Announcing VMware Cloud Foundation 4.4.1 on Dell VxRail 7.0.371
Wed, 25 May 2022 14:07:35 -0000|
Read Time: 0 minutes
With each turn of the calendar, as winter dissipates and the warmer spring weather brings new life back into the world, a certain rite of passage comes along with it: Spring Cleaning! As much as we all hate to do it, it is necessary to ensure that we keep everything operating in tip top shape. Whether it be errands like cleaning inside your home or repairing the lawn mower to be able to cut the grass, we all have them, and we all recognize they are important, no matter how much we try to avoid it.
The VMware Cloud Foundation (VCF) on Dell VxRail team also believes in applying a spring cleaning mindset when it comes to your VCF on Dell VxRail cloud environment. This will allow your cloud environment to keep running in an optimal state and better serve you and your consumers.
So, in the spirit of the spring season, Dell is happy to announce the release of Cloud Foundation 4.4.1 on VxRail 7.0.371. Beginning on May 25, 2022, existing VCF on VxRail customers will be able to LCM to this latest version while support for new deployments will be made available beginning June 2, 2022.
This new release introduces the following “spring cleaning” enhancements:
- New component software version updates
- New VxRail LCM logic improvements
- New VxRail serviceability enhancements
- VCF and VxRail software security bug fixes
- VCF on VxRail with VMware Validated Solution Enhancements
VCF on VxRail life cycle management enhancements
New VxRail prechecks and vSAN resync timeout improvements
Starting with this release, the VxRail LCM logic has been modified to address scenarios when the cluster update process may fail to put a node into Maintenance Mode. This LCM logic enhancement is leveraged in addition to similar SDDC Manager prechecks that already exist. All VxRail prechecks are used when SDDC Manager calls on VxRail to run its precheck workflow prior to an LCM update. SDDC Manager does this by using its integration with the VxRail Health Check API. SDDC Manager also calls on these prechecks during an LCM update using its integration with the VxRail LCM API. So, VCF on VxRail customers benefit from this VxRail enhancement seamlessly.
Failing to enter Maintenance Mode can cause VxRail cluster updates to fail. Finding ways to mitigate this type of failure will significantly enhance the LCM reliability experience for many VCF on VxRail customers.
Figure 1: VCF on VxRail LCM
The following list describes scenarios in which a VxRail node could fail to enter maintenance mode, but are improved with the latest enhancements:
- If VMtools are mounted to customer VM workloads: VxRail LCM precheck now checks for this state to detect if VMtools are mounted. If this exists, it is the administrator’s responsibility to address the issue in their environment before initiating a VxRail cluster update.
- If VMs are pinned to specific hosts: VxRail LCM precheck will now detect whether there is host pinning configured for VMs. If this exists, it is the administrator’s responsibility to address the configuration in their environment before initiating a cluster update.
- vSAN Resync Time Timeout: During the cluster update process, a VxRail node can fail if vSAN resync takes too long. When the system waits before the node is put into Maintenance Mode, it causes a timeout. To prevent this from happening, the VxRail vSAN Resync timeout value has been increased by 2x while the cluster update waits for the vSAN resync to finish.
VCF on VxRail serviceability enhancements
Support for next generation Dell secure remote service connectivity agent and gateway
VxRail systems will now use the next generation secure remote service connectivity agent and the Secure Connect Gateway to connect to the Dell cloud for dial home serviceability. This new connectivity agent running within VxRail will also be used on all Dell infrastructure products.
Figure 2: Next Generation Dell Secure remote connectivity agent and gateway architecture
The Secure Connect Gateway is the 5th generation gateway that acts as a centralization point for Dell products in the customer environment to manage the connection to the Dell cloud. This remote connectivity enables a bi-directional communication between the product and Dell cloud. Products can send telemetry data and event information to the Dell cloud which can be used to facilitate remote support by Dell services as well as to deliver cloud services such as CloudIQ, MyService360, Licensing Portal, and Service Link.
