In my previous blog post, we explored VCF Operations and its key components, a foundational topic for understanding the future of VMware Cloud Foundation (VCF). Now, as we continue preparing for the upcoming VCF release, let’s dive into VCF Operations Fleet Management—a new concept that many are still getting familiar with, as it was introduced only a few months ago!
.
Continue reading “VCF Operations Fleet Management: What You Need to Know”VMware Cloud Foundation Operations is the next generation of Aria Operations and tightly integrated with VMware VCF-based private cloud infrastructure. At its core, VCF Operations is an Ops Management tool, but with the next release of VMware Cloud Foundation, VCF Operations will be the focal point for managing and operating the VMware VCF environment. VCF Operations will integrate single sign-on, certificate, password, and lifecycle management(LCM) capabilities. Simply put, it will be the centralized point for configuring the VCF private cloud and will be mainly used, but not limited to, for VCF day-2 operations. In this blog post, we’ll go through the components and architecture of VCF Operations.
If you have experience working with Aria Operations or Aria Operations, then understanding the components and architecture of VCF Operations won’t be hard for you! But don’t worry if you don’t have experience with vROps or Aria Ops! Keep reading this blog post, and you’ll get a better idea.
Continue reading “Introduction to VMware Cloud Foundation (VCF) Operations”In the previous two blog posts, we installed and configured the Microsoft Certificate Service, prepared a certificate template, and configured a service account to follow the least privilege policy. In this blog post, we will bring everything together by integrating the Microsoft CA with VCF’s SDDC Manager and requesting a certificate from the CA for the VCF components.
Connect to the SDDC Manager UI, log in with a privileged user account, and choose the Certificate Authority option on the left panel. Then click on Edit to open the configuration page.
Continue reading “Configure a Microsoft Certificate Authority in SDDC Manager”In the previous blog post, we discussed the installation and initial configuration of Microsoft Certificate Service on a Windows Server and enabled Certificate Web Enrollment on that server. The second step to replacing the default self-signed certificate in VCF is to prepare the Certificate Authority with a new certificate template and assign a service account so that an alternative user can request the certificates instead of the default administrative accounts. With that said, let’s move forward with creating the customized certificate template.
When you request a certificate from a Certificate Authority(CA), the CA lets you choose from its templates store. We must create a template and publish it in the certificate store to create a customized certificate. Open the Certificate Authority snap-in from the CA server’s Administrative Tools to create the customized certificate. If you click Certificate Templates under your CA, you’ll see all the valid certificates in the certificate store.
Continue reading “Prepare Certificate Authority for VCF Certificate Replacement”One standard method of issuing valid certificates to infrastructure software solutions like VMware Cloud Foundation(VCF) is through an internal Microsoft Certificate Authority(CA). Most organizations that use Active Directory(AD) as a directory service also use AD Certificate Services to issue certificates when replacing the self-signed, auto-generated certificates. Even though this service might be installed and running in your infrastructure, this blog post explains how to install and configure it on a Windows Server machine to integrate with VCF infrastructure. After installing and configuring Certificate Authority, we should create a Certificates Template, integrate VCF with this CA, and finally request certificates and replace them through SDDC Manager,
In this post, we will install AD CS on a Windows Server 2022 joined to an Active Directory domain and configure Web Enrollment to allow users to request and retrieve certificates via a web interface.
Continue reading “Installing and Configuring Active Directory Certificate Services (AD CS)”VMware Cloud Foundation(VCF) is VMware’s integrated SDDC platform for private and hybrid cloud infrastructures. This software package integrates VMware’s Compute, Storage and Network Virtualization solutions with a centralized automated lifecycle management tool call SDDC Manager. The core components of VCF are vSphere (Compute), vSAN (Storage) and NSX (Network & Security). VMware vRealize Suite can also be optionally added to VCF to increase the capability of SDDC infrastructure with performance & capacity Management and cloud management. Since VCF 3.8 beside running normal virtual machine workloads, you can also run containers with use of VMware Enterprise PKS.
To start implementing VCF at least seven ESXi hosts is needed, four for Management Workload Domain(WLD) which hosts infrastructure components of SDDC and another three host for running actual infrastructure WLD. These nodes can be vSAN ready nodes or you can take advantage of DellEMC’s VxRAIL platform and run more integrated Hyper-converged(HCI) platform. The Management WLD brought up with use of special virtual appliance call Cloud Builder. This awesome tool brings up four first nodes in management cluster alongside Platform Service Controllers(PSC), vCenter Servers, NSX manager & controllers and vRealize Log Insight. After the initial bring up process VCF infrastructure management will be done through SDDC Manager.
Continue reading “Introduction to VMware Cloud Foundation (VCF)”On January 14th 2020, VMware announced general availability of VMware Cloud Foundation (VCF) 3.9.1. This new release supports new features such as Application Virtual Network (AVN), improvements to Cloud Builder, many resolved issues specially around NSX-T and also BOM updates.
Application Virtual Network (AVN) enables vRealize Suite deployment to use NSX overlay networks in addition to VLAN-backed port groups. New installation of VCF 3.9.1 can use AVNs for vRealize Suite components and if you upgrade VCF from a prior release to 3.9.1 and willing to use AVNs, VMware Support should be contacted. VMware Cloud Builder which is being used for bring-up process of VCF now includes several new workflows and also deployment report of bring-up phase.
Regarding Bill Of Material(BOM), VCF 3.9.1 now supports vSphere and vSAN 6.7 Update 3b which holds many security and bug fixes. If you are using NSX-V in your management or VI workload domains, you can take advantage of NSX-V 6.4.6 and lastly VDI workload domain will also upgraded to Horizon 7.10. Those who are using VCF on VxRAIL, now VxRAIL Manager 4.7.410 is supported with this new release of VCF on VxRail 3.9.1.
You can get more information regarding DellEMC VxRail 4.7.410 in other blogpost.
To get more information you can visit VCF 3.9.9 release notes.