A Closer Look into the VMware Cloud on AWS Q1 2023 Updates and SDDC Version 1.22
The Software-Defined Data Center (SDDC) version 1.22 release for VMware Cloud on AWS and numerous service updates released in Q1 2023 introduce new capabilities to the VMware flagship cloud offering. The SDDC version 1.22, released on 02 May 2023, brings the latest vSphere and NSX updates to the cloud service, featuring vSphere 8 Update 1 and NSX 4.1 product updates, aligning with the latest and greatest release of the vSphere platform. SDDC version 1.22 represents an essential release - all new SDDCs deployed after 02 May 2022 will automatically use version 1.22. However, existing SDDCs must be updated to version 1.22 according to the VMware Cloud on AWS lifecycle management. Not all features are bound to the bundle updates. Some are enabled on the service side and instantly available to new and “brownfield” SDDCs. We will highlight the bundle dependencies where applicable.
New Elasticity Options
Elastic capacity is one of the many benefits of using VMware Cloud on AWS. Customers could choose a specific Elastic DRS (EDRS) policy for scaling out and scaling in their clusters running in their Software-Defined Data Centers (SDDCs) on VMware Cloud on AWS.
With the latest Cloud Console updates, customers will have even more flexibility with scalability configurations. A new 'Elasticity' tab is in the top menu making it easier to configure EDRS policies, including a new custom policy option! Check out this page for more technical information! This update is not specifically tied to SDDC version 1.22. All customers running versions prior to 1.22 will benefit from these new capabilities!
The support for mounting external NFS datastores using Amazon FSx for NetApp ONTAP allowed customers to decouple storage from the compute platform and therefore benefit from an elastic storage platform that scales in line with their growing workload demands. We continued the enhancement of this functionality and added a couple of essential features to the list.
The initial release established the NFS mount using a single TCP connection between each SDDC host and the Amazon FSx for NetApp ONTAP NFS endpoint. However, as of the SDDC version 1.22, customers can now benefit from the nconnect capability, which has been enabled to utilize multiple TCP connections, resulting in improved storage performance.
Today, the default number of connections has been set to 2. Nonetheless, using nconnect without any additional configurations out-of-the-box, you can enhance the performance of your decoupled NFS storage, particularly in a cloud environment that may experience resource limitations on a TCP connection. This feature requires SDDC version 1.22 or above.
Single-AZ Amazon FSx for NetApp ONTAP filesystem support
Another exciting announcement in the VMware Cloud on AWS storage space was the recent support for single-AZ Amazon FSx for NetApp ONTAP filesystem. In broad terms, the single-AZ Amazon FSx for NetApp ONTAP filesystem provides a cost-effective means of integrating external NFS datastore storage for specific use cases that do not require data resiliency across Availability Zones. Specific workloads like development and testing can benefit from the NetApp ONTAP data management capabilities and features without requiring multi-AZ resiliency. Single-AZ file systems present a cost-optimized solution for these use cases by replicating data within a single Availability Zone. However, it is worth noting that, similar to Multi-AZ filesystems, single-AZ filesystems also feature automatic backups stored across multiple AZs for high durability. This feature is available for all SDDC versions. Further details can be found on VMware TechZone and in the VMware Cloud on AWS configuration documentation.
Support for Cluster rename
The name of clusters was fixed in VMware Cloud on AWS Software-Defined Data Center (SDDC) deployments. The default name is 'Cluster-n' with an ascending number. While this typically wasn't an issue, customers desired the ability to change cluster names to better align with a cluster purpose or operations. As of the SDDC version 1.22, customers can now rename their cluster from the VMware Cloud Console! This feature requires SDDC version 1.22 and above.
Note: This feature is only available for clusters with two or more hosts.
Federated Login to the SDDC vCenter Server
With the previous introduction of the two features, Enterprise Federation and Role Groups, the VMware Cloud Services Platform (CSP) for VMware Cloud Services was able to truly support an enterprise identity use case for corporate identities and credentials. Using identity federation, enterprises were able to use their corporate identities and credentials to both login to the CSP and manage access to the services, organizations, and features within their VMware Cloud Services.
With the new functionality, we will be able to extend identity federation to the SDDC vCenter. Once enabled on the SDDC via the Settings tab, Federated Login configures the SDDC vCenter Server to trust VMware Cloud Services as an identity provider. Therefore, in an SDDC where Federated Login is enabled, you log into the SDDC vCenter Server using your VMware Cloud Services credentials and are granted access to the SDDC vCenter Server with the username and group memberships defined in your federated identity provider account.
OAuth App Support for VMware Cloud Automation Tools
The latest release of the VMC Terraform provider (v1.13) and the Python automation utility for VMC now support OAuth 2.0 app authentication, allowing users to register the automation tool of choice as an OAuth 2.0 app within VMware Cloud. With this new feature, automation engineers looking to automate their VMware Cloud on AWS deployments can manage secrets at the organizational level without having to be tied to individual developers’ API access tokens.
For more information and a step-by-step guide on taking advantage of this new feature, please refer to the announcement blog post.
VMware Cloud on AWS SDDC version 1.22 features NSX 4.1 and brings a lot of networking enhancements:
- Enhancing IPv6 support. Now you can enable dual-stack over Direct Connect and Transit Connect
- Certificate-Based Authentication for VPN Configurations
- New Networking & Security Dashboard replacing the Network & Security Tab in the SDDC Console.
This new page replaces the legacy Networking & Security tab, providing superior browser performance and a simplified overview of the critical network configuration options. To change the network configuration of your SDDC, you will use the NSX Manager UI.