VMware Cloud Foundation Spotlight – March 2024

VMware Cloud Foundation Spotlight – March 2024

This VMware Cloud Foundation spotlight article summarizes the latest information we have received and seen from VMware by Broadcom since the end of February. A lot of great news and enhancements!

Why should you care about VMware Cloud Foundation?

VMware Cloud Foundation Is A Path Worth Investigating is one of my recent articles about VCF which gives customers, partners, and employees a better understanding of what the new VCF division is working on.

Enabling Load Balancer as a Service for VCF-based Private Cloud

As shared in the VMware: Business Simplification, Portfolio Innovation and Ecosystem Standardization blog, VMware by Broadcom introduces new Load Balancer as a Service (LBaaS) capabilities powered Aria Automation with VMware Avi Load Balancer.

Note: Avi is available as an add-on to VMware Cloud Foundation (VCF)

VMware Avi Cloud Accounts

Through built in VCF capabilities, cloud admins will be able to offer application teams self-service access to L4-L7 load balancing services. This will enable application and infrastructure teams to immediately deploy load balancing at the time of application provisioning, with minimal know-how of load balancing technology or the need to create manual tickets.

This new capability is available with the Aria Automation 8.16.1 release. More information about this release can be found below.

LBaaS template examples can be found here: https://docs.vmware.com/en/VMware-Aria-Automation/8.16/Using-Automation-Assembler/GUID-23057CA7-48ED-47FF-BF95-2C0734BAD2B5.html

Aria Operations Management Packs that are End of Life on December 31st, 2023

In case you missed it, some of the Aria Operations management packs went EoL on December 31st, 2023.

VMware Digital Learning Entitlement Walkthrough

VMware vSphere Product Line Comparison

Just a reminder that there is an updated version of the vSphere product license comparison available now for:

  • vSphere Essentials Plus
  • vSphere Standard
  • vSphere Foundation

Note: Nvidia Grid vGPU support is only available in vSphere Foundation and VMware Cloud Foundation

Current NSX Feature Entitlement

I thought it might be worth mentioning the current NSX feature entitlement documentation again.

VMware Cloud Foundation and VMware vSphere Foundation: Feature Comparison & Upgrade Paths

Another document that might be new for you: VCF and VVF feature comparison and upgrade paths

A Closer Look at the M7i Instance on VMware Cloud on AWS

The disaggregated M7i.metal-24xl instance type is generally available now on VMware Cloud on AWS.

A major difference to current VMware Cloud on AWS instance types is that M7i.metal-24xl does not include local NVMe devices, meaning vSAN is not part of this instance type. For customers and workloads better suited for vSAN, the I3en or I4i nodes are the go-to choices. 


The M7i.metal-24xl instance uses Intel Sapphire Rapids CPU packages. Sapphire Rapids is a codename for Intel’s fourth-generation Xeon Scalable CPUs. It comes with 48 physical cores, with Hyper-Threading enabled resulting in 96 logical processors.

HA and DRS in VMware Cloud on AWS

This blog shares details about how HA and DRS are configured in VMware Cloud on AWS. It covers vSphere DRS, Elastic DRS (EDRS), and vSphere HA: https://vmc.techzone.vmware.com/resource/ha-and-drs-vmware-cloud-aws 

Initial Availability of VMware Private AI Foundation with NVIDIA

Presented at Nvidia GTC in mid-March, VMware by Broadcom announced the initial availability of VMware Private AI Foundation.

Built and run on  VMware Cloud Foundation, VMware Private AI Foundation with NVIDIA comprises the new NVIDIA NIM inference microservices,  AI models from NVIDIA and others in the community (such as Hugging Face), and NVIDIA AI tools and frameworks, which are available with NVIDIA AI Enterprise licenses. 

The solution brief of VMware Private AI Foundation with Nvidia can be found here: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmware-privateai-foundation-with-nvidia-solutions-brief.pdf

A technical overview can be found on tech zone: https://core.vmware.com/blog/vmware-private-ai-foundation-nvidia-%E2%80%93-technical-overview

Announcing VMware Live Recovery

VMware Live Recovery complements the features of VMware Cloud Foundation by providing advanced data resiliency and site protection capabilities. VMware Live Recovery combines two VMware solutions into a unified entry console, licensing model, and support structure:

  • VMware Live Cyber Recovery (formerly VMware Cloud Disaster Recovery + VMware Ransomware Recovery)
  • VMware Live Site Recovery (formerly VMware Site Recovery Manager)

vSAN HCI or vSAN Max – Which Deployment Option is Right for You?

In case you missed this tech zone article, it explains the ESA options for VVF and VCF: https://core.vmware.com/resource/vsan-hci-or-vsan-max-which-deployment-option-right-you

Greater Flexibility with vSAN Max through Lower Hardware and Cluster Requirements

Important updates have been made to hardware and cluster requirements for vSAN Max deployments. Read more here: https://core.vmware.com/blog/greater-flexibility-vsan-max-through-lower-hardware-and-cluster-requirements

Aria Automation March 2024 (8.16.2) – Private AI Automation Services for Nvidia

VMware by Broadcom introduced the initial availability of a new capability called Private AI Automation Services, powered by VMware Aria Automation (8.16.2) and VMware Cloud Foundation “Private AI Foundation for NVIDIA (PAIF-N).”

This integration offers Private AI Automation Services, a collection of features that enable Cloud Admins to quickly design, curate, and deliver optimized AI infrastructure catalog objects through Aria Automation’s self-service Service Broker portal.

Image Placeholder

Aria Automation March 2024 (8.16.2) – Cloud Consumption Interface (CCI) is Now Available on-premises

The Cloud Consumption Interface (CCI) is now available on-premises for VMware Cloud Foundation customers through Aria Automation, enabling them to leverage the benefits of VMware Private AI Foundation with NVIDIA without having to worry about infrastructure management. In addition, the CCI offers a simple and secure self-service consumption of all Kubernetes-based, desired state Infrastructure as a Service (IaaS) APIs that are available in the vSphere platform.

