The SDDC virtual infrastructure consists of two regions. Each region includes a management workload domain that contains the management cluster and a virtual infrastructure workload domain that contains the shared edge and compute cluster. Clusters in Region A can use two availability zones.
Figure 1. SDDC Logical Design for a Single Availability Zone

A two-cluster design includes two distributed switch instances. One switch is connected to the management applications in the SDDC and it also provides connection to the two NSX Manager instances in the region. The other switch is allocated to the tenant workloads and to the NSX Controller Cluster and NSX Edge devices for these workloads.
Figure 2. Logical Design for Two Availability Zones
A design that contains two availability has two distributed switch instances. Each switch spans both availability zones. One switch is connected to the management applications in the SDDC and it also provides connection to the two NSX Manager instances in the region. The other switch is allocated to the tenant workloads, and to the NSX Controller Cluster and primary and secondary NSX Edge devices for these workloads.

Management Cluster

The management cluster runs the virtual machines that manage the SDDC. These virtual machines host vCenter Server, vSphere Update Manager, NSX Manager, NSX Controllers, vRealize Operations Manager, vRealize Log Insight, vRealize Automation, Site Recovery Manager, and other management components. All management, monitoring, and infrastructure services are provisioned to a vSphere cluster which provides high availability for these critical services. Permissions on the management cluster limit access only to administrators. This limitation protects the virtual machines that are running the management, monitoring, and infrastructure services from unauthorized access.

Shared Edge and Compute Cluster

The shared edge and compute cluster runs the following components:

  • NSX services that are required for north-south routing between the SDDC tenant workloads and the external network, and east-west routing in the SDDC.

  • Tenant workloads.

As the SDDC expands, you can add more compute-only clusters to support a mix of different types of workloads for different types of SLAs.