vSAN 6.6 it’s 6th generation of the product and there are more than 20+ new features and enhancements in this release, such as:
- Native encryption for data-at-rest
- Compliance certifications
- Resilient management independent of vCenter
- Degraded Disk Handling v2.0 (DDHv2)
- Smart repairs and enhanced rebalancing
- Intelligent rebuilds using partial repairs
- Certified file service & data protection solutions
- Stretched clusters with local failure protection
- Site affinity for stretched clusters
- 1-click witness change for Stretched Cluster
- vSAN Management Pack for vRealize
- Enhanced vSAN SDK and PowerCLI
- Simple networking with Unicast
- vSAN Cloud Analytics with real-time support notification and recommendations
- vSAN Config Assist with 1-click hardware lifecycle management
- Extended vSAN Health Services
- vSAN Easy Install with 1-click fixes
- Up to 50% greater IOPS for all-flash with optimized checksum and dedupe
- Support for new next-gen workloads
- vSAN for Photon in Photon Platform 1.1
- Day 0 support for latest flash technologies
- Expanded caching tier choice
- Docker Volume Driver 1.1
… ok now lets review main enhancements:
vSAN 6.6 introduces the industry’s first native HCI security solution. vSAN will now offer data-at-rest encryption that is completely hardware-agnostic. No more concern about someone walking off with a drive or breaking in to a less-secure, edge IT location and stealing hardware. Encryption is applied at the cluster level, and any data written to a vSAN storage device, both at the cache layer and persistent layer can now be fully encrypted. And vSAN 6.6 supports 2-factor authentication, including SecurID and CAC.
Certified file services and data protection solutions are available from 3rd party partners in the VMware Ready for vSAN Program to enable customers to extend and complement their vSAN environment with proven, industry-leading solutions. These solutions provide customers with detailed guidance on how to complement vSAN. (EMC NetWorker is avaialble today with new solutions coming on soon)
vSAN stretched cluster was released in Q3’15 to provide an Active-Active solution. vSAN 6.6 adds a major new capability that will deliver a highly-available stretched cluster that addresses the highest resiliency requirements of data centers. vSAN 6.6 adds support for local failure protection that can provide resiliency against both site failures and local component failures.
PowerCLI Updates: Full featured vSAN PowerCLI cmdlets enable full automation that includes all the latest features. SDK/API updates also enable enterprise-class automation that brings cloud management flexibility to storage by supporting REST APIs.
VMware vRealize Operations Management Pack for vSAN released recently, provides customers with native integration for simplified management and monitoring. The vSAN management pack is specifically designed to accelerate time to production with vSAN, optimize application performance for workloads running on vSAN and provide unified management for the Software Defined Datacenter (SDDC). It provides additional options for monitoring, managing and troubleshooting vSAN along with the end-to-end infrastructure solutions.
Finally, vSAN 6.6 is well suited for next-generation applications. Performance improvements, especially when combined with new flash technologies for write-intensive applications, enable vSAN to address more emerging applications like Big Data. The vSAN team has also tested and released numerous reference architectures for these types of solutions, including Big Data, Splunk and InterSystems Cache.
- Splunk Reference Architecture: http://www.emc.com/collateral/service-overviews/h15699-splunk-vxrail-sg.pdf
- Citrix XenDestkop/XenApp Blog: https://blogs.vmware.com/virtualblocks/2017/02/27/citrix-xenapp-xendesktop-7-12-vmware-vsan-6-5-flash/
- vSAN, VxRail and Pivotal Cloud Foundry RA: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vsan/vmware-pcf-vxrail-reference-architeture.pdf
- vSAN and InterSystems Blog: https://community.intersystems.com/post/intersystems-data-platforms-and-performance-%E2%80%93-part-8-hyper-converged-infrastructure-capacity
- Intel, vSAN and Big Data Hadoop: https://builders.intel.com/docs/storagebuilders/Hyper-Converged_big_data_using_Hadoop_with_All-Flash_VMware_vSAN.pdf
Recently we had some strange problems with our 6.5 lab vCenter (Windows version with MSSQL Server db), which frequently crashed. After some digging in vpxd logs it seem to be related to vc db permissions:
“17-05-28T19:36:53.443+02:00 error vpxd [Originator@6876 sub=Default] [VdbStatement] SQLError was thrown: “ODBC error: (42000) – [Micrsoft][SQL Server Native Client 11.0][SQL Server]VIEW SERVER STATE permission was denied on object ‘server’, database ‘master’.” is returned when executing SQL statement “SELECT DB_NAME(mf.DATABASE_ID) Db_Name, CASE mf.FILE_ID WHEN 1 THEN ‘DATA’ WHEN 2 THEN ‘LOG’ END File_Type, vol.VOLUME_MOUNT_POINT AS Drive, CONVERT(INT,vol.AVAILABLE_BYTES/1048576.0) FreeSpaceInMB, (mf.SIZE*8)/1024 VCDB_Space_Mb, mf.PHYSICAL_NAME Physical_Name, SERVERPROPERTY(‘edition’) Sql_Server_Edition, SERVERPROPERTY(‘productversion’) Sql_Server_Version FROM SYS.M” action.“
