vSAN Editions

There are three major editions* of vSAN 6.6 available – “Standard”, “Advanced”, and “Enterprise”- so other than price what’s the difference between the three?

*aside from the “vSAN for Desktop” and “vSAN for ROBO” lines which address specific use cases- look out for later posts focusing on these.


Standard is the base offering and, like it’s more expensive cousins, is licensed per socket the same way that vSphere is- so a dual-socket host needs two licenses for vSphere and two licenses for vSAN. This edition gives you all the core features of the VMware software-defined storage platform; distributing VM storage across the converged hosts, supporting iSCSI access for non-virtualised workloads, and using Storage Policy-Based management to name a few.


http://www.yellow-bricks.com/stickersshirts/Advanced, the next edition up the scale, gives benefits to vSAN platforms built on All-Flash. A vSAN host can be configured as “Hybrid” or “All-Flash”, hybrid uses spinning disks- HDD – for the capacity tier and flash disks for the cache tier. If your hardware uses the Hybrid model then there’s no advantage to using the Advanced edition as the additional features are only applicable to All-Flash configurations.

However, the Advanced edition provides major features which may tip the balance in the favour of the all-flash design when choosing a hardware platform, namely Erasure Coding, Deduplication, and Compression.

Deduplication (storing matching blocks of data only once), compression (using an algorithm to compress data), and erasure coding (basically arranging the data in a similar way to a RAID5/6 model but across hosts) are all features which can be used to reduce the amount of physical disk consumed by the data. Less space consumed = lower disk requirements = lower costs.  More detailed information on vSAN Space Efficiency can be found in the VMware docs.

As these three technologies can squash more data into your disk, they can provide more capacity for your spend and potentially offset the higher cost of SSD per gigabyte over HDD and the higher vSAN licensing price (Advanced is retailing at $1500 per socket more than Standard at time of writing). In the right circumstances it’s possible to design a higher capacity, better performing platform using the Advanced Edition+All-Flash route for the same cost of the Standard Edition+Hybrid design.

As with any data reduction technology, results can vary depending on workload. The VMware product page quotes savings of “up to” 7x from the deduplication and compression- in reality I’m seeing 2.5x in my own mixed server environment, but I’d expect VDI deployments to see higher figures. In my opinion All-Flash is the way forward and once you’ve made that decision then vSAN Advanced Edition wins over Standard in pretty much every situation.


The Enterprise edition takes the price up higher another $1500 per socket  (list price) at time of writing but adds Stretched Cluster with Local Failure Protection and Data-at-Rest Encryption.

The Encryption feature applies to whole vSAN cluster so everything stored on that datastore will be encrypted at rest. This allows dedupe and compression still to work, features that don’t provide any capacity benefits when using the alternative vSphere encryption. vSAN Encryption is configured using the same KMS service as vSphere- so a third-party Key Management Service is required, and you will want a non-encrypted (or alternatively encrypted) datastore/ cluster to host that on. As the encryption is a software offering expensive self-encrypting drives are not required.

The Stretched Cluster functionality allows a vSAN cluster to be designed to span across multiple datacentres and tolerate failure of an entire site. By using a witness host the cluster can detect the loss of a datacentre (or connectivity to it) and ensure that the storage is available using the alternative site. VMware High Availability ensures that any VMs which were running in the failed datacentre are powered on on the surviving site.



There are three editions of regular vSAN- Standard, Advanced, and Enterprise. If you want to use a Stretched vSAN Cluster or vSAN Encryption then you need the Enterprise edition. If you don’t expect to use either of these (perhaps vSphere Encryption covers any encryption requirements) and have an all-flash hardware configuration then it makes sense to go with Advanced Edition. And finally, if you have a Hybrid hardware config then go with Standard Edition (or upgrade your spinning disks to flash).

Further Reading:


vSAN Introduction

What is vSAN?

This is a first post in a series on vSAN, VMware’s software-defined-storage offering. vSAN uses disks within the ESXi hosts to create a resilient scalable shared storage platform for the virtual infrastructure providing many of the features of SAN/NAS shared storage without the need for additional hardware. There are also operational, performance, and scaling benefits associated with integrating the storage into the hypervisor’s control.

