VMware vSphere 8 — The Enterprise Workload Platform Announced!

by Christian Mohn · Read in about 7 min (1461 words)

VMware announces vSphere 8 — The Enterprise Workload Platform at VMware Explore US. The new release comes with a number of new features and enhancements. At the time of writing, no set General Availability date has been published, but look for it being available some time this fall.

Here’s a quick summary:

vSphere Distributed Services Engine #

Remember Project Monterey that was announced as a Tech Preview at VMworld 20201. Parts of that has now found its way into the core vSphere 8 offering.

Called the vSphere Distributed Services Engine, this enables the offloading of network servies to Data Processing Units (DPU).

This first version of enables offloading of NSX Services to a SmartNIC (DPU) using a new vSphere Distributed Switch version 8.0:

By offloading the processing of network traffic to a DPU instead of using the CPU, frees up resources that hosts and VMs can take advantage of, as well as help increase network performance. It will also enhance visibility and observability of the network traffic and provide better encryption, isolation and protection. See DPU-based Acceleration for NSX: Deep Dive (Youtube) for more details.

VMware vSphere with Tanzu #

vSphere now runs Tanzu Kubernetes Grid (TKG) 2.0, with the following enhancements:

  • Unified Tanzu Kubernetes Grid
  • Increased availability with Workload Availability Zones
  • Declarative cluster lifecycle with ClusterClass
    • Define It Once, Use It Many Times — This is an Upstream Kubernetes conformant ClusterAPI. Defines configuration and default installed packages for Tanzu Kubernetes clusters. ClusterClass is defined in the cluster deployment specification.
  • Customize PhotonOS or Ubuntu images
  • Pinniped Integration

Lifecycle Management #

Lifecycle Manager Images is the default option going forward.2

Warning

vSphere 8 is the last release where Lifeycle Manager baselines (vSphere Update Manager) is supported, only vSphere Lifecycle Manager (vLCM) images will be supported going forward.

  • Enhanced Recovery of vCenter
    • Recover vCenter without data loss.
      • Cluster state persists in ESXi hosts as a Distributed Key-Value Store (DKVS)
      • Distributed key-value store becomes the cluster source-of-truth
      • vCenter cluster state reconciles with the vSphere cluster during backup recovery

In short, this means that in a scenario where a host was added to a cluster after a vCenter backup was taken, and the vCenter is restored to that earlier backup the vCenter reconciles the cluster state with the state from the Distributed Key-Value Store (DKVS).

Other enhancements and news:

  • Staging Support
    • Stage update payloads in advance of remediation, without the need for maintenance mode
    • Reduces overall remediation time and time spent in maintenance mode per host
    • Less risk of remediation failure from live image transfer
    • Firmware payloads staged with Hardware Support Manager integration

  • Parallel Remediation
    • Remediate multiple hosts in parallel
    • Reduce the lifecycle operation time of a cluster
    • vSphere Administrator decides how many hosts will be remediated in parallel by placing the desired hosts into maintenance mode
      • It is my understanding that in vSAN enabled clusters, only one host will be allowed to remediate at a time to ensure that all data in a cluster remains available at all times.

  • vSphere Configuration Profiles

    • Configuration Management at scale — Future replacement for Host Profiles available as a Tech Preview in vSphere 8
      • A new desired-state model for all configuration options, with compliance drift monitoring. Remediates hosts back to desired state.
  • Standalone Host Support (API only)

  • VCG Listings for Hardware Security Modules feature support

  • DPU Support

Unified Management for AI/ML Hardware Accelerators #

  • Combine NIC and GPU devices
    • Share a common PCIe switch or a direct interconnect
    • Discovered at the hardware layer and presented to vSphere
    • Added to a virtual machine as a single unit
    • NVIDIA® support launching shortly after vSphere 8 GA

Next-Generation of Virtual Hardware Devices — Device Virtualization Extensions (DVX) #

  • New API for vendors to create hardware-backed virtual devices
    • Supports vSphere DRS and vSphere HA
    • Can support live migration using vSphere vMotion
    • Can support VM suspend and resume
    • Can support disk and memory snapshots

Guest OS & Workloads #

  • Virtual Hardware version 20
    • Latest Intel and AMD CPU support
    • Device Virtualization Extensions
    • Up to 32 DirectPath I/O devices

