Configuring VCF 3.9 Multi-Instance Management (aka Federation)

One of the cool features that was introduced in VMware Cloud Foundation 3.9 is multi-instance management of VCF. This feature allows you to monitor multiple VCF instances from a single pane of glass. For customers who have SDDC deployed via VCF across regions, it was very difficult task to manage them all from one place. 

To solve this problem, VCF 3.9 introduced concept of Federation.

Federation allows multi VCF instance to connect together for aggregated visibility and ease of management. Customers can now have the ability to view the health of all workloads running across all VCF instances globally. VCF multi-instance enables customers to view their data centers as a single resource pool. The main features of federation are:

  • Connects and pairs multiple VCF private cloud instances.
  • Provides aggregated and site level visibility of connected VCF instances.
  • View and monitor existing utilization, capacity and pending updates of each VCF instances.

Federation offers multiple benefits including:

  • Global visibility into infrastructure.
  • Single pane of glass for management.
  • Automated upgrades of various SDDC instances.
  • Simplified Life-Cycle management of all SDDC instances.

Before diving into configuring the federation, lets understand few key points regarding federation.

  • Federation members communicate with each other via a message bus. Each participant publishes their local data to the message bus and the remaining participants can read this data for global visibility across the federation.
  • Multi-instance management supports both standard and consolidated deployment architectures.
  • As of now multi-instance management supports up to 10 Federation members. 
  • The first member of the Federation is designated as a controller. Up to 3 Federation members can be designated as ‘controllers’ to cater to high availability if a site becomes looses communication with other Federation members
  • SDDC manager users at each site can see every Federation member if they can authenticate to each SDDC Manager.

Port & Protocols Requirements

Following ports/protocols must be opened before configuring federation. 

Lets dive into lab now and walk through steps of configuring VCF Multi-Instance Management.

Login to SDDC Manager and click on the multi-instance management view icon. Look for globe icon on the top left of sddc manager home page. 

Choose to create or join an existing Federation.  I am going to create a new Federation.

Fill up the relevant details and click on Create. 

It takes 2-3 minutes for ‘Creating the federation’ operation to complete. Refer to the screenshots shown below to understand the process. 

Now the federation has been created with a single member in Bangalore.

To create Multi-Instance Management, Click on the Invite Member button to add another existing VCF deployment.

Enter the FQDN of the existing SDDC manager and select to check certificate.

Select the ‘Confirm fingerprint’ checkbox and proceed to next step. 

You then choose if you want to enable high availability. For high availability you need to select 3 sites to be controller nodes.

Note: The first site to be configured in the Federation by default is a controller node. 

On the last screen you will be presented with instructions for adding a new member to the federation. Click on Copy Info button and save the instructions in notepad. 

Click on Done to complete the invite member process. 

Login to SDDC Manager which was invited in previous step and from home page click on the Multi-Instance Management button.

Select to join an existing federation and fill the details and click on check certificate button. 

Select ‘Confirm fingerprint’ checkbox and lick on Join button to add this sddc manager to the federation. 

Again it will take couple of minutes for the process to complete. 

Once the join federation operation completes, you will see all that now there are 2 datacenters showing in SDDC manager. 

Drilling down the screen, you can view the inventory details from both sites.

You can toggle the sddc manager view by clicking on 4 horizontal lines in top right corner. It will show you total capacity across the sites that are part of federation. 

Expand the capacity view to see capacity info etc across each site individually. 

Additional Tips

Federation Logs: Logs related to federation operation are located in directory /var/log/vmware/vcf/pantheon. Look out for the log file with name pantheon-<sddc-manager-fqdn>.log

Federation Service: Service responsible for federation task is named pantheon and service status can be checked by typing command: systemctl status pantheon

Federation API: If you are interested in automating the multi-instance management feature, then look out for the below API’s

Video Demonstration

And that’s it for this post.

I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing:)