Cloud computing is constantly evolving, and VMware Cloud Director (VCD) keeps advancing with new updates that strengthen security, streamline resource management, and give users greater control. VMware by Broadcom is thrilled to announce that VMware Cloud Director 10.6.1 is now available as part of the VCF (VMware Cloud Foundation) offering, starting January 31st, 2025.
Here’s a look at the key enhancements in this release.
Smarter VM Placement with Guest OS Awareness
Now, you can easily place virtual machines (VMs) on specific hosts or clusters based on their guest operating system. With this feature, system administrators can define VM Groups for specific OS types ensuring proper placement and compliance across all tenants. This also helps organizations stay aligned with Microsoft and other vendor licensing requirements, simplifying compliance while optimizing resource management.
Use case:
- Automatic enforcement ensures that VMs are always placed in their designated groups.
- Seamless reconfiguration means existing VMs will adopt this placement rule the next time they undergo a reconfiguration, such as a power cycle or VM edit.
This feature enhances workload distribution and simplifies multi-tenant management, giving you greater control over VM performance and security.
Take Control of API Token Security
Security is crucial and VCD now includes the ability to force API token expiration. If a token needs to be revoked immediately whether due to security concerns or administrative changes, administrators can now invalidate it instantly. This provides a proactive approach to managing API access and securing cloud environments.
Use case:
- Instant access revocation for better security governance.
- More control for administrators over authentication and access management.
Flexible IP Retention for Sub-Providers & Managed Organizations
Managing IP addresses has never been easier! VMware Cloud Director now allows custom IP retention periods at both the sub-provider and managed organization levels. This means IP addresses can be retained even when VMs are deleted or NICs are removed regardless of whether they were assigned via Static Pool, Static Manual, or DHCP.
Use case:
- Customizable IP retention ensures continuity and minimizes reallocation efforts.
- Metadata-based configuration allows admins to define retention periods tailored to organizational needs.
- Leverages the Manual Reservation API to preserve IPs for seamless redeployment.
No more lost IPs or unnecessary reconfigurations, just streamlined network management.
Gateway Firewall Enforcement
This update introduces the ability to explicitly activate or deactivate gateway firewall enforcement which is natively integrated within the VCF stack, with full visibility of enforcement status across T1 and T0 firewalls. Tenant and Sub-Tenant administrators both can view and override default settings, ensuring security configurations align with organizational policies.
Use case:
- Full transparency into firewall enforcement status.
- Administrative control to enable or disable enforcement as needed.
Stateful Firewall Access & Edge Cluster Configuration
Provider administrators now have improved control over the stateful firewall service, which is natively integrated within the VCF stack. With this update, they can restrict tenants from adding stateful firewall rules on T1, T0, and vApps unless the ANS security stack is entitled. Additionally, a new configuration option on edge clusters allows providers to enable or disable stateful firewalls as needed.
Use case:
- Granular control over firewall rules ensures security compliance.
- Edge cluster configuration adds another layer of flexibility in managing network security.
Custom Segment Profiles – Now Shareable!
Service providers can now share custom segment profiles with tenant organizations, making it easier to standardize networking policies across multiple tenants.
Use case:
- Improved collaboration between providers and tenants.
- Consistent networking configurations across multiple organizations.
IPv6 Transparent Load Balancing – It’s Back!
Support for IPv6 and VMware Avi Load Balancer Transparent Load Balancing is back! Pool members can now view the client’s source IP, enhancing visibility and network efficiency. To enable this feature, VMware Avi Load Balancer must be integrated with VMware Cloud Director.
Use case:
- Seamless IPv6 support for modern networking needs.
- Enhanced load balancing with transparent traffic routing.
This VMware Cloud Director update is all about better control, improved security, and enhanced networking capabilities. Whether you’re optimizing VM placement, tightening API security, or refining firewall enforcement, these changes give more control to both cloud providers and tenants.
To share this blog with your peers and colleagues, please use this link: https://bit.ly/3EivrCE