Image Placeholder


It is available through a Kubernetes command-line kubectl plugin, and APIs, providing choices to enable enterprises to build and deploy modern applications efficiently and cost-effectively on vSphere while maintaining infrastructure governance and control.

The announcement can be found here: https://core.vmware.com/blog/aria-automation-march-2024-8162-cloud-consumption-interface-cci-now-available-premises

A lot of high-level and technical details can be found on tech zone: https://core.vmware.com/resource/data-modernization-vmware-data-services-manager

Data Services Manager 2.0.2 Release

Read more about the new capabilities here: https://docs.vmware.com/en/VMware-Data-Services-Manager/2.0/data-services-manager/GUID-release_notes.html#whats-new-release-2.0.2

Cormac Hogan wrote a blog about this new DSM 2.0.2 release: https://cormachogan.com/2024/03/28/data-services-manager-v2-0-2-available-with-new-aria-automation-integration/

VMware ESXi 8.0 Update 2b Release Notes

The first important change with the ESXi 8.0 U2b release is:

Starting with vSphere 8.0 Update 2b, as part of the VMware vSphere Foundation Solution License, you can use up to 100 gibibytes (GiB) of included vSAN storage per host licensed core. For a capacity larger than 100 GiB per core, you must purchase vSAN capacity per tebibyte (TiB) and apply a vSAN license key that reflects the total raw storage capacity of the vSAN cluster.

The second highlight is the “new solution license for VCF and VVF”:

Starting with vSphere 8.0 Update 2b, you can use a solution license to license all components of VMware vSphere Foundation.

VMware vSphere Foundation includes the following components:

  • vCenter Server
  • ESXi
  • vSphere with Tanzu
  • vSAN Enterprise (100 GiB per core per host)
  • VMware Aria Operations
  • VMware Aria Operations for Logs
  • VMware Aria Suite Lifecycle

SAP HANA on vSphere 8

VMware and its partners completed the SAP HANA validation for 4-socket Sapphire Rapids, which means that SAP now offers full support for this platform when running on vSphere 8. More information about deployment, sizing and operations can be found in the new SAP HANA on VMware vSphere best practices guide.

Solution License

You add and assign the solution license to vCenter Server instances, ESXi hosts, and Tanzu Supervisor Clusters. After you assign the license to all ESXi hosts in a vSAN cluster, the cluster is licensed automatically. After you assign the license to vCenter Server, Aria Suite components that are registered with this vCenter Server are licensed automatically.



General Availability of VMware Cloud Foundation 5.1.1

The VCF 5.1.1 release notes can be found here: https://docs.vmware.com/en/VMware-Cloud-Foundation/5.1.1/rn/vmware-cloud-foundation-511-release-notes/index.html

These are the new included software components and versions:

Important:  VMware Cloud Foundation 5.1.1 has the option of deploying a single solution license key, which now includes a 60-day evaluation period and is detailed in this post.  

VCF Evaluation Mode

The latest release of VMware vSphere Foundation and VMware Cloud Foundation also supports a new “License Later” capability, which allows customers to deploy applicable VMware Cloud Foundation components while still in evaluation mode. After deployment, customers can switch to a fully licensed mode by simply adding the license keys in the SDDC Manager User Interface (UI) as a component license key or via the vSphere Client as a Solution License Key.

In other words, you can now deploy VMware Cloud Foundation with Cloud Builder and do not require any component licenses upfront! This makes evaluations/tests much easier.

VMware Cloud Foundation 5.x Posters

They are back! The blog and download link can be found here: https://core.vmware.com/blog/vmware-cloud-foundation-5x-posters


HCX 4.9

I would like to highlight the support for air-gapped environments coming with this new release.

In some environments, security policies require systems to be disconnected from internet access. Air-gap sites make no connections to VMware servers for exchanging information. HCX systems deployed in air gap mode do not participate in the HCX Customer Experience Improvement Program (CEIP). During the HCX activation, if the system detects that air-gap mode has been selected, no internet connections are established.

VMware Cloud Foundation Is A Path Worth Investigating

VMware Cloud Foundation Is A Path Worth Investigating

When customers build new data centers or private clouds, they are looking for a standardized blueprint that can be automated and is considered to be intrinsically secure. They are thinking like cloud service providers (CSP) and would like to deliver a private cloud with public cloud characteristics, where they can build their services (IaaS, CaaS, PaaS, DBaaS etc.) on top. If it is a private cloud stack that I have to take care of, I would like to have automation and built-in security as a design requirement, and it should be something that can be managed efficiently.

Monolithic Private Clouds and Modern Applications

It is very interesting to see that so many organizations talk about modern applications, but are still managing and maintaining what I would call a “monolithic” data center. I see customers talking about a modern infrastructure for their modern (or to be modernized) applications. Modern infrastructure means a public cloud for them.

The word “monolithic” describes that something is very large, united, and difficult to change. Something inflexible. Talking about monoliths, most people immediately think about static, solid, and big applications that need to be modernized to become smaller loosely coupled entities. Therefore, it surprises me that almost nobody talks about monolithic infrastructures or monolithic private clouds. Perhaps this has something to do with the mostly (still) monolithic applications which implies that these workloads are running on a legacy or monolithic infrastructure. That could be the mindset or illusion of enterprises that are starting with the modernization of the low-hanging fruits that can run in the public cloud.

Migration of monolithic applications to modern public clouds

There are so many cases, where organizations have no other choice than to lift and shift virtual machines from their data centers to Azure (aka modern cloud) let’s say, because of their contracts – because of their commitments. No innovation and the same business logic but for 10x the price.

We have seen it more and more over the past few months and years: It is not that easy to move workloads to the public clouds. In most cases, it takes longer than expected and organizations learn from other organizations, which allows them to adjust their plans and “journey to cloud” timeline.

