GA Release #VMware #vSphere + #vSAN 7.0 Update 1c/P02 | Announcement, information, and links

Posted on

Announcing GA Releases of the following

  • VMware vSphere 7.0 Update 1c/P02 (Including Tanzu)
  • VMware vSAN™ 7.0 Update 1c/P02

Note: The included ESXi patch pertains to the Low severity Security Advisory for VMSA-2020-0029 & CVE-2020-3999

See the base table for all the technical enablement links.

Release Overview
vCenter Server 7.0 Update 1c | ISO Build 1732751

ESXi 7.0 Update 1c | ISO Build 17325551

What’s New vCenter
  • Physical NIC statistics: vCenter Server 7.0 Update 1c adds five physical NIC statistics:droppedRx, droppedTx, errorsRx, RxCRCErrors and errorsTx, to the hostd.log file at /var/run/log/hostd.log to enable you detect uncorrected networking errors and take necessary corrective action
  • Advanced Cross vCenter vMotion: With vCenter Server 7.0 Update 1c, in the vSphere Client, you can use the Advanced Cross vCenter vMotion feature to manage the bulk migration of workloads across vCenter Server systems in different vCenter Single Sign-On domains. Advanced Cross vCenter vMotion does not depend on vCenter Enhanced Linked Mode or Hybrid Linked Mode and works for both on-premise and cloud environments. Advanced Cross vCenter vMotion facilitates your migration from VMware Cloud Foundation 3 to VMware Cloud Foundation 4, which includes vSphere with Tanzu Kubernetes Grid, and delivers a unified platform for both VMs and containers, allowing operators to provision Kubernetes clusters from vCenter Server. The feature also allows smooth transition to the latest version of vCenter Server by simplifying workload migration from any vCenter Server instance of 6.x or later
  • Parallel remediation on hosts in clusters that you manage with vSphere Lifecycle Manager baselines: With vCenter Server 7.0 Update 1c, you can run parallel remediation on ESXi hosts in maintenance mode in clusters that you manage with vSphere Lifecycle Manager baselines
  • Third-party plug-ins to manage services on the vSAN Data Persistence platform: With vCenter Server 7.0 Update 1c, you can enable third-party plug-ins to manage services on the vSAN Data Persistence platform from the vSphere Client, the same way you manage your vCenter Server system. For more information, see the vSphere with Tanzu Configuration and Management documentation.
What’s New vSphere With Tanzu
Supervisor Cluster

  • Supervisor Namespace Isolation with Dedicated T1 Router – Supervisor Clusters using NSX-T network uses a new topology where each namespace has its own dedicated T1 router.

·      Newly created Supervisor Clusters uses this new topology automatically.

·      Existing Supervisor Clusters are migrated to this new topology during an upgrade

  • Supervisor Clusters Support NSX-T 3.1.0 – Supervisor Clusters is compatible with NSX-T 3.1.0
  • Supervisor Cluster Version 1.16.x Support Removed – Supervisor Cluster Version 1.16.x is now removed. Supervisor Clusters running 1.16.x should be upgraded to a new version

Tanzu Kubernetes Grid Service for vSphere

  • HTTP/HTTPS Proxy Support  – Newly created Tanzu Kubernetes clusters can use a global HTTP/HTTPS Proxy for egress traffic as well as for pulling container images from internet registries.
  • Integration with Registry Service – Newly created Tanzu Kubernetes clusters work out of the box with the vSphere Registry Service. Existing clusters, once updated to a new version, also work with the Registry Service.
  • Configurable Node Storage  – Tanzu Kubernetes clusters can now mount an additional storage volume to virtual machines thereby increasing available node storage capacity. This enables users to deploy larger container images that might exceed the default 16GB root volume size.
  • Improved status information  WCPCluster and WCPMachine Custom Resource Definitions now implement conditional status reporting. Successful Tanzu Kubernetes cluster lifecycle management depends on a number of subsystems (for example, Supervisor, storage, networking) and understanding failures can be challenging. Now WCPCluster and WCPMachine CRDs surface common status and failure conditions to ease troubleshooting.

