What's the update?

VMware Cloud (VMC) on AWS – What’s New in 2019

VMware really working hard and focusing more into VMware on AWS and they have announced many new features and enhancements in 2019, below are the details which I collected from VMware Official site and sharing for your knowledge. Expecting more features in the upcoming month.

New Regions: Asia Pacific (Singapore), Canada (Central), and Europe (Paris)

Customers can now deploy SDDCs in the Asia Pacific (Singapore), Canada (Central), and Europe (Paris) regions. Please note that the Canada (Central) region does not support stretched clusters.

VMware Network Insight

VMware Network Insight helps customers build an optimized, highly available and secure network infrastructure across multi-cloud environments. It accelerates micro-segmentation deployment, minimizes business risk during application migration and enables customers to confidently manage and troubleshoot application networking and security across their on-premise and VMware Cloud on AWS environments. VMware Network Insight now supports the integration of VMware Cloud on AWS as a data source. VMware Network Insight integration with VMware Cloud on AWS provides the following key capabilities to VMware Cloud on AWS users:

  • Traffic analysis and micro-segmentation planning for VMware Cloud on AWS workloads
  • Migration planning from workloads from on-premises SDDC to VMware Cloud on AWS
  • Hybrid network path troubleshooting that includes VMware Cloud on AWS to the on-premises path through gateways and VP

Direct Connect BGP Local ASN change

Direct Connect connection to SDDC now uses BGP Local ASN as 64512. This BGP local ASN is editable and any private ASN from the range 64512 – 65534 can be used. If the selected ASN 64512 is already used on-premises, a different ASN number must be used. Before this change, AWS Public ASN was used as BGP local ASN. The following public ASNs were used – 17493 in the Asia Pacific (Singapore) region, 10124 in the Asia Pacific (Tokyo) region, 9059 in the EU (Ireland) region, and 7224 in other regions. Important note around deployments:

  • If you are creating a new Direct Connect virtual interface (VIF), you will only be able to use a private local ASN with VMware Cloud on AWS.
  • If you want to change an existing public ASN to a private ASN, you must delete any AWS Direct Connect VIF that uses the existing public ASN.
  • If you change to a private ASN, you will not be able to change back to a public ASN later.
  • If you have an SDDC that is using the prior default public ASN, you can continue using the public ASN for the SDDC.

Language and Regional Format Support (French, Spanish, Korean, Simplified Chinese and Traditional Chinese)

VMware Cloud on AWS now supports language and regional format settings in French, Spanish, Korean, Simplified Chinese and Traditional Chinese, in addition to German and Japanese. These languages are supported in the VMware Cloud on AWS console and in Cloud Service Platform features such as Identity & Access Management, Billing & Subscriptions, and some areas of the Support Center. You can change your display language before you login to the VMware Cloud on AWS console or in your account settings.

VMware Site Recovery

Site Recovery connectivity checker in the Troubleshooting tab

Accelerate your deployment of VMware Site Recovery™ using single-click tests from the Troubleshooting tab of the SDDC in the VMware Cloud on AWS console. These tests can help to identify network connectivity issues affecting VMware Site Recovery™. The tests verify connectivity from the current SDDC toward the remote site, which itself can be an on-premises site or another VMware Cloud on AWS SDDC. The “Site Recovery” option will show up in the use case drop-down menu of the Troubleshooting tab when the Site Recovery add-on is active for the SDDC.

Support for fan-in and other multi-site topologies

VMware Site Recovery™ now supports fan-in and other multi-site topologies, allowing you to connect a single VMware Cloud™ on AWS SDDC that is based on NSX-T to multiple on-premises sites and/or to other VMware Cloud on AWS SDDCs for disaster recovery purposes. You can pair up to ten remote sites with a single SDDC. You can recover virtual machines from multiple protected sites to the same VMware Cloud on AWS SDDC, or recover different sets of virtual machines from a single VMware Cloud on AWS SDDC to multiple recovery sites. Other complex multi-site topologies are also now possible provided you can establish network connectivity between the remote sites and the shared VMware Cloud on AWS SDDC. For more details on multi-site topologies, see the VMware Site Recovery documentation.

Custom CPU Core Count

VMware Cloud on AWS now supports Custom CPU Core Count capability. This capability gives you more flexibility in configuring SDDC clusters and allows you to reduce costs for running mission-critical applications licensed per-core. Before, you were not able to specify how many CPU cores per host you want in your cluster. It was always all CPU cores enabled: 36 for I3 or 48 for R5 host types. Now, you can also select 8 or 16 CPU cores per host to better tailor your SDDC cluster for your needs. For more information on how to use the feature, see this blog post.

Native support for Microsoft SQL Server Clustering

vSAN now natively supports shared disks in multi-writer mode, without the need for iSCSI setup. This is intended to be used for clustering applications that require shared disks. Supports 2,4, and 8 node application clusters and up to 64 shared disks per application cluster. Some operations such as storage vMotion, snapshots, and cloning operations are not supported.

Networking

Default Logical Network change

To avoid overlapping IP issues with default logical network, during SDDC deployment a network with CIDR 192.168.1.0/24 will not be created. If a customer is deploying 2/3 or more node SDDC, it is the customer’s responsibility to create a network with appropriate CIDR that doesn’t overlap. However, in the case of one node SDDC, default logical network is created.

BGP Routes from On-premises available in VPN UI/API

If customers configures Route Based VPN, in the VPN UI and API they will be able to see the routes advertised from on-premises. This helps in identifying any connectivity related issues.

Overview network topology now shows Source NAT public IP
Under the networking security tab the topology view will show the Source NAT IP.

Rename an SDDC

VMware Cloud on AWS now supports SDDC renaming. An SDDC can be renamed whenever necessary, with no change to configuration or functionality. The SDDC ID will remain unchanged. To rename an SDDC from the VMC console, select “Rename SDDC” from the Actions menu on the SDDC card. SDDCs can also be renamed through the API.

Delete Restricted Role

The VMware Cloud on AWS service now supports an additional service role named Administrator (Delete Restricted). This role has full cloud administrator rights to all service features in the VMware Cloud on AWS console but cannot delete SDDCs or clusters within an organization. This role can be assigned and changed by a user with organization owner privileges, so the role should be assigned along with the role of organization member to prevent modification. When multiple service roles are assigned to an organization user, permissions are granted for the most permissive role. This means that if the Administrator (Delete Restricted) role is selected along with the Administrator role, a user will be able to delete SDDCs and clusters. To ensure proper enforcement of the role, organization owners should select only Administrator (Delete Restricted) to ensure that an organization member cannot delete an SDDC or cluster. A user must log out and then log back in for a new service role to take effect. For more details, read about how to Assign a Role to an Organization Member.

Reference