By Brandon Pitta, Senior Solution Engineer

VMware vSphere continues to be the de facto corporate standard virtualization platform. The wide adoption of the platform means there are many thousands of vSphere clusters out in the wild which are likely running ESXi versions far past their prime.

At the 2018 Dasher User Technology Forum, we asked the audience what version of VMware they are currently running and the following chart provided us with a bit of a surprise. The graph below represents over 125 participants. We were excited to see that the adoption of 6.5 is well underway, but it is certainly apparent to the 22% still on 5.5 that they should be planning now for running unsupported software or make plans to upgrade to 6.5 or at least 6.x.

VMware end of support announcement

As we spring into summer, we fast approach a very important deadline: VMware has announced the general support for vSphere 5.5 will end on September 19th 2018. VMware is strongly recommending customers running vSphere 5.5 upgrade their environment to vSphere 6.5 as soon as possible. The latest revision of ESXi and vCenter come with a long list of feature additions and enhancements making the push to upgrade quite compelling.

VMware vSphere 6.5 Technical Workshop

vSphere 6.5 Enhancements

Enhanced User Experience

vSphere API explorer was introduced with VCSA 6.5. This tool allows administrators visibility into available APIs across a variety of VMware platforms including, but not limited to, vSphere, vRealize, vCloud Suite, VSAN and NSX.

VCSA 6.5 ReST API Improvements:

  • User management
  • Service and appliance health
  • Network configuration management
  • Appliance backups/restores
  • Version and uptime

HTML5 web GUI now supports a majority of vSphere workflows. The vSphere Web Client will not be officially deprecated until the vSphere Client (HTML 5) achieves feature parity. VMware has announced vSphere Client full feature parity with vSphere Web Client by Fall 2018. However some workflows that are still not supported by the vSphere Client as of vCenter Server 6.5 Update 1g include:

  • Distributed vSwitch management
  • Host profile configuration
  • Update manager
  • vApp configuration
  • VM configuration options (SDRS/vApp/FC NPIV)
  • License administration

Host/Guest OS Security Features

Virtual machine (VM) encryption was introduced at the hypervisor level in vSphere 6.5. Taking the encryption from the guest OS level to the hypervisor allows for VM encryption agnostic to guest OS or datastore type. vCenter is a KMIP client that is compatible with a variety of KMIP key manager services. This policy based VM encryption approach makes it simple to apply encryption to one or many VMs.

vMotion encryption was also introduced in vSphere 6.5. This is a per VM setting and by default is set to “opportunistic” meaning it will use encryption if supported by both source and destination ESXi hosts. “Disabled”, “opportunistic”, and “required” are the three configuration options available when using encrypted vMotion. vMotion encryption encrypts the vMotion data being sent, and not the vMotion network itself. One time use key and nonce are generated by the vCenter server, no external key manager is required.

Secure boot support for virtual machines as well as ESXi hosts was introduced in vSphere 6.5. UEFI firmware will validate the digital signature of an OS kernel during boot time. Secure boot in ESXi extends this feature to installed VIBs using the same digital certificate to verify integrity of each individual VIB referenced at boot time. EFI firmware is required when enabling secure boot for VMs, and can be enabled via checkbox within the settings of supported guest OS VMs.

Supported secure boot guest OS options include:

  • Windows 8/Windows Server 2012 or newer
  • RHEL 7.0
  • Ubuntu 14.04
  • ESXi 6.5
  • VMware Photon OS

Logging enhancements have also been made to add value to log messaging. For example, events that triggered “reconfigured” event info messaging now include information on what has been reconfigured and the values pre/post the configuration change being made.

vCenter Server Appliance Features

The new VCSA 6.5 comes equipped with improved analytics giving administrators even more insight into the health of vCenter instances. In addition to CPU and memory metrics, statistics for network, database, disk usage, and overall system health is provided.

The follow administrative enhancements have also been made to VCSA 6.5:

  • Native vCenter HA – Initial release provides RTO of about 5 minutes
  • vCenter Foundation now supports 4 hosts (was 3 in the past!)
  • Native backup/restore of the vCenter Server Appliance from the VAMI or API

Availability Enhancements

Proactive HA has been introduced with vSphere 6.5. Proactive HA will work with hardware vendor provided plug-ins to determine if the health status of an ESXi host is degraded. When host degradation is reported, hosts are placed into Quarantine mode and VMs are migrated to healthier hosts in the cluster. Future migration efforts will avoid Quarantine hosts until health status is improved.

