These are just some questions I asked related to the product during sessions and I will
Why use more than one workload domain?
- Horizon view (VDI)
- Separate customer environment
Are network shared by default between workload domains?
- No, individual VSAN, VXLAN networks created.
Can you setup network with universal logical router between workload domains?
When you enable vROPS and or VRLI, does it create a new instance for each workload domain?
- No, add-on applications like vROPS/VRLI is shared between all workload domains.
When login can see all the vcenters and hosts.
During initial configuration of Cloud Foundation environment through VIA (evo-rack imaging appliance), how is naming resolution taken care of?
- DNS/naming resolution is handled by vrack management appliance.
- Cloud Foundation uses own naming convention (can be changed)
- ESXi hosts connected through IP address to vCenter server in each domain workload.
vSAN ready nodes
- 8 minimum
- Technically can be 6, but 8 provides the necessary recommended redundancy for VSAN.
- 4 nodes for Cloud Foundation management cluster and other 4 for first VI (virtual infrastructure)
What if problem occurs during the installation process?
- Process will stop, logs can be reviewed, changes can be made to installation scritps and process re-run.
- Can also install/reinstall to individual ESXi host
What are the resource selection options when creating a workload domain?
- Only per physical hosts (4 min)
- Workload domains cannot be shared by for instance a resource pool
Is tags/ storage profiles supported?
Yes but it is not available natively within SDDC manager. Storage profiles would have be create in vCenter server within each workload domain.
Are all vCenter Servers from each workload domain configured with advanced linked mode?
How are PSCs configured?
- 2 x PSCs
- First PSC assigned management
- Second PSC assigned to first VI (virtual infrastructure) workload domain.
- Each additional workoad domain will round robin between the 2 PSCs.
- Uses default vsphere.local domain name.
- SDDC manager is connected to PSC.
ESXi host profiles used when deployed?
- Not sure and will update when I have any answer.
Can you attached other storage devices?
- Can setup NFS datastores through vCenter server.
After deployment, how do you retrieve your application addresses so can login to for instance your vCenter Server, NSX Manager etc?
- Management info tab provide in SDDC manager which shows all management software components and provides hotlinks to each!
- Not sure and will update when i have any answer.
How are passwords handled?
- Cloud foundation will provide an application that will reset all the passwords which includes all hardware and software components.
- It will also create a master password which is only available to customer.
Support max up to 8 racks!(192 servers)
- When you add a new rack some redundant spine switch are added to interconnect racks.
- Min 4 hosts management
- Min 4 host infrastructure
Here are some information on the physical requirements for Cloud foundation:
- Redundant power
- 8 to 24 VSAN ready nodes
- Management switch
- 48 x 1GB
- Redundant Top-of-Rack switches
- 48 x10GB
- 4 x 40GB (2 to each switch)
- Redundant Spine switches (only require if more than 1 rack)
- Multi rack config
- 32 x 40Gbps
- Automated installation and configuration of physical networking.
- Integrates with existing data center network infrastructure
- Uplink fully compatible to existing switches (Cisco, juniper)
- vMotion shared across all workload domains
- VXLAN shared across all workload domains
- Different VLANS for each network
Different VLANs created for each workload domain:
- Non-routable management VLAN
- Public management
- Corporate external
Switch count for 1 rack?
- 1 x management switch
- 2 x top-of-rack switches
Switch count for 2 racks?
- 1 x management switch
- 2 x top-of-rack switches
- 2 x spine switches
VMware will also be providing a wire map for implementations.
What is a workload domain?
- A Workload domain consists of ESXi, vCenter, VSAN and NSX
- SDDC Manager is used to create a workload domain which is wizard driven with automated host selection
- There are current 2 different workload domains which can be deployed:
- vDI workload domain
- VI workload domain (Virtual Infrastructure or can call it IAAS)
- Requires about 45 minutes to deploy which is crazy if you think about it since I installs ESXi on each host, install and configure networks, physical ports, vCenter Server, VSAN and NSX and have it ready to just deploy your VMs.
- You can deploy as many workload domains as required.
- Seamless expansion with additional hosts
- Policy based control:
- Capacity, performance, availability (networking, security)
- Automated deletion and reclamation of capacity
- Workload domain can be expanded, deleted as well as patched/updated through lifecycle management.
VIA (evo-rack imaging appliance)
- VIA was pretty awesome to see! I do hope in the future that this product will be integrated into SDDC manager so you don’t have to switch between the two.
VIA provides a UI from where all the necessary information is entered to setup the initial environment. It will install the ESXi hosts, vCenter Server, VSAN and NSX software as well as all the necessary networks.
High level steps to bring up SDDC:
- Physical deployment
- Fully assembled rack arrived at customer
- Power and networking connect per site survey
- Power-on validation
- SDDC manager and HMS brought up
- System check against known good inventory
- DOA, other discrepancies identified
- Customer info input (Collected during site survey) (json input)
- DC parameters, DNS, AD, NTP etc
- IP address for vMotoin, VSAN, VXLAN
- Management cluster
- SDDC manager
- SDDC stack brought up
- VSAN datastore created
- Vrealize products configured
- Management packs installed and configured
- HA for management cluster configured
- SDDC ready to use
- Workload domains created
- VM brought up
VMware announced yesterday the upcoming release of VMware Cloud Foundations which is its first SDDC solution and provides a natively-integrated infrastructure stack.
