VMware Cloud Foundation (VCF) 5.0, with additional scalability and security, as well as other key enhancements, is available now. Enhancements include addressing requirements for cloud-scale Infrastructure-as-a-Service (SaaS), simplifying deployment of on-premises clouds, and more protection against cyberattacks.
VMware Cloud Foundation (VCF) 5.0, with additional scalability and security, as well as other key enhancements, is available now. Enhancements include addressing requirements for cloud-scale Infrastructure-as-a-Service (SaaS), simplifying deployment of on-premises clouds, and more protection against cyberattacks.
VMware Cloud Foundation 5.0 Software Bill of Materials
VCF 5.0 is focused on delivering the latest versions of Software Defined Data Center (SDDC) Manager, VMware vSphere 8.0u1 for workload management, VMware vSAN 8.0u1 for scale-out storage, VMware NSX 4.1 for networking, and VMware vRealize LifeCycle Manager 8.10 (Aria) for cloud management.
VCF 5.0 SDDC Manager Enhancements
VMware Cloud Foundation 5.0 includes Isolated SSO Workload Domains, a new capability allowing administrators to configure new workload domains using a separate Single Sign On (SSO) instance. This will be useful for large enterprises needing workload isolation and for Managed Service Providers (MSPs) who can allocate workload domains to different tenants with their own SSO domains. Isolated SSO domains are each configured with their own NSX instance and provide the option to configure a separate identity provider (Active Directory or LDAP).
Isolated SSO Workload Domains and Workload Domain Scaling
Workload Domain Scaling also increases from 15 to 25 when using isolated workload domains within a single VCF. However, workload domains configured to use the shared management domain SSO are still limited to a maximum of 15 domains. The additional scaling is possible through parallelizing tasks, reducing the time to add Workload Domains within a VMware Cloud Foundation instance. Upgrades to VMware Cloud Foundation 5.0 are direct, customer-led skip-level upgrades from VMware Cloud Foundation versions 4.3, 4.4, and 4.5.
Direct Upgrades to VMware Cloud Foundation 5.0
SDDC Manager Context Aware Pre-Checks and Configuration Drift
SDDC Manager uses pre-checks to ensure the infrastructure stack is ready to accept the desired update. The workflows built within VMware Cloud Foundation 5.0 ensure deployment is updated to the desired VMware Cloud Foundation version in the correct order, starting with the management domain components.
With VCF 5.0, SDDC Manager pre-checks are context-aware. Once SDDC Manager has been installed or upgraded to version 5.0, admins can choose to update their VMware Cloud Foundation domains to a newer VMware Cloud Foundation 5.x target version (skipping releases as needed), so admins can run a pre-check against a specific VMware Cloud Foundation release or execute a “General Update Readiness” pre-check to ensure general readiness of the platform.
With VMware Cloud Foundation 5.0 SDDC Manager, administrators can view configuration changes that are set as part of the upgrade providing more visibility and helping admins better understand the new features and capabilities and the impact these may have on their deployments.
Note that not all solutions are available for VCF 5.0 downloads immediately. For example, Dell VxRail support for VCF 5.0 will be available soon, and certain greenfield or upgrade scenarios may also be delayed until a later date; review the VCF 5.0 release notes or contact your account team for additional information.
vSphere Updates
As part of the VCF 5.0 release, the software bill of materials that makes up Cloud Foundation was updated to include the latest versions of vSphere and vSAN. vSphere 8.0u1 (including ESXi and vCenter Server) and vSAN 8.0u1 include many new features and enhancements that Cloud Foundation 5.0 can leverage to improve the foundation of private cloud environments.
vSphere 8.0u1 includes several enhancements that VMware Cloud Foundation 5.0 leverages. With vSphere 8.0u1, workload domains receive enhanced operational efficiency, increased performance for higher-end AI/ML workloads, and elevated security across the environment.
vSphere 8.0u1 supports up to 32 devices in Passthrough mode to achieve better performance and increase available GPU resources. Additionally, vSphere 8.0u1 speeds up AI/ML application performance with support for NVIDIA NVSwitch (up to 900GB/s bidirectional speed with NVLink on Hopper), connecting up to 8 GPUs per host and up to 8 GPUs to the same VM.
Need scalability more than raw performance? vSphere 8 supports 8vGPUs per VM, and vSphere Distributed Resources Scheduler (DRS) now factors workload memory usage into placement decisions. DRS can now place workloads optimally by considering workload memory needs and factoring in DRAM & PMEM bandwidth and latency requirements.
Skyline Health Diagnostics, VMware’s self-service diagnostic platform, is integrated with vCenter Server. Skyline Health Diagnostics helps admins diagnose issues, resolve failures, and schedule and run health checks automatically. With vSphere 8.0u1, Skyline Health Diagnostics will be integrated with vCenter providing admins easier access. This integration will help save time and improve workload, ESXi, and vCenter availability in Cloud Foundation environments.
vSAN Enhancements
vSAN 8.0u1 introduces improvements to simplify day-to-day operations and enable support teams to resolve customer issues faster. While vSAN Express Storage Architecture is not currently supported in VMware Cloud Foundation 5.0, many other vSAN enhancements are available for Cloud Foundation customers.
The vSAN 8.0u1 Performance Service now includes high-resolution monitoring of performance metrics. Default collection intervals for performance metrics, previously rendered every minute, are directly collected every 30 seconds, allowing real-time performance analysis, simplifying monitoring, and accelerating the ability to troubleshoot.
The VM I/O Trip Analyzer has also been enhanced in vSAN 8.0u1, with new scheduling functionality that enables customers to schedule analysis on a VM: specifying the time of day, duration, and frequency. Running diagnostics programmatically allows greater and better data collection and can be critical to capturing temporary performance issues.
