Friday, October 19, 2018

What’s New in vCenter Server 6.7 Update 1


vCenter Server 6.7 Update 1, you can move a vCenter Server with an Embedded Platform Services Controller from one vSphere domain to another vSphere domain. Services such as tagging and licensing are retained and migrated to the new domain. For more information, see the vCenter Server Installation and Setup Guide.
  • vCenter Server 6.7 Update 1 adds screening for issues in your vSphere environment that proactively provides links to relevant VMware knowledge base articles. For more information, see Check vSphere Health in vSphere Client.
  • vCenter Server 6.7 Update 1 adds support for virtual machine (.vmtx) templates in the Content Library Service.
  • vCenter Server 6.7 Update 1 adds a CLI tool to convert instances of vCenter Server Appliance with an external Platform Services Controller instances into vCenter Server Appliance with an embedded Platform Services Controller connected in Embedded Linked Mode.
  • Burst Filter: vCenter Server 6.7 Update 1 adds a Burst Filter to manage event bursts and prevent the database of vCenter Server from flooding with identical events over a short period of time.
  • vCenter Server 6.7 Update 1 supports VMware vSphere vMotion between on-prem systems and VMware Cloud on AWS. You can use either the vSphere Client or vShere Web Client, or the API. To enable the feature, you must upgrade the source on-prem vCenter Server system to vCenter Server 6.7 Update 1 and ESXi 6.7 Update 1.
  • With vCenter Server 6.7 Update 1, you can import Open Virtual Appliance (OVA) files in a Content Library. The OVA files are unzipped during the import, providing manifest and certificate validations, and create an OVF library item that enables deployment of virtual machines from a Content Library.
  • With vCenter Server 6.7 Update 1, you can restore external Platform Services Controller instances which are replicating data with other external Platform Services Controller instances. This includes restore of external Platform Services Controller instances in all topologies supported in replication mode. The external Platform Services Controller being restored syncs with active peers or if no replication partner is available, it is restored to a backed-up state.
  • Create and Extend Hyper-Converged Infrastructure (HCI): The Create/Extend HCI cluster feature provides a guided user experience for configuration of vSphere and vSAN clusters. The feature also delivers a centralized wizard experience, embeds best practice, and automates repetitive operations.
  • With vCenter Server 6.7 Update 1, you can use the Appliance Management User Interface to configure and edit the firewall settings of the vCenter Server Appliance.
  • With vCenter Server 6.7 Update 1, users with vCenter Single Sign-On administrator privileges, who are part of the SystemConfiguration.BashShellAdministrator group, can access and manage the vCenter Server Appliance by using the Bash shell.
  • vCenter Server 6.7 Update 1 supports Windows 2016 Active Directory.
  • vCenter Server 6.7 Update 1 adds support for configuration and monitoring of vCenter High Availability by using the vSphere Client.
  • With vCenter Server 6.7 Update 1, you can change color schemes in the vSphere Client to display the interface in a dark theme.
  • AppDefense vCenter Server Plugin: vCenter Server 6.7 Update 1 introduces VMware Appdefense as an integrated component of vCenter Server. The AppDefense vCenter Server Plugin provides aggregated security metrics, visibility, and health statistics for applications and workloads running on vSphere.
  • AppDefense lifecycle management: vCenter Server 6.7 Update 1 supports one-click, integrated installation and upgrade workflows for AppDefense directly within vCenter Server. For more information, see the AppDefense Installation Guide with vCenter Server Plugin.
  • AppDefense virtual machine monitoring: vCenter Server 6.7 Update 1 supports AppDefense behavior monitoring for visibility, security assessment, and troubleshooting directly within vCenter Server. For more information, see the AppDefense User Guide.


I hope this has been informative and thank you for reading!

