Equinix Metal Guide: Setup and Deploy VMware Cloud Foundation

Prerequisites

• Equinix Metal account with the proper permissions to use VMware Cloud Foundation (VCF) on-demand server type.  Please work with your Equinix Metal account team or open a support request with them in order to confirm you have the proper permissions to access the VCF ESXi server type.
• VMware Cloud Foundation Management Domain deployed with CloudBuilder.  Note that many of the steps outlined below are applicable for creating and preparing ESXi hosts for the Mangement Domain.  However, vSAN is required to be used as the Principal Storage type for initial Management Domain deployment.  VMware documentation on deploying a Management Domain can be found here. 
• Deployed Network Functions Virtualization (NFV) solution such as Microtik or Cisco 1000v to act as ToR switch with required VCF VLANs and networks created.  Please see this guide for an example of how to deploy an NFV within Equinix Metal.
• Deployed DNS solution such as Windows or Bind9 with forward and reverse DNS lookup entries populated for VCF components.
• NTP Server configured and on VMware Cloud Foundation Management Network.
• Windows and/or Linux jump host to access Equinix Metal environment. 
• Private and Public SSH Keys generated and assigned to Equinix Metal project where VCF will be deployed.  This link outlines the process for SSH key creation and application to your Equinix Metal project.

Deploying VMware Cloud Foundation Servers in the Equinix Metal Console

From the Equinix Console, there are two ways to deploy a VCF ESXi host.  One way is to go to Server > On Demand:

The other way is to select the + New Server button within the Equinix Metal Console Servers menu option:

Click on the ON DEMAND server deployment option.

VMware Cloud Foundation ESXi on-demand servers are available in a subset of regions.  In our example, we will be using the Dallas Region.  Please contact Equinix Metal in order to determine if the VCF server option is available in your desired region.

After selecting the Location you desire, next click on the m3.large.x86 server size option (other server sizes and configurations for VCF will soon be available if they are not already).

Next, click on the VMware/ESXi tab (1) and from the three options shown, select Vmwarevcf (2).

Provide a Hostname for your ESXi server (3).  Note that this hostname should match what you will be using for the FQDN of your ESXi host.  Increment to your desired Number of Servers (4).  Note that 5 servers is the maximum that can be deployed at once.  For the VCF Management Domain, a minimum of 4 ESXi hosts are required while for a VCF Workload Domain, the minimum is 3 ESXi hosts.

 

Leave the Optional Settings as default and click on Deploy Now (1) to kick off provisioning your ESXi hosts.

 

Depending on the numbers of servers requested, the deployment time can take anywhere from 10-20 minutes.  Progress can be monitored by click on the clock (1) icon on each server in your Equinix Metal console inventory.

 

ESXi Host Networking Setup in the Equinix Metal Console

Once the VCF host or hosts have been deployed successfully, the next step is to assign the appropriate VLANs to them.  The proceeding steps again may be scripted.

The main unique feature of the VCF ESXi Host deployment selection is the ability to assign the same VLANs to both of the ethernet ports (eth0 and eth1) on the ESXi hosts.  This capability is a core requirement of VMware Cloud Foundation for networking performance and resiliency in the distrbuted switches it creates automatically.

The sample matrix below shows where the various VLANs needed for VMware Cloud Foundation with Workload Management should be assigned to the different ESXi and hosted Pure Storage FlashArray ports.  Names and numbers of VLANs may be changed to match preexisting infrastructure within Equinix Metal.  For an example on how to setup VLANs in Equinix Metal, please see this link.

To assign the proper VLANs, first select the Network (1) menu item.

Next click on the + Add New Vlan button (1).

Select the Interface (1) you wish to assign the VLANs to from the pull down menu.

Then, under the Network (2) field, use the pulldown menu to select a VLAN (3) you wish to assign.  Repeat steps 2 and 3 until you have selected all of the VLANs you wish to assign to your ESXi host.

Once all of the VLANs you wish to assign to your ESXi host appear in the Network field, click on the Add (1) button to assign them.  For a complete listing of all VLANs required for usage with VCF, please see the table at the beginning of this section.

 

Repeat the above VLAN assignment procedure for the eth1 (1) interface.

