VMware

Benefits of VMware ESXi Hypervisor Architecture

Meet the Engineer: Lance Berc discusses VMware ESXi

The hypervisor architecture of VMware vSphere plays a critical role in the management of the virtual infrastructure. The introduction of the bare-metal ESX architecture in 2001 significantly enhanced performance and reliability, which in turn allowed customers to extend the benefits of virtualization to their mission-critical applications. Once again, the introduction of the ESXi architecture represents a similar leap forward in reliability and virtualization management. Less than 5% of the size of ESX, VMware ESXi runs independently of an operating system and improves hypervisor management in the areas of security, deployment and configuration, and ongoing administration.

Improve Reliability and Security. The older architecture of VMware ESX relies on a Linux-based console operating system (OS) for serviceability and agent-based partner integration. In the new, operating-system independent ESXi architecture, the approximately 2 GB console OS has been removed and the necessary management functionality has been implemented directly in the core kernel. Eliminating the console OS drastically reduces the codebase size of ESXi to approximately 100 MB improving security and reliability by removing the security vulnerabilities associated with a general purpose operating system.

Streamline Deployment and Configuration. ESXi has far fewer configuration items than ESX, greatly simplifying deployment and configuration and making it easier to maintain consistency.

Reduce Management Overhead. The API-based partner integration model of ESXi eliminates the need to install and manage third party management agents. You can automate routine tasks by leveraging remote command line scripting environments such as vCLI or PowerCLI.

Simplify Hypervisor Patching and Updating. Due to its smaller size and fewer components, ESXi requires far fewer patches than ESX, shortening service windows and reducing security vulnerabilities. Over its lifetime, ESXi 3.5 required approximately 10 times fewer patches than ESX 3.5.

To top

What’s New in ESXi 5.0

In the vSphere 5.0 release VMware has added several significant enhancements to ESXi.

NEW  Image Builder. A new set of command line utilities allows administrators to create custom ESXi images that include 3rd party components required for specialized hardware, such as drivers and CIM providers.  Image Builder can be used to create images suitable for different types of deployment, such as ISO-based installation, PXE-based installation, and Auto Deploy.  It is designed as a Power Shell snap-in component and is bundled with PowerCLI.

NEW ESXi Firewall. The ESXi 5.0 management interface is protected by a service-oriented and stateless firewall, which you can configure using the vSphere Client or at the command line with esxcli interfaces. A new firewall engine eliminates the use of iptables and rule sets define port rules for each service. For remote hosts, you can specify the IP addresses or range of IP addresses that are allowed to access each service.

NEW  Enhanced SNMP support . ESXi 5.0 expands support for SNMP v.2 with full monitoring for all hardware on the host.

NEW  Secure Syslog. ESXi 5.0 adds several enhancements to system message logging. All log messages are now generated by syslog, and messages can now be logged on either local and/or one or more remote log servers. Log messages can be remotely logged using either the Secure Sockets Layer (SSL) or TCP connections. With vSphere 5.0, log messages from different sources can be configured to go into different logs for more convenience. Configuration of message logging can also be accomplished using ESXCLI in addition to the vSphere client.

NEW Central management of host image and configuration via Auto Deploy. Combining the features of host profiles, Image Builder, and PXE, VMware vSphere Auto Deploy simplifies the task of managing ESXi installation and upgrade for hundreds of machines. ESXi host images are centrally stored in the Autodeploy library. New hosts are automatically provisioned based on rules defined by the user. Rebuilding a server to a clean slate is as simple as a reboot. To move between ESXi versions, you update a rule using the Auto Deploy PowerCLI and perform a test compliance and repair operation.

NEW Enhanced Unified CLI Framework. An expanded and enhanced esxcli framework offers a rich set of consistent and extensible commands, including new commands to facilitate on-host troubleshooting and maintenance. The framework allows consistency of authentication, roles, and auditing, using the same methods as other management frameworks such as vCenter Server and PowerCLI. You can use the esxcli framework both remotely as part of vSphere CLI and locally on the ESXi Shell (formerly Tech Support Mode).

New virtual hardware. ESXi 5.0 introduces a new generation of virtual hardware with virtual machine hardware version 8, which includes the following new features:

  • 32-way virtual SMP. ESXi 5.0 supports virtual machines with up to 32 virtual CPUs, which lets you run larger CPU-intensive workloads on the VMware ESXi platform.
  • 1TB virtual machine RAM. You can assign up to 1TB of RAM to ESXi 5.0 virtual machines.
  • Nonhardware accelerated 3D graphics for Windows Aero support. ESXi 5.0 supports 3D graphics to run Windows Aero and Basic 3D applications in virtual machines.
  • USB 3.0 device support. ESXi 5.0 features support for USB 3.0 devices in virtual machines with Linux guest operating systems. USB 3.0 devices attached to the client computer running the vSphere Web Client or the vSphere Client can be connected to a virtual machine and accessed within it. USB 3.0 devices connected to the ESXi host are not supported at this time.
  • UEFI virtual BIOS. Virtual machines running on ESXi 5.0 can boot from and use the Unified Extended Firmware Interface (UEFI).

Other significant capabilities available with ESXi since the 4.1 release:

AD Integration. Ability to configure the host to join an Active Directory domain, and any user trying to access the host will automatically be authenticated against the centralized user directory. You can also have local users defined and managed on a host-by-host basis and configured using the vSphere Client, vCLI, or PowerCLI. This second method can be used either in place of, or in addition to, the Active Directory integration.

Scripted Installation. Ability to do a scripted installation of the ESXi software to the local disk of a server. Various deployment methods are supported, including booting the ESXi installer off a CD or over PXE, and accessing the configuration file over the network using a variety of protocols, such as secure HTTP. The configuration file can also specify the following scripts to be executed during the installation:

    • Pre-install
    • Post-install
    • First-boot

      These scripts run locally on the ESXi host, and can perform various tasks such as configuring the host’s virtual networking and joining it to vCenter Server.

      Boot from SAN support for ESXi. This support includes Fibre Channel SAN, as well as iSCSI and FCoE for certain storage adapters that have been qualified for this capability.

      To top

      Register for ESXi classes

      VMware makes available hands-on training classes on ESXi at convenient locations around the world:

      Webcast: Time to Migrate to ESXi

      It’s time to migrate from VMware ESX to ESXi. Join this webcast to learn why and how.

      Get Webcast Details