vSAN 7 Update 1 has been announced, so let's look at what it brings into the table.
In the figure below, you will see what new features are available in this release.
|New features in vSAN 7 Update 1|
VMware HCI Mesh
It is a possibility to mount remote vSAN datastore from external (aka Server) vSAN Cluster to multiple Client vSAN Clusters. An example topology is depicted in the figure below.
|vSAN HCI Mesh|
HCI Mesh allows multiple client vSAN clusters can mount and share a remote datastore from vSAN Server Cluster. A single datastore can be mounted up to a maximum of 64 hosts, including the server cluster's hosts. With such topology, you can do vMotion (Compute only) across multiple vSphere/vSAN Clusters.
With HCI Mesh you can also do a Full Mesh where vSAN Cluster acts as Client and Server of HCI Mesh. Such topology is depicted below, where all three clusters are both clients and servers.
Such Full Mesh topology is ideal for homogeneous clusters and equalizes storage consumption across clusters. Scalability of such topology is limited to 5 remote datastores and 5 client datastores. In other words, Client clusters can mount a maximum of 5 remote datastores, and Server clusters can export up to a maximum of 5 client clusters.
Few more notes about HCI Mesh
- HCI Mesh Client server is vSAN Cluster. So, the minimum node count is 2-node vSAN Cluster
- Compute-only vSAN cluster technically works but not recommended and supported at the moment.
- Meshing Hybrid and All-Flash datastores is supported
vSAN Native File Services
VMware is extending vSAN File Services to SMB protocol. SMB is integrated with Microsoft Active Directory and supports Kerberos authentication. This means that vSAN now supports NFS (version 3 and 4.1) and SMB.
vSAN Data-in-Transit Encryption
vSAN 7 Update 1 increases overall security with native Inter-node encryption of vSAN data traffic over TCP, which ensures data privacy, authentication, and integrity, leveraging existing FIPS-2 validated crypto module. The interesting fact is, that external Key Management Server (KMS) is not required for this feature. However, please be aware that vSAN Mesh and Data-in-Transit Encryption together are not supported in this release.
|vSAN Data-in-Transit Encryption|
SSD Secure Erase (Secure wipe method)
vSAN 7 Update 1 has the option to securely erase SSDs for Dell and HPE supported devices at this release, so HPE & Dell vSAN Ready Nodes and DellEMC VxRail should be able to use this feature. Other hardware vendors will obviously come in the future.
Overall performance optimization
Based on VMware internal performance tests, vSAN 7 Update 1 should be approximately 30% faster in comparison to vSAN 6.7 U3, which was the fastest vSAN release so far. I know this is a kind of vague statement without further details but I personally believe, the vSAN performance, especially in the All-Flash model, was already good enough for the majority of traditional workloads. Of course, additional performance improvements are always nice to have but I think there are other factors which are more important at least for customers I work with.
vSAN prior 7 Update 1 supported compression together with deduplication. vSAN 7 Update 1 decouples the compression feature from the deduplication feature to allow space efficiency with a lower performance overhead caused by the deduplication algorithm.
When both features (Dedup & Compress) are turned on, it works in the following way ...
- Per disk group
- Occurs when destaging to the capacity tier
- 4KB fixed blocks
- Occurs after dedup, prior to data being destaged
- If block is compressed <= 2KB
- Otherwise full 4KB block is stored
|Enhanced Durability During Maintenance Mode|
- Full data Evacuation <-- time-consuming operation but vSAN objects stay protected per Storage Policy intent
- Ensure Availability <-- it checks that none vSAN object becomes unavailable, but can become unprotected
- Nothing <-- this is very dangerous and can cause a data loss
- Only available when another Host or Failure Domain is available
- Can be the same host as the witness component
- Applies to both RAID Mirroring and Erasure Coding
- Significant improvement in cluster upgrades due to faster host reboots
- Host metadata is written to disk before a reboot and read back to memory after reboot. This is faster than rebuilding metadata.
- Average 5x improvement in host reboot times
- 12 node cluster = ~16%
- 24 node cluster = ~12%
- 48 node cluster =~ 10%
- Resync operations such as policy changes, rebalancing, and data movement
- Rebuild activities due to failures
|Slack space is Reserved Capacity|
- Operations reserve
- Host rebuild reserve
- vSAN Fault Domains, 2-node, and Stretched Clusters awareness
- hardware compatibility pre-checks
- parallel cluster remediation of up to 64 clusters
- support for environments running NSX-T 3.1
|vSAN & vLCM|
|vSAN alternate default gateway|
- Quick and easy tool in vSphere Client to capture workload IO characteristics on VSAN
- Rich IO Pattern metrics and histograms to analyze R/W ratio, Seq/Random ratio, 4K aligned / unaligned ratio, IO size distribution
- Finer granular IO performance metrics
|vSAN IO Insight|