Save to My DOJO
Hyper-Converged Infrastructure (HCI) such as VMware vSAN has taken the server and storage world by storm. If you are coming up on the end of life for your virtualization clusters in your data center, you will most likely have HCI solutions on your shortlist of options for the refresh. VMware vSAN 7.0 new features in vSphere 7 make it a compelling option for HCI for most organizations.
In this post, we will take a look at VMware vSAN 7.0 new features in vSphere 7 and get a feel for the new capabilities that vSAN 7.0 brings to the enterprise data center.
Before we dive into the new features that are found in the latest VMware vSAN release, let’s take a step back and briefly cover what is vSAN VMware exactly. VMware vSAN is a software-defined storage (SDS) solution that is embedded in the ESXi hypervisor. It provides the basis for hyper-converged infrastructure (HCI) built on top of VMware vSphere.
VMware vSAN allows organizations to have shared storage between hypervisor hosts without having a separate physical storage device such as a storage area network (SAN). It does this by using local disks installed inside each hypervisor host that are pooled together to form logical storage.
“VMware vSAN offers a shared datastore by leveraging local disk in vSphere hosts”
Each host has disks that are designated as either part of the cache tier or capacity tier. Writes are first written to the cache tier and then de-staged to the capacity tier for performance. VMware vSAN is a special kind of object storage that makes use of objects to represent each component of the virtual machine on the vSAN datastore. VMware vSAN is a feature inside of vSphere that is enabled at the cluster level. If you want to know more about the nitty-gritty details, you can check out the vSAN reference architecture guide.
VMware vSAN allows organizations to benefit from the modern advancements of software-defined storage. These include streamlined operations, intelligent capacity management, and performance benefits for your virtual machines. It can also benefit organizations with a lowered total cost of ownership (TCO).
Since VMware vSAN is included “in the box” as part of the management of VMware vSphere using the vSphere Client, it is simply “part” of the management tools that are provided with VMware vSphere. There is no secondary management interface or tool required to administer vSAN along with vSphere. It is all found in the same web UI. This leads to greatly streamlined and simplified day-to-day operations. Additionally, as we will see later, lifecycle management in vSAN allows your organization to manage the lifecycle of your vSphere environment as well as firmware for the underlying hardware, all from within the purview of vCenter Server. This makes maintenance operations much easier and maintenance windows much shorter for organizations.
From an intelligent storage perspective, vSAN provides the ability to take advantage of VMware’s Storage Policy Based Management (SPBM). SPBM is a storage policy framework that provides a single control plane that allows granularly defining performance, availability, and other characteristics for a specific VM, even down to a specific virtual disk (VMDK). By using SPBM, organizations are empowered with the tools needed for accurate control of storage services in vSAN. Let’s think about a real-world example of how SPBM can benefit your organization. An example of how this granularity might come into play would be a virtual machine running Microsoft SQL Server.
You may want to ensure that the log and data drives have more availability or “failures to tolerate” than other disks or other VMs. This can easily be defined with the SPBM policies that are available by means of VMware vSAN. You can assign a higher failure to tolerate policy to those specific VMDKs to provide even greater fault tolerance.
In general, vSAN provides advantages in key areas including the following:
- Simplified operations – It simplifies and abstracts the complexity of underlying storage and presents these constructs in an easy to manage way within the vSphere Client.
- Enhanced security – VMware vSAN offers native HCI encryption that provides an easy way to satisfy compliance regulations and bolster the security of your data
- Performance – With SPBM and awareness and intelligence with the latest storage hardware and technologies such as NVMe, vSAN provides great performance benefits for business-critical workloads
- Reduced total cost of ownership (TCO) – With simplified management, enhanced security, and easy service delivery, using vSAN for the underlying storage of your virtual environment provides a great way to reduce the TCO of your virtualized environment
The VMware vSAN 7 requirements are fairly straightforward.
- VMware vCenter Server – vCenter is required to “turn on” the vSAN feature at the cluster-level
- VMware vSAN License – vSAN is a separate license on top of vSphere licensing for vCenter and ESXi
- Use VMware vSAN certified hardware – While not a strict requirement, using VMware vSAN certified hardware helps to minimize any potential issues running vSAN. Dell EMC VxRail is an example of an HCI platform that can provide a turnkey solution to vSAN service delivery.
- A minimum of 2 nodes are required (with an additional witness appliance) – VMware vSAN can be operationalized with only 2 physical nodes, all the way up to 64 physical nodes.
- A minimum of (1) cache disk and (1) capacity disk per host – Disks can be configured in hybrid mode with a cache tier using flash and a capacity tier using a traditional magnetic disk or an “all-flash” configuration with both tiers using flash drives.