In vSAN 8.0u1, the vSAN Skyline Health module UX has been redesigned to include a new health dashboard providing customers with a simplified view of the health status of each cluster with an at-a-glance scorecard. The dashboard will bring awareness to any health issues, the areas of impact, and clear steps for resolution, while also providing quick access to additional resources, like relevant Knowledgebase.
Leveraging NSX Features
NSX 4.1.0 adds several new features and enhancements for virtualized networking and security, which can be leveraged within a VMware Cloud Foundation 5.0 deployment.
Summary of NSX 4.1.0 Highlights
- VMware Cloud Foundation 5.0 with NSX 4.1.0 support comes with platform enhancements such as multi-tenancy for networking resources and NAPP 4.0.1.1
- Project Antrea is a Kubernetes-native project that implements the CNI and Kubernetes Network Policy to provide network connectivity and security for pod workloads. NSX 4.1.0 introduces new container networking and security enhancements, allowing firewall rules to be created with a mix of VMs and Kubernetes Ingress/egress objects.
- Additional Layer 3 networking services are made available to the VMware Cloud Foundation Fabric through the deployment of inter-VRF routing.
- Improved online diagnostic system that contains debugging steps for troubleshooting specific issues.
Improved Networking and Security Enhancements
VMware Container Networking with Antrea offers users signed images and binaries, along with full enterprise support for Project Antrea. VMware Container Networking integrates with managed Kubernetes services to enhance Kubernetes network policies. It also supports Windows and Linux workloads on Kubernetes across multiple clouds.
NSX 4.1.0 introduces new container networking and security enhancements, allowing firewall rules to be created with a mix of VMs and Kubernetes Ingress/egress objects. Additionally, dynamic groups can be created based on NSX tags and Kubernetes labels, improving the usability and functionality of using NSX to manage Antrea clusters.
Users can leverage the ability to create firewall policies that allow and/or block traffic between different Virtual Machines and Kubernetes pods in one rule. A new enforcement point is introduced to include all endpoints, and the correct apply-to is determined based on the source and destination group member targets.
Better Defense Against Cyberattacks with NDR Functionality
As network attacks become increasingly common, it becomes increasingly important to leverage the newest security features. By deploying NSX 4.1.0 as part of VMware Cloud Foundation 5.0, new Distributed Firewall capabilities and new Network Detection and Response (NDR) features can be utilized.
Network Detection and Response technology enables the security team to visualize attack chains by condensing massive amounts of network data into a handful of “intrusion campaigns.” NDR achieves this visualization by aggregating and correlating security events such as detected intrusions, suspicious objects, and anomalous network flows.
With access to the entire network and endpoint technologies, VMware Contexa observes and evaluates every process running on an endpoint and every packet crossing the network. Enterprises of all sizes can rely on VMware Contexa to fully protect users, endpoints, networks, and workloads.
Improved Online Diagnostic System
Online Diagnostics provides predefined runbooks containing debugging steps to troubleshoot a specific issue. Troubleshooting playbooks or runbooks are steps or procedures followed to diagnose and resolve issues in a system or application. They are designed to provide a structured approach to troubleshooting and help ensure that issues are resolved quickly and effectively.
These runbooks can be invoked by API and will trigger debugging steps using the CLI, API, and Scripts. Recommended actions will be provided post-debugging to fix the issue, and the artifacts generated relating to the debugging process can be downloaded for further analysis. Online Diagnostic System helps to automate debugging and simplifies troubleshooting.
vRealize Suite Features
vRealize Operations (vROps) deliver predictive and proactive IT operations management for private, hybrid, and multi-cloud environments in a unified platform. VMware Cloud Foundation onboarding has been simplified to give users deeper views and context around management products for VMware Cloud Foundation. To get visibility of all the objects being monitored in vROps, the multi-cloud overview page lists all the VMware Cloud and public clouds available for users to monitor. Features such as What-if-scenario planning improvements and VMware cloud cost analysis can help customers analyze and compare costs for all their objects and run planning scenarios for cost optimization.
The scale of machine-generated data is massive, and vRealize Operations for Log Insights (vRLI) offers complete 360-degree troubleshooting that combines metrics, logs, and numerous integrations. The Webhooks page is enhanced to provide a consistent workflow, such as Alert definitions and reports. Logs provide cost management opportunities for SaaS and configure alerts to help manage billing costs. Other updates for SaaS include Federated log management, content packs, and new APIs.
vRealize Operations for Network Insights (vRNI) provide customers with a simple end-to-end network management tool to monitor data flow across the entire infrastructure securely. Network auto-discovery is one of the new features in vRNI, making it possible to automatically discover devices such as switches, routers, and firewalls across the entire network. Usability enhancements to Guided network troubleshooting include widgets for Troubleshooting information, updated metric charts, and dependency tree actions such as filter and extension. New networking metrics for ESXi Host pNIC interfaces and NSX-T Edge data plane CPU cores further enhance troubleshooting.
vRealize Automation (vRA) lets IT teams remove process inefficiencies through end-to-end automation. vRA now supports custom and out-of-box actions running on the same resource or deployment.
vRealize Suite Lifecycle Manager (vRSLCM) includes integration between vRealize Suite products. vRLI can perform log forwarding configuration from other vRealize Suite products to vRLI. Users can turn health checks on or off for vRealize Suite products in vRSLCM. If the vRA upgrade fails, an auto-revert feature reverts the appliance to its previous working state.
VMware Cloud Foundation 5.0 Product Page
Engage with StorageReview
Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | TikTok | RSS Feed
