In June, VMware announced a major update to its VMware Cloud Foundation architecture, version 5.0. This update offers additional scalability, security, and several key enhancements aimed at meeting the requirements for IaaS infrastructures, simplifying the deployment of cloud services on-premises, and providing additional protection against cyber-attacks.
Let’s take a detailed look at what’s new in the major release of VMware Cloud Foundation (VCF) version 5.0.
The main components of VCF 5.0 are as follows:
The comparison with previous versions of VCF architectures looks as follows:
General improvements of the VCF platform
As a reminder, VCF is VMware’s premier end-to-end software infrastructure solution that includes components from VMware Aria Suite (formerly vRealize Suite), VMware vSphere Integrated Containers, VMware Integrated OpenStack, VMware Horizon, NSX and others running in on-premises, cloud or hybrid enterprise infrastructure managed by SDDC Manager.
The release of VMware Cloud Foundation 5.0 comes as a result of many months of development and testing. During this period, the latest versions of vSphere 8.0 Update 1a for workload management, vSAN 8.0 Update 1a for scalable storage, NSX 4.1 for networking solutions, and Aria Lifecycle Manager 8.10 for cloud infrastructure lifecycle management were tested.
Let’s take a look at what’s new in the updated VCF 5 architecture.
1. SDDC Manager improvements
VMware Cloud Foundation 5.0 includes a new feature called Isolated SSO Workload Domains that allows administrators to set up new workload domains using a single Single Sign On (SSO) instance. This scenario is useful for large enterprises that need to isolate their workloads, as well as for service providers who can allocate workload areas to different clients with their own SSO domains. Each isolated SSO domain is configured with its own instance of NSX. An additional benefit is that by configuring workload domains as stand-alone entities, you can also configure a separate identity provider (Active Directory or LDAP).
2. Workload Domain Scaling
For Workload Domain Scaling, the number of isolated workload domains has been increased from 15 to 25 within a single instance of VMware Cloud Foundation. Please note that workload domains configured to use the shared SSO management domain are still limited to a maximum of 15 domains. Additional scaling becomes possible through task parallelization to reduce the time required for adding workload domains to a VMware instance.
3. VMware Cloud Foundation Platform and Scaling Improvements
Looking at the new capabilities introduced in VMware Cloud Foundation 5.0, vSphere / vSAN platform and scaling improvements are the most anticipated feature requests from customers of VMware Cloud Foundation environments. It’s also important to highlight that upgrades to VMware Cloud Foundation 5.0 are direct, with the option to skip upgrades to VMware Cloud Foundation 4.3, 4.4, and 4.5.
4. SDDC Manager Context Aware Pre-Checks and Configuration Drift
The workflows built in VMware Cloud Foundation 5.0 ensure that the deployment is updated to the desired version in the correct order, starting with the management domain components.
In VMware Cloud Foundation 5.0, the SDDC Manager’s pre-checks have been enhanced to be context-aware, ensuring that the infrastructure stack is ready to accept the desired update. After installing or upgrading SDDC Manager to version 5.0, administrators can choose to update their VMware Cloud Foundation domains to the new target version of VMware Cloud Foundation 5.x (skipping releases if needed). This allows them to perform a pre-check for a specific VMware Cloud Foundation release or execute a ‘general upgrade readiness’ pre-check to ensure overall platform readiness.
In VMware Cloud Foundation 5.0, administrators can review any configuration changes introduced during the update to provide additional visibility and understanding of how the new features will impact their current deployments.
The components of the VCF 5.0 platform – Aria Suite (formerly vRealize Suite)
The new features of the Aria Suite (formerly known as vRealize Suite) provide additional scalability, security, and several key improvements aimed at meeting the requirements for IaaS infrastructures, simplifying the deployment of cloud services on-premises, and providing additional protection against cyber-attacks.
The Aria Suite lineup offers users five main enhanced products that are part of the VCF architecture:
The VCF 5 framework offers the following enhancements for each of the products:
- Aria Operations – The VMware Cloud Foundation implementation process has been simplified to provide users with a deeper understanding and context for managing VMware Cloud Foundation products. To help customers get a holistic view of all objects monitored by Operations, a multi-cloud dashboard has been added that displays all VMware and public clouds that users can monitor. It also provides summary information on what is happening in key objects associated with the cloud. Additionally, features such as enhanced “what-if” scenario planning and VMware cloud cost analysis can help customers analyze and compare the cost of all their objects and work on planning scenarios to optimize expenses.
