VCP Foundation Objective 1.1 Identify vSphere Architecture and Solutions

This is the start of the series digging into the blueprint for the VCP Foundation Exam. This post will deal with “Objective 1.1 Identify vSphere Architecture and Solutions for a given use case”. Let’s get started.

Identify available vSphere editions and features

There are essentially 11 editions of vSphere available today, although the comparison on the website only lists 10, and it is debatable if the last one I have included here should be considered part of vSphere at all. I’ve included it though, because it is the base on which the rest is built, and it’s good to know it exists. There are a lot of acronyms in this table, most of them we will dig into later

vSphere Edition Description
Standard The base vSphere edition: vMotion, svMotion, HA, DP, FT, vShield Endpoint, vSphere Replication, Hot Add, vVols,Storage Policy Based Management, Content Library, Storage APIs
Enterprise Standard plus: Reliable Memory, Big data extensions, virtual serial port concentrator, DRS, SRM
Enterprise Plus Enterprise plus: sDRS, SIOC, NIOC, SR-IOV, flash read cache, NVIDIA Grid vGPU, dvSwitch, host profiles, auto deploy
Standard with Operations Management Standard plus: Operations Visibility and Management, Performance Monitoring and Predictive Analytics, Capacity Management and Optimization, Change, Configuration and Compliance Management, including vSphere Security Hardening
Enterprise with Operations Management Enterprise plus: Operations Visibility and Management, Performance Monitoring and Predictive Analytics, Capacity Management and Optimization, Change, Configuration and Compliance Management, including vSphere Security Hardening
Enterprise Plus with Operations Management Enterprise Plus plus: Operations Visibility and Management, Performance Monitoring and Predictive Analytics, Capacity Management and Optimization, Change, Configuration and Compliance Management, including vSphere Security Hardening
Remote office/Branch Office Standard Adds VM capacity into existing Std, Ent, Ent+ system. Packs of 25 VMs. Feature set roughly equivalent to Std.
Remote office/Branch Office Advanced Adds VM capacity into existing Std, Ent, Ent+ system. Packs of 25 VMs. Feature set roughly equivalent to Ent+
Essentials Standard For very small enterprises. Cut down vCenter(vCenter Server Essentials), up to 3 servers with 2CPUs each
Essentials Advanced Essentials Std plus: vMotion, HA, DP, vShield endpoint, vSphere replication.
ESXi Hypervisor Free Basic Hypervisor. No central management. No advanced features.

These editions break down into five basic categories:

  1. The hypervisor – not really a vSphere edition at all, and unable to connect to vCenter server. Included for completeness.
  2. Essentials – A reduced feature set, only usable on up to three hosts, designed for the SMB. Upgrade capacity is limited.
  3. ROBO (Remote Office/Branch Office) – Designed to add hosts in remote locations to an existing vSphere installation.
  4. vSphere – The baseline for medium to large enterprise. A nice upgrade path from fewer to more features by licensing. Most additional products assume this as a base. Most documentation assumes this edition set.
  5. vSphere with Operations Management – Basically a way to purchase vSphere along with the vRealise suit to gain orchestration, insight and automation.

Identify the various data centre solutions that interact with vSphere (Horizon, SRM, etc.)

In addition to the vSphere system with gives you the ability to virtualise, there are the VMware add in products that extend the functionality.

  • Horizon extends vSphere into the Virtual Desktop domain.
  • Site Recovery Manager (SRM) gives active/passive DR capabilities, with the ability to fail your virtual infrastructure to a remote location.
  • vRealise gives operations management and insight, along with Orchestration.
  • vCloud Suite gives the ability to create multi-tenant private clouds.
  • NSX gives fine grained network virtualisation with distributed routing and fire-walling along with data protection.
  • VSAN moves storage closer to compute by implementing a virtual SAN in your ESXi hosts
  • Airwatch allows Enterprise mobility and builds on Horizon.

Explain ESXi and vCenter Server architectures

There are a few ways we can design our VMware infrastructure depending upon the constraints. These start simple, and get more complex, but the added complexity often has distinct benefits. For any given customer, a solution will usually fit broadly into one of these schemes, but I have seen situations where more than one has been implemented.

ESXi Standalone

This is the only solution we can use for the ESXi Free Hypervisor. There can be external storage, but this is not necessary. In this case we use a single ESXi host with no vCenter.

ESXi Architecture

This gives us the benefits of consolidating physical servers onto a single host and better resource utilisation.

This system is harder to manage with multiple hosts, and does not scale well. There are no advanced features such as live migrations.

I have used this in an instance where I needed a couple of low utilisation VMs at multiple sites, but didn’t need to manage them often, or worry about fail-over.

Single Cluster

This is the solution introduced in the Essentials Product line, and the simplest of Full Fat vSphere deployments. Here we introduce vCenter and Shared Storage, to gain the advantages of live migration, and manageability. The image below shows the architecture. Note that vCenter is shown as a Floating VM. This is because it can be either contained on one of the hosts (usual) or on a bare metal server (unusual). vCenter is also available as a windows application, or as a Virtual Appliance.

vSphere Architecture

This solution is more scaleable than the first solution we discussed, but the limit of 64 hosts per cluster means that is doesn’t scale as well as the final architecture we will look at.

