VMware has recently released vSphere 7 Update 2, and there is a lot of new stuff to look out for. vSphere, VMware’s server virtualization product, has been an industry favorite for a long time. The vSphere 7 came out in April 2020, and this is so far the second update to it, hence the name. 

When you look at the changes they’ve rolled out, you’ll know that they are really focusing on some key areas. As a result, VMware infrastructure is getting pretty solid and modern. From using container registries to incorporating Artificial Intelligence (AI) and Machine Learning (ML). 

vSphere7 Update 2: Updates to Look Out For

With this new update, VMware has basically three underlying goals:

• Make the infrastructure AI/ML ready
• Improve infrastructure and data security
• Make the product simpler to use

So all the new features they have rolled out implement these goals in one way or another. Here are the new updates and features in vSphere 7:

vSphere with Tanzu

With Update 2, you can manage vSphere with Tanzu cluster lifecycle operations. Now, registries can be protected with internal or self-signed corporate certificates. This makes registries outside of vSphere easy to manage. Update 2 has also introduced SEV-ES security tools to protect CPU registers. It will make sure ESXi cannot decipher the memory in each pod. 

Additionally, NSX Advanced Load Balancer now comes with vSphere 7 with Tanzu. It’s a significant improvement for load balancing, which makes upgrades and lifecycle management more automatic. You can deploy it through NSX-T and network service. Earlier, HA proxy was needed for Tanzu load balancing, but not anymore. 

Better vLCM

vSphere Lifecycle Manager (vLCM) was made available with the release of vSphere 7. Now, it’s much more improved, as it includes vSAN bootstrap operations. What this means is that now you can deploy both vSAN and vCenter together way more easily. You don’t even need storage space first to create vCenter. 

ESXi Suspend to Memory

ESXi updates will be much faster, thanks to the suspend to memory operation. In other words, the VM’s state can be suspended to the memory. In practice, this can be paired with ESXi quick boot feature to suspend virtual machines to memory for a few minutes while you remediate the host. 

This adds a lot more flexibility to vSphere. You don’t have to use vMotion’s VMs for host patching. Instead, you can suspend the VMs to memory, buy yourself some time to patch hosts. It’s safe to say that of all the vSphere and VMware versions, these latest ones offer the most flexibility. 

AI Ready Infrastructure

VMware announced at VMworld 2020 that it would be partnering with NVIDIA to create more AI-ready solutions. With the vSphere Update 2, it has finally delivered on its promise. They are calling it the AI-Ready Enterprise Platform. With NVIDIA AI Enterprise Suite, you can find AI tools and frameworks that exclusively work with VMware and vSphere. 

This update roll-out also adds support for the latest GPU by NVIDIA, including Ampere. vSphere 7 now also supports NVIDIA GPUDirect RDMA for vGPU. As a result, the vGPU performance will be much faster. Now, you can also live migrate VMs with NVIDIA MIG vGPU, which means it runs undisruptive even during migration. 

ESXi Key Persistence

Part of the new security improvement features on vSphere 7 Update 2 is ESXi Key Persistence. You can now enable ESXi keys with hardware TPM, which is much more secure, flexible, and cost-effective. This means no more dependency loops in system design and more data-at-rest options.  

vSphere Native Key Provider

In addition to VMware monitoring tools, now you can use this new mechanism to make VM environment security even more robust. This mechanism allows data-at-rest protections. For instance, you can use vTPM, vSAN Encryption, and VM Encryption right from the get-go. You no longer have to rely on expensive third-party solutions for such encryptions. 

vTPM Support for Windows and Linux

You no longer need a physical TPM to work with the latest Windows and Linux guest operating systems. The vSphere Update 2 rolls out a virtual TPM for that. However, for security, VM encryption is necessary. As mentioned, now you can do that with vSphere 7 without needing a third-party solution. 

Content Distribution

VMware has taken inspiration from Content Delivery Network (CDN) to enable a similar content distribution mechanism within the virtual environment. You can now deliver scripts and utilities to any guest machine. This makes the administrator’s job much easier, especially when it comes to sharing files and scripts. For security, you can always use VMware log analysis to keep an eye on the users. 

vSphere HA Support

vSphere 7 HA now has PMEM support, which is storage created within memory. It allows you to create VMs pretty quickly. Workloads that use PMEM have vSphere high availability support and DRS initial placement. With admission control, whenever a VM is on, there’s ample failover capacity in case of a host failure in the cluster. 

This new feature requires VM hardware version 19. You will need to either manually upgrade or schedule the upgrade for the next reboot. Either way, it’s worth upgrading to make use of the HA support in regard to PMEM. 

AMD Updates

VMware has also looked into optimizing CPU with the vSphere Update 2 release. The AMD EPYC CPUs will perform even better, which means the VMware CPU ready time will be even smaller. Similarly, there are also improvements in load balancing. You’ll see a marked difference in vSphere hosts that use these CPUs. 

Conclusion

vSphere 7 Update 2 is already available for download. It’s a pretty impressive update that has targeted what users wanted, allowing organizations to use the new changes to meet their enterprise needs. In total, there are 90 small to medium additions in vSphere 7 with the release of Update 2. 

There are still not many features, or at least powerful features, for monitoring virtual servers and machines. So you will still need reliable monitoring like VirtualMetric’s VMware Monitoring that also covers vSphere. Regardless of how better the security on the new update is, monitoring is necessary for both efficiency and monitoring.