VMware Cloud Foundation 9 overview
VCF ARCHITECTUREVCF NETWORKINGVCF VSAN
VCF CORE ARCHITECTURE
Unified SDDC Platform
VCF integrates compute (vSphere), storage (vSAN), networking (NSX), and cloud management (Aria Operations and automation) into a cohesive, interoperable stack.
Modular Automation
Automated deployment and lifecycle management streamline operations while ensuring seamless updates and consistent configurations across components.
Hybrid-Ready Layers
Layered design supports private and hybrid clouds, accelerating application deployment and enabling scalable, enterprise-grade infrastructure.
STORAGE
VCF 9 introduces the option of using NFS and FC storage for the management domain which is a game changer for a large number of clients who prefer to use a dedicated SAN array rather than vSAN. This change means that customers who previously did not onboard onto VCF due to this reason may now reconsider this.
In previous versions of VCF, vSAN was the only option for the management domain.
NETWORK VIRTUALISATION
VCF 9 brings in new concepts and features such as VPC (Virtual Private Cloud’s) which is a powerful concept that allows self service of network segments along with multi-tenancy/segregation of different consumers within an organisation.
The networking for K8s has been simplified compared to previous versions of VCF where specific T0’s had to be deployed for K8s.
VCF 5.2 vs VCF 9 APPLIANCE MAPPINGS
Below is an appliance mapping for VCF 5.2 to version 9 to help you understand the changes in VCF 9.
SUPERVISOR SERVICES
In VCF 9, there has been a shift towards focusing on modern application workloads and cloud native applications with automation alongside running your traditional VM workloads.
MUTLI-SITE ARCHITECTURE
VCF 9 introduces a powerful features such as fleets, regions and instances:
Instance – a VCF instance comprises of a management and workload domain with all components as show in the diagram. You can manage multiple instances through fleet management which is a new feature in VCF 9. This is powerful especially in a multi-tenancy environment where management is all done through a single user interface.
Region – A region is a geographical separate of sites to account for disaster recovery planning.
Fleet - a single fleet can comprise of multiple VCF instances sharing the same VCF Automation and Operations allowing multiple VCF instances to hook into VCF automation and Operations.
The image below shows a multi-site architecture setup between 3 different regions, a single VCF fleet and multiple instances using vSAN stretched clusters along with vSphere replication between sites that are further away gegraphically.
VIRTUAL PRIVATE CLOUDS
VPC model is adapted to large multi-tenant environments and provides a self-service consumption model that makes it simple to use.
VPC’s can be created via vCenter, VCF Automation or NSX manager.
What is a VPC?
•A virtual private cloud is a secure, isolated virtual network within your private cloud environment.
•It is similar to what you see in public clouds like AWS or Azure, but now available in your datacenter with VCF 9.0.
Why are VPC’s important?
•VPC’s give each team or project their own private network space, so they can work independently and securely.
•VPC’s can be managed by cloud admins, project admins or even users with the right permissions.
The below image shows the difference between a legacy vSphere deployment without any network virtualisation ("vShpere Model"), then shows how a deployment looks like using the "NSX Model" which refers to NSX-T and NSX on VCF 5.2 and then shows the "VPC Model" which is new to VCF 9 and brings in the concept of self-service networking.
TRANSIT GATEWAYS
VCF9 introduces the concept of transit gateways, which is a medium to interconnect VPC’s within a project and provides external connectivity upstream, essentially providing routing between VPCs and externally.
The external connection needs to be defined prior to defining the project and the transit gateway.
Previously this would have been tier 1 gateways for the VPC gateway and tier 0’s for the transit gateway, however it has been simplified and automated so that it does not require any advanced configuration.
