In VMware Cloud Foundation, operational day-to-day efficiencies are delivered through SDDC Manager. These efficiencies include full life cycle management tasks such as deployment, configuration, patching and upgrades.
Logical Design for SDDC Manager
You deploy an SDDC Manager appliance in the management domain for creating VI workload domains, provisioning additional virtual infrastructure, and life cycle management of the SDDC management components.
You use SDDC Manager to perform the following operations:
Commissioning or decommissioning ESXi hosts
Deployment of VI workload domains
Deployment of VMware Aria Suite Lifecycle
Deployment of NSX Edge clusters in workload domains
Adding and extending clusters in workload domains
Life cycle management of the virtual infrastructure components in all workload domains and of VMware Aria Suite Lifecycle
Storage management for vVOL VASA providers
Identity provider management
Composable infrastructure management
Creation of network pools for host configuration workload domains
Product licenses storage
Certificate management
Password management and rotation
Backup configuration
VMware Cloud Foundation Instances with a Single Availability Zone |
VMware Cloud Foundation Instances with Multiple Availability Zones |
---|---|
|
|
SDDC Manager Design Requirements and Recommendations for VMware Cloud Foundation
Consider the placement and network design requirements for SDDC Manager, and the best practices for configuring the access to install and upgrade software bundles.
SDDC Manager Design Requirements
You must meet the following design requirements for in your SDDC Manager design.
Requirement ID |
Design Requirement |
Justification |
Implication |
---|---|---|---|
VCF-SDDCMGR-REQD-CFG-001 |
Deploy an SDDC Manager system in the first availability zone of the management domain. |
SDDC Manager is required to perform VMware Cloud Foundation capabilities, such as provisioning VI workload domains, deploying solutions, patching, upgrading, and others. |
None. |
VCF-SDDCMGR-REQD-CFG-002 |
Deploy SDDC Manager with its default configuration. |
The configuration of SDDC Manager is not configurable and should not be changed from its defaults. |
None. |
VCF-SDDCMGR-REQD-CFG-003 |
Place the SDDC Manager appliance on the VM management network. |
|
None. |
SDDC Manager Design Recommendations
In your SDDC Manager design, you can apply certain best practices.
Recommendation ID |
Design Recommendation |
Justification |
Implication |
---|---|---|---|
VCF-SDDCMGR-RCMD-CFG-001 |
Connect SDDC Manager to the Internet for downloading software bundles. |
SDDC Manager must be able to download install and upgrade software bundles for deployment of VI workload domains and solutions, and for upgrade from a repository. |
The rules of your organization might not permit direct access to the Internet. In this case, you must download software bundles for SDDC Manager manually. |
VCF-SDDCMGR-RCMD-CFG-002 |
Configure a network proxy to connect SDDC Manager to the Internet. |
To protect SDDC Manager against external attacks from the Internet. |
The proxy must not use authentication because SDDC Manager does not support proxy with authentication. |
VCF-SDDCMGR-RCMD-CFG-003 |
Configure SDDC Manager with a VMware Customer Connect account with VMware Cloud Foundation entitlement to check for and download software bundles. |
Software bundles for VMware Cloud Foundation are stored in a repository that is secured with access controls. |
Requires the use of a VMware Customer Connect user account with access to VMware Cloud Foundation licensing. Sites without an internet connection can use local upload option instead. |
VCF-SDDCMGR-RCMD-CFG-004 |
Configure SDDC Manager with an external certificate authority that is responsible for providing signed certificates.
|
Provides increased security by implementing signed certificate generation and replacement across the management components. |
An external certificate authority, such as Microsoft CA, must be locally available. |