Sovereign Cloud

About Sovereign Cloud #

The Sovereign Cloud validated solution provides detailed design, implementation, configuration, and operational guidance on VMware Cloud Director with a single tenant SDDC. A VMware validated solution is a technical validated implementation that is built and tested by VMware and VMware cloud providers to help customers resolve common business use cases. VMware validated solutions are cost-effective, performant, reliable, and secure. Each solution contains a detailed design, implementation, and operational guidance.

Automation for This Design #

The automation of implementation tasks for some design decisions are provided. You must perform the implementation manually for the rest of the design decisions as noted in the design implication. To provide a fast and efficient path to automating the Sovereign Cloud implementation, this document provides reference to different cmdlets, shell scripts , or other automation based tools as code-based alternatives to completing certain procedures in configuring or implementing each component of the Sovereign Cloud. You can directly reuse these examples by replacing the provided sample values with values from your own environmental variables.

Intended Audience #

The Sovereign Cloud documentation is intended for cloud provider architects and administrators who are familiar with and want to use VMware software and the VMware Sovereign Cloud solution for Cloud Providers.

Support Matrix #

The Sovereign Cloud validated solution is compatible with certain versions of the VMware products that are used for implementing the solution.

Software Components in Sovereign Cloud #
Component Core/Optional Notes
VMware Cloud Foundation Core See Cloud Infrastructure Validated Solution for curent versions.
VMware vSAN Core This installs along with VMware Cloud Foundation. See Cloud Infrastructure Validated Solution for more information.
VMware NSX Core See Networking and Security Validated Solution for current versions.
VMware Cloud Director Core See Cloud Infrastructure Validated Solution for current version.
VMware Usage Meter Core See Cloud Infrastructure Validated Solution for current versions.
VMware Cloud Verified Certification Core See How to Achieve Cloud Verified for more information.

Before You Apply This Guidance #

To design and implement the Sovereign Cloud validated solution, your environment must have a certain configuration.

Supported VMware Sovereign Cloud Deployment #
Component Component Details
VMware Validated Solution for Cloud Infrastructure This VVS should be implemented as a core requirement to allow for the proper configuration of a VMware Sovereign Cloud. Please see Cloud Infrastructure Validated Solution for this guidance.
VMware Validated Solution for Networking and Security The networking and secuirty VVS is a core component of the VMware Sovereign Cloud. However the final configuration of these components will be dictated by the design of the Sovereign Cloud requirements for the jurisdiction where it is deployed. Please see the Networking and Security Validated Solution to implement this component.
VMware Validated Solution for DR and Migration Having a validated Disaster Recovery and Migration strategy and implementation is critical for a successful Sovereign Cloud solution. This is a core component. Please refer to the DR and Migration section in this document to implemment this solution.
VMware Validated Solution for Developer Ready Cloud This component is optional, however, may in many cases be deemed as a core component and can be implemented by following the guidance in the Developer Ready Cloud section of this toolkit.

Overview of Sovereign Cloud #

By applying the Sovereign Cloud validated solution, you implement a highly secure, flexible, and efficient environment which will provide enforcement of data and workload residency, extend data sovereignty protections beyond the immediate platform where possible and to enable secure, audited connectivity and data transaction between resident, sovereign and non-sovereign data classifications.

Implementation Overview of Sovereign Cloud #
Stage Steps
1. Plan and prepare the different default customer use cases for the Sovereign Cloud
  1. Determine the jurisdictional policies that are applicable to your region/country.
  2. Research and document how these policies will affect the design and implementation of the Sovereign Cloud.
  3. Work with the architecture, security. and business teams to determine the different default use-cases that will be designed that will accomodate the jurisdictional requirments for the sovereign cloud.
2. Develop the design objectives and detailed design
  1. Based on the determined use-cases, build out the design objectives that incorportate the compliance policies that are required for your jurisdiction.
  2. Document a detailed design for the implementation of the design objectives with a conceptual, logical, and physical design. This design will include considerations and requirements in order to result in a successful implementation.
3. Implement Design
  1. Impleement all design requirements and considerations that are applicable to your environment and jurisdiction.
  2. Validate and test the implementation of the design to make sure all components still interoperate efficiently.
4. Onboard Tenants
  1. Configure tenant environment and validate that all sovereign controls are functioning correctly.
  2. Onboard a production tenant as your first Sovereign Cloud customer.

Update History #

This Sovereign Cloud solution is updated when necessary.

Revision Description
1. 21 OCT 2022 Initial document configuration for Sovereign Cloud