VMware Cloud Foundation: Deploy, Configure, Manager [V5.2] Lecture PDF
Document Details
Uploaded by FinestLorentz
CSUB
2024
Tags
Related
- VMware Cloud Foundation Administrator 2024 Exam Notes PDF
- VMware Cloud Foundation Class Notes PDF
- VMware Cloud Foundation 5.1 Getting Started PDF
- VMware Cloud Foundation: Deploy, Configure, Manage [V5.2] Lecture Manual PDF
- VMware Cloud Foundation 5.2 Administrator PDF
- Deploy and Configure a VCF Management Domain Using VMware Cloud Builder PDF
Summary
This document is a lecture manual for VMware Cloud Foundation version 5.2. It covers topics such as course introduction, VMware Cloud Foundation overview, Day 0 tasks, and post-deployment operations. The manual is focused on IT training and professional development in cloud computing.
Full Transcript
VMware Cloud Foundation: Deploy, Configure, Manager [V5.2] Lecture Manual VMware Cloud Foundation: Deploy, Configure, Manager [V5.2] Lecture Manual Part Number EDU-EN-VCFDCM52-LEC (06-SEP-2024) Copyright © 2024 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its...
VMware Cloud Foundation: Deploy, Configure, Manager [V5.2] Lecture Manual VMware Cloud Foundation: Deploy, Configure, Manager [V5.2] Lecture Manual Part Number EDU-EN-VCFDCM52-LEC (06-SEP-2024) Copyright © 2024 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. This documentation, which includes embedded help systems and electronically distributed materials (hereinafter referred to as the “Documentation”) is for your informational purposes only and is subject to change or withdrawal by Broadcom at any time. This Documentation is proprietary information of Broadcom and may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of Broadcom, except as authorized by a valid, in effect license from Broadcom. If you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all Broadcom copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to Broadcom that all copies and partial copies of the Documentation have been returned to Broadcom or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW AND EXCEPT AS AGREED BY BROADCOM IN ITS APPLICABLE LICENSE AGREEMENT, BROADCOM PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL BROADCOM BE LIABLE TO THE END USER OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF BROADCOM IS EXPRESSLY ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. Contents Module 1 Course Introduction.............................................................................................. 1 1-2 Course Introduction................................................................................................................................. 1 1-3 Importance................................................................................................................................................... 1 1-4 Learner Objectives.................................................................................................................................. 2 1-5 Course Outline........................................................................................................................................... 3 1-6 Typographical Conventions................................................................................................................. 4 1-7 References.................................................................................................................................................. 5 Module 2 VMware Cloud Foundation Overview....................................................... 7 2-2 Importance.................................................................................................................................................. 7 2-3 Lesson 1: VMware Cloud Foundation Overview......................................................................... 8 2-4 Learner Objectives.................................................................................................................................. 8 2-5 About VMware Cloud Foundation.................................................................................................... 9 2-6 VMware Cloud Foundation Software Bill of Materials............................................................ 10 2-7 VMware Cloud Foundation Architecture....................................................................................... 11 2-8 About VMware Cloud Builder............................................................................................................ 13 2-9 About SDDC Manager......................................................................................................................... 14 2-10 About the SDDC Manager Dashboard..........................................................................................16 2-11 vSphere Overview................................................................................................................................. 17 2-12 vSAN Overview...................................................................................................................................... 18 2-13 NSX Overview.........................................................................................................................................19 2-14 vSphere with Tanzu Overview........................................................................................................ 20 2-15 VMware Aria Suite Overview............................................................................................................ 21 2-16 Licensing Options for vSphere Foundation and VMware Cloud Foundation................23 2-17 vSphere Foundation Licensing........................................................................................................ 24 2-18 VMware vSphere Foundation Add-Ons....................................................................................... 25 2-19 VMware Cloud Foundation Licensing............................................................................................26 iii 2-20 VMware Cloud Foundation Add-Ons............................................................................................28 2-21 Applying a Solution License Key in a Greenfield Deployment............................................29 2-22 Applying a Solution License Key in a Brownfield Deployment.......................................... 30 2-23 Key Points.................................................................................................................................................. 31 Module 3 Day 0 Tasks........................................................................................................ 33 3-2 Importance................................................................................................................................................ 33 3-3 Module Lessons...................................................................................................................................... 33 3-4 Lesson 1: Planning and Preparation............................................................................................... 34 3-5 Learner Objectives............................................................................................................................... 34 3-6 VMware Cloud Foundation Workload Domain Types............................................................ 35 3-7 VMware Cloud Foundation Architectures...................................................................................36 3-8 About the Management Domain.....................................................................................................38 3-9 Planning and Preparing the Design................................................................................................ 40 3-10 About Design Decisions...................................................................................................................... 41 3-11 Management Domain Design Decisions....................................................................................... 42 3-12 About Availability Zones and Instances....................................................................................... 43 3-13 Management Domain: Shared Storage Design......................................................................... 44 3-14 VMware Validated Solutions............................................................................................................ 46 3-15 Planning and Preparation Workbook: Deployment Options................................................47 3-16 Planning and Preparation Workbook: Prerequisite Checklist............................................. 48 3-17 Planning and Preparation Workbook: Management Domain Sizing Input..................... 49 3-18 Planning and Preparation Workbook: Workflow Tabs......................................................... 50 3-19 Lesson 2: Deployment.......................................................................................................................... 51 3-20 Learner Objectives................................................................................................................................. 51 3-21 Deploying the VMware Cloud Builder Appliance...................................................................... 52 3-22 Completing the Deployment Parameter Workbook.............................................................. 54 3-23 Preparing ESXi Hosts for VMware Cloud Foundation............................................................ 55 3-24 External Certificates During Bring-Up: Replacing Default Certificates............................. 57 3-25 External Certificates During Bring-Up: Customizing the JSON File...................................58 3-26 vSphere Lifecycle Manager...............................................................................................................59 3-27 Enabling vSphere Lifecycle Manager..............................................................................................61 3-28 Configuration Validation......................................................................................................................62 3-29 Fully Automated Deployment of VMware SDDC Components........................................63 3-30 Lab 1: Access the Lab Environment.............................................................................................. 64 3-31 Lab 2: (Simulation) Deploy VMware Cloud Foundation........................................................ 64 3-32 Key Points.................................................................................................................................................65 iv Module 4 Post-Deployment Operations.................................................................... 67 4-2 Importance................................................................................................................................................ 67 4-3 Module Lessons...................................................................................................................................... 67 4-4 Lesson 1: VMware Cloud Foundation Onboarding.................................................................. 68 4-5 Learner Objectives............................................................................................................................... 68 4-6 Onboarding Overview......................................................................................................................... 69 4-7 Configuring the Backup Connection............................................................................................. 