VLC Holodeck Program Overview
The VMware Cloud Foundation Lab Constructor (VLC) Holodeck program is designed to provide VMware partners with a scalable, repeatable way to deliver nested VMware Cloud Foundation (VCF) hands-on environments directly on VMware ESXi hosts. These environments are ideal for rapidly proving how VCF delivers a Cloud Operating Model for customer managed on premises environments. Partners can choose to deliver labs within their demo center, or directly on the customer site. Delivering VCF labs in a nested form factor solves several challenges with delivering hands-on for a datacenter level product like VCF, including:
- Reduced hardware requirements: When operating in a physical environment, VCF requires four vSAN Ready Nodes for the management domain, and additional hosts for adding clusters or workload domains. In a nested environment, this same four to eight hosts are easily virtualized to run on a single ESXi host
- Multiple VCF deployments on a single VMware ESXi host of sufficient capacity. A typical VCF Standard Architecture deployment of four node management domain and four node VI workload domain, plus add on such as VMware vRealize Automation requires approximately 20 CPU cores, 512GB memory and 2.5TB disk.
- Isolated networking. The nested VLC Holodeck configuration removes the need for VLAN and BGP connections in the customer network early in the testing phase.
- Isolation between environments. Each VLC Holodeck deployment is completely self-contained. This avoids conflicts with existing network configurations and allows for the deployment of multiple nested environments with no concerns for overlap.
- Self-contained services: The VLC Holodeck configuration provides common infrastructure services, such as NTP, DNS, and DHCP within the environment, removing the need to rely on datacenter provided services during testing.
- Automation and repeatability. The deployment of nested VCF environments is almost completely hands-off, and easily repeatable using configuration files.
VLC Holodeck Environment
The VLC Holodeck 1.0 package is comprised of several major components:
- VCF Lab Constructor (VLC) 4.5.1 package to fully automate deployment of repeatable nested Cloud Foundation labs on one or more ESXi hosts
- Custom VLC-Holo-Site-1 and VLC-Holo-Site-2 configuration files for VLC supporting multi-site VMware Cloud Foundation deployments.
- Custom VMware Photon OS based Holo-Router to support communications within a nested VCF environment and from within the environment to outside network.
- Custom Microsoft Windows Server 2019 based Holo-Console
- Fully automated Holo-Console ISO generation
- Full deployment and operations guidance for one or more Holodeck servers
- “Always succeed” Holodeck lab set to demonstrate the Cloud Operating Model to multiple teams within the datacenter
- Software defined networking and security with VMware NSX Data Center
- VMware Cloud Foundation based private cloud automation
- Scaling application deployment and monitoring with VMware vRealize
- Workload Migration with VMware HCX
- Application Modernization with VMware Tanzu
- Guidance on modifying the standard Holodeck configuration to deliver partner specific content
VLC is a PowerShell/PowerCLI utility designed to automate the deployment of VMware Cloud Foundation in a nested environment. VLC with the Holodeck configuration automates delivery of a standardized Holodeck “Pod”.
Each Holodeck Pod contains:
- Four node VCF management domain on nested vSAN Ready Nodes
- Optional three additional nested hosts in a workload domain, or second vSphere cluster in the management domain, or just commissioned into inventory.
- NSX fully configured
- AVN/NSX Edge Deployed (recommended)
- Tanzu deployed (optional)
- Cloud Foundation Cloud Builder VM configured to provide DHCP, NTP, DNS, BGP peering and L3 routing within the pod.
VLC can also automate deployment of an optional second VCF instance per pod to provide a VCF multi-site configuration for advanced lab exercises such as NSX Federation, VMware Site Recovery Manager, and VCF with vSAN stretch cluster.
VLC provides the ability to deploy nested environments with a simple GUI based front end, or completely hands-off with a config file and PowerShell command line. Running nested environments can be scaled (adding more nested ESXi hosts) using the expansion pack option of the VLC GUI.