Missing new default VM Classes introduced in vSphere 7.0 U1

  • After upgrading to vSphere 7.0.1, and then performing a vSphere Namespaces update of the Supervisor Cluster, running the command “kubectl get virtualmachineclasses” did not list the new VM class sizes 2x-large, 4x-large, 8x-large. This has been resolved and all Supervisor Clusters will be configured with the correct set of default VM Classes. 
  • With ESXi 7.0 Update 1c, you can use the –remote-host-max-msg-len parameter to set the maximum length of syslog messages, to up to 16 KiB, before they must be split. By default, the ESXi syslog daemon (vmsyslogd), strictly adheres to the maximum message length of 1 KiB set by RFC 3164. Longer messages are split into multiple parts. Set the maximum message length up to the smallest length supported by any of the syslog receivers or relays involved in the syslog infrastructure
  • With ESXi 7.0 Update 1c, you can use the installer boot option systemMediaSize to limit the size of system storage partitions on the boot media. If your system has a small footprint that does not require the maximum 138 GB system-storage size, you can limit it to the minimum of 33 GB. The systemMediaSize parameter accepts the following values:
    • min (33 GB, for single disk or embedded servers)
    • small (69 GB, for servers with at least 512 GB RAM)
    • default (138 GB)
    • max (consume all available space, for multi-terabyte servers)

The selected value must fit the purpose of your system. For example, a system with 1TB of memory must use the minimum of 69 GB for system storage. To set the boot option at install time, for example systemMediaSize=small, refer to Enter Boot Options to Start an Installation or Upgrade Script. For more information, see VMware knowledge base article 81166.

VMSA-2020-0029 Information for ESXi
VMSA-2020-0029 Low
CVSSv3 Range 3.3
Issue date: 12/17/2020
CVE numbers: CVE-2020-3999
Synopsis: VMware ESXi, Workstation, Fusion and Cloud Foundation updates address a denial of service vulnerability (CVE-2020-3999)
ESXi 7 Patch Info VMware Patch Release ESXi 7.0 ESXi70U1c-17325551
This section derives from our full VMware Security Advisory VMSA-2020-0029 covering ESXi only.  It is accurate at the time of creation and it is recommended you reference the full VMSA for expanded or updated information.
What’s New vSAN
vSAN 7.0 Update 1c/P02 includes the following summarized fixes as documented within the Resolved Sections for vCenter & ESXi

  • DOM Scrubber enhancement feature to enhance DOM scrubber functionality
  • Improvements in checksum verification during write prepare in LLOG
  • Persistence in network settings of witness appliance while creating witness VM
  • Enhancement in storage capacity/usage calculation on host level
  • NFS File bench performance improvements
  • LSOM fixes for random high write latency spikes in vSAN all-flash
  • File services improvements


Technical Enablement
Release Notes vCenter Click Here  |  What’s New  |  Patches Contained in this Release  |  Product Support Notices  |  Resolved Issues  |  Known Issues
Release Notes ESXi Click Here  |  What’s New  |  Patches Contained in this Release  |  Product Support Notices  |  Resolved Issues  |  Known Issues
Release Notes vSAN 7.0 U1 Click Here  |  What’s New  |  VMware vSAN Community  |  Upgrades for This Release  |  Limitations  |  Known Issues
Release Notes Tanzu Click Here  |  What’s New  |  Learn About vSphere with Tanzu  |  Known Issues vCenter Server Upgrade  |   ESXi Upgrade  |  Upgrading vSAN Cluster  |   Tanzu Configuration & Management
Download Click Here
Compatibility Information 7 + vSAN  |  Configuration Maximums vSphere 7  |  Compatibility Matrix  |  Interoperability
VMSA Reference VMSA-2020-0029  |  VMware Patch Release ESXi 7.0 ESXi70U1c-17325551

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.