Browsing Posts in vSphere

Starting with vSphere 6.0, the new PSC component include not only the SSO part, but also a certification authority for certification management of all vSphere infrastructure elements (unfortunately is not been used yet by all the other VMware’s products). This simplified not only the certifications management (with auto-enrollment for expired certificates), but also the trust between the different connections.

Actually there are two different platform where you can run the vCenter Server components (including the PSC): Windows (both physical or virtual) or Linux (only with the vCSA, based on PhotonOS). Initially there was only a Windows version, then the vCenter Server Appliance (vCSA) was first introduced with the release of vSphere 5.0 and has since evolved to become the definitive deployment model for vCenter Server. Starting with vSphere 6.5 the vCSA has become the first choice and has raised the level of vCenter with new functionalities (not available on the Windows version).

Finally has been announced (or better, confirmed) that VMware plans to deprecate the Flash-based vSphere Web Client with the next numbered release (not update release) of VMware vSphere. What does it mean, that the HTML5-based vSphere Client will become the only GUI client… finally! After the death of the vSphere Client for Windows, written with C# and with several issues, like the console issues with Windows 10, but also with several inconsistency with the others clients, now it’s the turn of the Flash based client.

One propertiers of VMware (standard) virtual switches was the number of ports per switch. A parameter (120 was the default in ESXi 5.x) that define how many virtual NIC and/or vmkernel interfaces you can connect to the virtual switch portgroups. This parameter was static and any changes require a host reboot. But starting with vSphere 5.5 (see KB 2064511) this parameter has become “elastic”.

Several people are disabling IPv6 support in ESXi for different reasons: because of the minimum privilege principle (if you are not using a service, why you have to keep it enabled?) or simple because they don’t want any IPv6 address in the network. On Linux and Windows systems is become very difficult disable it and Microsoft itself does not recommend disabling IPV6: ” We do not recommend that you disable IPv6 or its components, or some Windows components may not function.” (

VMware vSphere 6.5 Update 1 has been released on July 27, 2017 with several bug fix, some improvements, but also some interesting changing in maximum numbers (for vCenter in linked-mode) and an interesting news for the Foundation edition that now can manage up to 4 nodes (and not only 3 nodes like in the past). Seems a minor improvement, but demostrare how VMware takes care of its customers. In discussions with customers with smaller environments, VMware has received feedback that 3 host environments were too small in many cases, and just another hosts could be enough […]

The new VMware Virtual SAN (or vSAN) 6.6 adds several enchaments and new features as described in the announce notes. Some interesting news are related to security aspects and how data-at-rest could be protected: one option could be new vSphere 6.5 VM encryption format but now it’s also possible use the native vSAN encryption. Duncan’s post explains the difference of those two approaches.

The new VMware Virtual SAN (or vSAN) 6.6 adds several enchaments and new features as described in the announce notes. Most of those aspects are related to data and cluster resiliency (as expected by a storage solution), including:

VMware has announced the discontinuation of its third party virtual switch (vSwitch) program, and plans to deprecate the VMware vSphere APIs used by third party switches in the release following vSphere 6.5 Update 1. Subsequent vSphere versions will have the third party vSwitch APIs completely removed and third party vSwitches will no longer work. In the past years, VMware has recommended the Nexus 1000V users to move into the VMware vSphere Distributed Switch to avoid future problems, now it’s clear the product version where you can go.

Recently VMware has released a few security patches that will prevent a guest from execute code on the ESXi host and breaking the isolation of a virtual machine. This has been possible based on heap buffer overflow and uninitialized stack memory usage in SVGA, using this bug may allow a guest to execute code on the host. Note that this particular issue impacts ESXi 6.0 or later as also latest version of VMware Workstation, Player and Fusion.

If you are using the legacy VMware vSphere Client on Windows 10 you may have some issues with the VM console that display only a part of the screen and leave blank other parts. You can use other clients (like the Web Client if you have vCenter or the Host UI if you have at least ESXi 6.0U2), but maybe you will have other issues (for example on ESXi 6.0 host UI console mouse may not work well or not at all).

© 2017 © 2013 vInfrastructure Blog | Hosted by Assyrus