nowe funkcjonalności vsphere 6 - upgreat...platform features - improved auditability of esxi admin...
TRANSCRIPT
© 2014 VMware Inc. All rights reserved.
Nowe funkcjonalnosci vSphere 6
Maciej Kot Senior Systems Engineer VMware
Agenda
1 vSphere Platform Features
2 vCenter Server Features
3 vSphere Networking Features
4 vSphere Storage Features
5 vSphere Availability Features
2
2x
2x
1.5x
3x
2x
2x
4x
Platform Features - Increased vSphere Maximums
4
Up to 4X Scale Improvement with vSphere 6
vSphere 5.5 vSphere 6
Hosts per Cluster 32 64
VMs per Cluster 4,000 8,000
Logical CPUs per Host 320 480
RAM per Host 4 TB 12 TB
VMs per Host 512 1,024
Virtual CPUs per VM 64 128
Virtual RAM per VM 1 TB 4 TB
Platform Features - Virtual Machine Compatibility ESXi 6 (vHW 11)
5
• 128 vCPUs
• 4 TB RAM
• Hot-add RAM now vNUMA aware
• WDDM 1.1 GDI acceleration features
• xHCI 1.0 controller compatible with OS X 10.8+ xHCI driver
• Serial and parallel port enhancements
– A virtual machine can now have a maximum of 32 serial ports
– Serial and parallel ports can now be removed
ESXi 6 Supports:
Platform Features - Local ESXi Account and Password Management Enhancements
6
Now possible to use ESXCLI commands to:
Create a new local user
List local user accounts
Remove local user account
Modify local user account
List permissions defined on the host
Set / remove permission for individual users or user groups
No editing of PAM config files on the host required anymore
Change default password complexity rules using VIM API
Configurable via vCenter Host Advanced System Settings
Two Configurable Parameters
Can set the maximum allowed failed login attempts (10 by default)
Can set lockout duration period (2 minutes by default)
Configurable via vCenter Host Advanced System Settings
Available for SSH and vSphere Web Services SDK
DCUI and Console Shell are not locked
New ESXCLI Commands Complexity Rules via
Advanced Settings Account Lockout
Platform Features - Improved Auditability of ESXi Admin Actions
• Prior to 6.0, actions taken at the vCenter level by a named user would show up in ESXi logs with the “vpxuser” username.
– [user=vpxuser]
– This made for difficult forensic tracking of user actions.
• In 6.0, all actions taken at vCenter against an ESXi server now show up in the ESXi logs with the vCenter username
– [user=vpxuser:CORP\Administrator]
7
Platform Features - Enhanced Microsoft Clustering (MSCS)
8
Support for Windows 2012 R2 and SQL 2012
Failover Clustering and AlwaysOn Availability Groups
IPV6 Support
PVSCSI and SCSI controller support
vMotion Support
Clustering across physical hosts (CAB) with Physical Compatibility Mode RDM’s
Supported on Windows 2008, 2008 R2, 2012 and 2012 R2
Following MSCS Capabilities Available:
Platform Features - GPU Acceleration Enhancements
9
• New Support for Intel GPUs
– vmklinux driver
– Driver provided by Intel
• Expanded NVIDIA support
– NVIDIA GRID vGPU.
– Native driver
– Driver provided by NVIDIA
Note: GPU cards assigned to VMs must not be used by the ESX console.
vCenter Server Features - Enhanced Capabilities
11
Metric Windows Appliance
Hosts per VC 1,000 1,000
Powered-On VMs per VC 10,000 10,000
Hosts per Cluster 64 64
VMs per Cluster 8,000 8,000
Linked Mode ✔ ✔
• Scalability supported by both
Windows Install and vCenter Server
appliance.
• Windows install supports Postgres
and External SQL and Oracle DBs.
• vCSA supports embedded Postgres
and external Oracle DBs.
