VMware Cloud Foundation 3.

0 – The Software-Defined Data Center for your Private Cloud

Overview Lifecycle Management Security
VMware Cloud Foundation is the industry’s most advanced hybrid cloud platform. It provides a complete set of software-defined services for compute, storage, networking and By default, SDDC Manager routinely checks the VMware software depot to discover when software updates are available. If SDDC Manager VMware Cloud Foundation includes many comprehensive security features to protect your virtual infrastructure. This includes VMDK encryption, vMotion encryption, vSAN data at rest encryption, NSX distributed firewall, NSX edge VPN, NSX
security, and cloud management to run both traditional enterprise applications and modern cloud native workloads. Cloud Foundation patch management and upgrades are does not have internet connectivity, use the Bundle Transfer Utility to manually download update bundles from the VMware software edge firewall, and vRealize Network Insight.
drastically simplified thanks to automated lifecycle management. A true Hybrid Cloud experience is achieved with NSX – Hybrid Connect, by providing powerful workload depot and manually transfer them to SDDC Manager.
mobility between any VMware based clouds. Giving you the freedom to run your application workloads anywhere.

Encrypted
VMware VM VM VM VM VM
Software Components vMotion vRNI
depot
Online Lifecycle Management 1 1 0 External
VMware Cloud Foundation 1 0 1
NSX – Hybrid Connect SDDC Manager
1 0 0
Automatic Offline Lifecycle Management NSX Edge
Update 00 1
vRealize vRealize vRealize Firewall
Cloud Management Downloads 0 1 0
Operations Manager Automation Network Insight VPN
2
vRealize vRealize Copy
Log Insight Business Monitor Update vSphere Distributed Switch
Compute Storage Network & Reporting SDDC Notification
Manager 1
3
vSphere vSAN NSX Download Marker File
Lifecycle Automation
ESXi + vSAN + NSX ESXi + vSAN + NSX ESXi + vSAN + NSX
4 SDDC
Schedule Single Click Manager
Updates Updates Transfer
SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD SSD

VM Encryption
vSAN Datastore vSAN Datastore vSAN Datastore
Encryption Data-at-rest Encryption Data-at-rest Encryption Data-at-rest Distributed Firewall

Schedule Single Click vMotion Encryption

Private cloud Public cloud
Updates Updates
Edge VPN

Partner Provided KMS vSAN Encryption

Logical Network vRealize Automation

Edge Firewall

vRealize Network Insight

VMware Cloud Foundation logical networking architecture is based on the VMware Validated Designs. The configuration of the management, vMotion, vSAN, and VXLAN is vRealize Automation is installed by the SDDC Manager using the vRealize Suite Lifecycle Manager API and is load balanced with NSX. Once deployed the
configured using a JSON file which is provided during bring up for the management workload domain. After bringup network pools are created in the SDDC manager for the vRA administrator can create blueprints and deploy VMs to the VMware Cloud Foundation Private cloud.
Workload domain vSAN and vMotion Networks.

Physical Switches

Physical Infrastructure
VMware Cloud Foundation
nic0 nic1 nic0 nic1 nic0 nic1 nic0 nic1 SDDC
Private Cloud VMware Cloud Foundation now supports a broad range of physical network and sever infrastructure. Including support for customer defined physical network infrastructure. And extended support for
Manager even more vSAN Ready Nodes. With multi-cluster support, this highly flexible infrastructure can now scale up to the vSphere/vSAN Cluster Maximums. Refer to the VMware Compatibility Guide (VCG)
VM VM VM http://vmware.com/go/cloudfoundation-vcg) for a list of qualified hardware.
VM
ESXi Host ESXi Host ESXi Host ESXi Host • Qualified vSAN Ready Nodes
• Heterogenous Server Support
vRSLCM NSX Edge • Flexible Customer Defined Network Infrastructure
Virtual Distributed Switch API Load Balancer
Upstream
vSAN ReadyNodes IP attached storage
Network
(i.e. NFS / iSCSI)
Hybrid
nic0 nic1 nic0 nic1 nic0 nic1 nic1 nic0 nic1 nic0 nic0 nic1 Customer defined
Flexible Network Options
Caching
VRA Web Agent DEM SQL SSD PCIe NVMe
Tier
Read and Write Cache

vmk0 vmk1 vmk2 vmk3 vmk4 Port Group

vRealize Automation Cluster

Virtual Infrastructure Domain

Load Based Team Load Based Team Load Based Team Route Orig Port ID Route Orig Port ID Route Orig Port ID
vRealize Log Insight Capacity
Expand
Capacity
Tier Racks scale up to
Log Insight is automatically installed by the SDDC Manager during the bring up process. Once installed, It is then configured to collect unstructured syslog data
vSphere and vSAN
from all VMware Cloud Foundation components, including the SDDC Manager, PSC, vCenter, vRealize Suite, NSX, and ESXi hosts. The cloud administrator is then
Cluster Maximums
Management VLAN vSAN vMotion VXLAN VXLAN vRealize able to review all the aggregated log information from the Log Insight dashboard.

Available Capacity
All-Flash

Caching
SSD PCIe NVMe
Tier
NSX Edge
Write Cache
Load Balancer(s) Expand
VMware Cloud Foundation
Private Cloud Components
Virtual Desktop Domain
PSC vRA NSX ESXi
Workload Domains SDDC
Manager
Management
Switch
vCenter vROPs TOR Switch Capacity Management Domain
VMware Cloud Foundation now includes multi-cluster Workload Domains providing enhanced scalability. Workload domains start with a minimum of 3 hosts and can scale Capacity
up to the vSphere/vSAN maximums. Each workload domain has its own vCenter Server and NSX Manager instance and can be patched or upgraded independently. Role Tier Minimum 4 Nodes
based access controls can be used to secure and separate workload domains into different business units. While cloud administrators can have ultimate visibility across all
workload domains with Enhanced Link Mode.

ILB
VIP
Management Workload Domain

Single Sign-on Domain

NSX – Hybrid Connect
PSC PSC Master Worker Worker
Log Insight Log Insight Log Insight
NSX Hybrid Connect installs four appliances in each site, when completed a Hybridity Tunnel is created, allowing workload mobility between sites. NSX Hybrid Connect includes the ability to automate the creation of the layer 2 network
extensions. When layer 2 network extension is complete live migrating application workload VMs to VMware Cloud Foundation is easy with NSX Hybrid Connect.

Single Log Insight Cluster

Management
Domain vCenter
VI Workload
Domain vCenter
VI Workload
Domain vCenter
Using Integrated Load Balancer
Legacy vSphere VMware Cloud Foundation

NSX Manager NSX Manager NSX Manager Virtual Distributed Switch Corp Virtual Distributed Switch
vRealize Operations Redmond WA
LAN/WAN
Milwaukee

vRealize Operations Manager is installed by the SDDC Manager using the vRealize Suite Lifecycle Manager API and is load balanced with NSX. Once installed, it
is then configured to automatically collect performance metric data from all of the VMs in the Management Domain, including the SDDC Manager, PSC, HCX TRUNK HCX TRUNK
vCenter, vRealize Suite, NSX, and ESXi hosts. The cloud administrator is then able to manage performance, monitor alerts, and optimize capacity all from the
vRealize Operations Manager dashboards.
vRealize vRealize vRealize
SDDC Manager Uplink VLAN Uplink VLAN
Log Insight Operations Manager Automation

Management VLAN Management VLAN

NSX Controller NSX Controller NSX Controller

vMotion VLAN vMotion VLAN

VMware Cloud Foundation
ESXi ESXi ESXi ESXi Private Cloud
VM VLAN Hybrid Extended L2 VLAN
Mobility Tunnel
PSC vRA NSX ESXi
SDDC
Horizon
Manager
vCenter vROPs vRLI
HCX HCX
Enterprise Enterprise
Workload Domain 1 Workload Domain 2
VM VM
vRSLCM NSX Edge
Cluster 1 Cluster 2 Cluster 1 Cluster 2 Cluster 3
API Load Balancer
VM
APP APP APP APP APP APP APP APP APP APP APP APP NSX Edge
VDI VDI VDI VDI
OS OS OS OS OS OS OS OS OS OS OS OS

NSX NSX NSX APP APP APP APP NSX NSX NSX APP APP APP APP vROPs vROPs vROPs Hybrid Network Hybrid Network
Controller Controller Controller OS OS OS OS Controller Controller Controller OS OS OS OS Master Replica Data Interconnect Extension Interconnect Extension

ESXi ESXi ESXi ESXi ESXi ESXi ESXi ESXi

WAN WAN
vRealize Operations Manager Cluster Optimizer Optimizer

Copyright © 2018 VMware, Inc. All rights reserved. vmware.com