check-circle-line exclamation-circle-line close-line

VMware Database Management Essentials Release Notes

Amazon RDS on VMware

VMware Database Management Essentials| 16 OCTOBER 2019

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

What is Amazon RDS for VMware?

Amazon Relational Database Service (RDS) on VMware enables you to deploy managed databases in on-premises VMware environments by using the  Amazon RDS  technology enjoyed by hundreds of thousands of AWS customers. Amazon RDS on VMware provides cost-efficient and resizable capacity while automating time-consuming administration tasks that include infrastructure provisioning, database setup, patching, and backups, freeing you to focus on your applications. Amazon RDS on VMware brings many of these same benefits to your on-premises deployments, making it easy to set up, operate, and scale databases in VMware vSphere private data centers.

Amazon RDS on VMware allows you to utilize the same simple interface for managing databases in on-premises VMware environments as you would use in AWS. Amazon RDS on VMware supports Microsoft SQL Server, PostgreSQL, and MySQL databases.

What is VMware Database Management Essentials?

Amazon RDS on VMware is a joint project in between Amazon AWS and VMware. Amazon RDS on VMware is an AWS service that has been engineered in collaboration of both Amazon and VMware.

VMware customers use vSphere to automate the management of their application environments. Amazon RDS on VMware extends the benefits of vSphere and Amazon RDS to VMware customers by enabling them to manage and monitor their database instances running on vSphere with automation of backups, point in time restore, and recovery operations, simplified database management, and full-stack application monitoring.

VMware Management Database Essentials is a bundle that includes all the components and technology that VMware engineered to support Amazon RDS on VMware. VMware Management Database Essentials is not available for download, all its components are automatically installed and downloaded when the customer on-boards a vSphere Cluster as a Custom Availability Zone on Amazon RDS on VMware.

By using Amazon RDS on VMware, you can set up, operate, and scale databases in VMware environments. RDS on VMware automates time-consuming database management tasks such as provisioning, patching, backups, and failover. This automation frees you to focus on developing and tuning your applications. With Amazon RDS on VMware, you get the high availability, scalability, and durability provided by Amazon RDS for your on-premises VMware deployments.

 

How it works?

To use Amazon RDS on VMware, you require a cluster of vSphere 6.5 or later with outbound connectivity to the Internet, administrative privileges and an Amazon AWS account in good standing. You can then enable the vSphere cluster to become a Custom Availability Zone, by installing the Amazon RDS Connector during the onboarding process. Once the onboarding finishes, you can allocate and instantiate an Amazon RDS managed database on top of a native vSphere cluster. You can have multiple vSphere Clusters onboarded independently of the location of the vSphere Cluster.

Each Amazon AWS Region is a separate geographic area. Each Amazon AWS Region has multiple, isolated locations known as Availability Zones (AZs). Customers can create their own Custom AZs corresponding to vSphere data centers that AWS customers use to run Amazon RDS on VMware.

Onboarding a vSphere cluster for RDS on VMware starts by downloading and deploying the Amazon RDS on VMware Installer virtual appliance in the vSphere cluster of choice. The Amazon RDS on VMware Installer provides a simple graphic wizard that guides the onboarding process for the VMware vSphere cluster to become a Custom Availability Zone to the nearest AWS Region.

A vSphere Cluster can be connected to a specific AWS Region. The Amazon RDS on VMware Installer is specific per region. This is why you must download the AWS RDS on VMware Installer OVA file from the region that you want to be connected. The installation process creates the outbound VPN connection, installs Amazon RDS on VMware components, and runs automated tests to make sure that Amazon RDS on VMware is working properly. After the tests finish, and the vSphere Cluster is onboarded and properly registered as an Amazon Custom AZ, the database instances can be provisioned into the VMware environment.

 

Features of RDS on VMware

The features of Amazon RDS on VMware in this release include:

Feature Description
Automated Database Management

Amazon RDS on VMware automates administrative tasks for your databases deployed in VMware vSphere environments, including:

  • Database provisioning
  • Operating system and database patching
  • Backup
  • Point-in-time restore
  • Compute scaling
  • Instance health monitoring

RDS on VMware supports Microsoft SQL Server, PostgreSQL, and MySQL database engines.

Simple Interface You can create, modify, and manage your databases by using the Amazon RDS Console, APIs, and Command Line Interface (CLI). You can use the same simple interface to manage RDS databases running on VMware or RDS databases running on AWS.
Scalable Resources Amazon RDS on VMware allows you to easily scale the compute and memory resources in your on-premises database instance, similar to an Amazon RDS instance in AWS. 
Performance Monitoring Amazon RDS on VMware provides Amazon CloudWatch metrics for your on-premises databases at no additional charge. This includes resource use, I/O activity, and instance connections. RDS on VMware also provides access to Performance Insights, which is an easy-to-use tool that helps you quickly assess the load on your database with in-console visualizations.
Availability Protection Amazon RDS on VMware uses health monitoring to detect unhealthy database instances and to recover them automatically by using the same storage volume.
Simple Backup and Restore Amazon RDS on VMware allows you to back up either manually or automatically your on-premises databases. Amazon RDS on VMware supports point-in-time restore and allows you to specify an automated backup retention period per database.
Compliance Readiness The default behavior of Amazon RDS is to keep your databases on-premises, allowing you to run workloads that must comply with security, privacy, regulatory, and data sovereignty policies. Hybrid cloud features can be enabled at any time, at your discretion.

