New Year’s Resolutions Fulfilled: Cloud Foundation on VxRail
New Year’s Resolutions Fulfilled: VMware Cloud Foundation 4.4 on VxRail 7.0.320
Many of us make New Year’s resolutions for ourselves with each turn of the calendar. We hope everyone is still on track!
The Cloud Foundation on VxRail team wanted to establish our own resolutions too. And with that, Dell Technologies and VMware have come together to fulfill our resolution of continuing to innovate by making operating and securing cloud platforms easier for our customers while helping them unlock the power of their data.
And as a result, we are happy to announce the availability of our first release of the new year: VMware Cloud Foundation 4.4 on Dell VxRail 7.0.320! This release includes Cloud Foundation and VxRail software component version updates that include patches to some recent widely known security vulnerabilities. It also adds support for Dell ObjectScale on the vSAN Data Persistence Platform (vDPp), support for additional 15th generation VxRail platforms, new security hardening features, lifecycle management improvements, new Nvidia GPU workload support, and more. Phew! So be resolute and read on for the details.
VCF on VxRail Storage Enhancements
VCF on VxRail Lifecycle Management Enhancements
VCF on VxRail Hardware Platform Enhancements
VCF on VxRail Developer and AI-Ready Enterprise Platform Enhancements
VCF on VxRail Operations Enhancements
VCF on VxRail Security Enhancements
VCF on VxRail Storage Enhancements
Support for vSAN Data Persistence Platform and Dell ObjectScale Modern Stateful Object Storage Services
Initially introduced in vSphere 7.0 U1, the vSAN Data Persistence Platform (vDPp) is now supported as part of in VCF 4.4 on VxRail 7.0.320. Check out this great VMware blog post to learn more about vDPp.
Beginning in this release, support for running the new Dell ObjectScale data service on top of vDPp is also available. This new next-gen cloud native software defined object storage service is geared toward those IT teams who are looking to extend their cloud platform to run Kubernetes native stateful modern application data services. To learn more about ObjectScale please refer to this blog post. Note: VCF on VxRail currently supports using vDPp in a vSAN “Shared Nothing Architecture Mode” only.
The following figure illustrates the high-level architecture of vDPp.
Figure 1 – vDPp and ObjectScale
As a result of this new capability, VCF on VxRail customers can further extend the storage flexibility the platform can support with S3 compatible object storage delivered as part of the turnkey cloud infrastructure management/operations experience.
Giving customers more storage flexibility resolution: Check!
VCF on VxRail Lifecycle Management Enhancements
Improved SDDC Manager LCM Prechecks
This release brings even more intelligence that is embedded into the SDDC Manager LCM precheck workflow. When performing an upgrade, the SDDC Manager needs to communicate to various components to complete various actions as well as requiring that certain system resources be configured correctly and are available.
To avoid any potential issues during LCM activities, VCF administrators can run SDDC Manager prechecks to weed any issues out before any LCM operation is executed. In this latest release SDDC Manager now adds six additional checks. These include:
- Password validity (including expired passwords)
- File system permissions
- File system capacity
- CPU reservation for NSX-T Managers
- Hosts in maintenance mode
- DRS configuration mode
All these checks apply to ESXi, vCenter, NSX-T, NSX-T Edge VMs, VxRail Manager, and vRealize Suite components in the VCF on VxRail environment. Figure 2 below illustrates some examples of what these prechecks look like from the SDDC Manager UI.
Figure 2 – New SDDC Manager Prechecks
Giving customers enhanced LCM improvements resolution: Check!
vRealize Suite Lifecycle Manager Flexible Upgrades
VCF 4.4 has been enhanced to allow vRealize suite products to be updated independently without having to upgrade the VCF SDDC stack.
