Author: Sadaf

What’s New in vSAN 8U2

Sadaf

We have observed innovation, easy management, and supporting numerous features in every vSAN update. VMware announced vSAN 8U2, which contains new topology, features, and enhancements.

In this blog post, I will highlight the most crucial feature updates for Original Storage Architecture (OSA) and vSAN Express Storage Architecture (ESA) that come into three different categories:

  • Flexible Topologies – vSAN MAX Storage Cluster
  • Core Platform Advances – Support of vSAN File Services in ESA
  • Enhanced Management – ESA Prescriptive Disk Claim, Auto Policy Remediation

So let’s start with introducing vSAN’s new Disaggregated HCI offering known as vSAN MAX, which provides high performance, efficiency, and resiliency. This solution is based on vSAN ESA, and it is very easy to scale in an incremental fashion. So instead of adding compute and storage together, you can add more storage and provide multiple petabytes of capacity for a vSphere cluster. vSAN Max supports up to 360TB capacity per host, which means with a maximum of 24 nodes per cluster in vSAN MAX, you can provide 8.5-petabyte storage for vSphere clusters.

Continue reading “What’s New in vSAN 8U2”

What’s New vSphere 8 Update 1

Sadaf

In September 2022, an announcement was made about the release of vSphere 8 with new features and capabilities. Building on this momentum, the subsequent release of vSphere 8U1 brings new enhancements and improvements into three different categories of operating efficiency, elevated security, and supercharged workloads. So, by these pillars, customers can operate their infrastructure more efficiently, securely, and agile. So let’s start with the new enhancements in vSphere 8U1.

Operating efficiency

In vSphere 8, vSphere Configuration Profiles were introduced as a tech preview with some limitations of not supporting vSphere Distributed Switch and NSX. If you have not checked this functionality, read my blog post on what’s new in vSphere 8, which explains this functionality in more detail. But In vSphere 8U1, vSphere Configuration Profile is now fully supported and allows administrators to apply the homogenous configuration at the cluster level.

So you can set the desired configuration at the cluster level in JSON format and check the compliance of the hosts in the cluster; if they are not compliant, you can remediate the hosts to become compliant. But one point to remember, If the cluster has a Host profile attached to it, you will get a warning to remove the Host profile when you want to move to vSphere Configuration Profile. When you transition, you can no longer attach host profiles to the hosts within the cluster. vSphere Configuration Profiles now supports vDS configuration, and it can be activated when you create a new cluster, but environments with NSX still can’t use this technology.

Continue reading “What’s New vSphere 8 Update 1”

What’s New in vSAN 8 Update 1

Sadaf

On August 30, 2022, VMware announced vSAN 8 with a different architecture called vSAN Express Storage Architecture (ESA). You may have already heard about the significant performance improvement, increased network throughput, and enhanced scalability that ESA offers. However, VMware has continued to innovate. With vSAN 8 U1, additional features and capabilities have been added to both the original vSAN architecture (OSA) and ESA, providing even greater flexibility and efficiency. In this article, we will focus on the new features of vSAN 8 Update 1.

The new capabilities in vSAN 8U1 are categorized into four pillars: Disaggregation, Performance Enhancement, Ease of Use, and Cloud-Native Storage.

Continue reading “What’s New in vSAN 8 Update 1”

vSphere 8 – What’s New

Sadaf

I know many customers were waiting for the next release of VMware vSphere to realize the new capabilities and features. So there you go, Let’s check what’s new in vSphere 8!

VMware vSphere is the base solution on which most private cloud datacenters are running on. As VMware defines, vSphere 8 is the enterprise workload platform that brings the benefits of the cloud to on-premises workloads, supercharges performance through DPUs and GPUs, and accelerates innovation with an enterprise-ready integrated Kubernetes runtime.

In this post, I want to introduce the new and unique features that I found useful and interesting in vSphere 8.0!

Continue reading “vSphere 8 – What’s New”

My IT Journey!

Sadaf

I am thrilled to announce that I am starting a new position as a Senior Solution Engineer at VMware!

