VMworld 2021 Updates and Announcements

VMworld 2021 Updates and Announcements

Introduction

VMware CEO Raghu Raghuram opened VMworld 2021 by highlighting that “it’s no longer about a ‘cloud first’ approach—it’s about being ‘cloud smart’. Organisations should have the freedom to choose the ’right’ cloud, based on their strategic business goals.” To this end, “Multi-cloud is the digital business model for the next 20 years, as entire industries reinvent themselves.”

Multi-cloud doesn’t just mean deploying applications across 2 or 3 of the major hyperscalers. It’s about building a more diverse set of applications, and selecting the cloud for that application based on the needs of the business. The challenge is that each cloud has its own siloed tooling, making it difficult to manage, connect, and secure applications. With data centres being transformed into private clouds, public cloud services, and applications being pushed out to the edge, a consistent approach to infrastructure with secure connectivity and access is needed.

Raghu set out the power of ‘and‘, promising customers freedom and control, by prioritising developer autonomy and DevSecOps efficiency, enterprise apps on any cloud and full control with cost savings, anywhere access for employees and world-class security. This vision is delivered through VMware Cross-Cloud Services; a family of multi-cloud services to build, run, and secure applications across any cloud. VMware Cross-Cloud Services enables innovation through 5 core building blocks:

  • VMware Tanzu: a state of the art platform for building and deploying cloud-native applications
  • VMware Cloud: cloud infrastructure for operating, running, and modernising enterprise applications
  • VMware vRealize Cloud: cloud based management for monitoring and managing the performance and cost of applications across difference clouds
  • VMware Carbon Black Cloud and VMware NSX Cloud: security and networking spanning multi-cloud operations to connect and secure all applications
  • VMware Workspace ONE and VMware Edge Compute Stack: an anywhere workspace to empower the distributed workforce, along with edge solutions to deploy and manage edge-native applications

The key benefits of VMware Cross-Cloud Services are speed; accelerating the journey to cloud, spend; making big gains in cost efficiency, and freedom; cross-cloud choices for maximum flexibility.

Continuing with the theme of and, VMware President Sumit Dhawan introduces VMware Tanzu Application Platform as being built for developers, and operations, and Cloud Centres of Excellence. VMware Tanzu Application Platform is a complete system for building and managing applications on Kubernetes, and was actually announced in September. You can find out more from the VMware Tanzu Application Platform blog. Sumit then announces VMware Tanzu Community Edition (more on this below), along with Project Dawn Patrol, which will provide full visibility for each cloud asset and its dependencies, across cloud providers. Review the high level messaging in more detail at the VMworld 2021 Day 1 Highlights: Accelerate Innovation blog, watch the VMworld General Session, or check out The Best of VMworld 2021 – On Demand blog.

My colleague James recorded this great summary which will get you up to speed on all the latest VMworld 2021 news in under 30 minutes!
VMworld Summary in under 30 minutes

Key Announcements

Announcing general availability of VMware Tanzu Community Edition. A free, open source, and community supported deployment that’s full-featured and easy to manage. Tanzu Community Edition can be installed in minutes and used to learn and evaluate with small-scale or preproduction environments. You can find out more from the Introducing VMware Tanzu Community Edition blog, the VMware Tanzu Community home page, and VMworld demo session Get up and Running with VMware Tanzu in 10 mins on Your Local Workstation with Tanzu Community Edition! [DEM2811]. Also coming soon, Tanzu Mission Control Starter, centralising management of Kubernetes clusters from multiple providers, for free. You can sign up at the VMware Tanzu Mission Control Starter page.

Announcing general availability of Dell APEX Cloud Services with VMware Cloud. Dell’s APEX Services have partnered with VMware Cloud Services to provide on-premises Infrastructure-as-a-Service (IaaS), a fully managed Dell hardware and VMware software stack physically located at the customers site. All aspects of the service and underlying infrastructure are supported and maintained by Dell. The service is available with a 99.99% availability guarantee in 1 or 3 year terms, and can be ordered through the APEX portal which also allows customers to subscribe, operate, and optimise their local cloud. For more information see the Announcing Dell Technologies APEX Cloud Services with VMware Cloud blog and VMworld sessions The Future of Local and Distributed Cloud with VMware and Dell Technologies [MCL2735] and Cloud or On-Prem? BOTH – APEX Cloud Services with VMware Cloud Brings the Cloud to the Data Center [MCL2152].

