Review the prerequisites before you deploy a VI workload domain.

  • If you plan to use DHCP for the NSX host overlay network, a DHCP server must be configured on the NSX host overlay VLAN for the VI workload domain. When VMware NSX creates NSX Edge tunnel endpoints (TEPs) for the VI workload domain, they are assigned IP addresses from the DHCP server.
    Note:

    If you do not plan to use DHCP, you can use a static IP pool for the NSX host overlay network. The static IP pool is created or selected as part of VI workload domain creation.

  • Change the VxRail Manager IP Address
  • Update the VxRail Manager Certificate
  • A minimum of three hosts available for the VI workload domain.
    Note: If you are using VMFS on FC as principal storage, and the VI workload domain is using vSphere Lifecycle Manager images as the update method, then only two hosts are required. Workload Management requires a vSphere cluster with a minimum of three ESXi hosts.
  • The install bundles for the versions of NSX Manager and vCenter Server that are running in the management domain must be available in SDDC Manager before you can create a VI workload domain. For example, if you have patched the versions of NSX Manager and/or vCenter Server in the management domain to a version higher than what is listed in the BOM, you must download the new install bundles. You can refer to https://knowledge.broadcom.com/external/article?legacyId=88287 for information about the install bundles required for specific async patches.
  • Decide on a name for your VI workload domain. Each VI workload domain must have a unique name. It is good practice to include the region and site information in the name because resource object names (such as host and vCenter names) are generated based on the VI workload domain name. The name can be three to 20 characters long and can contain any combination of the following:
    • Lowercase alphabetic characters
    • Numbers
    Note: Spaces are not allowed in any of the names you specify when creating a VI workload domain.
  • Decide on the following passwords:
    • vCenter Server root password
    • NSX Manager admin password
    Although the individual VMware Cloud Foundation components support different password requirements, you must set passwords following a common set of requirements across all components:
    • Minimum length: 12
    • Maximum length: 16
    • At least one lowercase letter, one uppercase letter, a number, and one of the following special characters: ! @ # $ ^ *
    • Must NOT include:
      • A dictionary word
      • A palindrome
      • More than four monotonic character sequences
      • Three of the same consecutive characters
  • Verify that you have the completed Planning and Preparation Workbook with the VI workload domain deployment option included.
  • The IP addresses and Fully Qualified Domain Names (FQDNs) for the vCenter Server and NSX Manager instances must be resolvable by DNS.
  • If you are using VMFS on FC storage for the VI workload domain, you must configure zoning, mount the associated volumes and create the datastore on the hosts.
  • To use the License Now option, you must have valid license keys for the following products:
    • VMware NSX
    • vSAN (No license required for VMFS on FC)
    • vSphere

      Because vSphere and vSAN licenses are per CPU, ensure that you have sufficient licenses for the ESXi hosts to be used for the VI workload domain. See Managing License Keys in VMware Cloud Foundation.

  • If you plan to deploy a VI workload domain that has its vSphere cluster at a remote location, you must meet the following requirements:

    • Dedicated WAN connectivity is required between central site and remote site.
    • Primary and secondary active WAN links are recommended for connectivity from the central site to the remote site. The absence of WAN links can lead to two-failure states, WAN link failure, or NSX Edge node failure, which can result in unrecoverable VMs and application failure at the remote site.
    • Minimum bandwidth of 10 Mbps and latency of 100 ms is required between the central site and remote site. The network at the remote site must be able to reach the management network at the central site. DNS and NTP server must be available locally at or reachable from the remote site.

    • See VMware Configuration Maximums for limitations related to VI workload domains at remote locations.

    • See VMware Cloud Foundation Edge Design Considerations for more information about design options for deploying scalable edge solutions.