Upgrade to Pro — share decks privately, control downloads, hide ads and more …

VMware Validated Design for SDDC 4.1 - Technical Overview

VMware Validated Design for SDDC 4.1 - Technical Overview

This presentation provides a technical overview of the VMware Validated Design for Software-Defined Data Center 4.1

Ryan Johnson

August 22, 2017
Tweet

More Decks by Ryan Johnson

Other Decks in Technology

Transcript

  1. © 2017 VMware Inc. All rights reserved.
    VMware Validated Design for SDDC 4.1
    Technical Overview
    2017-08-22

    View Slide

  2. Presenter
    Photo
    About the Author
    Ryan Johnson
    Ryan Johnson is a Staff Technical Marketing Architect at VMware. As an accomplished
    technologist his focus is enabling customers and community members to accelerate and simplify
    their infrastructure services and organizations through the Software-Defined Data Center.
    Ryan specializes in both the VMware Validated Designs and VMware Cloud Foundation
    Staff Technical Marketing Architect
    VCIX6-DCV, VCIX6-NV, VCAP7/6-CMA, VCP7-CMA, VCP6.5-DCV, VCP6*-*
    VMware Validated Designs
    @tenthirtyam
    vmware.com/go/vvd-community

    View Slide

  3. Approaches to Implement the Software-Defined Data Center
    Custom
    Do It Yourself
    § Design a custom architecture with in-house knowledge
    § Manually deploy and maintain multiple individual software components
    Build Your Own with
    VMware Validated Designs
    § The VMware Validated Designs provide standardized architecture
    designs with extensively tested interoperability of the software
    components
    § Manually deploy individual software components following the VVD
    guidelines and best practices to deploy and operate the SDDC
    Automated with
    VMware Cloud Foundation
    § A VMware Cloud Foundation system is an integrated SDDC platform with
    built-in automation for bring-up, configuration and patching/upgrading of the
    stack
    § Automatically implement an SDDC with a validated architecture that reflects
    with VMware best practices by deploying VMware Cloud Foundation

    View Slide

  4. VMware Validated Designs
    Prescriptive Blueprints with Comprehensive Deployment and Operational Practices
    ü
    Broad Use Cases
    Comprehensive
    Documentation
    Proven & Robust
    Standardized
    Designs

    View Slide

  5. VMware Validated Designs
    5
    A History Lesson
    1.0
    2.0
    3.0
    3.0.2
    4.0
    4.1
    February 2016
    § 12mo of Engineering
    § Release to PSO
    and Partners
    September 2016
    § 2mo of Engineering
    § Dual Region with DR
    § Two Pod Architecture
    July 2016
    § 3.5mo of Engineering
    § Smaller scope.
    (i.e. Dual Region + DR)
    November 2016
    § 1.5mo of Engineering
    § Added M-Seg Use Case
    § Added IT Automating IT Guide
    March 2017
    § 1.5mo of Engineering.
    § Major Product Updates
    § Added ROBO
    August 2017
    § 4mo of Engineering
    • Minor Product Updates
    • Consolidated Pod
    Option

    View Slide

  6. Design Decisions
    8
    290+ in VMware Validated Design for SDDC
    Reduces risk by providing
    a baseline of standardization.
    Ensures the design meets
    the design objectives.
    Reinforces standardization
    with justification and
    implications.
    Easy to follow checklist form.

    View Slide

  7. Use two separate NSX
    instances per region. One
    instance is tied to the
    Management vCenter Server,
    and the other instance is tied to
    the Compute vCenter Server.
    Design Decision
    Design Decisions
    9
    290+ in VMware Validated Design for SDDC
    SDDC-VI-SDN-001
    Decision ID
    SDN capabilities offered by
    NSX, such as load balancing
    and firewalls, are crucial for the
    compute/edge layer to support
    the cloud management
    platform operations, and also
    for the management
    applications in the
    management stack that need
    these capabilities.
    Design Justification
    You must install and perform
    initial configuration of multiple
    NSX instances separately.
    Design Implications

