GCVE Updates October 2023

Page content

GCVE Updates October 2023

Platform enhancements

  • New User Interface experience. In a past or to be precise for all “old” GCVE private clouds there was an old, legacy user interface which was a residue from Google Cloud, Cloudsimple acquisition. Finally we are getting rid of it and customers can enjoy native and first party user interface experience. I love it!

    New GCVE UI

Storage enhancements

  • Storage Only Nodes - still in preview, but very long awaited support or shall I say extension to vSAN cluster. Nodes which are cheaper, don’t contribute to cluster CPU and RAM capacity but contribute to vSAN capacity. Truly awesome!
  • External Storage for Datastores - this one is huge. Technically it was possible to do with NetApp CVO already in 2020 but couldn’t be implemented due to SLA’s and contractual things. Now we can create external datastores with Cloud NetApp Volumnes, Filestore High Scale or Enterprise which allows to extend the amount of storage available for VMs. Awesome!

Networing enhancements

  • Zero-config VPC peering during private cloud creation allows for much easier and faster GCVE private cloud creation. GCVE received as well increase of the limits on the number of peering allowed which simplifies the task of building a connected VMware Private Cloud while enabling a variety of networking topologies.
  • Native Cloud DNS support for bi-directional DNS resolution for both management and workload resolution. Allows for much easier DNS configuration not only for GCVE management purposes but as well offers support for more than 1 consumer DNS binding.

Security enhancements

  • Fine-grained (per-action) access control. GCVE received new fine-grained IAM roles. More details on https://cloud.google.com/vmware-engine/docs/iam page.
  • VPC Service Controls - support for VPC service controls which I already wrote about here https://www.wojcieh.net/gcve-supports-vpc-service-controls/
  • ESXi log forwarding and enabling auditable procedures - support for ESXi log forwarding which I already wrote about here https://www.wojcieh.net/gcve-terraform-and-esxi-log-fw-is-ga/
  • Google Cloud customer managed KMS support - very long awaited feature. Many enterprise customers are looking forward this feature. As default vSAN is encrypted by using Google Cloud KMS keys. However, with this feature customer will be able to bring their own keys outside of Google and would be able to encrypt vSAN with their own externally located keys! Finally!


Quite recently Google Cloud announced a new offering for backup&disaster recovery purposes. It is called Google Cloud VMware Engine Protected. So in short summary this offering is targeted for customers who want to have holistic approach to their services. It includes backup and disaster capabilities in a seamless way. To learn more about it visit Google Cloud VMware Engine Protected https://cloud.google.com/vmware-engine/docs/concepts-vmware-engine-protectedpage.


Updates Source https://cloud.google.com/blog/products/compute/whats-new-with-gcve