Save to My DOJO
Please note: a few weeks after its release, VMware decided to remove vSphere 7 Update 3 due to instabilities and problems encountered by customers who installed it in production environments. You can find more information in their official statement. If you have already updated your environment, refer to KB86398 to see if you might be impacted. You can reach out to VMware GSS support and they will assist you. VMware will communicate once they have fixed the release and open it for distribution again.
VMware released vSphere 7 u3 right before VMworld 2021 took place, during which a session was dedicated to vSphere 7 update 3. While the hottest topics at the moment revolve around modern apps and cloud computing, VMware is still building on the flagship hypervisor product that made them the leader in the virtualization industry.
This ultimate vSphere 7 release brings a lot of features and enhancements as well as addressing the elephant in the room, or rather the SD card in the server.
What’s new in vSphere 7 Update 3
The vSphere 7 u3 release will be the latest after vSphere 7 u1 and vSphere 7 u2 before VMware moves to the next major version (vSphere 8 I assume?). Anyway, this version addresses a number of key areas.
SD cards and USB drives deprecated as boot device
That one has been glooming above us since earlier this year when a number of customers started having lots of problems in vSphere 7 u2 due to the intensity of IO operations on those devices. Because they cannot keep up that would cause PSOD and all sorts of fun stuff for VI admins. We actually wrote a piece about this recently.
“SD and USB drives deprecated as boot device in vSphere 7 u3”
Up until now, VMware recommended using SSD or NVMe drives as boot devices or at least enterprise-grade SD cards. In vSphere 7 u3, they are simplifying the recommendations by saying “Buh Bye” to SD and USB. You will get the gist in the diagram above.
vCenter RDU (Reduced Downtime Upgrade)
This upgrade method comes from the way VMware upgrade their servers in VMware Cloud on AWS and is brought to on-premise vCenter server with vSphere 7 u3. It will significantly shorten the downtime caused by vCenter upgrades.
With vCenter Reduced Downtime Upgrade, a new VCSA appliance is created in parallel, the database and configuration are migrated to it. When the switchover happens, the only downtime will be the services startup. If everything is fine the old appliance is deleted, otherwise, a rollback is as easy as going back to the source VCSA.
“vCenter 7 u3 support reduced downtime upgrade (RDU), a VMC on AWS technology”
Oddly, this doesn’t appear in the release notes but it is only available through the API at the moment as VMware still considers that “it doesn’t have an official use” as of October 2021.
vSphere Cluster Services Changes
Since vSphere 7, cluster services run in dedicated lightweight virtual machines to ensures that DRS keeps working if vCenter Server becomes unavailable. Many in the community asked for the possibility to have more control over these virtual machines and VMware delivered in vSphere 7 u3.
You can now select a specific datastore to store the vCLS virtual machines.
“You can configure datastores to store the vSphere cluster VMs”
You can also define compute policies to set the behavior of DRS regarding vCLS virtual machines and other groups of VMs.
“Compute policies let you set DRS’s behavior for vCLS VMs”
Note also that the vCLS virtual machines are no longer named with parenthesis, they now include the UUID instead. This should fix a few PowerCLI scripts running out there in the wild.
“vCLS VMs now use the UUID instead of parenthesis in vSphere 7 u3”
vSphere Memory Monitoring and Remediation
Here’s a bit of background beforehand. Skip this section if you are familiar with persistent memory. Persistent memory modes include two different ways to access persistent memory:
-
- App Direct mode: Persistent memory devices can be accessed as byte addressable, persistent memory along with DRAM.
-
- Memory Mode: Traditional RAM, which has lower latency, is a cache tier and PMem devices are volatile and appear as the system’s memory. In this mode, it is transparent to the VMs.
“Persistent memory configured in Memory Mode”
vMMR (vSphere Memory Monitoring and Remediation) collects data and provides visibility of performance statistics so you can determine if your application workload is regressed due to Memory Mode without the need for a third-party tool. Note that DRS will make use of these statistics to balance the load.
vSphere 7 u3 offers a new pane for both VMs and hosts objects in the performance charts that show details such as memory usage, reclamation, miss rate and bandwidth.
“Persistent memory now includes performance metrics in vSphere 7 u3”
Along with these charts come preconfigured default alarms for “Host Memory Mode High Active DRAM Usage” and “Virtual Machine High PMem Bandwidth Usage”.
More accurate time synchronization with PTP (Precision Time Protocol)
Precision Time Protocol is an ethernet protocol that allows software and hardware-based timestamping for higher time synchronization accuracy (micro-second) compared to the NTP protocol. Up until vSphere 7 u2 you could configure PTP in software-based timestamping.
In vSphere 7 u3 you can now use hardware-based timestamping by using a PCI passthrough network device. Like before, NTP must be stopped in order for PTP to run. There is also the option to fallback to NTP servers when PTP doesn’t work.
