VMware Cloud on AWS SDDC version 1.24 includes vSAN Express Storage Architecture (vSAN ESA), an alternative architecture that provides the potential for huge boosts in performance with more predictable I/O latencies and optimized space efficiency.

Starting with SDDC version 1.24, you can choose between vSAN Express Storage Architecture (vSAN ESA) or vSAN Original Storage Architecture (vSAN OSA). vSAN ESA leverages the characteristics of newer hardware to deliver improved capabilities and performance. For more information about vSAN ESA, see https://core.vmware.com/blog/introduction-vsan-express-storage-architecture.

Currently, the following restrictions apply to vSAN ESA in VMware Cloud on AWS:
  • vSAN ESA is available for clusters using i4i hosts only.
  • vSAN ESA is not supported with stretched clusters.
  • vSAN ESA is not supported with 2-host clusters.
  • After you have deployed a cluster, you cannot convert from vSAN ESA to vSAN OSA or vice versa.

Performance Without Trade-Offs

Native snapshots
Native snapshots are built into the vSAN ESA file system. These snapshots cause minimal performance impact even when the snapshot chain is deep. The snapshots are fully compatible with existing backup applications using VMware VADP.
Erasure Coding without compromising performance
The vSAN ESA RAID5/RAID6 capabilities with Erasure Coding provide a highly efficient Erasure Coding code path, so you can have both a high-performance and a space-efficient storage policy.

Resource and Space Efficiency

Improved compression
vSAN ESA has advanced compression capabilities that can bring up to 4x better compression. Compression is performed before data is sent across the vSAN network, providing better bandwidth usage.
Expanded usable storage potential
vSAN ESA consists of a single-tier architecture with all devices contributing to capacity. This flat storage pool removes the need for disk groups with caching devices.
Reduced performance overhead for high VM consolidation
Resource and space efficiency improvements enable you to store more VM data per cluster, potentially increasing VM consolidation ratios.
Increased number of VM's per host in vSAN ESA clusters (up to 500/host)
vSAN 8.0 Update 2 supports up to 500 VMs per host VM on vSAN ESA clusters, provided the underlying hardware infrastructure can support it. Now you can leverage NVMe-based high performance hardware platforms optimized for the latest generation of CPUs with high core densities, and consolidate more VMs per host.
vSAN ESA support for encryption deep rekey
vSAN clusters using data-at-rest encryption have the ability to perform a deep rekey operation. A deep rekey decrypts the data that has been encrypted and stored on a vSAN cluster using the old encryption key, and re-encrypts the data using newly issued encryption keys prior to storing it on the vSAN cluster.

Fast, Efficient Data Protection with vSAN ESA Native Snapshots

Negligible performance impact
Long snapshot chains and deep snapshot chains cause minimal performance impact.
Faster snapshot operations
Applications that suffered from snapshot create or snapshot delete stun times will perform better with vSAN ESA.
Consistent partner backup application experience using VMware VADP
VMware snapshot APIs are unchanged. VMware VADP supports all vSAN ESA native snapshot operations on the vSphere platform.

Availability and Serviceability

Simplified and accelerated servicing per device
vSAN ESA removes the complexity of disk groups, which streamlines the replacement process for failed drives.
Smaller failure domains and reduced data resynchronization
vSAN ESA has no single points of failure in its storage pool design. vSAN data and metadata are protected according to the Failures To Tolerate (FTT) SPBM setting. Neither caching nor compression lead to more than a single disk failure domain if a disk crashes. Resync operations complete faster with vSAN ESA.
Enhanced data availability and improved SLAs
Reduction in disk failure domains and quicker repair times means you can improve the SLAs provided to your customers or business units.
vSAN boot-time optimizations
vSAN boot logic has been further optimized for faster startup.
Enhanced shutdown and startup workflows
The vSAN cluster shutdown and cluster startup process has been enhanced to support vSAN clusters that house vCenter or infrastructure services such as AD, DNS, DHCP, and so on.

Intuitive, Agile Operations

Consistent interfaces across all vSAN platforms
vSAN ESA uses the same screens and workflows as vSAN OSA, so the learning curve is small.
Per-VM policies increase flexibility
vSAN ESA is moving cluster-wide settings to the SPBM level. In this release, SPBM compression settings give you granular control down to the VM or even VMDK level, and you can apply them broadly with datastore default policies.

