VMware vSphere 6.

5 : Design and Deploy

Prepared By Eng. Islam Salah

Senior Datacenter Implementation Engineer 2016 VMware Inc. All rights reserved.
Course Objectives
By the end of the course, you should be able to meet the following objectives:

Assess the business and application requirements of the current environment

Understand and apply a framework to a design
Analyze design choices and best-practice recommendations
Design and deploy the core management infrastructure for an enterprise
Design and deploy the virtual data center for an enterprise
Design and deploy the compute infrastructure for an enterprise
Design and deploy the storage and networking infrastructures for an enterprise
Design and deploy virtual machines to run applications in a vSphere
infrastructure
Design and deploy security, management, and recoverability features for an
enterprise
2
You Are Here
Day1 and Day 2
Architecture Overview
Infrastructure Assessment
Day3
Network Infrastructure
Day4
Storage Infrastructure
Day5
Virtual Data Center Infrastructure ( Redundant and HA )
Infrastructure Security
Day6
Infrastructure Manageability
Infrastructure Recoverability
Design Workshop

3
Before we Start Please note
Do you know HCL ??
Do you Know Compatibility Matrix ??
Did you ever hear about Vmware Interoperability matrix ??
If you are Vmware partner !! Do you know the Salesforce ??
You should have the following tools in your ToolBox
Capacity Planning Tools (VMware Capacity Planner - Microsoft Assessment and Planning Toolkit MAP
Ongoing Capacity Management (esxtop vscsiStats )
Performance Benchmarking Tools (Vmmark )
Performance Simulation Tools (Prime97 Iometer - I/O Analyzer Iperf)

4
Design Factors

2016 VMware Inc. All rights reserved. 5

When it comes to Design, Always Consider RAMPS
Design Standards
Recoverability
Backup and recovery of vCenter, PSC, associated VMware solutions, etc

Availability
HA, database clustering, load balancing, etc

Manageability
Windows vs. Appliance (Linux based) vCenter, web client, command line tools, etc

Performance
Virtual machine resources, network speed, storage backend, etc

Security
User roles/permissions, lockdown mode, etc

6
Architecture Overview
8
High-Level VMware vSphere Architectural Overview
VMware vSphere

VMware vCenter Server

Availability Scalability
Manage VMware vSphere vMotion
DRS and DPM
Application VMware vSphere Storage
vMotion Hot Add
Services VMware vSphere High Over
Availability Commitment
VMware vSphere FT
VMware Data Recovery
Content Library

Cluster
Storage Network
vSphere VMFS
VMware Virtual Standard vSwitch
Infrastructure ESXi ESXi ESXi Volumes Distributed vSwitch
Services VMware vSAN VMware NSX
Thin Provisioning VMware vSphere
Network I/O Control
vSphere Storage I/O
Control

9
Physical Resources
VMware ESXi
ESXi 6.5

ESXi is bare metal VMware vSphere

Hypervisor
ESXi installs directly onto the physical
server enabling direct access to all server
resources
ESXi is in control of all CPU, memory, network
and storage resources
Allows for virtual machines to be run at near
native performance, unlike hosted hypervisors
ESXi 6.0 allows
Utilization of up to 576 physical CPUs per host
Utilization of up to 12 TB of RAM per host
Deployment of up to 1024 virtual machines per
host

11
ESXi Architecture

CLI Commands
for Configuration
ESXi Host
And Support

Agentless Agentless
Systems Hardware
Management Monitoring

VMware Common VMware VMware

Management Information Management Management
Framework Model (CIM) Framework Framework

Local Support Console (ESXi Shell)

VMkernel

Network and Storage 12

Components of ESXi
The ESXi architecture comprises the underlying operating system, called the VMkernel, and
processes that run on top of it
VMkernel provides a means for running all processes on the system, including management
applications and agents as well as virtual machines
It has control of all hardware devices on the server and manages resources for the applications
The main processes that run on top of VMkernel are
Direct Console User Interface (DCUI)
Virtual Machine Monitor (VMM)
VMware Agents (hostd, vpxa)
Common Information Model (CIM) System