My name is Sadaf, I am originally Iranian, but I live in Sweden! I am a double VCIX, vExpert, and vSAN specialist with more than ten years of experience in Information Technology!

In this post, I want to share my journey with you, especially for women who want to start their career in IT but are hesitant because they are afraid of not being accepted or judged in this man-dominant field! I just forgot! Heh! I am also an expert at being judged and bullied but never get surrendered, thanks to my non-relevant bachelor’s! But you know what? I could do it, so can you!

I have studied Business Administration, but my path crossed with IT when I was on an internship about 12 years ago!

I was part of the sales engineering team responsible for helping customers get certified in the Information Security Management System(ISMS)/ISO 27001.

Continue reading “My IT Journey!”

Configure vSAN Stretched Cluster

Sadaf

vSAN Stretched cluster introduced in vSAN 6.1 and it brings high availability in an active-active fashion. In this architecture, ESXi hosts would be placed in two different physical locations and join together with high bandwidth low latency networking. But from a management perspective despite hosts being in two different sites they belong to one single vSAN Cluster and share their resources. So this solution can be used in environments where disaster avoidance is a critical matter. Because it gives you the ability to avoid disaster, or recover from a disaster by having two different physical sites that host your applications. So you need to group the hosts based on their physical locations and put them in two different fault domains.

Continue reading “Configure vSAN Stretched Cluster”

vSAN Deployment without existing vCenter Server

Sadaf

VMware vSAN is Software-Defined Storage(SDS) solution from VMware that is fully integrated into vSphere. To enable vSAN, we need to have a minimum of three ESXi hosts, and each host needs at least one cache disk and one capacity disk. The local disks of ESXi hosts should be formatted by VMFS. Since vSAN is a vSphere clustering feature, we should also have Center Server in place before start implementing it.

If you are a System Administrator or even a Solutions Architect, you might a face a challenge to build a vSAN Cluster with minimum ESXi servers without having a vCenter in place. In many green field environments, vCenter has not been installed and you want to keep ESXi’s disks intact and unformatted. In addition, there are some customers that want to build and manage vSAN Cluster in a separate vCenter and they do not have any additional ESXi host for vCenter deployment.

Continue reading “vSAN Deployment without existing vCenter Server”

NSX-T Distributed Firewall – Part 2

Sadaf

In the first part of NSX-T Distributed Firewall, I explained the importance of embracing NSX-T DFW. In this post, I review how you can create and apply firewall rules to implement Micro-segmentation. To create firewall rules, first you need to define a Policy section which basically contains one or more firewall rules. A policy in NSX-T DFW can be defined as stateful or stateless. In the case of being stateless, you need to define the rules in both directions. Otherwise, the reverse traffic is not allowed to pass. On the other hand, in the default stateful mode, when you define a rule it will apply bidirectionally.

Then you need to define the rules under the policy section which evaluates the criteria of a traffic flow. DFW rules determine whether the traffic should pass or get dropped based on the protocol and ports.

Continue reading “NSX-T Distributed Firewall – Part 2”

NSX-T FQDN/URL Filtering

Sadaf

NSX-T Distributed Firewall (DFW) is one of the most comprehensive solutions to provide micro-segmentation from layer 4 to layer 7. It can monitor all the East-West traffic on your virtual machines and build a Zero-trust model. To leverage the DFW, vNIC of virtual machines need to connect to NSX-overlay segment, NSX VLAN backed segments or vDS port group supported from vSphere 7.0. The benefit of using DFW is that firewall rules apply at the vNIC level of virtual machines. In this way, traffic does not need to traverse to a physical firewall to get identified if the traffic can pass or drop, which is more efficient. This article will focus on using DFW to enforce L7 (FQDN/URLs) filtering.

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRZKbXr1N2xyg1LZSgLbAcyotp7o28mhU6gnA&usqp=CAU

You can give internet access to a VM or a user who login to a VM by Identity Based Firewall or even take one step further and control which specific URL/URLs are allowed to get accessed.

Continue reading “NSX-T FQDN/URL Filtering”