VMware Validated Design is a family of solutions for data center designs that span compute, storage, networking, and management, serving as a blueprint for your Software-Defined Data Center (SDDC) implementation. The documentation of VMware Validated Design consists of succeeding deliverables for all stages of the SDDC life cycle.
Introducing VMware Validated Design includes the following information:
Design objectives
Deployment flow of the SDDC management components
Document structure and purpose
SDDC high-level overview
Use VMware Validated Design to build a scalable Software-Defined Data Center that is based on VMware best practices.
VMware Validated Design has the following advantages:
- One path to SDDC
After you satisfy the deployment requirements, follow one consistent path to deploy an SDDC.
VMware Validated Design provides a tested solution path with information about product versions, networking architecture, capabilities, and limitations.
- SDDC design for use in production
VMware Validated Design supports an SDDC that has the following features:
High-availability of management components
Backup and restore of management components
Monitoring and alerting
- Validated design and deployment
The prescriptive documentation of VMware Validated Design is continuously tested by VMware.
- Validated solution capabilities
Churn rate of tenant workloads
High availability of management components
Operational continuity
Design with dual-region support in mind
- Fast SDDC standup
You can implement a data center without engaging in design work and product research. After you download all SDDC products, follow the detailed design and step-by-step instructions.
- Support for latest product releases
Every version of a VMware Validated Design accommodates new product releases. If you have deployed an SDDC according to an earlier version of a VMware Validated Design, you can directly follow the validated design to upgrade your environment.
VMware Validated Design supports an SDDC architecture according to the requirements of your organization and the resource capabilities of your environment.
High-Level Logical Design of the SDDC
The SDDC according to VMware Validated Design contains the main services that are required to cover provisioning of virtualized and containerized workloads, cloud operations, and cloud automation.
Logical Design of the SDDC 
According to the SDDC implementation type, a VMware Validated Design has objectives to deliver prescriptive content about an SDDC that is fast to deploy and is suitable for use in production.
VMware Validated Design Objective
Description
Main objective
SDDC capable of automated provisioning of on-premises workload, hybrid workloads, and containers.
Scope of deployment
Greenfield deployment of the management and workload domains of the SDDC, and incremental expansion of these domains as needed.
Cloud type
On-premises private cloud.
Number of regions and disaster recovery support
Single-region SDDC with multiple availability zones that you can potentially use as a best practice for a second VMware Cloud Foundation instance.
Availability zones are separate low-latency, high-bandwidth connected sites. Regions have higher latency and lower bandwidth connectivity.
The documentation provides guidance for a deployment that supports two regions for failover in the following way:
The design documentation provides guidance for an SDDC whose management components are designed to operate in the event of planned migration or disaster recovery.
The deployment documentation provides guidance for an SDDC that supports two regions for both management and tenant workloads.
Maximum number of virtual machines and churn rate
By using the SDDC Manager API in VMware Cloud Foundation, you can deploy a VMware vCenter Server™ appliance of a specified deployment and storage size. As a result, in this VMware Validated Design, you determine the maximum number of virtual machines in the SDDC according to a medium-size vCenter Server deployment specification or larger.
4,000 running virtual machines per virtual infrastructure workload domain
56,000 running virtual machines overall distributed across 14 virtual infrastructure workload domains
Churn rate of 750 virtual machines per hour
Churn rate is related to provisioning, power cycle operations, and decommissioning of one tenant virtual machine by using a blueprint in the cloud automation platform. A churn rate of 100 means that 100 tenant workloads are provisioned, pass the power cycle operations, and are deleted.
Maximum number of containers or pods
2,000 pods per Supervisor Cluster
Number of workload domains in a region
Minimum two-domain setup, with a minimum of 4 VMware ESXi™ hosts in a domain
The validated design requires the following workload domains for SDDC deployment:
Management domain. Contains the appliances of the SDDC management components.
- One or more solution-specific workload domains for Infrastructure-as-a-Service (IaaS) and containers. Up to 14 workload domains per region.
Contains the tenant workloads.
Contains the required SDDC services to enable the solution that is deployed.
Shared use of components for management of workload domains
This VMware Validated Design uses a dedicated NSX-T Manager cluster for each workload domain.
Data center virtualization
Maximized workload flexibility and limited dependencies on static data center infrastructure by using compute, storage, and network virtualization.
Scope of guidance
Clean deployment of the management domain, workload domains, and solutions working on top of the infrastructure in the domains.
Incremental expansion of the deployed infrastructure
In a single region
To additional availability zones
To additional regions
Deployment and initial setup of management components at the levels of virtualization infrastructure, identity and access management, cloud automation, and cloud operations.
Basic tenant operations such as creating a single Rainpole tenant, assigning tenant capacity, and configuring user access.
Operations on the management components of the SDDC such as monitoring and alerting, backup and restore, post-maintenance validation, disaster recovery, and upgrade.
Overall availability
- 99.7% of management plane availability
Workload availability subject to specific availability requirements
Planned downtime is expected for upgrades, patching, and on-going maintenance.
Authentication, authorization, and access control
Use of Microsoft Active Directory as the identity provider.
Use of service accounts with least privilege role-based access control for solution integration.
Certificate signing
Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.
Hardening
Tenant workload traffic can be separated from the management traffic.
In VMware Validated Design, a workload domain represents a logical unit that groups ESXi hosts managed by a vCenter Server instance with specific characteristics according to VMware SDDC best practices.
A workload domain exists in the boundaries of an SDDC region. A region can contain one or more domains. A workload domain cannot span multiple regions.
Each domain contains the following components:
One VMware vCenter Server™ instance.