The latest generation remote service connector is intended to provide a uniform telemetry experience across all Dell ISG products. By providing standardization, customers can reduce redundant infrastructure used to provide remote services for all their Dell products. The connectivity agent also introduces a simpler setup experience by streamlining and automating setup process of the secure remote service for new VxRail cluster deployments.
Figure 3: Enabling secure remote gateway connectivity
For existing VxRail clusters running an earlier version than VCF 4.4.1 on VxRail 7.0.371 in a VCF on VxRail deployment, the migration effort to adopt the new secure connect gateway requires the administrator to first upgrade their older generation dell serviceability gateways in their environment (whether it’s the 3rd generation Secure Remote Service gateway or the 4th generation Dell SupportAssist Enterprise gateway).
Once the gateways are upgraded to the latest 5th generation Dell Secure Connect Gateway, the VCF on VxRail administrator can perfrom the VxRail cluster update for the migration, as part of the standard VCF on VxRail LCM process. The built-in VxRail LCM precheck steps will inform the administrator to upgrade their gateways if necessary. The VxRail cluster update will now retrieve the gateway configuration for the connectivity agent and convert the device or access key to a unique connectivity key for remote connection authentication. Administrators should be aware that this additional migration work may add a one time 15 minutes or so time increase to the total cluster update time.
New nodes that are shipped with VxRail 7.0.350 or higher will also now include a unique connectivity key for the secure remote gateway. Dell manufacturing will embed this key into the iDRAC of the VxRail nodes. So, instead of a user logging onto the Dell support portal to retrieve the access key to enable secure remote services, the enablement process will automatically retrieve this unique connectivity key from iDRAC for the connectivity agent to enable the connection. This feature is designed to simplify and streamline the secure connect gateway serviceability setup experience.
Customers can also have a direct connection to Dell cloud bypassing having a gateway deployed. This option is available for any clusters running VxRail 7.0.350 and higher.
VxRail dial home payload improvements
VxRail dial home payload improvements have been introduced to help provide Dell support with additional key cluster information in the dial home payload itself and capture more system error conditions to help further improve VCF on VxRail serviceability and reduce time to resolution of any VxRail related issues.
Additional payload information now includes:
- Smart Logs: Smart logging automatically collects the logs on the node of the call-home event, which provides additional information to the Support team when necessary. Starting with VCF 4.4.1 on VxRail 7.0.371, smart logging functionality has been redesigned to achieve the following tasks:
- Adapt smart logging workflow to the new secure remote gateway architecture
- Associate smart log with Dell Service Request (SR) such that the smart log file can be included in the SR as a link.
- Sub-component details: These include information such as the part number and slot number for CRU/FRU items such as disk drives and memory DIMMs for more efficient auto-dispatch of these failed components.
- VxRail cluster personality identifier information: To help making the troubleshooting experience more efficient, this cluster metadata information allows Dell Support to know that the VxRail clusters are deployed within a VCF on VxRail environment.
Also included are additional error conditions that are now captured to bring VxRail events in parity with existing PowerEdge events and additional ADC error states. And finally, to reduce the cost of service and improve the customer experience by avoiding a deluge of unnecessary event information, some events are no longer being reported.
VxRail physical view UI update now includes Fiber Channel HBA hardware view
New support for FC HBA Physical HW views have been introduced as part of the VxRail Manager vCenter Plugin Physical View UI for E560F, P570F, and V570F VxRail nodes that support externally attached storage.
Supported FC HBAs include the following Emulex and QLogic models:
- Emulex LPE 35002 Dual Port 32 Gb HBA
- Emulex LPE 31002 Dual Port 16 Gb HBA
- QLogic 2772 Dual Port 32 Gb HBA
- QLogic 2692 Dual Port 16 Gb HBA
Figure 4: Fiber Channel HBA physical hardware view in VxRail Manager vCenter Plugin – firmware
This new functionality provides a similar UI viewing experience to what administrators are already used to seeing, regarding physical NICs and NIC ports. This new FC HBA view will include port link status and firmware/driver version information. An example of the firmware/driver views is shown in Figure 4.
