VMware: What’s new in vSphere 7.0

On March 10th, VMware announced the newest version of vSphere 7.0, in case you missed the announcement, here are some highlights.

vSphere 7.0 comes in two different editions-

• vSphere 7.0
  • The new generation of vSphere for existing enterprise applications.
  • Two editions Standard and Enterprise Plus
• vSphere 7.0 with Kubernetes
  • The new generation of vSphere for containerized applications
  • Available through VMware Cloud Foundation
  • This was formally Project Pacific

Overview of the new improvements:

vCenter Server

• vCenter Server Profiles.
  • Profiles can import and export vCenter Server configuration via REST APIs
  • These are not Host Profiles
  • They are the settings you can make in the vCenter Server Appliance Management Interface (VAMI)
  • Maintain version control between vCenter Servers
    • Max 100 vCenter Servers are supported
• vCenter Server Multi-Homing is now officially supported
  • Maximum of 4 NICs that are supported per vCenter Server
  • NIC1 is reserved for vCenter HA
• vCenter Server CLI tools
  • Simplified vSphere SSO domain consolidation tool (cmsso-util)
  • The repointing option is gone, replaced with ‘unregister’ and ‘domain-repoint’
• Content Library VM templates versioning
  • Check-in/Check-out of templates
  • You can Check-out a VM template you are editing, make changes, and check-in the template
  • See the versioning information
• Automatic migration of a vCenter external PSC
  • External Platform Services Controller (PSC) is gone
  • No Windows Installer
  • vCenter Server converged tool is no longer available from the ISO
  • External PSC it will be automatically converged to a vCenter Server with an embedded PSC when migrating or upgrading
• vCenter Server Update Planner
  • Helps with discovering, planning, and upgrading a vCenter Server
  • You receive an notifications in the vSphere Client when an upgrade or update is available. No more need to look in the VAMI for an update
  • Detects installed VMware products and if they are compatible or not

vSphere Lifecycle Manager (vLCM)

• Single Cluster Image Manager
  • Consistency across ESXi hosts in a cluster
  • When a host is not compliant you can remediate it
  • The host firmware management from within vSphere
  • Works in conjunction with vendor tools like Dell OpenManage and HPE OneView
  • The VMware Compatibility Guide (VCG) and Hardware Compatibility List (HCL) checks remove the risks of unsupported drivers and firmware levels
  • Available in the GUI and REST API
  • Includes desired state of vSAN management

Security & Compliance

• vSphere Software Guard Extensions (vSGX)
  • Hardware protection for secrets
  • Allows applications to work with hardware to create a secure enclave
  • Applications can move sensitive logic & storage into secure enclave
  • Cannot be viewed by the guest OS or hypervisor
  • Intel only
• Improved Certificate Management
  • Certificate management is much simpler
  • Manage the vCenter Server certificates by using APIs
• vSphere Trust Authority (vTA)
  • vSphere infrastructure
  • Trust that your hosts are configured correctly
• Identify Federation
  • Standard-based federation authentication with an enterprise provider (idPs)
  • SSO still exists

Hardware & Performance

• Improved Distributed Resource Scheduler (DRS)
  • DRS is improved and based on a workload centric standard
  • VM DRS score is the new metric that migrate or balance the workload across the cluster. The VM DRS score is calculated using the following metrics:
    • CPU Ready time
    • Memory swap (overcommit)
    • CPU cache behavior
    • Headroom for the workload to burst
    • Migration cost
• DRS Scalable shares
  • Relative resource entitlement to other resource pools depending on a number of VMs in the resource pool
  • Setting a share level to “high” ensures prioritization over lower share VM
  • The share allocation dynamically when spinning up VMs
  • This is not enabled by default
• Assignable Hardware
  • Allows Dynamic DirectPath I/O to use vSphere HA and DRS for initial placement.
  • No more VMs was stuck on the host
  • Requires hardware version 17
  • Example: When powering on a VM with a vGPU profile, DRS will look if it can place that VM with the vGPU profile on another host
  • DRS load balancing of  Dynamic DirectPath I/O devices is not available yet
  • Initial placement of the VM only
  • Supports NVIDIA GRID vGPU devices
• vMotion
  • vMotion is improved so that it reduces the performance impact on large (monster) VMs during a vMotion. This brings back vMotion capabilities for large workloads like SAP HANA or Oracle
  • Enhanced vMotion Compatibility (EVC). In vSphere 7 there is support for the Intel Cascade Lake and AMD Zen2 generation
• Virtual Machine Hardware version 17
  • Watchdog Timer
    • Helps by resetting the VM if the guest OS is no longer responding
    • Important for clustered applications
  • Precision Time Protocol (PTP)
    • For applications that require sub-millisecond accuracy
    • Requires both the in-guest device and ESXi service to be enabled.
    • Choose between NTP or PTP for the entire ESXi host

Links and More Information

• Introducing vSphere 7: Features & Technology for the Hybrid Cloud – Link
• Overview of vSphere 7 (YouTube) – Link
• vSphere with Kubernetes 101 White Paper – Link
• vSphere 7 with Kubernetes (YouTube) – Link
• DRS Improvements in vSphere 7 Explained – Link
• vSphere 7 YouTube playlist – Link

I hope you have enjoyed reading about “What’s new in vSphere 7.0”
What do you think of the announcements?

Is this something you are interested in? Did I miss something?

Feel free to leave a comment and let me know what you think!