Figure 3 – vRSLCM Flexible Upgrades
This means that from VCF 4.4 on, administrators will use vRSLCM to manage vRealize Suite update bundles and orchestrate and apply those upgrades to vRealize Suite products (vRealize Automation, vRealize Operations, vRealize Log Insight, Workspace ONE Access, and more) independently from the core VCF version upgrade to help better align with an organization’s business requirements. It also helps decouple VCF infrastructure team updates from DevOps team updates enabling teams to consume new vRealize features quickly. And finally, it enables an independent update cadence between VCF and vRealize versions which boosts and improves interoperability flexibility. And who doesn’t like flexibility? Am I right?
One last note with this enhancement: SDDC Manager will no longer be used to manage vRealize Suite component update bundles and orchestrate vRealize Suite component LCM updates. With this change, future versions of VCF will not include vRealize Suite components as part of its software components. vRSLCM will still be a part of VCF software components validated for compatibility for each VCF release since that will continue to be deployed and updated using SDDC Manager. As such, SDDC Manager continues to manage vRSLCM install and update bundles just as it has done up to this point.
Giving customers enhanced LCM flexibility resolution: Check!
VCF on VxRail Hardware Platform Enhancements
Support For New 15th Generation Intel-Based VxRail Dynamic Node Platforms
VxRail 7.0.320 includes support for the latest 15th Generation VxRail dynamic nodes for the E, P, and V series models. These can be used when deploying VMFS on FC Principal storage VxRail VI Workload Domain clusters. Figure 4 below highlights details for each model.
Figure 4 – New 15th Generation VxRail dynamic node models
Also, as it relates to using VxRail dynamic nodes when deploying VMFS on FC Principal storage, support for using NVMe over FC configurations has also been introduced since it is a part of the VxRail 7.0.320 release that VCF on VxRail customers can just inherit from VxRail. It’s like finding a fifth chicken nugget in the bag after ordering the four-piece meal! Wait, it is New Year’s—I should have used a healthier food example. Oops!
Support For New 15th Generation Intel-Based VxRail With vSAN Platforms (S670 and E660N)
In addition to new 15th generation dynamic nodes, this release introduces support for two new 15th generation VxRail node types, the S670 and E660N. The S670 is our 2U storage density optimized hybrid platform based on the PowerEdge R750 while the E660N is our 1U “everything” all NVMe platform based on the PowerEdge R650.
Giving customers more hardware platform choices resolution: Check!
VCF on VxRail Developer and AI-Ready Enterprise Platform Enhancements
NVIDIA GPU Options for AI and ML Workload Use Cases
As AI and ML applications are becoming more critical within organizations, IT teams are looking at the best approaches to run them within their own data centers to ensure ease of manageability and scale, improved security, and maintaining governance.
As a follow on to the innovative and collaborative partnerships between Dell Technologies, VMware, and NVIDIA that were first introduced at VMworld 2021, we are happy to announce, with this VCF on VxRail release, the ability to run GPUs within VMware Cloud Foundation 4.4 on VxRail 7.0.320 to deliver an end-to-end AI-Ready enterprise platform that is simple to deploy and operate.
Figure 5 – VCF with Tanzu on VxRail + NVIDIA AI-Ready Enterprise Platform
VMware Cloud Foundation with Tanzu, when used together with NVIDIA certified systems like VxRail and NVIDIA AI Enterprise Suite software, deliver an end-to-end AI / ML enterprise platform. And with VxRail being the first and only HCI Integrated System certified with NVIDIA AI Enterprise Suite and its supported GPUs, IT teams can deliver and provision GPU resources quickly in a variety of ways, while also allowing data scientists to easily consume and scale GPU resources quickly when they need it.
While getting into all the details on getting this set up is beyond the scope of this blog post, you can find more information on using NVIDIA GPUs with VxRail and NVIDIA AI Enterprise Software Suite using the link at the end of this post. VMware has additional information about this new support in a blog post that you can check out using the link at the bottom of this page.
Giving customers a simple path to unlock the power of their data resolution: Check!
