VMware vSphere 8 Update 3 Released New Features and Download
Today, VMware is announcing the release of VMware vSphere 8.0 Update 3, which will be available today as well. This is a massive release that contains many new features and capabilities in the platform, including embedded vsphere cluster service, reduced downtime updates, non workload maintenance evacuation, and more. It also is in conjunction with the release of VMware vSAN 8.0 Update 3 and VMware Cloud Foundation 5.2. Let’s take a look at the new features that are coming with this release.
Table of contents
- vSphere IaaS Control Plane
- Embedded vSphere Cluster Service
- Independent TKG Service
- Autoscaling for Kubernetes Clusters
- vSAN Stretched Cluster Support for TKG
- Automated Supervisor Certificate Rotation
- VM Service – VM Backup and Restore
- VM Service – VM Class Expanded Configuration
- Local Consumption Interface (LCI)
- Enhanced vSphere Lifecycle Management
- Hardware support
- GPU Enhancements
- Security Enhancements
- Storage Innovations
- Wrapping up
vSphere IaaS Control Plane
vSphere IaaS control plane. This is the new way to refer to vSphere with Tanzu. Just know these are talking about the same thing. Customers have long asked TKG service to be decoupled from vCenter. It is important as it can deliver asynchronous delivery of vCenter and the Kubernetes versions.
Embedded vSphere Cluster Service
New with vSphere 8.0 Update 3 is a vSphere Cluster Service that is embedded in ESXi itself. There will now be fewer VMs to run. You will only see 2 VMs per cluster, if the cluster is a two-node cluster or a 64-node cluster, there will only be 2.
Since it is embedded now into ESXi there will be no OVA push from vCenter and no storage footprint moving forward since it runs only in memory.
Independent TKG Service
vSphere 8 Update 3 separates the Tanzu Kubernetes Grid (TKG) Service from vCenter releases. This allows for asynchronous releases, which means you can have the latest Kubernetes versions. You can upgrade the TKG Service without needing to update the Supervisor or vCenter. It helps with a quicker rollout of new Kubernetes versions and the features that go along with the new releases.
TKG can be upgraded directly without having to upgrade management clusters or vCenter. Autoscaling is also being introduced. Worker nodes will be added automatically if there aren’t enough resources for the workload demand. There is a minimum version required, version 1.25.
Autoscaling for Kubernetes Clusters
The update improves Kubernetes cluster management by introducing autoscaling capabilities for worker nodes. This allows the system to scale down underutilized nodes and scale up when workloads increase. This helps to make sure you have optimal resource use and efficiency.
vSAN Stretched Cluster Support for TKG
vSAN 8.0 update 3 now includes stretched cluster support for active/active deployments. It helps utilize affinity and anti-affinity rules to make sure that VMs are placed in the best way possible. This improves data availability and resilience across geographically dispersed sites.
Automated Supervisor Certificate Rotation
vSphere now automates the rotation of expiring Supervisor certificates, which can be a pain to have to rotate manually. It helps reduce the manual steps needed before rotation and enhances security. This feature also has an alarm that alerts administrators only if the auto-renewal process fails.
VM Service – VM Backup and Restore
The VM service now includes the ability to backup and restore VMs that have been deployed using the VM service. It requires no changes to the backup tool. Backups can be down to the VM-level or the namespace. You would just reference the resource pool in vCenter.
Metadata has to be restored as part of the restore process. In the extra config fields it now includes the information needed for restore. There is an API available to register and resolve issues as well.
VM Service – VM Class Expanded Configuration
The interface has been updated to support the entire VM configuration. In the past it was limited in different static configurations and you had some customizations there. Now, you can configure VMs to use any class. Admins now have full granular control.
This change increases administrative control over VM hardware settings and helps with aligning with public cloud service models.
Local Consumption Interface (LCI)
The new Local Consumption Interface (LCI) for managing VMs and TKG clusters is now available locally. It provides a streamlined user experience, and supports complex deployments and automatic YAML generation, enhancing the operational efficiency of virtual environments.