70 4-8 Backup Scheduling and Retention Policies................................................................................... 71 4-9 vCenter Single Sign-On Configuration Settings........................................................................ 72 4-10 Using Identity Providers in VMware Cloud Foundation......................................................... 73 4-11 About the Online Depot......................................................................................................................74 4-12 Lab 3: Initial Setup.................................................................................................................................. 75 4-13 Lesson 2: User Management............................................................................................................. 76 4-14 Learner Objectives................................................................................................................................ 76 4-15 VMware Cloud Foundation Roles.................................................................................................... 77 4-16 Administering VMware Cloud Foundation................................................................................... 78 4-17 Safeguarding VMware Cloud Foundation Components in vSphere.................................79 4-18 Safeguarding VMware Cloud Foundation Components in NSX........................................ 80 4-19 User-Created Service Accounts....................................................................................................... 81 4-20 System-Created Service Accounts................................................................................................82 4-21 Lesson 3: Password Management..................................................................................................83 4-22 Learner Objectives................................................................................................................................83 4-23 VMware Cloud Foundation Password Management.............................................................. 84 4-24 Password Management Best Practices........................................................................................85 4-25 Rotating Passwords............................................................................................................................. 86 4-26 Updating and Remediating Passwords.........................................................................................88 4-27 Using the lookup_passwords Command.................................................................................... 89 4-28 Password Management: Exceptions...............................................................................................91 4-29 Expiring Password Notifications......................................................................................................92 4-30 API Commands.......................................................................................................................................93 4-31 API Security: Token-Based Authentication............................................................................... 94 4-32 About the API Explorer.......................................................................................................................95 4-33 About PowerCLI................................................................................................................................... 96 4-34 Listing Local OS User Accounts...................................................................................................... 97 4-35 Lab 4: Managing Users........................................................................................................................ 98 4-36 Lab 5: Managing Passwords in SDDC Manager....................................................................... 99 v 4-37 Key Points.............................................................................................................................................. 100 Module 5 VMware Cloud Foundation Networking with NSX........................... 101 5-2 Importance............................................................................................................................................... 101 5-3 Module Lessons..................................................................................................................................... 101 5-4 Lesson 1: NSX Overview................................................................................................................... 102 5-5 Learner Objectives.............................................................................................................................. 102 5-6 About NSX............................................................................................................................................. 103 5-7 Functionalities of NSX....................................................................................................................... 104 5-8 About vDefend..................................................................................................................................... 105 5-9 Management and Control Planes...................................................................................................106 5-10 About the NSX Management Cluster.......................................................................................... 107 5-11 NSX Manager Form Factors............................................................................................................109 5-12 NSX Management Cluster with Virtual IP Address.................................................................. 111 5-13 Logical Switching Terminology........................................................................................................ 113 5-14 About VDS.............................................................................................................................................. 114 5-15 NSX Edge Functions............................................................................................................................ 115 5-16 About the NSX Edge Cluster........................................................................................................... 117 5-17 Lesson 2: VI Workload Domain Networking............................................................................. 118 5-18 Learner Objectives............................................................................................................................... 118 5-19 NSX in VI Workload Domains.......................................................................................................... 119 5-20 NSX Manager Cluster Placement.................................................................................................. 120 5-21 Transport Zones and Uplink Profiles............................................................................................. 121 5-22 Workload Domain Traffic Separation.......................................................................................... 122 5-23 Workload Domain Deployment..................................................................................................... 124 5-24 Management Domain Deployment............................................................................................... 125 5-25 Dual DPUs Support............................................................................................................................. 126 5-26 VDS Profile-1: Default Unified Fabric............................................................................................ 127 5-27 VDS Profile-2: Storage Traffic Separation................................................................................ 128 5-28 VDS Profile-3: NSX Traffic Separation....................................................................................... 129 5-29 Creating a VDS Configuration Using the API........................................................................... 130 5-30 VI Workload Domain Switch Configuration............................................................................... 132 5-31 VI Workload Domain Custom Switch Configuration............................................................. 134 5-32 Workload Domain Switch Configuration Selection................................................................ 135 5-33 Configuring an Isolated Workload Domain with a Shared NSX Manager Instance... 136 5-34 Importing vSphere Clusters to VMware Cloud Foundation............................................... 138 5-35 Migrating VLAN-Backed Workloads to NSX Overlay......................................................... 140 vi 5-36 Deploying Avi Load Balancer from SDDC Manager............................................................... 141 5-37 Lesson 3: NSX Edge Networking.................................................................................................. 142 5-38 Learner Objectives.............................................................................................................................. 142 5-39 About NSX Edge Deployments in VMware Cloud Foundation........................................ 143 5-40 About the Add Edge Cluster Wizard.......................................................................................... 144 5-41 NSX Edge Cluster Deployment Considerations...................................................................... 145 5-42 NSX Edge Cluster Profile Options................................................................................................ 146 5-43 Specifying the NSX Edge Cluster Use Case............................................................................. 147 5-44 Selecting the Routing Type............................................................................................................. 149 5-45 Configuring NSX Edge Appliances................................................................................................ 151 5-46 Adding NSX Edge Appliances........................................................................................................ 152 5-47 NSX Edge Validation.......................................................................................................................... 153 5-48 Resizing the NSX Edge Cluster...................................................................................................... 154 5-49 Adding NSX Edge Cluster Nodes................................................................................................. 155 5-50 Removing NSX Edge Cluster Nodes........................................................................................... 156 5-51 Prescriptive Edge Deployment...................................................................................................... 157 5-52 Custom NSX Edge Deployment.................................................................................................... 158 5-53 Custom NSX Edge Use Cases........................................................................................................ 159 5-54 Spine-and-Leaf Design........................................................................................................................ 161 5-55 Gateway Routing................................................................................................................................. 