- A VMkernel port configured for VMware vSAN specific traffic – A minimum of 1GB network connectivity is required between hybrid hosts and a 10GB connection is required for “all-flash” hosts.
On top of the benefits that we have already covered with VMware vSAN, VMware vSAN 7.0 serves to extend and expand the capabilities, features, and functionality of vSAN. It includes the following new features in vSphere 7 to take note of:
- Simplified Management
- Native File Services
- Enhanced cloud-native storage
- Enhanced 2-node and stretched cluster functionality
- Operational enhancements
The latest version with VMware vSAN 7 Update 3 includes the following improvements. You can find the complete list of enhancements in the vSAN 7.0 Update 3 release notes.
- CNS platform improvements
- vSAN stretched cluster topology support for vanilla Kubernetes clusters
- Support of ReadWriteMany Persistent Volumes for Tanzu Kubernetes Grid
- Improvements to vSAN Data Persistence Platform (vDPp)
- Simplified operations for cluster shutdown or restart, enhancement troubleshooting capabilities, FCD performance, and many others
- Enables stretched clusters to tolerate planned or unplanned downtime of a site and the witness
An area that hyper-converged infrastructure (HCI) excels in is the area of simplified management. With VMware vSAN 7.0 in vSphere 7.0, VMware has done a lot of work to improve and streamline the workflows of lifecycle management and other aspects of vSAN 7.0 management.
With VMware vSAN, the tooling, operations management, and lifecycle management is all found in one place – the vSphere Client connected to vCenter Server. Within the vSphere Client, vSphere administrators can find all the tools and configuration they need to provision, manage, and troubleshoot VMware vSAN while VMware vSAN 7.0 abstracts all of the intricate complexities underneath the hood. It presents the HCI storage to the vSphere administrator as an easy-to-understand construct.
There is more to a hyper-converged infrastructure solution like vSAN than simply running your workloads on top of software-defined storage. Lifecycle management of the storage solution is extremely important. For those who are familiar with previous versions of VMware vSphere prior to vSphere 7, the vSphere Update Manager (VUM) is the tool that is used to keep VMware vSphere updated.
With vSphere 7, VMware has introduced a great new tool that far surpasses the capabilities of VUM called the vSphere Lifecycle Manager (vLCM). With the new vLCM tool, you can do everything you could do in VUM and much more. There are significant differences between VUM and vLCM in the methodology they use to apply updates to your vSphere environment. VMware is taking a page from the DevOps movement by designing vLCM to operate with a declarative approach to lifecycle management. How so?
The declarative model establishes how you want the infrastructure to “look”. Any deviation from this desired state that is defined in the declarative model is a deviation from the model that requires remediation. The new vSphere Lifecycle Manager uses this approach to create a desired state of the hosts in your VMware vSphere vSAN 7.0 cluster. The declaration of the desired state of the hosts in your vSphere 7.0 cluster is accomplished by using a host image. Compliance is then checked for each host against the host image. The question may be asked, is this simply a better tool to apply vSphere updates? No.
Most administrators who come from traditional storage environments are accustomed to using multiple tools and sources for applying updates to their vSphere infrastructure. Most currently use vSphere Update Manager (VUM) to apply the vSphere updates and then vendor-provided tools to update firmware on their vSphere hosts in the cluster. The new vSphere Lifecycle Manager tool is more than just a better VUM. With the new tool, VMware is unifying the lifecycle management of not only vSphere updates but also firmware updates for storage controllers and other storage-level components.
Below, an architectural overview of the vSphere Lifecycle Manager displays how
VMware vSAN 7.0 simplified lifecycle management of vSphere and Firmware updates (image courtesy of VMware)
Now as part of the remediation procedure when checking your cluster for compliance using the new vSphere Lifecycle Manager (vLCM), you have the option to choose Vendor Addons as well as Firmware and Drivers Addon.
VMware vLCM provides the ability to select Vendor addons and Firmware and Drivers Addon
Vendor Addons are available in the vSphere Lifecycle Manager using the Image remediation wizard.
Vendor addons providing the ability to add vendor-specific modules during updates
With the new capabilities of vSphere Lifecycle Manager, your organization has a single-pane-of-glass management plane that allows taking care of updates not only for vSphere but also for firmware and other vendor-related updates. This helps to drastically reduce the complexity of lifecycle management.
Additionally, maintenance windows can be reduced since all operations can be performed in a single window of time using the same tool. Using the declarative nature of vLCM also helps to ensure that all hosts that are scanned for compliance are consistently remediated to a known image with the same modules and firmware.
Another advantage of leveraging VMware vSAN 7.0 in your environment is the simplified management that comes from vSAN’s integration within the vSphere Client. By using vSAN 7.0, your organization is able to manage the underlying storage as part of the vSphere environment.