 

High-Level Architecture

Each Amazon RDS on VMware Customer Availability Zone is mapped to a single vSphere Cluster. A particular vSphere Cluster can only be mapped to a single Amazon RDS on VMware Customer Availability Zone.

A vSphere Cluster must be onboarded to become a Customer Availability Zone. Once onboarded, a few control plane proxy virtual machines get deployed in the corresponding vSphere Cluster. Once onboarding is completed, the onboarded vSphere Cluster is also the target where the managed Amazon RDS on VMware database instances will be deployed.

Networks Description
Internet Network It can be an existing network with outbound Internet access. The main goal of this network is to establish the site-to-site VPN that RDS on VMware creates and maintains automatically.
Cluster Control Network  Guest network dedicated to RDS on VMware with a unique VLAN ID. This network will not be shared with any other application or solution, it will be used only to bind local control plane components.

This network will run a DHCP server provided by Amazon RDS on VMware (once the Edge Router appliance is deployed). RDS on VMware assigns IP addresses in the predefined 54.239.236.0/22 range of public IP addresses that is not Internet-routable.

Application Network  Existing network where the database instances will be deployed. Each database will also have an interface in Cluster Control network. This network is where Database instances will offer the SQL access for the client applications.
ESXi Management Network This is the management network that usually exists in most of the vSphere installations where the ESXi hosts and vCenter Server are bind on a relatively isolated network which hosts only ESXi-related traffic.
VPN The solution automatically enables a VPN connection once the solution has been properly onboarded

 

System Requirements

Software Requirements

  • vCenter Server and ESXi versions 6.5 and later or 6.7 and later with an active VMware support contract.
  • vSphere Enterprise Plus edition with an active VMware Support contract (VMware Cloud Foundation is supported as well)
  • vSphere Cluster (the solution uses a cluster that has been onboarded as Amazon RDS on VMware Custom Availability Zone).
  • vCenter Server user with administrative privileges on the vSphere cluster during installation and onboarding time. After the installation and onboarding is completed, such Admin user is no longer needed.

Datastore requirements

  • All ESXi hosts in the vSphere cluster must be connected to the same datastore.
  • Local datastores are not supported.
  • vSphere DRS is supported, but vSphere Storage DRS is not supported.
Storage Type Datastore Block-level HA/vSphere DRS
Fibre Channel VMFS Yes Yes
Fibre Channel Ethernet VMFS Yes Yes
iSCSI VMFS Yes Yes
NAS over NFS NFS Yes Yes
vSAN vSAN No Yes

Network requirements

  • Internet Network
    • Outbound connectivity to the Internet must:
      • Have a fixed public facing IP (Originator IP).
      • All public and internal URLs (vCenter Server FQDN) must be DNS-resolved.
      • Have access to public AWS service endpoints over HTTPS.
    • This network must get an IP address by using DHCP (verify that UDP broadcast does not cross over up-link).
    • Must allow outbound and related inbound response traffic:
      • To ports 50, 500, 4500 (IKE/IPSec for site-to-site VPN tunnel).
      • To TCP port 443 (HTTPS to access public AWS service endpoints).
  • Cluster Control Network
    • Network managed by AWS.
    • Management components run a DHCP Server provided by AWS RDS on VMware (on RDS Edge Router).
    • RDS on VMware assigns IP addresses in the predefined 54.239.236.0/22 range of public IP addresses that is not Internet-routable.
    • The network administrator must verify that broadcast packets do not cross over up-link.
    • The created distributed port group has to be accessible by all ESXi hosts that are part of the selected vSphere cluster.
      • Distributed port group must use Elastic "Port Allocation" flag.
    • The vSphere administrator must configure a VMkernel adapter for each ESXi host that is part of the cluster into this network.
  • Application Network
    • Existing network where Database instances will be deployed and SQL access is going to be listening.
    • Each database will also have an interface in the Cluster Control network.
    • You must provide DHCP services on this interface (broadcast must not cross over up-link).
    • Distributed port group created must be accessible from all ESXi hosts underlying the RDS on VMware cluster.
    • Distributed port group must use an Elastic "Port Allocation" flag.

 

Operating Systems

Database Virtual Machines

Specific versions of the Operating System and components are available here.

