Simplify Multisite PoCs Using Holodeck

In the current enterprise landscape, the ability to validate high availability and disaster recovery (DR) architectures is a prerequisite for operational excellence. However, for proof of concepts (PoCs) and learning, the infrastructure required to stage these environments—traditionally necessitating two distinct physical footprints—often stalls innovation. 

The VMware Cloud Foundation (VCF) Holodeck toolkit has emerged as the suitable solution for this challenge. By leveraging nested virtualization, Holodeck enables the deployment of a fully functional, dual-site VCF environment on a comparatively smaller hardware footprint. This provides a sandbox environment to master complex multi-instance operations without the capital expenditure of a secondary data center.

Architecture: The “Lab-in-a-Box” Framework

Holodeck’s dual-site capability is built on a sophisticated networking and automation stack designed to provide a nested enterprise private cloud.

• Holorouter Architecture: A specialized Photon OS appliance serves as the centralized network services hub. It provides BGP, DNS, DHCP, and NTP services. It also provides the routing service required to route traffic between “Site-a” and “Site-b” as if they were geographically separated.
• Automation Layer: The deployment process is entirely automated. With just a couple of commands that the user runs, Holodeck deploys the entire dual-site VCF environment.
• Isolated Networking: The internal networks of Holodeck are designed for complete isolation, making them inaccessible from the external corporate network by default. This design establishes a genuinely contained sandbox environment. Users have the flexibility to configure connectivity if needed, for integration validation or other use cases.

Strategic Use Cases

A dual-site Holodeck deployment is more than a proof of concept; it is a rigorous testing ground for the following enterprise scenarios:

1. Disaster Recovery

Validate your business continuity strategy by deploying VMware Live Recovery across nested sites. This allows teams to practice site failover, non-disruptive recovery testing, and IP re-customization in a zero-risk environment.

2. NSX Federation and Global Policy Management

Holodeck provides the ideal platform to test NSX Federation with dual-site deployment. Users can configure NSX to stretch segments across both sites, ensuring consistent security postures and unified networking policies across the virtual fabric.

Key Advantages of Holodeck

• Rapid Iteration: The dual-site nested VCF deployment takes only a few hours with the automated process. If a test fails or an environment becomes unstable, it can be wiped and redeployed with just a few commands.
• Zero External Dependencies: Holodeck provides its own internal DNS, DHCP, NTP, and BGP services. It requires no configuration changes to your corporate network, enabling “plug-and-play” labs.
• Blueprint Validation: Use Holodeck to “dry run” your production design. If the configuration succeeds in the nested environment, it serves as a verified blueprint for your physical rollout.

Deployment Process

Prerequisites:

1. Hardware Requirements: Confirm that the physical host meets the necessary hardware specifications for dual-site deployments, as detailed in the documentation here.
   
2. Network Configuration: Create a trunk portgroup on either a vSphere Standard Switch, vSphere Distributed Switch, or NSX switch. This portgroup must allow VLANs 0, 10 through 25, and 40 through 58. For more details, refer to the documentation.
   
3. Depot Setup: Holodeck supports both online and offline depot modes for VCF deployments. If deploying in an offline environment (with limited or no internet connectivity), you must set up the offline depot before starting the Holodeck deployment. Detailed instructions are available here.
   
4. Download Binaries: Download the VCF Installer OVA and the VMware ESX ISO from the Broadcom Support Portal.

Deployment Steps:

1. Deploy Holorouter: Deploy the Holorouter OVA onto the target host (a standalone VMware ESX host or a vSphere cluster managed by VMware vCenter). The detailed process is available here.
   
2. Stage Software: Log into the Holorouter and copy the downloaded VCF Installer OVA and VMware ESX ISO to the designated folder. Instructions can be found here.
   
3. Dual-Site Holodeck Deployment:
   
   1. The deployment can be run for both sites concurrently via two separate Holorouter sessions, or you can wait for site ‘a’ deployment to finish before starting site ‘b’ deployment.
      
   2. To begin the deployment of the nested dual-site VCF environment with default CIDRs and VLANs, execute the following commands:
      
      pwsh
New-HolodeckConfig -TargetHost <target_host_url> -Username <target_host_username> -Password <target_host_password>
New-HoloDeckNetworkConfig -Site a
New-HoloDeckNetworkConfig -Site b
Set-HoloRouter -dualsite
New-HoloDeckInstance -Site a [Additional Parameters]
      
   3. Open a new session to the Holorouter, or wait for the site ‘a’ deployment to complete, and run the following command: 
      
      Get-HolodeckConfig | Import-HolodeckConfig
New-HoloDeckInstance -Site b [Additional Parameters]
      
   4. If you are using custom CIDRs and VLANs, run the following commands to initiate the deployment of nested dual-site VCF environment: 
      
      pwsh
New-HolodeckConfig -TargetHost <target_host_url> -Username <target_host_username> -Password <target_host_password>
New-HoloDeckNetworkConfig -Site a -MasterCIDR <site-a-cidr> -VLANRangeStart <site-a-vlanrangestart>
New-HoloDeckNetworkConfig -Site b -MasterCIDR <site-b-cidr> -VLANRangeStart <site-b-vlanrangestart>
Set-HoloRouter -dualsite
New-HoloDeckInstance -Site a -CIDR <site-a-cidr> -VLANRangeStart <site-a-vlanrangestart> [Additional Parameters]
      
   5. Open a new session to the Holorouter, or wait for the site ‘a’ deployment to complete, and run the following command: 
      
      Get-HolodeckConfig | Import-HolodeckConfig
New-HoloDeckInstance -Site b -CIDR <site-a-cidr>,<site-b-cidr> -VLANRangeStart <site-a-vlanrangestart>,<site-b-vlanrangestart> [Additional Parameters]
      

• NOTE: Ensure the custom CIDR is a /20 network. 

• NOTE: The specific parameters available for the New-HolodeckInstance command vary based on the type of deployment. For detailed information on the supported parameters, please refer to the documentation for your chosen deployment:
  • VMware vSphere Foundation (VVF)
  • Management domain only
  • Full stack VCF

Conclusion

Holodeck is an invaluable resource for architects and administrators who want to gain a deeper understanding of VCF. It offers a comprehensive use case validation and learning experience. Owing to the nature of its deployment, it is very efficient in terms of resource consumption. This resource efficiency is especially beneficial for PoCs, allowing users to rapidly prototype and test VCF configurations without significant infrastructure investment. Furthermore, with support for dual-site deployments, Holodeck expands the scope for users to validate disaster recovery and high availability scenarios.

If you are looking for more information on Holodeck and its capabilities, please refer to the official documentation here.