Contents
vSAN & Tanzu Improvements
With vSAN 7.0 Update 1, it will be possible to extend TKG Guest cluster volumes.
Supervisor and Guest Kubernetes clusters will benefit from the new Volume Health functionality. Should a persistent volume go inaccessible, the new Volume Health feature will be able to expose this to a 3rd party plugin so that it can deal with the failure, spawning a new pod if necessary.
New vSAN Scalability Improvements
vSAN 7.0 Update 1 introduces a new concept named VMware HCI Mesh. This enables vSAN to claim storage from another “remote” cluster.
The main benefit here is that we get more flexibility, enabling design changes quickly without the previous vSAN limitations. Borrowing resources from other vSAN clusters could be a valuable “Get out of jail free card” when clusters are unexpectedly running out of storage. It also has some interesting and positive impacts on both regular and storage vMotions.
Compression only Space Efficiency
While the deduplication feature in vSAN works well, some workloads don’t deduplicate well so it’s not always favourable to enable deduplication on the cluster.
With vSAN 7.0 update 1, we can now choose between Compression or Compression and Deduplication as a space efficiency option on the vSAN cluster. This reduces the failure domain and increases throughput due to how the vSAN architecture works when deduplicating data.
While on the topic of space efficiency, in the past VMware has generally recommended a 20% free space guidance on vSAN clusters. This can be a significant amount of storage to reserve, especially in larger clusters.
In this upcoming release of vSAN there will be two storage reservations, one for operations and another for host rebuild. This means the space required to be reserved can be reduced as hosts are added to the cluster. As an example, a 12 node cluster would now need around 18% free space but a 24 node cluster would only need 14%.
With this new feature, the space savings are automatically claimed after upgrading to 7.0 Update 1.
Shared vSAN Witness
The 2 node vSAN deployment option (with a witness) has proven to be a popular option, especially for small and remote deployments.
VMware has improved the concept of a witness further by enabling a single witness host appliance to act as a witness for more than one vSAN cluster.
As many as 64 2-node vSAN clusters can share the same witness!
Improved Data Durability in Maintenance
While a host is in maintenance, it is typical to use the “Ensure Accessibility” option. If another host were to fail containing data required for the VM to function, then the VM would go offline.
With this new feature, while the host is in maintenance mode, data writes are captured onto another host and merged back to the original host when it comes back out of maintenance.
This has an additional benefit in that data rebuilds are much faster, particularly when using Erasure Encoding, thus minimising the risk to data.
Faster vSAN Host Restarts
In the past, vSAN hosts have taken some time to reboot for a variety of reasons. vSAN restart times have been improved via a new save and restore workflow which saves in-memory metadata to disk before a normal restart operation. This data is then read from disk back into memory rather than being rebuilt from scratch on boot.
vSAN Security
Data In Transit Encryption
VMware vSAN has supported data at rest encryption for some time. Data can now be encrypted in flight, between vSAN hosts in the same cluster. No KMS is required here since the keys are managed internally by the solution.
Secure Disk Wipe
A new PowerCLI command & API call has been created to allow us to perform a NIST standard disk wipe of vSAN disks. This can be run on one or more disks in parallel and is supported on all SAS, SATA and NVMe flash media from both Dell and HPE.
New File Services on vSAN
An impressive new feature in vSAN 7.0 Update 1 is the ability to create SMB v2.1 and v3 shares with Active Directory support. This means that it is possible to create file shares natively in vSAN without the need for a dedicated file server. Furthermore, due to the granular storage policies in vSAN, failures to tolerate and other granular policies can be applied directly to the shares.
There is also support for Kerberos for NFS shares, improved built-in monitoring and up to 32 hosts per cluster able to participate in vSAN file services.
Release Date
VMware has committed to releasing the software downloads and licenses on or before 30th October 2020.
For details on today’s vSphere 7.0 Update 1 announcement, check my latest post here.
Subscribe to the mailing list for future updates