Announcing technology preview of Project Arctic and Project Cascade. Project Arctic is a really exciting development, aimed at bringing hybrid cloud to customers existing vSphere deployment model. Project Arctic will make vSphere cloud-aware, by integrating VMware Cross-Cloud Services featuring scale out capacity to any cloud, and disaster recovery capabilities. Furthermore, customers on-premises environments can transition to as-a-service; with hands off maintenance and pay-as-you-grow consumption. Project Cascade builds on VMware’s Kubernetes investments, providing a unified interface for on-demand infrastructure and containers across VMware Cloud platforms from a single API or GUI. Project Cascade will enable true open multi-cloud powered by Kubernetes. For more information on Projects Arctic and Cascade see the vSphere Innovation blog.

Announcing technology preview of Project Capitola. Last year VMware announced Project Monterey; boosting performance by offloading infrastructure service functions to DPUs, as well as strengthening security by isolating workload and infrastructure domains. Building on these hardware innovation and next gen workload themes, Project Capitola provides applications with a transparent, unified, and scalable software defined memory tier. Memory types across PMEM, DRAM, NVMe, and future technologies are aggregated, creating a unified consumption model of memory resources. This solves the upcoming problem of building silos of memory tiers for different business and budget needs. You can find out more on in the Introducing Project Capitola blog, and VMworld sessions Introducing VMware Project Capitola: Unbounding the ‘Memory Bound’ [MCL1453] and Prepared for the New Memory Technology in Next Year’s Enterprise Servers? [VI2334].

Announcing the VMware Sovereign Cloud initiative. In an era where data is king, technologists and decision makers rely more and more on dominant hyperscalers like AWS, Microsoft, and Google. Whilst organisations can retain a level of control through building, generally complex, security architectures; handing the keys to the kingdom to US-based entities should be treated with caution. Joe Baguley, VP & CTO EMEA, VMware, explains more in the blog post Sovereign Clouds: Cloud-first to cloud-smart. With this in mind, VMware have announced the Sovereign Cloud initiative, providing cloud services for data sovereignty and local mandates through VMware Cloud Providers that have met the requirements of the Sovereign Cloud Framework. You can read more in the blog Sovereign Cloud is here, and it’s delivered by VMware Cloud Providers.

If you’re confused by all the ‘projects’ announced as technology previews by VMware you can review them all in one place from the VMworld 2021 – Summary of VMware Projects blog by Michael Rebmann.

VMware Cloud on AWS

  • Announcing general availability of Tanzu Services with VMware Cloud on AWS. Tanzu Kubernetes Grid (TKG) provides a Kubernetes runtime directly inside the hypervisor, compliant with upstream Kubernetes, and enabling management of both virtual machines and containers from within the vSphere Client. Tanzu Mission Control (TMC) centralises lifecycle and policy management, with global visibility and diagnostics, across all Kubernetes clusters from a single pane of glass. There is no extra cost for TKG and TMC Essentials, this is built into the existing VMware Cloud on AWS pricing which is fantastic news for existing customers.
  • Announcing general availability of VMware Cloud on AWS Outposts. VMware Cloud on AWS Outposts brings all the goodness of the VMware Software-Defined Data Centre, with the cloud operating model of AWS, directly into the customers on-premises location. Network teams can plumb in local connections, while the service retains its integration with native AWS services and hybrid linked mode connectivity with other vSphere-based environments.
Announcing VMware Cloud on AWS Outposts
  • Limited time price promotion: 1-year or 3-year subscriptions for i3.metal hosts, purchased between 15 October 2021 and 26 January 2021, are eligible for a 15% discount.
  • Support for 2-host Stretched Cluster. Allowing highly available deployments across 2 Availability Zones with a host in each with a 99.9% availability guarantee.
  • Integration and support for VMware Carbon Black Workload and VMware NSX Advanced Firewall add-on. The NSX Advanced Firewall add-on provides Distributed Intrusion Detection/Prevention System (IDS/IPS), and Distributed Firewall with FQDN filtering, layer 7 app ID, and Active Directory based user Identity Firewall (IDFW).
  • SDDC v1.16, upgrading to major releases of all core products; vSphere 7.0 U3, vSAN 7.0 U3, NSX-T v3.1.3, and VM hardware v17.
  • VMware Cloud Disaster Recovery (VCDR) introduction of the 30-minute Recovery Point Objective (RPO) for mission critical on-premises workloads. File and folder-level recovery for accelerated ransomware recovery.

