Enhanced Linked Mode Design for a Virtual Infrastructure Workload Domain

By default, all vCenter Server instances for VI workload domains in a VMware Cloud Foundation deployment are connected in Enhanced Linked Mode (ELM). The vCenter Server instance in each VI workload domain is joined to the vCenter Single Sign-On domain of the vCenter Server instance for the management domain.

By using Enhanced Linked Mode for vCenter Server, you can log in to all vCenter Server instances across the SDDC that are joined to the same vCenter Single Sign-On domain and access their inventories. Enhanced Linked Mode replicates global permissions, licenses, policies, and tags between the linked vCenter Server instances.

Note: In VMware Cloud Foundation 4.5, the ability to join multiple VMware Cloud Foundation instances to the same vCenter Single Sign-On domain is deprecated.

Table 1. Enhanced Linked Mode for VMware Cloud Foundation
Design Component	ELM across VMware Cloud Foundation Instances	ELM within a VMware Cloud Foundation Instance	Considerations
Manageability	↑↑	↓	You join all vCenter Server instances across all VMware Cloud Foundation instances to a single vCenter Single Sign-On domain for improved manageability. You replicate global permissions, licenses, policies, and tags, and can view the inventories of all vCenter Server instances.
Scalability	↓↓	↑↑	Each VMware Cloud Foundation instance can have a separate vCenter Single Sign-On domain for improved scalability. By using this approach, you can deploy a total of 15 workload domains per VMware Cloud Foundation instance, compared to a total of 15 domains across all VMware Cloud Foundation instances if you share a single vCenter Single Sign-On domain between all VMware Cloud Foundation instances.

If manageability of virtual infrastructure is a priority for your organization, use a shared vCenter Single Sign-On domain when deploying multiple VMware Cloud Foundation instances, considering the limitation in the maximum number of workload domains. Alternatively, as a compromise between manageability and scalability requirements, you can also use a different vCenter Single Sign-On domain per VMware Cloud Foundation instance.

By default, Enhanced Linked Mode in a VMware Cloud Foundation instance is configured by using a ring topology. To enable Enhanced Linked Mode for VI workload domains across VMware Cloud Foundation instances, during bring-up you must join the management domain of the VMware Cloud Foundation instances to a shared vCenter Single Sign-On domain to form a ring topology. When you create the first VI workload domain, its vCenter Server instance is joined to the existing vSphere Single Sign-On domain and a replication partnership agreement with the management domain vCenter Server is automatically created.

As you deploy additional VI workload domains, their vCenter Server instances are also joined to the shared vCenter Single Sign-on domain. To maintain the ring topology, SDDC Manager automatically creates additional replication agreements between the management domain vCenter Server and all VI workload domain vCenter Server instances in the VMware Cloud Foundation instance.

Four VCF instances, the only manually created connection is from the management vCenter Server in the last instance to management vCenter Server in the first instance. — Figure 1. Enhanced Linked Mode for Multiple VMware Cloud Foundation Instances

Table 2. Design Decisions on Enhanced Linked Mode for a VI Workload Domain
Decision ID	Design Decision	Design Justification	Design Implication
VCF-WLD-VCS-CFG-004	Join all VI workload domains vCenter Server instances to a single vCenter Single Sign-On domain.	When all vCenter Server instances are joined to a single vCenter Single Sign-On domain, they can share authentication and license data across all components and regions.	Only one vCenter Single Sign-On domain exists. The number of linked vCenter Server instances in the same vCenter Single Sign-On domain is limited to 15. Because each VI workload domain can contain a single vCenter Server instance, one VMware Cloud Foundation instance can contain no more than 15 domains, including the management domain.
VCF-WLD-VCS-CFG-005	Create a ring topology between all the vCenter Server instances in the same VMware Cloud Foundation instance, including the management domain and all VI workload domains.	By default, one vCenter Server instance replicates only with another vCenter Server instance. This setup creates a single point of failure for replication. A ring topology ensures that each vCenter Server instance has two replication partners and removes any single point of failure.	None