Feb 05

Introducing VMware NSX for vSphere 6.3 & VMware NSX-T 1.1

This past week at VMware has been quite exciting! Pat Gelsinger, VMware CEO, reported on the Q4 2016 earnings call that VMware NSX has more than 2,400 customers exiting 2016. Today, we continue that momentum by announcing new releases of our two different VMware NSX platforms – VMware NSX™ for vSphere® 6.3 and VMware NSX-T 1.1.

These releases continue to accelerate digital transformation for organizations through the most critical IT use cases – Security, Automation, and Application Continuity – while expanding support for new application frameworks and architectures.
As more and more customers adopt NSX for vSphere, we continue to add features to make it easier for you to deploy, operate and scale-out your environment. NSX empowers customers on their cloud journey. It is driving value inside the data center today and expanding across datacenters and to the cloud via our Cloud Air Network partnerships, and soon to VMware Cloud on AWS and native public cloud workloads via VMware Cross-Cloud Services.

Let’s take a look at some of the new features in NSX for vSphere 6.3:


Some of the new capabilities delivered in NSX for vSphere 6.3 are the Application Rule Manager (available in NSX Advanced and Enterprise editions) and Endpoint Monitoring (available in NSX Enterprise Edition).

Application Rule Manager simplifies the way you create security groups and firewall rules for applications based on their real-time network traffic flows. Endpoint Monitoring enables you to profile applications inside the guest including visibility into specific application processes and their associated network connections. Used together, you have end-to-end visibility of your applications and simplified firewall rule creation to help operationalize micro-segmentation even faster and more effectively than ever before.
Keep an eye out on the Security section of the NSX blog over the next few weeks for technical deep-dives into exactly how these Application Rule Manager and Endpoint Monitoring features work.

Our product certifications team was busy in 2016 and intends to deliver additional certifications throughout 2017. They have been working hard on guiding our development efforts and ensuring a number of key security and compliance enhancements made their way into the NSX for vSphere 6.3 release. In 2016, Coalfire, an independent cyber risk management advisor and assessor, certified that VMware NSX for vSphere meets regulatory compliance requirements such as PCI DSS. NSX was also the first software-defined networking solution to have the Defense Information Systems Agency (DISA) Risk Management Executive publish a Security Technical Implementation Guide (STIG), signifying that the solution meets the security hardening guidance required for installment on Department of Defense (DoD) networks. Watch the blog Security section in the coming months for updates on certifications related to ICSA Labs, FIPS 140-2 and Common Criteria EAL-2 certification.


When I meet with customers, they continue to tell me that NSX has the most transformative impact on their organizations, once they begin automating their manual networking and security processes. It’s not easy and requires organizational, people, and processes changes. But the value NSX brings to the organization is huge. To help support this, we continue to make enhancements to the automation capabilities in NSX for vSphere 6.3. We have enhanced the integration of NSX Load Balancers within vRealize Automation and added support for third-party IP Address Management (IPAM) systems for on-demand routed networks. We have also enhanced the integration with NSX for vSphere and vCloud Director, enabling new multi-tenant capabilities for our vCloud Air Network partners, and adding support for emerging NFV use case.
Figure. Screenshot of Load Balancing integration into vRealize Automation blueprints.

Multi-tenancy is often thought about as something only service providers care about, but we’re seeing increased demand from non-service providers looking to operate in more of a service provider model in the way they deliver services to their organization. The University of New Mexico is a great example of this, where they are collapsing their disaggregated IT from dozens of departments back to a centralized IT model, reducing provisioning time for new workloads and services from 3 weeks down to 20 minutes!

Application Continuity

As NSX continues to mature and adoption becomes mainstream, we are seeing customers deploy NSX for a range of different use cases. AeroData Inc., for example, is leveraging the network overlay capabilities in NSX to create a highly-available, Active-Active data center architecture. In NSX for vSphere 6.3, we have further enhanced the security tagging capabilities in multi-vCenter deployments, simplifying security policy management at scale across multiple data centers. (Read more about multi-site with cross-vCenter NSX.)
Emerging use-cases: Containers and Remote Office Branch Office (ROBO)

With NSX for vSphere 6.3, we are helping to further improve the developer experience with containers via integration with the recently announced vSphere Integrated Container (VIC). As VIC is built on vSphere 6.5, you can leverage NSX for vSphere 6.3 to connect and secure VIC infrastructure, enabling you to deliver a secure container environment on demand for developers.

Another addition as part of NSX for vSphere 6.3 release is a new NSX for ROBO edition SKU. Using this capability, NSX provides a comprehensive solution to network and security policy for environments across remote and branch offices, which reduces the operational costs of branch connectivity and maintenance. In upcoming blog postings, we will share more details about the NSX for ROBO features, use case, and customer success stories as we have been seeing keen interest from our customers in this space.

Expanded support for new platforms with NSX-T: KVM, OpenStack

Let’s now look at VMware’s other NSX platform – NSX-T 1.1 – and some of the new capabilities being delivered in this latest release.

