Virtual infrastructure design The VxBlock System 1000 and the management domain follow the VMware VVD recommendations that are incorporated into VMware VCF. The virtualization infrastructure layer contains the following components: VMware vSphere VMware vSAN VMware NSX-T Data Center See Network Design for ESXi for the Management Domain for additional information. Consider the total system requirements of management components and VI workload domains when you size the compute resources for the management domain. VMware ESXi Host failures or maintenance should maintain a vCPU-to-pCPU ratio of less than or equal to 2:1. Do not consider hyperthreading when calculating the ratio. The number of hosts in the management domain should meet this requirement. Consider the following for VMware ESXi host CPU capacity: Expected number of VI workload domains, VMware NSX-T instances, VMware NSX-T intelligence VMs. Optional VMware vRealize Suite requirements. AMP Central core, optional, and ECO workloads. VxBlock System multisystem management requirements VMware ESXi is deployed with VMware ESXi Enterprise Plus license with UEFI secure boot as the default. VMware vSphere ESXI supports four to 16 medium or large AMP Central servers that are determined by the combined management and VI workload domain requirements. Management domain expansion is only supported with VMware SDDC Manager. Follow the RCM process to perform patches and upgrades using VMware SDDC Manager. VMware vCenter Server The VMware vCenter Server manages the VMware ESXi hosts that are running the software components of VMware SDDC. This VMware vCenter Server supports integration with other solutions for virtual infrastructure monitoring and management. VMware vCenter is configured with an Embedded VMware Platform Services Controller (PSC) running Embedded Link Mode with up to 14 VI workload domains. VMware SDDC Manager automation deploys the VI workload domain VMware vCenter Servers on sfo-m01-clo1-vds01-pg-mgmt and deploys management and VI workload domain VMware NSX-T Managers on sfo-m01-clo1-vds01-pg-mgmt. The first VI workload domain requires a VMware vCenter Server and associated VMware NSX-T Managers. The second VI workload domain that is deployed may only require a VMware vCenter Server. The VMware vSphere Lifecycle Manager (vLCM) runs on the VMware vCenter Server. VMware SDDC Manager is used for life cycle management of all management and workload domains. One VMware vCenter Server is deployed with the VMware vSphere Enterprise Plus license. The VMware vCenter Server is supported with AMP Central in a stand-alone or integrated configuration. The VCF VVD Architecture does not support VMware FT and VMware vCHA. Follow the RCM process to perform patches and upgrades using VMware SDDC Manager. VMware vSphere cluster The VMware vSphere cluster requires a minimum of four VMware vSAN ready nodes in a single availability zone for the management domain. The VMware vSphere cluster automatically enables VMware HA, VMware DRS, and VMware EVC. The VMware vSphere automatically deploys three small VMs for VMware vSphere Cluster Services (vLCS) on different management domain hosts. You can view the management domain VMware vCenter Server from the VM and template tab. VMware vSphere Consider the following for VMware vSphere design: Place the core, optional and ECO workloads in the sfo-m01-fd-mgmt default folder. The management domain cluster uses VMware vSAN for principal storage. The management domain requires a minimum of four hosts to support VMware vSAN. The management domain does not support VMware vVols. Two VMware vSAN disk groups are configured per management domain host. At least 30 percent of the VMware vSAN datastore should be free space. A single availability zone uses the default VMware vSAN storage policy. Storage I/O control is not applicable on principal VMware vSAN datastores. VMware SDDC Manager Use VMware SDDC Manager to create workload domains, provision additional infrastructure and perform lifecycle management of VMware SDDC management components. The VMware SDDC Manager is assigned to the sfo-m01-fd-mgmt folder and automatically deploys during installation. You can use VMware SDDC Manager to perform the following: Commission or decommission VMware ESXi hosts Deploy VI workload domains Extend clusters with VMware ESXi hosts in the management domain and VI workload domains Add clusters to the management domain and VI workload domains Support network pools for host configuration in a VI workload domain Store product licenses Deploy optional VMware vRealize Suite components. Provide life cycle management of virtual infrastructure components in the VI workload domains and optional VMware vRealize Suite Lifecycle Manager components. Manager certificates Rotate and manage passwords Deploy VMware NSX-T Edge clusters in the management domain and VI workload domains Configure backups VMware vSphere network VMware VDS and VMware NSX-T are used for virtual networking. The following requirements apply: Each VMware vSphere cluster in the management domain requires one dedicated VMware VDS for the ToR switches and a second VMware VDS and associated port group to support OOB management VMs. NIOC is enabled for each VMware VDS Route based on physical NIC load is the default network configuration for the management domain. This network configuration does not apply for the VMware NSX-T Data Center uplink port groups for the edge nodes. The VLAN for the default sfo-m01-cl01-vds01-pg-uplink01 is configured on ToR Switch A. The VLAN for the default sfo-m01-cl01-vds01-pg-uplink02 is configured on ToR Switch B. VMware NSX-T includes the following components to provide management domain network virtualization capabilities: VMware NSX-T Manager implements the management and control plane for the VMware NSX-T infrastructure. VMware NSX-T Manager is automatically deployed with the medium configuration. VMware NSX-T Manager appliances are automatically deployed on sfo-m01-cl01-vds01-pg-mgmt. The VMware NSX-T management host overlay TEPs are assigned to each management host using DHCP. Each host requires two TEPs. If virtual network segments are deployed, the following apply: VMware NSX-T Edge nodes contain the service router components and provide north-south traffic connectivity between the physical data center networks and the VMware NSX-T segments. The nodes provide east-west traffic flow support. VMware NSX-T Edge VMs are deployed with the medium configuration BGP is configured on the ToR switches and establish a routing adjacency with VMware NSX-T Edge nodes tier-0 service routers. Only BGP is supported as a routing protocol. The ToR switch BGP configuration includes the default-originate option to inject default routes to the VMware NSX-T Edge node tier 0 gateway. VMware NSX-T Management Edge overlay TEPs are manually assigned two IP addresses for each of the VMware NSX-T Edge nodes. VMware NSX-T Edge nodes are automatically deployed on sfo-m01-clo1-vds01-pg-mgmt. VMware NSX-T Edge nodes are implemented with a single VMware VDS. The uplink network interfaces of the VMware NSX-T Edge node are connected to VLAN trunk group ports that connected to a specific physical NIC on the host. The internal VMware VDS is required to define traffic flows through the VMware NSX-T Edge node interfaces. IMPORTANT: VMware SDDC Manager is used for updates, and product compatibility verification for life cycle management. The following figure shows the VMware NSX-T Edge node configuration: VMware NSX-T Manager Three VMware NSX-T Managers appliances are deployed with the management domain regardless of whether virtual network segments are used. Follow the RCM process to perform patches and upgrades using VMware SDDC Manager. VMware NSX-T Edge VMs Two VMware NSX-T Edge node VMs are deployed to the management domain to support virtual network segments. Follow the RCM process to perform patches and upgrades using VMware SDDC Manager. Parent topic Management domain architectureThe management domain is a cluster of physical hosts that contain the management component VMs.