Database Engine Operating System Operating System Compatibility Guide with ESXi
MS SQL Server Microsoft Windows Server Microsoft Windows Server 2016
PostgreSQL Amazon Linux Amazon Linux 2
MySQL Amazon Linux Amazon Linux 2

 

Management Virtual Machines

Specific versions of the Operating System and components are available here (see documentation of Amazon RDS on VMware)

Component Company Operating System vSphere 6.5 Release Notes vSphere 6.7 Release Notes
AWS Minio Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux 2 ESXi Compatibility
AWS Datastore Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux 2 ESXi Compatibility
AWS Connector Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux 2 ESXi Compatibility
AWS Edge Router Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux 2 ESXi Compatibility
AWS Event Stream Aggregator Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux Compatibility
AWS Event Processor Amazon Amazon Linux Amazon Linux 2 ESXi Compatibility Amazon Linux 2 ESXi Compatibility
VMware Database Management Essentials VMware Photon OS 2 Photon OS 2.0 Compatibility Photon OS 2.0 Compatibility
VMware Database Management Essentials Snapshot Manager VMware Photon OS 2 Photon OS 2.0 Compatibility Photon OS 2.0 Compatibility

Validations by the Amazon RDS on VMware Installer

The following table lists the validations that are performed by the installer. You can see these validations on-screen when you are deploying the installer.

Validation Description
Minimum number of ESXi hosts on the cluster The minimum number of ESXi hosts per cluster in production are 3. This is the recommended number of hosts for vSphere High Availability.
Check the vCenter Major Version compatibility The installer validates that the version of vCenter Server to which the installer is connected is among the currently supported versions, (vSphere 6.5, 6.7, and 7.0). Support for the respective minor versions must be validated against the VMware Product Interoperability Matrix.
Check DRS on Cluster Checks if DRS is enabled on the selected vSphere cluster.

Free space on Datastore

Checks that the selected datastore has a minimum of 700 GB free space.
vSphere Replication and NFC enabled VMK created on Cluster Control Network port group Check that each ESXi Host on the vSphere Cluster has the corresponding vSphere Kernel Adapter (VMK) and the configuration of each VMK is correct (vSphere Replication and vSphere Replication NFC enabled). The installer validates that there is no IP assigned to the VMK.
ESXi hosts NTP Servers

Each ESXi Host connected to the vSphere Cluster has the same NTP Server defined than vCenter Server.

Application and Cluster Control Network on the distributed switch Checks that Application and Cluster Control Networks assigned during the deployment of the RDS installer are assigned to the vSphere Distributed Switch

DHCP on Application Network

DHCP service must be running on the Application Network (DHCP Service on Application Network is the customer's responsibility)

DHCP on Internet Network

DHCP service must be running on the Internet Network (DHCP Service on Internet Network is the customer's responsibility)

Unique VLAN ID for Cluster Control Network

Ensure that a unique VLAN has been configured on Cluster Control Network and not in any other port group.
Cluster Control Network has no DHCP Check that the Cluster Control Network does not receive any DHCP broadcast (DHCP Service on this network is AWS responsibility)

Miscellaneous

See the following Knowledge Base articles for additional information about the RDS on VMware Installer:

  • KB 77024 - Appliances Fail to Receive an IP from the Edge Router when deploying VMware Database Management Essentials
  • KB 77049 - Determining the Version for the RDS on VMware Installer Appliance and Deployed Components

Known Issues

  • "DiskQueue is full" can appear during delta backups and can cause the backups to stop working

    May occur in vSphere 6.7 and 6.7 Update 1 + vSAN 6.7

    Fixed in vSphere 6.7 Update 2.

    Workaround: Add the following values in the advanced settings of the ESXi hosts:

    • HBR.ChecksumUseChecksumInfo to 0 
    • HBR.DemandlogTransferMaxNetwork to 63

    This option requires a host reboot to take effect.

  • The initial backup operation might get stuck and this might require a reboot of the ESXi host.

    May occur in vSphere 6.7 and 6.7 Update 1 + vSAN 6.7.

    Fixed in vSphere 6.7 Update 2.

    Workaround: Set the advanced host option HBR.ChecksumUseChecksumInfo to 0. If any virtual machine becomes non-responsive in the synchronization phase, then the host needs to be rebooted. Otherwise, the fix takes effect right away.

  • Storage migration and vSphere Storage DRS are not supported on RDS database instances

    Storage migration and vSphere Storage DRS are not supported on RDS database instances.

    Workaround: None

  • Database creation might get stuck when running on vSphere 6.7 Update 3 on vSAN or NAS

    Currently, vSphere 6.7 Update 3 is unsupported. When you try to create a database running on vSphere 6.7 Update 3, you might get an NFC exception.

    Workaround: None.

  • The vCenter Server certificate validation might return an error for VDME-Snapshot-Manager

    In environments with an embedded Platform Services Controller, the vCenter Server certificate validation might return an error for VDME-Snapshot Manager.

    Workaround: See KB article 2121689.

  • Database creation fails on vSphere 6.5.x + vSAN environment

    During the database deployment process, the database VM gets cloned from a master template. If the first database does not get created after the VM is cloned, you must modify the datastore privileges for the VMwareRDS-Snapshot-Root role.

    Workaround:

    1. Login to the vCenter Server as administrator.
    2. Go to Administration and select Roles in the left pane.
    3. Select VMwareRDS-Snapshot-Root role and click Edit Role.
    4. Under All Privileges -> Datastore, select Configure Datastore.
    5. Click Next to go through the subsequent screens and confirm and apply the privilege.

    See KB article 78430 for more information.