VMware vSphere 6.7 U2 – What You Need to Know

VMware vSphere 6.7 Update 2 is here!  We are going to take a look at some of the enhancements to ESXi 6.7 U2 and vCenter 6.7 U2, and what you need to know going forward.

VMware vSphere 6.7 U2 – What’s New?

The best place to start learning about a new version of VMware vSphere is always the official VMware documentation.  You can also always count on VMware for great blog posts talking about the new features and functionality in vSphere versions.  You can check out the official vSphere 6.7 U2 Annoucment Blog here.

ESXi 6.7 U2 Release Notes

VMware vCenter 6.7 U2

While there is a great deal of features and functionality added in VMware vCenter Server 6.7 U2, I want to highlight a few of my favorite things.  For a great run down, be sure to read vCenter 6.7 U2 What’s New on the VMware Blog.

Warning vSphere Administrators of External PSC Depreciation  

VMware has made a change in the architecture of VMware vCenter Server, deprecating the use of an external platform services controller or PSC.  This is a great move since it simplifies the deployment, operation, and upgrades of your VMware vCenter Server environment.  This will happen with the next major release of VMware vSphere.  In vcenter 6.7 U2, VMware is nice enough to add a warning informing administrators of this upcoming change in the installer, so they can prepare accordingly.

Even More Enhancements to the vSphere Client

As of vSphere 6.7 U1, the HTML5 based vSphere Client had full feature parity with the previous vSphere Web Client. In vSphere 6.7 U2, VMware took this a step further by adding even more great features.  In vCenter 6.7 U2, the Developer Center has been added.  While I may not be a developer, I can appreciate this, especially the Code Capture feature.  This allows you to generate usable code right from vCenter server as you perform actions in the vSphere Client GUI, making actions much more easily repeatable.

ESXi 6.7 U2

Of course, along with vCenter comes ESXi.  ESXi also received a number of enhancements with vSphere 6.7 U2.

Virtual Hardware Version 15

As we know, two things for virtual machines are usually tied to ESXi versions: VMware tools and the virtual hardware version.  Now, with virtual hardware version 15, virtual machines can have up to 256 vCPUs.  Be sure to check out this guide to updating virtual hardware with vSphere Update manager.

New CPU Scheduler

If you have been following technology news, you may be familiar with many of the CPU vulnerabilities that came out in May of 2019, named Zombieload, RIDL, and Fallout.  VMware was on top of things with the release of VMSA-2019-0008.

No clue what I’m talking about?  Be sure to take a look at An Introduction to Security Advisories and Response for VMware vSphere Administrators!

In addition to the patches VMware released to mitigate these vulnerabilities, vSphere 6.7 U2 also introduced a third CPU scheduler called “Side-Channel Aware Scheduler version 2 (SCAv2)”.

What Is the Big Deal With the VMware CPU Scheduler?

In simple terms, the CPU scheduler in VMware is what divides the CPU on your ESXi hosts, and gives it to your virtual machines to use.  Like I said, in simple terms.  There are many things the CPU scheduler needs to take into account to make sure all of your virtual machines are functioning at levels of peak performance.

Unfortunately, the world has been full of CPU vulnerabilities over the last few years.  In order to mitigate this, VMware also introduced new CPU schedulers.  The problem is that when some of these mitigations are introduced, they negatively impact CPU performance.

This is why this third scheduler was introduced, and also why VMware has created a scheduler advisor tool to guide administrators through choosing between the three CPU schedulers.

More on VMware’s SCAv2

SCAv2 was created to mitigate the nasty vulnerabilities floating around, while attempting to reduce the negative CPU impact mitigating the vulnerabilities created.  As such, there are trade offs to using this VMware CPU scheduler, which the vSphere 6.7 CPU scheduler advisor listed above goes over in detail.

Upgrading to vSphere 6.7 U2

Luckily, upgrading to vSphere 6.7 U2 is just like any other VMware vSphere upgrade, which can be mostly executed with VMware vSphere Update Manager.

When it comes to upgrading vCenter server to 6.7 U2, it is especially important to pay attention to the Upgrade Notes section of the Release Notes.  One of the most important notes is that you cannot upgrade directly from vCenter Server 6.7 1a to vCenter Server 6.7 2a.  Be sure to pay special attention to which version of VMware vCenter you are currently running.

As with any other VMware vSphere Upgrade, it is important to do your homework before executing the upgrade.  Here are a couple of detailed guides to help you with this process.

• Ensure your configuration is supported with the VMware Compatibility Guide and VMware Interoperability Matrix
• Upgrade vCenter Server, after reading the release and upgrade notes.
• Upgrade ESXi with vSphere Update Manager after reading the release notes.
• Upgrade VMware Tools and Virtual Hardware Compatibility with vSphere Update Manager.  You can check to see what the latest version of VMware Tools is here.

The most important thing to do when a new version of VMware vSphere comes out is to take a look at the new features and functionality.  This is so you can begin to build a business case for your vSphere upgrade.  Pay special attention to the release and any upgrade notes to save yourself from headaches during the upgrade process.  In the case of vSphere 6.7 U2, which includes vCenter Server 6.7 U2, and ESXi 6.7 U2 it is a small upgrade that packs a powerful punch.