Enhanced vSphere Lifecycle Management
vSphere 8 Update 3 has many new improvements to lifecycle management and makes sure that the environments are easier to maintain and more secure, with minimal downtime.
vSphere Configuration Profiles
The new vSphere Configuration Profiles enable administrators to manage and remediate configuration drifts across clusters effectively. It supports declarative cluster image lifecycle management and includes the ability to define and enforce configuration baselines. This helps ensure consistent settings across the infrastructure.
vSphere Lifecycle Manager with Dual DPU Support
The vSphere Lifecycle Manager now supports dual DPUs. This helps administrators to manage and remediate configurations in environments using dual Distributed Processing Units (DPUs). This feature allows for the configuration of active and standby DPUs. It also enhances network resilience and minimizes downtime during hardware failures or maintenance.
Reduced Downtime Updates
The update process for vCenter has been optimized to minimize downtime. The new migration-based update process allows VIadmins to quickly remediate security vulnerabilities with easy rollback capabilities if complications happen. This helps make sure that the systems are always running on the latest, most secure software without major disruptions.
vSphere Live Patch
vSphere Live Patch is a new feature that reduces the impact of patching by allowing hosts to enter a partial maintenance mode where VMs can remain running. This can happen in vSphere 8.0 Update 3 by loading and patching a new mount revision of the ESXi hypervisor without fully rebooting the system. This new process enables VMs to fast-suspend-resume and consume the patched mount revision almost instantly.
Enhanced Image Customization
The update introduces enhanced options for image customization. Administrators can now override vendor add-ons to maintain existing drivers. They can also remove third-party vendor add-on components, and manage VMware Tools and ESXi Host Client components much easier and more effectively. This customization improves supporting full-stack firmware updates with staging and parallel remediation capabilities in the new release.
Streamlined Cluster Image Definitions
The new enhancements allow for more streamlined definitions and management of cluster images. This includes support for declarative management of the full stack update process. It helps to make sure that all components that include firmware and drivers, are updated in synchronization across the entire cluster.
Maintenance without Workload Evacuation
The partial maintenance mode is a major new feature that allows VMs to continue running while disallowing migrations to and from the host and new VM creations on it. This capability can help during updates and patches to make sure of continuous availability and that services remain online.
Hardware support
There are many new hardware support features found in the new release of vSphere 8.0 update 3. Let’s take a look at those.
Dual DPU support
Now, there is high availability support with DPU configuration with vSphere distributed services engine. It provides high availability with active and standby states, brief interruption during failover and it does not fail back. The other DPU just becomes standby. This helps to protect environments in vSphere 8.0 Update 3 from DPU failure or loss of uplink.
The 2nd DPU can also be used for an additional distributed switch with a no failover configuration and full isolation between switches and DPUs. It provides 2X the offload capacity per host.
Intel® Xeon® CPU Max Series Support
Support for Intel Xeon CPU Max Series improves the performance of AI/ML workloads and addresses demands for high-performance computing (HPC) through built-in accelerators and high-bandwidth memory (HBM). This will result in a significant boosting of performance for computing intensive workloads and tasks.
GPU Enhancements
vSphere 8 Update 3 introduces multiple GPU profiles that allow different types of workloads to be placed on a single GPU. This helps to improve resources and enhance performance across applications.
You can also monitor the GPU resources at a glance in the cluster level GPU monitoring dashboard in vsphere 8.0 Update 3.
There is also simplified vGPU workload mobility with vSphere DRS settings for vGPU VMs.
Security Enhancements
vSphere 8 Update 3 brings about many new security enhancements designed to strengthen the protection of virtualized environments, streamline security management, and ensure compliance with industry standards. Here’s a detailed look at each of the security upgrades:
PingFederate Support in vSphere Identity Federation
vSphere 8 Update 3 introduces support for PingFederate. This helps to expand the choices with the Identity Federation capabilities. The Identity Federation allows vSphere to connect with multiple on-premises and cloud-based identity providers (IdPs). It helps integrate a more flexible and secure Single Sign-On (SSO) experience. It supports modern authentication protocols, including Multi-Factor Authentication (MFA). This helps to make sure your vSphere environment aligns with the security posture against unauthorized access.
TLS & Cipher Suite Profile Support
This update includes the ability to quickly configure and implement modern “best practices” for TLS ciphers directly through the vSphere API, PowerCLI, or configuration profiles. These enhancements help secure data in transit and make sure that communication between components uses the latest security standards. A system reboot is required to apply these changes, ensuring all components cleanly transition to the new security configurations.
