VMware vSphere 8 Update 1 Announced – New Features including OKTA
Not long now after the release of VMware vSphere 8 and great features like the VMware Cloud console, VMware has announced VMware vSphere 8 Update 1 with great new features that span security, automation, storage, and many others. In this overview, let’s look at VMware vSphere 8 Update 1 announced new features.
What is VMware vSphere 8.0 Update 1?
It is the latest release announced of the latest VMware vSphere 8.0 release, containing many great new features we will showcase below. With an “update” release, you don’t need new license keys. It is a standard update to your hypervisor that brings new features.
It is the best of the vSphere releases to date for running cloud-native and on-premises workloads. So, the upgrade will be worth it, especially with no additional licenses required.
vSphere Configuration Profiles
vSphere Configuration Profiles is a fully supported feature in vSphere 8 Update 1 that allows administrators to manage host configurations at a cluster level using a JSON document to set desired configurations, check compliance, and remediate non-compliant hosts.
With vSphere 8 Update 1, vSphere Configuration Profiles now support vSphere Distributed Switch configuration, providing greater flexibility and control. Note that vSphere Configuration Profiles does not support environments using VMware NSX.
Existing vSphere clusters can be transitioned to use vSphere Configuration Profiles, but Host Profiles cannot be attached to the cluster or hosts within the cluster once the transition is completed. Overall, vSphere Configuration Profiles provides a powerful tool for streamlining cluster configuration management and ensuring compliance with desired configurations.
vSphere Lifecycle Manager for standalone hosts
In vSphere 8, vSphere Lifecycle Manager (vLCM) supports standalone ESXi hosts managed by vCenter using vSphere APIs. With the release of vSphere 8 Update 1, standalone ESXi hosts now have full vSphere Client support to compose a desired image, remediate, check compliance, and more, making it possible to perform all vLCM functions on standalone hosts that were previously limited to vSphere clusters.
This includes staging and ESXi Quick Boot. Additionally, administrators can define custom image depots for standalone ESXi hosts, which is particularly useful for hosts located at the network’s edge.
By co-locating the depot with the ESXi host, remediation issues caused by poor or high-latency connections between remote ESXi hosts and vCenter can be avoided. With these enhancements, vSphere 8 Update 1 offers a comprehensive solution for managing standalone ESXi hosts with the same level of control and efficiency as vSphere clusters.
Host different GPU workloads on a single GPU
Previously, in vSphere, all NVIDIA virtual Graphics Processing Unit (vGPU) workloads on an ESXi host had to use the same vGPU profile type and GPU memory size. However, vSphere 8 Update 1 introduces a new capability that allows administrators to assign different vGPU profile types to NVIDIA vGPUs while keeping the GPU memory sizes the same.
This enables administrators to share GPU resources among different workloads effectively.
NVIDIA provides various vGPU profile types for different workloads, such as:
Profile type A for application streaming or session-based solutions
Profile type B for VDI applications
Profile type C for compute-intensive applications like machine learning
Profile type Q for graphical-intensive applications.
With these enhancements, vSphere 8 Update 1 offers a more flexible and efficient way of managing GPU resources for virtualized environments.
Supervisor services with Distributed Switches
With vSphere 8 Update 1, Supervisor Services are now available in addition to the VM Service when using the vSphere Distributed Switch networking stack. Supervisor Services are certified Kubernetes operators that offer Infrastructure-as-a-Service components and tightly-integrated independent software vendor services to developers.
They can be installed and managed on the vSphere with Tanzu environment, enabling their use with Kubernetes workloads. DevOps engineers can leverage the service APIs to create instances on Supervisors in their user namespaces when installed on Supervisors.
You can manage Supervisor Services through the vSphere Services platform from the vSphere Client, allowing you to manage their life cycle, install them on Supervisors, and perform version control.
A Supervisor Service can have multiple versions installed on Supervisors, but only one version can run on a Supervisor at a time. With these enhancements, vSphere 8 Update 1 provides a more efficient and powerful way of managing Kubernetes workloads in virtualized environments.
Bring your own image
The VMware VM Service has been improved to enable the use of custom VM images created by customers. Admins or DevOps personnel can initiate image build pipelines, which include support for CloudInit or vAppConfig.
To make these new VM templates available to the DevOps team, admins add them to a Content library. Then, the DevOps team creates a cloud-config specification, which configures the VM upon first boot. Finally, the team submits the VM specification along with the cloud-config to create and configure the VM.
VMware Skyline Health Diagnostics are built-in
It is easier than ever to deploy and manage VMware Skyline Health Diagnostics. A guided workflow embedded in the vSphere Client can be used to easily deploy the Skyline Health Diagnostics appliance and register it with the vCenter.
Skyline Health Diagnostics is VMware’s self-service diagnostic and health platform. It helps you Diagnose any failures or known issues and resolve issues.
It uses product logs, configuration information, and various other information to detect problems and provide recommendations in KB articles or steps to remediate.
Console for DevOps Engineers
DevOps users can now access virtual machine remote consoles for their deployed VMs using kubectl. A unique link is generated to provide access to the virtual machine console, which doesn’t require the user to have permissions to access the vSphere Client.