What’s New VMware vSphere 6.7 Update 1


vSphere 6.7 Update 1 is now generally available. This release includes a single HTML5 vSphere Client. The vSphere SSO domain also is receiving more flexibility with support for embedded repointing. Now a single embedded deployment can move to another vSphere SSO domain. Another feature with enhancements in vSphere 6.7 Update 1 is Content Library. It now supports native vCenter Server templates (.vmtx) and Open Virtual Appliance (OVA). Of course, there are more new features and enhancements in this release. Without further ado, here is what’s new in vCenter Server 6.7 Update 1.

vSphere Client

We have a fully featured vSphere client in vSphere 6.7 Update 1. The vSphere team also wanted to optimize the vSphere Client’s performance and workflows. Ensuring the best customer experience possible. This release includes smart porting over and completing the remaining features which included:

  • vCenter High Availability (VCHA)
  • Auto Deploy
  • Host Profiles
  • vSphere Update Manager
  • Network Topology Diagrams
  • Performance Charts
  • Improved Searching
  • Dark Theme


Content Library

This feature has been around since vSphere 6.0 and is one of my favorites. As a customer, I had to manage several images, scripts, OVAs, and templates for several remote sites. Having to maintain and update the same content in several locations can be a nightmare. Content Library is a native vCenter Server service which solves this problem. It uses the subscriber/publisher model to distribute content. There are two deployment models when using Content Library:

Single vCenter Server managing several sites
  • Centralized managed content
  • Uses WAN to sync content, requires publishing vCenter Server to be available
  • Content stored on a datastore at the remote sites
  • When provisioning content at the remote sites, traffic is kept local

Multi vCenter Server
  • Centralized managed content
  • Uses WAN to sync content
  • Can sustain publishing vCenter Server failure, remote locations continue to operate
  • Content stored on a datastore at the remote sites
  • When provisioning content at the remote sites, traffic is kept local

vSphere Health

This is a new feature with huge potential. When deploying your vCenter Server there is an option to enable CEIP. It stands for Customer experience improvement program. When enabled data gets sent to VMware’s analytics cloud, customer workload data is not part of the data collected. This is all anonymous, data is secure and housed in VMware’s data centers. VMware uses this telemetry data to help improve features and customer experience. Now when enabled this functionality provides even more value to the customers.

Remaining new update i will cover my next post shortly. I hope this has been informative and thank you for reading!

Saturday, September 22, 2018

Introducing vSphere Platinum and vSphere 6.7 Update 1!

VMware is announcing VMware vSphere Platinum – a new edition of vSphere, as well as vSphere 6.7 Update 1 – the latest release of the industry-leading virtualization and cloud platform.

With the adoption of digital transformation, individuals and corporations are all leaning more on digital assets, digital identities, and digital channels to drive revenues and differentiate themselves in the market, which makes comprehensive security across infrastructure and applications of paramount importance.  As data security threats increase and regulatory pressure to control such risks grow, organizations are shifting from point security tools to embedded infrastructure solutions. Here are some key challenges and focus areas for customers, when it comes to IT Security
  • Addressing security threats and securing applications are a top IT and business priority.
  • Security threats are increasing, and becoming more sophisticated.
  • Security needs to be enabled at the foundation of an IT architecture and across the entire environment, not just in one component or layer. IT needs to comprehensively secure – applications, data, infrastructure, and access.
  • Security needs to be easy to operationalize in a seamless and transparent manner.
  • Traditional security models and anti-virus products can be both ineffective and consume too many system resources. By the time an attack is detected, it is usually too late.
Introducing vSphere Platinum


VMware vSphere Platinum is a new edition of vSphere that delivers advanced security capabilities fully integrated into the hypervisor. This new release combines the industry leading capabilities of vSphere with VMware AppDefense, delivering purpose-built VMs to secure applications.


vSphere Platinum secures applications, infrastructure, data, and access with the combined capabilities of core vSphere and AppDefense. It enables a simple and powerful way to maintain existing workflows, while supporting collaboration amongst vSphere Admins, and Security, Compliance and Application teams; making for less disruptive response and remediation in a security incident.

Benefits for vSphere Admins
  • Gain visibility into the intent of each virtual machine, and a detailed inventory of application assets and context.
  • Understand how applications behave and be alerted to potential issues and deviations.
  • Shrink the attack surface and reduce the risk of security compromise.
  • Establish a simple and powerful way to collaborate with security, compliance and application teams.
  • Get better visibility and protection with a simple, light-weight and scalable security solution, with no agents to manage, and minimal overhead.
  • Use what you already own, understand, and run in your data center – vSphere – with its unique visibility, automation and isolation qualities.
  • Play a larger and critical role in the security of your entire IT environment – Be the Security Admin
Key Features and Capabilities

vSphere Platinum delivers comprehensive built-in security and is the heart of a secure SDDC, delivering secure applications, data, infrastructure, and access.