VMware NSX-T is focused on emerging application frameworks and architectures that have heterogeneous endpoints and technology stacks. In addition to vSphere hypervisors, these environments may also include other hypervisors, containers, bare metal, and public clouds. NSX-T allows IT and development teams to choose the technologies best suited for their particular applications. NSX-T is also designed for management, operations, and consumption by development organizations – in addition to IT.

NSX-T 1.1 offers expanded support for multiple KVM distributions, including Canonical Ubuntu and Red Hat Enterprise Linux. NSX-T starts at the source of the application, within the hypervisor kernel, delivering optimal security granularity and line-rate performance. NSX-T delivers distributed firewalling, logical switching, and distributed routing.

NSX-T 1.1 also delivers support for private IaaS clouds based on OpenStack. With this release, NSX-T supports the latest versions of OpenStack, i.e., Newton and Mitaka. In addition to using the OpenStack APIs, development teams can also use Puppet, Chef, and Terraform to describe and automate the networking and security for their application workloads within an OpenStack environment.
Support for new app frameworks: Photon and Container Networking Interface (CNI)

NSX-T is integrated with the VMware Photon Platform. This capability allows IT to offer virtual networking and security as services to developers building and running containerized, cloud-native applications. NSX will auto-create and scale networks and routers when a new namespace/project/organization is created, and define and enforce micro-segmentation security policies for containers and pods. (Read more about Photon Platform and NSX-T.)

Currently in beta, the NSX-T Container Networking Interface (CNI) plugin will allow developers to configure network connectivity for their application containers helping deliver developer ready infrastructure.

Pricing and Packaging

Though not a new NSX feature, we are also excited to announce changes to our VMware NSX pricing and packaging.

Starting today, customers who purchase VMware NSX have the option of downloading and installing either platform and can switch between the two if needed without having to re-purchase NSX. And should your needs change, you can switch between the two.

As mentioned earlier, with NSX for vSphere 6.3, we have introduced a new NSX for ROBO (Remote Office Branch Office) packaging option. For those of you familiar with the vSphere for ROBO and vSAN for ROBO offerings, NSX for ROBO is packaged in the same way.

NSX Everywhere

In last week’s Q4 VMware earnings call, Pat Gelsinger mentioned that NSX is an essential element to VMware Cloud Foundation, Cross-Cloud Services and VMware Cloud on AWS. With both NSX for vSphere and NSX-T, NSX intends to be everywhere in the containerized, multi-cloud future. NSX becomes the bridge that enables customers to unify networking and security across their private and public clouds.

What You Can Do Now

Matt De Vincentis

Rating: 5/5

Dec 10

VMware Announces General Availability of vSphere Integrated Containers

Posted on December 9, 2016 by Charu Chaubal

For nearly two decades, we at VMware have been working on helping our customers address the challenge of supporting traditional business critical applications as well as next-generation application. Today, with the General Availability of vSphere Integrated Containers, we are proud to announce that our customers can count on vSphere to also natively run containerized workloads.

Over the past couple of years, we’ve met a number of customers who have started to experiment with containers in their dev/test environment. While being impressed by the benefits of this technology our customers raised a few important concerns that kept them from being able to take these applications to production.

    Reduced visibility – Enterprise IT admins are responsible for running tens if not hundreds of applications in production and their existing toolset and practices do not allow them to peek inside the VMs. If they are able to, often times, they have not had the opportunity to understand the application, its architecture, the effects and the processes to isolate any misbehaving containers.

    Multi-tenancy and concerns when sharing a kernel – With no efficient way to partition infrastructure, admins are forced to rethink their strategy for multi-tenancy. On a related note, the well-known security issues that arise from a shared kernel prevent admins from running these workloads in production. The problem is acute in industries where regulation and compliance is mandatory.

    Non-elastic infrastructure and inefficient resource utilization – Customers struggle with sizing their container hosts and end up spending too much time trying to predict the amount of resources their applications need. Some overprovision resources to save time and that leads to the creation of monster VMs and inefficient utilization. Even when they overprovision, they often end up resizing their hosts or include additional capacity. As a result, they are forced to bolt on a clustering solution that increases complexity.

    DIY isn’t for everyone – Many enterprise customers do not have the bandwidth or the capacity to build out their own stack using a DIY approach or to keep on top of the ever evolving set of patches and updates.

vSphere Integrated Containers starts by enabling IT teams to run traditional and container workloads side-by-side on existing infrastructure seamlessly. This ensures that customers do not ever have to create silos in their infrastructure. Using constructs from the Open Container Initiative to map Docker containers to vSphere infrastructure, containers are provisioned as virtual machines, offering the same security and functionality of virtual machines in VMware ESXi hosts or VMware vCenter Server instances.

