Helping VMware Optimize and Enable vSphere and vSAN for the Intel Xeon Scalable Platform
- Unified Extensible Firmware Interface (UEFI) Secure Boot ensures that the system firmware checks whether the system boot loader is signed with a cryptographic key authorized by a database of public keys contained in the firmware. With signature verification in the next-stage boot loader and kernel, it is possible to prevent the execution of kernel space code which has not been signed by a trusted key.
- Mode-based Execute Control (MBE) provides finer grain control on execute permissions to help protect the integrity of the system code from malicious changes, so the hypervisor can more reliably verify and enforce the integrity of kernel-level code.2
- TPM support via Intel® Trusted Execution Technology (Intel® TXT) 3
- TPM protects system start-up by ensuring it is tamper-free before releasing system control to the operating system. TPM also provides secured storage for sensitive data, such as security keys and passwords, and performs encryption and hash functions.
- Intel TXT provides the foundation for highly scalable platform security. It helps harden servers against threats of hypervisor, BIOS, or other firmware attacks, malicious rootkit installations, and other types of attacks or misconfiguration to firmware and operating systems.
For vSAN software, we helpe VMware engineers support these Intel Xeon Scalable platform capabilities, which are now exposed features to applications leveraging vSAN:
- Intel® ISA-L storage domain algorithms are optimized from the silicon up; Intel ISA-L speeds-up erasure coding, hash computation, and encryption.
- SPDK drivers and libraries optimize NVM Express* (NVMe) and NVMe over Fabrics (NVMe-oF).
- Intel® Optane® SSDs for ultra-high-performance storage I/O
- Intel® 3D NAND SSDs for highly-affordable, high-performance storage I/O
A Closer Look at vSAN Software and Hyper-Converged Infrastructure
The three results on the left are based on previous generation servers using Intel® Xeon® processor E5-2600 v4. The three results on the right show the performance benefits of moving to the Intel Xeon Scalable Processors, new generation Intel® Optane® SSDs, and VMware vSAN 6.6.3 Source: The Evaluator Group, July 2017.
Intel® Select Solutions for VMware vSAN Help Software Developers & IT Deployers
Learn More:
- Intel Select Solutions are supported by Intel Builders
- Intel Xeon Scalable processors web page
- Intel Select Solutions web page
- VMware vSAN web page
1 Lower TCO estimate example based on equivalent rack performance using VMware ESXi* virtualized consolidation workload comparing 20 installed 2-socket servers with Intel® Xeon® processor E5-2690 (formerly “Sandy Bridge-EP”) running VMware ESXi* 6.0 GA using Guest OS RHEL* 6.4 compared at a total cost of $919,362 to 5 new Intel® Xeon® Platinum 8180 (Skylake) running VMware ESXi* 6.0 U3 GA using Guest OS RHEL* 6 64 bit at a total cost of $320,879 including basic acquisition. Server pricing assumptions based on current OEM retail published pricing for Broadwell based servers – subject to change based on actual pricing of systems offered.
2 A potentially supported future hardware technology. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://www.intel.com/content/www/cn/zh/architecture-and-technology/intel-quick-assist-technology-overview.html
3 An OEM option: contact your hardware supplier for availability. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://www.intel.com/content/www/cn/zh/architecture-and-technology/trusted-execution-technology/trusted-execution-technology-security-paper.html
4 The comparison is based on a cluster of previous generation servers using Intel® Xeon® processor E5-2600 v4 processors with conventional NAND SSDs and VMware vSAN 6.5 software, versus a cluster of new generation servers using Intel Xeon Scalable processors, new generation Intel® Optane® SSDs, and VMware vSAN 6.6. These results came from extensive testing by a 3rd party, Evaluator Group, to demonstrate the lower costs possible and faster return on investment (ROI). Read the full report here.
For more information go to http://www.intel.com/performance.
5 VMware Blog, July 11, 2017, “vSAN Hits another Gear with New Intel Xeon Processor Scalable Family”, by Michael Haag. The results came from extensive testing by a 3rd party, Evaluator Group, to demonstrate the lower costs possible and faster return on investment (ROI). Read the full report here.
Intel does not control or audit the design or implementation of third party benchmark data or Web sites referenced in this blog. Intel encourages all of its customers to visit the referenced Web sites or others where similar performance benchmark data are reported and confirm whether the referenced benchmark data are accurate and reflect performance of systems available for purchase.
Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at [intel.com].
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products.
* © Intel Corporation. Intel, the Intel logo, Xeon, and Optane are trademarks or registered trademarks of Intel Corporation. Other names and brands may be claimed as the property of others.
"