So, what happens to the applications that have to stay in your private cloud, because you cannot or do not want to migrate them to the public cloud (or any other cloud in general)? Some of the applications are for sure still important, need to be lifecycled and patched, and some of them need to be modernized for you to stay competitive with the market and competitors.

What about a modern private cloud?

If you have the same vision and approach in mind, which is putting modern applications on a modern platform, what are the reasons for stopping and not investing in a more modern platform that can host your legacy apps, modern apps, and anything that might come in the future? Where do you deploy your AI-based workloads and data services if such applications/workloads and their data have to stay in your private cloud?

Cloud is an operating model, not an architecture or specific place.

What is the reason that you treat your on-premises cloud differently?

Changes at VMware by Broadcom

I hear and see comments about:

Yes, some of the changes are disruptive. Nevertheless, I believe it is a big step in the right direction.

No company or person in this world is perfect. There is always something or someone that you and I do not like about another person or a company. And that is okay!

Let us take the example of pricing.

If you do not get what you want, you feel frustrated. You feel let down and disappointed. In other words, if you get what you do not want, you are unhappy.

If you (exactly) get what you want, which would be a fair price from your standpoint, you still would be unhappy, because you can’t hold on to it forever.

What are you going to do about it? No vendor on this planet can and will give customers guarantees about future price developments. 

Strategy and Misadventures

I had a chat with the CTO of one of the biggest banks in the world back in December 2022. We were talking about regulations, public cloud concentration risk, application portability, and their defined cloud-exit triggers.

One of their metrics was about “cost increase“:

20% or greater price increase of a cloud provider’s service used by a production application over two consecutive quarters.

In 2023, Microsoft announced a Microsoft Cloud price increase of 9-15% in Europe:

taking into consideration currency fluctuations relative to the USD. […] and move to a pricing model that is most common in our industry.

The Microsoft Cloud continues to be priced competitively, and Microsoft remains deeply committed to the success of its customers and partners. We will continue to invest to enable customers to innovate, consolidate and eliminate operating costs, optimize business performance and efficiency and provide the foundation for a strong security strategy that customers around the world have come to rely on.

Note: This price increase affected services that charge based on usage, such as compute, storage, and networking. Every customer including those with a commitment and a discount in place had to pay the price increase.

What did this customer and many others do? They did not think about a cloud-exit trigger but were finding a way to offset these cost increases.

I think most of us are looking for an approach to put the right app in the right cloud based on the right reasons while not losing track of costs. And then we have the need to maximize performance and business benefits. Oh, and we have to consider regulations and (data) privacy as well.

What to expect from VMware by Broadcom?

Building or modernizing data centers or clouds is about automation and security, and speed can be considered the new security nowadays. Yes, the innovation engine was stalling a bit during the Broadcom acquisition.

But here is what is happening. Let us say that building a data center or in this case, a private cloud is like setting up a tent when camping:

  • You have to select a location to accommodate the size of your tent.
  • Lay out the fabric and sort through all the components to ensure everything is present and in good condition
  • If it is a traditional tent with poles, you need to assemble them according to the instructions provided
  • Then you have to place the tent fabric over the assembled poles and ensure the base is properly secured to the ground
  • After that, you secure the tent by staking down the corners and guy lines to add stability in windy conditions
  • Now that you know that the tent is stable and properly secured, it is time for final adjustments
  • Everyone is happy, we can work on the interior setup and set up other camping gear inside as needed

There are two options to speed up and enhance this process:

  1. Ask for help. Someone with experience who has done this before.
  2. Buy an inflatable tent

The new VMware Cloud Foundation

Picture a self-inflating tent, where every component plays a crucial role in creating a seamless structure. Just like how the framework, fabric, and guy lines work together to make the perfect tent, in a data center, the compute, storage, and network components form a stack, each enhancing the performance, security, and connectivity of the system.

Overall, self-inflating tents offer a convenient, practical, and comfortable camping solution for adventurers of all levels.

This is what we can expect from the VCF division and from Broadcom’s CEO Hock Tan, who has promised “to invest an incremental $2 billion a year to better unlock customer value – with half focused on R&D and the other half focused on helping to accelerate the deployment of VMware solutions through VMware and partner professional services.” 

With the new VMware Cloud Foundation division under Broadcom, we see a strategic consolidation, where diverse expertise converges into a single force working on this self-inflating tent. By integrating the formerly disparate units, customers are going to profit from a better user experience and an enhanced set of products and services.


VMware Cloud Foundation Spotlight – February 2024

VMware Cloud Foundation Spotlight – February 2024

I remember during all those years when I told customers that “VMware Cloud Foundation is the new vSphere”, and in my opinion, Broadcom is preparing the way that VMware Cloud Foundation (VCF) becomes long-term the new de facto standard in data centers (and public clouds). With this first spotlight, I would like to highlight some of the new information from VMware by Broadcom.

End of General Availability of the Free vSphere Hypervisor

In case you missed the information in the blog VMware End Of Availability of Perpetual Licensing and SaaS Services:

There is no “replacement product” for the “VMware vSphere Hypervisor free edition”. The recently published KB2107518 confirms it:

As part of the transition of perpetual licensing to new subscription offerings, the VMware vSphere Hypervisor (Free Edition) has been marked as EOGA (End of General Availability). At this time, there is not an equivalent replacement product available.

VMware Data Services Strategy

VMware announced at VMware Explore 2023 that Data Services Manager 2.0 (DSM 2.0) is going to be a key component of their strategy and that it will be tightly integrated with VMware Cloud Foundation. Back in November, VMware expected the next generation of DSM to be available in Q4 FY24 (aka Q1 calendar year 2024 for us), which would be soon.

In response to a growing need from customers to deliver and support next-gen cloud native and AI-powered applications in their private cloud, we are now including Data Services Manager in VMware Cloud Foundation to deliver a native infrastructure automation and management experience for data services.

Learn more about DSM 2.0 on Cormac Hogan’s blog: https://cormachogan.com/dsm/

Important: Data Services Manager is available for VCF customers only.

VCF – vSAN Capacity

The script and license calculator from VMware show no more 8 TiB minimum requirement per CPU socket. Have not seen any official announcement yet.

Any news about the VMware Firewall and VMware Firewall with ATP add-ons?

No. It is still the case that customers, who need NSX’s distributed firewall or ATP (advanced threat prevention) capabilities, need to purchase these add-ons to VCF. In other words, you need to have VMware Cloud Foundation and you cannot get these add-ons as standalone products independently from VCF.

ROBO and Edge Compute Stack

VMware announced last week two new Edge Compute Stack (ECS) editions:

  • ECS Advanced Edition: VMware Edge Cloud Orchestrator (VECO), VMware vSphere Foundation (VVF)
  • ECS Enterprise Edition: VECO, VMware Cloud Foundation (VCF)

This is not a replacement for ROBO customers and use cases, but the new ECS offerings are specially made for edge use cases and hence might be the right solution for your needs.

Important: Not all VVF and VCF products and features are included in the ECS Editions. Example: With ECS Enterprise customers will manage their environments with VECEO instead of using SDDC Manager.

What happens if my VVF or VCF subscriptions expire?

The new subscription licenses customers get, have no expiration date. An expiring license should have no impact on your infrastructure, deployed VMware products continue to run as expected. After expiration, customers will not be able to receive support.

VMware Cloud Foundation – What is a Workload Domain?


Updated VMware Cloud Foundation Datasheet

We finally can find an updated VCF datasheet here.

What happened to the Avi Basic Edition?

It looks like the NSX Advanced Load Balancer (ALB) Basic Edition is not available anymore.

VMware is announcing the End of Availability of NSX Advanced Load Balancer (ALB) Basic Edition for new deployments and End of General Support (EoGS) for existing deployments.

Note: NSX ALB is now referred to as VMware Avi Load Balancer.

What about the future of Tanzu Kubernetes Grid (TKG)?

Please ask your VMware contact to organize a meeting with Timmy Carr, who can share more information about the TKG roadmap.

Hint: The roadmap for this year looks VERY promising!

Is VMware by Broadcom working on a VCF roadmap?

Yes, definitely. While I am not allowed to share any detailed information, here are some items my customers have on their wishlist:

  • Easier deployment and lifecycle management
  • Brownfield support (import existing vSphere, vSAN, NSX and Aria deployments)
  • Improvement of authentication and single sign-on
  • Decouple TKG and Kubernetes releases from vCenter
  • Include AI and cybersecurity capabilities
  • Reduce the number of needed VMware appliances
  • Single license and same version numbers for all VCF components
  • Improve certification management in all products

Note: In case you are looking for more technical information about VMware Cloud Foundation, have a look at my most recent technical overview

VMware Cloud on AWS – Advanced Security Features

Let us talk about VMware Cloud now since we have not heard that much about it during the past months.

Today, we are happy to announce that to address these challenges, we are providing some advanced security features out of the box as part of VMware Cloud on AWS core service. Now customers can strengthen the security posture of their hybrid cloud infrastructure with advanced security capabilities such as Layer 7 Application ID, FQDN Filtering, and User Identity-based Firewall (IDFW). Starting Feb 1, 2024, these features are available at no extra cost in all the SDDCs (new and existing SDDCs). These features are available via VMware Direct as well as AWS Resell routes to market. 

All customers will be automatically entitled to the advanced security features on Feb 1, 2024. To avail these features, customers simply need to activate the ‘NSX Advanced Firewall’ service from the Integrated Services Tab under the NSX Advanced Firewall tile on VMware Cloud Console.

Google Cloud VMware Engine License Portability

VMware by Broadcom announced in December 2023 that they are working on license portability and a bring-your-own-license model for VMware Cloud.

From now on customers will be able to purchase subscriptions of the new VMware Cloud Foundation software from Broadcom and flexibly use those subscriptions in Google Cloud VMware Engine, as well as their on-premises data centers. Customers will retain the rights to the software subscription when deploying VMware Cloud Foundation on Google Cloud VMware Engine and have the ability to move their subscription between supported environments as desired.

Google Cloud is the first partner that is going to support VMware Cloud Foundation license portability!

Note: Broadcom and Google Cloud expect VMware Cloud Foundation license portability to Google Cloud VMware Engine to be available publicly in the second quarter of the calendar year 2024.

Azure VMware Solution

The partnership with Microsoft continues under VMware by Broadcom: https://azure.microsoft.com/en-us/blog/continued-innovation-with-azure-vmware-solution/ 

VMware Private AI Foundation with NVIDIA

VMware Private AI Foundation will become available this quarter. In the meanwhile, have a look at this IDC whitepaper about “For Generative AI, Private Data Is the Differentiator But Poses Security Concerns“.

VMware vSphere Foundation and VMware Cloud Foundation Overview

VMware vSphere Foundation and VMware Cloud Foundation Overview

As some of you already know, VMware by Broadcom is moving forward to primary offers only: VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF). If you have missed this announcement, have a look at my blog A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing.

Since a lot of solutions and different editions from before are included, I thought it might be helpful to summarize in a little bit more detail what is known to partners, analysts, and some customers already. I am also adding some screenshots from VMware websites and presentations, which should help everyone get a better understanding of VVF and VCF.

vSphere Foundation and VMware Cloud Foundation

I have included the vSphere editions for smaller use cases and projects as well.

Please note that ROBO licenses are not available anymore and I expect the edge division at VMware by Broadcom to come up with additional bundles in the future.

VVF and VCF Products

More details about the different products and the features included in the Aria suites can be found here: VMware Aria Suite Editions and Products

If you are looking for more information about the Aria Operations management packs (formerly known as True Visibility Suite or Aria Operations for Integrations), have a look here: VMware Aria Operations for Integrations Documentation

Add-ons for VVF and VCF

The table below gives you an overview of which add-ons are available at the time of writing this blog.

Make sure to contact your VMware representative to understand which add-ons are available for VVF and VCF.

Note: Available add-ons are the text in bold.

VVF and VCF Add-ons

Tanzu Guardrails (formerly VMware Aria Guardrails)

Looking at the official Tanzu Guardrails product website we can learn the following:

Tanzu Guardrails Editions

Note: It seems that Tanzu Hub is part of Tanzu Guardrails Advanced and Enterprise

SRE Services for VMware Cloud Foundation

VMware Site Reliability Engineering (SRE) Services for VMware Cloud Foundation provide VMware expertise to create highly reliable and scalable cloud environments. The services provide a range of capabilities from patching and upgrades to security hardening to automated management and operations.

The SRE Services for VCF datasheet can be found here.

How to count cores for VVF/VCF and TiBs for vSAN add-on?

Please have a look at this updated knowledgebase article: KB95927

What about VMwara Aria SaaS?

Customers have no more option to buy VMware Aria products as standalone products or as SaaS: https://blogs.vmware.com/management/2024/01/dramatic-simplification-of-vmware-aria-as-part-of-vmware-cloud-foundation.html

The Aria cloud management capabilities are available only as components of VMware vSphere Foundation and VMware Cloud Foundation, which are sold for deployment on-premises or on certain public cloud providers including VMware Cloud on AWS. Existing Aria SaaS subscriptions will continue through the end of their term. At time of renewal, customers should purchase VMware vSphere Foundation and VMware Cloud Foundation.

Use this KB96168 to understand which products are impacted by this new policy.

What about Tanzu products?

For some of us, it seems that the Tanzu products are only available as VVF/VCF add-ons, which is not true.

Based on the different comments on various social media platforms and the interviews we have seen from VMware by Broadcom executives, we can say the following:

  • vSphere with Tanzu (aka TKGs) with its Supervisor architecture is going to be the long-term strategy (part of VVF and VCF)
  • Heavy focus on Tanzu Application Platform (TAP) and Tanzu For Kubernetes Operations (TKO)
  • We can expect continued support for TKGm and TKGi

Tanzu Portofolio and Strategy Recap

At VMware Explore 2023, VMware presented the “develop, operate, optimize” approach when they talk about platform engineering:

  1. Develop – Secure paths to production
  2. Operate – Deploy, managed and scale applications seamlessly
  3. Optimize – Continuously tune cost, performance and security of applications at runtime

We learned that VMware (by Broadcom) is going to invest in TAP, Spring, TKO and data services. What’s the difference between TAS and TAP again?

  • Tanzu Application Service – Opinionated platform built on Cloud Foundry
  • Tanzu Application Platform – Modular and portable PaaS for any conformant Kubernetes

Tanzu Portfolio Jan 2024

Tanzu for Kubernetes Operations Refresher

TKO comes in two different editions:

  • Tanzu for Kubernetes Operations Foundation (TKO-F)
    • Tanzu Mission Control (includes TMC self-managed)
    • Tanzu Service Mesh
  • Tanzu for Kubernetes Operations (TKO)
    • Tanzu Mission Control (includes TMC self-managed)
    • Tanzu Service Mesh
    • Tanzu Observability (aka Aria Operations for Apps, formerly Wavefront)
    • Antrea (CNI)
    • TKGm
    • Harbor, HA Proxy, Calico, FluentBit, Contour, Prometheus, Grafana
    • Avi Essentials (NSX ALB)

Note: NSX Advanced Load Balancer (aka NSX ALB) is no longer part of TKO since NSX ALB can be purchased as an add-on

Last Comments

While I was waiting to publish this blog, William Lam wrote a more detailed blog about VMware vSphere Foundation and VMware Cloud Foundation as well.

It is still early days and we can expect more updates from VMware by Broadcom soon. 🙂


A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing

A New Era: Broadcom’s Streamlined Approach to VMware’s Product Lineup and Licensing

Krish Prasad, VMware Cloud Foundation division General Manager, published this blog a few hours ago: https://news.vmware.com/company/vmware-by-broadcom-business-transformation

He announced a massive simplification of the VCF division’s product portfolio, which should help customers get more value for their investment in VMware solutions. To summarize Krish’s announcement:

  • There are going to be two primary standardized offers only from now on: vSphere Foundation and VMware Cloud Foundation (VCF)
  • End of sale of perpetual licenses and Support and Subscription (SnS) renewals
  • Bring-your-own-subscription license (BYOL) option, which provides portability to VMware-validated hybrid clouds running VMware Cloud Foundation

Disclaimer: This blog should provide customers and partners with a summary and some additional information from Krish’s announcement. There is also a chance that some of my understanding is incomplete or wrong. This article reflects my personal opinion and understanding, not Broadcom’s.

I will update the blog over the next few days and weeks.

vSphere Editions

The primary vSphere edition moving forward is called “vSphere Foundation”:

The new VMware vSphere Foundation delivers a more simplified enterprise-grade workload platform for our mid-sized to smaller customers. This solution integrates vSphere with our intelligent operations management to provide the best performance, availability, and efficiency with greater visibility and insights.

In other words, from now on vSphere customers get Aria Operations Advanced (formerly known as vRealize Operations) and Aria Operations for Logs (formerly known as vRealize Log Insight) together with vSphere (which has vCenter and Tanzu Kubernetes Grid included).

vSphere Essentials Plus Kit


  • vSphere Essentials Plus
  • vCenter Essentials
  • Per 96-core Kit (3 host max. / 6 CPU limit / 192-core limit; a host can have either 1x 64 cores or 2x 32 cores max.)
  • Includes Production Support

vSphere Standard


  • vSphere Standard
  • vCenter Standard
  • Includes Production Support

vSphere Foundation (VVF)


  • vSphere Enterprise Plus
  • vCenter Standard
  • Tanzu Kubernetes Grid (TKG)
  • vSAN Enterprise 100 GiB free (see FAQ below)
  • Aria Suite Term Standard
    • Includes Aria Operations Advanced and Aria Operations for Logs
  • Includes Production Support
  • Plus Available Add-ons

