Blog

AOS 5.17 is Here

By Aravindan Gopalakrishnan & Steve Carter & Mike Wronski & Tuhina Goel

With AOS 5.17, Nutanix continues to extend our lead in the hyperconverged infrastructure (HCI) market with innovative new capabilities in addition to continued improvements to core functionality. As part of their AOS subscription, Nutanix customers can benefit from the continuous innovation coming out of Nutanix engineering in this new release with a one-click upgrade through Prism. Here, I’ll highlight some of the key enhancements.

Scalability and Performance

Automate Global Deployments with Foundation Central
Large-scale datacenter deployments have historically been a costly and complicated part of the IT datacenter lifecycle. The building-block-like nature of AOS has enabled Nutanix customers to enjoy fast and easy deployments with Nutanix Foundation, which automates the process of installing AOS and a hypervisor and connecting the server nodes to form a cluster. Foundation simplifies what would otherwise be a time-consuming and error-prone installation and configuration process into a simple installer that requires the admin to enter some configuration information and hit “go.”

With AOS 5.17, Nutanix expands on the power and simplicity of Foundation with the introduction of Foundation Central. Foundation Central automates the AOS installation process for large and geographically dispersed deployments by enabling deployment from a central location without the need for a specialized skillset or advanced knowledge of the Nutanix ecosystem. This functionality enables enterprises to more quickly configure large datacenter deployments and to efficiently modernize remote sites without slowing down other key IT initiatives or making undue investments.

Figure 1 - Foundation Central

Expanded Prism Scalability
Nutanix customers manage their global AOS infrastructure via Prism. Prism is an intuitive, unified management platform that enables the seamless management of geographically distributed clusters from a single pane of glass. As organizations around the world continue to expand their AOS footprint, Prism scalability likewise continues to grow. With AOS 5.17, Prism is now capable of managing even larger global deployments, enabling the management of 100s of geographically distributed clusters and tens of thousands of VMs. Prism is included with your AOS subscription.

Deep Snapshot Chain Improvements
AOS 5.17 brings enhancements to the way snapshots are tracked by the DSF distributed metadata service, offering greater read performance even for vdisks with extremely deep snapshot chains. AOS customers can protect data using snapshots for fast, granular local recovery, as well as to protect against disaster by replicating to other AOS clusters or to the cloud via Xi Leap.

AOS Support for AMD Processors
Further expanding on the flexibility and choice available with Nutanix, AOS 5.17 brings AMD processor support into the ecosystem, giving AOS customers the flexibility to choose between AMD and Intel x86 processors in their environment. The first hardware partner to release an AMD platform for AOS is HPE (press release) with more to follow in short order. AMD is now supported across hypervisors running on AOS, including ESXi, AHV, and Hyper-V.

Erasure Coding Integration with Autonomous Extent Store
AOS 5.17 further expands on Autonomous Extent Store (AES) by integrating Erasure Coding (EC), enabling organizations to achieve maximum performance without having to give up the space saving efficiency of EC. Introduced in AOS 5.10, AES takes data locality to the next level by introducing metadata locality, keeping copies of metadata local for faster access. AES is part of the continuous innovation cycle in AOS as we further optimize for new media technologies such as NVMe and 3D X-Point, as well as larger capacity drives. The integration of EC is a part of this innovation cycle.

Resiliency and Business Continuity

Synchronous Replication
AOS 5.17 introduces synchronous replication of workloads running on AHV, ensuring zero data loss (RPO = 0) for mission-critical applications. This is achieved through synchronous replication of VM data, metadata, and associated policies of the protected entity. This means that all VM attributes and associated security and orchestration policies are preserved in case of a failover.

NearSync DR
AOS 5.17 brings enhancements to NearSync replication to deliver an RPO of approximately 20 seconds, being the first HCI platform in the industry to achieve this. NearSync replication employs lightweight snapshots (LWS) to secure data against site failure with minimal impact and without any latency or distance requirements while providing even finer-grained restore points for business-critical data.

Multi-Site DR
With AOS 5.17, Nutanix supports multi-site disaster recovery, enabling enterprises to recover from the simultaneous failure of two or more datacenters (i.e. multi-site failure) and maintain business continuity by keeping applications and data available to internal and external users. Multi-Site DR combines Nutanix Metro Availability, NearSync, and Asynchronous replication paired with an advanced DR orchestration framework to deliver seamless global protection and the ability to achieve 100% availability for multi-site deployments.