162 5-56 Connectivity to Physical Layer 3 Devices: Routing Feature Set..................................... 164 5-57 NSX Edge Node Routing in Active-Active Mode................................................................... 165 5-58 Supported BGP Feature Set........................................................................................................... 166 5-59 BGP Design Considerations............................................................................................................. 168 5-60 Using NSX Manager to Configure OSPF Peering.................................................................. 170 5-61 NSX Edge Node in Workload Domain Racks and North-South Routing....................... 171 5-62 NSX Edge in a Single-Rack Consolidated Management Domain..................................... 172 5-63 NSX Edge Placement for Workload Domains......................................................................... 174 5-64 Multi-Rack Cluster Networking Considerations....................................................................... 176 5-65 Lab 6: Using SDDC Manager to Deploy an NSX Edge Cluster......................................... 178 5-66 Lab 7: (Simulation) Using the SDDC Manager API to Deploy a Custom NSX Edge Cluster....................................................................................................................................................... 178 5-67 Lesson 4: Application Virtual Networks...................................................................................... 179 5-68 Learner Objectives.............................................................................................................................. 179 5-69 Application Virtual Networks...........................................................................................................180 5-70 Application Virtual Network Benefits........................................................................................... 182 vii 5-71 Deploying AVNs................................................................................................................................... 183 5-72 AVN Deployment Details................................................................................................................. 184 5-73 AVN Support and Restrictions....................................................................................................... 185 5-74 VMware Aria Suite Lifecycle Deployment with AVNs......................................................... 186 5-75 Lab 8: Deploying Application Virtual Networks....................................................................... 187 5-76 Key Points............................................................................................................................................... 188 Module 6 Managing Workload Domains................................................................... 189 6-2 Importance.............................................................................................................................................. 189 6-3 Module Lessons.................................................................................................................................... 189 6-4 Lesson 1: Workload Domain Overview.......................................................................................190 6-5 Learner Objectives..............................................................................................................................190 6-6 Workload Domain Overview........................................................................................................... 191 6-7 Workload Domain Types.................................................................................................................. 192 6-8 About VI Workload Domains.......................................................................................................... 193 6-9 VI Workload Domain Architecture Models................................................................................ 194 6-10 Workload Domain Storage Options............................................................................................. 196 6-11 Multicluster Support............................................................................................................................ 198 6-12 Multiple VI Workload Domains or Multiple Clusters............................................................. 200 6-13 vCenter Enhanced Linked Mode................................................................................................... 201 6-14 Single Sign-On Architectures.........................................................................................................203 6-15 Lesson 2: Workload Domain Preparation.................................................................................205 6-16 Learner Objectives.............................................................................................................................205 6-17 Host Commissioning...........................................................................................................................206 6-18 Host Validation.....................................................................................................................................208 6-19 Bulk-Commissioning Hosts..............................................................................................................209 6-20 Viewing Host Inventory..................................................................................................................... 210 6-21 Network Pools....................................................................................................................................... 211 6-22 Network Pool Implementation........................................................................................................ 213 6-23 Network Pool Settings...................................................................................................................... 214 6-24 Network Pool Sizing........................................................................................................................... 216 6-25 Creating Network Pools.................................................................................................................... 217 6-26 Editing Network Pools....................................................................................................................... 218 6-27 Deleting Network Pools.................................................................................................................... 219 6-28 Lab 9: Commissioning Hosts for a New VI Workload Domain.........................................220 6-29 Lesson 3: Workload Domain Configuration.............................................................................. 221 6-30 Learner Objectives.............................................................................................................................. 221 viii 6-31 Transport Zones.................................................................................................................................. 222 6-32 Single Overlay Transport Zones................................................................................................... 224 6-33 Sub-Transport Node Profiles......................................................................................................... 225 6-34 Networking Enhancements for vSAN Stretched Clusters................................................. 227 6-35 VI Workload Domain Switch Configuration.............................................................................. 229 6-36 Sample JSON Configuration for Multi-NIC...............................................................................230 6-37 VI Workload Domain Prerequisites............................................................................................. 232 6-38 Choosing the Life Cycle Update Management Method...................................................... 233 6-39 Creating VI Workload Domains..................................................................................................... 234 6-40 Expanding Workload Domains: Adding Clusters................................................................... 236 6-41 Expanding Workload Domains: Adding Hosts........................................................................ 237 6-42 Shrinking Workload Domains......................................................................................................... 238 6-43 Decommissioning Hosts.................................................................................................................. 240 6-44 Deleting VI Workload Domains...................................................................................................... 241 6-45 Lab 10: Creating a VI Workload Domain................................................................................... 242 6-46 Lesson 4: Workload Domain Design and Sizing..................................................................... 243 6-47 Learner Objectives............................................................................................................................. 243 6-48 Workload Domain Design Considerations................................................................................ 244 6-49 ESXi Design for Workload Domains........................................................................................... 245 6-50 ESXi Host Sizing.................................................................................................................................. 246 6-51 vCenter Sizing Considerations for VMware Cloud Foundation....................................... 247 6-52 High Availability Design for vCenter........................................................................................... 248 6-53 vSphere Networking: Distributed Port Group Design Example...................................... 249 6-54 Software-Defined Networking Design: Shared NSX Manager Instances..................... 251 6-55 Software-Defined Networking Design: Dedicated NSX Manager Instances............. 252 6-56 Software-Defined Networking Design: VLAN and Subnet Considerations................ 253 6-57 Shared Storage Design: Principal and Supplemental Storage.......................................... 255 6-58 Workload Domain Design Decisions: Storage........................................................................ 257 6-59 Workload Domain Design Decisions: ESXi............................................................................... 258 6-60 Lab 11: Adding a Host to the VI Workload Domain...............................................................260 6-61 Lab 12: (Simulation) Simultaneous Cluster Operations.........................................................260 6-62 Key Points............................................................................................................................................... 261 Module 7 VMware Cloud Foundation Storage Management......................... 263 7-2 Importance............................................................................................................................................. 263 7-3 Module Lessons................................................................................................................................... 263 7-4 Lesson 1: Overview of vSAN in VMware Cloud Foundation............................................. 264 ix 7-5 Learner Objectives............................................................................................................................. 264 7-6 VMware Cloud Foundation Storage Types............................................................................. 