Optimized Performance, Durability, and Flexibility

Improved performance with new Adaptive Write Path
vSAN ESA introduces a new adaptive write path that dynamically optimizes guest workloads that issue large streaming writes, resulting in higher throughput and lower latency with no additional complexity.
Adaptive Write Path optimizations in vSAN ESA
vSAN ESA introduces an adaptive write path that helps the cluster ingest and process data more quickly. This optimization improves performance for workloads driving high I/O to single object (VMDK), and also improves aggregate cluster performance.
Optimized I/O processing for single VMDK/objects (vSAN ESA)
vSAN ESA has optimized the I/O processing that occurs for each object that reside on a vSAN datastore, increasing the performance of VMs with a significant amount of virtual hardware storage resources.
Enhanced durability in maintenance mode scenarios
When a vSAN ESA cluster enters maintenance mode (EMM) with Ensure Accessibility (applies to RAID 5/6 Erasure Coding), vSAN can write all incremental updates to another host in addition to the hosts holding the data. This helps ensure the durability of the changed data if additional hosts fail while the original host is still in maintenance mode.

Simplified Management

Capacity reporting enhancements
Overhead breakdown in vSAN ESA space reporting displays both the ESA object overhead and the original file system overhead.
Skyline Health remediation enhancements
vSAN Skyline Health helps you reduce resolution times by providing deployment-specific guidance along with more prescriptive guidance on how to resolve issues.
Key expiration for clusters with data-at-rest encryption
vSAN 8.0 Update 2 supports the use of KMS servers with a key expiration attribute used for assigning an expiration date to a Key Encryption Key (KEK).
I/O top contributors enhancements
vSAN Performance Service has improved the process to find performance hot spots over a customizable time period to help you diagnose performance issues while using multiple types of sources for analysis (VMs, host disks, and so on).

Cloud Native Storage

Cloud Native Support for TKGs and supervisor clusters (vSAN ESA)
Containers powered by vSphere and vSAN can consume persistent storage for developers and administrators and use the improved performance and efficiency for their cloud native workloads.
CSI snapshot support for TKG service
Cloud Native Storage introduces CSI snapshot support for TKG Service, enabling K8s users and backup vendors to take persistent volume snapshots on TKGS.

vSAN OSA Enhancements

Proactive Insight into compatibility and compliance
This mechanism helps vSAN clusters connected to VMware Analytics Cloud identify software and hardware anomalies. If an OEM partner publishes an advisory about issues for a drive or I/O controller listed in vSAN HCL, you can be notified about the potentially impacted environment.

Additional Features and Enhancements

Enhanced network uplink latency metrics
vSAN defines more meaningful and relevant metrics catered to the environment, whether the latencies are temporary or from an excessive workload.
RDT level checksums
You can set checksums at the RDT layer. These new checksums can aid in debugging and triaging.
vSphere Client Remote Plug-ins
All VMware-owned local plug-ins are transitioning to the new remote plug-in architecture. vSAN local plug-ins have been moved to vSphere Client remote plug-ins. The local vSAN plug-ins are deprecated in this release.
Reduced start time of vSAN health service
The time needed to stop vSAN health service as a part of vCenter restart or upgrade has been reduced to 5 seconds.
vSAN improves cluster NDU for VMC
New capabilities improve design and operation of a highly secure, reliable, and operationally efficient service.
vSAN encryption key verification
Detects invalid or corrupt keys sent from the KMS server, identifies discrepancies between in-memory and on-disk DEKs, and alerts customers in case of discrepancies.
Better handling of large component deletes
Reclaims the logical space and accounts for the physical space faster, without causing NO_SPACE error.
Renamed vSAN health "Check" to "Finding"
This change makes the term consistent with all VMware products.
Place vSAN in separate sandbox domain
Daemon sandboxing prevents lateral movement and provides defense in depth. Starting with vSAN 8.0, least privilege security model is implemented, wherein any daemon that does not have its custom sandbox domain defined, will run as a deprivileged domain. This achieves least-privilege model on an ESXi host, with all vSAN running in their own sandbox domain with the least possible privilege.
vSAN Proactive Insights
This mechanism enables vSAN clusters connected to VMware Analytics Cloud to identify software and hardware anomalies proactively.
Replace MD5, SHA1, and SHA2 in vSAN
SHA1 is no longer considered secure, so VMware is replacing SHA1, MD5, and SHA2 with SHA256 across all VMware products, including vSAN.
IL6 compliance
vSAN 8.0 is IL6 compliant.
Increased administrative storage capacity on vSAN datastores using customizable namespace objects
You can customize the size of namespace objects that enable administrators to store ISO files, VMware content library, or other infrastructure support files on a vSAN datastore.
Skyline health intelligent cluster health scoring, diagnostics and remediation
Improve efficiency by using the cluster health status and troubleshooting dashboard that prioritizes identified issues, enabling you to focus and take action on the most important issues.
High resolution performance monitoring in vSAN performance service
vSAN performance service provides real-time monitoring of performance metrics that collects and renders metrics every 30 seconds, making monitoring and troubleshooting more meaningful. VMware snapshot APIs are unchanged. VMware VADP supports all vSAN ESA native snapshot operations on the vSphere platform.