At least one vSphere cluster with vSphere HA and vSphere DRS enabled. See Cluster Types.
One vSphere Distributed Switch per cluster for system traffic and segments in VMware NSX-T Data Center™ for workloads.
One NSX-T Manager cluster for configuring and implementing software-defined networking.
One NSX-T Edge cluster that connects the workloads in the domain for logical switching, logical dynamic routing, and load balancing.
- In either of the two regions in a multi-region SDDC, one NSX-T Global Manager cluster for configuring software-defined networks that span multiple regions
One or more shared storage allocations.
Management Domain
Contains the SDDC management components.
The management domain has the following features:
Features of the Management Domain Feature
Description
Types of workloads
Management workloads and networking components for them.
Cluster types
Management cluster
Virtual switch type
vSphere Distributed Switch for system traffic and NSX-T network segments
NSX-T Virtual Distributed Switch (N-VDS) on the NSX-T Edge nodes
Software-defined networking
NSX -T Data Center
Shared storage type
VMware vSAN™ for principal storage
NFS for supplemental storage
Time of deployment
First domain to deploy during initial SDDC implementation
Deployment method
Deployed by VMware Cloud Builder as part of the bring-up process of VMware Cloud Foundation except for the region-specific VMware Workspace ONE® Access™ instance. You deploy the region-specific Workspace ONE Access instance manually and connect it to the NSX-T instance for the management domain.
Management Workloads for the Management Domain Component
Cluster Location
vCenter Server
First cluster in the domain
NSX-T Manager cluster
First cluster in the domain
NSX-T Edge cluster for north-south routing, east-west routing, and load balancing
First cluster in the domain
NSX-T Global Manager cluster for global networking across multiple regions First cluster in the domain
Region-specific Workspace ONE Access for central role-based access control
First cluster in the domain
Virtual Infrastructure Workload Domains
Contains tenant workloads that use NSX-T Data Center for logical networking. According to the requirements of your organization, you can deploy multiple virtual infrastructure (VI) workload domains in your environment.
A virtual infrastructure workload domain has the following features:
Features of a VI Workload Domain Feature
Description
Types of workloads
Tenant workloads and networking components for them.
Cluster types
Shared edge and workload cluster
Additional workload clusters
Virtual switch type
vSphere Distributed Switch for system traffic from the management domain and for NSX-T network segments
N-VDS on the NSX-T Edge nodes in the workload domain
Software-defined networking
NSX-T Data Center
Shared storage type
vSAN, vVols, NFS, or VMFS on FC for principal storage
Time of deployment
After initial SDDC bring-up of the management domain
Deployment method
Deployed by SDDC Manager
For a multi-region SDDC, you deploy the NSX-T Global Manager cluster from an OVA file.
Management Workloads for a VI Workload Domain Component
Deployment Location
Shared Between Workload Domains
vCenter Server
First cluster in the management domain
X
NSX-T Manager cluster
First cluster in the management domain
✓ for workload domains where workloads share the same overlay transport zone cross-domain, including domains where you use vRealize Automation for workload provisioning
Deployed with the first VI workload domain
X for workload domains where workloads must be connected to domain-specific transport zones
NSX-T Edge cluster for north-south and east-west routing
Shared edge and workload cluster in the workload domain
✓ for workload domains where workloads share the same overlay transport zone cross-domain, including domains where you use vRealize Automation for workload provisioning
Deployed with the first VI workload domain
X for workload domains where workloads must be connected to domain-specific transport zones
NSX-T Global Manager cluster for global networking across multiple regions First cluster in the domain
✓ vSphere with Tanzu Workload Domains
Contains containerized workloads that use vSphere with Tanzu for container provisioning and NSX-T Data Center for logical networking. According to the requirements of your organization, you can deploy multiple vSphere with Tanzu workload domains.
A vSphere with Tanzu workload domain has the following features:
Features of a vSphere with Tanzu Workload Domain Feature
Description
Types of workloads
Containerized workloads and networking components for them.
Cluster types
Shared edge and workload cluster
Additional workload clusters
Virtual switch type
vSphere Distributed Switch for system traffic from the management domain and for NSX-T network segments
N-VDS on the NSX-T Edge nodes in the workload domain
Software-defined networking
NSX-T Data Center
Shared storage type
vSAN, vVols, NFS, or VMFS on FC for principal storage
Time of deployment
After initial SDDC bring-up of the management domain
Deployment method
You use SDDC Manager for environment validation and the vSphere Client for enabling vSphere with Tanzu
Management Workloads for a vSphere with Tanzu Workload Domain Component
Deployment Location
Shared Between Workload Domains
vCenter Server
First cluster in the management domain
X
NSX-T Manager cluster
First cluster in the management domain
✓for workload domains where workloads share the same overlay transport zone cross-domain, including domains where you use vRealize Automation for workload provisioning
Deployed with the first vSphere with Tanzu workload domain
X for workload domains where workloads must be connected to domain-specific transport zones
NSX-T Edge cluster for north-south and east-west routing
Shared edge and workload cluster
✓ for workload domains where workloads share the same overlay transport zone cross-domain, including domains where you use vRealize Automation for workload provisionin
Deployed with the first vSphere with Tanzu workload domain
X for workload domains where workloads must be connected to domain-specific transport zones
Supervisor Cluster
Shared edge and workload cluster
X
- For more details on VMware Validated Design for SDDC, refer to VMware documentation:
- https://docs.vmware.com/en/VMware-Validated-Design/6.2/introducing-vmware-validated-design/GUID-5B8D0FFC-141E-43A6-BCD4-BB3966581401.html
No comments:
Post a Comment