It’s been just under 6 months since the release of vSphere 6.7 Update 1

Today, we have vSphere 6.7 Update 2 so what’s new?

New vSphere edition – vSphere ROBO Enterprise

There are two vSphere features that are now available in a new ROBO (Remote Office, Branch Office) Enterprise edition:

DRS in Maintenance Mode

Only available in vSphere ROBO Enterprise.

Can automatically move VMs to other hosts when a host goes into maintenance mode (and back again automatically) This is achieved by automatically creating VM-Host affinity rules. This basically keeps track of VMs moved for maintenance and moves them back once the host comes back online.

The usual vMotion requirements apply here.

Cannot be configured (No UI), all done behind the scenes

VM Encryption

VM home and VMDK encryption for ROBO

KMS required

Completely guest OS agnostic

UI / PowerCLI Managed

vCenter Server Architecture updates

There are several noteworthy changes in the vSphere 6.7 Update 2 release for vCenter Server:

PSC Converge tool now available in vCenter Server UI

You can now converge an external PSC topology into an Embedded topology right from the vCenter Server UI

You can also perform the necessary PSC decommissioning steps from the UI

All of this is available from the System Configuration Section of the vCenter Server HTML5 Interface

You can also see your PSC and vCenter Server topology in a graphical and tabular view from within the vCenter Server HTML UI

Deploying an external Platform Services Controller will no longer be an option in a future vSphere major release

File-based backup and restore for vCenter Server – Improvements

There are 2 main improvements here:

New file level storage protocols that you can backup the VCSA onto: NFS v3 and SMB

and Notifications / Alarms on backup job success and failure. The alarms can be customised, similar to the traditional vCenter Server alarms to include (Send an email, Send SNMP trap & Run a script on success or failure)

New alarms and categories for vSphere Health

vSphere health introduces an “acknowledgement” option for vSphere health alarms, just like normal Alarms within vCenter Server

The new health categories include: Online Availability Compute Network Storage

The new health alarm categories help to organise vCenter related issues for ease of management

Content Library Improvements – VMTX Template Distribution

Content library is becoming more widely adopted, with that in mind VMware have introduced VM Template (VMTX) syncing.

This means that VM templates will now be automatically synchronised between on-prem and on-prem vCenter Servers and also from on-prem to VMware Cloud on AWS

vSphere Client – Code Capture & API Explorer

The HTML vSphere Client now features “code capture” ability (Taken from the VMware Fling). This means you can start a code capture, perform a task in the vSphere client and export the code that was used to perform that task. This is very useful for generating the code that you can later use to automate certain vSphere tasks.

The API Explorer (Accessible in the vSphere Client under “Developer Center”) is an easy to use API search tool which lets you search for key API calls, including executing examples to test certain calls.

vSphere Update Manager – Improvements

Update Manager has been included with vCenter Server deployments for quite some time now but there are some improvements in vSphere 6.7 Update 2

UI improvements include Attach, compliance check and remediation, all from the same screen

You can now also attach and remediate multiple baselines at the same time

During remediation, it is now possible to disconnect removable media from Virtual Machines, Enable Quickboot and skip the vSAN HealthCheck

VMware Tools – Changes

With Windows Server 2016, the PVSCSI and VMXNET3 drivers are now updated via Windows update, reducing patching operations and maintenance times

VMware tool for Linux (.TAR) version will no longer be developed after VMware Tools 10.3.10. This is because OpenVM Tools is widely available and updatable via your preferred package update manager

Host Profiles – VMK0 bugfix

Host profiles in vSphere 6.7 Update 2 have had a bugfix applies which will no longer delete VMK0 when host profiles are applied to hosts

Security Enhancements

Windows Server 2019 and RHEL 8 are now fully supported in vSphere 6.7 Update 2

Password History & Reuse limits can now be applied

Additional SSO events are logged in vCenter Server logging

ESXi certification API improvements

vCenter Server CSR generation is now available via the vSphere Client UI

vSphere 6.7 Update 2 introduces CPU Vulnerability mitigation while maintaining performance. This is available via a new CPU scheduler.

AppDefense Integration for VMware tools is available in vSphere Platinum

“Adapted allowed” behaviour is now available in AppDefense

NIAP Certification is available for Government customers (Letter of intent is available for non-government customers)

Performance Improvements

40 & 100Gb Ethernet and RDMA support

VM Compatibility version 15 256 vCPUs per Virtual Machine 6TB RAM per VM SAP HANA Support



Further reading

For more information on vSphere 6.7 Update 2, including upgrade paths and support, check the following VMware sites:

blogs.vmware.com/vsphere

vspherecentral.vmware.com