Security Configuration Guides & Baselines
vSphere 8 Update 3 comes with updated security configuration guides and baselines that are easier to understand and implement. These guides now include coverage for vSAN services and map out differences between the Security Technical Implementation Guides (STIG) and Payment Card Industry (PCI) compliance requirements. Also, you have new scripts that are provided to help audit and remediate configurations.
Enhanced Security for Kubernetes
The release improves the security management of Kubernetes environments running on vSphere. It automates key tasks like the rotation of Kubernetes supervisor certificates. This automatic rotation helps make sure that certificates are always current and reduces the risk of outages due to expired certificates. If the auto-renewal process fails, an alarm notifies administrators to take action. This helps to protect against vulnerabilities.
Storage Innovations
vSphere 8 Update 3 introduces several new storage advancements that are set to improve flexibility, efficiency, and management of storage solutions in vSphere 8.0 Update 3. Here’s an in-depth exploration of each enhancement:
Support for vVols Stretched Storage Cluster
vSphere 8.0 Update 3 introduces initial support for vVols stretched storage clusters. This feature is critical for environments that need high availability across geographically dispersed data centers. It uses Active/Active storage configurations and includes VASA 6 specification support and VASA High Availability. The stretched storage capability makes sure that operations continue seamlessly even in the event of a site failure. This helps provide a strong disaster recovery solution.
UNMAP Support for vVols on NVMe Volumes
UNMAP command support has been added for vVols on NVMe volume. This process allows for space reclamation in the background without administrative intervention. It helps maintain storage efficiency and automatically optimizes space usage, which is particularly beneficial in dynamic environments where demands are changing often.
Microsoft WSFC Clustering Support on NVMeoF
vSphere 8 Update 3 adds support for vVols shared disks over NVMe over Fabrics (NVMeoF). This is required for Microsoft Windows Server Failover Clustering (WSFC) environments using NVMe. This support means you no longer need Raw Device Mappings (RDMs). It helps simplify the configuration and management of highly available clustered services.
Limiting UNMAP Operations
To prevent performance degradation during extensive UNMAP operations, vSphere 8 Update 3 allows administrators to define the maximum number of hosts that can send UNMAP commands at the same time. This is configurable per datastore and helps to make sure you always have optimal performance even during large-scale space reclamation tasks.
Enhanced Multi-Pathing with PSA Support
Path Selection Plugin (PSA) enhancements include support for Fabric Performance Impact Notification (FPIN). It informs vSphere about congestion issues on Fibre Channel networks. This capability helps to troubleshoot path issues and make sure that the healthiest available paths are used for data storage operations.
Faster time for Thin to EZT Disk Conversions
The process of inflating thin-provisioned disks to eager zeroed thick (EZT) has been majorly optimized. This enhancement reduces the time required for these operations. It also boosts performance on VMFS datastores in environments where disk format conversions are common due to changing performance or security requirements.
CNS CSI Storage Enhancements
Container Storage Interface (CSI) enhancements in vSphere 8 Update 3 include improved support for vSAN ESA File Service. It enables up to 250 file shares per vSAN environment. Also, it allows persistent volume (PV) migration across non-shared data stores within the same vCenter. This helps with flexibility and management of storage resources in containerized environments.
Wrapping up
PHeww!! That is a lot of new features that are included in VMware vSphere 8.0 Update 3. It seems like this update touches just about every aspect of vSphere and helps to bring improvements across the board. I really like the lifecycle improvements as well as the new integrated cluster services in ESXi 8.0 Update 3. The great thing about the new bits is we don’t have to wait, they are available today.
No other hypervisor is as enterprise-ready as ESXi and vSphere. All others are continuously playing catch-up and will continue to do so.
The best of breed remains best of breed.
Jeff,
I totally agree. I work with a lot of hypervisors just in testing and playing around. Each new release of vSphere shows why they are out front. The continually innovate. I am optimistic with this release that they haven’t been stifled from doing that with the Broadcom purchase. I think Update 3 will help convince some in the enterprise to stay where they are, even with the price increases. Now, time to update the lab to Update 3 🙂 As always Jeff, I really appreciate your comments and insights.
Brandon