Active Directory
Cloud Foundation uses Active Directory (AD) for authentication and authorization to resources. The Active Directory services must be
reachable by the components that are connected to the management and vRealize networks.
You must congure user and group accounts in AD before adding them to the SDDC manager and assigning privileges.
NOTE: If you plan to deploy vRealize Automation, Active Directory services must be available. For more information on AD
conguration, see the vRealize Automation documentation.
Dynamic Host Conguration Protocol
Cloud Foundation uses Dynamic Host Conguration Protocol (DHCP) to automatically congure each VM kernel port of an ESXi host that
is used as a VTEP with an IPv4 address. One DHCP scope must be dened and made available for this purpose.
The DHCP scope that is dened must be large enough to accommodate all the initial and future servers that are used in the Cloud
Foundation solution. Each host requires two IP addresses, one for each VTEP congured.
Domain Name System
During deployment, you must provide the DNS domain information to be used to congure the various components. The root DNS domain
information is required and, optionally, you can also specify subdomain information.
DNS resolution must be available for all the components that are contained within the Cloud Foundation solution, which includes servers,
virtual machines, and any virtual IPs that are used. For more information on the components that are required for DNS resolution before
starting a Cloud Foundation deployment, see Host names and IP addresses.
Ensure that both forward and reverse DNS resolutions are functional for each component before deploying Cloud Foundation or creating
any workload domains.
Network Time Protocol
All components must be synchronized against a common time by using the Network Time Protocol (NTP) on all nodes. Important
components of Cloud Foundation, such as vCenter Single Sign-On (SSO), are sensitive to a time drift between distributed components.
Synchronized time between the various components also assists with troubleshooting.
Requirements for the NTP sources include the following:
• The IP addresses of two NTP sources are provided during the initial deployment.
• The NTP sources must be reachable by all the components in the Cloud Foundation solution.
• Time skew is less than 5 minutes between NTP sources.
Simple Mail Transfer Protocol mail relay (optional)
Certain components of the SDDC, such as vCenter, Log Insight, and vRealize Automation, can send status messages to users by email. To
enable this functionality, a mail relay that does not require user authentication must be available through SMTP. As a best practice, limit the
relay function to the networks allocated for use by Cloud Foundation.
Cloud Foundation and SDDC design considerations
33
To Next Page
Loading...