VMware Cloud Foundation Components Quiz

Questions and Answers

Which component is essential for restoring SDDC Manager file-based backups?

Border Gateway Protocol (BGP)

Network Time Protocol (NTP)

An external SFTP server (correct)

Dynamic Host Configuration Protocol (DHCP)

NSX backups do not inherit the SFTP backup settings of SDDC Manager.

False

What is the default frequency at which NSX Manager backs up each node of the NSX management cluster?

every hour

An external SFTP server provides better protection against failures because it decouples NSX backups from __________ backups.

SDDC Manager

Match the following components with their functions:

DNS = Translates domain names to IP addresses DHCP = Assigns IP addresses to devices on a network NTP = Synchronizes time across devices Certificate Authority = Issues digital certificates

What is the first step in restoring the SDDC Manager backups?

Use the vSphere Client to deploy a NEW SDDC Manager OVA Management Cluster

NSX Manager requires manual initiation of backups under all circumstances.

False

What is the purpose of taking a snapshot of the newly deployed SDDC Manager?

To create a restore point

Power off any failed NSX Manager appliances from the __________.

old NSX Management cluster

Which protocol is implemented for managing the backups and restores in the context provided?

SFTP

What is the role of an external SFTP server in the backup process?

It decouples backups from SDDC Manager operations.

NSX Manager does not backup the nodes of its management cluster at regular intervals.

False

What is the first step in restoring the NSX Manager from a backup?

Power off any failed NSX Manager appliances from the old NSX Management cluster

To make the new NSX Manager_____, you need to log into its UI.

Active

Match the following components with their backup-related functions:

SDDC Manager = Manages backups of the entire SDDC infrastructure NSX Manager = Offers node-specific backups every hour SFTP Server = Stores backup files securely offsite CLI = Restores backups to newly deployed VMs

Which statement correctly describes the backup process for SDDC Manager?

Snapshots must be taken before any restoration.

NSX backups are independent of SDDC Manager backups.

True

What must be configured in the NSX Manager after deploying a new appliance for restoring from backup?

SFTP server details

Backups can be manually initiated from the _______.

NSX Manager UI

Which protocol is essential for managing the backup and restoration processes mentioned?

SFTP

Study Notes

Management Domain Components: Availability and Backup

• VMware Cloud Foundation supports Active Directory (AD) and OpenLDAP for identity sources. At least two domain controllers are needed for directory services availability, in different physical locations. AD can be used for authentication and authorization, but it's not a requirement.
• DNS servers must be highly available. If name resolution fails, VMware Cloud Foundation software components can't communicate, and workload domains can't be created or other workflows initiated.
• NTP is critical for authentication, especially in VMware Single Sign-On. Time drift between components is problematic, so multiple NTP servers are needed to ensure availability, and avoid authentication issues if one server fails.
• VMware Cloud Foundation uses static IP pools or DHCP to get IP addresses for NSX tunnel endpoints on ESXi hosts during workload domain creation. DHCP servers must be available on the VLAN assigned to the tunnel endpoints. If an ESXi host is rebooted, DHCP must successfully reassign IP addresses to the VMkernel ports used as the tunnel endpoint.
• A certificate authority must be available for replacing VMCA-signed certificates.
• BGP peers must be available for deployment of an NSX Edge cluster.
• A significant time drift between components can cause authentication failures. This is particularly important for NTP.

SDDC Manager Backup and Restore

• Maintain current SDDC Manager backups to ensure accurate restoration. Outdated backups may lead to inconsistencies with the current VCF deployment.
• SFTP file-based backups are configured part of the SDDC Manager ONBOARDING wizard.
• Automatic backup schedules are hourly or weekly.
• Schedule backups based on environment change frequency (hourly, daily, or weekly). Unscheduled backups can be done if significant changes are made to the VMware Cloud Foundation environment to minimize data loss from failures.

SDDC Manager Backup (continued)

• External SFTP servers are best practice for restoring SDDC Manager file-based backups. They provide better protection against failures because they decouple NSX backups from SDDC Manager backups. Failures in SDDC Manager won't affect the backups.
• Restore SDDC Manager backups in this order:
  1. Deploy a new SDDC Manager OVA using the vSphere Client.
  2. Take a snapshot of the SDDC Manager instance.
  3. Use the CLI to restore the SDDC Manager backup.

NSX Backup and Restore

• NSX Manager backs up each node of the NSX management cluster every hour by default.
• Backups can be manually initiated through the NSX Manager UI.
• NSX Manager backups inherit the SFTP backup settings of the SDDC Manager.
• Restoring NSX Manager appliances:
  1. Power off failed NSX Manager appliances.
  2. Deploy a new appliance using the same IP and FQDN.
  3. Log into the new appliance.
  4. Mark the new appliance active in NSX Manager.
  5. Locate the Backup & Restore page in NSX Manager.
  6. Configure the SFTP server details previously used by the previous NSX Manager node.
  7. Select the desired backup and click RESTORE.
  8. Deploy additional NSX Manager nodes.

Native vSphere Availability Options

• VCF deploys the management domain with vSphere HA configured with best practices.
• Default HA settings include:
  • Host failure response: restart VMs.
  • Response for host isolation: power off and restart VMs.
  • Datastore with permanent device loss: disabled.
  • Datastore with all paths down: disabled.
  • VM monitoring: VM monitoring only.
• Important: Remember, powering off is different than shutting down.
• vSAN storage policies are configured according to best practices.
• To accommodate additions to management domain, consider adjusting host failure tolerance in admission control, and adjusting the Performance degradation VMs tolerate setting as needed.
• vSphere HA restarts VMs if a VM is on a host that lost access to its data. This results in a short period of downtime while the VM restarts.
• vSphere HA monitors VMware Tools to ensure the OS is running healthily.

vSphere Distributed Switch Backup and Restore

• Export vSphere Distributed Switch (VDS) configuration whenever changes are made.
• Exporting configuration ensures recoverable VDS in case of vCenter failure. Although the VDS configuration is saved when vCenter is backed up, it's good practice to have a separate backup of the VDS configuration.

Active Directory

• Configure at least two domain controllers within the same physical environment to ensure directory services availability.
• AD can be used for authentication; it is not required for authorization. VMware Cloud Foundation can be deployed without AD.

Tool for Exporting vSphere Distributed Switch (VDS) Configuration

• The vSphere Client is used to export the VDS configuration.

Backup Location

• SFTP is the recommended external file server type for backing up data.

Description

Test your knowledge on the management domain components of VMware Cloud Foundation, focusing on availability, backup, and directory services. This quiz covers key requirements for Active Directory, DNS servers, and NTP critical for system functionality and authentication. Ensure you understand how these components work together to maintain effective operations.