265 7-7 About vSAN.......................................................................................................................................... 267 7-8 vSAN Datastores................................................................................................................................ 268 7-9 Advantages of Using vSAN for VMware Cloud Foundation Storage.......................... 269 7-10 vSAN in the Management Domain............................................................................................... 270 7-11 vSAN in VI Workload Domains...................................................................................................... 271 7-12 Scaling vSAN Clusters in VMware Cloud Foundation.......................................................... 272 7-13 Lab 13: Review the VI Workload Domain vSAN Cluster Details..................................... 274 7-14 Lesson 2: Storage Policy-Based Management....................................................................... 275 7-15 Learner Objectives............................................................................................................................. 275 7-16 Storage Policy-Based Management............................................................................................ 276 7-17 Policy-Driven Object-Based Storage......................................................................................... 277 7-18 VM Storage Policies........................................................................................................................... 278 7-19 Failures to Tolerate............................................................................................................................ 279 7-20 Modifying the vSAN Default Storage Policy............................................................................ 281 7-21 Comparing RAID 1 Mirroring and RAID 5/6 Erasure Coding............................................. 282 7-22 vSAN Storage Policy Space Consumption Comparison.................................................... 283 7-23 RAID 5 in Four-Node Clusters....................................................................................................... 284 7-24 Verifying vSAN Storage Policy Compliance............................................................................ 286 7-25 Monitoring Compliance..................................................................................................................... 287 7-26 About Deduplication and Compression..................................................................................... 288 7-27 Management Domain Deduplication and Compression....................................................... 289 7-28 VI Workload Domain Deduplication and Compression.......................................................290 7-29 Enabling Deduplication and Compression on an Existing Cluster..................................... 291 7-30 Lab 14: Analyze the Placement of VM Objects and Components in the vSAN Cluster........................................................................................................................................ 292 7-31 Lesson 3: vSAN Express Storage Architecture in VMware Cloud Foundation........ 293 7-32 vSAN Express Storage Architecture Overview.................................................................... 294 7-33 vSAN ESA and NVMe....................................................................................................................... 295 7-34 vSAN ESA Characteristics.............................................................................................................. 296 7-35 Comparing vSAN Architectures................................................................................................... 297 7-36 vSAN ESA Requirements................................................................................................................ 298 7-37 vSAN Disk Configuration Comparison....................................................................................... 299 7-38 vSAN ESA Storage Pools.............................................................................................................. 300 7-39 vSAN ESA New I/O Engine............................................................................................................ 301 x 7-40 vSAN Log-Structured File System..............................................................................................302 7-41 vSAN ESA Storage Policies.......................................................................................................... 304 7-42 Example of a New Default Storage Policy...............................................................................305 7-43 vSAN ESA Auto-Policy Management....................................................................................... 306 7-44 Default Storage Policy in Auto-Policy Management............................................................ 307 7-45 Default Storage Policy Rules..........................................................................................................308 7-46 New VM Policy.................................................................................................................................... 309 7-47 VM Components (vSAN ESA)....................................................................................................... 310 7-48 vSAN ESA Capacity Reporting....................................................................................................... 311 7-49 vSAN ESA Feature Support........................................................................................................... 312 7-50 vSAN ESA on Management Domain........................................................................................... 313 7-51 Parameters for vSAN ESA.............................................................................................................. 314 7-52 Proxy Configuration for HCL Management.............................................................................. 315 7-53 VMware Cloud Builder Validation.................................................................................................. 316 7-54 Management Domain with vSAN ESA........................................................................................ 317 7-55 vSAN ESA on VI Workload Domains.......................................................................................... 318 7-56 Host Commissioning with vSAN ESA.......................................................................................... 319 7-57 Deploying a vSAN ESA VI Workload Domain with a vSphere Lifecycle Manager Cluster Image.....................................................................................................................320 7-58 VI Workload Domain Creation with vSAN ESA...................................................................... 321 7-59 VI Workload Domain Creation Workflow................................................................................. 322 7-60 Adding a Cluster to a Workload Domain.................................................................................. 323 7-61 Removing Hosts.................................................................................................................................. 324 7-62 Introducing vSAN Max Support.................................................................................................... 325 7-63 Lab 15: (Simulation) Deploying a VI Workload Domain with vSAN ESA..................... 327 7-64 Lesson 4: VMware Cloud Foundation Storage Design....................................................... 328 7-65 Learner Objectives............................................................................................................................. 328 7-66 Host Design Hardware Decisions................................................................................................. 329 7-67 Host Design Considerations for vSAN: CPU and Memory................................................330 7-68 Host Design Considerations for vSAN: Boot Device............................................................ 331 7-69 Disk Controller Considerations...................................................................................................... 332 7-70 vSAN Performance on Hardware................................................................................................ 333 7-71 vSAN Sizing: Levels of Overhead................................................................................................ 334 7-72 vSAN Sizing Considerations........................................................................................................... 335 7-73 vSAN Design Principles: Hardware.............................................................................................. 336 7-74 vSAN Design Principles: Performance and Availability....................................................... 337 xi 7-75 vSAN Design Principles: Operations........................................................................................... 338 7-76 Key Points.............................................................................................................................................. 339 Module 8 Availability and Business Continuity....................................................... 341 8-2 Importance.............................................................................................................................................. 341 8-3 Module Lessons.................................................................................................................................... 341 8-4 Lesson 1: Management Domain Availability and Backup.................................................... 342 8-5 Learner Objectives............................................................................................................................. 342 8-6 Availability of Key Infrastructure Components....................................................................... 343 8-7 Backing Up SDDC Manager............................................................................................................344 8-8 Restoring SDDC Manager Backups............................................................................................. 346 8-9 Backing Up NSX Manager Appliances........................................................................................ 347 8-10 Restoring NSX Manager Appliances........................................................................................... 348 8-11 Using vSphere HA in the Management Domain..................................................................... 349 8-12 Using vSAN Storage Policies.......................................................................................................... 351 8-13 Back Up and Restore the vSphere Distributed Switch....................................................... 352 8-14 Lesson 2: Stretched vSAN Clusters in VMware Cloud Foundation............................... 353 8-15 Learner Objectives............................................................................................................................. 353 8-16 About Availability Zones.................................................................................................................. 354 8-17 About VMware Cloud Foundation Instances........................................................................... 355 8-18 Stretched Cluster Architecture..................................................................................................... 