Advanced DR Orchestration
Recovery is an important part of business continuity. It means not only frequently capturing snapshots and backing up data, but also ensuring recovery of the right applications in the right order. With AOS 5.17, Nutanix Recovery Plans enable more flexible and granular recovery at the application level, including custom script execution and IP address management. Custom script execution enables scripts to run as part of the recovery process, which can be used to customize application recovery on the recovery site—for example, to configure DNS or registry settings, to define desktop settings or change the wallpaper, or to trigger other scripts. IP address management enables IP configuration during recovery, making automated recovery possible without the need for stretched networks.

Rack Level Failure Domains for Microsoft Hyper-V Clusters
AOS can maintain cluster and data availability for not only drive and node failures, but in larger clusters can also protect against chassis and even entire rack failures. With AOS 5.17, Rack Level Failure Domain protection has been expanded from AHV and ESXi to include Hyper-V clusters as well. Now all three hypervisors have node, block, and rack level failure domain protection.

Simplified Application Clustering with Volume Groups
AOS 5.17 makes it easier to quickly set up application-level clustering on AHV with Volumes. Some clustered applications, like Windows Failover Clustering, use SCSI-3 Persistent Reservations to coordinate access to storage by enabling multiple instances of the application cluster to write to a shared drive. Prior to this release, Persistent Reservations could be supported by mounting Volumes from within the guest operating system as network devices. This new functionality makes this even easier to configure by creating a Volume Group and connecting to a VM via Prism, which will then be accessible from within the guest as a SCSI device complete with access to Persistent Reservations.

Enhanced Resiliency Visibility
In AOS 5.17, the Data Resiliency Widget in Prism has been enhanced to provide deeper visibility into the resiliency status of a given AOS Cluster. An additional “Warning” State was added in the case of RF=3 clusters that have had a single failure, as well as contextual messages to describe more detail about the current state of cluster resiliency. Additionally, the failure domain (node, block, rack) is now shown in the widget, in addition to the current fault tolerance level. These enhancements make it even easier for AOS admins to verify details about the resiliency state of the cluster, as well as to gain deeper context into the ongoing cluster resiliency operations.

Security

Identity-Based Security for Virtual Desktops
A common use case for virtual desktop services (VDI) is to provide services to various user types with different security levels and entitlements. The traditional method to ensure proper segmentation has generally been through complex configurations using multiple user pools, network VLANs, and firewalls. With AOS 5.17, Nutanix Flow, the microsegmentation solution built into AHV virtualization, can greatly simplify VDI security. Through integration with directory services, Flow can dynamically categorize users and map network policy based on the user's identity—fine grain controls with a much less complex VDI deployment. AHV users can deploy and evaluate Flow with just a few clicks in Prism Central. Nothing new to install.

Trusted Compute
A well-known attack vector for malware, such as a rootkit, will compromise a system by executing malicious code in the bootloader process, before the operating system is loaded. Nutanix released support for UEFI Secure Boot for AHV with AOS 5.16 (January 2020), but we wanted to mention this important feature as it is included with AOS 5.17 as well. Secure boot prevents malicious code from executing in the boot process by ensuring that only signed, certified “known good” code and boot loaders can execute before the operating system loads.​ AHV supports Secure Boot both for physical hosts and user VMs, securing the boot process for both physical and virtual machines in an AOS cluster.

© 2020 Nutanix, Inc. All rights reserved. Nutanix, the Nutanix logo and all Nutanix product and service names mentioned herein are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. All other brand names mentioned herein are for identification purposes only and may be the trademarks of their respective holder(s). This post may contain links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such a site. This post may contain express and implied forward-looking statements, which are not historical facts and are instead based on our current expectations, estimates and beliefs. The accuracy of such statements involves risks and uncertainties and depends upon future events, including those that may be beyond our control, and actual results may differ materially and adversely from those anticipated or implied by such statements. Any forward-looking statements included herein speak only as of the date of this post and, except as required by law, we assume no obligation to update or otherwise revise any of such forward-looking statements to reflect subsequent events or circumstances.