I was asked several times about VCF and how to start easily, and that’s is possible deploying a Consolidated Design Architecture.
In a VCF Consolidated Design Architecture Compute workloads co-reside in the management workload domain, so only four hosts are needed.
VCF is deployed via Cloud Builder when finished SDDC Manager is ready, and you will find the Management Domain (4 Host running vSphere 7, vSAN 7 and NSX-T 3.0)
As you can see, it’s straightforward, and you can also deploy vSphere with Kubernetes on the Management Domain, no need to build a separate Workload Domain to run it.
Cloud Builder The VMware Cloud Builder appliance automates the deployment of the entire software-defined stack.
SDDC Manager SDDC Manager automates the entire system lifecycle (from configuration and provisioning to upgrades and patching), and simplifies day-to-day management and operations.
VMware vSphere VMware vSphere uses virtualization to transform individual data centers into aggregated computing infrastructures that include CPU, storage, and networking resources. VMware vSphere manages these infrastructures as a unified operating environment and provides you with the tools to administer the data centers that participate in that environment.
VMware vSAN VMware vSAN™ aggregates local or direct-attached data storage devices to create a single storage pool shared across all hosts in the vSAN cluster. vSAN eliminates the need for external shared storage, and simplifies storage configuration and virtual machine provisioning. Built in policies allow for flexibility in data availability.
NSX-T Data Center The management domain and VI workload domains support the NSX-T Data Center platform.
vRealize Suite Cloud Foundation supports automated deployment of vRealize Suite Lifecycle Manager. You can then deploy and manage the lifecycle of the vRealize Suite of products (vRealize Log Insight, vRealize Automation , and vRealize Operations Manager) through vRealize Suite Lifecycle Manager.
VMware Cloud Foundation 4.0 contains the following VMware SDDC Products.
Cloud Foundation Architecture
Cloud Foundation supports two architecture models – standard and consolidated.
Consolidated Architecture Model Compute workloads co-reside in management workload domain Shared vSphere cluster with resource pools
Standard Architecture Model Management domain is dedicated to running infrastructure workloads Compute workloads run in VI domain(s) and are managed by separate vCenter servers
Google Cloud VMware Engine, delivers a fully managed VMware Cloud Foundation stack VMware solution, including:
vSphere
vCenter
vSAN
NSX-T
HCX
Google Cloud VMware Engine Features:
On-demand self-service provisioning of VMware private clouds
Deploy, expand, or shrink your VMware private clouds in minutes. Pay for what you use and benefit from flexible consumption options.
Integrated connectivity to Google Cloud services
Benefit from full access and seamless integration with innovative Google Cloud services such as BigQuery, Cloud Operations, Cloud Storage, Anthos, and Cloud AI.
VMware ecosystem compatibility
VMware Engine allows users to obtain administrative rights to install and maintain continuity with third-party tools for backup, disaster recovery, and monitoring along with adding external identity sources and users.
Performant networking
VMware Engine is built on Google Cloud’s highly performant, scalable infrastructure with fully redundant and dedicated 100Gbps networking. Cloud networking services such as Interconnect and Cloud VPN ease access from your on-premises environments to the cloud.
Purpose built to run your most demanding workloads
A scalable hyper-converged architecture with all NVMe disks allows you to run and scale your infrastructure in minutes to meet the needs of your most demanding workloads such as transactional databases and applications.
Simplified operations
VMware Engine is designed to minimize your operational burden so you can focus on your business. We take care of life cycle management of the VMware software stack and manage all related infrastructure and upgrades.
Starting today, VMware created a series of 60-minute business and technical sessions that will enable you to capture business opportunities in a Multi-Cloud World.
During these webinars, you will gain information and context to better understand the rapidly evolving Cloud Services market and how VMware can help you be successful in delivering compelling new services to your end customers.
To learn more, please join our VMware CloudFlix series, see specific topics listed below.