By including Management (i.e. vCenter) and usually DMZ (De-militarised zone, or “unsafe”) traffic into the cluster we have a single failure domain where failure of a host, or compromise of a single network affects the whole system.

This is the standard SME solution that most businesses start out with. The constraints are loose enough that this is a good fit for a large number of clients.

Many, specialised clusters

This is the most scaleable system available. This is used for cloud environments and large deployments, or when VDI is introduced.

Enterprise Architecture

In this system the servers doing the work (Compute) are in dedicated clusters. The servers doing management and DMZ traffic get clusters dedicated to them. Servers holding VDI user sessions get dedicated clusters. There are usually multiple vCenter servers, one serving the Management cluster, one serving the compute clusters, and one serving the VDI clusters. This level of segregation makes the system very scaleable. Adding in new compute capacity is a modular process. The separate clusters also become separate failure domains. Finally, delegation of admin work is easier and more secure, so VDI admins can be kept away from Compute admin privileges and vice versa.

The downside to this architecture is it’s complexity.

Multiple vCenter systems

The final architecture we will look at runs parallel to the others. It is possible to have multiple vCenters running in different data centres, and now to vMotion between them. This is new in vSphere 6.0. This means that vCenter traffic can be kept local to a DC and not transported across the WAN.

Identify new solutions offered in the current version

Along with the usual slew of performance and scalability improvements, vSphere 6 has introduced new solutions that allow a wide range of systems that were not possible before. These are detailed below.

ESXi Security Enhancements

A range of security enhancements have been made to vSphere, with the addition of account lockout and password complexity rules.


Gives the ability for Horizon View to use hardware GPUs for guest VMs. This means that VDI sessions can benefit from full GPU acceleration for graphics intense workloads. This is either access to the GPU in a time-sliced fashion similar to how ESX grants access to the Host CPU, or in a direct 1 VM to 1 GPU fashion for direct GPU access that bypasses the hypervisor.

vCenter Server Architecture Changes

As well as having the option of Windows install or Appliance install, the vCenter Appliance in vSphere 6 brings with it two different architectures. The first embedded runs a single machine with all services. The second – External – runs the PSC and vCenter rolls on separate machines. This allows for more flexibility and scalability. This also makes it easier to upgrade where there are other services using the PSC such as NSX or Horizon.

Enhanced Linked Mode

Linked mode is now automatic if two vCenter servers are connected to the same PSC. This makes set up and maintenance much easier.

vSphere vMotion

vMotion between data centres is now possible, so long as the connection supports a RTT (Round Trip Time) of 150ms or less, vMotion between different vCenters is also available. This also allows a path to upgrade seamlessly from Windows based vCenter to the Appliance.

Multi site Content Library

The content library keeps a synchronised library of ISOs, updates and Templates making automated deployment much easier, and critically, centrally managed.

Virtual Volumes

Virtual volumes or vVols, allow fine grained control of the storage underlying VMs. They allow the use of per VM storage and make snapshotting and other management tasks easier. They also allow the underlying storage to advertise capabilities which vCenter can then take advantage of. This is done through the vSphere API for Storage.

Determine appropriate vSphere edition based on customer requirements

This has been a long blog post, and if you have stuck with it to the end, well done! It should have served to give you the tools you need to answer the final item on this section though. Determining the edition required depends on the customer requirements. Are they small enough that essentials with it’s three host limit is suitable? Do they need dvSwitch and so Enterprise Plus licensing? If you have the rest of this post covered, this section should be a breeze.

VCP Foundation Exam

With the release of vSphere 6, VMware have updated the exam structure as normal. This time there are a couple of interesting (to me at least) changes.

The first is to bring the VCP-NV more in line with the other VCP exams. It now has a consistent structure with the DCV (Data Centre), CMA (Cloud) and DTM (Desktop) variants with the same requirements (except for the additional “Cisco Certified” Route which bypasses the course requirement. This looks like it will stay until the end of January 2016), and with a foundation exam, it tests some general vSphere knowledge as well as just the NSX side. Continue reading “VCP Foundation Exam”

My VCPN610 Experience

This morning I took the VCPN610 Exam according to plan. What didn’t go according to plan was getting a score of 290 when I needed 300 to pass. So near, and yet so very very far.

This morning I took the VCPN610 Exam according to plan. What didn’t go according to plan was getting a score of 290 when I needed 300 to pass. So near, and yet so very very far.

This one was quite an expensive learning experience for me, so I need to make the most of it and learn what I can.

Lesson the First: VCP Exams are hard. I’ve done Cisco CCNA exams, and MS MCSA/MCSE Exams. I’d put this exam at well above the level of the MCSA, probably a bit above the CCNA, and probably along side MCSE. The exam goes quite deep, and broader than I expected.

