vSphere in a cloud software-defined data center like your VMware Cloud on Public Cloud SDDC works in the same way that your on-premises vSphere does. In the SDDC, some vSphere components are owned and managed by your hyperscale cloud provider, so some on-premises administrative workflows that you're familiar with have differences or aren't needed.
What's Different in the Cloud?
For information about
vSphere administration in
VMware Cloud on Public Cloud, you can refer to the
vSphere Documentation, but you'll need to keep a few high-level differences in mind when reading those topics:
- VMware Cloud on Public Cloud users don't have physical access to ESXi host hardware and cannot log in to the ESXi host operating system. Procedures that require this kind of access are performed by your hyperscale cloud provider.
- Global Permissions defined in your on-premises vCenter Server do not apply to objects that your hyperscale cloud provider manages for you, like SDDC hosts and datastores, so they aren't replicated from your on-premises to the vCenter Server in your cloud SDDC.
Topic | Highlights |
---|---|
vSphere Managed Inventory Objects | Each VMware Cloud on Public Cloud SDDC has a single data center named SDDC-Datacenter. The data center defines the namespace for networks and datastores. The names for these objects must be unique within a data center. You cannot have two datastores with the same name within a single data center. Virtual machines, templates, and clusters need not be unique within the data center, but must be unique within their folder. |
VMware Cloud on Public Cloud users don't have physical access to access ESXi host hardware and cannot log in to the ESXi host operating system. Procedures that require this kind of access are performed by your hyperscale cloud provider staff. | |
Securing vCenter Server Systems | In an on-premises SDDC, you are responsible for ensuring the security of your vCenter Server system. In VMware Cloud on Public Cloud, your hyperscale cloud provider performs most of these tasks for you. You are responsible for following security best practices, especially for the VMs in your environment, and might want to be aware of some other aspects of vCenter Server and vCenter Single Sign-On such as password and lockout policies. For more information on providing secure access to vCenter Server and firewall security, see Add or Modify Management Gateway Firewall Rules in the VMware Cloud on Public Cloud Networking and Securityguide. |
vSphere Authentication with vCenter Single Sign-On | After installation, the Cloud Administrator has restricted administrator access to both vCenter Single Sign-On and vCenter Server. That user can also add identity sources, set the default identity source, and set policies in the single sign-on domain. Certain management operations in the single sign-on domain are restricted to VMware Cloud on Public Cloud operations staff. |
vSphere Networking | Configuring networking for your cloud SDDC is very different from configuring networking for an on-premises data center. For more information on VMware Cloud on Public Cloud networking, see the VMware Cloud on Public Cloud Networking and Security guide. |