You can find out more about these VMware Cloud on AWS announcements from the following resources:

SASE and Edge

Earlier in the year VMware released the blueprint for their Secure Access Service Edge (SASE). This started with VMware Secure Access; enabling zero trust remote access for the distributed workforce, shrinking the attack surface, and routing traffic optimally. VMware SASE is now being enhanced with 2 new services announced at VMworld 2021. Both are hosted at VMware’s SASE Points of Presence (PoP) and integrate seamlessly with VMware Secure Access:

  • Announcing Cloud Access Security Broker (CASB). VMware’s CASB solution helps IT gain more visibility into shadow IT, and control trusted or untrusted applications based on the users role within the organisation.
  • Announcing Data Loss Prevention (DLP). VMware’s DLP solution protects against data leaks and helps comply with data privacy laws, improving security and compliance postures.

The next key announcement in anywhere workspace features new capabilities built into the Workspace One platform. The Workspace One device health engine proactively ensures endpoints are fully secured, and blocks access to resources for devices that don’t meet security posture requirements. Secondly, a new AI-driven capability will identify user experience and security anomalies, then finds the root cause and makes fix recommendations. You can review the full list of end user computing announcements in the blog All our VMworld 2021 Anywhere Workspace, Workspace ONE and Horizon Announcements.

VMware SASE enhancements at VMworld 2021

Announcing VMware Edge Compute Stack. VMware Edge Compute Stack builds vSphere, Tanzu, and SD-WAN services into edge Hyper-Converged Infrastructure to run VM or container based edge-native applications at the far and near edge. SASE architecture with on-demand cloud services provides SD-WAN and Secure Access services with high performance close to users, from edge appliances. Building on both these concepts is Project Santa Cruz; consolidated edge applications with deployment capabilities for network services, SD-WAN, and application services. These capabilities require only a single hardware investment, with functionality then pushed out through software updates.

Another innovative and relevant announcement was the technical preview of SD-WAN for First Responders. SD-WAN for First Responders enables SD-WAN connectivity with L2 redundancy across LTE/5G carriers in a compact, mobile, ruggedized form factor. Packets are steered across links in real time, and then reassembled at the edge gateways. Testing has proven carrier changing at high speeds without packet loss, with additional Wi-Fi hotspot capabilities for temporary sites or emergency scenes.

Check out the great Edge Computing in the VMware Office of the CTO: Innovations on the Horizon [VI2484] VMworld 2021 session for more information, as well as the VMware Edge Compute Stack product page.

vRealize Cloud Management

Announcing tech preview of Project Ensemble. Although vRealize Operations has been intended as the central operational view for VMware and cloud based infrastructure, there is work to do to fully integrate and switch between solutions and platforms. Enter Project Ensemble. Project Ensemble allows users to track an entity consistently across all VMware solutions, from a unified control plane. Metrics and insights from the breadth of the vRealize Suite are used to deliver a public cloud consumption experience, with in-context switching for deep dives, global search, and unified configuration history. App-centric management enhances application discovery across the portfolio, including deep analysis of app behaviour, with the context of the underlying infrastructure or service. Machine Learning (ML) digests and understands unique environmental behaviours, predicts app and infrastructure behaviour, and creates a unified analytics approach to operational information.

Announcing changes to vRealize True Visibility Suite (TVS). All compute and storage management packs are now included in all editions of vRealize Operations at no extra cost. This gives existing and new consumers monitoring and insights out of the box for hardware such as Dell, EMC, HPE, Nimble, IBM, Lenovo, NetApp, Pure Storage, and Cohesity. TVS Advanced and Enterprise are still available as an uplift covering additional modules for things like application, database, and network. vRealize Operations now includes some nice in-app guides and customer journey maps to improve time-to-value with day 0 guided onboarding, configurations, dashboards, and notifications. Additionally, vROps looks to have benefited from a nice UI upgrade, along with some new sustainability dashboards.

