\n<\/strong>With a few different items having “vSAN Witness” in their naming, this can get a bit confusing, so let’s clarify what each of these are, and what their role is.<\/p>\n
- \n
- vSAN Witness Appliance<\/strong> – A free virtual appliance provided by VMware for use with Stretched Cluster or 2 Node vSAN configurations<\/li>\n
- vSAN Witness Host<\/strong> – Either a physical ESXi system, or the vSAN Witness Appliance, being used to store tie-breaker metadata for a Stretched Cluster or 2 Node vSAN configuration<\/li>\n
- vSAN Witness Component<\/strong> – A vSAN metadata component that is a used as tie breaker metadata for vSAN data components that reside on different fault domains or hosts.<\/li>\n<\/ul>\n
It is important to understand their differences when deploying, configuring, or managing Stretched Cluster or 2 Node vSAN configurations.<\/p>\n
Cluster Membership<\/h3>\n
vSAN Stretched Clusters, and 2 Node vSAN, require a vSAN Witness Host<\/strong> that “participates” in the vSAN Cluster. Participates is in quotes, because the vSAN Witness Host<\/strong> is not a traditional member of the cluster, and is only a vSAN Cluster member, not a vSphere Cluster member<\/em>.<\/p>\n
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/WH1-e1530919639490.png\")
<\/a><\/p>\nThe general recommendation is to place the vSAN Witness Host<\/strong> in a different datacenter, such as Witness-Datacenter shown in the illustration above.<\/p>\n
Notice that the vSAN Witness Host<\/strong> is not a member of the vSphere Cluster <\/b>named Remote-Cluster.<\/p>\n
Looking at the disk management UI of the vSAN configuration of Remote-Cluster, the disk group from the vSAN Witness Host<\/strong> is a contributing vSAN cluster member:
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/WH1A-e1530919702866.png\")
<\/a><\/p>\n*Very important note: <\/strong>Do not attempt to make a cluster out of multiple vSAN Witness Hosts.<\/em> They cannot be members of a vSphere Cluster.<\/p>\n
If there is a need to “organize” vSAN Witness Hosts, use the Folder capability in the vSphere Client to organize them. Do not<\/strong> include them in a vSphere Cluster.
\n![\"\"](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/WITNESS-ORGANIZATION-1024x667.png\")
<\/a><\/p>\nNotice that vSAN Witness Host “witness3.demo.local” is part of a vSphere Cluster. This is not supported.<\/p>\n
Adding a vSAN Witness Host to a vSphere Cluster will require you to redeploy that vSAN Witness Host<\/em><\/span>.<\/p>\n
\n<\/strong>Versioning<\/h3>\nCloser inspection of this sample 2 Node cluster shows that the data nodes are the same build, which is a recommended\/supported configuration.<\/p>\n
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/ESXIBUILD1-1-e1530919750747.png\")
<\/a><\/p>\nAlthough the vSAN Witness Host<\/strong> is not part of the vSphere Cluster, it is contributing disks to the vSAN Cluster<\/em>. Because the vSAN Witness Host<\/strong> is contributing to vSAN, it is strenuously recommended<\/strong><\/em> to be the same build as the vSAN Data Nodes. It is generally required<\/strong><\/em> to be the same release of vSAN.<\/p>\n
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/WITBUILD-e1530919779572.png\")
<\/a><\/p>\nIt is important to remember, that the vSAN Witness Host<\/strong> is an ESXi instance. Whether it is physical or virtual, it is patched the same as any other ESXi host<\/em><\/strong>.<\/p>\n
Repeating that last statement for clarity: “Whether it is physical or virtual, the vSAN Witness Host is patched the same fashion as any other ESXi host.<\/strong><\/span>”<\/p>\n
The illustrations above have only addressed the context of the vSAN Witness Host<\/strong> (which could be physical or virtual), and not the vSAN Witness Appliance<\/strong>.<\/p>\n
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/WH2-e1530919812689.png\")
<\/a><\/p>\nNotice in the above illustration that the virtual machine WITNESS67<\/strong> is running on host0.demo.local<\/strong>. This is the vSAN Witness Appliance<\/strong> that is provided by VMware for free.<\/p>\n
This virtual machine has ESXi installed for use as a tie-breaker for the Remote-Cluster<\/strong> vSAN Cluster.<\/p>\n
Its ESXi Guest OS is configured as witness.demo.central<\/strong>. The “virtual ESXi” is attached to the vCenter server. To vCenter, witness.demo.local<\/strong> appears (mostly<\/em>) to be like any other ESXi installation.<\/p>\n
<\/p>\n
Hosting the vSAN Witness Appliance<\/h3>\n
The guidance thus far has been that any vSphere 5.5 host, regardless of licensed edition, may be used for hosting a vSAN Witness Appliance<\/strong>. This is stated in the Stretched Cluster and 2 Node Guide<\/a> on storageHub.vmware.com<\/a>. This remains true today.<\/p>\n
The vSAN Witness Appliance<\/strong> is generally supported on:<\/p>\n
- \n
- Any on-premises or cloud hosted configuration provided appropriate connectivity is in place*.\n
- \n
- Any licensed edition of vSphere 5.5 or higher<\/li>\n
- Any Free vSphere Hypervisor 5.5 or higher<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
*Refer to the Stretched Cluster and 2 Node Guide for more information around connectivity requirements.<\/p>\n
With the release of vSphere 6.7 there are some new CPU requirements though, as vSphere 6.7 does not support the same list of CPUs as vSphere 5.5, 6.0, or 6.5. The vSphere 6.7 Release Notes<\/a> detail CPUs that are no longer supported in vSphere 6.7.<\/p>\n
In cases where the vSAN Witness Appliance<\/strong> is used for a vSAN 6.7 Stretched Cluster or 2 Node configuration, the vSphere Host’s CPU must also be supported by vSphere 6.7, regardless of the build of ESXi running on the vSphere Host.<\/p>\n
Consider host3.demo.local<\/strong> which has a CPU that is not<\/strong><\/span> supported by vSphere 6.7. This host is running vSphere 6.5. It is still possible to deploy<\/em> a vSAN Witness Appliance<\/strong> for vSAN 6.7 to a host that does not meet the requirements<\/strong><\/span> of vSphere 6.7.<\/p>\n
![\"Witness](\"http:\/\/blogs.vmware.com\/virtualblocks\/files\/2018\/07\/T300-e1530919861610.png\")
<\/a><\/p>\nHowever, after deploying a new vSAN Witness Appliance<\/strong> for vSAN 6.7 to this host, and attempting to power it on, it can be seen that it is not allowed to boot<\/span><\/strong>.<\/p>\n
- vSAN Witness Host<\/strong> – Either a physical ESXi system, or the vSAN Witness Appliance, being used to store tie-breaker metadata for a Stretched Cluster or 2 Node vSAN configuration<\/li>\n