Once all of the same VLANs have been selected, click on the Add (1) button.

The VLAN batch assignment process might take a minute or two to complete.  Once it has finished, make sure to inspect the assigned VLANs under the Network tab and confirm that all of the required VLANs are shown across both eth0 and eth1 interfaces.

For management and iSCSI connectivity to the FlashArray hosted within Equinix Metal, it is also important to check and confirm that the necessary VLANs have been assigned to both Pure Storage FlashArray controllers.

To confirm VLAN assignment, first click on the Servers (1) menu tab and then select PureCT0 or PureCT1 (2).

Go to the Network (1) menu item and confirm that both the VCF management VLAN (2) and iSCSI VLANs (3) has been assigned to both FlashArray controllers.  In the case of iSCSI, it will be required to assign the VLAN to the ethernet ports that have been assigned the iSCSI role on the FlashArray.

A technical demo video showing the steps we went through above can be found below.

ESXi Host Preparation for Commissioning into VMware SDDC Manager

The ESXi hosts now need to be configured with the proper IP address, password, DNS entries and a few other items before they can be commissioned into SDDC Manager for use in a Workload Domain.

The first step is to connect to the console of the ESXi host via the Out-of-Band Console (1).  Click on the button shown below to start.  

The console information button will provide you with an ssh command for accessing the ESXi host that can be copied.  Click on the Copy (1) button.

Open an SSH tool such as PuTTY or MobaXterm (PuTTY is used in our example) and paste the Out-of-Band console information you copied into the Host Name or IP address field.  Note that you will have to remove the leading ssh text from the copied Out-of-band console command for our PuTTY example.

Equinix Metal uses SSH keys to provide secure access to deployed assets.  Please visit this link to generate a public/private key combination and associate it with your project prior to this next step if you haven't done so already.

Supply your public SSH key to access the ESXi host via going to the Connection > SSH > Auth menu (1) and then clicking on the Browse (2) button.

Select your Equinix Metal .ppk file (1) and click on Open (2).

The ESXi host GUI will be launched within the PuTTY window.

In order to login for the first time, you will need to return to the Equinix Metal console and copy the temporary ESXi root password (1).  Note that this temporary root password expires 24 hours after the ESXi host is deployed so it is imperative that it is changed soon after the host is deployed.

Going back to the PuTTY console, push the F2 button and then paste in the temporary password.

From here, the ESXi host will need to have the root password updated and have the management network configured with DNS, static IP address, hostname, etc..  

Another important set of steps to be completed on an ESXi host prior to commissioning into SDDC Manager involves logging into the DCUI console via a web browser.  Assigning a Management Port Group the VCF management VLAN and providing an NTP host and starting the NTP service are the other required actions in addition to the one unique to Equinix Metal shown below.  Note that these steps below, along with everything above can be scripted. 

After logging into the DCUI, click on the Host (1) button, then the Networking button (2) and then the VMkernel NICs tab (3).

The Private Network shown is not needed for VMware Cloud Foundation and can negatively impact commissioning a host, so it needs to be removed.  To remove it, click on the vmk1 adapter (1), then Actions (2) and lastly the Remove (3) button to delete the VMkernel NIC.

Lastly, click on Port groups (1), then Private Network (2), select Actions (3) and then the Remove (4) button to delete the Private Network Port group.

One of the last actions for ESXi host preparation is to update the ESXi host(s) to a version that is compatible with SDDC Manager.  Please see the VCF Release Notes to either confirm your ESXi host is on a supported version or update your ESXi host to the version listed in the Bill of Materials. 

The other requirement is to enable root logon to the the ESXi host, as SDDC Manager requires that step in order to add an ESXi host to inventory.  The procedure to enable root login to an ESXi host can be found here.

The steps outlined above are shown in the below demo video:

Deploying a VMware Cloud Foundation Workload Domain with Pure Storage FlashArray as Principal Storage

The below link outlines the step-by-step process for deploying a workload domain with Pure Storage as Principal Storage using vVols and iSCSI.

How To: Deploy VCF Workload Domains with vVols and iSCSI as Principal Storage

The below demo video shows the Workload Domain deployment process in Equinix Metal using the Pure Storage FlashArray.