13
Components of ESXi (cont.)
Direct Console User Interface
Low-level configuration and management interface, accessible through the console of the server, used
primarily for initial basic configuration
Virtual Machine Monitor
Process that provides the execution environment for a virtual machine, as well as a helper process
known as VMX. Each running virtual machine has its own VMM and VMX process
VMware Agents (hostd and vpxa)
Used to enable high-level VMware Infrastructure management from remote applications

Common Information Model System

Interface that enables hardware-level management from remote applications through a set of standard
APIs

14
 ESXi 6.5 System Requirements

When installing or upgrading to ESXi 6.5, ensure that the host meets these minimum hardware
configurations supported by ESXi 6.5 :
Compatible hardware:
Ensure your hardware is compliant on the VMware Compatibility Guide. This includes:
System compatibility - I/O compatibility (Network and HBA cards) - Storage compatibility
Compatible CPU:
Your hosts must have a supported and compatible processor. VMware ESXi 6.5 requires:
A host with 2 or more CPU cores - A 64-bit x86 processor released -To support 64-bit virtual machines,
support for hardware virtualization (Intel VT-x or AMD RVI) must be enabled on x64 CPUs.

Sufficient memory: Your hosts must have at least 4 GB of RAM, 8 GB of RAM is recommended to take
advantage of all features and run virtual machines in a typical production environment.
Sufficient network adapters: Your host has one or more Gigabit or faster Ethernet controllers.

15
 ESXi 6.0 System Requirements
Storage requirements
1 Gigabyte+ boot device: Installing or upgrading to ESXi 6.5 requires a minimum of a 1 GB boot
device.
4 GB extra for scratch partition: When booting from a local disk, a SAN or an iSCSI LUN, a 5.2
GB disk is required to allow for the creation of the VMFS volume and a 4 GB scratch partition on
the boot device.

16
LOOK AT the Architecture Design

17
ESXi Best Practices
For in depth ESXi and other component practices, read the Performance Best Practices Guide
(http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-
perfbest-practices-vsphere6-5-white-paper.pdf or
http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-
perfbest-practices-vsphere6-0-white-paper.pdf)
Always set up the VMware vSphere Syslog Collector (Windows) / VMware Syslog Service
(Appliance) to remotely collect and store the ESXi log files
Always set up the VMware vSphere ESXi Dump Collector Service to allow dumps to be
remotely collected in the case of a VMkernel failure
Ensure that only the firewall ports required by running services are enabled in the Security
profile
Ensure the management network is isolated from the general network (VLAN) to decrease the
attack surface of the hosts
Ensure the management network has redundancy through NIC Teaming or by having multiple
management interfaces
Ensure that the ESXi Shell and SSH connectivity are not permanently enabled
18
Virtual Machines
Virtual Machines
Virtual Machine
The software computer and consumer of
resources that ESXi is in charge of App App App
VMs are containers that can run any almost
Operating System
any operating system and application.
Segregated environment which does not
cross boundaries unless via network or Network /
CPU RAM Disk
otherwise permitted through SDK access Video Cards

Each VM has access to its own resources

Keyboard Mouse SCSI CD / DVD
Controller
VMs generally do not realize that they are
virtualized ESXi Host

20
Virtual Machine Architecture
Virtual machines consist of files stored on a vSphere VMFS or NFS datastore
Configuration file (.vmx)
Swap files (.vswp)
BIOS files (.nvram)
Log files (.log)
Template file (.vmtx)
Raw device map file (<VM_name>-rdm.vmdk)
Disk descriptor file (.vmdk)
Disk data file (VM_name>-flat.vmdk)
Suspend state file (.vmss)
Snapshot data file (.vmsd)
Snapshot state file (.vmsn)
Snapshot disk file (<VM_name>-delta.vmdk)

