Data Management for VMware Tanzu requires access to a vCenter Server system and one or more clusters or ESXi hosts. Each host running Data Management for VMware Tanzu must meet certain hardware and software requirements.
Refer to the Release Notes for information about the server platforms, browsers, and data services supported by this release of Data Management for VMware Tanzu.
Data Management for VMware Tanzu is supported on VMware vSphere 6.7 and later. The following table lists information about the components of vSphere required and the versions supported.
Component | Supported Versions |
---|---|
vCenter | 6.7 and later |
ESXi | 6.7 and later |
VMFS | 5 and 6 |
PostgreSQL | 10.15.0, 10.17.0 (supported in 1.0.1 and later), 11.10.0, 11.12.0 (supported in 1.0.1 and later), and 12.7.0 |
MySQL | 8.0.23 |
MinIO/AWS S3 | Not Applicable |
The type of environment in which it will run, and the volume of services that it will manage, will determine the amount of resources that are configured for a Provider VM or an Agent VM. The default configuration for the VMs follows:
VM | Environment | Memory | CPU | Storage |
---|---|---|---|---|
Provider VM | Default configuration | 16 GB | 8 vCPU | 736 GB (thin provisioning) |
Agent VM | Default configuration | 16 GB | 8 vCPU | 668 GB (thin provisioning) |
The provisioning user specifies the amount of memory and CPU resources for any Service Instance VM that they deploy. These amounts may be bounded by the Instance Configuration Mode in place for the organization to which the user belongs.
Data Management for VMware Tanzu has no specific storage requirement for its deployments. The infrastructure admininstrator can choose to configure the number and types of datastores. A DMS deployment uses the datastores available.
Data Management for VMware Tanzu requires an S3-compatible local and a cloud object storage solution (for example, AWS or MinIO).
If all of the five repositories - Provider Repo, Provider Log Repo, Provider Backup Repo, and Agent Local Storage and Cloud Storage - are on the same server, a minimum of 100GB capacity of S3-compatible local and a cloud object storage is required. The recommended size of the S3-compatible local and a cloud object storage depends on the size of data backups and retention policy.
Before you deploy Data Management for VMware Tanzu, configure and deploy S3-compatible local and a cloud object storage and create the following buckets:
These endpoints must be resolvable by the DNS server specified at the time of Provider VM deployment.
A Provider with a single Agent VM can be managed by a single vCenter domain. However, a Provider with multiple Agent VMs can be managed by a single or multiple vCenter domains.
Secure, reliable operation of Data Management for VMware Tanzu depends on a secure, reliable network that supports DHCP, a network time service, and other services. Data Management for VMware Tanzu requires a minimum of two dedicated subnets that have access to DHCP, DNS, and NTP services. Ensure that you have installed a DHCP server on a VM in the vSphere cluster. Configure the two subnets so that IP addresses are assigned by DHCP for both the Provider and Agent VMs and each provisioned database Service instance.
If you are deploying in an environment with internet connectivity, ensure that your network is able to access VMware Tanzu Network and cloudfront.net. Your environment must meet the following network requirements before you begin installing Data Management for VMware Tanzu.
VDS and N-VDS port groups that should be available to host components of Data Management for VMware Tanzu are:
Though the Control Plane network and the Application network for Service instances get their IP addresses from the DHCP server, the IP addresses for Management network and the Control Plane network for Provider and Agent VMs are static and configured manually.
You must use the NTP network time service to synchronize the clocks of all Data Management for VMware Tanzu deployed VMs.
The Provider VM requires two networks, one for UI traffic and one for management traffic:
The Management Network and the Control Plane Network are configured when you deploy the Provider VM, and cannot be changed after deployment.
An Agent VM requires:
The Control Plane Network is configured when you deploy an Agent VM, and cannot be changed after deployment.
A Service Instance VM requires:
Two networks, one for management traffic, and one for access by client applications:
Access to an external network for cloud object storage.
Each NIC in a Service Instance VM must be configured to obtain its IP address from DHCP.
The Control Plane Network and the Application Network for a specific Onboarded Cluster are configured when you onboard the Agent with Data Management for VMware Tanzu. When a user provisions a Service Instance that specifies the associated cluster Environment, the deployed instance utilizes those networks.