    View Slide

  8. Example Design Decisions
    VMware Validated Design for SDDC
    NSX Design > Routing Design > Routing Model Design Decisions (4.1)
    Decision ID Design Decision Design Justification Design Implication
    SDDC-VI-SDN-017 Deploy NSX Edge Services Gateways
    in an ECMP configuration for
    north/south routing in both
    management and shared edge and
    compute clusters.
    The NSX ESG is the recommended
    device for managing north/south
    traffic. Using ECMP provides multiple
    paths in and out of the SDDC. This
    results in faster failover times than
    deploying Edge service gateways in
    HA mode.
    ECMP requires 2 VLANS for uplinks
    which adds an additional VLAN over
    traditional HA ESG configurations.
    SDDC-VI-SDN-018 Deploy a single NSX UDLR for the
    management cluster to provide
    east/west routing across all regions.
    Using the UDLR reduces the hop
    count between nodes attached to it to
    1. This reduces latency and improves
    performance.
    UDLRs are limited to 1,000 logical
    interfaces. When that limit is reached,
    a new UDLR must be deployed.
    SDDC-VI-SDN-019 Deploy a single NSX UDLR for the
    shared edge and compute, and
    compute clusters to provide east/west
    routing across all regions for
    workloads that require mobility across
    regions.
    Using the UDLR reduces the hop
    count between nodes attached to it to
    1. This reduces latency and improves
    performance.
    UDLRs are limited to 1,000 logical
    interfaces. When that limit is reached
    a new UDLR must be deployed.

    View Slide

  9. Software Components
    VMware Validated Design for SDDC
    VMware vRealize Automation
    VMware
    NSX
    VMware
    vRealize Operations
    VMware
    vSAN
    VMware vSphere APIs for
    Daa Protection (VADP)
    VMware
    vSphere
    VMware
    vRealize Log Insight
    VMware vRealize Business for Cloud VMware Site Recovery Manager

    View Slide

  10. vRealize Business 7.3
    for Cloud
    vRealize Automation 7.3
    vSphere 6.5 U1
    vSAN 6.6.1
    Site Recovery Manager 6.5.1 vRealize Log Insight 4.5
    and Content Packs
    vRealize Operations 6.6.1
    and Management Packs
    NSX 6.3.3
    Bill of Materials
    VMware Validated Design for SDDC 4.1
    For a complete list refer to the release notes.

    View Slide

  11. Bill of Materials
    VMware Validated Design for SDDC 4.1
    Product Group and Edition Product 4.0 4.1
    VMware vSphere Enterprise Plus ESXi 6.5.0 a 6.5.0 Update 1
    vSphere Data Protection 6.1.3 6.1.4
    Update Manager 6.5.0 a 6.5.0 Update 1
    VMware vCenter Server Standard vCenter Server 6.5.0 a 6.5.0 Update 1
    VMware vSAN Standard or higher vSAN 6.5 a 6.6.1
    VMware NSX Enterprise NSX 6.3 6.3.3
    VMware vRealize Operations Advanced or higher vRealize Operations Manager 6.4 6.6.1
    Management Pack for NSX for vSphere 3.5 3.5.1
    Management Pack for Storage Devices 6.0.5 6.0.5

    View Slide

  12. Product Group Product 4.0 4.1
    VMware vRealize Log Insight vRealize Log Insight 4.0 4.5
    Content Pack for NSX for vSphere 3.5 3.6
    Content Pack for Linux - 1.0
    Content Pack for vRealize Automation 7 1.0 1.5
    Content Pack for vRealize Orchestrator 7.0.1+ 2.0 2.0
    Content Pack for Microsoft SQL Server 3.0 3.0
    VMware vRealize Automation Advanced or higher vRealize Automation 7.2 7.3
    vRealize Orchestrator 7.2 7.3
    vRealize Orchestrator Plug-in for NSX 1.0.4 1.0.4
    VMware vRealize Business for Cloud Standard vRealize Business for Cloud 7.2 7.3
    VMware Site Recovery Manager Enterprise Site Recovery Manager 6.5 6.5.1
    Bill of Materials
    VMware Validated Design for SDDC 4.1

    View Slide

  13. Environmental and External Systems Requirements
    15
    VMware Validated Design for SDDC
    Active Directory
    Certificate Authority
    DNS and NTP
    SMTP Relay
    SFTP
    Rack Space
    Power
    Cooling

    View Slide

  14. Dual-Region Deployment Ready
    VMware Validated Design for SDDC
    Characteristics & Restrictions
    § Regional Distance is Rather Large
    § A Region May Be Treated as an SDDC
    § Multiple Regions are Not Treated as a Single SDDC
    Workload Placement Closer to Customer
    § Northern California and Southern California
    § US East Coast and US West Coast
    § US Region and EU Region
    Common Uses
    § Disaster Recovery: One region can be the primary site
    and another region can be the recovery site.
    § Data Privacy: Address laws & restrictions in some
    countries by keeping tenant data within a region in the
    same country.
    San Francisco, CA
    Primary Region
    Los Angeles, CA
    Secondary Region

