VMware vSAN 6.6.1 ─ another step towards excellence

    In vSAN 6.6.1, which was released in July this year, some new options are added to those that appeared several months ago in the vSAN 6.6 release. Overall, the vSAN Hyperconverged Infrastructure (HCI) has received several important additions and is now characterized by even lower operational costs.



    In this article, we will examine the components of HCI in its latest presentation ─ new processors, the updated vSAN 6.6.1 structure, the new integrated vSphere Update Manager (VUM), as well as analytics and security tools.

    Intel Xeon Scalable Processors ─ new engine for vSAN

    In early July of this year, Intel officially introduced its new Xeon Scalable processors.

    In application terms, the company notes that “now is a great time to move from traditional distributed infrastructure to hyper-converged computing and data storage with these processors and VMware vSAN systems.

    The main goal set by VMware and Intel with new hardware is to help companies reduce the traditional complexity and cost of legacy IT infrastructure.

    Hyperconverged IT infrastructures are faster and more cost-effective than legacy systems. They fundamentally change the approach to data storage and building network solutions, providing users with more options at lower prices and better management for the most demanding enterprise applications. vSAN has also been tested with these latest Intel products.

    When deploying HCI using the new Intel Optane SSDs and new server platforms, customers can get up to 2.5 times more virtual machines (VMs) in the cluster compared to previous generations of Intel Xeon processors and vSAN systems.

    These results were obtained in independent testing conducted by the Evaluator Group. They show a decrease in prices and the best return on investment (ROI). The full report can be obtained after registration here . Basic information from it is given below.


    Performance comparison of virtual machines in a 4-node hyperconverged infrastructure

    The three left columns in the diagram refer to the previous generation of servers that used the Intel Xeon processor E5-2600 v4. The three right-hand columns show increased performance when upgrading to Xeon Scalable Processors, next-generation SSDs, and VMware vSAN version 6.6.

    The segment of information storage systems is one of the fastest growing today in IT. More and more organizations are not only increasing the computing power of their servers, but are also upgrading storage systems, moving to a secure hyper-converged infrastructure.

    As VMware Storage Manager Michael Haag writes in a blog post on the company's website, “With the new Intel Xeon Scalable platform, this transition represents the largest update to the Intel Xeon platform in ten years.”

    Intel's new ideas give current and future vSAN customers the following key benefits.

    1. Scaling to provide better performance in the future.

    2. Risk-free use with the largest selection of HCI platforms.

    3. Reducing the cost of corporate IT with a quick return on investment. The virtual machine node now costs 2.5 times cheaper than on previous infrastructures. It consumes less electricity with greater efficiency and can be placed on a smaller area due to the increased density of the hardware.

    4. Confident deployment of First Intel Select Solution. The new solution provides the fastest way to transform infrastructure by offering proven configurations to reduce complexity and investment. Intel Select Solutions are available for VMware vSAN as one of the first next-generation solutions.

    vSAN 6.6.1

    In late July, VMware vSphere 6.5 Update 1 became available to customers. Three new key features appeared in vSAN 6.6.1:

    - Integration with VMware vSphere Update Manager (VUM);
    - Performance Diagnostics in vSAN Cloud Analytics;
    - Extension Storage Device Serviceability.

    In addition, new licenses have appeared that make vSAN Enterprise more accessible for the IT infrastructures ROBO (Remote Office / Branch Office) and VDI (Virtual Desktop Infrastructure).

    New Integrated vSphere Update Manager (VUM)

    VMware vSphere administrators will be pleased with the new integrated vSphere Update Manager (VUM) tool, which greatly simplifies and automates patch and upgrade vSphere clusters. In previous versions, administrators had to perform many operations manually.

    Before upgrading the software, it was necessary to check the compatibility of hardware (such as SAS, SATA I / O controllers, and NVMe devices) with the new version of vSphere and vSAN. Previously, this was a manual process performed using the VMware Compatibility Guide software module.

    Now VUM automatically finds and combines information from the VMware Compatibility Guide and vSAN Release Catalog with information about the currently installed ESXi hypervisor release. VUM also identifies new hardware drivers for Dell, Fujitsu, Lenovo, and Supermicro.

    This new VUM extension makes it easier to support new versions of vSphere and vSAN; reduces risks by helping to ensure that each host is running in the cluster and has the same structure as the others. From an administrator’s point of view, VUM eliminates the time-consuming process of manually upgrading each host.

    Actually, VMware decided to integrate VUM into vSAN for the sole purpose ─ to ensure the simplicity of the upgrade. As a result, installing updates for vSAN and versioning not only became processes fully integrated into vSAN, but the VUM process itself was greatly simplified.


    VUM High Level Architecture

    Now vSAN version 6.6.1 and later provides an automated “seamless” upgrade process, while ensuring that the vSAN cluster is updated with the latest software. The first step uses the vSAN Build Recommendation Engine. After a successful login, vSAN will produce the main group of recommended updates for each vSAN cluster.


    Recommendation for vSAN

    After checking the VMware Compatibility Guide and vSAN Release Catalog, the Update Manager will find the recommended recommended update available.


    Example: vSAN Baseline identified the ESXi host as not matching the profile.

    To update a vSAN cluster, simply use one of the Update Manager functions. The corresponding “wizard” offers several options for configuring the update.

    - You can select specific hosts and clusters;
    - You can perform an update immediately or set a time;
    - you can specify the support mode (Specify Maintenance Mode) ─ assign parameters for virtual machines, processing media and ESXi.

    After selecting the desired options, Update Manager automatically updates each host.