Unlike some other software-defined-storage solutions, vSAN is not a separate appliance but instead is baked into the ESXi hypervisor. In fact there is no separate install; installation (which I’ll cover in a future post) is simply a case of applying a license and configuring the cluster through vCenter.

vSAN dates back to 2013, with a General-Availability launch in March 2014 (the first was version 5.5 which was part of ESXi 5.5U1) and has evolved to the current version- v6.6 at the point this post was written.


How does it work?

The vSAN infrastructure is built up of normal x86 servers – often referred to as nodes – running the ESXi hypervisor. The disks in each host will be allocated to one of the two tiers of storage- Cache or Capacity. There are two configuration paths here, vSAN can be deployed using a hybrid model where the cache tier is flash disks and the capacity tier uses spinning disks (HDD) or an “All-Flash” model where flash storage is used for both tiers.


These hosts combine to make a cluster – a vSAN Cluster aligns with the clusters in a vSphere Datacentre – and the disks across the member nodes are amalgamated into a vSphere datastore which can then be populated with VMs like any other VMware datastore.


Data on this single datastore can be protected across the multiple hosts to provide resilience- the most basic example would be a RAID-1 equivalent mirroring whereby two copies of each piece of data are stored and on separate hosts. This creates the situation whereby a host can be taken down for maintenance, or suffer a failure, and the data is still available to vSphere. If the affected VM(s) were running on the host that failed then the regular vSphere HA/FT functionality would ensure the VM was kept running (or restarted on a new host in the case of HA). More advanced protection using methodology similar to RAID 5 or 6 is also available- and I’m planning a later post to cover this.

A cluster can be extending by scaling out, adding new nodes to the cluster to increase capacity/ resilience/ flexibility. The hyper-converged nature of vSAN means that these building blocks expand compute power in line with storage capacity. This model has particular advantages in solutions such as VDI where a virtual infrastructure can be expanded in a predictable fashion based on the number of users/desktops being provisioned.


What do I need?

As a minimum you need three ESXi hosts for a vSAN cluster, and four nodes are recommended for a production setup to allow for continued resilience during scheduled maintenance. 2-node ROBO and even 1-node lab clusters are technically possible, but those specific use cases are outside the scope of this introduction.

Software wise, you’ll need vCenter, vSphere licenses for those ESXi hosts, and vSAN licenses as well. vSAN is licensed per-socket in the same way vSphere is, so whilst it is an additional cost, it’s a consistent model that scales with the size of the environment. I’ll go into more detail on this and the various editions available in another post.


On the hardware front each host will require disks for those two tiers- A minimum of one write-Intensive SSD (or PCIe/NVMe flash) for the cache and then either HDDs or Read-Intensive SSDs for the capacity tier. At this point it’s worth mentioning the VMware Hardware Compatibility List, whilst it is technically possible to run vSAN on other configurations they will not be supported unless the disks and controllers are on this list. The ideal solution to ensure compatibility (and the route I’ve personally taken) is to choose a certified vSAN ReadyNode configuration. These are servers delivered by most major manufacturers which have a set of hardware tested and approved by VMware.

One of the most common points of confusion I’ve seen amongst perspective users (primarily those looking to deploy to a small environment or homelab) is this need for compatible hardware. Although vSAN does simplify storage operations, it requires a solid, reliable, certified hardware base to build on. Repurposing existing hardware, or slapping some SSDs on an old controller, is unlikely to end well without plenty of research and a certain level of expertise. If anyone reading this is planning on building something up in a homelab to see what vSAN looks like, I’d thoroughly recommend looking at the VMware Hands-On-Labs (in particular HOL-1808-01-HCI – vSAN v6.6 – Getting Started) which allow you to do this for free and without worrying about providing the hardware.

One additional recommendation is that all hosts in the cluster have the same specification as this helps ensure consistent performance. This also avoids availability issues which may occur if a node with a larger capacity than the others fails or requires maintenance- having the same size nodes would help ensure that there is sufficient capacity to tolerate this failure and reduce complication.

Finally, you will need 10G network connectivity between the hosts for the vSAN traffic.



vSAN is a software defined storage platform from VMware which is integrated into vSphere, it uses disks from multiple ESXi hosts to deliver a resilient datastore. To get started you will need ideally to invest in four or more hosts, connected by 10G network and each equipped with vSphere and vSAN licensing and two tiers of disk- cache and capacity. The easiest way of ensuring these hosts have tried and tested hardware is to purchase ”vSAN ReadyNodes” from your server supplier.