356 8-19 Stretched Cluster Use Cases......................................................................................................... 357 8-20 About vSAN ESA Stretched Clusters........................................................................................ 358 8-21 Stretched Cluster Requirements................................................................................................. 360 8-22 Stretched Cluster Requirements: Witness Sites..................................................................... 361 8-23 Example: Stretched Cluster............................................................................................................ 362 8-24 Commissioning Hosts in AZ2.......................................................................................................... 363 8-25 About the vSAN Witness Host..................................................................................................... 364 8-26 Stretching a Cluster Using APIs: Obtaining the Cluster ID................................................. 366 8-27 Stretching a Cluster Using APIs: Obtaining Host IDs............................................................ 367 8-28 Creating JSON Input.......................................................................................................................... 368 8-29 Validating the JSON Input............................................................................................................... 369 8-30 Executing the Stretch Cluster Workflow.................................................................................. 370 8-31 Stretched Cluster Workflow: Complete..................................................................................... 371 8-32 Configuring NSX Edge for Failover to AZ2............................................................................. 372 8-33 NSX Routing Considerations for Stretched Clusters........................................................... 373 8-34 Route Maps Example......................................................................................................................... 375 xii 8-35 Stretched Cluster Storage Policy: Site Disaster Tolerance............................................... 376 8-36 Example: Dual Site Mirroring with RAID 1 in Local Sites...................................................... 377 8-37 Example: Dual Site Mirroring with RAID 5 in Local Sites..................................................... 378 8-38 Expanding a Stretched Workload Domain Cluster............................................................... 379 8-39 Replacing Failed Hosts in a Stretched Workload Domain Cluster..................................380 8-40 Lab 16: (Simulation) Stretching a vSAN Cluster in the Management Domain............. 381 8-41 Key Points.............................................................................................................................................. 382 Module 9 VMware Cloud Foundation Certificate Management.................... 383 9-2 Importance............................................................................................................................................. 383 9-3 Module Lessons................................................................................................................................... 383 9-4 Lesson 1: Digital Certificate Overview........................................................................................ 384 9-5 Learner Objectives............................................................................................................................. 384 9-6 Role of Digital Certificates in VMware Cloud Foundation.................................................. 385 9-7 Key Components of PKI.................................................................................................................. 386 9-8 About Certificate Signing Requests............................................................................................ 388 9-9 Using CSRs to Obtain a Digital Certificate................................................................................ 389 9-10 Lesson 2: Managing Certificates for VMware Cloud Foundation Components....... 390 9-11 Learner Objectives............................................................................................................................ 390 9-12 SDDC Manager Certificate Automation..................................................................................... 391 9-13 VMware Certificate Authority........................................................................................................ 392 9-14 Managing Certificates for VMware Cloud Foundation Components............................. 393 9-15 Viewing Certificates........................................................................................................................... 394 9-16 Certificate Status in VMware Cloud Foundation.................................................................... 395 9-17 Replacing Certificates........................................................................................................................ 396 9-18 Lesson 3: Installing Certificates..................................................................................................... 397 9-19 Learner Objectives............................................................................................................................. 397 9-20 Configuring Microsoft CA: Requirements................................................................................. 398 9-21 Integrating a Microsoft CA with SDDC Manager................................................................... 399 9-22 Integrating the OpenSSL CA with SDDC Manager.............................................................. 401 9-23 Workflow: Installing Certificates Using an Integrated CA................................................. 403 9-24 Workflow: Installing Certificates Using an External CA...................................................... 404 9-25 Workflow: Installing Third-Party Certificates.......................................................................... 405 9-26 Removing Unused Certificates..................................................................................................... 406 9-27 Using APIs to Manage Certificates............................................................................................. 406 9-28 Lab 17: Implementing Certificates in SDDC Manager.......................................................... 408 9-29 Key Points............................................................................................................................................. 409 xiii Module 10 VMware Cloud Foundation Life Cycle Management.................... 411 10-2 Importance............................................................................................................................................... 411 10-3 Module Lessons..................................................................................................................................... 411 10-4 Lesson 1: Overview of Life Cycle Management...................................................................... 412 10-5 Learner Objectives.............................................................................................................................. 412 10-6 Patch Management and Upgrades Without Life Cycle Management............................ 413 10-7 VMware Cloud Foundation LCM Product Support................................................................ 414 10-8 About vSphere Lifecycle Manager............................................................................................... 415 10-9 About vSphere Lifecycle Manager Images............................................................................... 416 10-10 About the NSX Upgrade Coordinator........................................................................................ 418 10-11 About VMware Aria Suite Lifecycle............................................................................................. 419 10-12 Lesson 2: Installation and Upgrade Bundles............................................................................ 420 10-13 Learner Objectives............................................................................................................................ 420 10-14 About VMware Cloud Foundation Bundle Types................................................................... 421 10-15 Options for Downloading VMware Cloud Foundation Bundles....................................... 422 10-16 Online Bundle Download Overview............................................................................................ 423 10-17 Configuring Online Depot Settings.............................................................................................. 424 10-18 Downloading Online Bundles Using SDDC Manager............................................................ 425 10-19 Downloading Bundles Using a Proxy Server........................................................................... 426 10-20 About Offline Depots........................................................................................................................ 427 10-21 Configuring Offline Depots............................................................................................................. 429 10-22 Downloading the Offline Bundle Transfer Utility................................................................... 430 10-23 Connecting SDDC Manager to an Offline Depot.................................................................... 431 10-24 Lesson 3: vSphere Lifecycle Manager Images....................................................................... 432 10-25 Learner Objectives............................................................................................................................. 432 10-26 Workflow for Using vSphere Lifecycle Manager Images in VMware Cloud Foundation............................................................................................................. 433 10-27 Creating vSphere Lifecycle Manager Images..........................................................................434 10-28 Making vSphere Lifecycle Manager Images Available in VMware Cloud Foundation435 10-29 Requirements for Exporting vSphere Lifecycle Manager Images from vSphere..... 436 10-30 Exporting vSphere Lifecycle Manager Images in the vSphere Client........................... 437 10-31 Selecting a Format for the vSphere Lifecycle Manager Image....................................... 438 10-32 Exporting Cluster Settings from the vSphere Client............................................................ 439 10-33 Importing vSphere Lifecycle Manager Images into VMware Cloud Foundation...... 440 10-34 Extracting vSphere Lifecycle Manager Images from VMware Cloud Foundation....441 10-35 About Custom ESXi ISO Images.................................................................................................. 442 xiv 10-36 Creating Custom ESXi ISO Images with vSphere Lifecycle Manager...........................443 10-37 Performing Firmware Updates..................................................................................................... 