The virtual infrastructure layer of the Consolidated SDDC contains the components that provide compute, networking, and storage resources to the management and tenant workloads.

vCenter Server Design

Table 1. vCenter Server Design Details in Consolidated SDDC
Design Area Description
vCenter Server instances You deploy a single vCenter Server instance that supports both the SDDC management components, and the tenant workloads and connecting edge components.
Clusters You place hosts and workloads in a consolidated cluster. The cluster contains the management virtual machines, NSX controllers and edges, and tenant workloads.
Resource pools for management components, tenant workloads and dedicated NSX components On the consolidated cluster, you use resource pools to distribute compute and storage resources between the management components, and the tenant workloads and NSX components carrying their traffic.

The Consolidated SDDC uses resource pools for the following components:

  • Management virtual machines
  • NSX Edge devices for the management components
  • NSX Edge devices for the tenant workloads
  • Tenant workloads
Deployment model

This VMware Validated Design uses a vCenter Server instance and a connected external Platform Services Controller instance .

Management host provisioning You use a host profile to apply the networking and authentication configuration on the ESXi hosts in the consolidated cluster.
Figure 1. Layout of Consolidated Cluster in Consolidated SDDC

Dynamic Routing and Application Virtual Networks

This VMware Validated Design supports dynamic routing for both management and tenant workloads, and also introduces a model of isolated application networks for the management components.

Dynamic routing support includes the following nodes:

  • Pair of NSX Edge service gateways (ESGs) with ECMP enabled for north/south routing across all regions.
  • Universal distributed logical router (UDLR) for east/west routing between applications and to a potential second region.

Application virtual networks provide support for limited access to the nodes of the applications through published access points. Three application virtual networks exist:

  • Cross-region application virtual network that connects the components that are designed to fail over to a recovery region if the SDDC is scaled out to a dual-region configuration.
  • Region-specific application virtual network in Region A for components that are not designed to fail over.
Figure 2. Virtual Application Network Components and Design in Consolidated SDDC

Distributed Firewall

This VMware Validated Design uses the distributed firewall functionality that is available in NSX to protect all management applications attached to application virtual networks.

Software-Defined Storage Design for Management Products

Workloads store their data on a vSAN datastore. The vSAN datastore spans all 4 ESXi hosts of the consolidated cluster. Each host adds one disk group to the datastore.

Applications store their data according to the default storage policy for vSAN.

Figure 3. vSAN Conceptual Design in Consolidated SDDC

vRealize Log Insight uses NFS exports as secondary storage.