Part 11- Intro to VMware Cloud Foundation 5.X

vCF is an orchestration platform that’s used to deploy a fully automated software cloud stack. VCF forms the basis for a true multi-cloud environment and offers integration options with VMware Cloud on AWS/Azure/GCP can be migrated between an on-premise environment and the cloud.

VCF architecture consists of a management domain and up to 5 workload domains. Each workload domain has its own SDDC, consisting of the components ESXi, vCenter server, vSAN, NSX-T and Aria suites.

vCF components are all managed by SDDC manager, a tool that automates patching, monitoring, ILM of all components, single sign-on and deployment operations of the SDDC stack are done via SDDC manager.  The core advantage is that administrators spend much less time on both implementation and management tasks within an SDDC environment.

vCF thus is a fully integrated platform built on software-defined services for storage, security, compute and networking

In summary, these are the tasks that can be done on vCF

• Commission Hosts: Make them ready to be used in the SDDC
• Create a Workload Domain (WLD)
• Download Bundles for update/upgrade of VCF
• Update/upgrade our SDDC to the next version of VCF
• Manage User Accounts
• Manage Passwords
• Manage Certificates
• Manage Licenses
• Manage Network Pools
• Deploy vRealize Suite components
• Enables path to hybrid Cloud

Cloud Foundation 5.0 Bill of Materials (BOM)

Improvements and new add-ons in VCF 5.0

VMware has provided several new features in addition to the BOM:

• Licensing model changes from perpetual to subscription-based also known as VMware Cloud Foundation+

Starting Configuration of vCF

A minimum of 4 ESXi hosts or HCI nodes to form a VCF management stack

Management Component

SDDC components are all managed by the SDDC manager, a tool that automates patching, monitoring, and ILM of all components of the SDDC stack. Everything in the SDDC manager runs as a workflow, if we wish to install Aria it runs as a workflow.

Deployment Options

vCF can be deployed as a single site, multisite or as a stretched cluster (federation) as shown

Deployment types

• Consolidated – Usually meant for small deployments. Compute workloads co-reside in the management workload domain

Minimum – 4 nodes and Maximum – 32 nodes

( Infra and Workload VMs on the management domain )

• Standard Architecture – Isolates management traffic from the workload domain. Up to 8 racks can be connected . Compute workloads run in VI domain(s) and are managed by separate vCenter servers

Minimum – 8 nodes and Maximum – 256 nodes

( Management domain dedicated to Infra only and dedicated clusters are for workload VM’s) . Up to 8 WLD domains can be connected to Cloud Gateway

Terminologies in vCF

Deployment Cluster Types

VCF Deploys SDDC stack into domains.

Management Domain –  Runs the management stack & runs the following components

1. Created with a minimum 4 hosts
2. Special purpose domain created during Bring-up
3. Built using vSAN only and NSX-T cluster
4. Runs infrastructure components SDDC Manager, vCenter Server, NSX-T Manager, and NSX Edge VM for the management domain
5. Runs Optional: Aria Operations, Aria Log Insight, Aria Automation, NSX Edge, Aria LCM
6. Tanzu Workloads can be run on the management domain.

VI Workload Domain –  As your workload grows, you can keep a new workload domain for every business function

1. Up to 14 VI workload domains can be deployed
2. 64 hosts per cluster
3. Special purpose domain for User workloads, NSX edge VM
4. A dedicated vCenter is deployed for each VI domain in the management domain.
5. NSX instances to support the workload domain are deployed in the management domain.
6. Storage can be vVols, FC or NFS storage backed up or vSAN

Licence Management in vCF 5.0

These products are deployed by SDDC and are covered by VCF subscription-based licence, so there are no keys involved. vCF 5.0 should be deployed by a VMware Cloud Foundation+ subscription-based licence applied to our Organization.

These products deployed by SDDC are licensed separately 

1. Horizon View
2. App volumes
3. Aria Automation
4. Aria Operations
5. Tanzu Kubernetes

Cloud Builder VM

The orchestrator VM that’s responsible for kicking off the SDDC build and its only needed to bring up the management domain which is our Center, NSX & SDDC Manager. This VM needs to be run in a separate environment to bring up the SDDC so run this on an existing environment. Another point to note is the max time allowed for us to bring up the management domain via the cloud builder is only 8 hours. Cloud Builder logs are available under /var/log/vmware/vcf/bringup/vcf-bringup-debug.log

SDDC Manager

Responsible for ongoing deployment activities, software updates, config tasks and management of the vCF stack

• Commissioning or decommissioning ESXi host, adding and extending clusters in workload domains
• Deployment of VI workload domains, VMware Aria Suite Lifecycle
• Deployment of NSX Edge clusters in workload domains
• Life cycle management of the virtual infrastructure components in all workload domains and VMware Aria Suite Lifecycle
• Identity provider management
• Creation of network pools for host configuration workload domains
• Product licenses, Certificate management,Password management and rotation
• Backup configuration

VMware Cloud Portal

Enables management of hybrid and native public cloud from https://cloud.vmware.com. All billing aspects of Cloud Foundation are seen via the cloud portal.

VMware Cloud Gateway Appliance

Creates a secure connection between the on-prem vCF Installation with the VMware cloud portal. A Cloud Gateway appliance can be downloaded from customer connect and deployed within the vCF management domain. This appliance would connect to VMware cloud services & also connect the on-prem vCF instance to it via the SDDC manager to gather data from our VMware Cloud foundation and send that to the cloud thus giving visibility of our on-prem infrastructure from the VMware cloud console.