I was one of the lucky ones to get invited and attend VMware’s first ever bootcamp session on VMware Cloud Foundations and it did not disappoint. We got some first hand knowledge of the product and its offerings and here is what I learned.
To start off with what exactly is Cloud Foundations.
- Its a software defined solution which integrates vSphere, VSAN and NSX into a single platform.
- It provides a common foundation across clouds with flexible deployment options and primary focus is on simplifying deployment and operations.
- Cloud foundation can run in private and public cloud.
Both private and public cloud faces a problem of availability with being able to move data across private and public cloud. This is where Cloud Foundations can build a common base and with the use of NSX can create a universal transport zone which provides the connectivity necessary to move your workload between sites.
Two different deployments:
- Customer self-deployment onsite
- Factory pre-loaded
- Ready systems:
- Qualified VSAN ready nodes – DELL, QCT, HP
- Qualified networking – Cisco 9k, Arista 7500 (Northbound L2,L3)
- Integrated systems:
- Cloud service provider
- IBM SoftLayer (Q3 2016 GA)
- Vmware vCloud air Network (vCAN)
- Vmware vCloud air
In my next couple of posts I will provide a bit more detail on the Cloud Foundation private cloud components and installation. These posts will only cover my notes from the bootcamp session so apologies for any mistakes and do let me know if you find any. I will also update the posts in future when more information is available.
With the first keynote completed by Pat Gelsinger, VMware gave a tech preview of there new SAAS offering which provides visibility vSphere and non-vSphere private and public clouds. The non-vSphere public clouds being the most interesting here since they will support IBM, Amazon, Google and Azure. This is huge since customers want choice and this provides the opportunity for hybrid cloud solutions.
This new service will provide a single pane of glass to manage all private and public clouds with additional ability to migrate workloads between VMware Cloud foundation and external cloud service providers. It also provides the following functionality:
- Usage and costs
On my way to Las Vegas for a week stay at Mandalay Bay to attend VMworld 2016 and if you out there don’t miss our Sovereign Systems / Sovlabs booth #458 at Solutions Exchange.
Some other booths that are on my list to visit with interesting emerging technologies:
Coming October Microsoft will be changing the way it delivers patches to many of their OS’s and only time will tell how successful this will be but in my opinion this is an overdue change and a good thing.
I was a MS engineers in a my previous life and I know how tedious it can be to manage all the individual patches released with testing and verification, and this gets even more complicated when you have different OS’s. Sometimes hated those Tuesdays 🙂
Microsoft will be releasing a monthly rollup which includes security and reliability issues. How does this impact you?
There is a great MS blog which explains this in detail which I have provided below:
With the new version of vRealize Business 7.1 released on 23 August they finally made it possible to install vRB standalone without using vRealize Automation which is great, however you still need to connect vRB to a VMware Identity Manager to authenticate. Below are the steps to follow to configure both vRB and vIDM.
- DNS A record for vIDM server (unable to create the database in configuration wizard if using IP Address in browser)
- DNS A record for vRB.
- Deploy both vIDM and vRB appliances. Not going to go into details here since this is pretty straight forward.
- After deployment is completed and appliance is up and running.
- Browse (https) to vIDM FQDN, which will give a configuration wizard
- Set password
- Set Database
- Login to vRB VAMI (https://FQDN:5480)
- Register with viDM. (admin username)
- Verify registration successful.
- Next step is to provide local admin user access to vRB
- Open a webpage to vIDM
- Login with admin/password
- Select Users and Groups
- Select VCBM_ALL
- Select Users in this group
- Click Modify users in this group
- Check box for “Additional specific Users”
- Type “admin”, press Enter
- Select Admin, Local (Admin@local Users)
- Provide domain user access to vRB.
- Open a webpage to vIDM
- Login with admin/<password>
- Select Identity & Access Management
- Select Directories
- Click “Add Directory” -> Add Active Directory over LDAP/IWA
- Select either Active Directory of LDAP or Active Director (Integrated Windows Authentication)
- (Option 1) If you select AD over LDAP:
- If you AD does not support DNS service Location then uncheck the box and specify your AD server.
- Specify Bind User details:
- In the Base DN field, enter DN from which to start account searches
- In the Bind DN field, enter the account that can search for users
- (Option 2) If you select AD Integrated Windows Authentication
- Enter domain name
- Enter Domain Admin username
- Enter Domain password
- Enter Domain authenticated Bind User UPN (email@example.com)
- Save & Next
- Select the Domains you want associated with AD connection.
- Map user attributes
- Select the groups you want to sync
- Select the users you want to sync
- Review the users and groups.
- Click Sync Directory
- Open a webpage to VRB.
- Login with Admin
- Enter serial number
- Select Administration tab
- Select Manage Private Cloud Connections -> vCenter Server
- Click Plus (+) button on right.
- Enter vCenter server information
- Select Update Reference Database
- Click Run Automatic Update if you have internet access. (If greyed out then might be on latest version or verify internet connectivity)
- Verify the following ports are open on firewall
- Port 443, which connects to https://vrb-hub.vmware.com/manualupdate/welcome#/
- Port 22, which connects to SaasFTP.digitalfuel.com