Future posts in this series will cover vSAN licensing, installation, and aspects of operation.

Further Reading: https://www.vmware.com/products/vsan.html

Devs4Ops Resources

imageThis post contains resources to accompany my Devs4Ops talk from the January 2018 London VMUG. It’s a list of links to things I mentioned (or intended to mention but forgot to) in the presentation.

Examples of Coding in Action

PowerShell Snippet – Find Windows 2008 VMs before EOL

Support for Windows Server 2008 and 2008 R2 ends in January 2020– just two years from the date of this post. Four years ago I put up a script to find XP and 2003 VMs, and I’ve modified this to search a vSphere environment for powered on VMs running Server 2008 as a Guest OS:

Get-VM |
 Where {$_.PowerState -eq "PoweredOn" -and
 ($_.Guest -like "*Server 2008*")} |
 get-VMGuest |
 select VmName, OSFullName

VmName    OSFullName
------    ----------
MyVM1     Microsoft Windows Server 2008 R2 (64-bit)
MyVM2     Microsoft Windows Server 2008 R2 (64-bit)
MyVM3     Microsoft Windows Server 2008 (64-bit)
MyVM4     Microsoft Windows Server 2008 R2 (64-bit)

IT in Higher Education

After over 15 years working in IT within the H.E. vertical I’ve spoken publically a few times about our corner of the tech industry, with talks at VMworld in 2016 and a recent TechUG meeting and chairing a roundtable at a UK VMUG UserCon. This post covers the highlights some of the content of these sessions, it contains themes that I’ve seen myself at various institutions and have struck a common chord in discussions with colleagues from other Universities.

The HE IT Environment

TechUG Talk November 2017

TechUG Talk November 2017

There are 17,000 IT Professionals* working in the UK Higher Education industry spread across 160 Universities the length and breadth of the nation- that’s a sizable number and doesn’t include those working in IT within Schools and Further Education Colleges. These staff support some amazing research and teaching and have the opportunity to work with some really awesome people and kit in a wide variety of disciplines.

How many IT departments in other environments can support racing teams, particle accelerators, gene sequencers, dance studios, silver-service restaurants, sports centres, and farms whilst looking after residential internet customers, Nobel prize-winners, Rocket Scientists and Brain Surgeons all in a normal day? Dealing with the cutting edge presents unique challenged – for example in most environments the team looking after the wireless LAN doesn’t have to worry about the people in the office next door experimenting with next-gen wireless tech in the same airspace. As well as the cutting edge, there’s also IT supporting the more generic activities, most of which are found in any large enterprise organisation. There is still the need for a projector in the boardroom, a website for marketing, the EPOS in the coffee shop, payroll systems and so on.

State of the Art vs State of the Ark

Probably the most obvious challenge to someone dropped into the HE environment is the age range in supported equipment. There’s plenty of the latest and greatest- if you look round the vendors at any tech conference I’d be surprised if any of them didn’t have product in at least one University. But alongside this there’s usually a plethora of kit that’s perhaps past it’s best-before date but has to be kept running- this is partly down to the traditional grant-based funding model where “services” are funded once but then expected to stay on for ever.

Thankfully server virtualisation came along and helped to keep some of the old operating systems running when the hardware they relied on dies, and the advances in software defined networking have provided the opportunity to secure some manufacturer-unsupported workloads and protect the rest of the infrastructure.


In higher education (and education in general) the employee headcount is much smaller than student numbers – UK Higher-Ed has about 400,000 Staff and roughly 2.2 Million students. Compared to a normal corporate environment there is a high turnover of these users because in addition to the regular comings and goings of employees, roughly a quarter of the “headcount” leaves every year as students graduate. This leads to the obvious potential difficulties in handling services such as user accounts – one that most Universities addressed some time ago with automation and integration with payroll and student record services.