With traditional storage environments, this may require interaction between both storage admins and vSphere admins to perform simple operations such as provisioning storage or troubleshooting an issue. With vSAN this can be carried out under the same management plane along with other vSphere operations.
Running vSAN 7.0 on top of vSphere 7 provides the tightest and most seamless integration to date for vSAN operations in your vSphere environment. VMware has improved the management dashboards, workflows, and visibility to all areas of the vSAN infrastructure.
Generally speaking, to create a highly available file share for business-critical applications requires a Storage Area Network (SAN) to be provisioned for storage space or storage is mounted to a virtual machine that is running as a workload in your environment.
With vSAN 7.0, there is a better and more efficient way to accomplish this. New to vSAN 7.0, native file services are included. With VMware vSAN 7.0, you can configure native NFS v4.1 and v3 file shares on top of your vSAN 7.0 datastore.
This brings general file storage as a service provided by vSAN 7.0 all from within the vSphere Client. This helps to fold a generally disjointed aspect of business-critical infrastructure (file services) into the purview of vSAN and by extension, vSphere administration.
The new native file that services as part of vSAN 7.0 is configured and managed all from within the services settings of the general vSAN configuration underneath the vSphere cluster configuration.
The native file services in VMware vSAN 7.0 is configured under the Cluster configuration: vSAN > Services > File Service > Enable.
Configuring the native file services in VMware vSAN 7.0
VMware vSAN 7.0 File Services is easily configured using the Configure File Services wizard. In the file services wizard, you will configure:
- File service agent
- Domain (namespace)
- IP Pool
The file services agents are a downloadable OVF template file from VMware.
The Configure File Service wizard sets up the file services on vSAN 7.0
The wizard will configure (3) new file service nodes that will be created under a new resource pool called ESX Agents.
File services agents successfully deployed
After the file services agents are deployed, the cluster is ready to host the NFS v4.1 and v3 shares. To add the File Service Shares, navigate to Configure > vSAN > File Service Shares > Add. This will launch the wizard to create the new vSAN 7.0 hosted file share.
New vSAN 7.0 file share created successfully
The new file service shares are not the only storage-related enhancement with vSAN 7.0. One of the major enhancements with vSphere 7.0 is the addition of native Kubernetes services built into vSphere itself. Starting with vSAN 6.7 U3, VMware introduced cloud-native storage. This allowed integration and visibility into container volumes through the vSphere client enabling running, monitoring, and managing of containers and virtual machines on the same platform.
There have been many improvements added with vSAN 7.0. This includes:
- Native file services as persistent volumes for Kubernetes clusters
- Encryption and snapshots
- vSphere add-on for Kubernetes enabling stateful containerized workloads on vSAN
Below, an overview of the new vSAN 7.0 cloud-native storage shows the tight integration for cloud-native storage.
Cloud-native storage in vSAN 7.0 (image courtesy of VMware)
Running Kubernetes on top of the native file services now in vSAN 7.0 allows having a deep level of insight regarding the persistent volumes that are residing on vSphere storage. This prevents having to switch between different views (vSphere, array, datastores, etc).
VMware vSAN provides a great feature that helps to extend the availability of business-critical workloads. This is the stretched cluster. The stretched cluster allows vSAN HCI cluster hosts to participate in vSAN storage in different physical locations. This provides a higher level of fault tolerance since you have more than one failure domain.
It helps to ensure that if even if a failure is experienced at the site level, business-critical resources are still available in a secondary site. Stretched clusters use a component called a witness host to ensure there is a majority of components available if either site goes down.
The witness host is a specialized virtual appliance that contains no data that is used in storage operations. Rather it houses specialized metadata components that serve the purpose of maintaining quorum. The vSAN 2-Node cluster is a specialized type of stretched cluster configuration that provides the ability to run a vSAN cluster with a minimum of two nodes for housing data in a single site.
Like the stretched cluster mentioned, the 2-node cluster makes use of a witness host to provide the witness component metadata to provide a quorum for the 2-node cluster. The witness host can be flexibly housed on a low-bandwidth connection.
The 2-node configuration provides a really great option for organizations looking to make use of vSAN in edge use cases where hardware and other resources may be limited. With VMware vSphere 7, VMware has enhanced many aspects of the stretched cluster, including the 2-node cluster. What do these improvements include?
VMware vSAN 7 stretched clusters include the following enhancements:
- Enhanced VM placement intelligence
- Enhanced resilience
- Intelligent capacity management
One of the areas that VMware has enhanced with vSphere 7.0 is the Distributed Resource Scheduler (DRS). Among the many other improvements, DRS capabilities have been enhanced in regard to stretched clusters. DRS has been tweaked with vSAN 7 to more intelligently place VMs after a failure.
