vSAN

What is new for Virtual SAN 6.5?

Duncan Epping · Oct 18, 2016 ·

As most of you have seen by the explosion of tweets, Virtual SAN 6.5 was just announced. Some may wonder how 6.5 can be announced so fast after the Beta Announcement, well this is not the same release. This release has a couple of key new features, lets look at those:

Virtual SAN iSCSI Service
2-Node Direct Connect
- Witness Traffic Separation for ROBO
512e drive support

Lets start with the biggest feature of this release, at least in my opinion, Virtual SAN iSCSI Service. This provides what you would think it provides: the ability to create iSCSI targets and LUNs and expose those to the outside world. These LUNs by the way are just VSAN objects, and these objects have a storage policy assigned to them. This means that you get iSCSI LUNs with the ability to change performance and/or availability on the fly. All of it through the interface you are familiar with, the Web Client. Let me show you how to enable it:

Enable the iSCSI Target Service
Create a target, and a LUN in the same interface if desired
Done

How easy is that? Note that there are some restrictions in terms of use cases. It is primarily targeting physical workloads and Oracle RAC. It is not intended for connecting to other vSphere clusters for instance. Also, you can have a max of 1024 LUNs per cluster and 128 targets per cluster at most. LUN capacity limit is 62TB.

Next up on the list is 2-node direct connect. What does this mean? Well it basically means you can now cross-connect two VSAN hosts with a simple ethernet cable as shown in the diagram in the right. Big benefit of course is that you can equip your hosts with 10GbE NICs and get 10GbE performance for your VSAN traffic (and vMotion for instance) but don’t incur the cost of a 10GbE switch.

This can make a huge difference when it comes to total cost of ownership. In order to achieve this though you will also need to setup a separate VMkernel interface for Witness Traffic. And this is the next feature I wanted to mention briefly. For 2-node configurations it will be possible as of VSAN 6.5 to separate witness traffic by tagging a VMkernel interface as a designated witness interface. There’s a simple “esxcli” command for it, note that <X> needs to be replaced with the number of the VMkernel interface:

esxcli vsan network ip set -i vmk<X> -T=witness

Then there is the support for 512e drives, note that 4k native is not supported at this point. Not sure what more to say about it than that… It speaks for itself.

Oh and one more thing… All-Flash has been moved down from a licensing perspective to “Standard“. This means anyone can now deploy all-flash configuration at no additional licensing cost. Considering how fast the world is moving to all-flash I think this only makes sense. Note though that data services like dedupe/compression/raid-5/raid-6 are still part of VSAN Advanced. Nevertheless, I am very happy about this positive licensing change!

Hyper-Converged is here, but what is next?

Duncan Epping · Oct 11, 2016 ·

Last week I was talking to a customer and they posed some interesting questions. What excites me in IT (why I work for VMware) and what is next for hyper-converged? I thought they were interesting questions and very relevant. I am guessing many customers have that same question (what is next for hyper-converged that is). They see this shiny thing out there called hyper-converged, but if I take those steps where does the journey end? I truly believe that those who went the hyper-converged route simply took the first steps on an SDDC journey.

Hyper-converged I think is a term which was hyped and over-used, just like “cloud” a couple of years ago. Lets breakdown what it truly is: hardware + software. Nothing really groundbreaking. It is different in terms of how it is delivered. Sure, it is a different architectural approach as you utilize a software based / server side scale-out storage solution which sits within the hypervisor (or on top for that matter). Still, that hypervisor is something you were already using (most likely), and I am sure that “hardware” isn’t new either. Than the storage aspect must be the big differentiator right? Wrong, the fundamental difference, in my opinion, is how you manage the environment and the way it is delivered and supported. But does it really need to stop there or is there more?

There definitely is much more if you ask me. That is one thing that has always surprised me. Many see hyper-converged as a complete solution, reality is though that in many cases essential parts are missing. Networking, security, automation/orchestration engines, logging/analytic engines, BC/DR (and orchestration of it) etc. Many different aspects and components which seem to be overlooked. Just look at networking, even including a switch is not something you see to often, and what about the configuration of a switch, or overlay networks, firewalls / load-balancers. It all appears not to be a part of hyper-converged systems. Funny thing is though, if you are going on a software defined journey, if you want an enterprise grade private cloud that allows you to scale in a secure but agile manner these components are a requirement, you cannot go without them. You cannot extend your private cloud to the public cloud without any type of security in place, and one would assume that you would like to orchestrate every thing from that same platform and have the same networking / security capabilities to your disposal both private and public.

