vSphere 6.7 - Whats New
vSphere 6.7 brings some advanced features designed to be secure, hybrid cloud ready and be a universal application platform that eases administration.
Upgrade Notes - At this time vSphere 6.7 is not compatible with VMware NSX, VIO or VIC. A KB listing important upgrade considerations can be found here
Hybrid Cloud Experience
Connecting on premise environments to clouds is at the forefront of most business strategies and roadmaps. With this in mind vSphere 6.7 includes vCenter Server Hybrid Linked Mode. (Hybrid Cloud Extensions is now included as part of VMC on AWS subscription). This will provide a unified view and management from a single place. The benefit here being the vSphere/vCenter versions do not have to be at the same level. Hybrid Linked Mode will allow cloud hosted clusters appear within vCenter on premise. You can still leverage the management tools that you have, treating the cloud instance as "just another datacenter". Workload mobility ingress/egress to/from the cloud supports Cross-Cloud Cold and Hot Migration. There will be situations where CPU types will be different between on premise and cloud and therefore a new feature is introduced that takes the traditional Enhanced vMotion Capability and takes this down to a per VM level called Per-VM EVC. Instead of a full CPU generation having EVC applied it can be done on a more granular VM level. This allows for seamless migrations across CPU generations because the VM will have the EVC attribute assigned.
Modern Workload Support
More and more customers are looking to have a platform that supports modern application's such as Big Data, HPC, AI Machine Learning and Cloud Native. A lot of collaboration has been done between VMware and Nvidia, GPU's initial use case in a vSphere environment was primarily for VDI workloads creating a shared GPU across desktops for application's that required heavy rendering (AutoCAD, Revit, Solidworks etc). The nvidia card's can be switched from graphics mode and used as additional dedicated computational processing. This is important for advanced applications that need additional compute offload (And not necessarily graphical rendering). VMs that are leveraging vGPU access can now be suspended and resumed instead of being powered off. This adds a significant amount of flexibility and in my mind opens up use cases regarding leveraging different machines at different times to get the full benefit of the GPU investments. There is also support for PMEM/NVDIMMs A type of non-volatile DRAM (NVDIMM) providing the speed of DRAM but with persistence between power cycles - this should help turbo charge performance for next-gen applications (*OS support requirements). Para-virtualized RDMA (PV-RDMA) is now supported for Linux guest OS' with RoCE v2 support. RDMA allows devices to read/write directly to an applications memory without having to interact with the CPU or OS. This enables higher throughput and low latencies. vSphere Persistent Memory will let vSphere carve out a piece of local persistent memory in a host and present it to a VM as a NVDIMM (As above). Virtual disks can be live migrated from regular storage (vSAN, SAN, NFS) to PMEM based disks using storage vmotion.
In vSphere 6.5 there were some serious security enhancements as I wrote about in my previous blog. Building on the features in 6.5 there are some important additions with support for Trusted Platform Module (TPM) 2.0. TPM is a chip used to create hardware based security essentially protecting the system. e.g. some machines include TPM's and during startup, the chip scans the BIOS for unauthorized changes. They also provide safe storage of encryption keys, certificates and passwords. Building upon secure boot vSphere uses TPM ensuring the system has booted with secure boot enabled and measurements taken and stored in the TPM. vCenter compares the measurements and compares to the booted ESXi. If the values match, then the host has booted with secure boot.
Virtual TPM 2.0 for VMs is a virtualized TPM 2.0 device (not using hardware) but appears in windows as a TPM 2.0 device. It will do cryptography operations and store passwords all being encrypted by VM Encryption.
Workflows for VM Encryption have been enhanced and encrypted vMotion across vCenter's has been added. This means DC migrations or ingress/egress to the cloud are secure and simple.
vSphere Quick Boot is a great new feature that restarts the ESXi hypervisor without having to reboot the host hardware. This makes patching much quicker eliminating the hardware initializing and system tests.
HTML5 interface is now at a much more feature parity to the traditional web client. I have read 90 to 95% like to like capabilities.
This is just some of the many enhancements added to vSphere 6.7