444 10-38 Lesson 4: Upgrading Workload Domains.................................................................................445 10-39 Learner Objectives.............................................................................................................................445 10-40 Upgrade Order for VMware Cloud Foundation Components..........................................446 10-41 Independent SDDC Manager Upgrades.................................................................................... 447 10-42 Mixed-Mode Support for VI Workload Domains...................................................................448 10-43 Prerequisites for Upgrading VMware Cloud Foundation....................................................449 10-44 NSX Upgrade Considerations....................................................................................................... 450 10-45 Performing Upgrade Prechecks.................................................................................................... 451 10-46 Reviewing the Precheck Results.................................................................................................. 452 10-47 Monitoring VMware Cloud Foundation Updates.................................................................... 453 10-48 Accessing VMware Cloud Foundation Upgrade Log Files................................................454 10-49 About the Async Patch Tool......................................................................................................... 455 10-50 Applying Patches in VMware Cloud Foundation 5.2............................................................ 456 10-51 Applying Patches During Upgrades............................................................................................ 457 10-52 Key Points.............................................................................................................................................. 458 Module 11 VMware Aria Suite on VMware Cloud Foundation........................ 459 11-2 Importance............................................................................................................................................. 459 11-3 Module Lessons................................................................................................................................... 459 11-4 Lesson 1: VMware Aria Suite on VMware Cloud Foundation Architecture and Networking........................................................................................................................................... 460 11-5 Learner Objectives............................................................................................................................ 460 11-6 About VMware Aria Suite................................................................................................................ 461 11-7 Logical Design of VMware Aria Suite Lifecycle on VMware Cloud Foundation....... 463 11-8 VMware Aria Suite for VMware Cloud Foundation..............................................................464 11-9 VMware Aria Suite Integrations with VMware Cloud Foundation..................................466 11-10 VMware Cloud Foundation Planning and Preparation Workbook for VMware Aria Suite Deployment................................................................................................... 467 11-11 Role of Edge Clusters and AVNs in VMware Aria Suite Deployment..........................468 11-12 AVN Configuration: Overlay and VLAN Backed.................................................................. 470 11-13 VMware Aria Suite Networking.................................................................................................... 472 11-14 Lesson 2: VMware Aria Suite Lifecycle and Workspace ONE Access Deployment on VMware Cloud Foundation............................................................................ 474 11-15 Learner Objectives............................................................................................................................. 474 11-16 Deployment Workflow..................................................................................................................... 475 xv 11-17 Downloading the VMware Aria Suite Lifecycle Bundle....................................................... 477 11-18 Verifying the AVN Deployment.................................................................................................... 478 11-19 Using SDDC Manager to Deploy VMware Aria Suite Lifecycle....................................... 479 11-20 VMware Cloud Foundation Aware Mode................................................................................ 480 11-21 VMware Aria Suite in VMware Cloud Foundation Aware Mode Advantages............ 481 11-22 VMware Aria Suite Lifecycle NSX Object Creation.............................................................. 483 11-23 VMware Aria Suite Lifecycle NSX Components....................................................................484 11-24 Replacing the VMware Aria Suite Lifecycle Certificate Through SDDC Manager... 485 11-25 Configuring Data Centers in VMware Aria Suite Lifecycle................................................ 487 11-26 Configuring the Management Domain vCenter System..................................................... 488 11-27 Adding VMware Aria Suite Lifecycle Environments............................................................. 489 11-28 Deploying Workspace ONE Access on VMware Cloud Foundation........................... 490 11-29 VMware Aria Suite Lifecycle and Workspace ONE Access Passwords...................... 491 11-30 Adding Workspace ONE Access Passwords to VMware Aria Suite Lifecycle........ 492 11-31 Deploying Workspace ONE Access with VMware Aria Suite Lifecycle...................... 493 11-32 About VMware Aria Suite Lifecycle Flexible Upgrades......................................................494 11-33 VMware Aria Suite Products Flexible Upgrades on VMware Cloud Foundation.....496 11-34 Lab 18: (Simulation) Installing VMware Aria Suite Lifecycle and Workspace ONE Access in VMware Cloud Foundation.................................................... 497 11-35 Lesson 3: VMware Aria Suite Lifecycle Operations............................................................. 498 11-36 Learner Objectives............................................................................................................................. 498 11-37 About VMware Aria Suite Lifecycle Settings.......................................................................... 499 11-38 About Product Binaries................................................................................................................... 500 11-39 Adding Product Binaries................................................................................................................... 501 11-40 Expanding the Environment............................................................................................................503 11-41 Lesson 4: VMware Validated Solutions for VMware Aria Suite Products.................. 504 11-42 Learner Objectives............................................................................................................................ 504 11-43 VMware Validated Solutions..........................................................................................................505 11-44 Benefits of VMware Validated Solutions.................................................................................. 506 11-45 Available VMware Validated Solutions....................................................................................... 507 11-46 VMware Validated Solutions with VMware Aria Suite.........................................................508 11-47 Deploying VMware Aria Operations on VMware Cloud Foundation............................ 509 11-48 Deploying VMware Aria Operations for Logs on VMware Cloud Foundation...........510 11-49 Deploying VMware Aria Automation on VMware Cloud Foundation............................. 511 11-50 Key Points............................................................................................................................................... 512 xvi Module 12 VMware Private AI Foundation with NVIDIA................................... 513 12-2 Importance.............................................................................................................................................. 513 12-3 Lesson 1: VMware Private AI Foundation with NVIDIA....................................................... 514 12-4 Learner Objectives.............................................................................................................................. 514 12-5 Types of Artificial Intelligence......................................................................................................... 515 12-6 Generative AI and Large Language Models............................................................................. 516 12-7 Large Language Model Operational Components................................................................. 517 12-8 GPUs for Machine Learning............................................................................................................. 519 12-9 GPU Virtualization Using NVIDIA GPUs.....................................................................................520 12-10 NVIDIA Virtual GPU Manager........................................................................................................ 522 12-11 GPU Configuration Modes............................................................................................................... 523 12-12 Shared GPU Modes............................................................................................................................ 524 12-13 Time-Slicing Versus MIG Mode Considerations...................................................................... 526 12-14 NVIDIA GPU Configuration for VMware Cloud Foundation.............................................. 528 12-15 Assigning a vGPU Profile to a VM: Time-Slicing.....................................................................530 12-16 Assigning a vGPU Profile to a VM: MIG..................................................................................... 532 12-17 Creating VM Class for a TKG Worker Node VM................................................................... 534 12-18 NVIDIA GPUDirect RDMA.............................................................................................................. 536 12-19 CPU and Memory Bypass for GPU-NIC Communication................................................... 537 12-20 NVIDIA NVLink.................................................................................................................................... 539 12-21 NVIDIA NVSwitch.............................................................................................................................. 540 12-22 Private AI Foundation with NVIDIA.............................................................................................. 541 12-23 Private AI Foundation with NVIDIA Use Cases...................................................................... 542 12-24 Private AI Foundation with NVIDIA Components................................................................. 543 12-25 Management Components in Private AI Foundation with NVIDIA................................ 545 12-26 Life Cycle Management for VMware Cloud Foundation GPU-Enabled Workloads................................................................................................................. 547 12-27 Glossary of GPU Terminology (1).................................................................................................550 12-28 Glossary of GPU Terminology (2)................................................................................................ 