According to the SDDC implementation type, a VMware Validated Design has a number of objectives to deliver prescriptive content about an SDDC that is fast to deploy and is suitable for use in production.

Table 1. Objectives of VMware Validated Design for Software-Defined Data Center

VMware Validated Design Objective

Description

Main objective

SDDC capable of automated provisioning of workloads

Scope of deployment

Greenfield and brownfield deployment of the SDDC management components

Cloud type

Private cloud

Number of regions and disaster recovery support

Dual-region SDDC that supports disaster recovery

The documentation provides guidance for a deployment that supports two regions for failover in the following way:

  • The design documentation provides guidance for an SDDC whose management components are designed to operate in the event of planned migration or disaster recovery. This part also includes design of the components that support the failover.

  • The deployment documentation provides guidance for an SDDC that supports two regions for both management and tenant workloads.

  • The operational guidance contains detailed instructions about performing disaster recovery and planned migration.

Maximum number of virtual machines

  • 10,000 running virtual machines

  • Churn rate of 150 virtual machines per hour

Churn rate is related to provisioning, power cycle operations, and decommissioning of one tenant virtual machine by using a blueprint in the cloud management platform. A churn rate of 100 means that 100 tenant workloads are provisioned, pass the power cycle operations, and are deleted.

Number of hardware pods in a region

2-pod setup, with minimum 4 ESXi hosts in a pod

The 2-pod validated design requires the following pods for SDDC deployment:

  • Management pod. Runs the virtual machines of the management products.

  • Shared edge and compute pod

    • Runs the tenant workloads.

    • Runs the required NSX services to enable north-south routing between the SDDC and the external network, and east-west routing inside the SDDC.

Data center virtualization

  • Compute virtualization

  • Software-defined storage in the management pod

  • Network virtualization

Scope of guidance

  • Storage, compute and networking for the management pod.

  • Number of hosts, amount of storage and configuration.

  • Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations.

  • Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.

  • Operations on the management components of the SDDC such as monitoring and alerting, backup and restore, post-maintenance validation, disaster recovery and upgrade.

Overall availability

99% availability

Planned downtime is expected for upgrades, patching, and on-going maintenance.

Authentication, authorization, and access control

  • Use of Microsoft Active Directory as a central user repository.

  • Use of service accounts with minimum required authentication and Access Control List configuration.

  • Use of basic tenant accounts.

Certificate signing

Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.

Hardening

Tenant workload traffic can be separated from the management traffic.

The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.

Table 2. Objectives of VMware Validated Design for Management and Workload Consolidation

VMware Validated Design Objective

Description

Main objective

SDDC capable of automated provisioning of workloads

Scope of deployment

Greenfield deployment of the SDDC management components

Cloud type

Private cloud

Number of regions and disaster recovery support

Single-region SDDC that you can scale out to dual-region.

Maximum number of virtual machines

  • 1,500 running virtual machines

  • Churn rate of 50 virtual machines per hour

Number of hardware pods in a region

1-pod setup, with minimum 4 ESXi hosts in the pod

The 1-pod validated design includes a consolidated virtual infrastructure layer for management, edge and compute components.

Data center virtualization

  • Compute virtualization

  • Software-defined storage in the management pod

  • Network virtualization

Scope of guidance

  • Storage, compute and networking for the management pod.

  • Number of hosts, amount of storage and configuration.

  • Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations.

  • Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.

Overall availability

95% availability

Planned downtime is expected for upgrades, patching, and on-going maintenance.

Authentication, authorization, and access control

  • Use of Microsoft Active Directory as a central user repository.

  • Use of service accounts with minimum required authentication and Access Control List configuration.

  • Use of basic tenant accounts.

Certificate signing

Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.

Hardening

Tenant workload traffic can be separated from the management traffic.

The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.

Table 3. Objectives of VMware Validated Design for Remote Office and Branch Office

VMware Validated Design Objective

Description

Main objective

SDDC capable of automated provisioning of workloads

Scope of deployment

Greenfield deployment of the SDDC management components

Cloud type

Private cloud

Maximum number of remote regions

10

Maximum number of virtual machines

  • 100 virtual machines per remote region

  • 1,000 running virtual machines across all remote regions

  • Churn rate of 100 virtual machines per hour

Number of hardware pods in a remote region

1-pod, with minimum 4 hosts in the pod

The 1-pod region includes a consolidated virtual infrastructure layer for management, edge and compute components.

WAN capacity

10 Mbps, latency up to 100 ms

Data center virtualization

  • Compute virtualization

  • Software-defined storage in the management pod

  • Network virtualization

Scope of guidance

  • Storage, compute and networking for the consolidated pod.

  • Number of hosts, amount of storage and configuration.

  • Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations.

  • Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.

Overall availability

95% availability

Planned downtime is expected for upgrades, patching, and on-going maintenance.

Authentication, authorization, and access control

  • Use of Microsoft Active Directory as a central user repository.

  • Use of service accounts with minimum required authentication and Access Control List configuration.

Certificate signing

Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.

Hardening

The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.