Deployment Model for Workspace ONE Access
Workspace ONE Access is distributed as a virtual appliance in OVA format that you can deploy and manage from vRealize Suite Lifecycle Manager together with other vRealize Suite products. The Workspace ONE Access appliance includes identity and access management services.
Deployment Type
You consider the deployment type, standard or cluster, according to the design objectives for the availability and number of users that the system and integrated SDDC solutions must support. You deploy Workspace ONE Access on the default management vSphere cluster.
Deployment Type | Number of Nodes | Considerations |
|---|---|---|
Standard (Recommended) | 1 |
|
Cluster | 3 |
|
This design uses the recommended standard topology of Workspace ONE Access.
Decision ID | Design Decision | Design Justification | Design Implication |
|---|---|---|---|
VCF-VRS-WSA-CFG-001 | Deploy Workspace ONE Access by using vRealize Suite Lifecycle Manager in VMware Cloud Foundation mode. |
| None. |
VCF-VRS-WSA-CFG-002 | Use the embedded PostgreSQL database with Workspace ONE Access. | Removes the need for external database services. | None. |
VCF-VRS-WSA-CFG-003 | Protect all Workspace ONE Access nodes using vSphere High Availability (vSphere HA). | Supports high availability for Workspace ONE Access. | None for standard deployments. Clustered Workspace ONE Access deployments might require intervention if an ESXi host failure occurs. |
Deployment of Workspace ONE Access in Multiple Availability Zones
Under normal operating conditions, Workspace ONE Access runs in the first availability zone. If a failure in occurs in the first availability zone, the Workspace ONE Access instance is failed over to the second availability zone.
Decision ID | Design Decision | Design Justification | Design Implication |
|---|---|---|---|
VCF-VRS-WSA-CFG-006 | Add the Workspace ONE Access appliances to the VM group for the first availability zone. | Ensures that, by default, the Workspace ONE Access cluster nodes are powered on a host in the first availability zone. |
|
Sizing Compute and Storage Resources
A Workspace ONE Access deployment requires certain CPU, memory, and storage resources to support the maximum users and groups that can be synced.
Appliance Size | Directory Sync of Users and Groups per Tenant | CPU per Appliance | Memory per Appliance | Disk per Appliance |
|---|---|---|---|---|
Extra Small | Maximum:
| 4 vCPU | 8 GB | 100 GB |
Small | Maximum:
| 6 vCPU | 10 GB | 100 GB |
Medium (Minimum requirement for vRealize Automation) | Maximum:
| 8 vCPU | 16 GB | 100 GB |
Large | Maximum:
| 10 vCPU | 16 GB | 100 GB |
Extra Large | Maximum:
| 12 vCPU | 32 GB | 100 GB |
Extra Extra Large | Maximum:
| 14 vCPU | 48 GB | 100 GB |
Decision ID | Design Decision | Design Justification | Design Implication |
|---|---|---|---|
VCF-VRS-WSA-CFG-007 | Deploy each of the Workspace ONE Access appliances as a medium-size appliance. | Supports scalability for a vRealize Automation cluster deployment. | None. |