Some good news today as VMware has released VMware Cloud Foundation 4.3. I know many folks who are running 4x and are keen on some of the updates in this release. Let’s see whats new.
The VMware Cloud Foundation team is proud to announce general availability of VMware Cloud Foundation 4.3, bringing forward the latest innovations in full stack Hyperconverged Infrastructure as a Hybrid Cloud Platform.
Some of the new features that are delivered with this release include vSphere 7.0 Update 2a with Tanzu. This is pretty exciting for those that want to get started with Kubernetes on their vSphere environment.
One thing to keep in mind if you are running VMware Cloud Foundation 3x, that in-place upgrades are not supported. But you can leverage VMware professional services to perform adjacent workload migrations, in which your workload is moved between a 3x and 4x environment in a side-by-side fashion.
What version of VMware Cloud Foundation are you running? Do you plan on upgrading to version 4.3? Are there any features that have you excited? Let me know on Twitter and thanks for reading.
A recent study by Principled Technologies has shown that you can get greater Kubernetes pod density on VMware with Tanzu than with bare metal Kubernetes with Ubuntu Linux. Including comparable and sometimes better performance.
PT found that 13,700 pods were supported by vSphere with Tanzu versus only 2,150 pods supported by a Red Hat OpenShift bare metal deployment on identical hardware.
On the Red Hat OpenShift deployment, PT stopped scaling up the pods when they started seeing worker node instability, at 2,150 pods. Red Hat documents a default of 250 pods but allows this to grow to a maximum of 500 via additional configuration. For this testing, PT increased the OpenShift pod limit to 500 using the configuration knobs.
On the vSphere with Tanzu platform, PT stopped scaling up the pods at 13,700 pods, when the memory utilization reached 95% to avoid performance deterioration. vSphere with Tanzu was not only able to reach 6.3 times the number of pods, but also did not suffer node instability issues.
My first thought was the cost savings that this could bring to your IT team. More pods on fewer machines means you are spending less on hardware and software licenses. I know this will appeal to many IT departments but don’t let that be your driving factor. Let savings be a secondary win for the team. Always focus on the business outcomes and ensuring you are delivering a service without any shortcuts.
Are you running vSphere with Tanzu? Have you experienced any cost savings as a secondary benefit? What are your thoughts on this report, do you agree or disagree? How large is your Tanzu deployment? Let me know on Twitter and thanks for reading.
It’s finally here – Project Monterey early access program. They announced this project at VMworld 2020 and it’s a re-architecture of VMware Cloud Foundation leveraging hardware accelerators (SmartNICs) to offload and improve performance and security. VMware is working with vendors like Intel, NVIDIA and Pensando and also server OEMs like Dell, HPE and Lenovo.
As the next milestone, we are happy to announce the launch of Project Monterey Early Access program. The Early Access program is a unique opportunity for participating customers to collaborate with VMware to test and validate their use cases in a VMware lab environment to solve real customer pain points. As part of this program, customers and VMware together will set goals and expectations. The duration for the program is expected to last between 4-6 weeks on the average. A core support team comprised of subject matter experts and program managers will guide customers through their Early Access program journey.
The Project Monterey Early Access program will offer select customers the opportunity to help shape cutting edge data center technologies that will form the foundation for next generation of applications and workloads. Please reach out to your VMware sales team or representative to learn more about how you can participate in the Project Monterey Early Access program.
I see several benefits to taking part in this early access program:
If you have a greenfield deployment planned, this is a great way to consider SmartNICs for your new architecture. It’s also a way to confirm and validate that you have thought through different aspects of the new deployment. If you currently use any of the hardware partners that have been identified to support this new technology, you will go into production with confidence. This should give the IT management team a level of comfort before making any major purchases.
This is a good way to get the IT team familiar with the new technology and how it behaves. Your traditional way of looking at metrics and performance may change, so it’s nice to get a handle on that early. It’s also a good way to find out how your disaster and recovery plans will work with this new technology injected into your technology stack.
If you have a brownfield deployment or want to retrofit your current gear, this is a nice way to validate if this technology can work for you. This is likely the deployment that will be most challenging and it is good to have the team from VMware working alongside you.
I know if mentioned it in the greenfield deployment option, but don’t forget to always consider your disaster recovery site. I know this can sometimes get overlooked, but it’s important to factor into the costing and design.
Will you be joining the Project Monterey Early Access program? Would you be considering this for a greenfield or brownfield environment? Let me know on Twitter and thanks for reading.
VMware has released security advisory VMSA-2021-0010 which is pretty important and rated as critical so please take note. This affects VMware vCenter Server and VMware Cloud Foundation. These exploits center around vCenter which is a key component of the virtualization infrastructure. Take action on these patches as soon as you can.
This advisory affects product versions 6.5, 6.7 and 7.0 of vSphere including Cloud Foundations 3.x and 4.x.
The VMSA outlines two issues that are resolved in this patch release. First, there is a remote code execution vulnerability in the vSAN plugin, which ships as part of vCenter Server. This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of whether you use vSAN or not.
Second, improvements were made to the vCenter Server plugin framework to better enforce plugin authentication. This affects some VMware plugins, and may also cause some third-party plugins to stop working. VMware partners have been notified and are working to test their plugins (most continue to work), but there may be a period after updating when a virtualization admin team may need to access backup, storage, or other systems through their respective management interfaces and not through the vSphere Client UI. If a third-party plugin in your environment is affected, please contact the vendor that supplied it for an update.
This should highlight how important patching your infrastructure is. I know it can be hard at times to find change windows for patches but let’s be honest, we all have that one server (OK maybe more than one) that has been running for 2+ years and never been patched. You don’t want to want to be that person to reboot the server and find out that it has stopped working. So I understand the hesitancy, but keeping these systems updated is the only way to stay out of the news.
I’d suggest working with your security team and set up a bi-weekly meeting regarding patches and updates. For those weeks when you don’t have a meeting, send out an email with a weekly summary, so there are no air gaps. Taking the lead on this will show your management team you take security seriously and it will also show your leadership skills.
If you can ask your management team for a small-scale test environment where you can apply patches and test scenarios before they become a real problem. Be proactive in how you handle this.
Go get those systems patched. Do you have an established method for updates and patches? Do you work closely with others teams in bringing systems into compliance? Any software you have used recently that has made this task easier for you? Let me know on Twitter and thanks for reading.
Today we are excited to announce the immediate availability of the vSphere Virtual Machine Service (VM Service). Included in the vSphere 7 Update 2a release, the VM Service enables Kubernetes-native provisioning and management of virtual machines, for developers running modern apps on vSphere with Tanzu. The VM Service allows a developer (or any DevOps, platform operations, or Kubernetes user) to deploy and manage virtual machines using Kubernetes standard APIs, while simultaneously allowing the IT administrator to govern resource consumption and service availability.
VMware is trying to make the vSphere environment familiar to developers. Giving them the confidence to deploy their applications using the toolset they work in everyday. I think this is a great move as it distributes ownership across different teams, allows developers to self-provision and deploy VMs as needed.
Is this something you think you will be using? Are you using it already? What has your experience been like so far? Let me know on Twitter and thanks for reading.