← Back to articles

VMware Cloud Foundation 9.0 — Architecture & Components

18 Feb 2026 • VMware Cloud Foundation • 9 min read

What is VMware Cloud Foundation 9.0?

VMware Cloud Foundation (VCF) 9.0 is Broadcom's integrated private cloud platform. It brings compute, storage, networking, automation, and operations together so you can build, operate, and protect a private cloud through a single, consistent operating model — deployed, upgraded, and managed as one stack instead of a set of products bolted together.

Think of VCF 9.0 like a pre-built smart house. You could buy bricks, plumbing, and wiring separately and assemble them yourself — or you could move into a fully designed home where everything is wired to one control panel. In VCF 9.0, that control panel is VCF Operations.

What's New in the 9.0 Architecture

VCF 9.0 introduces new architectural constructs that change how you think about the platform. Instead of managing each product on its own, the stack is organized into a clear hierarchy, and a single operations layer governs everything.

  • New organizational constructs: VCF Fleet, VCF Instance, and VCF Domain
  • VCF Operations becomes the central console for operating the whole fleet
  • VCF Operations fleet management unifies licensing, identity, certificates, and lifecycle
  • The VCF Installer is the appliance used to deploy a new fleet or instance
  • The SDDC Manager UI is deprecated — its workflows move into VCF Operations and the vSphere Client

The VCF Hierarchy: Private Cloud → Fleet → Instance → Domain

The most important concept to understand in VCF 9.0 is the new layered hierarchy:

VCF Private Cloud
   └── VCF Fleet              (shares ONE VCF Operations + ONE VCF Automation)
         └── VCF Instance     (one management domain + workload domains)
               └── VCF Domain (management domain or VI workload domain)
                     └── vSphere clusters → ESX hosts
  • VCF Instance — a single VCF deployment, made of one management domain plus optional workload domains (vSphere, vCenter, NSX).
  • VCF Fleet — one or more VCF Instances that share common operational components. There is only one VCF Operations instance and one VCF Automation instance per fleet.
  • VCF Private Cloud — can consist of multiple VCF Fleets.

A VCF Fleet is the whole estate — VCF Operations, VCF Automation, vCenter, NSX Manager, vSphere clusters, and workload domains — managed as a single, consistent unit.

Core Infrastructure Components

These are the building blocks that actually run and carry your workloads.

1. vSphere (Compute)

The hypervisor layer. ESX hosts run your virtual machines, and vCenter provides centralized management of those hosts and clusters. In VCF, vSphere is deployed and lifecycle-managed as part of the platform rather than installed by hand.

2. vSAN (Storage)

Software-defined storage that pools the local disks of ESX hosts into a shared datastore, removing the need for an external SAN or NAS. vSAN is the integrated storage for VCF, and workload domains can also use other supported principal storage options.

3. NSX (Networking & Security)

Software-defined networking and security. NSX provides logical switching and routing, firewalling, and services such as Virtual Private Clouds (VPCs) and transit gateways, delivered through the NSX management and control plane and NSX Edge clusters.

Management & Operations Components

These components deploy, operate, and automate the platform.

VCF Installer

The appliance used to deploy a new VCF Fleet or a new VCF Instance. It guides you through the build with a wizard, lets you size and apply high availability, and can use a JSON specification to scale the private cloud — with validation before deployment.

SDDC Manager

SDDC Manager is still installed as a component of every VCF 9 instance and lives in the management domain. However, in VCF 9.0 the SDDC Manager UI is deprecated: its workflows now live in VCF Operations and the vSphere Client, and SDDC Manager is planned for deprecation in a future release.

VCF Operations

The central console for operating your VCF fleet. It delivers performance monitoring, capacity and cost visibility, and compliance across compute, storage, and networking — for the entire fleet from one place.

VCF Operations fleet management

The part of VCF Operations that lets you build, manage, and scale the infrastructure and consolidates the essential administrative tasks. It is delivered as a set of appliances — the VCF Operations Manager, a Fleet Management appliance, and a VCF Operations Collector.

