Along with the release of vSphere 7 Update 2, also came the vSAN 7 Update 2 as well. You may have read my posts on the vSphere 7 updates but if not, you’ll find it here. Update 2 is by design a major update for vSAN 7 so for the full list of updates, please do refer to the release notes where you’ll get the complete list. This blog is about my picks from all the updates that I feel deserve more of your attention.

vSAN HCI Mesh with Compute-Only clusters

With vSAN 7 Update 2, VMware has improved on the flexibility and scalability introduced by HCI Mesh in Update 1. Now, it is possible to mount remote vSAN datastores from non-vSAN based vSphere clusters.

vSAN HCI Mesh Improvements

This is massively important. I frequently come across customers who have enough vSAN for their needs and want to just add the compute nodes. This capability extends the benefit of HCI mesh to such scenarios and helps with the costs as well because vSAN licensing is not required for the participating HCI Mesh compute clusters.

It should be noted that this access still uses the native vSAN mechanisms for the operations i.e. not NFS or iSCSI. Also, the VM storage policy options are still available so that only the datastores that meet the required criteria, appear in the filtered list upon VM creation.

vSAN File Services

Important enhancements on the file service side include support for stretched and 2-node clusters which is especially welcome news for small scale deployments.

vSAN File Services

In addition to that, Data-in-Transit Encryption and UNMAP support are added. While support for snapshots has also been added for file services, that is mainly for the benefit of backup technology partners who will need to use appropriate APIs to take advantage of that capability.

Native Key Management support in vSAN

As I mentioned in my post about vSphere 7 Update 2, “Native Key Management” has just been introduced that allows vSphere functions to utilise a native key management solution based on vSphere Trusted Authority. vSAN 7 Update 2 supports the use of this functionality for its Data-At-Rest encryption requirements.

Native Key Management Support in vSAN

Note that does not affect the support of third-party KMS as both mechanisms utilise the same vSphere Trusted Authority for their operation. However, being able to use a simpler but native method, makes it easier for smaller organisations to adopt encryption by default, which is great news for the overall security of IT systems.

Skyline Health Diagnostics (SHD) Tool

There are many organisations that, due to the nature of their work, have a mandate to keep their systems air-gapped from the rest of the world. Due to this requirement, they are unable to take advantage of tools that proactively prevent issues and accelerate troubleshooting such as Skyline. I know for a fact that GSS loves it when they have customers with Skyline enabled and for good reason.

Skyline Health Diagnostics

So, it’s not a surprise that VMware is making this offline tool available which is completely offline. Armed with the latest signature library, it is able to scan log bundles and has issue detection capabilities, based on known KB articles.

Customers can periodically download updates for SHD signature library and run the tool against their isolated environments. Based on the tool, they can proactively detect issues and be advised on probable causes and solutions. It also makes the support experience better by triaging and eliminating all the basic causes before GSS is even contacted and going forward.

Enhanced Data Durability During Unplanned Events

This particular update might not seem much but is quite important from a durability standpoint. In olden spinning disk days, it was known that once a disk fails, the chances of a second disk failure go up. That was due to the extra load on the remainder of the disks in the affected array.

These days, it’s not so bad due to improved disk technologies and distributed object storage in vSAN. However, in case of an unplanned host failure, data on a vSAN datastore could become vulnerable if a second host also fails (depending on existing configured policies, of course).

Enhanced Data Durability During Unplanned Events

This enhancement introduced in vSAN 7 Update 2 means that in case of an unplanned host failure, vSAN immediately starts committing the latest writes to an additional host – to ensure the durability of new data. It also assists with fast resyncs to stale components when the failed host recovers or for the new host.

 

As I’ve hinted before, these are not the only “important bits” released with vSAN 7 Update 2 but just the ones that I think are worthy of your immediate attention. I do stress, however, that to learn about the whole list of updates, please do check out the full release notes.

There’s a lengthy list of useful enhanced and new features in this release and I strongly encourage you to have a read in case there’s something that solves a problem you have today – I know it will solve a challenge for one of my customers, so you never know!