vCenter Server 6.0 – Platform Services Controller
Platform Services Controller includes takes it beyond just Single Sign-On. It groups:
Single Sign-On (SSO)
Licensing
Certificate Authority
Two Deployment Models:
• Embedded
vCenter Server and Platform Services Controller in one virtual machine
- Recommended for small deployments where there is less then two SSO integrated solutions
• External
vCenter Server and Platform Services Controller in their own virtual machines
- Recommended for most deployments where there are two or more SSO integrated solutions
12
Platform Services Controller
PSC
vCenter
vCenter
vCenter Server 6.0 – Linked Mode Comparison
14
vSphere 5.5 vSphere 6.0
Windows Yes Yes
Appliance No Yes
Single Inventory View Yes Yes
Single Inventory Search Yes Yes
Replication Technology Microsoft ADAM Native
• Roles & Permissions Yes Yes
• Licenses Yes Yes
• Policies No Yes
• Tags No Yes
vCenter Server 6.0 - Cross vSwitch vMotion
• Transparent operation to the guest OS
• Works across different types of virtual switches
– vSS to vSS
– vSS to vDS
– vDS to vDS
• Requires L2 network connectivity
– Does not change the IP of the VM
• Transfers vDS port metadata
vCenter Server
VM Network (L2 Connectivity)
vDS A vDS B
vMotion Network
vMotion
15
• Simultaneously changes
– Compute
– Storage
– Network
– vCenter
• vMotion without shared storage
• Increased scale
– Pool resources across vCenter servers
• Targeted topologies
– Local
– Metro
– Intra-Continental
vCenter Server 6.0 - Cross vCenter vMotion
vCenter Server
VM Network (L2 Connectivity)
vDS A vDS B
vMotion Network
vMotion
vCenter Server
16
vCenter Server 6.0 - Long Distance vMotion
• Intra-continental distances – up to 100ms RTTs
• Maintain standard vMotion guarantees
• Does not require VVOLs, but supported
• Replication Support
– Active/Active only
• Synchronous
• Asynchronous (VVOL Required)
• Use Cases:
– Permanent migrations
– Disaster avoidance
– Multi-site load balancing
17
vCenter Server 6.0 – vMotion Requirements
• ESX & vCenter 6.0+ at both source and destination
• SSO Domain
– Same SSO domain to use the UI
– Different SSO domain possible if using API
• 250 Mbps network bandwidth per vMotion operation
– Unchanged from previous versions
• L2 network connectivity on VM network portgroups
– IP addresses are retained
• VM UUID maintained across vCenter server instances
– Not the same as MoRef or BIOS UUID
• Data Preservation
– Events, Alarms, and Tasks History
• HA/DRS Settings
• Affinity/Anti-Affinity Rules
• Automation level
• Start-up priority
• Host isolation response
– VM Resource Settings
• Shares
• Reservations
• Limits
– MAC Address of virtual NIC
• MAC Addresses preserved across vCenters
– Always unique within a vCenter
– Not reused when VM leaves vCenter
Features Requirements
18
vCenter Server 6.0 - Content Library Overview
19
• Simple content management
– VM templates
– vApps
– ISO images
– Scripts
• Store and manage content
– One central location to manage all content
• Beyond templates within vCenter
– Support for other file types
• Share content
– Store once, share many times
• Publish/Subscribe
– vCenter -> vCenter
– vCloud Director -> vCenter
• Consume content
– Deploy templates to a host or a cluster
vCenter Server 6.0 - Clients
21
Client Comparison
Use case Web Client vSphere Client
vSphere management ✔ ✔
ESXi/VM patching (VUM) ✖ ✔
Hardware version 8-11 ✔ ✔*
New features ✔ ✖
* v10-11 Read only access
vCenter Server 6.0 - vSphere Client
22
• It’s still here
– Direct Access to hosts
– VUM remediation
– New features in vSphere 5.1 and newer are only available in the web client
• Added support for virtual hardware versions 10 and 11 *read only*
vCenter Server 6.0 - vSphere Web Client
23 23
• Improved login time
• Faster right click menu load
• Faster performance charts
Performance
• Recent Tasks moved to bottom
• Flattened right click menus
• Deep lateral linking
Usability
vCenter Server 6.0 - vSphere Web Client Features
24
0
2
4
6
8
10
12
14
16
18
20
RO
DC
To
p le
ve
l O
bje
cts
Clu
ste
rs
Ho
st
Vm
s
Da
tasto
res
Ne
twork
DS
witch
DP
ort
gro
up
RO
Clu
ste
r
Top
level
Ho
sts
VM
s
Da
tasto
res
Ne
twork
DS
witch
RO
Ho
st
Vm
s.