Secure Data

  • FIPS 140-2 Validated VM Encryption, and cross-vCenter Encrypted vMotion – Secure against unauthorized data access both at rest and in motion, across the hybrid cloud.
  • Secure Infrastructure
  • Secure Boot for ESXi – Allows only VMware and Partner signed code to run in your hypervisor.
  • Secure Boot for Virtual Machines – Helps prevent images from being tampered with and prevents the loading of unauthorized components.
  • Support for TPM 2.0 for ESXi – Enables hypervisor integrity by validating the Secure Boot for ESXi process and enables remote host attestation.
  • Virtual TPM 2.0 – Provides the necessary support for guest operating system security features while retaining operational features such as vMotion and disaster recovery.
  • Support for Microsoft Virtualization Based Security – Supports Windows 10 and Windows 2016 security features, like Credential Guard, on vSphere.
  • Secure Access
  • Audit Quality Logging – Enables authorized administration and control by providing high fidelity visibility in vSphere operations.
  • Additionally, vSphere has deep integration and works seamlessly with other VMware products such as vSAN, NSX and vRealize Suite to provide a complete security model for the data center. To learn more about vSphere Platinum
I hope this has been informative and thank you for reading!

VMworld 2018 US Recap

I’m very very excited to fly into Las Vegas VMworld 2018. VMworld is a five-day conference that will take place at Mandalay Bay in Las Vegas August 26 – 30. 

VMworld in the US this year?

What’s New during the keynotes. and release some posts during the events.

Especially HCI, Vsphere 6.7 update 1 and vSphere Platinum multi-cloud and NSX.









Secure Infrastructure

  • Secure Boot for ESXi – Allows only VMware and Partner signed code to run in your hypervisor.
  • Secure Boot for Virtual Machines – Helps prevent images from being tampered with and prevents the loading of unauthorized components.
  • Support for TPM 2.0 for ESXi – Enables hypervisor integrity by validating the Secure Boot for ESXi process and enables remote host attestation.
  • (Virtual TPM 2.0) – Provides the necessary support for guest operating system security features while retaining operational features such as vMotion and disaster recovery.
  • Support for Microsoft Virtualization Based Security – Supports Windows 10 and Windows 2016 security features, like Credential Guard, on vSphere.

Introducing vSphere 6.7 Update 1

vSphere Platinum, we are excited to announce vSphere 6.7 Update 1, which includes some key new and enhanced capabilities. Here are some highlights:

  • Fully Featured HTML5-based vSphere Client
  • Enhanced support for NVIDIA vGPU powered VMs; and Support for Intel FPGA
  • New vCenter Server Convergence Tool
  • Enhancements for HCI and vSAN
  • Enhanced vSphere Content Library

I hope this has been informative and thank you for reading!

Tuesday, July 3, 2018

Upgrading your vSphere Site Recovery Manager

vSphere 5.5 going end of life in September 2018, we have been traveling all over doing workshops for upgrading to vSphere 6.x. However, with each workshop we have at least one customer who is running Site Recovery Manager with their vCenter Server 5.5 and aren’t too sure what the upgrade path is. This blog will go over the steps I took to upgrade a vSphere 5.5 U3 environment which runs Site Recovery Manager 5.8.1 and vSphere Replication 5.8.1 to a vSphere 6.5 U1 environment which runs Site Recovery Manager 8.1 and vSphere Replication 8.1.

Preparing for your Upgrade



As we review the Interoperability Matrices for vCenter Server and Site Recovery Manager we can see there is no direct upgrade path from vCenter Server 5.5 U3 with Site Recovery Manager 5.8.1 to vCenter Server 6.5 or 6.7. Luckily Site Recovery Manager version 8.1 was released which helps alleviate some of the issues. Site Recovery Manager 8.1 introduced compatibility with vCenter Server 6.0 U3, 6.5, and 6.7. Along with the Interoperability Matrices we highly recommend reviewing the release notes, product documentation, and the update sequence guides for 6.0 and 6.5 as this will layout the recommended paths to upgrade the compatible VMware products.

