The design objectives of VMware Validated Design for IT Automating IT provide fine-grained details about the scope, performance, hardware, and other critical factors.

Table 1. Objectives of VMware Validated Design for IT Automating IT

VMware Validated Design Objective

Description

Main objective

Common IT scenarios implemented on top of the SDDC foundation.

Scope of deployment

Most scenarios in this use case assume that you deployed the following components.

  • Virtual infrastructure layer (ESXi, vCenter Server, NSX)

  • vRealize Automation

  • Other components, as listed in the introduction to each scenario in IT Automating IT Scenarios.

Cloud type

Private cloud

Number of regions and disaster recovery support

The Scenario documentation offers different solution paths. It includes a discussion of the limitations of each approach at the beginning.

  • Single-region only

  • Dual-region deployment using distributed logical routers (DLRs)

  • Cross-region deployment using a universal distributed logical router (UDLR).

The documentation includes guidance for a deployment that can support two regions for failover.

Maximum number of virtual machines

  • 10,000 running virtual machines

  • Churn rate of 150 virtual machines per hour

Churn rate is related to provisioning, power cycle operations, and decommissioning of one tenant virtual machine by using a blueprint in the cloud management platform. A churn rate of 100 means that 100 tenant workloads are provisioned, pass the power cycle operations, and are deleted.

Number of clusters

Dual-cluster setup

The validated design requires the following clusters for SDDC deployment.

  • Management cluster. Runs the virtual machines of the management products.

  • Shared edge and compute cluster

    • Runs the tenant workloads.

    • Runs the required NSX services to enable north-south routing between the SDDC and the external network, and east-west routing inside the SDDC.

Data center virtualization

  • Compute virtualization

  • Software-defined storage in the management cluster

  • Network virtualization

Scope of guidance

The scope of guidance depends on the use case. The Scenarios documentation changes as the Validated Design adds more use cases. Some example use cases are as follows. See the Scenarios documentation for the complete current set.

  • Configuring Reservation Policies and Network Policies

  • Publishing Templates and Blueprints

  • Creating Self-Service Catalog

  • Creating Blueprints with Dynamic Resource Tiering

  • Integrating vRealize Automation with IPAM Using the Infoblox vNIOS Appliance

  • Creating Multi-Tier Applications

  • Micro-Segmentation for Multi-Tier Applications

  • Managing Virtual Machine Lease and Ownership

  • Cost Modeling and Monitoring

  • Forwarding Log Events to vRealize Log Insight

  • Monitoring Workload Health and Capacity

  • Configuring Unified Single-Machine Blueprints for Cross-Region Deployment

Overall availability

99% availability

Planned downtime is expected for upgrades, patching, and on-going maintenance.

Authentication, authorization, and access control

  • Use of Microsoft Active Directory as a central user repository.

  • Use of service accounts with minimum required authentication and Access Control List configuration.

  • Use of basic tenant accounts.

Certificate signing

Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.

Hardening

Because this design is based on the VMware Validated Design for the Software-Defined Data Center, it supports hardening options.

  • Tenant workload traffic can be separated from the management traffic.

  • The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.