Upgrading to VMware vSphere 6.7
With the recent excitement of vSphere 6.7 being released to the public, it’s only natural that a lot of discussion has revolved around upgrades. How do we upgrade, or even why should we upgrade have been the most popular questions recently. In this post I will cover these questions as well as considerations that should be reviewed prior to your vSphere Upgrade. Upgrading doesn’t have to be a daunting or overwhelming task.
Let’s start with Why. Why should we upgrade to vSphere 6.7? VMware vSphere 6.7 reinforces your investment in VMware. Since vSphere is at the heart of VMware’s SDDC offering and a fundamental building block of your cloud strategy, upgrading should be top of mind, but only after carefully considering the features and benefits and how they map back to the needs of the business. Maybe the security team has been asking for tighter integrity for both the hypervisor and the guest operating system so leveraging vSphere 6.7 and its support for Trusted Platform Module (TPM) 2.0 or Virtual TPM 2.0 is now a requirement. If not security, maybe it is application flexibility where enhancements to Nvidia GRID™ vGPU technology in vSphere 6.7 allows customers to suspend and resume those vGPU enabled VMs prior to a vMotion. Regardless of the features, it is important to be sure those needed features properly map back to the requirements of the business.
Another reason as to why we should upgrade would be due to a product’s end of support, or end of life. If you have not already heard, VMware vSphere 5.5 is quickly approaching its End of Life. The exact date for the End of General Support for vSphere 5.5 is September 19, 2018. With this in mind, upgrading should now be at the forefront of your vSphere Lifecycle Plan. The good news in regards to vSphere 5.5 going EOL is that VMware has extended the general support for vSphere 6.5 to a full five years from its release date, until November 15, 2021. That’s pretty amazing if you ask me. The next key point will be to understand How to upgrade to vSphere 6.5 /6.7 which will enable customers to reap the benefits of a SDDC software solution that is efficient and secure, and also fuels your digital transformation journey.
Next let’s touch on How. How do we upgrade? To start, VMware provides many forms of documentation to assist with the installation or upgrade of VMware vSphere starting with VMware Docs. The VMware Docs site has been updated to a much cleaner interface that includes better search capabilities across versions as well as an option to save documentation to MyLibrary for quick access later. Besides VMware Docs, we also have vSphere Central. vSphere Central is a curated repository of vSphere resources including blogs, KBs, videos, and walkthroughs to help customers quickly find the information they need. Next, consider and review any other VMware solutions associated with your environment, such as Site Recovery Manager (SRM), Horizon View Composer, or VMware NSX prior to beginning. Also, determine whether your current setup uses an embedded or external architecture for SSO/PSC as this may impact your upgrade path.
A key factor in helping one understand how to upgrade a vSphere environment revolves around version compatibility. Not all versions of vSphere are able to be upgraded to vSphere 6.7. For example, vSphere 5.5 does not have a direct upgrade path to vSphere 6.7. If you are currently running vSphere 5.5, you must first upgrade to either vSphere 6.0 or vSphere 6.5 before upgrading to vSphere 6.7. So before you dive into mounting your freshly downloaded vSphere 6.7 ISO, do your homework here and consider any environments that you may have that are running on a version lower than vSphere 6.0. Begin with getting those older environments upgraded to a compatible vSphere version prior to starting your vSphere 6.7 upgrade. After discussing How to upgrade we must naturally discuss Planning an upgrade.
REMINDER: Supported methods for upgrading your vSphere hosts include using the ESXi Installer, the ESXCLI command from within the ESXi Shell, vSphere Update Manager (VUM), and Auto Deploy.
The secret to upgrade success begins with proper planning. We have discussed how to start preparing for your vSphere Upgrade by understanding the How & Why. The next logical steps are to begin Planning. This is where you may find yourself reviewing your findings within your environment as well as gathering the installation files and staging them for the Upgrade. It is very important to map out the order & steps of other VMware products within your environment so you fully understand which should be upgraded before or after vCenter Server and ESXi. Upgrading certain products out of order may have adverse outcomes that can throw a wrench into your Upgrade Plan. Begin by reviewing the vSphere 6.7 Update Sequence KB Article for more details.
During Planning customers should consider all of the products, versions, as well as business units that you may impact during or after an upgrade. Once again review the VMware Product Interoperability Matrices for solution compatibility as well as supported Upgrade Paths. Planning should also include lab testing an upgrade to be sure you understand the process and outcomes. Performing a vSphere Health Check may be on of the best suggestions I can advise. A vSphere Health assessment can help discover wasted resources, environmental issues, and even items as simple as NTP or DNS misconfigurations. Lastly, be sure to contact your compute, storage, network, and backup vendors for compatibility with vSphere 6.7. There is nothing worse than upgrading your environment to find out later that a 3rd party vendor has yet to have a compatible version that works with vSphere.
