,

VMware Horizon 7 version 7.5 is GA

Good to see VMware Horizon 7 version 7.5 is GA, several new features and enhancements within this release, categories below!

  • Horizon Connection Server
  • Horizon Agent for Linux
  • Horizon Agent
  • Horizon GPO Bundle
  • Horizon Client
  • Horizon JMP Server
  • Horizon 7 Security

Release notes here – https://docs.vmware.com/en/VMware-Horizon-7/7.5/rn/horizon-75-view-release-notes.html

Download here – https://my.vmware.com/group/vmware/info/slug/desktop_end_user_computing/vmware_horizon/7_5

,

So What’s New in VMware vSphere 6.7?

vSphere 6.7 has been officially released which is great, we’ve been running on 6.5 for a while now! I’ve listed out some highlights that interested me in this release.

Upgrades

First thing to check out the VMware HCL, VMware appears to have dropped support for several popular processors, checkout your hardware here

The HTML 5 Web Client

How we’ve been living with the flash web client for a while, personally I hate it and will do anything to avoid using, however we now have light at the end of the tunnel, the HTML 5 Web Client nearly has feature parity and I can use it for 95% of my tasks!

Suspend and Resume of vGPU Workloads

I’m a big fan of vGPU and what possibilities they enable, vGPUs have been around since vSphere 6.0, before the vSphere 6.7 release the VMs that used vGPUs were effectible glued to the host they were powered up on. vSphere 6.7,  you can suspend and resume a vGPU-enabled VM, which means you can suspend, vMotion and then resume. Hopefully with the next release of vSphere we’ll see live vMotions enabled.

Virtual Hardware Version 14

From what I can see version 14 adds support for Trusted Platform Module (TPM), NVDIMM, I/O Memory Management and Microsoft Virtual-based Security (VBS).

vCenter Appliance Backup

You can now set up a backup schedule to backup your the vCenter appliance configuration. You can also configure the retention of the backups.

Configuration Maximums

As usual VMware has uplifted the configuration maximums, see the table below for details;

Rather than display a huge table here, checkout the VMware tool here

ESXi Single Reboot

Two reboots during upgrades should be a thing of the past going forward!

ESXi Quick Boot

Firstly I need to note this feature is limited to specific vendors/hardware. This feature means the hypervisor can be restarted without going through the hardware boot process. This should mean patching and upgrades are completed much more promptly!

,

VMware vSAN 6.7 has landed!

I’m a big advocate of VMware vSAN and 6.7 is a massive release, VMware have added some much needed features! A quick overview below.

HTML5 User Interface

  • An interface which allowed full vSAN management with the familiarity of other VMware products.

vSAN ReadyCare

  • Providing real time health, support and remediation recommendations.

Enhanced Stretched Cluster Availability

  • Significant enhancements to logic regarding site failures among other enhancements.

Proactive Support via vSAN Support Insight

  • vSAN will proactively raise alerts before they become issues.

Disk Support

  • vSAN now supports 4Kn disk drives

Read more details here – https://www.vmware.com/uk/products/vsan/whats-new.html

,

VMware vSAN 6.5 – 2 Node with Direct Connect

VMware vSAN 6.5  now supports two vSAN data nodes directly connected using one or more crossover cables. This is useful for clients with no 10GbE switching!

In order for this to work a Witness VMkernel needs to run on an interface that can also reach the witness vSAN VMkernel interface for Metadata purposes, this would not be possible via the crossover cables for obvious reasons.

Now, how do you setup a Witness VMkernel?
Within a normal vSAN setup VMkernel ports are tagged to have “vsan” traffic via the vSphere Web Client. However in order to use a VMkernel for “Witness” traffic we have to dive into command line for the moment in 6.5.

To add a new interface with Witness traffic is the type, the command is:

  • esxcli vsan network ipv4 add -i vmkX -T=witness

Personally I design solutions with two 10GbE crossovers with an active/standby setup and run vMotion on the standby interface.

,

VMware Network Issue – ESXi 6.5 Dell R730 with Intel X710 VLAN

I recently deployed some Dell R730 servers with the Dell customised ESXi ISO and had a rather odd networking issue once VLANs were being tagged in the VMware platform;

  • Network connectivity was only working at a layer 2
  • Unable to ping the default gateway
  • The VM guests also had the issues above
  • Switch was also unable to ping the hosts

After some head scratching I decided to look at the drivers being used for the Intel X710 10GbE networking cards, the driver in use was i40en. After removing this driver using the command below, the host reverts to using the i40e(1.1.0) driver and the network connectivity was working and the VLANs tagged as expected.

  • esxcli software vib remove -n i40en

Now after some reading it would appear the correct driver to use for the Intel X710 card is i40e(2.06).

The correct process to fix this issue is;

  1. Install the updated i40e drivers.
  2. Uninstall the i40en drivers.
  3. Reboot the ESXi host. ESXi should now start using the newer i40e (2.06) drivers for the X710 nic.
,

VMware Announces Discontinuation of Third Party vSwitches

VMware has announced it will be discontinuing support for third party vSwitch support, this will impact vSwitches such as the Cisco Nexus 1000V, Cisco VM-FEX, HPE 5900v and IBM DVS 5000. You can read the VMware KB here.