VCF on VxRail Operations Enhancements
Configure DNS/NTP From SDDC Manager UI
This new feature simplifies and streamlines DNS and NTP Day 2 management operations for cloud administrators. In previous releases, all DNS and NTP configuration was included in the VCF Bring Up Parameter file that was used by Cloud Builder at the time of VCF on VxRail installation. But there was no straightforward way to make updates or changes to these settings once VCF on VxRail has been deployed. Now, if additional modifications are needed to these configurations, they can be performed within the SDDC Manager UI as a simple Day 2 operation. This feature integrates SDDC Manager with native VxRail APIs to automate VxRail cluster DNS/NTP settings. The figure below shows what this looks like.
Figure 6 – DNS/NTP Day 2 Configuration From SDDC Manager UI
Giving customers a simpler and more flexible day 2 operations experience resolution: Check!
VCF on VxRail Security Enhancements
Activity Logging For VCF REST API Call-Driven Actions
Administrators can now ensure audit tracking for activity that takes place using the VCF REST API. In this release, SDDC Manager logs capture SDDC Manager API activity from SDDC Manager UI and other sources with user context. This can be used to ensure audit tracking of VCF activity and making analyzing logs easier to understand. Figure 5 below illustrates this activity. The log entries include the following data points:
- Timestamp
- Username
- Client IP
- User agent
- API called
- API method
Figure 7 – SDDC Manager REST API Activity Logging
Each of the SDDC Manager core services has a dedicated activity log. These logs are in the respective /var/log/vmware/vcf/*service*/ service directories on the SDDC Manager VM.
Giving customers enhanced security logging resolution – Check!
Enhanced Access Security Hardening
This release disables the SSH service on ESXi hosts by default, following the vSphere security configuration guide recommendation.
This applies to new and upgraded VMware Cloud Foundation 4.4 on VxRail 7.0.320 deployments.
Giving customers enhanced default platform security hardening resolution: Check!
Log4j and Apache HTTP Server Fixes
No security conversation is complete without addressing the headache that has been the talk of the technology world recently and that is the Log4j and Apache HTTP Server vulnerability discoveries. VCF on VxRail customers can be rest assured that as a part of this release fixes for these vulnerabilities are included.
Kicking Log4j and Apache HTTP bugs to the curb resolution: Check!
To wrap up…
Well, that about covers it for this new batch of updates. For the full list of new features, please refer to the release notes listed below. There are additional resource links at the bottom of this post. We hope to continue making good on our VCF on VxRail platform resolutions throughout the year! Hopefully, we all can say the same for ourselves in other areas of our lives. Now, where is that treadmill...?
Author: Jason Marques
Twitter: @vWhipperSnapper
Additional resources
VMware Cloud Foundation on Dell VxRail Release Notes
VxRail page on DellTechnologies.com
Virtualizing GPUs for AI Workloads with NVIDIA AI Enterprise Suite and VxRail Whitepaper
VMware Blog Post on new VCF 4.4 support of NVIDIA AI Enterprise Suite and GPUs
Related Blog Posts
What’s New: VMware Cloud Foundation 4.5.1 on Dell VxRail 7.0.450 Release and More!
Thu, 11 May 2023 15:55:52 -0000
|Read Time: 0 minutes
This latest Cloud Foundation (VCF) on VxRail release includes updated versions of software BOM components, a bunch of new VxRail platform enhancements, and some good ol’ under-the-hood improvements that lay the groundwork for future features designed to deliver an even better customer experience. Read on for the highlights…
VCF on VxRail operations and serviceability enhancements
View Nvidia GPU hardware details in VxRail Manager vCenter plugin ‘Physical View’ and VxRail API
Leveraging the power of GPU acceleration with VCF on VxRail delivers a lot of value to organizations looking to harness the power of their data. VCF on VxRail makes operationalizing infrastructure with Nvidia GPUs easier with native GPU visualization and details using the VxRail Manager vCenter Plugin ‘Physical View’ and VxRail API. Administrators can quickly gain deeper-level hardware insights into the health and details of the Nvidia GPUs running on their VxRail nodes, to easily map the hardware layer to the virtual layer, and to help improve infrastructure management and serviceability operations.
Figure 1 shows what this looks like.