Add-on Offerings

VMware vSAN Enterprise (add-on for VCF and vSphere Foundation only)

VMware Cloud Disaster Recovery / Ransomware Recovery  (add-on for VCF and vSphere Foundation only)

Site Recovery Manager Enterprise

VMware Advanced Load Balancer (aka Avi)

VMware Firewall (add-on for VCF only), aka NSX Distributed Firewall

VMware Firewall with Advanced Threat Protection (ATP) (add-on for VCF only)

Tanzu Intelligence (details not clear yet)

Tanzu Mission Control (SaaS and self-managed)

Tanzu Application Platform / Spring Runtime (details not clear yet)

More add-ons coming in future (for example Private AI Foundation)

VMware Cloud Customer Journey

Existing VCF or future vSphere Foundation customers would go for the new VMware Cloud Foundation now, which can now be considered a true full-stack private and hybrid cloud stack:

VMware Cloud Foundation, our flagship enterprise-class hybrid cloud solution for customers to run their business critical and modern applications – in a secure, resilient and cost efficient manner. To allow more customers to benefit from this solution, we’ve reduced the previous subscription list price by half and added higher support service levels including enhanced support for activating the solution and lifecycle management.

Very important in case you missed that from the vSphere Foundation section above: Moving forward, VMware Cloud Foundation only includes NSX for network virtualization (overlay), with no more micro-segmentation or distributed firewalling (DFW) capabilities.

In other words, customers who need NSX’s DFW (VMware Firewall add-on) capabilities, need a VCF subscription first, which includes NSX.

Note: Currently, all new licensing bundles are coming in a “disconnected” fashion (no VMware Cloud connectivity)

While Krish mentioned BYOL and license portability in the future, there seem to be no immediate changes about the VMware Cloud and other hyperscaler offerings.

VMware Cloud Foundation (VCF)


  • vSphere Enterprise Plus
    • Includes TKG and vCenter Standard
  • vSAN Enterprise per TiB per X amount of cores
  • Aria Suite Enterprise
    • Aria Operations Enterprise (includes Aria Operations for Logs)
    • Aria Automation
  • NSX Networking for VCF
  • HCX Enterprise
  • Aria Operations for Networks Enterprise (formerly known as vRealize Network Insight)
  • SDDC Manager
  • Includes Select Support
    • Includes SRE (customers must deploy SDDC Manager to be entitled to SRE)
  • Add-ons: See above

Note: Going forward, standalone offerings are being EOA-ed (end of availability) – no more VCF components “a la carte”

VMware Cloud on X

We can expect that long-term these VMC or hyperscaler subscription offerings will converge to VCF.

Final Comments

Look, I do not have all the answers and information yet, because it is a lot to unpack. That is all I can share with you right now. Be patient. 🙂

But, this announcement from Broadcom (Krish) was an unexpected surprise since almost everyone was expecting price increases after the acquisition. Instead, Broadcom is cutting the subscription pricing in half!

An update of the above content can be found here: VMware vSphere Foundation and VMware Cloud Foundation Overview

Additional Resources

Unofficial Licensing FAQ

  • Q: What if I am a vSphere Essentials customer?
    • A: I would recommend the vSphere Essentials Plus Kit
  • Q: What if I only need vSphere Enterprise Plus?
    • A: Your best option is vSphere Foundation. There are no more standalone products.
  • Q: Do I need VCF if I want NSX distributed firewall?
    • A: Yes, at the moment this seems to be the case that the “VMware Firewall” (distributed firewall aka micro-segmentation) add-on cannot be subscribed as a vSphere Foundation customer. The same is true of other features like security or gateway firewall.
  • Q: What if have/need vSphere for Desktop?
    • A: The recommended solution is vSphere Foundation
  • Q: What if I am a vCloud Suite customer?
    • A: VMware Cloud Foundation makes sense for vCloud Suite Enterprise and Advanced editions. If you have vCloud Suite Standard I recommend vSphere Foundation going forward.
  • Q: How many vCenters are included?
    • A: To my knowledge, it is one vCenter per core. So, one could say that this means “unlimited”.
  • Q: What happens to the Avi (NSX ALB) Basic edition?
    • A: It seems there will be no Avi Basic anymore. Customers need to go for the add-on.
  • Q: Do customers from now on need to deploy SDDC Manager as part of VMware Cloud Foundation?
    • A: No, they do not. But to be entitled to SRE, you need to deploy the full stack.
  • Q: How is Site Recovery Manager (SRM) Enterprise licensed?
    • A: Per protected 25-VMs
  • Q: What about the True Visibility Suite (TVS)?
    • A: These management packs will be enabled as part of the Aria Suites which are included in vSphere Foundation and VMware Cloud Foundation.
  • Q: What about (vSAN) ROBO licenses?
    • A: ROBO licenses are EOA as well, but all vSphere Foundation customers will receive vSAN Enterprise 100 GiB (for free) for every core purchased.
  • Q: What is included in the Tanzu Intelligence add-on?
    • A: Tanzu Guardrails (Advanced or Enterprise), Aria Operations for Apps (formerly known as Tanzu Observability (aka Wavefront)), Tanzu Application Catalog, Tanzu CloudHealth Enterprise, Tanzu Insights
  • Q: What happened to SaltStack Cionfig and SecOps?
    • A: Both are part of the Tanzu Guardrails Enterprise add-on
  • Q: Can customers mix perpetual and new offerings?
    • A: In general yes.
  • Q: Can you tell me more about the vSAN free tier included with vSphere Foundation?
    • A: It seems you are going to be entitled to a maximum of 100GiB per core in the vSAN storage cluster. Example: 4 hosts with 32 cores each * 100GiB = 12.8TiB (without paying for any vSAN add-on!).
      • Important: This feature will be available in one of the upcoming releases. Hopefully in vSphere 8.0U3 🙂

VMware Cloud Foundation 5.1 – Technical Overview

VMware Cloud Foundation 5.1 – Technical Overview

This technical overview supersedes this version, which was based on VMware Cloud Foundation 5.0, and now covers all capabilities and enhancements that were delivered with VCF 5.1.