    View Slide

  15. 17
    Standardized
    Elevation
    Leaf-and-Spine
    Network
    Out-of-Band
    Management
    Functional
    Roles
    Pods
    VMware Validated Design for SDDC

    View Slide

  16. Two Pod – Distributed Management and Workload
    VMware Validated Design for SDDC

    View Slide

  17. One Pod – Consolidated Management and Workload
    VMware Validated Design for SDDC
    New in Version 4.1
    § Consolidates Management, Edge, and Workload into a single pod.
    § Requires only a minimum of 4 ESXi hosts
    § All functional testing and validation of the design is done using vSAN.
    § Any supported storage may be used. Adjust the operations guidance.
    § Network Transport
    § Supports both L2 and L3 transport services.
    § Scalable and vendor-neutral network, use an L3 transport.
    § Ready for Scale
    § Expandable to a 32 ESXi host pod.
    § SDDC solutions easily scale – deployed w/ native or NSX load balancing in place.
    § Transitions to Two-Pod Distributed Management and Workload (Standard)
    § Downtime Required
    § Single Region and Single Availability Zone
    § License Flexibility for NSX (No Universal Objects)
    External
    Connection
    WAN/LAN

    View Slide

  18. High-Level Deployment Architecture Objectives
    20
    VMware Validated Design for SDDC
    Two-Pod / Standard Architecture One-Pod / Consolidated Architecture
    Minimum Hosts 8 4
    Management VMs
    420 GB vRAM,
    2TB VSAN, 6 TB NFS
    50% - 70% less
    Recoverability Dual Region Single Region (DR to cloud)
    Scale (VMs) Up to 10,000 Up to 1,500
    Churn Medium (up to 150/hr) Low (up to 50/hr)
    Availability 99% 95%
    Modularity Foundation Cloud Operations Cloud Management Foundation Cloud Operations Cloud Management
    Expansion options Additional Compute Pods (Up to 32 Hosts Each) Expand Pod to 32 Hosts or Grow to 2-Pod

    View Slide

  19. Racks
    21
    VMware Validated Design for SDDC
    42
    41
    40
    39
    38
    37
    36
    35
    34
    33
    32
    31
    30
    29
    28
    27
    26
    25
    24
    23
    22
    21
    20
    19
    18
    17
    16
    15
    14
    13
    12
    11
    10
    9
    8
    7
    6
    5
    4
    3
    2
    1
    42
    41
    40
    39
    38
    37
    36
    35
    34
    33
    32
    31
    30
    29
    28
    27
    26
    25
    24
    23
    22
    21
    20
    19
    18
    17
    16
    15
    14
    13
    12
    11
    10
    9
    8
    7
    6
    5
    4
    3
    2
    1
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    17 18 19 20 21 22 23 24 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
    25 26 27 28 29 30 31 32
    CISCO NEXUS 2248PQ
    STAT
    1 2 3 4
    ID
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    17 18 19 20 21 22 23 24 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
    25 26 27 28 29 30 31 32
    CISCO NEXUS 2248PQ
    STAT
    1 2 3 4
    ID
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    17 18 19 20 21 22 23 24 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
    25 26 27 28 29 30 31 32
    CISCO NEXUS 2248PQ
    STAT
    1 2 3 4
    ID
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    4
    3
    2
    1
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    C24 M3
    UCS
    24
    1 8 16
    Top-of-Rack Switches for
    Server Connectivity
    Uplinks to Spine or Core
    for Inter-Pod Connectivity
    Servers
    Two 40GbE Uplinks
    to Spine or Core
    One 48 x 1 GbE
    Management Switch
    Two 48 x 10 GbE
    Top-of-Rack Switches
    Compatible or Certified
    Configurations
    Management Switch for
    Out-of-Band Connectivity
    Two Power
    Feeds
    Redundant Power

    View Slide

  20. Servers
    22
    Management Pod – Example
    1 2 3 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
    SD
    § SD/USB or SATADOM
    Recommended
    § Remote Syslog
    Boot
    § On Compatibility Guide
    § Rackmount
    Single or Multi-Node
    § Blade
    Form Factor
    § 2 x Sockets min.
    § Intel XD or AMD NX Set
    § High-Performance in BIOS
    § 192GB RAM min.
    Compute
    § 2 x 10 GbE to
    Top-of-Rack Leaf Switches
    § Jumbo Frames
    § 1x 1 GbE BMC to
    Out-of-Band Switch
    Network
    Host
    § vSAN Hybrid or All-Flash
    1 x Disk Groups min
    § Flash Device for Cache Tier
    1 x 200GB Flash Device min.
    § SAS for Capacity Tier
    2 x 1TB SAS min.
    § Or Any Supported Storage
    Storage
    SATA DOM CPU MEMORY NIC IPMI
    Any Supported
    vSAN