Figure 1. Nvidia GPU visualization and details – VxRail vCenter Plugin ‘Physical View’ UI
Support for the capturing, displaying, and proactive Dell dial home alerting for new VxRail iDRAC system events and alarms
Introduced in VxRail 7.0.450 and available in VCF 4.5.1 on VxRail 7.0.450 are enhancements to VxRail Manager intelligent system health monitoring of iDRAC critical and warning system events. With this new feature, new iDRAC warning and critical system events are captured, and through VxRail Manager integration with both iDRAC and vCenter, alarms are triggered and posted in vCenter.
Customers can view these events and alarms in the native vCenter UI and the VxRail Manager vCenter Plugin Physical View which contains KB article links in the event description to provide added details and guidance on remediation. These new events also trigger call home actions to inform Dell support about the incident.
These improvements are designed to improve the serviceability and support experience for customers of VCF on VxRail. Figures 2 and 3 show these events as they appear in the vCenter UI ‘All Issues’ view and the VxRail Manager vCenter Plugin Physical View UI, respectively.
Figure 2. New iDRAC events displayed in the vCenter UI ‘All Issues’ view
Figure 3. New iDRAC events displayed in the VxRail Manager vCenter Plugin UI ‘Physical View’
Support for the capturing, displaying, and proactive dial home alerting for new iDRAC NIC port down events and alarms
To further improve system serviceability and simplify operations, VxRail 7.0.450 introduces the capturing of new iDRAC system events related to host NIC port link status. These include NIC port down warning events, each of which is indicated by a NIC100 event code and a ‘NIC port is started/up’ info event.
A NIC100 event indicates either that a network cable is not connected, or that the network device is not working.
A NIC101 event indicates that the transition from a network link ‘down’ state to a network link ‘started’ or ‘up’ state has been detected on the corresponding NIC port.
VxRail Manager now creates new VxM events that track these NIC port states.
As a result, users can be alerted through an alarm in vCenter when a NIC port is down. VxRail Manager will also generate a dial-home event when a NIC port is down. When the condition is no longer present, VxRail Manager will automatically clear the alarm by generating a clear-alarm event.
Finally, to reduce the number of false positive events and prevent unnecessary alarm and dial home events, VxRail Manager implements an intelligent throttling mechanism to handle situations in which false positive alarms related to network maintenance activities could occur. This makes the alarms/events that are triggered more credible for an admin to act against.
Table 1 contains a summary of the details of these two events and the VxRail Manager serviceability behavior.
Table 1. iDRAC NIC port down and started event and behavior details
Let’s double click on this serviceability behavior in a bit more detail.
Figure 4 depicts the behavior process flow VxRail Manager takes when iDRAC discovers and triggers a NIC port down system event. Let’s walk through the details now:
1. The first thing that occurs is that iDRAC discovers that the NIC port state has gone down and triggers a NIC port down event.
2. Next, iDRAC will send that event to VxRail Manager.
3. At this stage VxRail Manager will validate how long the NIC port down event has been active and check whether a NIC port started (or up) event has been triggered within a 30-minute time frame since the original NIC port down event occurred. With this check, if there has not been a NIC port started event triggered, VxRail Manager will begin throttling NIC port down event communication in order to prevent duplicate alerts about the same event.
If during the 30-minute window, a NIC port started event has been detected, VxRail Manager will cease throttling and clear the event.
4. When the VxRail Manager event throttling state is active, VxRail Manager will log it in its event history.
5. VxRail Manager will then trigger a vCenter alarm and post the event to vCenter.
6. Finally, VxRail Manager will trigger a NIC port down dial home event communication to backend Dell Support Systems, if connected.
Figure 4. Processing VxRail NIC port down events, and VxRail Manager throttling logic
Figure 5 shows what this looks like in the vCenter UI.
Figure 5. VxRail NIC port down trigger alarm in vCenter UI
Figure 6 shows what this looks like in the VxRail Manager vCenter Plugin ‘Physical View’ UI.