With the VM web console, a one-time-use time-limited URL is provided to the user, which remains valid for two minutes. A connection to the Supervisor Control Plane on port 443 is necessary to use the VM web console. This feature enables self-service debugging and troubleshooting of VMs, even when there is no network connectivity to allow for SSH.
vSphere Green metrics
vSphere 8.0 introduced new power consumption metrics that capture the power associated with virtual machine workloads. In vSphere 8.0 Update 1, this capability has been enhanced to provide better insights into the individual power consumption of each VM. The new metrics consider the VM’s size and provide more data for customers to aggregate the VM power consumption, enabling them to understand their workloads’ energy efficiency better.
IT admins can access power metrics for each of the VMs, while developers can retrieve the power metrics via an API interface. Application owners can also view their power consumption data in an aggregated format.
The VM Green Metrics include two types of power metrics: Static Power and Usage. Static Power is the modeled idle power of the VM, estimated as the base power required to keep a hypothetical bare-metal host with the same number of CPUs and Memory as the VM is powered on. Usage is a real measured power based on the VM’s active CPU and Memory utilization, derived from the host’s attached power meters (IPMI – Intelligent Platform Management Interface).
OKTA IdP support
The vSphere 8 Update 1 release comes with some significant security features, such as Okta identity federation support for vCenter and improvements to the ESXi Quick Boot feature.
With Okta support, vSphere users can benefit from modern cloud-based identity provider support for better identity management and multifactor authentication with vCenter Server, with the added benefit of federated identity, meaning that vSphere never sees the user’s credentials, enhancing security and compliance.
Quick boot for secure hosts
The ESXi Quick Boot feature, introduced in vSphere 6.7, is now compatible with hosts with TPM 2.0 enabled, allowing for secure boot and attestation processes that verify the host configuration, thus improving malware detection and preventing misconfigurations. With this enhancement, vSphere users can now benefit from faster restarts and secure boot features without choosing between the two.
Fault tolerance with TPM
This feature highlights the integration of virtual Trusted Platform Modules (vTPMs) in vSphere Fault Tolerance (FT) for guest operating systems. VMware vSphere FT provides continuous availability for applications with up to four virtual CPUs by creating a shadow copy of a virtual machine that mirrors the primary virtual machine. In conjunction with other great VMware tools, like vSphere Data Protection, vSphere vMotion, and vSphere cluster capabilities like vSphere HA, and DRS, Fault tolerance is a great solution for certain use cases.
This shadow copy is then used as a backup in the event of a hardware outage or failure, which helps prevent data loss and eliminate downtime. With vSphere 8 Update 1, VMs with vTPMs (virtual trusted platform module devices) can be replicated and protected, removing security tradeoffs and enabling applications to use vTPMs for features like Virtualization-Based Security, Secure Boot & OS attestation, and more. This integration is important for compliance with regulatory standards as well.
Enhancing Workload Performance with vSphere 8 Update 1
vSphere 8 was already equipped with a range of features that improved the performance of workloads with better utilization of flash devices, better network services, network traffic enhancements, replacement of device group concept in vSAN, etc.
With the introduction of vSphere 8 Update 1, VMware has taken a step further in meeting the ever-growing demand for high throughput and low latency required by modern distributed workloads.
Nvidia NVSwitch Support
As part of our ongoing partnership with NVIDIA, we have added support for their NVSwitch technology. This technology is designed for high-performance computing (HPC) and AI applications that require multiple GPUs to work in parallel. NVSwitch is ideal for applications that use more than two GPUs, allowing them to communicate at lightning-fast speeds. By supporting NVSwitch in vSphere 8 Update 1, administrators can create partitions of 2, 4 or 8 GPUs for virtual machines.
NVLink vs. NVSwitch
NVLink is the backend protocol for NVSwitch, with NVLink Bridge point-to-point connections used for linking 2 to 4 GPUs at very high bandwidth. NVSwitch is required when more than four GPUs need to be connected. Hopper architecture, which is used in NVLink, allows a pair of GPUs to transmit 450 GB/s bidirectionally for a total bandwidth of 900 GB/s. This is a significant improvement over PCIe Gen5 x16, which can transmit up to 64 GB/s.
NVLink and NVSwitch-capable systems can be managed using Vendor Device Groups and vGPU Profiles in vSphere 8. This allows administrators to handle these workloads without affecting day-to-day vSphere operations.
VM DirectPath I/O Hot-Plug for NVMe
vSphere 8 Update 1 supports hot-adding and hot-removing NVMe devices using vSphere APIs. Previously, adding or removing VM DirectPath IO devices required virtual machines to be powered off. However, to enable this feature, servers must be certified with the “PCIe Native Surprise Hot Plug certification”.
Release date April 2023
The initial availability of vSphere 8 Update 1 is anticipated to be released by sometime in April. The updated release model will result in general availability (GA release) being available shortly after based on the new release model (IA/GA).
VMware vSphere 8 Update 1 Resources
Read the official blog post from VMware here:
The new vSphere 8 Update 1 release new features include powerful new features that will help to take your vSphere environment to the next level of functionality and capabilities. VMware is aggressively releasing new vSphere releases with the new IA/GA model and the vSphere 8 Update 1 release is a great new version that is certainly worthy of an upgrade.