Wednesday, 25 September 2013

vSphere 5.5 First Impressions

In my homelab I always like to keep it up to date with the latest VMware releases so when vSphere 5.5 went GA late Sunday evening (UK Time) I was quick to download all the necessary binaries.  In my currently lab I run vCenter on a Windows 2008 R2 VM with a dedicated SQL server for the required database.  I've dabbled in the vCenter Server Appliance for a few nested labs but it was time to migrate fully to the VCSA during the rebuild.  I've also dabbled in the web client (Not as much as I should have) so during my rebuild I forced myself to completely use the web client, which included working via a Windows 8 jumpbox VM using Microsoft Remote Desktop Gateway Services.  So, this post is about my first impressions using the vSphere 5.5 suite during my homelab rebuild

vCenter Server Appliance

This is the first time I'm using the VCSA for production in my homelab.  As mentioned, I've previously used it for nested test environments due to the simplicity of installation and configuration and the latest version is exactly the same.  I had absolutely no issues with the installation and configuration of the VCSA which included the newly re-written SSO.  The local admin credentials are now administrator@vsphere.local instead of the very strange admin@System-Domain.  One thing worth mentioning is that the root account password for the VCSA is only valid for 90 days.  Since this is a homelab I was quite happy disabling this but in production you may have this requirement so it's worth noting:

When configuring the VCSA to authenticate with my domain the options have also changed.  You can now use Active Directory (Integrated Windows Authentication) as long as you configured an account that can authenticate to the domain during the initial configuration of the VCSA:

Chris Wahl (Blog / Twitter) has a great article about the new configuration options here.

Web Client

The web client was always something that I dabbled with but would always retreat back to the C# client when things got tough.  The 5.1 version of the web client was very clunky and wasn't the easiest to work with over a remote RDP session via Remote Desktop Gateway services.  With the rebuild of my lab I forced myself to solely use the web client for all tasks which included all host and storage configurations.  It took a little longer than it would have using the C# client purely because most of my time was spent trying to find the correct location for the settings such as settings for the Path Selection Policy for a particular storage device.  Once I had invested the time in locating the settings it was smooth sailing from then on.  The new web client is definitely a lot smoother and more responsive which makes it a lot easier to work with both locally and remotely.  I'm a big fan of the recent items menu option that was added as part of 5.5:

So all in all the new web client definitely gets a thumbs up but you have to invest the time and force yourself to use it.

Network ACL's

New for 5.5 is the ability to add ACL's to port groups to filter packets based on the various parameters of the packet header.  This feature is only supported on the Virtual Distributed Switch (VDS) and can be based on the following three different qualifiers:

  • MAC SA and DA qualifiers
  • System traffic qualifiers - vMotion, Management, FT, NFS, VM, VSAN, iSCSI and Replication
  • IP qualifiers
I've configured an ACL on a test port group that I have a SQL2012 server attached to .  The ACL blocks ICMP traffic from ANY IP address to the SQL2012 VM:

As I continue to explore the new vSphere 5.5 features I'll be sure to post anything interesting that I find.

1 comment: