This VMware Validated Design has a number of objectives to deliver prescriptive content about an SDDC that is fast to deploy and is suitable for use in production.

Objectives of VMware Validated Design for Software-Defined Data Center

VMware Validated Design Objective

Description

Main objective

SDDC capable of automated provisioning of workloads

Scope of deployment

Greenfield and brownfield deployment of the SDDC management components.

Cloud type

Private cloud

Number of regions and disaster recovery support

Dual-region SDDC that supports disaster recovery

The documentation provides guidance for a deployment that supports two regions for failover in the following way:

The design documentation provides guidance for an SDDC whose management components are designed to operate in the event of planned migration or disaster recovery. This part also includes design of the components that support the failover.

The deployment documentation provides guidance for an SDDC that supports two regions for both management and tenant workloads.

The operational guidance contains detailed instructions about performing disaster recovery and planned migration.

Maximum number of virtual machines

10,000 running virtual machines

Churn rate of 150 virtual machines per hour

Churn rate is related to provisioning, power cycle operations, and decommissioning of one tenant virtual machine by using a blueprint in the cloud management platform. A churn rate of 100 means that 100 tenant workloads are provisioned, pass the power cycle operations, and are deleted.

Number of hardware pods

2-pod setup

The validated design requires the following pods for SDDC deployment:

Management pod. Runs the virtual machines of the management products.

Shared edge and compute pod

Runs the tenant workloads.

Runs the required NSX services to enable north-south routing between the SDDC and the external network, and east-west routing inside the SDDC.

Data center virtualization

Compute virtualization

Software-defined storage in the management pod

Network virtualization

Scope of guidance

Storage, compute and networking for the management pod.

Number of hosts, amount of storage and configuration.

Deployment and initial setup of management components at the levels of infrastructure, cloud management platform, and operations.

Basic tenant operations such as creating a tenant, assigning tenant capacity, configuring user access, and adding virtual machines to a service catalog from single-machine blueprints.

Operations on the management components of the SDDC such as monitoring and alerting, backup and restore, post-maintenance validation, disaster recovery and upgrade.

Overall availability

99% availability

Planned downtime is expected for upgrades, patching, and on-going maintenance.

Authentication, authorization, and access control

Use of Microsoft Active Directory as a central user repository.

Use of service accounts with minimum required authentication and Access Control List configuration.

Use of basic tenant accounts.

Certificate signing

Certificates are signed by an external certificate authority (CA) that consists of a root and intermediate authority layers .

Hardening

Tenant workload traffic can be separated from the management traffic.

The design uses a distributed firewall to protect all management applications. To secure the SDDC, only other management solutions and approved administration IP addresses can directly communicate with individual components.