Ne
twork
DS
witch
Da
tasto
res
RO
VM
s
Ne
twork
,
da
tasto
res
RO
dS
witch
Ho
sts
Vm
s
Vm
Tem
pla
te
DP
ort
gro
up
Up
linkP
ort
gro
up
Tysiące
Previous
Latest
Major Performance Improvements:
– UI
• Screen by screen code optimization
• Login now 13x faster
• Right click menu now 4x faster
• Most tasks end to end are 50+% faster
– Performance charts
• Charts are available and usable in less then half the time
– VMRC integration
• Advanced virtual machine operations
vCenter Server 6.0 - vSphere Web Client
• Usability Improvements
– Can get anywhere in one click
– Right click menu has been flattened
– Recent tasks are back at the bottom
– Dockable UI
25
vSphere 6.0 - Network I/O Control Version 3
27
• Reserve bandwidth to guarantee service levels
• Applied at vNIC level
– Enables bandwidth to be guaranteed at the virtual network interface on a virtual machine
• Reservation set on the vNIC in the virtual machine properties
• Applied at a Distributed Port Group
– Enables bandwidth to be guaranteed to a specific VMware Distributed Switch port group
• Reservation set on the VDS port group
• Enables multi-tenancy on one VDS by guaranteeing bandwidth usage from one tenant won’t impact another
vCenter Server 6.0 – Multiple TCP/IP Stacks vMotion network will cross L3 boundaries
vMotion & NFC network can now use it’s own TCP/IP stack
vCenter vCenter Management Network
VM Network
vMotion Network
NFC Network
ESXi ESXi
28
Storage IO Control & Storage DRS enhancements
• Storage DRS is now aware of storage capabilities through VASA 2.0
– Array-based thin-provisioning
– Array-based deduplication
– Array-based auto-tiering
– Array-based snapshot
• Storage DRS Integration with Site Recovery Manager
– Aware of consistency groups!
• vSphere Replication full support (replica awareness)
• Set IOps reservation on a per disk basis using the API
30
Datastore Cluster
Capabilities
Thin Provisioned
Deduplication
Auto-Tiering
Vendor Provider
VASA
vSphere Virtual Volumes
32
Management & Integration Framework for External Storage
Virtual Volumes
Overview
• Virtualizes SAN and NAS devices
• Virtual disks are natively represented on arrays
• Enables finer control with VM level storage
operations using array-based data services
• Storage Policy-Based Management enables
automated consumption at scale
• Supports existing storage I/O protocols (FC, iSCSI,
NFS)
• Industry-wide initiative supported by major storage
vendors
• Included with vSphere
Without Virtual Volumes
Replication Snapshots Caching Encryption De-duplication
vSphere
vSphere 6.0 – Virtual Volumes
Policy based Management
Offloaded Data Services
Eliminates LUN Management
Provides Per-VM Granularity
datastore a
vSphere
Array-a Array-b
LUN
LUN LUN
LUN
LUN
AND
External Storage Architectures
With Virtual Volumes
34
vSphere 6.0 - High Level Storage Architecture
Published Capabilities
Snapshot
Replication
Deduplication
Encryption
Overview
• No File System
• ESX manages array through VASA
(vSphere APIs for storage
awareness) APIs
• Arrays are logically partitioned into
containers, called Storage
Containers
• VM disks, called Virtual Volumes,
stored natively on the Storage
Containers.
• IO from ESX to array is addressed
through an access point called
Protocol Endpoint (PE)
• Data services are offloaded to the
array
• Managed through storage policy-
based management framework
vSphere Virtual Volumes
Storage Policy
Capacity
Availability
Performance
Data Protection
Security
PE VASA Provider
PE
Storage Policy-Based Mgmt.
35
vSphere 6.0 - VASA Provider (VP)
• Software component developed by storage array vendors
• ESX and vCenter Server connect to VASA provider
• Provides storage awareness services
• Single VASA provider can manage multiple arrays
• Supports VASA APIs exported by ESX
• VASA provider can be implemented within the array’s management server or firmware
• Responsible for creating Virtual Volumes
Virtual Volumes
VASA Provider
Characteristics
36
vSphere 6.0 - Protocol Endpoints (PE)
Why Protocol Endpoints?
• Separate the access points from the storage itself
• Can have fewer access points
What are Protocol Endpoints?
• Access points that enable communication between ESXi hosts and storage array systems.
• They are part of the physical storage fabric
• Created by storage administrators
• Compatible with all SAN and NAS Protocols:
- iSCSI
- NFS v3
- FC
- FCoE
Virtual Volumes
VASA Provider PE
37
vSphere 6.0 - Storage Container (SC)
What are Storage Containers?
• Logical storage constructs for grouping of virtual volumes.
• Setup by storage administrators
• Capacity is based on physical storage capacity
• Logically partition or VM isolation with diverse storage needs and requirement
• Minimum one storage container per array
• Maximum depends on the array
• A single SC can be simultaneously accessed via multiple Protocol Endpoints
Virtual Volumes
vCenter
SC SC
38
vSphere 6.0 - Storage Policy Based Management (SPBM) – Array Capabilities
Virtual Volumes APIs
Storage Policy-Based Mgmt.
