Holo Toolkit 2.0 Overview
VCF Holodeck Toolkit Overview
The VMware Cloud Foundation (VCF) Holodeck Toolkit is designed to provide a scalable, repeatable way to deploy nested Cloud Foundation hands-on environments directly on VMware ESXi hosts. These environments are ideal for multi-team hands on exercises exploring the capabilities of VCF delivering a Customer Managed VMware Cloud.
Delivering VCF labs in a nested form factor solves several challenges with delivering hands-on for a datacenter level product like VCF, including:
- Reduced hardware requirements: When operating in a physical environment, VCF requires four vSAN Ready Nodes for the management domain, and additional hosts for adding clusters or workload domains. In a nested environment, this same four to eight hosts are easily virtualized to run on a single ESXi host
- Self-contained services: The Holodeck Toolkit configuration provides common infrastructure services, such as NTP, DNS, AD, Certificate Services and DHCP within the environment, removing the need to rely on datacenter provided services during testing. Each environment needs a single external IP.
- Isolated networking. The Holodeck Toolkit configuration removes the need for VLAN and BGP connections in the customer network early in the testing phase.
- Isolation between environments. Each Holodeck deployment is completely self-contained. This avoids conflicts with existing network configurations and allows for the deployment of multiple nested environments with no concerns for overlap.
- Multiple VCF deployments on a single VMware ESXi host of sufficient capacity. A typical VCF Standard Architecture deployment of four node management domain and four node VI workload domain, plus add on such as VMware vRealize Automation requires approximately 20 CPU cores, 512GB memory and 2.5TB disk.
- Automation and repeatability. The deployment of nested VCF environments is almost completely hands-off, and easily repeatable using configuration files. A typical deployment takes less than 3 hours, with less than 15 min keyboard time.
Holodeck Toolkit 2.0 Environment
The Holodeck Toolkit 2.0 package is comprised of several major components:
- VCF Lab Constructor (VLC) 5.0 package to fully automate deployment of repeatable nested Cloud Foundation labs on a single ESXi host. This release supports VCF 4.5, 4.5.1 and 5.0
- Custom VLC-Holo-Site-1 and VLC-Holo-Site-2 configuration files for VLC supporting multi-site VMware Cloud Foundation deployments.
- Custom VMware Photon OS based Holo-Router to support communications within a nested VCF environment and from within the environment to outside network.
- Custom Microsoft Windows Server 2019 based Holo-Console
- Fully automated Holo-Console ISO generation
- Full deployment and operations guidance for one or more Holodeck servers
- “Always succeed” Holodeck lab set to demonstrate the Cloud Operating Model to multiple teams within the datacenter
- Software Defined Networking and Security with VMware NSX Data Center
- VMware Cloud Foundation based private cloud automation
- Scaling application deployment and monitoring with VMware vRealize Automation
- Workload Migration with VMware HCX
- Application Modernization with VMware Tanzu
VCF Lab Constructor Overview
VLC is a PowerShell/PowerCLI utility designed to automate the deployment of VMware Cloud Foundation in a nested environment. VLC used with the Holodeck configuration automates delivery of a standardized Holodeck environment “Pod”.
Each Holodeck Pod contains:
- Four node VCF management domain on nested vSAN Ready Nodes
- Optional three additional nested hosts in a workload domain, or second vSphere cluster in the management domain, or just commissioned into inventory.
- NSX fully configured
- AVN/NSX Edge Deployed (recommended)
- Tanzu deployed (optional)
- Cloud Foundation Cloud Builder VM configured to provide DHCP, NTP, DNS, BGP peering and L3 routing within the pod.
VLC can also automate deployment of an optional second VCF instance per pod to provide a VCF multi-site configuration for advanced lab exercises such as NSX Federation, VMware Site Recovery Manager, and VCF with vSAN stretch cluster.
VLC provides the ability to deploy nested environments with a simple GUI based front end, or completely hands-off with a config file and PowerShell command line. Running nested environments can be scaled (adding more nested ESXi hosts) using the expansion pack option of the VLC GUI.