The resultant container VMs, that are provisioned on-demand, lend themselves to be managed much like any other VM in the vSphere environment. Thus administrators are able to use their existing tools, processes and even scripts to manage containerized workloads. Since every container VM is backed by its own kernel, the existing security and compliance best practices translate directly to this new paradigm. The on-demand nature of vSphere Integrated Containers ensures that resources are never over provisioned and once a container has been deleted, the resources are recaptured.

vSphere Integrated Containers uses existing vSphere constructs to create a Virtual Container Host (VCH) that is compatible with standard Docker client tools and is backed by a pool of resources to accommodate applications. This resource pool leverages the vSphere resource pool construct in the backend that is elastic by nature. As a result, the vSphere admin has complete control over the amount of resources available to every VCH and is able to address multi-tenant use cases by provisioning an individual VCH per tenant.

By leveraging existing vSphere constructs to run containerized workloads, vSphere Integrated Containers can seamlessly leverage advanced technologies like NSX, VSAN and vRealize out of the box. This also allows for easy integration with the entire ecosystem of vSphere compatible products from various partners and our vast ecosystem. vSphere Integrated Containers provides developers the portability, speed, and agility of using enterprise-class containers, and provide IT Ops the management, security, and visibility they require to run containerized workloads in production.

vSphere Integrated Containers

vSphere Integrated Containers: Delivering the best of both worlds for IT and Developers

Learn more about vSphere Integrated Containers at http://www.vmware.com/go/vsphereintegratedcontainers

Rating: 5/5

Dec 09

What’s New in vSphere 6.5: vSphere Integrated Containers

Massimo Re Ferre posted December 9, 2016

Last year we introduced Project Bonneville. The idea behind it, at the high level, is that there is a strong parallel between the constructs Docker uses inside a Linux Docker host and the constructs ESXi uses as a hypervisor. In the final analysis what project Bonneville allowed you to do is to run a docker image as a VM on top of a hypervisor (as opposed to just as a container on top of a Linux host). This has the intrinsic advantage that you can operationalize Docker with the constructs you know and love.

One of the biggest problems IT is facing right now is that their internal customers are asking for “big Linux VMs” only to find out weeks later that they have deployed containerized applications inside those instances. IT has no idea of how to manage, monitor and secure those applications. The Bonneville approach fixes this problem by instantiating those applications as separate virtual machines. Maybe not cool, but very useful.

Fast forward 18 months, we are releasing (and fully supporting**) these technologies as part of vSphere.

Enterprise Plus customers have now the option of leveraging a feature of vSphere called vSphere Integrated Containers (VIC for short).

vSphere Integrated Containers is comprised of three different technologies. What makes them unique is that they are all open source. This means that you can just “consume” what we are building or you can also contribute (if you wish so) features that you may deem as necessary for your particular use case. These three technologies are discussed below.

Note that there is a video at the end of this post that will show these technologies in action. In the meanwhile, this is a 33.000 high level diagram of how these technologies relate to each other:


VIC Engine

This a complete rebase of project Bonneville. When the engineering team was tasked with the need to productize Bonneville they decided to re-write it and include a so called Portlayer. The Portlayer is an interface that exposes vSphere objects and services as containers primitives. On top of Portlayer you can have multiple different personalities. As part of the first announcement we have created a Docker personality (think about VIC Engine today as a Docker “façade” on top of vSphere).

The way you create this “façade” is pretty straightforward: as a vSphere admin you will use a tool called vic-machine (which is part of the VIC Engine binary) to deploy a Virtual Container Host (a vApp) on top of vSphere.

Inside the Virtual Container Host there is a small VM that acts as the Docker Endpoint. The IP of that VM is what the vSphere admin will hand over to the internal customers that need Docker. When the customer run “docker run –H busybox” the busybox docker image will be pulled from Docker Hub and it will be instantiated as a VM inside the Virtual Container Host vApp.

The VIC Engine Github repo is located here.


While one could see VIC Engine as being the core component of vSphere Integrated Containers, we soon realized that Enterprise customers were asking for more. Hence we decided to create a product that would do more than just mimic the behavior of a compatible Docker Engine.

For this reason, vSphere Integrated Containers also ships Harbor, an Enterprise Docker registry. For vSphere Integrated Containers deployments we have bundled it as a virtual appliance in OVA format. vSphere admins will grab the appliance and import it into the vSphere environment.

vSphere admins can then hand off its FQDN or IP address to their internal customers. They can then use the registry service provided by Harbor as a secure Docker registry instantiated inside the data center. Not only they will continue to push and pull to and from Docker Hub, but they now have the possibility to push and pull to and from a local registry.

Harbor is built on top of the open source Docker registry foundation and we added features that most Enterprise customer are asking for: LDAP/AD support, role based access control, a user interface and image replication to name a few.

If you are interested in understanding more about the internals of Harbor this is a good blog post from the engineering team that gets into some of the details.

This is the public Harbor repo on Github. For people that are interested in joining the Harbor community (as opposed to just use it as part of the supported vSphere Integrated Containers product), feel free to interact directly with the engineering team over there and/or submit PRs.


Admiral is an extension of vRealize Automation 7.2 and it adds container support to vRealize Automation. You can find additional information about it here.

However, given Admiral has been developed independently and can be instantiated standalone, VMware decided to add Admiral to the vSphere Integrated Containers product.

