Oracle Cloud VMware Solution allows you to create and manage VMware enabled software-defined data centers (SDDCs) in Oracle Cloud Infrastructure.
An Oracle Cloud VMware Solution gives you full access to the features of a VMware SDDC, along with the following benefits:
- High availability: All VMware components are distributed across different fault domains within the Oracle Cloud Infrastructureregion’s availability domains. vSAN converged storage technology replicates data across all of the ESXi hosts in the SDDC.
- Scalability: You can start with 3 ESXi hosts and scale up to 64 hosts in a single SDDC.
- Lift and shift: Migration of on-premises VMware workloads to a Oracle Cloud VMware Solution is seamless.
- Full integration: Because the SDDC resides in a virtual cloud network (VCN), it can be configured to communicate with other Oracle Cloud Infrastructureresources such as compute instances, DB systems and Autonomous Databases, and so on.
- Manageability: The Oracle Cloud InfrastructureConsole provides workflows to facilitate SDDC creation and networking configuration.
- Layer 2 networking: SDDCs are configured with VLANs, which support applications that need layer 2 networking to run in the public cloud.
An Oracle Cloud Infrastructure SDDC base configuration has the following properties:
- From 3 to 64 ESXi hosts on Oracle Cloud Infrastructurebare metal compute instances
- A version of VMware software on each ESXi host
- An subnet and VLANs in an Oracle Cloud InfrastructureVCN
The following shapes are supported for ESXi hosts:
- Two-socket BM.DenseIO2.52 with two CPUs each running 26 cores
- Two-socket BM.DenselO.E4.128 with two CPUs each running 16 cores
- Two-socket BM.DenselO.E4.128 with two CPUs each running 32 cores
- Two-socket BM.DenselO.E4.128 with two CPUs each running 64 cores
See Dense I/O Shapes for more detail.
When you create an SDDC, you can choose to use shielded instances for ESXi hosts. Shielded instances harden the firmware security on ESXi hosts to defend against malicious boot level software. Shielded instances for VMware Solution provide the following features:
- Secure bootchecks the signature of each piece of boot software, including firmware drivers, EFI applications and the operating system. If the signature is valid, the server boots and the firmware gives control to the operating system. If the signature is not found in the valid signatures database, the system will not boot. See the VMware Secure Boot Documentation for more information.
- Trusted Platform Module(TPM) is a computer chip that can securely store artifacts like signatures, certificates and encryption keys used to authenticate the platform. See the VMware TPM Documentation for more information.
If your ESXi hosts are shielded instances, you can use Virtual Trusted Platform Module (vTPM) on your VMs. vTPM is a software representation of a physical TPM that can be used by VMs. See the VMware vTPM Documentation for more information.
Oracle Cloud VMware Solution Architecture
The following diagram shows how the various components of the Oracle Cloud VMware Solution SDDC are deployed on Oracle Cloud Infrastructure bare metal compute instances, and how the solution is integrated into the Oracle Cloud Infrastructure environment.
The diagram shows three ESXi hosts of an SDDC that resides in an Oracle Cloud Infrastructure VCN. The center host shows the installed VMware software components for compute (vSphere), network (NSX-T), and storage (vSAN) support. The NSX overlay manages the flow of traffic between the VMs, and between the VMs and the rest of the resources in the solution. The VCN here includes various gateways that allow connectivity between the SDDC and an on-premises network, the internet, and the Oracle Services Network.
Host Distribution and Availability Domains
To provide for high throughput and low latency, Oracle Cloud VMware solution SDDCs are deployed by default across a minimum of three fault domains within a single availability domain in a region. This architecture provides for low latency, high throughput connections to provide maximum performance and reliability.
If your SDDCs require deployment across multiple availability domains, this option is available at request. There are some considerations and potential limitations in a multi-AD solution:
• A multi-availability domain can prevent data loss in the event of a single AD. If a host is lost in the SDDC, VMs are restarted on an available host in another availability domain.
• Careful consideration must be taken when requesting to provision an SDDC across multiple availability domains. Performance may be impacted given the possibility of increased network latency and storage throughput when compared with a single availability domain deployment.
• As a multi-availability domain SDDC scales upward, demand on the network also grows. Replicating data across hosts in different availability domains impacts such functions as vSAN storage synchronization, and rebuild and resync times. Additional management functions can also impact performance of customer workloads.
• Oracle recommends VMware SDDCs deployed across availability domains within a region do not exceed a maximum of 16 ESXi hosts.
About the VMware Software
Oracle Cloud Infrastructure’s VMware software bundle contains vSphere, vSAN, NSX, vCenter, and HCX components to support compute, storage, and network needs for a fully functional VMware environment.
• vSphere: vSphere is VMware’s virtualization platform for unified management of the SDDC’s CPU, storage, and networking infrastructure. Two key components of vSphere are ESXi hypervisor and vCenter Server.
• NSX-T: NSX-T Data Center provides the SDDC with its virtual networking and security capabilities. The NSX-T deployment includes NSX Manager unified appliances with NSX-T Local Manager and NSX-T Controller, and NSX-T Edge nodes.
• vSAN: Oracle Cloud VMware Solution SDDCs use VMware’s vSAN storage technology, which provides a single shared datastore for compute andx management workloads (VMs).
• HCX: The Hybrid Cloud Extension is an application mobility platform that removes complexity from application and workload migration. HCX is optionally installed as a plug-in when you set up your SDDC. You can choose to install HCX Advanced at no additional cost, or HCX Enterprise as a billed upgrade. See HCX License Types for more information.
The following table shows the available versions of the software bundle, along with the version of each component:
|6.7 update 3||6.7 U3||6.7 U3||3.1.2|
|6.5 update 3||6.5 U3||6.5 U3||3.1.2|
|7.0 update 2||7.0 U2||7.0 U2||3.1.2|
When you provision the SDDC, you select the version of this software bundle to install on the ESXi hosts. You can change the SDDC’s software version later. When you add ESXi hosts to the SDDC, the version of software installed on new hosts is the version currently associated with the SDDC.
HCX License Types
The Hybrid Cloud Extension (HCX) is an application mobility platform that simplifies application migration, workload rebalancing, and business continuity across data centers and clouds. To run HCX, each physical socket at the destination must have at least one license key assigned. The number of on-premises keys provided depends on the HCX license type you choose:
- Advanced License:(No additional cost: Default option)
Includes 3 on-premises connection license keys. Choose this option if you’re migrating a few workloads and are tolerant of application downtime.
- Enterprise License:(Billed upgrade)
Includes 10 on-premises connection license keys. Choose this option if you’re migrating many mission-critical workloads with zero downtime tolerance. HCX Enterprise charges are billed monthly and are independent from host billing intervals. After SDDC provisioning is complete, you can view the HCX Monthly Billing Cycle End Date on the Details page.
After you provision your SDDC, you can change your HCX license type:
- Updgrading to Enterprise:Increases the number of on-premises connection keys issued from 3 to 10. The upgrade work request is initiated immediately. The HCX Enterprise billing cycle begins as soon as the work request is complete.
- Downgrading to Advanced:Decreases the number of on-premises connection keys from 10 to 3. You must specify 3 license keys to retain after the downgrade. The downgrade request remains in a pending state until the HCX Monthly Billing Cycle End Date. You can cancel the downgrade request as long as it is still in a pending