Data Management for VMware Tanzu expects that Service Instances that it deploys reside in their own subdomain under a corporate domain. For example: dms.myco.com
.
DMS hosts a DNS server on every Agent VM. The Agent VM acts as a DNS for all Service Instance VMs provisioned in the associated Onboarded Cluster.
You can use your existing corporate DNS server to resolve Service Instance addresses by configuring the server to forward all DNS requests in the subdomain to the Agent VM DNS server.
If there is another DNS configured in your vCenter, this DNS must have Forward Lookup Zone and Conditional forwarding set for the DB FQN Suffix so that an Agent VM handles all DNS resolution for its Service Instance VMs.
The IP address of a provisioned Service Instance VM is assigned using DHCP. Agent VM generates and creates a DNS entry for a Service Instance FQDN based on the DB FQDN Suffix specified when the Agent (cluster) was onboarded:
primary.<instance-name>.<db-fqdn-suffix>
The following diagram provides a representation of a sample network topology where:
The following ports are opened for incoming/outgoing traffic during Provider VM deployment:
Protocol | Port Number | NIC |
---|---|---|
ICMP | ||
TCP (SSH) | 22 | eth0 |
TCP (https) | 443 | eth0 |
TCP (RabbitMQ) | 443 | eth1 |
TCP (Postgres) | 5432 | eth1 |
TCP (RabbitMQ Cluster) | 4369 | eth1 |
TCP (RabbitMQ Cluster) | 25672 | eth1 |
The following ports are opened for incoming and outgoing traffic during Agent VM deployment:
Protocol | Port Number | NIC |
---|---|---|
ICMP | ||
TCP (SSH) | 22 | eth0 |
UDP (DNS) | 53 | eth0 |
TCP (DNS) | 53 | eth0 |
TCP (https) | 443 | eth0 |
The following ports are opened for incoming and outgoing traffic during Service Instance VM deployment:
Protocol | Port Number | NIC |
---|---|---|
ICMP | ||
TCP (SSH) | 22 | eth1 |
TCP (https) | 443 | eth1 |
TCP (MySQL) | 3368 | eth1 |
TCP (PostgreSQL) | 5432 | eth1 |
External Network Requirements:
Connection From | Connection To | Type | Protocol | Port Number | NIC |
---|---|---|---|---|---|
Provider VM | S3-compatible Provider storage | http/https | TCP | eth0 | |
Provider VM | VMware Tanzu Network | https | TCP | 443 | eth0 |
Provider VM | cloudfront.net | https | TCP | 443 | eth0 |
Corporate DNS | Agent VM | DNS | TCP/UDP | 53 | eth0 |
Agent VM | S3-compatible Agent storage (local) | http/https | TCP | eth0 | |
Agent VM | S3-compatible Agent storage (cloud) (external) | http/https | TCP | eth0 | |
Agent VM | vCenter | https | TCP | 443 | eth0 |
Service Instance VM | S3-compatible Agent storage | http/https | TCP | eth0 or eth1 | |
Agent Onboarding UI Client | Agent VM | https | TCP | 443 | eth0 |
Data Management for VMware Tanzu Console Client | Provider VM | https | TCP | 443 | eth0 |
End User (Terminal) | Provider VM | SSH | TCP | 22 | eth0 |
End User (Terminal) | Agent VM | SSH | TCP | 22 | eth0 |
End User (Terminal) | Service Instance VM | SSH | TCP | 22 | eth1 |
End User | Service Instance VM | https | TCP | 443 | eth1 |
Database Client | Service Instance VM | PostgreSQL | TCP | 5432 | eth1 |
Database Client | Service Instance VM | MySQL | TCP | 3368 | eth1 |
Internal Network Requirements:
Connection From | Connection To | Type | Protocol | Port Number | (From/To) NIC |
---|---|---|---|---|---|
Provider VM | Provider VM | RabbitMQ | TCP | 443 | eth1 |
Provider VM | Provider VM | PostgreSQL | TCP | 5432 | eth1 |
Provider VM | Provider VM | RabbitMQ Cluster | TCP | 4369 | eth1 |
Provider VM | Agent VM | RabbitMQ Cluster | TCP | 25672 | eth1/eth0 |
Agent VM | Service Instance VM | https | TCP | 443 | eth0/eth0 |