With stretched clusters in vSAN 7, after a failure, DRS will ensure the virtual machine is housed at the same site until the resynchronization operation completes. This ensures that all read operations for resynchronization happen at the same site and there are no read operations that must travel between the WAN link to other stretched cluster nodes. In turn, performance is impacted much less when these read operations happen on the same site.
When the resynchronization operation is completed successfully, DRS will then migrate the VM to the best cluster node in the best site if this differs from where the VM currently resides.
Resilience has also been improved with vSAN 7. In the event of a site failure, with the newly improved resilience in stretched clusters in vSAN 7, vSAN can determine more efficiently which location has a copy of the data that needs recovering. This involves the help of the witness host in pinpointing which location has a quorum for the stretched cluster.
Also, when a witness host is replaced in vSAN 7, the synchronization operation now begins immediately so the witness objects can be replaced as soon as possible. This helps to get vSAN in a healthy state as soon as possible so this transient vulnerability can be minimized as much as possible.
VMware vSAN 7 introduces new capacity management features and capabilities in the stretched cluster configuration that provide extended functionality when compared to previous vSAN releases. In constrained capacity management situations where capacity may be limited, vSAN 7 stretched clusters use enhanced tactics to help minimize the impact of the capacity impairment at a particular site. What are these?
- I/O is redirected to a site in the stretched cluster that has available capacity
- VMs are allowed to continue to operate in capacity-constrained situations
- Rebalancing of the vSAN 7 cluster within the same site to more evenly distribute the capacity between hosts
Aside from the new features already covered There are many other new features that are found in the vSAN 7.0 release as part of vSphere 7. These include the following:
- Visibility to vSphere Replication operations – With vSAN 7, administrators can now see vSphere replication related object data at the VM object level and in the cluster-level views
- Larger capacity drives support – vSAN 7 supports newer and larger capacity drives
- NVMe hotplug – Adding, removing, and relocating NVMe drives can now be performed in a “hotplug” fashion, minimizing maintenance windows
- Removed VMware vSAN 7 requirements for the shared disk on vSAN requiring Eager Zero Thick disks – Now longer is it required to eager zero thick provision disks that are shared multi-writer disks on vSAN 7
VMware vSAN 7 Update 2 also brought the VSAN HCI mesh to compute cluster feature which allows vSAN clusters to remotely mount the datastore of another (remote) vSAN cluster, hence sharing the storage capacity and span its usage to a wider pool of computing resources.
Upgrading to vSAN 7.0 involves the same steps as any vSphere environment with only the added step of the vSAN on-disk format. You can find the vCenter and vSphere upgrade process in this blog.
The steps to upgrade to VMware vSAN 7 are as follows:
- Upgrade vCenter Server
- Upgrade all vSphere ESXi hosts
- Upgrade vSAN 7 disk format
The vSAN on-disk format is comparable in a way to the virtual hardware (compatibility) of a virtual machine. Upgrading the VMware vSAN on-disk format will unlock the latest features of vSAN. The vSAN on-disk format version you will upgrade to will depend on the underlying vSphere version, for instance, the on-disk format on vSAN 7.0 update 3 will be version 15. You can find the list of versions here.
In order to upgrade the vSAN on-disk format, browse to Monitor > vSAN > Skyline Health > Disk format version > Upgrade vSAN disks format status. Note that this is a long operation and it cannot be rolled back. During the upgrade, you get to choose whether to tolerate reduced redundancy of your virtual machines, in which case the VMs are not protected during the duration of the upgrade, or not to tolerate it and have the data evacuated to other hosts during the upgrade. The latter will obviously mean that the process will take longer but the workloads will be protected against a host or disk failure.
To properly protect your VMware environment, use Altaro VM Backup to securely backup and replicate your virtual machines. We work hard perpetually to give our customers confidence in their VMware backup strategy.
To keep up to date with the latest VMware best practices, become a member of the VMware DOJO now (it’s free).
VMware vSAN 7.0 new features in vSphere 7 include really great new capabilities that will benefit enterprises large and small. VMware has given attention to basically all aspects of vSAN and has continued to modernize the platform for today’s use cases, including Kubernetes, cloud, and DevOps methodologies.
VMware continues to simplify management, operations, and troubleshooting with vSAN 7.0. Administrators have a single-pane-of-glass view for all vSAN related tasks, all found within the vSphere Client. This is one of the major appeals of the vSAN platform. Organizations are looking for solutions that are simple and easy to deploy while providing the tools needed for day-to-day tasks and VMware vSAN 7.0 continues to deliver that effectively along with vSphere 7.
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!