Welcome back!!! We are at Part 2 of the blog series on VCF Import Tool where we will onboard a brownfield vSphere deployment to VCF as a VI compute workload domain. In the previous article, we demonstrated the onboarding process to VCF management workload domain with NSX VLAN networking, and I hope you have already checked that out, if not please check it out below:
Part 1 : https://vxplanet.com/2024/07/28/onboarding-brownfield-vsphere-environments-to-vmware-cloud-foundation-part-1-management-workload-domain/
If we check back the earlier article, we already discussed the considerations for onboarding brownfield deployments into the VCF management workload domain. All these considerations still apply to the VI workload domain as well, along with the below inclusions:
- The vCenter server VM of the brownfield vSphere environment should either be co-located on the compute cluster that it manages or can be hosted on the management workload domain. If either is not the case, then the vCenter VM needs to be migrated to the right target in order to comply with the pre-requisites.
- If the vCenter server VM is co-located with the cluster that it manages, the VCF onboarding process will deploy NSX manager nodes on the same cluster.
- If the vCenter server VM is hosted on the management workload cluster, VCF onboarding process will deploy the NSX manager nodes on the management cluster.
Let’s get started:
Table of Contents
- 0.1 Existing brownfield compute vSphere environment walkthrough
- 0.2 Performing Import checks from SDDC manager
- 0.3 Generating NSX deployment specification
- 0.4 Onboarding brownfield vSphere environment as VI workload domain in SDDC manager
- 0.5 Validating the onboarded VI compute workload domain
- 1 Share this:
- 2 Like this:
Existing brownfield compute vSphere environment walkthrough
The existing vSphere compute environment is configured the same way as the management vSphere environment, that we discussed in The compute vSphere environment has three ESXi hosts managed by vCenter vxdc01-vcenter02.vxplanet.int. The environment is running vSphere version 8.0U3
The vCenter server VM is deployed on the management vSphere cluster that was imported to the VCF management workload domain in the previous post.
Similar to the management vSphere environment, the compute vSphere environment is configured with a single VDS with multiple VDS backed port groups for workloads, vSAN and vMotion. It is not prepared with NSX and doesn’t have any NSX backed segments. It also doesn’t have any vSphere standard switches.
The compute cluster VDS “VxDC01-C02-VDS01” has two uplinks and that is consistent across all the ESXi hosts in the cluster.
All the vmkernel ports are configured with static IP addresses, and no DHCP is in place.
The DRS mode of the cluster is set to fully-automated.
We don’t have a stretched vSAN cluster. All the three vSAN nodes are in a single site with no fault domains configured.
and finally, we don’t have workload management (vSphere with Tanzu) enabled.
At this moment, we have reviewed the existing deployment and confirmed that all the pre-requisites are met for a successful VCF import.
Performing Import checks from SDDC manager
We have already uploaded the VCF Import tool to the SDDC manager as part of management workload domain import. Let’s login as user ‘vcf’ and run the import checks against the compute vCenter ‘vxdc01-vcenter02.vxplanet.int’.
Like previously, we see that there are 4 failed checks, reviewing the ‘failed_guardrails_csv’ will give more information about the issue.
These 4 warnings are related to lifecycle manager policy mismatch between the management vCenter and SDDC manager. As per the official documentation below, these warnings can be ignored.
https://docs.vmware.com/en/VMware-Cloud-Foundation/5.2/vcf-admin/GUID-458B6715-3ED6-4423-B093-64B1A2963CC0.html
Remediating the above warnings are optional and will not cause the onboarding process to fail, but if we still want to remediate it, the below settings from vSphere Lifecycle manager can be adjusted as per the recommendations in the csv file.
Generating NSX deployment specification
Deployment of NSX cluster as part of VCF Import process is optional, and can be performed later as a separate procedure. But similar to how we did for management domain import, let’s enable NSX for the compute workload domain import as well.
Because the vCenter server VM of the compute vSphere environment is hosted on the management workload domain, the VCF import process will deploy the NSX management cluster on the management workload domain under the same resource pool as the vCenter VM.
Remember, we already uploaded the VCF bundle for NSX into the SDDC manager, so we don’t need to do this again.
Let’s create the DNS host records for the NSX management cluster for the VI workload domain.
Next, we will define the NSX deployment specification that will be supplied as part of the VCF import process. The json template is available in the official documentation at:
https://docs.vmware.com/en/VMware-Cloud-Foundation/5.2/vcf-admin/GUID-29B000D1-1452-45FC-82FC-02FF24E381BD.html
Onboarding brownfield vSphere environment as VI workload domain in SDDC manager
At this stage, we are all good to run the VCF import tool and start the onboarding of existing brownfield vSphere deployment to the VI workload domain in VCF.
Let’s login to the SDDC manager cli as user ‘vcf’ and run the tool with the ‘import’ option.
As we saw during import checks, we had 4 warnings that can be safely ignored, and we will now acknowledge this to continue.
We see that the three NSX manager appliances are getting deployed on the management cluster (in the management workload domain) in the same resource pool as the vCenter server VM.
and the VCF import operation has succeeded.
Success!!! Our brownfield vSphere management deployment is now a VCF VI workload domain with NSX VLAN networking.
Now let’s restart the SDDC manager services.
Validating the onboarded VI compute workload domain
We will now perform a quick walkthrough of the SDDC manager console and validate the imported VI compute workload domain.
Let’s run prechecks on the VI workload domain for general upgrade readiness and see if we get any critical errors or warnings.
Reviewing the errors mostly show results with missing backup, licenses, incompatibilities etc which are expected as this is a nested home lab.
Now let’s review the NSX deployment for the VI workload domain.
We see that the three node NSX management cluster is deployed successfully on the management workload domain.
The VI workload domain vCenter is added as a compute manager to the NSX cluster.
The compute cluster is prepared for NSX on DVPGs. Imported clusters will not have overlay support currently.
We also see that the workflow has updated the DFW exclusion list in the management workload domain NSX with the management VMs of the imported compute cluster.
Now that’s a wrap!!!
We now have our management and compute brownfield vSphere environments onboarded successfully to VCF with NSX backed networking and thus benefit from the NSX vDefend security offerings on VLAN port groups for the workloads.
We will meet later with a new NSX topic. Stay tuned!!!
I hope the article was informative.
Thanks for reading.
Continue reading? Here are the other parts of this series:
Part 1 : https://vxplanet.com/2024/07/28/onboarding-brownfield-vsphere-environments-to-vmware-cloud-foundation-part-1-management-workload-domain/
![How to Change Menu Color in WordPress [A Visual Guide]](https://matchpage.info/wp-content/uploads/2024/09/how-to-change-menu-color-in-wordpress-a-visual-guide-158.png)
![How to Add Image in WordPress Footer [A Visual Guide]](https://matchpage.info/wp-content/uploads/2024/09/how-to-add-image-in-wordpress-footer-a-visual-guide-284.png)