You can find out more about these vRealize Cloud Management announcements from the following resources:

A closing point of note, is that Skyline Advisor Pro is available free of charge to Production, Premier, vRealize Cloud Universal, and Success 360 customers. Skyline Advisor Pro is faster, bringing in new data within 4 hours, features smarter insights and historical data, including end of support information, and simpler to use. Not technically a VMworld release but a recent announcement that can provide value at no extra cost. For more information take a look at the Announcing Skyline Advisor Pro: The Next Level of Proactive Intelligence blog.

As with last year, William Lam has now compiled a list of direct URLs for all on-demand sessions, available on GitHub.

Finally, huge shout out to the Virtually Speaking Podcast, where you can find 15 minute episodes on many of the topics above which I used to recap VMworld while out on the road

Why Bother With VMworld 2021?

VMworld is VMware’s flagship event, typically attracting 20,000+ people in the US (San Francisco) and 13,000+ in EMEA (Barcelona). As with 2020, VMworld 2021 is virtual and online. The annual conference is in its 18th year, currently focused on accelerating business innovation by delivering and securing modern applications, managing multiple clouds, and seamlessly supporting an anywhere workspace.

This year at VMworld 2021 the content catalogue is a reflection of how fast technology and society have moved as events unfolded over the past 12-18 months. There is an increase in sessions focused on enabling the anywhere workforce with Secure Access Service Edge (SASE), as well as break out sessions and customers stories on responding to the global pandemic. Noticeable additions also for sustainable data centres and operating carbon neutral businesses and IT. Modern applications and multi-cloud continue to grow whilst there are a lot of new topics and trends coming out of the security business unit across all of VMware’s solutions. Finally, Raghu Raghuram will lead the VMworld 2021 key note in the first flagship event since Pat Gelsinger made the switch to Intel.

The general pass for the event is completely free, which opens the content up to more people who previously could not get funding or could not take time out to travel. A Tech+ pass is also available for certain sessions. I’ve been fortunate enough to attend VMworld in-person in 2018 as a customer, and 2019 as a partner and speaker. In essence the benefits of VMworld haven’t been taken away. Technical content ranges from levels 100 through to 300 delivered in breakout sessions, panel discussions, meet the expert roundtables, design studios, and tutorials, ensuring there is something for everyone. Expert-led Hands-on-Labs provide sandpit environments for you to test and break with someone on hand when you need assistance. These types of sessions for someone like me who learns ‘doing’ have always been more beneficial than reading a textbook or completing a training course.

The entertainment elements of the event are still there although this time you can bring family along too. Clearly what’s missing are mass social gatherings with peers to build relationships and talk tech over a drink. But there are no hangovers, no hefty bar tab, no sore feet, and no queueing. All in whilst I’m looking forward to VMworld in-person again one day, the virtual event is absolutely worth the effort, for training, certification, and development, for industry announcements on the latest tech, for career progression, and just for taking some time out of meetings and emails! I’ve picked out some of the sessions I’m looking forward to below, you can register now and view the content catalogue at vmworld.com.

Starting with application modernisation, these 3 sessions look like they’ll give a great overview on deploying VMware’s Kubernetes runtime across platforms, first by enabling it in vSphere, and then at the edge with VMware Cloud Foundation. EDG1294 in particular will include a customer story around supporting the Ministry of Health in the midst of a pandemic.

  • Cloud Infrastructure Transformation with VMware Tanzu Basic and Tanzu Standard [APP2454] Technical level 100
  • Deploying VMs and Kubernetes with VMware Cloud Foundation at the Edge [EDG1294] Technical level 100
  • Get Started with vSphere with Tanzu [MCL1648] Technical level 200

Onto security, and I think it’s worth looking at how far NSX has come since the Distributed Firewall, with Network Detection and Response, Distributed IDS/IPS, and Layer 7 firewall capabilities, and another customer example from William Hill. The final session I’ve picked demonstrates the implementation of security guard rails across AWS accounts and Azure subscriptions using CloudHealth Secure State.