Note: VCF Lab Constructor is not a VMware supported product, it is similar to a “Fling”. Please consider joining the VLC Support slack channel at http://tiny.cc/getVLCSlack to connect with other members of the VLC community. VLC is developed and maintained by Ben Sier (Twitter @datareload and USBenny on #VLCSlack) with assistance from other members of the Cloud Foundation Technical Marketing team
Nested Environment Overview
The “VLC Holodeck Standard” configuration is a nested VMware Cloud Foundation configuration used as the baseline for several Private Cloud operation and consumption lab exercises created by the Cloud Foundation Technical Marketing team. The Holodeck standard “VLC-Holo-Site-1” is the primary configuration deployed. The optional VLC-Holo-Site-2 can be deployed at any time later within a Pod. VLC-Holo-Site-1 configuration matches the lab configuration in the VCF Hands-On Lab HOL-2246 and the nested configuration in the VCF Experience program run on the VMware Lab Platform.
Each Pod on a Holodeck deployment runs an identical nested configuration. A pod can be deployed with a standalone VLC-Holo-Site-1 configuration, or with both VLC-Holo-Site-1 and VLC-Holo-Site-2 configurations active. Separation of the pods and between sites within a pod is handled at the VMware vSphere Standard Switch (VSS) level. Each Holodeck pod connects to a unique VSS and Port Group per site. A VMware vSphere Port Group is configured on each VSS and configured as a VLAN trunk.
- Components on the port group to use VLAN tagging to isolate communications between nested VLANs. This removes the need to have physical VLANs plumbed to the ESXi host to support nested labs.
- When the Holo-Site-2 configuration is deployed it uses a second VSS and Port Group for isolation from Holo-Site-1
The VLC Holodeck configuration customizes the VCF Cloud Builder Virtual Machine to provide several support services within the pod to remove the requirement for specific customer side services. A Cloud Builder VM is deployed per Site to provide the following within the pod:
- DNS (local to Site1 and Site2 within the pod, acts as forwarder)
- NTP (local to Site1 and Site2 within the pod)
- DHCP (local to Site1 and Site2 within the pod)
- L3 TOR for vMotion, vSAN, Management, Host TEP and Edge TEP networks within each site
- BGP peer from VLC Tier 0 NSX Application Virtual Network (AVN) Edge (Provides connectivity into NSX overlay networks from the lab console)
The figure below shows a logical view of the VLC-Holo-Site-1 configuration within a Holodeck Pod. The Site-1 configuration uses DNS domain vcf.sddc.lab and VLAN 10-15
Figure 1: Holodeck Nested Diagram
The Holodeck package also provides a preconfigured Photon OS VM, called “Holo-Router”, that functions as a virtualized router for the base environment. This VM allows for connecting the nested environment to the external world. The Holo-Router is configured to forward any Microsoft Remote Desktop (RDP) traffic to the nested jump host, known as the Holo-Console, which is deployed within the pod.
The user interface to the nested VCF environment is via a Windows Server 2019 “Holo-Console” virtual machine. Holo-Console provides a place to manage the internal nested environment like a system administrators desktop in a datacenter. Holo-Console is used to run the VLC package to deploy the nested VCF instance inside the pod. Holo-Console VM’s are deployed from a custom-built ISO that configures the following
- Microsoft Windows Server 2019 Desktop Experience with:
- Active directory domain “vcf.holo.lab”
- DNS Forwarder to Cloud Builder
- Certificate Server, Web Enrollment and VMware certificate template
- RDP enabled
- IP, Subnet, Gateway, DNS and VLAN configured for deployment as Holo-Console
- Firewall and IE Enhanced security disabled
- SDDC Commander custom desktop deployed
- Additional software packages deployed and configured
- Google Chrome with Holodeck bookmarks
- VMware Tools
- VMware PowerCLI
- VMware PowerVCF
- VMware Power Validated Solutions
- PuTTY SSH client
- VMware OVFtool
- Additional software packages copied to Holo-Console for later use
- VMware Cloud Foundation 4.5 Cloud Builder OVA to C:\CloudBuilder
- VCF Lab Constructor 4.5.1 with dual site Holodeck configuration
- VMware vRealize Automation 8.10 Easy Installer
The figure below shows the virtual machines running on the physical ESXi host to deliver a Holodeck Pod called “Holo-A”. Notice an instance of Holo-Console, Holo-Router, Cloud Builder and four nested ESXi hosts. They all communicate over the VLC-A-PG Port Group
Figure 2: Holodeck Nested Hosts
Adding a second site adds an additional instance of Cloud Builder and additional nested ESXi hosts. VLC-Holo-Site-2 connects to the second internal leg of the Holo-Router on VLAN 20. Network access from the Holo-Console to VLC-Holo-Site-2 is via Holo-Router.