VCF on VxRail security enhancements
VCF and VxRail software security vulnerability fixes
This release includes several security vulnerabilities fixes for both VxRail and VCF software components.
VxRail Software 7.0.371 contains fixes that resolve multiple security vulnerabilities. Some of these include:
- iDRAC8 Updates
For more information, see iDRAC8 188.8.131.52 Release Notes
For more details on the DSAs, see the Dell Security Advisory (DSA) portal and search for DSA IDs.
VCF 4.4.1 Software: This contains fixes that resolve issues in NSX-T by introducing support for NSX-T 184.108.40.206.2. For more information about these issues, see the VMware KB Article.
vRealize Suite Software: In the last VCF 4.4 on VxRail 7.0.320 release we introduced vRealize Flexible Upgrades. Read more about it here. As a result, the vRealize Suite components (other than vRealize Suite Lifecycle Manager) are no longer a part of the VCF core software package. So if there are security vulnerabilities that are discovered and relevant patches that need to be applied, the process of doing so has changed. No longer will those vRealize component software updates be delivered and applied through VCF software update bundles. Administrators now must apply them independently using vRSLCM starting from the VCF 4.4 on VxRail 7.0.320 release.
I bring this up because there has been some vRealize Suite component security patches that have also been released that are relevant to VCF 4.4.1 on VxRail 7.0.371 deployments. See this blog post, written by my peers on the VMware team, describing the issue related to VMSA-2022-0011 and how to apply the fixes for it.
VCF on VxRail with VMware Validated Solution enhancements
New VCF on VxRail qualification with VMware Validated Solutions
For those of you who aren’t aware, VMware Validated Solutions are technical validated implementations built and tested by VMware and VMware Partners. These solutions are designed to help customers solve common business problems using VMware Cloud Foundation as the foundational infrastructure. Types of solutions include Site Protection and Disaster Recovery for VMware Cloud Foundation using multi-site VCF deployments with stretched NSX-T networks and Advanced Load Balancing for VMware Cloud Foundation using VMware NSX Advanced Load Balancer for workloads on VCF. These validated solution designs have been enhanced over time to include VMware developed automation scripts to help customers further simplify and accelerate getting these implemented. You can learn more about them here.
Although this solution is not directly tied to this latest VCF 4.4.1 on VxRail 7.0.371 release as a release feature itself, VMware and Dell can now qualify the VMware Validated Solutions on VCF on VxRail. All VVS solutions that are qualified will be marked with a VxRail tag.
Figure 5: VMware Validated Solutions Portal
These solutions get updated asynchronously from VCF releases. Be sure to check the VMware VVS portal for the latest updates on existing solutions or to see when new solutions are added.
That’s a wrap
Thanks for taking the time learn more about VMware Cloud Foundation on Dell VxRail. For even more solution information, see the Additional Resources links at the bottom of this post. I don’t know about you, but I feel squeaky clean already! Can’t say the same about my outdoor landscaping though...I should probably go address that…
Author: Jason Marques
Related Blog Posts
Deploying VMware Tanzu for Kubernetes Operations on Dell VxRail: Now for the Multicloud
Wed, 17 May 2023 15:56:43 -0000|
Read Time: 0 minutes
VMware Tanzu for Kubernetes Operations (TKO) on Dell VxRail is a jointly validated Dell and VMware reference architecture solution designed to streamline Kubernetes use for the enterprise. The latest version has been extended to showcase multicloud application deployment and operations use cases. Read on for more details.