  • The Last Line at VMware – The Security AI in Our Pocket [SEC2103] Technical level 200
  • NSX IDS/IPS – Design Studio [UX2555] Design studio
  • Get Connected Rapidly with Airtight Security, Featuring William Hill [SEC2087] Business level 200
  • Detection to Response: Operationalizing Cloud Security Posture Management [SEC1397] Technical level 200

My 3 wildcards now and I’ve gone with the completely unglamorous Oracle and SQL licensing on VMware, because this is actually useful to customers. Project Monterey is certainly worth checking out if you’re interested in data centre hardware and how ESXi will run on SmartNICS. Then finally one of a number of sessions around SASE and SD-WAN, this one though focusing on how both a distributed workforce and distributed systems can be joined together and secured.

  • Licensing Oracle and SQL Server on the VMware Hybrid Cloud [MCL1997] Technical level 200
  • 10 Things You Need to Know About Project Monterey [MCL1833] Technical level 200
  • Cloud First: Secure SD-WAN & SASE – Complete & Secure Onramp to Multi-Cloud [EDG2813S] Technical level 200

All of the sessions above are included in the free general pass. I also picked out an additional 4 deep dive sessions that look great but are open to Tech+ pass holders only:

  • Architecting Multi-Cloud Horizon [EUS1547] Technical level 300
  • Azure VMware Solution: Deployment Deep Dive [MCL2036] Technical level 300
  • Detecting and Preventing Threats with NSX Advanced Threat Prevention [SEC2208] Technical level 300
  • Using Contextual Search and the MITRE ATT&CK Framework to improve Public Cloud Security [SEC1518] Technical level 300

In summary, for VMware customers or anybody interested in the industry, this is a great opportunity for technical teams to get up to speed on the latest technology innovations, and capabilities of solutions they either already manage or are looking to deploy. If you’re working towards being VMware certified then this really is a no-brainer! There are over 800 sessions listed in the content catalogue as it stands and expect more entertainment sessions to be added over the coming weeks.

VMworld Online 2021

How to Install vSphere 7.0 – vRealize Operations Manager 8.2

How to Install vSphere 7.0 – vRealize Operations Manager 8.2

Introduction

In this post we take a look at a vRealize Operations (vROps) deployment for vSphere 7; building on the installation of vCenter 7.0 U1 and vSAN 7.0 U1. Shortly after installing vROps 8.2, vRealize Operations 8.3 was released. The install process is similar, you can read what’s new here and see the upgrade process here.

vRealize Operations is an IT operations management tool for monitoring full-stack physical, virtual, and cloud infrastructure, along with virtual machine, container, operating system, and application level insights. vROps provides performance and capacity optimisation, monitoring and alerting, troubleshooting and remediation, and dashboards and reporting. vROps also handles private costings, showback, and what-if scenarios for VMware, VMware Cloud, and public cloud workloads. Many of these features have been released with version 8.2, and now work slicker fully integrated into the vROps user interface, rather than a standalone product. Previously vRealize Business would cater for similar costing requirements, but has since been declared end of life.

vRealize Operations can be deployed on-premises to an existing VMware environment, or consumed Software-as-a-Service (SaaS). vRealize Operations Cloud has the same functionality, with the ongoing operational overhead of lifecycle management and maintenance taken care of by VMware. Multiple vCenter Servers or cloud accounts can be managed and monitored from a single vROps instance. For more information on vROps see the What is vRealize Operations product page.

vRealize Operations Manager 8.2 Install Guide

The vRealize Operations Manager installation for lone instances is really straight forward, as is applying management packs for monitoring additional environments. Where the installation may get more complex, is if multiple cluster nodes need to be deployed, along with remote collector nodes, and/or multiple instances. If you think this may apply to you review the complexity levels outlined in the vRealize Operations Manager 8.2 Deployment Guide.

The installation steps below walk through the process of installing vROps using the master node. All deployments start out with a master node, which in some cases is sufficient to manage itself and perform all data collection and analysis operations. Optional nodes can be added in the form of; further data nodes for larger deployments, replica nodes for highly available deployments, and remote collector nodes for distributed deployments. Remote collector nodes, for example, can be used to compress and encrypt data collected at another site or another VMware Cloud platform. This could be an architecture where a solution like Azure VMware Solution is in use, with an on-premises installation of vROps. For more information on the different node types and availability setups see the deployment guide linked above.