    View Slide

  21. Servers
    23
    Shared Edge/Compute and Compute Only Pod(s) – Example
    SD
    § SD/USB or SATADOM
    Recommended
    § Remote Syslog
    Boot
    § 2 x Sockets min.
    § Intel XD or AMD NX Set
    § High-Performance in BIOS
    § 128GB RAM min.
    Compute
    Host
    § vSAN Hybrid or All-Flash
    n Disk Groups
    § SSD for Caching Tier
    § Flash Device for
    Capacity Tier
    § Or Any Supported Storage
    Storage
    SATA DOM CPU MEMORY NIC IPMI
    § On Compatibility Guide
    § Rackmount
    Single or Multi-Node
    § Blade
    Form Factor
    Any Supported
    vSAN
    § 2 x 10 GbE to
    Top-of-Rack Leaf Switches
    § Jumbo Frames
    § 1x 1 GbE IPMI to
    Out-of-Band Switch
    Network
    1 2 3 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
    Using vSAN? Visit vsanreadynode.vmware.com

    View Slide

  22. Network Transport Services
    § The VMware Validated Designs supports both L2 and L3 transport services.
    § For a scalable and vendor-neutral data center network, use an L3 transport.
    § When deciding to use L2 or L3, consider the following:
    § The NSX ECMP Edge devices establish L3 routing adjacency with the first upstream L3 device
    to provide equal cost routing for management and workload virtual machine traffic.
    § The investment you have today in your current physical network infrastructure.
    § All design documentation is provided for an L3 transport. You must appropriately adjust
    the design deployment and day-two operations guidance under the context of an L2 transport.
    Minimal Design Requirements
    § One 10 GbE port on each ToR for host uplinks.
    § Host uplinks are not configured in an ether-channel (LAG/vPC)
    § Layer 3 device that supports BGP
    § IGMP support required by vSAN and NSX Hybrid Mode
    24
    VMware Validated Design for SDDC

    View Slide

  23. Example: L3 Leaf-and-Spine Topology
    25
    VMware Validated Design for SDDC

    View Slide

  24. Example: L3 Leaf-and-Spine Topology ToRs
    26
    VMware Validated Design for SDDC

    View Slide

  25. Example: L3 Leaf-and-Spine Topology Subnet Guidelines
    § Use /24 subnets to reduce confusion and mistakes when working with IPv4 subnets.
    § Use .1 as the (floating) interface with .2 and .3 for Virtual Router Redundancy Protocol (VRPP) or Hot Standby Routing Protocol (HSRP).
    § Use the RFC1918 IPv4 address space for these subnets and allocate one octet by region and another octet by function.
    For example, the mapping 172.regionid.function.0/24 results in the following sample subnets
    27
    VMware Validated Design for SDDC
    Pod Function Sample VLAN Sample IP range
    Management Management 1611 (Native) 172.16.11.0/24
    Management vMotion 1612 172.16.12.0/24
    Management VXLAN 1614 172.16.14.0/24
    Management VSAN 1613 172.16.13.0/24
    Shared Edge and Compute Management 1631 (Native) 172.16.31.0/24
    Shared Edge and Compute vMotion 1632 172.16.32.0/24
    Shared Edge and Compute VXLAN 1634 172.16.34.0/24
    Shared Edge and Compute VSAN 1633 172.16.33.0/24
    Note: The above ranges are meant as samples. Your actual implementation depends on your environment

    View Slide

  26. Example: L3 Leaf-and-Spine Topology
    28
    VMware Validated Design for SDDC
    Design for Workload Requirements
    Compute Only Pods and Clusters May Span Racks
    Management and Shared Edge/Compute Pods and Clusters
    May Span Racks if L2 Network Transport is Used. Peer with Upstream L3.
    Homogenous Nodes within the Pod
    May Be Heterogeneous Pod to Pod

