VMware Cloud Foundation

 View Only

 Starting a Management Domain with Infrastructure Service VMs

jamesc's profile image
jamesc posted Apr 24, 2025 09:04 AM

Hi All

I am reviewing the startup / shutdown procedures in the operations guide for VCF 5.2.

There is a section around what to do if the core services such as DNS and NTP are running in the management WLD :

If the management domain contains virtual machines that are running infrastructure services like Active Directory, NTP, DNS and DHCP servers, follow 

https://docs.vmware.com/en/VMware-Cloud-Foundation/4.4/vcf-operations/GUID-1A67844C-F47A-402A-9717-9B32C6A2EBE8.html

However this link now doesn't work. Could anyone provide a working link or describe the correct process ?

Many thanks

Marek Zdrojewski's profile image
Broadcom Employee Marek Zdrojewski posted Apr 25, 2025 04:16 AM

Hi James,

Thanks for pointing it out. I asked internal team to fix it.

jamesc's profile image
jamesc posted Apr 25, 2025 01:45 PM

Thanks Marek that's really helpful.

I'm guessing it will involve using the python script to manually start the vSAN cluster rather than using the fully orchestrated method, but it would be great to see the official guidance.

Mohamed Omar's profile image
Mohamed Omar posted May 09, 2025 02:10 PM

Hi James,

Great question. As of VCF 5.2, if infrastructure services like DNS, NTP, DHCP, and Active Directory are hosted within the management domain, their availability becomes critical during both startup and shutdown procedures.

Here’s a summarized safe approach based on current best practices:

🔹 Shutdown Process:

  1. Gracefully shut down workload domains (WLDs) first.

  2. Before shutting down the management domain, ensure infrastructure VMs (DNS, NTP, AD) are powered off last — after all VCF components are safely down.

  3. Maintain order and wait for NSX edges and SDDC Manager shutdown completion.

🔹 Startup Process:

  1. Power on infrastructure service VMs first (DNS, NTP, AD).

  2. Wait for those services to be fully available before proceeding.

  3. Then bring up vCenter, NSX Manager, and SDDC Manager sequentially.

  4. Validate services via ping, dig, and vCenter availability before moving to WLDs.

🔗 A more up-to-date reference (VCF 5.x) you can follow:
https://docs.vmware.com/en/VMware-Cloud-Foundation/5.1/vcf-operations/GUID-04D8F7E7-4A0C-49F6-9087-CA804E0C1811.html

Let me know if you'd like a full checklist version—I have one built from production use.

jamesc's profile image
jamesc posted May 16, 2025 05:45 AM

Hi momr

Many thanks for your response.

My customer is currently running a VCF 5.1 environment and the DNS server for the environment is running in the management cluster.

We were planning to migrate the DNS server VM and management vCenter to the primary host in the management cluster prior to shutdown, using the vCenter orchestrated method to shutdown the vSAN cluster and then shutdown the DNS server VM and the primary ESXi host via the ESXi host client last.

Would this be the correct approach ? I know the orchestrated procedure powers off the vCenter server and ESXi hosts automatically so this could be an issue with DNS still running on the primary host. I was also wondering if the initial pre-checks would fail as it would detect the presence of a running VM (the DNS server) ?

Mohamed Omar's profile image
Mohamed Omar posted May 18, 2025 03:17 AM

Hi James,

Yes, your plan makes sense, but here’s one important note:

Make sure that vCenter and the DNS VM are not part of the automated shutdown workflow. It's best to:

  1. Run the orchestrated shutdown excluding the host running DNS and vCenter.

  2. Manually shut down both VMs.

  3. Power off the final host using the ESXi host client or DCUI.

This avoids potential issues with DNS resolution and vCenter dependencies.

Let me know if you need a detailed checklist — happy to share what I use in production.

Best regards,
Mohamed Omar