VCF Automation

The central provisioning platform for your VCF fleet. It delivers self-service provisioning and cloud automation on top of the underlying infrastructure. Like VCF Operations, there is a single VCF Automation instance per fleet.

VCF Identity Broker

The identity layer that enables Single Sign-On (SSO) across the fleet and its vCenter instances, with federated identity support (for example Active Directory Federation Services, Microsoft Entra ID, Okta, Ping, and OAuth 2.0).

VCF Domains

A VCF domain is a logical unit of application-ready infrastructure that groups ESX hosts according to VMware recommended practices. There are two types.

Management Domain

  • Created during the initial deployment of a VCF Instance
  • Hosts the core management components: SDDC Manager, vCenter, NSX Manager, and ESX hosts
  • Should not run production workloads

VI Workload Domain(s)

  • Where your actual VMs and applications run
  • Contains a vCenter and an NSX Manager (which can be shared with other workload domains), plus one or more vSphere clusters with ESX hosts
  • Created or imported through VCF Operations (UI or API); clusters and hosts are then added or removed using the vSphere Client
  • Can be scaled independently

What Fleet Management Unifies

One of the biggest shifts in 9.0 is that day-to-day administration is consolidated into VCF Operations fleet management:

Area What it does
Licensing VCF Operations acts as the License Manager — a single license file per VCF Operations instance, tracking cores and vSAN capacity
Lifecycle Download install/upgrade bundles, run prechecks, upgrade workload domains, and monitor upgrade operations
Identity & Access Single-source SSO and centralized federated access across the fleet
Certificates Unified, non-disruptive TLS certificate management with automatic renewals across components
Passwords Centralized account password management for all components
Configuration & Tags Scheduled drift detection (with Git integration) and unified tag management across VCF components

How the Components Interact

+-----------------------------------------------------+
|   VCF Operations  +  VCF Automation   (per Fleet)    |
|  (operate the fleet)   (provision the fleet)         |
+-----------------------------------------------------+
            |  fleet management: licensing, identity,
            |  certificates, lifecycle, passwords
            v
+-----------------------------------------------------+
|                   VCF Instance                       |
|  Management Domain: SDDC Manager + vCenter + NSX     |
|  VI Workload Domains: vCenter + NSX + clusters       |
+-----------------------------------------------------+
|        vSphere (ESX)  |   vSAN   |   NSX             |
+-----------------------------------------------------+
|              ESX Hosts (Physical)                    |
+-----------------------------------------------------+
  • VCF Operations operates and lifecycle-manages the entire fleet
  • VCF Automation provides self-service provisioning on top of the infrastructure
  • vCenter manages ESX hosts and VMs in each domain
  • vSAN aggregates local storage across hosts; NSX delivers networking and security
  • SDDC Manager remains a per-instance component, with its workflows surfaced in VCF Operations and the vSphere Client

Key Concepts to Remember

  • VCF 9.0 is organized as Private Cloud → Fleet → Instance → Domain
  • A fleet shares one VCF Operations and one VCF Automation instance
  • VCF Operations is the central console; fleet management unifies licensing, identity, certificates, and lifecycle
  • The VCF Installer deploys a new fleet or instance
  • The management domain holds SDDC Manager, vCenter, NSX Manager, and ESX hosts; VI workload domains run your applications
  • Workload domains are now created and managed through VCF Operations, not the SDDC Manager UI

Summary

Component Role
vSphere / ESX Compute — runs VMs
vCenter Centralized management of ESX hosts
vSAN Software-defined storage
NSX Software-defined networking & security
VCF Installer Deploys a new VCF Fleet or Instance
SDDC Manager Per-instance component (UI deprecated; workflows in VCF Operations / vSphere Client)
VCF Operations Central console to operate the fleet + fleet management
VCF Automation Central self-service provisioning for the fleet

Sources: VMware Cloud Foundation 9.0 official documentation (techdocs.broadcom.com) and the VMware Cloud Foundation blog (blogs.vmware.com/cloud-foundation).