21
LOOK AT the Architecture Design first

22
Virtual Machine Best Practices
Virtual machines should always run VMware Tools to ensure that the correct drivers are
installed for virtual hardware
Right-size VMs to ensure that they use only required hardware. If VMs are provisioned with an
over-allocation of resources that are not used, ESXi host performance and capacity is reduced
Any devices not being used should be disconnected from VMs (CD-ROM/DVD, floppy, and so
on)
If NUMA is used on ESXi, VMs should be right-sized to the size of the NUMA nodes on the host
to avoid performance loss
VMs should be stored on shared storage to allow for the maximum vSphere vMotion
compatibility and vSphere High Availability configurations in a cluster
Memory/CPU reservations should not be used regularly because they reserve the resource and
can prevent the VMware vSphere Hypervisor from being able to take advantage of over
commitment technologies
VMs partitions should be aligned to the storage array partition alignment
Storage and Network I/O Control can dramatically help VM performance in times of contention

23
VMware vCenter Server
VMware vCenter 6.5
vCenter is the management platform for
vSphere environments
Provides much of the feature set that comes
with vSphere, such as vSphere High
Availability
Also provides SDK access into the
environment for solutions such as VMware
vRealize Automation
vCenter Server is available in two flavors
vCenter for Windows
vCenter Server Appliance
A single vCenter Server running version 6.5
can manage
2000 hosts
25,000 virtual machines

25
vCenter 6.5 Architecture
All services are
In vCenter 6.5, the architecture has changed dramatically compared to 5.x provided from eit
Provided by Platform Services Controllers a
VMware vCenter Single Sign-On
Platform Service
Controller or
License service
vCenter Serve
Lookup service VMware Directory Services
instance
VMware Certificate Authority
Provided by vCenter Server Service
vCenter Server
VMware vSphere Web Client
VMware vSphere Auto Deploy
VMware vSphere ESXi Dump Collector
vSphere Syslog Collector on Windows and vSphere Syslog Service for
VMware vCenter Server Appliance
vSphere Update Manager (included with appliance only)

26
Minimum requirements for the VMware vCenter Server 6.x Appliance

If you are using the VMware vCenter

Server Appliance, beginning with
vSphere 5.x you can download
vCenter Server as a virtual machine
appliance. With the VMware vCenter
Server Appliance, the necessary
components are contained in a pre-
configured virtual machine.
The VMware vCenter Server
Appliance can be deployed only on
hosts that are running ESX/ESXi 5.x
or later.

27
Other Considerations
The VCSA with embedded PSC requires the following hardware resources (disk can be thin
provisioned)Tiny (up to 10 hosts, 100 VMs) 2 CPUs, 10 GB RAM.
Small (up to 100 hosts, 1000 VMs) 4 CPUs, 16 GB RAM.
Medium (up to 400 hosts, 4000 VMs) 8 CPUs, 24 GB RAM.
Large (up to 1000 hosts, 10,000 VMs) 16 CPUs, 32 GB RAM.
X-Large (up to 2000 hosts, 35,000 VMs) 24 CPUs, 48 GB RAM new to v6.5.
Where the PSC is deployed as a separate appliance this requires 2 CPUs, 4 GB RAM, 60 GB
disk.
Environments with ESXi host(s) with more than 512 LUNs and 2048 paths should be sized
large or x-large.

