• Preetam Zare

{Day-01} Learning VMware Cloud Foundation

Updated: Nov 18, 2019

This is not really a blog posts but my personal notes and my progress on VCF product. The way I have started is reading all information from Public available information and putting my thoughts and understanding behind it. Many places I have copies the text and changed the color to gray to let me know it is text from external source. Every blog will have reference section.


VMware Hands On Lab:

VMware Cloud Foundation:

If this is Copy right violation please send me email at and I will simply remove the section or the blogpost. Disclaimer this is purely for learning purpose and not for any commerical purpose.

My glossary on VMware SDDC, VCF

  1. WLD stands for Workload domain.

  2. LCM stands for Life Cycle Manager.

  3. Entire Glossary is available in but I will update as and when I come across.

Today, management domain (I would call it MGMTDOM) is always built with NSX-V. For other WLD you have option of using both NSX-V or NSX-T. vCenter is deployed for every WLD, it goes without saying, it is deployed physical or as a VM in MGMTDOM. For every WLD, NSX manager is also deployed in MGMTDOM and 3 x NSX controllers. Anti-affinity rule between NSX controller is also configured automatically.

Updated 18.11.2019 : NSX controllers are deployed in their respective WLD domain. But do not know yet how it works when we have multiple clusters in WLD. This also break away from traditional NSX architecture where there was separate cluster for NSX Edge.

For the first NSX-T VI Workload Domain in your environment, the workflow deploys an NSX Manager and three NSX controllers in the Management Domain. The workflow also configures an anti-affinity rule between the controller VMs to prevent them from being on the same host for High Availability. All subsequent NSX-T Workload Domains share this NSX-T Manager and Controllers.

NSX Edges are not deployed automatically for an NSX-T VI Workload Domain. You can deploy them manually after the VI Workload Domain is created. Subsequent NSX-T VI Workload Domains share the NSX-T Edges deployed for the first Workload Domain.

Role based access control

Role based access control in SDDC manager is isolated from the vCenter. So, If Jack is SDDC "Cloud Admin" he won't have vCenter administrator credentials.

vRealize Loginsight

By enabling VRI function, all existing and future Workload Domains will be configured with Log Insight at the time of their creation. VRI as clustered solution is deployed. It is full fledged solution. By default, it is monitors MGMTDOM and it can be "With few clicks" can be deployed to managed WLDs.

Life Cycle Management

In VMware Cloud Foundation, the Life Cycle Management (LCM) includes

  1. Automated patching and upgrades for both the SDDC Manager (SDDC Manager and LCM)

  2. VMware software components (vCenter Server, PSC, ESXi, NSX and vSAN).

VCF includes the intelligence to apply updates in correct order, so if there are any pre-requisites required are taken care. This is single most plus point.

NB: As of today vRealize Suite is not directly managed through SDDC manager but instead vRealize Lifecycle manager. This product actually has same principles on which SDDC manager is built. I would keep these two products separate to carry out respective instead of duplicating these functions in SDDC Manager or trying to consolidate these products.

We need VMware account access to repository.

SDDC Manager has been pre-loaded with a patch bundle from the VMware software repository. So you may see a note about signing in with your MyVMware credentials, this can be disregarded. The high level update workflow is described below.


1. Notification of update availability. By default (likeVUM), checks every 24 hours for new updates. You check what is included in the bundle. Before Bundle can be installed, extensive pre-checks are done this includes Space, version check and all those things which will break the upgrade process. 2. Download update bundle. 3. Select update targets and schedule update. You always update MGMTDOM first. Then everything else. After MGMTDOM is done, you can schedule patching/upgrading per WLD. 4. Update is applied to the selected targets at the scheduled time.

Offline LCM (Updated 18.11.2019)

Most of the dark site do not have direct internet connectivity. For these sites, there is solution for do offline Lifecycle management. Here is the process at high level

Here are the steps

  1. You generate marker file on the SDDC Manager Control VM.

  2. This marker file needs to be carried to the internet connected computer

  3. This file is presented to the offline update utility on the internet connected utility

  4. Applicable updates are downloaded and then manually transferred to SDDC manager for automated installation

#SSDC #Learning #VCF


©2019 by virtual2Cloud. Proudly created with