Lesson the Second: Time is quite tight. I’m used to getting out of exams well before the end of the time, 30-50% of the allocated time isn’t unusual, even on the harder exams. I’m blessed that English is my first language, and that I’ve sat enough exams through school and uni to just get on with it. This exam took 75% of my time. I had the option to review questions (I wasn’t sure if I would have), but I didn’t have enough time to review them all properly, I’d have barely managed to re-read all the questions. Which leads to:

Lesson the Third: Note questions you are unsure of next time! There is the ability to review a question at a time, and you can jump about. Use it! Many questions you just know the answer to, many could use some thought. Mark and Return.

Finally: There are some areas I really need to look at in some more depth. Things that took more thinking about than they should for me:

  • QoS Where/How it gets applied to work over the physical and virtual networks.
  • The actual GUI process of adding in a logical network.
  • Where do the controllers live?
  • Packet walks for simple (one logical network, two logical network and distributed router) networks.
  • Service Composer
  • Upgrade Paths from vCNS and old versions.

I don’t want to just pass next time. I want a good solid score. I am capable of this, now to get it done.

VCP5 Under my belt

just finished sitting my VCP5 exam, OK I know I was leaving to close to the wire, but to be fair I completely forgot about the end of February constraint until I was remind of it last week :S.

So I picked the first available slot at the nearest centre to me, and attempted to revise,  not an easy thing to do when you have just started a new job and were commuting over 360 miles a day to a resellers site to do hardware certification tests. and family visiting over the weekend that we had not seen for ages 🙂

So it was with some trepidation that I walked into the test centre in Leeds.  I have to be fair and say that the exam was about right, ( I may have had a different opinion if I had failed LOL) there were very little of the tcp 3 / 4 min and Max questions, but I was surprised at the amount of Ent Plus level questions considering the fact that those features have been removed from the ICM course.  That said the fact they would be there was highlighted in the Blueprint 🙂

Well Considering that I had literally no time for revision i feel that a 356 pass score was not to bad,  I bet that Mr Sloof and Mr Vessey may have something to say about that score though.

European Brownbag – Reminder

Well the Brownbag discussion topic has been decided and we even have a guest speaker.
Work picture

I am delighted to anounce that Scott Vessey of Global Knowledge will be onboard to discuss VMware certifications. Now as with the best laid plans of mice and men, we seem to have a timing FUBAR.

For some reason @Kiwi_Si organised #vBeers at the same time. So now you have a choice you and kill some brain cells or feed some brain cells 🙂

I must remember that the first Thursday of the month is not a good time for Brownbags as half of the Virtualisation peeps in London are leathered.

So to sum up :
7pm on the 7th of July.
Use the link below to register.

Brownbags are coming to Europe

Those of you with long memories will remember that I used to be involved in Cody’s Brownbag series of online training sessions.  That is until he  moved the the sessions to 1am in the morning GMT/BST.  Well I need my beauty sleep and obviously something had to give. 😀

Well the time is neigh to reintroduce the European Virtual folks to the Brownbag concept so with Cody’s express permission


Virtualization Brownbags the European return.

So starting at 7pm on the 7th of July this will initially be a Bi-Weekly web-ex session.

Use the link below to register

VCP Brownbag #7 Networking: the revenge

This week it is VCP week and even though I am pretty certain that we have covered networking before, that was before we started recording these, so to remedy this omission we are repeating the exercise.

We will be deal the Standard vSwitch, the Distributed vSwitch and cover the creation of portgroups and PVLANs,  all good stuff and a major section of the VCP Exam.


Now for the important call details:
Date: May 4, 2010 @2PM CST the is 8PM BST and 9PM Central European

Even better we now offer international dialling numbers for several countries including the UK, Netherlands and Norway.

As an aside: VMware has a Free VCP Voucher offer, check here for details.

VCP Brown Bag – April 6th 2010

This week it is the VCP Brown bag session and no subject is set so it is open topic session day.  This is you opportunity to bring any questions you have about the VCP certification, and we’ll try to get them answered.  Remember those that have passed the VCP are also more than welcome so that your sage knowledge can be passed on to the next generation of exam takers.

As always we do have certain rules, the main one being that we do not discuss ACTUAL EXAM QUESTIONS.

The session registration details for this Brown Bag are as follows:
Date: April 6, 2010
Time: 2PM CST
Registration: Here!

Hope to see you there!

VCP BrownBag – Tuesday 9th March

The next iteration of the VCP 4 Brownbags has been locked and loaded, those of you with a sharp eye will notice something different on this session,  Cody has gone all professional.  Now the reason this session has been termed a beta is he is testing a new platform for hosting these and the subsequent VCDX Brownbags too. That said even through it is  a test the session is a live one. So Sign up,  it does not matter if you are already a VCP or not,  Those that are VCP are welcome for their experiance. So if you’re up for it register at the link below:

Date: Tuesday, March 9, 2010
Time: 2:00 PM CST
Registration: Here!

This session will be recorded and put up under the new “Brown Bag” section. Note: The VCDX Link does not work at present.

Warning – REMEMBER Those of you that are VCP’s do not forget that you are under NDA regarding Exam questions, this session is not a Braindump exercise, but a real attempt at a focused study group.