Given that with VIC Engine we are leveraging the very robust vSphere features to schedule “ContainerVMs” on top of hypervisor hosts, we are not leveraging all the capabilities that Admiral provides in a scenario where you are using Linux Docker hosts on top of which you instantiate containers. However, we leverage a lot of Admiral features in the context of vSphere Integrated Containers including providing a user interface for Virtual Container Hosts consumption and the capability of composing multi-container applications to be deployed as a single entity.

You can access the public Admiral Github repo here. As a reminder, Admiral is still considered Beta as part of vSphere Integrated Containers.

See vSphere Integrated Containers in action

Now that we talked about the technologies that comprise vSphere Integrated Conatiners, it is time to see them in action. This video shows how to use together the three technologies discussed above.

** Admiral has not been GAed yet so support for Admiral, as part of vSphere Integrated Container, is limited to the level of support we provide for Beta software.

Rating: 5/5

Dec 06

vSAN 6.2 Named Software-Defined Technology Category Winner For The CRN 2016 Product of the Year Award!

By Anita Kibunguchy

crn-products-of-the-year-2016-400.jpgThe Storage and Availability solutions team is excited to announce that vSAN 6.2 was named the overall winner in the Software-Defined Technology category for the CRN 2016 Products of the Year Awards! We are extremely humbled by this recognition and couldn’t be more proud of the team.

CRN’s annual Products of the Year Awards are given to standout products and services that represent best-in-breed technological innovation backed by a supportive channel partner program. For the first time, CRN did the judging a little differently. CRN editors selected five finalists among 17 technology categories and then asked solution providers to rate the products to determine a winner based on the subcategories of Technology, Revenue and Profit, and Customer Demand. The finalists and winners were originally selected from a survey that netted more than 5,000 responses. This captured real-world satisfaction among customers and partners.

About vSAN

vSAN 6.2 introduced key space efficiency features like deduplication, compression and erasure coding including Quality of Service (QoS) and Software Checksum. With vSAN’s fast pace of innovation, the storage and Availability Solutions team introduced vSAN 6.5 which GA’d on November 15, 2016 and introduced features like: 2-node direct connect which could save customers up to 20% per ROBO site, full-featured PowerCLI for scalability and ease of enterprise-class automation and support for next-gen hardware including large capacity drives with 512e support.

This rapid innovation, has led to rapid adoption of vSAN. We’re adding ~100 customers per week and this positive recognition is consistent with the customer feedback we’ve been getting from customers who have adopted vSAN 6.2. Yellow Pages Canada is one such customer who adopted vSAN all-flash to power their front end apps, search engines, BI and SQL databases and to support their mixed workload environments. Learn more about Yellow Pages Canada here:

To get started, you can download our HCI for Dummies Guide >

Test Drive vSAN by Taking a Hands-on Lab >

Rating: 5/5

Nov 15

VMware Announces General Availability of vSphere 6.5

Posted on November 15, 2016 by Martin Yip

vSphere 6.5 is here!

Today, we are excited to announce the general availability of VMware vSphere 6.5 along with new releases of other SDDC components: VMware vSAN 6.5, VMware vRealize Log Insight 4 and VMware vRealize Operations 6.4. Together, these products help IT more efficiently run, manage, and secure their applications both on- or off-premises.

vSphere 6.5 is the latest release of the industry-leading virtualization platform. As previously mentioned, this release of vSphere features several new capabilities and enhancements that addresses the challenges of digital transformation by delivering:

  • Dramatically simplified experience (Simplified and Streamlined architecture, Rest-based APIs, HTML5-based GUI)
  • Comprehensive built-in security (Secure Data, Infrastructure and Access)
  • Universal app platform for running any apps (vSphere Integrated Containers)

One more thing…

If the vSphere 6.5 release was not already compelling enough, vSphere 6.5 will also include the highly anticipated feature, vSphere Predictive DRS, that was featured as a Tech Preview at VMworld 2016. Predictive DRS is a game-changing new technology that leverages self-learning and predictive analytics provided by vRealize Operations. It learns your environment and based on usage patterns, preemptively rebalances your workloads in advance of upcoming demands and spikes. This ensures your applications remain performant and your workloads get all the resources they need. This is extremely useful in a wide variety of scenarios including applications that are latency sensitive or experience regular spikes in demand. Predictive DRS is just another example of how VMware continues to innovate and deliver value to you.

Things to Note

vSphere Integrated Containers, a feature that extends vSphere capabilities to run container workloads in vSphere environments, will be made generally available later this year.

For more details on the release please refer to the vSphere 6.5 announcement.

If you are interested in learning more about vSphere 6.5, there are several options:

Rating: 5/5

Oct 31

VMware Cloud Foundation – Technical Deep Dive

NOTE: This video is roughly 50 minutes in length so it would be worth blocking out some time to watch it!

