Check out the Whats New in HCX 4.10 Release Notes – https://docs.vmware.com/en/VMware-HCX/4.10/rn/vmware-hcx-410-release-notes/index.html
Rather than repeat what is in the Release Notes, I thought I would walk the UI and pull out a few changes and new features.
Data Plane Diagnostics
Service Mesh Diagnostics have been available for a while but have been limited in scope.
The new Diagnostics feature is right there, ready to help you out.
On completion of the Diagnostic run, a full HCX Firewall check is provided, this seems to be a lot more verbose to the old service mesh checks.
Some of the checks can be expanded to see the actual results as shown (IX checking it has gateway access):
Extended Options
HCX provides ‘Extended Options’ to easily achieve what would normally be manual or scripted tasks like remove ISOs and Snapshots, Upgrade VM Tools etc. New with 4.10 is the ability to migrate vCenter tags, this is great were you have tag dependent applications or DRS related groupings
HCX Assisted vMotion (HAV)
HCX 4.10 bring the orchestration of XVM (Cross vCenter vMotion), this has been available in vCenter for a few releases but can now be automated as part of a HCX migration process.
I have just written a quick blog on this, please read ‘What is HCX Assisted vMotion‘
HAV can be enabled in the Compute Profile as another service, at a high level it allows HCX to orchestrator the movement of VMs Host to Host rather than Host > IX to IX > Host with the other migration profiles options.
Network Profiles
4.10 now give the option of enabling ‘HCX Intrasite Control‘, this is used to allow communication between the IX and the WAN Opt appliances away from the default path of the Management network.
If the option is not selected, HCX will do one of two things:
- If NSX is attached, it will create a private subnet for the Intrasite Control traffic (subnet 198.18.xxx.xxx).
- If NSX is not attached, HCX will create the private subnet 198.18.xxx.xxx using the Management Network.
The other new option is ‘The underlay is secure’ check box, this is a manual validation that the network is encrypted, by ticking this for each network used by a Compute Profile, you can then uncheck the default checked option of ‘Encryption for Migration Services.’
If any Network Profiles used do not have ‘The underlay is secure‘ check box ticked, you will not be able to disable HCX based encryption.
Why would you want to remove HCX based encryption? Well, its a possible performance tweak for migrations, have a look at Chris Dooks’ new post on HCX 4.10 Encryption Less Tunnel performance testing – https://chrisdooks.com/2024/07/26/hcx-4-10-encryption-less-tunnels-performance-testing/
Non-VMware Sites in Site Pairing
The Site Pairing screen nows a summary of all site pairs in addition to VMware vs Non-VMware sites.
A Non-VMware site is one that does not have a HCX Connector, it would be Hyper-V or KVM and would be using OSAM as the migration method.
Note – Non-vSphere based sites can be paired with vSphere-based sites running HCX Connector or HCX Cloud Manager.
I’m sure there are plenty more UI changes to find, download or upgrade and have a look.
Performance
HCX 4.10 has made a big increase in performance for Network Extensions, concurrent migration etc.
Here are a few improvements listed:
| HCX Attribute | HCX 4.9.x | HCX 4.10 |
| Concurrent HCX OS Assisted Migrations (Scale Out) | 200 Disks | 200 Disks – OSAM can be scaled to 200 Virtual Machine Disk Replications using up to four Service Meshes. |
| Concurrent HCX Bulk Migrations – Extended | 600 (Manager) 200 (IX) | 1000 (Manager) 200 (IX) |
| Concurrent HCX Replication Assisted vMotions – Extended | 600 (Manager) 200 (IX) | 1000 (Manager) 200 (IX) |
Please refer to the ConfigMax site for the full list.