The SQL execution is failing as the vCenter Server database user has no permisss on ‘master’ database, to resolve this issue, grant additional privileges to the vCenter Server database user:
grant VIEW SERVER STATE to [vCenter_database_user]
GRANT VIEW ANY DEFINITION TO [vCenter_database_user]
This is a mini article to start our Q&A set, a set of not easy to find answer real life questions 😉
Recently I received a question-related to advanced settings SAP app on vSphere platform:
“One of our customer ask us to set the following option to their virtual system: Misc.GuestLibAllowHostInfo This is according to SAP note: 1606643 where SAP requires reconfigure virtual system default configuration. I can’t find details information, which host data would be exposed to virtual system. Could you please point me to documentation or describe which information is being transferred from HOST to virtual systems?“
- After some research I was able to find answer :
“Misc.GuestLibAllowHostInfo” and “tools.guestlib.enableHostInfo” these configurations if enabled allow the guest OS to access some of the ESXi host configurations, mainly performance metrics e.g. how many CPU cores the host has, their utilization and contention etc. There is no confidential information from other customers which would be visible, however, it may give the user of those SAP VMs access to performance/resource information which you may not want to share.
The following document outlines the effect of the changes as I have described above.
I believe the “might use the information to perform further attacks on the host” could only apply to other vulnerabilities which may exist for the particular hardware information that the guestOS can gather from the ESXi host.
Other than that I am not sure there is any other concern to worry about.
Do you have any interesting virtualization related question?
VMware vExpert is a non technical award granted by a special committee every year. It is a special award because there is no exam or anything like that. VMware judges give it for individuals who have demonstrated significant contributions to the community and share their expertise with others. This means different kinds of activities like blogging, sharing the knowledge by other channels or social media as well as public speakers, book authors, CloudCred task writing, script writers, VMUG leaders and VMTN community moderators.
In this year we are very pleased to announce that both of us (Paweł Piotrowski and Daniel Okrasa) were awarded with this mysterious title for the first time. The whole list of vExpert 2017 can be found here.
We would like to thanks to all of our readers and your feedback. We promise to develop our blog with more interesting articles about our experiences and observations mostly in relation to VMware products 🙂
We wish you all who read our modest blog Merry Christmas!
The year coming to the end so and it is the best time to spend some time with family, take a rest and have a sensational New Year party. We wish you a healthy life and remarkable achivements in the 2017.
Pawel & Daniel
Since vSphere 6.5, VMware killed standard Windows vSphere Client. However, it was promised so we should not be suprised (anyway I am still shocked ;)).
Fortunatelly, every cloud has a silver lining. I reckon that VMware is aware that the current Web Client is not a perfect solution. That’s why they released completely new HTML5 vSphere Client which seems to be quite useful, intuitive and what’s the most important – it works as it should in therms of response times. Some of Administrators claims it reminds the old GSX console.
The darker side of the new Client is that it’s constrained in terms of functionality and it will not let you perform all of the administrative tasks. But do not worry it’s the first release and I hope VMware will expand the functionality quickly.
The HTML5 Client could be accessed by energing the FQDN or IP address of our vCenter in the Web browser, then you will see two possible options – classic Web Client and the new one. You will also notice that there is a caution saying that it has only partial functionality.
The list of non supported functionalities you will find here.
After you sign in to the new administration interface you will see quite grey and simple but in my opinion still good looking interface.
The whole structure of it is designed to be intuitive expecially for those Admins which are still using mostly just the standard vSphere client. In my option the design combines the best things from Web and Windows Client in one interface. The problem is just the lask of functionality. I decided to try it and start with configuring iSCSI in my new nested LAB. However, I was quickly brought to the heel – there was not an option to add software SCSI adapter. This suddenly ended my adventure with new HTML5 Client 🙂
To sum up, it would be a handy tool in the future, it just need to be completed in terms of functionality. Unfortunatelly, for those who want to migrate to vSphere 6.5 there will be still a need to use Web Client.