Hi,
In each of our datacenters today we have a separate 4 node management cluster to hold our vcenters, nsx managers, domain controllers etc for that site. The hosts in these clusters deliberately do not have NSX agents installed to 100% guarantee we don’t fat finger DFW rules etc, have standard switching (to remove all VDS / vCenter dependancies), run on seperate compute infrastructure etc, but the vcenter / vcsa appliance managing this cluster is the same vcenter that’s managing all other clusters - ie compute clusters.
Now that we’ve started to dip our toe in the Auto Deploy waters (stateful installs at this stage), I’ve been reading that best practice is to have a separate vcenter + sso domain to manage the management cluster....
Do you all subscribe to this theory? Or is this advice old? Noticed the v6.5+ vCenter HA deployment automation (basic mode) relies on the vcenter / vcsa you’re enabling it on to be in the same management plane. I doubt this is an indication of what is considered ‘modern best practice’, but thought it interesting that it would be a promoted deployment model, because it assumes you’re not following what I’ve read is ‘best practice’ elsewhere in auto deploy design docs.
What are your thoughts? Separate management vcenter to manage the management cluster, or it’s fine to use the same for mgmt+compute? Or do you only consider separating the vcenters if you’re using auto deploy?
Interested to hear from those who run medium - large vsphere environments and have had similar design debates.
Thanks.