It also presents some problems with software licensing- if site licensed software is based on the number of actual users on a site rather than the number of staff this can get quite costly. Most establishments also operate student computer labs- essentially a large scale hotdesking environment. If a software license is per-seat (and not on a flexible concurrent basis) then licensing enough seats for students to use the software in any lab (rather than having to be timetabled to just one for that application) can run up similarly high fees.


One of the more bizarre things that a newcomer to the world of Higher Ed will come across is the issue of ownership. Often a Researcher can leave to join another institution and take their in-progress grants with them. This can mean that hardware and data can sometimes leave the company when staff do, and on the flip-side unexpected computer equipment and large amounts of data can arrive with new starters. Imagine in a more traditional corporate setting a developer or salesperson leaving and not only taking their Macbook with them, but also all the code or customer data they had been working on.

It’s an unusual situation, and one that IT departments in Higher Education need to deal with on a regular basis. They need to ensure that they have sufficient storage capacity that if terabytes of data arrive unexpectedly tomorrow it can be safely stored- requiring a flexible infrastructure. They also need to ensure that software licenses and hardware assets that are owned by the company and not part of any mobile grant are retained.  VDI and Application Virtualisation technologies can help with the software ownership and a rigorous asset management system and process is required to keep track of physical devices.


Staff arriving with computers from their previous employer is only one part of the “Bring Your Own Device” experience. BYOD is, and always has been, the norm at Universities for both students and staff. Thousands of students arrive each year with their own devices, coupled with staff with personal budgets and requirements sometimes choosing what to buy themselves. I’ve joked before that in Higher Education IT we were “doing” BYOD before we knew it was a thing.

But BYOD is not just for personal devices, this extends to the server environment as well- Staff and research students running servers in cupboards or under their desks. “UDDC” (The Under Desk DataCentre) can be commonplace. Add to this the “Bring Your Own Storage” problem everyone in the tech industry sees following the proliferation of large, cheap, portable USB disks and IT has a real challenge on it’s hand to provide the security and resilience that the institution, the business, requires.

Again VDI and App Virtualisation can help to deliver and maintain the software on the plethora of endpoint devices. For the server side, P2V for Under Desk DataCentres is an option. IT can easily show the benefits of a proper server environment and the ability to provide scaling and resilience that’s just not possible with one of these foot-warming server deployments.


I’ve touched on Application virtualisation (and written in more depth on the subject) and there’s a lot of software used in Higher Education, a noticeable proportion of which presents a challenge to deploy and manage in the enterprise environment. IT are dealing with thousands of devices but the individual researcher wants to just download an app and get on with their job.

In Higher Ed (and Research in general) there’s a lot of little applications out there that another researcher has popped on the web (possibly back in 1994). Todays academics just want to download and use them, often with the expectation that everything will just work. However accompanying the download file there’s often no installation instructions, or instructions that remind you of the cover of a Led Zepplin album– there are so many steps. If anyone reading this ever finds themselves writing a manual don’t presume that just because someone has a Nobel Prize in Quantum Chemistry they are adept at editing the Windows Registry.

There’s also a lot of scientific applications just not designed to work in an enterprise environment. IT try and live in a world where users’ don’t share a login, and don’t require full administrator rights on their local workstation just to use it. It’s not just the freeware downloads that fall foul of these expectations- similar issues can often be found in expensive commercial research applications.

To aid this IT can invest in deployment methods- packaging through platforms such as SCCM, or virtualising the package (using ThinApp, XenApp, AppV, or Cloudpaging etc..) , or presenting the app through a virtual desktop infrastructure minimises the number of times an awkward installation process needs to be repeated and potentially allows some flexibility of the end-user device. User Environment Management plugs in here too, letting users escalate permissions without blanket issuing of admin rights across the estate.


So, to summarise, the big difference in a University environment to a traditional corporate one is the great variety of disciplines and activities, almost all of which require some form of IT. IT has become more and more central to almost every workplace over the past few decades and Higher Education institutions- themselves large enterprises- have at the same time adopted more and more of the practises and processes of the commercial sector. The Information Technology departments at Universities today faces many challenges common to their corporate counterparts in addition to some some unique to the sector. Thankfully modern technology is helping IT Pro’s rise to these challenges.


*HESA (Higher Education Statistics Agency) report for 2014/15 shows 16,900 staff categorised as “Information Technology Technicians” or “Information Technology and Telecommunications Professionals”