    View Slide

  27. vSphere Clusters
    29
    VMware Validated Design for SDDC
    ESXi ESXi ESXi ESXi
    Management Distributed Switch
    Universal Management Transport Zone in Hybrid Mode
    Any Supported Storage
    plus NFS
    VTEP VTEP VTEP VTEP VTEP VTEP VTEP VTEP
    ESXi ESXi ESXi ESXi
    Compute Distributed Switch
    Any Supported Storage
    VTEP VTEP VTEP VTEP VTEP VTEP VTEP VTEP
    ESXi ESXi ESXi ESXi
    Compute n Distributed Switch
    Any Supported Storage
    VTEP VTEP VTEP VTEP VTEP VTEP VTEP VTEP
    Universal Compute Transport Zone in Hybrid Mode
    plus NFS
    Management Cluster
    Minimum 4 Nodes | vSphere HA and DRS Enabled
    vSAN Ready Nodes Recommended
    Shared Edge and Compute Cluster
    Business Workload Requirements | Minimum 4 Nodes
    vSphere HA and DRS Enabled | Edge Resource Pool and Anti-Affinity Rules
    Compute Cluster n
    Business Workload Requirements | Minimum 4 Nodes
    vSAN Ready Nodes Recommended
    Management Stack
    Managed by Management Stack vCenter Server
    Compute Stack
    Managed by Compute Stack vCenter Server
    Management Pod Shared Edge and Compute Pod Compute Pod n
    plus NFS

    View Slide

  28. Distributed Switches
    30
    VMware Validated Design for SDDC

    View Slide

  29. Storage
    31
    VMware Validated Design for SDDC
    Primary Storage
    VMware vSAN is Recommended
    for Management Pod
    Any Supported Storage
    for Shared Edge and Compute Pod
    Any Supported Storage
    for Compute Only Pod(s)
    Secondary Storage
    NFS for Backups
    NFS for Log Archives
    NFS for Content Library and Templates

    View Slide

  30. vSAN Optional for Management Pod Primary Storage
    § Previous releases required vSAN as primary storage in the
    management pod. This requirement has been relaxed in
    the 4.1 release.
    § All functional testing and validation of the design is done using
    vSAN.
    § Although the VMware Validated Designs highly recommend the use
    of vSAN, in particular for the management pods, any supported
    storage solution may be used.
    § If a storage solution other than vSAN is selected:
    § You must appropriately adjust the design deployment and day-two
    operations guidance under the context of vSAN.
    § The storage design must match or exceed the capacity and
    performance capabilities of the vSAN configuration in the design.
    VMware Validated Design for SDDC
    0%
    50%
    100%
    25%
    75%
    0%
    50%
    100%
    25%
    75%
    vSAN
    Datastore
    Non-vSAN
    Datastore

    View Slide

  31. NFS Secondary Storage
    33
    VMware Validated Design for SDDC
    Volume 1 Volume 2
    NFS Storage Array
    Region A
    Export for Backups
    Export for
    Content Library
    and Templates
    Export for
    Log Archives
    Volume 1 Volume 2
    NFS Storage Array
    Region B
    Export for Backups
    Export for
    Content Library
    and Templates
    Export for
    Log Archives

    View Slide

  32. vCenter Server and Platform Services
    34
    VMware Validated Design for SDDC

    View Slide

  33. Two-Layer Certificate Authority + Certificate Replacement
    CertGenVVD tool saves you time when creating
    signed certificates. See VMware Knowledge
    Base article 2146215.
    Certificate Mode
    § VMCA Hybrid Mode
    § All user-facing certificates are signed by a certificate
    authority (CA).
    § All virtual infrastructure management components use
    TLS/SSL certificates that are signed by the VMware
    Certificate Authority (VMCA).
    § Supports a Two-Layer CA environment.
    Certificate Replacement
    § If the CA-signed certificates expire after you deploy
    the SDDC, you must replace them individually on
    each affected component.
    § Provides guidance for replacing all CA-signed
    certificates that are expiring. *
    VMware Validated Design for SDDC

    View Slide

  34. NSX
    36
    VMware Validated Design for SDDC

    View Slide

  35. Distributed Logical Networking
    37
    VMware Validated Design for SDDC
    Universal Distributed Logical Router
    UDLR
    CTRL
    ECMP
    ESG
    ECMP
    ESG
    ECMP
    ESG
    ECMP
    ESG
    LEAF LEAF LEAF LEAF
    BGP BGP BGP BGP
    Universal Transit Logical Switch
    VC PSC NSXM NSXC VC PSC NSXM
    SPINE
    SPINE
    Region A Region B
    Virtual Networks

