Infrastructure management design
Infrastructure management refers to the components that are managing the VMware® infrastructure. The VMware vCenter Server® appliance is the centralized platform for managing VMware vSphere® environments and is one of the fundamental components in this solution.
The vCenter Server appliance is assigned the default SSO domain of vsphere.local
.
vCenter Server design
The vCenter Server appliance is installed on a portable subnet on the private VLAN that is associated with management VMs. Its default gateway is set to the IP address assigned on the BCR for that particular subnet. The virtual appliance is configured with the specifications in the following table.
Attribute | Specification |
---|---|
vCenter Server | Virtual appliance |
Appliance installation size | Medium (up to 400 hosts or 4,000 VMs) |
Platform Services Controller | Integrated |
Number of vCPUs | 8 |
Memory | 28 GB |
Disk | 700 GB on local datastore (Large disk deployment) |
Disk type | Thin provisioned |
vCenter Server database
The vCenter Server configuration uses a local, embedded PostgreSQL database that is included with the appliance. The embedded database is used to remove any dependencies on external databases and licensing.
vCenter Server cluster specification
With this design, you can cluster the vSphere ESXi® hosts that are provisioned through the solution. However, before clusters can be created a data center object is created that signifies the location of the vSphere ESXi hosts and the pod within the data center. A cluster is created after the data center object is created. The cluster is deployed with VMware vSphere High Availability (HA) and VMware vSphere Distributed Resource Scheduler (DRS) enabled.
vSphere Distributed Resource Scheduler
This design uses vSphere Distributed Resource Scheduling (DRS) in the initial cluster to place VMs and uses DRS in additional clusters to dynamically migrate VMs to achieve balanced clusters. The automation level is set to fully automated so that initial placement and migration recommendations are run automatically by vSphere. Additionally, the migration threshold is set to moderate so that vCenter applies priority 1, 2, 3 recommendations to achieve at least a decent improvement in the load balance of the cluster.
Power management through the Distributed Power Management feature is not used in this design.
vSphere High Availability
This design uses vSphere High Availability (HA) in the initial cluster and in the additional clusters to detect compute failures and recover VMs that run in a cluster. The vSphere HA feature in this design is configured with both the Host Monitoring and Admission Control options that are enabled in the cluster. Additionally, the initial cluster reserves one node’s resources as spare capacity for the admission control policy.
You are responsible for adjusting the admission control policy when the cluster is later expanded or contracted.
By default, the VM restart priority option is set to medium and the Host isolation response option is disabled. Additionally, VM monitoring is disabled and the Datastore Heartbeating feature is configured to include any of the cluster data stores. This approach uses the NAS data stores if they are present.
Enhanced vMotion compatibility
To simplify vMotion compatibility across cluster nodes with potentially differing CPU capabilities, Enhanced vMotion Compatibility (EVC) mode is enabled at the highest available level that is supported by the vSphere version. This setting ensures vMotion compatibility across cluster nodes when newer processors arrive within IBM Cloud® inventory. The setting allows for cluster expansion in the future if the original processor is no longer in inventory. An exception to this rule is that EVC mode is not set for a management cluster with Intel® Cascade Lake processors where Cascade Lake EVC is not supported by the vSphere version.
IBM CloudDriver
The cornerstone to these solutions is automation. Automation reduces the complexity of deployment, drastically reduces deployment time, and ensures the VMware instance is deployed in a consistent manner.
IBM CloudDriver is an ephemeral IBM Cloud VM virtual server instance (VSI), which is deployed as needed for initial deployment and for Day 2 operations such as adding hosts, clusters, or add-on services to your VMware instance. CloudDriver is deleted when the all current processes are completed.
CloudDriver is deployed only on the private network that connects to the IBM management plane over a private message queue. They are IBM-developed components, are not user accessible, and have the following attributes and functions:
- Deployment and configuration of the VMware Cloud Foundation for Classic - Automated instance within the user account.
- Add and remove hosts from the Automated clusters.
- Add and remove clusters from Automated instances.
- Add and remove add-on services or functions to Automated instances.
Automation flow
The following flow describes the order of events when you use the IBM Cloud for VMware Solutions console to order a VMware instance:
- Ordering VLANs and subnets for networking from IBM Cloud.
- Ordering IBM Cloud bare metal servers with vSphere Hypervisor installed.
- Ordering of Microsoft® Windows® VSI to serve as the Active Directory™ domain controller.
- Deployment of the Cloud Driver VSI.
- Validation of the networking and deployed hardware.
- If applicable, the initial configuration of the single node vSAN.
- Deployment and configuration of vCenter and NSX.
- Clustering of remaining ESXi nodes, expansion of vSAN if applicable, and configuration of NSX components (VTEP).
- Validating the installation and configuration of the environment.
- Deployment of optional services, such as backup server and storage.
- Removal of the Cloud Driver VSI.
IDs and passwords
IBM Cloud for VMware Solutions automation retains a set of user IDs and passwords encrypted within the IBM Cloud management plane. Automation user IDs are separate from the user IDs displayed in the IBM Cloud for VMware Solutions console and which are reserved for your use.
Change these passwords and use your own password information management (PIM) system to store and manage these passwords. You cannot change or disable the passwords that are used by automation without disrupting the automation. For more information, see IBM user IDs.