VMware vSphere 7 Evolution: the new generation of vSphere for existing enterprise applications and containerized applications

William Chin

VMware’s hybrid cloud vision has typically been about proliferating VMware vSphere to as many different locations as possible. Now that there are more of these instances in the cloud, on-premises, at the edge and with service providers, the secondary part of that vision was to evolve the platform so that they can support not only existing workloads but also modern workloads. Enter VMware vSphere 7!

Customers today tend to set up stacks for different purposes – a Kubernetes stack here, a separate stack for traditional applications there. You have operators and administrators who are specialized in Kubernetes on one side and then you have the traditional VM operators on the other. VMware vSphere 7 unites both under a common platform so that administrators can still manage as they’re accustomed to, but at the same time offer developers what they like — which is a Kubernetes dial tone so that they can deploy their applications on the same platform that they use for traditional applications. It allows customers to use their current platform, but also bring their modern application development to the same platform.

Organizations are also looking for a cloud operating model. They like having the ability for developers to invoke new services on demand in a very agile way. VMware brings that cloud operating model on-premises and to other clouds, giving organizations the same cloud operating experience all driven by that Kubernetes based dial-tone. A single infrastructure platform that can run in a hybrid manner and provide the cloud operating agility that developers are looking for is key in version 7.

Many organizations want to be able to deploy Kubernetes environments in a very simple way to avoid IT operational shortages. The easiest way to do that is to take the existing environments that are in 90% of IT and just turn on the Kubernetes dial tone. However, it’s much more than that. Organizations also need to be able to manage at scale just like they would in the cloud. They want to be able to have infrastructure that almost self-manages, upgrades and lifecycle manages itself.

VMware vSphere 7 evolves the way organizations manage infrastructure so that they can manage large scale environments both on-premise and in public cloud environments at scale. Security is also top of mind for businesses today, so it’s important to have a secure platform. VMware vSphere 7 comes with enhancements that are built into the platform to provide intrinsic security.  By leveraging its acquisition of Carbon Black, VMware is working towards building a truly trusted platform for developers and IT.

Not only does this new release enhance operations and ease of use by democratizing Kubernetes for VM administrators, but it also is gives organization better agility. DevOps is real and quickly trending inside of IT organizations, so they need to be able to build and deliver applications much quicker. Developers need to be able to respond to the business faster than ever and to do that you need infrastructure that is on demand. Core Kubernetes enablement facilitates on demand fulfillment of infrastructure. It’s not just modern applications that benefit, but also existing business applications and monitoring applications because operators are now afforded a simple and low-cost way of managing large scale IT infrastructure.

So, What’s New?

VMware vSphere 7 represents the hypervisors largest step forward in many years. It has been completely redesigned from the ground up with containerized workloads in mind. VMware gave a glimpse into the next generation of VMware vSphere by way of Project Pacific that was showcased at VMworld 2019. With Project Pacific functionality now in vSphere 7, VMware has rearchitected VMware vSphere so that it is an open platform that allows both IT administrators and developers to interact with the platform in a programmatic way with a cloud-like experience that most are now familiar with.

Kubernetes is now built into vSphere and allows developers to continue using the same industry-standard tools and interfaces they have been using to create modern applications. vSphere admins also benefit because they can help manage the Kubernetes infrastructure using the same tools and skills they have developed around vSphere. To help bridge these two worlds VMware introduced a new vSphere construct called Namespaces, allowing vSphere Admins to create a logical set of resources, permissions, and policies that enable an application-centric approach.

The new functionality that allows Kubernetes integration is not provided by a separate virtual appliance that must be deployed as with previous solutions in vSphere – it’s part of the hypervisor itself. Aside from Kubernetes support, there are many other features found in the vSphere 7 release, including:

  • Simplified lifecycle management
  • Intrinsic security features
  • Application acceleration

Simplified Lifecycle Management

VMware has given a lot of attention to lifecycle management. Customers who run large vSphere environments with hundreds or even thousands of hosts run into challenges with lifecycle management with previous vSphere versions. While VMware vSphere Update Manager (VUM) has served vSphere administrators well, it was not a great tool for lifecycle management of the platform at scale.

With vSphere 7, VMware is introducing vSphere Lifecycle Management (VLCM), bringing a suite of capabilities to make lifecycle operations better.  With VCLM there is a paradigm shift in both vCenter Server and ESXi host configuration management.

Using a desired state configuration model, vSphere Administrators can create configurations once, apply them, and continue to monitor that desired state through new tools called vCenter Server Profiles and Image Cluster Management. This allows the driving of lifecycle management consistently and effectively at scale. Desired state methodologies have become wildly popular among DevOps engineers for configuration management. vCenter Server Profiles enable administrators to standardize on a configuration for all their vCenter Servers and to detect and protect against configuration drift by applying desired state to endpoints.