CV
CV
CV
Storage
admin
Publish Capabilities
• Array based features and data services
• Defines what an Array can offer
• Advertised to ESX through VASA APIs
Disk Types
Disk Encryption
Dedupe
Replication
Snapshot
40
Virtual Machines
vSphere 6.0 - Virtual Volumes
Storage capabilities
Storage policies
vSphere Web Client
Storage Management UI
Datastores
Virtual Volumes
Storage Container
What do the admins need to get familiar with?
VVol VVol VVol
41
Virtual Volumes – The New De-facto Storage Paradigm
Capabilities
vSphere Storage Policy-Based Mgmt.
Virtual Volumes
VASA Provider PE PE
42
vSphere HA – VM Component Protection
• Problem:
– Host has a loss of storage connectivity
• APD: All Paths Down
• PDL: Permanent Device Loss
• Difficult to manage VMs running on APD/PDL affected hosts
• Approach:
– VMs are restarted on healthy hosts
44
All Paths Down
e.g. Path down
or port disabled
Permanent Device Loss e.g. Array misconfiguration,
Host removed from
LUN’s Storage Group
vSphere 6.0 VMware Fault Tolerance
47
Protect mission critical, high performance applications regardless of OS; No application-specific management and learning
Continuous availability – zero downtime and zero data loss for infrastructure failures; no loss of TCP connections
Fully automated response
Benefits
Enhanced virtual disk format support
Ability to hot configure FT
Greatly increased FT host compatibility
Additional new features
ESXi ESXi
Fast Checkpointing Sync
Primary Secondary
4 vCPU 4 vCPU Primary
Instantaneous Failover
VADP
vSphere 6.0 - Backing up FT VMs
• Support for vStorage APIs for Data Protection (VADP)
– API for non-disruptive snapshots
48
API
Backup Target
• Many VADP solutions on the market
vSphere 6.0 - Fault Tolerant Storage
49
.vmx file
VMDK VMDK VMDK
Datastore 1
Primary
.vmx file
VMDK VMDK VMDK
Datastore 2
Secondary
• vmx config file
• vmdk files (new)
• Allowed to be on different datastores (new)
Each VM has it’s own:
vSphere 6.0 - FT Capabilities by vSphere Version
Feature FT
(vSphere 5.5)
FT
(vSphere 6.0)
vCPUs 1 4
Virtual Disks EZT Any
Hot Configure FT
H/W Virtualization
Backup (Snapshot)
Paravirtual Devices
Storage Redundancy
VSAN/VVols
50
Feature FT
(vSphere 5.5)
FT
(vSphere 6.0)
HA
DRS Partial Partial
DPM
SRM
VDS
Storage DRS
VCD
vSphere Replication
vSphere 6.0 VMware vSphere Data Protection
• Data protection and disaster recovery for VMs integrated with vSphere
• Simple to deploy, easy to manage with the vSphere Web Client
• Based on EMC Avamar and utilizes changed block tracking (CBT)
52
VDP VDP
Backup Data Replication
vSphere Data Protection includes all
functionality previously included with
vSphere Data Protection Advanced
vSphere 6.0 - vSphere Data Protection Use Cases
• Data protection for small and medium sized organizations
– Backup of up to 800 VMs per vCenter Server environment
– Protect nearly any workload running in a VM
• Remote office - branch office (ROBO), distributed environments
– Up to 20 VDP appliances per vCenter Server, external proxies
• Data center migration and disaster recovery
– Backup VMs locally, replicate backup data to target location, restore VMs
53
vSphere 6.0 vSphere Data Protection
54
• Up to 8TB of deduplicated backup data capacity per VDP appliance
– Protect approximately 150-200 VMs per appliance, minimal storage consumption
• Agent-less VM backup and restore, file level restore
– Reduce complexity and cost
• Application level backup and restore of SQL Server, Exchange, SharePoint
– Select individual databases, app-consistent quiescing, transaction log management
– Robust protection for mission-critical workloads
Features and Benefits
vSphere 6.0 vSphere Data Protection
55
• Replicate backup data between VDP appliances and to EMC Avamar
– Easy, reliable, secure replication of backup data offsite for disaster recovery
• EMC Data Domain support with DD Boost
– Protect more and increase reliability
• Automated backup verification ensures backup data integrity, reduces risk
– Frequent “practice” restores provide the highest level of confidence
Features and Benefits
Thank You Cloud Platform Technical Marketing http://blogs.vmware.com/vsphere