On Feb 10th, 2022, VMware released VCF 4.4 with a new set of features and of course new software components in the Bill of Material(BoM). This new release brings a lot of new enhancements around lifecycle management, security, and NVIDIA AI Enterprise suite capabilities for AI/ML workloads. Before going into the details of new features, let’s look at the VCF 4.4 BoM. VMware vSphere 7.0 U3c, vSAN U3c, and NSX-T 18.104.22.168 are included in this software packaging. Besides the base SDDC software base, VCF 4.4 supports vRealize Suite 8.6.2 and Workspace ONE Access 3.3.6. So as you might expect the software releases packaged with VCF 4.4 are pretty up to date and more importantly Apache log4j is updated to 2.16 or 2.17 which addresses Log4j vulnerability.
Now let’s look at the highlights of new features and capabilities on VMware Cloud Foundation 4.4
Flexible vRealize Suite product upgrades
To me, it is the most important enhancement that was introduced with this new release. From VCF 4.4 with having vRealize Suite Lifecycle Manager (vRLSLCM) 8.6.2, customers can upgrade or deploy vRealize Suite components through vRSLCM. So for example if you need to upgrade vRealize Automation(vRA) to the latest release if it’s needed. One important thing to keep in mind is vRealize Suite Lifecycle Manager will only allow upgrades to compatible and supported versions of vRealize Suite components. Because of this from the next release of VCF, specific vRelaize Suite and Workspace ONE Access will not be listed in the software BoM.
Improvements to upgrade prechecks
When you want to upgrade VCF to a newer release, you should run a series of pre-checks before being able to start the upgrade. Even though the VCF pre-checks were comprehensive, we needed to check free space on SDDC Manager, and in some cases even VxRail Manager. From VCF 4.4, upgrade prechecks have been expanded to verify filesystem capacity and passwords. These improved prechecks help identify issues that you need to resolve to ensure a smooth upgrade.
In VCF 4.4 new activity log was introduced that captures all the VMware Cloud Foundation API invocation calls, along with user context. The new logs will also capture user logins and logouts to the SDDC Manager UI. Besides this, SSH service on ESXi hosts will be disabled by default, following the vSphere security configuration guide recommendation. This applies to new and upgraded VMware Cloud Foundation 4.4 deployments. After all, Apache Log4j Remote Code Execution and Apache HTTP Server vulnerabilities are also addressed.
SDDC Manager UI workflow to manage DNS and NTP configuration
From VCF 4.4, a guided workflow to validate and apply DNS and NTP configuration changes to all components in a VMware Cloud Foundation deployment.
Reduce SDDC Manager service CPU and Memory usage
With SDDC Manager 4.4, the overall SDDC Manager service resource usage is reduced and improves service stability in scaled deployments.
You can get more information from VMware Cloud Foundation 4.4 Release Notes and AI Ready Infrastructure with NVIDIA and VMware Cloud Foundation blog post.