Site Recovery Manager Upgrade Paths



there is no direct upgrade from vCenter Server 5.5U3 and Site Recovery Manager 5.8.1 to vCenter Server 6.5 and Site Recovery Manager 5.8.1. We do have a few supported methods that we can use. These methods would depend on your own environmental requirements. During your upgrade, your environment may also include a hardware refresh, because of these you may have opted to deploy a new vCenter Server and Site Recovery Manager environment and opted to do a parallel migration.

Another possibility is that you may also have a simple or small Site Recovery Manager deployment, and you choose to do more of a forklift upgrade. With this method, you would uninstall Site Recovery Manager from your vSphere 5.5 environment and then upgrade directly to vSphere 6.5. Once your environment is fully upgraded you can then deploy a fresh installation of Site Recovery Manager 8.1.

As we review the Site Recovery Manager  6.0 documentation we can see that we have the following upgrade note. This means if we are on a version previous to 5.8.x we must first update.

Upgrading from Site Recovery Manager 5.0.x and 5.1.x to Site Recovery Manager 6.0 is not supported. Upgrade Site Recovery Manager 5.0.x and 5.1.x to a Site Recovery Manager 5.5.x or 5.8.x release before you upgrade to Site Recovery Manager 6.0.

When we review the Site Recovery Manager  6.1 documentation we can see that we have a new warning.

Upgrading from Site Recovery Manager 5.x to Site Recovery Manager 6.1 is not supported. Upgrade Site Recovery Manager 5.x to a Site Recovery Manager 6.0.x release before you upgrade to Site Recovery Manager 6.1.

And then last but not least when we review the Site Recovery Manager  8.1 documentation we can see

Upgrading from Site Recovery Manager 6.0.x to Site Recovery Manager 8.1 is not supported. Upgrade Site Recovery Manager to a Site Recovery Manager 6.1.x release before you upgrade to Site Recovery Manager 8.1.

When we put this all together we can see our upgrade path, we will upgrade Site Recovery Manager in the following order. 5.8.1 -> 6.0, 6.0 -> 6.1.2.1 and then 6.1.2.1 -> 8.1.

Site Recovery Manager - Site Recovery Manager Plugins moved from C# Client to vSphere Web Client (Flash)

I hope this has been informative and thank you for reading!

Thursday, June 21, 2018

What’s New with SRM and vSphere Replication 8.1


I’m going to cover these features at a high-level SRM and vSphere Replication 8.1.

New HTML5 User Interface


Here is nice screenshot for SRM now has a slick new HTML5 based “Clarity” UI. This new interface supports all the functionality of the previous UI and the SRM and vSphere Replication interfaces have been merged to allow for easier navigation and improved management. Work has also gone into improving workflows and making the interface easier to use. For example, when configuring VMs for replication with vSphere Replication, as part of the same protection workflow the VMs can be added to a new or existing Protection Group and a new or existing Recovery Plan.



This merging of the interfaces of SRM with vSphere Replication extends throughout the new UI. It improves usability and reduces the time required to execute common workflows. The integration is designed in a way that it works regardless of if SRM or vSphere Replication are used together or if either product is used on its own. When SRM or vSphere Replication are accessed the new HTML5 interface opens in a new browser tab. 

Flexible Site Pairing – vCenter Decoupling



SRM and vSphere Replication 8.1 have been decoupled from specific versions of vCenter. This means that SRM and vSphere Replication 8.1 can be installed with vCenter 6.0U3, 6.5, 6.5U1 or 6.7. And the same version of vCenter does not have to be run at both sites (eg Site A running vCenter 6.0U3 and Site B running vCenter 6.5). SRM and vSphere Replication 8.1 also work with VMware Site Recovery, the DRaaS offering for VMware Cloud on AWS.

This flexibility makes installation, upgrades and ongoing operations with SRM and VR much simpler and easier for customers. For example, a customer running vCenter 6.0U3 with SRM 8.1 could upgrade vCenter to 6.5 or 6.7 without impacting SRM or requiring any changes to it. This enhanced interoperability greatly reduces risk and simplifies administration.