    View Slide

  36. 38

    View Slide

  37. Cloud Operations
    39
    VMware Validated Design for SDDC // vRealize Operations

    View Slide

  38. vRealize Log Insight Cluster
    vRealize Log Insight
    User Interface
    vRealize Log Insight Clients
    vRealize
    Operations
    Ingestion API Syslog
    Master Worker n
    Worker
    Content Packs
    + 3rd Party
    ... Log Archive
    NFS Export
    Cloud Operations
    40
    VMware Validated Design for SDDC // vRealize Log Insight
    NSX

    View Slide

  39. Cloud Operations
    41
    VMware Validated Design for SDDC // vRealize Log Insight

    View Slide

  40. Distributed Deployment with NSX
    42
    VMware Validated Design for SDDC
    VMware Validated Design for SDDC // Cloud Operations

    View Slide

  41. 43

    View Slide

  42. 44

    View Slide

  43. Management Packs and Content Packs
    VMware Validated Design for SDDC
    Now Included by default with product deployment.
    § Management Pack for vCenter Server
    § Management Pack for vRealize Log Insight
    § Management Pack for vSAN (New in v6.6)
    § Management Pack for vRealize Automation (New in v6.6)
    § Management Pack for vRealize Business for Cloud (New in v6.6)
    Installed post-deployment.
    § Management Pack for NSX for vSphere
    § Management Pack for Storage Devices
    Now Included by default with product deployment.
    § General
    § Content Pack for vSphere
    § Content Pack for vSAN (New in v4.5)
    § Content Pack for vRealize Operations
    Installed post-deployment.
    § Content Pack for NSX for vSphere
    § Content Pack for vRealize Automation 7
    § Content Pack for vRealize Orchestrator 7.0.1+
    § Content Pack for Linux (Added to the Architecture)
    § Content Pack for Microsoft SQL Server
    vRealize Operations 6.6.1
    Management Packs
    vRealize Log Insight 4.5
    Content Packs

    View Slide

  44. Region A
    vRealize Automation vRealize Business
    BUC
    BUS
    vRO
    vRA IWS IMS DEM IAS SQL
    vRA IWS IMS DEM IAS
    Region B
    IAS
    Cloud Management Platform Components
    46
    VMware Validated Design for SDDC
    BUS vRealize Business Appliance
    BUC vRealize Business Data Collector
    SQL Microsoft SQL Server Database
    VRA vRealize Automation Appliance
    IWS vRealize Automation IaaS Web Server
    IMS vRealize Automation IaaS Manager Service
    IAS vRealize Automation IaaS vSphere Proxy Agent
    DEM vRealize Automation Distributed Execution Manager
    BUC
    IAS
    vRealize Automation
    and Business

    View Slide

  45. Distributed Deployment with NSX
    47
    VMware Validated Design for SDDC
    VMware Validated Design for SDDC // Cloud Operations

    View Slide

  46. Cloud Management Layer – vRealize Automation
    VMware Validated Design for SDDC
    § Core Services
    § vPostgres (A)
    § vIDM
    § Core Services
    § vPostgres (P)
    § vIDM
    § IaaS Web
    Services
    § IaaS Web
    Services
    § IaaS Manager
    Services
    § IaaS Manager
    Services
    § Distributed
    Execution
    Manager
    § Distributed
    Execution
    Manager

    View Slide

  47. Cloud Management Layer – vRealize Automation
    VMware Validated Design for SDDC
    User Traffic
    Network Traffic

    View Slide

  48. Cloud Management Layer – vRealize Automation
    VMware Validated Design for SDDC
    User Traffic
    Network Traffic
    Pool ID vra-iaas-mgr-443
    DNS CNAME vra01ims01.rainpole.local
    Virtual Server (VIP) 192.168.11.59
    Algorithm Round-Robin
    Session
    Persistence
    None
    Health /VMPSProvision = ProvisionService
    Pool ID vra-iaas-web-443
    DNS CNAME vra01iws01.rainpole.local
    Virtual Server (VIP) 192.168.11.56
    Algorithm Round-Robin
    Session
    Persistence
    Source IP – 1800 Seconds Expiration
    Health /wapi/api/status/web = REGISTERED
    Pool ID vra-svr-443 vra-svr-8443 vra-vro-8283
    DNS CNAME vra01svr01.rainpole.local vra01svr01.rainpole.local vra01svr01.rainpole.local
    Virtual Server (VIP) 192.168.11.53 192.168.11.53 192.168.11.53
    Algorithm Round-Robin Round-Robin Round-Robin
    Session
    Persistence
    Source IP – 1800 Seconds Expiration Source IP – 1800 Seconds Expiration Source IP – 1800 Seconds Expiration
    Health /vcac/services/api/health = 204 /vcac/services/api/health = 204 /vco-controlcenter/docs

