What’s New in vSphere 5.0? Dan Wofford Staff Systems Engineer - VMware Agenda Cloud Infrastructure Launch and Product Set What’s New vSphere 5.0 Platform What’s New vSphere 5.0 Storage What’s New vSphere 5.0 Networking. In 2011 VMware is Introducing a Major Upgrade of the Entire Cloud Infrastructure Stack New vCloud vCloudDirector Director1.5 vShield Security vShield 5.0 Cloud Infrastructure Launch (vSphere, vCenter, vShield, vCloud Director) vCenter Operations 1.0 vCenter Management vCenter SRM 5.0 vSphere vSphere vSphere5.0 vSphere VMware vSphere : The Industry’s Leading Virtualization Platform vCenter Server Application Services • Host Profiles • Orchestrator • Linked Mode • Update Mgr • HA • FT • vMotion/S vMotion • Data Recovery • VMsafe APIs • vShield Zones • Hot Add • # of Hosts, VMs Availability Security Scalability Compute Storage Network • ESX/ESXi • DRS/DPM • Memory Overcommit • VMFS • Thin Provisioning • Storage I/O Control • Storage APIs • Distributed Switch • Network I/O Control VMware vSphere 4.1 Infrastructure Services Introducing… The Best Platform for Cloud Infrastructures VMware vSphere 5.0: What’s New? vCenter Server • Virtual Appliance • Web Client • New HA Architecture • vMotion over • ESXi Firewall • 32 way SMP • 1 TB VMs higher latency links Application Services Availability Security Scalability Compute Storage Network VMware vSphere 5 Infrastructure Services • ESXi Convergence • Auto Deploy • HW version 8 • Storage DRS • Profile-Driven Storage • Network I/O Control (per VM controls) • VMFS 5 • Distributed Switch • Storage I/O Control (NFS) (Netflow, SPAN, LLDP) Infrastructure Services – Compute, Storage, Network Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements ESXi Convergence Most Trusted Overview vSphere 5.0 will utilize the ESXi hypervisor exclusively ESXi is the gold standard for hypervisors vSphere ESXi Benefits Thin architecture Smaller security footprint Streamlined deployment and configuration Simplified patching and updating model The Gartner Group says… “The major benefit of ESXi is the fact that it is more lightweight — under 100MB versus 2GB for VMware ESX with the service console.” “Smaller means fewer patches” “It also eliminates the need to manage a separate Linux console (and the Linux skills needed to manage it)…” “VMware users should put a plan in place to migrate to ESXi during the next 12 to 18 months.” Source: Gartner, August 2010 Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements ESXi Command Line Why a new ESXi CLI tool? • Console CLI and remote vCLI are different • Need to learn multiple CLIs • Local commands don’t work remote, remote commands don’t work locally • Commands evolved from multiple sources using different standards • No formal process for adding or updating commands • Inconsistent output and syntax • Output format changes from command to command • Different commands have different input parameters • Remote CLI limited compared to local CLI ESXCLI establishes a standard with an extensible framework. Going forward ESXCLI commands will be backward compatible vSphere 5.0 CLI Compatibility Commands Run Local Run Remote ESX/ESXi 4.x ESXi 5.x esxcfg1 Yes No Yes No esxcli2 Yes Yes No Yes vicfg3 No Yes Yes Yes vmware-cmd Yes Yes Yes Yes vmkfstools Yes Yes Yes Yes PowerCLI No Yes Yes Yes 1. ‘esxcfg’ commands deprecated in 5.0 (replaced with esxcli) 2. ‘esxcli’ in 4.x is *not* backward compatible with 5.0 3. ‘vicfg’ used for remote CLI only Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements ESXi 5.0 Firewall Features Capabilities • ESXi 5.0 has a new firewall engine which is not based on iptables. • The firewall is service oriented, and is a stateless firewall. • Users have the ability to restrict access to specific services based on IP address/Subnet Mask. Management • The GUI for configuring the firewall on ESXi 5.0 is similar to that used with the classic ESX firewall — customers familiar with the classic ESX firewall should not have any difficulty with using the ESXi 5.0 version. • There is a new esxcli interface (esxcfg-firewall is deprecated in ESXi 5.0). • There is Host Profile support for the ESXi 5.0 firewall. • Customers who upgrade from Classic ESX to ESXi 5.0 will have their firewall settings preserved. UI: Security Profile The ESXi Firewall can be managed via the vSphere client. Through the Configuration > Security Profile, one can observe the Enabled Incoming/Outgoing Services, the Opened Port List for each service & the Allowed IP List for each service. UI: Security Profile > Services > Properties Through the Services Properties, one can configure if a service should be automatically started. Services can also be stopped & started on-the-fly. UI: Security Profile > Firewall > Properties In the Firewall properties, one can check or uncheck the checkbox associated with a service to enable/disable access. Service name, open ports and status