Figure 6. VxRail Manager vCenter Plugin ‘Physical View’ UI view of a VxRail NIC port down event
VCF on VxRail storage updates
Support for new PowerMax 2500 and 8500 storage arrays with VxRail 14G and 15G dynamic nodes using VMFS on FC principal storage
Starting in VCF 4.5.1 on VxRail 7.0.450, support has been added for the latest next gen Dell PowerMax 2500 and 8500 storage systems as VMFS on FC principal storage when deployed with 14G and 15G VxRail dynamic node clusters in VI workload domains.
Figure 7 lists the Dell storage arrays that support VxRail dynamic node clusters using VMFS on FC principal storage for VCF on VxRail, along with the corresponding supported FC HBA makes and models.
Note: Compatible supported array firmware and software versions are published in the Dell E-Lab Support Matrix for reference.
Figure 7. Supported Dell storage arrays used as VMFS on FC principal storage
VCF on VxRail lifecycle management enhancements
VCF Async Patch Tool 1.0.1.1 update
This tool addresses both LCM and security areas. Although it is not officially a feature of any specific VCF on VxRail release, it does get released asynchronously (pun intended) and is designed for use in VCF and VCF on VxRail environments. Thus, it deserves a call out.
For some background, the VCF Async Patch Tool is a new CLI based tool that allows cloud admins to apply individual component out-of-band security patches to their VCF on VxRail environment, separately from an official VCF LCM update release. This enables organizations to address security vulnerabilities faster without having to wait for a full VCF release update. It also allows admins to install these patches themselves without needing to engage support resources to get them applied manually.
With this latest AP Tool 1.0.1.1 release, the AP Tool now supports the ability to use patch VxRail (which includes all of the components in a VxRail update bundle including VxRail Manager and ESXi software components, and VxRail HW firmware/drivers) within VCF on VxRail environments. This is a great addition to the tool’s initial support for patching vCenter and NSX Manager in its first release. VCF on VxRail customers now have a centralized and standardized process for applying security patches for core VCF and VxRail software and core VxRail HCI stack hardware components (such as server BIOS or pNIC firmware/driver for example), all in a simple and integrated manner that VCF on VxRail customers have come to expect from a jointly engineered integrated turnkey hybrid cloud platform.
Note: Hardware patching is made possible due to how VxRail implements HW updates with the core VxRail update bundle. All VxRail patches for VxRail Manager, ESXi, and HW components are delivered in a the VxRail update bundle and leveraged by the AP Tool to apply.
From an operational standpoint, when patches for the respective software and hardware components have been applied, and a new VCF on VxRail BOM update is available that includes the security fixes, admins can use the tool to download the latest VCF on VxRail LCM release bundles and upgrade their environment back to an official in-band VCF on VxRail release BOM. After that, admins can continue to use the native SDDC Manager LCM workflow process for applying additional VCF on VxRail upgrades. Figure 8 highlights this process at a high level.
Figure 8. Async Patch Tool overview
You can access VCF Async Patch Tool instructions and documentation from VMware’s website.
Summary
In this latest release, the new features and platform improvements help set the stage for even more innovation in the future. For more details about bug fixes in this release, see VMware Cloud Foundation on Dell VxRail Release Notes. For this and other Cloud Foundation on VxRail information, see the following additional resources.
Author: Jason Marques
Twitter: @vWhipperSnapper
Additional Resources
- VMware Cloud Foundation on Dell VxRail Release Notes
- VxRail page on DellTechnologies.com
- VxRail Info Hub
- VCF on VxRail Interactive Demo
- Videos
Improved management insights and integrated control in VMware Cloud Foundation 4.5 on Dell VxRail 7.0.400
Tue, 11 Oct 2022 12:59:13 -0000
|Read Time: 0 minutes
The latest release of the co-engineered hybrid cloud platform delivers new capabilities to help you manage your cloud with the precision and ease of a fighter jet pilot in the cockpit! The new VMware Cloud Foundation (VCF) on VxRail release includes support for the latest Cloud Foundation and VxRail software components based on vSphere 7, the latest VxRail P670N single socket All-NVMe 15th Generation HW platform, and VxRail API integrations with SDDC Manager. These components streamline and automate VxRail cluster creation and LCM operations, provide greater insights into platform health and activity status, and more! There is a ton of airspace to cover, ready to take off? Then buckle up and let’s hit Mach 10, Maverick!