    View Slide

  49. Site Recovery Manager Logical Architecture
    VMware Validated Design for SDDC
    Region A
    Recovery Plans
    Protection Groups
    Networks, Folders, Resources, Storage
    Policies and Placeholder Datastores
    Site Recovery
    Manager
    vCenter
    Server
    Region B
    Recovery Plans
    Protection Groups
    Networks, Folders, Resources, Storage
    Policies and Placeholder Datastores
    vCenter
    Server
    Site Recovery
    Manager
    One or more
    Protection Groups
    Site Pairing
    Mapping
    Groups of VMs
    Recovered Together

    View Slide

  50. Disaster Recovery of SDDC Solutions
    52
    VMware Validated Design for SDDC
    Region A Non-Replicated
    vRealize Log Insight
    Region A Infrastructure Management
    vSphere
    NSX
    Site Recovery Manager
    vSphere Data Protection or VADP-Based Solution
    Region A Replicated
    vRealize Operations
    vRealize Automation
    vRealize Business
    SRM
    (using vSphere Replication)
    Region B Infrastructure Management
    vSphere
    NSX
    Site Recovery Manager
    vSphere Data Protection or VADP-Based Solution
    Region B Non-Replicated
    vRealize Log Insight
    Region B Replicated
    vRealize Operations
    vRealize Automation
    vRealize Business
    SRM (using vSphere Replication)

    View Slide

  51. Disaster Recovery of SDDC Solutions
    53
    VMware Validated Design for SDDC
    Focused on Disaster Recovery of SDDC Solutions.
    Deployment Can Be Extended to Workloads

    View Slide

  52. Replication
    vRealize Operations
    § vrops01svr01a
    § vrops01svr01b
    § vrops01svr01c…
    vRealize Automation + vRealize Business
    § vra01svr01a, vra01svr01b
    § vra01iws01a, vra01iws01b
    § vra01ims01a, vra01ims01b
    § vra01dem01a, vra01dem01b
    § vra01mssql01
    § vrb01svr01
    54
    VMware Validated Design for SDDC
    vSphere Replication from Primary to Secondary Region

    View Slide

  53. Protection Groups
    Group of VMs that will be protected together.
    vRealize Operations (vROPS-PG)
    § vrops01svr01a
    § vrops01svr01b
    § vrops01svr01c…
    vRealize Automation (vRA-vRO-PG)
    § vra01svr01a, vra01svr01b
    § vra01iws01a, vra01iws01b
    § vra01ims01a, vra01ims01b
    § vra01dem01a, vra01dem01b
    § vra01bus01
    § vra01mssql01
    55
    VMware Validated Design for SDDC

    View Slide

  54. Recovery Plans
    56
    VMware Validated Design for SDDC
    Group of VMs that will be recovered together.
    vRealize Operations (vROPS-RP)
    § vrops01svr01a
    § vrops01svr01b
    § vrops01svr01c…
    vRealize Automation (vRA-vRO-RP)
    § vra01svr01a, vra01svr01b
    § vra01iws01a, vra01iws01b
    § vra01ims01a, vra01ims01b
    § vra01dem01a, vra01dem01b
    § vra01bus01
    § vra01mssql01

    View Slide

  55. Use Cases – Focus on What Runs in the SDDC
    VMware Validated Designs
    Remote Office /
    Branch Office
    Micro-Segmentation IT Automating IT
    Cloud Native
    Applications
    Compliance
    Capable Solutions
    Virtual Desktop /
    Digital Workspace
    Intelligent
    Operations
    Business Critical
    Applications

    View Slide

  56. IT Automating IT Scenario
    58
    VMware Validated Design for SDDC
    Tenants
    § Create New Tenants for Business Use
    § Default Tenant for System Administration
    Business Groups
    § Use Business Groups for Separate Business Functions
    e.g. Production and Development
    Fabric Groups
    § Single Fabric Group per Region

    View Slide

  57. Remote Office Branch Office (ROBO)
    Extending the VMware Validated Design for SDDC
    ROBO
    ROBO
    ROBO
    ROBO ROBO
    ROBO
    ROBO
    ROBO
    ROBO ROBO
    HUB
    § Built on top of a single or dual region VMware Validated
    Design for Software-Defined Data Center configuration.
    § Connect up to 10 smaller remote sites to the VMware
    Validated Design for SDDC. 1,000 workloads across
    ROBO sites.
    § 100 VM/hr Churn. 95% Availability
    § Each remote site locally manages core functions like
    virtual machine configuration, compute, and networking.
    § The larger regional data centers that make up the
    standard implementation provide centralization of certain
    monitoring and provisioning services.

