Introducing – VMware Cloud Foundation 4.0
Here I will highlight some key points from this new release of VMware Cloud Foundation 4.0 which is powered by vSphere 7.0, vSAN 7.0 and NSX-T. The following depicts a list of all the components and their respective versions as per the VCF 4.0 Bill of Materials:
The above components are deployed by using a combination of Cloud Builder for the initial bring-up and SDDC Manager for the Day-X component deployments such as vRSLCM. As part of the VCF implementation these components are installed and configured as per the VMware Validated Design(VVD) solution architectures.
As per previous VCF versions the concept of Workload Domains(WLD) still exist and everything begins with the creation of a Management WLD, which is a minimum 4 node cluster. As of this release of VCF 4.0 NSX-T is now leveraged in all Workload Domains including in the Management WLD. Geneve backed Application Virtual Networks(AVNs) leveraging BGP peering can optionally be configured as part of the Cloud Builder bring-up process or configured as a Day-X activity, AVNs provide benefits for portability and fail over for planned migration or disaster recovery. With the PSC now being embedded as part of the vSphere 7.0 architecture and with the addition of leveraging NSX-T we now have a more scaled down Management WLD compared to previous VCF releases. vRealize Log Insight(vRLI) is now optional, thus vRLI is no longer a Day-0 activity deployed by Cloud Builder and can be deployed as a Day-X task leveraging vRSLCM 8.1.
As of VCF 4.0 NSX-T Management cluster can be a 1:1 or a 1:Many relationship at a per Workload Domain level, which means a WLD can share an instance of NSX-T with other WLDs, the exception here is the Management WLD NSX-T instance which cannot be shared with other WLDs. The option is presented when deploying additional WLDs to join an existing or create a new NSX-T Management cluster.
NSX-T Edge Automation: The deployment of the NSX Edge devices to their associated Edge cluster is now a Day-X automated task via SDDC Manager.
LCM of the SDDC environment continues in the same vein providing scheduled updates, monitoring & reporting and the capability to upgrade on a per Cluster level.
Note: VMware Cloud Foundation 4.0 is limited to greenfield VCF environments only and upgrades for existing VCF deployments will be supported at a later time with a 4.x release.
VCF 4.0 – vSphere with Kubernetes
‘Fastest way to get Kubernetes (K8s) in your enterprise’
With VMware Cloud Foundation 4.0 Kubernetes clusters, containers and VMs can all now be managed from within vCenter server. The concept of a namespace (grouping of resource objects such as VMs and containers into logical applications) which is associated with Kubernetes is integrated into vSphere allowing a vi admin to manage Kubernetes from within vCenter itself.
By leveraging SDDC Manager the following tasks associated with a deploying and managing a vSphere with Kubernetes WLD are automated:
- Create WLD
- Deploy NSX
- Deploy Edge Cluster
- Enable Workload Management
- Lifecycle the Software Stack
During the automated process of deploying the NSX Edge cluster through SDDC manager the capability exists to define profiles, a specific profile exists for the EDGE deployment which is unique to vSphere with Kubernetes to ensure the Edge devices match the requirements of a vSphere with Kubernetes cluster.
Kubernetes – Workload Management deployment: in addition to having a compatible NSX-T based WLD deployed, the Edge cluster needs to be deployed in advance of deploying a ‘Kubernetes – Workload Management’ solution via SDDC Manager. The following are screenshots displaying the process of deploying a Kubernetes – Workload Management solution via SDDC Manager (complements of @ktebear), in this example the vSphere WLD and Edge cluster have already been deployed:
VCF 4.0 – New Security Enhancements
Admin and Operator roles for API and UI:
- Admin Role – All Privileges
- Operator Role – All Privileges with the Exception of: Password Mgmt,
Backup/Restore, User Mgmt
PSC and AD integration available. Enhanced security API via Token Based Authentication. Public API requires Authentication Token
Jointly Engineered Systems
VMware Cloud Foundation 4.0 software will be available as a jointly-engineered, integrated system via Dell EMC VxRail in the near future.