VMware Cloud Foundations (vCF) is a suite of products offered by VMware intended to make running a software-defined data center (SDDC) easier for virtualization administrators. The intent is to allow for easier management and control of an SDDC by bringing the single pane of glass concept to operations. Combining some of the traditionally broken out pieces of the datacenter into this single concept allows for Cloud Foundations to ease burdens through central management of software versions, passwords, backups, and other taskings that would be duplicated across clusters. vCloud foundations brings automation to the deployment and control of the traditional pieces of a datacenter: transport, compute, and storage.

Cloud Foundations Overview

Note1 : This primer is based on vCF version 4.5.1.0 in a single datacenter deployment model

Note 2: The vRealize Suite of products has been renamed the Aria Suite of products

Included Products

VMware Cloud Foundations is a suite of VMware products:

• Cloud Builder
• VMware vSphere (ESXi and vCenter)
• VMware vSAN
• VMware SDDC Manager
• VMware NSX-T Datacenter
• VMware Aria Suite
  • VMware Aria Operations (formerly vRealize Operations)
  • VMware Aria Operations for Logs (formerly vRealize Log Insight)
  • VMware Aria Operations for Networks (formerly vRealize Network Insight)
  • VMware Aria Suite Lifecycle Manager (formerly vRealize Suite Lifecycle Manager)
  • VMware Aria Automation/Orchestrator (formerly vRealize Automation/Orchestrator)
  • VMware WorkspaceONE for Aria Suite

Deployment

Deploying a Cloud Foundation instance occurs through a prebuilt appliance called the Cloud Builder, which takes inputs from a worksheet provided by VMware to deploy the initial management domain and all required appliances/pieces. Cloud Builder comes as an OVF, so it must be run on another server or computer that has access to the hosts that will belong to the management domain. It hosts a web-based wizard that allows the user to enter all parameters manually or directly import their worksheets for ease of deployment.

More information on Cloud Builder can be found at this link.

SDDC Management

Managing a Cloud Foundation instance occurs through a different platform than your typical VMware admin would expect. Most VMware admins are used to working directly in the vCenter or ESXi GUI’s, but Cloud Foundation brings with it the SDDC Manager. This appliance acts as a one stop shop to manage all bits and bobs of a SDDC via automated workflows. The SDDC Manager also allows administrators to easily and quickly deploy new features in their SDDCs, such as new workload domains, VMware Aria suite products, or Tanzu-based options. Some of the major management features of the SDDC Manager include:

• Automation Workflows: SDDC Manager’s bread and butter are the automation workflows it has built in to accomplish tasks that normally are done through manual means or would require written automation by administrators to perform. The biggest and best workflow in SDDC Manager is the workflow written to update all products according to a given bill of materials. It’s a set it and forget it process that results in time saved. There are many other workflows built in for things like password rotation, NSX component deployment, workload deployment, Tanzu deployment, and more.
• Software release management as a build of materials (BOM): This enables VMware to test product software in a single package and release known interoperable/working software as a bundle for deployment. Since SDDC Manager performs all updates of all software, this singular package of software eases the burden of administrators to update software and guess whether or not releases will work together.
• Centralized Password Management and Rotation: SDDC Manager has a feature built in to not only store all passwords for administrators, but also enable automatic rotation of passwords on a schedule. These passwords can also be manually set/updated, as well as retrieved by admins who have SDDC Manager appliance access.
• Centralized Certificate Management: Similar to the password management feature, SDDC Manager features a certificate management section to centralize VMware product certificate management.

Compute Domains

For the average VMware administrator, Cloud Foundations can be seen as stepping into a different world. Conceptually speaking, there are major differences in the design of traditional vSphere datacenters versus the design of an SDDC in Cloud Foundations. One of the main concepts that is unique to vCF is the introduction of domains, which are purpose-built clusters for performing certain tasks. In particular, vCF uses a domain duality concept, where each SDDC has a single management domain and potentially multiple workload domains. The main purpose behind this is to split workloads between multiple racks in an effort to provide redundancy and scalability. The two domain types allow for splitting the tasks of updating and changing core infrastructure (management domain) versus compute/storage for business workloads (workload domain).

• Management Domain: Responsible for running core services in the SDDC, to include the following appliances:
  • SDDC Manager
  • vCenter Servers (for all Domains)
  • NSX-T Manager Clusters (for all Domains)
  • NSX-T Edge Nodes (for T0 in the Management Domain)
  • VMware Aria Product Suite
• Workload Domain: Responsible for running core services in the SDDC, to include the following appliances:
  • NSX-T Edge Nodes (for each T0 in the Workload Domain)

Storage

Storage in a vCloud Foundation deployment can be sourced from the traditional means: iSCSI/FC (as of vCF 3.5), NFS (as of vCF 3.9), or (most preferred) vSAN. Storage works the same way it would in any traditional vSphere setup and is controlled via vCenter. The storage type and parameters are specified during the initial bring-up with Cloud Builder and can be adjusted post-build in SDDC Manager or vCenter, depending on use case.

Networking

Networking is where vCF can really shine due to the fact that NSX-T Datacenter is built into the solution. A standard vCF installation requires all the key components of an NSX-T Datacenter deployment:

• NSX Manager: Responsible for the software-defined component of the network, they hold the configurations and send control information to the different pieces in the datacenter. vCF requires a cluster of three (3) managers to be deployed in order to ensure redundancy for patching and operations.
• NSX Edge Node: Edge are the bridge between the virtual and physical world in the SDDC. One vNIC from the edge connects to a VLAN-backed segment responsible for the up-and-out connectivity into the SDDC, while the other vNIC is responsible for internal connectivity on the virtualized side. vCF requires pairs of two (2) edge nodes for each domain per T0 Gateway in NSX. What this functionally means is that you will have a minimum of four (4) edge nodes at first deployment: 2 for the management domain and 2 for the workload domain. If you are deploying more than one T0 gateway in your workload for things such as Tanzu or other internal enclaves/multitenancy, you can deploy additional edge nodes and gateways through the SDDC Manager.
• Transport Nodes: The ESXi hosts that make up each domain are the transport nodes in NSX-T. Profiles for transport, overlay, and uplinks are specified during the Cloud Builder deployment and can be customized to fit your server hardware, such as the amount of physicals NICs and how they are using uplinks.

---

In part 2, we will get more into the management and control of the SDDC once deployed. Hopefully this overview has given you basics of how VMware Cloud Foundations and how it works.