28
VMware vSphere 6.5 Configuration Maximums
VMware Virtual Machine Maximums

Number of vCPU per VM = 128

RAM per VM = 6128 Gb

Virtual NVMa per VM = 4

Virtual NVMe Targets per VM = 128

Virtual NVMe targets per vidrtual SCSi adapter =

15
Video Memory per VM = 2Gb (vSphere 6.0 had
512Mb)
Platform Service Controller (PSC)
Maximum PSCs per vSphere Domain = 10
vCenter Server Maximums Maximum PSCs per site, behind a load balancer =
Hosts per vCenter server = 2000 4
Powered On VMs per vCenter = 25000
Registered VMs per vCenter = 35000
Linked vCenter servers = 10
Number of ESXi hosts per Datacenter = 2000
29
vCenter 6.5 Architecture (cont.)
Two basic architectures are supported as a result of this change
Platform Services Controller is either Embedded or External to vCenter Server
Choosing a mode depends on the size and feature requirements for the environment

Virtual Machine or Server Embedded

External Virtual Machine or Server
Platform Services Platform Services
Controller Platform Services Controller
Controller
Platform Services
Controller

Virtual Machine or Server vCenter Server

vCenter Server

30
vCenter Server 6.5 with an Embedded Platform Services
Controller

Virtual Machine or Server Sufficient for most environments

Platform Services Easiest to maintain and deploy

Controller
Recommended for small environments with
no need for Enhanced Linked Mode

vCenter Server Supports embedded and external database

Available for Windows and vCenter Server

Appliance

31
vCenter Server 6.5 with an External Platform Services Controller

Virtual Machine or Server For larger customers with numerous vCenter

Servers
Platform Services
Reduces infrastructure by sharing Platform
Controller
Services Controller across several vCenter
Servers
Recommended for complex environments
with multiple vCenter Servers
Virtual Machine or Server
Supports embedded and external database

vCenter Server Available for Windows and vCenter Server

Appliance

32
vCenter 6.5 Architecture (cont.)
These architectures are Recommended
Enhanced Linked Mode is a major feature that impacts the architecture
When using Enhanced Linked Mode it is recommended to use an external Platform Service Controller
For details about architectures that VMware recommends and the Implications of using them, see
VMware KB article, List of Recommended topologies for vSphere 6.x (2108548)
(http://kb.vmware.com/kb/2108548)
Virtual Machine or Server Virtual Machine or Server

Virtual Machine or Server

Platform Services Platform Services
Controller Controller

Platform Services
Controller
Virtual Machine or Server

Load Balancer

Virtual Machine or Server Virtual Machine or Server

Virtual Machine or Server Virtual Machine or Server Virtual Machine or Server

vCenter Server vCenter Server

vCenter Server vCenter Server vCenter Server

Enhanced Linked Mode Enhanced Linked Mode

(No High Availability) (With High Availability) 33
vCenter 6.5 Architectures (cont.)
These architectures are Not Recommended
Virtual Machine or Server Virtual Machine or Server Virtual Machine or Server Virtual Machine or Server

Platform Services Platform Services Platform Services

vCenter Server
Controller Controller Controller

vCenter Server vCenter Server vCenter Server

Enhanced Linked Mode Enhanced Linked Mode

(Embedded PSCs) (Embedded PSC with External vCenter)
Virtual Machine or Server Virtual Machine or Server

Platform Services Platform Services

Controller Controller

vCenter Server

Virtual Machine or Server Virtual Machine or Server

vCenter Server vCenter Server

Enhanced Linked Mode

(Embedded PSC linked with External PSC) 34
Deployment Topologies with External Platform Services
Controller Instances and High Availability
To ensure Platform Services Controller high availability in external deployments, you must
install or deploy at least two joined Platform Services Controller instances in your vCenter
Single Sign-On domain. When you use a third-party load balancer, you can ensure an
automatic failover without downtime.
If We dont have a third party Load balancerwe need to do it manually

35
Platform Services Controller Instances Across Two Sites
You can use a third-party load balancer per site to configure Platform Services Controller high
availability with automatic failover for this site

36
vCenter 6.5 Architecture (cont.)
Enhanced Linked Mode has the following maximums
The architecture should also adhere to these maximums to be supported

Description Scalability Maximum

Number of Platform Services Controllers per domain 10

Maximum Platform Services Controllers per vSphere site (behind a single load balancer) 4

