VMware vSphere 6.5 is Out: Should you Care?

Today VMware announced the release of vSphere 6.5. Most of the core bits are available to download and take for a spin in your test environment. But wait, you say, isn’t this just a point release? It’s not like it’s vSphere 7 or something. Does it have enough value to consider upgrading?

I’ll let you be the judge.

Less Stuff

VMware has encouraged users to make the move from the Windows-based vCenter Server deployment to the vCenter Server Appliance for years now. With vSphere 6.5 the reasons to do so are more compelling than ever.

There’s a built-in migration option in the VCSA installer to migrate from your Windows-based vCenter to a shiny new 6.5 VCSA. What new and interesting reasons has VMware given us this time to convince us to move? For starters the vSphere Update Manager, or VUM, is now integrated with the VCSA. No more separate Windows-based VUM install. That’s one less thing to manage (and license!).

The new 6.5 VCSA is now based on VMware Photon instead of SUSE Linux. How does that benefit you? Photon is a lean-and-mean Linux distribution that will let VCSA users do more with less. Early indications, albeit reported from lab environments, suggests the savings are real.

The VCSA 6.5 documentation and install procedure suggests that database options have been greatly reduced. To one. The new VCSA appears to support only the vPostgres database and no longer supports external 3rd party databases. Makes sense, since VMware was able to match capacity maximums with vPostgres. That’s another thing you don’t have to manage (and license!). But what about DB resiliency? Aren’t we going to miss out on that with the VCSA? Read on, dear reader.

Resilient Stuff

With VCSA and the fully integrated VUM running on top of Photon, VMware now controls and is responsible for the core vSphere management solution from soup to nuts. That means if there are any optimizations and efficiencies to squeeze out, VMware’s in a place to do the squeezing. It also means that any functional or security issues are dealt with by VMware directly.

A lovely side effect of this is that VMware can now introduce new features and options that may have been challenging in the past due to limitations imposed by external dependencies. There’s built-in backup and restore functionality, and an improved appliance management interface.

One of the most sorely hoped for features, especially since vCenter Server Heartbeat was binned, is native support for high availability. Your VCSA deployment can now consist of Active, Passive and Witness nodes. Together they form a mesh, if you will, that provides vCenter resilience. This will help avoid vCenter unavailability when there are key service or entire node outages within VCSA.

From a host and VM standpoint, proactive HA, new advanced DRS options, improved admission control and HA orchestrated restart will work to balance your clusters to meet your needs. If you’re concerned about HA-based boot storms, the new DRS VM Distribution option will make sure that VMs are spread out relatively evenly across clustered hosts, and HA orchestrated restart will bring up your VMs in the order you specify so that there’s less chance of application components booting out-of-order.

Other Stuff

As if all of that weren’t enough, there’s other stuff!

vSphere is now capable of handling virtual machine encryption, with vCenter and the ESXi hosts coordinating with your CA to allow the hosts to encrypt and decrypt VMs as they’re read and written from and to underlying storage. This happens in the hypervisor, so no unencrypted bits leave the system. All of this is configured via storage policy. Check out my VMworld 2016 Roundup: Day 3 for more detail. Encryption coverage is on page 2.

vSphere 6.5 also introduces secure boot, for both hosts and VMs. For hosts, secure boot ensures that only known signed components are in use from the system’s UEFI up to the hypervisor itself. This means that you can be assured that your hosts are cryptographically clean, especially important for supporting the new encryption capabilities. For VMs, secure boot ensures that only signed drivers are allowed to run inside the guest OS.

“This house… is clean.” –Tangina, Poltergeist (1982)

Real Stuff

Since 6.5 is just fresh out the door, there are still a few bits missing. An updated PowerCLI isn’t out yet (word is it’s forthcoming), and vSphere 6.5 isn’t compatible with NSX just yet. Not to mention the vendor compatibility certification and custom images that are yet to come with so fresh of a release. Some of the intriguing promised features, like the HTML5 based vSphere client, aren’t fully feature complete yet either, but work is still underway. So we’ll have to make due with the vSphere Web Client for a while longer.

So, should you care and bother with vSphere 6.5? As always, that’s up to you. Me, I find that there’s enough new compelling features to recommend working on your upgrade plans. And we just touched on the higher-level stuff. There are myriad fine detail improvements in 6.5. Check VMware’s vSphere blog for more details.

Then fire when ready! Once your compatibility needs are met, of course…

Featured image photo by tylerhoff