In this article, we discuss pros and cons of vSphere Management Cluster. I decided to write this article because I have seen many VMware environments without this type of cluster and with problems caused by this. Example, recently one of my new customers had a problem with vCenter VM and they were not able to locate this VM in their big Production Cluster.
The Management Cluster is a dedicated vSphere Cluster (HA, DRS) only for crucial VMs such as vCenter, vShield Manager, Nexus 1000v VSM but also can host other components such as DNS, DHCP or AD. Sometimes also required - e.g. to keep NSX VMs. It provides and is used to separate resources (compute, storage, network), better security and let VMware admins manage their VMware infrastructure easier. For example, if you have a problem with vCenter VM (e.g. powered off as my customer), you do not have to look for it manually (log in ESXi) or using scripts. Just you know that vCenter is located on one of the dedicated ESXi hosts. Some of you can think that vCenter is not a good example because it is possible to create DRS rules to pin vCenter VM to ESXi host/hosts. I agree but this trick requires at least ESXi Enterprise license. So what if you have the only Standard license? You can't use DRS and you need to find another solution. Another example can be Nexus 1000v Virtual Supervisor Modul (VSM). VSM controls multiple VEMs (installed on every ESXi host) as one logical modular switch. If you do not have a dedicated physical appliance (Nexus 1010) to host VSMs, the best practice is keep VSM machines on Management Cluster. One more example to have the Management Cluster is upgrading or patching vSphere infrastructure. You can upgrade easier the vSphere environment and related components without impact production systems. Also during a disaster recovery/failback scenario, you would exactly know where important VMs exist to ensure they are powered up immediately.
What about the design of Management Cluster? It depends on the size of VMware infrastructure and required resources for crucial VMs. I recommend at least three hosts because you have the option of running maintenance tasks on ESXi servers without having to disable HA. Practically we need only one server and ESXi license more than infrastructure without Management Cluster. Why? The next VMware Cluster requires an additional ESXi host (N+1) for failover.
In my opinion, Management Cluster should be simple as much as possible. For example, it is not necessary to add ESXi hosts to the Distributed Switch (DVS) - the Standard Switch (vSS) is enough to manage networks on 3 ESXi hosts. You can also save money :), because you do not need Enterprise Plus license for your ESXi hosts in Management Cluster. Another reason can be avoiding potential problems with vCenter and DVS.
A cluster is just a big "resource pool" so if you can not create a dedicated cluster, you should create a specially a dedicated resource pools for crucial components such as vCenter in your production cluster. I wrote an article about impact on VMware infrastructure when vCenter is down.
As a conclusion of this article, let's get pros and cons of Management Cluster together:
vSphere Management Cluster - Pros and Cons
| PROS | CONS |
|---|---|
| easy management of VMware infrastructure | additional hardware and ESXi license required. |
| separate and dedicate resources for crucial components - ease of troubleshooting issues with this components | |
| easy failover/failback scenario | |
| ease of upgrading the vSphere Environment and components without impacting the production VMs. | |
| security due to isolation of management workloads from production workloads |
In a bigger environment (and for better future scalability) I can not imagine to not utilize the Management vSphere Cluster. What's your opinion?
