Aware DRS in addition to CPU and Memory load balancing based decisions. This is also leveraged by the Fault Tolerance component.
- Predictive DRS using data collected via vROps (Operations Manager).
- Improved host profiles.
- Revamped host profiles editor.
- Simplified auto-deploy process using a dedicated GUI.
- ESXi server now supports up to 480 physical processors and 12TB of RAM.
- Support for 64TB datastores.
- VMFS6. Great article here.
- RESTful API for vCenter.
- PowerCLI Core.
- Multi-platform CLI (DCLI)
Cluster and VM specific
- Virtual Hardware v13.
- Resource maxima increased to 6TB of RAM and 128 vCPUs per vm.
- Maximum number of powered on machines on vCenter now stands at 20,000.
- Improved VMware Tools lifecycle management including a rebootless tools upgrade for Linux vms.
- Tighter integration with DRS in part thanks to network bandwidth monitoring on DRS’ part.
- Multi-NIC support which sees an increases in the channel bandwidth available for FT traffic.
Nested ESXi is still a feature not supported by VMware. Nevertheless, 6.5 introduces new aspects to facilitate nested ESXi. These include;
- Paravirtual SCSI (PVSCSI) support. Driver is bundled in VMware Tools for nested ESXi.
- GuestOS customization is now possible when creating or cloning a vm from template.
- Pre-vSphere 6.5 enablement on vSphere 6.0 Update 2. What this means is that you can easily test out vSphere 6.5 in nested mode on vSphere 6.0 U2.
New Security Features
There are a ton of improvements and new features included in vSphere 6.5, much to the excitement, I suppose, of many a security team.
- vMotion traffic can now be encrypted out of the box. What this means is that VPNs and similar are no longer required to ensure that vMotion traffic travels in encrypted form over unsecured WAN links.
- VMDKs can now be encrypted in order to secure critical and information sensitive virtual machines.
- Secure Boot Support for both the ESXi Host and the guest vm via image tamper proof technology.
- File integrity monitoring in accordance with PCI DSS requirements.
- Enhanced vCenter Events, Alarms and vSphere Logging allowing for better auditing at a granular level.
vSAN 6.5 Enhancements
- VSAN can now be used to provision iSCSI luns via a VSAN iSCSI target. A great thing to have if you don’t have any shared storage to play with not to mention that changes can be effected on the fly via storage policies.
- 2-Node direct connect. This basically means that ESXi hosts can be wired back to back – an Ethernet cable running from a 10GbE nic on one host to another – eliminating the need for costly 10GbE switches.
- Support for 512e drives.
- New PowerCLI support
- All-Flash configuration is now available via Standard licensing.
Here’s a list of references without which this post would have never been possible.
Have any questions or feedback?
Leave a comment below!