are also displayed. Ruleset Enabled Allowed IP Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements Composition of an ESXi Image Core Hypervisor Plug-in Components CIM Providers Drivers ESXi Image Deployment Challenges • Standard ESXi image from VMware download site is sometimes limited • Doesn’t have all drivers or CIM providers for specific hardware • Doesn’t contain vendor specific plug-in components ? Missing CIM provider Missing driver Standard ESXi ISO • Base providers • Base drivers Describing ESXi Components VIB • “VMware Infrastructure Bundle” (VIB) • Software packaging format used for ESXi • Often referred to as a “Software Package” • Used for all components • • • • ESXi Base Image Drivers CIM providers Other components • Can specify relationship with other VIBs • VIBs that it depends on • VIBs that it conflicts with Managing Customized ESXi Images Image Builder: a set of command line utilities for… • Creating and managing image profiles • Building ESXi customized boot images, e.g. • Installable ISO • Bundle suitable for PXE installation or Flash • Initial version is based on PowerCLI • Snap-in component bundled as part of VMware’s PowerCLI tools Depot • A repository containing • Image profiles • VIBs • Can have multiple depots, with two types • On a web server • Encapsulated in a .ZIP file Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements Auto Deploy Overview Deploy and patch vSphere hosts in vCenter Server with Auto Deploy minutes using a new “on the fly” model Coordination with vSphere Host Profiles Image Profiles Host Profiles Benefits Rapid provisioning: initial deployment and patching of hosts vSphere vSphere vSphere Centralized host and image management Reduce manual deployment and patch processes Auto Deploy Components Component Sub-Components Notes PXE Boot Infrastructure • DHCP Server • TFTP Server • • • Setup independently gPXE file from vCenter Can use Auto Deploy Appliance Auto Deploy Server • Rules Engine • PowerCLI Snap-in • Web Server • • Build/Manage Rules Match server to Image and Host Profile Deploy server Image Builder • Image Profiles, • PowerCLI Snap-in • Combine ESXi image with 3rd party VIBs to create custom Image Profiles vCenter Server • Stores Rules • Host Profiles • Answer Files • • Provides store for rules Host configs saved in Host Profiles Custom Host settings saved in Answer Files • • Agenda: vSphere 5.0 Platform ESXi ESXi CLI ESXi Firewall Image Builder Auto Deploy vSphere Update Manager Platform Enhancements How Does A User Plan an ESX to ESXi migration? 1. Visit the ESX and ESXi Info Center 2. Start testing ESXi • If you’ve not already deployed, there’s no better time than the present 3. Ensure 3rd party solutions used by your customers are ESXi Ready • Monitoring, backup, management, etc. Most already are. • Bid farewell to agents! 4. Familiarize with ESXi remote management options • Transition any scripts or automation that depended on the COS • Powerful off-host scripting and automation using vCLI, PowerCLI, … 5. Plan an ESXi migration as part of vSphere upgrade • Testing of ESXi architecture can be incorporated into overall vSphere testing ESXi and ESX Info Center All Resources in One Centralized Location ESX to ESXi Migration with VMware Update Manager Supported Paths • Migration from ESX (“Classic”) 4.x to ESXi 5.0 • For VUM-driven migration, pre-4.x hosts will have to be upgraded to 4.x first • Might be better just to do fresh install of ESXi 5.0 Preservation of Configuration Information • Most standard configurations will be preserved, but not all: • Information that’s not applicable to ESXi will not be preserved, e.g. • /etc/yp.conf (no NIS in ESXi) • /etc/sudoers (no sudo in ESXi) • Any additional custom configuration files will not be preserved, e.g. • Any scripts added to /etc/rc.d Confidential ESXi Migration and Third-Party Software Supported components • Upgrade of third-party components limited to • Cisco Nexus 1000v • EMC PowerPath • During upgrade, if either of these is detected on starting host • Target ESXi image is checked for presence of these modules • If found, upgrade proceeds • If not found, option provided to override and proceed • Otherwise, halt All other components • Starting host not checked for other third-party software • Upgrade process will not preserve anything • Up to Admins to take care of replacing Confidential Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage vMotion Storage I/O Control Storage DRS VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet Introduction to VMFS-5 Enhanced Scalability • Increase the size limits of the filesystem & support much larger single extent VMFS-5 volumes. • Support for single extent 64TB Datastores. Better Performance • Uses VAAI locking mechanism with more tasks. Easier to manage and less overhead • Space reclamation on thin provisioned LUNs. • Smaller sub blocks. • Unified Block size. VMFS-5 Versus VMFS-3 Feature Comparison Feature VMFS-3 VMFS-5 Yes (using extents) Yes Support for 2TB+ Physical RDMs No Yes Unified Block size (1MB) No Yes Atomic Test & Set Enhancements No Yes 64KB (max ~3k) 8KB (max ~30k) No 1KB 2TB+ VMFS Volumes (part of VAAI, locking mechanism) Sub-blocks for space efficiency Small file support VMFS-3 to VMFS-5 Upgrade The Upgrade to VMFS-5 is clearly displayed in the vSphere Client under Configuration → Storage view. It is also displayed in the Datastores → Configuration view. The upgrade is non-disruptive. Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet VAAI – Introduction vStorage API for Array Integration = VAAI VAAI’s main purpose is to leverage array capabilities. • Offloading tasks to reduce overhead • Benefit from enhanced mechanisms arrays mechanisms The “traditional” VAAI primitives have been improved. We have introduced multiple new primitives. Application VI-3 Support for NAS! Hypervisor Non-VAAI Fabric Array LUN 01 VAAI LUN 02 VAAI Thin Provisioning – Dead Space Reclamation Dead space is previously written blocks that are no longer used by the VM. For instance after a Storage vMotion. vSphere conveys block information to storage system via VAAI & storage system reclaims the dead blocks. • Storage vMotion, VM deletion and swap file deletion can trigger the thin LUN to free some physical space. vSphere • ESXi 5.0 uses a standard SCSI command for dead space reclamation. VMFS volume A VMFS volume B Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet Storage DRS Overview Group “like” datastores in a datastore Storage vMotion cluster. Initial placement of VMs/VMDKs Datastore maintenance mode Space and I/O load balancing Affinity and anti-affinity rules Benefits Datastore Cluster Scalable storage management Reduce time for VM provisioning Eliminate VM downtime for storage maintenance Automated Out of space avoidance Automated I/O bottleneck avoidance SDRS Scheduling SDRS allows you to create a schedule to change its settings. This can be useful for scenarios where you don’t want VMs to migrate between datastore or when I/O latency might rise, giving false negatives, e.g. during VM backups. So What Does It Look Like? Provisioning… So What Does It Look Like? Load Balancing. The Storage DRS tab will show “utilization before” and “after”. There’s always the option to override the recommendations. Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet Performance Guarantees – Network and Storage I/O Control 3. w/ I/O controls, 2. Other VMs can givestarved VIP VMs are preferential access for resources 1. VM requests more resources Overview Set up SLAs for use of storage and network resources Added per virtual machine settings for Network I/O Control Added NFS support for Storage I/O Control Benefits Eliminate the “noisy neighbor” problem More granular SLA settings for network traffic Extend Storage SLAs to more VMs Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet What Is vStorage APIs Storage Awareness (VASA)? VASA is an Extension of the vSphere Storage APIs, vCenter-based extensions. It allows storage arrays to integrate with vCenter for management functionality via server-side plug-ins or Vendor Providers. This in turn allows a vCenter administrator to be aware of the topology, capabilities, and state of the physical storage devices available to the cluster. VASA enables several features. • For example it delivers System-defined (array-defined) Capabilities that enables Profile-driven Storage. • Another example is that it provides array internal information that helps several Storage DRS use cases to work optimally with various arrays. Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet Profile-Driven Storage Overview Tier storage based on performance or High IO Throughput Tier 1 SLA characteristics View a list of all compliant storage resources Tier 2 Tier 3 Benefits Utilize the correct storage resources every time (no mistakes) Help IT personnel that may not be as familiar with storage characteristics align with business and application goals Improve storage utilization and efficiencies Selecting a Storage Profile During Provisioning By selecting a VM Storage Profile, datastores are now split into Compatible & Incompatible. The Celerra_NFS datastore is the only datastore which meets the GOLD Profile requirements – i.e. it is the only datastore that has our user-defined storage capability associated with it. VM Storage Profile Compliance Policy Compliance is visible from the Virtual Machine Summary tab. Agenda: vStorage – What’s New Introduction VMFS-5 vStorage API for Array Integration Storage DRS Storage I/O Control VMware API for Storage Awareness Profile Driven Storage FCoE – Fibre Channel over Ethernet Software FCoE Adapters (1 of 2) A software FCoE adapter is a software code that performs some of the FCoE processing. This adapter can be used with a number of