Rating: 5/5

Oct 28

What’s New in VMware vSphere 6.5


VMware vSphere® 6.5 is the next-generation infrastructure for next-generation applications. It provides a powerful, flexible, and secure foundation for business agility that accelerates the digital transformation to cloud computing and promotes success in the digital economy. vSphere 6.5 supports both existing and next-generation apps through its
1) simplifed customer experience for automation and management at scale;
2) comprehensive built-in security for protecting data, infrastructure, and access; and
3) universal application platform for running any app anywhere. With vSphere 6.5, customers can now run, manage, connect, and secure their applications in a common operating environment, across clouds and devices.

This paper will discuss the new and enhanced features in vSphere 6.5 across various areas of technology.
For additional information, see VMware vSphere Documentation.

VMware vCenter Server

VMware vCenter Server® 6.5 has many new and innovative features. The installer has been overhauled, resulting in a new, modern look and feel. It is now supported on Microsoft Windows, macOS, and Linux operating systems (OSs) without the need for any plug-ins. With vSphere 6.5, the VMware vCenter Server Appliance™ has surpassed the Windows installable version. It offers the following exclusive features:

  • Migration Tool
  • Improved appliance management
  • Native high availability
  • Native backup and restore

There are also general improvements to vCenter Server 6.5, including the vSphere Web Client and the fully supported HTML5-based vSphere Client.



The installer has a built-in Migration Tool, providing easy access to the vCenter Server Appliance 6.5. This new version of Migration Tool provides several improvements over the recent vSphere 6.0 Update 2m release, including support for Windows vCenter Server 5.5 and 6.0. And VMware vSphere Update Manager™ is now part of the vCenter Server Appliance 6.5, which is especially valuable to customers that have been waiting to migrate to vCenter Server Appliance without managing a separate Windows server for vSphere Update Manager . For customers that have already migrated to the vCenter Server Appliance 6.0, the upgrade process will migrate vSphere Update Manager baselines and updates to the vCenter Server Appliance 6.5. During the migration process, the vCenter Server confguration, inventory, and alarm data are migrated by default. vSphere 6.5 provides improvements in data selections in three areas:

  • Confguration
  • Confguration, events, and tasks
  • Confguration, events, tasks, and performance metrics

Data is migrated from any database supported in vSphere 5.5 or 6.0 to an embedded vPostgres database. This applies to databases running embedded or remote Microsoft SQL, Oracle, or PostgreSQL databases.


Download a full What’s New in VMware vSphere 6.5 Technical White Paper.

Rating: 5/5

Oct 19

Introducing vSphere 6.5

Posted on October 18, 2016 by Charu Chaubal

Today, VMware announces vSphere 6.5, the latest version of its industry-leading virtualization platform. This new release of vSphere features a dramatically simplified experience, comprehensive built-in security, and a universal app platform for running any app.

vSphere 6.5 accelerates the customer transition to digital transformation and cloud computing by addressing key challenges:

    1. Environments growing increasingly complex,
    2. Growing IT security threats, and
    3. The need to support both existing and new apps and services.

Let’s take a look at some of the key capabilities.

Dramatically Simplified Experience

vSphere 6.5 elevates the customer experience to an entirely new level. It provides exceptional management simplicity, operational efficiency, and faster time to market.

vSphere 6.5 makes the vCenter Server Appliance the fundamental building block of a vSphere environment. The core vSphere architecture is built around this easy to deploy and manage approach that reduces operational complexity by embedding key functionality into a single location. Capabilities such as vSphere host management (with a fully integrated vSphere Update Manager), file-based backup and recovery, native VCSA high availability, and much more are now embedded in this new one-stop appliance model. Users can now be more efficient as there is no longer a need to interface with multiple components. Additionally, because everything is centralized, vCenter Server Appliance generates a tremendous amount of optimization and innovation, including an over 2x increase in scale and 3x in performance. Upgrading to this building block will be easier than ever before as users can now convert from their traditional Windows deployment into the new appliance model using the new vCenter Server Appliance Migration tool.


vCenter Server Appliance: The fundamental building block of a vSphere environment

In this release, vSphere 6.5 also takes an API-first approach to foster a more business-centric and highly agile environment. In a world where infrastructure as code is becoming a requirement rather than just nice to have, a programmable infrastructure layer is now essential. vSphere 6.5 introduces new REST-based APIs for VM Management that vastly improve both the user and partner experience by enabling finer control of virtual infrastructure for apps. You can now do much more with less lines of code with these new simple APIs.

The final component that allows vSphere 6.5 to deliver a simplified experience is the graphical user interface itself. The highly anticipated new HTML5-based vSphere Client provides a modern user interface experience that is both responsive and easy to use. Many customers have already experienced this vSphere Client as part of a Fling on VMware Labs, and thus far the response has been overwhelming positive.


HTML5-based vSphere Client: GUI that enables fast performance and cross-platform compatibility

Comprehensive Built-in Security

With increased threats, comprehensive built-in security becomes more critical than ever before. vSphere 6.5 natively provides secure data, infrastructure, and access at scale via its operationally simple, policy-driven model. Protecting all three areas is essential for digital transformation and the evolution of any given business.