VCF on VxRail operations and serviceability enhancements
Support for VxRail cluster creation automation using SDDC Manager UI
The best pilots are those that can access the most fully integrated tools to get the job done all from one place: the cockpit interface that they use every day. Cloud Foundation on VxRail administrators should also be able to access the best tools, minus the cockpit of course.
The newest VCF on VxRail release introduces support for VxRail cluster creation as a fully integrated end-to-end SDDC Manager workflow, driven from within the SDDC Manager UI. This integrated API-driven workload domain and VxRail cluster SDDC Manager feature extends the deep integration capabilities between SDDC Manager and VxRail Manager. This integration enables users to VxRail clusters when creating new VI workload domains or expanding existing workload domains (by adding new VxRail clusters into them) all from an SDDC Manager UI-driven end-to-end workflow experience.
In the initial SDDC Manager UI deployment workflow integration, only unused VxRail nodes discovered by VxRail Manager are supported. It also only supports clusters that are using one of the VxRail predefined network profile cluster configuration options. This method supports deploying VxRail clusters using both vSAN and VMFS on FC as principal storage options.
Another enhancement allows administrators to provide custom user-defined cluster names and custom user-defined VDS and port group names as configuration parameters as part of this workflow.
You can watch this new feature in action in this demo.
Now that’s some great co-piloting!
Support for SDDC Manager WFO Script VxRail cluster deployment configuration enhancements
Th SDDC Manager WFO Script deployment method was first introduced in VCF 4.3 on VxRail 7.0.202 to support advanced VxRail cluster configuration deployments within VCF on VxRail environments. This deployment method is also integrated with the VxRail API and can be used with or without VxRail JSON cluster configuration files as inputs, depending on what type of advanced VxRail cluster configurations are desired.
Note:
- The legacy method for deploying VxRail clusters using the VxRail Manager Deployment Wizard has been deprecated with this release.
- VxRail cluster deployments using the SDDC Manager WFO Script method currently require the use of professional services.
Proactive notifications about expired passwords and certificates in SDDC Manager UI and from VCF public API
To deliver improved management insights into the cloud infrastructure system and its health status, this release introduces new proactive SDDC Manager UI notifications for impending VCF and VxRail component expired passwords and certificates. Now, within 30 days of expiration, a notification banner is automatically displayed in the SDDC Manager UI to give cloud administrators enough time to plan a course of action before these components expire. Figure 1 illustrates these notifications in the SDDC Manager UI.
Figure 1. Proactive password and certificate expiration notifications in SDDC Manager UI
VCF also displays different types of password status categories to help better identify a given account’s password state. These status categories include:
- Active – Password is in a healthy state and not within a pending expiry window. No action is necessary.
- Expiring – Password is in a healthy state but is reaching a pending expiry date. Action should be taken to use SDDC Manager Password Management to update the password.
- Disconnected – Password of component is unknown or not in sync with the SDDC Manager managed passwords database inventory. Action should be taken to update the password at the component and remediate with SDDC Manager to resync.
The password status is displayed on the SDDC Manager UI Password Management dashboard so that users can easily reference it.
Figure 2. Password status display in SDDC Manager UI
Similarly, certificate status state is also monitored. Depending on the certificate state, administrators can remediate expired certificates using the automated SDDC Manager certificate management capabilities, as shown in Figure 3.
Figure 3. Certificate status and management in SDDC Manager UI
Finally, administrators looking to capture this information programmatically can now use the VCF public API to query the system for any expired passwords and certificates.
