Hi all,
I am currently working on the evolution of our infrastructure
We have our prod that runs on a 6 hosts cluster.
We are going to change our old HyperV cluster by a vSphere one (6 hosts also)
I have one question concerning the management. We split the clusters for capacity reservation and to be sure non prod env won't impact prod but there is also a question of security
We use the vCenter appliance and I know we can manage both clusters in one vCenter
Our authentication is AD integrated and we have 2 ADs (one prod and one nonprod)
What are the best practice ? should we use 1 or 2 vCenter ?
I tried to look for info online but I found nothing relevant
Thanks in advance
Fabrice
1 vCenter standard license is enough to managed both cluster. However, if you have security compliance concern in your company then would suggest to 2 vCenter one for prod and another for non-prod. Refer VMware Blog for better understanding of vCenter license edition. https://blogs.vmware.com/vsphere/2018/10/vcenter-server-licensing-options.html
you can use Once vCenter and configure both domains as identity sources.
then you can give permissions to the non-prod domain only to the non-prod cluster (and the same for the prod domain and prod cluster).
Please note, you should use separate vDS and separate storage arrays/vSAN clusters.
Also, please note the vCenter Appliance should be treated as prod. If you want complete segregation of duties on the VMs you should have separate vCenters, but that's up to you and management.
There is no right or wrong. For a easier Living and saving some $$$ i suggest to use only one vCenter installation for your different DataCenter/Cluster.
If you use 2 vCenters you also can use the Enhanced Linked mode so that both vCenters a bind together and only one Browser windows is needed to see the complete environment.
Regards,
Joerg