We are happy to announce that VMware Cloud Director 10.4.1 is now Generally Available as of December 8, 2022. With this announcement, we bring in some new features and enhance some existing ones.
Networking Updates
AVI Transparent Load Balancing:
Transparent Load Balancing has been added to VMware Cloud Director to close a gap between Cloud Director backed by NSX-V and Cloud Director backed by NSX-T. The purpose of Transparent Load Balancing is to pass the IP address of the client to the real server. The approach is designed to control the flow of the data path such that all communication from the client to the real server flows through the Load Balancer. When the virtual service is created in the tenant portal, there is an option to preserve the client’s IP address. To round out the transparent load balancing feature, VMware Cloud Director now allows a variety of real service “groups” to be added to virtual service. These include IP sets and dynamic and static groups.
SEG tagging for monitoring
In 10.4.0, VCPP partners using VCD should install and configure NSXT ALB (AVI) with Enterprise Licensing. Chargers to Providers will not be based on AVI licensing level but on the provider’s usage of Premium or Standard feature sets. VCD manages these feature sets through a setting on the SEG indicating whether or not the SEG and any associated gateway support Premium or Standard feature sets. For this to work, the NSXT ALB (Avi) billing team needs to determine service core consumption within an SEG of a specific service level. VCD will facilitate this by tagging the SEG’s VCD Service Level within AVI.
A use case for automated collection for UM 4.7 and VMware Chargeback.
IP Name Space (Rolling updates)
In VMware Cloud Director 10.4.1, we have introduced an improved IP Address Management service in the form of IP Name Spaces. IP Name Spaces is a new construct intended to provide a structured approach to allocating Public and Private IP addresses across Organizations with a specific focus on the Provider T0 Gateway. VMware Cloud Director IP namespace is designed to simplify the allocation and consumption of IP ranges and prefixes by preventing overlapping IP addresses across Organizations or Organization VDCs.
IP Name Spaces adds tenant-level observability to the T0/VRF and, with that, the ability for the Service Provider to supply allocated Public IP addresses to each organization in the form of IP Prefixes (for networks) and IP Ranges for network services. The allocation of Public IP addresses is backed by Service Provider assigned quotas for each organization. The tenant can consume Public IP addresses for Provider T0/VRF interfaces until either the quota is reached or the supply has been exhausted. IP Names Spaces can be named by the Service Provider to indicate the geographic affinity of the Public IP prefixes (e.g. Public_West, Public_East) to guide the tenant in applying a given IP Name Space to a regional virtual data center.
Additionally, the tenant can use IP Name Spaces for private addressing. The tenant can create private IP names for use on Organization VDC networks. There are no quotas on private IP namespaces. IP Name Spaces will continue to evolve across future releases of VCD to further simplify the process of adding tenant Organizations to VCD by automating much of the configuration of T0/VRF.
L2 features (External Network to Edge)
You can now connect External Networks backed by NSX-T segments to Edge Gateways.
Service Accounts Multisite Support
The service account now supports multisite. Make sure the site association has been configured correctly and at the time of creating a new user on site 2, make sure to use the same software ID as of the service account on site 1.
Solution Add-On Management
VMware Cloud Director provides numerous extensibility mechanisms like UI plugins, Runtime-Defined entities, API services etc. Most of the solutions delivered as value-added services in VCD consist of multiple extensibility elements. For example, If we’re extending the VCD native UI with a UI plugin, we will most likely have a backed service in the form of VM or containers. Usually, the deployment and configuration of a solution consisting of several manual steps are prone to human error.
The VCD extensibility SDK improves the delivery and lifecycle of Solution Add-Ons by providing a platform for building, packaging, installing and configuring one or more extensibility elements. It delivers a one-click installation and configuration experience on the entire solution with no extra steps.
Remap Users between Identity Providers (Deprecation of Local Users) (API only)
Announcing depreciation of local users in VMware Cloud Director. However, local users will still be supported as it is for at least 18+ months until the final announcements.
Local user migration to SAML, LDAP or OIDC is supported. Ensure the Identity provider (IDP) is configured and accessible within the organization. You need to migrate the users across the Identity providers using API calls.
Usecase: Generally, local users have been part of VCD since VCD 1.0. They provide a basic system of storing usernames and passwords securely hashed in VCD. There are no modern password management policies in place (e.g. password rotation, size or complexity requirements, lockout and unlock procedures, etc.), no option for 2FA/MFA, biometrics, etc. So to overcome these limitations, this project was started.
New Branding & Theming Experience
A completely new user interface where providers can create, manage and assign themes for their tenants and the provider portal. The UI provides a live preview of the Cloud Director portal’s look and feels when changing the theming, branding, links and menus.
Please Note:
- The Branding & Theming is released as an Alpha feature and needs to be enabled by providers. This action will result in the default light theme being assigned for the provider and across all organizations.
- Migration of the themes created with the old branding APIs is also possible.
Support for EFI boot and Secure Boot
Cloud Director allows the creation of a new VM with either BIOS or EFI boot firmware. If EFI is selected, then, SecureBoot can be enabled. SecureBoot, in combination with EFI, provides strong assurance that the firmware code is verified and trusted.
- The secure Boot option can only be enabled on Virtual Machines that have
- EFI firmware
- Virtual hardware version 13 or later
- The operating system that supports UEFI secure boot.
Support for vSphere 8.0
VMware Cloud Director 10.4.1 brings support for vSphere 8.0.
Support for NSX 4.0.1
VMware Cloud Director 10.4.1 brings support for NSX 4.0.1.
UI Enhancements
- Changes in the Networking steps when creating a vApp from the template wizard
- Show transfer speed for transferred items when syncing a catalog
- Show the overall progress of tasks in the Task Steps tab
- Legacy Console Proxy is no longer available and does not appear in the list of features under Feature Flags.
General Updates
- Open API Certificate Format Change
- Embedded database upgraded to PostgreSQL 14
- Improved Database Password Security
Other Useful Resources:
You can download VMware Cloud Director 10.4.1 binaries from here.
To learn more about VMware Cloud Director 10.4.1, please use the following resources: Release notes, Product Documentation and the Web Page.
Remember, to get the latest updates, check this blog regularly, you also can find us on Slack, Facebook, Twitter, and LinkedIn as well as many demo videos and enablement on YouTube, especially our Feature Fridays series.
Note: This is a best-effort report with an informative purpose only because it might not include 100% of the violations due to some technical limitations.