This new approach to lifecycle management in vSphere 7 will include the ability to not only apply desired state to the software/hypervisor but firmware for physical hardware as well.

Intrinsic Security Features

Also new with vSphere 7 is built-in intrinsic security features. Security is of critical concern among businesses today and especially with hypervisor infrastructure. New with vSphere 7 is a feature called vSphere Trust Authority (vTA).  This allows organizations to lock down a set of very secure ESXi hosts and use this set of hosts for attestation to ensure other hosts are trusted and have not been modified in an unauthorized way.

vSphere Trust Authority (vTA), helps make it easier to establish trust throughout the entire stack – from bare metal all the way through the workloads. vSphere Trust Authority creates a hardware root of trust using a small, separately managed cluster of ESXi hosts which takes over the task of attestation. You can think of the secure attestation hosts as the set of ESXi hosts that provide the model of how the other hosts should look. This is especially valuable when you think about ESXi hosts that may not physically be in secure environments, such as edge and remote use cases. Moreover, there may be hosts that physically reside in a hosted datacenter. Having a way to ensure the remote ESXi hosts look the same as the secure set of ESXi attestation hosts provides a meaningful way to bolster security.

Application Acceleration

VMware has also incorporated many other new features in this release of VMware vSphere that help to accelerate applications. One of the next-generation technologies that businesses are taking advantage and making full use of is artificial intelligence.

VMware has included Bitfusion in vSphere 7 directly in the hypervisor. Bitfusion, which was acquired by VMware in 2019, can take advantage of GPU virtualization for the purposes of AI/ML use cases. In addition, VMware has introduced new improvements with vSphere 7 to vMotion as well as DRS enhancements to provide much quicker and more efficient operations as well as better performance/less disruption for very large VMs during the vMotion process with the resulting focus on VM performance and health.

Noteworthy New VMware vCenter Server 7 Features

  • vCenter Server Profiles: This allows exporting of vCenter Server configurations via a new set of REST APIs that allow easy export of configurations from one vCenter Server to another without a reboot of the target appliance.
  • Update Planner: This is part of the new vSphere Lifecycle Manager mentioned above. You can perform vCenter Updates, patches, and upgrades using the new update planner for vCenter Server. By proactively gaining insights into any potential problems with upgrades, updates, patches, and other operations it allows a much smoother lifecycle experience with vCenter Server.
  • Upgrade and Converge External PSCs in One Operation: External PSCs are converged during the upgrade operation.
  • Multihomed NICs Support: vCenter Server NIC multihoming is now supported with vCenter Server 7. This will allow more options and flexibility for management networks and network segmentation
  • VM Template Management and Versioning: This new feature provides a “Github-like” versioning approach to VM templates that are stored in the vSphere Content Library. When making updates or changes to a VM template, checking out the template allows changes to be tracked and version information recorded when the template is checked back in making it much easier to control and manage templates.

New VMware VSAN 7.0 Features

With the new release of VMware vSphere, VMware is also introducing vSAN 7 along with many new features with the new vSAN release.  These include the following:

  • Simplified Management: VMware vSAN 7.0 benefits from the new vSphere Lifecycle Manager functionality. VLCM will allow for the entire consistent lifecycle management of both vSphere software components and host firmware, including storage firmware.
  • Native File Services: New with vSAN 7.0, native file services are included. This allows vSphere administrators to expose NFS 3 and 4.1 file shares as part of the storage services offered natively by vSAN 7.0.
  • Enhanced Cloud-Native Storage: Using the new functionality offered as part of the native file services, VMware vSAN 7.0 will provide file-level persistent storage for containers.
  • Enhanced 2-node and Stretched Cluster Functionality: Many new features are found in vSAN 7.0 related to 2-node and stretched clusters. These new features include improved VM placement intelligence in the event of a failure, improved resilience, and intelligent capacity management.
  • Other Operational Enhancements: Skyline Health will contain unified cloud analytics, better VM capacity reporting, easily view memory consumption, improved vSphere replication data, hot-plug NVMe support, and improved shared multi-writer disks with vSAN 7.0.
William Chin

William Chin, Chief Cloud Architect, CDI

William Chin, VCP, VTSP, GenXer is a general all-around avid adopter of cool tech and CDI’s resident Cloud Panther. During his almost two decades with CDI, Will has spearheaded a number of initiatives that have contributed to the firm’s growth, including the creation of the data center virtualization practice and the development of business and technology initiatives such as IaaS, DRaaS, VDIaaS and BaaS. As a technology enthusiast and gatherer of practical tools, you can find Will tinkering with the latest software or out on the town enjoying conversation about how technology is reshaping the world. Will holds a B.A. in Computer Science from New York University and his personal mantra is: encourage fellow IT folk and companies to consume technologies that increase the quality of their daily work and lives.