552 12-29 Key Points.............................................................................................................................................. 554 Module 13 VMware Cloud Foundation Troubleshooting.................................. 555 13-2 Importance............................................................................................................................................. 555 13-3 Lesson 1: VMware Cloud Foundation Troubleshooting....................................................... 556 13-4 Learner Objectives............................................................................................................................. 556 13-5 About the SoS Utility......................................................................................................................... 557 13-6 Accessing the SoS Utility................................................................................................................. 558 xvii 13-7 SoS Utility: Performing Health Checks....................................................................................... 559 13-8 SoS Utility: Performing Password Validity Checks................................................................ 561 13-9 SoS Utility: Collecting Log Files..................................................................................................... 562 13-10 Opening Service Requests with Broadcom Support........................................................... 563 13-11 SDDC Manager Services.................................................................................................................. 564 13-12 Key Log Files on SDDC Manager................................................................................................. 566 13-13 Example: Failed Workflow in the SDDC Manager UI........................................................... 567 13-14 Troubleshooting Failed Workflows............................................................................................. 568 13-15 Using the Error Messages to Parse Logs.................................................................................. 569 13-16 Restarting Failed Workflows.......................................................................................................... 570 13-17 Lab 19: Using APIs for Common Tasks....................................................................................... 571 13-18 Lab 20: Using SoS Commands....................................................................................................... 571 13-19 Key Points.............................................................................................................................................. 572 xviii Module 1 Course Introduction 1-2 Course Introduction 1-3 Importance VMware Cloud Foundation is an engineered solution for automating the deployment of a software-defined data center in your on-premises infrastructure. VMware Cloud Foundation enables customers to build infrastructure in hours, whereas it previously took weeks and months. VMware Cloud Foundation provides a flexible platform for managing the life cycle of your cloud. 1 1-4 Learner Objectives Plan a deployment for VMware Cloud Foundation Describe VMware Cloud Foundation components and supporting architecture Explain the VMware Cloud Foundation licensing model Perform day 0 tasks Perform VMware Cloud Foundation platform onboarding Manage user credentials in VMware Cloud Foundation Configure VMware NSX® networking in VMware Cloud Foundation Deploy and manage workload domains Understand and implement storage solutions and related policies Perform maintenance tasks for the VMware Cloud Foundation platform Manage certificates for VMware Cloud Foundation and connected technologies Manage the life cycle for VMware Cloud Foundation Deploy and manage VMware Aria Suite on VMware Cloud Foundation Understand the Private AI Foundation with NVIDIA architecture and components Engage with VMware Cloud Foundation Technical Support services 2 1-5 Course Outline 1. Course Introduction 2. VMware Cloud Foundation Overview 3. Day 0 Tasks 4. Post-Deployment Operations 5. VMware Cloud Foundation Networking with NSX 6. Managing Workload Domains 7. VMware Cloud Foundation Storage Management 8. Availability and Business Continuity 9. VMware Cloud Foundation Certificate Management 10. VMware Cloud Foundation Life Cycle Management 11. VMware Aria Suite on VMware Cloud Foundation 12. VMware Private AI Foundation with NVIDIA 13. VMware Cloud Foundation Troubleshooting 3 1-6 Typographical Conventions The following typographical conventions are used in this course. Conventions Use and Examples Monospace Identifies command names, command options, parameters, code fragments, error messages, filenames, folder names, directory names, and path names: Run the esxtop command.... found in the var/log/messages file. Monospace Identifies user inputs: Bold Enter ipconfig/release. Boldface Identifies user interface controls: Click the Configuration tab. Italic Identifies book titles: vSphere Virtual Machine Administration Indicates placeholder variables:... the Settings/.txt file 4 1-7 References Title Location VMware Cloud Foundation FAQs https://www.vmware.com/products/cloud- foundation/faq.html VMware Cloud Foundation https://core.vmware.com/vmware-cloud-foundation Resource Center VMware Cloud Foundation (VCF) https://blogs.vmware.com/cloud-foundation Blog VMware Cloud Foundation 5.x https://core.vmware.com/blog/vmware-cloud-foundation- Posters 5x-posters VMware vSAN Documentation https://docs.vmware.com/en/VMware-vSAN/index.html VMware vSphere Documentation https://docs.vmware.com/en/VMware-vSphere/index.html VMware Validated Solutions https://core.vmware.com/vmware-validated-solutions 5 6 Module 2 VMware Cloud Foundation Overview 2-2 Importance To successfully administer and operate VMware Cloud Foundation, you must understand its components and architecture. You must also be familiar with the role that VMware Cloud Foundation plays in automating and managing multiple VMware technologies to avoid configuration errors. 7 2-3 Lesson 1: VMware Cloud Foundation Overview 2-4 Learner Objectives Describe the VMware Cloud Foundation solution Describe the VMware Cloud Foundation components and architecture Describe vSphere Foundation and VMware Cloud Foundation licensing options 8 2-5 About VMware Cloud Foundation VMware Cloud Foundation provides a fully integrated cloud platform that is built on software- defined services for compute, storage, networking, security, and cloud management. VMware Cloud Foundation also provides the following capabilities: Automated deployment and configuration of the VMware Cloud Foundation software components Life cycle management Support for traditional and new workloads Pathway to hybrid cloud environments VMware Cloud Foundation can be consumed in private or public environments. VMware Cloud Foundation makes operating the data center simpler by deploying a standardized and validated architecture with built-in life cycle automation for the entire cloud stack. VMware Cloud Foundation includes intrinsic security built into every level of the infrastructure, from micro-segmentation at the networking layer to encryption at the storage layer. VMware Cloud Foundation provides a standardized and configured infrastructure for vSphere with Tanzu. 9 2-6 VMware Cloud Foundation Software Bill of Materials VMware Cloud Foundation contains several VMware Software-Defined Data Center (SDDC) products. SDDC Manager automates the life cycle management of all components deployed through VMware Cloud Foundation. Each release of VMware Cloud Foundation includes an updated BOM. SDDC Manager is responsible for updating software components to match the updated BOM. All software updates must be performed in SDDC Manager to ensure full compatibility and consistency with SDDC Manager inventory information. You can use VMware Aria Suite Lifecycle to deploy VMware Aria Automation, VMware Aria Operations, VMware Aria Operations for Logs, and Workspace ONE Access. VMware Aria Suite Lifecycle determines which versions of these products are compatible and only allows you to install or upgrade to supported versions. For more information about the VMware Cloud Foundation 5.2 release notes and software BOM, see https://docs.vmware.com/en/VMware-Cloud-Foundation/5.2/rn/vmware-cloud- foundation-52-release-notes/index.html. 10 2-7 VMware Cloud Foundation Architecture VMware Cloud Foundation consists of multiple components that work together to provide a fully integrated cloud platform. VMware Cloud Foundation consists of multiple components that work together to provide a fully integrated cloud platform: VMware Cloud Builder is a virtual appliance used to perform the initial deployment of the management domain. VMware Cloud Builder validates information provided by the user, such as credentials, DNS, and network settings, and it configures all the VMware Cloud Foundation components accordingly. The management domain is purpose-built to house the management components of VMware Cloud Foundation, and it is deployed as part of the initial bring-up process using the VMware Cloud Builder virtual appliance. The bring-up process refers to the initial configuration and deployment of a new VMware Cloud Foundation instance. During the bring-up process, the management domain is created and the VMware Cloud Foundation software stack is deployed. After the bring-up process is complete, the management domain contains a four-node vSphere cluster, configured with vSAN storage and prepared for NSX. It also includes a vCenter appliance, an NSX Management cluster, and the SDDC Manager appliance. 11 SSDC Manager serves as a central point to configure and operate the VMware Cloud Foundation instance. vSphere provides the core virtualization platform for VMware Cloud Foundation and includes ESXi hosts and vCenter. vSAN aggregates local storage devices on ESXi hosts and creates a single shared storage pool for usage in the VMware Cloud Foundation instance. NSX provides consistent networking and security across the VMware Cloud Foundation instance. vSphere with Tanzu transforms vSphere into a platform for running Kubernetes workloads natively. VMware Cloud Foundation supports the automated deployment of VMware Aria Suite Lifecycle. You can then use VMware Aria Suite Lifecycle to deploy and manage the life cycle of Workspace ONE Access and the VMware Aria Suite of products (VMware Aria Automation, VMware Aria Operations, VMware Aria Operations for Logs, and VMware Aria Operations for Networks). Actual virtualized workloads, such as applications and services, run in VI workload domains. VI workload domains are deployed from SDDC Manager. When the first VI workload domain is created, a new vSphere cluster with a dedicated vCenter instance is deployed along with a dedicated (separate) NSX instance. The vCenter and NSX management components of a VI workload domain are physically located in the management domain, allowing for management and workload separation. 