    View Slide

  58. Remote Office Branch Office (ROBO)
    § Each ROBO uses a Consolidated Pod for Management and Workloads
    § Minimum of 4 ESXi Hosts
    § All functional testing and validation of the design is done using vSAN.
    § Secondary Storage Optional
    § Although vSAN is highly recommend, any supported storage may be used.
    § Two Deployment Models
    § Centralized
    § Decentralized
    § No Day-Two Operations Guidance (yet.)
    Extending the VMware Validated Design for SDDC
    LAN
    External
    Connection
    WAN/LAN

    View Slide

  59. Remote Office Branch Office (ROBO)
    Extending the VMware Validated Design for SDDC
    CENTRALIZED MANAGEMENT
    Pros Cons
    Simplified
    management.
    Larger fault domain.
    Centralized patching
    and upgrading
    operations.
    Patching and upgrading involves coordination
    management stack downtime in all locations.
    Smaller management
    stack.
    Patching and upgrading is a higher risk operation due
    to the large fault domain.
    Rapid deployment with
    reduced complexity.
    § WAN outage leaves the ESXi host disconnected;
    however, basic workload operations may be
    managed locally by Host Client or API/CLI.
    § No provisioning via vCenter or vRealize Automation
    § NSX management changes are not possible;
    however, the data plane continues to function.
    No local disaster recovery.
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ROBO SITE x
    Compute vCenter Server
    NSX
    Manager
    Management vCenter Server
    vRealize
    Operations
    Analytics Cluster
    CENTRAL SITE
    vRealize
    Log Insight Cluster
    vRealize
    Automation
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ROBO SITE 1

    View Slide

  60. Remote Office Branch Office (ROBO)
    Extending the VMware Validated Design for SDDC
    DECENTRALIZED MANAGEMENT
    Pros Cons
    WAN outage have no impact local
    management or backup operations.
    No centralized vSphere and NSX
    management.
    Smaller fault domain reduces risk
    during patching and upgrades.
    Larger management stack.
    Log data is available locally for
    troubleshooting.
    Increased management stack licensing
    cost.
    Uses central provisioning
    processes.
    Additional management components to
    patch and upgrade.
    Log data is forwarded to the a
    centralized instance.
    More complex deployment and
    operations.
    Monitoring and alerting uses a
    centralized instance; however, data
    collection continues during a WAN
    outage.
    Local disaster recovery may be
    added.
    Compute
    vCenter
    Server
    vRealize
    Operations
    Analytics Cluster
    CENTRAL SITE
    vRealize
    Automation
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ROBO SITE 1
    vRealize
    Operations
    Remote Collector
    vRealize
    Log Insight
    Cluster
    NSX
    Manager
    NSX
    Manager
    ROBO
    vCenter
    Server
    vRA
    Proxy
    vRealize
    Log Insight
    Cluster
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ESXi
    Host
    ROBO SITE x
    vRealize
    Operations
    Remote Collectors
    NSX
    Manager
    ROBO
    vCenter
    Server
    vRA
    Proxy
    vRealize
    Log Insight
    Cluster

    View Slide

  61. Documentation
    VMware Validated Design for SDDC

    Release Notes
    Architecture Details
    Architecture Diagrams
    Planning and Preparation Guides
    Step-by-Step Deployment Guides
    Operations Guides
    § Monitoring and Alerting
    § Business Continuity
    § Disaster Recovery
    § Plus more Operations Add-ons
    Download the Docs Today
    vmware.com/go/vvd-docs
    VMware Validated Design 4.1 Documentation Center

    View Slide

  62. Sizing Tool on VMware Code
    Provide qualified partners a
    sizing tool for deployments
    adhering to the VMware
    Validated Design for SDDC.
    Online web based tool which
    integrates with VMware
    Compatibility Guide to pull
    certified vSAN ReadyNode
    details.
    vmware.com/go/vvd-sizing
    VMware Validated Design for SDDC

    View Slide

  63. 65
    Download the Poster Today
    vmware.com/go/vvd-sddc-poster

    View Slide

  64. © 2017 VMware Inc. All rights reserved. | Slide 66
    Access the Documentation
    vmware.com/go/vvd-docs
    Get Started
    VMware Validated Design for SDDC
    Professional Services
    vmware.com/go/services
    Certified Partner Architectures
    vmware.com/go/vvd-cpa

    View Slide

  65. Thank You.

    View Slide