Add and delete hosts from WLD clusters within a workload domain in parallel using SDDC Manager UI or VCF public API
Agility and efficiency are what cloud administrators strive for. The last thing anyone wants is to have to wait for the system to complete a task before being able to perform the next one. To address this, VCF on VxRail now allows admins to add and delete hosts in clusters within a workload domain in parallel using the SDDC Manager UI or VCF Public API. This helps to perform infrastructure management operations faster: some may even say at Mach 9!
Note:
- Prerequisite: Currently, VxRail nodes must be added to existing clusters using VxRail Manager first prior to executing SDDC Manager add host workflow operations in VCF.
- Currently a maximum of 10 operations of each type can be performed simultaneously. Always check the VMware Configuration Maximums Guide for VCF documentation for the latest supported configuration maximums.
SDDC Manager UI: Support for Day 2 renaming of VCF cluster objects
To continue making the VCF on VxRail platform more accommodating to each organization’s governance policies and naming conventions, this release enables administrators to rename VCF cluster objects from within the SDDC Manager UI as a Day 2 operation.
New menu actions to rename the cluster are visible in-context when operating on cluster objects from within the SDDC Manager UI. This is just the first step in a larger initiative to make VCF on VxRail even more adaptable with naming conventions across many other VCF objects in the future. Figure 4 describes new in-context rename cluster menu option looks like.
Figure 4. Day 2 Rename Cluster Menu Option in SDDC Manager UI
Support for assigning user defined tags to WLD, cluster, and host VCF objects in SDDC Manager
VCF on VxRail now incorporates SDDC Manager support for assigning and displaying user defined tags for workload domain, cluster, and host VCF objects.
Administrators now see a new Tags pane in the SDDC Manager UI that displays tags that have been created and assigned to WLD, cluster, and host VCF objects. If no tags exist, are not assigned, or if changes to existing tags are needed, there is an assign link that allows an administrator to assign the tag or link and launch into that object in vCenter where tag management (create, delete, modify) can be performed. When tags are instantiated, VCF syncs them and allow administrators to assign and display them in the tags pane in the SDDC Manager UI, as shown in Figure 5.
Figure 5. User-defined tags visibility and assignment, using SDDC Manager
Support for SDDC Manager onboarding within SDDC Manager UI
VCF on VxRail is a powerful and flexible hybrid cloud platform that enables administrators to manage and configure the platform to meet their business requirements. To help organizations make the most of their strategic investments and start operationalizing them quicker, this release introduces support for a new SDDC Manager UI onboarding experience.
The new onboarding experience:
- Focuses on Learn and plan and Configure SDDC Manager phases with drill down to configure each phase
- Includes in-product context that enables administrators to learn, plan, and configure their workload domains, with added details including documentation articles and technical illustrations
- Introduces a step-by-step UI walkthrough wizard for initial SDDC Manager configuration setup
- Provides an intuitive UI guided walkthrough tour of SDDC Manager UI in stages of configuration that reduces the learning curve for customers
- Provides opt-out and revisit options for added flexibility
Figure 6 illustrates the new onboarding capabilities.
Figure 6. SDDC Manager Onboarding and UI Tour Experience
VCF on VxRail lifecycle management enhancements
VCF integration with VxRail Retry API
The new VCF on VxRail release delivers new integrations with SDDC Manager and the VxRail Retry API to help reduce overall LCM performance time. If a cloud administrator has attempted to perform LCM operations on a VxRail cluster within their VCF on VxRail workload domain and only a subset of those nodes within the cluster can be upgraded successfully, another LCM attempt would be required to fully upgrade the rest of the nodes in the cluster.
Before VxRail Retry API, the VxRail Manager LCM would start the LCM from the first node in the cluster and scan each one to determine if it required an upgrade or not, even if the node was already successfully upgraded. This rescan behavior added unnecessary time to the LCM execution window for customers with large VxRail clusters.
The VxRail Retry API has made LCM even smarter. During an LCM update where a cluster has a mix of updated and non-updated nodes, VxRail Manager automatically skips right to the non-updated nodes only and runs through the LCM process from there until all remaining non-updated nodes are upgraded. This can provide cloud administrators with significant time savings. Figure 7 shows the behavior difference between standard and enhanced VxRail Retry API Behavior.