The figure below shows a logical view of the VLC-Holo-Site-2 configuration within a Holodeck Pod. The Site-2 configuration uses DNS domain vcf2.sddc.lab and VLAN 20-25
Figure 3: Holodeck Site-2 Diagram
Accessing the Holodeck Environment
User access to the Holodeck pod is via the Holo-Console. Access to Holo-Console is available via two paths:
- Microsoft Remote Desktop Protocol (RDP) connection to the external IP of the Holo-Router. Holo-Router is configured to forward all RDP traffic to the instance of Holo-Console inside the pod.
- Microsoft Remote Desktop Client for Mac
- Remote Desktop Client for Windows (via Microsoft Store)
- Access Holo-Console via ESXi host
- Browser console (native to vSphere Client)
- VMware Remote Console (Requires VMware Customer Connect login)
VLC Holodeck Deployment Prerequisites
- ESXi Host Sizing
- Good (One pod): Single ESXi host with 16 cores, 384gb memory and 2TB SSD/NVME
- Better (Two pod): Single ESXi host with 32 cores, 768gb memory and 4TB SSD/NVME
- Best (Four or more pods): Single ESXi host with 64+ cores, 2.0TB memory and 10TB SSD/NVME
- ESXi Host Configuration:
- vSphere 7.0U3
- Virtual switch and portgroup configured with uplinks to customer network/internet
- Supports stand alone, non vCenter Server managed host and single host cluster managed by a vCenter server instance
- Multi host clusters are NOT supported in this release due to requiring physical VLAN support
- Holo-Build host
- Windows 2019 host or VM with local access to ESXI hosts used for Holodeck + internet access to download software. (This package has been tested on Microsoft Windows Server 2019 only)
- 200GB free disk space
- Valid login to https://customerconnect.vmware.com
- Entitlement to VCF 4.5 Enterprise for 8 hosts minimum (16 hosts if planning to test Cloud Foundation Multi region with NSX Federation)
- License keys for the following VCF 4.5 components
- VMware Cloud Foundation
- VMware NSX-T Data Center Enterprise
- VMware vSAN Enterprise
- VMware vSphere Enterprise Plus
- VMware vCenter Server (one license)
- VMware vRealize Suite Advanced or Enterprise
- Note: This product has been renamed VMware Aria Suite
- External/Customer networks required
- ESXi host management IP (one per host)
- Holo-Router address per pod
- Software needed (Downloaded to Holo-Build Host)
- Microsoft Server 2019 Desktop Experience (Eval copy with 6 month expiration)
- Latest VMware VMTools package
- Google Chrome Standalone
- Latest VMware PowerCLI zip file
- Latest VMware PowerVCF zip file
- Latest VMware Power Validated Solutions Module zip file
- Latest PuTTY SSH Client MSI
- Latest VMware OVFtool
- Requires VMware CustomerConnect login
- VMware Cloud Foundation 4.5 Cloud Builder OVA
- Requires VMware CustomerConnect login
- Latest VLC holodeck-standard-main zip file
- Includes VCF Lab Constructor, Holo-Router.ova, Holodeck support automation scripts and deployment guides in file holodeck-standard-main.zip
- Notepad ++ 8.4.7
- VMware vRealize Automation 8.10.0 Easy Installer
- Requires VMware CustomerConnect login
- NOTE: This lab is designed to work with VMware vRealize Automation 8.10 only.