Maximum objects in a vSphere domain (users, groups, solution users) 1,000,000

Maximum number of VMware solutions connected to a single Platform Services Controller 10

Maximum number of VMware products/solutions per vSphere domain 10

37
vCenter Architecture vCenter Server Components

Platform Services
Controller (Including
vCenter Single Sign-On)

User vSphere Web Client

Access Microsoft Active
Database Core and VMware
Control VMware HTML5 Directory Domain
Server Distributed vSphere Web Client
Services API
Third-Party
Applications
ESXi Management
Plug-Ins

ESXi hosts

vCenter Server Database

(windows only)
38
vSphere Update Manager Architecture Improvements in vSphere
6.5

vCenter Server Update

6.0 or 6.5 Manager
VCSA 6.5 with
on Windows on Windows Integrated VUM

Additional Windows VM for VUM Integrated and enabled by default

Extra configuration & DB dependency Zero setup; embedded DB

Sizing and latency considerations Scalable and low impact on resources

No inherent backup or failover Leverages VCSA HA and backup

Migration
Support!
39
vCenter Best Practices
Verify that vCenter, the Platform Services Controller, and any database have adequate CPU,
memory, and disk resources available
Verify that the proper inventory size is configured during the installation
Minimize latency between components (vCenter and Platform Services Controller) by
minimizing network hops between components
External databases should be used for large deployments
If using Enhanced Linked Mode, VMware recommends having external Platform Services
Controllers
Verify that DNS is configured and functional for all components
Verify that time is correct on vCenter and all other components in the environment
VMware vSphere Update Manager for Windows should be installed on a separate system if
inventory is large

40
vCenter Best Practices
-The performance of vCenter Server is dependent in large part on the number of managed
entities
-keep to a minimum the number of network hops between the vCenter Server system and the
vCenter Server database.
- network latency between vCenter Server and the hosts it manages can impact the
performance of operations involving those hosts.
- vSphere Web Client Server and the vCenter Inventory Service can be run on the same system
as vCenter Server but, for maximum performance on heavily-loaded vCenter systems, consider
running the vSphere Web Client Server on a separate system.

41
vCenter High Availability
vCenter Architecture Overview
A vCenter HA cluster consists of three vCenter Server Appliance instances. The first instance,
initially used as the Active node, is cloned twice to a Passive node and to a Witness node.
Together, the three nodes provide an active-passive failover solution.
1. Active
1. Runs the active vCenter Server Appliance instance
2. Uses a public IP address for the management interface
3. Uses the vCenter HA network for replication of data to the Passive node.
4. Uses the vCenter HA network to communicate with the Witness node

2. Passive
1. Is initially a clone of the Active node
2. Constantly receives updates from and synchronizes state with the Active node over the vCenter HA
network
3. Automatically takes over the role of the Active node if a failure occurs

3. Witness
1. Is a lightweight clone of the Active node
2. Provides a quorum to protect against a split-brain situations
43
Native vCenter High Availability

vCenter Appliance only

Supports external Platform Services Controller

Two configuration options: Basic & Advanced

Active / Passive with Witness Public IP

vCenter vCenter
DB and File
Required network configuration (Active)
Replication
(Passive)

Private IP Private IP
eth0 public network
eth1 private network (added during configuration)

Automatic failover although the Web Client may Witness

(Passive)

need to re-login

44
vCenter High Availability

45
vCenter HA Hardware and Software Requirements

vCenter HA was introduced with the vCenter Server Appliance 6.5 .

The vCenter deployment size should be at least small, and therefore 4 vCPU 16 GB RAM.
A minimum of three hosts.
The hosts should be running at least ESXi 5.5.
The management network should be configured with a static IP address and reachable FQDN.
SSH should be enabled on the VCSA.
A port group for the HA network is required on each ESXi host.
The HA network must be on a different subnet to the management network.
Network latency between the nodes must be less than 10ms.
vCenter HA is compatible with both embedded deployment model and external PSC.

46