VMware Tanzu and Dell VxRail joint solutions
VMware TKO on Dell VxRail is yet another example of the strong partnership and joint development efforts that Dell and VMware continue to deliver on behalf of our joint customers so they can find success in their infrastructure modernization and digital transformation efforts. It is an addition to an existing portfolio of jointly developed and/or engineered products and reference architecture solutions that are built upon VxRail as the foundation to help customers accelerate and simplify their Kubernetes adoption.
Figure 1 highlights the joint VMware Tanzu and Dell VxRail offerings available today. Each is specifically designed to meet customers where they are in their journey to Kubernetes adoption.
Figure 1. Joint VMware Tanzu and Dell VxRail solutions
VMware TKO on VxRail
VMware Tanzu For Kubernetes Operations on Dell VxRail reference architecture updates
This latest release of the jointly developed reference architecture builds off the first release. To learn more about what TKO on VxRail is and our objective for jointly developing it, take a look at this blog post introducing its first iteration.
Okay… Now that you are all caught up, let’s dive into what is new in this latest version of the reference architecture.
Additional TKO multicloud components
Let’s dive a bit deeper and highlight what we see as the essential building blocks for your cloud infrastructure transformation that are included in the TKO edition of Tanzu.
First, you’re going to need a consistent Kubernetes runtime like Tanzu Kubernetes Grid (TKG) so you can manage and upgrade clusters consistently as you move to a multicloud Kubernetes environment.
Next, you’re going to need some way to manage your platform and having a management plane like Tanzu Mission Control (TMC) that provides centralized visibility and control over your platform will be critical to helping you roll this out to distributed teams.
Also, having platform-wide observability like Aria Operations for Applications (formerly known as Tanzu/Aria Observability) ensures that you can effectively monitor and troubleshoot issues faster. Having data protection capabilities allows you to protect your data both at rest and in transit, which is critical if your teams will be deploying applications that run across clusters and clouds. And with NSX Advanced Load Balancer, TKO can also help you implement global load balancing and advanced traffic routing that allows for automated service discovery and north-south traffic management.
TKO on VxRail, VMware and Dell’s joint solution for core IT and cloud platform teams, can help you get started with your IT modernization project and enable you to build a standardized platform that will support you as you grow and expand to more clouds.
In the initial release of the reference architecture with VxRail, Tanzu Mission Control (TMC) and Aria Operations for Applications were used, and a solid on-premises foundation was established for building our multicloud architecture onward. The following figure shows the TKO items included in the first iteration.
Figure 2. Base TKO components used in initial version of reference architecture
In this second phase, we extended the on-premises architecture to a true multicloud environment fit for a new generation of applications.
Added to the latest version of the reference architecture are VMware Cloud on AWS, an Amazon EKS service, Tanzu Service Mesh, and Global Server Load Balancing (GSLB) functionality provided by NSX Advanced Load Balancer to build a global namespace for modern applications.
New TMC functionalities were also added that were not part of the first reference architecture, such as EKS LCM and continuous delivery capabilities. Besides the fact that AWS is still the most widely used public cloud provider, the reason AWS was used for this reference architecture is because the VMware SaaS products have the most features available for AWS cloud services. Other hyperscaler public cloud provider services are still in the VMware development pipeline. For example, today you can perform life cycle management of Amazon EKS clusters through Tanzu Mission Control. This life cycle management capability isn’t available yet with other cloud providers. The following figure highlights the high-level set of components used in this latest reference architecture update.
Figure 3. Additional components used in latest version of TKO on VxRail RA
New multicloud testing environment
To test this multicloud architecture, the Dell and VMware engineering teams needed a true multicloud environment. Figure 4 illustrates a snapshot of the multisite/multicloud lab infrastructure that our VMware and Dell engineering teams built to provide a “real-world” environment to test and showcase our solutions. We use this environment to work on projects with internal teams and external partners.