New features for DRS have also been introduced with the release of vSphere 6.5. Predictive DRS is a new feature which aims to reduce resource contention by working in conjunction with vRealize Operations Manager to balance workloads before resource spikes occur. Additions/Improvements to DRS metrics have also been introduced to ease the implementation of some of the more advanced DRS configurations:

  • DRS is now network aware and can use network utilization of physical uplinks during VM placement
  • VM Distribution can now be enabled via a checkbox. This will use a best effort strategy to evenly place VMs across hosts while respecting performance.
  • Memory metric for load balancing can now be enabled via a checkbox. This changes the metric to view consumed memory rather than active memory for load balancing efforts
  • CPU over commitment protection can now be enabled via checkbox. This will prevent new VMs from powering on based on the ratio of vCPU to pCPU in a cluster

vSphere 6.5 offers many availability enhancements outside of HA/DRS as well:

  • Fault Tolerance improvements to reduce network latency between VMs and allow multiple port groups to participate FT logging.
  • Orchestrated restarts for multi-VM Apps such as databases, apps and web-servers
  • HA support for NVIDIA GRID vGPU enabled VMs

Lifecycle Management Enhancements

One of the most important enhancements to lifecycle management in 6.5 is the integration of Update Manager into the VCSA. Update Manager UI is now a part of the vSphere Web Client and is enabled by default on all new deployments of VCSA. External Windows based Update Manager instances can still be utilized, but only with Windows vCenter Server instance. The VCSA can’t utilize a Windows based Update Manager server.

A series of other lifecycle management improvements have been made to Host Profiles, VMware Tools, and more:

  • Host Profiles
    • Update UI in vSphere Web Client
      • Intuitive search functionality
      • Favorite function for quick access to UM elements
    • Detailed pre-check view prior to remediation
    • Profile copy functionality with detailed diff comparison
  • Auto Deploy
    • Addition of GUI
    • Image Builder to download, customize, and implement customer ESXi images
    • Increased capacity for concurrent booting hosts
    • Support for both Legacy and UEFI
  • VMware Tools
    • Installers split between Legacy (10.0.12) and Supported (10.1) Guest OS
      • 10.0.12 is a feature locked version for legacy Guest OS
    • Detailed VMware tools information display via vSphere Web Client
    • More frequent checks for VMware Tools updates (every 5 mins)
  • vSphere integrated containers

Storage Enhancements

Storage is one of the most important aspects of virtual infrastructure. From traditional SAN to hyperconverged infrastructure, vSphere 6.5 offers storage enhancements for every datacenter.

  • Return of auto UNMAP to reclaim unused space within a thinly provisioned volume
    • Works from inside the Guest OS on supported platforms
  • LUN scale improvements – 512 LUN limit and 2000 paths
  • Support for Advanced Format drives using 512 emulation (512e)
  • Software ISCSI static routing

Networking Enhancements

vSphere 6.5 brings with it a series of networking enhancements that increase flexibility/scalability and reduce management complexity. Most impactful of these features is the ability to define gateways on a per VMkernel basis. This will allow each VMkernel port to define its own gateway address, eliminating the need for creating static routes on behalf of VMkernel routing requirements.

Network monitoring and analytics also received a boost with the inclusion of ERSPAN port support. This feature allows traffic from one or more source ports to be mirrored to a separate destination port for use with 3rd party packet analysis tools.

There are a few things to note when planning your upgrade to vSphere 6.5. With the addition of the long awaited HTML 5 web GUI, comes the deprecation of the C# client we have all grown so accustomed to. VCSA has now surpassed and completely replaced the Windows vCenter server.

You are now inevitably asking yourself how Dasher can help you and your organization bring your vSphere environment to 6.5. You are in luck as Dasher offers the following vSphere services:

  1. Upgrade readiness assessments and analysis
  2. Upgrade services on existing vSphere infrastructure
  3. Installation services on new vSphere environments
  4. Health checks and diagnostics

Additional Resources