To further help customers heading into their vSphere Upgrades, I have put together a compilation of Upgrade Considerations to help you get started as you plan your Upgrade to vSphere 6.7.
Since vSphere is the foundation for the SDDC, it is very important to review its interoperability with the current version(s) installed in your datacenters.
- An Upgrade from vSphere 5.5 to vSphere 6.7 GA directly is currently not supported
- vSphere 6.0 will be the minimum version that can be upgraded to vSphere 6.7
- vSphere 6.7 is the final release that requires customers to specify SSO sites.
- In vSphere 6.7, only TLS 1.2 is enabled by default. TLS 1.0 and TLS 1.1 are disabled by default.
- Due to the changes done in VMFS6 metadata structures to make it 4K aligned, you cannot upgrade a VMFS5 datastore inline or offline to VMFS6, this stands true for vSphere 6.5 & vSphere 6.7. (See KB2147824)
vCenter Server Considerations:
The vCenter Server Appliance (VCSA) is now the default deployment of vCenter Server. vCenter Server deployment topology should be at the center of your vSphere Upgrade planning. Whether that is the use of an embedded or external Platform Services Controller (PSC), remember that the topology is cannot be changed in vSphere 6.0 or 6.5. If you are upgrading from vSphere 5.5, topology changes and SSO Domain Consolidation is supported but must be done so BEFORE upgrading to vSphere 6.x.
- The vSphere 6.7 release is the final release of vCenter Server for Windows. After this release, vCenter Server for Windows will not be available
- vCenter Server 6.7 does not support host profiles with version less than 6.0 (See KB52932)
- vCenter Server 6.7 supports Enhanced Linked Mode with an Embedded PSC (Greenfield deployments only)
- If vCenter High Availability (VCHA) is in use within your vSphere 6.5 deployment, you must remove the VCHA configuration before attempting an upgrade.
VMware Product Compatibility Considerations:
Occasionally with new software releases, other products that rely on the upgraded components may not be fully supported or compatible on day 1 of the GA product. The VMware compatibility guide and Product Interoperability Matrices should be one of your first stops along your vSphere Upgrade journey. Using these guides will ensure your components as well as your desired upgrade path is supported.
The following products are not compatible with vSphere 6.7 GA at this time**:
- VMware Horizon
- VMware NSX
- VMware Integrated OpenStack (VIO)
- VMware vSphere Integrated Containers (VIC)
** Existing Horizon, NSX, VIC and VIO customers, are advised not to upgrade to vSphere 6.7 GA until compatible versions become available. The VMware Product Interoperability Matrixes will be updated when a compatible release is available.
vSphere Upgrades can also be halted by incompatible hardware. With that in mind, be sure to review hardware BIOS, and CPU compatibilities prior to your upgrade. For a full list of unsupported CPUs, please see the vSphere 6.7 GA Release Notes and review the section titled “Upgrades and Installations Disallowed for Unsupported CPUs“.
- vSphere 6.7 no longer supports certain CPUs from AMD & Intel
- These CPUs are currently supported in the vSphere 6.7 release, but they may not be supported in future vSphere releases;
- Intel Xeon E3-1200 (SNB-DT)
- Intel Xeon E7-2800/4800/8800 (WSM-EX)
- Virtual machines that are compatible with ESX 3.x and later (hardware version 4) are supported with ESXi 6.7
- Virtual machines that are compatible with ESX 2.x and later (hardware version 3) are not supported
Hardware compatibility and versioning at the hypervisor and virtual machine level, should be considered as part of your planning also. Remember, VM hardware version is now referred to as VM Compatibility. NOTE: It may be necessary to upgrade the virtual machine compatibility of a VM prior to using it on vSphere 6.7
I like to refer to the Why & How discussion as; Focus. Without a clear Focus on what the upgrade will bring in terms of satisfying business requirements or understanding all of the benefits holistically, one can easily become lost in the haze. Planning is absolutely paramount as without a proper vSphere Upgrade Plan, you may find it difficult to validate version compatibility as well as the ability to successfully complete your upgrade. Execution; without a clear Focus on understanding features or methods along with planning the implementation of your vSphere Upgrade, you will not be able to Execute for success. Please do not hesitate to post questions in the comments section of this blog or reach out to me directly via Twitter @vCenterNerd.
Remember; Focus, Plan, Execute!