VxRail 4.5 was announced in May by Dell EMC and I’ve been a bit slow in going through my enablement on the platform. The key benefit (beyond some interesting hardware permutations that were announced), is support for VMware vSphere 6.5 U1 and vSAN 6.6. I thought I’d cover a few of the more interesting aspects of the VxRail platform and core VMware enhancements.
Note that VxRail 4.5 does not support Generation 1 hardware, but it does support G2 and 3 Quanta models, and G3 Dell PowerEdge appliances.
Prior to version 4.5, adding an additional node to the existing cluster was a bit of a pain. Only one node could be added at a time and this could take some time when you had a lot of nodes to add. Now, however,
- Multiple nodes (up to 6) can be added simultaneously.
- Each node expansion is a separate process. If one fails, the remaining five will keep going.
There is now also a node removal procedure, used to decommission old generation VxRail products and migrate to new generation VxRail hardware. This is only supported for VxRail 4.0.301 and above and removal of only one node at a time is recommended.
Different VLANs are recommended for vSAN traffic and for management across multiple VxRail clusters.
VxRail network topologies use dual top-of-rack (ToR) switches to remove the switch as a single point of failure.
vSAN 6.6 Enhancements
Disk Format 5
As I mentioned earlier, VxRail 4.5 introduces support for vSAN 6.6 and disk format 5.
- All nodes in the VxRail cluster must be running vSAN 6.6 due to the upgraded disk format.
- The upgrade from disk format 3 to 5 is a metadata only conversion and data evacuation is not required. You need disk format 5 is required for datastore-level encryption (see below).
- VxRail will automatically upgrade the disk format version to 5 when you upgrade to VxRail 4.5.
Unicast is supported for vSAN communications starting with vSAN 6.6. The idea is to reduce network configuration complexity. There is apparently no performance impact associated with the use of Unicast. vSAN will switch to unicast mode once all hosts in the cluster have been upgraded to vSAN 6.6 and disk format 5. You won’t need to reconfigure the ToR switches to disable multicast features in vSAN.
vSAN Data-at-Rest Encryption
vSAN Data-at-Rest Encryption (D@RE) is enabled at cluster level, supporting hybrid, all-flash, and stretched clusters. Note that it requires an external vCenter and does not support embedded vCenter. It
- Works with all vSAN features, including deduplication and compression.
- Integrates with all KMIP-compliant key management technologies, including SafeNet, HyTrust, Thales, Vormetric, etc.
When enabling encryption, vSAN performs a rolling reformat of every disk group in the cluster. As such, it is recommended to enable encryption on the vSAN datastore after the initial VxRail deployment. Whilst it’s a matter of ticking a checkbox, it can take a lot of time to complete depending on how much data needs to be migrated about the place.