Note: VCF Lab Constructor is not a VMware supported product, it is similar to a “Fling”. Please consider joining the VLC Support slack channel at http://tiny.cc/getVLCSlack to connect with other members of the VLC community. VLC is developed and maintained by Ben Sier (Twitter @datareload and USBenny on #VLCSlack) with assistance from other members of the Cloud Foundation Technical Marketing team
Nested Environment Overview
The “VLC Holodeck Standard” configuration is a nested VMware Cloud Foundation configuration used as the baseline for several Private Cloud operation and consumption lab exercises created by the Cloud Foundation Technical Marketing team. The Holodeck standard “VLC-Holo-Site-1” is the primary configuration deployed. The optional VLC-Holo-Site-2 can be deployed at any time later within a Pod. VLC-Holo-Site-1 configuration matches the lab configuration in the VCF Hands-On Lab HOL-2246 and the nested configuration in the VCF Experience program run on the VMware Lab Platform.
Each Pod on a Holodeck deployment runs an identical nested configuration. A pod can be deployed with a standalone VLC-Holo-Site-1 configuration, or with both VLC-Holo-Site-1 and VLC-Holo-Site-2 configurations active. Separation of the pods and between sites within a pod is handled at the VMware vSphere Standard Switch (VSS) level. Each Holodeck pod is configured with a unique VSS per site. A VMware vSphere Port Group is configured on each VSS and configured as a VLAN trunk.
- Components on the port group to use VLAN tagging to isolate communications between nested VLANs. This removes the need to have physical VLANs plumbed to the ESXi host to support nested labs.
- When the Holo-Site-2 configuration is deployed it uses a second VSS and Port Group for isolation from Holo-Site-1
The VLC Holodeck configuration customizes the VCF Cloud Builder Virtual Machine to provide several support services within the pod to remove the requirement for specific customer side services. A Cloud Builder VM is deployed per Site to provide the following within the pod:
- DNS (local to Site1 and Site2 within the pod, acts as forwarder)
- NTP (local to Site1 and Site2 within the pod)
- DHCP (local to Site1 and Site2 within the pod)
- L3 TOR for vMotion, vSAN, Management, Host TEP and Edge TEP networks within each site
- BGP peer from VLC Tier 0 NSX Application Virtual Network (AVN) Edge (Provides connectivity into NSX overlay networks from the lab console)
The figure below shows a logical view of the VLC-Holo-Site-1 configuration within a Holodeck Pod. The Site-1 configuration uses DNS domain vcf.sddc.lab and VLAN 10-15
Figure 1: Holodeck Nested Diagram
The Holodeck package also provides a preconfigured Photon OS VM, called “Holo-Router”, that functions as a virtualized router for the base environment. This VM allows for connecting the nested environment to the external world. The Holo-Router is configured to forward any Microsoft Remote Desktop (RDP) traffic to the nested jump host, known as the Holo-Console, which is deployed within the pod.
The user interface to the nested VCF environment is via a Windows Server 2019 “Holo-Console” virtual machine. Holo-Console provides a place to manage the internal nested environment like a system administrators desktop in a datacenter. Holo-Console is used to run the VLC package to deploy the nested VCF instance inside the pod. Holo-Console VM’s are deployed from a custom-built ISO that configures the following
- Microsoft Windows Server 2019 Desktop Experience with:
- Active directory domain “vcf.holo.lab”
- DNS Forwarder to Cloud Builder
- Certificate Server, Web Enrollment and VMware certificate template
- RDP enabled
- IP, Subnet, Gateway, DNS and VLAN configured for deployment as Holo-Console
- Firewall and IE Enhanced security disabled
- SDDC Commander custom desktop deployed
- Additional software packages deployed and configured
- Google Chrome with Holodeck bookmarks
- VMware Tools
- VMware PowerCLI
- VMware PowerVCF
- VMware Power Validated Solutions
- PuTTY SSH client
- VMware OVFtool
- Additional software packages copied to Holo-Console for later use
- VMware Cloud Foundation Cloud Builder OVA to C:\CloudBuilder
- VCF Lab Constructor 5.0 with dual site Holodeck configuration
- VMware vRealize Automation 8.10 Easy Installer
The figure below shows the virtual machines running on the physical ESXi host to deliver a Holodeck Pod called “Holo-A”. Notice an instance of Holo-Console, Holo-Router, Cloud Builder and four nested ESXi hosts. They all communicate over the VLC-A-PG Port Group
Figure 2: Holodeck Nested Hosts
Adding a second site adds an additional instance of Cloud Builder and additional nested ESXi hosts. VLC-Holo-Site-2 connects to the second internal leg of the Holo-Router on VLAN 20. Network access from the Holo-Console to VLC-Holo-Site-2 is via Holo-Router.
