Design Objectives of VMware Validated Designs

According to the SDDC implementation type, a VMware Validated Design has a number of objectives to deliver prescriptive content about an SDDC that is fast to deploy and is suitable for use in production.

Table 1. Objectives of VMware Validated Design for Software-Defined Data Center
VMware Validated Design Objective	Description
Main objective	SDDC capable of automated provisioning of workloads
Scope of deployment	Greenfield and brownfield deployment of the SDDC management components
Cloud type	Private cloud
Number of regions and disaster recovery support	Dual-region SDDC that supports disaster recovery The documentation provides guidance for a deployment that supports two regions for failover in the following way: The design documentation provides guidance for an SDDC whose management components are designed to operate in the event of planned migration or disaster recovery. This part also includes design of the components that support the failover. The deployment documentation provides guidance for an SDDC that supports two regions for both management and tenant workloads. The operational guidance contains detailed instructions about performing disaster recovery and planned migration.
Maximum number of virtual machines	10,000 running virtual machines Churn rate of 150 virtual machines per hour Churn rate is related to provisioning, power cycle operations, and decommissioning of one tenant virtual machine by using a blueprint in the cloud management platform. A churn rate of 100 means that 100 tenant workloads are provisioned, pass the power cycle operations, and are deleted.
Number of workload domains in a region	Two-domain setup, with minimum 4 VMware ESXi™ hosts in a domain The validated design requires the following workload domains for SDDC deployment: Management domain. Contains the virtual machines of the management products. Virtual infrastructure workload domain Contains the tenant workloads. Contains the required services based on VMware NSX^® Data Center for vSphere^® or on VMware NSX-T™ Data Center to enable North-South routing between the SDDC and the external network, and East-West routing inside the SDDC. See Workload Domains in VMware Validated Design.
Data center virtualization	Compute virtualization Software-defined storage in the management cluster Network virtualization
Scope of guidance	Storage, compute and networking for the management cluster. Number of hosts, amount of storage and configuration. Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations. Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints. Operations on the management components of the SDDC such as monitoring and alerting, backup and restore, post-maintenance validation, disaster recovery and upgrade.
Overall availability	99% availability Planned downtime is expected for upgrades, patching, and on-going maintenance.
Authentication, authorization, and access control	Use of Microsoft Active Directory as a central user repository. Use of service accounts with minimum required authentication and Access Control List configuration. Use of basic tenant accounts.
Certificate signing	Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.
Hardening	Tenant workload traffic can be separated from the management traffic. The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.

Table 2. Objectives of VMware Validated Design for Management and Workload Consolidation
VMware Validated Design Objective	Description
Main objective	SDDC capable of automated provisioning of workloads
Scope of deployment	Greenfield deployment of the SDDC management components
Cloud type	Private cloud
Number of regions and disaster recovery support	Single-region SDDC that you can scale out to dual-region.
Maximum number of virtual machines	1,500 running virtual machines Churn rate of 50 virtual machines per hour
Number of clusters in a region	1-cluster setup, with minimum 4 ESXi hosts in the cluster The 1-cluster validated design includes a consolidated virtual infrastructure layer for management, edge and compute components.
Data center virtualization	Compute virtualization Software-defined storage in the consolidated cluster Network virtualization
Scope of guidance	Storage, compute and networking for the consolidated cluster. Number of hosts, amount of storage and configuration. Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations. Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.
Overall availability	95% availability Planned downtime is expected for upgrades, patching, and on-going maintenance.
Authentication, authorization, and access control	Use of Microsoft Active Directory as a central user repository. Use of service accounts with minimum required authentication and Access Control List configuration. Use of basic tenant accounts.
Certificate signing	Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.
Hardening	Tenant workload traffic can be separated from the management traffic. The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.

Table 3. Objectives of VMware Validated Design for Remote Office and Branch Office
VMware Validated Design Objective	Description
Main objective	SDDC capable of automated provisioning of workloads
Scope of deployment	Greenfield deployment of the SDDC management components
Cloud type	Private cloud
Maximum number of remote regions	10
Maximum number of virtual machines	100 virtual machines per remote region 1,000 running virtual machines across all remote regions Churn rate of 100 virtual machines per hour
Number of workload domains in a remote region	Single-domain, with minimum 4 hosts in the cluster The single-domain region includes a consolidated virtual infrastructure layer for management, edge and compute components.
WAN capacity	10 Mbps, latency up to 100 ms
Data center virtualization	Compute virtualization Software-defined storage in the consolidated cluster Network virtualization
Scope of guidance	Storage, compute and networking for the consolidated cluster. Number of hosts, amount of storage and configuration. Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations. Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.
Overall availability	95% availability Planned downtime is expected for upgrades, patching, and on-going maintenance.
Authentication, authorization, and access control	Use of Microsoft Active Directory as a central user repository. Use of service accounts with minimum required authentication and Access Control List configuration.
Certificate signing	Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers.
Hardening	The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.