When considering the deployment size and node design for vROps, review the VMware KB ​vRealize Operations Manager Sizing Guidelines, which is kept up to date with sizing requirements for the latest versions. The compute and storage allocations needed depend on your environment, the type of data collected, the data retention period, and the deployment type.

Installation

Before starting ensure you have a static IP address ready for the master node, or (ideally and) a Fully Qualified Domain Name (FQDN) with forward and reverse DNS entries. For larger than single node deployments check the Cluster Requirements section of the deployment guide.

The vRealize Operations Manager appliance can be downloaded in Open Virtualisation Format (OVF) here, and the release note for v8.2.0 here. As with many VMware products a 60 day evaluation period is applied. The vRealize Operations Manager OVF needs to be deployed for each vROps cluster node in the environment. Deployment and configuration of vRealize Operations Manager can also be automated using vRealize Suite Lifecycle Manager.

vRealize Operations Manager download

Log into the vSphere client and deploy the OVF (right click the data centre, cluster, or host object and select Deploy OVF Template).

The deployment interface prompts for the usual options like compute, storage, and IP address allocation, as well as the appliance size based on the sizing guidelines above. Do not include an underscore (_) in the hostname. The disk sizes (20 GB, 250 GB, 4 GB) are the same regardless of the appliance size configured. New disks can be added, but extending existing disks is not supported. Also be aware that snapshots can cause performance degradation and should not be used. For this deployment I have selected a small deployment; 4 CPU, 16 GB RAM.

Once deployed browse to the appliance FQDN or IP address to complete the appliance setup. You can double check the IP address from the virtual machine page in vSphere or the remote console. For larger environments and additional settings like custom certificates, high availability, and multiple nodes select New Installation. In this instance since vROps will be managing only a single vCenter with 3 or 4 hosts I select the Express Installation.

vRealize Operations Manager start page

The vRealize Operations Manager appliance will be set as the master node, this configuration can be scaled out later on if needed. Click Next to continue.

vRealize Operations Manager new cluster setup

Set an administrator password at least 8 characters long, with an uppercase and lowercase letter, number, and special character, then click Next. Note that the user name is admin, and not administrator.

vRealize Operations Manager administrator credentials

Click Finish to apply the configuration. A loading bar preparing vRealize Operations Manager for first use will appear. This stage can take up to 15 minutes.

vRealize Operations Manager initial setup

Login with the username admin and the password set earlier.

vRealize Operations Manager login page

There are a few final steps to configure before gaining access to the user interface. Click Next.

vRealize Operations Manager final setup

Accept the End User License Agreement (EULA) and click Next.

vRealize Operations Manager terms and conditions

Enter the license information and click Next.

vRealize Operations Manager license information

Select or deselect the Customer Experience Improvement Program (CEIP) option and click Next. Click Finish to progress to the vROps user interface.

vRealize Operations Manager final setup

Finally we’re into vRealize Operations home page, take a look around, or go straight into Add Cloud Account.

vRealize Operations Manager home page

Select the account type, in this case we’re adding a vCenter.

vRealize Operations Manager account types

Enter a name for the account, and the vCenter Server FQDN or IP address. I’m using the default collector group since we are only monitoring a small lab environment. You can test using Validate Connection, then click Add.

vRealize Operations Manager add vCenter Server

Give the vCenter account a few minutes to sync up, the status should change to OK. A message in the right-hand corner will notify that the vCenter collection is in progress.

vRealize Operations Manager vCenter collection

Back at the home page a prompt is displayed to set the currency; configurable under Administration, Management, Global Settings, Currency. In this case I’ve set GBP(£). For accurate cost comparisons and environment specific optimisations you can also add your own costs for things like hardware, software, facilities, and labour. Cost data can be customised under Administration, Configuration, Cost Settings.

vRealize Operations Manager quick start page

A common next step is to configure access using your corporate Identity Provider, such as Active Directory. Click Administration, Access, Authentication Sources, Add, and configure the relevant settings.

Multiple vCenter Servers can be managed from the vRealize Operations Manager interface. Individual vCenter Servers can also access vROps data from the vSphere client, from the Menu dropdown and vRealize Operations. A number of nested ESXi hosts are shut down in this environment which is generating the critical errors in the screenshot.

vRealize Operations Manager overview page

Featured image by Jonas Svidras on Unsplash