The figure below shows a logical view of the VLC-Holo-Site-2 configuration within a Holodeck Pod. The Site-2 configuration uses DNS domain vcf2.sddc.lab and VLAN 20-25
Figure 3: Holodeck Site-2 Diagram
Accessing the Holodeck Environment
User access to the Holodeck pod is via the Holo-Console. Access to Holo-Console is available via two paths:
- Microsoft Remote Desktop Protocol (RDP) connection to the external IP of the Holo-Router. Holo-Router is configured to forward all RDP traffic to the instance of Holo-Console inside the pod.
- Access Holo-Console via ESXi host
VLC Holodeck Deployment Prerequisites
- ESXi Host Sizing
- Good (One pod): Single ESXi host with 16 cores, 384gb memory and 2TB SSD/NVME
- Better (Two pod): Single ESXi host with 32 cores, 1024gb memory and 4TB SSD/NVME
- Best (Four or more pods): Single ESXi host with 64+ cores, 2.0TB memory and 10TB SSD/NVME
- ESXi Host Configuration:
- vSphere 7.0U3 or 8.0
- Virtual switch and port group configured with uplinks to customer network/internet
- Supports stand alone, non vCenter Server managed host and single host cluster managed by a vCenter server instance
- Multi host clusters are NOT supported in this release due to requiring physical VLAN support
- Holo-Build host
- Windows 2019 host or VM with local access to ESXI hosts used for Holodeck + internet access to download software. (This package has been tested on Microsoft Windows Server 2019 only)
- 200GB free disk space
- Valid login to https://customerconnect.vmware.com
- Entitlement to VCF 4.5 or 5.0 Enterprise for 8 hosts minimum (16 hosts if planning to test Cloud Foundation Multi region with NSX Federation)
- License keys for the following VCF 4.5 or 5.0 components (At this time the Holodeck Toolkit does not support subscription licensing)
- VMware Cloud Foundation
- VMware NSX-T Data Center Enterprise
- VMware vSAN Enterprise
- VMware vSphere Enterprise Plus
- VMware vCenter Server (one license)
- VMware vRealize Suite Advanced or Enterprise
- Note: This product has been renamed VMware Aria Suite
- External/Customer networks required
- ESXi host management IP (one per host)
- Holo-Router address per pod
- Software needed (Links and instructions in )
- Microsoft Server 2019 Desktop Experience (Eval copy with 6 month expiration)
- Latest VMware VMTools package
- Google Chrome Standalone
- Latest VMware PowerCLI zip file
- Latest VMware PowerVCF zip file
- Latest VMware Power Validated Solutions Module zip file
- Latest PuTTY SSH Client MSI
- Latest VMware OVFtool
- Requires VMware CustomerConnect login
- VMware Cloud Foundation 4.5 or 5.0 Cloud Builder OVA
- Requires VMware CustomerConnect login
- VLC holodeck-standard-main zip file
- Includes VCF Lab Constructor, Holo-Router.ova, Holodeck support automation scripts and deployment guides in file holodeck-standard-main.zip
- Notepad ++ 8.4.7
- VMware vRealize Automation 8.11.2 Easy Installer
- Requires VMware CustomerConnect login
- NOTE: This lab is designed to work with VMware vRealize Automation 8.11.2 only.