    Thus, vSAN 6.6.1 with VUM integration greatly simplifies the process of managing updates and patches for a vSAN group cluster.

    For the first time, IT professionals can manage the entire data center, ─ including storage, ─ using a software-defined approach, where changes are achieved through the user interface, rather than changes to the hardware configuration.

    VSAN Cloud Analytics adds Performance Diagnostics

    The latest release extends the capabilities of vSAN Cloud Analytics, which were introduced earlier in vSAN 6.6. First of all, this concerns the new Performance Diagnostics tool, which analyzes the performance of a given vSAN cluster compared to previous benchmarks.


    Performance Diagnostic

    Administrators can select the desired option — for example, maximum throughput or minimum latency — and set a specific comparison time range. However, this feature requires the user to join the Customer Experience Improvement Program (CEIP) and vSAN Performance Service.

    After that, administrators can manage the HCIBench assessment tests and view detailed test results in Performance Diagnostics, where the appropriate charts are supported.

    The Ask VMware companion tool provides access to relevant VMware Knowledge Base articles that provide additional information. These guidelines help administrators optimize cluster performance, understand the impact of a particular hardware choice, and perform faster troubleshooting if performance problems arise.

    HCI Security in Software

    Defined Vaults Anita Kibunguchy provides the following examples on her VMware blog.

    A financial firm recently reported that it is experiencing up to 10 thousand attempts of unauthorized access to its systems every day. Hospitals talk about the need to maintain the safety of individual patient data. Another company said it physically destroys spent hard drives to ensure that unencrypted data is not inadvertently lost.

    The security area has not previously been closely related to hyperconverged infrastructures. However, 39% of respondents in the ESG study believe that security problems will appear here in 2017, and will force to draw attention to them. In the new release, VMware vSAN implements encryption, which makes HCI well-suited for building a secure IT environment.

    According to Lockheed Martin Cyber ​​Kill Chain (the company's own structure for identifying and preventing cyber attacks), many attacks target endpoints, then moving through the organization’s IT infrastructure to servers to gain access to corporate data.

    This poses a serious risk of information security in HCI systems, creating the need to encrypt data in the system core for maximum security. There are a number of advantages to encrypting data directly at its source.

    - An additional level of security for distributed organizations that typically work with third parties instead of maintaining their own staff.

    - Simplified storage of media ─ there is no need for their physical destruction.

    - No need to waste time reformatting the data, since all of their types can be encrypted.

    The easiest way to achieve static data encryption in existing HCI solutions is to use Self-Encrypting Drive (SED). However, there are some limitations.

    - First of all, ─ it is their high cost and low payback.

    - The implementation of SED can be problematic due to the need to comply with a number of compliance requirements with the law.

    - Certain risks ─ the entire disk has to be replaced if any one of its sections fails. In addition, the principles of building an SED make it difficult to research.

    - Practical SED management is relatively difficult.

    VMware vSAN has no SED restrictions. This is a software-defined infrastructure. Within its framework, computing, data storage, network and information services are easily combined in one solution on the industry standard x86 systems.

    ESG notes that VMware solutions are operationally efficient, less complex than traditional types of systems, and easier to manage. According to the ESG study, the benefits of deploying a hyperconverged solution are as follows:

    - 22% of organizations reported lower TCOs as the primary benefit of deploying such a solution.

    - 26% noted a shorter deployment time

    - 24% reported improved service and support, ─ as well as scalability.

    - 23% noted the simplification of IT infrastructure management as a benefit as a benefit

    VMware vSAN offers native encryption for both virtual machines and physical hardware. No need for SED. The solution can be deployed on existing or new storage devices.

    Security is built into the core of the system, at the hypervisor level, and not within the VM or hardware. This maximizes protection. Management is also simplified because it is host-based.

    ESG analysts also noted that vSAN ─ "an understandable solution, for organizations looking for safer, faster and easier to manage data centers, should explore the capabilities of VMware vSAN."

    For many customers, VMware vSAN is the first hyperconverged solution in their IT history. At the same time, “native” encryption is one of the main elements to consider, ─ both in terms of the cost of HCI and the manageability of the entire corporate IT infrastructure.

    Storage device reliability

    To help simplify hardware maintenance, vSphere includes plugins that provide advanced management and information about physical storage devices connected to local controllers on the server.

    As practice shows, this feature is especially useful for the vSAN infrastructure. For example, through these plugins, the local location of the desired drive in the server chassis can be shown in order to simplify its administration and maintenance.

    vSAN 6.6.1 further expands this option, not only locating a specific drive, but also making its indicator blink to help find its physical location. As a result, the administrator visually identifies the device to which attention needs to be taken and appropriate measures taken.



    This feature seems like a small service addition, but it significantly reduces the time spent on servicing storage devices and the risk of human error. The feature also works in RAID arrays, and is currently supported on typical HPE DL and ML servers with a Gen 9 controller.

    New vSAN licensing for ROBO and VDI

    The new licensing options relate to ROBO (Remote Office / Branch Office) and one of the environments for Horizon VDI. vSAN Enterprise for ROBO includes the use of proprietary encryption and stretched clusters in a single virtual machine pricing model in small deployments. These extensions are a complement to the VMware HCI Kit, which was released earlier this year. It includes simple configuration, vSphere and vSAN licenses.

    Summing up this brief review, it is worth emphasizing once again two aspects. vSAN 6.6.1 further simplifies the hardware and software lifecycle management for hyperconverged IT infrastructure. New features further reduce operating costs.

    Also popular now: