Hey hope you are doing fine
1. Since the company has no AD, DC setup, do you think that setting that will be a cleaner way for managing things
vSphere has no AD requirements.
2. The license that we purchased is for 6.x and as the upgrade is possible, do you recommend the fresh installation of VSphere 6.7 or VSphere 7 directly?
Technically I would go for vSphere 6.7 (latest upgrade available) since it has some time in the market, it has been tested and it has it's compatibility tested
vSphere 7 has been released last month and as everything there might be some bug that was skipped during the testing products
Personally speaking and assuming you don't have any VMware experience:
I would go for vSphere 7 since they have reengineered all the vSphere stack and thing work a little bit different now.
3. Can the AD/ DC can reside on one of the ESXi hosts or is it advisable to have it outside the ESXi hosts as we can enable the ESXi authentication can be enabled for AD Users
Yes, ADDC can be Virtual machines (please use windows 2012 r2 or later as they are VM aware and don't take snapshots)
for ESXi authentication, yes you can VMware Knowledge Base
You will need a vCenter
4. We were planning to use the 1G NIC available on board just for the management of the ESXi hosts, 10G network for the VSAN, VMotion and other HA traffic. Can you let us know if that is a good start. Was reading through some documentation and may be I misread that the management interface is the one responsible for the VMotion and other HA, FT traffic.
Do you have 10/40GBe uplink switches?
Also keep in mind that when you are using vSAN the HA traffic goes trough the vSAN interace.
Depending on the size of virtual machines and the amount of virutal machines I would say to use 1Gbe for management and 10Gbe for vMotion
Keeping that in mind
10 Gbe Uplink 0 and 2 - vSAN
10 Gbe Uplink 1 and 3 - vMotion
1 Gbe Uplink 0 and 2 - MGMT
1 Gbe Uplink 1 and 3 - FT
5. Is it advisable to run the production on one of the three hosts, development/ quant related tasks on the other hosts and still be good in terms of managing the resources and provide HA
Please consider the following:
In the provided scenario all the workloads (PROD/DEV/QUANT) would be sharing the same resources, which in case of a DEV Screwup would not be nice.
Keep in mind that in virtual environments all vms share their resources and (sadly) customers tend to overallocate resources causing issues.
Personally I would say no, but it depends on the situation of our company
I can give you the following approaches in case you have to consolidate all the resources in the same cluster
- Separate workloads into resource pools
- Make sure you have a 25% overhead
- Create Affinity Rules for prod vms (IE: the most critical vm should not be with the biggest dev vm)
- Create VM overrides: in case the cluster goes down priorize your Sev 1, sev 2, sev 3, VMs.
6. Is it advisable to use the same cluster and get Horizon license and have VDI on one of the ESXi hosts without affecting the others?
No, i would get a new cluster (add resources) with a separate vCenter so you isolate VDI to a separate fault domain on the vSphere side.
If you have the budget for a test enviroment than use extra Hardware, licenses and go