Ten insightful sessions are coming up where our VMware experts will deep dive into the new technical Cloud capabilities. The first ones are listed below :
Agenda:
– May 12th: Extending SDWAN services into your cloud platform with VeloCloud – Registration -> https://lnkd.in/eDmGp6Y
– May 14th: How to move from NSX-V to NSX-T using the migration tool – Registration -> https://lnkd.in/ePJ6E6w
Supported VMware Cloud Director Server Operating Systems
CentOS 6
CentOS 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Supported AMQP Servers
VMware Cloud Director uses AMQP to provide the message bus used by extension services, object extensions, and notifications. This release of VMware Cloud Director requires RabbitMQ version 3.7.9 and 3.8.2
For more information, see the VMware Cloud Director Installation, Configuration, and Upgrade Guide.
Supported Databases for Storing Historic Metric Data
You can configure your VMware Cloud Director installation to store metrics that VMware Cloud Director collects about virtual machine performance and resource consumption. Data for historic metrics is stored in a Cassandra database. VMware Cloud Director supports Cassandra versions 3.x.
For more information, see the VMware Cloud Director Installation, Configuration, and Upgrade Guide.
Disk Space Requirements
Each VMware Cloud Director server requires approximately 2100MB of free space for the installation and log files.
Memory Requirements
Please consult VMware Cloud Director Installation, Configuration, and Upgrade Guide for memory requirements
CPU Requirements
VMware Cloud Director is a CPU-bound application. CPU over-commitment guidelines for the appropriate version of vSphere should be followed. In virtualized environments, regardless of the number of cores available to VMware Cloud Director, there must be a sensible vCPU to physical CPU ratio, that does not result in extreme over-committing.
Required Linux Software Packages
Each VMware Cloud Director server must include installations of several common Linux software packages. These packages are typically installed by default with the operating system software. If any of the packages are missing, the installer fails with a diagnostic message.
module-init-tools net-tools pciutils procps redhat-lsb sed tar wget which
In addition to the installer required packages, several procedures for configuring the network connections and creating SSL certificates require the use of the Linux nslookup command, which is available in the Linux bind-utils package.
Supported LDAP Servers
You can import users and groups to VMware Cloud Director from the following LDAP services.
Platform
LDAP Service
Authentication Methods
Windows Server 2012
Active Directory
Simple, Simple SSL
Windows Server 2016
Active Directory
Simple, Simple SSL
Linux
OpenLDAP
Simple, Simple SSL
Supported Security Protocols and Cipher Suites
VMware Cloud Director requires the client connections to be secure. SSL version 3 and TLS version 1.0 and 1.1 have been found to have serious security vulnerabilities and are no longer included in the default set of protocols that the server offers to use when making a client connection. System administrators can enable more protocols and cipher suites. See the Cell Management Tool section in the VMware Cloud Director Installation, Configuration, and Upgrade Guide. The following security protocols are supported:
TLS version 1.2
TLS version 1.1 (disabled by default)
TLS version 1.0 (disabled by default)
Supported cipher suites enabled by default:
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
System administrators can use the cell management tool to explicitly enable other supported cipher suites that are disabled by default.
Note: Interoperation with releases of vCenter Server earlier than 5.5-update-3e and versions of ovftool earlier than 4.2 require VMware Cloud Director to support TLS version 1.0. You can use the cell management tool to reconfigure the set of supported SSL protocols or ciphers. See the Cell Management Tool section in the VMware Cloud Director Installation, Configuration, and Upgrade Guide.
Supported Browsers
VMware Cloud Director is compatible with the current major and previous major release of the following browsers:
Google Chrome
Mozilla Firefox
Microsoft Edge
Microsoft Internet Explorer 11
Supported Guest Operating Systems and Virtual Hardware Versions
VMware Cloud Director supports all guest operating systems and virtual hardware versions supported by the ESXi hosts that back each resource pool.
VMware Cloud Director WebMKS 2.1.1
The VMware Cloud Director WebMKS 2.1.1 console adds support for:
the PrintScreen key in Google Chrome and in Mozilla Firefox for Windows.
the Windows key in Windows and macOS. To simulate pressing the Windows key, press Ctrl+Windows in Windows OS, or Ctrl+Command in macOS.
