Deploy and configure the management cluster components.


Two external Platform Services Controller instances must be deployed in Region B. Work through this procedure twice, using the vCenter Server appliance ISO file and the customized data for each instance.


After you have successfully installed the Platform Services Controller instance, you must add the appliance to your Active Directory domain. After that add the Active Directory domain as an identity source to vCenter Single Sign-On. When you do, users in the Active Directory domain are visible to vCenter Single Sign-On and can be assigned permissions to view or manage SDDC components.


The first step is replacing the machine SSL certificate on each Platform Services Controller instance with a custom certificate that is signed by the certificate authority (CA) available on the parent Active Directory (AD) server.


Before installing vCenter Server the Platform Services Controller endpoints must be updated to reflect the name of the load balancers virtual IP.


You can now install the vCenter Server appliance for the management applications and assign a license. 


You must now create and configure the management cluster.


After you have added all ESXi hosts to the cluster, you create a vSphere Distributed Switch. You must also create port groups to prepare your environment to migrate the Platform Services Controller and vCenter Server instances to the distributed switch.


This step is to set the vSAN storage policy for the Platform Services Controller and vCenter Server appliances.


vSAN disk groups must be created on each host that is contributing storage to the vSAN datastore.


Before creating the host profile for the management cluster enable vSphere HA.


Change the default ESX Admins group to achieve greater levels of security and enable vSAN to provision the Virtual Machine Swap files as thin to save space in the vSAN datastore.


 You must mount a NFS datastore where vSphere Data Protection will later be deployed.


Host Profiles ensure all hosts in the cluster have the same configuration.


After you apply the host profile to all of the hosts, set the storage policy of the Management Virtual Machines to the vSAN Default Storage Policy.


Create folders to group objects of the same type for easier management.


Anti-Affinity rules prevent virtual machines from running on the same host. This helps to maintain redundancy in the event of host failures.


VM Groups allow you to define the startup order of virtual machines. Startup orders are used during vSphere HA events such that vSphere HA powers on virtual machines in the correct order.