Cloud Director continues to innovate and help Cloud Providers drive growth and relevance with their customers. 10.3.1 is no exception, with this release providing updates to Core, Networking and Tanzu services.
What’s new in Core?
In 10.3.1 we have delivered a much more efficient method to backup and restore the Cloud Director appliance. A new API is introduced to initiate a backup of the appliance to an NSF share and transfer with controls in a properties file and encryption of user details. This API will also all a mount of an NFS share to browse suitable backups for restore, and action a restore of a backup tar file. All of these functions are replicated in the UI also, so administrators can initiate a backup and a restore from the user interface if required.
What’s new in Networking?
Firstly, assisting providers migrate to NSX-T, Cloud Director 10.3.1 now supports certificate authentication for IPsec VPN. This is fully supported in NSX-V and Cloud Director 10.2.2/10.3 and is needed for some partners to be able to move to NSX-T and continue to provide the same services to tenants.
Another feature that is supported in NSX-V is DHCP Relay and many tenants require this function to be able to migrate to NSX-T. This is now provided by a relay function on the Edge Gateway. In addition to relay capability, DHCP Binding (static leasing) is another enhancement to Cloud Director networking to allow VMs MAC address to bind to an IP address (if the bound IP does not overlap existing DHCP pool addresses). This is useful where you may have services that shouldn’t change IP as the application the VM is supporting maybe bound to the IP.
Lastly, L2VPN is now in the Cloud Director user interface, whereas prior it had only been available via the REST API. This feature means organizations can extend their org virtual data center (VDC) across multiple sites on the same broadcast domain: this capability allows virtual machines to maintain layer 2 network connectivity across geographic boundaries, particularly useful for migration and distributed applications.
What’s new in Container Service Extension 3.1.1?
As our journey with VMware Cloud Director continues, we need to address the next consumer of container infrastructure; other machine applications, extensions, plugins, scripts etc. These are not human and will not use self-service UIs, instead we need to provide access to entities granting permissions where necessary and revoking when not. In the first phase of this we are delivering the ability for the user to be able to acquire an API token for their own use which has been checked for consistency at oAuth endpoints. More capabilities will follow in later releases, this is just the first step.
With CSE 3.1.1, VMware brings enhanced networking and storage features to further support the Kubernetes as a Service (KaaS) offering to help customers and cloud service providers. CSE now adopts an immutable infrastructure approach that provides:
- Consistent and simpler deployments across all environments
- Reduced configuration drifts and improved server recovery times
Secured Networking
Users with VCD 10.3.1, along with CSE 3.1.1 can deploy fully supported and secured VMware Tanzu Kubernetes Grid (TKG) clusters by importing their desired TKG OVA on to their VCD UI.
CSE 3.1.1 automatically creates VCD AVI based load balancer to secure Layer 4 traffic.
Enhanced Storage features
CSE also has a major enhancement on the storage front. Now, providers can create K8s services using the Container Storage Interface (CSI) driver to dynamically allocate VCD named independent disk-based Persistent Volumes (PVs) that enforces and honors the tenant’s storage limits. The CSI driver will also help enable common scenarios with persistent volumes and stateful-sets using VMware Cloud Director Shareable Named Disks.
For more information, please see the VMware Cloud Director 10.3.1 documentation