NICs that support partial FCoE offload. Unlike the hardware FCoE adapter, the software adapter needs to be activated, similar to Software iSCSI. Software FCoE Adapters (2 of 2) Once the Software FCoE is enabled, a new adapter is created, and discovery of devices can now take place. New Virtual Machine Features vSphere 5.0 supports the industry’s most capable virtual machines • 32 virtual CPUs per VM VM Scalability • Richer Desktop Experience • Broader Device Coverage Other new features • 4x previous capabilities! • VM BIOS boot order config API and PowerCLI interface • USB 3.0 devices • Smart Card Readers for VM Console Access • UI for multi-core virtual CPUs • 1TB RAM per VM 3D graphics Client-connected USB devices • • • EFI BIOS Support for Mac OS X servers Extended VMware Tools compatibility Items which require HW version 8 in orange Upgrade Compatibility Provides for flexibility for Administrators to upgrade environment in phased manner Feature ESX/ESXi 4.x ESXi 5.x VMware Tools 4.x Yes Yes VMware Tools 5.x Yes Yes VMFS-3 Yes Yes VMFS-5 No Yes 3, 4, 7 4, 7, 8 Virtual Hardware1 1. ESXi 5.0 supports upgrading Virtual Hardware version 3 and later Application Services – Availability, Security, and Scalability Scaling Virtual Machines Overview Create virtual machines with up to: 32 vCPU 1 TB of vRAM Benefits 4x 4x size of previous vSphere versions Run even the largest applications in vSphere, including very large databases Virtualize even more applications than ever before (Tier 1 and 2) New HA Architecture Overview New architecture for High Availability Storage vMotion feature of vSphere VMware Fault Tolerance High Availability DRS Maintenance Mode vMotion NIC Teaming Multipathing VMware Benefits Storage Simplified clustering setup and configuration Server Component Enhanced reliability through better resource guarantees and monitoring Enhanced scalability Additional Features and Enhancements vCenter Server Appliance (Linux) Overview Run vCenter Server as a Linux-based appliance Benefits Simplified setup and configuration Enables deployment choices according to business needs or requirements Leverages vSphere availability features for protection of the management layer Component Overview vCenter Server Appliance (VCSA) consists of: • A pre-packaged 64 bit application running on SLES 11 • Distributed with sparse disks • Disk Footprint Distribution Min Deployed Max Deployed 3.6GB ~5GB ~80GB • Memory Footprint • A built in enterprise level database with optional support for a remote Oracle databases. • Limits are the same for VC and VCSA • Embedded DB • 5 hosts/50 VMs • External DB • <1000 hosts/<10,000 VMs (64 bit) • A web-based configuration interface Feature Overview vCenter Server Appliance supports: • The vSphere Web Client • Authentication through AD and NIS • Feature parity with vCenter Server on Windows • Except – • Linked Mode support • Requires ADAM (AD LDS) • IPv6 support • External DB Support • Oracle is the only supported external DB for the first release • No vCenter Heartbeat support • HA is provided through vSphere HA Web Client Overview Run and manage vSphere from any web browser anywhere in the world Benefits Platform independence Replaces Web Access GUI Building block for cloud based administration Why Flex? Flex provides us with the richest and fullest featured development platform available. • Extensive amount of Libraries to use • Technologies such as HTML5 and others are still in development • Provides the best performance • Scales to the web Web Client Windows Client Scalability 50 VCs 100,000 VMs 10 VCs 10,000 VMs Platform Independence Windows Linux Windows Extensibility Linux Native Rich Extension Points One HTML plug-in Features of the vSphere Web Client Customize the GUI • Create custom views to reflect the information you need to see, the way you like to see it Features of the vSphere Web Client Ready Access to Common Actions • Quick access to common tasks provided out of the box Features of the vSphere Web Client Support interrupt driven workflows • Allow jumping in and out of workflows easily – continuing exactly from where you left off without having to repeat a process Features of the vSphere Web Client Extendable Functionality • Possible for partners and end users to add features and functionality Easily create new tabs for information Create portlets for instant access to information The Best of the Rest Platform Availability • Hardware Version 8 – EFI virtual BIOS • Memory Fault Isolation Network • vMotion with higher latency links • Data Recovery Enhancements Management • Distributed Switch (Netflow, SPAN support, LLDP) • Network I/O Controls (per VM), ESXi firewall Storage • VMFS 5 • iSCSI UI • Storage I/O Control (NFS) • Array Integration for Thin Provisioning, • Swap to SSD, 2TB+ VMFS datastores • Storage vMotion Snapshot Support • Inventory Extensibility • iPad client The End (Due to Time)