To secure data, vSphere 6.5 offers a new VM-level disk encryption capability designed to protect against unauthorized data access. VMware’s approach is both universal and scalable, with the ability to encrypt any VM disk regardless of guest OS, and the ability to manage encryption at scale using the familiar vSphere storage policy framework. Combined with the new encrypted vMotion capability, vSphere can safeguard both data at-rest and data in-motion.

To assure the security of the underlying infrastructure, vSphere 6.5 also adds a secure boot model to protect both the hypervisor and the guest operating system. It helps prevent images from being tampered with and prevents the loading of unauthorized components.

vSphere 6.5 also delivers enhanced audit-quality logging capabilities that provide more forensic information about user actions. IT can now better understand who did what, when, and where if an investigation into anomalies or security threats requires it.

vSphere 6.5 is the core of a secure SDDC and works seamlessly with other SDDC products to provide a complete security model for infrastructure.


Comprehensive Built-in Security: Secure Data, Secure Infrastructure, and Secure Access

Universal App Platform

vSphere is a universal app platform that supports both traditional and next-generation apps. While these two worlds are vastly different, both require infrastructure with the scale, performance, and availability to meet key business objectives.

vSphere has always been pushing the limits on what apps it can support. Initially it was all about test/dev but then quickly expanded coverage business critical apps as well. Later, it included Desktop Virtualization and 3D graphics. Now we are seeing more modern apps being virtualized including Hadoop, Spark, Machine Learning, HPC and cloud native apps.

To run any app, vSphere 6.5 expands its workload coverage model by focusing on both scale-up and scale-out next-gen apps that are increasingly built using evolving technology building blocks, such as containers. In this release, VMware delivers vSphere Integrated Containers, the easiest way for vSphere users to bring containers into an existing vSphere environment. vSphere Integrated Containers delivers an enterprise container infrastructure that provides the best of both worlds for the developers and vSphere operations teams. Containers are now just as easy to enable and manage as virtual machines. No process or tool changes are required.

VMware vSphere Integrated Containers helps customers to transform their businesses with containers without re-architecting their existing infrastructure. It is comprised of three components – the Engine which provides the core container run-time, Harbor which is an enterprise registry for container images, and Admiral which is a portal for container management by dev teams. vSphere Integrated Containers enables IT operations teams to provide a Docker compatible interface to their app teams, running on their existing vSphere infrastructure and features tight integration with VMware NSX and VMware Virtual SAN to support best-in-class network automation and scale out, high performance persistent storage, respectively.

vSphere Integrated Containers

vSphere Integrated Containers: Delivering the best of both worlds for IT and Developers

vSphere 6.5 also lets you run apps from any cloud, including your data center or in public cloud environments. vSphere 6.5 is not only the heart of the Software-Defined Data Center, it’s also the foundation of VMware’s cloud strategy. vSphere 6.5 is available in both the private cloud and as a service through a public cloud. The newly announced VMware Cloud Foundation and VMware Cloud on AWS are both built on vSphere 6.5.

As the ideal platform for apps, cloud, and business, vSphere 6.5 reinforces the customer’s investment in VMware. vSphere 6.5 is one of the core components of VMware’s SDDC and a fundamental building block for VMware’s cloud strategy. With vSphere 6.5, customers can now run, manage, connect, and secure their applications in a common operating environment, across clouds and devices.

Learn More

This article only touched upon the key highlights of this release, but there are many, many more new features. To learn more about vSphere 6.5, please see the following resources.

Rating: 5/5

Oct 18

What’s New with VMware Virtual SAN 6.5

Introducing Virtual SAN 6.5

vSAN 6.5VMware Virtual SAN 6.5 is the latest release of the market-leading, enterprise-class storage solution for hyper-converged infrastructure (HCI). Virtual SAN 6.5 builds on the existing features introduced in 6.2 by enhancing automation, further reducing total cost of ownership (TCO), and setting the stage for next-generation cloud native applications.

Virtual SAN continues to see rapid adoption with more than 5000 customers utilizing the solution for a number of use cases including mission-critical production applications and databases, test and development, management infrastructures, disaster recovery sites, virtual desktop deployments, and remote office implementations. Virtual SAN is used by 400+ Fortune-1000 organizations across every industry vertical in more than 100 countries worldwide.

Let’s take a look at the new features included with Virtual SAN 6.5…

Accelerate Responsiveness

The Virtual SAN API and vSphere PowerCLI have been updated in this release. It is now possible to automate the configuration and management of cluster settings, disk groups, fault domains, and stretched clusters. Activities such as maintenance mode and cluster shutdown can also be scripted. This video demonstrates some of the capabilities of of the Virtual SAN API and PowerCLI: Creating a Cluster and Configuring Virtual SAN PowerCLI can be used to monitor the health of a Virtual SAN cluster. Health issue remediation and re-sync activities can be automated with this latest release.