- Aira Operations for Logs – The new release offers a complete 360-degree troubleshooting that combines metrics, logs and numerous integrations. The Webhooks page has been enhanced to provide a consistent workflow, such as alert definitions and reports. Log management tools for SaaS allow you to set up alerts that help you manage costs. Federated log management, content packs, and new APIs have also been introduced. Updated usage reports help you understand the amount of data that applications send to logs aiding in managing storage costs.
- Aria Operations for Networks – Here’s Auto Network Discovery, one of the powerful new features that can automatically discover devices such as switches, routers, and firewalls across your entire network using proven mechanisms. With this feature, a network administrator can easily determine how many devices are on the network, how to speed up the addition of devices and identify incomplete network paths. Improved network troubleshooting guides include new widgets, updated metric charts, and dependency tree actions such as filters and extensions. New network metrics for ESXi Host pNIC interfaces, as well as NSX-T Edge dataplane CPU cores, further improve troubleshooting.
- Aria Automation – The solution now supports custom and out-of-the-box actions that run on the same resource or deployment, improving efficiency and reducing time. The new plugin architecture brings even more features offered by cloud providers.
- Aria Suite Lifecycle Manager – This product now provides integration between Aria Suite products. You can configure log forwarding from other Aria Suite products. Users can enable or disable status checks for Aria Suite products. If the update fails, an automatic rollback feature is introduced to return the application to its previous working state.
Before automatic rollback from Aria Automation, a support bundle is automatically assembled and saved for troubleshooting purposes.
VCF 5.0 Platform Components – NSX
Let’s take a look at the main new functionality in VMware NSX 4.1:
Let’s look at all this in a little more detail:
- Networking and security improvements – VMware Container Networking with Antrea offers users signed images and binaries, as well as full enterprise support for the Antrea project. VMware Container Networking integrates with Kubernetes managed services to further enhance Kubernetes network policies. It also supports both Windows and Linux workloads on Kubernetes across multiple clouds. NSX 4.1 has new improvements in networking and container security that allow you to create firewall rules with a combination of virtual machines and Kubernetes objects. You can also create dynamic groups based on NSX tags and Kubernetes labels. This improves the usability and functionality of managing Antrea clusters with NSX.
- Better cyber attack defense with NDR functionality – Network Detection and Response (NDR) technology allows the security team to visualize attack chains by transforming huge amounts of network data into several large entities. NDR builds these visualizations by aggregating and correlating security events such as detected intrusions, suspicious objects, and anomalous network flows.
- Improved online diagnostics system – Here, predefined runbooks are available, which contain debugging steps to troubleshoot specific issues. These runbooks can be invoked via APIs, and they will initiate debugging steps using CLI, APIs, and scripts. After the debugging process, recommended actions for issue resolution will be provided, and artifacts generated during debugging can be downloaded for further analysis.
And, of course, the updated VCF 5 architecture includes updated versions of the vSphere 8.0 Update 1a platform for workload management and vSAN 8.0 Update 1a for creating resilient clusters. Exploring their new capabilities goes beyond the scope of this article, as there are so many of them. It’s important to understand that they represent a new level of infrastructure management and control compared to the previous generation of these products.
Conclusion
The VMware VCF 5.0 architecture represents a significant step forward compared to previous platform versions. In addition to the major enhancements in products such as vSphere, vSAN, NSX, Lifecycle Manager, and Aria infrastructure management components, numerous infrastructure improvements have been made, including Isolated SSO Workload Domains and Workload Domain Scaling. The management tool, VMware SDDC Manager 5.0, has also been significantly enhanced, working in conjunction with the updated Cloud Builder 5.0.
If you already have a deployed architecture of previous VCF versions, upgrading will provide you with a fully updated infrastructure based on the latest versions of VMware’s cutting-edge products.
And, of course, you should read the Release Notes of the relevant components included in the Bill of Materials (BOM) list of the VCF 5.0 architecture:
VMware vCenter Server Appliance
- VMware Skyline Health Diagnostics 4.0 – Simplifying VMware Infrastructure Monitoring and Troubleshooting
- Configuration Profiles in VMware vSphere 8 Update 1: Why Do We Need It and How Does it Work?