VMware Cloud Foundation Starts with vSAN

VMware Cloud Foundation is the most comprehensive hybrid cloud architecture because it provides a complete set of software-defined services for compute, storage, networking, and cloud management to run enterprise apps—traditional and containerized—in private and public cloud environments. It drastically simplifies the path to a hybrid cloud through full stack HCI, a single comprehensive and integrated software stack. Cloud Foundation is easy to deploy and operate thanks to built-in, automated lifecycle management.

This article focuses on why vSAN is the ideal storage platform to power Cloud Foundation as a full stack HCI solution. The table below highlights the key advantages of deploying vSAN with Cloud Foundation.

The remainder of this article provides more details on the features and benefits that vSAN brings to Cloud Foundation. Before we get into those details, let’s define a few key Cloud Foundation terms.

SDDC Manager: Cloud Foundation software component that provisions, manages, and monitors the logical and physical resources of a Cloud Foundation system.

Management Domain: vSphere cluster that runs infrastructure management components such as vCenter Server, NSX, SDDC Manager, and vRealize Log insight. It is automatically created on a four-host vSAN cluster.

Workload Domain: vSphere cluster combined with storage (vSAN or NFS) and networking into a single consumable entity. A workload domain can be created, expanded, and deleted as part of the SDDC lifecycle operations.

vSAN Completes Cloud Foundation

Let’s take a closer look at technical features in vSAN that make it an excellent choice for Cloud Foundation storage. We will focus on three primary benefits—minimizing costs, reducing complexity, and avoiding risk.

Minimize Costs

vSAN uses local drives in standard x86 servers to form a single, shared datastore accessible by all hosts in the cluster. Using the local storage devices in a host reduces the cost and complexity of purchasing, configuring, and managing separate storage array controllers, drive shelves, and dedicated storage networks. A simplified approach using standard hardware commonly reduces capital expenditures.

Traditional storage and storage networks require manual deployment and administration in a Cloud Foundation environment. Manual processes take more time, which translates to higher OpEx, and they introduce the risk of inconsistent configurations.

SDDC Manager automates the deployment and lifecycle management of vSAN in management and workload domains. This includes the configuration of vSAN disk groups, vmkernel port configuration for vSAN network traffic, and storage policy assignment to management workloads. With vSAN, full-stack (compute, network, and storage) lifecycle management is enabled in Cloud Foundation.

vSAN licensing is simple to understand and manage. It is licensed per-CPU regardless of the amount of drive capacity in each host. This differs from many traditional storage arrays that have more complex, capacity-based licensing.

Granular capacity growth without disruption is another great benefit to HCI powered by vSAN. Scale out a vSAN datastore one or many hosts at a time. There is no need to migrate VMs or reconfigure LUNs and volumes. Scale up a vSAN cluster by adding or replacing drives in existing hosts. Since vSAN is licensed per-CPU, storage capacity can be added to existing servers without additional licensing costs.


Organizations that require high availability across sites can utilize vSAN stretched cluster configurations with Cloud Foundation. A vSAN stretched cluster is the only stretched storage solution supported with Cloud Foundation. It provides local and cross-site protection for up to 50% less than traditional stretched storage solutions.

Reduce Complexity

vSAN provides a single, shared datastore on a per-cluster basis. Gone are the days of maintaining a spreadsheet to track multiple LUNs and volumes with varying capacities, service levels, and performance profiles. Storage Policy-Based Management (SPBM) manages these elements at the VM level. This removes the operational complexity associated with the manual processes of traditional storage such as masking and zoning LUNs, managing NFS mount points, and so on.

SDDC Manager automates updates to vSphere clusters using VMware Update Manager (VUM). Since vSAN is embedded in vSphere, updates to vSAN are included in this process. VUM also provides a streamlined method for updating controller firmware and drivers for vSAN environments. VUM compares the environment’s hardware configuration, the vSphere and vSAN release catalog, and the VMware Compatibility Guide to provide recommendations on what version of vSphere and vSAN should be running. This takes the guesswork out of lifecycle management for software and hardware.

VMware Cloud on AWS also uses vSAN for storage. There are a number of similarities in the way resources are deployed and managed with VMware Cloud on AWS and an on-premises private cloud based on Cloud Foundation. Many of the same tools and UIs are used to manage and monitor these private and public cloud environments. This provides organizations with a consistent infrastructure and operational model—a true hybrid cloud—that is available today.


vRealize Operations can be automatically deployed with Cloud Foundation to provide pre-built vCenter and vSAN dashboards that are available directly in the vSphere Client. It enables administrators to monitor the overall status of multiple vSAN clusters without having to switch UIs. If more details are needed, a few clicks take the administrator to the full vRealize Operations UI, which includes more comprehensive dashboards for vSAN operations, capacity, and troubleshooting. A closer look at this functionality is available through this vSAN vRealize Operations Dashboards click-through demo on StorageHub.

Some use cases such as application development require a constant cycle of deploying and destroying multi-virtual machine environments. vRealize Automation, part of VMware’s integrated SDDC software stack, is a solution that enables end-users to deploy pre-configured environments, as needed, within the confines set by the infrastructure administrators. A vSAN plugin for vRealize Automation enables administrators to implement SPBM into these blueprints for easy consumption.

With a self-service approach, end-users are not slowed down by the complexity and manual processes of deploying infrastructure and installing software. Lifecycle support for the compute, network, and vSAN storage resources that support these blueprint deployments is integrated into Cloud Foundation.

Avoid Risk

The management domains and each workload domain use separate compute, network, and storage resources when vSAN is deployed. This approach eases maintenance operations. For example, an upgrade of vSphere and vSAN in the management domain introduces no impact to the workload domains. There is no need to coordinate maintenance windows across large numbers of workloads that are using common infrastructure resources.

Comprehensive health status monitoring helps avoid unplanned downtime. vSAN includes more than 50 health checks to verify consistent configuration and optimal runtime conditions. vSAN and vSphere include health checks for issues with hosts, networking, data integrity, and capacity utilization to name just a few. If an issue arises, vSAN Health enables administrators to quickly begin troubleshooting by providing a link to the relevant VMware Knowledge Base article. During patching and upgrades, SDDC Manager uses these health checks to help ensure successful upgrades.


For those requiring an additional level of security, vSAN supports FIPS 140-2 compliant encryption for data at rest. vSAN Encryption works with hybrid and all-flash configurations and it works with any storage device in the VMware Compatibility Guide for vSAN. There is no need for self-encrypting drives. Since this encryption feature is native to vSAN, it is compatible with other vSphere and vSAN features such as vSAN deduplication and compression, vSphere HA, vSphere Replication, and vSAN stretched clusters.

Last, but not least, vSAN Support Insight provides “phone home” capabilities. This integrated storage telemetry feature is part of VMware’s Customer Experience Improvement Program (CEIP). Obfuscated data is uploaded to the VMware Analytics Cloud for use by technical support engineers (TSEs) in VMware Global Support Services (GSS). TSEs can easily see a variety of information such as vSAN Health alerts, hardware configurations, and performance data without relying on the customer to upload logs. VMware does not have access to sensitive information such as host names and IP addresses unless the customer explicitly provides access to an obfuscation map to decode those details. GSS access to vSAN Support Insight data aids troubleshooting efforts and commonly leads to faster problem resolution times.

Reference – VMware Blogs


VMware Cloud Foundation powered by vSAN provides a tightly-integrated compute, network, and storage platform with CapEx and OpEx savings over traditional SAN/NAS storage options. For vSphere administrators, this complete software-defined data center is the only way to deliver a completely consistent operational model across the hybrid cloud.