20-50% Additional TCO Savings

Now that flash devices have become the preferred choice for storage, it makes sense to adjust the Virtual SAN licensing model to account for this change in the industry. All Virtual SAN 6.5 licenses include support for both hybrid and all-flash configurations. Please note, however, that deduplication, compression, and erasure coding still require Virtual SAN Advanced or Enterprise licenses. Adding support for the use of all-flash configurations with all licensing editions provides organizations more deployment options and the ability to take advantage of increased performance while minimizing licensing costs.

vSAN 6.5Virtual SAN supports the use of network crossover cables in 2-node configurations. This is especially beneficial in use cases such as remote office and branch office (ROBO) deployments where it can be cost prohibitive to procure, deploy, and manage 10GbE networking equipment at each location. This configuration also reduces complexity and improves reliability.

While we are on the subject of ROBO deployments, it is also important to mention a related Virtual SAN licensing change. previously did not support the use of all-flash Virtual SAN cluster configurations and the corresponding space efficiency features. A new license has been added with the release of Virtual SAN 6.5 and it is called >strong>Virtual SAN for ROBO Advanced. This new license includes support for using deduplication, compression, and erasure coding. Using these features lowers the cost-per-usable-GB of flash storage, which further reduces TCO. Organizations get the best of both worlds: The extreme performance of flash at a cost that is on par with or lower than similar hybrid solutions.

Increased Flexibility

Virtual SAN 6.5 extends workload support to physical servers and clustered applications with the introduction of an iSCSI target service. Virtual SAN continues its track record of being radically simple by making it easy to access Virtual SAN storage using the iSCSI protocol with just a few vSphere Web Client mouse clicks. iSCSI targets on Virtual SAN are managed the same as other objects with Storage Policy Based Management (SPBM). Virtual SAN functionality such as deduplication, compression, mirroring, and erasure coding can be utilized with the iSCSI target service. CHAP and Mutual CHAP authentication is supported.

Enable vSAN iSCSI target service

Enable vSAN iSCSI target service

Utilizing Virtual SAN for physical server workloads and clustered applications can reduce or eliminate the dependency on legacy storage solutions while providing the benefits of Virtual SAN such as simplicity, centralized management and monitoring, and high availability.

Scale To Tomorrow

Photon OS New application architecture and development methods have emerged that are designed to run in today’s mobile-cloud era. For example,“DevOps” is a term that describes how these next-generation applications are developed and operated. “Container” technologies such as Docker and Kubernetes are a couple of the many solutions that have emerged as options for deploying and orchestrating these applications. Cloud native applications naturally require persistent storage just the same as traditional applications. Virtual SAN is an excellent choice for next-generation cloud native applications. Here are a few examples of the efforts that are underway:

vSphere Integrated Containers Engine is a container runtime for vSphere, allowing developers familiar with Docker to develop in containers and deploy them alongside traditional virtual machine workloads on vSphere clusters. vSphere Integrated Containers Engine enables these workloads to be managed through the vSphere GUI in a way familiar to vSphere admins. Availability and performance features in vSphere and Virtual SAN can be utilized by vSphere Integrated Containers Engine just the same as traditional virtual machine environments.

Docker Volume Driver for vSphere enables users to create and manage Docker container data volumes on vSphere storage technologies such as VMFS, NFS, and Virtual SAN. This driver makes it very simple to use containers with vSphere storage and provides the following key benefits:

– DevOps-friendly API for provisioning and policy configuration.
– Seamless movement of containers between vSphere hosts without moving data.
– Single platform to manage – run virtual machines and containers side-by-side

Next-Gen Hardware Support

vSphere 6.5 and Virtual SAN 6.5 also introduce support for 512e drives, which will enable larger capacities to meet the constantly growing space requirements of today’s and tomorrow’s applications. New hardware innovations such as NVMe provide dramatic performance gains for Virtual SAN with up to 150k IOPS per host. This level of performance combined with the ability to scale up to 64 hosts in a single cluster sets the stage for running any app, any scale on Virtual SAN.

Visit Virtual SAN on vmware.com and VMware StorageHub for more details on this exciting new release of Virtual SAN.

To learn more about vSphere 6.5, please see the following resources.

@jhuntervmware on twitter

Rating: 5/5

Oct 18

What’s New in vSphere 6.5: vCenter Server

Posted on October 18, 2016 by Charu Chaubal
Today VMware announced vSphere 6.5, which is one of the most feature rich releases of vSphere in quite some time. The vCenter Server Appliance is taking charge in this release with several new features which we’ll cover in this blog article. For starters, the installer has gotten an overhaul with a new modern look and feel. Users of both Linux and Mac will also be ecstatic since the installer is now supported on those platforms along with Microsoft Windows. If that wasn’t enough, the vCenter Server Appliance now has features that are exclusive such as:

  • Migration
  • Improved Appliance Management
  • VMware Update Manager
  • Native High Availability
  • Built-in Backup / Restore

We’ll also cover general improvements to vCenter Server 6.5 including the vSphere Web Client and the .