Figure 4. Dell/VMware Multicloud Innovation Lab Environments
The environment is made up of five data centers and private clouds across the US, all connected by VMware SD-WAN, delivering a private multicloud environment. An Equinix data center provides the fiber backbone to connect with most public cloud providers as well as VMware Cloud Services.
Extended TKO on VxRail multicloud architecture
Figure 5 shows the multicloud implementation of Tanzu for Kubernetes Operations on VxRail. Here you have K8s clusters on-premises and running on multiple cloud providers.
Figure 5. TKO on VxRail Reference Architecture Multicloud Architecture
Tanzu Mission Control (TMC), which is part of Tanzu for Kubernetes Operations, provides you with a management plane through which platform operators or DevOps team members can manage the entire K8s environment across clouds. Developers can have self-service access, authenticated by either cloud identity providers like Okta or Microsoft Active Directory or through corporate Active Directory federation. With TMC, you can assign consistent policies across your cross-cloud K8s clusters. DevOps teams can use the TMC Terraform provider to manage the clusters as infrastructure-as-code.
Through TMC support for K8s open-source project technologies such as Velero, teams can back up clusters either to Azure blob, Amazon S3, or on-prem S3 storage solutions such as Dell ECS, Dell ObjectScale, or another object storage of their choice.
When you enable data protection for a cluster, Tanzu Mission Control installs Velero with Restic (an open-source backup tool), configured to use the opt-out approach. With this approach, Velero backs up all pod volumes using Restic.
TMC integration with Aria Operations for Applications (formerly Tanzu/Aria Observability) delivers fine-grained insights and analytics about the microservices applications running across the multicloud environments.
TMC also has integration with Tanzu Service Mesh (TSM), so you can add your clusters to TSM. When the TKO on VxRail multicloud reference architecture is implemented, users would connect to their multicloud microservices applications through a single URL provided by NSX Advanced Load Balancer (formerly AVI Load Balancer) in conjunction with TSM. TSM provides advanced, end-to-end connectivity, security, and insights for modern applications—across application end users, microservices, APIs, and data—enabling compliance with service level objectives (SLOs) and data protection and privacy regulations.
TKO on VxRail business outcomes
Dell and VMware know what business outcomes matter to enterprises, and together we help customers map those outcomes to transformations.
Figure 6 highlights the business outcomes that customers are asking for and that we are delivering through the Tanzu portfolio on VxRail today. They also set the stage to inform our joint development teams about future capabilities we look forward to delivering.
Figure 6. TKO on VxRail and business outcomes alignment
Learn more at Dell Technologies World 2023
Want to dive deeper into VMware Tanzu for Kubernetes Operations on Dell VxRail? Visit our interactive Dell Technologies and VMware booths at Dell Technologies World to talk with any of our experts. You can also attend our session Simplify & Streamline via VMware Tanzu for Kubernetes Operations on VxRail.
Also, feel free to check out the VMware Blog on this topic, written by Ather Jamil from VMware. It includes some cool demos showing TKO on VxRail in action!
Author: Jason Marques (Dell Technologies)
Contributor: Ather Jamil (VMware)
- VxRail page on DellTechnologies.com
- VxRail InfoHub
- VxRail videos
- Tanzu for Kubernetes Operations VMware page
- TKO on VxRail Reference Architecture
Improved management insights and integrated control in VMware Cloud Foundation 4.5 on Dell VxRail 7.0.400
Tue, 11 Oct 2022 12:59:13 -0000|
Read Time: 0 minutes
The latest release of the co-engineered hybrid cloud platform delivers new capabilities to help you manage your cloud with the precision and ease of a fighter jet pilot in the cockpit! The new VMware Cloud Foundation (VCF) on VxRail release includes support for the latest Cloud Foundation and VxRail software components based on vSphere 7, the latest VxRail P670N single socket All-NVMe 15th Generation HW platform, and VxRail API integrations with SDDC Manager. These components streamline and automate VxRail cluster creation and LCM operations, provide greater insights into platform health and activity status, and more! There is a ton of airspace to cover, ready to take off? Then buckle up and let’s hit Mach 10, Maverick!
