Runtime Zero
ESC
Browse by topic
VMware9 AI/ML2 Platform Engineering3 Tech Trends2 vSphere6 Kubernetes11 DevOps3 Cloud Native8 Networking4 Tanzu3 Observability1 NSX2 Security2 vSAN2 Storage1
Articles  /  VMware
VMware vSphere vSAN NSX

VMware Cloud Foundation 5.2: Architecture Overview

VCF 5.2 consolidates vSphere, vSAN, NSX, and Aria into a single lifecycle-managed stack. This post breaks down the domain model, SDDC Manager's role, and what the Broadcom acquisition means for your VCF deployment.

CS
Jan 15 2025 · 2 min read

VMware Cloud Foundation has always been the full-stack answer to "I want VMware, but managed as a single product." VCF 5.2, the first major release under Broadcom ownership, brings some meaningful architectural changes alongside the familiar lifecycle management story.

The Domain Model

VCF organises infrastructure into Workload Domains, each managed as an atomic unit:

  • Management Domain: Hosts vCenter, NSX Manager, SDDC Manager, and Aria Suite components. One per VCF instance.
  • VI Workload Domains: General-purpose compute domains for VMs or Kubernetes workloads. You can have many.
  • VCF+ Workload Domains: Kubernetes-native domains using vSphere with Tanzu (Supervisor clusters).

The key benefit of the domain model is blast radius isolation. A failed upgrade or misconfiguration in a VI domain doesn't affect the Management Domain or other VI domains.

SDDC Manager: The Orchestration Plane

SDDC Manager is the single control plane for VCF lifecycle management. It handles:

  • Bring-up: Day-0 provisioning from bare metal to a running VCF instance using the Cloud Builder appliance
  • Upgrades: Coordinated, dependency-aware upgrades across vCenter, ESXi, vSAN, and NSX
  • Certificate management: Automated certificate rotation across all managed components
  • Password management: Scheduled rotation of service account passwords across the stack

The upgrade workflow is the most operationally valuable feature. VCF 5.2 checks compatibility between all component versions before starting an upgrade and blocks on known-bad combinations. This alone has prevented several "I upgraded NSX before vCenter and now nothing works" incidents.

SDDC Manager Upgrade Flow:
1. Pre-check: compatibility matrix validation
2. Management Domain: SDDC Manager → vCenter → ESXi → vSAN → NSX
3. VI Domains: sequential, domain by domain
4. Health checks between each component

vSAN ESA as Default

VCF 5.2 makes vSAN ESA the default storage architecture for new deployments on supported hardware. The all-NVMe requirement is a meaningful hardware gate, but the operational simplification (single-tier storage, log-structured engine) is worth it for new builds.

Broadcom Licensing Changes

The most significant change in VCF 5.2 isn't technical — it's licensing. Broadcom has moved VCF to a subscription model with per-core pricing. The previous perpetual + SnS model is no longer available for new purchases.

For organisations already on perpetual licenses, your existing deployments continue as-is. New capacity requires subscription. Run the numbers carefully: for large estates, the effective per-VM cost may be lower than component-by-component VMware licensing; for smaller deployments, the reverse may be true.

What to Watch in 5.3

Broadcom's roadmap indicates Project Alpine (cloud-managed SDDC Manager) will appear in a future VCF release. The prospect of having lifecycle management hosted in a Broadcom cloud has operational implications worth monitoring — especially for environments with strict data residency requirements.

← ALL ARTICLES