vCenter Server Appliance Migration

vCenter Server Appliance Migration

Getting to the vCenter Server Appliance is no longer an issue as the installer has a built in Migration Tool. This Migration Tool has several improvements over the recently released vSphere 6.0 Update 2m release. Now, Windows vCenter Server 5.5 and 6.0 are supported. If you’re currently running a Windows vCenter Server 6.0, this is your chance to get to the vCenter Server Appliance using this Migration Tool. In vSphere 6.5 there is an improvement in the migration tool which allows for more granular selection of migrated data as follows:

  • Configuration
  • Configuration, events, and tasks
  • Configuration, events, tasks, and performance metrics

VMware Update Manager (VUM) is now part of the vCenter Server Appliance. This will be huge for customers who have been waiting to migrate to the vCenter Server Appliance without managing a separate Windows server for VUM. If you’ve already migrated to the vCenter Server Appliance 6.0 the upgrade process will migrate your VUM baselines and updates to the vCenter Server Appliance 6.5. During the migration process the vCenter configuration, inventory, and alarm data is migrated by default.

Improved Appliance Management

Another exclusive feature of the vCenter Server Appliance 6.5 is the improved appliance management capabilities. The vCenter Server Appliance Management Interface continues its evolution and exposes additional health and configurations. This simple user interface now shows Network and Database statistics, disk space, and health in addition to CPU and memory statistics which reduces the reliance on using a command line interface for simple monitoring and operational tasks.

vCenter Server Appliance Management

vCenter Server Appliance Management

vCenter Server High Availability

vCenter Server 6.5 has a new native high availability solution that is available exclusively for the vCenter Server Appliance. This solution consists of Active, Passive, and Witness nodes which are cloned from the existing vCenter Server. Failover within the vCenter HA cluster can occur when an entire node is lost (host failure for example) or when certain key services fail. For the initial release of vCenter HA an RTO of about 5 minutes is expected but may vary slightly depending on load, size, and capabilities of the underlying hardware.

vCenter Server High Availability

vCenter Server High Availability

Backup and Restore

New in vCenter Server 6.5 is built-in backup and restore for the vCenter Server Appliance. This new out-of-the-box functionality enables customers to backup vCenter Server and Platform Services Controller appliances directly from the VAMI or API, and also backs up both VUM and Auto Deploy running embedded with the appliance. The backup consists of a set of files that will be streamed to a storage device of the customer’s choosing using SCP, HTTP(s), or FTP(s) protocols. This backup fully supports vCenter Server Appliances with embedded and external Platform Services Controllers. The Restore workflow is launched from the same ISO from which the vCenter Server Appliance (or PSC) was originally deployed or upgraded.

vSphere Web Client

From a User Interface perspective, probably the most used UI is the vSphere Web Client. This interface continues to be based on the Adobe Flex platform and requires Adobe Flash to use. However, VMware has continued to identify areas for improvement that will help improve the user experience until it is retired. Through several outreach efforts over the past year we’ve identified some high-value areas where we think customers are looking most for improvements. This small list of high-impact improvements will help with the overall user experience with the vSphere Web Client while development continues with the HTML5-based vSphere Client:

  • Inventory tree is the default view
  • Home screen reorganized
  • Renamed “Manage” tab to “Configure”
  • Removed “Related Objects” tab
  • Performance improvements (VM Rollup at 5000 instead of 50 VMs)
  • Live refresh for power states, tasks, and more!
vCenter Server Web Client

vCenter Server Web Client

vSphere Client

With vSphere 6.5 I’m excited to say that we have a fully supported version of the HTML5-based vSphere Client that will run alongside the vSphere Web Client. The vSphere Client is built right into vCenter Server 6.5 (both Windows and Appliance) and is enabled by default. While the vSphere Client doesn’t yet have full feature parity the team have prioritized many of the day to day tasks of administrators and continue to seek feedback on what’s missing that will enable customers to use it full time. The vSphere Web Client will continue to be accessible via “http:///vsphere-client” while the vSphere Client will be reachable via “http:///ui”. VMware will also be periodically updating the vSphere Client outside of the normal vCenter Server release cycle. To make sure it is easy and simple for customers to stay up to date the vSphere Client will be able to be updated without any effects to the rest of vCenter Server.

Now let’s take a look at some of the benefits to the new vSphere Client:

  • Clean, consistent UI built on VMware’s new Clarity UI standards (to be adopted across our portfolio)
  • Built on HTML5 so it is truly a cross-browser and cross-platform application
  • No browser plugins to install/manage
  • Integrated into vCenter Server for 6.5 and fully supported
  • Fully supports Enhanced Linked Mode
  • Users of the Fling have been extremely positive about its performance
vSphere Client

vSphere Client


While we’ve covered quite a few features there are many more which will be covered in accompanying blog articles. We will also be following up with detailed blogs on several of these new features which will be available by the time vSphere 6.5 reaches General Availability.

We hope you are as excited about this release as we are! Please post questions in the comments or reach out to Emad (@Emad_Younis) or Adam (@eck79) via Twitter.

To learn more about vSphere 6.5, please see the following resources.

Rating: 5/5