VCF on VxRail operations and serviceability enhancements
Support for VxRail cluster creation automation using SDDC Manager UI
The best pilots are those that can access the most fully integrated tools to get the job done all from one place: the cockpit interface that they use every day. Cloud Foundation on VxRail administrators should also be able to access the best tools, minus the cockpit of course.
The newest VCF on VxRail release introduces support for VxRail cluster creation as a fully integrated end-to-end SDDC Manager workflow, driven from within the SDDC Manager UI. This integrated API-driven workload domain and VxRail cluster SDDC Manager feature extends the deep integration capabilities between SDDC Manager and VxRail Manager. This integration enables users to VxRail clusters when creating new VI workload domains or expanding existing workload domains (by adding new VxRail clusters into them) all from an SDDC Manager UI-driven end-to-end workflow experience.
In the initial SDDC Manager UI deployment workflow integration, only unused VxRail nodes discovered by VxRail Manager are supported. It also only supports clusters that are using one of the VxRail predefined network profile cluster configuration options. This method supports deploying VxRail clusters using both vSAN and VMFS on FC as principal storage options.
Another enhancement allows administrators to provide custom user-defined cluster names and custom user-defined VDS and port group names as configuration parameters as part of this workflow.
You can watch this new feature in action in this demo.
Now that’s some great co-piloting!
Support for SDDC Manager WFO Script VxRail cluster deployment configuration enhancements
Th SDDC Manager WFO Script deployment method was first introduced in VCF 4.3 on VxRail 7.0.202 to support advanced VxRail cluster configuration deployments within VCF on VxRail environments. This deployment method is also integrated with the VxRail API and can be used with or without VxRail JSON cluster configuration files as inputs, depending on what type of advanced VxRail cluster configurations are desired.
- The legacy method for deploying VxRail clusters using the VxRail Manager Deployment Wizard has been deprecated with this release.
- VxRail cluster deployments using the SDDC Manager WFO Script method currently require the use of professional services.
Proactive notifications about expired passwords and certificates in SDDC Manager UI and from VCF public API
To deliver improved management insights into the cloud infrastructure system and its health status, this release introduces new proactive SDDC Manager UI notifications for impending VCF and VxRail component expired passwords and certificates. Now, within 30 days of expiration, a notification banner is automatically displayed in the SDDC Manager UI to give cloud administrators enough time to plan a course of action before these components expire. Figure 1 illustrates these notifications in the SDDC Manager UI.
Figure 1. Proactive password and certificate expiration notifications in SDDC Manager UI
VCF also displays different types of password status categories to help better identify a given account’s password state. These status categories include:
- Active – Password is in a healthy state and not within a pending expiry window. No action is necessary.
- Expiring – Password is in a healthy state but is reaching a pending expiry date. Action should be taken to use SDDC Manager Password Management to update the password.
- Disconnected – Password of component is unknown or not in sync with the SDDC Manager managed passwords database inventory. Action should be taken to update the password at the component and remediate with SDDC Manager to resync.
The password status is displayed on the SDDC Manager UI Password Management dashboard so that users can easily reference it.
Figure 2. Password status display in SDDC Manager UI
Similarly, certificate status state is also monitored. Depending on the certificate state, administrators can remediate expired certificates using the automated SDDC Manager certificate management capabilities, as shown in Figure 3.
Figure 3. Certificate status and management in SDDC Manager UI
Finally, administrators looking to capture this information programmatically can now use the VCF public API to query the system for any expired passwords and certificates.
Add and delete hosts from WLD clusters within a workload domain in parallel using SDDC Manager UI or VCF public API
Agility and efficiency are what cloud administrators strive for. The last thing anyone wants is to have to wait for the system to complete a task before being able to perform the next one. To address this, VCF on VxRail now allows admins to add and delete hosts in clusters within a workload domain in parallel using the SDDC Manager UI or VCF Public API. This helps to perform infrastructure management operations faster: some may even say at Mach 9!