Automatic keyboard layout detection in Google Chrome and Mozilla Firefox.
VMware Cloud Director™ 10.1 is now Available, with a few core updates in this release.
So, what’s new?
App Launchpad
Container Service Extension (CSE) 2.6
Object Storage Extension (OSE) 1.5
Terraform VMware Cloud Director Provider 2.7
Tenant App 2.4
NSX-T Migration Tool
NSX-T Enhancements
Encryption as a service
Highlights:
NSX-T migration tool script is part of Cloud Director, as NSX-T features are getting parity with NSX-V
Network downtime is minimized using bridged networks during migration.
vSphere Encryption from VMware Cloud Director. Encryption requires certificate keys that require a key management server (KMS) and Cloud Providers can choose from partners such as Fortanix or Dell Cloudlink.
New monitoring and metering capability with closer integration with NSX data collection, more network metrics and sizing profile-based metering.
K8 Kubernetes Clusters or PKS Kubernetes Clusters for VMware Cloud Director.
App Launchpad is a free component for VMware Cloud Director
Shared multitenant environment with tenant and service provider access
Dedicated environment with tenant access
Shared and/or dedicated environment with no tenant access
Shared Multitenant Environment with Tenant and Service Provider Access
In this scenario, the service provider operates a centralized vRealize Operations Manager instance to collect all data generated by the resource cluster. Both service provider personnel and tenants will access the same instance of vRealize Operations, and data access will be controlled with RBAC. This scenario allows for easy management and deployment. This approach is especially attractive for service providers who can operate their complete environment within one vRealize Operations Manager environment.
Advantages include the following: • Easy to deploy and manage • No additional data/configuration distribution for dashboards, policies, and so on is needed • Only one instance to maintain (software updates, management packs, and so on)
Disadvantages involve the following: • Role-based access control requires careful maintenance • Objects can only be operated under one policy, removing the ability to limit alert visibility for a customer/tenant • Sizing can become complex and larger environments could be limited by sizing parameters. A possible workaround is to build instances per larger resource group.
Dedicated Environment with Tenant Access
This scenario is unrelated to the vRealize Operations Manager multitenant use case that this document is focused on. This scenario is included for comparison reasons. In this scenario, the service provider operates a vRealize Operations Manager instance per dedicated customer. This is usually done when the customer operates its own cluster and vCenter Server within the service provider environment. Access to this environment is primarily focused on the tenant, but might be open for the service provider as well. An extended scenario might be that the service provider also collects data from the customer operated vCenter Server. This approach is commonly used in managed service environments or dedicated public cloud offerings where the customer rents a dedicated hardware stack.
The advantages are as follows: • Easy to deploy and manage • Sizing is easy because it can be done per tenant/customer • Object policies can be customized to be tenant specific
Disadvantages include the following: • Difficult to get a “big picture” when each customer operates on its own • Currently no data federation available for vRealize Operations • Service provider must monitor a high number of instances • Maintenance (upgrades and so on) requires more resources
Shared and/or Dedicated Environment with No Tenant Access
In this scenario, the service provider operates a centralized vRealize Operations Manager instance to collect all data generated by the resource cluster. The primary difference from the, Shared Multitenant Environment with Tenant and Service Provider Access is that access is only provided for the service provider. This scenario allows for easy management and deployment. This approach is often used in managed services environments where the service provider focuses on resource optimization.
The following advantages apply: • Easy to deploy and manage • No additional data/configuration distribution for dashboards, policies, and so on necessary • Only one instance to maintain (software updates, management packs and so on) • No complex RBAC necessary
Disadvantages include the following:
• Sizing can become complex and larger environments might be limited by sizing parameters. A possible workaround is to build instances per larger resource group. • No customer/tenant access to vRealize Operations Manager possible.
CLOUD & KUBERNETES BLOG FOR CLOUD PROVIDERS 