The most recent version of vSphere 6.5 Update 1 does still support third party vSwitches and will be the last version to do so, all subsequent versions will have the vSwitch APIs removed!

Now for those users on the Cisco Nexus 1000V there is a migration tool which VMware provides to assist with migrations, you can find this here under the ‘Automation Tools and SDK(s)’ drop down.

I’m sure some users will be disappointed in VMware’s decision however the vSphere Distributed Switch is feature rich and should fulfill most users requirements.

 

,

VMware updates vSphere 6.5 to 6.5 U1

vSphere 6.5 Update 1 has been released and it contains some great improvements, fixes and removal of a feature!

vCenter

Several improvements to vCenter, I personally think the increases are for the up and coming VMware Cloud on AWS release.

  •  vSphere 6.0 Update 3 can now be to upgraded/migrated to vSphere 6.5 Update 1
  • vCenter Server scale has been greatly increased!
    • Maximum vCenter Servers per vSphere Domain: 15 (increased from 10)
    • Maximum ESXi Hosts per vSphere Domain: 5000 (increased from 4000)
    • Maximum Powered On VMs per vSphere Domain: 50,000 (increased from 30,000)
    • Maximum Registered VMs per vSphere Domain: 70,000 (increased from 50,000)
  • Full support for the vCenter Server Appliance installer on macOS Sierra (10.12)

vSan

vSAN 6.6.1 has been released bringing with it;

  • New capabilities involving Update Manager (VUM)
  • More sources for updates including firmware, drivers, and vSphere software

Switching

Important notice for anyone running 3rd party switches.

  • 3rd party switch support has been REMOVED, this means users using 3rd party switches such as the Cisco Nexus 1000V must migrate away before upgrading to 6.5 U1.
  • UPDATE – VMware has revised the notice about 3rd part switches explaining subsequent vSphere versions will have the third party vSwitch APIs completely removed and third party vSwitches will no longer work. Meaning vSphere 6.5 U1 is the last update to support 3rd party switches . More info here

Read more in VMware’s official blog post here

,

Ransomware

TO PAY OR NOT PAY THAT IS THE QUESTION…

Ransomware is fast becoming a big issue from startups to enterprise businesses. For those not familiar, Ransomware is malware that prevents access to users files by encrypting them and then demanding users pay a ransom through certain online payment methods (typically Bitcoin) to get a decryption key.

Recently a NHS trust in England had to shut down their infrastructure due to Ransomware and labelled it as a ‘Major incident’ meaning appointments were cancelled.

“A major incident has been called and all planned operations, outpatient appointments and diagnostic procedures have been cancelled for today and tomorrow. All adult patients (over 18) should presume their appointment/procedure has been cancelled unless they are contacted. Those who turn up will be turned away.”

Northern Lincolnshire & Goole NHS Foundation Trust

AVOIDING RANSOMWARE

cryptolocker-2-0
Demand Notice – CryptoLocker

The best way to avoid Ransomware is to make sure users keep their whits about them, often this Malware is sent via emails with infected or booby trapped documents. They need to ask themselves if they trust the sender, and the same applies when downloading documents, files and applications from the internet.

PREVENTION

firewall

Now this is a combination of good desktop security practice, anti virus, web proxy, disabling macros, email filtering, Intrusion prevention systems (IPS), Intrusion detection systems (IDS) ect….

The most import method of prevention is educating users to the dangers of opening suspect files!

BACKUPS, BACKUPS AND MORE BACKUPS!

backup-cloud-button

Something I cannot stress enough is good quality backups, taken often and tested! The best way to get back from a Ransomware incident is to simply restore the files, no messing around with Ransoms or trying to decrypt the data.

SHOULD I PAY?

 

happy businessman with heap of money

If there is absolutely no way of restoring your data then paying may well be your only option. Some companies have publicly revealed they have paid ransoms and gained access to their decryption key (examples here and here). Then there are those that have indeed paid and were not!

Should you decide to pay, bare in mind you’ll be likely to be targeted again as you have paid a Ransom!

My advice is not to pay and do your best to recover, experiences very, you’ll likely be targeted again and have no guarantee you’ll get your data back.

,

VMware vSAN 6.6 release

We’ve seen vSan evolving at a rapid pace, and now vSan 6.6 is here this evolution continues.

Highlights include

  • Secure Data with vSAN Data-at-Rest Encryption
  • Highly Available Management with the ESXi Host Client
  • Degraded Device Handling (DDH)
  • Intelligent Rebuilds
  • Capacity and Policy Pre-Checks

Lower TCO

  • Enhanced Stretched Clusters with Local Failure Protection
  • Site Affinity for Stretched Clusters
  • Cloud-friendly Networking with Unicast
  • vSAN Cloud Analytics
  • Easier Deployment and Configuration
  • Enhanced Health Monitoring
  • vRealize Operations Management Pack for vSAN

Read more here

,

VMware Horizon 7.1 is now GA!

VMware has made Horizon 7.1 generally available!

What’s New or updated in this release…

  • Instant Clones
  • Horizon Virtualization Pack for Skype for Business
  • Blast Extreme protocol
  • Hide Server and Domain Info
  • Logon Segments Breakdown Function
  • RDSH published applications
  • URL Content Redirection.
  • Integration with vRealize Orchestrator and vRealize Automation
  • Windows Server 2016 support

Read more here