The virtual infrastructure layer of the ROBO SDDC contains the components that provide compute, networking, and storage resources to the management and tenant workloads in the remote office.

vCenter Server Design

Table 1. vCenter Server Design Details in ROBO SDDC

Design Area


vCenter Server instances

You deploy a single vCenter Server that supports both the SDDC management components.


You place hosts and workloads in a consolidated cluster. The cluster contains the management virtual machines, NSX controllers and edges, and tenant workloads.

Resource pools for tenant workloads and dedicated NSX components

On the consolidated cluster, you use resource pools to distribute compute and storage resources between the management components, and the tenant workloads and NSX components carrying their traffic.

The Consolidated SDDC uses resource pools for the following components:

  • Management virtual machines

  • NSX Edge devices for the management components

  • NSX Edge devices for the tenant workloads

  • Tenant workloads

Deployment model

This VMware Validated Design uses a vCenter Server instance with an embedded Platform Services Controller instance.

Management host provisioning

You use a host profile to apply the networking and authentication configuration on the ESXi hosts in the consolidated pod.

Figure 1. Layout of vCenter Server Consolidated Cluster in ROBO SDDC

Dynamic Routing and Application Virtual Networks

This VMware Validated Design supports dynamic routing for both management and tenant workloads, and also introduces a model of isolated application networks for the management components.

Dynamic routing support includes the following nodes:

  • Pair of NSX Edge service gateways (ESGs) with ECMP enabled for north/south routing across all regions.

  • Distributed logical router (DLR) for tenant internal network.

Application virtual networks provide support for limited access to the nodes of the applications through published access points. One application virtual networks exists:

  • Application virtual network in each site for components that are not designed to fail over.

Figure 2. Virtual Application Network Components and Design in ROBO SDDC

Distributed Firewall

This VMware Validated Design uses the distributed firewall functionality that is available in NSX to protect all management applications attached to application virtual networks.

Software-Defined Storage Design for Management Products

Workloads store their data on a vSAN datastore. The vSAN datastore spans all 4 ESXi hosts of the consolidated cluster. Each host adds one disk group to the datastore.

Applications store their data according to the default storage policy for vSAN.

Figure 3. vSAN Conceptual Design in ROBO SDDC

vSphere Data Protection and vRealize Log Insight use NFS exports as secondary storage. You create one datastore for vSphere Data Protection.