vCenter Server Appliance
This is the first time I'm using the VCSA for production in my homelab. As mentioned, I've previously used it for nested test environments due to the simplicity of installation and configuration and the latest version is exactly the same. I had absolutely no issues with the installation and configuration of the VCSA which included the newly re-written SSO. The local admin credentials are now email@example.com instead of the very strange admin@System-Domain. One thing worth mentioning is that the root account password for the VCSA is only valid for 90 days. Since this is a homelab I was quite happy disabling this but in production you may have this requirement so it's worth noting:
When configuring the VCSA to authenticate with my domain the options have also changed. You can now use Active Directory (Integrated Windows Authentication) as long as you configured an account that can authenticate to the domain during the initial configuration of the VCSA:
The web client was always something that I dabbled with but would always retreat back to the C# client when things got tough. The 5.1 version of the web client was very clunky and wasn't the easiest to work with over a remote RDP session via Remote Desktop Gateway services. With the rebuild of my lab I forced myself to solely use the web client for all tasks which included all host and storage configurations. It took a little longer than it would have using the C# client purely because most of my time was spent trying to find the correct location for the settings such as settings for the Path Selection Policy for a particular storage device. Once I had invested the time in locating the settings it was smooth sailing from then on. The new web client is definitely a lot smoother and more responsive which makes it a lot easier to work with both locally and remotely. I'm a big fan of the recent items menu option that was added as part of 5.5:
So all in all the new web client definitely gets a thumbs up but you have to invest the time and force yourself to use it.
New for 5.5 is the ability to add ACL's to port groups to filter packets based on the various parameters of the packet header. This feature is only supported on the Virtual Distributed Switch (VDS) and can be based on the following three different qualifiers:
- MAC SA and DA qualifiers
- System traffic qualifiers - vMotion, Management, FT, NFS, VM, VSAN, iSCSI and Replication
- IP qualifiers
I've configured an ACL on a test port group that I have a SQL2012 server attached to . The ACL blocks ICMP traffic from ANY IP address to the SQL2012 VM:
As I continue to explore the new vSphere 5.5 features I'll be sure to post anything interesting that I find.