Back in March, VMware introduced their application modernization strategy and with it, the biggest release of vSphere in over a decade. This followed the VMware ‘Project Pacific’ announcement Joe Beda made during VMworld 2019 where he made the remark "Kubernetes is a platform for creating platforms."
VMware makes very good use of the intellectual property gained by the Heptio acquisition and fully adopts Kubernetes into vSphere by leveraging Tanzu Kubernetes Grid (TKG). This allows centralized management of both virtual machines and containers from the interface we all know and love, vCenter Server. Sound familiar? Yes, vSphere Integrated Containers aimed at a similar result minus Kubernetes a few years back. This time around, however, VMware fully embraces Kubernetes with TKG and provides the vSphere Pod Service as well as namespaces and several other services which together improve performance, security, access, and management of Kubernetes in a vSphere environment. There is plenty to be excited about here.
While most of the headlines around vSphere 7 are about the marriage of vSphere and Kubernetes, and, rightfully so, there is plenty of other improvements worth noting. Below are some of the highlights.
vSphere 7 Key Capabilities:
Simplified Lifecycle Management
- Update Planner allows you to fully automate and simplify the lifecycle management of infrastructure software and hardware.
- It also enables the upgrades of entire ESXi clusters using a desired state model with cluster image management.
- vCenter Server profiles have been added to provide desired state configuration management for vCenter Server instances.
Intrinsic Security and Control
- Increased security to infrastructure, data, and access with a simple, comprehensive, and policy-driven model.
- Remote attestation for sensitive workloads using the new vSphere Trust Authority.
- Secure vCenter Server authentication using external Identity Federation.
Distributed Resource Scheduler (DRS)
- Distributed Resource Scheduler (DRS) gets a revamp and takes a workload-centric approach by using VM DRS scores as the metric to decide placements and keep VMs happy, instead of only focusing on cluster-level balancing.
- The VM DRS score calculation is redone every minute resulting in much more granular optimization.
- vMotion also gets an overhaul and now provides consistent performance during vMotion operations of your databases and mission critical workloads. Think SAP HANA and Oracle.
- The page tracing process is now owned by a dedicated vCPU instead of all vCPUs mitigating application performance concerns during the migration of large VMs.
- The memory copy process was also rearchitected to be more efficient by making use of larger pages. Memory is now transferred between hosts in 1 GB pages as opposed to 4K.
vSphere 7 with Kubernetes
- vSphere Namespaces allow VI Admins to create namespaces for developer self-service. These namespaces are governed by network, compute, storage, and access policies centrally managed by VI Admins.
- Tanzu Kubernetes Grid Service gives developers access to a fully conformant, upstream Kubernetes runtime on vSphere.
- vSphere Pod Service aka 'Project Pacific' allows for Kubernetes pods to run in their own dynamically created VM directly on the hypervisor.
- Storage Service gives developers access to persistent volumes within their vSphere Namespaces. These volumes can be attached and detached to both vSphere Pods and Tanzu Kubernetes Grid clusters.
- Network Service automatically configures vSphere Pod networking and nodes service type load balancer networking for Tanzu Kubernetes Grid clusters.
- Registry Service allows developers to have access to a Harbor cloud native repository project for each namespace deployed.
- Virtual Machine Service (Tech Preview) enables vSphere VMs to be managed by Kubernetes allowing all company applications components to be stored in a container registry.
VMware introduced a lot of value in vSphere 7 with Kubernetes for the VI admin. VMware has delivered a new way to manage infrastructure, called ‘application-focused management’ for containerized applications. This enables admins to apply policies to an entire group of objects and organize multiple objects into a logical group and then apply policies to the entire group. This helps improve productivity and reduce errors that can be costly to identify and correct.
VMware’s release of vSphere 7 is proving to be a game-changer thanks to the improvements to security, performance, and lifecycle management, but especially due to the introduction of Kubernetes. VMware has advanced multi-cloud infrastructure by leveraging Kubernetes to empower developers building cloud-native apps as well as IT operations teams supporting legacy ones.
Licensing and Packaging
There have been several vSphere licensing and packaging changes that have been rolled out over the past few months. I've highlight two major ones below:
- vSphere CPU Limit: Each vSphere per CPU license an only license up to 32 to cores. Anything above 32 cores requires an additional CPU license.
- vSphere 7 with Kubernetes: This is licensed by a vSphere Kubernetes Add-On license only available for VMware Cloud Foundation customers.
- Below is a high level of each vSphere 7 License Types:
- vSphere Standard and Enterprise Plus - Per CPU up to 32 core license
- vSphere for Desktop - For Horizon environments only
- vSphere Essentials/Essentials Plus - Small, three host environments
- vSphere ROBO License Standard, Advanced, Enterprise - Up to 25 VMs
- vSphere Scale Out - Big Data and high performing computing HPC package
- vCenter Server is Available in the below license types:
- vCenter Essentials - Up to three hosts
- vCenter Foundations - Up to four hosts
- vCenter Standard -Unlimited hosts
- Below is a high level of each vSphere 7 License Types:
Upgrading to vSphere 7
vSphere serves as a major foundational component to enterprise data centers. There are many third-party tools that integrate with vSphere to provide security, compute, storage, backup, and disaster recovery solutions, etc. Before upgrading, Clearpath recommends you inventory all such solutions and make sure they fully support vSphere 7. In our experience third party vendors take about 90 days from the vSphere General Availability data to support the latest version. Generally speaking this normally coincides with update one of that release.
Clearpath can assess your existing environment's readiness to upgrade to vSphere 7 including all third party software and hardware vendors
vSphere 7 Release Notes: https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-vcenter-server-70-release-notes.html
App Modernization Hands on Labs: https://www.vmware.com/try-vmware/try-hands-on-labs.html
vSphere 7 Licensing and Packaging: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vsphere/vmware-vsphere-pricing-whitepaper.pdf
VMware vSphere Assessment Tool for Upgrades: https://pathfinder.vmware.com/path/accelerate_digital_transformation_by_upgrading_your_vmware_vsphere_environment?int_cid=7012H0000021RY8&src=WWW_us_VMW_2bWCsStKYxPMklLfdjy8