  • Guest Services for Application
    • vSphere Datasets
    • Application aware migrations
    • Latest guest operating system support

  • Performance and Scale
    • Up to 8 vGPU devices
    • Device Groups
    • High Latency Sensitivity with Hyperthreading

  • Virtual TPM Provisioning Policy
    • Choose between Copy or Replace when deploying VMs configured with vTPM devices
    • Copy will clone TPM secrets Replace will reset the vTPM device as new
    • ovftool support for vTPM device placeholder

  • Migration aware applications

    • Notify supported applications about migration taks, and let the application ackownledge that the migration can proceed
      • Use-cases
        • Time-sensitive applications
        • VoIP applications
        • Clustered applications

  • High latency sensitivity with hyper-threading

    • Virtual Machine vCPUs are scheduled on the same hyperthreaded physical CPU core

  • Simplified vNUMA configuration
    • Virtual NUMA topology and configuration is exposed to the vSphere Client
    • Configure virtual NUMA configuration during new VM creation
    • Edit CPU Topology settings of existing VM

  • vSphere DataSets
    • Share data between vSphere and a Guest OS
    • Data is stored and moves with the VM
    • Use-cases
      • Guest deployment status
      • Guest agent configuration
        • Perfect for things like SaltStack or similar.
      • Guest inventory management

vSphere Scalability #

Not much has changed as far as maximum configurations go, check the table below for details.

Tip

Always check configmax.vmware.com for updated information.

Compute ResourcevSphere 7 U3vSphere 8
vCPU per VM768768
Memory per VM24 TB24TB
vGPU per VM48
CPU per host896896
Memory per host24 TB24TB
Hosts managed by vLCM4001000
Hosts per cluster9696
VMs per cluster800010000
VMDirectPath I/O devices per host832

Enhanced DRS Performance #

Some updates has been done to the to Dynamic Resource Scheduling (DRS)

vSphere Memory Monitoring and Remediation v2 (vMMR2)

  • Supports Intel® Optane PMem
  • Better distribution of L3 cache prefetch data on DRAM and Pmem
  • Uses Memory Stats for better VM placement

Security #

There has also been some improvements when it comes to security in vSphere 8.

  • Improvements to Intel® Software Guard Extensions (SGX) 3
  • TLS 1.2 & Better Cipher suites are now default
  • Prevent Untrusted Binaries
    • Basically VMkernel.Boot.execInstalledOnly is now default, preventing untrusted binaries from running on an ESXi host without this setting being explicitly changed. As this is one of the most common ransomware attack vectors, this is a welcome change to the deaults.

Tip

Always check VMware vSphere 8 Security Configuration Guide for updated security information.

Closing Comments #

All in all vSphere 8 looks like a good incremental release, with a bunch of useful enhancements and new features.

There are no really huge game-changing features in the release, perhaps with the exception of the vSphere Distributed Services Engine. It is clear that we are moving more and more towards specialized silicon for specific tasks. GPU’s and DPU’s are gaining momentum! Truthfully we have had things like iSCSI and TCP Offloading (TOE) for a long time, but this goes beyond that. DSE enables software on the host to actively use the processing power of a DPU, much like what is done wth GPUs. Going forward I expect seeing more services move over to such a model, perhaps things like vSAN can use this technology as well, For now DSE does not support VMkernel ports, so at the time of writing this is not possible, but I’m sure that is something that is being actively worked on. Once we have VMkernel support on DPU’s, we might also see vCenter Management of non-ESXi hosts as well, for bare-metal (sic) workloads.

Specialized silicon for specialized workloads really makes sense to me, not everything needs to be x86 after all.

Other than that, this release feels like an evolutionary release — which makes a lot of sense. vSphere is still the defacto on-premises datacenter standard, and this continues to build on that. In my opinion the real news in vSphere 8 is really vSAN 8 and it’s new architecture model!.

Tip

Check core.vmware.com/vsphere for all the details, there should be info about vSphere 8 there already — if not, it’s right around the corner.

Resources #

Last updated 01. september 2022.

Footnotes #
Post last updated on September 1, 2022: Add more links to resources

About the author

Christian Mohn Profile Picture

Christian Mohn works as a Chief Technologist SDDC for Proact in Norway.

See his About page for more details, or find him on Twitter.

Sponsors