Holodeck Toolkit 1.3 Overview

The VMware Cloud Foundation (VCF) Holodeck Toolkit is designed to provide a scalable, repeatable way to deploy nested Cloud Foundation hands-on environments directly on VMware ESXi hosts. These environments are ideal for multi-team hands on exercises exploring the capabilities of utilitizing VCF to deliver a Customer Managed VMware Cloud.

Delivering labs in a nested environment solves several challenges with delivering hands-on for a  product like VCF, including:  

• Reduced hardware requirements: When operating in a physical environment, VCF requires four vSAN Ready Nodes for the management domain, and additional hosts for adding clusters or workload domains. In a nested environment, the same four to eight hosts are easily virtualized to run on a single ESXi host.   
• Self-contained services: The Holodeck Toolkit configuration provides common infrastructure services, such as NTP, DNS, AD, Certificate Services and DHCP within the environment, removing the need to rely on datacenter provided services during testing.  Each environment needs a single external IP.
• Isolated networking. The Holodeck Toolkit configuration removes the need for VLAN and BGP connections in the customer network early in the testing phase.  
• Isolation between environments. Each Holodeck deployment is completely self-contained. This avoids conflicts with existing network configurations and allows for the deployment of multiple nested environments on same hardware or datacenter with no concerns for overlap. 
• Multiple VCF deployments on a single VMware ESXi host with sufficient capacity. A typical VCF Standard Architecture deployment of four node management domain and four node VI workload domain, plus add on such as VMware vRealize Automation requires approximately 20 CPU cores, 512GB memory and 2.5TB disk.  
• Automation and repeatability. The deployment of nested VCF environments is almost completely hands-off, and easily repeatable using configuration files.  A typical deployment takes less than 3 hours, with less than 15 min keyboard time.

Nested Environment Overview 

The “VLC Holodeck Standard Main 1.3” configuration is a nested VMware Cloud Foundation configuration used as the baseline for several Private Cloud operation and consumption lab exercises created by the Cloud Foundation Technical Marketing team. The Holodeck standard “VLC-Holo-Site-1” is the primary configuration deployed. The optional VLC-Holo-Site-2 can be deployed at any time later within a Pod.  VLC-Holo-Site-1 configuration matches the lab configuration in the VCF Hands-On Lab HOL-2246 and the nested configuration in the VCF Experience program run on the VMware Lab Platform. 

Each Pod on a Holodeck deployment runs an identical nested configuration. A pod can be deployed with a standalone VLC-Holo-Site-1 configuration, or with both VLC-Holo-Site-1 and VLC-Holo-Site-2 configurations active. Separation of the pods and between sites within a pod is handled at the VMware vSphere Standard Switch (VSS) level.  Each Holodeck pod connects to a unique VSS and Port Group per site.    A VMware vSphere Port Group is configured on each VSS and configured as a VLAN trunk.  

• Components on the port group to use VLAN tagging to isolate communications between nested VLANs. This removes the need to have physical VLANs plumbed to the ESXi host to support nested labs.  
• When the Holo-Site-2 configuration is deployed it uses a second VSS and Port Group for isolation from Holo-Site-1  

The VLC Holodeck configuration customizes the VCF Cloud Builder Virtual Machine to provide several support services within the pod to remove the requirement for specific customer side services. A Cloud Builder VM is deployed per Site to provide the following within the pod: 

• DNS (local to Site1 and Site2 within the pod, acts as forwarder) 
• NTP (local to Site1 and Site2 within the pod) 
• DHCP (local to Site1 and Site2 within the pod) 
• L3 TOR for vMotion, vSAN, Management, Host TEP and Edge TEP networks within each site 
• BGP peer from VLC Tier 0 NSX Application Virtual Network (AVN) Edge (Provides connectivity into NSX overlay networks from the lab console)

The figure below shows a logical view of the VLC-Holo-Site-1 configuration within a Holodeck Pod. The Site-1 configuration uses DNS domain vcf.sddc.lab.

 Figure 1: Holodeck Nested Diagram

The Holodeck package also provides a preconfigured Photon OS VM, called “Holo-Router”, that functions as a virtualized router for the base environment. This VM allows for connecting the nested environment to the external world. The Holo-Router is configured to forward any Microsoft Remote Desktop (RDP) traffic to the nested jump host, known as the Holo-Console, which is deployed within the pod.

