By implementing this design for the SDDC, an IT organization can automate the provisioning of common, repeatable requests for IT services and respond to business needs with agility and predictability. This SDDC design provides an IT solution with features across many areas such as operations management, cloud management, business continuity, and security and compliance.
Figure 1. Architecture Overview of the SDDC Workload Domain


Workload Domain

The workload domain forms an additional building block of the SDDC to the management domain and consists of components from the physical infrastructure, virtual infrastructure, and security and compliance layers. The virtual infrastructure layer controls the access to the underlying physical infrastructure layer, it controls and allocates resources to workloads running in the workload domain. The security and compliance layer provides role-based access controls and integration with the corporate identity provider.
Table 1. Initial Component Configuration of the Workload Domain

Component

Services

ESXi

Virtual infrastructure for running the SDDC management components. See ESXi Detailed Design for a Red Hat OpenShift Workload Domain.

vCenter Server

Central management and protection of the ESXi hosts and the management appliances running on the hosts. See vCenter Server Design for a Red Hat OpenShift Workload Domain.

NSX-T

Logical switching, dynamic routing, and load balancing for the SDDC management components. See Software-Defined Networking Design for a Red Hat OpenShift Workload Domain.

vSAN

Primary software-defined storage for all SDDC management components. See Shared Storage Design for a Red Hat OpenShift Workload Domain.

Red Hat OpenShift

Transforms vSphere to a platform for running container workloads.

See vSphere with Kubernetes Detailed Design for a Red Hat OpenShift Workload Domain.

Logical Overview

The SDDC design for Red Hat OpenShift consists of a single availability zone within a single geographic region. This design has at least one management domain and one or more workload domains. Red Hat OpenShift clusters must exist within a single availability zone.
Figure 2. SDDC Logical Design for a Red Hat OpenShift Workload Domain

Security and Compliance

This design provides role-based access control through the integration of an identity and access management solution which integrates with Microsoft Active Directory.