VCF 9.0.2 Lab
15 guides
expand_more
VCF 9.0.2 Lab
15 guidesLab Environment Overview
At-a-glance reference for the entire pgnet.io lab: 3-node consolidated VCF 9.0.2 cluster on AMD Ryzen hardware, 11-VLAN network schedule, full service inventory with FQDNs and IPs, DNS/identity strategy with BIND 9 and Active Directory, and links to every detailed guide.
Architecture & Planning
Pre-deployment planning for a 3-node consolidated VCF 9.0.2 cluster. Covers hardware BOM, lab-specific workarounds (vSAN ESA Mock VIB, AMD Ryzen), VLAN schedule across 11 networks, full DNS validation table, and identity strategy using BIND 9 with AD forwarding.
Infrastructure Preparation
Physical switch config for jumbo frames and VLAN trunking, then automated ESXi bootstrapping via Kickstart — disk wipe, OS install, vmk0 networking, SSH hardening, Memory Tiering, vSAN ESA Mock VIB, and AMD Ryzen workarounds across all three hosts.
Deployment (Bring-Up)
Deploy the SDDC Manager OVA then run the VCF bring-up wizard: depot connection, deployment spec (hosts, vSAN ESA, NSX, network profiles), full JSON config reference, and troubleshooting commands for DNS, NTP, and MTU validation.
Post-Deployment: Identity & SSO
Configure the AD identity source over LDAPS, create the embedded identity broker SSO domain, map AD groups to VCF roles, and assign administrator access across vCenter, NSX Manager, and VCF Operations.
Post-Deployment: Certificates
Register the Microsoft CA in Fleet Manager, generate CSRs for SDDC Manager, vCenter, and NSX, submit to the CA, import signed certs, and run the Replace Certificates workflow to propagate trust.
Post-Deployment: Networking (BGP & NSX Edge)
Configure FRR BGP on the physical router, deploy two NSX Edge nodes via the VPC wizard, set TEP pool, configure the Tier-0 Gateway with BGP ASN 65001, and wire up dual uplinks on both pgen1 and pgen2.
Post-Deployment: Supervisor Deployment
Deploy the Supervisor cluster from vCenter using VCF Networking, configure management network, vSAN storage policy, NSX VPC settings, and validate the Supervisor API endpoint — prerequisite for all VKS workloads.
Post-Deployment: Lab Features
Lab-only extras — enable root SSH on SDDC Manager via the vcf.sddc-root Salt state, and register a secondary vSphere cluster as a lifecycle deployment target to free up VCF domain resources.
Operations
Early operations notes: alert policy configuration, suppression of expected non-redundancy warnings, and placeholder sections for ongoing alerting as the environment matures.
Logs Deployment & Use
Deploy VCF Operations for Logs from SDDC Manager, configure DNS/NTP/identity prerequisites, set up SSO, then configure log forwarding for vCenter, ESXi, NSX Manager, and SDDC Manager.
Automation
Initial VCF Automation setup: SSO via embedded Identity Broker, certificate standardisation, organisation and project config, capacity and networking quick start, and connectivity validation. Tenancy and VPC provisioning noted as ongoing.
NSX & Network Operations
NSX Day 2 ops and VCF Operations for Networks onboarding — platform and collector appliance connection, identity config, BGP peering validation, and collector health checks. Requires BGP and NSX healthy from Part 4.
VKS & Supervisor Services
Deploy the full Supervisor services stack: VCF CLI context, Local Consumption Interface, Contour ingress, CA Cluster Issuer via cert-manager, Harbor with CA-issued TLS, and Argo CD operator — with ordered CLI and vCenter steps.
Appendices
Reference appendices: FRR BGP config for the UDM router, full ESXi Kickstart script with all lab workarounds, SDDC Manager bring-up JSON, and an appliance credentials reference for all VCF component FQDNs.
Individual Guides
Salt
SaltStack integration — deploying the Salt master, configuring minions, and automating configuration management.
Windows AD Deployment
Deploying Windows Server, promoting to domain controller, and integrating Active Directory with the VCF stack.