“PTP is more precise than NTP and support hardware-based passthrough NICs in vSphere 7 u3”
Other enhancements to vSphere 7 u3
-
- Possibility to edit depot objects in image management of the lifecycle manager.
-
- Possibility to route NVMe-over-RDMA traffic to a specific interface thanks to a new vmnic tag.
-
- Added support for NVMe over TCP.
VMware vSAN 7 Update 3
New health checks
Additional health checks have been added in vSAN 7 u3 to make network diagnosing and monitoring easier along with the new “vSAN health correlation engine” to help find the root cause on cluster issues.
VM I/O trip analyzer
Another tool that used to be a fling and got productized in vSphere 7 u3. It allows you to get a visual representation of the latencies at each layer in the vSAN stack for a given VM. The aim of this tool is to simplify performance diagnosing.
“vSAN’s VM IO Trip Analyze used to be a fling that got productized in vSphere 7 u3”
vSAN cluster shutdown wizard
If you always feel a bit stressed when doing maintenance on your vSAN cluster, fear not, vSphere 7 u3 has got you covered. A wizard was added to easily shutdown or restart the cluster with prechecks that will offer steps for you to review in order to do the operation safely.
“Shutting down vSAN clusters is now easier and safer in vSphere 7 u3”
Improved stretched cluster resiliency
Stretched cluster resiliency was improved in vSphere 7 u3 in the case of site and witness failure. Stretched clusters running vSAN 7 u3 will now be able to tolerate downtime of a witness after a site failure by giving it 0 votes and giving more to the active components. This will simplify site-wide maintenance operations for instance.
To better picture it, say a site goes down in a 2 sites implementation. Your objects are still available as the witness and second site remains. Now if you were to lose the witness at a later point in time, your objects will remain available in the second site, which wasn’t the case in earlier releases.
“Site resiliency has been improved in cases of site and witness failure”
Other enhancements to vSAN 7 u3
More enhancements were made to vSAN in vSphere 7 u3 that we won’t describe in detail here such as:
-
- Skyline Health Correlation
-
- Greater data-availability with nested fault domains for 2-Node clusters
-
- Access Based Enumeration (ABE) for SMB shares via vSAN File Service
-
- Use TPM chip to store KMS encryption keys
-
- Now supports drives firmware to check hardware compatibility
-
- Support for vSAN Witness appliance for image-based lifecycle manager
More details in the vsphere 7 documentation.
vSphere with Tanzu in vSphere 7 u3
Because in 2021 we cannot do a what’s new without talking a little bit about vSphere 7 kubernetes, here are a few added features that were made to vSphere with Tanzu.
You may know that the release cycle of Kubernetes (and all open-source projects in general) is incredibly fast and hard to keep track of. vSphere 7 u3 adds support for Kubernetes 1.21 and drops 1.18 for supervisor clusters.
Workload management enablement enhancements
It will now be possible to edit the Supervisor cluster configuration after enablement for such settings as load balancer, networks, control plane scaling (up only)…
By the way, there should also be extra network and LB health checks and better error messages during workload management enablement. Because let’s be honest: who managed to enable Tanzu on the first go? And who understood the error messages thrown at you?
Simplified network setup for vSphere 7 kubernetes
In a lot of cases, the sticking point in enabling workload management was the network configuration that isn’t as straightforward, especially to build a simple lab. In order to simplify it, vSphere 7 u3 now includes flexible DHCP support to automatically populate network values that can be overridden.
That means you can configure the Management and Workload Networks with DHCP by only selecting the port group.
“vSphere 7 u3 adds DHCP as a network option for Tanzu workloads and management”
GPU-Enabled Kubernetes & Applications
Developers can create virtual machines from Kubernetes using the VM service that was released in vSphere 7 u2. They can now add GPUs to those VMs through the use of VM classes and images configured by the VI admin. The VI admin gets to set limits on these VM classes to contain GPU consumption.
Other enhancements in vSphere 7 kubernetes
Additional changes include:
-
- Support for ReadWriteMany (RWX) persistent volumes on vSAN.
-
- API update to the Tanzu Kubernetes Grid Service API to exposes additional fields.
-
- Metrics Server, which allows you to run the likes of “kube top nodes” or “kube top pods” is now included by default.
-
- Cluster nodes can be routed outside of the cluster network (No-Nat). You will require custom routing but now you can if you need to.
More details in the vsphere 7 documentation.
Conclusion
Following this year’s VMworld 2021 announcements, VMware customers will be happy to find that their investment is still being valued and built upon with vSphere 7 u3. While those new features may not be as shiny as others we got in previous versions, they will solve a number of challenges for VI admins and ever simplify the operations processes.
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!