vSphere 6.5: The NFS edition

A while back, I wrote up a blog about the release of vSphere 6.0, with an NFS slant to it. Why? Because NFS!

With VMworld 2016 Barcelona, vSphere 6.5 (where’d .1, .2, .3, .4 go?) has been announced, so I can discuss the NFS impact. If you’d like a more general look at the release, check out Cormac Hogan’s blog on it.

Whither VMFS?

Before I get into the new NFS feature/functionality of the release, let’s talk about the changes to VMFS. One of the reasons people use NFS with VMware (other than its awesomeness) is that VMFS had some… limitations.

With the announcement of VMFS-6, some of those limitations have been removed. For example, VMFS-6 includes something called UNMAP, which essentially is a garbage collector for unused whitespace inside the VMFS datastore. This provides better space efficiency than previous iterations.

Additionally, VMware has added some performance enhancements to VMFS, so it may outperform NFS, especially if using fiber channel.

Other than that, you still can’t shrink the datastore, it’s not that easy to expand, etc. So, minor improvements that shouldn’t impact NFS too terribly. People who love NFS will likely stay on NFS. People who love VMFS will be happy with the improvements. Life goes on…

What’s new in vSphere 6.5 from the NFS perspective?

In vSphere 6.0, NFS 4.1 support was added.

However, it was a pretty minimal stack – no pNFS, no delegations, no referrals, etc. They basically added session trunking/multipath, which is cool – but there was still a lot to be desired. On the downside, that feature isn’t even supported in ONTAP yet. So close, yet so far…

In vSphere 6.5, the NFS 4.1 stack has been expanded a bit to include hardware acceleration for NFSv4.1. This is actually a pretty compelling addition, as it can help the overall NFSv4.1 performance of the datastore.

NFSv4.1 also fully supports IPv6. Your level of excitement is solely based on how many people you think use IPv6 right now.

Kerberos

Perhaps the most compelling NFS changs in vSphere 6.5 is how we secure our mounts.

In 6.0, Kerberos support was added, but you could only do DES. Blah.

Now, Kerberos support in vSphere 6.5 includes:

  • AES-128
  • AES-256
  • REMOVAL of DES encryption
  • Kerberos with integrity checking  (krb5i – prevents “man in the middle” attacks)

Now, while it’s pretty cool that they removed support for the insecure DES enctype, that *is* going to be a disruptive change for people using Kerberos. The machine account/principal will need to be destroyed and re-created, clients will need to re-mount, etc. But, it’s an improvement!

How vSphere 6.5 personally impacts me

The downside of these changes means that I have to adjust my Insight presentation a bit. If you’re going to Insight in Berlin, check out 60831-2: How Customers and Partners use NFS for Virtualization.

Still looking forward to pNFS in vSphere, though…

Advertisements

10 thoughts on “vSphere 6.5: The NFS edition

  1. Pingback: vSphere 6.5 Link-O-Rama » Welcome to vSphere-land!

  2. Pingback: Newsletter: October 22, 2016 – vSphere Edition | Notes from MWhite

  3. Pingback: قابلیت های جدید VMware vSphere نسخه 6.5 | ویرا شبکه نگار

    • My understanding is that any storage vendor with a VAAI plugin would need to update that plugin to leverage the functionality. In addition, the NFS server must have support for the NFS version using VAAI. In ONTAP, there currently is not support for NFSv4.1 VAAI.

      Like

  4. Pingback: Why Is the Internet Broken: Greatest Hits | Why Is The Internet Broken?

  5. Pingback: BREAKING NEWS at #NetAppInsight – ONTAP VVol Support? | Why Is The Internet Broken?

  6. Pingback: VMware VMvisor Installer 6.5.0-4564106 | Farstak

  7. Reblogged this on DerSchmitz and commented:
    Heute möchte ich gerne @NFSDudeAbides alias Justin Parisi zietieren, um auf ein paar Neuerungen in vSphere 6.5 in Bezug auf NFS hinzuweisen

    Like

  8. Pingback: Vsphere-6-5-the-nfs-edition – DerSchmitz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s