That is why I was so excited about the VMworld US keynote. Cross Cloud Services on top of hyper-converged leveraging all the tools VMware provides today (vSphere, VSAN, NSX) will exactly allow you to do what I describe above. Whether that is to IBM, vCloud Air or any other of the mega clouds listed in the slide below is even besides the point. Extending your datacenter services in to public clouds is what we have been talking about for a while, this hybrid approach which could bring (dare I say) elasticity. This is a fundamental aspect of SDDC, of which a hyper-converged architecture is simply a key pillar.

Hyper-converged by itself does not make a private cloud. Hyper-converged does not deliver a full SDDC stack, it is a great step in to the right direction however. But before you take that (necessary) hyper-converged step ask yourself what is next on the journey to SDDC. Networking? Security? Automation/Orchestration? Logging? Monitoring? Analytics? Hybridity? Who can help you reach full potential, who can help you take those next steps? That’s what excites me, that is why I work for VMware. I believe we have a great opportunity here as we are the only company who holds all the pieces to the SDDC puzzle. And with regards to what is next? Deliver all of that in an easy to consume manner, that is what is next!

Running your VSAN witness for a 2 node cluster on a 2 node cluster

Duncan Epping · Sep 20, 2016 ·

A week ago we had a discussion on twitter about a scenario which was talked about at VMworld. The scenario is one where you have two 2-node clusters and for each 2-node cluster the required Witness VM is running on the other. Let me show you what I mean to make it clear:

The Witness VM on Cluster A is the witness for Cluster B, and the Witness VM on Cluster B is the witness for Cluster A. As it stands today this is not a supported configuration out of the box. For ongoing support, it is required that users go through the RPQ process so VMware can validate the design. Please contact your VMware representative for more details.

A knowledge base article should be published on this topic soon, if and when it is published I will update this post and point to it.

Sharing VMworld slides

Duncan Epping · Sep 7, 2016 ·

I know the VMworld team will share them as well over time, but I figured I would do the same thing through my blog. Here are two decks. First deck is the deck for “VMworld – sto7650 -Software defined storage @VMmware primer”. This session I presented with Lee Dilworth. I presented VSAN and Lee did the VVol and VAIO section. Second deck is the deck for “VMworld 2016 – INF8036 – enforcing a vSphere cluster design with PowerCLI automation” which I presented with Chris Wahl. I added the youtube video that the VMworld team shared to the second deck as well. Hope you folks find it useful.

download / comments for “sto7650 -Software defined storage @VMmware primer”

download / comments for “INF8036 – enforcing a vSphere cluster design with PowerCLI automation”

download / comments for “INF7875 – A day in the life of a VSAN IO.”

Taking VSAN to the next level, join the VSAN beta!

Duncan Epping · Sep 5, 2016 ·

In 2013 VSAN saw the day of light, the beta was released. Now 3 years later you have the opportunity to once again sign up and help improve our product. Over the last couple of years we have seen many new features introduced, so you may wonder what is left. There will be various enhancements in this release, but we are in particular looking for feedback on the following 3 features:

Software data-at-rest encryption
Local Protection for Stretched Clusters, for two-layer protection of stretched clusters: across sites and locally
New operational management enhancements (Health checks from vCenter, monitoring networking stats, and more)

I think most of these speak for itself, with regards to the Local Protection for Stretched Clusters, it basically allows you to protect your data within a site and across sites at the same time in a stretched cluster. In other words: RAID-1 across site and then RAID-1, 5 or 6 within a site. Something I am very excited about personally.

I don’t know how many people will be accepted for the beta, but if I find out I will report back. Sign up now: vmware.com/go/virtual-san-beta. PS: remember, these capabilities are still under development, are subject to change without notice and there is no guarantee of future availability.