Simplified Upgrade Path



In combination with being decoupled from a specific version of vCenter, SRM & VR 8.1 also support upgrades from more than just the previous release. Customers can now upgrade to SRM and VR 8.1 from SRM and VR 6.1, 6.5 or 8.0. This combined with vCenter version flexibility makes it easier than ever to utilize the latest version of SRM. It reduces the time required and the number of steps needed which combined together reduces risk and simplifies management.

Configuration Import/Export Tool

This one is huge. A lot of customers have asked for this and we listened. SRM now has a simple, easy to use tool for exporting and importing the entire SRM configuration. This allows for customers to use it to backup and recover their configuration as well as to migrate between database types (eg. Export from MS SQL Import into vPostgres embedded DB). This tool is run from the command line on the SRM server at either site and it exports/imports the entire configuration.

Here is a quick summary of everything that is exported/imported:

  • Protection Groups
  • Recovery Plans
    •   Priority groupings of VMs
    •   VM dependencies
    •   Callouts
  • IP customization settings
    • Network, Folder, Resource and Storage Policy mappings
  • Including IP subnet mapping rules
  • Placeholder VM information
  • Advanced settings
  • Local and remote site addresses
  • Array Managers with SRA information
  • Having this functionality reduces customers risk and increases manageability.

Support for more Protection Groups

SRM 8.1 now supports up to 500 Protection Groups per SRM pair, up from 250 in previous releases. This additional capacity provides flexibility for customers with large numbers of applications looking to organize their Protection Groups around individual applications.


Support for FT Protected VMs

SRM 8.1 now supports protection for VMs that require the use of Fault Tolerance. There are a few restrictions; array-based replication only, both primary and secondary FT VMs must be located on the same array consistency group and the recovery VM is recovered without FT enabled. Even with these restrictions, this added resilience should be enough to support the most critical applications.

Automation enhancements

SRM 8.1 exposes two additional APIs:

Configure and Retrieve IP Customization Settings
Add/remove Datastores from Array-Based Replication Protection Groups
These APIs in addition to those already exposed, make it easier than ever to automate and interact with SRM programmatically.

I hope this has been informative and thank you for reading!

What’s New in vSphere 6.7 Whitepaper


VMware recent announcement and general availability of vSphere 6.7 we’ve seen an immense amount of interest. With each new version of vSphere we continue to see customers start their testing of new releases earlier and earlier in the release cycle. vSphere 6.7 brings a number of important new features that vSphere Administrators well as architects and business leaders are excited about.

vSphere 6.7 focuses on simplifying management at scale, securing both infrastructure and workloads, being the universal platform for applications, and providing a seamless hybrid cloud experience. Features such as Enhanced Linked Mode with embedded Platform Services Controllers bring simplicity back to vCenter Server architecture. Support for TPM 2.0 and Virtualization Based Security provide organizations with a secure platform for both infrastructure and workloads. The addition of support for RDMA over Converged Ethernet v2 (RoCE v2), huge pages, suspend/resume for vGPU workloads, persistent memory, and native 4k disks makes shows that the hypervisor is not a commodity and vSphere 6.7 enables more functionality and better performance for more applications.

For those wanting a deep dive into the new features and functionality, I’m happy to announce the availability of the What’s New in vSphere 6.7 whitepaper. This paper is a consolidated resource that discusses and illustrates the key new features of vSphere 6.7 and their value to vSphere customers. The What’s New with vSphere 6.7 whitepaper can be found on the vSphere product page in the Resources section or can be downloaded directly here. After reading through this paper you should have a very good grasp on the key new features and how they will help your infrastructure and business.

Finally, we have a new collection of vSphere 6.7 resources on vSphere Central to make setting up and using these new features even easier. There are also some walkthroughs on upgrading. You can see all of the currently available resources on the vSphere 6.7 Technical Assets.

I hope this has been informative and thank you for reading!

What’s New in vCenter Server 6.7 Update 1

vCenter Server 6.7 Update 1, you can move a vCenter Server with an Embedded Platform Services Controller from one vSphere domain to anot...