- Prerequisite: Currently, VxRail nodes must be added to existing clusters using VxRail Manager first prior to executing SDDC Manager add host workflow operations in VCF.
- Currently a maximum of 10 operations of each type can be performed simultaneously. Always check the VMware Configuration Maximums Guide for VCF documentation for the latest supported configuration maximums.
SDDC Manager UI: Support for Day 2 renaming of VCF cluster objects
To continue making the VCF on VxRail platform more accommodating to each organization’s governance policies and naming conventions, this release enables administrators to rename VCF cluster objects from within the SDDC Manager UI as a Day 2 operation.
New menu actions to rename the cluster are visible in-context when operating on cluster objects from within the SDDC Manager UI. This is just the first step in a larger initiative to make VCF on VxRail even more adaptable with naming conventions across many other VCF objects in the future. Figure 4 describes new in-context rename cluster menu option looks like.
Figure 4. Day 2 Rename Cluster Menu Option in SDDC Manager UI
Support for assigning user defined tags to WLD, cluster, and host VCF objects in SDDC Manager
VCF on VxRail now incorporates SDDC Manager support for assigning and displaying user defined tags for workload domain, cluster, and host VCF objects.
Administrators now see a new Tags pane in the SDDC Manager UI that displays tags that have been created and assigned to WLD, cluster, and host VCF objects. If no tags exist, are not assigned, or if changes to existing tags are needed, there is an assign link that allows an administrator to assign the tag or link and launch into that object in vCenter where tag management (create, delete, modify) can be performed. When tags are instantiated, VCF syncs them and allow administrators to assign and display them in the tags pane in the SDDC Manager UI, as shown in Figure 5.
Figure 5. User-defined tags visibility and assignment, using SDDC Manager
Support for SDDC Manager onboarding within SDDC Manager UI
VCF on VxRail is a powerful and flexible hybrid cloud platform that enables administrators to manage and configure the platform to meet their business requirements. To help organizations make the most of their strategic investments and start operationalizing them quicker, this release introduces support for a new SDDC Manager UI onboarding experience.
The new onboarding experience:
- Focuses on Learn and plan and Configure SDDC Manager phases with drill down to configure each phase
- Includes in-product context that enables administrators to learn, plan, and configure their workload domains, with added details including documentation articles and technical illustrations
- Introduces a step-by-step UI walkthrough wizard for initial SDDC Manager configuration setup
- Provides an intuitive UI guided walkthrough tour of SDDC Manager UI in stages of configuration that reduces the learning curve for customers
- Provides opt-out and revisit options for added flexibility
Figure 6 illustrates the new onboarding capabilities.
Figure 6. SDDC Manager Onboarding and UI Tour Experience
VCF on VxRail lifecycle management enhancements
VCF integration with VxRail Retry API
The new VCF on VxRail release delivers new integrations with SDDC Manager and the VxRail Retry API to help reduce overall LCM performance time. If a cloud administrator has attempted to perform LCM operations on a VxRail cluster within their VCF on VxRail workload domain and only a subset of those nodes within the cluster can be upgraded successfully, another LCM attempt would be required to fully upgrade the rest of the nodes in the cluster.
Before VxRail Retry API, the VxRail Manager LCM would start the LCM from the first node in the cluster and scan each one to determine if it required an upgrade or not, even if the node was already successfully upgraded. This rescan behavior added unnecessary time to the LCM execution window for customers with large VxRail clusters.
The VxRail Retry API has made LCM even smarter. During an LCM update where a cluster has a mix of updated and non-updated nodes, VxRail Manager automatically skips right to the non-updated nodes only and runs through the LCM process from there until all remaining non-updated nodes are upgraded. This can provide cloud administrators with significant time savings. Figure 7 shows the behavior difference between standard and enhanced VxRail Retry API Behavior.