12 2-8 About VMware Cloud Builder VMware Cloud Builder automates the deployment of the management domain components during the initial bring-up process by performing the following keys tasks: Deploys and configures vCenter Creates a vSAN cluster using four ESXi hosts Configures host networking and cluster features Deploys and configures an NSX Manager cluster Configures host networking to support NSX Creates NSX transport zones and configures tunnel endpoints (TEPs) Configures advanced vSphere DRS rules As part of the initial bring-up process, VMware Cloud Foundation requires that you deploy a VMware Cloud Builder virtual appliance. VMware Cloud Builder automates the deployment process of all the components of the management domain. VMware Cloud Builder uses configuration settings taken from a user-defined parameter sheet to configure settings for each component that it deploys. VMware Cloud Builder first creates a management cluster using four ESXi hosts, which must be on hardware supported by vSAN and pre-imaged with the ESXi build specified in the software BOM. VMware Cloud Builder configures host networking and cluster features such as the distributed virtual switch and its associated port groups. VMware Cloud Builder creates NSX transport zones and configures TEPs. An NSX transport zone defines a collection of transport nodes that can communicate with each other across a physical infrastructure over one or more interfaces called TEPs. Although the ESXi hosts must be pre-imaged and configured with basic infrastructure settings, such as NTP, DNS, and certificates, further vSphere specific configurations must not be performed, otherwise the bring-up process might fail. 13 2-9 About SDDC Manager You use SDDC Manager to administer your VMware Cloud Foundation environment. SDDC Manager performs the following key roles: Provides an HTML5 UI and API gateway Deploys and configures software solutions Maintains an inventory of managed objects Orchestrates the following tasks: — Software updates on managed objects — Configuration tasks on managed objects Maintains network pools for consumption by managed objects Creates and manages VI workload domains SDDC Manager plays a vital role in the management of a VMware Cloud Foundation instance. It is the component that orchestrates the deployment, configuration, and upgrade of all the software components deployed as part of the VMware Cloud Foundation instance. 14 To facilitate this automation, SDDC Manager must keep an up-to-date and accurate record of all inventories that it manages. SDDC Manager tracks the following components in its inventory: vCenter Server Appliance instances ESXi hosts NSX Manager instances NSX Edge clusters You must use SDDC Manager to perform configuration changes, update software, add or remove hosts from workload domain clusters, and perform other key operations to ensure that the SDDC Manager maintains accurate inventory information. Failure to use SDDC Manager to perform these tasks can result in inconsistent inventory information that can affect the ability of SDDC Manager to perform automated tasks. SDDC Manager provides the following key services: UI: Provides an HTML5-based interface that offers a consistent look and feel between VMware UIs, such as the vSphere Client and SDDC Manager Lifecycle Manager: Monitors and performs updates to software components This service ensures that products run software versions that are tested and proven to work together. Lifecycle Manager also automates and orchestrates the upgrade of components that require updating. It ensures that the inventory is updated when upgrades are performed. Domain Manager: Orchestrates the creation, deletion, and scaling of workload domains in VMware Cloud Foundation SoS Utility: Performs health checks and log collection from the command line or API Network Pools: Provide a pool of IP addresses that can be assigned to deployed resources, such as ESXi hosts Inventory: Maintains an inventory of managed entities in an internal database 15 2-10 About the SDDC Manager Dashboard The SDDC Manager dashboard is the default landing page for the UI. The SDDC Manager dashboard provides the following functionality: Customizable widget layout Overview of resource availability and usage Shortcut buttons to commission hosts and add workload domains 16 2-11 vSphere Overview vSphere provides the core virtualization platform for VMware Cloud Foundation. vSphere comprises the following key products: ESXi: Compute platform in which you create and run VMs and other workloads vCenter: Service used to manage multiple ESXi hosts and provide vSphere vMotion and vSphere High Availability functionalities Platform Services Controller: Instance embedded in vCenter that provides common services, such as vCenter Single Sign-On, vSphere License Service, and VMware Certificate Authority vSphere is the most commonly used and widely known component of a VMware Cloud Foundation instance. As an administrator, you might already be familiar with vSphere and how to configure and administer its components. However, you must understand the implications of making changes to settings in vSphere that SDDC Manager sets automatically. Changing generated settings, such as NTP, DNS, or VM names, might result in unpredictable results. 17 2-12 vSAN Overview vSAN aggregates local storage devices on ESXi hosts and creates a single shared storage pool for all hosts in the vSAN cluster. vSAN provides the following capabilities: Integration with the ESXi hypervisor Management using the vSphere Client Policy-based storage consumption Stretched cluster capabilities All-flash and hybrid configurations Support for both OSA and ESA architectures Deduplication and compression (all-flash only) Data-at-rest encryption Native health service 18 2-13 NSX Overview NSX provides consistent networking across private clouds, public clouds, and containers. NSX offers a complete layer 2 to layer 7 software-defined networking stack, including switching, routing, and networking services such as NAT and VPN. With NSX, you can provision networking services across ESXi hypervisors and bare-metal servers running on the on-premises data center or public clouds. NSX also supports modern applications through integration with vSphere with Tanzu. 19 2-14 vSphere with Tanzu Overview vSphere with Tanzu provides the ability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters in dedicated resource pools. This feature is called Workload Management in vCenter. 20 2-15 VMware Aria Suite Overview VMware Aria Suite is a complete cloud-management solution that delivers and manages infrastructure and applications quickly while maintaining IT control. VMware Aria Suite provides a comprehensive management stack for IT services on vSphere and other hypervisors, physical infrastructure, and multiple public clouds. VMware Aria Suite is a modern infrastructure automation platform that transforms the IT service delivery by automating IT processes, enabling self-service provisioning, delivery, and life cycle management of infrastructure and applications with security and governance. VMware Aria Suite includes various products to enable the cloud management: VMware Aria Automation: You deploy VMware Aria Automation to automate IT service delivery processes (infrastructure, containers, applications, and any custom IT service) to quickly respond to business needs. VMware Aria Operations: You deploy VMware Aria Operations to enable intelligent operations from applications to infrastructure. VMware Aria Operations also helps you to plan, manage, and scale the SDDC and multicloud environments. 21 VMware Aria Log Insight: You deploy VMware Aria Log Insight to get real-time log file management and log file analysis for deep operational visibility and fast troubleshooting across hybrid cloud environments. VMware Aria Network Insight: You deploy VMware Aria Network Insight to deliver intelligent operations for software-defined networking and security, helping you build an optimized, highly available, secure network infrastructure across multicloud environments. In relation to VMware Cloud Foundation, VMware Aria Suite Lifecycle manages the life cycle of most of the VMware Aria Suite products (VMware Aria Operations for Logs, VMware Aria Automation, and VMware Aria Operations). However, updates for VMware Aria Operations for Networks are handled independently. 22 2-16 Licensing Options for vSphere Foundation and VMware Cloud Foundation Starting with vSphere 8.0 Update 2b and VMware Cloud Foundation 5.1.1, VMware by Broadcom simplified its licensing offerings to two options: VMware vSphere Foundation VMware Cloud Foundation 23 2-17 vSphere Foundation Licensing vSphere Foundation gives you access to VMware Aria, vSphere, and vSAN products. When you purchase vSphere Foundation, you receive the following licensing keys in your licensing portal: The solution key, which is used to unlock all vSphere Foundation features including vSphere, vSAN (100 GB entitlement per core configured for vSAN), VMware Aria Suite Standard, vCenter Standard, and Tanzu Kubernetes Grid. — vSphere 8 Enterprise Plus for vSphere Foundation is the solution key for VMware vSphere Foundation. — This solution key supports vCenter 8.0 Update 2b or later. The license keys for all other products included in VMware vSphere Foundation: — VMware Aria Suite Standard 8 for vSphere Foundation — VMware Tanzu Kubernetes Grid for vSphere Foundation — VMware vCenter 8 Standard for vSphere Foundation For additional information, see "VMware Cloud Foundation and vSphere Foundation Solution License Key" at https://knowledge.broadcom.com/external/article?legacyId=97303. 24 2-18 VMware vSphere Foundation Add-Ons With VMware vSphere Foundation, you can optionally purchase licensing add-ons to gain access to additional solutions. 25 2-19 VMware Cloud Foundation Licensing With VMware Cloud Foundation, you have access to the complete VMware product catalog. When you purchase VMware Cloud Foundation, you receive the following licensing keys in your licensing portal: The solution key, which is used to unlock all VMware Cloud Foundation features including vSphere, NSX Networking, VMware Aria Suite Enterprise, VMware Aria Operations for Networks, HCX, SDDC Manager, vCenter, Tanzu Kubernetes Grid, and Data Services Manager: — vSphere 8 Enterprise Plus for VMware Cloud Foundation is the solution key for VMware Cloud Foundation. — This solution key supports vCenter 8.0 Update 2b or later, and it requires VMware Cloud Foundation 5.1.1 or later. — vSAN features continue to require a separate vSAN license key. The licenses keys for all other products included in VMware Cloud Foundation: — VMware NSX Networking for Cloud Foundation — VMware Aria Term Suite Ent 8 for Cloud Foundation — VMware Aria Operations for Networks Ent 6 for Cloud Foundation — VMware HCX Enterprise for Cloud Foundation 26 — VMware HCX Advanced for Cloud Foundation — VMware SDDC Manager for Cloud Foundation — VMware vCenter Server 8 Standard for vSphere Foundation — VMware Tanzu Kubernetes Grid for Cloud Foundation — VMware Data Services Manager for Cloud Foundation — VMware vSAN 8 for Cloud Foundation (supports vCenter 8.0.0a and above) For additional information, see "VMware Cloud Foundation and vSphere Foundation Solution License Key" at https://knowledge.broadcom.com/external/article?legacyId=97303. 27 2-20 VMware Cloud Foundation Add-Ons With VMware Cloud Foundation, you can optionally purchase licensing add-ons to gain access to additional solutions. 28 2-21 Applying a Solution License Key in a Greenfield Deployment You follow these steps to apply a new VMware Cloud Foundation solution license when running VMware Cloud Foundation 5.1.1 or later and vSphere 8.0 Update 2b or later: 1. Retrieve the solution license key from the licensing portal. 2. Add the key directly to vCenter. 3. Manually assign the solution keys: vCenter ESXi hosts Tanzu Kubernetes Grid Supervisor clusters After applying the solution license key to vCenter and adding vCenter to VMware Aria, NSX, and HCX, these features automatically entitle themselves with VMware Cloud Foundation. Until then, they run in Evaluation mode. The