barnette08
Expert
Expert

VCF with VVD Plumbing?

Jump to solution

Hey all,

As you probably know, when deploying VCF with Cloud Builder NSX-V deploys controllers and installs vRLI on the VLAN backed portgroup during bring up.  My assumption is that the networking architecture under the covers that should be used is the VVD architecture to allow for multi-region futures.  However, when deploying vRSLCM, VCF only asks for a VLAN and creates a VLAN backed portgroup during deployment and configuration.  So a few questions hopefully you can help answer for me:

1. In the VVD architecture, vRSLCM is put on the cross region VXLAN so that it can perform a site failure.  I've tried editing the portgroup post deployment but it fails during vRLI import.

2.  I've deployed ESGs and UDLRs in the typical VVD fashion but am concerned about how the rest of the workflows will tie into the architecture (vROps and vRA).

3.  In a multi-region scenario, are we saying that there will be a SDDC manager at both sites?

TIA!

0 Kudos
1 Solution

Accepted Solutions
mitevam
VMware Employee
VMware Employee

Hi,

You are right, there is a difference in terms of networking between VCF and VVD cloud builder. Please note that the VLAN which is created for vRSLCM (and used for vRA and vROps later) is equivalent to VVD multi-region network. There is a documentation for VCF Site Recovery - About Site Protection and Recovery for VMware Cloud Foundation and how you could migrate vRealize VMs once you have the networking part done - Migrate vRealize Automation and vRealize Operations Manager to the Cross-Region Application Virtual ...There is a script included in the documentation which should be used for updating VCF inventory accordingly.

Hope that everything listed in the documentation is relevant to your usecase and could unblock you.

View solution in original post

0 Kudos
11 Replies
mitevam
VMware Employee
VMware Employee

Hi,

You are right, there is a difference in terms of networking between VCF and VVD cloud builder. Please note that the VLAN which is created for vRSLCM (and used for vRA and vROps later) is equivalent to VVD multi-region network. There is a documentation for VCF Site Recovery - About Site Protection and Recovery for VMware Cloud Foundation and how you could migrate vRealize VMs once you have the networking part done - Migrate vRealize Automation and vRealize Operations Manager to the Cross-Region Application Virtual ...There is a script included in the documentation which should be used for updating VCF inventory accordingly.

Hope that everything listed in the documentation is relevant to your usecase and could unblock you.

0 Kudos
barnette08
Expert
Expert

Thanks, I'll take a look at the document.  It looks like the VLAN backed portgroup used during deployment of vRSLCM, vROps, and vRA is just the management portgroup (or any other) in that it's just flat - is that what you mean in terms of its equivalency to the xRegion VXLAN?

I assume VCF today doesn't have a concept of the remote collectors and they would need to be deployed later via vRSLCM or manually.

0 Kudos
barnette08
Expert
Expert

It looks like the VLAN backed portgroup used during deployment of vRSLCM, vROps, and vRA is just the management portgroup (or any other) in that it's just flat - is that what you mean in terms of its equivalency to the xRegion VXLAN?

I see what's happening now.  Basically we are creating a temporary physical VLAN backed network and then moving it down into VXLAN so that IPs will not have to change.  That's where I was getting caught up was the idea that IPs would have to change! Smiley Happy

0 Kudos
mitevam
VMware Employee
VMware Employee

I assume VCF today doesn't have a concept of the remote collectors and they would need to be deployed later via vRSLCM or manually.

Yes, you can do that manually. If you already have the VXLANs you can place them in the region-specific VXLAN or you can use VCF management VLAN (SDDC manager uses it for vRA proxy agents deployment and vRLI). Unfortunately, for those VMs IP renumbering is required during the VLAN -> VXLAN migration.

0 Kudos
barnette08
Expert
Expert

So anything deployed manually like vROps collectors and vRA proxy agents aren't VCF aware, which means during a VCF upgrade of those components they wouldn't get upgraded?

0 Kudos
tenthirtyam
VMware Employee
VMware Employee

In fact, they would. Because the Master vROps node recieves the .pak and sends it to all connected nodes. Same for vRA, where the primary node informs the secondaries and IaaS nodes.

It just would not be reflected in the SDDC Manager inventory yet.

-- Ryan Johnson | Staff II Solutions Architect | VCIX-DCV 2020, VCIX-NV 2020, VCAP7-CMA, AWS-CSA, HC:TA, vExpert VMware Inc | CPBU - Solutions Architecture
0 Kudos
barnette08
Expert
Expert

Ah ok, thanks for that clarification Ryan.  I made the incorrect assumption that if it wasn't in inventory it wasn't getting upgraded.  Good stuff thanks again.

0 Kudos
barnette08
Expert
Expert

mitevam and tenthirtyam​, I've noticed that the automated deployment of vRA forces the proxy agent servers to be deployed on the management VLAN, but in the VVD they are deployed to the Region A VXLAN.

Is the recommendation then to keep them as VLAN backed at both sites (proxy servers at site A and site B) and simply not deploy the region specific VXLANs or should they be moved to the region specific VXLAN during the cut over process mentioned in the site recovery doc and will the DB update script that is run account for the change to the proxy servers?

0 Kudos
mitevam
VMware Employee
VMware Employee

Unfortunately, VCF today forces the deployment on management VLAN. You could migrate them to VXLAN later on, the script doesn't make changes regarding the proxy agents, but such changes are also not needed. SDDC manager should be able to operate on vRA without any additional changes.

0 Kudos
barnette08
Expert
Expert

Thanks for the confirmationmitevam

0 Kudos
barnette08
Expert
Expert

So another question is coming to mind the deeper I'm getting into this.  It looks like the recovery plan for VVD is just to ensure that vRA and vROps remain online, so that brings to mind questions about SDDC Manager.

Presumably there is an SDDC Manager at both sites?  If so, how does it deal with the "services" that are being failover over from region A to region B in the GUI?

0 Kudos