What is VMware Cloud Foundation (VCF)?

VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. VCF is based on different components like vSphere (compute), vSAN (storage), NSX (networking), and some parts of the Aria Suite (formerly vRealize Suite). The idea of VCF follows a standardized, automated, and validated approach that simplifies the management of all the needed software-defined infrastructure resources.

This stack provides customers with consistent infrastructure and operations in a cloud operating model that can be deployed on-premises, at the edge, or in the public cloud.

What software is being delivered in VMware Cloud Foundation?

Update February 16th, 2024: Please have a look at this article to understand the current VCF licensing. I will publish an updated version of this blog as soon as VMware Cloud Foundation 5.2 has been released.

The BoM (bill of materials) is changing with each VCF release. With VCF 5.1 the following components and software versions are included:


Software Component



Build Number

Cloud Builder VM


07 NOV 2023


SDDC Manager


07 NOV 2023


VMware vCenter Server Appliance

8.0 Update 2a

26 OCT 2023


VMware ESXi

8.0 Update 2

21 SEP 2023


VMware vSAN Witness Appliance

8.0 Update 2

21 SEP 2023


VMware NSX

7 NOV 2023


VMware Aria Suite Lifecycle


19 OCT 2023


  • VMware vSAN is included in the VMware ESXi bundle.
  • You can use VMware Aria Suite Lifecycle to deploy VMware Aria Automation, VMware Aria Operations, VMware Aria Operations for Logs, and Workspace ONE Access. VMware Aria Suite Lifecycle determines which versions of these products are compatible and only allows you to install/upgrade to supported versions.
  • VMware Aria Operations for Logs content packs are installed when you deploy VMware Aria Operations for Logs.
  • The VMware Aria Operations management pack is installed when you deploy VMware Aria Operations.
  • You can access the latest versions of the content packs for VMware Aria Operations for Logs from the VMware Solution Exchange and the VMware Aria Operations for Logs in-product marketplace store.

What’s new with VCF 5.1?

Important changes mentioned in the release notes:

  • Support for vSAN ESA.vSAN ESA is an alternative, single-tier architecture designed ground-up for NVMe-based platforms to deliver higher performance with more predictable I/O latencies, higher space efficiency, per-object based data services, and native, high-performant snapshots.
    VCF 5.1 vSAN ESA
  • vSphere Distributed Services engine for Ready nodes. AMD-Pensando and NVIDIA BlueField-2 DPUs are now supported. Offloading the Virtual Distributed Switch (VDS) and NSX network and security functions to the hardware provides significant performance improvements for low latency and high bandwidth applications. NSX distributed firewall processing is also offloaded from the server CPUs to the network silicon.
  • Mixed-mode Support for Workload Domains​. A VCF instance can exist in a mixed BOM state where the workload domains are on different VCF 5.x versions. Note: The management domain should be on the highest version in the instance.
    VCF 5.1 Mixed Mode
  • Support for mixed license deployment. A combination of keyed and keyless licenses can be used within the same VCF instance.
  • VMware vRealize rebranding. VMware recently renamed vRealize Suite of products to VMware Aria Suite. See the Aria Naming Updates blog post for more details.
  • Increased GPU scale. VMware Cloud Foundation 5.1 provides increased support for VMs to be configured with up to 16 GPU devices.
    VCF 5.1 GPU Scale

What are the VMware Cloud Foundation components?

To manage the logical infrastructure in the private cloud, VMware Cloud Foundation augments the VMware virtualization and management components with VMware Cloud Builder and VMware Cloud Foundation SDDC Manager.

VMware Cloud Foundation Component Description
VMware Cloud Builder VMware Cloud Builder automates the deployment of the software-defined stack, creating the first software-defined unit known as the management domain.
SDDC Manager

SDDC Manager automates the entire system life cycle, that is, from configuration and provisioning to upgrades and patching including host firmware, and simplifies day-to-day management and operations. From this interface, the virtual infrastructure administrator or cloud administrator can provision new private cloud resources, monitor changes to the logical infrastructure, and manage life cycle and other operational activities.

VMware Cloud Foundation SDDC Manager Dashboard


vSphere uses virtualization to transform individual data centers into aggregated computing infrastructures that include CPU, storage, and networking resources. VMware vSphere manages these infrastructures as a unified operating environment and provides you with the tools to administer the data centers that participate in that environment.

The two core components of vSphere are ESXi and vCenter Server. ESXi is the virtualization platform where you create and run virtual machines and virtual appliances. vCenter Server is the service through which you manage multiple hosts connected in a network and pool host resources.


vSAN aggregates local or direct-attached data storage devices to create a single storage pool that is shared across all hosts in the vSAN cluster. Using vSAN removes the need for external shared storage, and simplifies storage configuration and virtual machine provisioning. Built-in policies allow for flexibility in data availability.

NSX NSX is focused on providing networking, security, automation, and operational simplicity for emerging application frameworks and architectures that have heterogeneous endpoint environments and technology stacks. NSX supports cloud-native applications, bare-metal workloads, multi-hypervisor environments, public clouds, and multiple clouds.
vSphere with Tanzu By using the integration between VMware Tanzu and VMware Cloud Foundation, you can deploy and operate the compute, networking, and storage infrastructure for vSphere with Tanzu, also called Workload Management. vSphere with Tanzu transforms vSphere to a platform for running Kubernetes workloads natively on the hypervisor layer. When enabled on a vSphere cluster, vSphere with Tanzu provides the capability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters within dedicated resource pools.
VMware Aria Suite

VMware Cloud Foundation supports automated deployment of VMware Aria Suite Lifecycle. You can then deploy and manage the life cycle of Workspace ONE Access and the VMware Aria Suite products (VMware Aria Operations for Logs, VMware Aria Automation, and VMware Aria Operations) by using VMware Aria Suite Lifecycle.

