IBM Cloud® for VMware Cloud Foundation architecture overview

VMware Cloud Foundation components

The following items are the core components of VMware Cloud Foundation:

• VMware Cloud Builder
• SDDC Manager
• VMware vSphere® and VMware vCenter Server®
• VMware vSAN™
• VMware NSX-T™ Data Center
• VMware Aria Suite Lifecycle (formerly vRealize Suite Lifecycle Manager)

VMware Cloud Builder appliance is the first virtual appliance that is deployed on the IBM Cloud bare metal servers for IBM Cloud VPC. It automates the deployment of the entire VMware software-defined stack. VMware Cloud Foundation assumes that the underlying network infrastructure, required bare metal servers, and DNS are deployed before you start deploying it. This part is handled by IBM Cloud® for VMware Cloud Foundation automation. VMware Cloud Builder deploys and configures the first cluster of the management domain and then transfers the inventory and control to SDDC Manager. During the deployment process, the VMware Cloud Builder appliance validates network information that you provide in the deployment parameter workbook, such as DNS, network (VLANS, IP addresses, MTUs), and credentials. In the IBM Cloud® for VMware Cloud Foundation automation deployments, credentials are randomly generated during the initial provisioning.

SDDC Manager automates the entire system lifecycle, that is, from configuration and provisioning to upgrades and patching, including host firmware, and simplifies day-to-day management and operations. In IBM Cloud®, VMware Cloud Foundation capacity expansion is done through the IBM Cloud® for VMware Cloud Foundation automation.

VMware vSphere running on bare metal servers for IBM Cloud VPC uses virtualization to transform individual data centers into aggregated computing infrastructures that include CPU, storage, and networking resources. vCenter Server manages these infrastructures as a unified operating environment and provides you with the tools to administer the data centers that participate in that environment.

vSAN aggregates local or direct-attached data storage devices on IBM Cloud VPC bare metal servers to create a single storage pool that is shared across all hosts in the vSAN cluster. By using vSAN, you don't need external shared storage and it also simplifies storage configuration and virtual machine provisioning. Built-in policies allow for flexibility in data availability.

VMware NSX-T™ Data Center (referred as NSX throughout this documentation) is focused on providing networking, security, automation, and operational simplicity for emerging application frameworks and architectures that have heterogeneous endpoint environments and technology stacks. NSX supports cloud-native applications, bare metal workloads, multi-hypervisor environments, public clouds, and multiple clouds. NSX integrates with IBM Cloud VPC capabilities through NSX edge cluster and Tier-0 gateways. Through this integration, your workloads are able to use other cloud services and interconnectivity services that are provided by IBM Cloud.

VMware Aria Suite Lifecycle (formerly VMware vRealize Suite Lifecycle Manager) provides a comprehensive solution for deploying, configuring, managing, and upgrading Aria Suite products. These products include Aria Suite products such as:

• Aria Operations (formerly vRealize Operations Manager)
• Aria Operations for Logs (formerly vRealize Log Insight)
• Aria Operations for Networks (formerly vRealize Network Insight)
• Aria Automation (formerly vRealize Automation)

Aria Suite Lifecycle provides product installation and content lifecycle management capabilities to automate the deployment of Aria Suite content. The access to use these products depends on the selected VMware Cloud edition. The IBM Cloud® for VMware Cloud Foundation automation deploys Aria Suite Lifecycle (vRealize Suite Lifecycle Manager) and you can deploy Aria Suite products post deployment by using the Aria Suite Lifecycle.

VMware Cloud Foundation on IBM Cloud VPC

IBM Cloud® for VMware Cloud Foundation is deployed on IBM Cloud VPC and uses the bare metal servers for IBM Cloud VPC for compute resources. These fast provisioning bare metal servers and IBM Cloud VPC network form the core infrastructure for the deployment. Through the integration with the VPC platform, you can take full advantage of the network, storage, and security capabilities provided by the IBM Cloud VPC.

The IBM Cloud® for VMware Cloud Foundation automation is based on Terraform and Ansible. The underlying automation engine is IBM Cloud Schematics, which uses IBM Cloud Terraform provider to deploy the IBM Cloud VPC and other required IBM Cloud Services for your VMware Cloud Foundation instance. Ansible is used to deploy and configure Cloud Builder and SDDC manager, and to configure NSX by using relevant APIs. To provision a VMware Cloud Foundation instance, use IBM Cloud® for VMware Solutions Portal, which offers a more intuitive user experience to complete and complete the Terraform variable values.

The automation provisions a new IBM Cloud VPC, prefixes, subnets, security groups, public gateways, and the required common services such as DNS. IBM Cloud bare metal servers are provisioned on VPC subnets with two PCI interfaces and the required VLAN interfaces. PCI and VLAN interfaces are networking constructs for bare metal servers for IBM Cloud VPC and how they integrate with IBM Cloud VPC networking. The PCI interfaces are used for VMware vSphere Distributed Switch uplinks and VLAN interfaces are used for VMkernel adapters and the deployed VMware Cloud Foundation appliances, NSX edges, and Tier 0 Gateway uplinks. IBM Cloud VPC routes are provisioned for allowing overlay access from your VPC, or from other interconnected VPCs.

An overview of the consolidated architecture and deployed assets is shown in the following diagram. Consolidated architecture deploys a singe set of VMware assets, a vCenter, NSX managers, and two NSX edges in addition to the SDDC manager. A Tier-0 gateway is deployed and integrated with VPC with external uplinks.

An overview of the standard architecture and deployed assets is shown in the following diagram. As a main difference to consolidated architecture, this architecture model deploys more hosts for the VI workload domain, a new vCenter, new NSX appliances, and a new Tier-0 gateway. Also, new VPC subnets are provisioned for the VI workload domain hosts and NSX edges.

For the connectivity needs and as the NSX deployment is integrated with VPC, you can use IBM Cloud VPC connectivity services and IBM Cloud interconnectivity solutions with your deployment. Public internet network access capabilities to the workloads are provided through floating IP addresses or Public Gateway configurations within your VPC. On-premises connectivity over public internet can be arranged by using IBM Cloud VPC VPN services (site-to-site and client-to-site), or alternatively by using NSX built-in capabilities. For private networking, you can use IBM Cloud interconnectivity services to connect your VMware workloads with IBM Cloud classic infrastructure, other VPCs, and on-premises networks.

With VMware Cloud Foundation, you use VMware vSAN™ for storage and VMware NSX™ networking with your VMware workloads. You can easily and quickly add and remove ESXi hosts on to your deployment, or add new workload domains.

For post initial deployment integrations, for example with your own Active Directory™, you can use IBM Cloud VPC compute resources to build your Active Directory in IBM Cloud VPC, or interconnect with your existing Active Directory infrastructure.

Related links

• IBM Cloud VPC getting started
• IBM Cloud VPC bare metal servers
• IBM Cloud Direct Link overview
• IBM Cloud Transit Gateway overview
• IBM Cloud VPC VPN overview
• VPC IaaS endpoints