Figure 7. Comparison between standard and enhanced VxRail Retry API LCM Behavior
The VxRail Retry API behavior for VCF 4.5 on VxRail 7.0.400 has been natively integrated into the SDDC Manager LCM workflow. Administrators can continue to manage their VxRail upgrades within the SDDC Manager UI per usual. They can also take advantage of these improved operational workflows without any additional manual configuration changes.
Improved SDDC Manager prechecks
More prechecks have been integrated into the platform that help fortify platform stability and simplify operations. These are:
- Verification of valid licenses for software components
- Checks for expired NSX Edge cluster passwords
- Verification of system inconsistent state caused by any prior failed workflows
- Additional host maintenance mode prechecks
- Determine if a host is in maintenance mode
- Determine whether CPU reservation for NSX-T is beyond VCF recommendation
- Determine whether DRS policy has changed from the VCF recommended (Fully Automated)
- Additional filesystem capacity and permissions checks
While VCF on VxRail has many core prechecks that monitor many common system health issues, VCF on VxRail will continue to integrate even more into the platform with each new release.
Support for vSAN health check silencing
The new VCF on VxRail release also includes vSAN health check interoperability improvements. These improvements allow VCF to:
- Address common upgrade blockers due to vSAN HCL precheck false positives
- Allow vSAN pre-checks to be more granular, which enables the administrator to only perform those that are applicable to their environment
- Display failed vSAN health checks during LCM operations of domain-level pre-checks and upgrades
- Enable the administrators to silence the health checks
Display VCF configurations drift bundle progress details in SDDC Manager UI during LCM operations
In a VCF on VxRail context, configuration-drift is a set of configuration changes that are required to bring upgraded BOM components (such as vCenter, NSX, and so on) with a new VCF on VxRail installation. These configuration changes are delivered by VCF configuration-drift LCM update bundles.
VCF configuration drift update improvements deliver greater visibility into what specifically is being changed, improved error details for better troubleshooting, and more efficient behavior for retry operations.
VCF Async Patch Tool support
VCF Async Patch Tool support offers both LCM and security enhancements.
Note: This feature is not officially included in this new release, but it is newly available.
The VCF Async Patch Tool is a new CLI based tool that allows cloud administrators to apply individual component out-of-band security patches to their VCF on VxRail environment, separate from an official VCF LCM update release. This enables organizations to address security vulnerabilities faster without having to wait for a full VCF release update. It also gives administrators control to install these patches without requiring the engagement of support resources.
Today, VCF on VxRail supports the ability to use the VCF Async Patch Tool for NSX-T and vCenter security patch updates only. Once patches have been applied and a new VCF BOM update is available that includes the security fixes, administrators can use the tool to download the latest VCF LCM release bundles and upgrade their environment back to an official in-band VCF release BOM. After that, administrators can continue to use the native SDDC Manager LCM workflow process to apply additional VCF on VxRail upgrades.
Note: Using VCF Async Patch Tool for VxRail and ESXi patch updates is not yet supported for VCF on VxRail deployments. There is currently separate manual guidance available for customers needing to apply patches for those components.
Instructions on downloading and using the VCF Async Patch Tool can be found here.
VCF on VxRail hardware platform enhancements
Support for 24-drive All-NVMe 15th Generation P670N VxRail platform
The VxRail 7.0.400 release delivers support for the latest VxRail 15th Generation P670N VxRail hardware platform. This 2U1N single CPU socket model delivers an All-NVMe storage configuration of up to 24 drives for improved workload performance. Now that would be powerful single engine aircraft!
Time to come in for a landing…
I don’t know about you, but I am flying high with excitement about all the innovation delivered with this release. Now it’s time to take ourselves down for a landing. For more information, see the following additional resources so you can become your organization’s Cloud Ace.
Author: Jason Marques