VMware Aria Suite is a purpose-built management solution for the heterogeneous data center and the hybrid cloud. It is designed to deliver and manage infrastructure and applications to increase business agility while maintaining IT control. It provides the most comprehensive management stack for private and public clouds, multiple hypervisors, and physical infrastructure.

VMware Cloud Foundation Architecture

VCF is made for greenfield deployments (brownfield not supported) and supports two different architecture models:

  • Standard Architecture
  • Consolidated Architecture

VMware Cloud Foundation Deployment Options

The standard architecture separates management workloads and lets them run on a dedicated management workload domain. Customer workloads are deployed on a separate virtual infrastructure workload domain (VI workload domain). Each workload domain is managed by a separate vCenter Server instance, which allows autonomous licensing and lifecycle management.

VMware Cloud Foundation Single Site Deployment

Note: The standard architecture is the recommended model because it separates management workloads from customer workloads.

Customers with a small environment (or a PoC) can start with a consolidated architecture. This allows you to run customer and management workloads together on the same workload domain (WLD).

Management Domain

The management domain is created during the bring-up process by VMware Cloud Builder and contains the VMware Cloud Foundation management components as follows:

  • Minimum four ESXi hosts

  • An instance of vCenter Server

  • A three-node NSX Manager cluster

  • SDDC Manager

  • vSAN datastore
  • One or more vSphere clusters each of which can scale up to the vSphere maximum of 64

VI Workload Domains

You create VI workload domains to run customer workloads. For each VI workload domain, you can choose the storage option – vSAN, NFS, vVols, or VMFS on FC.

VMware Cloud Foundation Storage Options

A VI workload domain consists of one or more vSphere clusters. Each cluster starts with a minimum of three hosts and can scale up to the vSphere maximum of 64 hosts. SDDC Manager automates the creation of the VI workload domain and the underlying vSphere clusters.

For the first VI workload domain in your environment, SDDC Manager deploys a vCenter Server instance and a three-node NSX Manager cluster in the management domain. For each subsequent VI workload domain, SDDC Manager deploys an additional vCenter Server instance. New VI workload domains can share the same NSX Manager cluster with an existing VI workload domain or you can deploy a new NSX Manager cluster. VI workload domains cannot use the NSX Manager cluster for the management domain.

What is a vSAN Stretched Cluster?

vSAN stretched clusters extend a vSAN cluster from a single site to two sites for a higher level of availability and inter-site load balancing.

VMware Cloud Foundation Stretched Cluster

Does VCF provide flexible workload domain sizing?

Yes, that’s possible. You can license the WLDs based on your needs and use the editions that make the most sense depending on your use cases.

VMware Cloud Foundation Flexible Licensing

How many physical nodes are required to deploy VMware Cloud Foundation?

A minimum of four physical nodes is required to start in a consolidated architecture or to build your management workload domain. Four nodes are required to ensure that the environment can tolerate a failure while another node is being updated.

VI workload domains require a minimum of three nodes.

Can I mix vSAN ReadyNodes and Dell EMC VxRail deployments?

No. This is not possible.

What about edge/remote use cases?

When you would like to deploy VMware Cloud Foundation workload domains at a remote site, you can deploy so-called “VCF Remote Clusters”. Those remote workload domains are managed by the VCF instance at the central site and you can perform the same full-stack lifecycle management for the remote sites from the central SDDC Manager.

VMware Cloud Foundation Remote Cluster

Prerequisites to deploy remote clusters can be found here.

Note: If vSAN is used, VCF only supports a minimum of 3 nodes and a maximum of 4 nodes per VCF Remote Cluster. If NFS, vVOLs or Fiber Channel is used as principal storage, then VCF supports a minimum of 2 and a maximum of 4 nodes.

Important: Remote clusters and remote workload domains are not supported when VCF+ is enabled.

How many resources does the VCF management WLD need during the bring-up process?

We know that VCF includes vSphere (ESXi and vCenter), vSAN, SDDC Manager, NSX and eventually some components of the vRealize Suite. The following table should give you an idea what the resource requirements look like to get VCF up and running:

VMware Cloud Foundation Resource Requirements

If you are interested to know how many resources the Aria Suite (formerly vRealize Suite) will consume of the management workload domain, have a look at this table:

VMware Cloud Foundation Resource Requirements vRealize

Does VCF support HCI Mesh?

Yes. VMware Cloud Foundation 4.2 and later supports sharing remote datastores with HCI Mesh for VI workload domains.

HCI Mesh is a software-based approach for disaggregation of compute and storage resources in vSAN. HCI Mesh brings together multiple independent vSAN clusters by enabling cross-cluster utilization of remote datastore capacity within vCenter Server. HCI Mesh enables you to efficiently utilize and consume data center resources, which provides simple storage management at scale.

Note: At this time, HCI Mesh is not supported with VCF ROBO.

Important: HCI Mesh can be configured with vSAN OSA or ESA. HCI Mesh is not supported between a mix of
vSAN OSA and ESA clusters.

Does VMware Cloud Foundation support vSAN Max?

At the time of writing, no.

How is VMware Cloud Foundation licensed?

Currently, VCF is sold as part of VMware Cloud editions.

How can I migrate my workloads from a non-VCF environment to a new VCF deployment?

VMware HCX provides a path to modernize from a legacy data center architecture by migrating to VMware Cloud Foundation.

VMware Cloud Foundation HCX

Can I install VCF in my home lab?

Yes, you can. With the VLC Lab Constructor, you can deploy an automated VCF instance in a nested configuration. There is also a Slack VLC community for support.

VCF Lab Constructor

Note: Please have a look at “VCF Holodeck” if you would like to create a smaller “sandbox” for testing or training purposes

VCF Holodeck Toolkit 

Where can I find more information about VCF?

Please consult the VMware Cloud Foundation FAQ for more information.