The user interface to the nested VCF environment is via a Windows Server 2019 “Holo-Console” virtual machine. Holo-Console provides a place to manage the internal nested environment like a system administrators desktop in a datacenter. Holo-Console is used to run the VLC package to deploy the nested VCF instance inside the pod. Holo-Console VM’s are deployed from a custom-built ISO that configures the following 

• Microsoft Windows Server 2019 Desktop Experience with: 

• Active directory domain “vcf.holo.lab” 
• DNS Forwarder to Cloud Builder  
• Certificate Server, Web Enrollment and VMware certificate template 
• RDP enabled 
• IP, Subnet, Gateway, DNS and VLAN configured for deployment as Holo-Console  
• Firewall and IE Enhanced security disabled  
• SDDC Commander custom desktop deployed 
• Additional software packages deployed and configured 

• Google Chrome with Holodeck bookmarks 
• VMware Tools 
• VMware PowerCLI 
• VMware PowerVCF 
• VMware Power Validated Solutions 
• PuTTY SSH client 
• VMware OVFtool 
• Additional software packages copied to Holo-Console for later use 

• VMware Cloud Foundation 4.5 Cloud Builder OVA to C:\CloudBuilder 
• VCF Lab Constructor 4.5.1 with dual site Holodeck configuration
  • VLC-Holo-Site-1 
  • VLC-Holo-Site-2 
• VMware vRealize Automation 8.10 Easy Installer

The figure below shows the virtual machines running on the physical ESXi host to deliver a Holodeck Pod called “Holo-A”. Notice an instance of Holo-Console, Holo-Router, Cloud Builder and four nested ESXi hosts.  They all communicate over the VLC-A-PG Port Group   

Figure 2: Holodeck Nested Hosts

Adding a second site adds an additional instance of Cloud Builder and additional nested ESXi hosts. VLC-Holo-Site-2 connects to the second internal leg of the Holo-Router on VLAN 20. Network access from the Holo-Console to VLC-Holo-Site-2 is via Holo-Router.

The figure below shows a logical view of the VLC-Holo-Site-2 configuration within a Holodeck Pod. The Site-2 configuration uses DNS domain vcf2.sddc.lab

 Figure 3: Holodeck Site-2 Diagram

Accessing the Holodeck Environment

User access to the Holodeck pod is via the Holo-Console.  Access to Holo-Console is available via two paths:

• Microsoft Remote Desktop Protocol (RDP) connection to the external IP of the Holo-Router.  Holo-Router is configured to forward all RDP traffic to the instance of Holo-Console inside the pod.
  • Microsoft Remote Desktop Client for Mac
  • Remote Desktop Client for Windows (via Microsoft Store) 
• Access Holo-Console via ESXi host
  • Browser console (native to vSphere Client)
  • VMware Remote Console (Requires VMware Customer Connect login)

VLC Holodeck Deployment Prerequisites 

• ESXi Host Sizing   

• Good (One pod): Single ESXi host with 16 cores, 384gb memory and 2TB SSD/NVME 
• Better (Two pod): Single ESXi host with 32 cores, 768gb memory and 4TB SSD/NVME 
• Best (Four or more pods):  Single ESXi host with 64+ cores, 2.0TB memory and 10TB SSD/NVME 
• ESXi Host Configuration: 

• vSphere 7.0U3 
• Virtual switch and port group configured with uplinks to customer network/internet  
• Supports stand alone, non vCenter Server managed host and single host cluster managed by a vCenter server instance 
• Multi host clusters are NOT supported
• Holo-Build host 

• Windows 2019 host or VM with local access to ESXI hosts used for Holodeck + internet access to download software. (This package has been tested on Microsoft Windows Server 2019 only) 
• 200GB free disk space 

• Valid login to https://customerconnect.vmware.com  
• Entitlement to VCF 4.5 Enterprise for 8 hosts minimum (16 hosts if planning to test Cloud Foundation Multi region with NSX Federation) 
• License keys for the following VCF 4.5 components
  • VMware Cloud Foundation
  • VMware NSX-T Data Center Enterprise
  • VMware vSAN Enterprise 
  • VMware vSphere Enterprise Plus 
  • VMware vCenter Server (one license)
  • VMware vRealize Suite Advanced or Enterprise
  • Note: This product has been renamed VMware Aria Suite
• External/Customer networks required
  • ESXi host management IP (one per host) 
  • Holo-Router address per pod