Figure 7. Comparison between standard and enhanced VxRail Retry API LCM Behavior
The VxRail Retry API behavior for VCF 4.5 on VxRail 7.0.400 has been natively integrated into the SDDC Manager LCM workflow. Administrators can continue to manage their VxRail upgrades within the SDDC Manager UI per usual. They can also take advantage of these improved operational workflows without any additional manual configuration changes.
Improved SDDC Manager prechecks
More prechecks have been integrated into the platform that help fortify platform stability and simplify operations. These are:
- Verification of valid licenses for software components
- Checks for expired NSX Edge cluster passwords
- Verification of system inconsistent state caused by any prior failed workflows
- Additional host maintenance mode prechecks
- Determine if a host is in maintenance mode
- Determine whether CPU reservation for NSX-T is beyond VCF recommendation
- Determine whether DRS policy has changed from the VCF recommended (Fully Automated)
- Additional filesystem capacity and permissions checks
While VCF on VxRail has many core prechecks that monitor many common system health issues, VCF on VxRail will continue to integrate even more into the platform with each new release.
Support for vSAN health check silencing
The new VCF on VxRail release also includes vSAN health check interoperability improvements. These improvements allow VCF to:
- Address common upgrade blockers due to vSAN HCL precheck false positives
- Allow vSAN pre-checks to be more granular, which enables the administrator to only perform those that are applicable to their environment
- Display failed vSAN health checks during LCM operations of domain-level pre-checks and upgrades
- Enable the administrators to silence the health checks
Display VCF configurations drift bundle progress details in SDDC Manager UI during LCM operations
In a VCF on VxRail context, configuration-drift is a set of configuration changes that are required to bring upgraded BOM components (such as vCenter, NSX, and so on) with a new VCF on VxRail installation. These configuration changes are delivered by VCF configuration-drift LCM update bundles.
VCF configuration drift update improvements deliver greater visibility into what specifically is being changed, improved error details for better troubleshooting, and more efficient behavior for retry operations.
VCF Async Patch Tool support
VCF Async Patch Tool support offers both LCM and security enhancements.
Note: This feature is not officially included in this new release, but it is newly available.
The VCF Async Patch Tool is a new CLI based tool that allows cloud administrators to apply individual component out-of-band security patches to their VCF on VxRail environment, separate from an official VCF LCM update release. This enables organizations to address security vulnerabilities faster without having to wait for a full VCF release update. It also gives administrators control to install these patches without requiring the engagement of support resources.
Today, VCF on VxRail supports the ability to use the VCF Async Patch Tool for NSX-T and vCenter security patch updates only. Once patches have been applied and a new VCF BOM update is available that includes the security fixes, administrators can use the tool to download the latest VCF LCM release bundles and upgrade their environment back to an official in-band VCF release BOM. After that, administrators can continue to use the native SDDC Manager LCM workflow process to apply additional VCF on VxRail upgrades.
Note: Using VCF Async Patch Tool for VxRail and ESXi patch updates is not yet supported for VCF on VxRail deployments. There is currently separate manual guidance available for customers needing to apply patches for those components.
Instructions on downloading and using the VCF Async Patch Tool can be found here.
VCF on VxRail hardware platform enhancements
Support for 24-drive All-NVMe 15th Generation P670N VxRail platform
The VxRail 7.0.400 release delivers support for the latest VxRail 15th Generation P670N VxRail hardware platform. This 2U1N single CPU socket model delivers an All-NVMe storage configuration of up to 24 drives for improved workload performance. Now that would be powerful single engine aircraft!
Time to come in for a landing…
I don’t know about you, but I am flying high with excitement about all the innovation delivered with this release. Now it’s time to take ourselves down for a landing. For more information, see the following additional resources so you can become your organization’s Cloud Ace.
Author: Jason Marques
Twitter: @vWhipperSnapper
Additional resources
VMware Cloud Foundation on Dell VxRail Release Notes
VxRail page on DellTechnologies.com