The virtual infrastructure design comprises the software components that form the virtual infrastructure layer. This layer supports running Telco workloads and the workloads that maintain the business continuity of services. The virtual infrastructure components include the virtualization platform hypervisor, virtualization management, storage virtualization, network virtualization, and backup and disaster recovery components.
This section outlines the building blocks for the virtual infrastructure, their components, and the networking to tie all the components together.
Compute Design
It is important to limit the distance between the core site and the edge sites to ensure that the latency is below 150 ms RTT. Also, each site is treated as a remote cluster with its own storage; HCI storage with vSAN is recommended. An NSX Edge (pair) needs to be deployed at the remote site (even though the NSX Manager and Controller reside at the Core site) for connectivity to the Core site and for Internet breakout.
The network links between the core site and the edge sites should also be redundant and path-diverse without any SRLGs (Shared Risk Link Groups) between the paths at a transport layer. Also, sufficient bandwidth between each edge site and the core site should be ensured.
Storage Design
vSAN is a fully integrated hyper-converged storage software. By creating a cluster of server Hard Disk Drives (HDDs) or Solid-State Drives (SSDs), vSAN presents a flash-optimized, highly resilient, shared storage datastore to ESXi hosts and virtual machines. This allows for the control of capacity, performance, and availability through storage policies on a per VM basis. Certified third-party shared storage solutions as listed in the VMware Compatibility Guide are also supported.
Network Design
The vCloud NFV Edge platform consists of infrastructure networks and VM networks. The hosts in each cluster are configured with VDS switches that provide consistent network configuration across multiple hosts. VDS switch is used for VM networks and infrastructure networks while the N-VDS switch is used as the transport for Telco workload traffic.
The networks on the VDS (infrastructure) switch used in the edge site include:
-
ESXi Management Network: The network for the ESXi host management traffic.
-
vMotion Network: The network for the VMware vSphere® vMotion® traffic.
-
vSAN Network: The network for the vSAN shared storage traffic.
-
VM Network: The network for the management VM traffic.
Telco Edge Management Domain
The Telco Edge Management Domain is responsible for the orchestration of resources and operations of the Edge site. This includes vCenter Server Appliance that manages the virtual infrastructure resources of the Edge Region runtime environment. The design of the edge management domain component remains identical to the core data center management domain component and is not covered in this section.
Isolation of compute resources is enabled with the Resource vCenter Server for the Edge. Irrespective of the Domain deployment configuration, abstraction layers for multi-tenancy are provided by the vCloud Director deployed in the Core data center. vCenter Server provides the infrastructure for fine-grained allocation and partitioning of compute and storage resources, whereas NSX-T deployed in the Core data center provides the virtual network resources for Edge site.
Telco Edge Compute Domain
The components of the Edge Compute Domain and their functions constitute the edge compute domain. NSX Edge node and VNFs are placed in the Edge Compute Domain cluster that forms the runtime environment for the VNFs.
Telco Edge Compute Domain Networking: The networking of the Edge Compute Domain depends on the network topology that is required by the Telco workloads deployed by the tenant. The network building blocks as required by tenant workloads is identical to the network building blocks of the Core Data Center compute domain networking.
Telco Edge Site Networking: Edge sites can be connected to two separate domains. The first domain is an Internet breakout where the tunneled traffic from the user equipment is terminated and routed as IP packets to the Internet. The second domain is where the traffic continues to be tunneled to the central site (as happens today with user traffic). In both cases, the Edge site uses a physical router as the egress device to transport traffic to the Internet or to the central site.
There are multiple options for the physical router egress connectivity, such as metro Ethernet and MPLS. The technology that is used to connect Edge to the Internet or Core site does not impact this reference architecture, except for certain latency and speed requirements.